]> git.proxmox.com Git - mirror_edk2.git/blame - FmpDevicePkg/FmpDxe/FmpDxe.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
FmpDevicePkg/FmpDxe: Improve function parameter validation
[mirror_edk2.git] / FmpDevicePkg / FmpDxe / FmpDxe.c
CommitLineData
a6d73269 1/** @file\r
b0bacc00
KM		 2 Produces a Firmware Management Protocol that supports updates to a firmware\r
3 image stored in a firmware device with platform and firmware device specific\r
4 information provided through PCDs and libraries.\r
5\r
de6859ec 6 Copyright (c) Microsoft Corporation.<BR>\r
2ed845b3 7 Copyright (c) 2018 - 2020, Intel Corporation. All rights reserved.<BR>\r
b0bacc00 8\r
bcef758c 9 SPDX-License-Identifier: BSD-2-Clause-Patent\r
b0bacc00
KM		 10\r
11**/\r
12\r
4f0544b1 13#include "FmpDxe.h"\r
67c1e5ee 14#include "VariableSupport.h"\r
b0bacc00
KM		 15\r
16///\r
17/// FILE_GUID from FmpDxe.inf. When FmpDxe.inf is used in a platform, the\r
18/// FILE_GUID must always be overridden in the <Defines> section to provide\r
19/// the ESRT GUID value associated with the updatable firmware image. A\r
20/// check is made in this module's driver entry point to verify that a\r
21/// new FILE_GUID value has been defined.\r
22///\r
23const EFI_GUID mDefaultModuleFileGuid = {\r
24 0x78ef0a56, 0x1cf0, 0x4535, { 0xb5, 0xda, 0xf6, 0xfd, 0x2f, 0x40, 0x5a, 0x11 }\r
25};\r
26\r
b0bacc00 27///\r
4f0544b1 28/// TRUE if FmpDeviceLib manages a single firmware storage device.\r
b0bacc00 29///\r
4f0544b1 30BOOLEAN mFmpSingleInstance = FALSE;\r
b0bacc00 31\r
4f0544b1
EJ		 32///\r
33/// Firmware Management Protocol instance that is initialized in the entry\r
34/// point from PCD settings.\r
35///\r
36EDKII_FIRMWARE_MANAGEMENT_PROGRESS_PROTOCOL mFmpProgress;\r
b0bacc00 37\r
0760f5fe 38//\r
4f0544b1
EJ		 39// Template of the private context structure for the Firmware Management\r
40// Protocol instance\r
0760f5fe 41//\r
4f0544b1
EJ		 42const FIRMWARE_MANAGEMENT_PRIVATE_DATA mFirmwareManagementPrivateDataTemplate = {\r
43 FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE, // Signature\r
44 NULL, // Handle\r
45 { // Fmp\r
46 GetTheImageInfo,\r
47 GetTheImage,\r
48 SetTheImage,\r
49 CheckTheImage,\r
50 GetPackageInfo,\r
51 SetPackageInfo\r
52 },\r
53 FALSE, // DescriptorPopulated\r
54 { // Desc\r
55 1, // ImageIndex\r
56 //\r
57 // ImageTypeId\r
58 //\r
59 { 0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} },\r
60 1, // ImageId\r
61 NULL, // ImageIdName\r
62 0, // Version\r
63 NULL, // VersionName\r
64 0, // Size\r
65 0, // AttributesSupported\r
66 0, // AttributesSetting\r
67 0, // Compatibilities\r
68 0, // LowestSupportedImageVersion\r
69 0, // LastAttemptVersion\r
70 0, // LastAttemptStatus\r
71 0 // HardwareInstance\r
72 },\r
73 NULL, // ImageIdName\r
74 NULL, // VersionName\r
75 TRUE, // RuntimeVersionSupported\r
76 NULL, // FmpDeviceLockEvent\r
67c1e5ee
EJ		 77 FALSE, // FmpDeviceLocked\r
78 NULL, // FmpDeviceContext\r
79 NULL, // VersionVariableName\r
80 NULL, // LsvVariableName\r
81 NULL, // LastAttemptStatusVariableName\r
82 NULL, // LastAttemptVersionVariableName\r
0f30087b
WX		 83 NULL, // FmpStateVariableName\r
84 TRUE // DependenciesSatisfied\r
4f0544b1
EJ		 85};\r
86\r
87///\r
88/// GUID that is used to create event used to lock the firmware storage device.\r
89///\r
90EFI_GUID *mLockGuid = NULL;\r
91\r
92///\r
93/// Progress() function pointer passed into SetTheImage()\r
94///\r
95EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS mProgressFunc = NULL;\r
96\r
97///\r
98/// Null-terminated Unicode string retrieved from PcdFmpDeviceImageIdName.\r
99///\r
100CHAR16 *mImageIdName = NULL;\r
b0bacc00
KM		 101\r
102/**\r
103 Callback function to report the process of the firmware updating.\r
104\r
105 Wrap the caller's version in this so that progress from the device lib is\r
106 within the expected range. Convert device lib 0% - 100% to 6% - 98%.\r
107\r
108 FmpDxe 1% - 5% for validation\r
109 FmpDeviceLib 6% - 98% for flashing/update\r
110 FmpDxe 99% - 100% finish\r
111\r
112 @param[in] Completion A value between 1 and 100 indicating the current\r
113 completion progress of the firmware update. Completion\r
114 progress is reported as from 1 to 100 percent. A value\r
115 of 0 is used by the driver to indicate that progress\r
116 reporting is not supported.\r
117\r
118 @retval EFI_SUCCESS The progress was updated.\r
119 @retval EFI_UNSUPPORTED Updating progress is not supported.\r
120\r
121**/\r
122EFI_STATUS\r
123EFIAPI\r
124FmpDxeProgress (\r
125 IN UINTN Completion\r
126 )\r
127{\r
128 EFI_STATUS Status;\r
129\r
130 Status = EFI_UNSUPPORTED;\r
131\r
b0bacc00
KM		 132 if (mProgressFunc == NULL) {\r
133 return Status;\r
134 }\r
135\r
136 //\r
137 // Reserve 6% - 98% for the FmpDeviceLib. Call the real progress function.\r
138 //\r
139 Status = mProgressFunc (((Completion * 92) / 100) + 6);\r
140\r
141 if (Status == EFI_UNSUPPORTED) {\r
b0bacc00
KM		 142 mProgressFunc = NULL;\r
143 }\r
144\r
145 return Status;\r
146}\r
147\r
148/**\r
149 Returns a pointer to the ImageTypeId GUID value. An attempt is made to get\r
150 the GUID value from the FmpDeviceLib. If the FmpDeviceLib does not provide\r
278c3d48
EJ		 151 a GUID value, then PcdFmpDeviceImageTypeIdGuid is used. If the size of\r
152 PcdFmpDeviceImageTypeIdGuid is not the size of EFI_GUID, then gEfiCallerIdGuid\r
153 is returned.\r
b0bacc00 154\r
67c1e5ee 155 @retval The ImageTypeId GUID\r
b0bacc00
KM		 156\r
157**/\r
158EFI_GUID *\r
159GetImageTypeIdGuid (\r
160 VOID\r
161 )\r
162{\r
163 EFI_STATUS Status;\r
164 EFI_GUID *FmpDeviceLibGuid;\r
278c3d48 165 UINTN ImageTypeIdGuidSize;\r
b0bacc00
KM		 166\r
167 FmpDeviceLibGuid = NULL;\r
168 Status = FmpDeviceGetImageTypeIdGuidPtr (&FmpDeviceLibGuid);\r
169 if (EFI_ERROR (Status)) {\r
170 if (Status != EFI_UNSUPPORTED) {\r
e0961677 171 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): FmpDeviceLib GetImageTypeIdGuidPtr() returned invalid error %r\n", mImageIdName, Status));\r
b0bacc00 172 }\r
278c3d48 173 } else if (FmpDeviceLibGuid == NULL) {\r
e0961677 174 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): FmpDeviceLib GetImageTypeIdGuidPtr() returned invalid GUID\n", mImageIdName));\r
278c3d48
EJ		 175 Status = EFI_NOT_FOUND;\r
176 }\r
177 if (EFI_ERROR (Status)) {\r
178 ImageTypeIdGuidSize = PcdGetSize (PcdFmpDeviceImageTypeIdGuid);\r
179 if (ImageTypeIdGuidSize == sizeof (EFI_GUID)) {\r
180 FmpDeviceLibGuid = (EFI_GUID *)PcdGetPtr (PcdFmpDeviceImageTypeIdGuid);\r
181 } else {\r
de6859ec 182 DEBUG ((DEBUG_WARN, "FmpDxe(%s): Fall back to ImageTypeIdGuid of gEfiCallerIdGuid\n", mImageIdName));\r
278c3d48
EJ		 183 FmpDeviceLibGuid = &gEfiCallerIdGuid;\r
184 }\r
b0bacc00
KM		 185 }\r
186 return FmpDeviceLibGuid;\r
187}\r
188\r
189/**\r
190 Returns a pointer to the Null-terminated Unicode ImageIdName string.\r
191\r
67c1e5ee 192 @retval Null-terminated Unicode ImageIdName string.\r
b0bacc00
KM		 193\r
194**/\r
195CHAR16 *\r
196GetImageTypeNameString (\r
197 VOID\r
198 )\r
199{\r
200 return mImageIdName;\r
201}\r
202\r
203/**\r
204 Lowest supported version is a combo of three parts.\r
205 1. Check if the device lib has a lowest supported version\r
206 2. Check if we have a variable for lowest supported version (this will be updated with each capsule applied)\r
207 3. Check Fixed at build PCD\r
208\r
67c1e5ee
EJ		 209 @param[in] Private Pointer to the private context structure for the\r
210 Firmware Management Protocol instance.\r
211\r
212 @retval The largest value\r
b0bacc00
KM		 213\r
214**/\r
215UINT32\r
216GetLowestSupportedVersion (\r
67c1e5ee 217 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private\r
b0bacc00
KM		 218 )\r
219{\r
220 EFI_STATUS Status;\r
221 UINT32 DeviceLibLowestSupportedVersion;\r
222 UINT32 VariableLowestSupportedVersion;\r
223 UINT32 ReturnLsv;\r
224\r
225 //\r
226 // Get the LowestSupportedVersion.\r
227 //\r
228\r
b0bacc00 229 if (!IsLowestSupportedVersionCheckRequired ()) {\r
1bbb5126
SZ		 230 //\r
231 // Any Version can pass the 0 LowestSupportedVersion check.\r
232 //\r
233 return 0;\r
b0bacc00
KM		 234 }\r
235\r
1bbb5126
SZ		 236 ReturnLsv = PcdGet32 (PcdFmpDeviceBuildTimeLowestSupportedVersion);\r
237\r
b0bacc00
KM		 238 //\r
239 // Check the FmpDeviceLib\r
240 //\r
559b5d52 241 DeviceLibLowestSupportedVersion = DEFAULT_LOWESTSUPPORTEDVERSION;\r
b0bacc00
KM		 242 Status = FmpDeviceGetLowestSupportedVersion (&DeviceLibLowestSupportedVersion);\r
243 if (EFI_ERROR (Status)) {\r
244 DeviceLibLowestSupportedVersion = DEFAULT_LOWESTSUPPORTEDVERSION;\r
245 }\r
246\r
247 if (DeviceLibLowestSupportedVersion > ReturnLsv) {\r
248 ReturnLsv = DeviceLibLowestSupportedVersion;\r
249 }\r
250\r
251 //\r
252 // Check the lowest supported version UEFI variable for this device\r
253 //\r
67c1e5ee 254 VariableLowestSupportedVersion = GetLowestSupportedVersionFromVariable (Private);\r
b0bacc00
KM		 255 if (VariableLowestSupportedVersion > ReturnLsv) {\r
256 ReturnLsv = VariableLowestSupportedVersion;\r
257 }\r
258\r
259 //\r
260 // Return the largest value\r
261 //\r
262 return ReturnLsv;\r
263}\r
264\r
265/**\r
4f0544b1
EJ		 266 Populates the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure in the private\r
267 context structure.\r
268\r
269 @param[in] Private Pointer to the private context structure for the\r
270 Firmware Management Protocol instance.\r
b0bacc00
KM		 271\r
272**/\r
273VOID\r
274PopulateDescriptor (\r
4f0544b1 275 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private\r
b0bacc00
KM		 276 )\r
277{\r
278 EFI_STATUS Status;\r
0f30087b 279 UINT32 DependenciesSize;\r
b0bacc00 280\r
b4b9496b
MK		 281 if (Private == NULL) {\r
282 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): PopulateDescriptor() - Private is NULL.\n", mImageIdName));\r
283 return;\r
284 }\r
285\r
4f0544b1
EJ		 286 if (Private->DescriptorPopulated) {\r
287 return;\r
288 }\r
289\r
290 Private->Descriptor.ImageIndex = 1;\r
291 CopyGuid (&Private->Descriptor.ImageTypeId, GetImageTypeIdGuid());\r
292 Private->Descriptor.ImageId = Private->Descriptor.ImageIndex;\r
293 Private->Descriptor.ImageIdName = GetImageTypeNameString();\r
b0bacc00 294\r
67c1e5ee
EJ		 295 //\r
296 // Get the hardware instance from FmpDeviceLib\r
297 //\r
298 Status = FmpDeviceGetHardwareInstance (&Private->Descriptor.HardwareInstance);\r
299 if (Status == EFI_UNSUPPORTED) {\r
300 Private->Descriptor.HardwareInstance = 0;\r
301 }\r
302\r
303 //\r
304 // Generate UEFI Variable names used to store status information for this\r
305 // FMP instance.\r
306 //\r
307 GenerateFmpVariableNames (Private);\r
308\r
b0bacc00
KM		 309 //\r
310 // Get the version. Some devices don't support getting the firmware version\r
311 // at runtime. If FmpDeviceLib does not support returning a version, then\r
312 // it is stored in a UEFI variable.\r
313 //\r
4f0544b1 314 Status = FmpDeviceGetVersion (&Private->Descriptor.Version);\r
b0bacc00 315 if (Status == EFI_UNSUPPORTED) {\r
4f0544b1 316 Private->RuntimeVersionSupported = FALSE;\r
67c1e5ee 317 Private->Descriptor.Version = GetVersionFromVariable (Private);\r
b0bacc00
KM		 318 } else if (EFI_ERROR (Status)) {\r
319 //\r
320 // Unexpected error. Use default version.\r
321 //\r
e0961677 322 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetVersion() from FmpDeviceLib (%s) returned %r\n", mImageIdName, GetImageTypeNameString(), Status));\r
4f0544b1 323 Private->Descriptor.Version = DEFAULT_VERSION;\r
b0bacc00
KM		 324 }\r
325\r
326 //\r
327 // Free the current version name. Shouldn't really happen but this populate\r
328 // function could be called multiple times (to refresh).\r
329 //\r
4f0544b1
EJ		 330 if (Private->Descriptor.VersionName != NULL) {\r
331 FreePool (Private->Descriptor.VersionName);\r
332 Private->Descriptor.VersionName = NULL;\r
b0bacc00
KM		 333 }\r
334\r
335 //\r
336 // Attempt to get the version string from the FmpDeviceLib\r
337 //\r
4f0544b1 338 Status = FmpDeviceGetVersionString (&Private->Descriptor.VersionName);\r
b0bacc00 339 if (Status == EFI_UNSUPPORTED) {\r
e0961677 340 DEBUG ((DEBUG_INFO, "FmpDxe(%s): GetVersionString() unsupported in FmpDeviceLib.\n", mImageIdName));\r
4f0544b1
EJ		 341 Private->Descriptor.VersionName = AllocateCopyPool (\r
342 sizeof (VERSION_STRING_NOT_SUPPORTED),\r
343 VERSION_STRING_NOT_SUPPORTED\r
344 );\r
b0bacc00 345 } else if (EFI_ERROR (Status)) {\r
e0961677 346 DEBUG ((DEBUG_INFO, "FmpDxe(%s): GetVersionString() not available in FmpDeviceLib.\n", mImageIdName));\r
4f0544b1
EJ		 347 Private->Descriptor.VersionName = AllocateCopyPool (\r
348 sizeof (VERSION_STRING_NOT_AVAILABLE),\r
349 VERSION_STRING_NOT_AVAILABLE\r
350 );\r
b0bacc00
KM		 351 }\r
352\r
67c1e5ee 353 Private->Descriptor.LowestSupportedImageVersion = GetLowestSupportedVersion (Private);\r
b0bacc00
KM		 354\r
355 //\r
356 // Get attributes from the FmpDeviceLib\r
357 //\r
4f0544b1
EJ		 358 FmpDeviceGetAttributes (\r
359 &Private->Descriptor.AttributesSupported,\r
360 &Private->Descriptor.AttributesSetting\r
361 );\r
b0bacc00
KM		 362\r
363 //\r
364 // Force set the updatable bits in the attributes;\r
365 //\r
4f0544b1
EJ		 366 Private->Descriptor.AttributesSupported |= IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;\r
367 Private->Descriptor.AttributesSetting |= IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;\r
b0bacc00
KM		 368\r
369 //\r
370 // Force set the authentication bits in the attributes;\r
371 //\r
4f0544b1
EJ		 372 Private->Descriptor.AttributesSupported |= (IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);\r
373 Private->Descriptor.AttributesSetting |= (IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);\r
b0bacc00 374\r
4f0544b1 375 Private->Descriptor.Compatibilities = 0;\r
b0bacc00
KM		 376\r
377 //\r
378 // Get the size of the firmware image from the FmpDeviceLib\r
379 //\r
4f0544b1 380 Status = FmpDeviceGetSize (&Private->Descriptor.Size);\r
b0bacc00 381 if (EFI_ERROR (Status)) {\r
4f0544b1 382 Private->Descriptor.Size = 0;\r
b0bacc00
KM		 383 }\r
384\r
67c1e5ee
EJ		 385 Private->Descriptor.LastAttemptVersion = GetLastAttemptVersionFromVariable (Private);\r
386 Private->Descriptor.LastAttemptStatus = GetLastAttemptStatusFromVariable (Private);\r
4f0544b1 387\r
2ed845b3 388 //\r
0f30087b 389 // Get the dependency from the FmpDependencyDeviceLib.\r
2ed845b3
WX		 390 //\r
391 Private->Descriptor.Dependencies = NULL;\r
392\r
393 //\r
394 // Check the attribute IMAGE_ATTRIBUTE_DEPENDENCY\r
395 //\r
0f30087b
WX		 396 if (Private->Descriptor.AttributesSetting & IMAGE_ATTRIBUTE_DEPENDENCY) {\r
397 Private->Descriptor.Dependencies = GetFmpDependency (&DependenciesSize);\r
2ed845b3
WX		 398 }\r
399\r
4f0544b1 400 Private->DescriptorPopulated = TRUE;\r
b0bacc00
KM		 401}\r
402\r
403/**\r
404 Returns information about the current firmware image(s) of the device.\r
405\r
406 This function allows a copy of the current firmware image to be created and saved.\r
407 The saved copy could later been used, for example, in firmware image recovery or rollback.\r
408\r
409 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
410 @param[in, out] ImageInfoSize A pointer to the size, in bytes, of the ImageInfo buffer.\r
411 On input, this is the size of the buffer allocated by the caller.\r
412 On output, it is the size of the buffer returned by the firmware\r
413 if the buffer was large enough, or the size of the buffer needed\r
414 to contain the image(s) information if the buffer was too small.\r
415 @param[in, out] ImageInfo A pointer to the buffer in which firmware places the current image(s)\r
416 information. The information is an array of EFI_FIRMWARE_IMAGE_DESCRIPTORs.\r
417 @param[out] DescriptorVersion A pointer to the location in which firmware returns the version number\r
418 associated with the EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
419 @param[out] DescriptorCount A pointer to the location in which firmware returns the number of\r
420 descriptors or firmware images within this device.\r
421 @param[out] DescriptorSize A pointer to the location in which firmware returns the size, in bytes,\r
422 of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
423 @param[out] PackageVersion A version number that represents all the firmware images in the device.\r
424 The format is vendor specific and new version must have a greater value\r
425 than the old version. If PackageVersion is not supported, the value is\r
426 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version comparison\r
427 is to be performed using PackageVersionName. A value of 0xFFFFFFFD indicates\r
428 that package version update is in progress.\r
429 @param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing the\r
430 package version name. The buffer is allocated by this function with\r
431 AllocatePool(), and it is the caller's responsibility to free it with a call\r
432 to FreePool().\r
433\r
434 @retval EFI_SUCCESS The device was successfully updated with the new image.\r
435 @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size\r
436 needed to hold the image(s) information is returned in ImageInfoSize.\r
437 @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL.\r
438 @retval EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image.\r
439\r
440**/\r
441EFI_STATUS\r
442EFIAPI\r
443GetTheImageInfo (\r
444 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
445 IN OUT UINTN *ImageInfoSize,\r
446 IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo,\r
447 OUT UINT32 *DescriptorVersion,\r
448 OUT UINT8 *DescriptorCount,\r
449 OUT UINTN *DescriptorSize,\r
450 OUT UINT32 *PackageVersion,\r
451 OUT CHAR16 **PackageVersionName\r
452 )\r
453{\r
4f0544b1
EJ		 454 EFI_STATUS Status;\r
455 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
b0bacc00
KM		 456\r
457 Status = EFI_SUCCESS;\r
458\r
b4b9496b
MK		 459 if (This == NULL) {\r
460 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImageInfo() - This is NULL.\n", mImageIdName));\r
461 Status = EFI_INVALID_PARAMETER;\r
462 goto cleanup;\r
463 }\r
464\r
4f0544b1
EJ		 465 //\r
466 // Retrieve the private context structure\r
467 //\r
468 Private = FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This);\r
469 FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
470\r
b0bacc00
KM		 471 //\r
472 // Check for valid pointer\r
473 //\r
474 if (ImageInfoSize == NULL) {\r
e0961677 475 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImageInfo() - ImageInfoSize is NULL.\n", mImageIdName));\r
b0bacc00
KM		 476 Status = EFI_INVALID_PARAMETER;\r
477 goto cleanup;\r
478 }\r
479\r
480 //\r
481 // Check the buffer size\r
482 // NOTE: Check this first so caller can get the necessary memory size it must allocate.\r
483 //\r
484 if (*ImageInfoSize < (sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR))) {\r
485 *ImageInfoSize = sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR);\r
e0961677 486 DEBUG ((DEBUG_VERBOSE, "FmpDxe(%s): GetImageInfo() - ImageInfoSize is to small.\n", mImageIdName));\r
b0bacc00
KM		 487 Status = EFI_BUFFER_TOO_SMALL;\r
488 goto cleanup;\r
489 }\r
490\r
491 //\r
492 // Confirm that buffer isn't null\r
493 //\r
494 if ( (ImageInfo == NULL) || (DescriptorVersion == NULL) || (DescriptorCount == NULL) || (DescriptorSize == NULL)\r
495 || (PackageVersion == NULL)) {\r
e0961677 496 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImageInfo() - Pointer Parameter is NULL.\n", mImageIdName));\r
b0bacc00
KM		 497 Status = EFI_INVALID_PARAMETER;\r
498 goto cleanup;\r
499 }\r
500\r
501 //\r
502 // Set the size to whatever we need\r
503 //\r
504 *ImageInfoSize = sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR);\r
505\r
4f0544b1 506 //\r
67c1e5ee 507 // Make sure the descriptor has already been loaded or refreshed\r
4f0544b1
EJ		 508 //\r
509 PopulateDescriptor (Private);\r
b0bacc00
KM		 510\r
511 //\r
512 // Copy the image descriptor\r
513 //\r
4f0544b1 514 CopyMem (ImageInfo, &Private->Descriptor, sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR));\r
b0bacc00
KM		 515\r
516 *DescriptorVersion = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;\r
517 *DescriptorCount = 1;\r
518 *DescriptorSize = sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR);\r
519 //\r
520 // means unsupported\r
521 //\r
522 *PackageVersion = 0xFFFFFFFF;\r
523\r
524 //\r
525 // Do not update PackageVersionName since it is not supported in this instance.\r
526 //\r
527\r
528cleanup:\r
529\r
530 return Status;\r
531}\r
532\r
533/**\r
534 Retrieves a copy of the current firmware image of the device.\r
535\r
536 This function allows a copy of the current firmware image to be created and saved.\r
537 The saved copy could later been used, for example, in firmware image recovery or rollback.\r
538\r
a6d73269
SZ		 539 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
540 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
b0bacc00 541 The number is between 1 and DescriptorCount.\r
a6d73269
SZ		 542 @param[in, out] Image Points to the buffer where the current image is copied to.\r
543 @param[in, out] ImageSize On entry, points to the size of the buffer pointed to by Image, in bytes.\r
b0bacc00
KM		 544 On return, points to the length of the image, in bytes.\r
545\r
546 @retval EFI_SUCCESS The device was successfully updated with the new image.\r
547 @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small to hold the\r
548 image. The current buffer size needed to hold the image is returned\r
549 in ImageSize.\r
550 @retval EFI_INVALID_PARAMETER The Image was NULL.\r
551 @retval EFI_NOT_FOUND The current image is not copied to the buffer.\r
552 @retval EFI_UNSUPPORTED The operation is not supported.\r
5fc5867e 553 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
b0bacc00
KM		 554\r
555**/\r
556EFI_STATUS\r
557EFIAPI\r
558GetTheImage (\r
559 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
560 IN UINT8 ImageIndex,\r
561 IN OUT VOID *Image,\r
562 IN OUT UINTN *ImageSize\r
563 )\r
564{\r
4f0544b1
EJ		 565 EFI_STATUS Status;\r
566 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
567 UINTN Size;\r
b0bacc00 568\r
11d35494
EJ		 569 if (!FeaturePcdGet (PcdFmpDeviceStorageAccessEnable)) {\r
570 return EFI_UNSUPPORTED;\r
571 }\r
572\r
0f30087b 573 Status = EFI_SUCCESS;\r
b0bacc00 574\r
b4b9496b
MK		 575 if (This == NULL) {\r
576 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImage() - This is NULL.\n", mImageIdName));\r
577 Status = EFI_INVALID_PARAMETER;\r
578 goto cleanup;\r
579 }\r
580\r
4f0544b1
EJ		 581 //\r
582 // Retrieve the private context structure\r
583 //\r
584 Private = FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This);\r
585 FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
586\r
ebfac291
SZ		 587 //\r
588 // Check to make sure index is 1 (only 1 image for this device)\r
589 //\r
590 if (ImageIndex != 1) {\r
e0961677 591 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImage() - Image Index Invalid.\n", mImageIdName));\r
ebfac291
SZ		 592 Status = EFI_INVALID_PARAMETER;\r
593 goto cleanup;\r
594 }\r
595\r
03340683 596 if (ImageSize == NULL) {\r
e0961677 597 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImage() - ImageSize Pointer Parameter is NULL.\n", mImageIdName));\r
b0bacc00
KM		 598 Status = EFI_INVALID_PARAMETER;\r
599 goto cleanup;\r
600 }\r
601\r
602 //\r
603 // Check the buffer size\r
604 //\r
605 Status = FmpDeviceGetSize (&Size);\r
606 if (EFI_ERROR (Status)) {\r
607 Size = 0;\r
608 }\r
0f30087b
WX		 609 if (*ImageSize < Size) {\r
610 *ImageSize = Size;\r
e0961677 611 DEBUG ((DEBUG_VERBOSE, "FmpDxe(%s): GetImage() - ImageSize is to small.\n", mImageIdName));\r
b0bacc00
KM		 612 Status = EFI_BUFFER_TOO_SMALL;\r
613 goto cleanup;\r
614 }\r
615\r
616 if (Image == NULL) {\r
e0961677 617 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImage() - Image Pointer Parameter is NULL.\n", mImageIdName));\r
b0bacc00
KM		 618 Status = EFI_INVALID_PARAMETER;\r
619 goto cleanup;\r
620 }\r
621\r
0f30087b 622 Status = FmpDeviceGetImage (Image, ImageSize);\r
b0bacc00
KM		 623cleanup:\r
624\r
625 return Status;\r
626}\r
627\r
628/**\r
629 Helper function to safely retrieve the FMP header from\r
630 within an EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.\r
631\r
0f30087b
WX		 632 @param[in] Image Pointer to the image.\r
633 @param[in] ImageSize Size of the image.\r
634 @param[in] AdditionalHeaderSize Size of any headers that cannot be calculated by this function.\r
b4b9496b
MK		 635 @param[out] PayloadSize An optional pointer to a UINTN that holds the size of the payload\r
636 (image size minus headers)\r
b0bacc00
KM		 637\r
638 @retval !NULL Valid pointer to the header.\r
639 @retval NULL Structure is bad and pointer cannot be found.\r
640\r
641**/\r
642VOID *\r
643GetFmpHeader (\r
644 IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,\r
645 IN CONST UINTN ImageSize,\r
0f30087b 646 IN CONST UINTN AdditionalHeaderSize,\r
b4b9496b 647 OUT UINTN *PayloadSize OPTIONAL\r
b0bacc00
KM		 648 )\r
649{\r
650 //\r
651 // Check to make sure that operation can be safely performed.\r
652 //\r
0f30087b
WX		 653 if (((UINTN)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) + AdditionalHeaderSize < (UINTN)Image || \\r
654 ((UINTN)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) + AdditionalHeaderSize >= (UINTN)Image + ImageSize) {\r
b0bacc00
KM		 655 //\r
656 // Pointer overflow. Invalid image.\r
657 //\r
658 return NULL;\r
659 }\r
660\r
b4b9496b
MK		 661 if (PayloadSize != NULL) {\r
662 *PayloadSize = ImageSize - (sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength + AdditionalHeaderSize);\r
663 }\r
664\r
0f30087b 665 return (VOID *)((UINT8 *)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength + AdditionalHeaderSize);\r
b0bacc00
KM		 666}\r
667\r
668/**\r
669 Helper function to safely calculate the size of all headers\r
670 within an EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.\r
671\r
672 @param[in] Image Pointer to the image.\r
673 @param[in] AdditionalHeaderSize Size of any headers that cannot be calculated by this function.\r
674\r
675 @retval UINT32>0 Valid size of all the headers.\r
676 @retval 0 Structure is bad and size cannot be found.\r
677\r
678**/\r
679UINT32\r
680GetAllHeaderSize (\r
681 IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,\r
682 IN UINT32 AdditionalHeaderSize\r
683 )\r
684{\r
685 UINT32 CalculatedSize;\r
686\r
b4b9496b
MK		 687 if (Image == NULL) {\r
688 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetAllHeaderSize() - Image is NULL.\n", mImageIdName));\r
689 return 0;\r
690 }\r
691\r
b0bacc00
KM		 692 CalculatedSize = sizeof (Image->MonotonicCount) +\r
693 AdditionalHeaderSize +\r
694 Image->AuthInfo.Hdr.dwLength;\r
695\r
696 //\r
697 // Check to make sure that operation can be safely performed.\r
698 //\r
699 if (CalculatedSize < sizeof (Image->MonotonicCount) ||\r
700 CalculatedSize < AdditionalHeaderSize ||\r
701 CalculatedSize < Image->AuthInfo.Hdr.dwLength ) {\r
702 //\r
703 // Integer overflow. Invalid image.\r
704 //\r
705 return 0;\r
706 }\r
707\r
708 return CalculatedSize;\r
709}\r
710\r
711/**\r
712 Checks if the firmware image is valid for the device.\r
713\r
714 This function allows firmware update application to validate the firmware image without\r
715 invoking the SetImage() first.\r
716\r
717 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
718 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
719 The number is between 1 and DescriptorCount.\r
720 @param[in] Image Points to the new image.\r
721 @param[in] ImageSize Size of the new image in bytes.\r
722 @param[out] ImageUpdatable Indicates if the new image is valid for update. It also provides,\r
723 if available, additional information if the image is invalid.\r
724\r
725 @retval EFI_SUCCESS The image was successfully checked.\r
4e61b8d0 726 @retval EFI_ABORTED The operation is aborted.\r
b0bacc00
KM		 727 @retval EFI_INVALID_PARAMETER The Image was NULL.\r
728 @retval EFI_UNSUPPORTED The operation is not supported.\r
5fc5867e 729 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
b0bacc00
KM		 730\r
731**/\r
732EFI_STATUS\r
733EFIAPI\r
734CheckTheImage (\r
735 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
736 IN UINT8 ImageIndex,\r
737 IN CONST VOID *Image,\r
738 IN UINTN ImageSize,\r
a6d73269 739 OUT UINT32 *ImageUpdatable\r
b0bacc00
KM		 740 )\r
741{\r
4f0544b1
EJ		 742 EFI_STATUS Status;\r
743 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
744 UINTN RawSize;\r
745 VOID *FmpPayloadHeader;\r
746 UINTN FmpPayloadSize;\r
747 UINT32 Version;\r
748 UINT32 FmpHeaderSize;\r
749 UINTN AllHeaderSize;\r
750 UINT32 Index;\r
751 VOID *PublicKeyData;\r
752 UINTN PublicKeyDataLength;\r
753 UINT8 *PublicKeyDataXdr;\r
754 UINT8 *PublicKeyDataXdrEnd;\r
2ed845b3
WX		 755 EFI_FIRMWARE_IMAGE_DEP *Dependencies;\r
756 UINT32 DependenciesSize;\r
b0bacc00
KM		 757\r
758 Status = EFI_SUCCESS;\r
759 RawSize = 0;\r
760 FmpPayloadHeader = NULL;\r
761 FmpPayloadSize = 0;\r
762 Version = 0;\r
763 FmpHeaderSize = 0;\r
764 AllHeaderSize = 0;\r
2ed845b3
WX		 765 Dependencies = NULL;\r
766 DependenciesSize = 0;\r
b0bacc00 767\r
11d35494
EJ		 768 if (!FeaturePcdGet (PcdFmpDeviceStorageAccessEnable)) {\r
769 return EFI_UNSUPPORTED;\r
770 }\r
771\r
b4b9496b
MK		 772 if (This == NULL) {\r
773 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckImage() - This is NULL.\n", mImageIdName));\r
774 Status = EFI_INVALID_PARAMETER;\r
775 goto cleanup;\r
776 }\r
777\r
4f0544b1
EJ		 778 //\r
779 // Retrieve the private context structure\r
780 //\r
781 Private = FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This);\r
782 FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
783\r
b0bacc00 784 //\r
67c1e5ee 785 // Make sure the descriptor has already been loaded or refreshed\r
b0bacc00 786 //\r
4f0544b1 787 PopulateDescriptor (Private);\r
b0bacc00 788\r
a6d73269 789 if (ImageUpdatable == NULL) {\r
e0961677 790 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckImage() - ImageUpdatable Pointer Parameter is NULL.\n", mImageIdName));\r
b0bacc00
KM		 791 Status = EFI_INVALID_PARAMETER;\r
792 goto cleanup;\r
793 }\r
794\r
795 //\r
796 //Set to valid and then if any tests fail it will update this flag.\r
797 //\r
a6d73269 798 *ImageUpdatable = IMAGE_UPDATABLE_VALID;\r
b0bacc00 799\r
0f30087b
WX		 800 //\r
801 // Set to satisfied and then if dependency evaluates to false it will update this flag.\r
802 //\r
803 Private->DependenciesSatisfied = TRUE;\r
804\r
b0bacc00 805 if (Image == NULL) {\r
e0961677 806 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckImage() - Image Pointer Parameter is NULL.\n", mImageIdName));\r
b0bacc00
KM		 807 //\r
808 // not sure if this is needed\r
809 //\r
a6d73269 810 *ImageUpdatable = IMAGE_UPDATABLE_INVALID;\r
b0bacc00
KM		 811 return EFI_INVALID_PARAMETER;\r
812 }\r
813\r
814 PublicKeyDataXdr = PcdGetPtr (PcdFmpDevicePkcs7CertBufferXdr);\r
815 PublicKeyDataXdrEnd = PublicKeyDataXdr + PcdGetSize (PcdFmpDevicePkcs7CertBufferXdr);\r
816\r
817 if (PublicKeyDataXdr == NULL || (PublicKeyDataXdr == PublicKeyDataXdrEnd)) {\r
e0961677 818 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Invalid certificate, skipping it.\n", mImageIdName));\r
b0bacc00
KM		 819 Status = EFI_ABORTED;\r
820 } else {\r
821 //\r
822 // Try each key from PcdFmpDevicePkcs7CertBufferXdr\r
823 //\r
824 for (Index = 1; PublicKeyDataXdr < PublicKeyDataXdrEnd; Index++) {\r
825 Index++;\r
826 DEBUG (\r
827 (DEBUG_INFO,\r
e0961677
EJ		 828 "FmpDxe(%s): Certificate #%d [%p..%p].\n",\r
829 mImageIdName,\r
b0bacc00
KM		 830 Index,\r
831 PublicKeyDataXdr,\r
832 PublicKeyDataXdrEnd\r
833 )\r
834 );\r
835\r
836 if ((PublicKeyDataXdr + sizeof (UINT32)) > PublicKeyDataXdrEnd) {\r
837 //\r
838 // Key data extends beyond end of PCD\r
839 //\r
e0961677 840 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Certificate size extends beyond end of PCD, skipping it.\n", mImageIdName));\r
b0bacc00
KM		 841 Status = EFI_ABORTED;\r
842 break;\r
843 }\r
844 //\r
845 // Read key length stored in big-endian format\r
846 //\r
847 PublicKeyDataLength = SwapBytes32 (*(UINT32 *)(PublicKeyDataXdr));\r
848 //\r
849 // Point to the start of the key data\r
850 //\r
851 PublicKeyDataXdr += sizeof (UINT32);\r
852 if (PublicKeyDataXdr + PublicKeyDataLength > PublicKeyDataXdrEnd) {\r
853 //\r
854 // Key data extends beyond end of PCD\r
855 //\r
e0961677 856 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Certificate extends beyond end of PCD, skipping it.\n", mImageIdName));\r
b0bacc00
KM		 857 Status = EFI_ABORTED;\r
858 break;\r
859 }\r
860 PublicKeyData = PublicKeyDataXdr;\r
861 Status = AuthenticateFmpImage (\r
862 (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image,\r
863 ImageSize,\r
864 PublicKeyData,\r
865 PublicKeyDataLength\r
866 );\r
867 if (!EFI_ERROR (Status)) {\r
868 break;\r
869 }\r
870 PublicKeyDataXdr += PublicKeyDataLength;\r
871 PublicKeyDataXdr = (UINT8 *)ALIGN_POINTER (PublicKeyDataXdr, sizeof (UINT32));\r
872 }\r
873 }\r
874\r
875 if (EFI_ERROR (Status)) {\r
e0961677 876 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckTheImage() - Authentication Failed %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 877 goto cleanup;\r
878 }\r
879\r
880 //\r
881 // Check to make sure index is 1\r
882 //\r
883 if (ImageIndex != 1) {\r
e0961677 884 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckImage() - Image Index Invalid.\n", mImageIdName));\r
a6d73269 885 *ImageUpdatable = IMAGE_UPDATABLE_INVALID_TYPE;\r
b4b9496b 886 Status = EFI_INVALID_PARAMETER;\r
b0bacc00
KM		 887 goto cleanup;\r
888 }\r
889\r
0f30087b
WX		 890 //\r
891 // Get the dependency from Image.\r
892 //\r
893 Dependencies = GetImageDependency ((EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, ImageSize, &DependenciesSize);\r
b0bacc00
KM		 894\r
895 //\r
896 // Check the FmpPayloadHeader\r
897 //\r
0f30087b 898 FmpPayloadHeader = GetFmpHeader ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, ImageSize, DependenciesSize, &FmpPayloadSize );\r
b0bacc00 899 if (FmpPayloadHeader == NULL) {\r
e0961677 900 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckTheImage() - GetFmpHeader failed.\n", mImageIdName));\r
b0bacc00
KM		 901 Status = EFI_ABORTED;\r
902 goto cleanup;\r
903 }\r
904 Status = GetFmpPayloadHeaderVersion (FmpPayloadHeader, FmpPayloadSize, &Version);\r
905 if (EFI_ERROR (Status)) {\r
0f30087b
WX		 906 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckTheImage() - GetFmpPayloadHeaderVersion failed %r.\n", mImageIdName, Status));\r
907 *ImageUpdatable = IMAGE_UPDATABLE_INVALID;\r
908 Status = EFI_SUCCESS;\r
909 goto cleanup;\r
b0bacc00
KM		 910 }\r
911\r
912 //\r
913 // Check the lowest supported version\r
914 //\r
4f0544b1 915 if (Version < Private->Descriptor.LowestSupportedImageVersion) {\r
b0bacc00
KM		 916 DEBUG (\r
917 (DEBUG_ERROR,\r
e0961677
EJ		 918 "FmpDxe(%s): CheckTheImage() - Version Lower than lowest supported version. 0x%08X < 0x%08X\n",\r
919 mImageIdName, Version, Private->Descriptor.LowestSupportedImageVersion)\r
b0bacc00 920 );\r
a6d73269 921 *ImageUpdatable = IMAGE_UPDATABLE_INVALID_OLD;\r
b0bacc00
KM		 922 Status = EFI_SUCCESS;\r
923 goto cleanup;\r
924 }\r
925\r
2ed845b3
WX		 926 //\r
927 // Evaluate dependency expression\r
928 //\r
0f30087b
WX		 929 Private->DependenciesSatisfied = CheckFmpDependency (Private->Descriptor.ImageTypeId, Version, Dependencies, DependenciesSize);\r
930 if (!Private->DependenciesSatisfied) {\r
931 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckTheImage() - Dependency check failed.\n", mImageIdName));\r
2ed845b3
WX		 932 *ImageUpdatable = IMAGE_UPDATABLE_INVALID;\r
933 Status = EFI_SUCCESS;\r
934 goto cleanup;\r
935 }\r
936\r
b0bacc00
KM		 937 //\r
938 // Get the FmpHeaderSize so we can determine the real payload size\r
939 //\r
940 Status = GetFmpPayloadHeaderSize (FmpPayloadHeader, FmpPayloadSize, &FmpHeaderSize);\r
941 if (EFI_ERROR (Status)) {\r
942 DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - GetFmpPayloadHeaderSize failed %r.\n", Status));\r
a6d73269 943 *ImageUpdatable = IMAGE_UPDATABLE_INVALID;\r
b0bacc00
KM		 944 Status = EFI_SUCCESS;\r
945 goto cleanup;\r
946 }\r
947\r
948 //\r
949 // Call FmpDevice Lib Check Image on the\r
950 // Raw payload. So all headers need stripped off\r
951 //\r
2ed845b3 952 AllHeaderSize = GetAllHeaderSize ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, FmpHeaderSize + DependenciesSize);\r
b0bacc00 953 if (AllHeaderSize == 0) {\r
e0961677 954 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckTheImage() - GetAllHeaderSize failed.\n", mImageIdName));\r
b0bacc00
KM		 955 Status = EFI_ABORTED;\r
956 goto cleanup;\r
957 }\r
958 RawSize = ImageSize - AllHeaderSize;\r
959\r
960 //\r
961 // FmpDeviceLib CheckImage function to do any specific checks\r
962 //\r
a6d73269 963 Status = FmpDeviceCheckImage ((((UINT8 *)Image) + AllHeaderSize), RawSize, ImageUpdatable);\r
b0bacc00 964 if (EFI_ERROR (Status)) {\r
e0961677 965 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckTheImage() - FmpDeviceLib CheckImage failed. Status = %r\n", mImageIdName, Status));\r
b0bacc00
KM		 966 }\r
967\r
968cleanup:\r
969 return Status;\r
970}\r
971\r
972/**\r
973 Updates the firmware image of the device.\r
974\r
975 This function updates the hardware with the new firmware image.\r
976 This function returns EFI_UNSUPPORTED if the firmware image is not updatable.\r
977 If the firmware image is updatable, the function should perform the following minimal validations\r
978 before proceeding to do the firmware image update.\r
979 - Validate the image authentication if image has attribute\r
980 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns\r
981 EFI_SECURITY_VIOLATION if the validation fails.\r
982 - Validate the image is a supported image for this device. The function returns EFI_ABORTED if\r
983 the image is unsupported. The function can optionally provide more detailed information on\r
984 why the image is not a supported image.\r
985 - Validate the data from VendorCode if not null. Image validation must be performed before\r
986 VendorCode data validation. VendorCode data is ignored or considered invalid if image\r
987 validation failed. The function returns EFI_ABORTED if the data is invalid.\r
988\r
989 VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if\r
990 the caller did not specify the policy or use the default policy. As an example, vendor can implement\r
991 a policy to allow an option to force a firmware image update when the abort reason is due to the new\r
992 firmware image version is older than the current firmware image version or bad image checksum.\r
993 Sensitive operations such as those wiping the entire firmware image and render the device to be\r
994 non-functional should be encoded in the image itself rather than passed with the VendorCode.\r
995 AbortReason enables vendor to have the option to provide a more detailed description of the abort\r
996 reason to the caller.\r
997\r
998 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
999 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
1000 The number is between 1 and DescriptorCount.\r
1001 @param[in] Image Points to the new image.\r
1002 @param[in] ImageSize Size of the new image in bytes.\r
1003 @param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy.\r
1004 Null indicates the caller did not specify the policy or use the default policy.\r
1005 @param[in] Progress A function used by the driver to report the progress of the firmware update.\r
1006 @param[out] AbortReason A pointer to a pointer to a null-terminated string providing more\r
1007 details for the aborted operation. The buffer is allocated by this function\r
1008 with AllocatePool(), and it is the caller's responsibility to free it with a\r
1009 call to FreePool().\r
1010\r
1011 @retval EFI_SUCCESS The device was successfully updated with the new image.\r
1012 @retval EFI_ABORTED The operation is aborted.\r
1013 @retval EFI_INVALID_PARAMETER The Image was NULL.\r
1014 @retval EFI_UNSUPPORTED The operation is not supported.\r
5fc5867e 1015 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
b0bacc00
KM		 1016\r
1017**/\r
1018EFI_STATUS\r
1019EFIAPI\r
1020SetTheImage (\r
1021 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
1022 IN UINT8 ImageIndex,\r
1023 IN CONST VOID *Image,\r
1024 IN UINTN ImageSize,\r
1025 IN CONST VOID *VendorCode,\r
1026 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress,\r
1027 OUT CHAR16 **AbortReason\r
1028 )\r
1029{\r
4f0544b1
EJ		 1030 EFI_STATUS Status;\r
1031 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
1032 UINT32 Updateable;\r
1033 BOOLEAN BooleanValue;\r
1034 UINT32 FmpHeaderSize;\r
1035 VOID *FmpHeader;\r
1036 UINTN FmpPayloadSize;\r
1037 UINT32 AllHeaderSize;\r
95d28836 1038 UINT32 IncomingFwVersion;\r
4f0544b1
EJ		 1039 UINT32 LastAttemptStatus;\r
1040 UINT32 Version;\r
1041 UINT32 LowestSupportedVersion;\r
2ed845b3
WX		 1042 EFI_FIRMWARE_IMAGE_DEP *Dependencies;\r
1043 UINT32 DependenciesSize;\r
b0bacc00
KM		 1044\r
1045 Status = EFI_SUCCESS;\r
1046 Updateable = 0;\r
1047 BooleanValue = FALSE;\r
1048 FmpHeaderSize = 0;\r
1049 FmpHeader = NULL;\r
1050 FmpPayloadSize = 0;\r
1051 AllHeaderSize = 0;\r
2ed845b3 1052 IncomingFwVersion = 0;\r
b0bacc00 1053 LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;\r
2ed845b3
WX		 1054 Dependencies = NULL;\r
1055 DependenciesSize = 0;\r
b0bacc00 1056\r
11d35494
EJ		 1057 if (!FeaturePcdGet (PcdFmpDeviceStorageAccessEnable)) {\r
1058 return EFI_UNSUPPORTED;\r
1059 }\r
1060\r
b4b9496b
MK		 1061 if (This == NULL) {\r
1062 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - This is NULL.\n", mImageIdName));\r
1063 Status = EFI_INVALID_PARAMETER;\r
1064 goto cleanup;\r
1065 }\r
1066\r
4f0544b1
EJ		 1067 //\r
1068 // Retrieve the private context structure\r
1069 //\r
1070 Private = FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This);\r
1071 FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
b0bacc00 1072\r
67c1e5ee
EJ		 1073 //\r
1074 // Make sure the descriptor has already been loaded or refreshed\r
1075 //\r
1076 PopulateDescriptor (Private);\r
1077\r
1078 //\r
1079 // Set to 0 to clear any previous results.\r
1080 //\r
95d28836 1081 SetLastAttemptVersionInVariable (Private, IncomingFwVersion);\r
b0bacc00
KM		 1082\r
1083 //\r
1084 // if we have locked the device, then skip the set operation.\r
1085 // it should be blocked by hardware too but we can catch here even faster\r
1086 //\r
4f0544b1 1087 if (Private->FmpDeviceLocked) {\r
e0961677 1088 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - Device is already locked. Can't update.\n", mImageIdName));\r
a4c35479 1089 Status = EFI_UNSUPPORTED;\r
b0bacc00
KM		 1090 goto cleanup;\r
1091 }\r
1092\r
1093 //\r
1094 // Call check image to verify the image\r
1095 //\r
1096 Status = CheckTheImage (This, ImageIndex, Image, ImageSize, &Updateable);\r
1097 if (EFI_ERROR (Status)) {\r
e0961677 1098 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - Check The Image failed with %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1099 if (Status == EFI_SECURITY_VIOLATION) {\r
1100 LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR;\r
1101 }\r
1102 goto cleanup;\r
1103 }\r
1104\r
0f30087b
WX		 1105 //\r
1106 // Get the dependency from Image.\r
1107 //\r
1108 Dependencies = GetImageDependency ((EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, ImageSize, &DependenciesSize);\r
1109\r
b0bacc00
KM		 1110 //\r
1111 // No functional error in CheckTheImage. Attempt to get the Version to\r
1112 // support better error reporting.\r
1113 //\r
0f30087b 1114 FmpHeader = GetFmpHeader ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, ImageSize, DependenciesSize, &FmpPayloadSize );\r
b0bacc00 1115 if (FmpHeader == NULL) {\r
e0961677 1116 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - GetFmpHeader failed.\n", mImageIdName));\r
b0bacc00
KM		 1117 Status = EFI_ABORTED;\r
1118 goto cleanup;\r
1119 }\r
95d28836 1120 Status = GetFmpPayloadHeaderVersion (FmpHeader, FmpPayloadSize, &IncomingFwVersion);\r
b0bacc00
KM		 1121 if (!EFI_ERROR (Status)) {\r
1122 //\r
1123 // Set to actual value\r
1124 //\r
95d28836 1125 SetLastAttemptVersionInVariable (Private, IncomingFwVersion);\r
b0bacc00
KM		 1126 }\r
1127\r
1128\r
1129 if (Updateable != IMAGE_UPDATABLE_VALID) {\r
1130 DEBUG (\r
1131 (DEBUG_ERROR,\r
e0961677
EJ		 1132 "FmpDxe(%s): SetTheImage() - Check The Image returned that the Image was not valid for update. Updatable value = 0x%X.\n",\r
1133 mImageIdName, Updateable)\r
b0bacc00 1134 );\r
0f30087b 1135 if (Private->DependenciesSatisfied == FALSE) {\r
2ed845b3 1136 LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSATISFIED_DEPENDENCIES;\r
2ed845b3 1137 }\r
b0bacc00
KM		 1138 Status = EFI_ABORTED;\r
1139 goto cleanup;\r
1140 }\r
1141\r
1142 if (Progress == NULL) {\r
e0961677 1143 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - Invalid progress callback\n", mImageIdName));\r
b0bacc00
KM		 1144 Status = EFI_INVALID_PARAMETER;\r
1145 goto cleanup;\r
1146 }\r
1147\r
1148 mProgressFunc = Progress;\r
b0bacc00
KM		 1149\r
1150 //\r
1151 // Checking the image is at least 1%\r
1152 //\r
1153 Status = Progress (1);\r
1154 if (EFI_ERROR (Status)) {\r
e0961677 1155 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - Progress Callback failed with Status %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1156 }\r
1157\r
1158 //\r
1159 //Check System Power\r
1160 //\r
1161 Status = CheckSystemPower (&BooleanValue);\r
1162 if (EFI_ERROR (Status)) {\r
e0961677 1163 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - CheckSystemPower - API call failed %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1164 goto cleanup;\r
1165 }\r
1166 if (!BooleanValue) {\r
1167 Status = EFI_ABORTED;\r
1168 DEBUG (\r
1169 (DEBUG_ERROR,\r
e0961677 1170 "FmpDxe(%s): SetTheImage() - CheckSystemPower - returned False. Update not allowed due to System Power.\n", mImageIdName)\r
b0bacc00
KM		 1171 );\r
1172 LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_PWR_EVT_BATT;\r
1173 goto cleanup;\r
1174 }\r
1175\r
1176 Progress (2);\r
1177\r
1178 //\r
1179 //Check System Thermal\r
1180 //\r
1181 Status = CheckSystemThermal (&BooleanValue);\r
1182 if (EFI_ERROR (Status)) {\r
e0961677 1183 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - CheckSystemThermal - API call failed %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1184 goto cleanup;\r
1185 }\r
1186 if (!BooleanValue) {\r
1187 Status = EFI_ABORTED;\r
1188 DEBUG (\r
1189 (DEBUG_ERROR,\r
e0961677 1190 "FmpDxe(%s): SetTheImage() - CheckSystemThermal - returned False. Update not allowed due to System Thermal.\n", mImageIdName)\r
b0bacc00
KM		 1191 );\r
1192 goto cleanup;\r
1193 }\r
1194\r
1195 Progress (3);\r
1196\r
1197 //\r
1198 //Check System Environment\r
1199 //\r
1200 Status = CheckSystemEnvironment (&BooleanValue);\r
1201 if (EFI_ERROR (Status)) {\r
e0961677 1202 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - CheckSystemEnvironment - API call failed %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1203 goto cleanup;\r
1204 }\r
1205 if (!BooleanValue) {\r
1206 Status = EFI_ABORTED;\r
1207 DEBUG (\r
1208 (DEBUG_ERROR,\r
e0961677 1209 "FmpDxe(%s): SetTheImage() - CheckSystemEnvironment - returned False. Update not allowed due to System Environment.\n", mImageIdName)\r
b0bacc00
KM		 1210 );\r
1211 goto cleanup;\r
1212 }\r
1213\r
1214 Progress (4);\r
1215\r
1216 //\r
1217 // Save LastAttemptStatus as error so that if SetImage never returns the error\r
1218 // state is recorded.\r
1219 //\r
67c1e5ee 1220 SetLastAttemptStatusInVariable (Private, LastAttemptStatus);\r
b0bacc00
KM		 1221\r
1222 //\r
1223 // Strip off all the headers so the device can process its firmware\r
1224 //\r
1225 Status = GetFmpPayloadHeaderSize (FmpHeader, FmpPayloadSize, &FmpHeaderSize);\r
1226 if (EFI_ERROR (Status)) {\r
e0961677 1227 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - GetFmpPayloadHeaderSize failed %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1228 goto cleanup;\r
1229 }\r
1230\r
2ed845b3 1231 AllHeaderSize = GetAllHeaderSize ((EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, FmpHeaderSize + DependenciesSize);\r
b0bacc00 1232 if (AllHeaderSize == 0) {\r
e0961677 1233 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - GetAllHeaderSize failed.\n", mImageIdName));\r
b0bacc00
KM		 1234 Status = EFI_ABORTED;\r
1235 goto cleanup;\r
1236 }\r
1237\r
1238 //\r
1239 // Indicate that control is handed off to FmpDeviceLib\r
1240 //\r
1241 Progress (5);\r
1242\r
1243 //\r
1244 //Copy the requested image to the firmware using the FmpDeviceLib\r
1245 //\r
1246 Status = FmpDeviceSetImage (\r
0f30087b
WX		 1247 (((UINT8 *)Image) + AllHeaderSize),\r
1248 ImageSize - AllHeaderSize,\r
b0bacc00
KM		 1249 VendorCode,\r
1250 FmpDxeProgress,\r
95d28836 1251 IncomingFwVersion,\r
b0bacc00
KM		 1252 AbortReason\r
1253 );\r
1254 if (EFI_ERROR (Status)) {\r
e0961677 1255 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() SetImage from FmpDeviceLib failed. Status = %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1256 goto cleanup;\r
1257 }\r
1258\r
0f30087b
WX		 1259 //\r
1260 // Store the dependency\r
1261 //\r
1262 if (Private->Descriptor.AttributesSetting & IMAGE_ATTRIBUTE_DEPENDENCY) {\r
1263 Status = SaveFmpDependency (Dependencies, DependenciesSize);\r
1264 if (EFI_ERROR (Status)) {\r
1265 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() SaveFmpDependency from FmpDependencyCheckLib failed. (%r)\n", mImageIdName, Status));\r
1266 }\r
1267 Status = EFI_SUCCESS;\r
1268 }\r
b0bacc00
KM		 1269\r
1270 //\r
1271 // Finished the update without error\r
1272 // Indicate that control has been returned from FmpDeviceLib\r
1273 //\r
1274 Progress (99);\r
1275\r
1276 //\r
1277 // Update the version stored in variable\r
1278 //\r
4f0544b1 1279 if (!Private->RuntimeVersionSupported) {\r
a6d73269 1280 Version = DEFAULT_VERSION;\r
b0bacc00 1281 GetFmpPayloadHeaderVersion (FmpHeader, FmpPayloadSize, &Version);\r
67c1e5ee 1282 SetVersionInVariable (Private, Version);\r
b0bacc00
KM		 1283 }\r
1284\r
1285 //\r
1286 // Update lowest supported variable\r
1287 //\r
67c1e5ee
EJ		 1288 LowestSupportedVersion = DEFAULT_LOWESTSUPPORTEDVERSION;\r
1289 GetFmpPayloadHeaderLowestSupportedVersion (FmpHeader, FmpPayloadSize, &LowestSupportedVersion);\r
1290 SetLowestSupportedVersionInVariable (Private, LowestSupportedVersion);\r
b0bacc00
KM		 1291\r
1292 LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;\r
1293\r
b0bacc00
KM		 1294cleanup:\r
1295 mProgressFunc = NULL;\r
67c1e5ee 1296 SetLastAttemptStatusInVariable (Private, LastAttemptStatus);\r
b0bacc00 1297\r
c6c18d87
SZ		 1298 if (Progress != NULL) {\r
1299 //\r
1300 // Set progress to 100 after everything is done including recording Status.\r
1301 //\r
1302 Progress (100);\r
1303 }\r
b0bacc00 1304\r
27e42bf6
SZ		 1305 //\r
1306 // Need repopulate after SetImage is called to\r
1307 // update LastAttemptVersion and LastAttemptStatus.\r
1308 //\r
4f0544b1 1309 Private->DescriptorPopulated = FALSE;\r
27e42bf6 1310\r
b0bacc00
KM		 1311 return Status;\r
1312}\r
1313\r
1314/**\r
1315 Returns information about the firmware package.\r
1316\r
1317 This function returns package information.\r
1318\r
1319 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
1320 @param[out] PackageVersion A version number that represents all the firmware images in the device.\r
1321 The format is vendor specific and new version must have a greater value\r
1322 than the old version. If PackageVersion is not supported, the value is\r
1323 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version\r
1324 comparison is to be performed using PackageVersionName. A value of\r
1325 0xFFFFFFFD indicates that package version update is in progress.\r
1326 @param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing\r
1327 the package version name. The buffer is allocated by this function with\r
1328 AllocatePool(), and it is the caller's responsibility to free it with a\r
1329 call to FreePool().\r
1330 @param[out] PackageVersionNameMaxLen The maximum length of package version name if device supports update of\r
1331 package version name. A value of 0 indicates the device does not support\r
1332 update of package version name. Length is the number of Unicode characters,\r
1333 including the terminating null character.\r
1334 @param[out] AttributesSupported Package attributes that are supported by this device. See 'Package Attribute\r
1335 Definitions' for possible returned values of this parameter. A value of 1\r
1336 indicates the attribute is supported and the current setting value is\r
1337 indicated in AttributesSetting. A value of 0 indicates the attribute is not\r
1338 supported and the current setting value in AttributesSetting is meaningless.\r
1339 @param[out] AttributesSetting Package attributes. See 'Package Attribute Definitions' for possible returned\r
1340 values of this parameter\r
1341\r
1342 @retval EFI_SUCCESS The package information was successfully returned.\r
1343 @retval EFI_UNSUPPORTED The operation is not supported.\r
1344\r
1345**/\r
1346EFI_STATUS\r
1347EFIAPI\r
1348GetPackageInfo (\r
1349 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
1350 OUT UINT32 *PackageVersion,\r
1351 OUT CHAR16 **PackageVersionName,\r
1352 OUT UINT32 *PackageVersionNameMaxLen,\r
1353 OUT UINT64 *AttributesSupported,\r
1354 OUT UINT64 *AttributesSetting\r
1355 )\r
1356{\r
1357 return EFI_UNSUPPORTED;\r
1358}\r
1359\r
1360/**\r
1361 Updates information about the firmware package.\r
1362\r
1363 This function updates package information.\r
1364 This function returns EFI_UNSUPPORTED if the package information is not updatable.\r
1365 VendorCode enables vendor to implement vendor-specific package information update policy.\r
1366 Null if the caller did not specify this policy or use the default policy.\r
1367\r
1368 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
1369 @param[in] Image Points to the authentication image.\r
1370 Null if authentication is not required.\r
1371 @param[in] ImageSize Size of the authentication image in bytes.\r
1372 0 if authentication is not required.\r
1373 @param[in] VendorCode This enables vendor to implement vendor-specific firmware\r
1374 image update policy.\r
1375 Null indicates the caller did not specify this policy or use\r
1376 the default policy.\r
1377 @param[in] PackageVersion The new package version.\r
1378 @param[in] PackageVersionName A pointer to the new null-terminated Unicode string representing\r
1379 the package version name.\r
1380 The string length is equal to or less than the value returned in\r
1381 PackageVersionNameMaxLen.\r
1382\r
1383 @retval EFI_SUCCESS The device was successfully updated with the new package\r
1384 information.\r
1385 @retval EFI_INVALID_PARAMETER The PackageVersionName length is longer than the value\r
1386 returned in PackageVersionNameMaxLen.\r
1387 @retval EFI_UNSUPPORTED The operation is not supported.\r
5fc5867e 1388 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
b0bacc00
KM		 1389\r
1390**/\r
1391EFI_STATUS\r
1392EFIAPI\r
1393SetPackageInfo (\r
1394 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
1395 IN CONST VOID *Image,\r
1396 IN UINTN ImageSize,\r
1397 IN CONST VOID *VendorCode,\r
1398 IN UINT32 PackageVersion,\r
1399 IN CONST CHAR16 *PackageVersionName\r
1400 )\r
1401{\r
1402 return EFI_UNSUPPORTED;\r
1403}\r
1404\r
1405/**\r
1406 Event notification function that is invoked when the event GUID specified by\r
1407 PcdFmpDeviceLockEventGuid is signaled.\r
1408\r
1409 @param[in] Event Event whose notification function is being invoked.\r
1410 @param[in] Context The pointer to the notification function's context,\r
1411 which is implementation-dependent.\r
1412**/\r
1413VOID\r
1414EFIAPI\r
1415FmpDxeLockEventNotify (\r
1416 IN EFI_EVENT Event,\r
1417 IN VOID *Context\r
1418 )\r
1419{\r
4f0544b1
EJ		 1420 EFI_STATUS Status;\r
1421 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
1422\r
b4b9496b
MK		 1423 if (Context == NULL) {\r
1424 ASSERT (Context != NULL);\r
1425 return;\r
1426 }\r
1427\r
4f0544b1 1428 Private = (FIRMWARE_MANAGEMENT_PRIVATE_DATA *)Context;\r
b0bacc00 1429\r
4f0544b1 1430 if (!Private->FmpDeviceLocked) {\r
9e6c4f15
SZ		 1431 //\r
1432 // Lock the firmware device\r
1433 //\r
4f0544b1 1434 FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
9e6c4f15
SZ		 1435 Status = FmpDeviceLock();\r
1436 if (EFI_ERROR (Status)) {\r
1437 if (Status != EFI_UNSUPPORTED) {\r
e0961677 1438 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): FmpDeviceLock() returned error. Status = %r\n", mImageIdName, Status));\r
b0bacc00 1439 } else {\r
e0961677 1440 DEBUG ((DEBUG_WARN, "FmpDxe(%s): FmpDeviceLock() returned error. Status = %r\n", mImageIdName, Status));\r
b0bacc00 1441 }\r
b0bacc00 1442 }\r
4f0544b1 1443 Private->FmpDeviceLocked = TRUE;\r
b0bacc00
KM		 1444 }\r
1445}\r
1446\r
1447/**\r
1448 Function to install FMP instance.\r
1449\r
1450 @param[in] Handle The device handle to install a FMP instance on.\r
1451\r
1452 @retval EFI_SUCCESS FMP Installed\r
1453 @retval EFI_INVALID_PARAMETER Handle was invalid\r
1454 @retval other Error installing FMP\r
1455\r
1456**/\r
1457EFI_STATUS\r
1458EFIAPI\r
1459InstallFmpInstance (\r
1460 IN EFI_HANDLE Handle\r
1461 )\r
1462{\r
4f0544b1
EJ		 1463 EFI_STATUS Status;\r
1464 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;\r
1465 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
b0bacc00 1466\r
b0bacc00
KM		 1467 //\r
1468 // Only allow a single FMP Protocol instance to be installed\r
1469 //\r
4f0544b1
EJ		 1470 Status = gBS->OpenProtocol (\r
1471 Handle,\r
1472 &gEfiFirmwareManagementProtocolGuid,\r
1473 (VOID **)&Fmp,\r
1474 NULL,\r
1475 NULL,\r
1476 EFI_OPEN_PROTOCOL_GET_PROTOCOL\r
1477 );\r
1478 if (!EFI_ERROR (Status)) {\r
b0bacc00
KM		 1479 return EFI_ALREADY_STARTED;\r
1480 }\r
1481\r
1482 //\r
1483 // Allocate FMP Protocol instance\r
1484 //\r
4f0544b1
EJ		 1485 Private = AllocateCopyPool (\r
1486 sizeof (mFirmwareManagementPrivateDataTemplate),\r
1487 &mFirmwareManagementPrivateDataTemplate\r
1488 );\r
1489 if (Private == NULL) {\r
e0961677 1490 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to allocate memory for private structure.\n", mImageIdName));\r
b0bacc00
KM		 1491 Status = EFI_OUT_OF_RESOURCES;\r
1492 goto cleanup;\r
1493 }\r
1494\r
1495 //\r
4f0544b1 1496 // Initialize private context data structure\r
b0bacc00 1497 //\r
4f0544b1 1498 Private->Handle = Handle;\r
4f0544b1
EJ		 1499 Private->FmpDeviceContext = NULL;\r
1500 Status = FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
1501 if (Status == EFI_UNSUPPORTED) {\r
1502 Private->FmpDeviceContext = NULL;\r
1503 } else if (EFI_ERROR (Status)) {\r
b0bacc00
KM		 1504 goto cleanup;\r
1505 }\r
1506\r
67c1e5ee
EJ		 1507 //\r
1508 // Make sure the descriptor has already been loaded or refreshed\r
1509 //\r
1510 PopulateDescriptor (Private);\r
1511\r
4f0544b1
EJ		 1512 if (IsLockFmpDeviceAtLockEventGuidRequired ()) {\r
1513 //\r
e0961677 1514 // Register all UEFI Variables used by this module to be locked.\r
4f0544b1 1515 //\r
67c1e5ee 1516 Status = LockAllFmpVariables (Private);\r
4f0544b1 1517 if (EFI_ERROR (Status)) {\r
e0961677 1518 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to register variables to lock. Status = %r.\n", mImageIdName, Status));\r
4f0544b1 1519 } else {\r
e0961677 1520 DEBUG ((DEBUG_INFO, "FmpDxe(%s): All variables registered to lock\n", mImageIdName));\r
4f0544b1
EJ		 1521 }\r
1522\r
1523 //\r
1524 // Create and register notify function to lock the FMP device.\r
1525 //\r
1526 Status = gBS->CreateEventEx (\r
1527 EVT_NOTIFY_SIGNAL,\r
1528 TPL_CALLBACK,\r
1529 FmpDxeLockEventNotify,\r
1530 Private,\r
1531 mLockGuid,\r
1532 &Private->FmpDeviceLockEvent\r
1533 );\r
1534 if (EFI_ERROR (Status)) {\r
e0961677 1535 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to register notification. Status = %r\n", mImageIdName, Status));\r
4f0544b1
EJ		 1536 }\r
1537 ASSERT_EFI_ERROR (Status);\r
1538 } else {\r
e0961677 1539 DEBUG ((DEBUG_VERBOSE, "FmpDxe(%s): Not registering notification to call FmpDeviceLock() because mfg mode\n", mImageIdName));\r
4f0544b1 1540 }\r
b0bacc00
KM		 1541\r
1542 //\r
1543 // Install FMP Protocol and FMP Progress Protocol\r
1544 //\r
1545 Status = gBS->InstallMultipleProtocolInterfaces (\r
4f0544b1
EJ		 1546 &Private->Handle,\r
1547 &gEfiFirmwareManagementProtocolGuid, &Private->Fmp,\r
1548 &gEdkiiFirmwareManagementProgressProtocolGuid, &mFmpProgress,\r
b0bacc00
KM		 1549 NULL\r
1550 );\r
b0bacc00 1551 if (EFI_ERROR (Status)) {\r
e0961677 1552 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Protocol install error. Status = %r.\n", mImageIdName, Status));\r
b0bacc00
KM		 1553 goto cleanup;\r
1554 }\r
1555\r
b0bacc00
KM		 1556cleanup:\r
1557\r
4f0544b1
EJ		 1558 if (EFI_ERROR (Status)) {\r
1559 if (Private != NULL) {\r
1560 if (Private->FmpDeviceLockEvent != NULL) {\r
1561 gBS->CloseEvent (Private->FmpDeviceLockEvent);\r
1562 }\r
67c1e5ee
EJ		 1563 if (Private->Descriptor.VersionName != NULL) {\r
1564 FreePool (Private->Descriptor.VersionName);\r
1565 }\r
1566 if (Private->FmpDeviceContext != NULL) {\r
1567 FmpDeviceSetContext (NULL, &Private->FmpDeviceContext);\r
1568 }\r
1569 if (Private->VersionVariableName != NULL) {\r
1570 FreePool (Private->VersionVariableName);\r
1571 }\r
1572 if (Private->LsvVariableName != NULL) {\r
1573 FreePool (Private->LsvVariableName);\r
1574 }\r
1575 if (Private->LastAttemptStatusVariableName != NULL) {\r
1576 FreePool (Private->LastAttemptStatusVariableName);\r
1577 }\r
1578 if (Private->LastAttemptVersionVariableName != NULL) {\r
1579 FreePool (Private->LastAttemptVersionVariableName);\r
1580 }\r
1581 if (Private->FmpStateVariableName != NULL) {\r
1582 FreePool (Private->FmpStateVariableName);\r
1583 }\r
4f0544b1
EJ		 1584 FreePool (Private);\r
1585 }\r
1586 }\r
1587\r
b0bacc00
KM		 1588 return Status;\r
1589}\r
1590\r
4f0544b1
EJ		 1591/**\r
1592 Function to uninstall FMP instance.\r
1593\r
1594 @param[in] Handle The device handle to install a FMP instance on.\r
1595\r
1596 @retval EFI_SUCCESS FMP Installed\r
1597 @retval EFI_INVALID_PARAMETER Handle was invalid\r
1598 @retval other Error installing FMP\r
1599\r
1600**/\r
1601EFI_STATUS\r
1602EFIAPI\r
1603UninstallFmpInstance (\r
1604 IN EFI_HANDLE Handle\r
1605 )\r
1606{\r
1607 EFI_STATUS Status;\r
1608 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;\r
1609 FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private;\r
1610\r
1611 Status = gBS->OpenProtocol (\r
1612 Handle,\r
1613 &gEfiFirmwareManagementProtocolGuid,\r
1614 (VOID **)&Fmp,\r
1615 NULL,\r
1616 NULL,\r
1617 EFI_OPEN_PROTOCOL_GET_PROTOCOL\r
1618 );\r
1619 if (EFI_ERROR (Status)) {\r
e0961677 1620 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Protocol open error. Status = %r.\n", mImageIdName, Status));\r
4f0544b1
EJ		 1621 return Status;\r
1622 }\r
1623\r
1624 Private = FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (Fmp);\r
1625 FmpDeviceSetContext (Private->Handle, &Private->FmpDeviceContext);\r
1626\r
1627 if (Private->FmpDeviceLockEvent != NULL) {\r
1628 gBS->CloseEvent (Private->FmpDeviceLockEvent);\r
1629 }\r
1630\r
1631 Status = gBS->UninstallMultipleProtocolInterfaces (\r
1632 Private->Handle,\r
1633 &gEfiFirmwareManagementProtocolGuid, &Private->Fmp,\r
1634 &gEdkiiFirmwareManagementProgressProtocolGuid, &mFmpProgress,\r
1635 NULL\r
1636 );\r
1637 if (EFI_ERROR (Status)) {\r
e0961677 1638 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Protocol uninstall error. Status = %r.\n", mImageIdName, Status));\r
4f0544b1
EJ		 1639 return Status;\r
1640 }\r
1641\r
67c1e5ee
EJ		 1642 if (Private->Descriptor.VersionName != NULL) {\r
1643 FreePool (Private->Descriptor.VersionName);\r
1644 }\r
1645 if (Private->FmpDeviceContext != NULL) {\r
1646 FmpDeviceSetContext (NULL, &Private->FmpDeviceContext);\r
1647 }\r
1648 if (Private->VersionVariableName != NULL) {\r
1649 FreePool (Private->VersionVariableName);\r
1650 }\r
1651 if (Private->LsvVariableName != NULL) {\r
1652 FreePool (Private->LsvVariableName);\r
1653 }\r
1654 if (Private->LastAttemptStatusVariableName != NULL) {\r
1655 FreePool (Private->LastAttemptStatusVariableName);\r
1656 }\r
1657 if (Private->LastAttemptVersionVariableName != NULL) {\r
1658 FreePool (Private->LastAttemptVersionVariableName);\r
1659 }\r
1660 if (Private->FmpStateVariableName != NULL) {\r
1661 FreePool (Private->FmpStateVariableName);\r
1662 }\r
4f0544b1
EJ		 1663 FreePool (Private);\r
1664\r
1665 return EFI_SUCCESS;\r
1666}\r
1667\r
1668/**\r
1669 Unloads the application and its installed protocol.\r
1670\r
1671 @param ImageHandle Handle that identifies the image to be unloaded.\r
1672 @param SystemTable The system table.\r
1673\r
1674 @retval EFI_SUCCESS The image has been unloaded.\r
1675\r
1676**/\r
1677EFI_STATUS\r
1678EFIAPI\r
1679FmpDxeLibDestructor (\r
1680 IN EFI_HANDLE ImageHandle,\r
1681 IN EFI_SYSTEM_TABLE *SystemTable\r
1682 )\r
1683{\r
1684 if (mFmpSingleInstance) {\r
1685 return UninstallFmpInstance (ImageHandle);\r
1686 }\r
1687 return EFI_SUCCESS;\r
1688}\r
1689\r
b0bacc00 1690/**\r
e8619f82 1691 Main entry for this driver/library.\r
b0bacc00
KM		 1692\r
1693 @param[in] ImageHandle Image handle this driver.\r
1694 @param[in] SystemTable Pointer to SystemTable.\r
1695\r
1696**/\r
1697EFI_STATUS\r
1698EFIAPI\r
1699FmpDxeEntryPoint (\r
1700 IN EFI_HANDLE ImageHandle,\r
1701 IN EFI_SYSTEM_TABLE *SystemTable\r
1702 )\r
1703{\r
1704 EFI_STATUS Status;\r
b0bacc00
KM		 1705\r
1706 //\r
1707 // Verify that a new FILE_GUID value has been provided in the <Defines>\r
1708 // section of this module. The FILE_GUID is the ESRT GUID that must be\r
1709 // unique for each updatable firmware image.\r
1710 //\r
1711 if (CompareGuid (&mDefaultModuleFileGuid, &gEfiCallerIdGuid)) {\r
1712 DEBUG ((DEBUG_ERROR, "FmpDxe: Use of default FILE_GUID detected. FILE_GUID must be set to a unique value.\n"));\r
1713 ASSERT (FALSE);\r
1714 return EFI_UNSUPPORTED;\r
1715 }\r
1716\r
1717 //\r
1718 // Get the ImageIdName value for the EFI_FIRMWARE_IMAGE_DESCRIPTOR from a PCD.\r
1719 //\r
1720 mImageIdName = (CHAR16 *) PcdGetPtr (PcdFmpDeviceImageIdName);\r
1721 if (PcdGetSize (PcdFmpDeviceImageIdName) <= 2 || mImageIdName[0] == 0) {\r
1722 //\r
1723 // PcdFmpDeviceImageIdName must be set to a non-empty Unicode string\r
1724 //\r
c9fa9762 1725 DEBUG ((DEBUG_ERROR, "FmpDxe(%g): PcdFmpDeviceImageIdName is an empty string.\n", &gEfiCallerIdGuid));\r
b0bacc00 1726 ASSERT (FALSE);\r
e0961677 1727 return EFI_UNSUPPORTED;\r
b0bacc00
KM		 1728 }\r
1729\r
1730 //\r
1731 // Detects if PcdFmpDevicePkcs7CertBufferXdr contains a test key.\r
1732 //\r
1733 DetectTestKey ();\r
1734\r
4f0544b1
EJ		 1735 //\r
1736 // Fill in FMP Progress Protocol fields for Version 1\r
1737 //\r
1738 mFmpProgress.Version = 1;\r
1739 mFmpProgress.ProgressBarForegroundColor.Raw = PcdGet32 (PcdFmpDeviceProgressColor);\r
1740 mFmpProgress.WatchdogSeconds = PcdGet8 (PcdFmpDeviceProgressWatchdogTimeInSeconds);\r
9e6c4f15 1741\r
4f0544b1
EJ		 1742 // The lock event GUID is retrieved from PcdFmpDeviceLockEventGuid.\r
1743 // If PcdFmpDeviceLockEventGuid is not the size of an EFI_GUID, then\r
1744 // gEfiEndOfDxeEventGroupGuid is used.\r
1745 //\r
1746 mLockGuid = &gEfiEndOfDxeEventGroupGuid;\r
1747 if (PcdGetSize (PcdFmpDeviceLockEventGuid) == sizeof (EFI_GUID)) {\r
1748 mLockGuid = (EFI_GUID *)PcdGetPtr (PcdFmpDeviceLockEventGuid);\r
9e6c4f15 1749 }\r
e0961677 1750 DEBUG ((DEBUG_INFO, "FmpDxe(%s): Lock GUID: %g\n", mImageIdName, mLockGuid));\r
9e6c4f15 1751\r
b0bacc00
KM		 1752 //\r
1753 // Register with library the install function so if the library uses\r
1754 // UEFI driver model/driver binding protocol it can install FMP on its device handle\r
1755 // If library is simple lib that does not use driver binding then it should return\r
1756 // unsupported and this will install the FMP instance on the ImageHandle\r
1757 //\r
1758 Status = RegisterFmpInstaller (InstallFmpInstance);\r
1759 if (Status == EFI_UNSUPPORTED) {\r
4f0544b1 1760 mFmpSingleInstance = TRUE;\r
e0961677 1761 DEBUG ((DEBUG_INFO, "FmpDxe(%s): FmpDeviceLib registration returned EFI_UNSUPPORTED. Installing single FMP instance.\n", mImageIdName));\r
4f0544b1
EJ		 1762 Status = RegisterFmpUninstaller (UninstallFmpInstance);\r
1763 if (Status == EFI_UNSUPPORTED) {\r
1764 Status = InstallFmpInstance (ImageHandle);\r
1765 } else {\r
e0961677 1766 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): FmpDeviceLib RegisterFmpInstaller and RegisterFmpUninstaller do not match.\n", mImageIdName));\r
4f0544b1
EJ		 1767 Status = EFI_UNSUPPORTED;\r
1768 }\r
b0bacc00 1769 } else if (EFI_ERROR (Status)) {\r
e0961677 1770 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): FmpDeviceLib registration returned %r. No FMP installed.\n", mImageIdName, Status));\r
b0bacc00
KM		 1771 } else {\r
1772 DEBUG ((\r
1773 DEBUG_INFO,\r
e0961677
EJ		 1774 "FmpDxe(%s): FmpDeviceLib registration returned EFI_SUCCESS. Expect FMP to be installed during the BDS/Device connection phase.\n",\r
1775 mImageIdName\r
b0bacc00 1776 ));\r
4f0544b1
EJ		 1777 Status = RegisterFmpUninstaller (UninstallFmpInstance);\r
1778 if (EFI_ERROR (Status)) {\r
e0961677 1779 DEBUG ((DEBUG_ERROR, "FmpDxe(%s): FmpDeviceLib RegisterFmpInstaller and RegisterFmpUninstaller do not match.\n", mImageIdName));\r
4f0544b1 1780 }\r
b0bacc00
KM		 1781 }\r
1782\r
b0bacc00
KM		 1783 return Status;\r
1784}\r
EFI Development Kit II mirror for PVE