1 /*- 2 * Copyright (c) 2016 Netflix, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer 10 * in this position and unchanged. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include <efivar.h> 31 #include <sys/efiio.h> 32 #include <sys/param.h> 33 #include <errno.h> 34 #include <fcntl.h> 35 #include <stdio.h> 36 #include <stdlib.h> 37 #include <string.h> 38 39 #include "efivar.h" 40 #include "libefivar_int.h" 41 42 static int efi_fd = -2; 43 44 #define Z { 0, 0, 0, 0, 0, { 0 } } 45 46 const efi_guid_t efi_guid_empty = Z; 47 48 static struct uuid_table guid_tbl [] = 49 { 50 { "00000000-0000-0000-0000-000000000000", "zero", Z }, 51 { "093e0fae-a6c4-4f50-9f1b-d41e2b89c19a", "sha512", Z }, 52 { "0abba7dc-e516-4167-bbf5-4d9d1c739416", "redhat", Z }, 53 { "0b6e5233-a65c-44c9-9407-d9ab83bfc8bd", "sha224", Z }, 54 { "126a762d-5758-4fca-8531-201a7f57f850", "lenovo_boot_menu", Z }, 55 { "3bd2a492-96c0-4079-b420-fcf98ef103ed", "x509_sha256", Z }, 56 { "3c5766e8-269c-4e34-aa14-ed776e85b3b6", "rsa2048", Z }, 57 { "3CC24E96-22C7-41D8-8863-8E39DCDCC2CF", "lenovo", Z }, 58 { "3f7e615b-0d45-4f80-88dc-26b234958560", "lenovo_diag", Z }, 59 { "446dbf63-2502-4cda-bcfa-2465d2b0fe9d", "x509_sha512", Z }, 60 { "4aafd29d-68df-49ee-8aa9-347d375665a7", "pkcs7_cert", Z }, 61 { "605dab50-e046-4300-abb6-3dd810dd8b23", "shim", Z }, 62 { "665d3f60-ad3e-4cad-8e26-db46eee9f1b5", "lenovo_rescue", Z }, 63 { "67f8444f-8743-48f1-a328-1eaab8736080", "rsa2048_sha1", Z }, 64 { "7076876e-80c2-4ee6-aad2-28b349a6865b", "x509_sha384", Z }, 65 { "721c8b66-426c-4e86-8e99-3457c46ab0b9", "lenovo_setup", Z }, 66 { "77fa9abd-0359-4d32-bd60-28f4e78f784b", "microsoft", Z }, 67 { "7FACC7B6-127F-4E9C-9C5D-080F98994345", "lenovo_2", Z }, 68 { "826ca512-cf10-4ac9-b187-be01496631bd", "sha1", Z }, 69 { "82988420-7467-4490-9059-feb448dd1963", "lenovo_me_config", Z }, 70 { "8be4df61-93ca-11d2-aa0d-00e098032b8c", "global", Z }, 71 { "a5c059a1-94e4-4aa7-87b5-ab155c2bf072", "x509_cert", Z }, 72 { "a7717414-c616-4977-9420-844712a735bf", "rsa2048_sha256_cert", Z }, 73 { "a7d8d9a6-6ab0-4aeb-ad9d-163e59a7a380", "lenovo_diag_splash", Z }, 74 { "ade9e48f-9cb8-98e6-31af-b4e6009e2fe3", "redhat_2", Z }, 75 { "bc7838d2-0f82-4d60-8316-c068ee79d25b", "lenovo_msg", Z }, 76 { "c1c41626-504c-4092-aca9-41f936934328", "sha256", Z }, 77 { "c57ad6b7-0515-40a8-9d21-551652854e37", "shell", Z }, 78 { "d719b2cb-3d3a-4596-a3bc-dad00e67656f", "security", Z }, 79 { "e2b36190-879b-4a3d-ad8d-f2e7bba32784", "rsa2048_sha256", Z }, 80 { "ff3e5307-9fd0-48c9-85f1-8ad56c701e01", "sha384", Z }, 81 { "f46ee6f4-4785-43a3-923d-7f786c3c8479", "lenovo_startup_interrupt", Z }, 82 { "ffffffff-ffff-ffff-ffff-ffffffffffff", "zzignore-this-guid", Z }, 83 }; 84 #undef Z 85 86 static void 87 efi_guid_tbl_compile(void) 88 { 89 size_t i; 90 uint32_t status; 91 static int done = 0; 92 93 if (done) 94 return; 95 for (i = 0; i < nitems(guid_tbl); i++) { 96 uuid_from_string(guid_tbl[i].uuid_str, &guid_tbl[i].guid, 97 &status); 98 /* all f's is a bad version, so ignore that error */ 99 if (status != uuid_s_ok && status != uuid_s_bad_version) 100 fprintf(stderr, "Can't convert %s to a uuid for %s: %d\n", 101 guid_tbl[i].uuid_str, guid_tbl[i].name, (int)status); 102 } 103 done = 1; 104 } 105 106 int 107 efi_known_guid(struct uuid_table **tbl) 108 { 109 110 *tbl = guid_tbl; 111 return (nitems(guid_tbl)); 112 } 113 114 static int 115 efi_open_dev(void) 116 { 117 118 if (efi_fd == -2) 119 efi_fd = open("/dev/efi", O_RDWR); 120 if (efi_fd < 0) 121 efi_fd = -1; 122 else 123 efi_guid_tbl_compile(); 124 return (efi_fd); 125 } 126 127 static void 128 efi_var_reset(struct efi_var_ioc *var) 129 { 130 var->name = NULL; 131 var->namesize = 0; 132 memset(&var->vendor, 0, sizeof(var->vendor)); 133 var->attrib = 0; 134 var->data = NULL; 135 var->datasize = 0; 136 } 137 138 static int 139 rv_to_linux_rv(int rv) 140 { 141 if (rv == 0) 142 rv = 1; 143 else 144 rv = -errno; 145 return (rv); 146 } 147 148 int 149 efi_append_variable(efi_guid_t guid, const char *name, 150 uint8_t *data, size_t data_size, uint32_t attributes) 151 { 152 153 return efi_set_variable(guid, name, data, data_size, 154 attributes | EFI_VARIABLE_APPEND_WRITE, 0); 155 } 156 157 int 158 efi_del_variable(efi_guid_t guid, const char *name) 159 { 160 161 /* data_size of 0 deletes the variable */ 162 return efi_set_variable(guid, name, NULL, 0, 0, 0); 163 } 164 165 int 166 efi_get_variable(efi_guid_t guid, const char *name, 167 uint8_t **data, size_t *data_size, uint32_t *attributes) 168 { 169 struct efi_var_ioc var; 170 int rv; 171 static uint8_t buf[1024*32]; 172 173 if (efi_open_dev() == -1) 174 return -1; 175 176 efi_var_reset(&var); 177 rv = libefi_utf8_to_ucs2(name, &var.name, &var.namesize); 178 if (rv != 0) 179 goto errout; 180 var.vendor = guid; 181 var.data = buf; 182 var.datasize = sizeof(buf); 183 rv = ioctl(efi_fd, EFIIOC_VAR_GET, &var); 184 if (data_size != NULL) 185 *data_size = var.datasize; 186 if (data != NULL) 187 *data = buf; 188 if (attributes != NULL) 189 *attributes = var.attrib; 190 errout: 191 free(var.name); 192 193 return rv_to_linux_rv(rv); 194 } 195 196 int 197 efi_get_variable_attributes(efi_guid_t guid, const char *name, 198 uint32_t *attributes) 199 { 200 /* Make sure this construct works -- I think it will fail */ 201 202 return efi_get_variable(guid, name, NULL, NULL, attributes); 203 } 204 205 int 206 efi_get_variable_size(efi_guid_t guid, const char *name, 207 size_t *size) 208 { 209 210 /* XXX check to make sure this matches the linux value */ 211 212 *size = 0; 213 return efi_get_variable(guid, name, NULL, size, NULL); 214 } 215 216 int 217 efi_get_next_variable_name(efi_guid_t **guid, char **name) 218 { 219 struct efi_var_ioc var; 220 int rv; 221 static efi_char *buf; 222 static size_t buflen = 256 * sizeof(efi_char); 223 static efi_guid_t retguid; 224 size_t size; 225 226 if (efi_open_dev() == -1) 227 return -1; 228 229 if (buf == NULL) 230 buf = malloc(buflen); 231 232 again: 233 efi_var_reset(&var); 234 var.name = buf; 235 var.namesize = buflen; 236 if (*name == NULL) { 237 *buf = 0; 238 /* GUID zeroed in var_reset */ 239 } else { 240 rv = libefi_utf8_to_ucs2(*name, &var.name, &size); 241 if (rv != 0) 242 goto errout; 243 var.vendor = **guid; 244 } 245 rv = ioctl(efi_fd, EFIIOC_VAR_NEXT, &var); 246 if (rv == 0 && var.name == NULL) { 247 /* 248 * oops, too little space. Try again. 249 */ 250 void *new = realloc(buf, buflen); 251 buflen = var.namesize; 252 if (new == NULL) { 253 rv = -1; 254 errno = ENOMEM; 255 goto done; 256 } 257 buf = new; 258 goto again; 259 } 260 261 if (rv == 0) { 262 *name = NULL; /* XXX */ 263 var.name[var.namesize / sizeof(efi_char)] = 0; /* EFI doesn't NUL terminate */ 264 rv = libefi_ucs2_to_utf8(var.name, name); 265 if (rv != 0) 266 goto errout; 267 retguid = var.vendor; 268 *guid = &retguid; 269 } 270 errout: 271 272 /* XXX The linux interface expects name to be a static buffer -- fix or leak memory? */ 273 done: 274 if (errno == ENOENT) { 275 errno = 0; 276 return 0; 277 } 278 279 return (rv_to_linux_rv(rv)); 280 } 281 282 int 283 efi_guid_cmp(const efi_guid_t *guid1, const efi_guid_t *guid2) 284 { 285 uint32_t status; 286 287 return uuid_compare(guid1, guid2, &status); 288 } 289 290 int 291 efi_guid_is_zero(const efi_guid_t *guid) 292 { 293 uint32_t status; 294 295 return uuid_is_nil(guid, &status); 296 } 297 298 int 299 efi_guid_to_name(efi_guid_t *guid, char **name) 300 { 301 size_t i; 302 uint32_t status; 303 304 efi_guid_tbl_compile(); 305 for (i = 0; i < nitems(guid_tbl); i++) { 306 if (uuid_equal(guid, &guid_tbl[i].guid, &status)) { 307 *name = strdup(guid_tbl[i].name); 308 return (0); 309 } 310 } 311 return (efi_guid_to_str(guid, name)); 312 } 313 314 int 315 efi_guid_to_symbol(efi_guid_t *guid __unused, char **symbol __unused) 316 { 317 318 /* 319 * Unsure what this is used for, efibootmgr doesn't use it. 320 * Leave unimplemented for now. 321 */ 322 return -1; 323 } 324 325 int 326 efi_guid_to_str(const efi_guid_t *guid, char **sp) 327 { 328 uint32_t status; 329 330 /* knows efi_guid_t is a typedef of uuid_t */ 331 uuid_to_string(guid, sp, &status); 332 333 return (status == uuid_s_ok ? 0 : -1); 334 } 335 336 int 337 efi_name_to_guid(const char *name, efi_guid_t *guid) 338 { 339 size_t i; 340 341 efi_guid_tbl_compile(); 342 for (i = 0; i < nitems(guid_tbl); i++) { 343 if (strcmp(name, guid_tbl[i].name) == 0) { 344 *guid = guid_tbl[i].guid; 345 return (0); 346 } 347 } 348 return (efi_str_to_guid(name, guid)); 349 } 350 351 int 352 efi_set_variable(efi_guid_t guid, const char *name, 353 uint8_t *data, size_t data_size, uint32_t attributes, mode_t mode __unused) 354 { 355 struct efi_var_ioc var; 356 int rv; 357 358 if (efi_open_dev() == -1) 359 return -1; 360 361 efi_var_reset(&var); 362 rv = libefi_utf8_to_ucs2(name, &var.name, &var.namesize); 363 if (rv != 0) 364 goto errout; 365 var.vendor = guid; 366 var.data = data; 367 var.datasize = data_size; 368 var.attrib = attributes; 369 rv = ioctl(efi_fd, EFIIOC_VAR_SET, &var); 370 errout: 371 free(var.name); 372 373 return rv; 374 } 375 376 int 377 efi_str_to_guid(const char *s, efi_guid_t *guid) 378 { 379 uint32_t status; 380 381 /* knows efi_guid_t is a typedef of uuid_t */ 382 uuid_from_string(s, guid, &status); 383 384 return (status == uuid_s_ok ? 0 : -1); 385 } 386 387 int 388 efi_variables_supported(void) 389 { 390 391 return efi_open_dev() != -1; 392 } 393