From: Shantur Rathore <[email protected]> Currently efi_var_file.c has functions to store/read EFI variables to/from memory buffer. These functions can be used with other EFI variable stores so move them out to efi_var_common.c
Signed-off-by: Shantur Rathore <[email protected]> Signed-off-by: Michal Simek <[email protected]> --- (no changes since v1) include/efi_variable.h | 5 +++ lib/efi_loader/Makefile | 2 +- lib/efi_loader/efi_var_common.c | 44 +++++++++++++++++++++++++ lib/efi_loader/efi_var_file.c | 57 --------------------------------- lib/efi_loader/efi_variable.c | 10 +++++- 5 files changed, 59 insertions(+), 59 deletions(-) diff --git a/include/efi_variable.h b/include/efi_variable.h index 4065cf45ecaf..ee68fa4a885f 100644 --- a/include/efi_variable.h +++ b/include/efi_variable.h @@ -161,6 +161,11 @@ efi_status_t efi_var_to_file(void); efi_status_t __maybe_unused efi_var_collect(struct efi_var_file **bufp, loff_t *lenp, u32 check_attr_mask); +/* GUID used by Shim to store the MOK database */ +#define SHIM_LOCK_GUID \ + EFI_GUID(0x605dab50, 0xe046, 0x4300, \ + 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23) + /** * efi_var_restore() - restore EFI variables from buffer * diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile index bfa607c88274..07ae048f2e0c 100644 --- a/lib/efi_loader/Makefile +++ b/lib/efi_loader/Makefile @@ -53,7 +53,7 @@ ifeq ($(CONFIG_EFI_MM_COMM_TEE),y) obj-y += efi_variable_tee.o else obj-y += efi_variable.o -obj-y += efi_var_file.o +obj-$(CONFIG_EFI_VARIABLE_FILE_STORE) += efi_var_file.o obj-$(CONFIG_EFI_VARIABLES_PRESEED) += efi_var_seed.o endif obj-y += efi_watchdog.o diff --git a/lib/efi_loader/efi_var_common.c b/lib/efi_loader/efi_var_common.c index 4b34a58b4cf7..41cefb94198d 100644 --- a/lib/efi_loader/efi_var_common.c +++ b/lib/efi_loader/efi_var_common.c @@ -41,6 +41,7 @@ static const struct efi_auth_var_name_type name_type[] = { static bool efi_secure_boot; static enum efi_secure_mode efi_secure_mode; +static const efi_guid_t shim_lock_guid = SHIM_LOCK_GUID; /** * efi_efi_get_variable() - retrieve value of a UEFI variable @@ -488,3 +489,46 @@ efi_status_t __maybe_unused efi_var_collect(struct efi_var_file **bufp, loff_t * return EFI_SUCCESS; } + +efi_status_t efi_var_restore(struct efi_var_file *buf, bool safe) +{ + struct efi_var_entry *var, *last_var; + u16 *data; + efi_status_t ret; + + if (buf->reserved || buf->magic != EFI_VAR_FILE_MAGIC || + buf->crc32 != crc32(0, (u8 *)buf->var, + buf->length - sizeof(struct efi_var_file))) { + log_err("Invalid EFI variables file\n"); + return EFI_INVALID_PARAMETER; + } + + last_var = (struct efi_var_entry *)((u8 *)buf + buf->length); + for (var = buf->var; var < last_var; + var = (struct efi_var_entry *) + ALIGN((uintptr_t)data + var->length, 8)) { + + data = var->name + u16_strlen(var->name) + 1; + + /* + * Secure boot related and volatile variables shall only be + * restored from U-Boot's preseed. + */ + if (!safe && + (efi_auth_var_get_type(var->name, &var->guid) != + EFI_AUTH_VAR_NONE || + !guidcmp(&var->guid, &shim_lock_guid) || + !(var->attr & EFI_VARIABLE_NON_VOLATILE))) + continue; + if (!var->length) + continue; + if (efi_var_mem_find(&var->guid, var->name, NULL)) + continue; + ret = efi_var_mem_ins(var->name, &var->guid, var->attr, + var->length, data, 0, NULL, + var->time); + if (ret != EFI_SUCCESS) + log_err("Failed to set EFI variable %ls\n", var->name); + } + return EFI_SUCCESS; +} diff --git a/lib/efi_loader/efi_var_file.c b/lib/efi_loader/efi_var_file.c index ba0bf33ffbd1..d32edaac277d 100644 --- a/lib/efi_loader/efi_var_file.c +++ b/lib/efi_loader/efi_var_file.c @@ -14,17 +14,9 @@ #include <mapmem.h> #include <efi_loader.h> #include <efi_variable.h> -#include <u-boot/crc.h> #define PART_STR_LEN 10 -/* GUID used by Shim to store the MOK database */ -#define SHIM_LOCK_GUID \ - EFI_GUID(0x605dab50, 0xe046, 0x4300, \ - 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23) - -static const efi_guid_t shim_lock_guid = SHIM_LOCK_GUID; - /** * efi_set_blk_dev_to_system_partition() - select EFI system partition * @@ -59,7 +51,6 @@ static efi_status_t __maybe_unused efi_set_blk_dev_to_system_partition(void) */ efi_status_t efi_var_to_file(void) { -#ifdef CONFIG_EFI_VARIABLE_FILE_STORE efi_status_t ret; struct efi_var_file *buf; loff_t len; @@ -91,52 +82,6 @@ error: out: free(buf); return ret; -#else - return EFI_SUCCESS; -#endif -} - -efi_status_t efi_var_restore(struct efi_var_file *buf, bool safe) -{ - struct efi_var_entry *var, *last_var; - u16 *data; - efi_status_t ret; - - if (buf->reserved || buf->magic != EFI_VAR_FILE_MAGIC || - buf->crc32 != crc32(0, (u8 *)buf->var, - buf->length - sizeof(struct efi_var_file))) { - log_err("Invalid EFI variables file\n"); - return EFI_INVALID_PARAMETER; - } - - last_var = (struct efi_var_entry *)((u8 *)buf + buf->length); - for (var = buf->var; var < last_var; - var = (struct efi_var_entry *) - ALIGN((uintptr_t)data + var->length, 8)) { - - data = var->name + u16_strlen(var->name) + 1; - - /* - * Secure boot related and volatile variables shall only be - * restored from U-Boot's preseed. - */ - if (!safe && - (efi_auth_var_get_type(var->name, &var->guid) != - EFI_AUTH_VAR_NONE || - !guidcmp(&var->guid, &shim_lock_guid) || - !(var->attr & EFI_VARIABLE_NON_VOLATILE))) - continue; - if (!var->length) - continue; - if (efi_var_mem_find(&var->guid, var->name, NULL)) - continue; - ret = efi_var_mem_ins(var->name, &var->guid, var->attr, - var->length, data, 0, NULL, - var->time); - if (ret != EFI_SUCCESS) - log_err("Failed to set EFI variable %ls\n", var->name); - } - return EFI_SUCCESS; } /** @@ -155,7 +100,6 @@ efi_status_t efi_var_restore(struct efi_var_file *buf, bool safe) */ efi_status_t efi_var_from_file(void) { -#ifdef CONFIG_EFI_VARIABLE_FILE_STORE struct efi_var_file *buf; loff_t len; efi_status_t ret; @@ -180,6 +124,5 @@ efi_status_t efi_var_from_file(void) log_err("Invalid EFI variables file\n"); error: free(buf); -#endif return EFI_SUCCESS; } diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index f3533f4def3a..9394ecf6994c 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -400,8 +400,13 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, * Write non-volatile EFI variables to file * TODO: check if a value change has occured to avoid superfluous writes */ - if (attributes & EFI_VARIABLE_NON_VOLATILE) + if (attributes & EFI_VARIABLE_NON_VOLATILE) { +#if CONFIG_IS_ENABLED(EFI_VARIABLE_FILE_STORE) efi_var_to_file(); +#else + return EFI_NOT_READY; +#endif + } return EFI_SUCCESS; } @@ -594,9 +599,12 @@ efi_status_t efi_init_variables(void) if (ret != EFI_SUCCESS) return ret; +#if CONFIG_IS_ENABLED(EFI_VARIABLE_FILE_STORE) ret = efi_var_from_file(); if (ret != EFI_SUCCESS) return ret; +#endif + if (IS_ENABLED(CONFIG_EFI_VARIABLES_PRESEED)) { ret = efi_var_restore((struct efi_var_file *) __efi_var_file_begin, true); -- 2.43.0
