2 Produces a Firmware Management Protocol that supports updates to a firmware
3 image stored in a firmware device with platform and firmware device specific
4 information provided through PCDs and libraries.
6 Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
7 Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
9 SPDX-License-Identifier: BSD-2-Clause-Patent
14 #include "VariableSupport.h"
17 /// FILE_GUID from FmpDxe.inf. When FmpDxe.inf is used in a platform, the
18 /// FILE_GUID must always be overridden in the <Defines> section to provide
19 /// the ESRT GUID value associated with the updatable firmware image. A
20 /// check is made in this module's driver entry point to verify that a
21 /// new FILE_GUID value has been defined.
23 const EFI_GUID mDefaultModuleFileGuid
= {
24 0x78ef0a56, 0x1cf0, 0x4535, { 0xb5, 0xda, 0xf6, 0xfd, 0x2f, 0x40, 0x5a, 0x11 }
28 /// TRUE if FmpDeviceLib manages a single firmware storage device.
30 BOOLEAN mFmpSingleInstance
= FALSE
;
33 /// Firmware Management Protocol instance that is initialized in the entry
34 /// point from PCD settings.
36 EDKII_FIRMWARE_MANAGEMENT_PROGRESS_PROTOCOL mFmpProgress
;
39 // Template of the private context structure for the Firmware Management
42 const FIRMWARE_MANAGEMENT_PRIVATE_DATA mFirmwareManagementPrivateDataTemplate
= {
43 FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE
, // Signature
53 FALSE
, // DescriptorPopulated
59 { 0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} },
65 0, // AttributesSupported
66 0, // AttributesSetting
68 0, // LowestSupportedImageVersion
69 0, // LastAttemptVersion
70 0, // LastAttemptStatus
75 TRUE
, // RuntimeVersionSupported
76 NULL
, // FmpDeviceLockEvent
77 FALSE
, // FmpDeviceLocked
78 NULL
, // FmpDeviceContext
79 NULL
, // VersionVariableName
80 NULL
, // LsvVariableName
81 NULL
, // LastAttemptStatusVariableName
82 NULL
, // LastAttemptVersionVariableName
83 NULL
// FmpStateVariableName
87 /// GUID that is used to create event used to lock the firmware storage device.
89 EFI_GUID
*mLockGuid
= NULL
;
92 /// Progress() function pointer passed into SetTheImage()
94 EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS mProgressFunc
= NULL
;
97 /// Null-terminated Unicode string retrieved from PcdFmpDeviceImageIdName.
99 CHAR16
*mImageIdName
= NULL
;
102 Callback function to report the process of the firmware updating.
104 Wrap the caller's version in this so that progress from the device lib is
105 within the expected range. Convert device lib 0% - 100% to 6% - 98%.
107 FmpDxe 1% - 5% for validation
108 FmpDeviceLib 6% - 98% for flashing/update
109 FmpDxe 99% - 100% finish
111 @param[in] Completion A value between 1 and 100 indicating the current
112 completion progress of the firmware update. Completion
113 progress is reported as from 1 to 100 percent. A value
114 of 0 is used by the driver to indicate that progress
115 reporting is not supported.
117 @retval EFI_SUCCESS The progress was updated.
118 @retval EFI_UNSUPPORTED Updating progress is not supported.
129 Status
= EFI_UNSUPPORTED
;
131 if (mProgressFunc
== NULL
) {
136 // Reserve 6% - 98% for the FmpDeviceLib. Call the real progress function.
138 Status
= mProgressFunc (((Completion
* 92) / 100) + 6);
140 if (Status
== EFI_UNSUPPORTED
) {
141 mProgressFunc
= NULL
;
148 Returns a pointer to the ImageTypeId GUID value. An attempt is made to get
149 the GUID value from the FmpDeviceLib. If the FmpDeviceLib does not provide
150 a GUID value, then gEfiCallerIdGuid is returned.
152 @retval The ImageTypeId GUID
161 EFI_GUID
*FmpDeviceLibGuid
;
163 FmpDeviceLibGuid
= NULL
;
164 Status
= FmpDeviceGetImageTypeIdGuidPtr (&FmpDeviceLibGuid
);
165 if (EFI_ERROR (Status
)) {
166 if (Status
!= EFI_UNSUPPORTED
) {
167 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLib GetImageTypeIdGuidPtr() returned invalid error %r\n", Status
));
169 return &gEfiCallerIdGuid
;
171 if (FmpDeviceLibGuid
== NULL
) {
172 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLib GetImageTypeIdGuidPtr() returned invalid GUID\n"));
173 return &gEfiCallerIdGuid
;
175 return FmpDeviceLibGuid
;
179 Returns a pointer to the Null-terminated Unicode ImageIdName string.
181 @retval Null-terminated Unicode ImageIdName string.
185 GetImageTypeNameString (
193 Lowest supported version is a combo of three parts.
194 1. Check if the device lib has a lowest supported version
195 2. Check if we have a variable for lowest supported version (this will be updated with each capsule applied)
196 3. Check Fixed at build PCD
198 @param[in] Private Pointer to the private context structure for the
199 Firmware Management Protocol instance.
201 @retval The largest value
205 GetLowestSupportedVersion (
206 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
210 UINT32 DeviceLibLowestSupportedVersion
;
211 UINT32 VariableLowestSupportedVersion
;
215 // Get the LowestSupportedVersion.
218 if (!IsLowestSupportedVersionCheckRequired ()) {
220 // Any Version can pass the 0 LowestSupportedVersion check.
225 ReturnLsv
= PcdGet32 (PcdFmpDeviceBuildTimeLowestSupportedVersion
);
228 // Check the FmpDeviceLib
230 DeviceLibLowestSupportedVersion
= DEFAULT_LOWESTSUPPORTEDVERSION
;
231 Status
= FmpDeviceGetLowestSupportedVersion (&DeviceLibLowestSupportedVersion
);
232 if (EFI_ERROR (Status
)) {
233 DeviceLibLowestSupportedVersion
= DEFAULT_LOWESTSUPPORTEDVERSION
;
236 if (DeviceLibLowestSupportedVersion
> ReturnLsv
) {
237 ReturnLsv
= DeviceLibLowestSupportedVersion
;
241 // Check the lowest supported version UEFI variable for this device
243 VariableLowestSupportedVersion
= GetLowestSupportedVersionFromVariable (Private
);
244 if (VariableLowestSupportedVersion
> ReturnLsv
) {
245 ReturnLsv
= VariableLowestSupportedVersion
;
249 // Return the largest value
255 Populates the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure in the private
258 @param[in] Private Pointer to the private context structure for the
259 Firmware Management Protocol instance.
264 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
269 if (Private
->DescriptorPopulated
) {
273 Private
->Descriptor
.ImageIndex
= 1;
274 CopyGuid (&Private
->Descriptor
.ImageTypeId
, GetImageTypeIdGuid());
275 Private
->Descriptor
.ImageId
= Private
->Descriptor
.ImageIndex
;
276 Private
->Descriptor
.ImageIdName
= GetImageTypeNameString();
279 // Get the hardware instance from FmpDeviceLib
281 Status
= FmpDeviceGetHardwareInstance (&Private
->Descriptor
.HardwareInstance
);
282 if (Status
== EFI_UNSUPPORTED
) {
283 Private
->Descriptor
.HardwareInstance
= 0;
287 // Generate UEFI Variable names used to store status information for this
290 GenerateFmpVariableNames (Private
);
293 // Get the version. Some devices don't support getting the firmware version
294 // at runtime. If FmpDeviceLib does not support returning a version, then
295 // it is stored in a UEFI variable.
297 Status
= FmpDeviceGetVersion (&Private
->Descriptor
.Version
);
298 if (Status
== EFI_UNSUPPORTED
) {
299 Private
->RuntimeVersionSupported
= FALSE
;
300 Private
->Descriptor
.Version
= GetVersionFromVariable (Private
);
301 } else if (EFI_ERROR (Status
)) {
303 // Unexpected error. Use default version.
305 DEBUG ((DEBUG_ERROR
, "FmpDxe: GetVersion() from FmpDeviceLib (%s) returned %r\n", GetImageTypeNameString(), Status
));
306 Private
->Descriptor
.Version
= DEFAULT_VERSION
;
310 // Free the current version name. Shouldn't really happen but this populate
311 // function could be called multiple times (to refresh).
313 if (Private
->Descriptor
.VersionName
!= NULL
) {
314 FreePool (Private
->Descriptor
.VersionName
);
315 Private
->Descriptor
.VersionName
= NULL
;
319 // Attempt to get the version string from the FmpDeviceLib
321 Status
= FmpDeviceGetVersionString (&Private
->Descriptor
.VersionName
);
322 if (Status
== EFI_UNSUPPORTED
) {
323 DEBUG ((DEBUG_INFO
, "FmpDxe: GetVersionString() unsupported in FmpDeviceLib.\n"));
324 Private
->Descriptor
.VersionName
= AllocateCopyPool (
325 sizeof (VERSION_STRING_NOT_SUPPORTED
),
326 VERSION_STRING_NOT_SUPPORTED
328 } else if (EFI_ERROR (Status
)) {
329 DEBUG ((DEBUG_INFO
, "FmpDxe: GetVersionString() not available in FmpDeviceLib.\n"));
330 Private
->Descriptor
.VersionName
= AllocateCopyPool (
331 sizeof (VERSION_STRING_NOT_AVAILABLE
),
332 VERSION_STRING_NOT_AVAILABLE
336 Private
->Descriptor
.LowestSupportedImageVersion
= GetLowestSupportedVersion (Private
);
339 // Get attributes from the FmpDeviceLib
341 FmpDeviceGetAttributes (
342 &Private
->Descriptor
.AttributesSupported
,
343 &Private
->Descriptor
.AttributesSetting
347 // Force set the updatable bits in the attributes;
349 Private
->Descriptor
.AttributesSupported
|= IMAGE_ATTRIBUTE_IMAGE_UPDATABLE
;
350 Private
->Descriptor
.AttributesSetting
|= IMAGE_ATTRIBUTE_IMAGE_UPDATABLE
;
353 // Force set the authentication bits in the attributes;
355 Private
->Descriptor
.AttributesSupported
|= (IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED
);
356 Private
->Descriptor
.AttributesSetting
|= (IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED
);
358 Private
->Descriptor
.Compatibilities
= 0;
361 // Get the size of the firmware image from the FmpDeviceLib
363 Status
= FmpDeviceGetSize (&Private
->Descriptor
.Size
);
364 if (EFI_ERROR (Status
)) {
365 Private
->Descriptor
.Size
= 0;
368 Private
->Descriptor
.LastAttemptVersion
= GetLastAttemptVersionFromVariable (Private
);
369 Private
->Descriptor
.LastAttemptStatus
= GetLastAttemptStatusFromVariable (Private
);
371 Private
->DescriptorPopulated
= TRUE
;
375 Returns information about the current firmware image(s) of the device.
377 This function allows a copy of the current firmware image to be created and saved.
378 The saved copy could later been used, for example, in firmware image recovery or rollback.
380 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
381 @param[in, out] ImageInfoSize A pointer to the size, in bytes, of the ImageInfo buffer.
382 On input, this is the size of the buffer allocated by the caller.
383 On output, it is the size of the buffer returned by the firmware
384 if the buffer was large enough, or the size of the buffer needed
385 to contain the image(s) information if the buffer was too small.
386 @param[in, out] ImageInfo A pointer to the buffer in which firmware places the current image(s)
387 information. The information is an array of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
388 @param[out] DescriptorVersion A pointer to the location in which firmware returns the version number
389 associated with the EFI_FIRMWARE_IMAGE_DESCRIPTOR.
390 @param[out] DescriptorCount A pointer to the location in which firmware returns the number of
391 descriptors or firmware images within this device.
392 @param[out] DescriptorSize A pointer to the location in which firmware returns the size, in bytes,
393 of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR.
394 @param[out] PackageVersion A version number that represents all the firmware images in the device.
395 The format is vendor specific and new version must have a greater value
396 than the old version. If PackageVersion is not supported, the value is
397 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version comparison
398 is to be performed using PackageVersionName. A value of 0xFFFFFFFD indicates
399 that package version update is in progress.
400 @param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing the
401 package version name. The buffer is allocated by this function with
402 AllocatePool(), and it is the caller's responsibility to free it with a call
405 @retval EFI_SUCCESS The device was successfully updated with the new image.
406 @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size
407 needed to hold the image(s) information is returned in ImageInfoSize.
408 @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL.
409 @retval EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image.
415 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
416 IN OUT UINTN
*ImageInfoSize
,
417 IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR
*ImageInfo
,
418 OUT UINT32
*DescriptorVersion
,
419 OUT UINT8
*DescriptorCount
,
420 OUT UINTN
*DescriptorSize
,
421 OUT UINT32
*PackageVersion
,
422 OUT CHAR16
**PackageVersionName
426 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
428 Status
= EFI_SUCCESS
;
431 // Retrieve the private context structure
433 Private
= FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This
);
434 FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
437 // Check for valid pointer
439 if (ImageInfoSize
== NULL
) {
440 DEBUG ((DEBUG_ERROR
, "FmpDxe: GetImageInfo() - ImageInfoSize is NULL.\n"));
441 Status
= EFI_INVALID_PARAMETER
;
446 // Check the buffer size
447 // NOTE: Check this first so caller can get the necessary memory size it must allocate.
449 if (*ImageInfoSize
< (sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR
))) {
450 *ImageInfoSize
= sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR
);
451 DEBUG ((DEBUG_VERBOSE
, "FmpDxe: GetImageInfo() - ImageInfoSize is to small.\n"));
452 Status
= EFI_BUFFER_TOO_SMALL
;
457 // Confirm that buffer isn't null
459 if ( (ImageInfo
== NULL
) || (DescriptorVersion
== NULL
) || (DescriptorCount
== NULL
) || (DescriptorSize
== NULL
)
460 || (PackageVersion
== NULL
)) {
461 DEBUG ((DEBUG_ERROR
, "FmpDxe: GetImageInfo() - Pointer Parameter is NULL.\n"));
462 Status
= EFI_INVALID_PARAMETER
;
467 // Set the size to whatever we need
469 *ImageInfoSize
= sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR
);
472 // Make sure the descriptor has already been loaded or refreshed
474 PopulateDescriptor (Private
);
477 // Copy the image descriptor
479 CopyMem (ImageInfo
, &Private
->Descriptor
, sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR
));
481 *DescriptorVersion
= EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION
;
482 *DescriptorCount
= 1;
483 *DescriptorSize
= sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR
);
487 *PackageVersion
= 0xFFFFFFFF;
490 // Do not update PackageVersionName since it is not supported in this instance.
499 Retrieves a copy of the current firmware image of the device.
501 This function allows a copy of the current firmware image to be created and saved.
502 The saved copy could later been used, for example, in firmware image recovery or rollback.
504 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
505 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.
506 The number is between 1 and DescriptorCount.
507 @param[in, out] Image Points to the buffer where the current image is copied to.
508 @param[in, out] ImageSize On entry, points to the size of the buffer pointed to by Image, in bytes.
509 On return, points to the length of the image, in bytes.
511 @retval EFI_SUCCESS The device was successfully updated with the new image.
512 @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small to hold the
513 image. The current buffer size needed to hold the image is returned
515 @retval EFI_INVALID_PARAMETER The Image was NULL.
516 @retval EFI_NOT_FOUND The current image is not copied to the buffer.
517 @retval EFI_UNSUPPORTED The operation is not supported.
518 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.
524 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
527 IN OUT UINTN
*ImageSize
531 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
534 Status
= EFI_SUCCESS
;
537 // Retrieve the private context structure
539 Private
= FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This
);
540 FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
543 // Check to make sure index is 1 (only 1 image for this device)
545 if (ImageIndex
!= 1) {
546 DEBUG ((DEBUG_ERROR
, "FmpDxe: GetImage() - Image Index Invalid.\n"));
547 Status
= EFI_INVALID_PARAMETER
;
551 if (ImageSize
== NULL
) {
552 DEBUG ((DEBUG_ERROR
, "FmpDxe: GetImage() - ImageSize Pointer Parameter is NULL.\n"));
553 Status
= EFI_INVALID_PARAMETER
;
558 // Check the buffer size
560 Status
= FmpDeviceGetSize (&Size
);
561 if (EFI_ERROR (Status
)) {
564 if (*ImageSize
< Size
) {
566 DEBUG ((DEBUG_VERBOSE
, "FmpDxe: GetImage() - ImageSize is to small.\n"));
567 Status
= EFI_BUFFER_TOO_SMALL
;
572 DEBUG ((DEBUG_ERROR
, "FmpDxe: GetImage() - Image Pointer Parameter is NULL.\n"));
573 Status
= EFI_INVALID_PARAMETER
;
577 Status
= FmpDeviceGetImage (Image
, ImageSize
);
584 Helper function to safely retrieve the FMP header from
585 within an EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.
587 @param[in] Image Pointer to the image.
588 @param[in] ImageSize Size of the image.
589 @param[out] PayloadSize
591 @retval !NULL Valid pointer to the header.
592 @retval NULL Structure is bad and pointer cannot be found.
597 IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
598 IN CONST UINTN ImageSize
,
599 OUT UINTN
*PayloadSize
603 // Check to make sure that operation can be safely performed.
605 if (((UINTN
)Image
+ sizeof (Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
) < (UINTN
)Image
|| \
606 ((UINTN
)Image
+ sizeof (Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
) >= (UINTN
)Image
+ ImageSize
) {
608 // Pointer overflow. Invalid image.
613 *PayloadSize
= ImageSize
- (sizeof (Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
);
614 return (VOID
*)((UINT8
*)Image
+ sizeof (Image
->MonotonicCount
) + Image
->AuthInfo
.Hdr
.dwLength
);
618 Helper function to safely calculate the size of all headers
619 within an EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.
621 @param[in] Image Pointer to the image.
622 @param[in] AdditionalHeaderSize Size of any headers that cannot be calculated by this function.
624 @retval UINT32>0 Valid size of all the headers.
625 @retval 0 Structure is bad and size cannot be found.
630 IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION
*Image
,
631 IN UINT32 AdditionalHeaderSize
634 UINT32 CalculatedSize
;
636 CalculatedSize
= sizeof (Image
->MonotonicCount
) +
637 AdditionalHeaderSize
+
638 Image
->AuthInfo
.Hdr
.dwLength
;
641 // Check to make sure that operation can be safely performed.
643 if (CalculatedSize
< sizeof (Image
->MonotonicCount
) ||
644 CalculatedSize
< AdditionalHeaderSize
||
645 CalculatedSize
< Image
->AuthInfo
.Hdr
.dwLength
) {
647 // Integer overflow. Invalid image.
652 return CalculatedSize
;
656 Checks if the firmware image is valid for the device.
658 This function allows firmware update application to validate the firmware image without
659 invoking the SetImage() first.
661 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
662 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.
663 The number is between 1 and DescriptorCount.
664 @param[in] Image Points to the new image.
665 @param[in] ImageSize Size of the new image in bytes.
666 @param[out] ImageUpdatable Indicates if the new image is valid for update. It also provides,
667 if available, additional information if the image is invalid.
669 @retval EFI_SUCCESS The image was successfully checked.
670 @retval EFI_ABORTED The operation is aborted.
671 @retval EFI_INVALID_PARAMETER The Image was NULL.
672 @retval EFI_UNSUPPORTED The operation is not supported.
673 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.
679 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
681 IN CONST VOID
*Image
,
683 OUT UINT32
*ImageUpdatable
687 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
689 VOID
*FmpPayloadHeader
;
690 UINTN FmpPayloadSize
;
692 UINT32 FmpHeaderSize
;
696 UINTN PublicKeyDataLength
;
697 UINT8
*PublicKeyDataXdr
;
698 UINT8
*PublicKeyDataXdrEnd
;
700 Status
= EFI_SUCCESS
;
702 FmpPayloadHeader
= NULL
;
709 // Retrieve the private context structure
711 Private
= FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This
);
712 FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
715 // Make sure the descriptor has already been loaded or refreshed
717 PopulateDescriptor (Private
);
719 if (ImageUpdatable
== NULL
) {
720 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckImage() - ImageUpdatable Pointer Parameter is NULL.\n"));
721 Status
= EFI_INVALID_PARAMETER
;
726 //Set to valid and then if any tests fail it will update this flag.
728 *ImageUpdatable
= IMAGE_UPDATABLE_VALID
;
731 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckImage() - Image Pointer Parameter is NULL.\n"));
733 // not sure if this is needed
735 *ImageUpdatable
= IMAGE_UPDATABLE_INVALID
;
736 return EFI_INVALID_PARAMETER
;
739 PublicKeyDataXdr
= PcdGetPtr (PcdFmpDevicePkcs7CertBufferXdr
);
740 PublicKeyDataXdrEnd
= PublicKeyDataXdr
+ PcdGetSize (PcdFmpDevicePkcs7CertBufferXdr
);
742 if (PublicKeyDataXdr
== NULL
|| (PublicKeyDataXdr
== PublicKeyDataXdrEnd
)) {
743 DEBUG ((DEBUG_ERROR
, "FmpDxe: Invalid certificate, skipping it.\n"));
744 Status
= EFI_ABORTED
;
747 // Try each key from PcdFmpDevicePkcs7CertBufferXdr
749 for (Index
= 1; PublicKeyDataXdr
< PublicKeyDataXdrEnd
; Index
++) {
753 "FmpDxe: Certificate #%d [%p..%p].\n",
760 if ((PublicKeyDataXdr
+ sizeof (UINT32
)) > PublicKeyDataXdrEnd
) {
762 // Key data extends beyond end of PCD
764 DEBUG ((DEBUG_ERROR
, "FmpDxe: Certificate size extends beyond end of PCD, skipping it.\n"));
765 Status
= EFI_ABORTED
;
769 // Read key length stored in big-endian format
771 PublicKeyDataLength
= SwapBytes32 (*(UINT32
*)(PublicKeyDataXdr
));
773 // Point to the start of the key data
775 PublicKeyDataXdr
+= sizeof (UINT32
);
776 if (PublicKeyDataXdr
+ PublicKeyDataLength
> PublicKeyDataXdrEnd
) {
778 // Key data extends beyond end of PCD
780 DEBUG ((DEBUG_ERROR
, "FmpDxe: Certificate extends beyond end of PCD, skipping it.\n"));
781 Status
= EFI_ABORTED
;
784 PublicKeyData
= PublicKeyDataXdr
;
785 Status
= AuthenticateFmpImage (
786 (EFI_FIRMWARE_IMAGE_AUTHENTICATION
*)Image
,
791 if (!EFI_ERROR (Status
)) {
794 PublicKeyDataXdr
+= PublicKeyDataLength
;
795 PublicKeyDataXdr
= (UINT8
*)ALIGN_POINTER (PublicKeyDataXdr
, sizeof (UINT32
));
799 if (EFI_ERROR (Status
)) {
800 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckTheImage() - Authentication Failed %r.\n", Status
));
805 // Check to make sure index is 1
807 if (ImageIndex
!= 1) {
808 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckImage() - Image Index Invalid.\n"));
809 *ImageUpdatable
= IMAGE_UPDATABLE_INVALID_TYPE
;
810 Status
= EFI_SUCCESS
;
816 // Check the FmpPayloadHeader
818 FmpPayloadHeader
= GetFmpHeader ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION
*)Image
, ImageSize
, &FmpPayloadSize
);
819 if (FmpPayloadHeader
== NULL
) {
820 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckTheImage() - GetFmpHeader failed.\n"));
821 Status
= EFI_ABORTED
;
824 Status
= GetFmpPayloadHeaderVersion (FmpPayloadHeader
, FmpPayloadSize
, &Version
);
825 if (EFI_ERROR (Status
)) {
826 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckTheImage() - GetFmpPayloadHeaderVersion failed %r.\n", Status
));
827 *ImageUpdatable
= IMAGE_UPDATABLE_INVALID
;
828 Status
= EFI_SUCCESS
;
833 // Check the lowest supported version
835 if (Version
< Private
->Descriptor
.LowestSupportedImageVersion
) {
838 "FmpDxe: CheckTheImage() - Version Lower than lowest supported version. 0x%08X < 0x%08X\n",
839 Version
, Private
->Descriptor
.LowestSupportedImageVersion
)
841 *ImageUpdatable
= IMAGE_UPDATABLE_INVALID_OLD
;
842 Status
= EFI_SUCCESS
;
847 // Get the FmpHeaderSize so we can determine the real payload size
849 Status
= GetFmpPayloadHeaderSize (FmpPayloadHeader
, FmpPayloadSize
, &FmpHeaderSize
);
850 if (EFI_ERROR (Status
)) {
851 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckTheImage() - GetFmpPayloadHeaderSize failed %r.\n", Status
));
852 *ImageUpdatable
= IMAGE_UPDATABLE_INVALID
;
853 Status
= EFI_SUCCESS
;
858 // Call FmpDevice Lib Check Image on the
859 // Raw payload. So all headers need stripped off
861 AllHeaderSize
= GetAllHeaderSize ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION
*)Image
, FmpHeaderSize
);
862 if (AllHeaderSize
== 0) {
863 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckTheImage() - GetAllHeaderSize failed.\n"));
864 Status
= EFI_ABORTED
;
867 RawSize
= ImageSize
- AllHeaderSize
;
870 // FmpDeviceLib CheckImage function to do any specific checks
872 Status
= FmpDeviceCheckImage ((((UINT8
*)Image
) + AllHeaderSize
), RawSize
, ImageUpdatable
);
873 if (EFI_ERROR (Status
)) {
874 DEBUG ((DEBUG_ERROR
, "FmpDxe: CheckTheImage() - FmpDeviceLib CheckImage failed. Status = %r\n", Status
));
882 Updates the firmware image of the device.
884 This function updates the hardware with the new firmware image.
885 This function returns EFI_UNSUPPORTED if the firmware image is not updatable.
886 If the firmware image is updatable, the function should perform the following minimal validations
887 before proceeding to do the firmware image update.
888 - Validate the image authentication if image has attribute
889 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns
890 EFI_SECURITY_VIOLATION if the validation fails.
891 - Validate the image is a supported image for this device. The function returns EFI_ABORTED if
892 the image is unsupported. The function can optionally provide more detailed information on
893 why the image is not a supported image.
894 - Validate the data from VendorCode if not null. Image validation must be performed before
895 VendorCode data validation. VendorCode data is ignored or considered invalid if image
896 validation failed. The function returns EFI_ABORTED if the data is invalid.
898 VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if
899 the caller did not specify the policy or use the default policy. As an example, vendor can implement
900 a policy to allow an option to force a firmware image update when the abort reason is due to the new
901 firmware image version is older than the current firmware image version or bad image checksum.
902 Sensitive operations such as those wiping the entire firmware image and render the device to be
903 non-functional should be encoded in the image itself rather than passed with the VendorCode.
904 AbortReason enables vendor to have the option to provide a more detailed description of the abort
905 reason to the caller.
907 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
908 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.
909 The number is between 1 and DescriptorCount.
910 @param[in] Image Points to the new image.
911 @param[in] ImageSize Size of the new image in bytes.
912 @param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy.
913 Null indicates the caller did not specify the policy or use the default policy.
914 @param[in] Progress A function used by the driver to report the progress of the firmware update.
915 @param[out] AbortReason A pointer to a pointer to a null-terminated string providing more
916 details for the aborted operation. The buffer is allocated by this function
917 with AllocatePool(), and it is the caller's responsibility to free it with a
920 @retval EFI_SUCCESS The device was successfully updated with the new image.
921 @retval EFI_ABORTED The operation is aborted.
922 @retval EFI_INVALID_PARAMETER The Image was NULL.
923 @retval EFI_UNSUPPORTED The operation is not supported.
924 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.
930 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
932 IN CONST VOID
*Image
,
934 IN CONST VOID
*VendorCode
,
935 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
,
936 OUT CHAR16
**AbortReason
940 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
942 BOOLEAN BooleanValue
;
943 UINT32 FmpHeaderSize
;
945 UINTN FmpPayloadSize
;
946 UINT32 AllHeaderSize
;
947 UINT32 IncommingFwVersion
;
948 UINT32 LastAttemptStatus
;
950 UINT32 LowestSupportedVersion
;
952 Status
= EFI_SUCCESS
;
954 BooleanValue
= FALSE
;
959 IncommingFwVersion
= 0;
960 LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL
;
963 // Retrieve the private context structure
965 Private
= FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (This
);
966 FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
969 // Make sure the descriptor has already been loaded or refreshed
971 PopulateDescriptor (Private
);
974 // Set to 0 to clear any previous results.
976 SetLastAttemptVersionInVariable (Private
, IncommingFwVersion
);
979 // if we have locked the device, then skip the set operation.
980 // it should be blocked by hardware too but we can catch here even faster
982 if (Private
->FmpDeviceLocked
) {
983 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - Device is already locked. Can't update.\n"));
984 Status
= EFI_UNSUPPORTED
;
989 // Call check image to verify the image
991 Status
= CheckTheImage (This
, ImageIndex
, Image
, ImageSize
, &Updateable
);
992 if (EFI_ERROR (Status
)) {
993 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - Check The Image failed with %r.\n", Status
));
994 if (Status
== EFI_SECURITY_VIOLATION
) {
995 LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR
;
1001 // No functional error in CheckTheImage. Attempt to get the Version to
1002 // support better error reporting.
1004 FmpHeader
= GetFmpHeader ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION
*)Image
, ImageSize
, &FmpPayloadSize
);
1005 if (FmpHeader
== NULL
) {
1006 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - GetFmpHeader failed.\n"));
1007 Status
= EFI_ABORTED
;
1010 Status
= GetFmpPayloadHeaderVersion (FmpHeader
, FmpPayloadSize
, &IncommingFwVersion
);
1011 if (!EFI_ERROR (Status
)) {
1013 // Set to actual value
1015 SetLastAttemptVersionInVariable (Private
, IncommingFwVersion
);
1019 if (Updateable
!= IMAGE_UPDATABLE_VALID
) {
1022 "FmpDxed: SetTheImage() - Check The Image returned that the Image was not valid for update. Updatable value = 0x%X.\n",
1025 Status
= EFI_ABORTED
;
1029 if (Progress
== NULL
) {
1030 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - Invalid progress callback\n"));
1031 Status
= EFI_INVALID_PARAMETER
;
1035 mProgressFunc
= Progress
;
1038 // Checking the image is at least 1%
1040 Status
= Progress (1);
1041 if (EFI_ERROR (Status
)) {
1042 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - Progress Callback failed with Status %r.\n", Status
));
1046 //Check System Power
1048 Status
= CheckSystemPower (&BooleanValue
);
1049 if (EFI_ERROR (Status
)) {
1050 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - CheckSystemPower - API call failed %r.\n", Status
));
1053 if (!BooleanValue
) {
1054 Status
= EFI_ABORTED
;
1057 "FmpDxe: SetTheImage() - CheckSystemPower - returned False. Update not allowed due to System Power.\n")
1059 LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_PWR_EVT_BATT
;
1066 //Check System Thermal
1068 Status
= CheckSystemThermal (&BooleanValue
);
1069 if (EFI_ERROR (Status
)) {
1070 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - CheckSystemThermal - API call failed %r.\n", Status
));
1073 if (!BooleanValue
) {
1074 Status
= EFI_ABORTED
;
1077 "FmpDxe: SetTheImage() - CheckSystemThermal - returned False. Update not allowed due to System Thermal.\n")
1085 //Check System Environment
1087 Status
= CheckSystemEnvironment (&BooleanValue
);
1088 if (EFI_ERROR (Status
)) {
1089 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - CheckSystemEnvironment - API call failed %r.\n", Status
));
1092 if (!BooleanValue
) {
1093 Status
= EFI_ABORTED
;
1096 "FmpDxe: SetTheImage() - CheckSystemEnvironment - returned False. Update not allowed due to System Environment.\n")
1104 // Save LastAttemptStatus as error so that if SetImage never returns the error
1105 // state is recorded.
1107 SetLastAttemptStatusInVariable (Private
, LastAttemptStatus
);
1110 // Strip off all the headers so the device can process its firmware
1112 Status
= GetFmpPayloadHeaderSize (FmpHeader
, FmpPayloadSize
, &FmpHeaderSize
);
1113 if (EFI_ERROR (Status
)) {
1114 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - GetFmpPayloadHeaderSize failed %r.\n", Status
));
1118 AllHeaderSize
= GetAllHeaderSize ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION
*)Image
, FmpHeaderSize
);
1119 if (AllHeaderSize
== 0) {
1120 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() - GetAllHeaderSize failed.\n"));
1121 Status
= EFI_ABORTED
;
1126 // Indicate that control is handed off to FmpDeviceLib
1131 //Copy the requested image to the firmware using the FmpDeviceLib
1133 Status
= FmpDeviceSetImage (
1134 (((UINT8
*)Image
) + AllHeaderSize
),
1135 ImageSize
- AllHeaderSize
,
1141 if (EFI_ERROR (Status
)) {
1142 DEBUG ((DEBUG_ERROR
, "FmpDxe: SetTheImage() SetImage from FmpDeviceLib failed. Status = %r.\n", Status
));
1148 // Finished the update without error
1149 // Indicate that control has been returned from FmpDeviceLib
1154 // Update the version stored in variable
1156 if (!Private
->RuntimeVersionSupported
) {
1157 Version
= DEFAULT_VERSION
;
1158 GetFmpPayloadHeaderVersion (FmpHeader
, FmpPayloadSize
, &Version
);
1159 SetVersionInVariable (Private
, Version
);
1163 // Update lowest supported variable
1165 LowestSupportedVersion
= DEFAULT_LOWESTSUPPORTEDVERSION
;
1166 GetFmpPayloadHeaderLowestSupportedVersion (FmpHeader
, FmpPayloadSize
, &LowestSupportedVersion
);
1167 SetLowestSupportedVersionInVariable (Private
, LowestSupportedVersion
);
1169 LastAttemptStatus
= LAST_ATTEMPT_STATUS_SUCCESS
;
1172 mProgressFunc
= NULL
;
1173 SetLastAttemptStatusInVariable (Private
, LastAttemptStatus
);
1175 if (Progress
!= NULL
) {
1177 // Set progress to 100 after everything is done including recording Status.
1183 // Need repopulate after SetImage is called to
1184 // update LastAttemptVersion and LastAttemptStatus.
1186 Private
->DescriptorPopulated
= FALSE
;
1192 Returns information about the firmware package.
1194 This function returns package information.
1196 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
1197 @param[out] PackageVersion A version number that represents all the firmware images in the device.
1198 The format is vendor specific and new version must have a greater value
1199 than the old version. If PackageVersion is not supported, the value is
1200 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version
1201 comparison is to be performed using PackageVersionName. A value of
1202 0xFFFFFFFD indicates that package version update is in progress.
1203 @param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing
1204 the package version name. The buffer is allocated by this function with
1205 AllocatePool(), and it is the caller's responsibility to free it with a
1207 @param[out] PackageVersionNameMaxLen The maximum length of package version name if device supports update of
1208 package version name. A value of 0 indicates the device does not support
1209 update of package version name. Length is the number of Unicode characters,
1210 including the terminating null character.
1211 @param[out] AttributesSupported Package attributes that are supported by this device. See 'Package Attribute
1212 Definitions' for possible returned values of this parameter. A value of 1
1213 indicates the attribute is supported and the current setting value is
1214 indicated in AttributesSetting. A value of 0 indicates the attribute is not
1215 supported and the current setting value in AttributesSetting is meaningless.
1216 @param[out] AttributesSetting Package attributes. See 'Package Attribute Definitions' for possible returned
1217 values of this parameter
1219 @retval EFI_SUCCESS The package information was successfully returned.
1220 @retval EFI_UNSUPPORTED The operation is not supported.
1226 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
1227 OUT UINT32
*PackageVersion
,
1228 OUT CHAR16
**PackageVersionName
,
1229 OUT UINT32
*PackageVersionNameMaxLen
,
1230 OUT UINT64
*AttributesSupported
,
1231 OUT UINT64
*AttributesSetting
1234 return EFI_UNSUPPORTED
;
1238 Updates information about the firmware package.
1240 This function updates package information.
1241 This function returns EFI_UNSUPPORTED if the package information is not updatable.
1242 VendorCode enables vendor to implement vendor-specific package information update policy.
1243 Null if the caller did not specify this policy or use the default policy.
1245 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
1246 @param[in] Image Points to the authentication image.
1247 Null if authentication is not required.
1248 @param[in] ImageSize Size of the authentication image in bytes.
1249 0 if authentication is not required.
1250 @param[in] VendorCode This enables vendor to implement vendor-specific firmware
1251 image update policy.
1252 Null indicates the caller did not specify this policy or use
1254 @param[in] PackageVersion The new package version.
1255 @param[in] PackageVersionName A pointer to the new null-terminated Unicode string representing
1256 the package version name.
1257 The string length is equal to or less than the value returned in
1258 PackageVersionNameMaxLen.
1260 @retval EFI_SUCCESS The device was successfully updated with the new package
1262 @retval EFI_INVALID_PARAMETER The PackageVersionName length is longer than the value
1263 returned in PackageVersionNameMaxLen.
1264 @retval EFI_UNSUPPORTED The operation is not supported.
1265 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.
1271 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
1272 IN CONST VOID
*Image
,
1274 IN CONST VOID
*VendorCode
,
1275 IN UINT32 PackageVersion
,
1276 IN CONST CHAR16
*PackageVersionName
1279 return EFI_UNSUPPORTED
;
1283 Event notification function that is invoked when the event GUID specified by
1284 PcdFmpDeviceLockEventGuid is signaled.
1286 @param[in] Event Event whose notification function is being invoked.
1287 @param[in] Context The pointer to the notification function's context,
1288 which is implementation-dependent.
1292 FmpDxeLockEventNotify (
1298 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
1300 Private
= (FIRMWARE_MANAGEMENT_PRIVATE_DATA
*)Context
;
1302 if (!Private
->FmpDeviceLocked
) {
1304 // Lock the firmware device
1306 FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
1307 Status
= FmpDeviceLock();
1308 if (EFI_ERROR (Status
)) {
1309 if (Status
!= EFI_UNSUPPORTED
) {
1310 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLock() returned error. Status = %r\n", Status
));
1312 DEBUG ((DEBUG_WARN
, "FmpDxe: FmpDeviceLock() returned error. Status = %r\n", Status
));
1315 Private
->FmpDeviceLocked
= TRUE
;
1320 Function to install FMP instance.
1322 @param[in] Handle The device handle to install a FMP instance on.
1324 @retval EFI_SUCCESS FMP Installed
1325 @retval EFI_INVALID_PARAMETER Handle was invalid
1326 @retval other Error installing FMP
1331 InstallFmpInstance (
1332 IN EFI_HANDLE Handle
1336 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
1337 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
1339 DEBUG ((DEBUG_ERROR
, "InstallFmpInstance: Entry\n"));
1342 // Only allow a single FMP Protocol instance to be installed
1344 Status
= gBS
->OpenProtocol (
1346 &gEfiFirmwareManagementProtocolGuid
,
1350 EFI_OPEN_PROTOCOL_GET_PROTOCOL
1352 if (!EFI_ERROR (Status
)) {
1353 return EFI_ALREADY_STARTED
;
1357 // Allocate FMP Protocol instance
1359 Private
= AllocateCopyPool (
1360 sizeof (mFirmwareManagementPrivateDataTemplate
),
1361 &mFirmwareManagementPrivateDataTemplate
1363 if (Private
== NULL
) {
1364 DEBUG ((DEBUG_ERROR
, "FmpDxe: Failed to allocate memory for private structure.\n"));
1365 Status
= EFI_OUT_OF_RESOURCES
;
1370 // Initialize private context data structure
1372 DEBUG ((DEBUG_ERROR
, "InstallFmpInstance: Initialize private context data structure\n"));
1374 Private
->Handle
= Handle
;
1376 Private
->FmpDeviceContext
= NULL
;
1377 Status
= FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
1378 if (Status
== EFI_UNSUPPORTED
) {
1379 Private
->FmpDeviceContext
= NULL
;
1380 } else if (EFI_ERROR (Status
)) {
1385 // Make sure the descriptor has already been loaded or refreshed
1387 PopulateDescriptor (Private
);
1389 DEBUG ((DEBUG_ERROR
, "InstallFmpInstance: Lock events\n"));
1391 if (IsLockFmpDeviceAtLockEventGuidRequired ()) {
1393 // Lock all UEFI Variables used by this module.
1395 Status
= LockAllFmpVariables (Private
);
1396 if (EFI_ERROR (Status
)) {
1397 DEBUG ((DEBUG_ERROR
, "FmpDxe: Failed to lock variables. Status = %r.\n", Status
));
1399 DEBUG ((DEBUG_INFO
, "FmpDxe: All variables locked\n"));
1403 // Create and register notify function to lock the FMP device.
1405 Status
= gBS
->CreateEventEx (
1408 FmpDxeLockEventNotify
,
1411 &Private
->FmpDeviceLockEvent
1413 if (EFI_ERROR (Status
)) {
1414 DEBUG ((DEBUG_ERROR
, "FmpDxe: Failed to register notification. Status = %r\n", Status
));
1416 ASSERT_EFI_ERROR (Status
);
1418 DEBUG ((DEBUG_VERBOSE
, "FmpDxe: Not registering notification to call FmpDeviceLock() because mfg mode\n"));
1422 // Install FMP Protocol and FMP Progress Protocol
1424 DEBUG ((DEBUG_ERROR
, "InstallFmpInstance: Install FMP Protocol and FMP Progress Protocol\n"));
1426 Status
= gBS
->InstallMultipleProtocolInterfaces (
1428 &gEfiFirmwareManagementProtocolGuid
, &Private
->Fmp
,
1429 &gEdkiiFirmwareManagementProgressProtocolGuid
, &mFmpProgress
,
1433 if (EFI_ERROR (Status
)) {
1434 DEBUG ((DEBUG_ERROR
, "FmpDxe: Protocol install error. Status = %r.\n", Status
));
1438 DEBUG ((DEBUG_INFO
, "FmpDxe: Protocols Installed!\n"));
1442 if (EFI_ERROR (Status
)) {
1443 if (Private
!= NULL
) {
1444 if (Private
->FmpDeviceLockEvent
!= NULL
) {
1445 gBS
->CloseEvent (Private
->FmpDeviceLockEvent
);
1447 if (Private
->Descriptor
.VersionName
!= NULL
) {
1448 FreePool (Private
->Descriptor
.VersionName
);
1450 if (Private
->FmpDeviceContext
!= NULL
) {
1451 FmpDeviceSetContext (NULL
, &Private
->FmpDeviceContext
);
1453 if (Private
->VersionVariableName
!= NULL
) {
1454 FreePool (Private
->VersionVariableName
);
1456 if (Private
->LsvVariableName
!= NULL
) {
1457 FreePool (Private
->LsvVariableName
);
1459 if (Private
->LastAttemptStatusVariableName
!= NULL
) {
1460 FreePool (Private
->LastAttemptStatusVariableName
);
1462 if (Private
->LastAttemptVersionVariableName
!= NULL
) {
1463 FreePool (Private
->LastAttemptVersionVariableName
);
1465 if (Private
->FmpStateVariableName
!= NULL
) {
1466 FreePool (Private
->FmpStateVariableName
);
1476 Function to uninstall FMP instance.
1478 @param[in] Handle The device handle to install a FMP instance on.
1480 @retval EFI_SUCCESS FMP Installed
1481 @retval EFI_INVALID_PARAMETER Handle was invalid
1482 @retval other Error installing FMP
1487 UninstallFmpInstance (
1488 IN EFI_HANDLE Handle
1492 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
1493 FIRMWARE_MANAGEMENT_PRIVATE_DATA
*Private
;
1495 Status
= gBS
->OpenProtocol (
1497 &gEfiFirmwareManagementProtocolGuid
,
1501 EFI_OPEN_PROTOCOL_GET_PROTOCOL
1503 if (EFI_ERROR (Status
)) {
1507 Private
= FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS (Fmp
);
1508 FmpDeviceSetContext (Private
->Handle
, &Private
->FmpDeviceContext
);
1510 if (Private
->FmpDeviceLockEvent
!= NULL
) {
1511 gBS
->CloseEvent (Private
->FmpDeviceLockEvent
);
1514 Status
= gBS
->UninstallMultipleProtocolInterfaces (
1516 &gEfiFirmwareManagementProtocolGuid
, &Private
->Fmp
,
1517 &gEdkiiFirmwareManagementProgressProtocolGuid
, &mFmpProgress
,
1520 if (EFI_ERROR (Status
)) {
1524 if (Private
->Descriptor
.VersionName
!= NULL
) {
1525 FreePool (Private
->Descriptor
.VersionName
);
1527 if (Private
->FmpDeviceContext
!= NULL
) {
1528 FmpDeviceSetContext (NULL
, &Private
->FmpDeviceContext
);
1530 if (Private
->VersionVariableName
!= NULL
) {
1531 FreePool (Private
->VersionVariableName
);
1533 if (Private
->LsvVariableName
!= NULL
) {
1534 FreePool (Private
->LsvVariableName
);
1536 if (Private
->LastAttemptStatusVariableName
!= NULL
) {
1537 FreePool (Private
->LastAttemptStatusVariableName
);
1539 if (Private
->LastAttemptVersionVariableName
!= NULL
) {
1540 FreePool (Private
->LastAttemptVersionVariableName
);
1542 if (Private
->FmpStateVariableName
!= NULL
) {
1543 FreePool (Private
->FmpStateVariableName
);
1551 Unloads the application and its installed protocol.
1553 @param ImageHandle Handle that identifies the image to be unloaded.
1554 @param SystemTable The system table.
1556 @retval EFI_SUCCESS The image has been unloaded.
1561 FmpDxeLibDestructor (
1562 IN EFI_HANDLE ImageHandle
,
1563 IN EFI_SYSTEM_TABLE
*SystemTable
1566 if (mFmpSingleInstance
) {
1567 return UninstallFmpInstance (ImageHandle
);
1573 Main entry for this driver/library.
1575 @param[in] ImageHandle Image handle this driver.
1576 @param[in] SystemTable Pointer to SystemTable.
1582 IN EFI_HANDLE ImageHandle
,
1583 IN EFI_SYSTEM_TABLE
*SystemTable
1589 // Verify that a new FILE_GUID value has been provided in the <Defines>
1590 // section of this module. The FILE_GUID is the ESRT GUID that must be
1591 // unique for each updatable firmware image.
1593 if (CompareGuid (&mDefaultModuleFileGuid
, &gEfiCallerIdGuid
)) {
1594 DEBUG ((DEBUG_ERROR
, "FmpDxe: Use of default FILE_GUID detected. FILE_GUID must be set to a unique value.\n"));
1596 return EFI_UNSUPPORTED
;
1600 // Get the ImageIdName value for the EFI_FIRMWARE_IMAGE_DESCRIPTOR from a PCD.
1602 mImageIdName
= (CHAR16
*) PcdGetPtr (PcdFmpDeviceImageIdName
);
1603 if (PcdGetSize (PcdFmpDeviceImageIdName
) <= 2 || mImageIdName
[0] == 0) {
1605 // PcdFmpDeviceImageIdName must be set to a non-empty Unicode string
1607 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLib PcdFmpDeviceImageIdName is an empty string.\n"));
1613 // Detects if PcdFmpDevicePkcs7CertBufferXdr contains a test key.
1618 // Fill in FMP Progress Protocol fields for Version 1
1620 mFmpProgress
.Version
= 1;
1621 mFmpProgress
.ProgressBarForegroundColor
.Raw
= PcdGet32 (PcdFmpDeviceProgressColor
);
1622 mFmpProgress
.WatchdogSeconds
= PcdGet8 (PcdFmpDeviceProgressWatchdogTimeInSeconds
);
1624 // The lock event GUID is retrieved from PcdFmpDeviceLockEventGuid.
1625 // If PcdFmpDeviceLockEventGuid is not the size of an EFI_GUID, then
1626 // gEfiEndOfDxeEventGroupGuid is used.
1628 mLockGuid
= &gEfiEndOfDxeEventGroupGuid
;
1629 if (PcdGetSize (PcdFmpDeviceLockEventGuid
) == sizeof (EFI_GUID
)) {
1630 mLockGuid
= (EFI_GUID
*)PcdGetPtr (PcdFmpDeviceLockEventGuid
);
1632 DEBUG ((DEBUG_INFO
, "FmpDxe: Lock GUID: %g\n", mLockGuid
));
1635 // Register with library the install function so if the library uses
1636 // UEFI driver model/driver binding protocol it can install FMP on its device handle
1637 // If library is simple lib that does not use driver binding then it should return
1638 // unsupported and this will install the FMP instance on the ImageHandle
1640 Status
= RegisterFmpInstaller (InstallFmpInstance
);
1641 if (Status
== EFI_UNSUPPORTED
) {
1642 mFmpSingleInstance
= TRUE
;
1643 DEBUG ((DEBUG_INFO
, "FmpDxe: FmpDeviceLib registration returned EFI_UNSUPPORTED. Installing single FMP instance.\n"));
1644 Status
= RegisterFmpUninstaller (UninstallFmpInstance
);
1645 if (Status
== EFI_UNSUPPORTED
) {
1646 Status
= InstallFmpInstance (ImageHandle
);
1648 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLib RegisterFmpInstaller and RegisterFmpUninstaller do not match.\n"));
1649 Status
= EFI_UNSUPPORTED
;
1651 } else if (EFI_ERROR (Status
)) {
1652 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLib registration returned %r. No FMP installed.\n", Status
));
1656 "FmpDxe: FmpDeviceLib registration returned EFI_SUCCESS. Expect FMP to be installed during the BDS/Device connection phase.\n"
1658 Status
= RegisterFmpUninstaller (UninstallFmpInstance
);
1659 if (EFI_ERROR (Status
)) {
1660 DEBUG ((DEBUG_ERROR
, "FmpDxe: FmpDeviceLib RegisterFmpInstaller and RegisterFmpUninstaller do not match.\n"));