1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
/** @file
Implementation functions and structures for var check protocol
and variable lock protocol based on VarCheckLib.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "Variable.h"
/**
Mark a variable that will become read-only after leaving the DXE phase of execution.
Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTOCOL is allowed.
@param[in] This The VARIABLE_LOCK_PROTOCOL instance.
@param[in] VariableName A pointer to the variable name that will be made read-only subsequently.
@param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.
@retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked
as pending to be read-only.
@retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
Or VariableName is an empty string.
@retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
already been signaled.
@retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.
**/
EFI_STATUS
EFIAPI
VariableLockRequestToLock (
IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid
)
{
EFI_STATUS Status;
VAR_CHECK_VARIABLE_PROPERTY Property;
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
Status = VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Property);
if (!EFI_ERROR (Status)) {
Property.Property |= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
} else {
Property.Revision = VAR_CHECK_VARIABLE_PROPERTY_REVISION;
Property.Property = VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
Property.Attributes = 0;
Property.MinSize = 1;
Property.MaxSize = MAX_UINTN;
}
Status = VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Property);
DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableName, Status));
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
return Status;
}
/**
Register SetVariable check handler.
@param[in] Handler Pointer to check handler.
@retval EFI_SUCCESS The SetVariable check handler was registered successfully.
@retval EFI_INVALID_PARAMETER Handler is NULL.
@retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
already been signaled.
@retval EFI_OUT_OF_RESOURCES There is not enough resource for the SetVariable check handler register request.
@retval EFI_UNSUPPORTED This interface is not implemented.
For example, it is unsupported in VarCheck protocol if both VarCheck and SmmVarCheck protocols are present.
**/
EFI_STATUS
EFIAPI
VarCheckRegisterSetVariableCheckHandler (
IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler
)
{
EFI_STATUS Status;
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
Status = VarCheckLibRegisterSetVariableCheckHandler (Handler);
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
return Status;
}
/**
Variable property set.
@param[in] Name Pointer to the variable name.
@param[in] Guid Pointer to the vendor GUID.
@param[in] VariableProperty Pointer to the input variable property.
@retval EFI_SUCCESS The property of variable specified by the Name and Guid was set successfully.
@retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string,
or the fields of VariableProperty are not valid.
@retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
already been signaled.
@retval EFI_OUT_OF_RESOURCES There is not enough resource for the variable property set request.
**/
EFI_STATUS
EFIAPI
VarCheckVariablePropertySet (
IN CHAR16 *Name,
IN EFI_GUID *Guid,
IN VAR_CHECK_VARIABLE_PROPERTY *VariableProperty
)
{
EFI_STATUS Status;
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
Status = VarCheckLibVariablePropertySet (Name, Guid, VariableProperty);
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
return Status;
}
/**
Variable property get.
@param[in] Name Pointer to the variable name.
@param[in] Guid Pointer to the vendor GUID.
@param[out] VariableProperty Pointer to the output variable property.
@retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.
@retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string.
@retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.
**/
EFI_STATUS
EFIAPI
VarCheckVariablePropertyGet (
IN CHAR16 *Name,
IN EFI_GUID *Guid,
OUT VAR_CHECK_VARIABLE_PROPERTY *VariableProperty
)
{
EFI_STATUS Status;
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
Status = VarCheckLibVariablePropertyGet (Name, Guid, VariableProperty);
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
return Status;
}
|
