xref: /qemu/include/hw/uefi/var-service-edk2.h (revision 50aa3d0984d8a4a9c39d34e2f81e8a70674462e4) 
1 /*
2  * SPDX-License-Identifier: GPL-2.0-or-later
3  *
4  * uefi-vars device - structs and defines from edk2
5  *
6  * Note: The edk2 UINTN type has been mapped to uint64_t,
7  *       so the structs are compatible with 64bit edk2 builds.
8  */
9 #ifndef QEMU_UEFI_VAR_SERVICE_EDK2_H
10 #define QEMU_UEFI_VAR_SERVICE_EDK2_H
11 
12 #include "qemu/uuid.h"
13 
14 #define MAX_BIT                   0x8000000000000000ULL
15 #define ENCODE_ERROR(StatusCode)  (MAX_BIT | (StatusCode))
16 #define EFI_SUCCESS               0
17 #define EFI_INVALID_PARAMETER     ENCODE_ERROR(2)
18 #define EFI_UNSUPPORTED           ENCODE_ERROR(3)
19 #define EFI_BAD_BUFFER_SIZE       ENCODE_ERROR(4)
20 #define EFI_BUFFER_TOO_SMALL      ENCODE_ERROR(5)
21 #define EFI_WRITE_PROTECTED       ENCODE_ERROR(8)
22 #define EFI_OUT_OF_RESOURCES      ENCODE_ERROR(9)
23 #define EFI_NOT_FOUND             ENCODE_ERROR(14)
24 #define EFI_ACCESS_DENIED         ENCODE_ERROR(15)
25 #define EFI_ALREADY_STARTED       ENCODE_ERROR(20)
26 #define EFI_SECURITY_VIOLATION    ENCODE_ERROR(26)
27 
28 #define EFI_VARIABLE_NON_VOLATILE                           0x01
29 #define EFI_VARIABLE_BOOTSERVICE_ACCESS                     0x02
30 #define EFI_VARIABLE_RUNTIME_ACCESS                         0x04
31 #define EFI_VARIABLE_HARDWARE_ERROR_RECORD                  0x08
32 #define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS             0x10  /* deprecated */
33 #define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS  0x20
34 #define EFI_VARIABLE_APPEND_WRITE                           0x40
35 
36 /* SecureBootEnable */
37 #define SECURE_BOOT_ENABLE         1
38 #define SECURE_BOOT_DISABLE        0
39 
40 /* SecureBoot */
41 #define SECURE_BOOT_MODE_ENABLE    1
42 #define SECURE_BOOT_MODE_DISABLE   0
43 
44 /* CustomMode */
45 #define CUSTOM_SECURE_BOOT_MODE    1
46 #define STANDARD_SECURE_BOOT_MODE  0
47 
48 /* SetupMode */
49 #define SETUP_MODE                 1
50 #define USER_MODE                  0
51 
52 typedef uint64_t efi_status;
53 typedef struct mm_header mm_header;
54 
55 /* EFI_MM_COMMUNICATE_HEADER */
56 struct mm_header {
57     QemuUUID  guid;
58     uint64_t  length;
59 };
60 
61 /* --- EfiSmmVariableProtocol ---------------------------------------- */
62 
63 #define SMM_VARIABLE_FUNCTION_GET_VARIABLE            1
64 #define SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME  2
65 #define SMM_VARIABLE_FUNCTION_SET_VARIABLE            3
66 #define SMM_VARIABLE_FUNCTION_QUERY_VARIABLE_INFO     4
67 #define SMM_VARIABLE_FUNCTION_READY_TO_BOOT           5
68 #define SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE       6
69 #define SMM_VARIABLE_FUNCTION_LOCK_VARIABLE           8
70 #define SMM_VARIABLE_FUNCTION_GET_PAYLOAD_SIZE       11
71 
72 typedef struct mm_variable mm_variable;
73 typedef struct mm_variable_access mm_variable_access;
74 typedef struct mm_next_variable mm_next_variable;
75 typedef struct mm_next_variable mm_lock_variable;
76 typedef struct mm_variable_info mm_variable_info;
77 typedef struct mm_get_payload_size mm_get_payload_size;
78 
79 /* SMM_VARIABLE_COMMUNICATE_HEADER */
80 struct mm_variable {
81     uint64_t  function;
82     uint64_t  status;
83 };
84 
85 /* SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE */
86 struct QEMU_PACKED mm_variable_access {
87     QemuUUID  guid;
88     uint64_t  data_size;
89     uint64_t  name_size;
90     uint32_t  attributes;
91     /* Name */
92     /* Data */
93 };
94 
95 /* SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME */
96 struct mm_next_variable {
97     QemuUUID  guid;
98     uint64_t  name_size;
99     /* Name */
100 };
101 
102 /* SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO */
103 struct QEMU_PACKED mm_variable_info {
104     uint64_t max_storage_size;
105     uint64_t free_storage_size;
106     uint64_t max_variable_size;
107     uint32_t attributes;
108 };
109 
110 /* SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE */
111 struct mm_get_payload_size {
112     uint64_t  payload_size;
113 };
114 
115 /* --- VarCheckPolicyLibMmiHandler ----------------------------------- */
116 
117 #define VAR_CHECK_POLICY_COMMAND_DISABLE     0x01
118 #define VAR_CHECK_POLICY_COMMAND_IS_ENABLED  0x02
119 #define VAR_CHECK_POLICY_COMMAND_REGISTER    0x03
120 #define VAR_CHECK_POLICY_COMMAND_DUMP        0x04
121 #define VAR_CHECK_POLICY_COMMAND_LOCK        0x05
122 
123 typedef struct mm_check_policy mm_check_policy;
124 typedef struct mm_check_policy_is_enabled mm_check_policy_is_enabled;
125 typedef struct mm_check_policy_dump_params mm_check_policy_dump_params;
126 
127 /* VAR_CHECK_POLICY_COMM_HEADER */
128 struct QEMU_PACKED mm_check_policy {
129     uint32_t  signature;
130     uint32_t  revision;
131     uint32_t  command;
132     uint64_t  result;
133 };
134 
135 /* VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS */
136 struct QEMU_PACKED mm_check_policy_is_enabled {
137     uint8_t   state;
138 };
139 
140 /* VAR_CHECK_POLICY_COMM_DUMP_PARAMS */
141 struct QEMU_PACKED mm_check_policy_dump_params {
142     uint32_t  page_requested;
143     uint32_t  total_size;
144     uint32_t  page_size;
145     uint8_t   has_more;
146 };
147 
148 /* --- Edk2VariablePolicyProtocol ------------------------------------ */
149 
150 #define VARIABLE_POLICY_ENTRY_REVISION  0x00010000
151 
152 #define VARIABLE_POLICY_TYPE_NO_LOCK            0
153 #define VARIABLE_POLICY_TYPE_LOCK_NOW           1
154 #define VARIABLE_POLICY_TYPE_LOCK_ON_CREATE     2
155 #define VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE  3
156 
157 typedef struct variable_policy_entry variable_policy_entry;
158 typedef struct variable_lock_on_var_state variable_lock_on_var_state;
159 
160 /* VARIABLE_POLICY_ENTRY */
161 struct variable_policy_entry {
162     uint32_t      version;
163     uint16_t      size;
164     uint16_t      offset_to_name;
165     QemuUUID      namespace;
166     uint32_t      min_size;
167     uint32_t      max_size;
168     uint32_t      attributes_must_have;
169     uint32_t      attributes_cant_have;
170     uint8_t       lock_policy_type;
171     uint8_t       padding[3];
172     /* LockPolicy */
173     /* Name */
174 };
175 
176 /* VARIABLE_LOCK_ON_VAR_STATE_POLICY */
177 struct variable_lock_on_var_state {
178     QemuUUID      namespace;
179     uint8_t       value;
180     uint8_t       padding;
181     /* Name */
182 };
183 
184 /* --- variable authentication --------------------------------------- */
185 
186 #define WIN_CERT_TYPE_EFI_GUID  0x0EF1
187 
188 typedef struct efi_time efi_time;
189 typedef struct efi_siglist efi_siglist;
190 typedef struct variable_auth_2 variable_auth_2;
191 
192 /* EFI_TIME */
193 struct efi_time {
194     uint16_t  year;
195     uint8_t   month;
196     uint8_t   day;
197     uint8_t   hour;
198     uint8_t   minute;
199     uint8_t   second;
200     uint8_t   pad1;
201     uint32_t  nanosecond;
202     int16_t   timezone;
203     uint8_t   daylight;
204     uint8_t   pad2;
205 };
206 
207 /* EFI_SIGNATURE_LIST */
208 struct efi_siglist {
209     QemuUUID  guid_type;
210     uint32_t  siglist_size;
211     uint32_t  header_size;
212     uint32_t  sig_size;
213 };
214 
215 /* EFI_VARIABLE_AUTHENTICATION_2 */
216 struct variable_auth_2 {
217     struct efi_time timestamp;
218 
219     /* WIN_CERTIFICATE_UEFI_GUID */
220     uint32_t  hdr_length;
221     uint16_t  hdr_revision;
222     uint16_t  hdr_cert_type;
223     QemuUUID  guid_cert_type;
224     uint8_t   cert_data[];
225 };
226 
227 #endif /* QEMU_UEFI_VAR_SERVICE_EDK2_H */
228