/** @file
Var Check PCD handler.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/VarCheckLib.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/DxeServicesLib.h>
#include "VarCheckPcdStructure.h"
//#define DUMP_VAR_CHECK_PCD
GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 mVarCheckPcdHex[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
/**
Dump some hexadecimal data.
@param[in] Indent How many spaces to indent the output.
@param[in] Offset The offset of the dump.
@param[in] DataSize The size in bytes of UserData.
@param[in] UserData The data to dump.
**/
VOID
VarCheckPcdInternalDumpHex (
IN UINTN Indent,
IN UINTN Offset,
IN UINTN DataSize,
IN VOID *UserData
)
{
UINT8 *Data;
CHAR8 Val[50];
CHAR8 Str[20];
UINT8 TempByte;
UINTN Size;
UINTN Index;
Data = UserData;
while (DataSize != 0) {
Size = 16;
if (Size > DataSize) {
Size = DataSize;
}
for (Index = 0; Index < Size; Index += 1) {
TempByte = Data[Index];
Val[Index * 3 + 0] = mVarCheckPcdHex[TempByte >> 4];
Val[Index * 3 + 1] = mVarCheckPcdHex[TempByte & 0xF];
Val[Index * 3 + 2] = (CHAR8) ((Index == 7) ? '-' : ' ');
Str[Index] = (CHAR8) ((TempByte < ' ' || TempByte > 'z') ? '.' : TempByte);
}
Val[Index * 3] = 0;
Str[Index] = 0;
DEBUG ((EFI_D_INFO, "%*a%08X: %-48a *%a*\r\n", Indent, "", Offset, Val, Str));
Data += Size;
Offset += Size;
DataSize -= Size;
}
}
/**
Var Check Pcd ValidData.
@param[in] PcdValidData Pointer to Pcd ValidData
@param[in] Data Data pointer.
@param[in] DataSize Size of Data to set.
@retval TRUE Check pass
@retval FALSE Check fail.
**/
BOOLEAN
VarCheckPcdValidData (
IN VAR_CHECK_PCD_VALID_DATA_HEADER *PcdValidData,
IN VOID *Data,
IN UINTN DataSize
)
{
UINT64 OneData;
UINT64 Minimum;
UINT64 Maximum;
UINT64 OneValue;
UINT8 *Ptr;
OneData = 0;
CopyMem (&OneData, (UINT8 *) Data + PcdValidData->VarOffset, PcdValidData->StorageWidth);
switch (PcdValidData->Type) {
case VarCheckPcdValidList:
Ptr = (UINT8 *) ((VAR_CHECK_PCD_VALID_LIST *) PcdValidData + 1);
while ((UINTN) Ptr < (UINTN) PcdValidData + PcdValidData->Length) {
OneValue = 0;
CopyMem (&OneValue, Ptr, PcdValidData->StorageWidth);
if (OneData == OneValue) {
//
// Match
//
break;
}
Ptr += PcdValidData->StorageWidth;
}
if ((UINTN) Ptr >= ((UINTN) PcdValidData + PcdValidData->Length)) {
//
// No match
//
DEBUG ((EFI_D_INFO, "VarCheckPcdValidData fail: ValidList mismatch (0x%lx)\n", OneData));
DEBUG_CODE (VarCheckPcdInternalDumpHex (2, 0, PcdValidData->Length, (UINT8 *) PcdValidData););
return FALSE;
}
break;
case VarCheckPcdValidRange:
Minimum = 0;
Maximum = 0;
Ptr = (UINT8 *) ((VAR_CHECK_PCD_VALID_RANGE *) PcdValidData + 1);
while ((UINTN) Ptr < (UINTN) PcdValidData + PcdValidData->Length) {
CopyMem (&Minimum, Ptr, PcdValidData->StorageWidth);
Ptr += PcdValidData->StorageWidth;
CopyMem (&Maximum, Ptr, PcdValidData->StorageWidth);
Ptr += PcdValidData->StorageWidth;
if ((OneData >= Minimum) && (OneData <= Maximum)) {
return TRUE;
}
}
DEBUG ((EFI_D_INFO, "VarCheckPcdValidData fail: ValidRange mismatch (0x%lx)\n", OneData));
DEBUG_CODE (VarCheckPcdInternalDumpHex (2, 0, PcdValidData->Length, (UINT8 *) PcdValidData););
return FALSE;
break;
default:
ASSERT (FALSE);
break;
}
return TRUE;
}
VAR_CHECK_PCD_VARIABLE_HEADER *mVarCheckPcdBin = NULL;
UINTN mVarCheckPcdBinSize = 0;
/**
SetVariable check handler PCD.
@param[in] VariableName Name of Variable to set.
@param[in] VendorGuid Variable vendor GUID.
@param[in] Attributes Attribute value of the variable.
@param[in] DataSize Size of Data to set.
@param[in] Data Data pointer.
@retval EFI_SUCCESS The SetVariable check result was success.
@retval EFI_SECURITY_VIOLATION Check fail.
**/
EFI_STATUS
EFIAPI
SetVariableCheckHandlerPcd (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid,
IN UINT32 Attributes,
IN UINTN DataSize,
IN VOID *Data
)
{
VAR_CHECK_PCD_VARIABLE_HEADER *PcdVariable;
VAR_CHECK_PCD_VALID_DATA_HEADER *PcdValidData;
if (mVarCheckPcdBin == NULL) {
return EFI_SUCCESS;
}
if ((((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) && (DataSize == 0)) || (Attributes == 0)) {
//
// Do not check delete variable.
//
return EFI_SUCCESS;
}
//
// For Pcd Variable header align.
//
PcdVariable = (VAR_CHECK_PCD_VARIABLE_HEADER *) HEADER_ALIGN (mVarCheckPcdBin);
while ((UINTN) PcdVariable < ((UINTN) mVarCheckPcdBin + mVarCheckPcdBinSize)) {
if ((StrCmp ((CHAR16 *) (PcdVariable + 1), VariableName) == 0) &&
(CompareGuid (&PcdVariable->Guid, VendorGuid))) {
//
// Found the Pcd Variable that could be used to do check.
//
DEBUG ((EFI_D_INFO, "VarCheckPcdVariable - %s:%g with Attributes = 0x%08x Size = 0x%x\n", VariableName, VendorGuid, Attributes, DataSize));
if ((PcdVariable->Attributes != 0) && PcdVariable->Attributes != Attributes) {
DEBUG ((EFI_D_INFO, "VarCheckPcdVariable fail for Attributes - 0x%08x\n", PcdVariable->Attributes));
return EFI_SECURITY_VIOLATION;
}
if (DataSize == 0) {
DEBUG ((EFI_D_INFO, "VarCheckPcdVariable - CHECK PASS with DataSize == 0 !\n"));
return EFI_SUCCESS;
}
//
// Do the check.
// For Pcd ValidData header align.
//
PcdValidData = (VAR_CHECK_PCD_VALID_DATA_HEADER *) HEADER_ALIGN (((UINTN) PcdVariable + PcdVariable->HeaderLength));
while ((UINTN) PcdValidData < ((UINTN) PcdVariable + PcdVariable->Length)) {
if (((UINTN) PcdValidData->VarOffset + PcdValidData->StorageWidth) <= DataSize) {
if (!VarCheckPcdValidData (PcdValidData, Data, DataSize)) {
return EFI_SECURITY_VIOLATION;
}
}
//
// For Pcd ValidData header align.
//
PcdValidData = (VAR_CHECK_PCD_VALID_DATA_HEADER *) HEADER_ALIGN (((UINTN) PcdValidData + PcdValidData->Length));
}
DEBUG ((EFI_D_INFO, "VarCheckPcdVariable - ALL CHECK PASS!\n"));
return EFI_SUCCESS;
}
//
// For Pcd Variable header align.
//
PcdVariable = (VAR_CHECK_PCD_VARIABLE_HEADER *) HEADER_ALIGN (((UINTN) PcdVariable + PcdVariable->Length));
}
// Not found, so pass.
return EFI_SUCCESS;
}
#ifdef DUMP_VAR_CHECK_PCD
/**
Dump Pcd ValidData.
@param[in] PcdValidData Pointer to Pcd ValidData.
**/
VOID
DumpPcdValidData (
IN VAR_CHECK_PCD_VALID_DATA_HEADER *PcdValidData
)
{
UINT64 Minimum;
UINT64 Maximum;
UINT64 OneValue;
UINT8 *Ptr;
DEBUG ((EFI_D_INFO, " VAR_CHECK_PCD_VALID_DATA_HEADER\n"));
DEBUG ((EFI_D_INFO, " Type - 0x%02x\n", PcdValidData->Type));
DEBUG ((EFI_D_INFO, " Length - 0x%02x\n", PcdValidData->Length));
DEBUG ((EFI_D_INFO, " VarOffset - 0x%04x\n", PcdValidData->VarOffset));
DEBUG ((EFI_D_INFO, " StorageWidth - 0x%02x\n", PcdValidData->StorageWidth));
switch (PcdValidData->Type) {
case VarCheckPcdValidList:
Ptr = (UINT8 *) ((VAR_CHECK_PCD_VALID_LIST *) PcdValidData + 1);
while ((UINTN) Ptr < ((UINTN) PcdValidData + PcdValidData->Length)) {
OneValue = 0;
CopyMem (&OneValue, Ptr, PcdValidData->StorageWidth);
switch (PcdValidData->StorageWidth) {
case sizeof (UINT8):
DEBUG ((EFI_D_INFO, " ValidList - 0x%02x\n", OneValue));
break;
case sizeof (UINT16):
DEBUG ((EFI_D_INFO, " ValidList - 0x%04x\n", OneValue));
break;
case sizeof (UINT32):
DEBUG ((EFI_D_INFO, " ValidList - 0x%08x\n", OneValue));
break;
case sizeof (UINT64):
DEBUG ((EFI_D_INFO, " ValidList - 0x%016lx\n", OneValue));
break;
default:
ASSERT (FALSE);
break;
}
Ptr += PcdValidData->StorageWidth;
}
break;
case VarCheckPcdValidRange:
Minimum = 0;
Maximum = 0;
Ptr = (UINT8 *) ((VAR_CHECK_PCD_VALID_RANGE *) PcdValidData + 1);
while ((UINTN) Ptr < (UINTN) PcdValidData + PcdValidData->Length) {
CopyMem (&Minimum, Ptr, PcdValidData->StorageWidth);
Ptr += PcdValidData->StorageWidth;
CopyMem (&Maximum, Ptr, PcdValidData->StorageWidth);
Ptr += PcdValidData->StorageWidth;
switch (PcdValidData->StorageWidth) {
case sizeof (UINT8):
DEBUG ((EFI_D_INFO, " Minimum - 0x%02x\n", Minimum));
DEBUG ((EFI_D_INFO, " Maximum - 0x%02x\n", Maximum));
break;
case sizeof (UINT16):
DEBUG ((EFI_D_INFO, " Minimum - 0x%04x\n", Minimum));
DEBUG ((EFI_D_INFO, " Maximum - 0x%04x\n", Maximum));
break;
case sizeof (UINT32):
DEBUG ((EFI_D_INFO, " Minimum - 0x%08x\n", Minimum));
DEBUG ((EFI_D_INFO, " Maximum - 0x%08x\n", Maximum));
break;
case sizeof (UINT64):
DEBUG ((EFI_D_INFO, " Minimum - 0x%016lx\n", Minimum));
DEBUG ((EFI_D_INFO, " Maximum - 0x%016lx\n", Maximum));
break;
default:
ASSERT (FALSE);
break;
}
}
break;
default:
ASSERT (FALSE);
break;
}
}
/**
Dump Pcd Variable.
@param[in] PcdVariable Pointer to Pcd Variable.
**/
VOID
DumpPcdVariable (
IN VAR_CHECK_PCD_VARIABLE_HEADER *PcdVariable
)
{
VAR_CHECK_PCD_VALID_DATA_HEADER *PcdValidData;
DEBUG ((EFI_D_INFO, "VAR_CHECK_PCD_VARIABLE_HEADER\n"));
DEBUG ((EFI_D_INFO, " Revision - 0x%04x\n", PcdVariable->Revision));
DEBUG ((EFI_D_INFO, " HeaderLength - 0x%04x\n", PcdVariable->HeaderLength));
DEBUG ((EFI_D_INFO, " Length - 0x%08x\n", PcdVariable->Length));
DEBUG ((EFI_D_INFO, " Type - 0x%02x\n", PcdVariable->Type));
DEBUG ((EFI_D_INFO, " Attributes - 0x%08x\n", PcdVariable->Attributes));
DEBUG ((EFI_D_INFO, " Guid - %g\n", &PcdVariable->Guid));
DEBUG ((EFI_D_INFO, " Name - %s\n", PcdVariable + 1));
//
// For Pcd ValidData header align.
//
PcdValidData = (VAR_CHECK_PCD_VALID_DATA_HEADER *) HEADER_ALIGN (((UINTN) PcdVariable + PcdVariable->HeaderLength));
while ((UINTN) PcdValidData < ((UINTN) PcdVariable + PcdVariable->Length)) {
//
// Dump Pcd ValidData related to the Pcd Variable.
//
DumpPcdValidData (PcdValidData);
//
// For Pcd ValidData header align.
//
PcdValidData = (VAR_CHECK_PCD_VALID_DATA_HEADER *) HEADER_ALIGN (((UINTN) PcdValidData + PcdValidData->Length));
}
}
/**
Dump Var Check PCD.
@param[in] VarCheckPcdBin Pointer to VarCheckPcdBin.
@param[in] VarCheckPcdBinSize VarCheckPcdBin size.
**/
VOID
DumpVarCheckPcd (
IN VOID *VarCheckPcdBin,
IN UINTN VarCheckPcdBinSize
)
{
VAR_CHECK_PCD_VARIABLE_HEADER *PcdVariable;
DEBUG ((EFI_D_INFO, "DumpVarCheckPcd\n"));
//
// For Pcd Variable header align.
//
PcdVariable = (VAR_CHECK_PCD_VARIABLE_HEADER *) HEADER_ALIGN (VarCheckPcdBin);
while ((UINTN) PcdVariable < ((UINTN) VarCheckPcdBin + VarCheckPcdBinSize)) {
DumpPcdVariable (PcdVariable);
//
// For Pcd Variable header align.
//
PcdVariable = (VAR_CHECK_PCD_VARIABLE_HEADER *) HEADER_ALIGN (((UINTN) PcdVariable + PcdVariable->Length));
}
}
#endif
/**
Locate VarCheckPcdBin.
**/
VOID
EFIAPI
LocateVarCheckPcdBin (
VOID
)
{
EFI_STATUS Status;
VAR_CHECK_PCD_VARIABLE_HEADER *VarCheckPcdBin;
UINTN VarCheckPcdBinSize;
//
// Search the VarCheckPcdBin from the first RAW section of current FFS.
//
Status = GetSectionFromFfs (
EFI_SECTION_RAW,
0,
(VOID **) &VarCheckPcdBin,
&VarCheckPcdBinSize
);
if (!EFI_ERROR (Status)) {
//
// AllocateRuntimeZeroPool () from MemoryAllocateLib is used for runtime access
// in SetVariable check handler.
//
mVarCheckPcdBin = AllocateRuntimeCopyPool (VarCheckPcdBinSize, VarCheckPcdBin);
ASSERT (mVarCheckPcdBin != NULL);
mVarCheckPcdBinSize = VarCheckPcdBinSize;
FreePool (VarCheckPcdBin);
DEBUG ((EFI_D_INFO, "VarCheckPcdBin - at 0x%x size = 0x%x\n", mVarCheckPcdBin, mVarCheckPcdBinSize));
#ifdef DUMP_VAR_CHECK_PCD
DEBUG_CODE (
DumpVarCheckPcd (mVarCheckPcdBin, mVarCheckPcdBinSize);
);
#endif
} else {
DEBUG ((EFI_D_INFO, "[VarCheckPcd] No VarCheckPcdBin found at the first RAW section\n"));
}
}
/**
Constructor function of VarCheckPcdLib to register var check PCD handler.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The constructor executed correctly.
**/
EFI_STATUS
EFIAPI
VarCheckPcdLibNullClassConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
LocateVarCheckPcdBin ();
VarCheckLibRegisterAddressPointer ((VOID **) &mVarCheckPcdBin);
VarCheckLibRegisterSetVariableCheckHandler (SetVariableCheckHandlerPcd);
return EFI_SUCCESS;
}