Fix a bug that FV->ReadSection cannot get the EFI_SECTION_GUID_DEFINED type section...
[mirror_edk2.git] / MdeModulePkg / Core / Dxe / SectionExtraction / CoreSectionExtraction.c
1 /** @file
2 Section Extraction Protocol implementation.
3
4 Stream database is implemented as a linked list of section streams,
5 where each stream contains a linked list of children, which may be leaves or
6 encapsulations.
7
8 Children that are encapsulations generate new stream entries
9 when they are created. Streams can also be created by calls to
10 SEP->OpenSectionStream().
11
12 The database is only created far enough to return the requested data from
13 any given stream, or to determine that the requested data is not found.
14
15 If a GUIDed encapsulation is encountered, there are three possiblilites.
16
17 1) A support protocol is found, in which the stream is simply processed with
18 the support protocol.
19
20 2) A support protocol is not found, but the data is available to be read
21 without processing. In this case, the database is built up through the
22 recursions to return the data, and a RPN event is set that will enable
23 the stream in question to be refreshed if and when the required section
24 extraction protocol is published.This insures the AuthenticationStatus
25 does not become stale in the cache.
26
27 3) A support protocol is not found, and the data is not available to be read
28 without it. This results in EFI_PROTOCOL_ERROR.
29
30 Copyright (c) 2006 - 2010, Intel Corporation. <BR>
31 All rights reserved. This program and the accompanying materials
32 are licensed and made available under the terms and conditions of the BSD License
33 which accompanies this distribution. The full text of the license may be found at
34 http://opensource.org/licenses/bsd-license.php
35
36 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
37 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
38
39 **/
40
41 #include "DxeMain.h"
42
43 //
44 // Local defines and typedefs
45 //
46 #define CORE_SECTION_CHILD_SIGNATURE SIGNATURE_32('S','X','C','S')
47 #define CHILD_SECTION_NODE_FROM_LINK(Node) \
48 CR (Node, CORE_SECTION_CHILD_NODE, Link, CORE_SECTION_CHILD_SIGNATURE)
49
50 typedef struct {
51 UINT32 Signature;
52 LIST_ENTRY Link;
53 UINT32 Type;
54 UINT32 Size;
55 //
56 // StreamBase + OffsetInStream == pointer to section header in stream. The
57 // stream base is always known when walking the sections within.
58 //
59 UINT32 OffsetInStream;
60 //
61 // Then EncapsulatedStreamHandle below is always 0 if the section is NOT an
62 // encapsulating section. Otherwise, it contains the stream handle
63 // of the encapsulated stream. This handle is ALWAYS produced any time an
64 // encapsulating child is encountered, irrespective of whether the
65 // encapsulated stream is processed further.
66 //
67 UINTN EncapsulatedStreamHandle;
68 EFI_GUID *EncapsulationGuid;
69 } CORE_SECTION_CHILD_NODE;
70
71 #define CORE_SECTION_STREAM_SIGNATURE SIGNATURE_32('S','X','S','S')
72 #define STREAM_NODE_FROM_LINK(Node) \
73 CR (Node, CORE_SECTION_STREAM_NODE, Link, CORE_SECTION_STREAM_SIGNATURE)
74
75 typedef struct {
76 UINT32 Signature;
77 LIST_ENTRY Link;
78 UINTN StreamHandle;
79 UINT8 *StreamBuffer;
80 UINTN StreamLength;
81 LIST_ENTRY Children;
82 //
83 // Authentication status is from GUIDed encapsulations.
84 //
85 UINT32 AuthenticationStatus;
86 } CORE_SECTION_STREAM_NODE;
87
88 #define NULL_STREAM_HANDLE 0
89
90 typedef struct {
91 CORE_SECTION_CHILD_NODE *ChildNode;
92 CORE_SECTION_STREAM_NODE *ParentStream;
93 VOID *Registration;
94 EFI_EVENT Event;
95 } RPN_EVENT_CONTEXT;
96
97
98 /**
99 The ExtractSection() function processes the input section and
100 allocates a buffer from the pool in which it returns the section
101 contents. If the section being extracted contains
102 authentication information (the section's
103 GuidedSectionHeader.Attributes field has the
104 EFI_GUIDED_SECTION_AUTH_STATUS_VALID bit set), the values
105 returned in AuthenticationStatus must reflect the results of
106 the authentication operation. Depending on the algorithm and
107 size of the encapsulated data, the time that is required to do
108 a full authentication may be prohibitively long for some
109 classes of systems. To indicate this, use
110 EFI_SECURITY_POLICY_PROTOCOL_GUID, which may be published by
111 the security policy driver (see the Platform Initialization
112 Driver Execution Environment Core Interface Specification for
113 more details and the GUID definition). If the
114 EFI_SECURITY_POLICY_PROTOCOL_GUID exists in the handle
115 database, then, if possible, full authentication should be
116 skipped and the section contents simply returned in the
117 OutputBuffer. In this case, the
118 EFI_AUTH_STATUS_PLATFORM_OVERRIDE bit AuthenticationStatus
119 must be set on return. ExtractSection() is callable only from
120 TPL_NOTIFY and below. Behavior of ExtractSection() at any
121 EFI_TPL above TPL_NOTIFY is undefined. Type EFI_TPL is
122 defined in RaiseTPL() in the UEFI 2.0 specification.
123
124
125 @param This Indicates the
126 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL instance.
127 @param InputSection Buffer containing the input GUIDed section
128 to be processed. OutputBuffer OutputBuffer
129 is allocated from boot services pool
130 memory and contains the new section
131 stream. The caller is responsible for
132 freeing this buffer.
133 @param OutputBuffer *OutputBuffer is allocated from boot services
134 pool memory and contains the new section stream.
135 The caller is responsible for freeing this buffer.
136 @param OutputSize A pointer to a caller-allocated UINTN in
137 which the size of OutputBuffer allocation
138 is stored. If the function returns
139 anything other than EFI_SUCCESS, the value
140 of OutputSize is undefined.
141
142 @param AuthenticationStatus A pointer to a caller-allocated
143 UINT32 that indicates the
144 authentication status of the
145 output buffer. If the input
146 section's
147 GuidedSectionHeader.Attributes
148 field has the
149 EFI_GUIDED_SECTION_AUTH_STATUS_VAL
150 bit as clear, AuthenticationStatus
151 must return zero. Both local bits
152 (19:16) and aggregate bits (3:0)
153 in AuthenticationStatus are
154 returned by ExtractSection().
155 These bits reflect the status of
156 the extraction operation. The bit
157 pattern in both regions must be
158 the same, as the local and
159 aggregate authentication statuses
160 have equivalent meaning at this
161 level. If the function returns
162 anything other than EFI_SUCCESS,
163 the value of AuthenticationStatus
164 is undefined.
165
166
167 @retval EFI_SUCCESS The InputSection was successfully
168 processed and the section contents were
169 returned.
170
171 @retval EFI_OUT_OF_RESOURCES The system has insufficient
172 resources to process the
173 request.
174
175 @retval EFI_INVALID_PARAMETER The GUID in InputSection does
176 not match this instance of the
177 GUIDed Section Extraction
178 Protocol.
179
180 **/
181 EFI_STATUS
182 EFIAPI
183 CustomGuidedSectionExtract (
184 IN CONST EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL *This,
185 IN CONST VOID *InputSection,
186 OUT VOID **OutputBuffer,
187 OUT UINTN *OutputSize,
188 OUT UINT32 *AuthenticationStatus
189 );
190
191 //
192 // Module globals
193 //
194 LIST_ENTRY mStreamRoot = INITIALIZE_LIST_HEAD_VARIABLE (mStreamRoot);
195
196 EFI_HANDLE mSectionExtractionHandle = NULL;
197
198 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL mCustomGuidedSectionExtractionProtocol = {
199 CustomGuidedSectionExtract
200 };
201
202
203 /**
204 Entry point of the section extraction code. Initializes an instance of the
205 section extraction interface and installs it on a new handle.
206
207 @param ImageHandle A handle for the image that is initializing this driver
208 @param SystemTable A pointer to the EFI system table
209
210 @retval EFI_SUCCESS Driver initialized successfully
211 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources
212
213 **/
214 EFI_STATUS
215 EFIAPI
216 InitializeSectionExtraction (
217 IN EFI_HANDLE ImageHandle,
218 IN EFI_SYSTEM_TABLE *SystemTable
219 )
220 {
221 EFI_STATUS Status;
222 EFI_GUID *ExtractHandlerGuidTable;
223 UINTN ExtractHandlerNumber;
224
225 //
226 // Get custom extract guided section method guid list
227 //
228 ExtractHandlerNumber = ExtractGuidedSectionGetGuidList (&ExtractHandlerGuidTable);
229
230 Status = EFI_SUCCESS;
231 //
232 // Install custom guided extraction protocol
233 //
234 while (ExtractHandlerNumber-- > 0) {
235 Status = CoreInstallProtocolInterface (
236 &mSectionExtractionHandle,
237 &ExtractHandlerGuidTable [ExtractHandlerNumber],
238 EFI_NATIVE_INTERFACE,
239 &mCustomGuidedSectionExtractionProtocol
240 );
241 ASSERT_EFI_ERROR (Status);
242 }
243
244 return Status;
245 }
246
247
248 /**
249 Check if a stream is valid.
250
251 @param SectionStream The section stream to be checked
252 @param SectionStreamLength The length of section stream
253
254 @return A boolean value indicating the validness of the section stream.
255
256 **/
257 BOOLEAN
258 IsValidSectionStream (
259 IN VOID *SectionStream,
260 IN UINTN SectionStreamLength
261 )
262 {
263 UINTN TotalLength;
264 UINTN SectionLength;
265 EFI_COMMON_SECTION_HEADER *SectionHeader;
266 EFI_COMMON_SECTION_HEADER *NextSectionHeader;
267
268 TotalLength = 0;
269 SectionHeader = (EFI_COMMON_SECTION_HEADER *)SectionStream;
270
271 while (TotalLength < SectionStreamLength) {
272 SectionLength = SECTION_SIZE (SectionHeader);
273 TotalLength += SectionLength;
274
275 if (TotalLength == SectionStreamLength) {
276 return TRUE;
277 }
278
279 //
280 // Move to the next byte following the section...
281 //
282 SectionHeader = (EFI_COMMON_SECTION_HEADER *) ((UINT8 *) SectionHeader + SectionLength);
283
284 //
285 // Figure out where the next section begins
286 //
287 NextSectionHeader = ALIGN_POINTER(SectionHeader, 4);
288 TotalLength += (UINTN) NextSectionHeader - (UINTN) SectionHeader;
289 SectionHeader = NextSectionHeader;
290 }
291
292 ASSERT (FALSE);
293 return FALSE;
294 }
295
296
297 /**
298 Worker function. Constructor for section streams.
299
300 @param SectionStreamLength Size in bytes of the section stream.
301 @param SectionStream Buffer containing the new section stream.
302 @param AllocateBuffer Indicates whether the stream buffer is to be
303 copied or the input buffer is to be used in
304 place. AuthenticationStatus- Indicates the
305 default authentication status for the new
306 stream.
307 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that
308 indicates the authentication status of the
309 output buffer. If the input section's
310 GuidedSectionHeader.Attributes field
311 has the EFI_GUIDED_SECTION_AUTH_STATUS_VALID
312 bit as clear, AuthenticationStatus must return
313 zero. Both local bits (19:16) and aggregate
314 bits (3:0) in AuthenticationStatus are returned
315 by ExtractSection(). These bits reflect the
316 status of the extraction operation. The bit
317 pattern in both regions must be the same, as
318 the local and aggregate authentication statuses
319 have equivalent meaning at this level. If the
320 function returns anything other than
321 EFI_SUCCESS, the value of *AuthenticationStatus
322 is undefined.
323 @param SectionStreamHandle A pointer to a caller allocated section stream
324 handle.
325
326 @retval EFI_SUCCESS Stream was added to stream database.
327 @retval EFI_OUT_OF_RESOURCES memory allocation failed.
328
329 **/
330 EFI_STATUS
331 OpenSectionStreamEx (
332 IN UINTN SectionStreamLength,
333 IN VOID *SectionStream,
334 IN BOOLEAN AllocateBuffer,
335 IN UINT32 AuthenticationStatus,
336 OUT UINTN *SectionStreamHandle
337 )
338 {
339 CORE_SECTION_STREAM_NODE *NewStream;
340 EFI_TPL OldTpl;
341
342 //
343 // Allocate a new stream
344 //
345 NewStream = AllocatePool (sizeof (CORE_SECTION_STREAM_NODE));
346 if (NewStream == NULL) {
347 return EFI_OUT_OF_RESOURCES;
348 }
349
350 if (AllocateBuffer) {
351 //
352 // if we're here, we're double buffering, allocate the buffer and copy the
353 // data in
354 //
355 if (SectionStreamLength > 0) {
356 NewStream->StreamBuffer = AllocatePool (SectionStreamLength);
357 if (NewStream->StreamBuffer == NULL) {
358 CoreFreePool (NewStream);
359 return EFI_OUT_OF_RESOURCES;
360 }
361 //
362 // Copy in stream data
363 //
364 CopyMem (NewStream->StreamBuffer, SectionStream, SectionStreamLength);
365 } else {
366 //
367 // It's possible to have a zero length section stream.
368 //
369 NewStream->StreamBuffer = NULL;
370 }
371 } else {
372 //
373 // If were here, the caller has supplied the buffer (it's an internal call)
374 // so just assign the buffer. This happens when we open section streams
375 // as a result of expanding an encapsulating section.
376 //
377 NewStream->StreamBuffer = SectionStream;
378 }
379
380 //
381 // Initialize the rest of the section stream
382 //
383 NewStream->Signature = CORE_SECTION_STREAM_SIGNATURE;
384 NewStream->StreamHandle = (UINTN) NewStream;
385 NewStream->StreamLength = SectionStreamLength;
386 InitializeListHead (&NewStream->Children);
387 NewStream->AuthenticationStatus = AuthenticationStatus;
388
389 //
390 // Add new stream to stream list
391 //
392 OldTpl = CoreRaiseTpl (TPL_NOTIFY);
393 InsertTailList (&mStreamRoot, &NewStream->Link);
394 CoreRestoreTpl (OldTpl);
395
396 *SectionStreamHandle = NewStream->StreamHandle;
397
398 return EFI_SUCCESS;
399 }
400
401
402 /**
403 SEP member function. This function creates and returns a new section stream
404 handle to represent the new section stream.
405
406 @param SectionStreamLength Size in bytes of the section stream.
407 @param SectionStream Buffer containing the new section stream.
408 @param SectionStreamHandle A pointer to a caller allocated UINTN that on
409 output contains the new section stream handle.
410
411 @retval EFI_SUCCESS The section stream is created successfully.
412 @retval EFI_OUT_OF_RESOURCES memory allocation failed.
413 @retval EFI_INVALID_PARAMETER Section stream does not end concident with end
414 of last section.
415
416 **/
417 EFI_STATUS
418 EFIAPI
419 OpenSectionStream (
420 IN UINTN SectionStreamLength,
421 IN VOID *SectionStream,
422 OUT UINTN *SectionStreamHandle
423 )
424 {
425 //
426 // Check to see section stream looks good...
427 //
428 if (!IsValidSectionStream (SectionStream, SectionStreamLength)) {
429 return EFI_INVALID_PARAMETER;
430 }
431
432 return OpenSectionStreamEx (
433 SectionStreamLength,
434 SectionStream,
435 TRUE,
436 0,
437 SectionStreamHandle
438 );
439 }
440
441
442
443 /**
444 Worker function. Determine if the input stream:child matches the input type.
445
446 @param Stream Indicates the section stream associated with the
447 child
448 @param Child Indicates the child to check
449 @param SearchType Indicates the type of section to check against
450 for
451 @param SectionDefinitionGuid Indicates the GUID to check against if the type
452 is EFI_SECTION_GUID_DEFINED
453
454 @retval TRUE The child matches
455 @retval FALSE The child doesn't match
456
457 **/
458 BOOLEAN
459 ChildIsType (
460 IN CORE_SECTION_STREAM_NODE *Stream,
461 IN CORE_SECTION_CHILD_NODE *Child,
462 IN EFI_SECTION_TYPE SearchType,
463 IN EFI_GUID *SectionDefinitionGuid
464 )
465 {
466 EFI_GUID_DEFINED_SECTION *GuidedSection;
467
468 if (SearchType == EFI_SECTION_ALL) {
469 return TRUE;
470 }
471 if (Child->Type != SearchType) {
472 return FALSE;
473 }
474 if ((SearchType != EFI_SECTION_GUID_DEFINED) || (SectionDefinitionGuid == NULL)) {
475 return TRUE;
476 }
477 GuidedSection = (EFI_GUID_DEFINED_SECTION * )(Stream->StreamBuffer + Child->OffsetInStream);
478 return CompareGuid (&GuidedSection->SectionDefinitionGuid, SectionDefinitionGuid);
479 }
480
481
482 /**
483 Worker function. Constructor for new child nodes.
484
485 @param Stream Indicates the section stream in which to add the
486 child.
487 @param ChildOffset Indicates the offset in Stream that is the
488 beginning of the child section.
489 @param ChildNode Indicates the Callee allocated and initialized
490 child.
491
492 @retval EFI_SUCCESS Child node was found and returned.
493 EFI_OUT_OF_RESOURCES- Memory allocation failed.
494 @retval EFI_PROTOCOL_ERROR Encapsulation sections produce new stream
495 handles when the child node is created. If the
496 section type is GUID defined, and the extraction
497 GUID does not exist, and producing the stream
498 requires the GUID, then a protocol error is
499 generated and no child is produced. Values
500 returned by OpenSectionStreamEx.
501
502 **/
503 EFI_STATUS
504 CreateChildNode (
505 IN CORE_SECTION_STREAM_NODE *Stream,
506 IN UINT32 ChildOffset,
507 OUT CORE_SECTION_CHILD_NODE **ChildNode
508 )
509 {
510 EFI_STATUS Status;
511 EFI_COMMON_SECTION_HEADER *SectionHeader;
512 EFI_COMPRESSION_SECTION *CompressionHeader;
513 EFI_GUID_DEFINED_SECTION *GuidedHeader;
514 EFI_DECOMPRESS_PROTOCOL *Decompress;
515 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL *GuidedExtraction;
516 VOID *NewStreamBuffer;
517 VOID *ScratchBuffer;
518 UINT32 ScratchSize;
519 UINTN NewStreamBufferSize;
520 UINT32 AuthenticationStatus;
521 UINT32 SectionLength;
522
523 CORE_SECTION_CHILD_NODE *Node;
524
525 SectionHeader = (EFI_COMMON_SECTION_HEADER *) (Stream->StreamBuffer + ChildOffset);
526
527 //
528 // Allocate a new node
529 //
530 *ChildNode = AllocatePool (sizeof (CORE_SECTION_CHILD_NODE));
531 Node = *ChildNode;
532 if (Node == NULL) {
533 return EFI_OUT_OF_RESOURCES;
534 }
535
536 //
537 // Now initialize it
538 //
539 Node->Signature = CORE_SECTION_CHILD_SIGNATURE;
540 Node->Type = SectionHeader->Type;
541 Node->Size = SECTION_SIZE (SectionHeader);
542 Node->OffsetInStream = ChildOffset;
543 Node->EncapsulatedStreamHandle = NULL_STREAM_HANDLE;
544 Node->EncapsulationGuid = NULL;
545
546 //
547 // If it's an encapsulating section, then create the new section stream also
548 //
549 switch (Node->Type) {
550 case EFI_SECTION_COMPRESSION:
551 //
552 // Get the CompressionSectionHeader
553 //
554 ASSERT (Node->Size >= sizeof (EFI_COMPRESSION_SECTION));
555
556 CompressionHeader = (EFI_COMPRESSION_SECTION *) SectionHeader;
557
558 //
559 // Allocate space for the new stream
560 //
561 if (CompressionHeader->UncompressedLength > 0) {
562 NewStreamBufferSize = CompressionHeader->UncompressedLength;
563 NewStreamBuffer = AllocatePool (NewStreamBufferSize);
564 if (NewStreamBuffer == NULL) {
565 CoreFreePool (Node);
566 return EFI_OUT_OF_RESOURCES;
567 }
568
569 if (CompressionHeader->CompressionType == EFI_NOT_COMPRESSED) {
570 //
571 // stream is not actually compressed, just encapsulated. So just copy it.
572 //
573 CopyMem (NewStreamBuffer, CompressionHeader + 1, NewStreamBufferSize);
574 } else if (CompressionHeader->CompressionType == EFI_STANDARD_COMPRESSION) {
575 //
576 // Only support the EFI_SATNDARD_COMPRESSION algorithm.
577 //
578
579 //
580 // Decompress the stream
581 //
582 Status = CoreLocateProtocol (&gEfiDecompressProtocolGuid, NULL, (VOID **)&Decompress);
583 ASSERT_EFI_ERROR (Status);
584 ASSERT (Decompress != NULL);
585
586 Status = Decompress->GetInfo (
587 Decompress,
588 CompressionHeader + 1,
589 Node->Size - sizeof (EFI_COMPRESSION_SECTION),
590 (UINT32 *)&NewStreamBufferSize,
591 &ScratchSize
592 );
593 ASSERT_EFI_ERROR (Status);
594 ASSERT (NewStreamBufferSize == CompressionHeader->UncompressedLength);
595
596 ScratchBuffer = AllocatePool (ScratchSize);
597 if (ScratchBuffer == NULL) {
598 CoreFreePool (Node);
599 CoreFreePool (NewStreamBuffer);
600 return EFI_OUT_OF_RESOURCES;
601 }
602
603 Status = Decompress->Decompress (
604 Decompress,
605 CompressionHeader + 1,
606 Node->Size - sizeof (EFI_COMPRESSION_SECTION),
607 NewStreamBuffer,
608 (UINT32)NewStreamBufferSize,
609 ScratchBuffer,
610 ScratchSize
611 );
612 ASSERT_EFI_ERROR (Status);
613 CoreFreePool (ScratchBuffer);
614 }
615 } else {
616 NewStreamBuffer = NULL;
617 NewStreamBufferSize = 0;
618 }
619
620 Status = OpenSectionStreamEx (
621 NewStreamBufferSize,
622 NewStreamBuffer,
623 FALSE,
624 Stream->AuthenticationStatus,
625 &Node->EncapsulatedStreamHandle
626 );
627 if (EFI_ERROR (Status)) {
628 CoreFreePool (Node);
629 CoreFreePool (NewStreamBuffer);
630 return Status;
631 }
632 break;
633
634 case EFI_SECTION_GUID_DEFINED:
635 GuidedHeader = (EFI_GUID_DEFINED_SECTION *) SectionHeader;
636 Node->EncapsulationGuid = &GuidedHeader->SectionDefinitionGuid;
637 Status = CoreLocateProtocol (Node->EncapsulationGuid, NULL, (VOID **)&GuidedExtraction);
638 if (!EFI_ERROR (Status) && GuidedExtraction != NULL) {
639 //
640 // NewStreamBuffer is always allocated by ExtractSection... No caller
641 // allocation here.
642 //
643 Status = GuidedExtraction->ExtractSection (
644 GuidedExtraction,
645 GuidedHeader,
646 &NewStreamBuffer,
647 &NewStreamBufferSize,
648 &AuthenticationStatus
649 );
650 if (EFI_ERROR (Status)) {
651 CoreFreePool (*ChildNode);
652 return EFI_PROTOCOL_ERROR;
653 }
654
655 //
656 // Make sure we initialize the new stream with the correct
657 // authentication status for both aggregate and local status fields.
658 //
659 if ((GuidedHeader->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0) {
660 //
661 // OR in the parent stream's aggregate status.
662 //
663 AuthenticationStatus |= Stream->AuthenticationStatus & EFI_AUTH_STATUS_ALL;
664 } else {
665 //
666 // since there's no authentication data contributed by the section,
667 // just inherit the full value from our immediate parent.
668 //
669 AuthenticationStatus = Stream->AuthenticationStatus;
670 }
671
672 Status = OpenSectionStreamEx (
673 NewStreamBufferSize,
674 NewStreamBuffer,
675 FALSE,
676 AuthenticationStatus,
677 &Node->EncapsulatedStreamHandle
678 );
679 if (EFI_ERROR (Status)) {
680 CoreFreePool (*ChildNode);
681 CoreFreePool (NewStreamBuffer);
682 return Status;
683 }
684 } else {
685 //
686 // There's no GUIDed section extraction protocol available.
687 //
688 if ((GuidedHeader->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
689 //
690 // If the section REQUIRES an extraction protocol, then we're toast
691 //
692 CoreFreePool (*ChildNode);
693 return EFI_PROTOCOL_ERROR;
694 }
695
696 //
697 // Figure out the proper authentication status
698 //
699 AuthenticationStatus = Stream->AuthenticationStatus;
700
701 SectionLength = SECTION_SIZE (GuidedHeader);
702 Status = OpenSectionStreamEx (
703 SectionLength - GuidedHeader->DataOffset,
704 (UINT8 *) GuidedHeader + GuidedHeader->DataOffset,
705 TRUE,
706 AuthenticationStatus,
707 &Node->EncapsulatedStreamHandle
708 );
709 if (EFI_ERROR (Status)) {
710 CoreFreePool (Node);
711 return Status;
712 }
713 }
714
715 break;
716
717 default:
718
719 //
720 // Nothing to do if it's a leaf
721 //
722 break;
723 }
724
725 //
726 // Last, add the new child node to the stream
727 //
728 InsertTailList (&Stream->Children, &Node->Link);
729
730 return EFI_SUCCESS;
731 }
732
733
734 /**
735 Worker function Recursively searches / builds section stream database
736 looking for requested section.
737
738 @param SourceStream Indicates the section stream in which to do the
739 search.
740 @param SearchType Indicates the type of section to search for.
741 @param SectionInstance Indicates which instance of section to find.
742 This is an in/out parameter to deal with
743 recursions.
744 @param SectionDefinitionGuid Guid of section definition
745 @param FoundChild Output indicating the child node that is found.
746 @param FoundStream Output indicating which section stream the child
747 was found in. If this stream was generated as a
748 result of an encapsulation section, the
749 streamhandle is visible within the SEP driver
750 only.
751 @param AuthenticationStatus Indicates the authentication status of the found section.
752
753 @retval EFI_SUCCESS Child node was found and returned.
754 EFI_OUT_OF_RESOURCES- Memory allocation failed.
755 @retval EFI_NOT_FOUND Requested child node does not exist.
756 @retval EFI_PROTOCOL_ERROR a required GUIDED section extraction protocol
757 does not exist
758
759 **/
760 EFI_STATUS
761 FindChildNode (
762 IN CORE_SECTION_STREAM_NODE *SourceStream,
763 IN EFI_SECTION_TYPE SearchType,
764 IN OUT UINTN *SectionInstance,
765 IN EFI_GUID *SectionDefinitionGuid,
766 OUT CORE_SECTION_CHILD_NODE **FoundChild,
767 OUT CORE_SECTION_STREAM_NODE **FoundStream,
768 OUT UINT32 *AuthenticationStatus
769 )
770 {
771 CORE_SECTION_CHILD_NODE *CurrentChildNode;
772 CORE_SECTION_CHILD_NODE *RecursedChildNode;
773 CORE_SECTION_STREAM_NODE *RecursedFoundStream;
774 UINT32 NextChildOffset;
775 EFI_STATUS ErrorStatus;
776 EFI_STATUS Status;
777
778 CurrentChildNode = NULL;
779 ErrorStatus = EFI_NOT_FOUND;
780
781 if (SourceStream->StreamLength == 0) {
782 return EFI_NOT_FOUND;
783 }
784
785 if (IsListEmpty (&SourceStream->Children) &&
786 SourceStream->StreamLength >= sizeof (EFI_COMMON_SECTION_HEADER)) {
787 //
788 // This occurs when a section stream exists, but no child sections
789 // have been parsed out yet. Therefore, extract the first child and add it
790 // to the list of children so we can get started.
791 // Section stream may contain an array of zero or more bytes.
792 // So, its size should be >= the size of commen section header.
793 //
794 Status = CreateChildNode (SourceStream, 0, &CurrentChildNode);
795 if (EFI_ERROR (Status)) {
796 return Status;
797 }
798 }
799
800 //
801 // At least one child has been parsed out of the section stream. So, walk
802 // through the sections that have already been parsed out looking for the
803 // requested section, if necessary, continue parsing section stream and
804 // adding children until either the requested section is found, or we run
805 // out of data
806 //
807 CurrentChildNode = CHILD_SECTION_NODE_FROM_LINK (GetFirstNode(&SourceStream->Children));
808
809 for (;;) {
810 ASSERT (CurrentChildNode != NULL);
811 if (ChildIsType (SourceStream, CurrentChildNode, SearchType, SectionDefinitionGuid)) {
812 //
813 // The type matches, so check the instance count to see if it's the one we want
814 //
815 (*SectionInstance)--;
816 if (*SectionInstance == 0) {
817 //
818 // Got it!
819 //
820 *FoundChild = CurrentChildNode;
821 *FoundStream = SourceStream;
822 *AuthenticationStatus = SourceStream->AuthenticationStatus;
823 return EFI_SUCCESS;
824 }
825 }
826
827 if (CurrentChildNode->EncapsulatedStreamHandle != NULL_STREAM_HANDLE) {
828 //
829 // If the current node is an encapsulating node, recurse into it...
830 //
831 Status = FindChildNode (
832 (CORE_SECTION_STREAM_NODE *)CurrentChildNode->EncapsulatedStreamHandle,
833 SearchType,
834 SectionInstance,
835 SectionDefinitionGuid,
836 &RecursedChildNode,
837 &RecursedFoundStream,
838 AuthenticationStatus
839 );
840 //
841 // If the status is not EFI_SUCCESS, just save the error code and continue
842 // to find the request child node in the rest stream.
843 //
844 if (*SectionInstance == 0) {
845 ASSERT_EFI_ERROR (Status);
846 *FoundChild = RecursedChildNode;
847 *FoundStream = RecursedFoundStream;
848 return EFI_SUCCESS;
849 } else {
850 ErrorStatus = Status;
851 }
852 }
853
854 if (!IsNodeAtEnd (&SourceStream->Children, &CurrentChildNode->Link)) {
855 //
856 // We haven't found the child node we're interested in yet, but there's
857 // still more nodes that have already been parsed so get the next one
858 // and continue searching..
859 //
860 CurrentChildNode = CHILD_SECTION_NODE_FROM_LINK (GetNextNode (&SourceStream->Children, &CurrentChildNode->Link));
861 } else {
862 //
863 // We've exhausted children that have already been parsed, so see if
864 // there's any more data and continue parsing out more children if there
865 // is.
866 //
867 NextChildOffset = CurrentChildNode->OffsetInStream + CurrentChildNode->Size;
868 //
869 // Round up to 4 byte boundary
870 //
871 NextChildOffset += 3;
872 NextChildOffset &= ~(UINTN) 3;
873 if (NextChildOffset <= SourceStream->StreamLength - sizeof (EFI_COMMON_SECTION_HEADER)) {
874 //
875 // There's an unparsed child remaining in the stream, so create a new child node
876 //
877 Status = CreateChildNode (SourceStream, NextChildOffset, &CurrentChildNode);
878 if (EFI_ERROR (Status)) {
879 return Status;
880 }
881 } else {
882 ASSERT (EFI_ERROR (ErrorStatus));
883 return ErrorStatus;
884 }
885 }
886 }
887 }
888
889
890 /**
891 Worker function. Search stream database for requested stream handle.
892
893 @param SearchHandle Indicates which stream to look for.
894 @param FoundStream Output pointer to the found stream.
895
896 @retval EFI_SUCCESS StreamHandle was found and *FoundStream contains
897 the stream node.
898 @retval EFI_NOT_FOUND SearchHandle was not found in the stream
899 database.
900
901 **/
902 EFI_STATUS
903 FindStreamNode (
904 IN UINTN SearchHandle,
905 OUT CORE_SECTION_STREAM_NODE **FoundStream
906 )
907 {
908 CORE_SECTION_STREAM_NODE *StreamNode;
909
910 if (!IsListEmpty (&mStreamRoot)) {
911 StreamNode = STREAM_NODE_FROM_LINK (GetFirstNode (&mStreamRoot));
912 for (;;) {
913 if (StreamNode->StreamHandle == SearchHandle) {
914 *FoundStream = StreamNode;
915 return EFI_SUCCESS;
916 } else if (IsNodeAtEnd (&mStreamRoot, &StreamNode->Link)) {
917 break;
918 } else {
919 StreamNode = STREAM_NODE_FROM_LINK (GetNextNode (&mStreamRoot, &StreamNode->Link));
920 }
921 }
922 }
923
924 return EFI_NOT_FOUND;
925 }
926
927
928 /**
929 SEP member function. Retrieves requested section from section stream.
930
931 @param SectionStreamHandle The section stream from which to extract the
932 requested section.
933 @param SectionType A pointer to the type of section to search for.
934 @param SectionDefinitionGuid If the section type is EFI_SECTION_GUID_DEFINED,
935 then SectionDefinitionGuid indicates which of
936 these types of sections to search for.
937 @param SectionInstance Indicates which instance of the requested
938 section to return.
939 @param Buffer Double indirection to buffer. If *Buffer is
940 non-null on input, then the buffer is caller
941 allocated. If Buffer is NULL, then the buffer
942 is callee allocated. In either case, the
943 requried buffer size is returned in *BufferSize.
944 @param BufferSize On input, indicates the size of *Buffer if
945 *Buffer is non-null on input. On output,
946 indicates the required size (allocated size if
947 callee allocated) of *Buffer.
948 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that
949 indicates the authentication status of the
950 output buffer. If the input section's
951 GuidedSectionHeader.Attributes field
952 has the EFI_GUIDED_SECTION_AUTH_STATUS_VALID
953 bit as clear, AuthenticationStatus must return
954 zero. Both local bits (19:16) and aggregate
955 bits (3:0) in AuthenticationStatus are returned
956 by ExtractSection(). These bits reflect the
957 status of the extraction operation. The bit
958 pattern in both regions must be the same, as
959 the local and aggregate authentication statuses
960 have equivalent meaning at this level. If the
961 function returns anything other than
962 EFI_SUCCESS, the value of *AuthenticationStatus
963 is undefined.
964
965 @retval EFI_SUCCESS Section was retrieved successfully
966 @retval EFI_PROTOCOL_ERROR A GUID defined section was encountered in the
967 section stream with its
968 EFI_GUIDED_SECTION_PROCESSING_REQUIRED bit set,
969 but there was no corresponding GUIDed Section
970 Extraction Protocol in the handle database.
971 *Buffer is unmodified.
972 @retval EFI_NOT_FOUND An error was encountered when parsing the
973 SectionStream. This indicates the SectionStream
974 is not correctly formatted.
975 @retval EFI_NOT_FOUND The requested section does not exist.
976 @retval EFI_OUT_OF_RESOURCES The system has insufficient resources to process
977 the request.
978 @retval EFI_INVALID_PARAMETER The SectionStreamHandle does not exist.
979 @retval EFI_WARN_TOO_SMALL The size of the caller allocated input buffer is
980 insufficient to contain the requested section.
981 The input buffer is filled and section contents
982 are truncated.
983
984 **/
985 EFI_STATUS
986 EFIAPI
987 GetSection (
988 IN UINTN SectionStreamHandle,
989 IN EFI_SECTION_TYPE *SectionType,
990 IN EFI_GUID *SectionDefinitionGuid,
991 IN UINTN SectionInstance,
992 IN VOID **Buffer,
993 IN OUT UINTN *BufferSize,
994 OUT UINT32 *AuthenticationStatus
995 )
996 {
997 CORE_SECTION_STREAM_NODE *StreamNode;
998 EFI_TPL OldTpl;
999 EFI_STATUS Status;
1000 CORE_SECTION_CHILD_NODE *ChildNode;
1001 CORE_SECTION_STREAM_NODE *ChildStreamNode;
1002 UINTN CopySize;
1003 UINT32 ExtractedAuthenticationStatus;
1004 UINTN Instance;
1005 UINT8 *CopyBuffer;
1006 UINTN SectionSize;
1007
1008
1009 OldTpl = CoreRaiseTpl (TPL_NOTIFY);
1010 Instance = SectionInstance + 1;
1011
1012 //
1013 // Locate target stream
1014 //
1015 Status = FindStreamNode (SectionStreamHandle, &StreamNode);
1016 if (EFI_ERROR (Status)) {
1017 Status = EFI_INVALID_PARAMETER;
1018 goto GetSection_Done;
1019 }
1020
1021 //
1022 // Found the stream, now locate and return the appropriate section
1023 //
1024 if (SectionType == NULL) {
1025 //
1026 // SectionType == NULL means return the WHOLE section stream...
1027 //
1028 CopySize = StreamNode->StreamLength;
1029 CopyBuffer = StreamNode->StreamBuffer;
1030 *AuthenticationStatus = StreamNode->AuthenticationStatus;
1031 } else {
1032 //
1033 // There's a requested section type, so go find it and return it...
1034 //
1035 Status = FindChildNode (
1036 StreamNode,
1037 *SectionType,
1038 &Instance,
1039 SectionDefinitionGuid,
1040 &ChildNode,
1041 &ChildStreamNode,
1042 &ExtractedAuthenticationStatus
1043 );
1044 if (EFI_ERROR (Status)) {
1045 goto GetSection_Done;
1046 }
1047 CopySize = ChildNode->Size - sizeof (EFI_COMMON_SECTION_HEADER);
1048 CopyBuffer = ChildStreamNode->StreamBuffer + ChildNode->OffsetInStream + sizeof (EFI_COMMON_SECTION_HEADER);
1049 *AuthenticationStatus = ExtractedAuthenticationStatus;
1050 }
1051
1052 SectionSize = CopySize;
1053 if (*Buffer != NULL) {
1054 //
1055 // Caller allocated buffer. Fill to size and return required size...
1056 //
1057 if (*BufferSize < CopySize) {
1058 Status = EFI_WARN_BUFFER_TOO_SMALL;
1059 CopySize = *BufferSize;
1060 }
1061 } else {
1062 //
1063 // Callee allocated buffer. Allocate buffer and return size.
1064 //
1065 *Buffer = AllocatePool (CopySize);
1066 if (*Buffer == NULL) {
1067 Status = EFI_OUT_OF_RESOURCES;
1068 goto GetSection_Done;
1069 }
1070 }
1071 CopyMem (*Buffer, CopyBuffer, CopySize);
1072 *BufferSize = SectionSize;
1073
1074 GetSection_Done:
1075 CoreRestoreTpl (OldTpl);
1076
1077 return Status;
1078 }
1079
1080
1081 /**
1082 Worker function. Destructor for child nodes.
1083
1084 @param ChildNode Indicates the node to destroy
1085
1086 **/
1087 VOID
1088 FreeChildNode (
1089 IN CORE_SECTION_CHILD_NODE *ChildNode
1090 )
1091 {
1092 ASSERT (ChildNode->Signature == CORE_SECTION_CHILD_SIGNATURE);
1093 //
1094 // Remove the child from it's list
1095 //
1096 RemoveEntryList (&ChildNode->Link);
1097
1098 if (ChildNode->EncapsulatedStreamHandle != NULL_STREAM_HANDLE) {
1099 //
1100 // If it's an encapsulating section, we close the resulting section stream.
1101 // CloseSectionStream will free all memory associated with the stream.
1102 //
1103 CloseSectionStream (ChildNode->EncapsulatedStreamHandle);
1104 }
1105 //
1106 // Last, free the child node itself
1107 //
1108 CoreFreePool (ChildNode);
1109 }
1110
1111
1112 /**
1113 SEP member function. Deletes an existing section stream
1114
1115 @param StreamHandleToClose Indicates the stream to close
1116
1117 @retval EFI_SUCCESS The section stream is closed sucessfully.
1118 @retval EFI_OUT_OF_RESOURCES Memory allocation failed.
1119 @retval EFI_INVALID_PARAMETER Section stream does not end concident with end
1120 of last section.
1121
1122 **/
1123 EFI_STATUS
1124 EFIAPI
1125 CloseSectionStream (
1126 IN UINTN StreamHandleToClose
1127 )
1128 {
1129 CORE_SECTION_STREAM_NODE *StreamNode;
1130 EFI_TPL OldTpl;
1131 EFI_STATUS Status;
1132 LIST_ENTRY *Link;
1133 CORE_SECTION_CHILD_NODE *ChildNode;
1134
1135 OldTpl = CoreRaiseTpl (TPL_NOTIFY);
1136
1137 //
1138 // Locate target stream
1139 //
1140 Status = FindStreamNode (StreamHandleToClose, &StreamNode);
1141 if (!EFI_ERROR (Status)) {
1142 //
1143 // Found the stream, so close it
1144 //
1145 RemoveEntryList (&StreamNode->Link);
1146 while (!IsListEmpty (&StreamNode->Children)) {
1147 Link = GetFirstNode (&StreamNode->Children);
1148 ChildNode = CHILD_SECTION_NODE_FROM_LINK (Link);
1149 FreeChildNode (ChildNode);
1150 }
1151 CoreFreePool (StreamNode->StreamBuffer);
1152 CoreFreePool (StreamNode);
1153 Status = EFI_SUCCESS;
1154 } else {
1155 Status = EFI_INVALID_PARAMETER;
1156 }
1157
1158 CoreRestoreTpl (OldTpl);
1159 return Status;
1160 }
1161
1162
1163 /**
1164 The ExtractSection() function processes the input section and
1165 allocates a buffer from the pool in which it returns the section
1166 contents. If the section being extracted contains
1167 authentication information (the section's
1168 GuidedSectionHeader.Attributes field has the
1169 EFI_GUIDED_SECTION_AUTH_STATUS_VALID bit set), the values
1170 returned in AuthenticationStatus must reflect the results of
1171 the authentication operation. Depending on the algorithm and
1172 size of the encapsulated data, the time that is required to do
1173 a full authentication may be prohibitively long for some
1174 classes of systems. To indicate this, use
1175 EFI_SECURITY_POLICY_PROTOCOL_GUID, which may be published by
1176 the security policy driver (see the Platform Initialization
1177 Driver Execution Environment Core Interface Specification for
1178 more details and the GUID definition). If the
1179 EFI_SECURITY_POLICY_PROTOCOL_GUID exists in the handle
1180 database, then, if possible, full authentication should be
1181 skipped and the section contents simply returned in the
1182 OutputBuffer. In this case, the
1183 EFI_AUTH_STATUS_PLATFORM_OVERRIDE bit AuthenticationStatus
1184 must be set on return. ExtractSection() is callable only from
1185 TPL_NOTIFY and below. Behavior of ExtractSection() at any
1186 EFI_TPL above TPL_NOTIFY is undefined. Type EFI_TPL is
1187 defined in RaiseTPL() in the UEFI 2.0 specification.
1188
1189
1190 @param This Indicates the
1191 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL instance.
1192 @param InputSection Buffer containing the input GUIDed section
1193 to be processed. OutputBuffer OutputBuffer
1194 is allocated from boot services pool
1195 memory and contains the new section
1196 stream. The caller is responsible for
1197 freeing this buffer.
1198 @param OutputBuffer *OutputBuffer is allocated from boot services
1199 pool memory and contains the new section stream.
1200 The caller is responsible for freeing this buffer.
1201 @param OutputSize A pointer to a caller-allocated UINTN in
1202 which the size of OutputBuffer allocation
1203 is stored. If the function returns
1204 anything other than EFI_SUCCESS, the value
1205 of OutputSize is undefined.
1206
1207 @param AuthenticationStatus A pointer to a caller-allocated
1208 UINT32 that indicates the
1209 authentication status of the
1210 output buffer. If the input
1211 section's
1212 GuidedSectionHeader.Attributes
1213 field has the
1214 EFI_GUIDED_SECTION_AUTH_STATUS_VAL
1215 bit as clear, AuthenticationStatus
1216 must return zero. Both local bits
1217 (19:16) and aggregate bits (3:0)
1218 in AuthenticationStatus are
1219 returned by ExtractSection().
1220 These bits reflect the status of
1221 the extraction operation. The bit
1222 pattern in both regions must be
1223 the same, as the local and
1224 aggregate authentication statuses
1225 have equivalent meaning at this
1226 level. If the function returns
1227 anything other than EFI_SUCCESS,
1228 the value of AuthenticationStatus
1229 is undefined.
1230
1231
1232 @retval EFI_SUCCESS The InputSection was successfully
1233 processed and the section contents were
1234 returned.
1235
1236 @retval EFI_OUT_OF_RESOURCES The system has insufficient
1237 resources to process the
1238 request.
1239
1240 @retval EFI_INVALID_PARAMETER The GUID in InputSection does
1241 not match this instance of the
1242 GUIDed Section Extraction
1243 Protocol.
1244
1245 **/
1246 EFI_STATUS
1247 EFIAPI
1248 CustomGuidedSectionExtract (
1249 IN CONST EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL *This,
1250 IN CONST VOID *InputSection,
1251 OUT VOID **OutputBuffer,
1252 OUT UINTN *OutputSize,
1253 OUT UINT32 *AuthenticationStatus
1254 )
1255 {
1256 EFI_STATUS Status;
1257 VOID *ScratchBuffer;
1258 VOID *AllocatedOutputBuffer;
1259 UINT32 OutputBufferSize;
1260 UINT32 ScratchBufferSize;
1261 UINT16 SectionAttribute;
1262
1263 //
1264 // Init local variable
1265 //
1266 ScratchBuffer = NULL;
1267 AllocatedOutputBuffer = NULL;
1268
1269 //
1270 // Call GetInfo to get the size and attribute of input guided section data.
1271 //
1272 Status = ExtractGuidedSectionGetInfo (
1273 InputSection,
1274 &OutputBufferSize,
1275 &ScratchBufferSize,
1276 &SectionAttribute
1277 );
1278
1279 if (EFI_ERROR (Status)) {
1280 DEBUG ((DEBUG_ERROR, "GetInfo from guided section Failed - %r\n", Status));
1281 return Status;
1282 }
1283
1284 if (ScratchBufferSize > 0) {
1285 //
1286 // Allocate scratch buffer
1287 //
1288 ScratchBuffer = AllocatePool (ScratchBufferSize);
1289 if (ScratchBuffer == NULL) {
1290 return EFI_OUT_OF_RESOURCES;
1291 }
1292 }
1293
1294 if (OutputBufferSize > 0) {
1295 //
1296 // Allocate output buffer
1297 //
1298 AllocatedOutputBuffer = AllocatePool (OutputBufferSize);
1299 if (AllocatedOutputBuffer == NULL) {
1300 FreePool (ScratchBuffer);
1301 return EFI_OUT_OF_RESOURCES;
1302 }
1303 *OutputBuffer = AllocatedOutputBuffer;
1304 }
1305
1306 //
1307 // Call decode function to extract raw data from the guided section.
1308 //
1309 Status = ExtractGuidedSectionDecode (
1310 InputSection,
1311 OutputBuffer,
1312 ScratchBuffer,
1313 AuthenticationStatus
1314 );
1315 if (EFI_ERROR (Status)) {
1316 //
1317 // Decode failed
1318 //
1319 if (AllocatedOutputBuffer != NULL) {
1320 CoreFreePool (AllocatedOutputBuffer);
1321 }
1322 if (ScratchBuffer != NULL) {
1323 CoreFreePool (ScratchBuffer);
1324 }
1325 DEBUG ((DEBUG_ERROR, "Extract guided section Failed - %r\n", Status));
1326 return Status;
1327 }
1328
1329 if (*OutputBuffer != AllocatedOutputBuffer) {
1330 //
1331 // OutputBuffer was returned as a different value,
1332 // so copy section contents to the allocated memory buffer.
1333 //
1334 CopyMem (AllocatedOutputBuffer, *OutputBuffer, OutputBufferSize);
1335 *OutputBuffer = AllocatedOutputBuffer;
1336 }
1337
1338 //
1339 // Set real size of output buffer.
1340 //
1341 *OutputSize = (UINTN) OutputBufferSize;
1342
1343 //
1344 // Free unused scratch buffer.
1345 //
1346 if (ScratchBuffer != NULL) {
1347 CoreFreePool (ScratchBuffer);
1348 }
1349
1350 return EFI_SUCCESS;
1351 }