xref: /openbmc/linux/fs/efivarfs/inode.c (revision d701ea28) 
1d2912cb1SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-only
2d68772b7SMatt Fleming /*
3d68772b7SMatt Fleming  * Copyright (C) 2012 Red Hat, Inc.
4d68772b7SMatt Fleming  * Copyright (C) 2012 Jeremy Kerr <jeremy.kerr@canonical.com>
5d68772b7SMatt Fleming  */
6d68772b7SMatt Fleming 
7d68772b7SMatt Fleming #include <linux/efi.h>
8d68772b7SMatt Fleming #include <linux/fs.h>
9d68772b7SMatt Fleming #include <linux/ctype.h>
10ff04f3b6SArd Biesheuvel #include <linux/kmemleak.h>
1120b4fb48SLinus Torvalds #include <linux/slab.h>
128236431dSAndy Shevchenko #include <linux/uuid.h>
13*d701ea28SMiklos Szeredi #include <linux/fileattr.h>
14d68772b7SMatt Fleming 
15d68772b7SMatt Fleming #include "internal.h"
16d68772b7SMatt Fleming 
17*d701ea28SMiklos Szeredi static const struct inode_operations efivarfs_file_inode_operations;
18*d701ea28SMiklos Szeredi 
19d68772b7SMatt Fleming struct inode *efivarfs_get_inode(struct super_block *sb,
20ed8b0de5SPeter Jones 				const struct inode *dir, int mode,
21ed8b0de5SPeter Jones 				dev_t dev, bool is_removable)
22d68772b7SMatt Fleming {
23d68772b7SMatt Fleming 	struct inode *inode = new_inode(sb);
24d68772b7SMatt Fleming 
25d68772b7SMatt Fleming 	if (inode) {
26d68772b7SMatt Fleming 		inode->i_ino = get_next_ino();
27d68772b7SMatt Fleming 		inode->i_mode = mode;
28078cd827SDeepa Dinamani 		inode->i_atime = inode->i_mtime = inode->i_ctime = current_time(inode);
29ed8b0de5SPeter Jones 		inode->i_flags = is_removable ? 0 : S_IMMUTABLE;
30d68772b7SMatt Fleming 		switch (mode & S_IFMT) {
31d68772b7SMatt Fleming 		case S_IFREG:
32*d701ea28SMiklos Szeredi 			inode->i_op = &efivarfs_file_inode_operations;
33d68772b7SMatt Fleming 			inode->i_fop = &efivarfs_file_operations;
34d68772b7SMatt Fleming 			break;
35d68772b7SMatt Fleming 		case S_IFDIR:
36d68772b7SMatt Fleming 			inode->i_op = &efivarfs_dir_inode_operations;
37d68772b7SMatt Fleming 			inode->i_fop = &simple_dir_operations;
38d68772b7SMatt Fleming 			inc_nlink(inode);
39d68772b7SMatt Fleming 			break;
40d68772b7SMatt Fleming 		}
41d68772b7SMatt Fleming 	}
42d68772b7SMatt Fleming 	return inode;
43d68772b7SMatt Fleming }
44d68772b7SMatt Fleming 
45d68772b7SMatt Fleming /*
46d68772b7SMatt Fleming  * Return true if 'str' is a valid efivarfs filename of the form,
47d68772b7SMatt Fleming  *
48d68772b7SMatt Fleming  *	VariableName-12345678-1234-1234-1234-1234567891bc
49d68772b7SMatt Fleming  */
50d68772b7SMatt Fleming bool efivarfs_valid_name(const char *str, int len)
51d68772b7SMatt Fleming {
52d68772b7SMatt Fleming 	const char *s = str + len - EFI_VARIABLE_GUID_LEN;
53d68772b7SMatt Fleming 
54d68772b7SMatt Fleming 	/*
55d68772b7SMatt Fleming 	 * We need a GUID, plus at least one letter for the variable name,
56d68772b7SMatt Fleming 	 * plus the '-' separator
57d68772b7SMatt Fleming 	 */
58d68772b7SMatt Fleming 	if (len < EFI_VARIABLE_GUID_LEN + 2)
59d68772b7SMatt Fleming 		return false;
60d68772b7SMatt Fleming 
61d68772b7SMatt Fleming 	/* GUID must be preceded by a '-' */
62d68772b7SMatt Fleming 	if (*(s - 1) != '-')
63d68772b7SMatt Fleming 		return false;
64d68772b7SMatt Fleming 
65d68772b7SMatt Fleming 	/*
66d68772b7SMatt Fleming 	 * Validate that 's' is of the correct format, e.g.
67d68772b7SMatt Fleming 	 *
68d68772b7SMatt Fleming 	 *	12345678-1234-1234-1234-123456789abc
69d68772b7SMatt Fleming 	 */
708236431dSAndy Shevchenko 	return uuid_is_valid(s);
71d68772b7SMatt Fleming }
72d68772b7SMatt Fleming 
73549c7297SChristian Brauner static int efivarfs_create(struct user_namespace *mnt_userns, struct inode *dir,
74549c7297SChristian Brauner 			   struct dentry *dentry, umode_t mode, bool excl)
75d68772b7SMatt Fleming {
76ed8b0de5SPeter Jones 	struct inode *inode = NULL;
77d68772b7SMatt Fleming 	struct efivar_entry *var;
78d68772b7SMatt Fleming 	int namelen, i = 0, err = 0;
79ed8b0de5SPeter Jones 	bool is_removable = false;
80d68772b7SMatt Fleming 
81d68772b7SMatt Fleming 	if (!efivarfs_valid_name(dentry->d_name.name, dentry->d_name.len))
82d68772b7SMatt Fleming 		return -EINVAL;
83d68772b7SMatt Fleming 
84d68772b7SMatt Fleming 	var = kzalloc(sizeof(struct efivar_entry), GFP_KERNEL);
85ed8b0de5SPeter Jones 	if (!var)
86ed8b0de5SPeter Jones 		return -ENOMEM;
87d68772b7SMatt Fleming 
88d68772b7SMatt Fleming 	/* length of the variable name itself: remove GUID and separator */
89d68772b7SMatt Fleming 	namelen = dentry->d_name.len - EFI_VARIABLE_GUID_LEN - 1;
90d68772b7SMatt Fleming 
91c4326563SAndy Shevchenko 	err = guid_parse(dentry->d_name.name + namelen + 1, &var->var.VendorGuid);
92c4326563SAndy Shevchenko 	if (err)
93c4326563SAndy Shevchenko 		goto out;
94d68772b7SMatt Fleming 
95ed8b0de5SPeter Jones 	if (efivar_variable_is_removable(var->var.VendorGuid,
96ed8b0de5SPeter Jones 					 dentry->d_name.name, namelen))
97ed8b0de5SPeter Jones 		is_removable = true;
98ed8b0de5SPeter Jones 
99ed8b0de5SPeter Jones 	inode = efivarfs_get_inode(dir->i_sb, dir, mode, 0, is_removable);
100ed8b0de5SPeter Jones 	if (!inode) {
101ed8b0de5SPeter Jones 		err = -ENOMEM;
102ed8b0de5SPeter Jones 		goto out;
103ed8b0de5SPeter Jones 	}
104ed8b0de5SPeter Jones 
105d68772b7SMatt Fleming 	for (i = 0; i < namelen; i++)
106d68772b7SMatt Fleming 		var->var.VariableName[i] = dentry->d_name.name[i];
107d68772b7SMatt Fleming 
108d68772b7SMatt Fleming 	var->var.VariableName[i] = '\0';
109d68772b7SMatt Fleming 
110d68772b7SMatt Fleming 	inode->i_private = var;
111ff04f3b6SArd Biesheuvel 	kmemleak_ignore(var);
112d68772b7SMatt Fleming 
11321b3ddd3SSylvain Chouleur 	err = efivar_entry_add(var, &efivarfs_list);
11421b3ddd3SSylvain Chouleur 	if (err)
11521b3ddd3SSylvain Chouleur 		goto out;
11621b3ddd3SSylvain Chouleur 
117d68772b7SMatt Fleming 	d_instantiate(dentry, inode);
118d68772b7SMatt Fleming 	dget(dentry);
119d68772b7SMatt Fleming out:
120d68772b7SMatt Fleming 	if (err) {
121d68772b7SMatt Fleming 		kfree(var);
122ed8b0de5SPeter Jones 		if (inode)
123d68772b7SMatt Fleming 			iput(inode);
124d68772b7SMatt Fleming 	}
125d68772b7SMatt Fleming 	return err;
126d68772b7SMatt Fleming }
127d68772b7SMatt Fleming 
128d68772b7SMatt Fleming static int efivarfs_unlink(struct inode *dir, struct dentry *dentry)
129d68772b7SMatt Fleming {
1302b0143b5SDavid Howells 	struct efivar_entry *var = d_inode(dentry)->i_private;
131d68772b7SMatt Fleming 
132d68772b7SMatt Fleming 	if (efivar_entry_delete(var))
133d68772b7SMatt Fleming 		return -EINVAL;
134d68772b7SMatt Fleming 
1352b0143b5SDavid Howells 	drop_nlink(d_inode(dentry));
136d68772b7SMatt Fleming 	dput(dentry);
137d68772b7SMatt Fleming 	return 0;
138d68772b7SMatt Fleming };
139d68772b7SMatt Fleming 
140d68772b7SMatt Fleming const struct inode_operations efivarfs_dir_inode_operations = {
1416e8cd2cbSAl Viro 	.lookup = simple_lookup,
142d68772b7SMatt Fleming 	.unlink = efivarfs_unlink,
143d68772b7SMatt Fleming 	.create = efivarfs_create,
144d68772b7SMatt Fleming };
145*d701ea28SMiklos Szeredi 
146*d701ea28SMiklos Szeredi static int
147*d701ea28SMiklos Szeredi efivarfs_fileattr_get(struct dentry *dentry, struct fileattr *fa)
148*d701ea28SMiklos Szeredi {
149*d701ea28SMiklos Szeredi 	unsigned int i_flags;
150*d701ea28SMiklos Szeredi 	unsigned int flags = 0;
151*d701ea28SMiklos Szeredi 
152*d701ea28SMiklos Szeredi 	i_flags = d_inode(dentry)->i_flags;
153*d701ea28SMiklos Szeredi 	if (i_flags & S_IMMUTABLE)
154*d701ea28SMiklos Szeredi 		flags |= FS_IMMUTABLE_FL;
155*d701ea28SMiklos Szeredi 
156*d701ea28SMiklos Szeredi 	fileattr_fill_flags(fa, flags);
157*d701ea28SMiklos Szeredi 
158*d701ea28SMiklos Szeredi 	return 0;
159*d701ea28SMiklos Szeredi }
160*d701ea28SMiklos Szeredi 
161*d701ea28SMiklos Szeredi static int
162*d701ea28SMiklos Szeredi efivarfs_fileattr_set(struct user_namespace *mnt_userns,
163*d701ea28SMiklos Szeredi 		      struct dentry *dentry, struct fileattr *fa)
164*d701ea28SMiklos Szeredi {
165*d701ea28SMiklos Szeredi 	unsigned int i_flags = 0;
166*d701ea28SMiklos Szeredi 
167*d701ea28SMiklos Szeredi 	if (fileattr_has_fsx(fa))
168*d701ea28SMiklos Szeredi 		return -EOPNOTSUPP;
169*d701ea28SMiklos Szeredi 
170*d701ea28SMiklos Szeredi 	if (fa->flags & ~FS_IMMUTABLE_FL)
171*d701ea28SMiklos Szeredi 		return -EOPNOTSUPP;
172*d701ea28SMiklos Szeredi 
173*d701ea28SMiklos Szeredi 	if (fa->flags & FS_IMMUTABLE_FL)
174*d701ea28SMiklos Szeredi 		i_flags |= S_IMMUTABLE;
175*d701ea28SMiklos Szeredi 
176*d701ea28SMiklos Szeredi 	inode_set_flags(d_inode(dentry), i_flags, S_IMMUTABLE);
177*d701ea28SMiklos Szeredi 
178*d701ea28SMiklos Szeredi 	return 0;
179*d701ea28SMiklos Szeredi }
180*d701ea28SMiklos Szeredi 
181*d701ea28SMiklos Szeredi static const struct inode_operations efivarfs_file_inode_operations = {
182*d701ea28SMiklos Szeredi 	.fileattr_get = efivarfs_fileattr_get,
183*d701ea28SMiklos Szeredi 	.fileattr_set = efivarfs_fileattr_set,
184*d701ea28SMiklos Szeredi };
185