1
// SPDX-License-Identifier: GPL-2.0-only
2
/*
3
 * Copyright (C) 2012 Red Hat, Inc.
4
 * Copyright (C) 2012 Jeremy Kerr <[email protected]>
5
 */
6

7
#include <linux/ctype.h>
8
#include <linux/efi.h>
9
#include <linux/fs.h>
10
#include <linux/fs_context.h>
11
#include <linux/fs_parser.h>
12
#include <linux/module.h>
13
#include <linux/pagemap.h>
14
#include <linux/ucs2_string.h>
15
#include <linux/slab.h>
16
#include <linux/suspend.h>
17
#include <linux/magic.h>
18
#include <linux/statfs.h>
19
#include <linux/notifier.h>
20
#include <linux/printk.h>
21
#include <linux/namei.h>
22

23
#include "internal.h"
24
#include "../internal.h"
25

26
static int efivarfs_ops_notifier(struct notifier_block *nb, unsigned long event,
27
				 void *data)
28
{
29
	struct efivarfs_fs_info *sfi = container_of(nb, struct efivarfs_fs_info, nb);
30

31
	switch (event) {
32
	case EFIVAR_OPS_RDONLY:
33
		sfi->sb->s_flags |= SB_RDONLY;
34
		break;
35
	case EFIVAR_OPS_RDWR:
36
		sfi->sb->s_flags &= ~SB_RDONLY;
37
		break;
38
	default:
39
		return NOTIFY_DONE;
40
	}
41

42
	return NOTIFY_OK;
43
}
44

45
static struct inode *efivarfs_alloc_inode(struct super_block *sb)
46
{
47
	struct efivar_entry *entry = kzalloc(sizeof(*entry), GFP_KERNEL);
48

49
	if (!entry)
50
		return NULL;
51

52
	inode_init_once(&entry->vfs_inode);
53
	entry->removed = false;
54

55
	return &entry->vfs_inode;
56
}
57

58
static void efivarfs_free_inode(struct inode *inode)
59
{
60
	struct efivar_entry *entry = efivar_entry(inode);
61

62
	kfree(entry);
63
}
64

65
static int efivarfs_show_options(struct seq_file *m, struct dentry *root)
66
{
67
	struct super_block *sb = root->d_sb;
68
	struct efivarfs_fs_info *sbi = sb->s_fs_info;
69
	struct efivarfs_mount_opts *opts = &sbi->mount_opts;
70

71
	if (!uid_eq(opts->uid, GLOBAL_ROOT_UID))
72
		seq_printf(m, ",uid=%u",
73
				from_kuid_munged(&init_user_ns, opts->uid));
74
	if (!gid_eq(opts->gid, GLOBAL_ROOT_GID))
75
		seq_printf(m, ",gid=%u",
76
				from_kgid_munged(&init_user_ns, opts->gid));
77
	return 0;
78
}
79

80
static int efivarfs_statfs(struct dentry *dentry, struct kstatfs *buf)
81
{
82
	const u32 attr = EFI_VARIABLE_NON_VOLATILE |
83
			 EFI_VARIABLE_BOOTSERVICE_ACCESS |
84
			 EFI_VARIABLE_RUNTIME_ACCESS;
85
	u64 storage_space, remaining_space, max_variable_size;
86
	u64 id = huge_encode_dev(dentry->d_sb->s_dev);
87
	efi_status_t status;
88

89
	/* Some UEFI firmware does not implement QueryVariableInfo() */
90
	storage_space = remaining_space = 0;
91
	if (efi_rt_services_supported(EFI_RT_SUPPORTED_QUERY_VARIABLE_INFO)) {
92
		status = efivar_query_variable_info(attr, &storage_space,
93
						    &remaining_space,
94
						    &max_variable_size);
95
		if (status != EFI_SUCCESS && status != EFI_UNSUPPORTED)
96
			pr_warn_ratelimited("query_variable_info() failed: 0x%lx\n",
97
					    status);
98
	}
99

100
	/*
101
	 * This is not a normal filesystem, so no point in pretending it has a block
102
	 * size; we declare f_bsize to 1, so that we can then report the exact value
103
	 * sent by EFI QueryVariableInfo in f_blocks and f_bfree
104
	 */
105
	buf->f_bsize	= 1;
106
	buf->f_namelen	= NAME_MAX;
107
	buf->f_blocks	= storage_space;
108
	buf->f_bfree	= remaining_space;
109
	buf->f_type	= dentry->d_sb->s_magic;
110
	buf->f_fsid	= u64_to_fsid(id);
111

112
	/*
113
	 * In f_bavail we declare the free space that the kernel will allow writing
114
	 * when the storage_paranoia x86 quirk is active. To use more, users
115
	 * should boot the kernel with efi_no_storage_paranoia.
116
	 */
117
	if (remaining_space > efivar_reserved_space())
118
		buf->f_bavail = remaining_space - efivar_reserved_space();
119
	else
120
		buf->f_bavail = 0;
121

122
	return 0;
123
}
124

125
static int efivarfs_freeze_fs(struct super_block *sb);
126
static int efivarfs_unfreeze_fs(struct super_block *sb);
127

128
static const struct super_operations efivarfs_ops = {
129
	.statfs = efivarfs_statfs,
130
	.drop_inode = inode_just_drop,
131
	.alloc_inode = efivarfs_alloc_inode,
132
	.free_inode = efivarfs_free_inode,
133
	.show_options = efivarfs_show_options,
134
	.freeze_fs = efivarfs_freeze_fs,
135
	.unfreeze_fs = efivarfs_unfreeze_fs,
136
};
137

138
/*
139
 * Compare two efivarfs file names.
140
 *
141
 * An efivarfs filename is composed of two parts,
142
 *
143
 *	1. A case-sensitive variable name
144
 *	2. A case-insensitive GUID
145
 *
146
 * So we need to perform a case-sensitive match on part 1 and a
147
 * case-insensitive match on part 2.
148
 */
149
static int efivarfs_d_compare(const struct dentry *dentry,
150
			      unsigned int len, const char *str,
151
			      const struct qstr *name)
152
{
153
	int guid = len - EFI_VARIABLE_GUID_LEN;
154

155
	/* Parallel lookups may produce a temporary invalid filename */
156
	if (guid <= 0)
157
		return 1;
158

159
	if (name->len != len)
160
		return 1;
161

162
	/* Case-sensitive compare for the variable name */
163
	if (memcmp(str, name->name, guid))
164
		return 1;
165

166
	/* Case-insensitive compare for the GUID */
167
	return strncasecmp(name->name + guid, str + guid, EFI_VARIABLE_GUID_LEN);
168
}
169

170
static int efivarfs_d_hash(const struct dentry *dentry, struct qstr *qstr)
171
{
172
	unsigned long hash = init_name_hash(dentry);
173
	const unsigned char *s = qstr->name;
174
	unsigned int len = qstr->len;
175

176
	while (len-- > EFI_VARIABLE_GUID_LEN)
177
		hash = partial_name_hash(*s++, hash);
178

179
	/* GUID is case-insensitive. */
180
	while (len--)
181
		hash = partial_name_hash(tolower(*s++), hash);
182

183
	qstr->hash = end_name_hash(hash);
184
	return 0;
185
}
186

187
static const struct dentry_operations efivarfs_d_ops = {
188
	.d_compare = efivarfs_d_compare,
189
	.d_hash = efivarfs_d_hash,
190
};
191

192
static struct dentry *efivarfs_alloc_dentry(struct dentry *parent, char *name)
193
{
194
	struct dentry *d;
195
	struct qstr q;
196
	int err;
197

198
	q.name = name;
199
	q.len = strlen(name);
200

201
	err = efivarfs_d_hash(parent, &q);
202
	if (err)
203
		return ERR_PTR(err);
204

205
	d = d_alloc(parent, &q);
206
	if (d)
207
		return d;
208

209
	return ERR_PTR(-ENOMEM);
210
}
211

212
bool efivarfs_variable_is_present(efi_char16_t *variable_name,
213
				  efi_guid_t *vendor, void *data)
214
{
215
	char *name = efivar_get_utf8name(variable_name, vendor);
216
	struct super_block *sb = data;
217
	struct dentry *dentry;
218

219
	if (!name)
220
		/*
221
		 * If the allocation failed there'll already be an
222
		 * error in the log (and likely a huge and growing
223
		 * number of them since they system will be under
224
		 * extreme memory pressure), so simply assume
225
		 * collision for safety but don't add to the log
226
		 * flood.
227
		 */
228
		return true;
229

230
	dentry = try_lookup_noperm(&QSTR(name), sb->s_root);
231
	kfree(name);
232
	if (!IS_ERR_OR_NULL(dentry))
233
		dput(dentry);
234

235
	return dentry != NULL;
236
}
237

238
static int efivarfs_create_dentry(struct super_block *sb, efi_char16_t *name16,
239
				  unsigned long name_size, efi_guid_t vendor,
240
				  char *name)
241
{
242
	struct efivar_entry *entry;
243
	struct inode *inode;
244
	struct dentry *dentry, *root = sb->s_root;
245
	unsigned long size = 0;
246
	int len;
247
	int err = -ENOMEM;
248
	bool is_removable = false;
249

250
	/* length of the variable name itself: remove GUID and separator */
251
	len = strlen(name) - EFI_VARIABLE_GUID_LEN - 1;
252

253
	if (efivar_variable_is_removable(vendor, name, len))
254
		is_removable = true;
255

256
	inode = efivarfs_get_inode(sb, d_inode(root), S_IFREG | 0644, 0,
257
				   is_removable);
258
	if (!inode)
259
		goto fail_name;
260

261
	entry = efivar_entry(inode);
262

263
	memcpy(entry->var.VariableName, name16, name_size);
264
	memcpy(&(entry->var.VendorGuid), &vendor, sizeof(efi_guid_t));
265

266
	dentry = efivarfs_alloc_dentry(root, name);
267
	if (IS_ERR(dentry)) {
268
		err = PTR_ERR(dentry);
269
		goto fail_inode;
270
	}
271

272
	__efivar_entry_get(entry, NULL, &size, NULL);
273

274
	/* copied by the above to local storage in the dentry. */
275
	kfree(name);
276

277
	inode_lock(inode);
278
	inode->i_private = entry;
279
	i_size_write(inode, size + sizeof(__u32)); /* attributes + data */
280
	inode_unlock(inode);
281
	d_make_persistent(dentry, inode);
282
	dput(dentry);
283

284
	return 0;
285

286
fail_inode:
287
	iput(inode);
288
fail_name:
289
	kfree(name);
290

291
	return err;
292
}
293

294
static int efivarfs_callback(efi_char16_t *name16, efi_guid_t vendor,
295
			     unsigned long name_size, void *data)
296
{
297
	struct super_block *sb = (struct super_block *)data;
298
	char *name;
299

300
	if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID))
301
		return 0;
302

303
	name = efivar_get_utf8name(name16, &vendor);
304
	if (!name)
305
		return -ENOMEM;
306

307
	return efivarfs_create_dentry(sb, name16, name_size, vendor, name);
308
}
309

310
enum {
311
	Opt_uid, Opt_gid,
312
};
313

314
static const struct fs_parameter_spec efivarfs_parameters[] = {
315
	fsparam_uid("uid", Opt_uid),
316
	fsparam_gid("gid", Opt_gid),
317
	{},
318
};
319

320
static int efivarfs_parse_param(struct fs_context *fc, struct fs_parameter *param)
321
{
322
	struct efivarfs_fs_info *sbi = fc->s_fs_info;
323
	struct efivarfs_mount_opts *opts = &sbi->mount_opts;
324
	struct fs_parse_result result;
325
	int opt;
326

327
	opt = fs_parse(fc, efivarfs_parameters, param, &result);
328
	if (opt < 0)
329
		return opt;
330

331
	switch (opt) {
332
	case Opt_uid:
333
		opts->uid = result.uid;
334
		break;
335
	case Opt_gid:
336
		opts->gid = result.gid;
337
		break;
338
	default:
339
		return -EINVAL;
340
	}
341

342
	return 0;
343
}
344

345
static int efivarfs_fill_super(struct super_block *sb, struct fs_context *fc)
346
{
347
	struct efivarfs_fs_info *sfi = sb->s_fs_info;
348
	struct inode *inode = NULL;
349
	struct dentry *root;
350
	int err;
351

352
	sb->s_maxbytes          = MAX_LFS_FILESIZE;
353
	sb->s_blocksize         = PAGE_SIZE;
354
	sb->s_blocksize_bits    = PAGE_SHIFT;
355
	sb->s_magic             = EFIVARFS_MAGIC;
356
	sb->s_op                = &efivarfs_ops;
357
	set_default_d_op(sb, &efivarfs_d_ops);
358
	sb->s_d_flags |= DCACHE_DONTCACHE;
359
	sb->s_time_gran         = 1;
360

361
	if (!efivar_supports_writes())
362
		sb->s_flags |= SB_RDONLY;
363

364
	inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0, true);
365
	if (!inode)
366
		return -ENOMEM;
367
	inode->i_op = &efivarfs_dir_inode_operations;
368

369
	root = d_make_root(inode);
370
	sb->s_root = root;
371
	if (!root)
372
		return -ENOMEM;
373

374
	sfi->sb = sb;
375
	sfi->nb.notifier_call = efivarfs_ops_notifier;
376
	err = blocking_notifier_chain_register(&efivar_ops_nh, &sfi->nb);
377
	if (err)
378
		return err;
379

380
	return efivar_init(efivarfs_callback, sb, true);
381
}
382

383
static int efivarfs_get_tree(struct fs_context *fc)
384
{
385
	return get_tree_single(fc, efivarfs_fill_super);
386
}
387

388
static int efivarfs_reconfigure(struct fs_context *fc)
389
{
390
	if (!efivar_supports_writes() && !(fc->sb_flags & SB_RDONLY)) {
391
		pr_err("Firmware does not support SetVariableRT. Can not remount with rw\n");
392
		return -EINVAL;
393
	}
394

395
	return 0;
396
}
397

398
static void efivarfs_free(struct fs_context *fc)
399
{
400
	kfree(fc->s_fs_info);
401
}
402

403
static const struct fs_context_operations efivarfs_context_ops = {
404
	.get_tree	= efivarfs_get_tree,
405
	.parse_param	= efivarfs_parse_param,
406
	.reconfigure	= efivarfs_reconfigure,
407
	.free		= efivarfs_free,
408
};
409

410
static int efivarfs_check_missing(efi_char16_t *name16, efi_guid_t vendor,
411
				  unsigned long name_size, void *data)
412
{
413
	char *name;
414
	struct super_block *sb = data;
415
	struct dentry *dentry;
416
	int err;
417

418
	if (guid_equal(&vendor, &LINUX_EFI_RANDOM_SEED_TABLE_GUID))
419
		return 0;
420

421
	name = efivar_get_utf8name(name16, &vendor);
422
	if (!name)
423
		return -ENOMEM;
424

425
	dentry = try_lookup_noperm(&QSTR(name), sb->s_root);
426
	if (IS_ERR(dentry)) {
427
		err = PTR_ERR(dentry);
428
		goto out;
429
	}
430

431
	if (!dentry) {
432
		/* found missing entry */
433
		pr_info("efivarfs: creating variable %s\n", name);
434
		return efivarfs_create_dentry(sb, name16, name_size, vendor, name);
435
	}
436

437
	dput(dentry);
438
	err = 0;
439

440
 out:
441
	kfree(name);
442

443
	return err;
444
}
445

446
static struct file_system_type efivarfs_type;
447

448
static int efivarfs_freeze_fs(struct super_block *sb)
449
{
450
	/* Nothing for us to do. */
451
	return 0;
452
}
453

454
static int efivarfs_unfreeze_fs(struct super_block *sb)
455
{
456
	struct dentry *child = NULL;
457

458
	/*
459
	 * Unconditionally resync the variable state on a thaw request.
460
	 * Given the size of efivarfs it really doesn't matter to simply
461
	 * iterate through all of the entries and resync. Freeze/thaw
462
	 * requests are rare enough for that to not matter and the
463
	 * number of entries is pretty low too. So we really don't care.
464
	 */
465
	pr_info("efivarfs: resyncing variable state\n");
466
	for (;;) {
467
		int err;
468
		unsigned long size = 0;
469
		struct inode *inode;
470
		struct efivar_entry *entry;
471

472
		child = find_next_child(sb->s_root, child);
473
		if (!child)
474
			break;
475

476
		inode = d_inode(child);
477
		entry = efivar_entry(inode);
478

479
		err = efivar_entry_size(entry, &size);
480
		if (err)
481
			size = 0;
482
		else
483
			size += sizeof(__u32);
484

485
		inode_lock(inode);
486
		i_size_write(inode, size);
487
		inode_unlock(inode);
488

489
		/* The variable doesn't exist anymore, delete it. */
490
		if (!size) {
491
			pr_info("efivarfs: removing variable %pd\n", child);
492
			simple_recursive_removal(child, NULL);
493
		}
494
	}
495

496
	efivar_init(efivarfs_check_missing, sb, false);
497
	pr_info("efivarfs: finished resyncing variable state\n");
498
	return 0;
499
}
500

501
static int efivarfs_init_fs_context(struct fs_context *fc)
502
{
503
	struct efivarfs_fs_info *sfi;
504

505
	if (!efivar_is_available())
506
		return -EOPNOTSUPP;
507

508
	sfi = kzalloc(sizeof(*sfi), GFP_KERNEL);
509
	if (!sfi)
510
		return -ENOMEM;
511

512
	sfi->mount_opts.uid = GLOBAL_ROOT_UID;
513
	sfi->mount_opts.gid = GLOBAL_ROOT_GID;
514

515
	fc->s_fs_info = sfi;
516
	fc->ops = &efivarfs_context_ops;
517

518
	return 0;
519
}
520

521
static void efivarfs_kill_sb(struct super_block *sb)
522
{
523
	struct efivarfs_fs_info *sfi = sb->s_fs_info;
524

525
	blocking_notifier_chain_unregister(&efivar_ops_nh, &sfi->nb);
526
	kill_anon_super(sb);
527

528
	kfree(sfi);
529
}
530

531
static struct file_system_type efivarfs_type = {
532
	.owner   = THIS_MODULE,
533
	.name    = "efivarfs",
534
	.init_fs_context = efivarfs_init_fs_context,
535
	.kill_sb = efivarfs_kill_sb,
536
	.parameters = efivarfs_parameters,
537
	.fs_flags = FS_POWER_FREEZE,
538
};
539

540
static __init int efivarfs_init(void)
541
{
542
	return register_filesystem(&efivarfs_type);
543
}
544

545
static __exit void efivarfs_exit(void)
546
{
547
	unregister_filesystem(&efivarfs_type);
548
}
549

550
MODULE_AUTHOR("Matthew Garrett, Jeremy Kerr");
551
MODULE_DESCRIPTION("EFI Variable Filesystem");
552
MODULE_LICENSE("GPL");
553
MODULE_ALIAS_FS("efivarfs");
554

555
module_init(efivarfs_init);
556
module_exit(efivarfs_exit);
557

558