xref: /linux/fs/efivarfs/super.c (revision c4bbe83d27c2446a033cc0381c3fb6be5e8c41c7)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright (C) 2012 Red Hat, Inc.
4  * Copyright (C) 2012 Jeremy Kerr <jeremy.kerr@canonical.com>
5  */
6 
7 #include <linux/ctype.h>
8 #include <linux/efi.h>
9 #include <linux/fs.h>
10 #include <linux/fs_context.h>
11 #include <linux/fs_parser.h>
12 #include <linux/module.h>
13 #include <linux/pagemap.h>
14 #include <linux/ucs2_string.h>
15 #include <linux/slab.h>
16 #include <linux/magic.h>
17 #include <linux/statfs.h>
18 #include <linux/notifier.h>
19 #include <linux/printk.h>
20 
21 #include "internal.h"
22 
23 static int efivarfs_ops_notifier(struct notifier_block *nb, unsigned long event,
24 				 void *data)
25 {
26 	struct efivarfs_fs_info *sfi = container_of(nb, struct efivarfs_fs_info, nb);
27 
28 	switch (event) {
29 	case EFIVAR_OPS_RDONLY:
30 		sfi->sb->s_flags |= SB_RDONLY;
31 		break;
32 	case EFIVAR_OPS_RDWR:
33 		sfi->sb->s_flags &= ~SB_RDONLY;
34 		break;
35 	default:
36 		return NOTIFY_DONE;
37 	}
38 
39 	return NOTIFY_OK;
40 }
41 
42 static void efivarfs_evict_inode(struct inode *inode)
43 {
44 	clear_inode(inode);
45 }
46 
47 static int efivarfs_show_options(struct seq_file *m, struct dentry *root)
48 {
49 	struct super_block *sb = root->d_sb;
50 	struct efivarfs_fs_info *sbi = sb->s_fs_info;
51 	struct efivarfs_mount_opts *opts = &sbi->mount_opts;
52 
53 	if (!uid_eq(opts->uid, GLOBAL_ROOT_UID))
54 		seq_printf(m, ",uid=%u",
55 				from_kuid_munged(&init_user_ns, opts->uid));
56 	if (!gid_eq(opts->gid, GLOBAL_ROOT_GID))
57 		seq_printf(m, ",gid=%u",
58 				from_kgid_munged(&init_user_ns, opts->gid));
59 	return 0;
60 }
61 
62 static int efivarfs_statfs(struct dentry *dentry, struct kstatfs *buf)
63 {
64 	const u32 attr = EFI_VARIABLE_NON_VOLATILE |
65 			 EFI_VARIABLE_BOOTSERVICE_ACCESS |
66 			 EFI_VARIABLE_RUNTIME_ACCESS;
67 	u64 storage_space, remaining_space, max_variable_size;
68 	u64 id = huge_encode_dev(dentry->d_sb->s_dev);
69 	efi_status_t status;
70 
71 	/* Some UEFI firmware does not implement QueryVariableInfo() */
72 	storage_space = remaining_space = 0;
73 	if (efi_rt_services_supported(EFI_RT_SUPPORTED_QUERY_VARIABLE_INFO)) {
74 		status = efivar_query_variable_info(attr, &storage_space,
75 						    &remaining_space,
76 						    &max_variable_size);
77 		if (status != EFI_SUCCESS && status != EFI_UNSUPPORTED)
78 			pr_warn_ratelimited("query_variable_info() failed: 0x%lx\n",
79 					    status);
80 	}
81 
82 	/*
83 	 * This is not a normal filesystem, so no point in pretending it has a block
84 	 * size; we declare f_bsize to 1, so that we can then report the exact value
85 	 * sent by EFI QueryVariableInfo in f_blocks and f_bfree
86 	 */
87 	buf->f_bsize	= 1;
88 	buf->f_namelen	= NAME_MAX;
89 	buf->f_blocks	= storage_space;
90 	buf->f_bfree	= remaining_space;
91 	buf->f_type	= dentry->d_sb->s_magic;
92 	buf->f_fsid	= u64_to_fsid(id);
93 
94 	/*
95 	 * In f_bavail we declare the free space that the kernel will allow writing
96 	 * when the storage_paranoia x86 quirk is active. To use more, users
97 	 * should boot the kernel with efi_no_storage_paranoia.
98 	 */
99 	if (remaining_space > efivar_reserved_space())
100 		buf->f_bavail = remaining_space - efivar_reserved_space();
101 	else
102 		buf->f_bavail = 0;
103 
104 	return 0;
105 }
106 static const struct super_operations efivarfs_ops = {
107 	.statfs = efivarfs_statfs,
108 	.drop_inode = generic_delete_inode,
109 	.evict_inode = efivarfs_evict_inode,
110 	.show_options = efivarfs_show_options,
111 };
112 
113 /*
114  * Compare two efivarfs file names.
115  *
116  * An efivarfs filename is composed of two parts,
117  *
118  *	1. A case-sensitive variable name
119  *	2. A case-insensitive GUID
120  *
121  * So we need to perform a case-sensitive match on part 1 and a
122  * case-insensitive match on part 2.
123  */
124 static int efivarfs_d_compare(const struct dentry *dentry,
125 			      unsigned int len, const char *str,
126 			      const struct qstr *name)
127 {
128 	int guid = len - EFI_VARIABLE_GUID_LEN;
129 
130 	if (name->len != len)
131 		return 1;
132 
133 	/* Case-sensitive compare for the variable name */
134 	if (memcmp(str, name->name, guid))
135 		return 1;
136 
137 	/* Case-insensitive compare for the GUID */
138 	return strncasecmp(name->name + guid, str + guid, EFI_VARIABLE_GUID_LEN);
139 }
140 
141 static int efivarfs_d_hash(const struct dentry *dentry, struct qstr *qstr)
142 {
143 	unsigned long hash = init_name_hash(dentry);
144 	const unsigned char *s = qstr->name;
145 	unsigned int len = qstr->len;
146 
147 	if (!efivarfs_valid_name(s, len))
148 		return -EINVAL;
149 
150 	while (len-- > EFI_VARIABLE_GUID_LEN)
151 		hash = partial_name_hash(*s++, hash);
152 
153 	/* GUID is case-insensitive. */
154 	while (len--)
155 		hash = partial_name_hash(tolower(*s++), hash);
156 
157 	qstr->hash = end_name_hash(hash);
158 	return 0;
159 }
160 
161 static const struct dentry_operations efivarfs_d_ops = {
162 	.d_compare = efivarfs_d_compare,
163 	.d_hash = efivarfs_d_hash,
164 	.d_delete = always_delete_dentry,
165 };
166 
167 static struct dentry *efivarfs_alloc_dentry(struct dentry *parent, char *name)
168 {
169 	struct dentry *d;
170 	struct qstr q;
171 	int err;
172 
173 	q.name = name;
174 	q.len = strlen(name);
175 
176 	err = efivarfs_d_hash(parent, &q);
177 	if (err)
178 		return ERR_PTR(err);
179 
180 	d = d_alloc(parent, &q);
181 	if (d)
182 		return d;
183 
184 	return ERR_PTR(-ENOMEM);
185 }
186 
187 static int efivarfs_callback(efi_char16_t *name16, efi_guid_t vendor,
188 			     unsigned long name_size, void *data,
189 			     struct list_head *list)
190 {
191 	struct super_block *sb = (struct super_block *)data;
192 	struct efivar_entry *entry;
193 	struct inode *inode = NULL;
194 	struct dentry *dentry, *root = sb->s_root;
195 	unsigned long size = 0;
196 	char *name;
197 	int len;
198 	int err = -ENOMEM;
199 	bool is_removable = false;
200 
201 	if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID))
202 		return 0;
203 
204 	entry = kzalloc(sizeof(*entry), GFP_KERNEL);
205 	if (!entry)
206 		return err;
207 
208 	memcpy(entry->var.VariableName, name16, name_size);
209 	memcpy(&(entry->var.VendorGuid), &vendor, sizeof(efi_guid_t));
210 
211 	len = ucs2_utf8size(entry->var.VariableName);
212 
213 	/* name, plus '-', plus GUID, plus NUL*/
214 	name = kmalloc(len + 1 + EFI_VARIABLE_GUID_LEN + 1, GFP_KERNEL);
215 	if (!name)
216 		goto fail;
217 
218 	ucs2_as_utf8(name, entry->var.VariableName, len);
219 
220 	if (efivar_variable_is_removable(entry->var.VendorGuid, name, len))
221 		is_removable = true;
222 
223 	name[len] = '-';
224 
225 	efi_guid_to_str(&entry->var.VendorGuid, name + len + 1);
226 
227 	name[len + EFI_VARIABLE_GUID_LEN+1] = '\0';
228 
229 	/* replace invalid slashes like kobject_set_name_vargs does for /sys/firmware/efi/vars. */
230 	strreplace(name, '/', '!');
231 
232 	inode = efivarfs_get_inode(sb, d_inode(root), S_IFREG | 0644, 0,
233 				   is_removable);
234 	if (!inode)
235 		goto fail_name;
236 
237 	dentry = efivarfs_alloc_dentry(root, name);
238 	if (IS_ERR(dentry)) {
239 		err = PTR_ERR(dentry);
240 		goto fail_inode;
241 	}
242 
243 	__efivar_entry_get(entry, NULL, &size, NULL);
244 	__efivar_entry_add(entry, list);
245 
246 	/* copied by the above to local storage in the dentry. */
247 	kfree(name);
248 
249 	inode_lock(inode);
250 	inode->i_private = entry;
251 	i_size_write(inode, size + sizeof(entry->var.Attributes));
252 	inode_unlock(inode);
253 	d_add(dentry, inode);
254 
255 	return 0;
256 
257 fail_inode:
258 	iput(inode);
259 fail_name:
260 	kfree(name);
261 fail:
262 	kfree(entry);
263 	return err;
264 }
265 
266 static int efivarfs_destroy(struct efivar_entry *entry, void *data)
267 {
268 	efivar_entry_remove(entry);
269 	kfree(entry);
270 	return 0;
271 }
272 
273 enum {
274 	Opt_uid, Opt_gid,
275 };
276 
277 static const struct fs_parameter_spec efivarfs_parameters[] = {
278 	fsparam_u32("uid", Opt_uid),
279 	fsparam_u32("gid", Opt_gid),
280 	{},
281 };
282 
283 static int efivarfs_parse_param(struct fs_context *fc, struct fs_parameter *param)
284 {
285 	struct efivarfs_fs_info *sbi = fc->s_fs_info;
286 	struct efivarfs_mount_opts *opts = &sbi->mount_opts;
287 	struct fs_parse_result result;
288 	int opt;
289 
290 	opt = fs_parse(fc, efivarfs_parameters, param, &result);
291 	if (opt < 0)
292 		return opt;
293 
294 	switch (opt) {
295 	case Opt_uid:
296 		opts->uid = make_kuid(current_user_ns(), result.uint_32);
297 		if (!uid_valid(opts->uid))
298 			return -EINVAL;
299 		break;
300 	case Opt_gid:
301 		opts->gid = make_kgid(current_user_ns(), result.uint_32);
302 		if (!gid_valid(opts->gid))
303 			return -EINVAL;
304 		break;
305 	default:
306 		return -EINVAL;
307 	}
308 
309 	return 0;
310 }
311 
312 static int efivarfs_fill_super(struct super_block *sb, struct fs_context *fc)
313 {
314 	struct efivarfs_fs_info *sfi = sb->s_fs_info;
315 	struct inode *inode = NULL;
316 	struct dentry *root;
317 	int err;
318 
319 	sb->s_maxbytes          = MAX_LFS_FILESIZE;
320 	sb->s_blocksize         = PAGE_SIZE;
321 	sb->s_blocksize_bits    = PAGE_SHIFT;
322 	sb->s_magic             = EFIVARFS_MAGIC;
323 	sb->s_op                = &efivarfs_ops;
324 	sb->s_d_op		= &efivarfs_d_ops;
325 	sb->s_time_gran         = 1;
326 
327 	if (!efivar_supports_writes())
328 		sb->s_flags |= SB_RDONLY;
329 
330 	inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0, true);
331 	if (!inode)
332 		return -ENOMEM;
333 	inode->i_op = &efivarfs_dir_inode_operations;
334 
335 	root = d_make_root(inode);
336 	sb->s_root = root;
337 	if (!root)
338 		return -ENOMEM;
339 
340 	sfi->sb = sb;
341 	sfi->nb.notifier_call = efivarfs_ops_notifier;
342 	err = blocking_notifier_chain_register(&efivar_ops_nh, &sfi->nb);
343 	if (err)
344 		return err;
345 
346 	err = efivar_init(efivarfs_callback, (void *)sb, true,
347 			  &sfi->efivarfs_list);
348 	if (err)
349 		efivar_entry_iter(efivarfs_destroy, &sfi->efivarfs_list, NULL);
350 
351 	return err;
352 }
353 
354 static int efivarfs_get_tree(struct fs_context *fc)
355 {
356 	return get_tree_single(fc, efivarfs_fill_super);
357 }
358 
359 static int efivarfs_reconfigure(struct fs_context *fc)
360 {
361 	if (!efivar_supports_writes() && !(fc->sb_flags & SB_RDONLY)) {
362 		pr_err("Firmware does not support SetVariableRT. Can not remount with rw\n");
363 		return -EINVAL;
364 	}
365 
366 	return 0;
367 }
368 
369 static const struct fs_context_operations efivarfs_context_ops = {
370 	.get_tree	= efivarfs_get_tree,
371 	.parse_param	= efivarfs_parse_param,
372 	.reconfigure	= efivarfs_reconfigure,
373 };
374 
375 static int efivarfs_init_fs_context(struct fs_context *fc)
376 {
377 	struct efivarfs_fs_info *sfi;
378 
379 	if (!efivar_is_available())
380 		return -EOPNOTSUPP;
381 
382 	sfi = kzalloc(sizeof(*sfi), GFP_KERNEL);
383 	if (!sfi)
384 		return -ENOMEM;
385 
386 	INIT_LIST_HEAD(&sfi->efivarfs_list);
387 
388 	sfi->mount_opts.uid = GLOBAL_ROOT_UID;
389 	sfi->mount_opts.gid = GLOBAL_ROOT_GID;
390 
391 	fc->s_fs_info = sfi;
392 	fc->ops = &efivarfs_context_ops;
393 	return 0;
394 }
395 
396 static void efivarfs_kill_sb(struct super_block *sb)
397 {
398 	struct efivarfs_fs_info *sfi = sb->s_fs_info;
399 
400 	blocking_notifier_chain_unregister(&efivar_ops_nh, &sfi->nb);
401 	kill_litter_super(sb);
402 
403 	/* Remove all entries and destroy */
404 	efivar_entry_iter(efivarfs_destroy, &sfi->efivarfs_list, NULL);
405 	kfree(sfi);
406 }
407 
408 static struct file_system_type efivarfs_type = {
409 	.owner   = THIS_MODULE,
410 	.name    = "efivarfs",
411 	.init_fs_context = efivarfs_init_fs_context,
412 	.kill_sb = efivarfs_kill_sb,
413 	.parameters = efivarfs_parameters,
414 };
415 
416 static __init int efivarfs_init(void)
417 {
418 	return register_filesystem(&efivarfs_type);
419 }
420 
421 static __exit void efivarfs_exit(void)
422 {
423 	unregister_filesystem(&efivarfs_type);
424 }
425 
426 MODULE_AUTHOR("Matthew Garrett, Jeremy Kerr");
427 MODULE_DESCRIPTION("EFI Variable Filesystem");
428 MODULE_LICENSE("GPL");
429 MODULE_ALIAS_FS("efivarfs");
430 
431 module_init(efivarfs_init);
432 module_exit(efivarfs_exit);
433