1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2012 Red Hat, Inc.
4 * Copyright (C) 2012 Jeremy Kerr <jeremy.kerr@canonical.com>
5 */
6
7 #include <linux/ctype.h>
8 #include <linux/efi.h>
9 #include <linux/fs.h>
10 #include <linux/fs_context.h>
11 #include <linux/fs_parser.h>
12 #include <linux/module.h>
13 #include <linux/pagemap.h>
14 #include <linux/ucs2_string.h>
15 #include <linux/slab.h>
16 #include <linux/suspend.h>
17 #include <linux/magic.h>
18 #include <linux/statfs.h>
19 #include <linux/notifier.h>
20 #include <linux/printk.h>
21 #include <linux/namei.h>
22
23 #include "internal.h"
24 #include "../internal.h"
25
efivarfs_ops_notifier(struct notifier_block * nb,unsigned long event,void * data)26 static int efivarfs_ops_notifier(struct notifier_block *nb, unsigned long event,
27 void *data)
28 {
29 struct efivarfs_fs_info *sfi = container_of(nb, struct efivarfs_fs_info, nb);
30
31 switch (event) {
32 case EFIVAR_OPS_RDONLY:
33 sfi->sb->s_flags |= SB_RDONLY;
34 break;
35 case EFIVAR_OPS_RDWR:
36 sfi->sb->s_flags &= ~SB_RDONLY;
37 break;
38 default:
39 return NOTIFY_DONE;
40 }
41
42 return NOTIFY_OK;
43 }
44
efivarfs_alloc_inode(struct super_block * sb)45 static struct inode *efivarfs_alloc_inode(struct super_block *sb)
46 {
47 struct efivar_entry *entry = kzalloc_obj(*entry);
48
49 if (!entry)
50 return NULL;
51
52 inode_init_once(&entry->vfs_inode);
53 entry->removed = false;
54
55 return &entry->vfs_inode;
56 }
57
efivarfs_free_inode(struct inode * inode)58 static void efivarfs_free_inode(struct inode *inode)
59 {
60 struct efivar_entry *entry = efivar_entry(inode);
61
62 kfree(entry);
63 }
64
efivarfs_show_options(struct seq_file * m,struct dentry * root)65 static int efivarfs_show_options(struct seq_file *m, struct dentry *root)
66 {
67 struct super_block *sb = root->d_sb;
68 struct efivarfs_fs_info *sbi = sb->s_fs_info;
69 struct efivarfs_mount_opts *opts = &sbi->mount_opts;
70
71 if (!uid_eq(opts->uid, GLOBAL_ROOT_UID))
72 seq_printf(m, ",uid=%u",
73 from_kuid_munged(&init_user_ns, opts->uid));
74 if (!gid_eq(opts->gid, GLOBAL_ROOT_GID))
75 seq_printf(m, ",gid=%u",
76 from_kgid_munged(&init_user_ns, opts->gid));
77 return 0;
78 }
79
efivarfs_statfs(struct dentry * dentry,struct kstatfs * buf)80 static int efivarfs_statfs(struct dentry *dentry, struct kstatfs *buf)
81 {
82 const u32 attr = EFI_VARIABLE_NON_VOLATILE |
83 EFI_VARIABLE_BOOTSERVICE_ACCESS |
84 EFI_VARIABLE_RUNTIME_ACCESS;
85 u64 storage_space, remaining_space, max_variable_size;
86 u64 id = huge_encode_dev(dentry->d_sb->s_dev);
87 efi_status_t status;
88
89 /* Some UEFI firmware does not implement QueryVariableInfo() */
90 storage_space = remaining_space = 0;
91 if (efi_rt_services_supported(EFI_RT_SUPPORTED_QUERY_VARIABLE_INFO)) {
92 status = efivar_query_variable_info(attr, &storage_space,
93 &remaining_space,
94 &max_variable_size);
95 if (status != EFI_SUCCESS && status != EFI_UNSUPPORTED)
96 pr_warn_ratelimited("query_variable_info() failed: 0x%lx\n",
97 status);
98 }
99
100 /*
101 * This is not a normal filesystem, so no point in pretending it has a block
102 * size; we declare f_bsize to 1, so that we can then report the exact value
103 * sent by EFI QueryVariableInfo in f_blocks and f_bfree
104 */
105 buf->f_bsize = 1;
106 buf->f_namelen = NAME_MAX;
107 buf->f_blocks = storage_space;
108 buf->f_bfree = remaining_space;
109 buf->f_type = dentry->d_sb->s_magic;
110 buf->f_fsid = u64_to_fsid(id);
111
112 /*
113 * In f_bavail we declare the free space that the kernel will allow writing
114 * when the storage_paranoia x86 quirk is active. To use more, users
115 * should boot the kernel with efi_no_storage_paranoia.
116 */
117 if (remaining_space > efivar_reserved_space())
118 buf->f_bavail = remaining_space - efivar_reserved_space();
119 else
120 buf->f_bavail = 0;
121
122 return 0;
123 }
124
125 static int efivarfs_freeze_fs(struct super_block *sb);
126 static int efivarfs_unfreeze_fs(struct super_block *sb);
127
128 static const struct super_operations efivarfs_ops = {
129 .statfs = efivarfs_statfs,
130 .drop_inode = inode_just_drop,
131 .alloc_inode = efivarfs_alloc_inode,
132 .free_inode = efivarfs_free_inode,
133 .show_options = efivarfs_show_options,
134 .freeze_fs = efivarfs_freeze_fs,
135 .unfreeze_fs = efivarfs_unfreeze_fs,
136 };
137
138 /*
139 * Compare two efivarfs file names.
140 *
141 * An efivarfs filename is composed of two parts,
142 *
143 * 1. A case-sensitive variable name
144 * 2. A case-insensitive GUID
145 *
146 * So we need to perform a case-sensitive match on part 1 and a
147 * case-insensitive match on part 2.
148 */
efivarfs_d_compare(const struct dentry * dentry,unsigned int len,const char * str,const struct qstr * name)149 static int efivarfs_d_compare(const struct dentry *dentry,
150 unsigned int len, const char *str,
151 const struct qstr *name)
152 {
153 int guid = len - EFI_VARIABLE_GUID_LEN;
154
155 /* Parallel lookups may produce a temporary invalid filename */
156 if (guid <= 0)
157 return 1;
158
159 if (name->len != len)
160 return 1;
161
162 /* Case-sensitive compare for the variable name */
163 if (memcmp(str, name->name, guid))
164 return 1;
165
166 /* Case-insensitive compare for the GUID */
167 return strncasecmp(name->name + guid, str + guid, EFI_VARIABLE_GUID_LEN);
168 }
169
efivarfs_d_hash(const struct dentry * dentry,struct qstr * qstr)170 static int efivarfs_d_hash(const struct dentry *dentry, struct qstr *qstr)
171 {
172 unsigned long hash = init_name_hash(dentry);
173 const unsigned char *s = qstr->name;
174 unsigned int len = qstr->len;
175
176 while (len-- > EFI_VARIABLE_GUID_LEN)
177 hash = partial_name_hash(*s++, hash);
178
179 /* GUID is case-insensitive. */
180 while (len--)
181 hash = partial_name_hash(tolower(*s++), hash);
182
183 qstr->hash = end_name_hash(hash);
184 return 0;
185 }
186
187 static const struct dentry_operations efivarfs_d_ops = {
188 .d_compare = efivarfs_d_compare,
189 .d_hash = efivarfs_d_hash,
190 };
191
efivarfs_alloc_dentry(struct dentry * parent,char * name)192 static struct dentry *efivarfs_alloc_dentry(struct dentry *parent, char *name)
193 {
194 struct qstr q = QSTR(name);
195 struct dentry *d;
196 int err;
197
198 err = efivarfs_d_hash(parent, &q);
199 if (err)
200 return ERR_PTR(err);
201
202 d = d_alloc(parent, &q);
203 if (d)
204 return d;
205
206 return ERR_PTR(-ENOMEM);
207 }
208
efivarfs_variable_is_present(efi_char16_t * variable_name,efi_guid_t * vendor,void * data)209 bool efivarfs_variable_is_present(efi_char16_t *variable_name,
210 efi_guid_t *vendor, void *data)
211 {
212 char *name = efivar_get_utf8name(variable_name, vendor);
213 struct super_block *sb = data;
214 struct dentry *dentry;
215
216 if (!name)
217 /*
218 * If the allocation failed there'll already be an
219 * error in the log (and likely a huge and growing
220 * number of them since they system will be under
221 * extreme memory pressure), so simply assume
222 * collision for safety but don't add to the log
223 * flood.
224 */
225 return true;
226
227 dentry = try_lookup_noperm(&QSTR(name), sb->s_root);
228 kfree(name);
229 if (!IS_ERR_OR_NULL(dentry))
230 dput(dentry);
231
232 return dentry != NULL;
233 }
234
efivarfs_create_dentry(struct super_block * sb,efi_char16_t * name16,unsigned long name_size,efi_guid_t vendor,char * name)235 static int efivarfs_create_dentry(struct super_block *sb, efi_char16_t *name16,
236 unsigned long name_size, efi_guid_t vendor,
237 char *name)
238 {
239 struct efivar_entry *entry;
240 struct inode *inode;
241 struct dentry *dentry, *root = sb->s_root;
242 unsigned long size = 0;
243 int len;
244 int err = -ENOMEM;
245 bool is_removable = false;
246
247 /* length of the variable name itself: remove GUID and separator */
248 len = strlen(name) - EFI_VARIABLE_GUID_LEN - 1;
249
250 if (efivar_variable_is_removable(vendor, name, len))
251 is_removable = true;
252
253 inode = efivarfs_get_inode(sb, d_inode(root), S_IFREG | 0644, 0,
254 is_removable);
255 if (!inode)
256 goto fail_name;
257
258 entry = efivar_entry(inode);
259
260 memcpy(entry->var.VariableName, name16, name_size);
261 memcpy(&(entry->var.VendorGuid), &vendor, sizeof(efi_guid_t));
262
263 dentry = efivarfs_alloc_dentry(root, name);
264 if (IS_ERR(dentry)) {
265 err = PTR_ERR(dentry);
266 goto fail_inode;
267 }
268
269 __efivar_entry_get(entry, NULL, &size, NULL);
270
271 /* copied by the above to local storage in the dentry. */
272 kfree(name);
273
274 inode_lock(inode);
275 inode->i_private = entry;
276 i_size_write(inode, size + sizeof(__u32)); /* attributes + data */
277 inode_unlock(inode);
278 d_make_persistent(dentry, inode);
279 dput(dentry);
280
281 return 0;
282
283 fail_inode:
284 iput(inode);
285 fail_name:
286 kfree(name);
287
288 return err;
289 }
290
efivarfs_callback(efi_char16_t * name16,efi_guid_t vendor,unsigned long name_size,void * data)291 static int efivarfs_callback(efi_char16_t *name16, efi_guid_t vendor,
292 unsigned long name_size, void *data)
293 {
294 struct super_block *sb = (struct super_block *)data;
295 char *name;
296
297 if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID))
298 return 0;
299
300 name = efivar_get_utf8name(name16, &vendor);
301 if (!name)
302 return -ENOMEM;
303
304 return efivarfs_create_dentry(sb, name16, name_size, vendor, name);
305 }
306
307 enum {
308 Opt_uid, Opt_gid,
309 };
310
311 static const struct fs_parameter_spec efivarfs_parameters[] = {
312 fsparam_uid("uid", Opt_uid),
313 fsparam_gid("gid", Opt_gid),
314 {},
315 };
316
efivarfs_parse_param(struct fs_context * fc,struct fs_parameter * param)317 static int efivarfs_parse_param(struct fs_context *fc, struct fs_parameter *param)
318 {
319 struct efivarfs_fs_info *sbi = fc->s_fs_info;
320 struct efivarfs_mount_opts *opts = &sbi->mount_opts;
321 struct fs_parse_result result;
322 int opt;
323
324 opt = fs_parse(fc, efivarfs_parameters, param, &result);
325 if (opt < 0)
326 return opt;
327
328 switch (opt) {
329 case Opt_uid:
330 opts->uid = result.uid;
331 break;
332 case Opt_gid:
333 opts->gid = result.gid;
334 break;
335 default:
336 return -EINVAL;
337 }
338
339 return 0;
340 }
341
efivarfs_fill_super(struct super_block * sb,struct fs_context * fc)342 static int efivarfs_fill_super(struct super_block *sb, struct fs_context *fc)
343 {
344 struct efivarfs_fs_info *sfi = sb->s_fs_info;
345 struct inode *inode = NULL;
346 struct dentry *root;
347 int err;
348
349 sb->s_maxbytes = MAX_LFS_FILESIZE;
350 sb->s_blocksize = PAGE_SIZE;
351 sb->s_blocksize_bits = PAGE_SHIFT;
352 sb->s_magic = EFIVARFS_MAGIC;
353 sb->s_op = &efivarfs_ops;
354 set_default_d_op(sb, &efivarfs_d_ops);
355 sb->s_d_flags |= DCACHE_DONTCACHE;
356 sb->s_time_gran = 1;
357
358 if (!efivar_supports_writes())
359 sb->s_flags |= SB_RDONLY;
360
361 inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0, true);
362 if (!inode)
363 return -ENOMEM;
364 inode->i_op = &efivarfs_dir_inode_operations;
365
366 root = d_make_root(inode);
367 sb->s_root = root;
368 if (!root)
369 return -ENOMEM;
370
371 sfi->sb = sb;
372 sfi->nb.notifier_call = efivarfs_ops_notifier;
373 err = blocking_notifier_chain_register(&efivar_ops_nh, &sfi->nb);
374 if (err)
375 return err;
376
377 return efivar_init(efivarfs_callback, sb, true);
378 }
379
efivarfs_get_tree(struct fs_context * fc)380 static int efivarfs_get_tree(struct fs_context *fc)
381 {
382 return get_tree_single(fc, efivarfs_fill_super);
383 }
384
efivarfs_reconfigure(struct fs_context * fc)385 static int efivarfs_reconfigure(struct fs_context *fc)
386 {
387 if (!efivar_supports_writes() && !(fc->sb_flags & SB_RDONLY)) {
388 pr_err("Firmware does not support SetVariableRT. Can not remount with rw\n");
389 return -EINVAL;
390 }
391
392 return 0;
393 }
394
efivarfs_free(struct fs_context * fc)395 static void efivarfs_free(struct fs_context *fc)
396 {
397 kfree(fc->s_fs_info);
398 }
399
400 static const struct fs_context_operations efivarfs_context_ops = {
401 .get_tree = efivarfs_get_tree,
402 .parse_param = efivarfs_parse_param,
403 .reconfigure = efivarfs_reconfigure,
404 .free = efivarfs_free,
405 };
406
efivarfs_check_missing(efi_char16_t * name16,efi_guid_t vendor,unsigned long name_size,void * data)407 static int efivarfs_check_missing(efi_char16_t *name16, efi_guid_t vendor,
408 unsigned long name_size, void *data)
409 {
410 char *name;
411 struct super_block *sb = data;
412 struct dentry *dentry;
413 int err;
414
415 if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID))
416 return 0;
417
418 name = efivar_get_utf8name(name16, &vendor);
419 if (!name)
420 return -ENOMEM;
421
422 dentry = try_lookup_noperm(&QSTR(name), sb->s_root);
423 if (IS_ERR(dentry)) {
424 err = PTR_ERR(dentry);
425 goto out;
426 }
427
428 if (!dentry) {
429 /* found missing entry */
430 pr_info("efivarfs: creating variable %s\n", name);
431 return efivarfs_create_dentry(sb, name16, name_size, vendor, name);
432 }
433
434 dput(dentry);
435 err = 0;
436
437 out:
438 kfree(name);
439
440 return err;
441 }
442
443 static struct file_system_type efivarfs_type;
444
efivarfs_freeze_fs(struct super_block * sb)445 static int efivarfs_freeze_fs(struct super_block *sb)
446 {
447 /* Nothing for us to do. */
448 return 0;
449 }
450
efivarfs_unfreeze_fs(struct super_block * sb)451 static int efivarfs_unfreeze_fs(struct super_block *sb)
452 {
453 struct dentry *child = NULL;
454
455 /*
456 * Unconditionally resync the variable state on a thaw request.
457 * Given the size of efivarfs it really doesn't matter to simply
458 * iterate through all of the entries and resync. Freeze/thaw
459 * requests are rare enough for that to not matter and the
460 * number of entries is pretty low too. So we really don't care.
461 */
462 pr_info("efivarfs: resyncing variable state\n");
463 for (;;) {
464 int err;
465 unsigned long size = 0;
466 struct inode *inode;
467 struct efivar_entry *entry;
468
469 child = find_next_child(sb->s_root, child);
470 if (!child)
471 break;
472
473 inode = d_inode(child);
474 entry = efivar_entry(inode);
475
476 err = efivar_entry_size(entry, &size);
477 if (err)
478 size = 0;
479 else
480 size += sizeof(__u32);
481
482 inode_lock(inode);
483 i_size_write(inode, size);
484 inode_unlock(inode);
485
486 /* The variable doesn't exist anymore, delete it. */
487 if (!size) {
488 pr_info("efivarfs: removing variable %pd\n", child);
489 simple_recursive_removal(child, NULL);
490 }
491 }
492
493 efivar_init(efivarfs_check_missing, sb, false);
494 pr_info("efivarfs: finished resyncing variable state\n");
495 return 0;
496 }
497
efivarfs_init_fs_context(struct fs_context * fc)498 static int efivarfs_init_fs_context(struct fs_context *fc)
499 {
500 struct efivarfs_fs_info *sfi;
501
502 if (!efivar_is_available())
503 return -EOPNOTSUPP;
504
505 sfi = kzalloc_obj(*sfi);
506 if (!sfi)
507 return -ENOMEM;
508
509 sfi->mount_opts.uid = GLOBAL_ROOT_UID;
510 sfi->mount_opts.gid = GLOBAL_ROOT_GID;
511
512 fc->s_fs_info = sfi;
513 fc->ops = &efivarfs_context_ops;
514
515 return 0;
516 }
517
efivarfs_kill_sb(struct super_block * sb)518 static void efivarfs_kill_sb(struct super_block *sb)
519 {
520 struct efivarfs_fs_info *sfi = sb->s_fs_info;
521
522 blocking_notifier_chain_unregister(&efivar_ops_nh, &sfi->nb);
523 kill_anon_super(sb);
524
525 kfree(sfi);
526 }
527
528 static struct file_system_type efivarfs_type = {
529 .owner = THIS_MODULE,
530 .name = "efivarfs",
531 .init_fs_context = efivarfs_init_fs_context,
532 .kill_sb = efivarfs_kill_sb,
533 .parameters = efivarfs_parameters,
534 .fs_flags = FS_POWER_FREEZE,
535 };
536
efivarfs_init(void)537 static __init int efivarfs_init(void)
538 {
539 return register_filesystem(&efivarfs_type);
540 }
541
efivarfs_exit(void)542 static __exit void efivarfs_exit(void)
543 {
544 unregister_filesystem(&efivarfs_type);
545 }
546
547 MODULE_AUTHOR("Matthew Garrett, Jeremy Kerr");
548 MODULE_DESCRIPTION("EFI Variable Filesystem");
549 MODULE_LICENSE("GPL");
550 MODULE_ALIAS_FS("efivarfs");
551
552 module_init(efivarfs_init);
553 module_exit(efivarfs_exit);
554