1 /*- 2 * Copyright (c) 2016 Netflix, Inc. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 */ 25 26 #include <efivar.h> 27 #include <sys/efiio.h> 28 #include <sys/param.h> 29 #include <errno.h> 30 #include <fcntl.h> 31 #include <stdbool.h> 32 #include <stdio.h> 33 #include <stdlib.h> 34 #include <string.h> 35 36 #include "efichar.h" 37 38 static int efi_fd = -2; 39 40 #define Z { 0 } 41 42 const efi_guid_t efi_guid_empty = Z; 43 44 static struct guid_table guid_tbl [] = 45 { 46 { "00000000-0000-0000-0000-000000000000", "zero", Z }, 47 { "093e0fae-a6c4-4f50-9f1b-d41e2b89c19a", "sha512", Z }, 48 { "0abba7dc-e516-4167-bbf5-4d9d1c739416", "redhat", Z }, 49 { "0b6e5233-a65c-44c9-9407-d9ab83bfc8bd", "sha224", Z }, 50 { "126a762d-5758-4fca-8531-201a7f57f850", "lenovo_boot_menu", Z }, 51 { "3bd2a492-96c0-4079-b420-fcf98ef103ed", "x509_sha256", Z }, 52 { "3c5766e8-269c-4e34-aa14-ed776e85b3b6", "rsa2048", Z }, 53 { "3CC24E96-22C7-41D8-8863-8E39DCDCC2CF", "lenovo", Z }, 54 { "3f7e615b-0d45-4f80-88dc-26b234958560", "lenovo_diag", Z }, 55 { "446dbf63-2502-4cda-bcfa-2465d2b0fe9d", "x509_sha512", Z }, 56 { "4aafd29d-68df-49ee-8aa9-347d375665a7", "pkcs7_cert", Z }, 57 { "605dab50-e046-4300-abb6-3dd810dd8b23", "shim", Z }, 58 { "665d3f60-ad3e-4cad-8e26-db46eee9f1b5", "lenovo_rescue", Z }, 59 { "67f8444f-8743-48f1-a328-1eaab8736080", "rsa2048_sha1", Z }, 60 { "7076876e-80c2-4ee6-aad2-28b349a6865b", "x509_sha384", Z }, 61 { "721c8b66-426c-4e86-8e99-3457c46ab0b9", "lenovo_setup", Z }, 62 { "77fa9abd-0359-4d32-bd60-28f4e78f784b", "microsoft", Z }, 63 { "7FACC7B6-127F-4E9C-9C5D-080F98994345", "lenovo_2", Z }, 64 { "826ca512-cf10-4ac9-b187-be01496631bd", "sha1", Z }, 65 { "82988420-7467-4490-9059-feb448dd1963", "lenovo_me_config", Z }, 66 { "8be4df61-93ca-11d2-aa0d-00e098032b8c", "global", Z }, 67 { "a5c059a1-94e4-4aa7-87b5-ab155c2bf072", "x509_cert", Z }, 68 { "a7717414-c616-4977-9420-844712a735bf", "rsa2048_sha256_cert", Z }, 69 { "a7d8d9a6-6ab0-4aeb-ad9d-163e59a7a380", "lenovo_diag_splash", Z }, 70 { "ade9e48f-9cb8-98e6-31af-b4e6009e2fe3", "redhat_2", Z }, 71 { "bc7838d2-0f82-4d60-8316-c068ee79d25b", "lenovo_msg", Z }, 72 { "c1c41626-504c-4092-aca9-41f936934328", "sha256", Z }, 73 { "c57ad6b7-0515-40a8-9d21-551652854e37", "shell", Z }, 74 { "d719b2cb-3d3a-4596-a3bc-dad00e67656f", "security", Z }, 75 { "e2b36190-879b-4a3d-ad8d-f2e7bba32784", "rsa2048_sha256", Z }, 76 { "ff3e5307-9fd0-48c9-85f1-8ad56c701e01", "sha384", Z }, 77 { "f46ee6f4-4785-43a3-923d-7f786c3c8479", "lenovo_startup_interrupt", Z }, 78 }; 79 80 int 81 efi_str_to_guid(const char *s, efi_guid_t *guid) 82 { 83 uint32_t status; 84 85 /* knows efi_guid_t is binary compatible with uuid_t */ 86 uuid_from_string(s, (uuid_t *)guid, &status); 87 88 return (status == uuid_s_ok ? 0 : -1); 89 } 90 91 static void 92 efi_guid_tbl_compile(void) 93 { 94 size_t i; 95 static bool done = false; 96 struct guid_table *ent; 97 98 if (done) 99 return; 100 for (i = 0; i < nitems(guid_tbl); i++) { 101 ent = &guid_tbl[i]; 102 if (efi_str_to_guid(ent->uuid_str, &ent->guid) != 0) 103 fprintf(stderr, "Can't convert %s to a guid for %s\n", 104 ent->uuid_str, ent->name); 105 } 106 done = true; 107 } 108 109 int 110 efi_known_guid(struct guid_table **tbl) 111 { 112 113 *tbl = guid_tbl; 114 return (nitems(guid_tbl)); 115 } 116 117 static int 118 efi_open_dev(void) 119 { 120 121 if (efi_fd == -2) 122 efi_fd = open("/dev/efi", O_RDWR); 123 if (efi_fd < 0) 124 efi_fd = -1; 125 else 126 efi_guid_tbl_compile(); 127 return (efi_fd); 128 } 129 130 static void 131 efi_var_reset(struct efi_var_ioctl *var) 132 { 133 var->name = NULL; 134 var->namesize = 0; 135 memset(&var->vendor, 0, sizeof(var->vendor)); 136 var->attrib = 0; 137 var->data = NULL; 138 var->datasize = 0; 139 } 140 141 static int 142 rv_to_linux_rv(int rv) 143 { 144 if (rv == 0) 145 rv = 1; 146 else 147 rv = -errno; 148 return (rv); 149 } 150 151 int 152 efi_append_variable(efi_guid_t guid, const char *name, 153 uint8_t *data, size_t data_size, uint32_t attributes) 154 { 155 156 return efi_set_variable(guid, name, data, data_size, 157 attributes | EFI_VARIABLE_APPEND_WRITE); 158 } 159 160 int 161 efi_del_variable(efi_guid_t guid, const char *name) 162 { 163 164 /* data_size of 0 deletes the variable */ 165 return efi_set_variable(guid, name, NULL, 0, 0); 166 } 167 168 int 169 efi_get_variable(efi_guid_t guid, const char *name, 170 uint8_t **data, size_t *data_size, uint32_t *attributes) 171 { 172 struct efi_var_ioctl var; 173 int rv; 174 static uint8_t buf[1024*32]; 175 176 if (efi_open_dev() == -1) 177 return -1; 178 179 efi_var_reset(&var); 180 rv = utf8_to_ucs2(name, &var.name, &var.namesize); 181 if (rv != 0) 182 goto errout; 183 var.vendor = guid; 184 var.data = buf; 185 var.datasize = sizeof(buf); 186 rv = ioctl(efi_fd, EFIIOC_VAR_GET, &var); 187 if (data_size != NULL) 188 *data_size = var.datasize; 189 if (data != NULL) 190 *data = buf; 191 if (attributes != NULL) 192 *attributes = var.attrib; 193 errout: 194 free(var.name); 195 196 return rv_to_linux_rv(rv); 197 } 198 199 int 200 efi_get_variable_attributes(efi_guid_t guid, const char *name, 201 uint32_t *attributes) 202 { 203 /* Make sure this construct works -- I think it will fail */ 204 205 return efi_get_variable(guid, name, NULL, NULL, attributes); 206 } 207 208 int 209 efi_get_variable_size(efi_guid_t guid, const char *name, 210 size_t *size) 211 { 212 213 /* XXX check to make sure this matches the linux value */ 214 215 *size = 0; 216 return efi_get_variable(guid, name, NULL, size, NULL); 217 } 218 219 int 220 efi_get_next_variable_name(efi_guid_t **guid, char **name) 221 { 222 struct efi_var_ioctl var; 223 int rv; 224 static efi_char *buf; 225 static size_t buflen = 256 * sizeof(efi_char); 226 static efi_guid_t retguid; 227 size_t size; 228 229 if (efi_open_dev() == -1) 230 return -1; 231 232 /* 233 * Always allocate enough for an extra NUL on the end, but don't tell 234 * the IOCTL about it so we can NUL terminate the name before converting 235 * it to UTF8. 236 */ 237 if (buf == NULL) 238 buf = malloc(buflen + sizeof(efi_char)); 239 240 again: 241 efi_var_reset(&var); 242 var.name = buf; 243 var.namesize = buflen; 244 if (*name == NULL) { 245 *buf = 0; 246 /* GUID zeroed in var_reset */ 247 } else { 248 rv = utf8_to_ucs2(*name, &var.name, &size); 249 if (rv != 0) 250 goto errout; 251 var.vendor = **guid; 252 } 253 rv = ioctl(efi_fd, EFIIOC_VAR_NEXT, &var); 254 if (rv == 0 && var.name == NULL) { 255 /* 256 * Variable name not long enough, so allocate more space for the 257 * name and try again. As above, mind the NUL we add. 258 */ 259 void *new = realloc(buf, var.namesize + sizeof(efi_char)); 260 if (new == NULL) { 261 rv = -1; 262 errno = ENOMEM; 263 goto done; 264 } 265 buflen = var.namesize; 266 buf = new; 267 goto again; 268 } 269 270 if (rv == 0) { 271 free(*name); /* Free last name, to avoid leaking */ 272 *name = NULL; /* Force ucs2_to_utf8 to malloc new space */ 273 var.name[var.namesize / sizeof(efi_char)] = 0; /* EFI doesn't NUL terminate */ 274 rv = ucs2_to_utf8(var.name, name); 275 if (rv != 0) 276 goto errout; 277 retguid = var.vendor; 278 *guid = &retguid; 279 } 280 errout: 281 282 /* XXX The linux interface expects name to be a static buffer -- fix or leak memory? */ 283 /* XXX for the moment, we free just before we'd leak, but still leak last one */ 284 done: 285 if (rv != 0 && errno == ENOENT) { 286 errno = 0; 287 free(*name); /* Free last name, to avoid leaking */ 288 return 0; 289 } 290 291 return (rv_to_linux_rv(rv)); 292 } 293 294 int 295 efi_guid_cmp(const efi_guid_t *guid1, const efi_guid_t *guid2) 296 { 297 return (memcmp(guid1, guid2, sizeof(*guid1))); 298 } 299 300 int 301 efi_guid_is_zero(const efi_guid_t *guid) 302 { 303 return (memcmp(guid, &efi_guid_empty, sizeof(*guid)) == 0); 304 } 305 306 int 307 efi_guid_to_name(efi_guid_t *guid, char **name) 308 { 309 size_t i; 310 311 efi_guid_tbl_compile(); 312 for (i = 0; i < nitems(guid_tbl); i++) { 313 if (memcmp(guid, &guid_tbl[i].guid, sizeof(*guid)) == 0) { 314 *name = strdup(guid_tbl[i].name); 315 return (0); 316 } 317 } 318 return (efi_guid_to_str(guid, name)); 319 } 320 321 int 322 efi_guid_to_symbol(efi_guid_t *guid __unused, char **symbol __unused) 323 { 324 325 /* 326 * Unsure what this is used for, efibootmgr doesn't use it. 327 * Leave unimplemented for now. 328 */ 329 return -1; 330 } 331 332 int 333 efi_guid_to_str(const efi_guid_t *guid, char **sp) 334 { 335 uint32_t status; 336 337 /* knows efi_guid_t is binary compatible with uuid_t */ 338 uuid_to_string((const uuid_t *)guid, sp, &status); 339 340 return (status == uuid_s_ok ? 0 : -1); 341 } 342 343 int 344 efi_name_to_guid(const char *name, efi_guid_t *guid) 345 { 346 size_t i; 347 348 efi_guid_tbl_compile(); 349 for (i = 0; i < nitems(guid_tbl); i++) { 350 if (strcmp(name, guid_tbl[i].name) == 0) { 351 *guid = guid_tbl[i].guid; 352 return (0); 353 } 354 } 355 return (efi_str_to_guid(name, guid)); 356 } 357 358 int 359 efi_set_variable(efi_guid_t guid, const char *name, 360 uint8_t *data, size_t data_size, uint32_t attributes) 361 { 362 struct efi_var_ioctl var; 363 int rv; 364 365 if (efi_open_dev() == -1) 366 return -1; 367 368 efi_var_reset(&var); 369 rv = utf8_to_ucs2(name, &var.name, &var.namesize); 370 if (rv != 0) 371 goto errout; 372 var.vendor = guid; 373 var.data = data; 374 var.datasize = data_size; 375 var.attrib = attributes; 376 rv = ioctl(efi_fd, EFIIOC_VAR_SET, &var); 377 errout: 378 free(var.name); 379 380 return rv; 381 } 382 383 int 384 efi_variables_supported(void) 385 { 386 387 return efi_open_dev() != -1; 388 } 389