14febfb8dSArd Biesheuvel // SPDX-License-Identifier: GPL-2.0+
2ff6301daSIvan Hu /*
3ff6301daSIvan Hu * EFI Test Driver for Runtime Services
4ff6301daSIvan Hu *
5ff6301daSIvan Hu * Copyright(C) 2012-2016 Canonical Ltd.
6ff6301daSIvan Hu *
7ff6301daSIvan Hu * This driver exports EFI runtime services interfaces into userspace, which
8ff6301daSIvan Hu * allow to use and test UEFI runtime services provided by firmware.
9ff6301daSIvan Hu *
10ff6301daSIvan Hu */
11ff6301daSIvan Hu
12ff6301daSIvan Hu #include <linux/miscdevice.h>
13ff6301daSIvan Hu #include <linux/module.h>
14ff6301daSIvan Hu #include <linux/init.h>
15ff6301daSIvan Hu #include <linux/proc_fs.h>
16ff6301daSIvan Hu #include <linux/efi.h>
17359efcc2SJavier Martinez Canillas #include <linux/security.h>
18ff6301daSIvan Hu #include <linux/slab.h>
19ff6301daSIvan Hu #include <linux/uaccess.h>
20ff6301daSIvan Hu
21ff6301daSIvan Hu #include "efi_test.h"
22ff6301daSIvan Hu
23ff6301daSIvan Hu MODULE_AUTHOR("Ivan Hu <ivan.hu@canonical.com>");
24ff6301daSIvan Hu MODULE_DESCRIPTION("EFI Test Driver");
25ff6301daSIvan Hu MODULE_LICENSE("GPL");
26ff6301daSIvan Hu
27ff6301daSIvan Hu /*
28ff6301daSIvan Hu * Count the bytes in 'str', including the terminating NULL.
29ff6301daSIvan Hu *
30ff6301daSIvan Hu * Note this function returns the number of *bytes*, not the number of
31ff6301daSIvan Hu * ucs2 characters.
32ff6301daSIvan Hu */
user_ucs2_strsize(efi_char16_t __user * str)33ff6301daSIvan Hu static inline size_t user_ucs2_strsize(efi_char16_t __user *str)
34ff6301daSIvan Hu {
35ff6301daSIvan Hu efi_char16_t *s = str, c;
36ff6301daSIvan Hu size_t len;
37ff6301daSIvan Hu
38ff6301daSIvan Hu if (!str)
39ff6301daSIvan Hu return 0;
40ff6301daSIvan Hu
41ff6301daSIvan Hu /* Include terminating NULL */
42ff6301daSIvan Hu len = sizeof(efi_char16_t);
43ff6301daSIvan Hu
44ff6301daSIvan Hu if (get_user(c, s++)) {
45ff6301daSIvan Hu /* Can't read userspace memory for size */
46ff6301daSIvan Hu return 0;
47ff6301daSIvan Hu }
48ff6301daSIvan Hu
49ff6301daSIvan Hu while (c != 0) {
50ff6301daSIvan Hu if (get_user(c, s++)) {
51ff6301daSIvan Hu /* Can't read userspace memory for size */
52ff6301daSIvan Hu return 0;
53ff6301daSIvan Hu }
54ff6301daSIvan Hu len += sizeof(efi_char16_t);
55ff6301daSIvan Hu }
56ff6301daSIvan Hu return len;
57ff6301daSIvan Hu }
58ff6301daSIvan Hu
59ff6301daSIvan Hu /*
60ff6301daSIvan Hu * Allocate a buffer and copy a ucs2 string from user space into it.
61ff6301daSIvan Hu */
62ff6301daSIvan Hu static inline int
copy_ucs2_from_user_len(efi_char16_t ** dst,efi_char16_t __user * src,size_t len)63ff6301daSIvan Hu copy_ucs2_from_user_len(efi_char16_t **dst, efi_char16_t __user *src,
64ff6301daSIvan Hu size_t len)
65ff6301daSIvan Hu {
66ff6301daSIvan Hu efi_char16_t *buf;
67ff6301daSIvan Hu
68ff6301daSIvan Hu if (!src) {
69ff6301daSIvan Hu *dst = NULL;
70ff6301daSIvan Hu return 0;
71ff6301daSIvan Hu }
72ff6301daSIvan Hu
735f72cad6SGeliang Tang buf = memdup_user(src, len);
745f72cad6SGeliang Tang if (IS_ERR(buf)) {
75ff6301daSIvan Hu *dst = NULL;
765f72cad6SGeliang Tang return PTR_ERR(buf);
77ff6301daSIvan Hu }
78ff6301daSIvan Hu *dst = buf;
79ff6301daSIvan Hu
80ff6301daSIvan Hu return 0;
81ff6301daSIvan Hu }
82ff6301daSIvan Hu
83ff6301daSIvan Hu /*
84ff6301daSIvan Hu * Count the bytes in 'str', including the terminating NULL.
85ff6301daSIvan Hu *
86ff6301daSIvan Hu * Just a wrap for user_ucs2_strsize
87ff6301daSIvan Hu */
88ff6301daSIvan Hu static inline int
get_ucs2_strsize_from_user(efi_char16_t __user * src,size_t * len)89ff6301daSIvan Hu get_ucs2_strsize_from_user(efi_char16_t __user *src, size_t *len)
90ff6301daSIvan Hu {
91ff6301daSIvan Hu *len = user_ucs2_strsize(src);
92ff6301daSIvan Hu if (*len == 0)
93ff6301daSIvan Hu return -EFAULT;
94ff6301daSIvan Hu
95ff6301daSIvan Hu return 0;
96ff6301daSIvan Hu }
97ff6301daSIvan Hu
98ff6301daSIvan Hu /*
99ff6301daSIvan Hu * Calculate the required buffer allocation size and copy a ucs2 string
100ff6301daSIvan Hu * from user space into it.
101ff6301daSIvan Hu *
102ff6301daSIvan Hu * This function differs from copy_ucs2_from_user_len() because it
103ff6301daSIvan Hu * calculates the size of the buffer to allocate by taking the length of
104ff6301daSIvan Hu * the string 'src'.
105ff6301daSIvan Hu *
106ff6301daSIvan Hu * If a non-zero value is returned, the caller MUST NOT access 'dst'.
107ff6301daSIvan Hu *
108ff6301daSIvan Hu * It is the caller's responsibility to free 'dst'.
109ff6301daSIvan Hu */
110ff6301daSIvan Hu static inline int
copy_ucs2_from_user(efi_char16_t ** dst,efi_char16_t __user * src)111ff6301daSIvan Hu copy_ucs2_from_user(efi_char16_t **dst, efi_char16_t __user *src)
112ff6301daSIvan Hu {
113ff6301daSIvan Hu size_t len;
114ff6301daSIvan Hu
115ff6301daSIvan Hu len = user_ucs2_strsize(src);
116ff6301daSIvan Hu if (len == 0)
117ff6301daSIvan Hu return -EFAULT;
118ff6301daSIvan Hu return copy_ucs2_from_user_len(dst, src, len);
119ff6301daSIvan Hu }
120ff6301daSIvan Hu
121ff6301daSIvan Hu /*
122ff6301daSIvan Hu * Copy a ucs2 string to a user buffer.
123ff6301daSIvan Hu *
124ff6301daSIvan Hu * This function is a simple wrapper around copy_to_user() that does
125ff6301daSIvan Hu * nothing if 'src' is NULL, which is useful for reducing the amount of
126ff6301daSIvan Hu * NULL checking the caller has to do.
127ff6301daSIvan Hu *
128ff6301daSIvan Hu * 'len' specifies the number of bytes to copy.
129ff6301daSIvan Hu */
130ff6301daSIvan Hu static inline int
copy_ucs2_to_user_len(efi_char16_t __user * dst,efi_char16_t * src,size_t len)131ff6301daSIvan Hu copy_ucs2_to_user_len(efi_char16_t __user *dst, efi_char16_t *src, size_t len)
132ff6301daSIvan Hu {
133ff6301daSIvan Hu if (!src)
134ff6301daSIvan Hu return 0;
135ff6301daSIvan Hu
136ff6301daSIvan Hu return copy_to_user(dst, src, len);
137ff6301daSIvan Hu }
138ff6301daSIvan Hu
efi_runtime_get_variable(unsigned long arg)139ff6301daSIvan Hu static long efi_runtime_get_variable(unsigned long arg)
140ff6301daSIvan Hu {
141ff6301daSIvan Hu struct efi_getvariable __user *getvariable_user;
142ff6301daSIvan Hu struct efi_getvariable getvariable;
14346b9b713SIvan Hu unsigned long datasize = 0, prev_datasize, *dz;
144ff6301daSIvan Hu efi_guid_t vendor_guid, *vd = NULL;
145ff6301daSIvan Hu efi_status_t status;
146ff6301daSIvan Hu efi_char16_t *name = NULL;
147ff6301daSIvan Hu u32 attr, *at;
148ff6301daSIvan Hu void *data = NULL;
149ff6301daSIvan Hu int rv = 0;
150ff6301daSIvan Hu
151ff6301daSIvan Hu getvariable_user = (struct efi_getvariable __user *)arg;
152ff6301daSIvan Hu
153ff6301daSIvan Hu if (copy_from_user(&getvariable, getvariable_user,
154ff6301daSIvan Hu sizeof(getvariable)))
155ff6301daSIvan Hu return -EFAULT;
156ff6301daSIvan Hu if (getvariable.data_size &&
157ff6301daSIvan Hu get_user(datasize, getvariable.data_size))
158ff6301daSIvan Hu return -EFAULT;
159ff6301daSIvan Hu if (getvariable.vendor_guid) {
160ff6301daSIvan Hu if (copy_from_user(&vendor_guid, getvariable.vendor_guid,
161ff6301daSIvan Hu sizeof(vendor_guid)))
162ff6301daSIvan Hu return -EFAULT;
163ff6301daSIvan Hu vd = &vendor_guid;
164ff6301daSIvan Hu }
165ff6301daSIvan Hu
166ff6301daSIvan Hu if (getvariable.variable_name) {
167ff6301daSIvan Hu rv = copy_ucs2_from_user(&name, getvariable.variable_name);
168ff6301daSIvan Hu if (rv)
169ff6301daSIvan Hu return rv;
170ff6301daSIvan Hu }
171ff6301daSIvan Hu
172ff6301daSIvan Hu at = getvariable.attributes ? &attr : NULL;
173ff6301daSIvan Hu dz = getvariable.data_size ? &datasize : NULL;
174ff6301daSIvan Hu
175ff6301daSIvan Hu if (getvariable.data_size && getvariable.data) {
176ff6301daSIvan Hu data = kmalloc(datasize, GFP_KERNEL);
177ff6301daSIvan Hu if (!data) {
178ff6301daSIvan Hu kfree(name);
179ff6301daSIvan Hu return -ENOMEM;
180ff6301daSIvan Hu }
181ff6301daSIvan Hu }
182ff6301daSIvan Hu
183ff6301daSIvan Hu prev_datasize = datasize;
184ff6301daSIvan Hu status = efi.get_variable(name, vd, at, dz, data);
185ff6301daSIvan Hu kfree(name);
186ff6301daSIvan Hu
187ff6301daSIvan Hu if (put_user(status, getvariable.status)) {
188ff6301daSIvan Hu rv = -EFAULT;
189ff6301daSIvan Hu goto out;
190ff6301daSIvan Hu }
191ff6301daSIvan Hu
192ff6301daSIvan Hu if (status != EFI_SUCCESS) {
193ff6301daSIvan Hu if (status == EFI_BUFFER_TOO_SMALL) {
194ff6301daSIvan Hu if (dz && put_user(datasize, getvariable.data_size)) {
195ff6301daSIvan Hu rv = -EFAULT;
196ff6301daSIvan Hu goto out;
197ff6301daSIvan Hu }
198ff6301daSIvan Hu }
199ff6301daSIvan Hu rv = -EINVAL;
200ff6301daSIvan Hu goto out;
201ff6301daSIvan Hu }
202ff6301daSIvan Hu
203ff6301daSIvan Hu if (prev_datasize < datasize) {
204ff6301daSIvan Hu rv = -EINVAL;
205ff6301daSIvan Hu goto out;
206ff6301daSIvan Hu }
207ff6301daSIvan Hu
208ff6301daSIvan Hu if (data) {
209ff6301daSIvan Hu if (copy_to_user(getvariable.data, data, datasize)) {
210ff6301daSIvan Hu rv = -EFAULT;
211ff6301daSIvan Hu goto out;
212ff6301daSIvan Hu }
213ff6301daSIvan Hu }
214ff6301daSIvan Hu
215ff6301daSIvan Hu if (at && put_user(attr, getvariable.attributes)) {
216ff6301daSIvan Hu rv = -EFAULT;
217ff6301daSIvan Hu goto out;
218ff6301daSIvan Hu }
219ff6301daSIvan Hu
220ff6301daSIvan Hu if (dz && put_user(datasize, getvariable.data_size))
221ff6301daSIvan Hu rv = -EFAULT;
222ff6301daSIvan Hu
223ff6301daSIvan Hu out:
224ff6301daSIvan Hu kfree(data);
225ff6301daSIvan Hu return rv;
226ff6301daSIvan Hu
227ff6301daSIvan Hu }
228ff6301daSIvan Hu
efi_runtime_set_variable(unsigned long arg)229ff6301daSIvan Hu static long efi_runtime_set_variable(unsigned long arg)
230ff6301daSIvan Hu {
231ff6301daSIvan Hu struct efi_setvariable __user *setvariable_user;
232ff6301daSIvan Hu struct efi_setvariable setvariable;
233ff6301daSIvan Hu efi_guid_t vendor_guid;
234ff6301daSIvan Hu efi_status_t status;
235ff6301daSIvan Hu efi_char16_t *name = NULL;
236ff6301daSIvan Hu void *data;
237ff6301daSIvan Hu int rv = 0;
238ff6301daSIvan Hu
239ff6301daSIvan Hu setvariable_user = (struct efi_setvariable __user *)arg;
240ff6301daSIvan Hu
241ff6301daSIvan Hu if (copy_from_user(&setvariable, setvariable_user, sizeof(setvariable)))
242ff6301daSIvan Hu return -EFAULT;
243ff6301daSIvan Hu if (copy_from_user(&vendor_guid, setvariable.vendor_guid,
244ff6301daSIvan Hu sizeof(vendor_guid)))
245ff6301daSIvan Hu return -EFAULT;
246ff6301daSIvan Hu
247ff6301daSIvan Hu if (setvariable.variable_name) {
248ff6301daSIvan Hu rv = copy_ucs2_from_user(&name, setvariable.variable_name);
249ff6301daSIvan Hu if (rv)
250ff6301daSIvan Hu return rv;
251ff6301daSIvan Hu }
252ff6301daSIvan Hu
253c208ed91SIvan Hu data = memdup_user(setvariable.data, setvariable.data_size);
254c208ed91SIvan Hu if (IS_ERR(data)) {
255ff6301daSIvan Hu kfree(name);
256c208ed91SIvan Hu return PTR_ERR(data);
257ff6301daSIvan Hu }
258ff6301daSIvan Hu
259ff6301daSIvan Hu status = efi.set_variable(name, &vendor_guid,
260ff6301daSIvan Hu setvariable.attributes,
261ff6301daSIvan Hu setvariable.data_size, data);
262ff6301daSIvan Hu
263ff6301daSIvan Hu if (put_user(status, setvariable.status)) {
264ff6301daSIvan Hu rv = -EFAULT;
265ff6301daSIvan Hu goto out;
266ff6301daSIvan Hu }
267ff6301daSIvan Hu
268ff6301daSIvan Hu rv = status == EFI_SUCCESS ? 0 : -EINVAL;
269ff6301daSIvan Hu
270ff6301daSIvan Hu out:
271ff6301daSIvan Hu kfree(data);
272ff6301daSIvan Hu kfree(name);
273ff6301daSIvan Hu
274ff6301daSIvan Hu return rv;
275ff6301daSIvan Hu }
276ff6301daSIvan Hu
efi_runtime_get_time(unsigned long arg)277ff6301daSIvan Hu static long efi_runtime_get_time(unsigned long arg)
278ff6301daSIvan Hu {
279ff6301daSIvan Hu struct efi_gettime __user *gettime_user;
280ff6301daSIvan Hu struct efi_gettime gettime;
281ff6301daSIvan Hu efi_status_t status;
282ff6301daSIvan Hu efi_time_cap_t cap;
283ff6301daSIvan Hu efi_time_t efi_time;
284ff6301daSIvan Hu
285ff6301daSIvan Hu gettime_user = (struct efi_gettime __user *)arg;
286ff6301daSIvan Hu if (copy_from_user(&gettime, gettime_user, sizeof(gettime)))
287ff6301daSIvan Hu return -EFAULT;
288ff6301daSIvan Hu
289ff6301daSIvan Hu status = efi.get_time(gettime.time ? &efi_time : NULL,
290ff6301daSIvan Hu gettime.capabilities ? &cap : NULL);
291ff6301daSIvan Hu
292ff6301daSIvan Hu if (put_user(status, gettime.status))
293ff6301daSIvan Hu return -EFAULT;
294ff6301daSIvan Hu
295ff6301daSIvan Hu if (status != EFI_SUCCESS)
296ff6301daSIvan Hu return -EINVAL;
297ff6301daSIvan Hu
298ff6301daSIvan Hu if (gettime.capabilities) {
299ff6301daSIvan Hu efi_time_cap_t __user *cap_local;
300ff6301daSIvan Hu
301ff6301daSIvan Hu cap_local = (efi_time_cap_t *)gettime.capabilities;
302ff6301daSIvan Hu if (put_user(cap.resolution, &(cap_local->resolution)) ||
303ff6301daSIvan Hu put_user(cap.accuracy, &(cap_local->accuracy)) ||
304ff6301daSIvan Hu put_user(cap.sets_to_zero, &(cap_local->sets_to_zero)))
305ff6301daSIvan Hu return -EFAULT;
306ff6301daSIvan Hu }
307ff6301daSIvan Hu if (gettime.time) {
308ff6301daSIvan Hu if (copy_to_user(gettime.time, &efi_time, sizeof(efi_time_t)))
309ff6301daSIvan Hu return -EFAULT;
310ff6301daSIvan Hu }
311ff6301daSIvan Hu
312ff6301daSIvan Hu return 0;
313ff6301daSIvan Hu }
314ff6301daSIvan Hu
efi_runtime_set_time(unsigned long arg)315ff6301daSIvan Hu static long efi_runtime_set_time(unsigned long arg)
316ff6301daSIvan Hu {
317ff6301daSIvan Hu struct efi_settime __user *settime_user;
318ff6301daSIvan Hu struct efi_settime settime;
319ff6301daSIvan Hu efi_status_t status;
320ff6301daSIvan Hu efi_time_t efi_time;
321ff6301daSIvan Hu
322ff6301daSIvan Hu settime_user = (struct efi_settime __user *)arg;
323ff6301daSIvan Hu if (copy_from_user(&settime, settime_user, sizeof(settime)))
324ff6301daSIvan Hu return -EFAULT;
325ff6301daSIvan Hu if (copy_from_user(&efi_time, settime.time,
326ff6301daSIvan Hu sizeof(efi_time_t)))
327ff6301daSIvan Hu return -EFAULT;
328ff6301daSIvan Hu status = efi.set_time(&efi_time);
329ff6301daSIvan Hu
330ff6301daSIvan Hu if (put_user(status, settime.status))
331ff6301daSIvan Hu return -EFAULT;
332ff6301daSIvan Hu
333ff6301daSIvan Hu return status == EFI_SUCCESS ? 0 : -EINVAL;
334ff6301daSIvan Hu }
335ff6301daSIvan Hu
efi_runtime_get_waketime(unsigned long arg)336ff6301daSIvan Hu static long efi_runtime_get_waketime(unsigned long arg)
337ff6301daSIvan Hu {
338ff6301daSIvan Hu struct efi_getwakeuptime __user *getwakeuptime_user;
339ff6301daSIvan Hu struct efi_getwakeuptime getwakeuptime;
340ff6301daSIvan Hu efi_bool_t enabled, pending;
341ff6301daSIvan Hu efi_status_t status;
342ff6301daSIvan Hu efi_time_t efi_time;
343ff6301daSIvan Hu
344ff6301daSIvan Hu getwakeuptime_user = (struct efi_getwakeuptime __user *)arg;
345ff6301daSIvan Hu if (copy_from_user(&getwakeuptime, getwakeuptime_user,
346ff6301daSIvan Hu sizeof(getwakeuptime)))
347ff6301daSIvan Hu return -EFAULT;
348ff6301daSIvan Hu
349ff6301daSIvan Hu status = efi.get_wakeup_time(
350ff6301daSIvan Hu getwakeuptime.enabled ? (efi_bool_t *)&enabled : NULL,
351ff6301daSIvan Hu getwakeuptime.pending ? (efi_bool_t *)&pending : NULL,
352ff6301daSIvan Hu getwakeuptime.time ? &efi_time : NULL);
353ff6301daSIvan Hu
354ff6301daSIvan Hu if (put_user(status, getwakeuptime.status))
355ff6301daSIvan Hu return -EFAULT;
356ff6301daSIvan Hu
357ff6301daSIvan Hu if (status != EFI_SUCCESS)
358ff6301daSIvan Hu return -EINVAL;
359ff6301daSIvan Hu
360ff6301daSIvan Hu if (getwakeuptime.enabled && put_user(enabled,
361ff6301daSIvan Hu getwakeuptime.enabled))
362ff6301daSIvan Hu return -EFAULT;
363ff6301daSIvan Hu
364ff6301daSIvan Hu if (getwakeuptime.time) {
365ff6301daSIvan Hu if (copy_to_user(getwakeuptime.time, &efi_time,
366ff6301daSIvan Hu sizeof(efi_time_t)))
367ff6301daSIvan Hu return -EFAULT;
368ff6301daSIvan Hu }
369ff6301daSIvan Hu
370ff6301daSIvan Hu return 0;
371ff6301daSIvan Hu }
372ff6301daSIvan Hu
efi_runtime_set_waketime(unsigned long arg)373ff6301daSIvan Hu static long efi_runtime_set_waketime(unsigned long arg)
374ff6301daSIvan Hu {
375ff6301daSIvan Hu struct efi_setwakeuptime __user *setwakeuptime_user;
376ff6301daSIvan Hu struct efi_setwakeuptime setwakeuptime;
377ff6301daSIvan Hu efi_bool_t enabled;
378ff6301daSIvan Hu efi_status_t status;
379ff6301daSIvan Hu efi_time_t efi_time;
380ff6301daSIvan Hu
381ff6301daSIvan Hu setwakeuptime_user = (struct efi_setwakeuptime __user *)arg;
382ff6301daSIvan Hu
383ff6301daSIvan Hu if (copy_from_user(&setwakeuptime, setwakeuptime_user,
384ff6301daSIvan Hu sizeof(setwakeuptime)))
385ff6301daSIvan Hu return -EFAULT;
386ff6301daSIvan Hu
387ff6301daSIvan Hu enabled = setwakeuptime.enabled;
388ff6301daSIvan Hu if (setwakeuptime.time) {
389ff6301daSIvan Hu if (copy_from_user(&efi_time, setwakeuptime.time,
390ff6301daSIvan Hu sizeof(efi_time_t)))
391ff6301daSIvan Hu return -EFAULT;
392ff6301daSIvan Hu
393ff6301daSIvan Hu status = efi.set_wakeup_time(enabled, &efi_time);
394ff6301daSIvan Hu } else
395ff6301daSIvan Hu status = efi.set_wakeup_time(enabled, NULL);
396ff6301daSIvan Hu
397ff6301daSIvan Hu if (put_user(status, setwakeuptime.status))
398ff6301daSIvan Hu return -EFAULT;
399ff6301daSIvan Hu
400ff6301daSIvan Hu return status == EFI_SUCCESS ? 0 : -EINVAL;
401ff6301daSIvan Hu }
402ff6301daSIvan Hu
efi_runtime_get_nextvariablename(unsigned long arg)403ff6301daSIvan Hu static long efi_runtime_get_nextvariablename(unsigned long arg)
404ff6301daSIvan Hu {
405ff6301daSIvan Hu struct efi_getnextvariablename __user *getnextvariablename_user;
406ff6301daSIvan Hu struct efi_getnextvariablename getnextvariablename;
407ff6301daSIvan Hu unsigned long name_size, prev_name_size = 0, *ns = NULL;
408ff6301daSIvan Hu efi_status_t status;
409ff6301daSIvan Hu efi_guid_t *vd = NULL;
410ff6301daSIvan Hu efi_guid_t vendor_guid;
411ff6301daSIvan Hu efi_char16_t *name = NULL;
4129c30a219SIvan Hu int rv = 0;
413ff6301daSIvan Hu
414ff6301daSIvan Hu getnextvariablename_user = (struct efi_getnextvariablename __user *)arg;
415ff6301daSIvan Hu
416ff6301daSIvan Hu if (copy_from_user(&getnextvariablename, getnextvariablename_user,
417ff6301daSIvan Hu sizeof(getnextvariablename)))
418ff6301daSIvan Hu return -EFAULT;
419ff6301daSIvan Hu
420ff6301daSIvan Hu if (getnextvariablename.variable_name_size) {
421ff6301daSIvan Hu if (get_user(name_size, getnextvariablename.variable_name_size))
422ff6301daSIvan Hu return -EFAULT;
423ff6301daSIvan Hu ns = &name_size;
424ff6301daSIvan Hu prev_name_size = name_size;
425ff6301daSIvan Hu }
426ff6301daSIvan Hu
427ff6301daSIvan Hu if (getnextvariablename.vendor_guid) {
428ff6301daSIvan Hu if (copy_from_user(&vendor_guid,
429ff6301daSIvan Hu getnextvariablename.vendor_guid,
430ff6301daSIvan Hu sizeof(vendor_guid)))
431ff6301daSIvan Hu return -EFAULT;
432ff6301daSIvan Hu vd = &vendor_guid;
433ff6301daSIvan Hu }
434ff6301daSIvan Hu
435ff6301daSIvan Hu if (getnextvariablename.variable_name) {
436ff6301daSIvan Hu size_t name_string_size = 0;
437ff6301daSIvan Hu
438ff6301daSIvan Hu rv = get_ucs2_strsize_from_user(
439ff6301daSIvan Hu getnextvariablename.variable_name,
440ff6301daSIvan Hu &name_string_size);
441ff6301daSIvan Hu if (rv)
442ff6301daSIvan Hu return rv;
443ff6301daSIvan Hu /*
444ff6301daSIvan Hu * The name_size may be smaller than the real buffer size where
445ff6301daSIvan Hu * variable name located in some use cases. The most typical
446ff6301daSIvan Hu * case is passing a 0 to get the required buffer size for the
447ff6301daSIvan Hu * 1st time call. So we need to copy the content from user
448ff6301daSIvan Hu * space for at least the string size of variable name, or else
449ff6301daSIvan Hu * the name passed to UEFI may not be terminated as we expected.
450ff6301daSIvan Hu */
451ff6301daSIvan Hu rv = copy_ucs2_from_user_len(&name,
452ff6301daSIvan Hu getnextvariablename.variable_name,
453ff6301daSIvan Hu prev_name_size > name_string_size ?
454ff6301daSIvan Hu prev_name_size : name_string_size);
455ff6301daSIvan Hu if (rv)
456ff6301daSIvan Hu return rv;
457ff6301daSIvan Hu }
458ff6301daSIvan Hu
459ff6301daSIvan Hu status = efi.get_next_variable(ns, name, vd);
460ff6301daSIvan Hu
461ff6301daSIvan Hu if (put_user(status, getnextvariablename.status)) {
462ff6301daSIvan Hu rv = -EFAULT;
463ff6301daSIvan Hu goto out;
464ff6301daSIvan Hu }
465ff6301daSIvan Hu
466ff6301daSIvan Hu if (status != EFI_SUCCESS) {
467ff6301daSIvan Hu if (status == EFI_BUFFER_TOO_SMALL) {
468ff6301daSIvan Hu if (ns && put_user(*ns,
469ff6301daSIvan Hu getnextvariablename.variable_name_size)) {
470ff6301daSIvan Hu rv = -EFAULT;
471ff6301daSIvan Hu goto out;
472ff6301daSIvan Hu }
473ff6301daSIvan Hu }
474ff6301daSIvan Hu rv = -EINVAL;
475ff6301daSIvan Hu goto out;
476ff6301daSIvan Hu }
477ff6301daSIvan Hu
478ff6301daSIvan Hu if (name) {
479ff6301daSIvan Hu if (copy_ucs2_to_user_len(getnextvariablename.variable_name,
480ff6301daSIvan Hu name, prev_name_size)) {
481ff6301daSIvan Hu rv = -EFAULT;
482ff6301daSIvan Hu goto out;
483ff6301daSIvan Hu }
484ff6301daSIvan Hu }
485ff6301daSIvan Hu
486ff6301daSIvan Hu if (ns) {
487ff6301daSIvan Hu if (put_user(*ns, getnextvariablename.variable_name_size)) {
488ff6301daSIvan Hu rv = -EFAULT;
489ff6301daSIvan Hu goto out;
490ff6301daSIvan Hu }
491ff6301daSIvan Hu }
492ff6301daSIvan Hu
493ff6301daSIvan Hu if (vd) {
494ff6301daSIvan Hu if (copy_to_user(getnextvariablename.vendor_guid, vd,
495ff6301daSIvan Hu sizeof(efi_guid_t)))
496ff6301daSIvan Hu rv = -EFAULT;
497ff6301daSIvan Hu }
498ff6301daSIvan Hu
499ff6301daSIvan Hu out:
500ff6301daSIvan Hu kfree(name);
501ff6301daSIvan Hu return rv;
502ff6301daSIvan Hu }
503ff6301daSIvan Hu
efi_runtime_get_nexthighmonocount(unsigned long arg)504ff6301daSIvan Hu static long efi_runtime_get_nexthighmonocount(unsigned long arg)
505ff6301daSIvan Hu {
506ff6301daSIvan Hu struct efi_getnexthighmonotoniccount __user *getnexthighmonocount_user;
507ff6301daSIvan Hu struct efi_getnexthighmonotoniccount getnexthighmonocount;
508ff6301daSIvan Hu efi_status_t status;
509ff6301daSIvan Hu u32 count;
510ff6301daSIvan Hu
511ff6301daSIvan Hu getnexthighmonocount_user = (struct
512ff6301daSIvan Hu efi_getnexthighmonotoniccount __user *)arg;
513ff6301daSIvan Hu
514ff6301daSIvan Hu if (copy_from_user(&getnexthighmonocount,
515ff6301daSIvan Hu getnexthighmonocount_user,
516ff6301daSIvan Hu sizeof(getnexthighmonocount)))
517ff6301daSIvan Hu return -EFAULT;
518ff6301daSIvan Hu
519ff6301daSIvan Hu status = efi.get_next_high_mono_count(
520ff6301daSIvan Hu getnexthighmonocount.high_count ? &count : NULL);
521ff6301daSIvan Hu
522ff6301daSIvan Hu if (put_user(status, getnexthighmonocount.status))
523ff6301daSIvan Hu return -EFAULT;
524ff6301daSIvan Hu
525ff6301daSIvan Hu if (status != EFI_SUCCESS)
526ff6301daSIvan Hu return -EINVAL;
527ff6301daSIvan Hu
528ff6301daSIvan Hu if (getnexthighmonocount.high_count &&
529ff6301daSIvan Hu put_user(count, getnexthighmonocount.high_count))
530ff6301daSIvan Hu return -EFAULT;
531ff6301daSIvan Hu
532ff6301daSIvan Hu return 0;
533ff6301daSIvan Hu }
534ff6301daSIvan Hu
efi_runtime_reset_system(unsigned long arg)535bcb31c62SIvan Hu static long efi_runtime_reset_system(unsigned long arg)
536bcb31c62SIvan Hu {
537bcb31c62SIvan Hu struct efi_resetsystem __user *resetsystem_user;
538bcb31c62SIvan Hu struct efi_resetsystem resetsystem;
539bcb31c62SIvan Hu void *data = NULL;
540bcb31c62SIvan Hu
541bcb31c62SIvan Hu resetsystem_user = (struct efi_resetsystem __user *)arg;
542bcb31c62SIvan Hu if (copy_from_user(&resetsystem, resetsystem_user,
543bcb31c62SIvan Hu sizeof(resetsystem)))
544bcb31c62SIvan Hu return -EFAULT;
545bcb31c62SIvan Hu if (resetsystem.data_size != 0) {
546bcb31c62SIvan Hu data = memdup_user((void *)resetsystem.data,
547bcb31c62SIvan Hu resetsystem.data_size);
548bcb31c62SIvan Hu if (IS_ERR(data))
549bcb31c62SIvan Hu return PTR_ERR(data);
550bcb31c62SIvan Hu }
551bcb31c62SIvan Hu
552bcb31c62SIvan Hu efi.reset_system(resetsystem.reset_type, resetsystem.status,
553bcb31c62SIvan Hu resetsystem.data_size, (efi_char16_t *)data);
554bcb31c62SIvan Hu
555bcb31c62SIvan Hu kfree(data);
556bcb31c62SIvan Hu return 0;
557bcb31c62SIvan Hu }
558bcb31c62SIvan Hu
efi_runtime_query_variableinfo(unsigned long arg)559ff6301daSIvan Hu static long efi_runtime_query_variableinfo(unsigned long arg)
560ff6301daSIvan Hu {
561ff6301daSIvan Hu struct efi_queryvariableinfo __user *queryvariableinfo_user;
562ff6301daSIvan Hu struct efi_queryvariableinfo queryvariableinfo;
563ff6301daSIvan Hu efi_status_t status;
564ff6301daSIvan Hu u64 max_storage, remaining, max_size;
565ff6301daSIvan Hu
566ff6301daSIvan Hu queryvariableinfo_user = (struct efi_queryvariableinfo __user *)arg;
567ff6301daSIvan Hu
568ff6301daSIvan Hu if (copy_from_user(&queryvariableinfo, queryvariableinfo_user,
569ff6301daSIvan Hu sizeof(queryvariableinfo)))
570ff6301daSIvan Hu return -EFAULT;
571ff6301daSIvan Hu
572ff6301daSIvan Hu status = efi.query_variable_info(queryvariableinfo.attributes,
573ff6301daSIvan Hu &max_storage, &remaining, &max_size);
574ff6301daSIvan Hu
575ff6301daSIvan Hu if (put_user(status, queryvariableinfo.status))
576ff6301daSIvan Hu return -EFAULT;
577ff6301daSIvan Hu
578ff6301daSIvan Hu if (status != EFI_SUCCESS)
579ff6301daSIvan Hu return -EINVAL;
580ff6301daSIvan Hu
581ff6301daSIvan Hu if (put_user(max_storage,
582ff6301daSIvan Hu queryvariableinfo.maximum_variable_storage_size))
583ff6301daSIvan Hu return -EFAULT;
584ff6301daSIvan Hu
585ff6301daSIvan Hu if (put_user(remaining,
586ff6301daSIvan Hu queryvariableinfo.remaining_variable_storage_size))
587ff6301daSIvan Hu return -EFAULT;
588ff6301daSIvan Hu
589ff6301daSIvan Hu if (put_user(max_size, queryvariableinfo.maximum_variable_size))
590ff6301daSIvan Hu return -EFAULT;
591ff6301daSIvan Hu
592ff6301daSIvan Hu return 0;
593ff6301daSIvan Hu }
594ff6301daSIvan Hu
efi_runtime_query_capsulecaps(unsigned long arg)595ff6301daSIvan Hu static long efi_runtime_query_capsulecaps(unsigned long arg)
596ff6301daSIvan Hu {
597ff6301daSIvan Hu struct efi_querycapsulecapabilities __user *qcaps_user;
598ff6301daSIvan Hu struct efi_querycapsulecapabilities qcaps;
599ff6301daSIvan Hu efi_capsule_header_t *capsules;
600ff6301daSIvan Hu efi_status_t status;
601ff6301daSIvan Hu u64 max_size;
602ff6301daSIvan Hu int i, reset_type;
603ff6301daSIvan Hu int rv = 0;
604ff6301daSIvan Hu
605ff6301daSIvan Hu qcaps_user = (struct efi_querycapsulecapabilities __user *)arg;
606ff6301daSIvan Hu
607ff6301daSIvan Hu if (copy_from_user(&qcaps, qcaps_user, sizeof(qcaps)))
608ff6301daSIvan Hu return -EFAULT;
609ff6301daSIvan Hu
610092e72c9SDan Carpenter if (qcaps.capsule_count == ULONG_MAX)
611092e72c9SDan Carpenter return -EINVAL;
612092e72c9SDan Carpenter
613ff6301daSIvan Hu capsules = kcalloc(qcaps.capsule_count + 1,
614ff6301daSIvan Hu sizeof(efi_capsule_header_t), GFP_KERNEL);
615ff6301daSIvan Hu if (!capsules)
616ff6301daSIvan Hu return -ENOMEM;
617ff6301daSIvan Hu
618ff6301daSIvan Hu for (i = 0; i < qcaps.capsule_count; i++) {
619ff6301daSIvan Hu efi_capsule_header_t *c;
620ff6301daSIvan Hu /*
621ff6301daSIvan Hu * We cannot dereference qcaps.capsule_header_array directly to
622ff6301daSIvan Hu * obtain the address of the capsule as it resides in the
623ff6301daSIvan Hu * user space
624ff6301daSIvan Hu */
625ff6301daSIvan Hu if (get_user(c, qcaps.capsule_header_array + i)) {
626ff6301daSIvan Hu rv = -EFAULT;
627ff6301daSIvan Hu goto out;
628ff6301daSIvan Hu }
629ff6301daSIvan Hu if (copy_from_user(&capsules[i], c,
630ff6301daSIvan Hu sizeof(efi_capsule_header_t))) {
631ff6301daSIvan Hu rv = -EFAULT;
632ff6301daSIvan Hu goto out;
633ff6301daSIvan Hu }
634ff6301daSIvan Hu }
635ff6301daSIvan Hu
636ff6301daSIvan Hu qcaps.capsule_header_array = &capsules;
637ff6301daSIvan Hu
638ff6301daSIvan Hu status = efi.query_capsule_caps((efi_capsule_header_t **)
639ff6301daSIvan Hu qcaps.capsule_header_array,
640ff6301daSIvan Hu qcaps.capsule_count,
641ff6301daSIvan Hu &max_size, &reset_type);
642ff6301daSIvan Hu
643ff6301daSIvan Hu if (put_user(status, qcaps.status)) {
644ff6301daSIvan Hu rv = -EFAULT;
645ff6301daSIvan Hu goto out;
646ff6301daSIvan Hu }
647ff6301daSIvan Hu
648ff6301daSIvan Hu if (status != EFI_SUCCESS) {
649ff6301daSIvan Hu rv = -EINVAL;
650ff6301daSIvan Hu goto out;
651ff6301daSIvan Hu }
652ff6301daSIvan Hu
653ff6301daSIvan Hu if (put_user(max_size, qcaps.maximum_capsule_size)) {
654ff6301daSIvan Hu rv = -EFAULT;
655ff6301daSIvan Hu goto out;
656ff6301daSIvan Hu }
657ff6301daSIvan Hu
658ff6301daSIvan Hu if (put_user(reset_type, qcaps.reset_type))
659ff6301daSIvan Hu rv = -EFAULT;
660ff6301daSIvan Hu
661ff6301daSIvan Hu out:
662ff6301daSIvan Hu kfree(capsules);
663ff6301daSIvan Hu return rv;
664ff6301daSIvan Hu }
665ff6301daSIvan Hu
efi_runtime_get_supported_mask(unsigned long arg)666*ff20661bSHeinrich Schuchardt static long efi_runtime_get_supported_mask(unsigned long arg)
667*ff20661bSHeinrich Schuchardt {
668*ff20661bSHeinrich Schuchardt unsigned int __user *supported_mask;
669*ff20661bSHeinrich Schuchardt int rv = 0;
670*ff20661bSHeinrich Schuchardt
671*ff20661bSHeinrich Schuchardt supported_mask = (unsigned int *)arg;
672*ff20661bSHeinrich Schuchardt
673*ff20661bSHeinrich Schuchardt if (put_user(efi.runtime_supported_mask, supported_mask))
674*ff20661bSHeinrich Schuchardt rv = -EFAULT;
675*ff20661bSHeinrich Schuchardt
676*ff20661bSHeinrich Schuchardt return rv;
677*ff20661bSHeinrich Schuchardt }
678*ff20661bSHeinrich Schuchardt
efi_test_ioctl(struct file * file,unsigned int cmd,unsigned long arg)679ff6301daSIvan Hu static long efi_test_ioctl(struct file *file, unsigned int cmd,
680ff6301daSIvan Hu unsigned long arg)
681ff6301daSIvan Hu {
682ff6301daSIvan Hu switch (cmd) {
683ff6301daSIvan Hu case EFI_RUNTIME_GET_VARIABLE:
684ff6301daSIvan Hu return efi_runtime_get_variable(arg);
685ff6301daSIvan Hu
686ff6301daSIvan Hu case EFI_RUNTIME_SET_VARIABLE:
687ff6301daSIvan Hu return efi_runtime_set_variable(arg);
688ff6301daSIvan Hu
689ff6301daSIvan Hu case EFI_RUNTIME_GET_TIME:
690ff6301daSIvan Hu return efi_runtime_get_time(arg);
691ff6301daSIvan Hu
692ff6301daSIvan Hu case EFI_RUNTIME_SET_TIME:
693ff6301daSIvan Hu return efi_runtime_set_time(arg);
694ff6301daSIvan Hu
695ff6301daSIvan Hu case EFI_RUNTIME_GET_WAKETIME:
696ff6301daSIvan Hu return efi_runtime_get_waketime(arg);
697ff6301daSIvan Hu
698ff6301daSIvan Hu case EFI_RUNTIME_SET_WAKETIME:
699ff6301daSIvan Hu return efi_runtime_set_waketime(arg);
700ff6301daSIvan Hu
701ff6301daSIvan Hu case EFI_RUNTIME_GET_NEXTVARIABLENAME:
702ff6301daSIvan Hu return efi_runtime_get_nextvariablename(arg);
703ff6301daSIvan Hu
704ff6301daSIvan Hu case EFI_RUNTIME_GET_NEXTHIGHMONOTONICCOUNT:
705ff6301daSIvan Hu return efi_runtime_get_nexthighmonocount(arg);
706ff6301daSIvan Hu
707ff6301daSIvan Hu case EFI_RUNTIME_QUERY_VARIABLEINFO:
708ff6301daSIvan Hu return efi_runtime_query_variableinfo(arg);
709ff6301daSIvan Hu
710ff6301daSIvan Hu case EFI_RUNTIME_QUERY_CAPSULECAPABILITIES:
711ff6301daSIvan Hu return efi_runtime_query_capsulecaps(arg);
712bcb31c62SIvan Hu
713bcb31c62SIvan Hu case EFI_RUNTIME_RESET_SYSTEM:
714bcb31c62SIvan Hu return efi_runtime_reset_system(arg);
715*ff20661bSHeinrich Schuchardt
716*ff20661bSHeinrich Schuchardt case EFI_RUNTIME_GET_SUPPORTED_MASK:
717*ff20661bSHeinrich Schuchardt return efi_runtime_get_supported_mask(arg);
718ff6301daSIvan Hu }
719ff6301daSIvan Hu
720ff6301daSIvan Hu return -ENOTTY;
721ff6301daSIvan Hu }
722ff6301daSIvan Hu
efi_test_open(struct inode * inode,struct file * file)723ff6301daSIvan Hu static int efi_test_open(struct inode *inode, struct file *file)
724ff6301daSIvan Hu {
725359efcc2SJavier Martinez Canillas int ret = security_locked_down(LOCKDOWN_EFI_TEST);
726359efcc2SJavier Martinez Canillas
727359efcc2SJavier Martinez Canillas if (ret)
728359efcc2SJavier Martinez Canillas return ret;
729359efcc2SJavier Martinez Canillas
730359efcc2SJavier Martinez Canillas if (!capable(CAP_SYS_ADMIN))
731359efcc2SJavier Martinez Canillas return -EACCES;
732ff6301daSIvan Hu /*
733ff6301daSIvan Hu * nothing special to do here
734ff6301daSIvan Hu * We do accept multiple open files at the same time as we
735ff6301daSIvan Hu * synchronize on the per call operation.
736ff6301daSIvan Hu */
737ff6301daSIvan Hu return 0;
738ff6301daSIvan Hu }
739ff6301daSIvan Hu
efi_test_close(struct inode * inode,struct file * file)740ff6301daSIvan Hu static int efi_test_close(struct inode *inode, struct file *file)
741ff6301daSIvan Hu {
742ff6301daSIvan Hu return 0;
743ff6301daSIvan Hu }
744ff6301daSIvan Hu
745ff6301daSIvan Hu /*
746ff6301daSIvan Hu * The various file operations we support.
747ff6301daSIvan Hu */
748ff6301daSIvan Hu static const struct file_operations efi_test_fops = {
749ff6301daSIvan Hu .owner = THIS_MODULE,
750ff6301daSIvan Hu .unlocked_ioctl = efi_test_ioctl,
751ff6301daSIvan Hu .open = efi_test_open,
752ff6301daSIvan Hu .release = efi_test_close,
753ff6301daSIvan Hu .llseek = no_llseek,
754ff6301daSIvan Hu };
755ff6301daSIvan Hu
756ff6301daSIvan Hu static struct miscdevice efi_test_dev = {
757ff6301daSIvan Hu MISC_DYNAMIC_MINOR,
758ff6301daSIvan Hu "efi_test",
759ff6301daSIvan Hu &efi_test_fops
760ff6301daSIvan Hu };
761ff6301daSIvan Hu
efi_test_init(void)762ff6301daSIvan Hu static int __init efi_test_init(void)
763ff6301daSIvan Hu {
764ff6301daSIvan Hu int ret;
765ff6301daSIvan Hu
766ff6301daSIvan Hu ret = misc_register(&efi_test_dev);
767ff6301daSIvan Hu if (ret) {
768ff6301daSIvan Hu pr_err("efi_test: can't misc_register on minor=%d\n",
769ff6301daSIvan Hu MISC_DYNAMIC_MINOR);
770ff6301daSIvan Hu return ret;
771ff6301daSIvan Hu }
772ff6301daSIvan Hu
773ff6301daSIvan Hu return 0;
774ff6301daSIvan Hu }
775ff6301daSIvan Hu
efi_test_exit(void)776ff6301daSIvan Hu static void __exit efi_test_exit(void)
777ff6301daSIvan Hu {
778ff6301daSIvan Hu misc_deregister(&efi_test_dev);
779ff6301daSIvan Hu }
780ff6301daSIvan Hu
781ff6301daSIvan Hu module_init(efi_test_init);
782ff6301daSIvan Hu module_exit(efi_test_exit);
783