blob: 223bb9a4a5bdde44bd00fa943723a25b0b6effbf [file] [log] [blame]
Heinrich Schuchardt9827e842020-06-22 18:10:27 +02001/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * Copyright (c) 2020, Heinrich Schuchardt <xypron.glpk@gmx.de>
4 */
5
6#ifndef _EFI_VARIABLE_H
7#define _EFI_VARIABLE_H
8
9#include <linux/bitops.h>
10
Heinrich Schuchardtd0f35202024-04-03 17:33:34 +020011#define EFI_VARIABLE_READ_ONLY 0x80000000
Heinrich Schuchardt9827e842020-06-22 18:10:27 +020012
Heinrich Schuchardt3a280332020-07-15 12:40:35 +020013enum efi_auth_var_type {
14 EFI_AUTH_VAR_NONE = 0,
Heinrich Schuchardt65b616f2021-08-26 04:30:24 +020015 EFI_AUTH_MODE,
Heinrich Schuchardt3a280332020-07-15 12:40:35 +020016 EFI_AUTH_VAR_PK,
17 EFI_AUTH_VAR_KEK,
18 EFI_AUTH_VAR_DB,
19 EFI_AUTH_VAR_DBX,
20 EFI_AUTH_VAR_DBT,
21 EFI_AUTH_VAR_DBR,
22};
23
Heinrich Schuchardt9827e842020-06-22 18:10:27 +020024/**
25 * efi_get_variable() - retrieve value of a UEFI variable
26 *
27 * @variable_name: name of the variable
28 * @vendor: vendor GUID
29 * @attributes: attributes of the variable
30 * @data_size: size of the buffer to which the variable value is copied
31 * @data: buffer to which the variable value is copied
32 * @timep: authentication time (seconds since start of epoch)
33 * Return: status code
34 */
Heinrich Schuchardt1ad2f0d2021-09-09 07:12:14 +020035efi_status_t efi_get_variable_int(const u16 *variable_name,
36 const efi_guid_t *vendor,
Heinrich Schuchardt9827e842020-06-22 18:10:27 +020037 u32 *attributes, efi_uintn_t *data_size,
38 void *data, u64 *timep);
39
40/**
41 * efi_set_variable() - set value of a UEFI variable
42 *
43 * @variable_name: name of the variable
44 * @vendor: vendor GUID
45 * @attributes: attributes of the variable
46 * @data_size: size of the buffer with the variable value
47 * @data: buffer with the variable value
48 * @ro_check: check the read only read only bit in attributes
49 * Return: status code
50 */
Heinrich Schuchardt1ad2f0d2021-09-09 07:12:14 +020051efi_status_t efi_set_variable_int(const u16 *variable_name,
52 const efi_guid_t *vendor,
Heinrich Schuchardt9827e842020-06-22 18:10:27 +020053 u32 attributes, efi_uintn_t data_size,
54 const void *data, bool ro_check);
55
Heinrich Schuchardt276c61d2020-06-26 17:57:48 +020056/**
57 * efi_get_next_variable_name_int() - enumerate the current variable names
58 *
59 * @variable_name_size: size of variable_name buffer in byte
60 * @variable_name: name of uefi variable's name in u16
61 * @vendor: vendor's guid
62 *
63 * See the Unified Extensible Firmware Interface (UEFI) specification for
64 * details.
65 *
66 * Return: status code
67 */
68efi_status_t efi_get_next_variable_name_int(efi_uintn_t *variable_name_size,
69 u16 *variable_name,
70 efi_guid_t *vendor);
71
72/**
73 * efi_query_variable_info_int() - get information about EFI variables
74 *
75 * This function implements the QueryVariableInfo() runtime service.
76 *
77 * See the Unified Extensible Firmware Interface (UEFI) specification for
78 * details.
79 *
80 * @attributes: bitmask to select variables to be
81 * queried
82 * @maximum_variable_storage_size: maximum size of storage area for the
83 * selected variable types
84 * @remaining_variable_storage_size: remaining size of storage are for the
85 * selected variable types
86 * @maximum_variable_size: maximum size of a variable of the
87 * selected type
88 * Returns: status code
89 */
90efi_status_t efi_query_variable_info_int(u32 attributes,
91 u64 *maximum_variable_storage_size,
92 u64 *remaining_variable_storage_size,
93 u64 *maximum_variable_size);
94
Heinrich Schuchardt09a8d502020-03-19 18:21:58 +000095#define EFI_VAR_FILE_NAME "ubootefi.var"
96
Heinrich Schuchardtc8fa8d32020-12-20 11:05:38 +010097#define EFI_VAR_BUF_SIZE CONFIG_EFI_VAR_BUF_SIZE
Heinrich Schuchardt09a8d502020-03-19 18:21:58 +000098
Heinrich Schuchardt4723a7d2020-07-16 07:18:40 +020099/*
100 * This constant identifies the file format for storing UEFI variables in
101 * struct efi_var_file.
102 */
Heinrich Schuchardt09a8d502020-03-19 18:21:58 +0000103#define EFI_VAR_FILE_MAGIC 0x0161566966456255 /* UbEfiVa, version 1 */
104
105/**
106 * struct efi_var_entry - UEFI variable file entry
107 *
108 * @length: length of enty, multiple of 8
109 * @attr: variable attributes
110 * @time: authentication time (seconds since start of epoch)
111 * @guid: vendor GUID
112 * @name: UTF16 variable name
113 */
114struct efi_var_entry {
115 u32 length;
116 u32 attr;
117 u64 time;
118 efi_guid_t guid;
119 u16 name[];
120};
121
122/**
123 * struct efi_var_file - file for storing UEFI variables
124 *
125 * @reserved: unused, may be overwritten by memory probing
Heinrich Schuchardt4723a7d2020-07-16 07:18:40 +0200126 * @magic: identifies file format, takes value %EFI_VAR_FILE_MAGIC
Heinrich Schuchardt09a8d502020-03-19 18:21:58 +0000127 * @length: length including header
128 * @crc32: CRC32 without header
129 * @var: variables
130 */
131struct efi_var_file {
132 u64 reserved;
133 u64 magic;
134 u32 length;
135 u32 crc32;
136 struct efi_var_entry var[];
137};
138
139/**
140 * efi_var_to_file() - save non-volatile variables as file
141 *
142 * File ubootefi.var is created on the EFI system partion.
143 *
144 * Return: status code
145 */
146efi_status_t efi_var_to_file(void);
147
148/**
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300149 * efi_var_collect() - collect variables in buffer
150 *
151 * A buffer is allocated and filled with variables in a format ready to be
152 * written to disk.
153 *
154 * @bufp: pointer to pointer of buffer with collected variables
155 * @lenp: pointer to length of buffer
156 * @check_attr_mask: bitmask with required attributes of variables to be collected.
157 * variables are only collected if all of the required
158 * attributes are set.
159 * Return: status code
160 */
161efi_status_t __maybe_unused efi_var_collect(struct efi_var_file **bufp, loff_t *lenp,
162 u32 check_attr_mask);
163
164/**
Heinrich Schuchardt4b7d5c12020-07-14 21:25:28 +0200165 * efi_var_restore() - restore EFI variables from buffer
166 *
Heinrich Schuchardt211317c2021-08-25 19:13:24 +0200167 * Only if @safe is set secure boot related variables will be restored.
168 *
Heinrich Schuchardt4b7d5c12020-07-14 21:25:28 +0200169 * @buf: buffer
Heinrich Schuchardt211317c2021-08-25 19:13:24 +0200170 * @safe: restoring from tamper-resistant storage
Heinrich Schuchardt4b7d5c12020-07-14 21:25:28 +0200171 * Return: status code
172 */
Heinrich Schuchardt211317c2021-08-25 19:13:24 +0200173efi_status_t efi_var_restore(struct efi_var_file *buf, bool safe);
Heinrich Schuchardt4b7d5c12020-07-14 21:25:28 +0200174
175/**
Heinrich Schuchardt09a8d502020-03-19 18:21:58 +0000176 * efi_var_from_file() - read variables from file
177 *
178 * File ubootefi.var is read from the EFI system partitions and the variables
179 * stored in the file are created.
180 *
181 * In case the file does not exist yet or a variable cannot be set EFI_SUCCESS
182 * is returned.
183 *
184 * Return: status code
185 */
186efi_status_t efi_var_from_file(void);
187
Heinrich Schuchardt29ef99c2020-03-22 09:07:50 +0100188/**
189 * efi_var_mem_init() - set-up variable list
190 *
191 * Return: status code
192 */
193efi_status_t efi_var_mem_init(void);
194
195/**
196 * efi_var_mem_find() - find a variable in the list
197 *
198 * @guid: GUID of the variable
199 * @name: name of the variable
200 * @next: on exit pointer to the next variable after the found one
201 * Return: found variable
202 */
203struct efi_var_entry *efi_var_mem_find(const efi_guid_t *guid, const u16 *name,
204 struct efi_var_entry **next);
205
206/**
207 * efi_var_mem_del() - delete a variable from the list of variables
208 *
209 * @var: variable to delete
210 */
211void efi_var_mem_del(struct efi_var_entry *var);
212
213/**
214 * efi_var_mem_ins() - append a variable to the list of variables
215 *
216 * The variable is appended without checking if a variable of the same name
217 * already exists. The two data buffers are concatenated.
218 *
219 * @variable_name: variable name
220 * @vendor: GUID
221 * @attributes: variable attributes
222 * @size1: size of the first data buffer
223 * @data1: first data buffer
224 * @size2: size of the second data field
225 * @data2: second data buffer
226 * @time: time of authentication (as seconds since start of epoch)
227 * Result: status code
228 */
Heinrich Schuchardt1ad2f0d2021-09-09 07:12:14 +0200229efi_status_t efi_var_mem_ins(const u16 *variable_name,
Heinrich Schuchardt29ef99c2020-03-22 09:07:50 +0100230 const efi_guid_t *vendor, u32 attributes,
231 const efi_uintn_t size1, const void *data1,
232 const efi_uintn_t size2, const void *data2,
233 const u64 time);
234
235/**
236 * efi_var_mem_free() - determine free memory for variables
237 *
238 * Return: maximum data size plus variable name size
239 */
240u64 efi_var_mem_free(void);
241
Heinrich Schuchardt0f2c3332020-07-14 08:04:49 +0200242/**
243 * efi_init_secure_state - initialize secure boot state
244 *
245 * Return: status code
246 */
247efi_status_t efi_init_secure_state(void);
248
Heinrich Schuchardt3a280332020-07-15 12:40:35 +0200249/**
250 * efi_auth_var_get_type() - convert variable name and guid to enum
251 *
252 * @name: name of UEFI variable
253 * @guid: guid of UEFI variable
254 * Return: identifier for authentication related variables
255 */
Heinrich Schuchardt1ad2f0d2021-09-09 07:12:14 +0200256enum efi_auth_var_type efi_auth_var_get_type(const u16 *name,
257 const efi_guid_t *guid);
Heinrich Schuchardt3a280332020-07-15 12:40:35 +0200258
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300259/**
Heinrich Schuchardtcbd28022021-09-09 08:22:58 +0200260 * efi_auth_var_get_guid() - get the predefined GUID for a variable name
261 *
262 * @name: name of UEFI variable
263 * Return: guid of UEFI variable
264 */
265const efi_guid_t *efi_auth_var_get_guid(const u16 *name);
266
267/**
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300268 * efi_get_next_variable_name_mem() - Runtime common code across efi variable
269 * implementations for GetNextVariable()
270 * from the cached memory copy
Heinrich Schuchardt4e82c2e2022-12-18 06:08:57 +0000271 *
272 * @variable_name_size: size of variable_name buffer in bytes
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300273 * @variable_name: name of uefi variable's name in u16
Ilias Apalodimasde708562024-04-18 15:54:52 +0300274 * @mask: bitmask with required attributes of variables to be collected.
275 * variables are only collected if all of the required
276 * attributes match. Use 0 to skip matching
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300277 * @vendor: vendor's guid
278 *
279 * Return: status code
280 */
281efi_status_t __efi_runtime
282efi_get_next_variable_name_mem(efi_uintn_t *variable_name_size, u16 *variable_name,
Ilias Apalodimasde708562024-04-18 15:54:52 +0300283 efi_guid_t *vendor, u32 mask);
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300284/**
285 * efi_get_variable_mem() - Runtime common code across efi variable
286 * implementations for GetVariable() from
287 * the cached memory copy
288 *
289 * @variable_name: name of the variable
290 * @vendor: vendor GUID
291 * @attributes: attributes of the variable
292 * @data_size: size of the buffer to which the variable value is copied
293 * @data: buffer to which the variable value is copied
294 * @timep: authentication time (seconds since start of epoch)
Ilias Apalodimasde708562024-04-18 15:54:52 +0300295 * @mask: bitmask with required attributes of variables to be collected.
296 * variables are only collected if all of the required
297 * attributes match. Use 0 to skip matching
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300298 * Return: status code
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300299 */
300efi_status_t __efi_runtime
Heinrich Schuchardt1ad2f0d2021-09-09 07:12:14 +0200301efi_get_variable_mem(const u16 *variable_name, const efi_guid_t *vendor,
302 u32 *attributes, efi_uintn_t *data_size, void *data,
Ilias Apalodimasde708562024-04-18 15:54:52 +0300303 u64 *timep, u32 mask);
Ilias Apalodimasa4d1b1b2020-07-23 15:49:49 +0300304
305/**
306 * efi_get_variable_runtime() - runtime implementation of GetVariable()
307 *
308 * @variable_name: name of the variable
309 * @guid: vendor GUID
310 * @attributes: attributes of the variable
311 * @data_size: size of the buffer to which the variable value is copied
312 * @data: buffer to which the variable value is copied
313 * Return: status code
314 */
315efi_status_t __efi_runtime EFIAPI
316efi_get_variable_runtime(u16 *variable_name, const efi_guid_t *guid,
317 u32 *attributes, efi_uintn_t *data_size, void *data);
318
319/**
320 * efi_get_next_variable_name_runtime() - runtime implementation of
321 * GetNextVariable()
322 *
323 * @variable_name_size: size of variable_name buffer in byte
324 * @variable_name: name of uefi variable's name in u16
325 * @guid: vendor's guid
326 * Return: status code
327 */
328efi_status_t __efi_runtime EFIAPI
329efi_get_next_variable_name_runtime(efi_uintn_t *variable_name_size,
330 u16 *variable_name, efi_guid_t *guid);
331
Ilias Apalodimas33521442021-01-16 17:28:04 +0200332/**
333 * efi_var_buf_update() - udpate memory buffer for variables
334 *
335 * @var_buf: source buffer
336 *
337 * This function copies to the memory buffer for UEFI variables. Call this
338 * function in ExitBootServices() if memory backed variables are only used
339 * at runtime to fill the buffer.
340 */
341void efi_var_buf_update(struct efi_var_file *var_buf);
342
Ilias Apalodimasde708562024-04-18 15:54:52 +0300343efi_status_t __efi_runtime efi_var_collect_mem(struct efi_var_file *buf,
344 efi_uintn_t *lenp,
345 u32 check_attr_mask);
346
347u32 efi_var_entry_len(struct efi_var_entry *var);
348
Heinrich Schuchardt9827e842020-06-22 18:10:27 +0200349#endif