]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
MdeModulePkg DxeCapsuleLib: Use Attr to know whether reset is required
[mirror_edk2.git] / MdeModulePkg / Library / DxeCapsuleLibFmp / DxeCapsuleLib.c
1 /** @file
2 DXE capsule library.
3
4 Caution: This module requires additional review when modified.
5 This module will have external input - capsule image.
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
8
9 SupportCapsuleImage(), ProcessCapsuleImage(), IsValidCapsuleHeader(),
10 ValidateFmpCapsule(), and DisplayCapsuleImage() receives untrusted input and
11 performs basic validation.
12
13 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
14 This program and the accompanying materials
15 are licensed and made available under the terms and conditions of the BSD License
16 which accompanies this distribution. The full text of the license may be found at
17 http://opensource.org/licenses/bsd-license.php
18
19 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
20 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
21
22 **/
23
24 #include <PiDxe.h>
25
26 #include <IndustryStandard/WindowsUxCapsule.h>
27
28 #include <Guid/FmpCapsule.h>
29 #include <Guid/SystemResourceTable.h>
30 #include <Guid/EventGroup.h>
31
32 #include <Library/BaseLib.h>
33 #include <Library/DebugLib.h>
34 #include <Library/BaseMemoryLib.h>
35 #include <Library/DxeServicesTableLib.h>
36 #include <Library/UefiBootServicesTableLib.h>
37 #include <Library/UefiRuntimeServicesTableLib.h>
38 #include <Library/MemoryAllocationLib.h>
39 #include <Library/CapsuleLib.h>
40 #include <Library/DevicePathLib.h>
41 #include <Library/UefiLib.h>
42 #include <Library/PcdLib.h>
43 #include <Library/BmpSupportLib.h>
44
45 #include <Protocol/GraphicsOutput.h>
46 #include <Protocol/EsrtManagement.h>
47 #include <Protocol/FirmwareManagement.h>
48 #include <Protocol/FirmwareManagementProgress.h>
49 #include <Protocol/DevicePath.h>
50
51 EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable = NULL;
52 BOOLEAN mIsVirtualAddrConverted = FALSE;
53
54 BOOLEAN mDxeCapsuleLibEndOfDxe = FALSE;
55 EFI_EVENT mDxeCapsuleLibEndOfDxeEvent = NULL;
56
57 EDKII_FIRMWARE_MANAGEMENT_PROGRESS_PROTOCOL *mFmpProgress = NULL;
58
59 /**
60 Initialize capsule related variables.
61 **/
62 VOID
63 InitCapsuleVariable (
64 VOID
65 );
66
67 /**
68 Record capsule status variable.
69
70 @param[in] CapsuleHeader The capsule image header
71 @param[in] CapsuleStatus The capsule process stauts
72
73 @retval EFI_SUCCESS The capsule status variable is recorded.
74 @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
75 **/
76 EFI_STATUS
77 RecordCapsuleStatusVariable (
78 IN EFI_CAPSULE_HEADER *CapsuleHeader,
79 IN EFI_STATUS CapsuleStatus
80 );
81
82 /**
83 Record FMP capsule status variable.
84
85 @param[in] CapsuleHeader The capsule image header
86 @param[in] CapsuleStatus The capsule process stauts
87 @param[in] PayloadIndex FMP payload index
88 @param[in] ImageHeader FMP image header
89 @param[in] FmpDevicePath DevicePath associated with the FMP producer
90
91 @retval EFI_SUCCESS The capsule status variable is recorded.
92 @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
93 **/
94 EFI_STATUS
95 RecordFmpCapsuleStatusVariable (
96 IN EFI_CAPSULE_HEADER *CapsuleHeader,
97 IN EFI_STATUS CapsuleStatus,
98 IN UINTN PayloadIndex,
99 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader,
100 IN EFI_DEVICE_PATH_PROTOCOL *FmpDevicePath OPTIONAL
101 );
102
103 /**
104 Function indicate the current completion progress of the firmware
105 update. Platform may override with own specific progress function.
106
107 @param[in] Completion A value between 1 and 100 indicating the current
108 completion progress of the firmware update
109
110 @retval EFI_SUCESS The capsule update progress was updated.
111 @retval EFI_INVALID_PARAMETER Completion is greater than 100%.
112 **/
113 EFI_STATUS
114 EFIAPI
115 UpdateImageProgress (
116 IN UINTN Completion
117 );
118
119 /**
120 Return if this CapsuleGuid is a FMP capsule GUID or not.
121
122 @param[in] CapsuleGuid A pointer to EFI_GUID
123
124 @retval TRUE It is a FMP capsule GUID.
125 @retval FALSE It is not a FMP capsule GUID.
126 **/
127 BOOLEAN
128 IsFmpCapsuleGuid (
129 IN EFI_GUID *CapsuleGuid
130 )
131 {
132 if (CompareGuid(&gEfiFmpCapsuleGuid, CapsuleGuid)) {
133 return TRUE;
134 }
135
136 return FALSE;
137 }
138
139 /**
140 Validate if it is valid capsule header
141
142 Caution: This function may receive untrusted input.
143
144 This function assumes the caller provided correct CapsuleHeader pointer
145 and CapsuleSize.
146
147 This function validates the fields in EFI_CAPSULE_HEADER.
148
149 @param[in] CapsuleHeader Points to a capsule header.
150 @param[in] CapsuleSize Size of the whole capsule image.
151
152 **/
153 BOOLEAN
154 IsValidCapsuleHeader (
155 IN EFI_CAPSULE_HEADER *CapsuleHeader,
156 IN UINT64 CapsuleSize
157 )
158 {
159 if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
160 return FALSE;
161 }
162 if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
163 return FALSE;
164 }
165 return TRUE;
166 }
167
168 /**
169 Validate Fmp capsules layout.
170
171 Caution: This function may receive untrusted input.
172
173 This function assumes the caller validated the capsule by using
174 IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
175 The capsule buffer size is CapsuleHeader->CapsuleImageSize.
176
177 This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
178 and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
179
180 This function need support nested FMP capsule.
181
182 @param[in] CapsuleHeader Points to a capsule header.
183 @param[out] EmbeddedDriverCount The EmbeddedDriverCount in the FMP capsule.
184
185 @retval EFI_SUCESS Input capsule is a correct FMP capsule.
186 @retval EFI_INVALID_PARAMETER Input capsule is not a correct FMP capsule.
187 **/
188 EFI_STATUS
189 ValidateFmpCapsule (
190 IN EFI_CAPSULE_HEADER *CapsuleHeader,
191 OUT UINT16 *EmbeddedDriverCount OPTIONAL
192 )
193 {
194 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *FmpCapsuleHeader;
195 UINT8 *EndOfCapsule;
196 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
197 UINT8 *EndOfPayload;
198 UINT64 *ItemOffsetList;
199 UINT32 ItemNum;
200 UINTN Index;
201 UINTN FmpCapsuleSize;
202 UINTN FmpCapsuleHeaderSize;
203 UINT64 FmpImageSize;
204 UINTN FmpImageHeaderSize;
205
206 if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
207 return ValidateFmpCapsule ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize), EmbeddedDriverCount);
208 }
209
210 if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
211 DEBUG((DEBUG_ERROR, "HeaderSize(0x%x) >= CapsuleImageSize(0x%x)\n", CapsuleHeader->HeaderSize, CapsuleHeader->CapsuleImageSize));
212 return EFI_INVALID_PARAMETER;
213 }
214
215 FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *) CapsuleHeader + CapsuleHeader->HeaderSize);
216 EndOfCapsule = (UINT8 *) CapsuleHeader + CapsuleHeader->CapsuleImageSize;
217 FmpCapsuleSize = (UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader;
218
219 if (FmpCapsuleSize < sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER)) {
220 DEBUG((DEBUG_ERROR, "FmpCapsuleSize(0x%x) < EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER\n", FmpCapsuleSize));
221 return EFI_INVALID_PARAMETER;
222 }
223
224 // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
225 if (FmpCapsuleHeader->Version != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
226 DEBUG((DEBUG_ERROR, "FmpCapsuleHeader->Version(0x%x) != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION\n", FmpCapsuleHeader->Version));
227 return EFI_INVALID_PARAMETER;
228 }
229 ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
230
231 // No overflow
232 ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
233
234 if ((FmpCapsuleSize - sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER))/sizeof(UINT64) < ItemNum) {
235 DEBUG((DEBUG_ERROR, "ItemNum(0x%x) too big\n", ItemNum));
236 return EFI_INVALID_PARAMETER;
237 }
238 FmpCapsuleHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER) + sizeof(UINT64)*ItemNum;
239
240 // Check ItemOffsetList
241 for (Index = 0; Index < ItemNum; Index++) {
242 if (ItemOffsetList[Index] >= FmpCapsuleSize) {
243 DEBUG((DEBUG_ERROR, "ItemOffsetList[%d](0x%lx) >= FmpCapsuleSize(0x%x)\n", Index, ItemOffsetList[Index], FmpCapsuleSize));
244 return EFI_INVALID_PARAMETER;
245 }
246 if (ItemOffsetList[Index] < FmpCapsuleHeaderSize) {
247 DEBUG((DEBUG_ERROR, "ItemOffsetList[%d](0x%lx) < FmpCapsuleHeaderSize(0x%x)\n", Index, ItemOffsetList[Index], FmpCapsuleHeaderSize));
248 return EFI_INVALID_PARAMETER;
249 }
250 //
251 // All the address in ItemOffsetList must be stored in ascending order
252 //
253 if (Index > 0) {
254 if (ItemOffsetList[Index] <= ItemOffsetList[Index - 1]) {
255 DEBUG((DEBUG_ERROR, "ItemOffsetList[%d](0x%lx) < ItemOffsetList[%d](0x%x)\n", Index, ItemOffsetList[Index], Index - 1, ItemOffsetList[Index - 1]));
256 return EFI_INVALID_PARAMETER;
257 }
258 }
259 }
260
261 // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
262 for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
263 ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
264 if (Index == ItemNum - 1) {
265 EndOfPayload = (UINT8 *)((UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader);
266 } else {
267 EndOfPayload = (UINT8 *)(UINTN)ItemOffsetList[Index+1];
268 }
269 FmpImageSize = (UINTN)EndOfPayload - ItemOffsetList[Index];
270
271 FmpImageHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER);
272 if ((ImageHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) ||
273 (ImageHeader->Version < 1)) {
274 DEBUG((DEBUG_ERROR, "ImageHeader->Version(0x%x) Unknown\n", ImageHeader->Version));
275 return EFI_INVALID_PARAMETER;
276 }
277 if (ImageHeader->Version < EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
278 FmpImageHeaderSize = OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
279 }
280 if (FmpImageSize < FmpImageHeaderSize) {
281 DEBUG((DEBUG_ERROR, "FmpImageSize(0x%lx) < FmpImageHeaderSize(0x%x)\n", FmpImageSize, FmpImageHeaderSize));
282 return EFI_INVALID_PARAMETER;
283 }
284
285 // No overflow
286 if (FmpImageSize != (UINT64)FmpImageHeaderSize + (UINT64)ImageHeader->UpdateImageSize + (UINT64)ImageHeader->UpdateVendorCodeSize) {
287 DEBUG((DEBUG_ERROR, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0x%x) UpdateVendorCodeSize(0x%x)\n", FmpImageSize, ImageHeader->UpdateImageSize, ImageHeader->UpdateVendorCodeSize));
288 return EFI_INVALID_PARAMETER;
289 }
290 }
291
292 if (ItemNum == 0) {
293 //
294 // No driver & payload element in FMP
295 //
296 EndOfPayload = (UINT8 *)(FmpCapsuleHeader + 1);
297 if (EndOfPayload != EndOfCapsule) {
298 DEBUG((DEBUG_ERROR, "EndOfPayload(0x%x) mismatch, EndOfCapsule(0x%x)\n", EndOfPayload, EndOfCapsule));
299 return EFI_INVALID_PARAMETER;
300 }
301 return EFI_UNSUPPORTED;
302 }
303
304 if (EmbeddedDriverCount != NULL) {
305 *EmbeddedDriverCount = FmpCapsuleHeader->EmbeddedDriverCount;
306 }
307
308 return EFI_SUCCESS;
309 }
310
311 /**
312 Those capsules supported by the firmwares.
313
314 Caution: This function may receive untrusted input.
315
316 @param[in] CapsuleHeader Points to a capsule header.
317
318 @retval EFI_SUCESS Input capsule is supported by firmware.
319 @retval EFI_UNSUPPORTED Input capsule is not supported by the firmware.
320 **/
321 EFI_STATUS
322 DisplayCapsuleImage (
323 IN EFI_CAPSULE_HEADER *CapsuleHeader
324 )
325 {
326 DISPLAY_DISPLAY_PAYLOAD *ImagePayload;
327 UINTN PayloadSize;
328 EFI_STATUS Status;
329 EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
330 UINTN BltSize;
331 UINTN Height;
332 UINTN Width;
333 EFI_GRAPHICS_OUTPUT_PROTOCOL *GraphicsOutput;
334
335 //
336 // UX capsule doesn't have extended header entries.
337 //
338 if (CapsuleHeader->HeaderSize != sizeof (EFI_CAPSULE_HEADER)) {
339 return EFI_UNSUPPORTED;
340 }
341 ImagePayload = (DISPLAY_DISPLAY_PAYLOAD *)((UINTN) CapsuleHeader + CapsuleHeader->HeaderSize);
342 //
343 // (CapsuleImageSize > HeaderSize) is guaranteed by IsValidCapsuleHeader().
344 //
345 PayloadSize = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize;
346
347 //
348 // Make sure the image payload at least contain the DISPLAY_DISPLAY_PAYLOAD header.
349 // Further size check is performed by the logic translating BMP to GOP BLT.
350 //
351 if (PayloadSize <= sizeof (DISPLAY_DISPLAY_PAYLOAD)) {
352 return EFI_INVALID_PARAMETER;
353 }
354
355 if (ImagePayload->Version != 1) {
356 return EFI_UNSUPPORTED;
357 }
358 if (CalculateCheckSum8((UINT8 *)CapsuleHeader, CapsuleHeader->CapsuleImageSize) != 0) {
359 return EFI_UNSUPPORTED;
360 }
361 //
362 // Only Support Bitmap by now
363 //
364 if (ImagePayload->ImageType != 0) {
365 return EFI_UNSUPPORTED;
366 }
367
368 //
369 // Try to open GOP
370 //
371 Status = gBS->HandleProtocol (gST->ConsoleOutHandle, &gEfiGraphicsOutputProtocolGuid, (VOID **)&GraphicsOutput);
372 if (EFI_ERROR (Status)) {
373 Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&GraphicsOutput);
374 if (EFI_ERROR(Status)) {
375 return EFI_UNSUPPORTED;
376 }
377 }
378
379 if (GraphicsOutput->Mode->Mode != ImagePayload->Mode) {
380 return EFI_UNSUPPORTED;
381 }
382
383 Blt = NULL;
384 Width = 0;
385 Height = 0;
386 Status = TranslateBmpToGopBlt (
387 ImagePayload + 1,
388 PayloadSize - sizeof(DISPLAY_DISPLAY_PAYLOAD),
389 &Blt,
390 &BltSize,
391 &Height,
392 &Width
393 );
394
395 if (EFI_ERROR (Status)) {
396 return Status;
397 }
398
399 Status = GraphicsOutput->Blt (
400 GraphicsOutput,
401 Blt,
402 EfiBltBufferToVideo,
403 0,
404 0,
405 (UINTN) ImagePayload->OffsetX,
406 (UINTN) ImagePayload->OffsetY,
407 Width,
408 Height,
409 Width * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)
410 );
411
412 FreePool(Blt);
413
414 return Status;
415 }
416
417 /**
418 Dump FMP information.
419
420 @param[in] ImageInfoSize The size of ImageInfo, in bytes.
421 @param[in] ImageInfo A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
422 @param[in] DescriptorVersion The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
423 @param[in] DescriptorCount The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
424 @param[in] DescriptorSize The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR, in bytes.
425 @param[in] PackageVersion The version of package.
426 @param[in] PackageVersionName The version name of package.
427 **/
428 VOID
429 DumpFmpImageInfo (
430 IN UINTN ImageInfoSize,
431 IN EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo,
432 IN UINT32 DescriptorVersion,
433 IN UINT8 DescriptorCount,
434 IN UINTN DescriptorSize,
435 IN UINT32 PackageVersion,
436 IN CHAR16 *PackageVersionName
437 )
438 {
439 EFI_FIRMWARE_IMAGE_DESCRIPTOR *CurrentImageInfo;
440 UINTN Index;
441
442 DEBUG((DEBUG_VERBOSE, " DescriptorVersion - 0x%x\n", DescriptorVersion));
443 DEBUG((DEBUG_VERBOSE, " DescriptorCount - 0x%x\n", DescriptorCount));
444 DEBUG((DEBUG_VERBOSE, " DescriptorSize - 0x%x\n", DescriptorSize));
445 DEBUG((DEBUG_VERBOSE, " PackageVersion - 0x%x\n", PackageVersion));
446 DEBUG((DEBUG_VERBOSE, " PackageVersionName - %s\n\n", PackageVersionName));
447 CurrentImageInfo = ImageInfo;
448 for (Index = 0; Index < DescriptorCount; Index++) {
449 DEBUG((DEBUG_VERBOSE, " ImageDescriptor (%d)\n", Index));
450 DEBUG((DEBUG_VERBOSE, " ImageIndex - 0x%x\n", CurrentImageInfo->ImageIndex));
451 DEBUG((DEBUG_VERBOSE, " ImageTypeId - %g\n", &CurrentImageInfo->ImageTypeId));
452 DEBUG((DEBUG_VERBOSE, " ImageId - 0x%lx\n", CurrentImageInfo->ImageId));
453 DEBUG((DEBUG_VERBOSE, " ImageIdName - %s\n", CurrentImageInfo->ImageIdName));
454 DEBUG((DEBUG_VERBOSE, " Version - 0x%x\n", CurrentImageInfo->Version));
455 DEBUG((DEBUG_VERBOSE, " VersionName - %s\n", CurrentImageInfo->VersionName));
456 DEBUG((DEBUG_VERBOSE, " Size - 0x%x\n", CurrentImageInfo->Size));
457 DEBUG((DEBUG_VERBOSE, " AttributesSupported - 0x%lx\n", CurrentImageInfo->AttributesSupported));
458 DEBUG((DEBUG_VERBOSE, " AttributesSetting - 0x%lx\n", CurrentImageInfo->AttributesSetting));
459 DEBUG((DEBUG_VERBOSE, " Compatibilities - 0x%lx\n", CurrentImageInfo->Compatibilities));
460 if (DescriptorVersion > 1) {
461 DEBUG((DEBUG_VERBOSE, " LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo->LowestSupportedImageVersion));
462 if (DescriptorVersion > 2) {
463 DEBUG((DEBUG_VERBOSE, " LastAttemptVersion - 0x%x\n", CurrentImageInfo->LastAttemptVersion));
464 DEBUG((DEBUG_VERBOSE, " LastAttemptStatus - 0x%x\n", CurrentImageInfo->LastAttemptStatus));
465 DEBUG((DEBUG_VERBOSE, " HardwareInstance - 0x%lx\n", CurrentImageInfo->HardwareInstance));
466 }
467 }
468 //
469 // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different ImageInfo version
470 //
471 CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo + DescriptorSize);
472 }
473 }
474
475 /**
476 Dump a non-nested FMP capsule.
477
478 @param[in] CapsuleHeader A pointer to CapsuleHeader
479 **/
480 VOID
481 DumpFmpCapsule (
482 IN EFI_CAPSULE_HEADER *CapsuleHeader
483 )
484 {
485 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *FmpCapsuleHeader;
486 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
487 UINTN Index;
488 UINT64 *ItemOffsetList;
489
490 FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
491
492 DEBUG((DEBUG_VERBOSE, "FmpCapsule:\n"));
493 DEBUG((DEBUG_VERBOSE, " Version - 0x%x\n", FmpCapsuleHeader->Version));
494 DEBUG((DEBUG_VERBOSE, " EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount));
495 DEBUG((DEBUG_VERBOSE, " PayloadItemCount - 0x%x\n", FmpCapsuleHeader->PayloadItemCount));
496
497 ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
498 for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
499 DEBUG((DEBUG_VERBOSE, " ItemOffsetList[%d] - 0x%lx\n", Index, ItemOffsetList[Index]));
500 }
501 for (; Index < (UINT32)FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount; Index++) {
502 DEBUG((DEBUG_VERBOSE, " ItemOffsetList[%d] - 0x%lx\n", Index, ItemOffsetList[Index]));
503 ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
504
505 DEBUG((DEBUG_VERBOSE, " ImageHeader:\n"));
506 DEBUG((DEBUG_VERBOSE, " Version - 0x%x\n", ImageHeader->Version));
507 DEBUG((DEBUG_VERBOSE, " UpdateImageTypeId - %g\n", &ImageHeader->UpdateImageTypeId));
508 DEBUG((DEBUG_VERBOSE, " UpdateImageIndex - 0x%x\n", ImageHeader->UpdateImageIndex));
509 DEBUG((DEBUG_VERBOSE, " UpdateImageSize - 0x%x\n", ImageHeader->UpdateImageSize));
510 DEBUG((DEBUG_VERBOSE, " UpdateVendorCodeSize - 0x%x\n", ImageHeader->UpdateVendorCodeSize));
511 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
512 DEBUG((DEBUG_VERBOSE, " UpdateHardwareInstance - 0x%lx\n", ImageHeader->UpdateHardwareInstance));
513 }
514 }
515 }
516
517 /**
518 Dump all FMP information.
519 **/
520 VOID
521 DumpAllFmpInfo (
522 VOID
523 )
524 {
525 EFI_STATUS Status;
526 EFI_HANDLE *HandleBuffer;
527 UINTN NumberOfHandles;
528 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
529 UINTN Index;
530 UINTN ImageInfoSize;
531 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
532 UINT32 FmpImageInfoDescriptorVer;
533 UINT8 FmpImageInfoCount;
534 UINTN DescriptorSize;
535 UINT32 PackageVersion;
536 CHAR16 *PackageVersionName;
537
538 Status = gBS->LocateHandleBuffer (
539 ByProtocol,
540 &gEfiFirmwareManagementProtocolGuid,
541 NULL,
542 &NumberOfHandles,
543 &HandleBuffer
544 );
545 if (EFI_ERROR(Status)) {
546 return ;
547 }
548
549 for (Index = 0; Index < NumberOfHandles; Index++) {
550 Status = gBS->HandleProtocol(
551 HandleBuffer[Index],
552 &gEfiFirmwareManagementProtocolGuid,
553 (VOID **)&Fmp
554 );
555 if (EFI_ERROR(Status)) {
556 continue;
557 }
558
559 ImageInfoSize = 0;
560 Status = Fmp->GetImageInfo (
561 Fmp,
562 &ImageInfoSize,
563 NULL,
564 NULL,
565 NULL,
566 NULL,
567 NULL,
568 NULL
569 );
570 if (Status != EFI_BUFFER_TOO_SMALL) {
571 continue;
572 }
573
574 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
575 if (FmpImageInfoBuf == NULL) {
576 continue;
577 }
578
579 PackageVersionName = NULL;
580 Status = Fmp->GetImageInfo (
581 Fmp,
582 &ImageInfoSize, // ImageInfoSize
583 FmpImageInfoBuf, // ImageInfo
584 &FmpImageInfoDescriptorVer, // DescriptorVersion
585 &FmpImageInfoCount, // DescriptorCount
586 &DescriptorSize, // DescriptorSize
587 &PackageVersion, // PackageVersion
588 &PackageVersionName // PackageVersionName
589 );
590 if (EFI_ERROR(Status)) {
591 FreePool(FmpImageInfoBuf);
592 continue;
593 }
594
595 DEBUG((DEBUG_INFO, "FMP (%d) ImageInfo:\n", Index));
596 DumpFmpImageInfo(
597 ImageInfoSize, // ImageInfoSize
598 FmpImageInfoBuf, // ImageInfo
599 FmpImageInfoDescriptorVer, // DescriptorVersion
600 FmpImageInfoCount, // DescriptorCount
601 DescriptorSize, // DescriptorSize
602 PackageVersion, // PackageVersion
603 PackageVersionName // PackageVersionName
604 );
605
606 if (PackageVersionName != NULL) {
607 FreePool(PackageVersionName);
608 }
609
610 FreePool(FmpImageInfoBuf);
611 }
612
613 return ;
614 }
615
616 /**
617 Get FMP handle by ImageTypeId and HardwareInstance.
618
619 @param[in] UpdateImageTypeId Used to identify device firmware targeted by this update.
620 @param[in] UpdateHardwareInstance The HardwareInstance to target with this update.
621 @param[out] NoHandles The number of handles returned in HandleBuf.
622 @param[out] HandleBuf A pointer to the buffer to return the requested array of handles.
623 @param[out] ResetRequiredBuf A pointer to the buffer to return reset required flag for
624 the requested array of handles.
625
626 @retval EFI_SUCCESS The array of handles and their reset required flag were returned in
627 HandleBuf and ResetRequiredBuf, and the number of handles in HandleBuf
628 was returned in NoHandles.
629 @retval EFI_NOT_FOUND No handles match the search.
630 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.
631 **/
632 EFI_STATUS
633 GetFmpHandleBufferByType (
634 IN EFI_GUID *UpdateImageTypeId,
635 IN UINT64 UpdateHardwareInstance,
636 OUT UINTN *NoHandles, OPTIONAL
637 OUT EFI_HANDLE **HandleBuf, OPTIONAL
638 OUT BOOLEAN **ResetRequiredBuf OPTIONAL
639 )
640 {
641 EFI_STATUS Status;
642 EFI_HANDLE *HandleBuffer;
643 UINTN NumberOfHandles;
644 EFI_HANDLE *MatchedHandleBuffer;
645 BOOLEAN *MatchedResetRequiredBuffer;
646 UINTN MatchedNumberOfHandles;
647 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
648 UINTN Index;
649 UINTN ImageInfoSize;
650 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
651 UINT32 FmpImageInfoDescriptorVer;
652 UINT8 FmpImageInfoCount;
653 UINTN DescriptorSize;
654 UINT32 PackageVersion;
655 CHAR16 *PackageVersionName;
656 UINTN Index2;
657 EFI_FIRMWARE_IMAGE_DESCRIPTOR *TempFmpImageInfo;
658
659 if (NoHandles != NULL) {
660 *NoHandles = 0;
661 }
662 if (HandleBuf != NULL) {
663 *HandleBuf = NULL;
664 }
665 if (ResetRequiredBuf != NULL) {
666 *ResetRequiredBuf = NULL;
667 }
668
669 Status = gBS->LocateHandleBuffer (
670 ByProtocol,
671 &gEfiFirmwareManagementProtocolGuid,
672 NULL,
673 &NumberOfHandles,
674 &HandleBuffer
675 );
676 if (EFI_ERROR(Status)) {
677 return Status;
678 }
679
680 MatchedNumberOfHandles = 0;
681
682 MatchedHandleBuffer = NULL;
683 if (HandleBuf != NULL) {
684 MatchedHandleBuffer = AllocateZeroPool (sizeof(EFI_HANDLE) * NumberOfHandles);
685 if (MatchedHandleBuffer == NULL) {
686 FreePool (HandleBuffer);
687 return EFI_OUT_OF_RESOURCES;
688 }
689 }
690
691 MatchedResetRequiredBuffer = NULL;
692 if (ResetRequiredBuf != NULL) {
693 MatchedResetRequiredBuffer = AllocateZeroPool (sizeof(BOOLEAN) * NumberOfHandles);
694 if (MatchedResetRequiredBuffer == NULL) {
695 if (MatchedHandleBuffer != NULL) {
696 FreePool (MatchedHandleBuffer);
697 }
698 FreePool (HandleBuffer);
699 return EFI_OUT_OF_RESOURCES;
700 }
701 }
702
703 for (Index = 0; Index < NumberOfHandles; Index++) {
704 Status = gBS->HandleProtocol(
705 HandleBuffer[Index],
706 &gEfiFirmwareManagementProtocolGuid,
707 (VOID **)&Fmp
708 );
709 if (EFI_ERROR(Status)) {
710 continue;
711 }
712
713 ImageInfoSize = 0;
714 Status = Fmp->GetImageInfo (
715 Fmp,
716 &ImageInfoSize,
717 NULL,
718 NULL,
719 NULL,
720 NULL,
721 NULL,
722 NULL
723 );
724 if (Status != EFI_BUFFER_TOO_SMALL) {
725 continue;
726 }
727
728 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
729 if (FmpImageInfoBuf == NULL) {
730 continue;
731 }
732
733 PackageVersionName = NULL;
734 Status = Fmp->GetImageInfo (
735 Fmp,
736 &ImageInfoSize, // ImageInfoSize
737 FmpImageInfoBuf, // ImageInfo
738 &FmpImageInfoDescriptorVer, // DescriptorVersion
739 &FmpImageInfoCount, // DescriptorCount
740 &DescriptorSize, // DescriptorSize
741 &PackageVersion, // PackageVersion
742 &PackageVersionName // PackageVersionName
743 );
744 if (EFI_ERROR(Status)) {
745 FreePool(FmpImageInfoBuf);
746 continue;
747 }
748
749 if (PackageVersionName != NULL) {
750 FreePool(PackageVersionName);
751 }
752
753 TempFmpImageInfo = FmpImageInfoBuf;
754 for (Index2 = 0; Index2 < FmpImageInfoCount; Index2++) {
755 //
756 // Check if this FMP instance matches
757 //
758 if (CompareGuid(UpdateImageTypeId, &TempFmpImageInfo->ImageTypeId)) {
759 if ((UpdateHardwareInstance == 0) ||
760 ((FmpImageInfoDescriptorVer >= EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION) &&
761 (UpdateHardwareInstance == TempFmpImageInfo->HardwareInstance))) {
762 if (MatchedHandleBuffer != NULL) {
763 MatchedHandleBuffer[MatchedNumberOfHandles] = HandleBuffer[Index];
764 }
765 if (MatchedResetRequiredBuffer != NULL) {
766 MatchedResetRequiredBuffer[MatchedNumberOfHandles] = (((TempFmpImageInfo->AttributesSupported &
767 IMAGE_ATTRIBUTE_RESET_REQUIRED) != 0) &&
768 ((TempFmpImageInfo->AttributesSetting &
769 IMAGE_ATTRIBUTE_RESET_REQUIRED) != 0));
770 }
771 MatchedNumberOfHandles++;
772 break;
773 }
774 }
775 TempFmpImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)TempFmpImageInfo + DescriptorSize);
776 }
777 FreePool(FmpImageInfoBuf);
778 }
779
780 if (MatchedNumberOfHandles == 0) {
781 return EFI_NOT_FOUND;
782 }
783
784 if (NoHandles != NULL) {
785 *NoHandles = MatchedNumberOfHandles;
786 }
787 if (HandleBuf != NULL) {
788 *HandleBuf = MatchedHandleBuffer;
789 }
790 if (ResetRequiredBuf != NULL) {
791 *ResetRequiredBuf = MatchedResetRequiredBuffer;
792 }
793
794 return EFI_SUCCESS;
795 }
796
797 /**
798 Return FmpImageInfoDescriptorVer by an FMP handle.
799
800 @param[in] Handle A FMP handle.
801
802 @return FmpImageInfoDescriptorVer associated with the FMP.
803 **/
804 UINT32
805 GetFmpImageInfoDescriptorVer (
806 IN EFI_HANDLE Handle
807 )
808 {
809 EFI_STATUS Status;
810 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
811 UINTN ImageInfoSize;
812 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
813 UINT32 FmpImageInfoDescriptorVer;
814 UINT8 FmpImageInfoCount;
815 UINTN DescriptorSize;
816 UINT32 PackageVersion;
817 CHAR16 *PackageVersionName;
818
819 Status = gBS->HandleProtocol(
820 Handle,
821 &gEfiFirmwareManagementProtocolGuid,
822 (VOID **)&Fmp
823 );
824 if (EFI_ERROR(Status)) {
825 return 0;
826 }
827
828 ImageInfoSize = 0;
829 Status = Fmp->GetImageInfo (
830 Fmp,
831 &ImageInfoSize,
832 NULL,
833 NULL,
834 NULL,
835 NULL,
836 NULL,
837 NULL
838 );
839 if (Status != EFI_BUFFER_TOO_SMALL) {
840 return 0;
841 }
842
843 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
844 if (FmpImageInfoBuf == NULL) {
845 return 0;
846 }
847
848 PackageVersionName = NULL;
849 Status = Fmp->GetImageInfo (
850 Fmp,
851 &ImageInfoSize, // ImageInfoSize
852 FmpImageInfoBuf, // ImageInfo
853 &FmpImageInfoDescriptorVer, // DescriptorVersion
854 &FmpImageInfoCount, // DescriptorCount
855 &DescriptorSize, // DescriptorSize
856 &PackageVersion, // PackageVersion
857 &PackageVersionName // PackageVersionName
858 );
859 if (EFI_ERROR(Status)) {
860 FreePool(FmpImageInfoBuf);
861 return 0;
862 }
863 return FmpImageInfoDescriptorVer;
864 }
865
866 /**
867 Set FMP image data.
868
869 @param[in] Handle A FMP handle.
870 @param[in] ImageHeader The payload image header.
871 @param[in] PayloadIndex The index of the payload.
872
873 @return The status of FMP->SetImage.
874 **/
875 EFI_STATUS
876 SetFmpImageData (
877 IN EFI_HANDLE Handle,
878 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader,
879 IN UINTN PayloadIndex
880 )
881 {
882 EFI_STATUS Status;
883 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
884 UINT8 *Image;
885 VOID *VendorCode;
886 CHAR16 *AbortReason;
887 EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS ProgressCallback;
888
889 Status = gBS->HandleProtocol(
890 Handle,
891 &gEfiFirmwareManagementProtocolGuid,
892 (VOID **)&Fmp
893 );
894 if (EFI_ERROR(Status)) {
895 return Status;
896 }
897
898 //
899 // Lookup Firmware Management Progress Protocol before SetImage() is called
900 // This is an optional protocol that may not be present on Handle.
901 //
902 Status = gBS->HandleProtocol (
903 Handle,
904 &gEdkiiFirmwareManagementProgressProtocolGuid,
905 (VOID **)&mFmpProgress
906 );
907 if (EFI_ERROR (Status)) {
908 mFmpProgress = NULL;
909 }
910
911 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
912 Image = (UINT8 *)(ImageHeader + 1);
913 } else {
914 //
915 // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1,
916 // Header should exclude UpdateHardwareInstance field
917 //
918 Image = (UINT8 *)ImageHeader + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
919 }
920
921 if (ImageHeader->UpdateVendorCodeSize == 0) {
922 VendorCode = NULL;
923 } else {
924 VendorCode = Image + ImageHeader->UpdateImageSize;
925 }
926 AbortReason = NULL;
927 DEBUG((DEBUG_INFO, "Fmp->SetImage ...\n"));
928 DEBUG((DEBUG_INFO, "ImageTypeId - %g, ", &ImageHeader->UpdateImageTypeId));
929 DEBUG((DEBUG_INFO, "PayloadIndex - 0x%x, ", PayloadIndex));
930 DEBUG((DEBUG_INFO, "ImageIndex - 0x%x ", ImageHeader->UpdateImageIndex));
931 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
932 DEBUG((DEBUG_INFO, "(UpdateHardwareInstance - 0x%x)", ImageHeader->UpdateHardwareInstance));
933 }
934 DEBUG((DEBUG_INFO, "\n"));
935
936 //
937 // Before calling SetImage(), reset the progress bar to 0%
938 //
939 ProgressCallback = UpdateImageProgress;
940 Status = UpdateImageProgress (0);
941 if (EFI_ERROR (Status)) {
942 ProgressCallback = NULL;
943 }
944
945 Status = Fmp->SetImage(
946 Fmp,
947 ImageHeader->UpdateImageIndex, // ImageIndex
948 Image, // Image
949 ImageHeader->UpdateImageSize, // ImageSize
950 VendorCode, // VendorCode
951 ProgressCallback, // Progress
952 &AbortReason // AbortReason
953 );
954 //
955 // Set the progress bar to 100% after returning from SetImage()
956 //
957 if (ProgressCallback != NULL) {
958 UpdateImageProgress (100);
959 }
960
961 DEBUG((DEBUG_INFO, "Fmp->SetImage - %r\n", Status));
962 if (AbortReason != NULL) {
963 DEBUG ((DEBUG_ERROR, "%s\n", AbortReason));
964 FreePool(AbortReason);
965 }
966
967 //
968 // Clear mFmpProgress after SetImage() returns
969 //
970 mFmpProgress = NULL;
971
972 return Status;
973 }
974
975 /**
976 Start a UEFI image in the FMP payload.
977
978 @param[in] ImageBuffer A pointer to the memory location containing a copy of the image to be loaded..
979 @param[in] ImageSize The size in bytes of ImageBuffer.
980
981 @return The status of gBS->LoadImage and gBS->StartImage.
982 **/
983 EFI_STATUS
984 StartFmpImage (
985 IN VOID *ImageBuffer,
986 IN UINTN ImageSize
987 )
988 {
989 MEMMAP_DEVICE_PATH MemMapNode;
990 EFI_STATUS Status;
991 EFI_HANDLE ImageHandle;
992 EFI_DEVICE_PATH_PROTOCOL *DriverDevicePath;
993 UINTN ExitDataSize;
994
995 SetDevicePathNodeLength (&MemMapNode.Header, sizeof (MemMapNode));
996 MemMapNode.Header.Type = HARDWARE_DEVICE_PATH;
997 MemMapNode.Header.SubType = HW_MEMMAP_DP;
998 MemMapNode.MemoryType = EfiBootServicesCode;
999 MemMapNode.StartingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)ImageBuffer;
1000 MemMapNode.EndingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)((UINT8 *)ImageBuffer + ImageSize - 1);
1001
1002 DriverDevicePath = AppendDevicePathNode (NULL, &MemMapNode.Header);
1003 if (DriverDevicePath == NULL) {
1004 return EFI_OUT_OF_RESOURCES;
1005 }
1006
1007 DEBUG((DEBUG_INFO, "FmpCapsule: LoadImage ...\n"));
1008 Status = gBS->LoadImage(
1009 FALSE,
1010 gImageHandle,
1011 DriverDevicePath,
1012 ImageBuffer,
1013 ImageSize,
1014 &ImageHandle
1015 );
1016 DEBUG((DEBUG_INFO, "FmpCapsule: LoadImage - %r\n", Status));
1017 if (EFI_ERROR(Status)) {
1018 FreePool(DriverDevicePath);
1019 return Status;
1020 }
1021
1022 DEBUG((DEBUG_INFO, "FmpCapsule: StartImage ...\n"));
1023 Status = gBS->StartImage(
1024 ImageHandle,
1025 &ExitDataSize,
1026 NULL
1027 );
1028 DEBUG((DEBUG_INFO, "FmpCapsule: StartImage - %r\n", Status));
1029 if (EFI_ERROR(Status)) {
1030 DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
1031 }
1032
1033 FreePool(DriverDevicePath);
1034 return Status;
1035 }
1036
1037 /**
1038 Record FMP capsule status.
1039
1040 @param[in] Handle A FMP handle.
1041 @param[in] CapsuleHeader The capsule image header
1042 @param[in] CapsuleStatus The capsule process stauts
1043 @param[in] PayloadIndex FMP payload index
1044 @param[in] ImageHeader FMP image header
1045 **/
1046 VOID
1047 RecordFmpCapsuleStatus (
1048 IN EFI_HANDLE Handle, OPTIONAL
1049 IN EFI_CAPSULE_HEADER *CapsuleHeader,
1050 IN EFI_STATUS CapsuleStatus,
1051 IN UINTN PayloadIndex,
1052 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
1053 )
1054 {
1055 EFI_STATUS Status;
1056 EFI_DEVICE_PATH_PROTOCOL *FmpDevicePath;
1057 UINT32 FmpImageInfoDescriptorVer;
1058 EFI_STATUS StatusEsrt;
1059 ESRT_MANAGEMENT_PROTOCOL *EsrtProtocol;
1060 EFI_SYSTEM_RESOURCE_ENTRY EsrtEntry;
1061
1062 FmpDevicePath = NULL;
1063 if (Handle != NULL) {
1064 gBS->HandleProtocol(
1065 Handle,
1066 &gEfiDevicePathProtocolGuid,
1067 (VOID **)&FmpDevicePath
1068 );
1069 }
1070
1071 RecordFmpCapsuleStatusVariable (
1072 CapsuleHeader,
1073 CapsuleStatus,
1074 PayloadIndex,
1075 ImageHeader,
1076 FmpDevicePath
1077 );
1078
1079 //
1080 // Update corresponding ESRT entry LastAttemp Status
1081 //
1082 Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtProtocol);
1083 if (EFI_ERROR (Status)) {
1084 return ;
1085 }
1086
1087 if (Handle == NULL) {
1088 return ;
1089 }
1090
1091 //
1092 // Update EsrtEntry For V1, V2 FMP instance.
1093 // V3 FMP ESRT cache will be synced up through SyncEsrtFmp interface
1094 //
1095 FmpImageInfoDescriptorVer = GetFmpImageInfoDescriptorVer (Handle);
1096 if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION) {
1097 StatusEsrt = EsrtProtocol->GetEsrtEntry(&ImageHeader->UpdateImageTypeId, &EsrtEntry);
1098 if (!EFI_ERROR(StatusEsrt)){
1099 if (!EFI_ERROR(CapsuleStatus)) {
1100 EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
1101 } else {
1102 EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
1103 }
1104 EsrtEntry.LastAttemptVersion = 0;
1105 EsrtProtocol->UpdateEsrtEntry(&EsrtEntry);
1106 }
1107 }
1108 }
1109
1110 /**
1111 Process Firmware management protocol data capsule.
1112
1113 This function assumes the caller validated the capsule by using
1114 ValidateFmpCapsule(), so that all fields in EFI_CAPSULE_HEADER,
1115 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and
1116 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are correct.
1117
1118 This function need support nested FMP capsule.
1119
1120 @param[in] CapsuleHeader Points to a capsule header.
1121 @param[out] ResetRequired Indicates whether reset is required or not.
1122
1123 @retval EFI_SUCESS Process Capsule Image successfully.
1124 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1125 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1126 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1127 @retval EFI_NOT_READY No FMP protocol to handle this FMP capsule.
1128 **/
1129 EFI_STATUS
1130 ProcessFmpCapsuleImage (
1131 IN EFI_CAPSULE_HEADER *CapsuleHeader,
1132 OUT BOOLEAN *ResetRequired OPTIONAL
1133 )
1134 {
1135 EFI_STATUS Status;
1136 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *FmpCapsuleHeader;
1137 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
1138 UINT64 *ItemOffsetList;
1139 UINT32 ItemNum;
1140 UINTN Index;
1141 EFI_HANDLE *HandleBuffer;
1142 BOOLEAN *ResetRequiredBuffer;
1143 UINTN NumberOfHandles;
1144 UINTN DriverLen;
1145 UINT64 UpdateHardwareInstance;
1146 UINTN Index2;
1147 BOOLEAN NotReady;
1148 BOOLEAN Abort;
1149
1150 if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
1151 return ProcessFmpCapsuleImage ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize), ResetRequired);
1152 }
1153
1154 NotReady = FALSE;
1155 Abort = FALSE;
1156
1157 DumpFmpCapsule(CapsuleHeader);
1158
1159 FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *) CapsuleHeader + CapsuleHeader->HeaderSize);
1160
1161 if (FmpCapsuleHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
1162 return EFI_INVALID_PARAMETER;
1163 }
1164 ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
1165
1166 ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
1167
1168 //
1169 // capsule in which driver count and payload count are both zero is not processed.
1170 //
1171 if (ItemNum == 0) {
1172 return EFI_SUCCESS;
1173 }
1174
1175 //
1176 // 1. Try to load & start all the drivers within capsule
1177 //
1178 for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
1179 if ((FmpCapsuleHeader->PayloadItemCount == 0) &&
1180 (Index == (UINTN)FmpCapsuleHeader->EmbeddedDriverCount - 1)) {
1181 //
1182 // When driver is last element in the ItemOffsetList array, the driver size is calculated by reference CapsuleImageSize in EFI_CAPSULE_HEADER
1183 //
1184 DriverLen = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize - (UINTN)ItemOffsetList[Index];
1185 } else {
1186 DriverLen = (UINTN)ItemOffsetList[Index + 1] - (UINTN)ItemOffsetList[Index];
1187 }
1188
1189 Status = StartFmpImage (
1190 (UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index],
1191 DriverLen
1192 );
1193 if (EFI_ERROR(Status)) {
1194 DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
1195 return Status;
1196 }
1197 }
1198
1199 //
1200 // 2. Route payload to right FMP instance
1201 //
1202 DEBUG((DEBUG_INFO, "FmpCapsule: route payload to right FMP instance ...\n"));
1203
1204 DumpAllFmpInfo ();
1205
1206 //
1207 // Check all the payload entry in capsule payload list
1208 //
1209 for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
1210 ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
1211
1212 UpdateHardwareInstance = 0;
1213 if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
1214 UpdateHardwareInstance = ImageHeader->UpdateHardwareInstance;
1215 }
1216
1217 Status = GetFmpHandleBufferByType (
1218 &ImageHeader->UpdateImageTypeId,
1219 UpdateHardwareInstance,
1220 &NumberOfHandles,
1221 &HandleBuffer,
1222 &ResetRequiredBuffer
1223 );
1224 if (EFI_ERROR(Status)) {
1225 NotReady = TRUE;
1226 RecordFmpCapsuleStatus (
1227 NULL,
1228 CapsuleHeader,
1229 EFI_NOT_READY,
1230 Index - FmpCapsuleHeader->EmbeddedDriverCount,
1231 ImageHeader
1232 );
1233 continue;
1234 }
1235
1236 for (Index2 = 0; Index2 < NumberOfHandles; Index2++) {
1237 if (Abort) {
1238 RecordFmpCapsuleStatus (
1239 HandleBuffer[Index2],
1240 CapsuleHeader,
1241 EFI_ABORTED,
1242 Index - FmpCapsuleHeader->EmbeddedDriverCount,
1243 ImageHeader
1244 );
1245 continue;
1246 }
1247
1248 Status = SetFmpImageData (
1249 HandleBuffer[Index2],
1250 ImageHeader,
1251 Index - FmpCapsuleHeader->EmbeddedDriverCount
1252 );
1253 if (Status != EFI_SUCCESS) {
1254 Abort = TRUE;
1255 } else {
1256 if (ResetRequired != NULL) {
1257 *ResetRequired |= ResetRequiredBuffer[Index2];
1258 }
1259 }
1260
1261 RecordFmpCapsuleStatus (
1262 HandleBuffer[Index2],
1263 CapsuleHeader,
1264 Status,
1265 Index - FmpCapsuleHeader->EmbeddedDriverCount,
1266 ImageHeader
1267 );
1268 }
1269 if (HandleBuffer != NULL) {
1270 FreePool(HandleBuffer);
1271 }
1272 if (ResetRequiredBuffer != NULL) {
1273 FreePool(ResetRequiredBuffer);
1274 }
1275 }
1276
1277 if (NotReady) {
1278 return EFI_NOT_READY;
1279 }
1280
1281 //
1282 // always return SUCCESS to indicate this capsule is processed.
1283 // The status of SetImage is recorded in capsule result variable.
1284 //
1285 return EFI_SUCCESS;
1286 }
1287
1288 /**
1289 Return if there is a FMP header below capsule header.
1290
1291 @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
1292
1293 @retval TRUE There is a FMP header below capsule header.
1294 @retval FALSE There is not a FMP header below capsule header
1295 **/
1296 BOOLEAN
1297 IsNestedFmpCapsule (
1298 IN EFI_CAPSULE_HEADER *CapsuleHeader
1299 )
1300 {
1301 EFI_STATUS Status;
1302 EFI_SYSTEM_RESOURCE_ENTRY *EsrtEntry;
1303 UINTN Index;
1304 BOOLEAN EsrtGuidFound;
1305 EFI_CAPSULE_HEADER *NestedCapsuleHeader;
1306 UINTN NestedCapsuleSize;
1307 ESRT_MANAGEMENT_PROTOCOL *EsrtProtocol;
1308 EFI_SYSTEM_RESOURCE_ENTRY Entry;
1309
1310 EsrtGuidFound = FALSE;
1311 if (mIsVirtualAddrConverted) {
1312 if(mEsrtTable != NULL) {
1313 EsrtEntry = (EFI_SYSTEM_RESOURCE_ENTRY *)(mEsrtTable + 1);
1314 for (Index = 0; Index < mEsrtTable->FwResourceCount ; Index++, EsrtEntry++) {
1315 if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
1316 EsrtGuidFound = TRUE;
1317 break;
1318 }
1319 }
1320 }
1321 } else {
1322 //
1323 // Check ESRT protocol
1324 //
1325 Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtProtocol);
1326 if (!EFI_ERROR(Status)) {
1327 Status = EsrtProtocol->GetEsrtEntry(&CapsuleHeader->CapsuleGuid, &Entry);
1328 if (!EFI_ERROR(Status)) {
1329 EsrtGuidFound = TRUE;
1330 }
1331 }
1332
1333 //
1334 // Check Firmware Management Protocols
1335 //
1336 if (!EsrtGuidFound) {
1337 Status = GetFmpHandleBufferByType (
1338 &CapsuleHeader->CapsuleGuid,
1339 0,
1340 NULL,
1341 NULL,
1342 NULL
1343 );
1344 if (!EFI_ERROR(Status)) {
1345 EsrtGuidFound = TRUE;
1346 }
1347 }
1348 }
1349 if (!EsrtGuidFound) {
1350 return FALSE;
1351 }
1352
1353 //
1354 // Check nested capsule header
1355 // FMP GUID after ESRT one
1356 //
1357 NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
1358 NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->CapsuleImageSize - (UINTN)NestedCapsuleHeader;
1359 if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
1360 return FALSE;
1361 }
1362 if (!IsValidCapsuleHeader(NestedCapsuleHeader, NestedCapsuleSize)) {
1363 return FALSE;
1364 }
1365 if (!IsFmpCapsuleGuid(&NestedCapsuleHeader->CapsuleGuid)) {
1366 return FALSE;
1367 }
1368 DEBUG ((DEBUG_INFO, "IsNestedFmpCapsule\n"));
1369 return TRUE;
1370 }
1371
1372 /**
1373 Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
1374
1375 @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
1376
1377 @retval TRUE It is a system FMP.
1378 @retval FALSE It is a device FMP.
1379 **/
1380 BOOLEAN
1381 IsFmpCapsule (
1382 IN EFI_CAPSULE_HEADER *CapsuleHeader
1383 )
1384 {
1385 if (IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
1386 return TRUE;
1387 }
1388 if (IsNestedFmpCapsule(CapsuleHeader)) {
1389 return TRUE;
1390 }
1391 return FALSE;
1392 }
1393
1394 /**
1395 Those capsules supported by the firmwares.
1396
1397 Caution: This function may receive untrusted input.
1398
1399 @param[in] CapsuleHeader Points to a capsule header.
1400
1401 @retval EFI_SUCESS Input capsule is supported by firmware.
1402 @retval EFI_UNSUPPORTED Input capsule is not supported by the firmware.
1403 @retval EFI_INVALID_PARAMETER Input capsule layout is not correct
1404 **/
1405 EFI_STATUS
1406 EFIAPI
1407 SupportCapsuleImage (
1408 IN EFI_CAPSULE_HEADER *CapsuleHeader
1409 )
1410 {
1411 //
1412 // check Display Capsule Guid
1413 //
1414 if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
1415 return EFI_SUCCESS;
1416 }
1417
1418 if (IsFmpCapsule(CapsuleHeader)) {
1419 //
1420 // Check layout of FMP capsule
1421 //
1422 return ValidateFmpCapsule(CapsuleHeader, NULL);
1423 }
1424 DEBUG((DEBUG_ERROR, "Unknown Capsule Guid - %g\n", &CapsuleHeader->CapsuleGuid));
1425 return EFI_UNSUPPORTED;
1426 }
1427
1428 /**
1429 The firmware implements to process the capsule image.
1430
1431 Caution: This function may receive untrusted input.
1432
1433 @param[in] CapsuleHeader Points to a capsule header.
1434 @param[out] ResetRequired Indicates whether reset is required or not.
1435
1436 @retval EFI_SUCESS Process Capsule Image successfully.
1437 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1438 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1439 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1440 **/
1441 EFI_STATUS
1442 EFIAPI
1443 ProcessThisCapsuleImage (
1444 IN EFI_CAPSULE_HEADER *CapsuleHeader,
1445 OUT BOOLEAN *ResetRequired OPTIONAL
1446 )
1447 {
1448 EFI_STATUS Status;
1449
1450 if (SupportCapsuleImage (CapsuleHeader) != EFI_SUCCESS) {
1451 RecordCapsuleStatusVariable(CapsuleHeader, EFI_UNSUPPORTED);
1452 return EFI_UNSUPPORTED;
1453 }
1454
1455 //
1456 // Display image in firmware update display capsule
1457 //
1458 if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
1459 DEBUG((DEBUG_INFO, "ProcessCapsuleImage for WindowsUxCapsule ...\n"));
1460 Status = DisplayCapsuleImage(CapsuleHeader);
1461 RecordCapsuleStatusVariable(CapsuleHeader, Status);
1462 return Status;
1463 }
1464
1465 //
1466 // Check FMP capsule layout
1467 //
1468 if (IsFmpCapsule (CapsuleHeader)) {
1469 DEBUG((DEBUG_INFO, "ProcessCapsuleImage for FmpCapsule ...\n"));
1470 DEBUG((DEBUG_INFO, "ValidateFmpCapsule ...\n"));
1471 Status = ValidateFmpCapsule(CapsuleHeader, NULL);
1472 DEBUG((DEBUG_INFO, "ValidateFmpCapsule - %r\n", Status));
1473 if (EFI_ERROR(Status)) {
1474 RecordCapsuleStatusVariable(CapsuleHeader, Status);
1475 return Status;
1476 }
1477
1478 //
1479 // Process EFI FMP Capsule
1480 //
1481 DEBUG((DEBUG_INFO, "ProcessFmpCapsuleImage ...\n"));
1482 Status = ProcessFmpCapsuleImage(CapsuleHeader, ResetRequired);
1483 DEBUG((DEBUG_INFO, "ProcessFmpCapsuleImage - %r\n", Status));
1484
1485 return Status;
1486 }
1487
1488 return EFI_UNSUPPORTED;
1489 }
1490
1491 /**
1492 The firmware implements to process the capsule image.
1493
1494 Caution: This function may receive untrusted input.
1495
1496 @param[in] CapsuleHeader Points to a capsule header.
1497
1498 @retval EFI_SUCESS Process Capsule Image successfully.
1499 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1500 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1501 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1502 **/
1503 EFI_STATUS
1504 EFIAPI
1505 ProcessCapsuleImage (
1506 IN EFI_CAPSULE_HEADER *CapsuleHeader
1507 )
1508 {
1509 return ProcessThisCapsuleImage (CapsuleHeader, NULL);
1510 }
1511
1512 /**
1513 Callback function executed when the EndOfDxe event group is signaled.
1514
1515 @param[in] Event Event whose notification function is being invoked.
1516 @param[in] Context The pointer to the notification function's context, which
1517 is implementation-dependent.
1518 **/
1519 VOID
1520 EFIAPI
1521 DxeCapsuleLibEndOfDxe (
1522 IN EFI_EVENT Event,
1523 IN VOID *Context
1524 )
1525 {
1526 mDxeCapsuleLibEndOfDxe = TRUE;
1527 }
1528
1529 /**
1530 The constructor function.
1531
1532 @param[in] ImageHandle The firmware allocated handle for the EFI image.
1533 @param[in] SystemTable A pointer to the EFI System Table.
1534
1535 @retval EFI_SUCCESS The constructor successfully .
1536 **/
1537 EFI_STATUS
1538 EFIAPI
1539 DxeCapsuleLibConstructor (
1540 IN EFI_HANDLE ImageHandle,
1541 IN EFI_SYSTEM_TABLE *SystemTable
1542 )
1543 {
1544 EFI_STATUS Status;
1545
1546 Status = gBS->CreateEventEx (
1547 EVT_NOTIFY_SIGNAL,
1548 TPL_CALLBACK,
1549 DxeCapsuleLibEndOfDxe,
1550 NULL,
1551 &gEfiEndOfDxeEventGroupGuid,
1552 &mDxeCapsuleLibEndOfDxeEvent
1553 );
1554 ASSERT_EFI_ERROR (Status);
1555
1556 InitCapsuleVariable();
1557
1558 return EFI_SUCCESS;
1559 }
1560
1561 /**
1562 The destructor function closes the End of DXE event.
1563
1564 @param ImageHandle The firmware allocated handle for the EFI image.
1565 @param SystemTable A pointer to the EFI System Table.
1566
1567 @retval EFI_SUCCESS The destructor completed successfully.
1568 **/
1569 EFI_STATUS
1570 EFIAPI
1571 DxeCapsuleLibDestructor (
1572 IN EFI_HANDLE ImageHandle,
1573 IN EFI_SYSTEM_TABLE *SystemTable
1574 )
1575 {
1576 EFI_STATUS Status;
1577
1578 //
1579 // Close the End of DXE event.
1580 //
1581 Status = gBS->CloseEvent (mDxeCapsuleLibEndOfDxeEvent);
1582 ASSERT_EFI_ERROR (Status);
1583
1584 return EFI_SUCCESS;
1585 }
EFI Development Kit II mirror for PVE