]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
MdeModulePkg/DxeCapsuleLibFmp: pass progress callback only if it works
[mirror_edk2.git] / MdeModulePkg / Library / DxeCapsuleLibFmp / DxeCapsuleLib.c
1 /** @file
2 DXE capsule library.
3
4 Caution: This module requires additional review when modified.
5 This module will have external input - capsule image.
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
8
9 SupportCapsuleImage(), ProcessCapsuleImage(), IsValidCapsuleHeader(),
10 ValidateFmpCapsule(), and DisplayCapsuleImage() receives untrusted input and
11 performs basic validation.
12
13 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
14 This program and the accompanying materials
15 are licensed and made available under the terms and conditions of the BSD License
16 which accompanies this distribution. The full text of the license may be found at
17 http://opensource.org/licenses/bsd-license.php
18
19 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
20 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
21
22 **/
23
24 #include <PiDxe.h>
25
26 #include <IndustryStandard/WindowsUxCapsule.h>
27
28 #include <Guid/FmpCapsule.h>
29 #include <Guid/SystemResourceTable.h>
30 #include <Guid/EventGroup.h>
31
32 #include <Library/BaseLib.h>
33 #include <Library/DebugLib.h>
34 #include <Library/BaseMemoryLib.h>
35 #include <Library/DxeServicesTableLib.h>
36 #include <Library/UefiBootServicesTableLib.h>
37 #include <Library/UefiRuntimeServicesTableLib.h>
38 #include <Library/MemoryAllocationLib.h>
39 #include <Library/CapsuleLib.h>
40 #include <Library/DevicePathLib.h>
41 #include <Library/UefiLib.h>
42 #include <Library/PcdLib.h>
43 #include <Library/BmpSupportLib.h>
44
45 #include <Protocol/GraphicsOutput.h>
46 #include <Protocol/EsrtManagement.h>
47 #include <Protocol/FirmwareManagement.h>
48 #include <Protocol/FirmwareManagementProgress.h>
49 #include <Protocol/DevicePath.h>
50
51 EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable = NULL;
52 BOOLEAN mIsVirtualAddrConverted = FALSE;
53
54 BOOLEAN mDxeCapsuleLibEndOfDxe = FALSE;
55 EFI_EVENT mDxeCapsuleLibEndOfDxeEvent = NULL;
56
57 EDKII_FIRMWARE_MANAGEMENT_PROGRESS_PROTOCOL *mFmpProgress = NULL;
58
59 /**
60 Initialize capsule related variables.
61 **/
62 VOID
63 InitCapsuleVariable (
64 VOID
65 );
66
67 /**
68 Record capsule status variable.
69
70 @param[in] CapsuleHeader The capsule image header
71 @param[in] CapsuleStatus The capsule process stauts
72
73 @retval EFI_SUCCESS The capsule status variable is recorded.
74 @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
75 **/
76 EFI_STATUS
77 RecordCapsuleStatusVariable (
78 IN EFI_CAPSULE_HEADER *CapsuleHeader,
79 IN EFI_STATUS CapsuleStatus
80 );
81
82 /**
83 Record FMP capsule status variable.
84
85 @param[in] CapsuleHeader The capsule image header
86 @param[in] CapsuleStatus The capsule process stauts
87 @param[in] PayloadIndex FMP payload index
88 @param[in] ImageHeader FMP image header
89 @param[in] FmpDevicePath DevicePath associated with the FMP producer
90
91 @retval EFI_SUCCESS The capsule status variable is recorded.
92 @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
93 **/
94 EFI_STATUS
95 RecordFmpCapsuleStatusVariable (
96 IN EFI_CAPSULE_HEADER *CapsuleHeader,
97 IN EFI_STATUS CapsuleStatus,
98 IN UINTN PayloadIndex,
99 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader,
100 IN EFI_DEVICE_PATH_PROTOCOL *FmpDevicePath OPTIONAL
101 );
102
103 /**
104 Function indicate the current completion progress of the firmware
105 update. Platform may override with own specific progress function.
106
107 @param[in] Completion A value between 1 and 100 indicating the current
108 completion progress of the firmware update
109
110 @retval EFI_SUCESS The capsule update progress was updated.
111 @retval EFI_INVALID_PARAMETER Completion is greater than 100%.
112 **/
113 EFI_STATUS
114 EFIAPI
115 UpdateImageProgress (
116 IN UINTN Completion
117 );
118
119 /**
120 Return if this CapsuleGuid is a FMP capsule GUID or not.
121
122 @param[in] CapsuleGuid A pointer to EFI_GUID
123
124 @retval TRUE It is a FMP capsule GUID.
125 @retval FALSE It is not a FMP capsule GUID.
126 **/
127 BOOLEAN
128 IsFmpCapsuleGuid (
129 IN EFI_GUID *CapsuleGuid
130 )
131 {
132 if (CompareGuid(&gEfiFmpCapsuleGuid, CapsuleGuid)) {
133 return TRUE;
134 }
135
136 return FALSE;
137 }
138
139 /**
140 Validate if it is valid capsule header
141
142 Caution: This function may receive untrusted input.
143
144 This function assumes the caller provided correct CapsuleHeader pointer
145 and CapsuleSize.
146
147 This function validates the fields in EFI_CAPSULE_HEADER.
148
149 @param[in] CapsuleHeader Points to a capsule header.
150 @param[in] CapsuleSize Size of the whole capsule image.
151
152 **/
153 BOOLEAN
154 IsValidCapsuleHeader (
155 IN EFI_CAPSULE_HEADER *CapsuleHeader,
156 IN UINT64 CapsuleSize
157 )
158 {
159 if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
160 return FALSE;
161 }
162 if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
163 return FALSE;
164 }
165 return TRUE;
166 }
167
168 /**
169 Validate Fmp capsules layout.
170
171 Caution: This function may receive untrusted input.
172
173 This function assumes the caller validated the capsule by using
174 IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
175 The capsule buffer size is CapsuleHeader->CapsuleImageSize.
176
177 This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
178 and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
179
180 This function need support nested FMP capsule.
181
182 @param[in] CapsuleHeader Points to a capsule header.
183 @param[out] EmbeddedDriverCount The EmbeddedDriverCount in the FMP capsule.
184
185 @retval EFI_SUCESS Input capsule is a correct FMP capsule.
186 @retval EFI_INVALID_PARAMETER Input capsule is not a correct FMP capsule.
187 **/
188 EFI_STATUS
189 ValidateFmpCapsule (
190 IN EFI_CAPSULE_HEADER *CapsuleHeader,
191 OUT UINT16 *EmbeddedDriverCount OPTIONAL
192 )
193 {
194 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *FmpCapsuleHeader;
195 UINT8 *EndOfCapsule;
196 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
197 UINT8 *EndOfPayload;
198 UINT64 *ItemOffsetList;
199 UINT32 ItemNum;
200 UINTN Index;
201 UINTN FmpCapsuleSize;
202 UINTN FmpCapsuleHeaderSize;
203 UINT64 FmpImageSize;
204 UINTN FmpImageHeaderSize;
205
206 if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
207 return ValidateFmpCapsule ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize), EmbeddedDriverCount);
208 }
209
210 if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
211 DEBUG((DEBUG_ERROR, "HeaderSize(0x%x) >= CapsuleImageSize(0x%x)\n", CapsuleHeader->HeaderSize, CapsuleHeader->CapsuleImageSize));
212 return EFI_INVALID_PARAMETER;
213 }
214
215 FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *) CapsuleHeader + CapsuleHeader->HeaderSize);
216 EndOfCapsule = (UINT8 *) CapsuleHeader + CapsuleHeader->CapsuleImageSize;
217 FmpCapsuleSize = (UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader;
218
219 if (FmpCapsuleSize < sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER)) {
220 DEBUG((DEBUG_ERROR, "FmpCapsuleSize(0x%x) < EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER\n", FmpCapsuleSize));
221 return EFI_INVALID_PARAMETER;
222 }
223
224 // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
225 if (FmpCapsuleHeader->Version != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
226 DEBUG((DEBUG_ERROR, "FmpCapsuleHeader->Version(0x%x) != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION\n", FmpCapsuleHeader->Version));
227 return EFI_INVALID_PARAMETER;
228 }
229 ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
230
231 // No overflow
232 ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
233
234 if ((FmpCapsuleSize - sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER))/sizeof(UINT64) < ItemNum) {
235 DEBUG((DEBUG_ERROR, "ItemNum(0x%x) too big\n", ItemNum));
236 return EFI_INVALID_PARAMETER;
237 }
238 FmpCapsuleHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER) + sizeof(UINT64)*ItemNum;
239
240 // Check ItemOffsetList
241 for (Index = 0; Index < ItemNum; Index++) {
242 if (ItemOffsetList[Index] >= FmpCapsuleSize) {
243 DEBUG((DEBUG_ERROR, "ItemOffsetList[%d](0x%lx) >= FmpCapsuleSize(0x%x)\n", Index, ItemOffsetList[Index], FmpCapsuleSize));
244 return EFI_INVALID_PARAMETER;
245 }
246 if (ItemOffsetList[Index] < FmpCapsuleHeaderSize) {
247 DEBUG((DEBUG_ERROR, "ItemOffsetList[%d](0x%lx) < FmpCapsuleHeaderSize(0x%x)\n", Index, ItemOffsetList[Index], FmpCapsuleHeaderSize));
248 return EFI_INVALID_PARAMETER;
249 }
250 //
251 // All the address in ItemOffsetList must be stored in ascending order
252 //
253 if (Index > 0) {
254 if (ItemOffsetList[Index] <= ItemOffsetList[Index - 1]) {
255 DEBUG((DEBUG_ERROR, "ItemOffsetList[%d](0x%lx) < ItemOffsetList[%d](0x%x)\n", Index, ItemOffsetList[Index], Index - 1, ItemOffsetList[Index - 1]));
256 return EFI_INVALID_PARAMETER;
257 }
258 }
259 }
260
261 // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
262 for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
263 ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
264 if (Index == ItemNum - 1) {
265 EndOfPayload = (UINT8 *)((UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader);
266 } else {
267 EndOfPayload = (UINT8 *)(UINTN)ItemOffsetList[Index+1];
268 }
269 FmpImageSize = (UINTN)EndOfPayload - ItemOffsetList[Index];
270
271 if (FmpImageSize < OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance)) {
272 DEBUG((DEBUG_ERROR, "FmpImageSize(0x%lx) < EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER\n", FmpImageSize));
273 return EFI_INVALID_PARAMETER;
274 }
275 FmpImageHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER);
276 if ((ImageHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) ||
277 (ImageHeader->Version < 1)) {
278 DEBUG((DEBUG_ERROR, "ImageHeader->Version(0x%x) Unknown\n", ImageHeader->Version));
279 return EFI_INVALID_PARAMETER;
280 }
281 if (ImageHeader->Version < EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
282 FmpImageHeaderSize = OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
283 }
284
285 // No overflow
286 if (FmpImageSize != (UINT64)FmpImageHeaderSize + (UINT64)ImageHeader->UpdateImageSize + (UINT64)ImageHeader->UpdateVendorCodeSize) {
287 DEBUG((DEBUG_ERROR, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0x%x) UpdateVendorCodeSize(0x%x)\n", FmpImageSize, ImageHeader->UpdateImageSize, ImageHeader->UpdateVendorCodeSize));
288 return EFI_INVALID_PARAMETER;
289 }
290 }
291
292 if (ItemNum == 0) {
293 //
294 // No driver & payload element in FMP
295 //
296 EndOfPayload = (UINT8 *)(FmpCapsuleHeader + 1);
297 if (EndOfPayload != EndOfCapsule) {
298 DEBUG((DEBUG_ERROR, "EndOfPayload(0x%x) mismatch, EndOfCapsule(0x%x)\n", EndOfPayload, EndOfCapsule));
299 return EFI_INVALID_PARAMETER;
300 }
301 return EFI_UNSUPPORTED;
302 }
303
304 if (EmbeddedDriverCount != NULL) {
305 *EmbeddedDriverCount = FmpCapsuleHeader->EmbeddedDriverCount;
306 }
307
308 return EFI_SUCCESS;
309 }
310
311 /**
312 Those capsules supported by the firmwares.
313
314 Caution: This function may receive untrusted input.
315
316 @param[in] CapsuleHeader Points to a capsule header.
317
318 @retval EFI_SUCESS Input capsule is supported by firmware.
319 @retval EFI_UNSUPPORTED Input capsule is not supported by the firmware.
320 **/
321 EFI_STATUS
322 DisplayCapsuleImage (
323 IN EFI_CAPSULE_HEADER *CapsuleHeader
324 )
325 {
326 DISPLAY_DISPLAY_PAYLOAD *ImagePayload;
327 UINTN PayloadSize;
328 EFI_STATUS Status;
329 EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
330 UINTN BltSize;
331 UINTN Height;
332 UINTN Width;
333 EFI_GRAPHICS_OUTPUT_PROTOCOL *GraphicsOutput;
334
335 //
336 // UX capsule doesn't have extended header entries.
337 //
338 if (CapsuleHeader->HeaderSize != sizeof (EFI_CAPSULE_HEADER)) {
339 return EFI_UNSUPPORTED;
340 }
341 ImagePayload = (DISPLAY_DISPLAY_PAYLOAD *)((UINTN) CapsuleHeader + CapsuleHeader->HeaderSize);
342 //
343 // (CapsuleImageSize > HeaderSize) is guaranteed by IsValidCapsuleHeader().
344 //
345 PayloadSize = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize;
346
347 //
348 // Make sure the image payload at least contain the DISPLAY_DISPLAY_PAYLOAD header.
349 // Further size check is performed by the logic translating BMP to GOP BLT.
350 //
351 if (PayloadSize <= sizeof (DISPLAY_DISPLAY_PAYLOAD)) {
352 return EFI_INVALID_PARAMETER;
353 }
354
355 if (ImagePayload->Version != 1) {
356 return EFI_UNSUPPORTED;
357 }
358 if (CalculateCheckSum8((UINT8 *)CapsuleHeader, CapsuleHeader->CapsuleImageSize) != 0) {
359 return EFI_UNSUPPORTED;
360 }
361 //
362 // Only Support Bitmap by now
363 //
364 if (ImagePayload->ImageType != 0) {
365 return EFI_UNSUPPORTED;
366 }
367
368 //
369 // Try to open GOP
370 //
371 Status = gBS->HandleProtocol (gST->ConsoleOutHandle, &gEfiGraphicsOutputProtocolGuid, (VOID **)&GraphicsOutput);
372 if (EFI_ERROR (Status)) {
373 Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&GraphicsOutput);
374 if (EFI_ERROR(Status)) {
375 return EFI_UNSUPPORTED;
376 }
377 }
378
379 if (GraphicsOutput->Mode->Mode != ImagePayload->Mode) {
380 return EFI_UNSUPPORTED;
381 }
382
383 Blt = NULL;
384 Width = 0;
385 Height = 0;
386 Status = TranslateBmpToGopBlt (
387 ImagePayload + 1,
388 PayloadSize - sizeof(DISPLAY_DISPLAY_PAYLOAD),
389 &Blt,
390 &BltSize,
391 &Height,
392 &Width
393 );
394
395 if (EFI_ERROR (Status)) {
396 return Status;
397 }
398
399 Status = GraphicsOutput->Blt (
400 GraphicsOutput,
401 Blt,
402 EfiBltBufferToVideo,
403 0,
404 0,
405 (UINTN) ImagePayload->OffsetX,
406 (UINTN) ImagePayload->OffsetY,
407 Width,
408 Height,
409 Width * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)
410 );
411
412 FreePool(Blt);
413
414 return Status;
415 }
416
417 /**
418 Dump FMP information.
419
420 @param[in] ImageInfoSize The size of ImageInfo, in bytes.
421 @param[in] ImageInfo A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
422 @param[in] DescriptorVersion The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
423 @param[in] DescriptorCount The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
424 @param[in] DescriptorSize The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR, in bytes.
425 @param[in] PackageVersion The version of package.
426 @param[in] PackageVersionName The version name of package.
427 **/
428 VOID
429 DumpFmpImageInfo (
430 IN UINTN ImageInfoSize,
431 IN EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo,
432 IN UINT32 DescriptorVersion,
433 IN UINT8 DescriptorCount,
434 IN UINTN DescriptorSize,
435 IN UINT32 PackageVersion,
436 IN CHAR16 *PackageVersionName
437 )
438 {
439 EFI_FIRMWARE_IMAGE_DESCRIPTOR *CurrentImageInfo;
440 UINTN Index;
441
442 DEBUG((DEBUG_VERBOSE, " DescriptorVersion - 0x%x\n", DescriptorVersion));
443 DEBUG((DEBUG_VERBOSE, " DescriptorCount - 0x%x\n", DescriptorCount));
444 DEBUG((DEBUG_VERBOSE, " DescriptorSize - 0x%x\n", DescriptorSize));
445 DEBUG((DEBUG_VERBOSE, " PackageVersion - 0x%x\n", PackageVersion));
446 DEBUG((DEBUG_VERBOSE, " PackageVersionName - %s\n\n", PackageVersionName));
447 CurrentImageInfo = ImageInfo;
448 for (Index = 0; Index < DescriptorCount; Index++) {
449 DEBUG((DEBUG_VERBOSE, " ImageDescriptor (%d)\n", Index));
450 DEBUG((DEBUG_VERBOSE, " ImageIndex - 0x%x\n", CurrentImageInfo->ImageIndex));
451 DEBUG((DEBUG_VERBOSE, " ImageTypeId - %g\n", &CurrentImageInfo->ImageTypeId));
452 DEBUG((DEBUG_VERBOSE, " ImageId - 0x%lx\n", CurrentImageInfo->ImageId));
453 DEBUG((DEBUG_VERBOSE, " ImageIdName - %s\n", CurrentImageInfo->ImageIdName));
454 DEBUG((DEBUG_VERBOSE, " Version - 0x%x\n", CurrentImageInfo->Version));
455 DEBUG((DEBUG_VERBOSE, " VersionName - %s\n", CurrentImageInfo->VersionName));
456 DEBUG((DEBUG_VERBOSE, " Size - 0x%x\n", CurrentImageInfo->Size));
457 DEBUG((DEBUG_VERBOSE, " AttributesSupported - 0x%lx\n", CurrentImageInfo->AttributesSupported));
458 DEBUG((DEBUG_VERBOSE, " AttributesSetting - 0x%lx\n", CurrentImageInfo->AttributesSetting));
459 DEBUG((DEBUG_VERBOSE, " Compatibilities - 0x%lx\n", CurrentImageInfo->Compatibilities));
460 if (DescriptorVersion > 1) {
461 DEBUG((DEBUG_VERBOSE, " LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo->LowestSupportedImageVersion));
462 if (DescriptorVersion > 2) {
463 DEBUG((DEBUG_VERBOSE, " LastAttemptVersion - 0x%x\n", CurrentImageInfo->LastAttemptVersion));
464 DEBUG((DEBUG_VERBOSE, " LastAttemptStatus - 0x%x\n", CurrentImageInfo->LastAttemptStatus));
465 DEBUG((DEBUG_VERBOSE, " HardwareInstance - 0x%lx\n", CurrentImageInfo->HardwareInstance));
466 }
467 }
468 //
469 // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different ImageInfo version
470 //
471 CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo + DescriptorSize);
472 }
473 }
474
475 /**
476 Dump a non-nested FMP capsule.
477
478 @param[in] CapsuleHeader A pointer to CapsuleHeader
479 **/
480 VOID
481 DumpFmpCapsule (
482 IN EFI_CAPSULE_HEADER *CapsuleHeader
483 )
484 {
485 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *FmpCapsuleHeader;
486 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
487 UINTN Index;
488 UINT64 *ItemOffsetList;
489
490 FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
491
492 DEBUG((DEBUG_VERBOSE, "FmpCapsule:\n"));
493 DEBUG((DEBUG_VERBOSE, " Version - 0x%x\n", FmpCapsuleHeader->Version));
494 DEBUG((DEBUG_VERBOSE, " EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount));
495 DEBUG((DEBUG_VERBOSE, " PayloadItemCount - 0x%x\n", FmpCapsuleHeader->PayloadItemCount));
496
497 ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
498 for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
499 DEBUG((DEBUG_VERBOSE, " ItemOffsetList[%d] - 0x%lx\n", Index, ItemOffsetList[Index]));
500 }
501 for (; Index < (UINT32)FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount; Index++) {
502 DEBUG((DEBUG_VERBOSE, " ItemOffsetList[%d] - 0x%lx\n", Index, ItemOffsetList[Index]));
503 ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
504
505 DEBUG((DEBUG_VERBOSE, " ImageHeader:\n"));
506 DEBUG((DEBUG_VERBOSE, " Version - 0x%x\n", ImageHeader->Version));
507 DEBUG((DEBUG_VERBOSE, " UpdateImageTypeId - %g\n", &ImageHeader->UpdateImageTypeId));
508 DEBUG((DEBUG_VERBOSE, " UpdateImageIndex - 0x%x\n", ImageHeader->UpdateImageIndex));
509 DEBUG((DEBUG_VERBOSE, " UpdateImageSize - 0x%x\n", ImageHeader->UpdateImageSize));
510 DEBUG((DEBUG_VERBOSE, " UpdateVendorCodeSize - 0x%x\n", ImageHeader->UpdateVendorCodeSize));
511 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
512 DEBUG((DEBUG_VERBOSE, " UpdateHardwareInstance - 0x%lx\n", ImageHeader->UpdateHardwareInstance));
513 }
514 }
515 }
516
517 /**
518 Dump all FMP information.
519 **/
520 VOID
521 DumpAllFmpInfo (
522 VOID
523 )
524 {
525 EFI_STATUS Status;
526 EFI_HANDLE *HandleBuffer;
527 UINTN NumberOfHandles;
528 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
529 UINTN Index;
530 UINTN ImageInfoSize;
531 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
532 UINT32 FmpImageInfoDescriptorVer;
533 UINT8 FmpImageInfoCount;
534 UINTN DescriptorSize;
535 UINT32 PackageVersion;
536 CHAR16 *PackageVersionName;
537
538 Status = gBS->LocateHandleBuffer (
539 ByProtocol,
540 &gEfiFirmwareManagementProtocolGuid,
541 NULL,
542 &NumberOfHandles,
543 &HandleBuffer
544 );
545 if (EFI_ERROR(Status)) {
546 return ;
547 }
548
549 for (Index = 0; Index < NumberOfHandles; Index++) {
550 Status = gBS->HandleProtocol(
551 HandleBuffer[Index],
552 &gEfiFirmwareManagementProtocolGuid,
553 (VOID **)&Fmp
554 );
555 if (EFI_ERROR(Status)) {
556 continue;
557 }
558
559 ImageInfoSize = 0;
560 Status = Fmp->GetImageInfo (
561 Fmp,
562 &ImageInfoSize,
563 NULL,
564 NULL,
565 NULL,
566 NULL,
567 NULL,
568 NULL
569 );
570 if (Status != EFI_BUFFER_TOO_SMALL) {
571 continue;
572 }
573
574 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
575 if (FmpImageInfoBuf == NULL) {
576 continue;
577 }
578
579 PackageVersionName = NULL;
580 Status = Fmp->GetImageInfo (
581 Fmp,
582 &ImageInfoSize, // ImageInfoSize
583 FmpImageInfoBuf, // ImageInfo
584 &FmpImageInfoDescriptorVer, // DescriptorVersion
585 &FmpImageInfoCount, // DescriptorCount
586 &DescriptorSize, // DescriptorSize
587 &PackageVersion, // PackageVersion
588 &PackageVersionName // PackageVersionName
589 );
590 if (EFI_ERROR(Status)) {
591 FreePool(FmpImageInfoBuf);
592 continue;
593 }
594
595 DEBUG((DEBUG_INFO, "FMP (%d) ImageInfo:\n", Index));
596 DumpFmpImageInfo(
597 ImageInfoSize, // ImageInfoSize
598 FmpImageInfoBuf, // ImageInfo
599 FmpImageInfoDescriptorVer, // DescriptorVersion
600 FmpImageInfoCount, // DescriptorCount
601 DescriptorSize, // DescriptorSize
602 PackageVersion, // PackageVersion
603 PackageVersionName // PackageVersionName
604 );
605
606 if (PackageVersionName != NULL) {
607 FreePool(PackageVersionName);
608 }
609
610 FreePool(FmpImageInfoBuf);
611 }
612
613 return ;
614 }
615
616 /**
617 Get FMP handle by ImageTypeId and HardwareInstance.
618
619 @param[in] UpdateImageTypeId Used to identify device firmware targeted by this update.
620 @param[in] UpdateHardwareInstance The HardwareInstance to target with this update.
621 @param[in,out] NoHandles The number of handles returned in Buffer.
622 @param[out] Buffer[out] A pointer to the buffer to return the requested array of handles.
623
624 @retval EFI_SUCCESS The array of handles was returned in Buffer, and the number of
625 handles in Buffer was returned in NoHandles.
626 @retval EFI_NOT_FOUND No handles match the search.
627 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.
628 **/
629 EFI_STATUS
630 GetFmpHandleBufferByType (
631 IN EFI_GUID *UpdateImageTypeId,
632 IN UINT64 UpdateHardwareInstance,
633 IN OUT UINTN *NoHandles,
634 OUT EFI_HANDLE **Buffer
635 )
636 {
637 EFI_STATUS Status;
638 EFI_HANDLE *HandleBuffer;
639 UINTN NumberOfHandles;
640 EFI_HANDLE *MatchedHandleBuffer;
641 UINTN MatchedNumberOfHandles;
642 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
643 UINTN Index;
644 UINTN ImageInfoSize;
645 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
646 UINT32 FmpImageInfoDescriptorVer;
647 UINT8 FmpImageInfoCount;
648 UINTN DescriptorSize;
649 UINT32 PackageVersion;
650 CHAR16 *PackageVersionName;
651 UINTN Index2;
652 EFI_FIRMWARE_IMAGE_DESCRIPTOR *TempFmpImageInfo;
653
654 *NoHandles = 0;
655 *Buffer = NULL;
656
657 Status = gBS->LocateHandleBuffer (
658 ByProtocol,
659 &gEfiFirmwareManagementProtocolGuid,
660 NULL,
661 &NumberOfHandles,
662 &HandleBuffer
663 );
664 if (EFI_ERROR(Status)) {
665 return Status;
666 }
667
668 MatchedNumberOfHandles = 0;
669 MatchedHandleBuffer = AllocateZeroPool (sizeof(EFI_HANDLE) * NumberOfHandles);
670 if (MatchedHandleBuffer == NULL) {
671 FreePool (HandleBuffer);
672 return EFI_OUT_OF_RESOURCES;
673 }
674
675 for (Index = 0; Index < NumberOfHandles; Index++) {
676 Status = gBS->HandleProtocol(
677 HandleBuffer[Index],
678 &gEfiFirmwareManagementProtocolGuid,
679 (VOID **)&Fmp
680 );
681 if (EFI_ERROR(Status)) {
682 continue;
683 }
684
685 ImageInfoSize = 0;
686 Status = Fmp->GetImageInfo (
687 Fmp,
688 &ImageInfoSize,
689 NULL,
690 NULL,
691 NULL,
692 NULL,
693 NULL,
694 NULL
695 );
696 if (Status != EFI_BUFFER_TOO_SMALL) {
697 continue;
698 }
699
700 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
701 if (FmpImageInfoBuf == NULL) {
702 continue;
703 }
704
705 PackageVersionName = NULL;
706 Status = Fmp->GetImageInfo (
707 Fmp,
708 &ImageInfoSize, // ImageInfoSize
709 FmpImageInfoBuf, // ImageInfo
710 &FmpImageInfoDescriptorVer, // DescriptorVersion
711 &FmpImageInfoCount, // DescriptorCount
712 &DescriptorSize, // DescriptorSize
713 &PackageVersion, // PackageVersion
714 &PackageVersionName // PackageVersionName
715 );
716 if (EFI_ERROR(Status)) {
717 FreePool(FmpImageInfoBuf);
718 continue;
719 }
720
721 if (PackageVersionName != NULL) {
722 FreePool(PackageVersionName);
723 }
724
725 TempFmpImageInfo = FmpImageInfoBuf;
726 for (Index2 = 0; Index2 < FmpImageInfoCount; Index2++) {
727 //
728 // Check if this FMP instance matches
729 //
730 if (CompareGuid(UpdateImageTypeId, &TempFmpImageInfo->ImageTypeId)) {
731 if ((UpdateHardwareInstance == 0) ||
732 ((FmpImageInfoDescriptorVer >= EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION) &&
733 (UpdateHardwareInstance == TempFmpImageInfo->HardwareInstance))) {
734 MatchedHandleBuffer[MatchedNumberOfHandles] = HandleBuffer[Index];
735 MatchedNumberOfHandles++;
736 break;
737 }
738 }
739 TempFmpImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)TempFmpImageInfo + DescriptorSize);
740 }
741 FreePool(FmpImageInfoBuf);
742 }
743
744 if (MatchedNumberOfHandles == 0) {
745 return EFI_NOT_FOUND;
746 }
747
748 *NoHandles = MatchedNumberOfHandles;
749 *Buffer = MatchedHandleBuffer;
750
751 return EFI_SUCCESS;
752 }
753
754 /**
755 Return FmpImageInfoDescriptorVer by an FMP handle.
756
757 @param[in] Handle A FMP handle.
758
759 @return FmpImageInfoDescriptorVer associated with the FMP.
760 **/
761 UINT32
762 GetFmpImageInfoDescriptorVer (
763 IN EFI_HANDLE Handle
764 )
765 {
766 EFI_STATUS Status;
767 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
768 UINTN ImageInfoSize;
769 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
770 UINT32 FmpImageInfoDescriptorVer;
771 UINT8 FmpImageInfoCount;
772 UINTN DescriptorSize;
773 UINT32 PackageVersion;
774 CHAR16 *PackageVersionName;
775
776 Status = gBS->HandleProtocol(
777 Handle,
778 &gEfiFirmwareManagementProtocolGuid,
779 (VOID **)&Fmp
780 );
781 if (EFI_ERROR(Status)) {
782 return 0;
783 }
784
785 ImageInfoSize = 0;
786 Status = Fmp->GetImageInfo (
787 Fmp,
788 &ImageInfoSize,
789 NULL,
790 NULL,
791 NULL,
792 NULL,
793 NULL,
794 NULL
795 );
796 if (Status != EFI_BUFFER_TOO_SMALL) {
797 return 0;
798 }
799
800 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
801 if (FmpImageInfoBuf == NULL) {
802 return 0;
803 }
804
805 PackageVersionName = NULL;
806 Status = Fmp->GetImageInfo (
807 Fmp,
808 &ImageInfoSize, // ImageInfoSize
809 FmpImageInfoBuf, // ImageInfo
810 &FmpImageInfoDescriptorVer, // DescriptorVersion
811 &FmpImageInfoCount, // DescriptorCount
812 &DescriptorSize, // DescriptorSize
813 &PackageVersion, // PackageVersion
814 &PackageVersionName // PackageVersionName
815 );
816 if (EFI_ERROR(Status)) {
817 FreePool(FmpImageInfoBuf);
818 return 0;
819 }
820 return FmpImageInfoDescriptorVer;
821 }
822
823 /**
824 Set FMP image data.
825
826 @param[in] Handle A FMP handle.
827 @param[in] ImageHeader The payload image header.
828 @param[in] PayloadIndex The index of the payload.
829
830 @return The status of FMP->SetImage.
831 **/
832 EFI_STATUS
833 SetFmpImageData (
834 IN EFI_HANDLE Handle,
835 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader,
836 IN UINTN PayloadIndex
837 )
838 {
839 EFI_STATUS Status;
840 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
841 UINT8 *Image;
842 VOID *VendorCode;
843 CHAR16 *AbortReason;
844 EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS ProgressCallback;
845
846 Status = gBS->HandleProtocol(
847 Handle,
848 &gEfiFirmwareManagementProtocolGuid,
849 (VOID **)&Fmp
850 );
851 if (EFI_ERROR(Status)) {
852 return Status;
853 }
854
855 //
856 // Lookup Firmware Management Progress Protocol before SetImage() is called
857 // This is an optional protocol that may not be present on Handle.
858 //
859 Status = gBS->HandleProtocol (
860 Handle,
861 &gEdkiiFirmwareManagementProgressProtocolGuid,
862 (VOID **)&mFmpProgress
863 );
864 if (EFI_ERROR (Status)) {
865 mFmpProgress = NULL;
866 }
867
868 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
869 Image = (UINT8 *)(ImageHeader + 1);
870 } else {
871 //
872 // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1,
873 // Header should exclude UpdateHardwareInstance field
874 //
875 Image = (UINT8 *)ImageHeader + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
876 }
877
878 if (ImageHeader->UpdateVendorCodeSize == 0) {
879 VendorCode = NULL;
880 } else {
881 VendorCode = Image + ImageHeader->UpdateImageSize;
882 }
883 AbortReason = NULL;
884 DEBUG((DEBUG_INFO, "Fmp->SetImage ...\n"));
885 DEBUG((DEBUG_INFO, "ImageTypeId - %g, ", &ImageHeader->UpdateImageTypeId));
886 DEBUG((DEBUG_INFO, "PayloadIndex - 0x%x, ", PayloadIndex));
887 DEBUG((DEBUG_INFO, "ImageIndex - 0x%x ", ImageHeader->UpdateImageIndex));
888 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
889 DEBUG((DEBUG_INFO, "(UpdateHardwareInstance - 0x%x)", ImageHeader->UpdateHardwareInstance));
890 }
891 DEBUG((DEBUG_INFO, "\n"));
892
893 //
894 // Before calling SetImage(), reset the progress bar to 0%
895 //
896 ProgressCallback = UpdateImageProgress;
897 Status = UpdateImageProgress (0);
898 if (EFI_ERROR (Status)) {
899 ProgressCallback = NULL;
900 }
901
902 Status = Fmp->SetImage(
903 Fmp,
904 ImageHeader->UpdateImageIndex, // ImageIndex
905 Image, // Image
906 ImageHeader->UpdateImageSize, // ImageSize
907 VendorCode, // VendorCode
908 ProgressCallback, // Progress
909 &AbortReason // AbortReason
910 );
911 //
912 // Set the progress bar to 100% after returning from SetImage()
913 //
914 if (ProgressCallback != NULL) {
915 UpdateImageProgress (100);
916 }
917
918 DEBUG((DEBUG_INFO, "Fmp->SetImage - %r\n", Status));
919 if (AbortReason != NULL) {
920 DEBUG ((DEBUG_ERROR, "%s\n", AbortReason));
921 FreePool(AbortReason);
922 }
923
924 //
925 // Clear mFmpProgress after SetImage() returns
926 //
927 mFmpProgress = NULL;
928
929 return Status;
930 }
931
932 /**
933 Start a UEFI image in the FMP payload.
934
935 @param[in] ImageBuffer A pointer to the memory location containing a copy of the image to be loaded..
936 @param[in] ImageSize The size in bytes of ImageBuffer.
937
938 @return The status of gBS->LoadImage and gBS->StartImage.
939 **/
940 EFI_STATUS
941 StartFmpImage (
942 IN VOID *ImageBuffer,
943 IN UINTN ImageSize
944 )
945 {
946 MEMMAP_DEVICE_PATH MemMapNode;
947 EFI_STATUS Status;
948 EFI_HANDLE ImageHandle;
949 EFI_DEVICE_PATH_PROTOCOL *DriverDevicePath;
950 UINTN ExitDataSize;
951
952 SetDevicePathNodeLength (&MemMapNode.Header, sizeof (MemMapNode));
953 MemMapNode.Header.Type = HARDWARE_DEVICE_PATH;
954 MemMapNode.Header.SubType = HW_MEMMAP_DP;
955 MemMapNode.MemoryType = EfiBootServicesCode;
956 MemMapNode.StartingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)ImageBuffer;
957 MemMapNode.EndingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)((UINT8 *)ImageBuffer + ImageSize - 1);
958
959 DriverDevicePath = AppendDevicePathNode (NULL, &MemMapNode.Header);
960 if (DriverDevicePath == NULL) {
961 return EFI_OUT_OF_RESOURCES;
962 }
963
964 DEBUG((DEBUG_INFO, "FmpCapsule: LoadImage ...\n"));
965 Status = gBS->LoadImage(
966 FALSE,
967 gImageHandle,
968 DriverDevicePath,
969 ImageBuffer,
970 ImageSize,
971 &ImageHandle
972 );
973 DEBUG((DEBUG_INFO, "FmpCapsule: LoadImage - %r\n", Status));
974 if (EFI_ERROR(Status)) {
975 FreePool(DriverDevicePath);
976 return Status;
977 }
978
979 DEBUG((DEBUG_INFO, "FmpCapsule: StartImage ...\n"));
980 Status = gBS->StartImage(
981 ImageHandle,
982 &ExitDataSize,
983 NULL
984 );
985 DEBUG((DEBUG_INFO, "FmpCapsule: StartImage - %r\n", Status));
986 if (EFI_ERROR(Status)) {
987 DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
988 }
989
990 FreePool(DriverDevicePath);
991 return Status;
992 }
993
994 /**
995 Record FMP capsule status.
996
997 @param[in] Handle A FMP handle.
998 @param[in] CapsuleHeader The capsule image header
999 @param[in] CapsuleStatus The capsule process stauts
1000 @param[in] PayloadIndex FMP payload index
1001 @param[in] ImageHeader FMP image header
1002 **/
1003 VOID
1004 RecordFmpCapsuleStatus (
1005 IN EFI_HANDLE Handle, OPTIONAL
1006 IN EFI_CAPSULE_HEADER *CapsuleHeader,
1007 IN EFI_STATUS CapsuleStatus,
1008 IN UINTN PayloadIndex,
1009 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
1010 )
1011 {
1012 EFI_STATUS Status;
1013 EFI_DEVICE_PATH_PROTOCOL *FmpDevicePath;
1014 UINT32 FmpImageInfoDescriptorVer;
1015 EFI_STATUS StatusEsrt;
1016 ESRT_MANAGEMENT_PROTOCOL *EsrtProtocol;
1017 EFI_SYSTEM_RESOURCE_ENTRY EsrtEntry;
1018
1019 FmpDevicePath = NULL;
1020 if (Handle != NULL) {
1021 gBS->HandleProtocol(
1022 Handle,
1023 &gEfiDevicePathProtocolGuid,
1024 (VOID **)&FmpDevicePath
1025 );
1026 }
1027
1028 RecordFmpCapsuleStatusVariable (
1029 CapsuleHeader,
1030 CapsuleStatus,
1031 PayloadIndex,
1032 ImageHeader,
1033 FmpDevicePath
1034 );
1035
1036 //
1037 // Update corresponding ESRT entry LastAttemp Status
1038 //
1039 Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtProtocol);
1040 if (EFI_ERROR (Status)) {
1041 return ;
1042 }
1043
1044 if (Handle == NULL) {
1045 return ;
1046 }
1047
1048 //
1049 // Update EsrtEntry For V1, V2 FMP instance.
1050 // V3 FMP ESRT cache will be synced up through EsrtSyncFmp interface
1051 //
1052 FmpImageInfoDescriptorVer = GetFmpImageInfoDescriptorVer (Handle);
1053 if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION) {
1054 StatusEsrt = EsrtProtocol->GetEsrtEntry(&ImageHeader->UpdateImageTypeId, &EsrtEntry);
1055 if (!EFI_ERROR(StatusEsrt)){
1056 if (!EFI_ERROR(CapsuleStatus)) {
1057 EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
1058 } else {
1059 EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
1060 }
1061 EsrtEntry.LastAttemptVersion = 0;
1062 EsrtProtocol->UpdateEsrtEntry(&EsrtEntry);
1063 }
1064 }
1065 }
1066
1067 /**
1068 Process Firmware management protocol data capsule.
1069
1070 This function assumes the caller validated the capsule by using
1071 ValidateFmpCapsule(), so that all fields in EFI_CAPSULE_HEADER,
1072 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and
1073 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are correct.
1074
1075 This function need support nested FMP capsule.
1076
1077 @param[in] CapsuleHeader Points to a capsule header.
1078
1079 @retval EFI_SUCESS Process Capsule Image successfully.
1080 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1081 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1082 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1083 @retval EFI_NOT_READY No FMP protocol to handle this FMP capsule.
1084 **/
1085 EFI_STATUS
1086 ProcessFmpCapsuleImage (
1087 IN EFI_CAPSULE_HEADER *CapsuleHeader
1088 )
1089 {
1090 EFI_STATUS Status;
1091 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *FmpCapsuleHeader;
1092 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
1093 UINT64 *ItemOffsetList;
1094 UINT32 ItemNum;
1095 UINTN Index;
1096 EFI_HANDLE *HandleBuffer;
1097 UINTN NumberOfHandles;
1098 UINTN DriverLen;
1099 UINT64 UpdateHardwareInstance;
1100 UINTN Index2;
1101 BOOLEAN NotReady;
1102 BOOLEAN Abort;
1103
1104 if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
1105 return ProcessFmpCapsuleImage ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize));
1106 }
1107
1108 NotReady = FALSE;
1109 Abort = FALSE;
1110
1111 DumpFmpCapsule(CapsuleHeader);
1112
1113 FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *) CapsuleHeader + CapsuleHeader->HeaderSize);
1114
1115 if (FmpCapsuleHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
1116 return EFI_INVALID_PARAMETER;
1117 }
1118 ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
1119
1120 ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
1121
1122 //
1123 // capsule in which driver count and payload count are both zero is not processed.
1124 //
1125 if (ItemNum == 0) {
1126 return EFI_SUCCESS;
1127 }
1128
1129 //
1130 // 1. Try to load & start all the drivers within capsule
1131 //
1132 for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
1133 if ((FmpCapsuleHeader->PayloadItemCount == 0) &&
1134 (Index == (UINTN)FmpCapsuleHeader->EmbeddedDriverCount - 1)) {
1135 //
1136 // When driver is last element in the ItemOffsetList array, the driver size is calculated by reference CapsuleImageSize in EFI_CAPSULE_HEADER
1137 //
1138 DriverLen = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize - (UINTN)ItemOffsetList[Index];
1139 } else {
1140 DriverLen = (UINTN)ItemOffsetList[Index + 1] - (UINTN)ItemOffsetList[Index];
1141 }
1142
1143 Status = StartFmpImage (
1144 (UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index],
1145 DriverLen
1146 );
1147 if (EFI_ERROR(Status)) {
1148 DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
1149 return Status;
1150 }
1151 }
1152
1153 //
1154 // 2. Route payload to right FMP instance
1155 //
1156 DEBUG((DEBUG_INFO, "FmpCapsule: route payload to right FMP instance ...\n"));
1157
1158 DumpAllFmpInfo ();
1159
1160 //
1161 // Check all the payload entry in capsule payload list
1162 //
1163 for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
1164 ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
1165
1166 UpdateHardwareInstance = 0;
1167 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
1168 UpdateHardwareInstance = ImageHeader->UpdateHardwareInstance;
1169 }
1170
1171 Status = GetFmpHandleBufferByType (
1172 &ImageHeader->UpdateImageTypeId,
1173 UpdateHardwareInstance,
1174 &NumberOfHandles,
1175 &HandleBuffer
1176 );
1177 if (EFI_ERROR(Status)) {
1178 NotReady = TRUE;
1179 RecordFmpCapsuleStatus (
1180 NULL,
1181 CapsuleHeader,
1182 EFI_NOT_READY,
1183 Index - FmpCapsuleHeader->EmbeddedDriverCount,
1184 ImageHeader
1185 );
1186 continue;
1187 }
1188
1189 for (Index2 = 0; Index2 < NumberOfHandles; Index2++) {
1190 if (Abort) {
1191 RecordFmpCapsuleStatus (
1192 HandleBuffer[Index2],
1193 CapsuleHeader,
1194 EFI_ABORTED,
1195 Index - FmpCapsuleHeader->EmbeddedDriverCount,
1196 ImageHeader
1197 );
1198 continue;
1199 }
1200
1201 Status = SetFmpImageData (
1202 HandleBuffer[Index2],
1203 ImageHeader,
1204 Index - FmpCapsuleHeader->EmbeddedDriverCount
1205 );
1206 if (Status != EFI_SUCCESS) {
1207 Abort = TRUE;
1208 }
1209
1210 RecordFmpCapsuleStatus (
1211 HandleBuffer[Index2],
1212 CapsuleHeader,
1213 Status,
1214 Index - FmpCapsuleHeader->EmbeddedDriverCount,
1215 ImageHeader
1216 );
1217 }
1218 if (HandleBuffer != NULL) {
1219 FreePool(HandleBuffer);
1220 }
1221 }
1222
1223 if (NotReady) {
1224 return EFI_NOT_READY;
1225 }
1226
1227 //
1228 // always return SUCCESS to indicate this capsule is processed.
1229 // The status of SetImage is recorded in capsule result variable.
1230 //
1231 return EFI_SUCCESS;
1232 }
1233
1234 /**
1235 Return if there is a FMP header below capsule header.
1236
1237 @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
1238
1239 @retval TRUE There is a FMP header below capsule header.
1240 @retval FALSE There is not a FMP header below capsule header
1241 **/
1242 BOOLEAN
1243 IsNestedFmpCapsule (
1244 IN EFI_CAPSULE_HEADER *CapsuleHeader
1245 )
1246 {
1247 EFI_STATUS Status;
1248 EFI_SYSTEM_RESOURCE_ENTRY *EsrtEntry;
1249 UINTN Index;
1250 BOOLEAN EsrtGuidFound;
1251 EFI_CAPSULE_HEADER *NestedCapsuleHeader;
1252 UINTN NestedCapsuleSize;
1253 ESRT_MANAGEMENT_PROTOCOL *EsrtProtocol;
1254 EFI_SYSTEM_RESOURCE_ENTRY Entry;
1255 EFI_HANDLE *HandleBuffer;
1256 UINTN NumberOfHandles;
1257
1258 EsrtGuidFound = FALSE;
1259 if (mIsVirtualAddrConverted) {
1260 if(mEsrtTable != NULL) {
1261 EsrtEntry = (EFI_SYSTEM_RESOURCE_ENTRY *)(mEsrtTable + 1);
1262 for (Index = 0; Index < mEsrtTable->FwResourceCount ; Index++, EsrtEntry++) {
1263 if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
1264 EsrtGuidFound = TRUE;
1265 break;
1266 }
1267 }
1268 }
1269 } else {
1270 //
1271 // Check ESRT protocol
1272 //
1273 Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtProtocol);
1274 if (!EFI_ERROR(Status)) {
1275 Status = EsrtProtocol->GetEsrtEntry(&CapsuleHeader->CapsuleGuid, &Entry);
1276 if (!EFI_ERROR(Status)) {
1277 EsrtGuidFound = TRUE;
1278 }
1279 }
1280
1281 //
1282 // Check Firmware Management Protocols
1283 //
1284 if (!EsrtGuidFound) {
1285 HandleBuffer = NULL;
1286 Status = GetFmpHandleBufferByType (
1287 &CapsuleHeader->CapsuleGuid,
1288 0,
1289 &NumberOfHandles,
1290 &HandleBuffer
1291 );
1292 if (!EFI_ERROR(Status)) {
1293 EsrtGuidFound = TRUE;
1294 }
1295 if (HandleBuffer != NULL) {
1296 FreePool (HandleBuffer);
1297 }
1298 }
1299 }
1300 if (!EsrtGuidFound) {
1301 return FALSE;
1302 }
1303
1304 //
1305 // Check nested capsule header
1306 // FMP GUID after ESRT one
1307 //
1308 NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
1309 NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->CapsuleImageSize - (UINTN)NestedCapsuleHeader;
1310 if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
1311 return FALSE;
1312 }
1313 if (!IsValidCapsuleHeader(NestedCapsuleHeader, NestedCapsuleSize)) {
1314 return FALSE;
1315 }
1316 if (!IsFmpCapsuleGuid(&NestedCapsuleHeader->CapsuleGuid)) {
1317 return FALSE;
1318 }
1319 DEBUG ((DEBUG_INFO, "IsNestedFmpCapsule\n"));
1320 return TRUE;
1321 }
1322
1323 /**
1324 Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
1325
1326 @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
1327
1328 @retval TRUE It is a system FMP.
1329 @retval FALSE It is a device FMP.
1330 **/
1331 BOOLEAN
1332 IsFmpCapsule (
1333 IN EFI_CAPSULE_HEADER *CapsuleHeader
1334 )
1335 {
1336 if (IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
1337 return TRUE;
1338 }
1339 if (IsNestedFmpCapsule(CapsuleHeader)) {
1340 return TRUE;
1341 }
1342 return FALSE;
1343 }
1344
1345 /**
1346 Those capsules supported by the firmwares.
1347
1348 Caution: This function may receive untrusted input.
1349
1350 @param[in] CapsuleHeader Points to a capsule header.
1351
1352 @retval EFI_SUCESS Input capsule is supported by firmware.
1353 @retval EFI_UNSUPPORTED Input capsule is not supported by the firmware.
1354 @retval EFI_INVALID_PARAMETER Input capsule layout is not correct
1355 **/
1356 EFI_STATUS
1357 EFIAPI
1358 SupportCapsuleImage (
1359 IN EFI_CAPSULE_HEADER *CapsuleHeader
1360 )
1361 {
1362 //
1363 // check Display Capsule Guid
1364 //
1365 if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
1366 return EFI_SUCCESS;
1367 }
1368
1369 if (IsFmpCapsule(CapsuleHeader)) {
1370 //
1371 // Check layout of FMP capsule
1372 //
1373 return ValidateFmpCapsule(CapsuleHeader, NULL);
1374 }
1375 DEBUG((DEBUG_ERROR, "Unknown Capsule Guid - %g\n", &CapsuleHeader->CapsuleGuid));
1376 return EFI_UNSUPPORTED;
1377 }
1378
1379 /**
1380 The firmware implements to process the capsule image.
1381
1382 Caution: This function may receive untrusted input.
1383
1384 @param[in] CapsuleHeader Points to a capsule header.
1385
1386 @retval EFI_SUCESS Process Capsule Image successfully.
1387 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1388 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1389 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1390 **/
1391 EFI_STATUS
1392 EFIAPI
1393 ProcessCapsuleImage (
1394 IN EFI_CAPSULE_HEADER *CapsuleHeader
1395 )
1396 {
1397 EFI_STATUS Status;
1398
1399 if (SupportCapsuleImage (CapsuleHeader) != EFI_SUCCESS) {
1400 RecordCapsuleStatusVariable(CapsuleHeader, EFI_UNSUPPORTED);
1401 return EFI_UNSUPPORTED;
1402 }
1403
1404 //
1405 // Display image in firmware update display capsule
1406 //
1407 if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
1408 DEBUG((DEBUG_INFO, "ProcessCapsuleImage for WindowsUxCapsule ...\n"));
1409 Status = DisplayCapsuleImage(CapsuleHeader);
1410 RecordCapsuleStatusVariable(CapsuleHeader, Status);
1411 return Status;
1412 }
1413
1414 //
1415 // Check FMP capsule layout
1416 //
1417 if (IsFmpCapsule (CapsuleHeader)) {
1418 DEBUG((DEBUG_INFO, "ProcessCapsuleImage for FmpCapsule ...\n"));
1419 DEBUG((DEBUG_INFO, "ValidateFmpCapsule ...\n"));
1420 Status = ValidateFmpCapsule(CapsuleHeader, NULL);
1421 DEBUG((DEBUG_INFO, "ValidateFmpCapsule - %r\n", Status));
1422 if (EFI_ERROR(Status)) {
1423 RecordCapsuleStatusVariable(CapsuleHeader, Status);
1424 return Status;
1425 }
1426
1427 //
1428 // Press EFI FMP Capsule
1429 //
1430 DEBUG((DEBUG_INFO, "ProcessFmpCapsuleImage ...\n"));
1431 Status = ProcessFmpCapsuleImage(CapsuleHeader);
1432 DEBUG((DEBUG_INFO, "ProcessFmpCapsuleImage - %r\n", Status));
1433
1434 return Status;
1435 }
1436
1437 return EFI_UNSUPPORTED;
1438 }
1439
1440 /**
1441 Callback function executed when the EndOfDxe event group is signaled.
1442
1443 @param[in] Event Event whose notification function is being invoked.
1444 @param[in] Context The pointer to the notification function's context, which
1445 is implementation-dependent.
1446 **/
1447 VOID
1448 EFIAPI
1449 DxeCapsuleLibEndOfDxe (
1450 IN EFI_EVENT Event,
1451 IN VOID *Context
1452 )
1453 {
1454 mDxeCapsuleLibEndOfDxe = TRUE;
1455 }
1456
1457 /**
1458 The constructor function.
1459
1460 @param[in] ImageHandle The firmware allocated handle for the EFI image.
1461 @param[in] SystemTable A pointer to the EFI System Table.
1462
1463 @retval EFI_SUCCESS The constructor successfully .
1464 **/
1465 EFI_STATUS
1466 EFIAPI
1467 DxeCapsuleLibConstructor (
1468 IN EFI_HANDLE ImageHandle,
1469 IN EFI_SYSTEM_TABLE *SystemTable
1470 )
1471 {
1472 EFI_STATUS Status;
1473
1474 Status = gBS->CreateEventEx (
1475 EVT_NOTIFY_SIGNAL,
1476 TPL_CALLBACK,
1477 DxeCapsuleLibEndOfDxe,
1478 NULL,
1479 &gEfiEndOfDxeEventGroupGuid,
1480 &mDxeCapsuleLibEndOfDxeEvent
1481 );
1482 ASSERT_EFI_ERROR (Status);
1483
1484 InitCapsuleVariable();
1485
1486 return EFI_SUCCESS;
1487 }
1488
1489 /**
1490 The destructor function closes the End of DXE event.
1491
1492 @param ImageHandle The firmware allocated handle for the EFI image.
1493 @param SystemTable A pointer to the EFI System Table.
1494
1495 @retval EFI_SUCCESS The destructor completed successfully.
1496 **/
1497 EFI_STATUS
1498 EFIAPI
1499 DxeCapsuleLibDestructor (
1500 IN EFI_HANDLE ImageHandle,
1501 IN EFI_SYSTEM_TABLE *SystemTable
1502 )
1503 {
1504 EFI_STATUS Status;
1505
1506 //
1507 // Close the End of DXE event.
1508 //
1509 Status = gBS->CloseEvent (mDxeCapsuleLibEndOfDxeEvent);
1510 ASSERT_EFI_ERROR (Status);
1511
1512 return EFI_SUCCESS;
1513 }
EFI Development Kit II mirror for PVE