]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
2e3d0692 | 2 | |
a8fbdf54 TA |
3 | #include <dirent.h> |
4 | #include <errno.h> | |
2e3d0692 | 5 | #include <fcntl.h> |
a8fbdf54 | 6 | #include <limits.h> |
2c3bf278 | 7 | #include <linux/fs.h> |
a8fbdf54 TA |
8 | #include <stdio.h> |
9 | #include <stdlib.h> | |
cf0fbc49 | 10 | #include <string.h> |
a8fbdf54 | 11 | #include <sys/stat.h> |
cf0fbc49 | 12 | #include <unistd.h> |
2e3d0692 | 13 | |
a8fbdf54 TA |
14 | #include "sd-id128.h" |
15 | ||
b5efdb8a | 16 | #include "alloc-util.h" |
2c3bf278 | 17 | #include "chattr-util.h" |
a0956174 | 18 | #include "dirent-util.h" |
3ffd4af2 LP |
19 | #include "efivars.h" |
20 | #include "fd-util.h" | |
c004493c | 21 | #include "io-util.h" |
a8fbdf54 | 22 | #include "macro.h" |
6bedfcbb | 23 | #include "parse-util.h" |
15a5e950 | 24 | #include "stdio-util.h" |
bd2865ca | 25 | #include "strv.h" |
a8fbdf54 | 26 | #include "time-util.h" |
2e3d0692 | 27 | #include "utf8.h" |
3ffd4af2 | 28 | #include "util.h" |
5bdf2243 | 29 | #include "virt.h" |
2e3d0692 | 30 | |
349cc4a5 | 31 | #if ENABLE_EFI |
b872e9a0 | 32 | |
0974a682 KS |
33 | #define LOAD_OPTION_ACTIVE 0x00000001 |
34 | #define MEDIA_DEVICE_PATH 0x04 | |
35 | #define MEDIA_HARDDRIVE_DP 0x01 | |
36 | #define MEDIA_FILEPATH_DP 0x04 | |
37 | #define SIGNATURE_TYPE_GUID 0x02 | |
38 | #define MBR_TYPE_EFI_PARTITION_TABLE_HEADER 0x02 | |
39 | #define END_DEVICE_PATH_TYPE 0x7f | |
40 | #define END_ENTIRE_DEVICE_PATH_SUBTYPE 0xff | |
5bdf2243 | 41 | #define EFI_OS_INDICATIONS_BOOT_TO_FW_UI 0x0000000000000001 |
0974a682 | 42 | |
f7cb1c79 ZJS |
43 | #define boot_option__contents { \ |
44 | uint32_t attr; \ | |
45 | uint16_t path_len; \ | |
46 | uint16_t title[]; \ | |
47 | } | |
48 | ||
49 | struct boot_option boot_option__contents; | |
50 | struct boot_option__packed boot_option__contents _packed_; | |
51 | assert_cc(offsetof(struct boot_option, title) == offsetof(struct boot_option__packed, title)); | |
52 | /* sizeof(struct boot_option) != sizeof(struct boot_option__packed), so | |
53 | * the *size* of the structure should not be used anywhere below. */ | |
0974a682 KS |
54 | |
55 | struct drive_path { | |
56 | uint32_t part_nr; | |
57 | uint64_t part_start; | |
58 | uint64_t part_size; | |
59 | char signature[16]; | |
60 | uint8_t mbr_type; | |
61 | uint8_t signature_type; | |
885fdebc | 62 | } _packed_; |
0974a682 | 63 | |
3c7dddac ZJS |
64 | #define device_path__contents { \ |
65 | uint8_t type; \ | |
66 | uint8_t sub_type; \ | |
67 | uint16_t length; \ | |
68 | union { \ | |
69 | uint16_t path[0]; \ | |
70 | struct drive_path drive; \ | |
71 | }; \ | |
72 | } | |
73 | ||
74 | struct device_path device_path__contents; | |
75 | struct device_path__packed device_path__contents _packed_; | |
76 | assert_cc(sizeof(struct device_path) == sizeof(struct device_path__packed)); | |
0974a682 | 77 | |
9cde64ff | 78 | bool is_efi_boot(void) { |
bb161cdc LP |
79 | if (detect_container() > 0) |
80 | return false; | |
81 | ||
82 | return access("/sys/firmware/efi/", F_OK) >= 0; | |
34e5a31e LP |
83 | } |
84 | ||
bc6f2e7c | 85 | static int read_flag(const char *varname) { |
b47d419c | 86 | _cleanup_free_ void *v = NULL; |
bc6f2e7c | 87 | uint8_t b; |
e22c567f LP |
88 | size_t s; |
89 | int r; | |
bc6f2e7c | 90 | |
337eed30 LP |
91 | if (!is_efi_boot()) /* If this is not an EFI boot, assume the queried flags are zero */ |
92 | return 0; | |
93 | ||
bc6f2e7c KS |
94 | r = efi_get_variable(EFI_VENDOR_GLOBAL, varname, NULL, &v, &s); |
95 | if (r < 0) | |
96 | return r; | |
97 | ||
b47d419c ZJS |
98 | if (s != 1) |
99 | return -EINVAL; | |
bc6f2e7c KS |
100 | |
101 | b = *(uint8_t *)v; | |
e78c250b | 102 | return !!b; |
bc6f2e7c KS |
103 | } |
104 | ||
9df49b33 TG |
105 | bool is_efi_secure_boot(void) { |
106 | return read_flag("SecureBoot") > 0; | |
bc6f2e7c KS |
107 | } |
108 | ||
9df49b33 TG |
109 | bool is_efi_secure_boot_setup_mode(void) { |
110 | return read_flag("SetupMode") > 0; | |
bc6f2e7c KS |
111 | } |
112 | ||
5bdf2243 | 113 | int efi_reboot_to_firmware_supported(void) { |
5bdf2243 | 114 | _cleanup_free_ void *v = NULL; |
e22c567f LP |
115 | uint64_t b; |
116 | size_t s; | |
117 | int r; | |
5bdf2243 | 118 | |
bb161cdc | 119 | if (!is_efi_boot()) |
5bdf2243 JJ |
120 | return -EOPNOTSUPP; |
121 | ||
122 | r = efi_get_variable(EFI_VENDOR_GLOBAL, "OsIndicationsSupported", NULL, &v, &s); | |
846ab104 LP |
123 | if (r == -ENOENT) /* variable doesn't exist? it's not supported then */ |
124 | return -EOPNOTSUPP; | |
5bdf2243 JJ |
125 | if (r < 0) |
126 | return r; | |
e22c567f | 127 | if (s != sizeof(uint64_t)) |
5bdf2243 JJ |
128 | return -EINVAL; |
129 | ||
e22c567f LP |
130 | b = *(uint64_t*) v; |
131 | if (!(b & EFI_OS_INDICATIONS_BOOT_TO_FW_UI)) | |
132 | return -EOPNOTSUPP; /* bit unset? it's not supported then */ | |
133 | ||
134 | return 0; | |
5bdf2243 JJ |
135 | } |
136 | ||
137 | static int get_os_indications(uint64_t *os_indication) { | |
5bdf2243 | 138 | _cleanup_free_ void *v = NULL; |
e22c567f LP |
139 | size_t s; |
140 | int r; | |
5bdf2243 | 141 | |
e78c250b | 142 | /* Let's verify general support first */ |
5bdf2243 JJ |
143 | r = efi_reboot_to_firmware_supported(); |
144 | if (r < 0) | |
145 | return r; | |
146 | ||
147 | r = efi_get_variable(EFI_VENDOR_GLOBAL, "OsIndications", NULL, &v, &s); | |
6b62bbbc | 148 | if (r == -ENOENT) { |
e78c250b LP |
149 | /* Some firmware implementations that do support OsIndications and report that with |
150 | * OsIndicationsSupported will remove the OsIndications variable when it is unset. Let's pretend it's 0 | |
151 | * then, to hide this implementation detail. Note that this call will return -ENOENT then only if the | |
152 | * support for OsIndications is missing entirely, as determined by efi_reboot_to_firmware_supported() | |
153 | * above. */ | |
6b62bbbc LP |
154 | *os_indication = 0; |
155 | return 0; | |
156 | } else if (r < 0) | |
5bdf2243 JJ |
157 | return r; |
158 | else if (s != sizeof(uint64_t)) | |
159 | return -EINVAL; | |
160 | ||
161 | *os_indication = *(uint64_t *)v; | |
162 | return 0; | |
163 | } | |
164 | ||
165 | int efi_get_reboot_to_firmware(void) { | |
166 | int r; | |
167 | uint64_t b; | |
168 | ||
169 | r = get_os_indications(&b); | |
170 | if (r < 0) | |
171 | return r; | |
172 | ||
173 | return !!(b & EFI_OS_INDICATIONS_BOOT_TO_FW_UI); | |
174 | } | |
175 | ||
176 | int efi_set_reboot_to_firmware(bool value) { | |
177 | int r; | |
178 | uint64_t b, b_new; | |
179 | ||
180 | r = get_os_indications(&b); | |
181 | if (r < 0) | |
182 | return r; | |
183 | ||
184 | if (value) | |
185 | b_new = b | EFI_OS_INDICATIONS_BOOT_TO_FW_UI; | |
186 | else | |
187 | b_new = b & ~EFI_OS_INDICATIONS_BOOT_TO_FW_UI; | |
188 | ||
189 | /* Avoid writing to efi vars store if we can due to firmware bugs. */ | |
190 | if (b != b_new) | |
191 | return efi_set_variable(EFI_VENDOR_GLOBAL, "OsIndications", &b_new, sizeof(uint64_t)); | |
192 | ||
193 | return 0; | |
194 | } | |
195 | ||
9cde64ff LP |
196 | int efi_get_variable( |
197 | sd_id128_t vendor, | |
198 | const char *name, | |
199 | uint32_t *attribute, | |
200 | void **value, | |
201 | size_t *size) { | |
202 | ||
2e3d0692 LP |
203 | _cleanup_close_ int fd = -1; |
204 | _cleanup_free_ char *p = NULL; | |
205 | uint32_t a; | |
206 | ssize_t n; | |
207 | struct stat st; | |
ad7bcf52 | 208 | _cleanup_free_ void *buf = NULL; |
2e3d0692 LP |
209 | |
210 | assert(name); | |
211 | assert(value); | |
212 | assert(size); | |
213 | ||
214 | if (asprintf(&p, | |
215 | "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", | |
216 | name, SD_ID128_FORMAT_VAL(vendor)) < 0) | |
217 | return -ENOMEM; | |
218 | ||
219 | fd = open(p, O_RDONLY|O_NOCTTY|O_CLOEXEC); | |
220 | if (fd < 0) | |
221 | return -errno; | |
222 | ||
223 | if (fstat(fd, &st) < 0) | |
224 | return -errno; | |
225 | if (st.st_size < 4) | |
226 | return -EIO; | |
227 | if (st.st_size > 4*1024*1024 + 4) | |
228 | return -E2BIG; | |
229 | ||
230 | n = read(fd, &a, sizeof(a)); | |
231 | if (n < 0) | |
9cde64ff | 232 | return -errno; |
2e3d0692 LP |
233 | if (n != sizeof(a)) |
234 | return -EIO; | |
235 | ||
0797f232 ZJS |
236 | buf = malloc(st.st_size - 4 + 2); |
237 | if (!buf) | |
2e3d0692 LP |
238 | return -ENOMEM; |
239 | ||
0797f232 ZJS |
240 | n = read(fd, buf, (size_t) st.st_size - 4); |
241 | if (n < 0) | |
742af54a | 242 | return -errno; |
0797f232 | 243 | if (n != (ssize_t) st.st_size - 4) |
2e3d0692 | 244 | return -EIO; |
2e3d0692 LP |
245 | |
246 | /* Always NUL terminate (2 bytes, to protect UTF-16) */ | |
0797f232 ZJS |
247 | ((char*) buf)[st.st_size - 4] = 0; |
248 | ((char*) buf)[st.st_size - 4 + 1] = 0; | |
2e3d0692 | 249 | |
ae2a15bc | 250 | *value = TAKE_PTR(buf); |
ff47c895 | 251 | *size = (size_t) st.st_size - 4; |
2e3d0692 LP |
252 | |
253 | if (attribute) | |
254 | *attribute = a; | |
255 | ||
256 | return 0; | |
257 | } | |
258 | ||
cea72d53 LP |
259 | int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p) { |
260 | _cleanup_free_ void *s = NULL; | |
261 | size_t ss = 0; | |
262 | int r; | |
263 | char *x; | |
264 | ||
265 | r = efi_get_variable(vendor, name, NULL, &s, &ss); | |
266 | if (r < 0) | |
267 | return r; | |
268 | ||
269 | x = utf16_to_utf8(s, ss); | |
270 | if (!x) | |
271 | return -ENOMEM; | |
272 | ||
273 | *p = x; | |
274 | return 0; | |
275 | } | |
276 | ||
0974a682 KS |
277 | int efi_set_variable( |
278 | sd_id128_t vendor, | |
279 | const char *name, | |
280 | const void *value, | |
281 | size_t size) { | |
282 | ||
283 | struct var { | |
284 | uint32_t attr; | |
285 | char buf[]; | |
b7749eb5 ZJS |
286 | } _packed_ * _cleanup_free_ buf = NULL; |
287 | _cleanup_free_ char *p = NULL; | |
288 | _cleanup_close_ int fd = -1; | |
2c3bf278 LP |
289 | bool saved_flags_valid = false; |
290 | unsigned saved_flags; | |
291 | int r; | |
0974a682 KS |
292 | |
293 | assert(name); | |
e1e26566 | 294 | assert(value || size == 0); |
0974a682 KS |
295 | |
296 | if (asprintf(&p, | |
297 | "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", | |
298 | name, SD_ID128_FORMAT_VAL(vendor)) < 0) | |
299 | return -ENOMEM; | |
300 | ||
2c3bf278 LP |
301 | /* Newer efivarfs protects variables that are not in a whitelist with FS_IMMUTABLE_FL by default, to protect |
302 | * them for accidental removal and modification. We are not changing these variables accidentally however, | |
303 | * hence let's unset the bit first. */ | |
304 | ||
305 | r = chattr_path(p, 0, FS_IMMUTABLE_FL, &saved_flags); | |
306 | if (r < 0 && r != -ENOENT) | |
307 | log_debug_errno(r, "Failed to drop FS_IMMUTABLE_FL flag from '%s', ignoring: %m", p); | |
308 | ||
309 | saved_flags_valid = r >= 0; | |
310 | ||
0974a682 | 311 | if (size == 0) { |
2c3bf278 LP |
312 | if (unlink(p) < 0) { |
313 | r = -errno; | |
314 | goto finish; | |
315 | } | |
316 | ||
b7749eb5 | 317 | return 0; |
0974a682 KS |
318 | } |
319 | ||
320 | fd = open(p, O_WRONLY|O_CREAT|O_NOCTTY|O_CLOEXEC, 0644); | |
2c3bf278 LP |
321 | if (fd < 0) { |
322 | r = -errno; | |
323 | goto finish; | |
324 | } | |
0974a682 KS |
325 | |
326 | buf = malloc(sizeof(uint32_t) + size); | |
2c3bf278 LP |
327 | if (!buf) { |
328 | r = -ENOMEM; | |
329 | goto finish; | |
330 | } | |
0974a682 KS |
331 | |
332 | buf->attr = EFI_VARIABLE_NON_VOLATILE|EFI_VARIABLE_BOOTSERVICE_ACCESS|EFI_VARIABLE_RUNTIME_ACCESS; | |
333 | memcpy(buf->buf, value, size); | |
334 | ||
2c3bf278 LP |
335 | r = loop_write(fd, buf, sizeof(uint32_t) + size, false); |
336 | if (r < 0) | |
337 | goto finish; | |
338 | ||
339 | r = 0; | |
340 | ||
341 | finish: | |
342 | if (saved_flags_valid) { | |
343 | int q; | |
344 | ||
345 | /* Restore the original flags field, just in case */ | |
346 | if (fd < 0) | |
347 | q = chattr_path(p, saved_flags, FS_IMMUTABLE_FL, NULL); | |
348 | else | |
349 | q = chattr_fd(fd, saved_flags, FS_IMMUTABLE_FL, NULL); | |
350 | if (q < 0) | |
351 | log_debug_errno(q, "Failed to restore FS_IMMUTABLE_FL on '%s', ignoring: %m", p); | |
352 | } | |
353 | ||
354 | return r; | |
0974a682 KS |
355 | } |
356 | ||
cea72d53 LP |
357 | int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *v) { |
358 | _cleanup_free_ char16_t *u16 = NULL; | |
7b4d7cc0 | 359 | |
cea72d53 LP |
360 | u16 = utf8_to_utf16(v, strlen(v)); |
361 | if (!u16) | |
9cde64ff LP |
362 | return -ENOMEM; |
363 | ||
cea72d53 | 364 | return efi_set_variable(vendor, name, u16, (char16_strlen(u16) + 1) * sizeof(char16_t)); |
7b4d7cc0 KS |
365 | } |
366 | ||
f7cb1c79 | 367 | static ssize_t utf16_size(const uint16_t *s, size_t buf_len_bytes) { |
7b4d7cc0 KS |
368 | size_t l = 0; |
369 | ||
f7cb1c79 ZJS |
370 | /* Returns the size of the string in bytes without the terminating two zero bytes */ |
371 | ||
372 | if (buf_len_bytes % sizeof(uint16_t) != 0) | |
373 | return -EINVAL; | |
374 | ||
375 | while (l < buf_len_bytes / sizeof(uint16_t)) { | |
376 | if (s[l] == 0) | |
377 | return (l + 1) * sizeof(uint16_t); | |
7b4d7cc0 | 378 | l++; |
f7cb1c79 | 379 | } |
9cde64ff | 380 | |
f7cb1c79 | 381 | return -EINVAL; /* The terminator was not found */ |
7b4d7cc0 KS |
382 | } |
383 | ||
3c7dddac ZJS |
384 | struct guid { |
385 | uint32_t u1; | |
386 | uint16_t u2; | |
387 | uint16_t u3; | |
388 | uint8_t u4[8]; | |
389 | } _packed_; | |
390 | ||
7b4d7cc0 | 391 | static void efi_guid_to_id128(const void *guid, sd_id128_t *id128) { |
3c7dddac ZJS |
392 | uint32_t u1; |
393 | uint16_t u2, u3; | |
394 | const struct guid *uuid = guid; | |
395 | ||
396 | memcpy(&u1, &uuid->u1, sizeof(uint32_t)); | |
397 | id128->bytes[0] = (u1 >> 24) & 0xff; | |
398 | id128->bytes[1] = (u1 >> 16) & 0xff; | |
399 | id128->bytes[2] = (u1 >> 8) & 0xff; | |
400 | id128->bytes[3] = u1 & 0xff; | |
401 | memcpy(&u2, &uuid->u2, sizeof(uint16_t)); | |
402 | id128->bytes[4] = (u2 >> 8) & 0xff; | |
403 | id128->bytes[5] = u2 & 0xff; | |
404 | memcpy(&u3, &uuid->u3, sizeof(uint16_t)); | |
405 | id128->bytes[6] = (u3 >> 8) & 0xff; | |
406 | id128->bytes[7] = u3 & 0xff; | |
7b4d7cc0 KS |
407 | memcpy(&id128->bytes[8], uuid->u4, sizeof(uuid->u4)); |
408 | } | |
409 | ||
9cde64ff LP |
410 | int efi_get_boot_option( |
411 | uint16_t id, | |
412 | char **title, | |
413 | sd_id128_t *part_uuid, | |
0974a682 KS |
414 | char **path, |
415 | bool *active) { | |
7b4d7cc0 | 416 | |
9cde64ff LP |
417 | char boot_id[9]; |
418 | _cleanup_free_ uint8_t *buf = NULL; | |
7b4d7cc0 KS |
419 | size_t l; |
420 | struct boot_option *header; | |
f7cb1c79 | 421 | ssize_t title_size; |
b7749eb5 | 422 | _cleanup_free_ char *s = NULL, *p = NULL; |
7b4d7cc0 | 423 | sd_id128_t p_uuid = SD_ID128_NULL; |
a8436474 | 424 | int r; |
7b4d7cc0 | 425 | |
337eed30 LP |
426 | if (!is_efi_boot()) |
427 | return -EOPNOTSUPP; | |
428 | ||
b7749eb5 | 429 | xsprintf(boot_id, "Boot%04X", id); |
a8436474 ZJS |
430 | r = efi_get_variable(EFI_VENDOR_GLOBAL, boot_id, NULL, (void **)&buf, &l); |
431 | if (r < 0) | |
432 | return r; | |
f7cb1c79 | 433 | if (l < offsetof(struct boot_option, title)) |
7b4d7cc0 KS |
434 | return -ENOENT; |
435 | ||
436 | header = (struct boot_option *)buf; | |
f7cb1c79 ZJS |
437 | title_size = utf16_size(header->title, l - offsetof(struct boot_option, title)); |
438 | if (title_size < 0) | |
439 | return title_size; | |
7b4d7cc0 | 440 | |
5483a186 ZJS |
441 | if (title) { |
442 | s = utf16_to_utf8(header->title, title_size); | |
b7749eb5 ZJS |
443 | if (!s) |
444 | return -ENOMEM; | |
7b4d7cc0 KS |
445 | } |
446 | ||
447 | if (header->path_len > 0) { | |
9cde64ff | 448 | uint8_t *dbuf; |
e7e36b90 DT |
449 | size_t dnext, doff; |
450 | ||
451 | doff = offsetof(struct boot_option, title) + title_size; | |
452 | dbuf = buf + doff; | |
453 | if (header->path_len > l - doff) | |
454 | return -EINVAL; | |
7b4d7cc0 | 455 | |
7b4d7cc0 KS |
456 | dnext = 0; |
457 | while (dnext < header->path_len) { | |
458 | struct device_path *dpath; | |
459 | ||
460 | dpath = (struct device_path *)(dbuf + dnext); | |
461 | if (dpath->length < 4) | |
462 | break; | |
463 | ||
464 | /* Type 0x7F – End of Hardware Device Path, Sub-Type 0xFF – End Entire Device Path */ | |
0974a682 | 465 | if (dpath->type == END_DEVICE_PATH_TYPE && dpath->sub_type == END_ENTIRE_DEVICE_PATH_SUBTYPE) |
7b4d7cc0 KS |
466 | break; |
467 | ||
468 | dnext += dpath->length; | |
469 | ||
470 | /* Type 0x04 – Media Device Path */ | |
0974a682 | 471 | if (dpath->type != MEDIA_DEVICE_PATH) |
7b4d7cc0 KS |
472 | continue; |
473 | ||
474 | /* Sub-Type 1 – Hard Drive */ | |
0974a682 | 475 | if (dpath->sub_type == MEDIA_HARDDRIVE_DP) { |
7b4d7cc0 | 476 | /* 0x02 – GUID Partition Table */ |
0974a682 | 477 | if (dpath->drive.mbr_type != MBR_TYPE_EFI_PARTITION_TABLE_HEADER) |
7b4d7cc0 KS |
478 | continue; |
479 | ||
480 | /* 0x02 – GUID signature */ | |
0974a682 | 481 | if (dpath->drive.signature_type != SIGNATURE_TYPE_GUID) |
7b4d7cc0 KS |
482 | continue; |
483 | ||
5483a186 ZJS |
484 | if (part_uuid) |
485 | efi_guid_to_id128(dpath->drive.signature, &p_uuid); | |
7b4d7cc0 KS |
486 | continue; |
487 | } | |
488 | ||
489 | /* Sub-Type 4 – File Path */ | |
0974a682 | 490 | if (dpath->sub_type == MEDIA_FILEPATH_DP && !p && path) { |
7b4d7cc0 | 491 | p = utf16_to_utf8(dpath->path, dpath->length-4); |
9db296fd LP |
492 | if (!p) |
493 | return -ENOMEM; | |
494 | ||
0974a682 | 495 | efi_tilt_backslashes(p); |
7b4d7cc0 KS |
496 | continue; |
497 | } | |
498 | } | |
499 | } | |
500 | ||
1cc6c93a YW |
501 | if (title) |
502 | *title = TAKE_PTR(s); | |
7b4d7cc0 KS |
503 | if (part_uuid) |
504 | *part_uuid = p_uuid; | |
1cc6c93a YW |
505 | if (path) |
506 | *path = TAKE_PTR(p); | |
0974a682 | 507 | if (active) |
0aa3b783 | 508 | *active = !!(header->attr & LOAD_OPTION_ACTIVE); |
9cde64ff | 509 | |
7b4d7cc0 | 510 | return 0; |
7b4d7cc0 KS |
511 | } |
512 | ||
0974a682 KS |
513 | static void to_utf16(uint16_t *dest, const char *src) { |
514 | int i; | |
515 | ||
516 | for (i = 0; src[i] != '\0'; i++) | |
517 | dest[i] = src[i]; | |
518 | dest[i] = '\0'; | |
519 | } | |
520 | ||
0974a682 | 521 | static void id128_to_efi_guid(sd_id128_t id, void *guid) { |
3c7dddac ZJS |
522 | struct guid uuid = { |
523 | .u1 = id.bytes[0] << 24 | id.bytes[1] << 16 | id.bytes[2] << 8 | id.bytes[3], | |
524 | .u2 = id.bytes[4] << 8 | id.bytes[5], | |
525 | .u3 = id.bytes[6] << 8 | id.bytes[7], | |
526 | }; | |
527 | memcpy(uuid.u4, id.bytes+8, sizeof(uuid.u4)); | |
528 | memcpy(guid, &uuid, sizeof(uuid)); | |
0974a682 KS |
529 | } |
530 | ||
531 | static uint16_t *tilt_slashes(uint16_t *s) { | |
532 | uint16_t *p; | |
533 | ||
534 | for (p = s; *p; p++) | |
535 | if (*p == '/') | |
536 | *p = '\\'; | |
537 | ||
538 | return s; | |
539 | } | |
540 | ||
337eed30 LP |
541 | int efi_add_boot_option( |
542 | uint16_t id, | |
543 | const char *title, | |
544 | uint32_t part, | |
545 | uint64_t pstart, | |
546 | uint64_t psize, | |
547 | sd_id128_t part_uuid, | |
548 | const char *path) { | |
549 | ||
550 | size_t size, title_len, path_len; | |
551 | _cleanup_free_ char *buf = NULL; | |
0974a682 KS |
552 | struct boot_option *option; |
553 | struct device_path *devicep; | |
337eed30 LP |
554 | char boot_id[9]; |
555 | ||
556 | if (!is_efi_boot()) | |
557 | return -EOPNOTSUPP; | |
0974a682 KS |
558 | |
559 | title_len = (strlen(title)+1) * 2; | |
560 | path_len = (strlen(path)+1) * 2; | |
561 | ||
f7cb1c79 | 562 | buf = malloc0(offsetof(struct boot_option, title) + title_len + |
e78c250b LP |
563 | sizeof(struct drive_path) + |
564 | sizeof(struct device_path) + path_len); | |
b7749eb5 ZJS |
565 | if (!buf) |
566 | return -ENOMEM; | |
0974a682 KS |
567 | |
568 | /* header */ | |
569 | option = (struct boot_option *)buf; | |
570 | option->attr = LOAD_OPTION_ACTIVE; | |
571 | option->path_len = offsetof(struct device_path, drive) + sizeof(struct drive_path) + | |
572 | offsetof(struct device_path, path) + path_len + | |
573 | offsetof(struct device_path, path); | |
574 | to_utf16(option->title, title); | |
575 | size = offsetof(struct boot_option, title) + title_len; | |
576 | ||
577 | /* partition info */ | |
578 | devicep = (struct device_path *)(buf + size); | |
579 | devicep->type = MEDIA_DEVICE_PATH; | |
580 | devicep->sub_type = MEDIA_HARDDRIVE_DP; | |
581 | devicep->length = offsetof(struct device_path, drive) + sizeof(struct drive_path); | |
3c7dddac ZJS |
582 | memcpy(&devicep->drive.part_nr, &part, sizeof(uint32_t)); |
583 | memcpy(&devicep->drive.part_start, &pstart, sizeof(uint64_t)); | |
584 | memcpy(&devicep->drive.part_size, &psize, sizeof(uint64_t)); | |
0974a682 | 585 | id128_to_efi_guid(part_uuid, devicep->drive.signature); |
3c7dddac ZJS |
586 | devicep->drive.mbr_type = MBR_TYPE_EFI_PARTITION_TABLE_HEADER; |
587 | devicep->drive.signature_type = SIGNATURE_TYPE_GUID; | |
0974a682 KS |
588 | size += devicep->length; |
589 | ||
590 | /* path to loader */ | |
591 | devicep = (struct device_path *)(buf + size); | |
592 | devicep->type = MEDIA_DEVICE_PATH; | |
593 | devicep->sub_type = MEDIA_FILEPATH_DP; | |
594 | devicep->length = offsetof(struct device_path, path) + path_len; | |
595 | to_utf16(devicep->path, path); | |
596 | tilt_slashes(devicep->path); | |
597 | size += devicep->length; | |
598 | ||
599 | /* end of path */ | |
600 | devicep = (struct device_path *)(buf + size); | |
601 | devicep->type = END_DEVICE_PATH_TYPE; | |
602 | devicep->sub_type = END_ENTIRE_DEVICE_PATH_SUBTYPE; | |
603 | devicep->length = offsetof(struct device_path, path); | |
604 | size += devicep->length; | |
605 | ||
b7749eb5 ZJS |
606 | xsprintf(boot_id, "Boot%04X", id); |
607 | return efi_set_variable(EFI_VENDOR_GLOBAL, boot_id, buf, size); | |
0974a682 KS |
608 | } |
609 | ||
610 | int efi_remove_boot_option(uint16_t id) { | |
611 | char boot_id[9]; | |
612 | ||
337eed30 LP |
613 | if (!is_efi_boot()) |
614 | return -EOPNOTSUPP; | |
615 | ||
b7749eb5 | 616 | xsprintf(boot_id, "Boot%04X", id); |
0974a682 KS |
617 | return efi_set_variable(EFI_VENDOR_GLOBAL, boot_id, NULL, 0); |
618 | } | |
619 | ||
9cde64ff | 620 | int efi_get_boot_order(uint16_t **order) { |
0797f232 | 621 | _cleanup_free_ void *buf = NULL; |
7b4d7cc0 | 622 | size_t l; |
9cde64ff | 623 | int r; |
7b4d7cc0 | 624 | |
337eed30 LP |
625 | if (!is_efi_boot()) |
626 | return -EOPNOTSUPP; | |
627 | ||
9cde64ff LP |
628 | r = efi_get_variable(EFI_VENDOR_GLOBAL, "BootOrder", NULL, &buf, &l); |
629 | if (r < 0) | |
630 | return r; | |
7b4d7cc0 | 631 | |
0797f232 | 632 | if (l <= 0) |
7b4d7cc0 | 633 | return -ENOENT; |
7b4d7cc0 | 634 | |
0797f232 ZJS |
635 | if (l % sizeof(uint16_t) > 0 || |
636 | l / sizeof(uint16_t) > INT_MAX) | |
7b4d7cc0 | 637 | return -EINVAL; |
7b4d7cc0 | 638 | |
ae2a15bc | 639 | *order = TAKE_PTR(buf); |
9cde64ff LP |
640 | return (int) (l / sizeof(uint16_t)); |
641 | } | |
642 | ||
0974a682 | 643 | int efi_set_boot_order(uint16_t *order, size_t n) { |
337eed30 LP |
644 | |
645 | if (!is_efi_boot()) | |
646 | return -EOPNOTSUPP; | |
647 | ||
0974a682 KS |
648 | return efi_set_variable(EFI_VENDOR_GLOBAL, "BootOrder", order, n * sizeof(uint16_t)); |
649 | } | |
650 | ||
3042bbeb | 651 | static int boot_id_hex(const char s[static 4]) { |
e78c250b | 652 | int id = 0, i; |
4d34c495 KS |
653 | |
654 | for (i = 0; i < 4; i++) | |
655 | if (s[i] >= '0' && s[i] <= '9') | |
656 | id |= (s[i] - '0') << (3 - i) * 4; | |
657 | else if (s[i] >= 'A' && s[i] <= 'F') | |
658 | id |= (s[i] - 'A' + 10) << (3 - i) * 4; | |
659 | else | |
7e8185ef | 660 | return -EINVAL; |
4d34c495 KS |
661 | |
662 | return id; | |
663 | } | |
664 | ||
93bab288 YW |
665 | static int cmp_uint16(const uint16_t *a, const uint16_t *b) { |
666 | return CMP(*a, *b); | |
9db11a99 LP |
667 | } |
668 | ||
9cde64ff LP |
669 | int efi_get_boot_options(uint16_t **options) { |
670 | _cleanup_closedir_ DIR *dir = NULL; | |
b7749eb5 | 671 | _cleanup_free_ uint16_t *list = NULL; |
e78c250b | 672 | struct dirent *de; |
7432b24b | 673 | size_t alloc = 0; |
b7749eb5 | 674 | int count = 0; |
9cde64ff LP |
675 | |
676 | assert(options); | |
677 | ||
337eed30 LP |
678 | if (!is_efi_boot()) |
679 | return -EOPNOTSUPP; | |
680 | ||
9cde64ff LP |
681 | dir = opendir("/sys/firmware/efi/efivars/"); |
682 | if (!dir) | |
683 | return -errno; | |
684 | ||
b7749eb5 | 685 | FOREACH_DIRENT(de, dir, return -errno) { |
4d34c495 | 686 | int id; |
9cde64ff LP |
687 | |
688 | if (strncmp(de->d_name, "Boot", 4) != 0) | |
689 | continue; | |
690 | ||
4d34c495 | 691 | if (strlen(de->d_name) != 45) |
9cde64ff LP |
692 | continue; |
693 | ||
694 | if (strcmp(de->d_name + 8, "-8be4df61-93ca-11d2-aa0d-00e098032b8c") != 0) | |
695 | continue; | |
696 | ||
4d34c495 KS |
697 | id = boot_id_hex(de->d_name + 4); |
698 | if (id < 0) | |
9cde64ff LP |
699 | continue; |
700 | ||
7432b24b | 701 | if (!GREEDY_REALLOC(list, alloc, count + 1)) |
b7749eb5 | 702 | return -ENOMEM; |
9cde64ff | 703 | |
7432b24b | 704 | list[count++] = id; |
9cde64ff LP |
705 | } |
706 | ||
93bab288 | 707 | typesafe_qsort(list, count, cmp_uint16); |
9db11a99 | 708 | |
1cc6c93a YW |
709 | *options = TAKE_PTR(list); |
710 | ||
9cde64ff | 711 | return count; |
7b4d7cc0 KS |
712 | } |
713 | ||
5dbe9f53 | 714 | static int read_usec(sd_id128_t vendor, const char *name, usec_t *u) { |
2e3d0692 | 715 | _cleanup_free_ char *j = NULL; |
2e3d0692 | 716 | int r; |
39883f62 | 717 | uint64_t x = 0; |
2e3d0692 LP |
718 | |
719 | assert(name); | |
720 | assert(u); | |
721 | ||
61cc634b | 722 | r = efi_get_variable_string(EFI_VENDOR_LOADER, name, &j); |
2e3d0692 LP |
723 | if (r < 0) |
724 | return r; | |
725 | ||
2e3d0692 LP |
726 | r = safe_atou64(j, &x); |
727 | if (r < 0) | |
728 | return r; | |
729 | ||
5dbe9f53 | 730 | *u = x; |
2e3d0692 LP |
731 | return 0; |
732 | } | |
733 | ||
c51d84dc | 734 | int efi_loader_get_boot_usec(usec_t *firmware, usec_t *loader) { |
2e3d0692 LP |
735 | uint64_t x, y; |
736 | int r; | |
2e3d0692 LP |
737 | |
738 | assert(firmware); | |
739 | assert(loader); | |
740 | ||
337eed30 LP |
741 | if (!is_efi_boot()) |
742 | return -EOPNOTSUPP; | |
743 | ||
e9cea16d | 744 | r = read_usec(EFI_VENDOR_LOADER, "LoaderTimeInitUSec", &x); |
2e3d0692 LP |
745 | if (r < 0) |
746 | return r; | |
747 | ||
e9cea16d | 748 | r = read_usec(EFI_VENDOR_LOADER, "LoaderTimeExecUSec", &y); |
2e3d0692 LP |
749 | if (r < 0) |
750 | return r; | |
751 | ||
752 | if (y == 0 || y < x) | |
753 | return -EIO; | |
754 | ||
755 | if (y > USEC_PER_HOUR) | |
756 | return -EIO; | |
757 | ||
758 | *firmware = x; | |
759 | *loader = y; | |
760 | ||
761 | return 0; | |
762 | } | |
763 | ||
c51d84dc | 764 | int efi_loader_get_device_part_uuid(sd_id128_t *u) { |
f4ce2b3e | 765 | _cleanup_free_ char *p = NULL; |
f4ce2b3e | 766 | int r, parsed[16]; |
f4ce2b3e | 767 | |
337eed30 LP |
768 | if (!is_efi_boot()) |
769 | return -EOPNOTSUPP; | |
770 | ||
61cc634b | 771 | r = efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderDevicePartUUID", &p); |
f4ce2b3e LP |
772 | if (r < 0) |
773 | return r; | |
774 | ||
f4ce2b3e LP |
775 | if (sscanf(p, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", |
776 | &parsed[0], &parsed[1], &parsed[2], &parsed[3], | |
777 | &parsed[4], &parsed[5], &parsed[6], &parsed[7], | |
778 | &parsed[8], &parsed[9], &parsed[10], &parsed[11], | |
779 | &parsed[12], &parsed[13], &parsed[14], &parsed[15]) != 16) | |
780 | return -EIO; | |
781 | ||
73b80ec2 LP |
782 | if (u) { |
783 | unsigned i; | |
784 | ||
785 | for (i = 0; i < ELEMENTSOF(parsed); i++) | |
786 | u->bytes[i] = parsed[i]; | |
787 | } | |
f4ce2b3e LP |
788 | |
789 | return 0; | |
790 | } | |
b872e9a0 | 791 | |
68d7c268 LP |
792 | bool efi_loader_entry_name_valid(const char *s) { |
793 | if (isempty(s)) | |
794 | return false; | |
795 | ||
796 | if (strlen(s) > FILENAME_MAX) /* Make sure entry names fit in filenames */ | |
797 | return false; | |
798 | ||
799 | return in_charset(s, ALPHANUMERICAL "-"); | |
800 | } | |
801 | ||
bd2865ca LP |
802 | int efi_loader_get_entries(char ***ret) { |
803 | _cleanup_free_ char16_t *entries = NULL; | |
804 | _cleanup_strv_free_ char **l = NULL; | |
805 | size_t size, i, start; | |
806 | int r; | |
807 | ||
808 | assert(ret); | |
809 | ||
810 | if (!is_efi_boot()) | |
811 | return -EOPNOTSUPP; | |
812 | ||
813 | r = efi_get_variable(EFI_VENDOR_LOADER, "LoaderEntries", NULL, (void**) &entries, &size); | |
814 | if (r < 0) | |
815 | return r; | |
816 | ||
817 | /* The variable contains a series of individually NUL terminated UTF-16 strings. */ | |
818 | ||
819 | for (i = 0, start = 0;; i++) { | |
68d7c268 | 820 | _cleanup_free_ char *decoded = NULL; |
bd2865ca LP |
821 | bool end; |
822 | ||
823 | /* Is this the end of the variable's data? */ | |
824 | end = i * sizeof(char16_t) >= size; | |
825 | ||
826 | /* Are we in the middle of a string? (i.e. not at the end of the variable, nor at a NUL terminator?) If | |
827 | * so, let's go to the next entry. */ | |
828 | if (!end && entries[i] != 0) | |
829 | continue; | |
830 | ||
831 | /* We reached the end of a string, let's decode it into UTF-8 */ | |
832 | decoded = utf16_to_utf8(entries + start, (i - start) * sizeof(char16_t)); | |
833 | if (!decoded) | |
834 | return -ENOMEM; | |
835 | ||
68d7c268 LP |
836 | if (efi_loader_entry_name_valid(decoded)) { |
837 | r = strv_consume(&l, TAKE_PTR(decoded)); | |
838 | if (r < 0) | |
839 | return r; | |
840 | } else | |
841 | log_debug("Ignoring invalid loader entry '%s'.", decoded); | |
bd2865ca LP |
842 | |
843 | /* We reached the end of the variable */ | |
844 | if (end) | |
845 | break; | |
846 | ||
847 | /* Continue after the NUL byte */ | |
848 | start = i + 1; | |
849 | } | |
850 | ||
851 | *ret = TAKE_PTR(l); | |
852 | return 0; | |
853 | } | |
854 | ||
80641a81 LP |
855 | int efi_loader_get_features(uint64_t *ret) { |
856 | _cleanup_free_ void *v = NULL; | |
857 | size_t s; | |
858 | int r; | |
859 | ||
860 | if (!is_efi_boot()) { | |
861 | *ret = 0; | |
862 | return 0; | |
863 | } | |
864 | ||
865 | r = efi_get_variable(EFI_VENDOR_LOADER, "LoaderFeatures", NULL, &v, &s); | |
866 | if (r == -ENOENT) { | |
867 | _cleanup_free_ char *info = NULL; | |
868 | ||
869 | /* The new (v240+) LoaderFeatures variable is not supported, let's see if it's systemd-boot at all */ | |
870 | r = efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderInfo", &info); | |
871 | if (r < 0) { | |
872 | if (r != -ENOENT) | |
873 | return r; | |
874 | ||
875 | /* Variable not set, definitely means not systemd-boot */ | |
876 | ||
877 | } else if (first_word(info, "systemd-boot")) { | |
878 | ||
879 | /* An older systemd-boot version. Let's hardcode the feature set, since it was pretty | |
880 | * static in all its versions. */ | |
881 | ||
882 | *ret = EFI_LOADER_FEATURE_CONFIG_TIMEOUT | | |
883 | EFI_LOADER_FEATURE_ENTRY_DEFAULT | | |
884 | EFI_LOADER_FEATURE_ENTRY_ONESHOT; | |
885 | ||
886 | return 0; | |
887 | } | |
888 | ||
889 | /* No features supported */ | |
890 | *ret = 0; | |
891 | return 0; | |
892 | } | |
893 | if (r < 0) | |
894 | return r; | |
895 | ||
baaa35ad ZJS |
896 | if (s != sizeof(uint64_t)) |
897 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), | |
898 | "LoaderFeatures EFI variable doesn't have the right size."); | |
80641a81 LP |
899 | |
900 | memcpy(ret, v, sizeof(uint64_t)); | |
901 | return 0; | |
902 | } | |
6917857e | 903 | |
904 | #endif | |
905 | ||
906 | char *efi_tilt_backslashes(char *s) { | |
907 | char *p; | |
908 | ||
909 | for (p = s; *p; p++) | |
910 | if (*p == '\\') | |
911 | *p = '/'; | |
912 | ||
913 | return s; | |
914 | } |