2 Section Extraction Protocol implementation.
4 Stream database is implemented as a linked list of section streams,
5 where each stream contains a linked list of children, which may be leaves or
8 Children that are encapsulations generate new stream entries
9 when they are created. Streams can also be created by calls to
10 SEP->OpenSectionStream().
12 The database is only created far enough to return the requested data from
13 any given stream, or to determine that the requested data is not found.
15 If a GUIDed encapsulation is encountered, there are three possiblilites.
17 1) A support protocol is found, in which the stream is simply processed with
20 2) A support protocol is not found, but the data is available to be read
21 without processing. In this case, the database is built up through the
22 recursions to return the data, and a RPN event is set that will enable
23 the stream in question to be refreshed if and when the required section
24 extraction protocol is published.This insures the AuthenticationStatus
25 does not become stale in the cache.
27 3) A support protocol is not found, and the data is not available to be read
28 without it. This results in EFI_PROTOCOL_ERROR.
30 Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
31 This program and the accompanying materials
32 are licensed and made available under the terms and conditions of the BSD License
33 which accompanies this distribution. The full text of the license may be found at
34 http://opensource.org/licenses/bsd-license.php
36 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
37 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
44 // Local defines and typedefs
46 #define CORE_SECTION_CHILD_SIGNATURE SIGNATURE_32('S','X','C','S')
47 #define CHILD_SECTION_NODE_FROM_LINK(Node) \
48 CR (Node, CORE_SECTION_CHILD_NODE, Link, CORE_SECTION_CHILD_SIGNATURE)
56 // StreamBase + OffsetInStream == pointer to section header in stream. The
57 // stream base is always known when walking the sections within.
59 UINT32 OffsetInStream
;
61 // Then EncapsulatedStreamHandle below is always 0 if the section is NOT an
62 // encapsulating section. Otherwise, it contains the stream handle
63 // of the encapsulated stream. This handle is ALWAYS produced any time an
64 // encapsulating child is encountered, irrespective of whether the
65 // encapsulated stream is processed further.
67 UINTN EncapsulatedStreamHandle
;
68 EFI_GUID
*EncapsulationGuid
;
69 } CORE_SECTION_CHILD_NODE
;
71 #define CORE_SECTION_STREAM_SIGNATURE SIGNATURE_32('S','X','S','S')
72 #define STREAM_NODE_FROM_LINK(Node) \
73 CR (Node, CORE_SECTION_STREAM_NODE, Link, CORE_SECTION_STREAM_SIGNATURE)
83 // Authentication status is from GUIDed encapsulations.
85 UINT32 AuthenticationStatus
;
86 } CORE_SECTION_STREAM_NODE
;
88 #define NULL_STREAM_HANDLE 0
91 CORE_SECTION_CHILD_NODE
*ChildNode
;
92 CORE_SECTION_STREAM_NODE
*ParentStream
;
99 The ExtractSection() function processes the input section and
100 allocates a buffer from the pool in which it returns the section
101 contents. If the section being extracted contains
102 authentication information (the section's
103 GuidedSectionHeader.Attributes field has the
104 EFI_GUIDED_SECTION_AUTH_STATUS_VALID bit set), the values
105 returned in AuthenticationStatus must reflect the results of
106 the authentication operation. Depending on the algorithm and
107 size of the encapsulated data, the time that is required to do
108 a full authentication may be prohibitively long for some
109 classes of systems. To indicate this, use
110 EFI_SECURITY_POLICY_PROTOCOL_GUID, which may be published by
111 the security policy driver (see the Platform Initialization
112 Driver Execution Environment Core Interface Specification for
113 more details and the GUID definition). If the
114 EFI_SECURITY_POLICY_PROTOCOL_GUID exists in the handle
115 database, then, if possible, full authentication should be
116 skipped and the section contents simply returned in the
117 OutputBuffer. In this case, the
118 EFI_AUTH_STATUS_PLATFORM_OVERRIDE bit AuthenticationStatus
119 must be set on return. ExtractSection() is callable only from
120 TPL_NOTIFY and below. Behavior of ExtractSection() at any
121 EFI_TPL above TPL_NOTIFY is undefined. Type EFI_TPL is
122 defined in RaiseTPL() in the UEFI 2.0 specification.
125 @param This Indicates the
126 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL instance.
127 @param InputSection Buffer containing the input GUIDed section
128 to be processed. OutputBuffer OutputBuffer
129 is allocated from boot services pool
130 memory and contains the new section
131 stream. The caller is responsible for
133 @param OutputBuffer *OutputBuffer is allocated from boot services
134 pool memory and contains the new section stream.
135 The caller is responsible for freeing this buffer.
136 @param OutputSize A pointer to a caller-allocated UINTN in
137 which the size of OutputBuffer allocation
138 is stored. If the function returns
139 anything other than EFI_SUCCESS, the value
140 of OutputSize is undefined.
142 @param AuthenticationStatus A pointer to a caller-allocated
143 UINT32 that indicates the
144 authentication status of the
145 output buffer. If the input
147 GuidedSectionHeader.Attributes
149 EFI_GUIDED_SECTION_AUTH_STATUS_VAL
150 bit as clear, AuthenticationStatus
151 must return zero. Both local bits
152 (19:16) and aggregate bits (3:0)
153 in AuthenticationStatus are
154 returned by ExtractSection().
155 These bits reflect the status of
156 the extraction operation. The bit
157 pattern in both regions must be
158 the same, as the local and
159 aggregate authentication statuses
160 have equivalent meaning at this
161 level. If the function returns
162 anything other than EFI_SUCCESS,
163 the value of AuthenticationStatus
167 @retval EFI_SUCCESS The InputSection was successfully
168 processed and the section contents were
171 @retval EFI_OUT_OF_RESOURCES The system has insufficient
172 resources to process the
175 @retval EFI_INVALID_PARAMETER The GUID in InputSection does
176 not match this instance of the
177 GUIDed Section Extraction
183 CustomGuidedSectionExtract (
184 IN CONST EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL
*This
,
185 IN CONST VOID
*InputSection
,
186 OUT VOID
**OutputBuffer
,
187 OUT UINTN
*OutputSize
,
188 OUT UINT32
*AuthenticationStatus
194 LIST_ENTRY mStreamRoot
= INITIALIZE_LIST_HEAD_VARIABLE (mStreamRoot
);
196 EFI_HANDLE mSectionExtractionHandle
= NULL
;
198 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL mCustomGuidedSectionExtractionProtocol
= {
199 CustomGuidedSectionExtract
204 Entry point of the section extraction code. Initializes an instance of the
205 section extraction interface and installs it on a new handle.
207 @param ImageHandle A handle for the image that is initializing this driver
208 @param SystemTable A pointer to the EFI system table
210 @retval EFI_SUCCESS Driver initialized successfully
211 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources
216 InitializeSectionExtraction (
217 IN EFI_HANDLE ImageHandle
,
218 IN EFI_SYSTEM_TABLE
*SystemTable
222 EFI_GUID
*ExtractHandlerGuidTable
;
223 UINTN ExtractHandlerNumber
;
226 // Get custom extract guided section method guid list
228 ExtractHandlerNumber
= ExtractGuidedSectionGetGuidList (&ExtractHandlerGuidTable
);
230 Status
= EFI_SUCCESS
;
232 // Install custom guided extraction protocol
234 while (ExtractHandlerNumber
-- > 0) {
235 Status
= CoreInstallProtocolInterface (
236 &mSectionExtractionHandle
,
237 &ExtractHandlerGuidTable
[ExtractHandlerNumber
],
238 EFI_NATIVE_INTERFACE
,
239 &mCustomGuidedSectionExtractionProtocol
241 ASSERT_EFI_ERROR (Status
);
249 Check if a stream is valid.
251 @param SectionStream The section stream to be checked
252 @param SectionStreamLength The length of section stream
254 @return A boolean value indicating the validness of the section stream.
258 IsValidSectionStream (
259 IN VOID
*SectionStream
,
260 IN UINTN SectionStreamLength
265 EFI_COMMON_SECTION_HEADER
*SectionHeader
;
266 EFI_COMMON_SECTION_HEADER
*NextSectionHeader
;
269 SectionHeader
= (EFI_COMMON_SECTION_HEADER
*)SectionStream
;
271 while (TotalLength
< SectionStreamLength
) {
272 SectionLength
= SECTION_SIZE (SectionHeader
);
273 TotalLength
+= SectionLength
;
275 if (TotalLength
== SectionStreamLength
) {
280 // Move to the next byte following the section...
282 SectionHeader
= (EFI_COMMON_SECTION_HEADER
*) ((UINT8
*) SectionHeader
+ SectionLength
);
285 // Figure out where the next section begins
287 NextSectionHeader
= ALIGN_POINTER(SectionHeader
, 4);
288 TotalLength
+= (UINTN
) NextSectionHeader
- (UINTN
) SectionHeader
;
289 SectionHeader
= NextSectionHeader
;
298 Worker function. Constructor for section streams.
300 @param SectionStreamLength Size in bytes of the section stream.
301 @param SectionStream Buffer containing the new section stream.
302 @param AllocateBuffer Indicates whether the stream buffer is to be
303 copied or the input buffer is to be used in
304 place. AuthenticationStatus- Indicates the
305 default authentication status for the new
307 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that
308 indicates the authentication status of the
309 output buffer. If the input section's
310 GuidedSectionHeader.Attributes field
311 has the EFI_GUIDED_SECTION_AUTH_STATUS_VALID
312 bit as clear, AuthenticationStatus must return
313 zero. Both local bits (19:16) and aggregate
314 bits (3:0) in AuthenticationStatus are returned
315 by ExtractSection(). These bits reflect the
316 status of the extraction operation. The bit
317 pattern in both regions must be the same, as
318 the local and aggregate authentication statuses
319 have equivalent meaning at this level. If the
320 function returns anything other than
321 EFI_SUCCESS, the value of *AuthenticationStatus
323 @param SectionStreamHandle A pointer to a caller allocated section stream
326 @retval EFI_SUCCESS Stream was added to stream database.
327 @retval EFI_OUT_OF_RESOURCES memory allocation failed.
331 OpenSectionStreamEx (
332 IN UINTN SectionStreamLength
,
333 IN VOID
*SectionStream
,
334 IN BOOLEAN AllocateBuffer
,
335 IN UINT32 AuthenticationStatus
,
336 OUT UINTN
*SectionStreamHandle
339 CORE_SECTION_STREAM_NODE
*NewStream
;
343 // Allocate a new stream
345 NewStream
= AllocatePool (sizeof (CORE_SECTION_STREAM_NODE
));
346 if (NewStream
== NULL
) {
347 return EFI_OUT_OF_RESOURCES
;
350 if (AllocateBuffer
) {
352 // if we're here, we're double buffering, allocate the buffer and copy the
355 if (SectionStreamLength
> 0) {
356 NewStream
->StreamBuffer
= AllocatePool (SectionStreamLength
);
357 if (NewStream
->StreamBuffer
== NULL
) {
358 CoreFreePool (NewStream
);
359 return EFI_OUT_OF_RESOURCES
;
362 // Copy in stream data
364 CopyMem (NewStream
->StreamBuffer
, SectionStream
, SectionStreamLength
);
367 // It's possible to have a zero length section stream.
369 NewStream
->StreamBuffer
= NULL
;
373 // If were here, the caller has supplied the buffer (it's an internal call)
374 // so just assign the buffer. This happens when we open section streams
375 // as a result of expanding an encapsulating section.
377 NewStream
->StreamBuffer
= SectionStream
;
381 // Initialize the rest of the section stream
383 NewStream
->Signature
= CORE_SECTION_STREAM_SIGNATURE
;
384 NewStream
->StreamHandle
= (UINTN
) NewStream
;
385 NewStream
->StreamLength
= SectionStreamLength
;
386 InitializeListHead (&NewStream
->Children
);
387 NewStream
->AuthenticationStatus
= AuthenticationStatus
;
390 // Add new stream to stream list
392 OldTpl
= CoreRaiseTpl (TPL_NOTIFY
);
393 InsertTailList (&mStreamRoot
, &NewStream
->Link
);
394 CoreRestoreTpl (OldTpl
);
396 *SectionStreamHandle
= NewStream
->StreamHandle
;
403 SEP member function. This function creates and returns a new section stream
404 handle to represent the new section stream.
406 @param SectionStreamLength Size in bytes of the section stream.
407 @param SectionStream Buffer containing the new section stream.
408 @param SectionStreamHandle A pointer to a caller allocated UINTN that on
409 output contains the new section stream handle.
411 @retval EFI_SUCCESS The section stream is created successfully.
412 @retval EFI_OUT_OF_RESOURCES memory allocation failed.
413 @retval EFI_INVALID_PARAMETER Section stream does not end concident with end
420 IN UINTN SectionStreamLength
,
421 IN VOID
*SectionStream
,
422 OUT UINTN
*SectionStreamHandle
426 // Check to see section stream looks good...
428 if (!IsValidSectionStream (SectionStream
, SectionStreamLength
)) {
429 return EFI_INVALID_PARAMETER
;
432 return OpenSectionStreamEx (
444 Worker function. Determine if the input stream:child matches the input type.
446 @param Stream Indicates the section stream associated with the
448 @param Child Indicates the child to check
449 @param SearchType Indicates the type of section to check against
451 @param SectionDefinitionGuid Indicates the GUID to check against if the type
452 is EFI_SECTION_GUID_DEFINED
454 @retval TRUE The child matches
455 @retval FALSE The child doesn't match
460 IN CORE_SECTION_STREAM_NODE
*Stream
,
461 IN CORE_SECTION_CHILD_NODE
*Child
,
462 IN EFI_SECTION_TYPE SearchType
,
463 IN EFI_GUID
*SectionDefinitionGuid
466 EFI_GUID_DEFINED_SECTION
*GuidedSection
;
468 if (SearchType
== EFI_SECTION_ALL
) {
471 if (Child
->Type
!= SearchType
) {
474 if ((SearchType
!= EFI_SECTION_GUID_DEFINED
) || (SectionDefinitionGuid
== NULL
)) {
477 GuidedSection
= (EFI_GUID_DEFINED_SECTION
* )(Stream
->StreamBuffer
+ Child
->OffsetInStream
);
478 return CompareGuid (&GuidedSection
->SectionDefinitionGuid
, SectionDefinitionGuid
);
483 Worker function. Constructor for new child nodes.
485 @param Stream Indicates the section stream in which to add the
487 @param ChildOffset Indicates the offset in Stream that is the
488 beginning of the child section.
489 @param ChildNode Indicates the Callee allocated and initialized
492 @retval EFI_SUCCESS Child node was found and returned.
493 EFI_OUT_OF_RESOURCES- Memory allocation failed.
494 @retval EFI_PROTOCOL_ERROR Encapsulation sections produce new stream
495 handles when the child node is created. If the
496 section type is GUID defined, and the extraction
497 GUID does not exist, and producing the stream
498 requires the GUID, then a protocol error is
499 generated and no child is produced. Values
500 returned by OpenSectionStreamEx.
505 IN CORE_SECTION_STREAM_NODE
*Stream
,
506 IN UINT32 ChildOffset
,
507 OUT CORE_SECTION_CHILD_NODE
**ChildNode
511 EFI_COMMON_SECTION_HEADER
*SectionHeader
;
512 EFI_COMPRESSION_SECTION
*CompressionHeader
;
513 EFI_GUID_DEFINED_SECTION
*GuidedHeader
;
514 EFI_DECOMPRESS_PROTOCOL
*Decompress
;
515 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL
*GuidedExtraction
;
516 VOID
*NewStreamBuffer
;
519 UINTN NewStreamBufferSize
;
520 UINT32 AuthenticationStatus
;
521 UINT32 SectionLength
;
523 CORE_SECTION_CHILD_NODE
*Node
;
525 SectionHeader
= (EFI_COMMON_SECTION_HEADER
*) (Stream
->StreamBuffer
+ ChildOffset
);
528 // Allocate a new node
530 *ChildNode
= AllocatePool (sizeof (CORE_SECTION_CHILD_NODE
));
533 return EFI_OUT_OF_RESOURCES
;
539 Node
->Signature
= CORE_SECTION_CHILD_SIGNATURE
;
540 Node
->Type
= SectionHeader
->Type
;
541 Node
->Size
= SECTION_SIZE (SectionHeader
);
542 Node
->OffsetInStream
= ChildOffset
;
543 Node
->EncapsulatedStreamHandle
= NULL_STREAM_HANDLE
;
544 Node
->EncapsulationGuid
= NULL
;
547 // If it's an encapsulating section, then create the new section stream also
549 switch (Node
->Type
) {
550 case EFI_SECTION_COMPRESSION
:
552 // Get the CompressionSectionHeader
554 ASSERT (Node
->Size
>= sizeof (EFI_COMPRESSION_SECTION
));
556 CompressionHeader
= (EFI_COMPRESSION_SECTION
*) SectionHeader
;
559 // Allocate space for the new stream
561 if (CompressionHeader
->UncompressedLength
> 0) {
562 NewStreamBufferSize
= CompressionHeader
->UncompressedLength
;
563 NewStreamBuffer
= AllocatePool (NewStreamBufferSize
);
564 if (NewStreamBuffer
== NULL
) {
566 return EFI_OUT_OF_RESOURCES
;
569 if (CompressionHeader
->CompressionType
== EFI_NOT_COMPRESSED
) {
571 // stream is not actually compressed, just encapsulated. So just copy it.
573 CopyMem (NewStreamBuffer
, CompressionHeader
+ 1, NewStreamBufferSize
);
574 } else if (CompressionHeader
->CompressionType
== EFI_STANDARD_COMPRESSION
) {
576 // Only support the EFI_SATNDARD_COMPRESSION algorithm.
580 // Decompress the stream
582 Status
= CoreLocateProtocol (&gEfiDecompressProtocolGuid
, NULL
, (VOID
**)&Decompress
);
583 ASSERT_EFI_ERROR (Status
);
584 ASSERT (Decompress
!= NULL
);
586 Status
= Decompress
->GetInfo (
588 CompressionHeader
+ 1,
589 Node
->Size
- sizeof (EFI_COMPRESSION_SECTION
),
590 (UINT32
*)&NewStreamBufferSize
,
593 ASSERT_EFI_ERROR (Status
);
594 ASSERT (NewStreamBufferSize
== CompressionHeader
->UncompressedLength
);
596 ScratchBuffer
= AllocatePool (ScratchSize
);
597 if (ScratchBuffer
== NULL
) {
599 CoreFreePool (NewStreamBuffer
);
600 return EFI_OUT_OF_RESOURCES
;
603 Status
= Decompress
->Decompress (
605 CompressionHeader
+ 1,
606 Node
->Size
- sizeof (EFI_COMPRESSION_SECTION
),
608 (UINT32
)NewStreamBufferSize
,
612 ASSERT_EFI_ERROR (Status
);
613 CoreFreePool (ScratchBuffer
);
616 NewStreamBuffer
= NULL
;
617 NewStreamBufferSize
= 0;
620 Status
= OpenSectionStreamEx (
624 Stream
->AuthenticationStatus
,
625 &Node
->EncapsulatedStreamHandle
627 if (EFI_ERROR (Status
)) {
629 CoreFreePool (NewStreamBuffer
);
634 case EFI_SECTION_GUID_DEFINED
:
635 GuidedHeader
= (EFI_GUID_DEFINED_SECTION
*) SectionHeader
;
636 Node
->EncapsulationGuid
= &GuidedHeader
->SectionDefinitionGuid
;
637 Status
= CoreLocateProtocol (Node
->EncapsulationGuid
, NULL
, (VOID
**)&GuidedExtraction
);
638 if (!EFI_ERROR (Status
) && GuidedExtraction
!= NULL
) {
640 // NewStreamBuffer is always allocated by ExtractSection... No caller
643 Status
= GuidedExtraction
->ExtractSection (
647 &NewStreamBufferSize
,
648 &AuthenticationStatus
650 if (EFI_ERROR (Status
)) {
651 CoreFreePool (*ChildNode
);
652 return EFI_PROTOCOL_ERROR
;
656 // Make sure we initialize the new stream with the correct
657 // authentication status for both aggregate and local status fields.
659 if ((GuidedHeader
->Attributes
& EFI_GUIDED_SECTION_AUTH_STATUS_VALID
) != 0) {
661 // OR in the parent stream's aggregate status.
663 AuthenticationStatus
|= Stream
->AuthenticationStatus
& EFI_AUTH_STATUS_ALL
;
666 // since there's no authentication data contributed by the section,
667 // just inherit the full value from our immediate parent.
669 AuthenticationStatus
= Stream
->AuthenticationStatus
;
672 Status
= OpenSectionStreamEx (
676 AuthenticationStatus
,
677 &Node
->EncapsulatedStreamHandle
679 if (EFI_ERROR (Status
)) {
680 CoreFreePool (*ChildNode
);
681 CoreFreePool (NewStreamBuffer
);
686 // There's no GUIDed section extraction protocol available.
688 if ((GuidedHeader
->Attributes
& EFI_GUIDED_SECTION_PROCESSING_REQUIRED
) != 0) {
690 // If the section REQUIRES an extraction protocol, then we're toast
692 CoreFreePool (*ChildNode
);
693 return EFI_PROTOCOL_ERROR
;
697 // Figure out the proper authentication status
699 AuthenticationStatus
= Stream
->AuthenticationStatus
;
701 SectionLength
= SECTION_SIZE (GuidedHeader
);
702 Status
= OpenSectionStreamEx (
703 SectionLength
- GuidedHeader
->DataOffset
,
704 (UINT8
*) GuidedHeader
+ GuidedHeader
->DataOffset
,
706 AuthenticationStatus
,
707 &Node
->EncapsulatedStreamHandle
709 if (EFI_ERROR (Status
)) {
720 // Nothing to do if it's a leaf
726 // Last, add the new child node to the stream
728 InsertTailList (&Stream
->Children
, &Node
->Link
);
735 Worker function Recursively searches / builds section stream database
736 looking for requested section.
738 @param SourceStream Indicates the section stream in which to do the
740 @param SearchType Indicates the type of section to search for.
741 @param SectionInstance Indicates which instance of section to find.
742 This is an in/out parameter to deal with
744 @param SectionDefinitionGuid Guid of section definition
745 @param FoundChild Output indicating the child node that is found.
746 @param FoundStream Output indicating which section stream the child
747 was found in. If this stream was generated as a
748 result of an encapsulation section, the
749 streamhandle is visible within the SEP driver
751 @param AuthenticationStatus Indicates the authentication status of the found section.
753 @retval EFI_SUCCESS Child node was found and returned.
754 EFI_OUT_OF_RESOURCES- Memory allocation failed.
755 @retval EFI_NOT_FOUND Requested child node does not exist.
756 @retval EFI_PROTOCOL_ERROR a required GUIDED section extraction protocol
762 IN CORE_SECTION_STREAM_NODE
*SourceStream
,
763 IN EFI_SECTION_TYPE SearchType
,
764 IN OUT UINTN
*SectionInstance
,
765 IN EFI_GUID
*SectionDefinitionGuid
,
766 OUT CORE_SECTION_CHILD_NODE
**FoundChild
,
767 OUT CORE_SECTION_STREAM_NODE
**FoundStream
,
768 OUT UINT32
*AuthenticationStatus
771 CORE_SECTION_CHILD_NODE
*CurrentChildNode
;
772 CORE_SECTION_CHILD_NODE
*RecursedChildNode
;
773 CORE_SECTION_STREAM_NODE
*RecursedFoundStream
;
774 UINT32 NextChildOffset
;
775 EFI_STATUS ErrorStatus
;
778 CurrentChildNode
= NULL
;
779 ErrorStatus
= EFI_NOT_FOUND
;
781 if (SourceStream
->StreamLength
== 0) {
782 return EFI_NOT_FOUND
;
785 if (IsListEmpty (&SourceStream
->Children
) &&
786 SourceStream
->StreamLength
>= sizeof (EFI_COMMON_SECTION_HEADER
)) {
788 // This occurs when a section stream exists, but no child sections
789 // have been parsed out yet. Therefore, extract the first child and add it
790 // to the list of children so we can get started.
791 // Section stream may contain an array of zero or more bytes.
792 // So, its size should be >= the size of commen section header.
794 Status
= CreateChildNode (SourceStream
, 0, &CurrentChildNode
);
795 if (EFI_ERROR (Status
)) {
801 // At least one child has been parsed out of the section stream. So, walk
802 // through the sections that have already been parsed out looking for the
803 // requested section, if necessary, continue parsing section stream and
804 // adding children until either the requested section is found, or we run
807 CurrentChildNode
= CHILD_SECTION_NODE_FROM_LINK (GetFirstNode(&SourceStream
->Children
));
810 ASSERT (CurrentChildNode
!= NULL
);
811 if (ChildIsType (SourceStream
, CurrentChildNode
, SearchType
, SectionDefinitionGuid
)) {
813 // The type matches, so check the instance count to see if it's the one we want
815 (*SectionInstance
)--;
816 if (*SectionInstance
== 0) {
820 *FoundChild
= CurrentChildNode
;
821 *FoundStream
= SourceStream
;
822 *AuthenticationStatus
= SourceStream
->AuthenticationStatus
;
827 if (CurrentChildNode
->EncapsulatedStreamHandle
!= NULL_STREAM_HANDLE
) {
829 // If the current node is an encapsulating node, recurse into it...
831 Status
= FindChildNode (
832 (CORE_SECTION_STREAM_NODE
*)CurrentChildNode
->EncapsulatedStreamHandle
,
835 SectionDefinitionGuid
,
837 &RecursedFoundStream
,
841 // If the status is not EFI_SUCCESS, just save the error code and continue
842 // to find the request child node in the rest stream.
844 if (*SectionInstance
== 0) {
845 ASSERT_EFI_ERROR (Status
);
846 *FoundChild
= RecursedChildNode
;
847 *FoundStream
= RecursedFoundStream
;
850 ErrorStatus
= Status
;
854 if (!IsNodeAtEnd (&SourceStream
->Children
, &CurrentChildNode
->Link
)) {
856 // We haven't found the child node we're interested in yet, but there's
857 // still more nodes that have already been parsed so get the next one
858 // and continue searching..
860 CurrentChildNode
= CHILD_SECTION_NODE_FROM_LINK (GetNextNode (&SourceStream
->Children
, &CurrentChildNode
->Link
));
863 // We've exhausted children that have already been parsed, so see if
864 // there's any more data and continue parsing out more children if there
867 NextChildOffset
= CurrentChildNode
->OffsetInStream
+ CurrentChildNode
->Size
;
869 // Round up to 4 byte boundary
871 NextChildOffset
+= 3;
872 NextChildOffset
&= ~(UINTN
) 3;
873 if (NextChildOffset
<= SourceStream
->StreamLength
- sizeof (EFI_COMMON_SECTION_HEADER
)) {
875 // There's an unparsed child remaining in the stream, so create a new child node
877 Status
= CreateChildNode (SourceStream
, NextChildOffset
, &CurrentChildNode
);
878 if (EFI_ERROR (Status
)) {
882 ASSERT (EFI_ERROR (ErrorStatus
));
891 Worker function. Search stream database for requested stream handle.
893 @param SearchHandle Indicates which stream to look for.
894 @param FoundStream Output pointer to the found stream.
896 @retval EFI_SUCCESS StreamHandle was found and *FoundStream contains
898 @retval EFI_NOT_FOUND SearchHandle was not found in the stream
904 IN UINTN SearchHandle
,
905 OUT CORE_SECTION_STREAM_NODE
**FoundStream
908 CORE_SECTION_STREAM_NODE
*StreamNode
;
910 if (!IsListEmpty (&mStreamRoot
)) {
911 StreamNode
= STREAM_NODE_FROM_LINK (GetFirstNode (&mStreamRoot
));
913 if (StreamNode
->StreamHandle
== SearchHandle
) {
914 *FoundStream
= StreamNode
;
916 } else if (IsNodeAtEnd (&mStreamRoot
, &StreamNode
->Link
)) {
919 StreamNode
= STREAM_NODE_FROM_LINK (GetNextNode (&mStreamRoot
, &StreamNode
->Link
));
924 return EFI_NOT_FOUND
;
929 SEP member function. Retrieves requested section from section stream.
931 @param SectionStreamHandle The section stream from which to extract the
933 @param SectionType A pointer to the type of section to search for.
934 @param SectionDefinitionGuid If the section type is EFI_SECTION_GUID_DEFINED,
935 then SectionDefinitionGuid indicates which of
936 these types of sections to search for.
937 @param SectionInstance Indicates which instance of the requested
939 @param Buffer Double indirection to buffer. If *Buffer is
940 non-null on input, then the buffer is caller
941 allocated. If Buffer is NULL, then the buffer
942 is callee allocated. In either case, the
943 requried buffer size is returned in *BufferSize.
944 @param BufferSize On input, indicates the size of *Buffer if
945 *Buffer is non-null on input. On output,
946 indicates the required size (allocated size if
947 callee allocated) of *Buffer.
948 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that
949 indicates the authentication status of the
950 output buffer. If the input section's
951 GuidedSectionHeader.Attributes field
952 has the EFI_GUIDED_SECTION_AUTH_STATUS_VALID
953 bit as clear, AuthenticationStatus must return
954 zero. Both local bits (19:16) and aggregate
955 bits (3:0) in AuthenticationStatus are returned
956 by ExtractSection(). These bits reflect the
957 status of the extraction operation. The bit
958 pattern in both regions must be the same, as
959 the local and aggregate authentication statuses
960 have equivalent meaning at this level. If the
961 function returns anything other than
962 EFI_SUCCESS, the value of *AuthenticationStatus
965 @retval EFI_SUCCESS Section was retrieved successfully
966 @retval EFI_PROTOCOL_ERROR A GUID defined section was encountered in the
967 section stream with its
968 EFI_GUIDED_SECTION_PROCESSING_REQUIRED bit set,
969 but there was no corresponding GUIDed Section
970 Extraction Protocol in the handle database.
971 *Buffer is unmodified.
972 @retval EFI_NOT_FOUND An error was encountered when parsing the
973 SectionStream. This indicates the SectionStream
974 is not correctly formatted.
975 @retval EFI_NOT_FOUND The requested section does not exist.
976 @retval EFI_OUT_OF_RESOURCES The system has insufficient resources to process
978 @retval EFI_INVALID_PARAMETER The SectionStreamHandle does not exist.
979 @retval EFI_WARN_TOO_SMALL The size of the caller allocated input buffer is
980 insufficient to contain the requested section.
981 The input buffer is filled and section contents
988 IN UINTN SectionStreamHandle
,
989 IN EFI_SECTION_TYPE
*SectionType
,
990 IN EFI_GUID
*SectionDefinitionGuid
,
991 IN UINTN SectionInstance
,
993 IN OUT UINTN
*BufferSize
,
994 OUT UINT32
*AuthenticationStatus
997 CORE_SECTION_STREAM_NODE
*StreamNode
;
1000 CORE_SECTION_CHILD_NODE
*ChildNode
;
1001 CORE_SECTION_STREAM_NODE
*ChildStreamNode
;
1003 UINT32 ExtractedAuthenticationStatus
;
1009 OldTpl
= CoreRaiseTpl (TPL_NOTIFY
);
1010 Instance
= SectionInstance
+ 1;
1013 // Locate target stream
1015 Status
= FindStreamNode (SectionStreamHandle
, &StreamNode
);
1016 if (EFI_ERROR (Status
)) {
1017 Status
= EFI_INVALID_PARAMETER
;
1018 goto GetSection_Done
;
1022 // Found the stream, now locate and return the appropriate section
1024 if (SectionType
== NULL
) {
1026 // SectionType == NULL means return the WHOLE section stream...
1028 CopySize
= StreamNode
->StreamLength
;
1029 CopyBuffer
= StreamNode
->StreamBuffer
;
1030 *AuthenticationStatus
= StreamNode
->AuthenticationStatus
;
1033 // There's a requested section type, so go find it and return it...
1035 Status
= FindChildNode (
1039 SectionDefinitionGuid
,
1042 &ExtractedAuthenticationStatus
1044 if (EFI_ERROR (Status
)) {
1045 goto GetSection_Done
;
1047 CopySize
= ChildNode
->Size
- sizeof (EFI_COMMON_SECTION_HEADER
);
1048 CopyBuffer
= ChildStreamNode
->StreamBuffer
+ ChildNode
->OffsetInStream
+ sizeof (EFI_COMMON_SECTION_HEADER
);
1049 *AuthenticationStatus
= ExtractedAuthenticationStatus
;
1052 SectionSize
= CopySize
;
1053 if (*Buffer
!= NULL
) {
1055 // Caller allocated buffer. Fill to size and return required size...
1057 if (*BufferSize
< CopySize
) {
1058 Status
= EFI_WARN_BUFFER_TOO_SMALL
;
1059 CopySize
= *BufferSize
;
1063 // Callee allocated buffer. Allocate buffer and return size.
1065 *Buffer
= AllocatePool (CopySize
);
1066 if (*Buffer
== NULL
) {
1067 Status
= EFI_OUT_OF_RESOURCES
;
1068 goto GetSection_Done
;
1071 CopyMem (*Buffer
, CopyBuffer
, CopySize
);
1072 *BufferSize
= SectionSize
;
1075 CoreRestoreTpl (OldTpl
);
1082 Worker function. Destructor for child nodes.
1084 @param ChildNode Indicates the node to destroy
1089 IN CORE_SECTION_CHILD_NODE
*ChildNode
1092 ASSERT (ChildNode
->Signature
== CORE_SECTION_CHILD_SIGNATURE
);
1094 // Remove the child from it's list
1096 RemoveEntryList (&ChildNode
->Link
);
1098 if (ChildNode
->EncapsulatedStreamHandle
!= NULL_STREAM_HANDLE
) {
1100 // If it's an encapsulating section, we close the resulting section stream.
1101 // CloseSectionStream will free all memory associated with the stream.
1103 CloseSectionStream (ChildNode
->EncapsulatedStreamHandle
);
1106 // Last, free the child node itself
1108 CoreFreePool (ChildNode
);
1113 SEP member function. Deletes an existing section stream
1115 @param StreamHandleToClose Indicates the stream to close
1117 @retval EFI_SUCCESS The section stream is closed sucessfully.
1118 @retval EFI_OUT_OF_RESOURCES Memory allocation failed.
1119 @retval EFI_INVALID_PARAMETER Section stream does not end concident with end
1125 CloseSectionStream (
1126 IN UINTN StreamHandleToClose
1129 CORE_SECTION_STREAM_NODE
*StreamNode
;
1133 CORE_SECTION_CHILD_NODE
*ChildNode
;
1135 OldTpl
= CoreRaiseTpl (TPL_NOTIFY
);
1138 // Locate target stream
1140 Status
= FindStreamNode (StreamHandleToClose
, &StreamNode
);
1141 if (!EFI_ERROR (Status
)) {
1143 // Found the stream, so close it
1145 RemoveEntryList (&StreamNode
->Link
);
1146 while (!IsListEmpty (&StreamNode
->Children
)) {
1147 Link
= GetFirstNode (&StreamNode
->Children
);
1148 ChildNode
= CHILD_SECTION_NODE_FROM_LINK (Link
);
1149 FreeChildNode (ChildNode
);
1151 CoreFreePool (StreamNode
->StreamBuffer
);
1152 CoreFreePool (StreamNode
);
1153 Status
= EFI_SUCCESS
;
1155 Status
= EFI_INVALID_PARAMETER
;
1158 CoreRestoreTpl (OldTpl
);
1164 The ExtractSection() function processes the input section and
1165 allocates a buffer from the pool in which it returns the section
1166 contents. If the section being extracted contains
1167 authentication information (the section's
1168 GuidedSectionHeader.Attributes field has the
1169 EFI_GUIDED_SECTION_AUTH_STATUS_VALID bit set), the values
1170 returned in AuthenticationStatus must reflect the results of
1171 the authentication operation. Depending on the algorithm and
1172 size of the encapsulated data, the time that is required to do
1173 a full authentication may be prohibitively long for some
1174 classes of systems. To indicate this, use
1175 EFI_SECURITY_POLICY_PROTOCOL_GUID, which may be published by
1176 the security policy driver (see the Platform Initialization
1177 Driver Execution Environment Core Interface Specification for
1178 more details and the GUID definition). If the
1179 EFI_SECURITY_POLICY_PROTOCOL_GUID exists in the handle
1180 database, then, if possible, full authentication should be
1181 skipped and the section contents simply returned in the
1182 OutputBuffer. In this case, the
1183 EFI_AUTH_STATUS_PLATFORM_OVERRIDE bit AuthenticationStatus
1184 must be set on return. ExtractSection() is callable only from
1185 TPL_NOTIFY and below. Behavior of ExtractSection() at any
1186 EFI_TPL above TPL_NOTIFY is undefined. Type EFI_TPL is
1187 defined in RaiseTPL() in the UEFI 2.0 specification.
1190 @param This Indicates the
1191 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL instance.
1192 @param InputSection Buffer containing the input GUIDed section
1193 to be processed. OutputBuffer OutputBuffer
1194 is allocated from boot services pool
1195 memory and contains the new section
1196 stream. The caller is responsible for
1197 freeing this buffer.
1198 @param OutputBuffer *OutputBuffer is allocated from boot services
1199 pool memory and contains the new section stream.
1200 The caller is responsible for freeing this buffer.
1201 @param OutputSize A pointer to a caller-allocated UINTN in
1202 which the size of OutputBuffer allocation
1203 is stored. If the function returns
1204 anything other than EFI_SUCCESS, the value
1205 of OutputSize is undefined.
1207 @param AuthenticationStatus A pointer to a caller-allocated
1208 UINT32 that indicates the
1209 authentication status of the
1210 output buffer. If the input
1212 GuidedSectionHeader.Attributes
1214 EFI_GUIDED_SECTION_AUTH_STATUS_VAL
1215 bit as clear, AuthenticationStatus
1216 must return zero. Both local bits
1217 (19:16) and aggregate bits (3:0)
1218 in AuthenticationStatus are
1219 returned by ExtractSection().
1220 These bits reflect the status of
1221 the extraction operation. The bit
1222 pattern in both regions must be
1223 the same, as the local and
1224 aggregate authentication statuses
1225 have equivalent meaning at this
1226 level. If the function returns
1227 anything other than EFI_SUCCESS,
1228 the value of AuthenticationStatus
1232 @retval EFI_SUCCESS The InputSection was successfully
1233 processed and the section contents were
1236 @retval EFI_OUT_OF_RESOURCES The system has insufficient
1237 resources to process the
1240 @retval EFI_INVALID_PARAMETER The GUID in InputSection does
1241 not match this instance of the
1242 GUIDed Section Extraction
1248 CustomGuidedSectionExtract (
1249 IN CONST EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL
*This
,
1250 IN CONST VOID
*InputSection
,
1251 OUT VOID
**OutputBuffer
,
1252 OUT UINTN
*OutputSize
,
1253 OUT UINT32
*AuthenticationStatus
1257 VOID
*ScratchBuffer
;
1258 VOID
*AllocatedOutputBuffer
;
1259 UINT32 OutputBufferSize
;
1260 UINT32 ScratchBufferSize
;
1261 UINT16 SectionAttribute
;
1264 // Init local variable
1266 ScratchBuffer
= NULL
;
1267 AllocatedOutputBuffer
= NULL
;
1270 // Call GetInfo to get the size and attribute of input guided section data.
1272 Status
= ExtractGuidedSectionGetInfo (
1279 if (EFI_ERROR (Status
)) {
1280 DEBUG ((DEBUG_ERROR
, "GetInfo from guided section Failed - %r\n", Status
));
1284 if (ScratchBufferSize
> 0) {
1286 // Allocate scratch buffer
1288 ScratchBuffer
= AllocatePool (ScratchBufferSize
);
1289 if (ScratchBuffer
== NULL
) {
1290 return EFI_OUT_OF_RESOURCES
;
1294 if (OutputBufferSize
> 0) {
1296 // Allocate output buffer
1298 AllocatedOutputBuffer
= AllocatePool (OutputBufferSize
);
1299 if (AllocatedOutputBuffer
== NULL
) {
1300 FreePool (ScratchBuffer
);
1301 return EFI_OUT_OF_RESOURCES
;
1303 *OutputBuffer
= AllocatedOutputBuffer
;
1307 // Call decode function to extract raw data from the guided section.
1309 Status
= ExtractGuidedSectionDecode (
1313 AuthenticationStatus
1315 if (EFI_ERROR (Status
)) {
1319 if (AllocatedOutputBuffer
!= NULL
) {
1320 CoreFreePool (AllocatedOutputBuffer
);
1322 if (ScratchBuffer
!= NULL
) {
1323 CoreFreePool (ScratchBuffer
);
1325 DEBUG ((DEBUG_ERROR
, "Extract guided section Failed - %r\n", Status
));
1329 if (*OutputBuffer
!= AllocatedOutputBuffer
) {
1331 // OutputBuffer was returned as a different value,
1332 // so copy section contents to the allocated memory buffer.
1334 CopyMem (AllocatedOutputBuffer
, *OutputBuffer
, OutputBufferSize
);
1335 *OutputBuffer
= AllocatedOutputBuffer
;
1339 // Set real size of output buffer.
1341 *OutputSize
= (UINTN
) OutputBufferSize
;
1344 // Free unused scratch buffer.
1346 if (ScratchBuffer
!= NULL
) {
1347 CoreFreePool (ScratchBuffer
);