4 Caution: This module requires additional review when modified.
5 This module will have external input - capsule image.
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
9 SupportCapsuleImage(), ProcessCapsuleImage(), IsValidCapsuleHeader(),
10 ValidateFmpCapsule(), and DisplayCapsuleImage() receives untrusted input and
11 performs basic validation.
13 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
14 This program and the accompanying materials
15 are licensed and made available under the terms and conditions of the BSD License
16 which accompanies this distribution. The full text of the license may be found at
17 http://opensource.org/licenses/bsd-license.php
19 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
20 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
26 #include <IndustryStandard/WindowsUxCapsule.h>
28 #include <Guid/FmpCapsule.h>
29 #include <Guid/SystemResourceTable.h>
30 #include <Guid/EventGroup.h>
32 #include <Library/BaseLib.h>
33 #include <Library/DebugLib.h>
34 #include <Library/BaseMemoryLib.h>
35 #include <Library/DxeServicesTableLib.h>
36 #include <Library/UefiBootServicesTableLib.h>
37 #include <Library/UefiRuntimeServicesTableLib.h>
38 #include <Library/MemoryAllocationLib.h>
39 #include <Library/CapsuleLib.h>
40 #include <Library/DevicePathLib.h>
41 #include <Library/UefiLib.h>
42 #include <Library/PcdLib.h>
43 #include <Library/BmpSupportLib.h>
45 #include <Protocol/GraphicsOutput.h>
46 #include <Protocol/EsrtManagement.h>
47 #include <Protocol/FirmwareManagement.h>
48 #include <Protocol/FirmwareManagementProgress.h>
49 #include <Protocol/DevicePath.h>
51 EFI_SYSTEM_RESOURCE_TABLE
*mEsrtTable
= NULL
;
52 BOOLEAN mIsVirtualAddrConverted
= FALSE
;
54 BOOLEAN mDxeCapsuleLibEndOfDxe
= FALSE
;
55 EFI_EVENT mDxeCapsuleLibEndOfDxeEvent
= NULL
;
57 EDKII_FIRMWARE_MANAGEMENT_PROGRESS_PROTOCOL
*mFmpProgress
= NULL
;
60 Initialize capsule related variables.
68 Record capsule status variable.
70 @param[in] CapsuleHeader The capsule image header
71 @param[in] CapsuleStatus The capsule process stauts
73 @retval EFI_SUCCESS The capsule status variable is recorded.
74 @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
77 RecordCapsuleStatusVariable (
78 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
79 IN EFI_STATUS CapsuleStatus
83 Record FMP capsule status variable.
85 @param[in] CapsuleHeader The capsule image header
86 @param[in] CapsuleStatus The capsule process stauts
87 @param[in] PayloadIndex FMP payload index
88 @param[in] ImageHeader FMP image header
89 @param[in] FmpDevicePath DevicePath associated with the FMP producer
91 @retval EFI_SUCCESS The capsule status variable is recorded.
92 @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
95 RecordFmpCapsuleStatusVariable (
96 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
97 IN EFI_STATUS CapsuleStatus
,
98 IN UINTN PayloadIndex
,
99 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*ImageHeader
,
100 IN EFI_DEVICE_PATH_PROTOCOL
*FmpDevicePath OPTIONAL
104 Function indicate the current completion progress of the firmware
105 update. Platform may override with own specific progress function.
107 @param[in] Completion A value between 1 and 100 indicating the current
108 completion progress of the firmware update
110 @retval EFI_SUCESS The capsule update progress was updated.
111 @retval EFI_INVALID_PARAMETER Completion is greater than 100%.
115 UpdateImageProgress (
120 Return if this CapsuleGuid is a FMP capsule GUID or not.
122 @param[in] CapsuleGuid A pointer to EFI_GUID
124 @retval TRUE It is a FMP capsule GUID.
125 @retval FALSE It is not a FMP capsule GUID.
129 IN EFI_GUID
*CapsuleGuid
132 if (CompareGuid(&gEfiFmpCapsuleGuid
, CapsuleGuid
)) {
140 Validate if it is valid capsule header
142 Caution: This function may receive untrusted input.
144 This function assumes the caller provided correct CapsuleHeader pointer
147 This function validates the fields in EFI_CAPSULE_HEADER.
149 @param[in] CapsuleHeader Points to a capsule header.
150 @param[in] CapsuleSize Size of the whole capsule image.
154 IsValidCapsuleHeader (
155 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
156 IN UINT64 CapsuleSize
159 if (CapsuleHeader
->CapsuleImageSize
!= CapsuleSize
) {
162 if (CapsuleHeader
->HeaderSize
>= CapsuleHeader
->CapsuleImageSize
) {
169 Validate Fmp capsules layout.
171 Caution: This function may receive untrusted input.
173 This function assumes the caller validated the capsule by using
174 IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
175 The capsule buffer size is CapsuleHeader->CapsuleImageSize.
177 This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
178 and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
180 This function need support nested FMP capsule.
182 @param[in] CapsuleHeader Points to a capsule header.
183 @param[out] EmbeddedDriverCount The EmbeddedDriverCount in the FMP capsule.
185 @retval EFI_SUCESS Input capsule is a correct FMP capsule.
186 @retval EFI_INVALID_PARAMETER Input capsule is not a correct FMP capsule.
190 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
191 OUT UINT16
*EmbeddedDriverCount OPTIONAL
194 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
*FmpCapsuleHeader
;
196 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*ImageHeader
;
198 UINT64
*ItemOffsetList
;
201 UINTN FmpCapsuleSize
;
202 UINTN FmpCapsuleHeaderSize
;
204 UINTN FmpImageHeaderSize
;
206 if (!IsFmpCapsuleGuid(&CapsuleHeader
->CapsuleGuid
)) {
207 return ValidateFmpCapsule ((EFI_CAPSULE_HEADER
*)((UINTN
)CapsuleHeader
+ CapsuleHeader
->HeaderSize
), EmbeddedDriverCount
);
210 if (CapsuleHeader
->HeaderSize
>= CapsuleHeader
->CapsuleImageSize
) {
211 DEBUG((DEBUG_ERROR
, "HeaderSize(0x%x) >= CapsuleImageSize(0x%x)\n", CapsuleHeader
->HeaderSize
, CapsuleHeader
->CapsuleImageSize
));
212 return EFI_INVALID_PARAMETER
;
215 FmpCapsuleHeader
= (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
*) ((UINT8
*) CapsuleHeader
+ CapsuleHeader
->HeaderSize
);
216 EndOfCapsule
= (UINT8
*) CapsuleHeader
+ CapsuleHeader
->CapsuleImageSize
;
217 FmpCapsuleSize
= (UINTN
)EndOfCapsule
- (UINTN
)FmpCapsuleHeader
;
219 if (FmpCapsuleSize
< sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
)) {
220 DEBUG((DEBUG_ERROR
, "FmpCapsuleSize(0x%x) < EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER\n", FmpCapsuleSize
));
221 return EFI_INVALID_PARAMETER
;
224 // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
225 if (FmpCapsuleHeader
->Version
!= EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION
) {
226 DEBUG((DEBUG_ERROR
, "FmpCapsuleHeader->Version(0x%x) != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION\n", FmpCapsuleHeader
->Version
));
227 return EFI_INVALID_PARAMETER
;
229 ItemOffsetList
= (UINT64
*)(FmpCapsuleHeader
+ 1);
232 ItemNum
= FmpCapsuleHeader
->EmbeddedDriverCount
+ FmpCapsuleHeader
->PayloadItemCount
;
234 if ((FmpCapsuleSize
- sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
))/sizeof(UINT64
) < ItemNum
) {
235 DEBUG((DEBUG_ERROR
, "ItemNum(0x%x) too big\n", ItemNum
));
236 return EFI_INVALID_PARAMETER
;
238 FmpCapsuleHeaderSize
= sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
) + sizeof(UINT64
)*ItemNum
;
240 // Check ItemOffsetList
241 for (Index
= 0; Index
< ItemNum
; Index
++) {
242 if (ItemOffsetList
[Index
] >= FmpCapsuleSize
) {
243 DEBUG((DEBUG_ERROR
, "ItemOffsetList[%d](0x%lx) >= FmpCapsuleSize(0x%x)\n", Index
, ItemOffsetList
[Index
], FmpCapsuleSize
));
244 return EFI_INVALID_PARAMETER
;
246 if (ItemOffsetList
[Index
] < FmpCapsuleHeaderSize
) {
247 DEBUG((DEBUG_ERROR
, "ItemOffsetList[%d](0x%lx) < FmpCapsuleHeaderSize(0x%x)\n", Index
, ItemOffsetList
[Index
], FmpCapsuleHeaderSize
));
248 return EFI_INVALID_PARAMETER
;
251 // All the address in ItemOffsetList must be stored in ascending order
254 if (ItemOffsetList
[Index
] <= ItemOffsetList
[Index
- 1]) {
255 DEBUG((DEBUG_ERROR
, "ItemOffsetList[%d](0x%lx) < ItemOffsetList[%d](0x%x)\n", Index
, ItemOffsetList
[Index
], Index
- 1, ItemOffsetList
[Index
- 1]));
256 return EFI_INVALID_PARAMETER
;
261 // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
262 for (Index
= FmpCapsuleHeader
->EmbeddedDriverCount
; Index
< ItemNum
; Index
++) {
263 ImageHeader
= (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*)((UINT8
*)FmpCapsuleHeader
+ ItemOffsetList
[Index
]);
264 if (Index
== ItemNum
- 1) {
265 EndOfPayload
= (UINT8
*)((UINTN
)EndOfCapsule
- (UINTN
)FmpCapsuleHeader
);
267 EndOfPayload
= (UINT8
*)(UINTN
)ItemOffsetList
[Index
+1];
269 FmpImageSize
= (UINTN
)EndOfPayload
- ItemOffsetList
[Index
];
271 FmpImageHeaderSize
= sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
);
272 if ((ImageHeader
->Version
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION
) ||
273 (ImageHeader
->Version
< 1)) {
274 DEBUG((DEBUG_ERROR
, "ImageHeader->Version(0x%x) Unknown\n", ImageHeader
->Version
));
275 return EFI_INVALID_PARAMETER
;
277 if (ImageHeader
->Version
< EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION
) {
278 FmpImageHeaderSize
= OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
, UpdateHardwareInstance
);
280 if (FmpImageSize
< FmpImageHeaderSize
) {
281 DEBUG((DEBUG_ERROR
, "FmpImageSize(0x%lx) < FmpImageHeaderSize(0x%x)\n", FmpImageSize
, FmpImageHeaderSize
));
282 return EFI_INVALID_PARAMETER
;
286 if (FmpImageSize
!= (UINT64
)FmpImageHeaderSize
+ (UINT64
)ImageHeader
->UpdateImageSize
+ (UINT64
)ImageHeader
->UpdateVendorCodeSize
) {
287 DEBUG((DEBUG_ERROR
, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0x%x) UpdateVendorCodeSize(0x%x)\n", FmpImageSize
, ImageHeader
->UpdateImageSize
, ImageHeader
->UpdateVendorCodeSize
));
288 return EFI_INVALID_PARAMETER
;
294 // No driver & payload element in FMP
296 EndOfPayload
= (UINT8
*)(FmpCapsuleHeader
+ 1);
297 if (EndOfPayload
!= EndOfCapsule
) {
298 DEBUG((DEBUG_ERROR
, "EndOfPayload(0x%x) mismatch, EndOfCapsule(0x%x)\n", EndOfPayload
, EndOfCapsule
));
299 return EFI_INVALID_PARAMETER
;
301 return EFI_UNSUPPORTED
;
304 if (EmbeddedDriverCount
!= NULL
) {
305 *EmbeddedDriverCount
= FmpCapsuleHeader
->EmbeddedDriverCount
;
312 Those capsules supported by the firmwares.
314 Caution: This function may receive untrusted input.
316 @param[in] CapsuleHeader Points to a capsule header.
318 @retval EFI_SUCESS Input capsule is supported by firmware.
319 @retval EFI_UNSUPPORTED Input capsule is not supported by the firmware.
322 DisplayCapsuleImage (
323 IN EFI_CAPSULE_HEADER
*CapsuleHeader
326 DISPLAY_DISPLAY_PAYLOAD
*ImagePayload
;
329 EFI_GRAPHICS_OUTPUT_BLT_PIXEL
*Blt
;
333 EFI_GRAPHICS_OUTPUT_PROTOCOL
*GraphicsOutput
;
336 // UX capsule doesn't have extended header entries.
338 if (CapsuleHeader
->HeaderSize
!= sizeof (EFI_CAPSULE_HEADER
)) {
339 return EFI_UNSUPPORTED
;
341 ImagePayload
= (DISPLAY_DISPLAY_PAYLOAD
*)((UINTN
) CapsuleHeader
+ CapsuleHeader
->HeaderSize
);
343 // (CapsuleImageSize > HeaderSize) is guaranteed by IsValidCapsuleHeader().
345 PayloadSize
= CapsuleHeader
->CapsuleImageSize
- CapsuleHeader
->HeaderSize
;
348 // Make sure the image payload at least contain the DISPLAY_DISPLAY_PAYLOAD header.
349 // Further size check is performed by the logic translating BMP to GOP BLT.
351 if (PayloadSize
<= sizeof (DISPLAY_DISPLAY_PAYLOAD
)) {
352 return EFI_INVALID_PARAMETER
;
355 if (ImagePayload
->Version
!= 1) {
356 return EFI_UNSUPPORTED
;
358 if (CalculateCheckSum8((UINT8
*)CapsuleHeader
, CapsuleHeader
->CapsuleImageSize
) != 0) {
359 return EFI_UNSUPPORTED
;
362 // Only Support Bitmap by now
364 if (ImagePayload
->ImageType
!= 0) {
365 return EFI_UNSUPPORTED
;
371 Status
= gBS
->HandleProtocol (gST
->ConsoleOutHandle
, &gEfiGraphicsOutputProtocolGuid
, (VOID
**)&GraphicsOutput
);
372 if (EFI_ERROR (Status
)) {
373 Status
= gBS
->LocateProtocol(&gEfiGraphicsOutputProtocolGuid
, NULL
, (VOID
**)&GraphicsOutput
);
374 if (EFI_ERROR(Status
)) {
375 return EFI_UNSUPPORTED
;
379 if (GraphicsOutput
->Mode
->Mode
!= ImagePayload
->Mode
) {
380 return EFI_UNSUPPORTED
;
386 Status
= TranslateBmpToGopBlt (
388 PayloadSize
- sizeof(DISPLAY_DISPLAY_PAYLOAD
),
395 if (EFI_ERROR (Status
)) {
399 Status
= GraphicsOutput
->Blt (
405 (UINTN
) ImagePayload
->OffsetX
,
406 (UINTN
) ImagePayload
->OffsetY
,
409 Width
* sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL
)
418 Dump FMP information.
420 @param[in] ImageInfoSize The size of ImageInfo, in bytes.
421 @param[in] ImageInfo A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
422 @param[in] DescriptorVersion The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
423 @param[in] DescriptorCount The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
424 @param[in] DescriptorSize The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR, in bytes.
425 @param[in] PackageVersion The version of package.
426 @param[in] PackageVersionName The version name of package.
430 IN UINTN ImageInfoSize
,
431 IN EFI_FIRMWARE_IMAGE_DESCRIPTOR
*ImageInfo
,
432 IN UINT32 DescriptorVersion
,
433 IN UINT8 DescriptorCount
,
434 IN UINTN DescriptorSize
,
435 IN UINT32 PackageVersion
,
436 IN CHAR16
*PackageVersionName
439 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*CurrentImageInfo
;
442 DEBUG((DEBUG_VERBOSE
, " DescriptorVersion - 0x%x\n", DescriptorVersion
));
443 DEBUG((DEBUG_VERBOSE
, " DescriptorCount - 0x%x\n", DescriptorCount
));
444 DEBUG((DEBUG_VERBOSE
, " DescriptorSize - 0x%x\n", DescriptorSize
));
445 DEBUG((DEBUG_VERBOSE
, " PackageVersion - 0x%x\n", PackageVersion
));
446 DEBUG((DEBUG_VERBOSE
, " PackageVersionName - %s\n\n", PackageVersionName
));
447 CurrentImageInfo
= ImageInfo
;
448 for (Index
= 0; Index
< DescriptorCount
; Index
++) {
449 DEBUG((DEBUG_VERBOSE
, " ImageDescriptor (%d)\n", Index
));
450 DEBUG((DEBUG_VERBOSE
, " ImageIndex - 0x%x\n", CurrentImageInfo
->ImageIndex
));
451 DEBUG((DEBUG_VERBOSE
, " ImageTypeId - %g\n", &CurrentImageInfo
->ImageTypeId
));
452 DEBUG((DEBUG_VERBOSE
, " ImageId - 0x%lx\n", CurrentImageInfo
->ImageId
));
453 DEBUG((DEBUG_VERBOSE
, " ImageIdName - %s\n", CurrentImageInfo
->ImageIdName
));
454 DEBUG((DEBUG_VERBOSE
, " Version - 0x%x\n", CurrentImageInfo
->Version
));
455 DEBUG((DEBUG_VERBOSE
, " VersionName - %s\n", CurrentImageInfo
->VersionName
));
456 DEBUG((DEBUG_VERBOSE
, " Size - 0x%x\n", CurrentImageInfo
->Size
));
457 DEBUG((DEBUG_VERBOSE
, " AttributesSupported - 0x%lx\n", CurrentImageInfo
->AttributesSupported
));
458 DEBUG((DEBUG_VERBOSE
, " AttributesSetting - 0x%lx\n", CurrentImageInfo
->AttributesSetting
));
459 DEBUG((DEBUG_VERBOSE
, " Compatibilities - 0x%lx\n", CurrentImageInfo
->Compatibilities
));
460 if (DescriptorVersion
> 1) {
461 DEBUG((DEBUG_VERBOSE
, " LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo
->LowestSupportedImageVersion
));
462 if (DescriptorVersion
> 2) {
463 DEBUG((DEBUG_VERBOSE
, " LastAttemptVersion - 0x%x\n", CurrentImageInfo
->LastAttemptVersion
));
464 DEBUG((DEBUG_VERBOSE
, " LastAttemptStatus - 0x%x\n", CurrentImageInfo
->LastAttemptStatus
));
465 DEBUG((DEBUG_VERBOSE
, " HardwareInstance - 0x%lx\n", CurrentImageInfo
->HardwareInstance
));
469 // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different ImageInfo version
471 CurrentImageInfo
= (EFI_FIRMWARE_IMAGE_DESCRIPTOR
*)((UINT8
*)CurrentImageInfo
+ DescriptorSize
);
476 Dump a non-nested FMP capsule.
478 @param[in] CapsuleHeader A pointer to CapsuleHeader
482 IN EFI_CAPSULE_HEADER
*CapsuleHeader
485 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
*FmpCapsuleHeader
;
486 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*ImageHeader
;
488 UINT64
*ItemOffsetList
;
490 FmpCapsuleHeader
= (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
*)((UINT8
*)CapsuleHeader
+ CapsuleHeader
->HeaderSize
);
492 DEBUG((DEBUG_VERBOSE
, "FmpCapsule:\n"));
493 DEBUG((DEBUG_VERBOSE
, " Version - 0x%x\n", FmpCapsuleHeader
->Version
));
494 DEBUG((DEBUG_VERBOSE
, " EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader
->EmbeddedDriverCount
));
495 DEBUG((DEBUG_VERBOSE
, " PayloadItemCount - 0x%x\n", FmpCapsuleHeader
->PayloadItemCount
));
497 ItemOffsetList
= (UINT64
*)(FmpCapsuleHeader
+ 1);
498 for (Index
= 0; Index
< FmpCapsuleHeader
->EmbeddedDriverCount
; Index
++) {
499 DEBUG((DEBUG_VERBOSE
, " ItemOffsetList[%d] - 0x%lx\n", Index
, ItemOffsetList
[Index
]));
501 for (; Index
< (UINT32
)FmpCapsuleHeader
->EmbeddedDriverCount
+ FmpCapsuleHeader
->PayloadItemCount
; Index
++) {
502 DEBUG((DEBUG_VERBOSE
, " ItemOffsetList[%d] - 0x%lx\n", Index
, ItemOffsetList
[Index
]));
503 ImageHeader
= (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*)((UINT8
*)FmpCapsuleHeader
+ ItemOffsetList
[Index
]);
505 DEBUG((DEBUG_VERBOSE
, " ImageHeader:\n"));
506 DEBUG((DEBUG_VERBOSE
, " Version - 0x%x\n", ImageHeader
->Version
));
507 DEBUG((DEBUG_VERBOSE
, " UpdateImageTypeId - %g\n", &ImageHeader
->UpdateImageTypeId
));
508 DEBUG((DEBUG_VERBOSE
, " UpdateImageIndex - 0x%x\n", ImageHeader
->UpdateImageIndex
));
509 DEBUG((DEBUG_VERBOSE
, " UpdateImageSize - 0x%x\n", ImageHeader
->UpdateImageSize
));
510 DEBUG((DEBUG_VERBOSE
, " UpdateVendorCodeSize - 0x%x\n", ImageHeader
->UpdateVendorCodeSize
));
511 if (ImageHeader
->Version
>= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION
) {
512 DEBUG((DEBUG_VERBOSE
, " UpdateHardwareInstance - 0x%lx\n", ImageHeader
->UpdateHardwareInstance
));
518 Dump all FMP information.
526 EFI_HANDLE
*HandleBuffer
;
527 UINTN NumberOfHandles
;
528 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
531 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*FmpImageInfoBuf
;
532 UINT32 FmpImageInfoDescriptorVer
;
533 UINT8 FmpImageInfoCount
;
534 UINTN DescriptorSize
;
535 UINT32 PackageVersion
;
536 CHAR16
*PackageVersionName
;
538 Status
= gBS
->LocateHandleBuffer (
540 &gEfiFirmwareManagementProtocolGuid
,
545 if (EFI_ERROR(Status
)) {
549 for (Index
= 0; Index
< NumberOfHandles
; Index
++) {
550 Status
= gBS
->HandleProtocol(
552 &gEfiFirmwareManagementProtocolGuid
,
555 if (EFI_ERROR(Status
)) {
560 Status
= Fmp
->GetImageInfo (
570 if (Status
!= EFI_BUFFER_TOO_SMALL
) {
574 FmpImageInfoBuf
= AllocateZeroPool (ImageInfoSize
);
575 if (FmpImageInfoBuf
== NULL
) {
579 PackageVersionName
= NULL
;
580 Status
= Fmp
->GetImageInfo (
582 &ImageInfoSize
, // ImageInfoSize
583 FmpImageInfoBuf
, // ImageInfo
584 &FmpImageInfoDescriptorVer
, // DescriptorVersion
585 &FmpImageInfoCount
, // DescriptorCount
586 &DescriptorSize
, // DescriptorSize
587 &PackageVersion
, // PackageVersion
588 &PackageVersionName
// PackageVersionName
590 if (EFI_ERROR(Status
)) {
591 FreePool(FmpImageInfoBuf
);
595 DEBUG((DEBUG_INFO
, "FMP (%d) ImageInfo:\n", Index
));
597 ImageInfoSize
, // ImageInfoSize
598 FmpImageInfoBuf
, // ImageInfo
599 FmpImageInfoDescriptorVer
, // DescriptorVersion
600 FmpImageInfoCount
, // DescriptorCount
601 DescriptorSize
, // DescriptorSize
602 PackageVersion
, // PackageVersion
603 PackageVersionName
// PackageVersionName
606 if (PackageVersionName
!= NULL
) {
607 FreePool(PackageVersionName
);
610 FreePool(FmpImageInfoBuf
);
617 Get FMP handle by ImageTypeId and HardwareInstance.
619 @param[in] UpdateImageTypeId Used to identify device firmware targeted by this update.
620 @param[in] UpdateHardwareInstance The HardwareInstance to target with this update.
621 @param[out] NoHandles The number of handles returned in HandleBuf.
622 @param[out] HandleBuf A pointer to the buffer to return the requested array of handles.
623 @param[out] ResetRequiredBuf A pointer to the buffer to return reset required flag for
624 the requested array of handles.
626 @retval EFI_SUCCESS The array of handles and their reset required flag were returned in
627 HandleBuf and ResetRequiredBuf, and the number of handles in HandleBuf
628 was returned in NoHandles.
629 @retval EFI_NOT_FOUND No handles match the search.
630 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.
633 GetFmpHandleBufferByType (
634 IN EFI_GUID
*UpdateImageTypeId
,
635 IN UINT64 UpdateHardwareInstance
,
636 OUT UINTN
*NoHandles
, OPTIONAL
637 OUT EFI_HANDLE
**HandleBuf
, OPTIONAL
638 OUT BOOLEAN
**ResetRequiredBuf OPTIONAL
642 EFI_HANDLE
*HandleBuffer
;
643 UINTN NumberOfHandles
;
644 EFI_HANDLE
*MatchedHandleBuffer
;
645 BOOLEAN
*MatchedResetRequiredBuffer
;
646 UINTN MatchedNumberOfHandles
;
647 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
650 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*FmpImageInfoBuf
;
651 UINT32 FmpImageInfoDescriptorVer
;
652 UINT8 FmpImageInfoCount
;
653 UINTN DescriptorSize
;
654 UINT32 PackageVersion
;
655 CHAR16
*PackageVersionName
;
657 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*TempFmpImageInfo
;
659 if (NoHandles
!= NULL
) {
662 if (HandleBuf
!= NULL
) {
665 if (ResetRequiredBuf
!= NULL
) {
666 *ResetRequiredBuf
= NULL
;
669 Status
= gBS
->LocateHandleBuffer (
671 &gEfiFirmwareManagementProtocolGuid
,
676 if (EFI_ERROR(Status
)) {
680 MatchedNumberOfHandles
= 0;
682 MatchedHandleBuffer
= NULL
;
683 if (HandleBuf
!= NULL
) {
684 MatchedHandleBuffer
= AllocateZeroPool (sizeof(EFI_HANDLE
) * NumberOfHandles
);
685 if (MatchedHandleBuffer
== NULL
) {
686 FreePool (HandleBuffer
);
687 return EFI_OUT_OF_RESOURCES
;
691 MatchedResetRequiredBuffer
= NULL
;
692 if (ResetRequiredBuf
!= NULL
) {
693 MatchedResetRequiredBuffer
= AllocateZeroPool (sizeof(BOOLEAN
) * NumberOfHandles
);
694 if (MatchedResetRequiredBuffer
== NULL
) {
695 if (MatchedHandleBuffer
!= NULL
) {
696 FreePool (MatchedHandleBuffer
);
698 FreePool (HandleBuffer
);
699 return EFI_OUT_OF_RESOURCES
;
703 for (Index
= 0; Index
< NumberOfHandles
; Index
++) {
704 Status
= gBS
->HandleProtocol(
706 &gEfiFirmwareManagementProtocolGuid
,
709 if (EFI_ERROR(Status
)) {
714 Status
= Fmp
->GetImageInfo (
724 if (Status
!= EFI_BUFFER_TOO_SMALL
) {
728 FmpImageInfoBuf
= AllocateZeroPool (ImageInfoSize
);
729 if (FmpImageInfoBuf
== NULL
) {
733 PackageVersionName
= NULL
;
734 Status
= Fmp
->GetImageInfo (
736 &ImageInfoSize
, // ImageInfoSize
737 FmpImageInfoBuf
, // ImageInfo
738 &FmpImageInfoDescriptorVer
, // DescriptorVersion
739 &FmpImageInfoCount
, // DescriptorCount
740 &DescriptorSize
, // DescriptorSize
741 &PackageVersion
, // PackageVersion
742 &PackageVersionName
// PackageVersionName
744 if (EFI_ERROR(Status
)) {
745 FreePool(FmpImageInfoBuf
);
749 if (PackageVersionName
!= NULL
) {
750 FreePool(PackageVersionName
);
753 TempFmpImageInfo
= FmpImageInfoBuf
;
754 for (Index2
= 0; Index2
< FmpImageInfoCount
; Index2
++) {
756 // Check if this FMP instance matches
758 if (CompareGuid(UpdateImageTypeId
, &TempFmpImageInfo
->ImageTypeId
)) {
759 if ((UpdateHardwareInstance
== 0) ||
760 ((FmpImageInfoDescriptorVer
>= EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION
) &&
761 (UpdateHardwareInstance
== TempFmpImageInfo
->HardwareInstance
))) {
762 if (MatchedHandleBuffer
!= NULL
) {
763 MatchedHandleBuffer
[MatchedNumberOfHandles
] = HandleBuffer
[Index
];
765 if (MatchedResetRequiredBuffer
!= NULL
) {
766 MatchedResetRequiredBuffer
[MatchedNumberOfHandles
] = (((TempFmpImageInfo
->AttributesSupported
&
767 IMAGE_ATTRIBUTE_RESET_REQUIRED
) != 0) &&
768 ((TempFmpImageInfo
->AttributesSetting
&
769 IMAGE_ATTRIBUTE_RESET_REQUIRED
) != 0));
771 MatchedNumberOfHandles
++;
775 TempFmpImageInfo
= (EFI_FIRMWARE_IMAGE_DESCRIPTOR
*)((UINT8
*)TempFmpImageInfo
+ DescriptorSize
);
777 FreePool(FmpImageInfoBuf
);
780 if (MatchedNumberOfHandles
== 0) {
781 return EFI_NOT_FOUND
;
784 if (NoHandles
!= NULL
) {
785 *NoHandles
= MatchedNumberOfHandles
;
787 if (HandleBuf
!= NULL
) {
788 *HandleBuf
= MatchedHandleBuffer
;
790 if (ResetRequiredBuf
!= NULL
) {
791 *ResetRequiredBuf
= MatchedResetRequiredBuffer
;
798 Return FmpImageInfoDescriptorVer by an FMP handle.
800 @param[in] Handle A FMP handle.
802 @return FmpImageInfoDescriptorVer associated with the FMP.
805 GetFmpImageInfoDescriptorVer (
810 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
812 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*FmpImageInfoBuf
;
813 UINT32 FmpImageInfoDescriptorVer
;
814 UINT8 FmpImageInfoCount
;
815 UINTN DescriptorSize
;
816 UINT32 PackageVersion
;
817 CHAR16
*PackageVersionName
;
819 Status
= gBS
->HandleProtocol(
821 &gEfiFirmwareManagementProtocolGuid
,
824 if (EFI_ERROR(Status
)) {
829 Status
= Fmp
->GetImageInfo (
839 if (Status
!= EFI_BUFFER_TOO_SMALL
) {
843 FmpImageInfoBuf
= AllocateZeroPool (ImageInfoSize
);
844 if (FmpImageInfoBuf
== NULL
) {
848 PackageVersionName
= NULL
;
849 Status
= Fmp
->GetImageInfo (
851 &ImageInfoSize
, // ImageInfoSize
852 FmpImageInfoBuf
, // ImageInfo
853 &FmpImageInfoDescriptorVer
, // DescriptorVersion
854 &FmpImageInfoCount
, // DescriptorCount
855 &DescriptorSize
, // DescriptorSize
856 &PackageVersion
, // PackageVersion
857 &PackageVersionName
// PackageVersionName
859 if (EFI_ERROR(Status
)) {
860 FreePool(FmpImageInfoBuf
);
863 return FmpImageInfoDescriptorVer
;
869 @param[in] Handle A FMP handle.
870 @param[in] ImageHeader The payload image header.
871 @param[in] PayloadIndex The index of the payload.
873 @return The status of FMP->SetImage.
877 IN EFI_HANDLE Handle
,
878 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*ImageHeader
,
879 IN UINTN PayloadIndex
883 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
887 EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS ProgressCallback
;
889 Status
= gBS
->HandleProtocol(
891 &gEfiFirmwareManagementProtocolGuid
,
894 if (EFI_ERROR(Status
)) {
899 // Lookup Firmware Management Progress Protocol before SetImage() is called
900 // This is an optional protocol that may not be present on Handle.
902 Status
= gBS
->HandleProtocol (
904 &gEdkiiFirmwareManagementProgressProtocolGuid
,
905 (VOID
**)&mFmpProgress
907 if (EFI_ERROR (Status
)) {
911 if (ImageHeader
->Version
>= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION
) {
912 Image
= (UINT8
*)(ImageHeader
+ 1);
915 // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1,
916 // Header should exclude UpdateHardwareInstance field
918 Image
= (UINT8
*)ImageHeader
+ OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
, UpdateHardwareInstance
);
921 if (ImageHeader
->UpdateVendorCodeSize
== 0) {
924 VendorCode
= Image
+ ImageHeader
->UpdateImageSize
;
927 DEBUG((DEBUG_INFO
, "Fmp->SetImage ...\n"));
928 DEBUG((DEBUG_INFO
, "ImageTypeId - %g, ", &ImageHeader
->UpdateImageTypeId
));
929 DEBUG((DEBUG_INFO
, "PayloadIndex - 0x%x, ", PayloadIndex
));
930 DEBUG((DEBUG_INFO
, "ImageIndex - 0x%x ", ImageHeader
->UpdateImageIndex
));
931 if (ImageHeader
->Version
>= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION
) {
932 DEBUG((DEBUG_INFO
, "(UpdateHardwareInstance - 0x%x)", ImageHeader
->UpdateHardwareInstance
));
934 DEBUG((DEBUG_INFO
, "\n"));
937 // Before calling SetImage(), reset the progress bar to 0%
939 ProgressCallback
= UpdateImageProgress
;
940 Status
= UpdateImageProgress (0);
941 if (EFI_ERROR (Status
)) {
942 ProgressCallback
= NULL
;
945 Status
= Fmp
->SetImage(
947 ImageHeader
->UpdateImageIndex
, // ImageIndex
949 ImageHeader
->UpdateImageSize
, // ImageSize
950 VendorCode
, // VendorCode
951 ProgressCallback
, // Progress
952 &AbortReason
// AbortReason
955 // Set the progress bar to 100% after returning from SetImage()
957 if (ProgressCallback
!= NULL
) {
958 UpdateImageProgress (100);
961 DEBUG((DEBUG_INFO
, "Fmp->SetImage - %r\n", Status
));
962 if (AbortReason
!= NULL
) {
963 DEBUG ((DEBUG_ERROR
, "%s\n", AbortReason
));
964 FreePool(AbortReason
);
968 // Clear mFmpProgress after SetImage() returns
976 Start a UEFI image in the FMP payload.
978 @param[in] ImageBuffer A pointer to the memory location containing a copy of the image to be loaded..
979 @param[in] ImageSize The size in bytes of ImageBuffer.
981 @return The status of gBS->LoadImage and gBS->StartImage.
985 IN VOID
*ImageBuffer
,
989 MEMMAP_DEVICE_PATH MemMapNode
;
991 EFI_HANDLE ImageHandle
;
992 EFI_DEVICE_PATH_PROTOCOL
*DriverDevicePath
;
995 SetDevicePathNodeLength (&MemMapNode
.Header
, sizeof (MemMapNode
));
996 MemMapNode
.Header
.Type
= HARDWARE_DEVICE_PATH
;
997 MemMapNode
.Header
.SubType
= HW_MEMMAP_DP
;
998 MemMapNode
.MemoryType
= EfiBootServicesCode
;
999 MemMapNode
.StartingAddress
= (EFI_PHYSICAL_ADDRESS
)(UINTN
)ImageBuffer
;
1000 MemMapNode
.EndingAddress
= (EFI_PHYSICAL_ADDRESS
)(UINTN
)((UINT8
*)ImageBuffer
+ ImageSize
- 1);
1002 DriverDevicePath
= AppendDevicePathNode (NULL
, &MemMapNode
.Header
);
1003 if (DriverDevicePath
== NULL
) {
1004 return EFI_OUT_OF_RESOURCES
;
1007 DEBUG((DEBUG_INFO
, "FmpCapsule: LoadImage ...\n"));
1008 Status
= gBS
->LoadImage(
1016 DEBUG((DEBUG_INFO
, "FmpCapsule: LoadImage - %r\n", Status
));
1017 if (EFI_ERROR(Status
)) {
1018 FreePool(DriverDevicePath
);
1022 DEBUG((DEBUG_INFO
, "FmpCapsule: StartImage ...\n"));
1023 Status
= gBS
->StartImage(
1028 DEBUG((DEBUG_INFO
, "FmpCapsule: StartImage - %r\n", Status
));
1029 if (EFI_ERROR(Status
)) {
1030 DEBUG ((DEBUG_ERROR
, "Driver Return Status = %r\n", Status
));
1033 FreePool(DriverDevicePath
);
1038 Record FMP capsule status.
1040 @param[in] Handle A FMP handle.
1041 @param[in] CapsuleHeader The capsule image header
1042 @param[in] CapsuleStatus The capsule process stauts
1043 @param[in] PayloadIndex FMP payload index
1044 @param[in] ImageHeader FMP image header
1047 RecordFmpCapsuleStatus (
1048 IN EFI_HANDLE Handle
, OPTIONAL
1049 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
1050 IN EFI_STATUS CapsuleStatus
,
1051 IN UINTN PayloadIndex
,
1052 IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*ImageHeader
1056 EFI_DEVICE_PATH_PROTOCOL
*FmpDevicePath
;
1057 UINT32 FmpImageInfoDescriptorVer
;
1058 EFI_STATUS StatusEsrt
;
1059 ESRT_MANAGEMENT_PROTOCOL
*EsrtProtocol
;
1060 EFI_SYSTEM_RESOURCE_ENTRY EsrtEntry
;
1062 FmpDevicePath
= NULL
;
1063 if (Handle
!= NULL
) {
1064 gBS
->HandleProtocol(
1066 &gEfiDevicePathProtocolGuid
,
1067 (VOID
**)&FmpDevicePath
1071 RecordFmpCapsuleStatusVariable (
1080 // Update corresponding ESRT entry LastAttemp Status
1082 Status
= gBS
->LocateProtocol(&gEsrtManagementProtocolGuid
, NULL
, (VOID
**)&EsrtProtocol
);
1083 if (EFI_ERROR (Status
)) {
1087 if (Handle
== NULL
) {
1092 // Update EsrtEntry For V1, V2 FMP instance.
1093 // V3 FMP ESRT cache will be synced up through SyncEsrtFmp interface
1095 FmpImageInfoDescriptorVer
= GetFmpImageInfoDescriptorVer (Handle
);
1096 if (FmpImageInfoDescriptorVer
< EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION
) {
1097 StatusEsrt
= EsrtProtocol
->GetEsrtEntry(&ImageHeader
->UpdateImageTypeId
, &EsrtEntry
);
1098 if (!EFI_ERROR(StatusEsrt
)){
1099 if (!EFI_ERROR(CapsuleStatus
)) {
1100 EsrtEntry
.LastAttemptStatus
= LAST_ATTEMPT_STATUS_SUCCESS
;
1102 EsrtEntry
.LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL
;
1104 EsrtEntry
.LastAttemptVersion
= 0;
1105 EsrtProtocol
->UpdateEsrtEntry(&EsrtEntry
);
1111 Process Firmware management protocol data capsule.
1113 This function assumes the caller validated the capsule by using
1114 ValidateFmpCapsule(), so that all fields in EFI_CAPSULE_HEADER,
1115 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and
1116 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are correct.
1118 This function need support nested FMP capsule.
1120 @param[in] CapsuleHeader Points to a capsule header.
1121 @param[out] ResetRequired Indicates whether reset is required or not.
1123 @retval EFI_SUCESS Process Capsule Image successfully.
1124 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1125 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1126 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1127 @retval EFI_NOT_READY No FMP protocol to handle this FMP capsule.
1130 ProcessFmpCapsuleImage (
1131 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
1132 OUT BOOLEAN
*ResetRequired OPTIONAL
1136 EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
*FmpCapsuleHeader
;
1137 EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*ImageHeader
;
1138 UINT64
*ItemOffsetList
;
1141 EFI_HANDLE
*HandleBuffer
;
1142 BOOLEAN
*ResetRequiredBuffer
;
1143 UINTN NumberOfHandles
;
1145 UINT64 UpdateHardwareInstance
;
1150 if (!IsFmpCapsuleGuid(&CapsuleHeader
->CapsuleGuid
)) {
1151 return ProcessFmpCapsuleImage ((EFI_CAPSULE_HEADER
*)((UINTN
)CapsuleHeader
+ CapsuleHeader
->HeaderSize
), ResetRequired
);
1157 DumpFmpCapsule(CapsuleHeader
);
1159 FmpCapsuleHeader
= (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
*) ((UINT8
*) CapsuleHeader
+ CapsuleHeader
->HeaderSize
);
1161 if (FmpCapsuleHeader
->Version
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION
) {
1162 return EFI_INVALID_PARAMETER
;
1164 ItemOffsetList
= (UINT64
*)(FmpCapsuleHeader
+ 1);
1166 ItemNum
= FmpCapsuleHeader
->EmbeddedDriverCount
+ FmpCapsuleHeader
->PayloadItemCount
;
1169 // capsule in which driver count and payload count are both zero is not processed.
1176 // 1. Try to load & start all the drivers within capsule
1178 for (Index
= 0; Index
< FmpCapsuleHeader
->EmbeddedDriverCount
; Index
++) {
1179 if ((FmpCapsuleHeader
->PayloadItemCount
== 0) &&
1180 (Index
== (UINTN
)FmpCapsuleHeader
->EmbeddedDriverCount
- 1)) {
1182 // When driver is last element in the ItemOffsetList array, the driver size is calculated by reference CapsuleImageSize in EFI_CAPSULE_HEADER
1184 DriverLen
= CapsuleHeader
->CapsuleImageSize
- CapsuleHeader
->HeaderSize
- (UINTN
)ItemOffsetList
[Index
];
1186 DriverLen
= (UINTN
)ItemOffsetList
[Index
+ 1] - (UINTN
)ItemOffsetList
[Index
];
1189 Status
= StartFmpImage (
1190 (UINT8
*)FmpCapsuleHeader
+ ItemOffsetList
[Index
],
1193 if (EFI_ERROR(Status
)) {
1194 DEBUG ((DEBUG_ERROR
, "Driver Return Status = %r\n", Status
));
1200 // 2. Route payload to right FMP instance
1202 DEBUG((DEBUG_INFO
, "FmpCapsule: route payload to right FMP instance ...\n"));
1207 // Check all the payload entry in capsule payload list
1209 for (Index
= FmpCapsuleHeader
->EmbeddedDriverCount
; Index
< ItemNum
; Index
++) {
1210 ImageHeader
= (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
*)((UINT8
*)FmpCapsuleHeader
+ ItemOffsetList
[Index
]);
1212 UpdateHardwareInstance
= 0;
1213 if (ImageHeader
->Version
>= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION
) {
1214 UpdateHardwareInstance
= ImageHeader
->UpdateHardwareInstance
;
1217 Status
= GetFmpHandleBufferByType (
1218 &ImageHeader
->UpdateImageTypeId
,
1219 UpdateHardwareInstance
,
1222 &ResetRequiredBuffer
1224 if (EFI_ERROR(Status
)) {
1226 RecordFmpCapsuleStatus (
1230 Index
- FmpCapsuleHeader
->EmbeddedDriverCount
,
1236 for (Index2
= 0; Index2
< NumberOfHandles
; Index2
++) {
1238 RecordFmpCapsuleStatus (
1239 HandleBuffer
[Index2
],
1242 Index
- FmpCapsuleHeader
->EmbeddedDriverCount
,
1248 Status
= SetFmpImageData (
1249 HandleBuffer
[Index2
],
1251 Index
- FmpCapsuleHeader
->EmbeddedDriverCount
1253 if (Status
!= EFI_SUCCESS
) {
1256 if (ResetRequired
!= NULL
) {
1257 *ResetRequired
|= ResetRequiredBuffer
[Index2
];
1261 RecordFmpCapsuleStatus (
1262 HandleBuffer
[Index2
],
1265 Index
- FmpCapsuleHeader
->EmbeddedDriverCount
,
1269 if (HandleBuffer
!= NULL
) {
1270 FreePool(HandleBuffer
);
1272 if (ResetRequiredBuffer
!= NULL
) {
1273 FreePool(ResetRequiredBuffer
);
1278 return EFI_NOT_READY
;
1282 // always return SUCCESS to indicate this capsule is processed.
1283 // The status of SetImage is recorded in capsule result variable.
1289 Return if there is a FMP header below capsule header.
1291 @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
1293 @retval TRUE There is a FMP header below capsule header.
1294 @retval FALSE There is not a FMP header below capsule header
1297 IsNestedFmpCapsule (
1298 IN EFI_CAPSULE_HEADER
*CapsuleHeader
1302 EFI_SYSTEM_RESOURCE_ENTRY
*EsrtEntry
;
1304 BOOLEAN EsrtGuidFound
;
1305 EFI_CAPSULE_HEADER
*NestedCapsuleHeader
;
1306 UINTN NestedCapsuleSize
;
1307 ESRT_MANAGEMENT_PROTOCOL
*EsrtProtocol
;
1308 EFI_SYSTEM_RESOURCE_ENTRY Entry
;
1310 EsrtGuidFound
= FALSE
;
1311 if (mIsVirtualAddrConverted
) {
1312 if(mEsrtTable
!= NULL
) {
1313 EsrtEntry
= (EFI_SYSTEM_RESOURCE_ENTRY
*)(mEsrtTable
+ 1);
1314 for (Index
= 0; Index
< mEsrtTable
->FwResourceCount
; Index
++, EsrtEntry
++) {
1315 if (CompareGuid(&EsrtEntry
->FwClass
, &CapsuleHeader
->CapsuleGuid
)) {
1316 EsrtGuidFound
= TRUE
;
1323 // Check ESRT protocol
1325 Status
= gBS
->LocateProtocol(&gEsrtManagementProtocolGuid
, NULL
, (VOID
**)&EsrtProtocol
);
1326 if (!EFI_ERROR(Status
)) {
1327 Status
= EsrtProtocol
->GetEsrtEntry(&CapsuleHeader
->CapsuleGuid
, &Entry
);
1328 if (!EFI_ERROR(Status
)) {
1329 EsrtGuidFound
= TRUE
;
1334 // Check Firmware Management Protocols
1336 if (!EsrtGuidFound
) {
1337 Status
= GetFmpHandleBufferByType (
1338 &CapsuleHeader
->CapsuleGuid
,
1344 if (!EFI_ERROR(Status
)) {
1345 EsrtGuidFound
= TRUE
;
1349 if (!EsrtGuidFound
) {
1354 // Check nested capsule header
1355 // FMP GUID after ESRT one
1357 NestedCapsuleHeader
= (EFI_CAPSULE_HEADER
*)((UINT8
*)CapsuleHeader
+ CapsuleHeader
->HeaderSize
);
1358 NestedCapsuleSize
= (UINTN
)CapsuleHeader
+ CapsuleHeader
->CapsuleImageSize
- (UINTN
)NestedCapsuleHeader
;
1359 if (NestedCapsuleSize
< sizeof(EFI_CAPSULE_HEADER
)) {
1362 if (!IsValidCapsuleHeader(NestedCapsuleHeader
, NestedCapsuleSize
)) {
1365 if (!IsFmpCapsuleGuid(&NestedCapsuleHeader
->CapsuleGuid
)) {
1368 DEBUG ((DEBUG_INFO
, "IsNestedFmpCapsule\n"));
1373 Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
1375 @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
1377 @retval TRUE It is a system FMP.
1378 @retval FALSE It is a device FMP.
1382 IN EFI_CAPSULE_HEADER
*CapsuleHeader
1385 if (IsFmpCapsuleGuid(&CapsuleHeader
->CapsuleGuid
)) {
1388 if (IsNestedFmpCapsule(CapsuleHeader
)) {
1395 Those capsules supported by the firmwares.
1397 Caution: This function may receive untrusted input.
1399 @param[in] CapsuleHeader Points to a capsule header.
1401 @retval EFI_SUCESS Input capsule is supported by firmware.
1402 @retval EFI_UNSUPPORTED Input capsule is not supported by the firmware.
1403 @retval EFI_INVALID_PARAMETER Input capsule layout is not correct
1407 SupportCapsuleImage (
1408 IN EFI_CAPSULE_HEADER
*CapsuleHeader
1412 // check Display Capsule Guid
1414 if (CompareGuid (&gWindowsUxCapsuleGuid
, &CapsuleHeader
->CapsuleGuid
)) {
1418 if (IsFmpCapsule(CapsuleHeader
)) {
1420 // Check layout of FMP capsule
1422 return ValidateFmpCapsule(CapsuleHeader
, NULL
);
1424 DEBUG((DEBUG_ERROR
, "Unknown Capsule Guid - %g\n", &CapsuleHeader
->CapsuleGuid
));
1425 return EFI_UNSUPPORTED
;
1429 The firmware implements to process the capsule image.
1431 Caution: This function may receive untrusted input.
1433 @param[in] CapsuleHeader Points to a capsule header.
1434 @param[out] ResetRequired Indicates whether reset is required or not.
1436 @retval EFI_SUCESS Process Capsule Image successfully.
1437 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1438 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1439 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1443 ProcessThisCapsuleImage (
1444 IN EFI_CAPSULE_HEADER
*CapsuleHeader
,
1445 OUT BOOLEAN
*ResetRequired OPTIONAL
1450 if (SupportCapsuleImage (CapsuleHeader
) != EFI_SUCCESS
) {
1451 RecordCapsuleStatusVariable(CapsuleHeader
, EFI_UNSUPPORTED
);
1452 return EFI_UNSUPPORTED
;
1456 // Display image in firmware update display capsule
1458 if (CompareGuid (&gWindowsUxCapsuleGuid
, &CapsuleHeader
->CapsuleGuid
)) {
1459 DEBUG((DEBUG_INFO
, "ProcessCapsuleImage for WindowsUxCapsule ...\n"));
1460 Status
= DisplayCapsuleImage(CapsuleHeader
);
1461 RecordCapsuleStatusVariable(CapsuleHeader
, Status
);
1466 // Check FMP capsule layout
1468 if (IsFmpCapsule (CapsuleHeader
)) {
1469 DEBUG((DEBUG_INFO
, "ProcessCapsuleImage for FmpCapsule ...\n"));
1470 DEBUG((DEBUG_INFO
, "ValidateFmpCapsule ...\n"));
1471 Status
= ValidateFmpCapsule(CapsuleHeader
, NULL
);
1472 DEBUG((DEBUG_INFO
, "ValidateFmpCapsule - %r\n", Status
));
1473 if (EFI_ERROR(Status
)) {
1474 RecordCapsuleStatusVariable(CapsuleHeader
, Status
);
1479 // Process EFI FMP Capsule
1481 DEBUG((DEBUG_INFO
, "ProcessFmpCapsuleImage ...\n"));
1482 Status
= ProcessFmpCapsuleImage(CapsuleHeader
, ResetRequired
);
1483 DEBUG((DEBUG_INFO
, "ProcessFmpCapsuleImage - %r\n", Status
));
1488 return EFI_UNSUPPORTED
;
1492 The firmware implements to process the capsule image.
1494 Caution: This function may receive untrusted input.
1496 @param[in] CapsuleHeader Points to a capsule header.
1498 @retval EFI_SUCESS Process Capsule Image successfully.
1499 @retval EFI_UNSUPPORTED Capsule image is not supported by the firmware.
1500 @retval EFI_VOLUME_CORRUPTED FV volume in the capsule is corrupted.
1501 @retval EFI_OUT_OF_RESOURCES Not enough memory.
1505 ProcessCapsuleImage (
1506 IN EFI_CAPSULE_HEADER
*CapsuleHeader
1509 return ProcessThisCapsuleImage (CapsuleHeader
, NULL
);
1513 Callback function executed when the EndOfDxe event group is signaled.
1515 @param[in] Event Event whose notification function is being invoked.
1516 @param[in] Context The pointer to the notification function's context, which
1517 is implementation-dependent.
1521 DxeCapsuleLibEndOfDxe (
1526 mDxeCapsuleLibEndOfDxe
= TRUE
;
1530 The constructor function.
1532 @param[in] ImageHandle The firmware allocated handle for the EFI image.
1533 @param[in] SystemTable A pointer to the EFI System Table.
1535 @retval EFI_SUCCESS The constructor successfully .
1539 DxeCapsuleLibConstructor (
1540 IN EFI_HANDLE ImageHandle
,
1541 IN EFI_SYSTEM_TABLE
*SystemTable
1546 Status
= gBS
->CreateEventEx (
1549 DxeCapsuleLibEndOfDxe
,
1551 &gEfiEndOfDxeEventGroupGuid
,
1552 &mDxeCapsuleLibEndOfDxeEvent
1554 ASSERT_EFI_ERROR (Status
);
1556 InitCapsuleVariable();
1562 The destructor function closes the End of DXE event.
1564 @param ImageHandle The firmware allocated handle for the EFI image.
1565 @param SystemTable A pointer to the EFI System Table.
1567 @retval EFI_SUCCESS The destructor completed successfully.
1571 DxeCapsuleLibDestructor (
1572 IN EFI_HANDLE ImageHandle
,
1573 IN EFI_SYSTEM_TABLE
*SystemTable
1579 // Close the End of DXE event.
1581 Status
= gBS
->CloseEvent (mDxeCapsuleLibEndOfDxeEvent
);
1582 ASSERT_EFI_ERROR (Status
);