]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/shared/efivars.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #11827 from keszybz/pkgconfig-variables
[thirdparty/systemd.git] / src / shared / efivars.c
CommitLineData
53e1b683 1/* SPDX-License-Identifier: LGPL-2.1+ */
2e3d0692 2
a8fbdf54
TA		 3#include <dirent.h>
4#include <errno.h>
2e3d0692 5#include <fcntl.h>
a8fbdf54 6#include <limits.h>
2c3bf278 7#include <linux/fs.h>
a8fbdf54
TA		 8#include <stdio.h>
9#include <stdlib.h>
cf0fbc49 10#include <string.h>
a8fbdf54 11#include <sys/stat.h>
cf0fbc49 12#include <unistd.h>
2e3d0692 13
a8fbdf54
TA		 14#include "sd-id128.h"
15
b5efdb8a 16#include "alloc-util.h"
2c3bf278 17#include "chattr-util.h"
a0956174 18#include "dirent-util.h"
3ffd4af2
LP		 19#include "efivars.h"
20#include "fd-util.h"
c004493c 21#include "io-util.h"
a8fbdf54 22#include "macro.h"
6bedfcbb 23#include "parse-util.h"
15a5e950 24#include "stdio-util.h"
bd2865ca 25#include "strv.h"
a8fbdf54 26#include "time-util.h"
2e3d0692 27#include "utf8.h"
3ffd4af2 28#include "util.h"
5bdf2243 29#include "virt.h"
2e3d0692 30
349cc4a5 31#if ENABLE_EFI
b872e9a0 32
0974a682
KS		 33#define LOAD_OPTION_ACTIVE 0x00000001
34#define MEDIA_DEVICE_PATH 0x04
35#define MEDIA_HARDDRIVE_DP 0x01
36#define MEDIA_FILEPATH_DP 0x04
37#define SIGNATURE_TYPE_GUID 0x02
38#define MBR_TYPE_EFI_PARTITION_TABLE_HEADER 0x02
39#define END_DEVICE_PATH_TYPE 0x7f
40#define END_ENTIRE_DEVICE_PATH_SUBTYPE 0xff
5bdf2243 41#define EFI_OS_INDICATIONS_BOOT_TO_FW_UI 0x0000000000000001
0974a682 42
f7cb1c79
ZJS		 43#define boot_option__contents { \
44 uint32_t attr; \
45 uint16_t path_len; \
46 uint16_t title[]; \
47 }
48
49struct boot_option boot_option__contents;
50struct boot_option__packed boot_option__contents _packed_;
51assert_cc(offsetof(struct boot_option, title) == offsetof(struct boot_option__packed, title));
52/* sizeof(struct boot_option) != sizeof(struct boot_option__packed), so
53 * the *size* of the structure should not be used anywhere below. */
0974a682
KS		 54
55struct drive_path {
56 uint32_t part_nr;
57 uint64_t part_start;
58 uint64_t part_size;
59 char signature[16];
60 uint8_t mbr_type;
61 uint8_t signature_type;
885fdebc 62} _packed_;
0974a682 63
3c7dddac
ZJS		 64#define device_path__contents { \
65 uint8_t type; \
66 uint8_t sub_type; \
67 uint16_t length; \
68 union { \
69 uint16_t path[0]; \
70 struct drive_path drive; \
71 }; \
72 }
73
74struct device_path device_path__contents;
75struct device_path__packed device_path__contents _packed_;
76assert_cc(sizeof(struct device_path) == sizeof(struct device_path__packed));
0974a682 77
9cde64ff 78bool is_efi_boot(void) {
bb161cdc
LP		 79 if (detect_container() > 0)
80 return false;
81
82 return access("/sys/firmware/efi/", F_OK) >= 0;
34e5a31e
LP		 83}
84
bc6f2e7c 85static int read_flag(const char *varname) {
b47d419c 86 _cleanup_free_ void *v = NULL;
bc6f2e7c 87 uint8_t b;
e22c567f
LP		 88 size_t s;
89 int r;
bc6f2e7c 90
337eed30
LP		 91 if (!is_efi_boot()) /* If this is not an EFI boot, assume the queried flags are zero */
92 return 0;
93
bc6f2e7c
KS		 94 r = efi_get_variable(EFI_VENDOR_GLOBAL, varname, NULL, &v, &s);
95 if (r < 0)
96 return r;
97
b47d419c
ZJS		 98 if (s != 1)
99 return -EINVAL;
bc6f2e7c
KS		 100
101 b = *(uint8_t *)v;
e78c250b 102 return !!b;
bc6f2e7c
KS		 103}
104
9df49b33
TG		 105bool is_efi_secure_boot(void) {
106 return read_flag("SecureBoot") > 0;
bc6f2e7c
KS		 107}
108
9df49b33
TG		 109bool is_efi_secure_boot_setup_mode(void) {
110 return read_flag("SetupMode") > 0;
bc6f2e7c
KS		 111}
112
5bdf2243 113int efi_reboot_to_firmware_supported(void) {
5bdf2243 114 _cleanup_free_ void *v = NULL;
e22c567f
LP		 115 uint64_t b;
116 size_t s;
117 int r;
5bdf2243 118
bb161cdc 119 if (!is_efi_boot())
5bdf2243
JJ		 120 return -EOPNOTSUPP;
121
122 r = efi_get_variable(EFI_VENDOR_GLOBAL, "OsIndicationsSupported", NULL, &v, &s);
846ab104
LP		 123 if (r == -ENOENT) /* variable doesn't exist? it's not supported then */
124 return -EOPNOTSUPP;
5bdf2243
JJ		 125 if (r < 0)
126 return r;
e22c567f 127 if (s != sizeof(uint64_t))
5bdf2243
JJ		 128 return -EINVAL;
129
e22c567f
LP		 130 b = *(uint64_t*) v;
131 if (!(b & EFI_OS_INDICATIONS_BOOT_TO_FW_UI))
132 return -EOPNOTSUPP; /* bit unset? it's not supported then */
133
134 return 0;
5bdf2243
JJ		 135}
136
137static int get_os_indications(uint64_t *os_indication) {
5bdf2243 138 _cleanup_free_ void *v = NULL;
e22c567f
LP		 139 size_t s;
140 int r;
5bdf2243 141
e78c250b 142 /* Let's verify general support first */
5bdf2243
JJ		 143 r = efi_reboot_to_firmware_supported();
144 if (r < 0)
145 return r;
146
147 r = efi_get_variable(EFI_VENDOR_GLOBAL, "OsIndications", NULL, &v, &s);
6b62bbbc 148 if (r == -ENOENT) {
e78c250b
LP		 149 /* Some firmware implementations that do support OsIndications and report that with
150 * OsIndicationsSupported will remove the OsIndications variable when it is unset. Let's pretend it's 0
151 * then, to hide this implementation detail. Note that this call will return -ENOENT then only if the
152 * support for OsIndications is missing entirely, as determined by efi_reboot_to_firmware_supported()
153 * above. */
6b62bbbc
LP		 154 *os_indication = 0;
155 return 0;
156 } else if (r < 0)
5bdf2243
JJ		 157 return r;
158 else if (s != sizeof(uint64_t))
159 return -EINVAL;
160
161 *os_indication = *(uint64_t *)v;
162 return 0;
163}
164
165int efi_get_reboot_to_firmware(void) {
166 int r;
167 uint64_t b;
168
169 r = get_os_indications(&b);
170 if (r < 0)
171 return r;
172
173 return !!(b & EFI_OS_INDICATIONS_BOOT_TO_FW_UI);
174}
175
176int efi_set_reboot_to_firmware(bool value) {
177 int r;
178 uint64_t b, b_new;
179
180 r = get_os_indications(&b);
181 if (r < 0)
182 return r;
183
184 if (value)
185 b_new = b | EFI_OS_INDICATIONS_BOOT_TO_FW_UI;
186 else
187 b_new = b & ~EFI_OS_INDICATIONS_BOOT_TO_FW_UI;
188
189 /* Avoid writing to efi vars store if we can due to firmware bugs. */
190 if (b != b_new)
191 return efi_set_variable(EFI_VENDOR_GLOBAL, "OsIndications", &b_new, sizeof(uint64_t));
192
193 return 0;
194}
195
9cde64ff
LP		 196int efi_get_variable(
197 sd_id128_t vendor,
198 const char *name,
199 uint32_t *attribute,
200 void **value,
201 size_t *size) {
202
2e3d0692
LP		 203 _cleanup_close_ int fd = -1;
204 _cleanup_free_ char *p = NULL;
205 uint32_t a;
206 ssize_t n;
207 struct stat st;
ad7bcf52 208 _cleanup_free_ void *buf = NULL;
2e3d0692
LP		 209
210 assert(name);
211 assert(value);
212 assert(size);
213
214 if (asprintf(&p,
215 "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
216 name, SD_ID128_FORMAT_VAL(vendor)) < 0)
217 return -ENOMEM;
218
219 fd = open(p, O_RDONLY|O_NOCTTY|O_CLOEXEC);
220 if (fd < 0)
221 return -errno;
222
223 if (fstat(fd, &st) < 0)
224 return -errno;
225 if (st.st_size < 4)
226 return -EIO;
227 if (st.st_size > 4*1024*1024 + 4)
228 return -E2BIG;
229
230 n = read(fd, &a, sizeof(a));
231 if (n < 0)
9cde64ff 232 return -errno;
2e3d0692
LP		 233 if (n != sizeof(a))
234 return -EIO;
235
0797f232
ZJS		 236 buf = malloc(st.st_size - 4 + 2);
237 if (!buf)
2e3d0692
LP		 238 return -ENOMEM;
239
0797f232
ZJS		 240 n = read(fd, buf, (size_t) st.st_size - 4);
241 if (n < 0)
742af54a 242 return -errno;
0797f232 243 if (n != (ssize_t) st.st_size - 4)
2e3d0692 244 return -EIO;
2e3d0692
LP		 245
246 /* Always NUL terminate (2 bytes, to protect UTF-16) */
0797f232
ZJS		 247 ((char*) buf)[st.st_size - 4] = 0;
248 ((char*) buf)[st.st_size - 4 + 1] = 0;
2e3d0692 249
ae2a15bc 250 *value = TAKE_PTR(buf);
ff47c895 251 *size = (size_t) st.st_size - 4;
2e3d0692
LP		 252
253 if (attribute)
254 *attribute = a;
255
256 return 0;
257}
258
cea72d53
LP		 259int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p) {
260 _cleanup_free_ void *s = NULL;
261 size_t ss = 0;
262 int r;
263 char *x;
264
265 r = efi_get_variable(vendor, name, NULL, &s, &ss);
266 if (r < 0)
267 return r;
268
269 x = utf16_to_utf8(s, ss);
270 if (!x)
271 return -ENOMEM;
272
273 *p = x;
274 return 0;
275}
276
0974a682
KS		 277int efi_set_variable(
278 sd_id128_t vendor,
279 const char *name,
280 const void *value,
281 size_t size) {
282
283 struct var {
284 uint32_t attr;
285 char buf[];
b7749eb5
ZJS		 286 } _packed_ * _cleanup_free_ buf = NULL;
287 _cleanup_free_ char *p = NULL;
288 _cleanup_close_ int fd = -1;
2c3bf278
LP		 289 bool saved_flags_valid = false;
290 unsigned saved_flags;
291 int r;
0974a682
KS		 292
293 assert(name);
e1e26566 294 assert(value || size == 0);
0974a682
KS		 295
296 if (asprintf(&p,
297 "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
298 name, SD_ID128_FORMAT_VAL(vendor)) < 0)
299 return -ENOMEM;
300
2c3bf278
LP		 301 /* Newer efivarfs protects variables that are not in a whitelist with FS_IMMUTABLE_FL by default, to protect
302 * them for accidental removal and modification. We are not changing these variables accidentally however,
303 * hence let's unset the bit first. */
304
305 r = chattr_path(p, 0, FS_IMMUTABLE_FL, &saved_flags);
306 if (r < 0 && r != -ENOENT)
307 log_debug_errno(r, "Failed to drop FS_IMMUTABLE_FL flag from '%s', ignoring: %m", p);
308
309 saved_flags_valid = r >= 0;
310
0974a682 311 if (size == 0) {
2c3bf278
LP		 312 if (unlink(p) < 0) {
313 r = -errno;
314 goto finish;
315 }
316
b7749eb5 317 return 0;
0974a682
KS		 318 }
319
320 fd = open(p, O_WRONLY|O_CREAT|O_NOCTTY|O_CLOEXEC, 0644);
2c3bf278
LP		 321 if (fd < 0) {
322 r = -errno;
323 goto finish;
324 }
0974a682
KS		 325
326 buf = malloc(sizeof(uint32_t) + size);
2c3bf278
LP		 327 if (!buf) {
328 r = -ENOMEM;
329 goto finish;
330 }
0974a682
KS		 331
332 buf->attr = EFI_VARIABLE_NON_VOLATILE|EFI_VARIABLE_BOOTSERVICE_ACCESS|EFI_VARIABLE_RUNTIME_ACCESS;
333 memcpy(buf->buf, value, size);
334
2c3bf278
LP		 335 r = loop_write(fd, buf, sizeof(uint32_t) + size, false);
336 if (r < 0)
337 goto finish;
338
339 r = 0;
340
341finish:
342 if (saved_flags_valid) {
343 int q;
344
345 /* Restore the original flags field, just in case */
346 if (fd < 0)
347 q = chattr_path(p, saved_flags, FS_IMMUTABLE_FL, NULL);
348 else
349 q = chattr_fd(fd, saved_flags, FS_IMMUTABLE_FL, NULL);
350 if (q < 0)
351 log_debug_errno(q, "Failed to restore FS_IMMUTABLE_FL on '%s', ignoring: %m", p);
352 }
353
354 return r;
0974a682
KS		 355}
356
cea72d53
LP		 357int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *v) {
358 _cleanup_free_ char16_t *u16 = NULL;
7b4d7cc0 359
cea72d53
LP		 360 u16 = utf8_to_utf16(v, strlen(v));
361 if (!u16)
9cde64ff
LP		 362 return -ENOMEM;
363
cea72d53 364 return efi_set_variable(vendor, name, u16, (char16_strlen(u16) + 1) * sizeof(char16_t));
7b4d7cc0
KS		 365}
366
f7cb1c79 367static ssize_t utf16_size(const uint16_t *s, size_t buf_len_bytes) {
7b4d7cc0
KS		 368 size_t l = 0;
369
f7cb1c79
ZJS		 370 /* Returns the size of the string in bytes without the terminating two zero bytes */
371
372 if (buf_len_bytes % sizeof(uint16_t) != 0)
373 return -EINVAL;
374
375 while (l < buf_len_bytes / sizeof(uint16_t)) {
376 if (s[l] == 0)
377 return (l + 1) * sizeof(uint16_t);
7b4d7cc0 378 l++;
f7cb1c79 379 }
9cde64ff 380
f7cb1c79 381 return -EINVAL; /* The terminator was not found */
7b4d7cc0
KS		 382}
383
3c7dddac
ZJS		 384struct guid {
385 uint32_t u1;
386 uint16_t u2;
387 uint16_t u3;
388 uint8_t u4[8];
389} _packed_;
390
7b4d7cc0 391static void efi_guid_to_id128(const void *guid, sd_id128_t *id128) {
3c7dddac
ZJS		 392 uint32_t u1;
393 uint16_t u2, u3;
394 const struct guid *uuid = guid;
395
396 memcpy(&u1, &uuid->u1, sizeof(uint32_t));
397 id128->bytes[0] = (u1 >> 24) & 0xff;
398 id128->bytes[1] = (u1 >> 16) & 0xff;
399 id128->bytes[2] = (u1 >> 8) & 0xff;
400 id128->bytes[3] = u1 & 0xff;
401 memcpy(&u2, &uuid->u2, sizeof(uint16_t));
402 id128->bytes[4] = (u2 >> 8) & 0xff;
403 id128->bytes[5] = u2 & 0xff;
404 memcpy(&u3, &uuid->u3, sizeof(uint16_t));
405 id128->bytes[6] = (u3 >> 8) & 0xff;
406 id128->bytes[7] = u3 & 0xff;
7b4d7cc0
KS		 407 memcpy(&id128->bytes[8], uuid->u4, sizeof(uuid->u4));
408}
409
9cde64ff
LP		 410int efi_get_boot_option(
411 uint16_t id,
412 char **title,
413 sd_id128_t *part_uuid,
0974a682
KS		 414 char **path,
415 bool *active) {
7b4d7cc0 416
9cde64ff
LP		 417 char boot_id[9];
418 _cleanup_free_ uint8_t *buf = NULL;
7b4d7cc0
KS		 419 size_t l;
420 struct boot_option *header;
f7cb1c79 421 ssize_t title_size;
b7749eb5 422 _cleanup_free_ char *s = NULL, *p = NULL;
7b4d7cc0 423 sd_id128_t p_uuid = SD_ID128_NULL;
a8436474 424 int r;
7b4d7cc0 425
337eed30
LP		 426 if (!is_efi_boot())
427 return -EOPNOTSUPP;
428
b7749eb5 429 xsprintf(boot_id, "Boot%04X", id);
a8436474
ZJS		 430 r = efi_get_variable(EFI_VENDOR_GLOBAL, boot_id, NULL, (void **)&buf, &l);
431 if (r < 0)
432 return r;
f7cb1c79 433 if (l < offsetof(struct boot_option, title))
7b4d7cc0
KS		 434 return -ENOENT;
435
436 header = (struct boot_option *)buf;
f7cb1c79
ZJS		 437 title_size = utf16_size(header->title, l - offsetof(struct boot_option, title));
438 if (title_size < 0)
439 return title_size;
7b4d7cc0 440
5483a186
ZJS		 441 if (title) {
442 s = utf16_to_utf8(header->title, title_size);
b7749eb5
ZJS		 443 if (!s)
444 return -ENOMEM;
7b4d7cc0
KS		 445 }
446
447 if (header->path_len > 0) {
9cde64ff 448 uint8_t *dbuf;
e7e36b90
DT		 449 size_t dnext, doff;
450
451 doff = offsetof(struct boot_option, title) + title_size;
452 dbuf = buf + doff;
453 if (header->path_len > l - doff)
454 return -EINVAL;
7b4d7cc0 455
7b4d7cc0
KS		 456 dnext = 0;
457 while (dnext < header->path_len) {
458 struct device_path *dpath;
459
460 dpath = (struct device_path *)(dbuf + dnext);
461 if (dpath->length < 4)
462 break;
463
464 /* Type 0x7F – End of Hardware Device Path, Sub-Type 0xFF – End Entire Device Path */
0974a682 465 if (dpath->type == END_DEVICE_PATH_TYPE && dpath->sub_type == END_ENTIRE_DEVICE_PATH_SUBTYPE)
7b4d7cc0
KS		 466 break;
467
468 dnext += dpath->length;
469
470 /* Type 0x04 – Media Device Path */
0974a682 471 if (dpath->type != MEDIA_DEVICE_PATH)
7b4d7cc0
KS		 472 continue;
473
474 /* Sub-Type 1 – Hard Drive */
0974a682 475 if (dpath->sub_type == MEDIA_HARDDRIVE_DP) {
7b4d7cc0 476 /* 0x02 – GUID Partition Table */
0974a682 477 if (dpath->drive.mbr_type != MBR_TYPE_EFI_PARTITION_TABLE_HEADER)
7b4d7cc0
KS		 478 continue;
479
480 /* 0x02 – GUID signature */
0974a682 481 if (dpath->drive.signature_type != SIGNATURE_TYPE_GUID)
7b4d7cc0
KS		 482 continue;
483
5483a186
ZJS		 484 if (part_uuid)
485 efi_guid_to_id128(dpath->drive.signature, &p_uuid);
7b4d7cc0
KS		 486 continue;
487 }
488
489 /* Sub-Type 4 – File Path */
0974a682 490 if (dpath->sub_type == MEDIA_FILEPATH_DP && !p && path) {
7b4d7cc0 491 p = utf16_to_utf8(dpath->path, dpath->length-4);
9db296fd
LP		 492 if (!p)
493 return -ENOMEM;
494
0974a682 495 efi_tilt_backslashes(p);
7b4d7cc0
KS		 496 continue;
497 }
498 }
499 }
500
1cc6c93a
YW		 501 if (title)
502 *title = TAKE_PTR(s);
7b4d7cc0
KS		 503 if (part_uuid)
504 *part_uuid = p_uuid;
1cc6c93a
YW		 505 if (path)
506 *path = TAKE_PTR(p);
0974a682 507 if (active)
0aa3b783 508 *active = !!(header->attr & LOAD_OPTION_ACTIVE);
9cde64ff 509
7b4d7cc0 510 return 0;
7b4d7cc0
KS		 511}
512
0974a682
KS		 513static void to_utf16(uint16_t *dest, const char *src) {
514 int i;
515
516 for (i = 0; src[i] != '\0'; i++)
517 dest[i] = src[i];
518 dest[i] = '\0';
519}
520
0974a682 521static void id128_to_efi_guid(sd_id128_t id, void *guid) {
3c7dddac
ZJS		 522 struct guid uuid = {
523 .u1 = id.bytes[0] << 24 | id.bytes[1] << 16 | id.bytes[2] << 8 | id.bytes[3],
524 .u2 = id.bytes[4] << 8 | id.bytes[5],
525 .u3 = id.bytes[6] << 8 | id.bytes[7],
526 };
527 memcpy(uuid.u4, id.bytes+8, sizeof(uuid.u4));
528 memcpy(guid, &uuid, sizeof(uuid));
0974a682
KS		 529}
530
531static uint16_t *tilt_slashes(uint16_t *s) {
532 uint16_t *p;
533
534 for (p = s; *p; p++)
535 if (*p == '/')
536 *p = '\\';
537
538 return s;
539}
540
337eed30
LP		 541int efi_add_boot_option(
542 uint16_t id,
543 const char *title,
544 uint32_t part,
545 uint64_t pstart,
546 uint64_t psize,
547 sd_id128_t part_uuid,
548 const char *path) {
549
550 size_t size, title_len, path_len;
551 _cleanup_free_ char *buf = NULL;
0974a682
KS		 552 struct boot_option *option;
553 struct device_path *devicep;
337eed30
LP		 554 char boot_id[9];
555
556 if (!is_efi_boot())
557 return -EOPNOTSUPP;
0974a682
KS		 558
559 title_len = (strlen(title)+1) * 2;
560 path_len = (strlen(path)+1) * 2;
561
f7cb1c79 562 buf = malloc0(offsetof(struct boot_option, title) + title_len +
e78c250b
LP		 563 sizeof(struct drive_path) +
564 sizeof(struct device_path) + path_len);
b7749eb5
ZJS		 565 if (!buf)
566 return -ENOMEM;
0974a682
KS		 567
568 /* header */
569 option = (struct boot_option *)buf;
570 option->attr = LOAD_OPTION_ACTIVE;
571 option->path_len = offsetof(struct device_path, drive) + sizeof(struct drive_path) +
572 offsetof(struct device_path, path) + path_len +
573 offsetof(struct device_path, path);
574 to_utf16(option->title, title);
575 size = offsetof(struct boot_option, title) + title_len;
576
577 /* partition info */
578 devicep = (struct device_path *)(buf + size);
579 devicep->type = MEDIA_DEVICE_PATH;
580 devicep->sub_type = MEDIA_HARDDRIVE_DP;
581 devicep->length = offsetof(struct device_path, drive) + sizeof(struct drive_path);
3c7dddac
ZJS		 582 memcpy(&devicep->drive.part_nr, &part, sizeof(uint32_t));
583 memcpy(&devicep->drive.part_start, &pstart, sizeof(uint64_t));
584 memcpy(&devicep->drive.part_size, &psize, sizeof(uint64_t));
0974a682 585 id128_to_efi_guid(part_uuid, devicep->drive.signature);
3c7dddac
ZJS		 586 devicep->drive.mbr_type = MBR_TYPE_EFI_PARTITION_TABLE_HEADER;
587 devicep->drive.signature_type = SIGNATURE_TYPE_GUID;
0974a682
KS		 588 size += devicep->length;
589
590 /* path to loader */
591 devicep = (struct device_path *)(buf + size);
592 devicep->type = MEDIA_DEVICE_PATH;
593 devicep->sub_type = MEDIA_FILEPATH_DP;
594 devicep->length = offsetof(struct device_path, path) + path_len;
595 to_utf16(devicep->path, path);
596 tilt_slashes(devicep->path);
597 size += devicep->length;
598
599 /* end of path */
600 devicep = (struct device_path *)(buf + size);
601 devicep->type = END_DEVICE_PATH_TYPE;
602 devicep->sub_type = END_ENTIRE_DEVICE_PATH_SUBTYPE;
603 devicep->length = offsetof(struct device_path, path);
604 size += devicep->length;
605
b7749eb5
ZJS		 606 xsprintf(boot_id, "Boot%04X", id);
607 return efi_set_variable(EFI_VENDOR_GLOBAL, boot_id, buf, size);
0974a682
KS		 608}
609
610int efi_remove_boot_option(uint16_t id) {
611 char boot_id[9];
612
337eed30
LP		 613 if (!is_efi_boot())
614 return -EOPNOTSUPP;
615
b7749eb5 616 xsprintf(boot_id, "Boot%04X", id);
0974a682
KS		 617 return efi_set_variable(EFI_VENDOR_GLOBAL, boot_id, NULL, 0);
618}
619
9cde64ff 620int efi_get_boot_order(uint16_t **order) {
0797f232 621 _cleanup_free_ void *buf = NULL;
7b4d7cc0 622 size_t l;
9cde64ff 623 int r;
7b4d7cc0 624
337eed30
LP		 625 if (!is_efi_boot())
626 return -EOPNOTSUPP;
627
9cde64ff
LP		 628 r = efi_get_variable(EFI_VENDOR_GLOBAL, "BootOrder", NULL, &buf, &l);
629 if (r < 0)
630 return r;
7b4d7cc0 631
0797f232 632 if (l <= 0)
7b4d7cc0 633 return -ENOENT;
7b4d7cc0 634
0797f232
ZJS		 635 if (l % sizeof(uint16_t) > 0 ||
636 l / sizeof(uint16_t) > INT_MAX)
7b4d7cc0 637 return -EINVAL;
7b4d7cc0 638
ae2a15bc 639 *order = TAKE_PTR(buf);
9cde64ff
LP		 640 return (int) (l / sizeof(uint16_t));
641}
642
0974a682 643int efi_set_boot_order(uint16_t *order, size_t n) {
337eed30
LP		 644
645 if (!is_efi_boot())
646 return -EOPNOTSUPP;
647
0974a682
KS		 648 return efi_set_variable(EFI_VENDOR_GLOBAL, "BootOrder", order, n * sizeof(uint16_t));
649}
650
3042bbeb 651static int boot_id_hex(const char s[static 4]) {
e78c250b 652 int id = 0, i;
4d34c495
KS		 653
654 for (i = 0; i < 4; i++)
655 if (s[i] >= '0' && s[i] <= '9')
656 id |= (s[i] - '0') << (3 - i) * 4;
657 else if (s[i] >= 'A' && s[i] <= 'F')
658 id |= (s[i] - 'A' + 10) << (3 - i) * 4;
659 else
7e8185ef 660 return -EINVAL;
4d34c495
KS		 661
662 return id;
663}
664
93bab288
YW		 665static int cmp_uint16(const uint16_t *a, const uint16_t *b) {
666 return CMP(*a, *b);
9db11a99
LP		 667}
668
9cde64ff
LP		 669int efi_get_boot_options(uint16_t **options) {
670 _cleanup_closedir_ DIR *dir = NULL;
b7749eb5 671 _cleanup_free_ uint16_t *list = NULL;
e78c250b 672 struct dirent *de;
7432b24b 673 size_t alloc = 0;
b7749eb5 674 int count = 0;
9cde64ff
LP		 675
676 assert(options);
677
337eed30
LP		 678 if (!is_efi_boot())
679 return -EOPNOTSUPP;
680
9cde64ff
LP		 681 dir = opendir("/sys/firmware/efi/efivars/");
682 if (!dir)
683 return -errno;
684
b7749eb5 685 FOREACH_DIRENT(de, dir, return -errno) {
4d34c495 686 int id;
9cde64ff
LP		 687
688 if (strncmp(de->d_name, "Boot", 4) != 0)
689 continue;
690
4d34c495 691 if (strlen(de->d_name) != 45)
9cde64ff
LP		 692 continue;
693
694 if (strcmp(de->d_name + 8, "-8be4df61-93ca-11d2-aa0d-00e098032b8c") != 0)
695 continue;
696
4d34c495
KS		 697 id = boot_id_hex(de->d_name + 4);
698 if (id < 0)
9cde64ff
LP		 699 continue;
700
7432b24b 701 if (!GREEDY_REALLOC(list, alloc, count + 1))
b7749eb5 702 return -ENOMEM;
9cde64ff 703
7432b24b 704 list[count++] = id;
9cde64ff
LP		 705 }
706
93bab288 707 typesafe_qsort(list, count, cmp_uint16);
9db11a99 708
1cc6c93a
YW		 709 *options = TAKE_PTR(list);
710
9cde64ff 711 return count;
7b4d7cc0
KS		 712}
713
5dbe9f53 714static int read_usec(sd_id128_t vendor, const char *name, usec_t *u) {
2e3d0692 715 _cleanup_free_ char *j = NULL;
2e3d0692 716 int r;
39883f62 717 uint64_t x = 0;
2e3d0692
LP		 718
719 assert(name);
720 assert(u);
721
61cc634b 722 r = efi_get_variable_string(EFI_VENDOR_LOADER, name, &j);
2e3d0692
LP		 723 if (r < 0)
724 return r;
725
2e3d0692
LP		 726 r = safe_atou64(j, &x);
727 if (r < 0)
728 return r;
729
5dbe9f53 730 *u = x;
2e3d0692
LP		 731 return 0;
732}
733
c51d84dc 734int efi_loader_get_boot_usec(usec_t *firmware, usec_t *loader) {
2e3d0692
LP		 735 uint64_t x, y;
736 int r;
2e3d0692
LP		 737
738 assert(firmware);
739 assert(loader);
740
337eed30
LP		 741 if (!is_efi_boot())
742 return -EOPNOTSUPP;
743
e9cea16d 744 r = read_usec(EFI_VENDOR_LOADER, "LoaderTimeInitUSec", &x);
2e3d0692
LP		 745 if (r < 0)
746 return r;
747
e9cea16d 748 r = read_usec(EFI_VENDOR_LOADER, "LoaderTimeExecUSec", &y);
2e3d0692
LP		 749 if (r < 0)
750 return r;
751
752 if (y == 0 || y < x)
753 return -EIO;
754
755 if (y > USEC_PER_HOUR)
756 return -EIO;
757
758 *firmware = x;
759 *loader = y;
760
761 return 0;
762}
763
c51d84dc 764int efi_loader_get_device_part_uuid(sd_id128_t *u) {
f4ce2b3e 765 _cleanup_free_ char *p = NULL;
f4ce2b3e 766 int r, parsed[16];
f4ce2b3e 767
337eed30
LP		 768 if (!is_efi_boot())
769 return -EOPNOTSUPP;
770
61cc634b 771 r = efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderDevicePartUUID", &p);
f4ce2b3e
LP		 772 if (r < 0)
773 return r;
774
f4ce2b3e
LP		 775 if (sscanf(p, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
776 &parsed[0], &parsed[1], &parsed[2], &parsed[3],
777 &parsed[4], &parsed[5], &parsed[6], &parsed[7],
778 &parsed[8], &parsed[9], &parsed[10], &parsed[11],
779 &parsed[12], &parsed[13], &parsed[14], &parsed[15]) != 16)
780 return -EIO;
781
73b80ec2
LP		 782 if (u) {
783 unsigned i;
784
785 for (i = 0; i < ELEMENTSOF(parsed); i++)
786 u->bytes[i] = parsed[i];
787 }
f4ce2b3e
LP		 788
789 return 0;
790}
b872e9a0 791
68d7c268
LP		 792bool efi_loader_entry_name_valid(const char *s) {
793 if (isempty(s))
794 return false;
795
796 if (strlen(s) > FILENAME_MAX) /* Make sure entry names fit in filenames */
797 return false;
798
799 return in_charset(s, ALPHANUMERICAL "-");
800}
801
bd2865ca
LP		 802int efi_loader_get_entries(char ***ret) {
803 _cleanup_free_ char16_t *entries = NULL;
804 _cleanup_strv_free_ char **l = NULL;
805 size_t size, i, start;
806 int r;
807
808 assert(ret);
809
810 if (!is_efi_boot())
811 return -EOPNOTSUPP;
812
813 r = efi_get_variable(EFI_VENDOR_LOADER, "LoaderEntries", NULL, (void**) &entries, &size);
814 if (r < 0)
815 return r;
816
817 /* The variable contains a series of individually NUL terminated UTF-16 strings. */
818
819 for (i = 0, start = 0;; i++) {
68d7c268 820 _cleanup_free_ char *decoded = NULL;
bd2865ca
LP		 821 bool end;
822
823 /* Is this the end of the variable's data? */
824 end = i * sizeof(char16_t) >= size;
825
826 /* Are we in the middle of a string? (i.e. not at the end of the variable, nor at a NUL terminator?) If
827 * so, let's go to the next entry. */
828 if (!end && entries[i] != 0)
829 continue;
830
831 /* We reached the end of a string, let's decode it into UTF-8 */
832 decoded = utf16_to_utf8(entries + start, (i - start) * sizeof(char16_t));
833 if (!decoded)
834 return -ENOMEM;
835
68d7c268
LP		 836 if (efi_loader_entry_name_valid(decoded)) {
837 r = strv_consume(&l, TAKE_PTR(decoded));
838 if (r < 0)
839 return r;
840 } else
841 log_debug("Ignoring invalid loader entry '%s'.", decoded);
bd2865ca
LP		 842
843 /* We reached the end of the variable */
844 if (end)
845 break;
846
847 /* Continue after the NUL byte */
848 start = i + 1;
849 }
850
851 *ret = TAKE_PTR(l);
852 return 0;
853}
854
80641a81
LP		 855int efi_loader_get_features(uint64_t *ret) {
856 _cleanup_free_ void *v = NULL;
857 size_t s;
858 int r;
859
860 if (!is_efi_boot()) {
861 *ret = 0;
862 return 0;
863 }
864
865 r = efi_get_variable(EFI_VENDOR_LOADER, "LoaderFeatures", NULL, &v, &s);
866 if (r == -ENOENT) {
867 _cleanup_free_ char *info = NULL;
868
869 /* The new (v240+) LoaderFeatures variable is not supported, let's see if it's systemd-boot at all */
870 r = efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderInfo", &info);
871 if (r < 0) {
872 if (r != -ENOENT)
873 return r;
874
875 /* Variable not set, definitely means not systemd-boot */
876
877 } else if (first_word(info, "systemd-boot")) {
878
879 /* An older systemd-boot version. Let's hardcode the feature set, since it was pretty
880 * static in all its versions. */
881
882 *ret = EFI_LOADER_FEATURE_CONFIG_TIMEOUT |
883 EFI_LOADER_FEATURE_ENTRY_DEFAULT |
884 EFI_LOADER_FEATURE_ENTRY_ONESHOT;
885
886 return 0;
887 }
888
889 /* No features supported */
890 *ret = 0;
891 return 0;
892 }
893 if (r < 0)
894 return r;
895
baaa35ad
ZJS		 896 if (s != sizeof(uint64_t))
897 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
898 "LoaderFeatures EFI variable doesn't have the right size.");
80641a81
LP		 899
900 memcpy(ret, v, sizeof(uint64_t));
901 return 0;
902}
6917857e 903
904#endif
905
906char *efi_tilt_backslashes(char *s) {
907 char *p;
908
909 for (p = s; *p; p++)
910 if (*p == '\\')
911 *p = '/';
912
913 return s;
914}
Unnamed repository; edit this file 'description' to name the repository.