Linux 5.1.15
[linux/fpc-iii.git] / drivers / firmware / efi / test / efi_test.c
blob877745c3aaf2833fed62659aa38c52c0f3b2eb1c
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * EFI Test Driver for Runtime Services
5 * Copyright(C) 2012-2016 Canonical Ltd.
7 * This driver exports EFI runtime services interfaces into userspace, which
8 * allow to use and test UEFI runtime services provided by firmware.
12 #include <linux/miscdevice.h>
13 #include <linux/module.h>
14 #include <linux/init.h>
15 #include <linux/proc_fs.h>
16 #include <linux/efi.h>
17 #include <linux/slab.h>
18 #include <linux/uaccess.h>
20 #include "efi_test.h"
22 MODULE_AUTHOR("Ivan Hu <ivan.hu@canonical.com>");
23 MODULE_DESCRIPTION("EFI Test Driver");
24 MODULE_LICENSE("GPL");
27 * Count the bytes in 'str', including the terminating NULL.
29 * Note this function returns the number of *bytes*, not the number of
30 * ucs2 characters.
32 static inline size_t user_ucs2_strsize(efi_char16_t __user *str)
34 efi_char16_t *s = str, c;
35 size_t len;
37 if (!str)
38 return 0;
40 /* Include terminating NULL */
41 len = sizeof(efi_char16_t);
43 if (get_user(c, s++)) {
44 /* Can't read userspace memory for size */
45 return 0;
48 while (c != 0) {
49 if (get_user(c, s++)) {
50 /* Can't read userspace memory for size */
51 return 0;
53 len += sizeof(efi_char16_t);
55 return len;
59 * Allocate a buffer and copy a ucs2 string from user space into it.
61 static inline int
62 copy_ucs2_from_user_len(efi_char16_t **dst, efi_char16_t __user *src,
63 size_t len)
65 efi_char16_t *buf;
67 if (!src) {
68 *dst = NULL;
69 return 0;
72 if (!access_ok(src, 1))
73 return -EFAULT;
75 buf = memdup_user(src, len);
76 if (IS_ERR(buf)) {
77 *dst = NULL;
78 return PTR_ERR(buf);
80 *dst = buf;
82 return 0;
86 * Count the bytes in 'str', including the terminating NULL.
88 * Just a wrap for user_ucs2_strsize
90 static inline int
91 get_ucs2_strsize_from_user(efi_char16_t __user *src, size_t *len)
93 if (!access_ok(src, 1))
94 return -EFAULT;
96 *len = user_ucs2_strsize(src);
97 if (*len == 0)
98 return -EFAULT;
100 return 0;
104 * Calculate the required buffer allocation size and copy a ucs2 string
105 * from user space into it.
107 * This function differs from copy_ucs2_from_user_len() because it
108 * calculates the size of the buffer to allocate by taking the length of
109 * the string 'src'.
111 * If a non-zero value is returned, the caller MUST NOT access 'dst'.
113 * It is the caller's responsibility to free 'dst'.
115 static inline int
116 copy_ucs2_from_user(efi_char16_t **dst, efi_char16_t __user *src)
118 size_t len;
120 if (!access_ok(src, 1))
121 return -EFAULT;
123 len = user_ucs2_strsize(src);
124 if (len == 0)
125 return -EFAULT;
126 return copy_ucs2_from_user_len(dst, src, len);
130 * Copy a ucs2 string to a user buffer.
132 * This function is a simple wrapper around copy_to_user() that does
133 * nothing if 'src' is NULL, which is useful for reducing the amount of
134 * NULL checking the caller has to do.
136 * 'len' specifies the number of bytes to copy.
138 static inline int
139 copy_ucs2_to_user_len(efi_char16_t __user *dst, efi_char16_t *src, size_t len)
141 if (!src)
142 return 0;
144 if (!access_ok(dst, 1))
145 return -EFAULT;
147 return copy_to_user(dst, src, len);
150 static long efi_runtime_get_variable(unsigned long arg)
152 struct efi_getvariable __user *getvariable_user;
153 struct efi_getvariable getvariable;
154 unsigned long datasize = 0, prev_datasize, *dz;
155 efi_guid_t vendor_guid, *vd = NULL;
156 efi_status_t status;
157 efi_char16_t *name = NULL;
158 u32 attr, *at;
159 void *data = NULL;
160 int rv = 0;
162 getvariable_user = (struct efi_getvariable __user *)arg;
164 if (copy_from_user(&getvariable, getvariable_user,
165 sizeof(getvariable)))
166 return -EFAULT;
167 if (getvariable.data_size &&
168 get_user(datasize, getvariable.data_size))
169 return -EFAULT;
170 if (getvariable.vendor_guid) {
171 if (copy_from_user(&vendor_guid, getvariable.vendor_guid,
172 sizeof(vendor_guid)))
173 return -EFAULT;
174 vd = &vendor_guid;
177 if (getvariable.variable_name) {
178 rv = copy_ucs2_from_user(&name, getvariable.variable_name);
179 if (rv)
180 return rv;
183 at = getvariable.attributes ? &attr : NULL;
184 dz = getvariable.data_size ? &datasize : NULL;
186 if (getvariable.data_size && getvariable.data) {
187 data = kmalloc(datasize, GFP_KERNEL);
188 if (!data) {
189 kfree(name);
190 return -ENOMEM;
194 prev_datasize = datasize;
195 status = efi.get_variable(name, vd, at, dz, data);
196 kfree(name);
198 if (put_user(status, getvariable.status)) {
199 rv = -EFAULT;
200 goto out;
203 if (status != EFI_SUCCESS) {
204 if (status == EFI_BUFFER_TOO_SMALL) {
205 if (dz && put_user(datasize, getvariable.data_size)) {
206 rv = -EFAULT;
207 goto out;
210 rv = -EINVAL;
211 goto out;
214 if (prev_datasize < datasize) {
215 rv = -EINVAL;
216 goto out;
219 if (data) {
220 if (copy_to_user(getvariable.data, data, datasize)) {
221 rv = -EFAULT;
222 goto out;
226 if (at && put_user(attr, getvariable.attributes)) {
227 rv = -EFAULT;
228 goto out;
231 if (dz && put_user(datasize, getvariable.data_size))
232 rv = -EFAULT;
234 out:
235 kfree(data);
236 return rv;
240 static long efi_runtime_set_variable(unsigned long arg)
242 struct efi_setvariable __user *setvariable_user;
243 struct efi_setvariable setvariable;
244 efi_guid_t vendor_guid;
245 efi_status_t status;
246 efi_char16_t *name = NULL;
247 void *data;
248 int rv = 0;
250 setvariable_user = (struct efi_setvariable __user *)arg;
252 if (copy_from_user(&setvariable, setvariable_user, sizeof(setvariable)))
253 return -EFAULT;
254 if (copy_from_user(&vendor_guid, setvariable.vendor_guid,
255 sizeof(vendor_guid)))
256 return -EFAULT;
258 if (setvariable.variable_name) {
259 rv = copy_ucs2_from_user(&name, setvariable.variable_name);
260 if (rv)
261 return rv;
264 data = memdup_user(setvariable.data, setvariable.data_size);
265 if (IS_ERR(data)) {
266 kfree(name);
267 return PTR_ERR(data);
270 status = efi.set_variable(name, &vendor_guid,
271 setvariable.attributes,
272 setvariable.data_size, data);
274 if (put_user(status, setvariable.status)) {
275 rv = -EFAULT;
276 goto out;
279 rv = status == EFI_SUCCESS ? 0 : -EINVAL;
281 out:
282 kfree(data);
283 kfree(name);
285 return rv;
288 static long efi_runtime_get_time(unsigned long arg)
290 struct efi_gettime __user *gettime_user;
291 struct efi_gettime gettime;
292 efi_status_t status;
293 efi_time_cap_t cap;
294 efi_time_t efi_time;
296 gettime_user = (struct efi_gettime __user *)arg;
297 if (copy_from_user(&gettime, gettime_user, sizeof(gettime)))
298 return -EFAULT;
300 status = efi.get_time(gettime.time ? &efi_time : NULL,
301 gettime.capabilities ? &cap : NULL);
303 if (put_user(status, gettime.status))
304 return -EFAULT;
306 if (status != EFI_SUCCESS)
307 return -EINVAL;
309 if (gettime.capabilities) {
310 efi_time_cap_t __user *cap_local;
312 cap_local = (efi_time_cap_t *)gettime.capabilities;
313 if (put_user(cap.resolution, &(cap_local->resolution)) ||
314 put_user(cap.accuracy, &(cap_local->accuracy)) ||
315 put_user(cap.sets_to_zero, &(cap_local->sets_to_zero)))
316 return -EFAULT;
318 if (gettime.time) {
319 if (copy_to_user(gettime.time, &efi_time, sizeof(efi_time_t)))
320 return -EFAULT;
323 return 0;
326 static long efi_runtime_set_time(unsigned long arg)
328 struct efi_settime __user *settime_user;
329 struct efi_settime settime;
330 efi_status_t status;
331 efi_time_t efi_time;
333 settime_user = (struct efi_settime __user *)arg;
334 if (copy_from_user(&settime, settime_user, sizeof(settime)))
335 return -EFAULT;
336 if (copy_from_user(&efi_time, settime.time,
337 sizeof(efi_time_t)))
338 return -EFAULT;
339 status = efi.set_time(&efi_time);
341 if (put_user(status, settime.status))
342 return -EFAULT;
344 return status == EFI_SUCCESS ? 0 : -EINVAL;
347 static long efi_runtime_get_waketime(unsigned long arg)
349 struct efi_getwakeuptime __user *getwakeuptime_user;
350 struct efi_getwakeuptime getwakeuptime;
351 efi_bool_t enabled, pending;
352 efi_status_t status;
353 efi_time_t efi_time;
355 getwakeuptime_user = (struct efi_getwakeuptime __user *)arg;
356 if (copy_from_user(&getwakeuptime, getwakeuptime_user,
357 sizeof(getwakeuptime)))
358 return -EFAULT;
360 status = efi.get_wakeup_time(
361 getwakeuptime.enabled ? (efi_bool_t *)&enabled : NULL,
362 getwakeuptime.pending ? (efi_bool_t *)&pending : NULL,
363 getwakeuptime.time ? &efi_time : NULL);
365 if (put_user(status, getwakeuptime.status))
366 return -EFAULT;
368 if (status != EFI_SUCCESS)
369 return -EINVAL;
371 if (getwakeuptime.enabled && put_user(enabled,
372 getwakeuptime.enabled))
373 return -EFAULT;
375 if (getwakeuptime.time) {
376 if (copy_to_user(getwakeuptime.time, &efi_time,
377 sizeof(efi_time_t)))
378 return -EFAULT;
381 return 0;
384 static long efi_runtime_set_waketime(unsigned long arg)
386 struct efi_setwakeuptime __user *setwakeuptime_user;
387 struct efi_setwakeuptime setwakeuptime;
388 efi_bool_t enabled;
389 efi_status_t status;
390 efi_time_t efi_time;
392 setwakeuptime_user = (struct efi_setwakeuptime __user *)arg;
394 if (copy_from_user(&setwakeuptime, setwakeuptime_user,
395 sizeof(setwakeuptime)))
396 return -EFAULT;
398 enabled = setwakeuptime.enabled;
399 if (setwakeuptime.time) {
400 if (copy_from_user(&efi_time, setwakeuptime.time,
401 sizeof(efi_time_t)))
402 return -EFAULT;
404 status = efi.set_wakeup_time(enabled, &efi_time);
405 } else
406 status = efi.set_wakeup_time(enabled, NULL);
408 if (put_user(status, setwakeuptime.status))
409 return -EFAULT;
411 return status == EFI_SUCCESS ? 0 : -EINVAL;
414 static long efi_runtime_get_nextvariablename(unsigned long arg)
416 struct efi_getnextvariablename __user *getnextvariablename_user;
417 struct efi_getnextvariablename getnextvariablename;
418 unsigned long name_size, prev_name_size = 0, *ns = NULL;
419 efi_status_t status;
420 efi_guid_t *vd = NULL;
421 efi_guid_t vendor_guid;
422 efi_char16_t *name = NULL;
423 int rv = 0;
425 getnextvariablename_user = (struct efi_getnextvariablename __user *)arg;
427 if (copy_from_user(&getnextvariablename, getnextvariablename_user,
428 sizeof(getnextvariablename)))
429 return -EFAULT;
431 if (getnextvariablename.variable_name_size) {
432 if (get_user(name_size, getnextvariablename.variable_name_size))
433 return -EFAULT;
434 ns = &name_size;
435 prev_name_size = name_size;
438 if (getnextvariablename.vendor_guid) {
439 if (copy_from_user(&vendor_guid,
440 getnextvariablename.vendor_guid,
441 sizeof(vendor_guid)))
442 return -EFAULT;
443 vd = &vendor_guid;
446 if (getnextvariablename.variable_name) {
447 size_t name_string_size = 0;
449 rv = get_ucs2_strsize_from_user(
450 getnextvariablename.variable_name,
451 &name_string_size);
452 if (rv)
453 return rv;
455 * The name_size may be smaller than the real buffer size where
456 * variable name located in some use cases. The most typical
457 * case is passing a 0 to get the required buffer size for the
458 * 1st time call. So we need to copy the content from user
459 * space for at least the string size of variable name, or else
460 * the name passed to UEFI may not be terminated as we expected.
462 rv = copy_ucs2_from_user_len(&name,
463 getnextvariablename.variable_name,
464 prev_name_size > name_string_size ?
465 prev_name_size : name_string_size);
466 if (rv)
467 return rv;
470 status = efi.get_next_variable(ns, name, vd);
472 if (put_user(status, getnextvariablename.status)) {
473 rv = -EFAULT;
474 goto out;
477 if (status != EFI_SUCCESS) {
478 if (status == EFI_BUFFER_TOO_SMALL) {
479 if (ns && put_user(*ns,
480 getnextvariablename.variable_name_size)) {
481 rv = -EFAULT;
482 goto out;
485 rv = -EINVAL;
486 goto out;
489 if (name) {
490 if (copy_ucs2_to_user_len(getnextvariablename.variable_name,
491 name, prev_name_size)) {
492 rv = -EFAULT;
493 goto out;
497 if (ns) {
498 if (put_user(*ns, getnextvariablename.variable_name_size)) {
499 rv = -EFAULT;
500 goto out;
504 if (vd) {
505 if (copy_to_user(getnextvariablename.vendor_guid, vd,
506 sizeof(efi_guid_t)))
507 rv = -EFAULT;
510 out:
511 kfree(name);
512 return rv;
515 static long efi_runtime_get_nexthighmonocount(unsigned long arg)
517 struct efi_getnexthighmonotoniccount __user *getnexthighmonocount_user;
518 struct efi_getnexthighmonotoniccount getnexthighmonocount;
519 efi_status_t status;
520 u32 count;
522 getnexthighmonocount_user = (struct
523 efi_getnexthighmonotoniccount __user *)arg;
525 if (copy_from_user(&getnexthighmonocount,
526 getnexthighmonocount_user,
527 sizeof(getnexthighmonocount)))
528 return -EFAULT;
530 status = efi.get_next_high_mono_count(
531 getnexthighmonocount.high_count ? &count : NULL);
533 if (put_user(status, getnexthighmonocount.status))
534 return -EFAULT;
536 if (status != EFI_SUCCESS)
537 return -EINVAL;
539 if (getnexthighmonocount.high_count &&
540 put_user(count, getnexthighmonocount.high_count))
541 return -EFAULT;
543 return 0;
546 static long efi_runtime_reset_system(unsigned long arg)
548 struct efi_resetsystem __user *resetsystem_user;
549 struct efi_resetsystem resetsystem;
550 void *data = NULL;
552 resetsystem_user = (struct efi_resetsystem __user *)arg;
553 if (copy_from_user(&resetsystem, resetsystem_user,
554 sizeof(resetsystem)))
555 return -EFAULT;
556 if (resetsystem.data_size != 0) {
557 data = memdup_user((void *)resetsystem.data,
558 resetsystem.data_size);
559 if (IS_ERR(data))
560 return PTR_ERR(data);
563 efi.reset_system(resetsystem.reset_type, resetsystem.status,
564 resetsystem.data_size, (efi_char16_t *)data);
566 kfree(data);
567 return 0;
570 static long efi_runtime_query_variableinfo(unsigned long arg)
572 struct efi_queryvariableinfo __user *queryvariableinfo_user;
573 struct efi_queryvariableinfo queryvariableinfo;
574 efi_status_t status;
575 u64 max_storage, remaining, max_size;
577 queryvariableinfo_user = (struct efi_queryvariableinfo __user *)arg;
579 if (copy_from_user(&queryvariableinfo, queryvariableinfo_user,
580 sizeof(queryvariableinfo)))
581 return -EFAULT;
583 status = efi.query_variable_info(queryvariableinfo.attributes,
584 &max_storage, &remaining, &max_size);
586 if (put_user(status, queryvariableinfo.status))
587 return -EFAULT;
589 if (status != EFI_SUCCESS)
590 return -EINVAL;
592 if (put_user(max_storage,
593 queryvariableinfo.maximum_variable_storage_size))
594 return -EFAULT;
596 if (put_user(remaining,
597 queryvariableinfo.remaining_variable_storage_size))
598 return -EFAULT;
600 if (put_user(max_size, queryvariableinfo.maximum_variable_size))
601 return -EFAULT;
603 return 0;
606 static long efi_runtime_query_capsulecaps(unsigned long arg)
608 struct efi_querycapsulecapabilities __user *qcaps_user;
609 struct efi_querycapsulecapabilities qcaps;
610 efi_capsule_header_t *capsules;
611 efi_status_t status;
612 u64 max_size;
613 int i, reset_type;
614 int rv = 0;
616 qcaps_user = (struct efi_querycapsulecapabilities __user *)arg;
618 if (copy_from_user(&qcaps, qcaps_user, sizeof(qcaps)))
619 return -EFAULT;
621 if (qcaps.capsule_count == ULONG_MAX)
622 return -EINVAL;
624 capsules = kcalloc(qcaps.capsule_count + 1,
625 sizeof(efi_capsule_header_t), GFP_KERNEL);
626 if (!capsules)
627 return -ENOMEM;
629 for (i = 0; i < qcaps.capsule_count; i++) {
630 efi_capsule_header_t *c;
632 * We cannot dereference qcaps.capsule_header_array directly to
633 * obtain the address of the capsule as it resides in the
634 * user space
636 if (get_user(c, qcaps.capsule_header_array + i)) {
637 rv = -EFAULT;
638 goto out;
640 if (copy_from_user(&capsules[i], c,
641 sizeof(efi_capsule_header_t))) {
642 rv = -EFAULT;
643 goto out;
647 qcaps.capsule_header_array = &capsules;
649 status = efi.query_capsule_caps((efi_capsule_header_t **)
650 qcaps.capsule_header_array,
651 qcaps.capsule_count,
652 &max_size, &reset_type);
654 if (put_user(status, qcaps.status)) {
655 rv = -EFAULT;
656 goto out;
659 if (status != EFI_SUCCESS) {
660 rv = -EINVAL;
661 goto out;
664 if (put_user(max_size, qcaps.maximum_capsule_size)) {
665 rv = -EFAULT;
666 goto out;
669 if (put_user(reset_type, qcaps.reset_type))
670 rv = -EFAULT;
672 out:
673 kfree(capsules);
674 return rv;
677 static long efi_test_ioctl(struct file *file, unsigned int cmd,
678 unsigned long arg)
680 switch (cmd) {
681 case EFI_RUNTIME_GET_VARIABLE:
682 return efi_runtime_get_variable(arg);
684 case EFI_RUNTIME_SET_VARIABLE:
685 return efi_runtime_set_variable(arg);
687 case EFI_RUNTIME_GET_TIME:
688 return efi_runtime_get_time(arg);
690 case EFI_RUNTIME_SET_TIME:
691 return efi_runtime_set_time(arg);
693 case EFI_RUNTIME_GET_WAKETIME:
694 return efi_runtime_get_waketime(arg);
696 case EFI_RUNTIME_SET_WAKETIME:
697 return efi_runtime_set_waketime(arg);
699 case EFI_RUNTIME_GET_NEXTVARIABLENAME:
700 return efi_runtime_get_nextvariablename(arg);
702 case EFI_RUNTIME_GET_NEXTHIGHMONOTONICCOUNT:
703 return efi_runtime_get_nexthighmonocount(arg);
705 case EFI_RUNTIME_QUERY_VARIABLEINFO:
706 return efi_runtime_query_variableinfo(arg);
708 case EFI_RUNTIME_QUERY_CAPSULECAPABILITIES:
709 return efi_runtime_query_capsulecaps(arg);
711 case EFI_RUNTIME_RESET_SYSTEM:
712 return efi_runtime_reset_system(arg);
715 return -ENOTTY;
718 static int efi_test_open(struct inode *inode, struct file *file)
721 * nothing special to do here
722 * We do accept multiple open files at the same time as we
723 * synchronize on the per call operation.
725 return 0;
728 static int efi_test_close(struct inode *inode, struct file *file)
730 return 0;
734 * The various file operations we support.
736 static const struct file_operations efi_test_fops = {
737 .owner = THIS_MODULE,
738 .unlocked_ioctl = efi_test_ioctl,
739 .open = efi_test_open,
740 .release = efi_test_close,
741 .llseek = no_llseek,
744 static struct miscdevice efi_test_dev = {
745 MISC_DYNAMIC_MINOR,
746 "efi_test",
747 &efi_test_fops
750 static int __init efi_test_init(void)
752 int ret;
754 ret = misc_register(&efi_test_dev);
755 if (ret) {
756 pr_err("efi_test: can't misc_register on minor=%d\n",
757 MISC_DYNAMIC_MINOR);
758 return ret;
761 return 0;
764 static void __exit efi_test_exit(void)
766 misc_deregister(&efi_test_dev);
769 module_init(efi_test_init);
770 module_exit(efi_test_exit);