]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add assertion to ensure pointer dereference has been checked against NULL pointer.
[mirror_edk2.git] / MdeModulePkg / Core / Dxe / SectionExtraction / CoreSectionExtraction.c
1 /** @file
2 Section Extraction Protocol implementation.
3
4 Stream database is implemented as a linked list of section streams,
5 where each stream contains a linked list of children, which may be leaves or
6 encapsulations.
7
8 Children that are encapsulations generate new stream entries
9 when they are created. Streams can also be created by calls to
10 SEP->OpenSectionStream().
11
12 The database is only created far enough to return the requested data from
13 any given stream, or to determine that the requested data is not found.
14
15 If a GUIDed encapsulation is encountered, there are three possiblilites.
16
17 1) A support protocol is found, in which the stream is simply processed with
18 the support protocol.
19
20 2) A support protocol is not found, but the data is available to be read
21 without processing. In this case, the database is built up through the
22 recursions to return the data, and a RPN event is set that will enable
23 the stream in question to be refreshed if and when the required section
24 extraction protocol is published.This insures the AuthenticationStatus
25 does not become stale in the cache.
26
27 3) A support protocol is not found, and the data is not available to be read
28 without it. This results in EFI_PROTOCOL_ERROR.
29
30 Copyright (c) 2006 - 2008, Intel Corporation. <BR>
31 All rights reserved. This program and the accompanying materials
32 are licensed and made available under the terms and conditions of the BSD License
33 which accompanies this distribution. The full text of the license may be found at
34 http://opensource.org/licenses/bsd-license.php
35
36 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
37 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
38
39 **/
40
41 #include "DxeMain.h"
42
43 //
44 // Local defines and typedefs
45 //
46 #define CORE_SECTION_CHILD_SIGNATURE SIGNATURE_32('S','X','C','S')
47 #define CHILD_SECTION_NODE_FROM_LINK(Node) \
48 CR (Node, CORE_SECTION_CHILD_NODE, Link, CORE_SECTION_CHILD_SIGNATURE)
49
50 typedef struct {
51 UINT32 Signature;
52 LIST_ENTRY Link;
53 UINT32 Type;
54 UINT32 Size;
55 //
56 // StreamBase + OffsetInStream == pointer to section header in stream. The
57 // stream base is always known when walking the sections within.
58 //
59 UINT32 OffsetInStream;
60 //
61 // Then EncapsulatedStreamHandle below is always 0 if the section is NOT an
62 // encapsulating section. Otherwise, it contains the stream handle
63 // of the encapsulated stream. This handle is ALWAYS produced any time an
64 // encapsulating child is encountered, irrespective of whether the
65 // encapsulated stream is processed further.
66 //
67 UINTN EncapsulatedStreamHandle;
68 EFI_GUID *EncapsulationGuid;
69 } CORE_SECTION_CHILD_NODE;
70
71 #define CORE_SECTION_STREAM_SIGNATURE SIGNATURE_32('S','X','S','S')
72 #define STREAM_NODE_FROM_LINK(Node) \
73 CR (Node, CORE_SECTION_STREAM_NODE, Link, CORE_SECTION_STREAM_SIGNATURE)
74
75 typedef struct {
76 UINT32 Signature;
77 LIST_ENTRY Link;
78 UINTN StreamHandle;
79 UINT8 *StreamBuffer;
80 UINTN StreamLength;
81 LIST_ENTRY Children;
82 //
83 // Authentication status is from GUIDed encapsulations.
84 //
85 UINT32 AuthenticationStatus;
86 } CORE_SECTION_STREAM_NODE;
87
88 #define NULL_STREAM_HANDLE 0
89
90 typedef struct {
91 CORE_SECTION_CHILD_NODE *ChildNode;
92 CORE_SECTION_STREAM_NODE *ParentStream;
93 VOID *Registration;
94 EFI_EVENT Event;
95 } RPN_EVENT_CONTEXT;
96
97
98 /**
99 The ExtractSection() function processes the input section and
100 allocates a buffer from the pool in which it returns the section
101 contents. If the section being extracted contains
102 authentication information (the section's
103 GuidedSectionHeader.Attributes field has the
104 EFI_GUIDED_SECTION_AUTH_STATUS_VALID bit set), the values
105 returned in AuthenticationStatus must reflect the results of
106 the authentication operation. Depending on the algorithm and
107 size of the encapsulated data, the time that is required to do
108 a full authentication may be prohibitively long for some
109 classes of systems. To indicate this, use
110 EFI_SECURITY_POLICY_PROTOCOL_GUID, which may be published by
111 the security policy driver (see the Platform Initialization
112 Driver Execution Environment Core Interface Specification for
113 more details and the GUID definition). If the
114 EFI_SECURITY_POLICY_PROTOCOL_GUID exists in the handle
115 database, then, if possible, full authentication should be
116 skipped and the section contents simply returned in the
117 OutputBuffer. In this case, the
118 EFI_AUTH_STATUS_PLATFORM_OVERRIDE bit AuthenticationStatus
119 must be set on return. ExtractSection() is callable only from
120 TPL_NOTIFY and below. Behavior of ExtractSection() at any
121 EFI_TPL above TPL_NOTIFY is undefined. Type EFI_TPL is
122 defined in RaiseTPL() in the UEFI 2.0 specification.
123
124
125 @param This Indicates the
126 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL instance.
127 @param InputSection Buffer containing the input GUIDed section
128 to be processed. OutputBuffer OutputBuffer
129 is allocated from boot services pool
130 memory and contains the new section
131 stream. The caller is responsible for
132 freeing this buffer.
133 @param OutputBuffer *OutputBuffer is allocated from boot services
134 pool memory and contains the new section stream.
135 The caller is responsible for freeing this buffer.
136 @param OutputSize A pointer to a caller-allocated UINTN in
137 which the size of OutputBuffer allocation
138 is stored. If the function returns
139 anything other than EFI_SUCCESS, the value
140 of OutputSize is undefined.
141
142 @param AuthenticationStatus A pointer to a caller-allocated
143 UINT32 that indicates the
144 authentication status of the
145 output buffer. If the input
146 section's
147 GuidedSectionHeader.Attributes
148 field has the
149 EFI_GUIDED_SECTION_AUTH_STATUS_VAL
150 bit as clear, AuthenticationStatus
151 must return zero. Both local bits
152 (19:16) and aggregate bits (3:0)
153 in AuthenticationStatus are
154 returned by ExtractSection().
155 These bits reflect the status of
156 the extraction operation. The bit
157 pattern in both regions must be
158 the same, as the local and
159 aggregate authentication statuses
160 have equivalent meaning at this
161 level. If the function returns
162 anything other than EFI_SUCCESS,
163 the value of AuthenticationStatus
164 is undefined.
165
166
167 @retval EFI_SUCCESS The InputSection was successfully
168 processed and the section contents were
169 returned.
170
171 @retval EFI_OUT_OF_RESOURCES The system has insufficient
172 resources to process the
173 request.
174
175 @retval EFI_INVALID_PARAMETER The GUID in InputSection does
176 not match this instance of the
177 GUIDed Section Extraction
178 Protocol.
179
180 **/
181 EFI_STATUS
182 EFIAPI
183 CustomGuidedSectionExtract (
184 IN CONST EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL *This,
185 IN CONST VOID *InputSection,
186 OUT VOID **OutputBuffer,
187 OUT UINTN *OutputSize,
188 OUT UINT32 *AuthenticationStatus
189 );
190
191 //
192 // Module globals
193 //
194 LIST_ENTRY mStreamRoot = INITIALIZE_LIST_HEAD_VARIABLE (mStreamRoot);
195
196 EFI_HANDLE mSectionExtractionHandle = NULL;
197
198 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL mCustomGuidedSectionExtractionProtocol = {
199 CustomGuidedSectionExtract
200 };
201
202
203 /**
204 Entry point of the section extraction code. Initializes an instance of the
205 section extraction interface and installs it on a new handle.
206
207 @param ImageHandle A handle for the image that is initializing this driver
208 @param SystemTable A pointer to the EFI system table
209
210 @retval EFI_SUCCESS Driver initialized successfully
211 @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources
212
213 **/
214 EFI_STATUS
215 EFIAPI
216 InitializeSectionExtraction (
217 IN EFI_HANDLE ImageHandle,
218 IN EFI_SYSTEM_TABLE *SystemTable
219 )
220 {
221 EFI_STATUS Status;
222 EFI_GUID *ExtractHandlerGuidTable;
223 UINTN ExtractHandlerNumber;
224
225 //
226 // Get custom extract guided section method guid list
227 //
228 ExtractHandlerNumber = ExtractGuidedSectionGetGuidList (&ExtractHandlerGuidTable);
229
230 Status = EFI_SUCCESS;
231 //
232 // Install custom guided extraction protocol
233 //
234 while (ExtractHandlerNumber-- > 0) {
235 Status = CoreInstallProtocolInterface (
236 &mSectionExtractionHandle,
237 &ExtractHandlerGuidTable [ExtractHandlerNumber],
238 EFI_NATIVE_INTERFACE,
239 &mCustomGuidedSectionExtractionProtocol
240 );
241 ASSERT_EFI_ERROR (Status);
242 }
243
244 return Status;
245 }
246
247
248 /**
249 Check if a stream is valid.
250
251 @param SectionStream The section stream to be checked
252 @param SectionStreamLength The length of section stream
253
254 @return A boolean value indicating the validness of the section stream.
255
256 **/
257 BOOLEAN
258 IsValidSectionStream (
259 IN VOID *SectionStream,
260 IN UINTN SectionStreamLength
261 )
262 {
263 UINTN TotalLength;
264 UINTN SectionLength;
265 EFI_COMMON_SECTION_HEADER *SectionHeader;
266 EFI_COMMON_SECTION_HEADER *NextSectionHeader;
267
268 TotalLength = 0;
269 SectionHeader = (EFI_COMMON_SECTION_HEADER *)SectionStream;
270
271 while (TotalLength < SectionStreamLength) {
272 SectionLength = SECTION_SIZE (SectionHeader);
273 TotalLength += SectionLength;
274
275 if (TotalLength == SectionStreamLength) {
276 return TRUE;
277 }
278
279 //
280 // Move to the next byte following the section...
281 //
282 SectionHeader = (EFI_COMMON_SECTION_HEADER *) ((UINT8 *) SectionHeader + SectionLength);
283
284 //
285 // Figure out where the next section begins
286 //
287 NextSectionHeader = ALIGN_POINTER(SectionHeader, 4);
288 TotalLength += (UINTN) NextSectionHeader - (UINTN) SectionHeader;
289 SectionHeader = NextSectionHeader;
290 }
291
292 ASSERT (FALSE);
293 return FALSE;
294 }
295
296
297 /**
298 Worker function. Constructor for section streams.
299
300 @param SectionStreamLength Size in bytes of the section stream.
301 @param SectionStream Buffer containing the new section stream.
302 @param AllocateBuffer Indicates whether the stream buffer is to be
303 copied or the input buffer is to be used in
304 place. AuthenticationStatus- Indicates the
305 default authentication status for the new
306 stream.
307 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that
308 indicates the authentication status of the
309 output buffer. If the input section's
310 GuidedSectionHeader.Attributes field
311 has the EFI_GUIDED_SECTION_AUTH_STATUS_VALID
312 bit as clear, AuthenticationStatus must return
313 zero. Both local bits (19:16) and aggregate
314 bits (3:0) in AuthenticationStatus are returned
315 by ExtractSection(). These bits reflect the
316 status of the extraction operation. The bit
317 pattern in both regions must be the same, as
318 the local and aggregate authentication statuses
319 have equivalent meaning at this level. If the
320 function returns anything other than
321 EFI_SUCCESS, the value of *AuthenticationStatus
322 is undefined.
323 @param SectionStreamHandle A pointer to a caller allocated section stream
324 handle.
325
326 @retval EFI_SUCCESS Stream was added to stream database.
327 @retval EFI_OUT_OF_RESOURCES memory allocation failed.
328
329 **/
330 EFI_STATUS
331 OpenSectionStreamEx (
332 IN UINTN SectionStreamLength,
333 IN VOID *SectionStream,
334 IN BOOLEAN AllocateBuffer,
335 IN UINT32 AuthenticationStatus,
336 OUT UINTN *SectionStreamHandle
337 )
338 {
339 CORE_SECTION_STREAM_NODE *NewStream;
340 EFI_TPL OldTpl;
341
342 //
343 // Allocate a new stream
344 //
345 NewStream = AllocatePool (sizeof (CORE_SECTION_STREAM_NODE));
346 if (NewStream == NULL) {
347 return EFI_OUT_OF_RESOURCES;
348 }
349
350 if (AllocateBuffer) {
351 //
352 // if we're here, we're double buffering, allocate the buffer and copy the
353 // data in
354 //
355 if (SectionStreamLength > 0) {
356 NewStream->StreamBuffer = AllocatePool (SectionStreamLength);
357 if (NewStream->StreamBuffer == NULL) {
358 CoreFreePool (NewStream);
359 return EFI_OUT_OF_RESOURCES;
360 }
361 //
362 // Copy in stream data
363 //
364 CopyMem (NewStream->StreamBuffer, SectionStream, SectionStreamLength);
365 } else {
366 //
367 // It's possible to have a zero length section stream.
368 //
369 NewStream->StreamBuffer = NULL;
370 }
371 } else {
372 //
373 // If were here, the caller has supplied the buffer (it's an internal call)
374 // so just assign the buffer. This happens when we open section streams
375 // as a result of expanding an encapsulating section.
376 //
377 NewStream->StreamBuffer = SectionStream;
378 }
379
380 //
381 // Initialize the rest of the section stream
382 //
383 NewStream->Signature = CORE_SECTION_STREAM_SIGNATURE;
384 NewStream->StreamHandle = (UINTN) NewStream;
385 NewStream->StreamLength = SectionStreamLength;
386 InitializeListHead (&NewStream->Children);
387 NewStream->AuthenticationStatus = AuthenticationStatus;
388
389 //
390 // Add new stream to stream list
391 //
392 OldTpl = CoreRaiseTpl (TPL_NOTIFY);
393 InsertTailList (&mStreamRoot, &NewStream->Link);
394 CoreRestoreTpl (OldTpl);
395
396 *SectionStreamHandle = NewStream->StreamHandle;
397
398 return EFI_SUCCESS;
399 }
400
401
402 /**
403 SEP member function. This function creates and returns a new section stream
404 handle to represent the new section stream.
405
406 @param SectionStreamLength Size in bytes of the section stream.
407 @param SectionStream Buffer containing the new section stream.
408 @param SectionStreamHandle A pointer to a caller allocated UINTN that on
409 output contains the new section stream handle.
410
411 @retval EFI_SUCCESS The section stream is created successfully.
412 @retval EFI_OUT_OF_RESOURCES memory allocation failed.
413 @retval EFI_INVALID_PARAMETER Section stream does not end concident with end
414 of last section.
415
416 **/
417 EFI_STATUS
418 EFIAPI
419 OpenSectionStream (
420 IN UINTN SectionStreamLength,
421 IN VOID *SectionStream,
422 OUT UINTN *SectionStreamHandle
423 )
424 {
425 //
426 // Check to see section stream looks good...
427 //
428 if (!IsValidSectionStream (SectionStream, SectionStreamLength)) {
429 return EFI_INVALID_PARAMETER;
430 }
431
432 return OpenSectionStreamEx (
433 SectionStreamLength,
434 SectionStream,
435 TRUE,
436 0,
437 SectionStreamHandle
438 );
439 }
440
441
442
443 /**
444 Worker function. Determine if the input stream:child matches the input type.
445
446 @param Stream Indicates the section stream associated with the
447 child
448 @param Child Indicates the child to check
449 @param SearchType Indicates the type of section to check against
450 for
451 @param SectionDefinitionGuid Indicates the GUID to check against if the type
452 is EFI_SECTION_GUID_DEFINED
453
454 @retval TRUE The child matches
455 @retval FALSE The child doesn't match
456
457 **/
458 BOOLEAN
459 ChildIsType (
460 IN CORE_SECTION_STREAM_NODE *Stream,
461 IN CORE_SECTION_CHILD_NODE *Child,
462 IN EFI_SECTION_TYPE SearchType,
463 IN EFI_GUID *SectionDefinitionGuid
464 )
465 {
466 EFI_GUID_DEFINED_SECTION *GuidedSection;
467
468 if (SearchType == EFI_SECTION_ALL) {
469 return TRUE;
470 }
471 if (Child->Type != SearchType) {
472 return FALSE;
473 }
474 if (SearchType != EFI_SECTION_GUID_DEFINED) {
475 return TRUE;
476 }
477 GuidedSection = (EFI_GUID_DEFINED_SECTION * )(Stream->StreamBuffer + Child->OffsetInStream);
478 return CompareGuid (&GuidedSection->SectionDefinitionGuid, SectionDefinitionGuid);
479 }
480
481
482 /**
483 Worker function. Constructor for new child nodes.
484
485 @param Stream Indicates the section stream in which to add the
486 child.
487 @param ChildOffset Indicates the offset in Stream that is the
488 beginning of the child section.
489 @param ChildNode Indicates the Callee allocated and initialized
490 child.
491
492 @retval EFI_SUCCESS Child node was found and returned.
493 EFI_OUT_OF_RESOURCES- Memory allocation failed.
494 @retval EFI_PROTOCOL_ERROR Encapsulation sections produce new stream
495 handles when the child node is created. If the
496 section type is GUID defined, and the extraction
497 GUID does not exist, and producing the stream
498 requires the GUID, then a protocol error is
499 generated and no child is produced. Values
500 returned by OpenSectionStreamEx.
501
502 **/
503 EFI_STATUS
504 CreateChildNode (
505 IN CORE_SECTION_STREAM_NODE *Stream,
506 IN UINT32 ChildOffset,
507 OUT CORE_SECTION_CHILD_NODE **ChildNode
508 )
509 {
510 EFI_STATUS Status;
511 EFI_COMMON_SECTION_HEADER *SectionHeader;
512 EFI_COMPRESSION_SECTION *CompressionHeader;
513 EFI_GUID_DEFINED_SECTION *GuidedHeader;
514 EFI_DECOMPRESS_PROTOCOL *Decompress;
515 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL *GuidedExtraction;
516 VOID *NewStreamBuffer;
517 VOID *ScratchBuffer;
518 UINT32 ScratchSize;
519 UINTN NewStreamBufferSize;
520 UINT32 AuthenticationStatus;
521 UINT32 SectionLength;
522
523 CORE_SECTION_CHILD_NODE *Node;
524
525 SectionHeader = (EFI_COMMON_SECTION_HEADER *) (Stream->StreamBuffer + ChildOffset);
526
527 //
528 // Allocate a new node
529 //
530 *ChildNode = AllocatePool (sizeof (CORE_SECTION_CHILD_NODE));
531 Node = *ChildNode;
532 if (Node == NULL) {
533 return EFI_OUT_OF_RESOURCES;
534 }
535
536 //
537 // Now initialize it
538 //
539 Node->Signature = CORE_SECTION_CHILD_SIGNATURE;
540 Node->Type = SectionHeader->Type;
541 Node->Size = SECTION_SIZE (SectionHeader);
542 Node->OffsetInStream = ChildOffset;
543 Node->EncapsulatedStreamHandle = NULL_STREAM_HANDLE;
544 Node->EncapsulationGuid = NULL;
545
546 //
547 // If it's an encapsulating section, then create the new section stream also
548 //
549 switch (Node->Type) {
550 case EFI_SECTION_COMPRESSION:
551 //
552 // Get the CompressionSectionHeader
553 //
554 ASSERT (Node->Size >= sizeof (EFI_COMPRESSION_SECTION));
555
556 CompressionHeader = (EFI_COMPRESSION_SECTION *) SectionHeader;
557
558 //
559 // Allocate space for the new stream
560 //
561 if (CompressionHeader->UncompressedLength > 0) {
562 NewStreamBufferSize = CompressionHeader->UncompressedLength;
563 NewStreamBuffer = AllocatePool (NewStreamBufferSize);
564 if (NewStreamBuffer == NULL) {
565 CoreFreePool (Node);
566 return EFI_OUT_OF_RESOURCES;
567 }
568
569 if (CompressionHeader->CompressionType == EFI_NOT_COMPRESSED) {
570 //
571 // stream is not actually compressed, just encapsulated. So just copy it.
572 //
573 CopyMem (NewStreamBuffer, CompressionHeader + 1, NewStreamBufferSize);
574 } else if (CompressionHeader->CompressionType == EFI_STANDARD_COMPRESSION) {
575 //
576 // Only support the EFI_SATNDARD_COMPRESSION algorithm.
577 //
578
579 //
580 // Decompress the stream
581 //
582 Status = CoreLocateProtocol (&gEfiDecompressProtocolGuid, NULL, (VOID **)&Decompress);
583 ASSERT_EFI_ERROR (Status);
584 ASSERT (Decompress != NULL);
585
586 Status = Decompress->GetInfo (
587 Decompress,
588 CompressionHeader + 1,
589 Node->Size - sizeof (EFI_COMPRESSION_SECTION),
590 (UINT32 *)&NewStreamBufferSize,
591 &ScratchSize
592 );
593 ASSERT_EFI_ERROR (Status);
594 ASSERT (NewStreamBufferSize == CompressionHeader->UncompressedLength);
595
596 ScratchBuffer = AllocatePool (ScratchSize);
597 if (ScratchBuffer == NULL) {
598 CoreFreePool (Node);
599 CoreFreePool (NewStreamBuffer);
600 return EFI_OUT_OF_RESOURCES;
601 }
602
603 Status = Decompress->Decompress (
604 Decompress,
605 CompressionHeader + 1,
606 Node->Size - sizeof (EFI_COMPRESSION_SECTION),
607 NewStreamBuffer,
608 (UINT32)NewStreamBufferSize,
609 ScratchBuffer,
610 ScratchSize
611 );
612 ASSERT_EFI_ERROR (Status);
613 CoreFreePool (ScratchBuffer);
614 }
615 } else {
616 NewStreamBuffer = NULL;
617 NewStreamBufferSize = 0;
618 }
619
620 Status = OpenSectionStreamEx (
621 NewStreamBufferSize,
622 NewStreamBuffer,
623 FALSE,
624 Stream->AuthenticationStatus,
625 &Node->EncapsulatedStreamHandle
626 );
627 if (EFI_ERROR (Status)) {
628 CoreFreePool (Node);
629 CoreFreePool (NewStreamBuffer);
630 return Status;
631 }
632 break;
633
634 case EFI_SECTION_GUID_DEFINED:
635 GuidedHeader = (EFI_GUID_DEFINED_SECTION *) SectionHeader;
636 Node->EncapsulationGuid = &GuidedHeader->SectionDefinitionGuid;
637 Status = CoreLocateProtocol (Node->EncapsulationGuid, NULL, (VOID **)&GuidedExtraction);
638 if (!EFI_ERROR (Status)) {
639 //
640 // NewStreamBuffer is always allocated by ExtractSection... No caller
641 // allocation here.
642 //
643 Status = GuidedExtraction->ExtractSection (
644 GuidedExtraction,
645 GuidedHeader,
646 &NewStreamBuffer,
647 &NewStreamBufferSize,
648 &AuthenticationStatus
649 );
650 if (EFI_ERROR (Status)) {
651 CoreFreePool (*ChildNode);
652 return EFI_PROTOCOL_ERROR;
653 }
654
655 //
656 // Make sure we initialize the new stream with the correct
657 // authentication status for both aggregate and local status fields.
658 //
659 if ((GuidedHeader->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0) {
660 //
661 // OR in the parent stream's aggregate status.
662 //
663 AuthenticationStatus |= Stream->AuthenticationStatus & EFI_AUTH_STATUS_ALL;
664 } else {
665 //
666 // since there's no authentication data contributed by the section,
667 // just inherit the full value from our immediate parent.
668 //
669 AuthenticationStatus = Stream->AuthenticationStatus;
670 }
671
672 Status = OpenSectionStreamEx (
673 NewStreamBufferSize,
674 NewStreamBuffer,
675 FALSE,
676 AuthenticationStatus,
677 &Node->EncapsulatedStreamHandle
678 );
679 if (EFI_ERROR (Status)) {
680 CoreFreePool (*ChildNode);
681 CoreFreePool (NewStreamBuffer);
682 return Status;
683 }
684 } else {
685 //
686 // There's no GUIDed section extraction protocol available.
687 //
688 if ((GuidedHeader->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
689 //
690 // If the section REQUIRES an extraction protocol, then we're toast
691 //
692 CoreFreePool (*ChildNode);
693 return EFI_PROTOCOL_ERROR;
694 }
695
696 //
697 // Figure out the proper authentication status
698 //
699 AuthenticationStatus = Stream->AuthenticationStatus;
700
701 SectionLength = SECTION_SIZE (GuidedHeader);
702 Status = OpenSectionStreamEx (
703 SectionLength - GuidedHeader->DataOffset,
704 (UINT8 *) GuidedHeader + GuidedHeader->DataOffset,
705 TRUE,
706 AuthenticationStatus,
707 &Node->EncapsulatedStreamHandle
708 );
709 if (EFI_ERROR (Status)) {
710 CoreFreePool (Node);
711 return Status;
712 }
713 }
714
715 break;
716
717 default:
718
719 //
720 // Nothing to do if it's a leaf
721 //
722 break;
723 }
724
725 //
726 // Last, add the new child node to the stream
727 //
728 InsertTailList (&Stream->Children, &Node->Link);
729
730 return EFI_SUCCESS;
731 }
732
733
734 /**
735 Worker function Recursively searches / builds section stream database
736 looking for requested section.
737
738 @param SourceStream Indicates the section stream in which to do the
739 search.
740 @param SearchType Indicates the type of section to search for.
741 @param SectionInstance Indicates which instance of section to find.
742 This is an in/out parameter to deal with
743 recursions.
744 @param SectionDefinitionGuid Guid of section definition
745 @param FoundChild Output indicating the child node that is found.
746 @param FoundStream Output indicating which section stream the child
747 was found in. If this stream was generated as a
748 result of an encapsulation section, the
749 streamhandle is visible within the SEP driver
750 only.
751 @param AuthenticationStatus Indicates the authentication status of the found section.
752
753 @retval EFI_SUCCESS Child node was found and returned.
754 EFI_OUT_OF_RESOURCES- Memory allocation failed.
755 @retval EFI_NOT_FOUND Requested child node does not exist.
756 @retval EFI_PROTOCOL_ERROR a required GUIDED section extraction protocol
757 does not exist
758
759 **/
760 EFI_STATUS
761 FindChildNode (
762 IN CORE_SECTION_STREAM_NODE *SourceStream,
763 IN EFI_SECTION_TYPE SearchType,
764 IN OUT UINTN *SectionInstance,
765 IN EFI_GUID *SectionDefinitionGuid,
766 OUT CORE_SECTION_CHILD_NODE **FoundChild,
767 OUT CORE_SECTION_STREAM_NODE **FoundStream,
768 OUT UINT32 *AuthenticationStatus
769 )
770 {
771 CORE_SECTION_CHILD_NODE *CurrentChildNode;
772 CORE_SECTION_CHILD_NODE *RecursedChildNode;
773 CORE_SECTION_STREAM_NODE *RecursedFoundStream;
774 UINT32 NextChildOffset;
775 EFI_STATUS ErrorStatus;
776 EFI_STATUS Status;
777
778 CurrentChildNode = NULL;
779 ErrorStatus = EFI_NOT_FOUND;
780
781 if (SourceStream->StreamLength == 0) {
782 return EFI_NOT_FOUND;
783 }
784
785 if (IsListEmpty (&SourceStream->Children) &&
786 SourceStream->StreamLength >= sizeof (EFI_COMMON_SECTION_HEADER)) {
787 //
788 // This occurs when a section stream exists, but no child sections
789 // have been parsed out yet. Therefore, extract the first child and add it
790 // to the list of children so we can get started.
791 // Section stream may contain an array of zero or more bytes.
792 // So, its size should be >= the size of commen section header.
793 //
794 Status = CreateChildNode (SourceStream, 0, &CurrentChildNode);
795 if (EFI_ERROR (Status)) {
796 return Status;
797 }
798 }
799
800 //
801 // At least one child has been parsed out of the section stream. So, walk
802 // through the sections that have already been parsed out looking for the
803 // requested section, if necessary, continue parsing section stream and
804 // adding children until either the requested section is found, or we run
805 // out of data
806 //
807 CurrentChildNode = CHILD_SECTION_NODE_FROM_LINK (GetFirstNode(&SourceStream->Children));
808
809 for (;;) {
810 if (ChildIsType (SourceStream, CurrentChildNode, SearchType, SectionDefinitionGuid)) {
811 //
812 // The type matches, so check the instance count to see if it's the one we want
813 //
814 (*SectionInstance)--;
815 if (*SectionInstance == 0) {
816 //
817 // Got it!
818 //
819 *FoundChild = CurrentChildNode;
820 *FoundStream = SourceStream;
821 *AuthenticationStatus = SourceStream->AuthenticationStatus;
822 return EFI_SUCCESS;
823 }
824 }
825
826 if (CurrentChildNode->EncapsulatedStreamHandle != NULL_STREAM_HANDLE) {
827 //
828 // If the current node is an encapsulating node, recurse into it...
829 //
830 Status = FindChildNode (
831 (CORE_SECTION_STREAM_NODE *)CurrentChildNode->EncapsulatedStreamHandle,
832 SearchType,
833 SectionInstance,
834 SectionDefinitionGuid,
835 &RecursedChildNode,
836 &RecursedFoundStream,
837 AuthenticationStatus
838 );
839 //
840 // If the status is not EFI_SUCCESS, just save the error code and continue
841 // to find the request child node in the rest stream.
842 //
843 if (*SectionInstance == 0) {
844 ASSERT_EFI_ERROR (Status);
845 *FoundChild = RecursedChildNode;
846 *FoundStream = RecursedFoundStream;
847 return EFI_SUCCESS;
848 } else {
849 ErrorStatus = Status;
850 }
851 }
852
853 if (!IsNodeAtEnd (&SourceStream->Children, &CurrentChildNode->Link)) {
854 //
855 // We haven't found the child node we're interested in yet, but there's
856 // still more nodes that have already been parsed so get the next one
857 // and continue searching..
858 //
859 CurrentChildNode = CHILD_SECTION_NODE_FROM_LINK (GetNextNode (&SourceStream->Children, &CurrentChildNode->Link));
860 } else {
861 //
862 // We've exhausted children that have already been parsed, so see if
863 // there's any more data and continue parsing out more children if there
864 // is.
865 //
866 NextChildOffset = CurrentChildNode->OffsetInStream + CurrentChildNode->Size;
867 //
868 // Round up to 4 byte boundary
869 //
870 NextChildOffset += 3;
871 NextChildOffset &= ~(UINTN) 3;
872 if (NextChildOffset <= SourceStream->StreamLength - sizeof (EFI_COMMON_SECTION_HEADER)) {
873 //
874 // There's an unparsed child remaining in the stream, so create a new child node
875 //
876 Status = CreateChildNode (SourceStream, NextChildOffset, &CurrentChildNode);
877 if (EFI_ERROR (Status)) {
878 return Status;
879 }
880 } else {
881 ASSERT (EFI_ERROR (ErrorStatus));
882 return ErrorStatus;
883 }
884 }
885 }
886 }
887
888
889 /**
890 Worker function. Search stream database for requested stream handle.
891
892 @param SearchHandle Indicates which stream to look for.
893 @param FoundStream Output pointer to the found stream.
894
895 @retval EFI_SUCCESS StreamHandle was found and *FoundStream contains
896 the stream node.
897 @retval EFI_NOT_FOUND SearchHandle was not found in the stream
898 database.
899
900 **/
901 EFI_STATUS
902 FindStreamNode (
903 IN UINTN SearchHandle,
904 OUT CORE_SECTION_STREAM_NODE **FoundStream
905 )
906 {
907 CORE_SECTION_STREAM_NODE *StreamNode;
908
909 if (!IsListEmpty (&mStreamRoot)) {
910 StreamNode = STREAM_NODE_FROM_LINK (GetFirstNode (&mStreamRoot));
911 for (;;) {
912 if (StreamNode->StreamHandle == SearchHandle) {
913 *FoundStream = StreamNode;
914 return EFI_SUCCESS;
915 } else if (IsNodeAtEnd (&mStreamRoot, &StreamNode->Link)) {
916 break;
917 } else {
918 StreamNode = STREAM_NODE_FROM_LINK (GetNextNode (&mStreamRoot, &StreamNode->Link));
919 }
920 }
921 }
922
923 return EFI_NOT_FOUND;
924 }
925
926
927 /**
928 SEP member function. Retrieves requested section from section stream.
929
930 @param SectionStreamHandle The section stream from which to extract the
931 requested section.
932 @param SectionType A pointer to the type of section to search for.
933 @param SectionDefinitionGuid If the section type is EFI_SECTION_GUID_DEFINED,
934 then SectionDefinitionGuid indicates which of
935 these types of sections to search for.
936 @param SectionInstance Indicates which instance of the requested
937 section to return.
938 @param Buffer Double indirection to buffer. If *Buffer is
939 non-null on input, then the buffer is caller
940 allocated. If Buffer is NULL, then the buffer
941 is callee allocated. In either case, the
942 requried buffer size is returned in *BufferSize.
943 @param BufferSize On input, indicates the size of *Buffer if
944 *Buffer is non-null on input. On output,
945 indicates the required size (allocated size if
946 callee allocated) of *Buffer.
947 @param AuthenticationStatus A pointer to a caller-allocated UINT32 that
948 indicates the authentication status of the
949 output buffer. If the input section's
950 GuidedSectionHeader.Attributes field
951 has the EFI_GUIDED_SECTION_AUTH_STATUS_VALID
952 bit as clear, AuthenticationStatus must return
953 zero. Both local bits (19:16) and aggregate
954 bits (3:0) in AuthenticationStatus are returned
955 by ExtractSection(). These bits reflect the
956 status of the extraction operation. The bit
957 pattern in both regions must be the same, as
958 the local and aggregate authentication statuses
959 have equivalent meaning at this level. If the
960 function returns anything other than
961 EFI_SUCCESS, the value of *AuthenticationStatus
962 is undefined.
963
964 @retval EFI_SUCCESS Section was retrieved successfully
965 @retval EFI_PROTOCOL_ERROR A GUID defined section was encountered in the
966 section stream with its
967 EFI_GUIDED_SECTION_PROCESSING_REQUIRED bit set,
968 but there was no corresponding GUIDed Section
969 Extraction Protocol in the handle database.
970 *Buffer is unmodified.
971 @retval EFI_NOT_FOUND An error was encountered when parsing the
972 SectionStream. This indicates the SectionStream
973 is not correctly formatted.
974 @retval EFI_NOT_FOUND The requested section does not exist.
975 @retval EFI_OUT_OF_RESOURCES The system has insufficient resources to process
976 the request.
977 @retval EFI_INVALID_PARAMETER The SectionStreamHandle does not exist.
978 @retval EFI_WARN_TOO_SMALL The size of the caller allocated input buffer is
979 insufficient to contain the requested section.
980 The input buffer is filled and section contents
981 are truncated.
982
983 **/
984 EFI_STATUS
985 EFIAPI
986 GetSection (
987 IN UINTN SectionStreamHandle,
988 IN EFI_SECTION_TYPE *SectionType,
989 IN EFI_GUID *SectionDefinitionGuid,
990 IN UINTN SectionInstance,
991 IN VOID **Buffer,
992 IN OUT UINTN *BufferSize,
993 OUT UINT32 *AuthenticationStatus
994 )
995 {
996 CORE_SECTION_STREAM_NODE *StreamNode;
997 EFI_TPL OldTpl;
998 EFI_STATUS Status;
999 CORE_SECTION_CHILD_NODE *ChildNode;
1000 CORE_SECTION_STREAM_NODE *ChildStreamNode;
1001 UINTN CopySize;
1002 UINT32 ExtractedAuthenticationStatus;
1003 UINTN Instance;
1004 UINT8 *CopyBuffer;
1005 UINTN SectionSize;
1006
1007
1008 OldTpl = CoreRaiseTpl (TPL_NOTIFY);
1009 Instance = SectionInstance + 1;
1010
1011 //
1012 // Locate target stream
1013 //
1014 Status = FindStreamNode (SectionStreamHandle, &StreamNode);
1015 if (EFI_ERROR (Status)) {
1016 Status = EFI_INVALID_PARAMETER;
1017 goto GetSection_Done;
1018 }
1019
1020 //
1021 // Found the stream, now locate and return the appropriate section
1022 //
1023 if (SectionType == NULL) {
1024 //
1025 // SectionType == NULL means return the WHOLE section stream...
1026 //
1027 CopySize = StreamNode->StreamLength;
1028 CopyBuffer = StreamNode->StreamBuffer;
1029 *AuthenticationStatus = StreamNode->AuthenticationStatus;
1030 } else {
1031 //
1032 // There's a requested section type, so go find it and return it...
1033 //
1034 Status = FindChildNode (
1035 StreamNode,
1036 *SectionType,
1037 &Instance,
1038 SectionDefinitionGuid,
1039 &ChildNode,
1040 &ChildStreamNode,
1041 &ExtractedAuthenticationStatus
1042 );
1043 if (EFI_ERROR (Status)) {
1044 goto GetSection_Done;
1045 }
1046 CopySize = ChildNode->Size - sizeof (EFI_COMMON_SECTION_HEADER);
1047 CopyBuffer = ChildStreamNode->StreamBuffer + ChildNode->OffsetInStream + sizeof (EFI_COMMON_SECTION_HEADER);
1048 *AuthenticationStatus = ExtractedAuthenticationStatus;
1049 }
1050
1051 SectionSize = CopySize;
1052 if (*Buffer != NULL) {
1053 //
1054 // Caller allocated buffer. Fill to size and return required size...
1055 //
1056 if (*BufferSize < CopySize) {
1057 Status = EFI_WARN_BUFFER_TOO_SMALL;
1058 CopySize = *BufferSize;
1059 }
1060 } else {
1061 //
1062 // Callee allocated buffer. Allocate buffer and return size.
1063 //
1064 *Buffer = AllocatePool (CopySize);
1065 if (*Buffer == NULL) {
1066 Status = EFI_OUT_OF_RESOURCES;
1067 goto GetSection_Done;
1068 }
1069 }
1070 CopyMem (*Buffer, CopyBuffer, CopySize);
1071 *BufferSize = SectionSize;
1072
1073 GetSection_Done:
1074 CoreRestoreTpl (OldTpl);
1075
1076 return Status;
1077 }
1078
1079
1080 /**
1081 Worker function. Destructor for child nodes.
1082
1083 @param ChildNode Indicates the node to destroy
1084
1085 **/
1086 VOID
1087 FreeChildNode (
1088 IN CORE_SECTION_CHILD_NODE *ChildNode
1089 )
1090 {
1091 ASSERT (ChildNode->Signature == CORE_SECTION_CHILD_SIGNATURE);
1092 //
1093 // Remove the child from it's list
1094 //
1095 RemoveEntryList (&ChildNode->Link);
1096
1097 if (ChildNode->EncapsulatedStreamHandle != NULL_STREAM_HANDLE) {
1098 //
1099 // If it's an encapsulating section, we close the resulting section stream.
1100 // CloseSectionStream will free all memory associated with the stream.
1101 //
1102 CloseSectionStream (ChildNode->EncapsulatedStreamHandle);
1103 }
1104 //
1105 // Last, free the child node itself
1106 //
1107 CoreFreePool (ChildNode);
1108 }
1109
1110
1111 /**
1112 SEP member function. Deletes an existing section stream
1113
1114 @param StreamHandleToClose Indicates the stream to close
1115
1116 @retval EFI_SUCCESS The section stream is closed sucessfully.
1117 @retval EFI_OUT_OF_RESOURCES Memory allocation failed.
1118 @retval EFI_INVALID_PARAMETER Section stream does not end concident with end
1119 of last section.
1120
1121 **/
1122 EFI_STATUS
1123 EFIAPI
1124 CloseSectionStream (
1125 IN UINTN StreamHandleToClose
1126 )
1127 {
1128 CORE_SECTION_STREAM_NODE *StreamNode;
1129 EFI_TPL OldTpl;
1130 EFI_STATUS Status;
1131 LIST_ENTRY *Link;
1132 CORE_SECTION_CHILD_NODE *ChildNode;
1133
1134 OldTpl = CoreRaiseTpl (TPL_NOTIFY);
1135
1136 //
1137 // Locate target stream
1138 //
1139 Status = FindStreamNode (StreamHandleToClose, &StreamNode);
1140 if (!EFI_ERROR (Status)) {
1141 //
1142 // Found the stream, so close it
1143 //
1144 RemoveEntryList (&StreamNode->Link);
1145 while (!IsListEmpty (&StreamNode->Children)) {
1146 Link = GetFirstNode (&StreamNode->Children);
1147 ChildNode = CHILD_SECTION_NODE_FROM_LINK (Link);
1148 FreeChildNode (ChildNode);
1149 }
1150 CoreFreePool (StreamNode->StreamBuffer);
1151 CoreFreePool (StreamNode);
1152 Status = EFI_SUCCESS;
1153 } else {
1154 Status = EFI_INVALID_PARAMETER;
1155 }
1156
1157 CoreRestoreTpl (OldTpl);
1158 return Status;
1159 }
1160
1161
1162 /**
1163 The ExtractSection() function processes the input section and
1164 allocates a buffer from the pool in which it returns the section
1165 contents. If the section being extracted contains
1166 authentication information (the section's
1167 GuidedSectionHeader.Attributes field has the
1168 EFI_GUIDED_SECTION_AUTH_STATUS_VALID bit set), the values
1169 returned in AuthenticationStatus must reflect the results of
1170 the authentication operation. Depending on the algorithm and
1171 size of the encapsulated data, the time that is required to do
1172 a full authentication may be prohibitively long for some
1173 classes of systems. To indicate this, use
1174 EFI_SECURITY_POLICY_PROTOCOL_GUID, which may be published by
1175 the security policy driver (see the Platform Initialization
1176 Driver Execution Environment Core Interface Specification for
1177 more details and the GUID definition). If the
1178 EFI_SECURITY_POLICY_PROTOCOL_GUID exists in the handle
1179 database, then, if possible, full authentication should be
1180 skipped and the section contents simply returned in the
1181 OutputBuffer. In this case, the
1182 EFI_AUTH_STATUS_PLATFORM_OVERRIDE bit AuthenticationStatus
1183 must be set on return. ExtractSection() is callable only from
1184 TPL_NOTIFY and below. Behavior of ExtractSection() at any
1185 EFI_TPL above TPL_NOTIFY is undefined. Type EFI_TPL is
1186 defined in RaiseTPL() in the UEFI 2.0 specification.
1187
1188
1189 @param This Indicates the
1190 EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL instance.
1191 @param InputSection Buffer containing the input GUIDed section
1192 to be processed. OutputBuffer OutputBuffer
1193 is allocated from boot services pool
1194 memory and contains the new section
1195 stream. The caller is responsible for
1196 freeing this buffer.
1197 @param OutputBuffer *OutputBuffer is allocated from boot services
1198 pool memory and contains the new section stream.
1199 The caller is responsible for freeing this buffer.
1200 @param OutputSize A pointer to a caller-allocated UINTN in
1201 which the size of OutputBuffer allocation
1202 is stored. If the function returns
1203 anything other than EFI_SUCCESS, the value
1204 of OutputSize is undefined.
1205
1206 @param AuthenticationStatus A pointer to a caller-allocated
1207 UINT32 that indicates the
1208 authentication status of the
1209 output buffer. If the input
1210 section's
1211 GuidedSectionHeader.Attributes
1212 field has the
1213 EFI_GUIDED_SECTION_AUTH_STATUS_VAL
1214 bit as clear, AuthenticationStatus
1215 must return zero. Both local bits
1216 (19:16) and aggregate bits (3:0)
1217 in AuthenticationStatus are
1218 returned by ExtractSection().
1219 These bits reflect the status of
1220 the extraction operation. The bit
1221 pattern in both regions must be
1222 the same, as the local and
1223 aggregate authentication statuses
1224 have equivalent meaning at this
1225 level. If the function returns
1226 anything other than EFI_SUCCESS,
1227 the value of AuthenticationStatus
1228 is undefined.
1229
1230
1231 @retval EFI_SUCCESS The InputSection was successfully
1232 processed and the section contents were
1233 returned.
1234
1235 @retval EFI_OUT_OF_RESOURCES The system has insufficient
1236 resources to process the
1237 request.
1238
1239 @retval EFI_INVALID_PARAMETER The GUID in InputSection does
1240 not match this instance of the
1241 GUIDed Section Extraction
1242 Protocol.
1243
1244 **/
1245 EFI_STATUS
1246 EFIAPI
1247 CustomGuidedSectionExtract (
1248 IN CONST EFI_GUIDED_SECTION_EXTRACTION_PROTOCOL *This,
1249 IN CONST VOID *InputSection,
1250 OUT VOID **OutputBuffer,
1251 OUT UINTN *OutputSize,
1252 OUT UINT32 *AuthenticationStatus
1253 )
1254 {
1255 EFI_STATUS Status;
1256 VOID *ScratchBuffer;
1257 VOID *AllocatedOutputBuffer;
1258 UINT32 OutputBufferSize;
1259 UINT32 ScratchBufferSize;
1260 UINT16 SectionAttribute;
1261
1262 //
1263 // Init local variable
1264 //
1265 ScratchBuffer = NULL;
1266 AllocatedOutputBuffer = NULL;
1267
1268 //
1269 // Call GetInfo to get the size and attribute of input guided section data.
1270 //
1271 Status = ExtractGuidedSectionGetInfo (
1272 InputSection,
1273 &OutputBufferSize,
1274 &ScratchBufferSize,
1275 &SectionAttribute
1276 );
1277
1278 if (EFI_ERROR (Status)) {
1279 DEBUG ((DEBUG_ERROR, "GetInfo from guided section Failed - %r\n", Status));
1280 return Status;
1281 }
1282
1283 if (ScratchBufferSize > 0) {
1284 //
1285 // Allocate scratch buffer
1286 //
1287 ScratchBuffer = AllocatePool (ScratchBufferSize);
1288 if (ScratchBuffer == NULL) {
1289 return EFI_OUT_OF_RESOURCES;
1290 }
1291 }
1292
1293 if (OutputBufferSize > 0) {
1294 //
1295 // Allocate output buffer
1296 //
1297 AllocatedOutputBuffer = AllocatePool (OutputBufferSize);
1298 if (AllocatedOutputBuffer == NULL) {
1299 FreePool (ScratchBuffer);
1300 return EFI_OUT_OF_RESOURCES;
1301 }
1302 *OutputBuffer = AllocatedOutputBuffer;
1303 }
1304
1305 //
1306 // Call decode function to extract raw data from the guided section.
1307 //
1308 Status = ExtractGuidedSectionDecode (
1309 InputSection,
1310 OutputBuffer,
1311 ScratchBuffer,
1312 AuthenticationStatus
1313 );
1314 if (EFI_ERROR (Status)) {
1315 //
1316 // Decode failed
1317 //
1318 if (AllocatedOutputBuffer != NULL) {
1319 CoreFreePool (AllocatedOutputBuffer);
1320 }
1321 if (ScratchBuffer != NULL) {
1322 CoreFreePool (ScratchBuffer);
1323 }
1324 DEBUG ((DEBUG_ERROR, "Extract guided section Failed - %r\n", Status));
1325 return Status;
1326 }
1327
1328 if (*OutputBuffer != AllocatedOutputBuffer) {
1329 //
1330 // OutputBuffer was returned as a different value,
1331 // so copy section contents to the allocated memory buffer.
1332 //
1333 CopyMem (AllocatedOutputBuffer, *OutputBuffer, OutputBufferSize);
1334 *OutputBuffer = AllocatedOutputBuffer;
1335 }
1336
1337 //
1338 // Set real size of output buffer.
1339 //
1340 *OutputSize = (UINTN) OutputBufferSize;
1341
1342 //
1343 // Free unused scratch buffer.
1344 //
1345 if (ScratchBuffer != NULL) {
1346 CoreFreePool (ScratchBuffer);
1347 }
1348
1349 return EFI_SUCCESS;
1350 }
EFI Development Kit II mirror for PVE