[PATCH v1 51/54] efi: loader: CONFIG_EFI_RT_VOLATILE_STORE

Thu Dec 18 02:38:11 PST 2025

If we store EFI variables on ESP during boottime, we need cooperation
from the OS to write that file to implement SetVariable.

Populate the necessary options to allow efivar(1) to read a dump
of the variables after writing them and then persist them to ESP.

Note that this violates the EFI spec and it's not power-fail safe, but
it's an ok fallback for now.

Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
---
 efi/loader/Kconfig        | 18 ++++++++++++++
 efi/loader/efi_var_file.c | 51 +++++++++++++++++++++++++++++++++++++++
 efi/loader/runtime.c      |  4 +++
 efi/loader/variable.h     |  2 ++
 4 files changed, 75 insertions(+)

diff --git a/efi/loader/Kconfig b/efi/loader/Kconfig
index 4a5e4c375fd4..5692e54ebe01 100644
--- a/efi/loader/Kconfig
+++ b/efi/loader/Kconfig
@@ -68,6 +68,24 @@ config EFI_VARIABLE_NO_STORE
 
 endchoice
 
+config EFI_RT_VOLATILE_STORE
+	bool "Allow variable runtime services in volatile storage (e.g RAM)"
+	depends on EFI_VARIABLE_FILE_STORE
+	select EFI_RUNTIME_SET_VARIABLE
+	default y
+	help
+	  When EFI variables are stored on file we don't allow SetVariableRT,
+	  since the OS doesn't know how to write that file. At the same time
+	  we copy runtime variables in DRAM and support GetVariableRT
+
+	  Enable this option to allow SetVariableRT on the RAM backend of
+	  the EFI variable storage. The OS will be responsible for syncing
+	  the RAM contents to the file, otherwise any changes made during
+	  runtime won't persist reboots.
+	  Authenticated variables are not supported. Note that this will
+	  violate the EFI spec since writing auth variables will return
+	  EFI_INVALID_PARAMETER
+
 endmenu
 
 source "efi/loader/protocols/Kconfig"
diff --git a/efi/loader/efi_var_file.c b/efi/loader/efi_var_file.c
index 08a5c172cced..652354693ae7 100644
--- a/efi/loader/efi_var_file.c
+++ b/efi/loader/efi_var_file.c
@@ -184,6 +184,57 @@ efi_status_t efi_var_from_file(int dirfd, const char *filename)
 	free(buf);
 	return ret;
 }
+
+// SPDX-SnippetBegin
+// SPDX-Snippet-Comment: Origin-URL: https://github.com/u-boot/u-boot/blob/e9c34fab18a9a0022b36729afd8e262e062764e2/lib/efi_loader/efi_runtime.c
+
+efi_status_t efi_init_runtime_variable_supported(void)
+{
+	u8 s = 0;
+	int ret;
+
+	if (!IS_ENABLED(CONFIG_EFI_RT_VOLATILE_STORE))
+		return EFI_SUCCESS;
+
+	ret = efi_set_variable_int(u"RTStorageVolatile",
+				   &efi_file_store_vars_guid,
+				   EFI_VARIABLE_BOOTSERVICE_ACCESS |
+				   EFI_VARIABLE_RUNTIME_ACCESS |
+				   EFI_VARIABLE_READ_ONLY,
+				   strlen(efi_var_file_name) + 1,
+				   efi_var_file_name, false);
+	if (ret != EFI_SUCCESS) {
+		pr_err("Failed to set RTStorageVolatile\n");
+		return ret;
+	}
+	/*
+	 * This variable needs to be visible so users can read it,
+	 * but the real contents are going to be filled during
+	 * GetVariable
+	 */
+	ret = efi_set_variable_int(u"VarToFile",
+				   &efi_file_store_vars_guid,
+				   EFI_VARIABLE_BOOTSERVICE_ACCESS |
+				   EFI_VARIABLE_RUNTIME_ACCESS |
+				   EFI_VARIABLE_READ_ONLY,
+				   sizeof(s),
+				   &s, false);
+	if (ret != EFI_SUCCESS) {
+		pr_err("Failed to set VarToFile\n");
+		efi_set_variable_int(u"RTStorageVolatile",
+				     &efi_file_store_vars_guid,
+				     EFI_VARIABLE_BOOTSERVICE_ACCESS |
+				     EFI_VARIABLE_RUNTIME_ACCESS |
+				     EFI_VARIABLE_READ_ONLY,
+				     0, NULL, false);
+		return ret;
+	}
+
+	return EFI_SUCCESS;
+}
+
+// SPDX-SnippetEnd
+
 static int efi_init_var_params(void)
 {
 	if (efi_is_payload())
diff --git a/efi/loader/runtime.c b/efi/loader/runtime.c
index b46c85eeaa7b..4b3cb6df1350 100644
--- a/efi/loader/runtime.c
+++ b/efi/loader/runtime.c
@@ -71,6 +71,10 @@ efi_status_t efi_init_runtime_supported(void)
 		CHECK_RT_FLAG(QUERY_CAPSULE_CAPABILITIES) |
 		CHECK_RT_FLAG(QUERY_VARIABLE_INFO);
 
+	ret = efi_init_runtime_variable_supported();
+	if (ret != EFI_SUCCESS)
+		return ret;
+
 	return efi_install_configuration_table(&efi_rt_properties_table_guid, rt_table);
 }
 
diff --git a/efi/loader/variable.h b/efi/loader/variable.h
index 3710be84a2d1..775bd11dc450 100644
--- a/efi/loader/variable.h
+++ b/efi/loader/variable.h
@@ -2,6 +2,8 @@
 #include <efi/types.h>
 #include <efi/error.h>
 
+efi_status_t efi_init_runtime_variable_supported(void);
+
 efi_status_t EFIAPI efi_get_variable_boot(u16 *variable_name,
 					  const efi_guid_t *vendor, u32 *attributes,
 					  efi_uintn_t *data_size, void *data);
-- 
2.47.3


