1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2012 Red Hat, Inc. 4 * Copyright (C) 2012 Jeremy Kerr <jeremy.kerr@canonical.com> 5 */ 6 7 #include <linux/ctype.h> 8 #include <linux/efi.h> 9 #include <linux/fs.h> 10 #include <linux/fs_context.h> 11 #include <linux/fs_parser.h> 12 #include <linux/module.h> 13 #include <linux/pagemap.h> 14 #include <linux/ucs2_string.h> 15 #include <linux/slab.h> 16 #include <linux/suspend.h> 17 #include <linux/magic.h> 18 #include <linux/statfs.h> 19 #include <linux/notifier.h> 20 #include <linux/printk.h> 21 #include <linux/namei.h> 22 23 #include "internal.h" 24 #include "../internal.h" 25 26 static int efivarfs_ops_notifier(struct notifier_block *nb, unsigned long event, 27 void *data) 28 { 29 struct efivarfs_fs_info *sfi = container_of(nb, struct efivarfs_fs_info, nb); 30 31 switch (event) { 32 case EFIVAR_OPS_RDONLY: 33 sfi->sb->s_flags |= SB_RDONLY; 34 break; 35 case EFIVAR_OPS_RDWR: 36 sfi->sb->s_flags &= ~SB_RDONLY; 37 break; 38 default: 39 return NOTIFY_DONE; 40 } 41 42 return NOTIFY_OK; 43 } 44 45 static struct inode *efivarfs_alloc_inode(struct super_block *sb) 46 { 47 struct efivar_entry *entry = kzalloc(sizeof(*entry), GFP_KERNEL); 48 49 if (!entry) 50 return NULL; 51 52 inode_init_once(&entry->vfs_inode); 53 entry->removed = false; 54 55 return &entry->vfs_inode; 56 } 57 58 static void efivarfs_free_inode(struct inode *inode) 59 { 60 struct efivar_entry *entry = efivar_entry(inode); 61 62 kfree(entry); 63 } 64 65 static int efivarfs_show_options(struct seq_file *m, struct dentry *root) 66 { 67 struct super_block *sb = root->d_sb; 68 struct efivarfs_fs_info *sbi = sb->s_fs_info; 69 struct efivarfs_mount_opts *opts = &sbi->mount_opts; 70 71 if (!uid_eq(opts->uid, GLOBAL_ROOT_UID)) 72 seq_printf(m, ",uid=%u", 73 from_kuid_munged(&init_user_ns, opts->uid)); 74 if (!gid_eq(opts->gid, GLOBAL_ROOT_GID)) 75 seq_printf(m, ",gid=%u", 76 from_kgid_munged(&init_user_ns, opts->gid)); 77 return 0; 78 } 79 80 static int efivarfs_statfs(struct dentry *dentry, struct kstatfs *buf) 81 { 82 const u32 attr = EFI_VARIABLE_NON_VOLATILE | 83 EFI_VARIABLE_BOOTSERVICE_ACCESS | 84 EFI_VARIABLE_RUNTIME_ACCESS; 85 u64 storage_space, remaining_space, max_variable_size; 86 u64 id = huge_encode_dev(dentry->d_sb->s_dev); 87 efi_status_t status; 88 89 /* Some UEFI firmware does not implement QueryVariableInfo() */ 90 storage_space = remaining_space = 0; 91 if (efi_rt_services_supported(EFI_RT_SUPPORTED_QUERY_VARIABLE_INFO)) { 92 status = efivar_query_variable_info(attr, &storage_space, 93 &remaining_space, 94 &max_variable_size); 95 if (status != EFI_SUCCESS && status != EFI_UNSUPPORTED) 96 pr_warn_ratelimited("query_variable_info() failed: 0x%lx\n", 97 status); 98 } 99 100 /* 101 * This is not a normal filesystem, so no point in pretending it has a block 102 * size; we declare f_bsize to 1, so that we can then report the exact value 103 * sent by EFI QueryVariableInfo in f_blocks and f_bfree 104 */ 105 buf->f_bsize = 1; 106 buf->f_namelen = NAME_MAX; 107 buf->f_blocks = storage_space; 108 buf->f_bfree = remaining_space; 109 buf->f_type = dentry->d_sb->s_magic; 110 buf->f_fsid = u64_to_fsid(id); 111 112 /* 113 * In f_bavail we declare the free space that the kernel will allow writing 114 * when the storage_paranoia x86 quirk is active. To use more, users 115 * should boot the kernel with efi_no_storage_paranoia. 116 */ 117 if (remaining_space > efivar_reserved_space()) 118 buf->f_bavail = remaining_space - efivar_reserved_space(); 119 else 120 buf->f_bavail = 0; 121 122 return 0; 123 } 124 125 static int efivarfs_freeze_fs(struct super_block *sb); 126 static int efivarfs_unfreeze_fs(struct super_block *sb); 127 128 static const struct super_operations efivarfs_ops = { 129 .statfs = efivarfs_statfs, 130 .drop_inode = generic_delete_inode, 131 .alloc_inode = efivarfs_alloc_inode, 132 .free_inode = efivarfs_free_inode, 133 .show_options = efivarfs_show_options, 134 .freeze_fs = efivarfs_freeze_fs, 135 .unfreeze_fs = efivarfs_unfreeze_fs, 136 }; 137 138 /* 139 * Compare two efivarfs file names. 140 * 141 * An efivarfs filename is composed of two parts, 142 * 143 * 1. A case-sensitive variable name 144 * 2. A case-insensitive GUID 145 * 146 * So we need to perform a case-sensitive match on part 1 and a 147 * case-insensitive match on part 2. 148 */ 149 static int efivarfs_d_compare(const struct dentry *dentry, 150 unsigned int len, const char *str, 151 const struct qstr *name) 152 { 153 int guid = len - EFI_VARIABLE_GUID_LEN; 154 155 /* Parallel lookups may produce a temporary invalid filename */ 156 if (guid <= 0) 157 return 1; 158 159 if (name->len != len) 160 return 1; 161 162 /* Case-sensitive compare for the variable name */ 163 if (memcmp(str, name->name, guid)) 164 return 1; 165 166 /* Case-insensitive compare for the GUID */ 167 return strncasecmp(name->name + guid, str + guid, EFI_VARIABLE_GUID_LEN); 168 } 169 170 static int efivarfs_d_hash(const struct dentry *dentry, struct qstr *qstr) 171 { 172 unsigned long hash = init_name_hash(dentry); 173 const unsigned char *s = qstr->name; 174 unsigned int len = qstr->len; 175 176 while (len-- > EFI_VARIABLE_GUID_LEN) 177 hash = partial_name_hash(*s++, hash); 178 179 /* GUID is case-insensitive. */ 180 while (len--) 181 hash = partial_name_hash(tolower(*s++), hash); 182 183 qstr->hash = end_name_hash(hash); 184 return 0; 185 } 186 187 static const struct dentry_operations efivarfs_d_ops = { 188 .d_compare = efivarfs_d_compare, 189 .d_hash = efivarfs_d_hash, 190 }; 191 192 static struct dentry *efivarfs_alloc_dentry(struct dentry *parent, char *name) 193 { 194 struct dentry *d; 195 struct qstr q; 196 int err; 197 198 q.name = name; 199 q.len = strlen(name); 200 201 err = efivarfs_d_hash(parent, &q); 202 if (err) 203 return ERR_PTR(err); 204 205 d = d_alloc(parent, &q); 206 if (d) 207 return d; 208 209 return ERR_PTR(-ENOMEM); 210 } 211 212 bool efivarfs_variable_is_present(efi_char16_t *variable_name, 213 efi_guid_t *vendor, void *data) 214 { 215 char *name = efivar_get_utf8name(variable_name, vendor); 216 struct super_block *sb = data; 217 struct dentry *dentry; 218 219 if (!name) 220 /* 221 * If the allocation failed there'll already be an 222 * error in the log (and likely a huge and growing 223 * number of them since they system will be under 224 * extreme memory pressure), so simply assume 225 * collision for safety but don't add to the log 226 * flood. 227 */ 228 return true; 229 230 dentry = try_lookup_noperm(&QSTR(name), sb->s_root); 231 kfree(name); 232 if (!IS_ERR_OR_NULL(dentry)) 233 dput(dentry); 234 235 return dentry != NULL; 236 } 237 238 static int efivarfs_create_dentry(struct super_block *sb, efi_char16_t *name16, 239 unsigned long name_size, efi_guid_t vendor, 240 char *name) 241 { 242 struct efivar_entry *entry; 243 struct inode *inode; 244 struct dentry *dentry, *root = sb->s_root; 245 unsigned long size = 0; 246 int len; 247 int err = -ENOMEM; 248 bool is_removable = false; 249 250 /* length of the variable name itself: remove GUID and separator */ 251 len = strlen(name) - EFI_VARIABLE_GUID_LEN - 1; 252 253 if (efivar_variable_is_removable(vendor, name, len)) 254 is_removable = true; 255 256 inode = efivarfs_get_inode(sb, d_inode(root), S_IFREG | 0644, 0, 257 is_removable); 258 if (!inode) 259 goto fail_name; 260 261 entry = efivar_entry(inode); 262 263 memcpy(entry->var.VariableName, name16, name_size); 264 memcpy(&(entry->var.VendorGuid), &vendor, sizeof(efi_guid_t)); 265 266 dentry = efivarfs_alloc_dentry(root, name); 267 if (IS_ERR(dentry)) { 268 err = PTR_ERR(dentry); 269 goto fail_inode; 270 } 271 272 __efivar_entry_get(entry, NULL, &size, NULL); 273 274 /* copied by the above to local storage in the dentry. */ 275 kfree(name); 276 277 inode_lock(inode); 278 inode->i_private = entry; 279 i_size_write(inode, size + sizeof(__u32)); /* attributes + data */ 280 inode_unlock(inode); 281 d_add(dentry, inode); 282 283 return 0; 284 285 fail_inode: 286 iput(inode); 287 fail_name: 288 kfree(name); 289 290 return err; 291 } 292 293 static int efivarfs_callback(efi_char16_t *name16, efi_guid_t vendor, 294 unsigned long name_size, void *data) 295 { 296 struct super_block *sb = (struct super_block *)data; 297 char *name; 298 299 if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID)) 300 return 0; 301 302 name = efivar_get_utf8name(name16, &vendor); 303 if (!name) 304 return -ENOMEM; 305 306 return efivarfs_create_dentry(sb, name16, name_size, vendor, name); 307 } 308 309 enum { 310 Opt_uid, Opt_gid, 311 }; 312 313 static const struct fs_parameter_spec efivarfs_parameters[] = { 314 fsparam_uid("uid", Opt_uid), 315 fsparam_gid("gid", Opt_gid), 316 {}, 317 }; 318 319 static int efivarfs_parse_param(struct fs_context *fc, struct fs_parameter *param) 320 { 321 struct efivarfs_fs_info *sbi = fc->s_fs_info; 322 struct efivarfs_mount_opts *opts = &sbi->mount_opts; 323 struct fs_parse_result result; 324 int opt; 325 326 opt = fs_parse(fc, efivarfs_parameters, param, &result); 327 if (opt < 0) 328 return opt; 329 330 switch (opt) { 331 case Opt_uid: 332 opts->uid = result.uid; 333 break; 334 case Opt_gid: 335 opts->gid = result.gid; 336 break; 337 default: 338 return -EINVAL; 339 } 340 341 return 0; 342 } 343 344 static int efivarfs_fill_super(struct super_block *sb, struct fs_context *fc) 345 { 346 struct efivarfs_fs_info *sfi = sb->s_fs_info; 347 struct inode *inode = NULL; 348 struct dentry *root; 349 int err; 350 351 sb->s_maxbytes = MAX_LFS_FILESIZE; 352 sb->s_blocksize = PAGE_SIZE; 353 sb->s_blocksize_bits = PAGE_SHIFT; 354 sb->s_magic = EFIVARFS_MAGIC; 355 sb->s_op = &efivarfs_ops; 356 set_default_d_op(sb, &efivarfs_d_ops); 357 sb->s_d_flags |= DCACHE_DONTCACHE; 358 sb->s_time_gran = 1; 359 360 if (!efivar_supports_writes()) 361 sb->s_flags |= SB_RDONLY; 362 363 inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0, true); 364 if (!inode) 365 return -ENOMEM; 366 inode->i_op = &efivarfs_dir_inode_operations; 367 368 root = d_make_root(inode); 369 sb->s_root = root; 370 if (!root) 371 return -ENOMEM; 372 373 sfi->sb = sb; 374 sfi->nb.notifier_call = efivarfs_ops_notifier; 375 err = blocking_notifier_chain_register(&efivar_ops_nh, &sfi->nb); 376 if (err) 377 return err; 378 379 return efivar_init(efivarfs_callback, sb, true); 380 } 381 382 static int efivarfs_get_tree(struct fs_context *fc) 383 { 384 return get_tree_single(fc, efivarfs_fill_super); 385 } 386 387 static int efivarfs_reconfigure(struct fs_context *fc) 388 { 389 if (!efivar_supports_writes() && !(fc->sb_flags & SB_RDONLY)) { 390 pr_err("Firmware does not support SetVariableRT. Can not remount with rw\n"); 391 return -EINVAL; 392 } 393 394 return 0; 395 } 396 397 static void efivarfs_free(struct fs_context *fc) 398 { 399 kfree(fc->s_fs_info); 400 } 401 402 static const struct fs_context_operations efivarfs_context_ops = { 403 .get_tree = efivarfs_get_tree, 404 .parse_param = efivarfs_parse_param, 405 .reconfigure = efivarfs_reconfigure, 406 .free = efivarfs_free, 407 }; 408 409 static int efivarfs_check_missing(efi_char16_t *name16, efi_guid_t vendor, 410 unsigned long name_size, void *data) 411 { 412 char *name; 413 struct super_block *sb = data; 414 struct dentry *dentry; 415 int err; 416 417 if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID)) 418 return 0; 419 420 name = efivar_get_utf8name(name16, &vendor); 421 if (!name) 422 return -ENOMEM; 423 424 dentry = try_lookup_noperm(&QSTR(name), sb->s_root); 425 if (IS_ERR(dentry)) { 426 err = PTR_ERR(dentry); 427 goto out; 428 } 429 430 if (!dentry) { 431 /* found missing entry */ 432 pr_info("efivarfs: creating variable %s\n", name); 433 return efivarfs_create_dentry(sb, name16, name_size, vendor, name); 434 } 435 436 dput(dentry); 437 err = 0; 438 439 out: 440 kfree(name); 441 442 return err; 443 } 444 445 static struct file_system_type efivarfs_type; 446 447 static int efivarfs_freeze_fs(struct super_block *sb) 448 { 449 /* Nothing for us to do. */ 450 return 0; 451 } 452 453 static int efivarfs_unfreeze_fs(struct super_block *sb) 454 { 455 struct dentry *child = NULL; 456 457 /* 458 * Unconditionally resync the variable state on a thaw request. 459 * Given the size of efivarfs it really doesn't matter to simply 460 * iterate through all of the entries and resync. Freeze/thaw 461 * requests are rare enough for that to not matter and the 462 * number of entries is pretty low too. So we really don't care. 463 */ 464 pr_info("efivarfs: resyncing variable state\n"); 465 for (;;) { 466 int err; 467 unsigned long size = 0; 468 struct inode *inode; 469 struct efivar_entry *entry; 470 471 child = find_next_child(sb->s_root, child); 472 if (!child) 473 break; 474 475 inode = d_inode(child); 476 entry = efivar_entry(inode); 477 478 err = efivar_entry_size(entry, &size); 479 if (err) 480 size = 0; 481 else 482 size += sizeof(__u32); 483 484 inode_lock(inode); 485 i_size_write(inode, size); 486 inode_unlock(inode); 487 488 /* The variable doesn't exist anymore, delete it. */ 489 if (!size) { 490 pr_info("efivarfs: removing variable %pd\n", child); 491 simple_recursive_removal(child, NULL); 492 } 493 } 494 495 efivar_init(efivarfs_check_missing, sb, false); 496 pr_info("efivarfs: finished resyncing variable state\n"); 497 return 0; 498 } 499 500 static int efivarfs_init_fs_context(struct fs_context *fc) 501 { 502 struct efivarfs_fs_info *sfi; 503 504 if (!efivar_is_available()) 505 return -EOPNOTSUPP; 506 507 sfi = kzalloc(sizeof(*sfi), GFP_KERNEL); 508 if (!sfi) 509 return -ENOMEM; 510 511 sfi->mount_opts.uid = GLOBAL_ROOT_UID; 512 sfi->mount_opts.gid = GLOBAL_ROOT_GID; 513 514 fc->s_fs_info = sfi; 515 fc->ops = &efivarfs_context_ops; 516 517 return 0; 518 } 519 520 static void efivarfs_kill_sb(struct super_block *sb) 521 { 522 struct efivarfs_fs_info *sfi = sb->s_fs_info; 523 524 blocking_notifier_chain_unregister(&efivar_ops_nh, &sfi->nb); 525 kill_litter_super(sb); 526 527 kfree(sfi); 528 } 529 530 static struct file_system_type efivarfs_type = { 531 .owner = THIS_MODULE, 532 .name = "efivarfs", 533 .init_fs_context = efivarfs_init_fs_context, 534 .kill_sb = efivarfs_kill_sb, 535 .parameters = efivarfs_parameters, 536 }; 537 538 static __init int efivarfs_init(void) 539 { 540 return register_filesystem(&efivarfs_type); 541 } 542 543 static __exit void efivarfs_exit(void) 544 { 545 unregister_filesystem(&efivarfs_type); 546 } 547 548 MODULE_AUTHOR("Matthew Garrett, Jeremy Kerr"); 549 MODULE_DESCRIPTION("EFI Variable Filesystem"); 550 MODULE_LICENSE("GPL"); 551 MODULE_ALIAS_FS("efivarfs"); 552 553 module_init(efivarfs_init); 554 module_exit(efivarfs_exit); 555