]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
CapsulePei coalesce need add more sanity check for each Capsule Fragment.
[mirror_edk2.git] / MdeModulePkg / Universal / CapsulePei / UefiCapsule.c
1 /** @file
2 Capsule update PEIM for UEFI2.0
3
4 Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
5
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions
8 of the BSD License which accompanies this distribution. The
9 full text of the license may be found at
10 http://opensource.org/licenses/bsd-license.php
11
12 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
13 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
14
15 **/
16
17 #include "Capsule.h"
18
19 #ifdef MDE_CPU_IA32
20 //
21 // Global Descriptor Table (GDT)
22 //
23 GLOBAL_REMOVE_IF_UNREFERENCED IA32_SEGMENT_DESCRIPTOR mGdtEntries[] = {
24 /* selector { Global Segment Descriptor } */
25 /* 0x00 */ {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, //null descriptor
26 /* 0x08 */ {{0xffff, 0, 0, 0x3, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //linear data segment descriptor
27 /* 0x10 */ {{0xffff, 0, 0, 0xf, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //linear code segment descriptor
28 /* 0x18 */ {{0xffff, 0, 0, 0x3, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //system data segment descriptor
29 /* 0x20 */ {{0xffff, 0, 0, 0xb, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //system code segment descriptor
30 /* 0x28 */ {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, //spare segment descriptor
31 /* 0x30 */ {{0xffff, 0, 0, 0x3, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //system data segment descriptor
32 /* 0x38 */ {{0xffff, 0, 0, 0xb, 1, 0, 1, 0xf, 0, 1, 0, 1, 0}}, //system code segment descriptor
33 /* 0x40 */ {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, //spare segment descriptor
34 };
35
36 //
37 // IA32 Gdt register
38 //
39 GLOBAL_REMOVE_IF_UNREFERENCED CONST IA32_DESCRIPTOR mGdt = {
40 sizeof (mGdtEntries) - 1,
41 (UINTN) mGdtEntries
42 };
43
44 /**
45 Calculate the total size of page table.
46
47 @return The size of page table.
48
49
50 **/
51 UINTN
52 CalculatePageTableSize (
53 VOID
54 )
55 {
56 UINT32 RegEax;
57 UINT32 RegEdx;
58 UINTN TotalPagesNum;
59 UINT8 PhysicalAddressBits;
60 VOID *Hob;
61 UINT32 NumberOfPml4EntriesNeeded;
62 UINT32 NumberOfPdpEntriesNeeded;
63 BOOLEAN Page1GSupport;
64
65 Page1GSupport = FALSE;
66 if (PcdGetBool(PcdUse1GPageTable)) {
67 AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
68 if (RegEax >= 0x80000001) {
69 AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);
70 if ((RegEdx & BIT26) != 0) {
71 Page1GSupport = TRUE;
72 }
73 }
74 }
75
76 //
77 // Get physical address bits supported.
78 //
79 Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
80 if (Hob != NULL) {
81 PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;
82 } else {
83 AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
84 if (RegEax >= 0x80000008) {
85 AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
86 PhysicalAddressBits = (UINT8) RegEax;
87 } else {
88 PhysicalAddressBits = 36;
89 }
90 }
91
92 //
93 // IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.
94 //
95 ASSERT (PhysicalAddressBits <= 52);
96 if (PhysicalAddressBits > 48) {
97 PhysicalAddressBits = 48;
98 }
99
100 //
101 // Calculate the table entries needed.
102 //
103 if (PhysicalAddressBits <= 39 ) {
104 NumberOfPml4EntriesNeeded = 1;
105 NumberOfPdpEntriesNeeded = (UINT32)LShiftU64 (1, (PhysicalAddressBits - 30));
106 } else {
107 NumberOfPml4EntriesNeeded = (UINT32)LShiftU64 (1, (PhysicalAddressBits - 39));
108 NumberOfPdpEntriesNeeded = 512;
109 }
110
111 if (!Page1GSupport) {
112 TotalPagesNum = (NumberOfPdpEntriesNeeded + 1) * NumberOfPml4EntriesNeeded + 1;
113 } else {
114 TotalPagesNum = NumberOfPml4EntriesNeeded + 1;
115 }
116
117 return EFI_PAGES_TO_SIZE (TotalPagesNum);
118 }
119
120 /**
121 Allocates and fills in the Page Directory and Page Table Entries to
122 establish a 1:1 Virtual to Physical mapping.
123
124 @param[in] PageTablesAddress The base address of page table.
125
126 **/
127 VOID
128 CreateIdentityMappingPageTables (
129 IN EFI_PHYSICAL_ADDRESS PageTablesAddress
130 )
131 {
132 UINT32 RegEax;
133 UINT32 RegEdx;
134 UINT8 PhysicalAddressBits;
135 EFI_PHYSICAL_ADDRESS PageAddress;
136 UINTN IndexOfPml4Entries;
137 UINTN IndexOfPdpEntries;
138 UINTN IndexOfPageDirectoryEntries;
139 UINT32 NumberOfPml4EntriesNeeded;
140 UINT32 NumberOfPdpEntriesNeeded;
141 PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;
142 PAGE_MAP_AND_DIRECTORY_POINTER *PageMap;
143 PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
144 PAGE_TABLE_ENTRY *PageDirectoryEntry;
145 UINTN BigPageAddress;
146 VOID *Hob;
147 BOOLEAN Page1GSupport;
148 PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;
149
150 Page1GSupport = FALSE;
151 AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
152 if (RegEax >= 0x80000001) {
153 AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);
154 if ((RegEdx & BIT26) != 0) {
155 Page1GSupport = TRUE;
156 }
157 }
158
159 //
160 // Get physical address bits supported.
161 //
162 Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
163 if (Hob != NULL) {
164 PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;
165 } else {
166 AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
167 if (RegEax >= 0x80000008) {
168 AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
169 PhysicalAddressBits = (UINT8) RegEax;
170 } else {
171 PhysicalAddressBits = 36;
172 }
173 }
174
175 //
176 // IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.
177 //
178 ASSERT (PhysicalAddressBits <= 52);
179 if (PhysicalAddressBits > 48) {
180 PhysicalAddressBits = 48;
181 }
182
183 //
184 // Calculate the table entries needed.
185 //
186 if (PhysicalAddressBits <= 39 ) {
187 NumberOfPml4EntriesNeeded = 1;
188 NumberOfPdpEntriesNeeded = (UINT32)LShiftU64 (1, (PhysicalAddressBits - 30));
189 } else {
190 NumberOfPml4EntriesNeeded = (UINT32)LShiftU64 (1, (PhysicalAddressBits - 39));
191 NumberOfPdpEntriesNeeded = 512;
192 }
193
194 //
195 // Pre-allocate big pages to avoid later allocations.
196 //
197 BigPageAddress = (UINTN) PageTablesAddress;
198
199 //
200 // By architecture only one PageMapLevel4 exists - so lets allocate storage for it.
201 //
202 PageMap = (VOID *) BigPageAddress;
203 BigPageAddress += SIZE_4KB;
204
205 PageMapLevel4Entry = PageMap;
206 PageAddress = 0;
207 for (IndexOfPml4Entries = 0; IndexOfPml4Entries < NumberOfPml4EntriesNeeded; IndexOfPml4Entries++, PageMapLevel4Entry++) {
208 //
209 // Each PML4 entry points to a page of Page Directory Pointer entires.
210 // So lets allocate space for them and fill them in in the IndexOfPdpEntries loop.
211 //
212 PageDirectoryPointerEntry = (VOID *) BigPageAddress;
213 BigPageAddress += SIZE_4KB;
214
215 //
216 // Make a PML4 Entry
217 //
218 PageMapLevel4Entry->Uint64 = (UINT64)(UINTN)PageDirectoryPointerEntry;
219 PageMapLevel4Entry->Bits.ReadWrite = 1;
220 PageMapLevel4Entry->Bits.Present = 1;
221
222 if (Page1GSupport) {
223 PageDirectory1GEntry = (VOID *) PageDirectoryPointerEntry;
224
225 for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += SIZE_1GB) {
226 //
227 // Fill in the Page Directory entries
228 //
229 PageDirectory1GEntry->Uint64 = (UINT64)PageAddress;
230 PageDirectory1GEntry->Bits.ReadWrite = 1;
231 PageDirectory1GEntry->Bits.Present = 1;
232 PageDirectory1GEntry->Bits.MustBe1 = 1;
233 }
234 } else {
235 for (IndexOfPdpEntries = 0; IndexOfPdpEntries < NumberOfPdpEntriesNeeded; IndexOfPdpEntries++, PageDirectoryPointerEntry++) {
236 //
237 // Each Directory Pointer entries points to a page of Page Directory entires.
238 // So allocate space for them and fill them in in the IndexOfPageDirectoryEntries loop.
239 //
240 PageDirectoryEntry = (VOID *) BigPageAddress;
241 BigPageAddress += SIZE_4KB;
242
243 //
244 // Fill in a Page Directory Pointer Entries
245 //
246 PageDirectoryPointerEntry->Uint64 = (UINT64)(UINTN)PageDirectoryEntry;
247 PageDirectoryPointerEntry->Bits.ReadWrite = 1;
248 PageDirectoryPointerEntry->Bits.Present = 1;
249
250 for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += SIZE_2MB) {
251 //
252 // Fill in the Page Directory entries
253 //
254 PageDirectoryEntry->Uint64 = (UINT64)PageAddress;
255 PageDirectoryEntry->Bits.ReadWrite = 1;
256 PageDirectoryEntry->Bits.Present = 1;
257 PageDirectoryEntry->Bits.MustBe1 = 1;
258 }
259 }
260
261 for (; IndexOfPdpEntries < 512; IndexOfPdpEntries++, PageDirectoryPointerEntry++) {
262 ZeroMem (
263 PageDirectoryPointerEntry,
264 sizeof(PAGE_MAP_AND_DIRECTORY_POINTER)
265 );
266 }
267 }
268 }
269
270 //
271 // For the PML4 entries we are not using fill in a null entry.
272 //
273 for (; IndexOfPml4Entries < 512; IndexOfPml4Entries++, PageMapLevel4Entry++) {
274 ZeroMem (
275 PageMapLevel4Entry,
276 sizeof (PAGE_MAP_AND_DIRECTORY_POINTER)
277 );
278 }
279 }
280
281 /**
282 Return function from long mode to 32-bit mode.
283
284 @param EntrypointContext Context for mode switching
285 @param ReturnContext Context for mode switching
286
287 **/
288 VOID
289 ReturnFunction (
290 SWITCH_32_TO_64_CONTEXT *EntrypointContext,
291 SWITCH_64_TO_32_CONTEXT *ReturnContext
292 )
293 {
294 //
295 // Restore original GDT
296 //
297 AsmWriteGdtr (&ReturnContext->Gdtr);
298
299 //
300 // return to original caller
301 //
302 LongJump ((BASE_LIBRARY_JUMP_BUFFER *)(UINTN)EntrypointContext->JumpBuffer, 1);
303
304 //
305 // never be here
306 //
307 ASSERT (FALSE);
308 }
309
310 /**
311 Thunk function from 32-bit protection mode to long mode.
312
313 @param PageTableAddress Page table base address
314 @param Context Context for mode switching
315 @param ReturnContext Context for mode switching
316
317 @retval EFI_SUCCESS Function successfully executed.
318
319 **/
320 EFI_STATUS
321 Thunk32To64 (
322 EFI_PHYSICAL_ADDRESS PageTableAddress,
323 SWITCH_32_TO_64_CONTEXT *Context,
324 SWITCH_64_TO_32_CONTEXT *ReturnContext
325 )
326 {
327 UINTN SetJumpFlag;
328 EFI_STATUS Status;
329
330 //
331 // Save return address, LongJump will return here then
332 //
333 SetJumpFlag = SetJump ((BASE_LIBRARY_JUMP_BUFFER *) (UINTN) Context->JumpBuffer);
334
335 if (SetJumpFlag == 0) {
336
337 //
338 // Build Page Tables for all physical memory processor supports
339 //
340 CreateIdentityMappingPageTables (PageTableAddress);
341
342 //
343 // Create 64-bit GDT
344 //
345 AsmWriteGdtr (&mGdt);
346
347 //
348 // Write CR3
349 //
350 AsmWriteCr3 ((UINTN) PageTableAddress);
351
352 //
353 // Disable interrupt of Debug timer, since the IDT table cannot work in long mode
354 //
355 SaveAndSetDebugTimerInterrupt (FALSE);
356 //
357 // Transfer to long mode
358 //
359 AsmEnablePaging64 (
360 0x38,
361 (UINT64) Context->EntryPoint,
362 (UINT64)(UINTN) Context,
363 (UINT64)(UINTN) ReturnContext,
364 Context->StackBufferBase + Context->StackBufferLength
365 );
366 }
367
368 //
369 // Convert to 32-bit Status and return
370 //
371 Status = EFI_SUCCESS;
372 if ((UINTN) ReturnContext->ReturnStatus != 0) {
373 Status = ENCODE_ERROR ((UINTN) ReturnContext->ReturnStatus);
374 }
375
376 return Status;
377 }
378
379 /**
380 If in 32 bit protection mode, and coalesce image is of X64, switch to long mode.
381
382 @param LongModeBuffer The context of long mode.
383 @param CoalesceEntry Entry of coalesce image.
384 @param BlockListAddr Address of block list.
385 @param MemoryBase Base of memory range.
386 @param MemorySize Size of memory range.
387
388 @retval EFI_SUCCESS Successfully switched to long mode and execute coalesce.
389 @retval Others Failed to execute coalesce in long mode.
390
391 **/
392 EFI_STATUS
393 ModeSwitch (
394 IN EFI_CAPSULE_LONG_MODE_BUFFER *LongModeBuffer,
395 IN COALESCE_ENTRY CoalesceEntry,
396 IN EFI_PHYSICAL_ADDRESS BlockListAddr,
397 IN OUT VOID **MemoryBase,
398 IN OUT UINTN *MemorySize
399 )
400 {
401 EFI_STATUS Status;
402 EFI_PHYSICAL_ADDRESS MemoryBase64;
403 UINT64 MemorySize64;
404 EFI_PHYSICAL_ADDRESS MemoryEnd64;
405 SWITCH_32_TO_64_CONTEXT Context;
406 SWITCH_64_TO_32_CONTEXT ReturnContext;
407 BASE_LIBRARY_JUMP_BUFFER JumpBuffer;
408 EFI_PHYSICAL_ADDRESS ReservedRangeBase;
409 EFI_PHYSICAL_ADDRESS ReservedRangeEnd;
410
411 ZeroMem (&Context, sizeof (SWITCH_32_TO_64_CONTEXT));
412 ZeroMem (&ReturnContext, sizeof (SWITCH_64_TO_32_CONTEXT));
413
414 MemoryBase64 = (UINT64) (UINTN) *MemoryBase;
415 MemorySize64 = (UINT64) (UINTN) *MemorySize;
416 MemoryEnd64 = MemoryBase64 + MemorySize64;
417
418 //
419 // Merge memory range reserved for stack and page table
420 //
421 if (LongModeBuffer->StackBaseAddress < LongModeBuffer->PageTableAddress) {
422 ReservedRangeBase = LongModeBuffer->StackBaseAddress;
423 ReservedRangeEnd = LongModeBuffer->PageTableAddress + CalculatePageTableSize ();
424 } else {
425 ReservedRangeBase = LongModeBuffer->PageTableAddress;
426 ReservedRangeEnd = LongModeBuffer->StackBaseAddress + LongModeBuffer->StackSize;
427 }
428
429 //
430 // Check if memory range reserved is overlap with MemoryBase ~ MemoryBase + MemorySize.
431 // If they are overlapped, get a larger range to process capsule data.
432 //
433 if (ReservedRangeBase <= MemoryBase64) {
434 if (ReservedRangeEnd < MemoryEnd64) {
435 MemoryBase64 = ReservedRangeEnd;
436 } else {
437 DEBUG ((EFI_D_ERROR, "Memory is not enough to process capsule!\n"));
438 return EFI_OUT_OF_RESOURCES;
439 }
440 } else if (ReservedRangeBase < MemoryEnd64) {
441 if (ReservedRangeEnd < MemoryEnd64 &&
442 ReservedRangeBase - MemoryBase64 < MemoryEnd64 - ReservedRangeEnd) {
443 MemoryBase64 = ReservedRangeEnd;
444 } else {
445 MemorySize64 = (UINT64)(UINTN)(ReservedRangeBase - MemoryBase64);
446 }
447 }
448
449 //
450 // Initialize context jumping to 64-bit enviroment
451 //
452 Context.JumpBuffer = (EFI_PHYSICAL_ADDRESS)(UINTN)&JumpBuffer;
453 Context.StackBufferBase = LongModeBuffer->StackBaseAddress;
454 Context.StackBufferLength = LongModeBuffer->StackSize;
455 Context.EntryPoint = (EFI_PHYSICAL_ADDRESS)(UINTN)CoalesceEntry;
456 Context.BlockListAddr = BlockListAddr;
457 Context.MemoryBase64Ptr = (EFI_PHYSICAL_ADDRESS)(UINTN)&MemoryBase64;
458 Context.MemorySize64Ptr = (EFI_PHYSICAL_ADDRESS)(UINTN)&MemorySize64;
459
460 //
461 // Prepare data for return back
462 //
463 ReturnContext.ReturnCs = 0x10;
464 ReturnContext.ReturnEntryPoint = (EFI_PHYSICAL_ADDRESS)(UINTN)ReturnFunction;
465 //
466 // Will save the return status of processing capsule
467 //
468 ReturnContext.ReturnStatus = 0;
469
470 //
471 // Save original GDT
472 //
473 AsmReadGdtr ((IA32_DESCRIPTOR *)&ReturnContext.Gdtr);
474
475 Status = Thunk32To64 (LongModeBuffer->PageTableAddress, &Context, &ReturnContext);
476
477 if (!EFI_ERROR (Status)) {
478 *MemoryBase = (VOID *) (UINTN) MemoryBase64;
479 *MemorySize = (UINTN) MemorySize64;
480 }
481
482 return Status;
483
484 }
485
486 /**
487 Locates the coalesce image entry point, and detects its machine type.
488
489 @param CoalesceImageEntryPoint Pointer to coalesce image entry point for output.
490 @param CoalesceImageMachineType Pointer to machine type of coalesce image.
491
492 @retval EFI_SUCCESS Coalesce image successfully located.
493 @retval Others Failed to locate the coalesce image.
494
495 **/
496 EFI_STATUS
497 FindCapsuleCoalesceImage (
498 OUT EFI_PHYSICAL_ADDRESS *CoalesceImageEntryPoint,
499 OUT UINT16 *CoalesceImageMachineType
500 )
501 {
502 EFI_STATUS Status;
503 UINTN Instance;
504 EFI_PEI_LOAD_FILE_PPI *LoadFile;
505 EFI_PEI_FV_HANDLE VolumeHandle;
506 EFI_PEI_FILE_HANDLE FileHandle;
507 EFI_PHYSICAL_ADDRESS CoalesceImageAddress;
508 UINT64 CoalesceImageSize;
509 UINT32 AuthenticationState;
510
511 Instance = 0;
512
513 while (TRUE) {
514 Status = PeiServicesFfsFindNextVolume (Instance++, &VolumeHandle);
515 if (EFI_ERROR (Status)) {
516 return Status;
517 }
518 Status = PeiServicesFfsFindFileByName (PcdGetPtr(PcdCapsuleCoalesceFile), VolumeHandle, &FileHandle);
519 if (!EFI_ERROR (Status)) {
520 Status = PeiServicesLocatePpi (&gEfiPeiLoadFilePpiGuid, 0, NULL, (VOID **) &LoadFile);
521 ASSERT_EFI_ERROR (Status);
522
523 Status = LoadFile->LoadFile (
524 LoadFile,
525 FileHandle,
526 &CoalesceImageAddress,
527 &CoalesceImageSize,
528 CoalesceImageEntryPoint,
529 &AuthenticationState
530 );
531 if (EFI_ERROR (Status)) {
532 DEBUG ((EFI_D_ERROR, "Unable to find PE32 section in CapsuleRelocate image ffs %r!\n", Status));
533 return Status;
534 }
535 *CoalesceImageMachineType = PeCoffLoaderGetMachineType ((VOID *) (UINTN) CoalesceImageAddress);
536 break;
537 } else {
538 continue;
539 }
540 }
541
542 return Status;
543 }
544
545 #endif
546
547 /**
548 Checks for the presence of capsule descriptors.
549 Get capsule descriptors from variable CapsuleUpdateData, CapsuleUpdateData1, CapsuleUpdateData2...
550 and save to DescriptorBuffer.
551
552 @param DescriptorBuffer Pointer to the capsule descriptors
553
554 @retval EFI_SUCCESS a valid capsule is present
555 @retval EFI_NOT_FOUND if a valid capsule is not present
556 **/
557 EFI_STATUS
558 GetCapsuleDescriptors (
559 IN EFI_PHYSICAL_ADDRESS *DescriptorBuffer
560 )
561 {
562 EFI_STATUS Status;
563 UINTN Size;
564 UINTN Index;
565 UINTN TempIndex;
566 UINTN ValidIndex;
567 BOOLEAN Flag;
568 CHAR16 CapsuleVarName[30];
569 CHAR16 *TempVarName;
570 EFI_PHYSICAL_ADDRESS CapsuleDataPtr64;
571 EFI_PEI_READ_ONLY_VARIABLE2_PPI *PPIVariableServices;
572
573 Index = 0;
574 TempVarName = NULL;
575 CapsuleVarName[0] = 0;
576 ValidIndex = 0;
577
578 Status = PeiServicesLocatePpi (
579 &gEfiPeiReadOnlyVariable2PpiGuid,
580 0,
581 NULL,
582 (VOID **) &PPIVariableServices
583 );
584 if (Status == EFI_SUCCESS) {
585 StrCpy (CapsuleVarName, EFI_CAPSULE_VARIABLE_NAME);
586 TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
587 Size = sizeof (CapsuleDataPtr64);
588 while (1) {
589 if (Index == 0) {
590 //
591 // For the first Capsule Image
592 //
593 Status = PPIVariableServices->GetVariable (
594 PPIVariableServices,
595 CapsuleVarName,
596 &gEfiCapsuleVendorGuid,
597 NULL,
598 &Size,
599 (VOID *) &CapsuleDataPtr64
600 );
601 if (EFI_ERROR (Status)) {
602 DEBUG ((EFI_D_ERROR, "Capsule -- capsule variable not set\n"));
603 return EFI_NOT_FOUND;
604 }
605 //
606 // We have a chicken/egg situation where the memory init code needs to
607 // know the boot mode prior to initializing memory. For this case, our
608 // validate function will fail. We can detect if this is the case if blocklist
609 // pointer is null. In that case, return success since we know that the
610 // variable is set.
611 //
612 if (DescriptorBuffer == NULL) {
613 return EFI_SUCCESS;
614 }
615 } else {
616 UnicodeValueToString (TempVarName, 0, Index, 0);
617 Status = PPIVariableServices->GetVariable (
618 PPIVariableServices,
619 CapsuleVarName,
620 &gEfiCapsuleVendorGuid,
621 NULL,
622 &Size,
623 (VOID *) &CapsuleDataPtr64
624 );
625 if (EFI_ERROR (Status)) {
626 break;
627 }
628
629 //
630 // If this BlockList has been linked before, skip this variable
631 //
632 Flag = FALSE;
633 for (TempIndex = 0; TempIndex < ValidIndex; TempIndex++) {
634 if (DescriptorBuffer[TempIndex] == CapsuleDataPtr64) {
635 Flag = TRUE;
636 break;
637 }
638 }
639 if (Flag) {
640 Index ++;
641 continue;
642 }
643 }
644
645 //
646 // Cache BlockList which has been processed
647 //
648 DescriptorBuffer[ValidIndex++] = CapsuleDataPtr64;
649 Index ++;
650 }
651 }
652
653 return EFI_SUCCESS;
654 }
655
656 /**
657 Gets the reserved long mode buffer.
658
659 @param LongModeBuffer Pointer to the long mode buffer for output.
660
661 @retval EFI_SUCCESS Long mode buffer successfully retrieved.
662 @retval Others Variable storing long mode buffer not found.
663
664 **/
665 EFI_STATUS
666 GetLongModeContext (
667 OUT EFI_CAPSULE_LONG_MODE_BUFFER *LongModeBuffer
668 )
669 {
670 EFI_STATUS Status;
671 UINTN Size;
672 EFI_PEI_READ_ONLY_VARIABLE2_PPI *PPIVariableServices;
673
674 Status = PeiServicesLocatePpi (
675 &gEfiPeiReadOnlyVariable2PpiGuid,
676 0,
677 NULL,
678 (VOID **) &PPIVariableServices
679 );
680 ASSERT_EFI_ERROR (Status);
681
682 Size = sizeof (EFI_CAPSULE_LONG_MODE_BUFFER);
683 Status = PPIVariableServices->GetVariable (
684 PPIVariableServices,
685 EFI_CAPSULE_LONG_MODE_BUFFER_NAME,
686 &gEfiCapsuleVendorGuid,
687 NULL,
688 &Size,
689 LongModeBuffer
690 );
691 if (EFI_ERROR (Status)) {
692 DEBUG (( EFI_D_ERROR, "Error Get LongModeBuffer variable %r!\n", Status));
693 }
694 return Status;
695 }
696
697 /**
698 Capsule PPI service to coalesce a fragmented capsule in memory.
699
700 @param PeiServices General purpose services available to every PEIM.
701 @param MemoryBase Pointer to the base of a block of memory that we can walk
702 all over while trying to coalesce our buffers.
703 On output, this variable will hold the base address of
704 a coalesced capsule.
705 @param MemorySize Size of the memory region pointed to by MemoryBase.
706 On output, this variable will contain the size of the
707 coalesced capsule.
708
709 @retval EFI_NOT_FOUND if we can't determine the boot mode
710 if the boot mode is not flash-update
711 if we could not find the capsule descriptors
712
713 @retval EFI_BUFFER_TOO_SMALL
714 if we could not coalesce the capsule in the memory
715 region provided to us
716
717 @retval EFI_SUCCESS if there's no capsule, or if we processed the
718 capsule successfully.
719 **/
720 EFI_STATUS
721 EFIAPI
722 CapsuleCoalesce (
723 IN EFI_PEI_SERVICES **PeiServices,
724 IN OUT VOID **MemoryBase,
725 IN OUT UINTN *MemorySize
726 )
727 {
728 UINTN Index;
729 UINTN Size;
730 UINTN VariableCount;
731 CHAR16 CapsuleVarName[30];
732 CHAR16 *TempVarName;
733 EFI_PHYSICAL_ADDRESS CapsuleDataPtr64;
734 EFI_STATUS Status;
735 EFI_BOOT_MODE BootMode;
736 EFI_PEI_READ_ONLY_VARIABLE2_PPI *PPIVariableServices;
737 EFI_PHYSICAL_ADDRESS *VariableArrayAddress;
738 #ifdef MDE_CPU_IA32
739 UINT16 CoalesceImageMachineType;
740 EFI_PHYSICAL_ADDRESS CoalesceImageEntryPoint;
741 COALESCE_ENTRY CoalesceEntry;
742 EFI_CAPSULE_LONG_MODE_BUFFER LongModeBuffer;
743 #endif
744
745 Index = 0;
746 VariableCount = 0;
747 CapsuleVarName[0] = 0;
748
749 //
750 // Someone should have already ascertained the boot mode. If it's not
751 // capsule update, then return normally.
752 //
753 Status = PeiServicesGetBootMode (&BootMode);
754 if (EFI_ERROR (Status) || (BootMode != BOOT_ON_FLASH_UPDATE)) {
755 DEBUG ((EFI_D_ERROR, "Boot mode is not correct for capsule update path.\n"));
756 Status = EFI_NOT_FOUND;
757 goto Done;
758 }
759
760 //
761 // User may set the same ScatterGatherList with several different variables,
762 // so cache all ScatterGatherList for check later.
763 //
764 Status = PeiServicesLocatePpi (
765 &gEfiPeiReadOnlyVariable2PpiGuid,
766 0,
767 NULL,
768 (VOID **) &PPIVariableServices
769 );
770 if (EFI_ERROR (Status)) {
771 goto Done;
772 }
773 Size = sizeof (CapsuleDataPtr64);
774 StrCpy (CapsuleVarName, EFI_CAPSULE_VARIABLE_NAME);
775 TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
776 while (TRUE) {
777 if (Index > 0) {
778 UnicodeValueToString (TempVarName, 0, Index, 0);
779 }
780 Status = PPIVariableServices->GetVariable (
781 PPIVariableServices,
782 CapsuleVarName,
783 &gEfiCapsuleVendorGuid,
784 NULL,
785 &Size,
786 (VOID *) &CapsuleDataPtr64
787 );
788 if (EFI_ERROR (Status)) {
789 //
790 // There is no capsule variables, quit
791 //
792 DEBUG ((EFI_D_INFO,"Capsule variable Index = %d\n", Index));
793 break;
794 }
795 VariableCount++;
796 Index++;
797 }
798
799 DEBUG ((EFI_D_INFO,"Capsule variable count = %d\n", VariableCount));
800
801 //
802 // The last entry is the end flag.
803 //
804 Status = PeiServicesAllocatePool (
805 (VariableCount + 1) * sizeof (EFI_PHYSICAL_ADDRESS),
806 (VOID **)&VariableArrayAddress
807 );
808
809 if (Status != EFI_SUCCESS) {
810 DEBUG ((EFI_D_ERROR, "AllocatePages Failed!, Status = %x\n", Status));
811 goto Done;
812 }
813
814 ZeroMem (VariableArrayAddress, (VariableCount + 1) * sizeof (EFI_PHYSICAL_ADDRESS));
815
816 //
817 // Find out if we actually have a capsule.
818 // GetCapsuleDescriptors depends on variable PPI, so it should run in 32-bit environment.
819 //
820 Status = GetCapsuleDescriptors (VariableArrayAddress);
821 if (EFI_ERROR (Status)) {
822 DEBUG ((EFI_D_ERROR, "Fail to find capsule variables.\n"));
823 goto Done;
824 }
825
826 #ifdef MDE_CPU_IA32
827 if (FeaturePcdGet (PcdDxeIplSwitchToLongMode)) {
828 //
829 // Switch to 64-bit mode to process capsule data when:
830 // 1. When DXE phase is 64-bit
831 // 2. When the buffer for 64-bit transition exists
832 // 3. When Capsule X64 image is built in BIOS image
833 // In 64-bit mode, we can process capsule data above 4GB.
834 //
835 CoalesceImageEntryPoint = 0;
836 Status = GetLongModeContext (&LongModeBuffer);
837 if (EFI_ERROR (Status)) {
838 DEBUG ((EFI_D_ERROR, "Fail to find the variables for long mode context!\n"));
839 Status = EFI_NOT_FOUND;
840 goto Done;
841 }
842
843 Status = FindCapsuleCoalesceImage (&CoalesceImageEntryPoint, &CoalesceImageMachineType);
844 if ((EFI_ERROR (Status)) || (CoalesceImageMachineType != EFI_IMAGE_MACHINE_X64)) {
845 DEBUG ((EFI_D_ERROR, "Fail to find CapsuleX64 module in FV!\n"));
846 Status = EFI_NOT_FOUND;
847 goto Done;
848 }
849 ASSERT (CoalesceImageEntryPoint != 0);
850 CoalesceEntry = (COALESCE_ENTRY) (UINTN) CoalesceImageEntryPoint;
851 Status = ModeSwitch (&LongModeBuffer, CoalesceEntry, (EFI_PHYSICAL_ADDRESS)(UINTN)VariableArrayAddress, MemoryBase, MemorySize);
852 } else {
853 //
854 // Capsule is processed in IA32 mode.
855 //
856 Status = CapsuleDataCoalesce (PeiServices, (EFI_PHYSICAL_ADDRESS *)(UINTN)VariableArrayAddress, MemoryBase, MemorySize);
857 }
858 #else
859 //
860 // Process capsule directly.
861 //
862 Status = CapsuleDataCoalesce (PeiServices, (EFI_PHYSICAL_ADDRESS *)(UINTN)VariableArrayAddress, MemoryBase, MemorySize);
863 #endif
864
865 DEBUG ((EFI_D_INFO, "Capsule Coalesce Status = %r!\n", Status));
866
867 if (Status == EFI_BUFFER_TOO_SMALL) {
868 DEBUG ((EFI_D_ERROR, "There is not enough memory to process capsule!\n"));
869 }
870
871 if (Status == EFI_NOT_FOUND) {
872 DEBUG ((EFI_D_ERROR, "Fail to parse capsule descriptor in memory!\n"));
873 REPORT_STATUS_CODE (
874 EFI_ERROR_CODE | EFI_ERROR_MAJOR,
875 (EFI_SOFTWARE_PEI_MODULE | EFI_SW_PEI_EC_INVALID_CAPSULE_DESCRIPTOR)
876 );
877 }
878
879 Done:
880 return Status;
881 }
882
883 /**
884 Determine if we're in capsule update boot mode.
885
886 @param PeiServices PEI services table
887
888 @retval EFI_SUCCESS if we have a capsule available
889 @retval EFI_NOT_FOUND no capsule detected
890
891 **/
892 EFI_STATUS
893 EFIAPI
894 CheckCapsuleUpdate (
895 IN EFI_PEI_SERVICES **PeiServices
896 )
897 {
898 EFI_STATUS Status;
899 Status = GetCapsuleDescriptors (NULL);
900 return Status;
901 }
902 /**
903 This function will look at a capsule and determine if it's a test pattern.
904 If it is, then it will verify it and emit an error message if corruption is detected.
905
906 @param PeiServices Standard pei services pointer
907 @param CapsuleBase Base address of coalesced capsule, which is preceeded
908 by private data. Very implementation specific.
909
910 @retval TRUE Capsule image is the test image
911 @retval FALSE Capsule image is not the test image.
912
913 **/
914 BOOLEAN
915 CapsuleTestPattern (
916 IN EFI_PEI_SERVICES **PeiServices,
917 IN VOID *CapsuleBase
918 )
919 {
920 UINT32 *TestPtr;
921 UINT32 TestCounter;
922 UINT32 TestSize;
923 BOOLEAN RetValue;
924
925 RetValue = FALSE;
926
927 //
928 // Look at the capsule data and determine if it's a test pattern. If it
929 // is, then test it now.
930 //
931 TestPtr = (UINT32 *) CapsuleBase;
932 //
933 // 0x54534554 "TEST"
934 //
935 if (*TestPtr == 0x54534554) {
936 RetValue = TRUE;
937 DEBUG ((EFI_D_INFO, "Capsule test pattern mode activated...\n"));
938 TestSize = TestPtr[1] / sizeof (UINT32);
939 //
940 // Skip over the signature and the size fields in the pattern data header
941 //
942 TestPtr += 2;
943 TestCounter = 0;
944 while (TestSize > 0) {
945 if (*TestPtr != TestCounter) {
946 DEBUG ((EFI_D_INFO, "Capsule test pattern mode FAILED: BaseAddr/FailAddr 0x%X 0x%X\n", (UINT32)(UINTN)(EFI_CAPSULE_PEIM_PRIVATE_DATA *)CapsuleBase, (UINT32)(UINTN)TestPtr));
947 return TRUE;
948 }
949
950 TestPtr++;
951 TestCounter++;
952 TestSize--;
953 }
954
955 DEBUG ((EFI_D_INFO, "Capsule test pattern mode SUCCESS\n"));
956 }
957
958 return RetValue;
959 }
960
961 /**
962 Capsule PPI service that gets called after memory is available. The
963 capsule coalesce function, which must be called first, returns a base
964 address and size, which can be anything actually. Once the memory init
965 PEIM has discovered memory, then it should call this function and pass in
966 the base address and size returned by the coalesce function. Then this
967 function can create a capsule HOB and return.
968
969 @param PeiServices standard pei services pointer
970 @param CapsuleBase address returned by the capsule coalesce function. Most
971 likely this will actually be a pointer to private data.
972 @param CapsuleSize value returned by the capsule coalesce function.
973
974 @retval EFI_VOLUME_CORRUPTED CapsuleBase does not appear to point to a
975 coalesced capsule
976 @retval EFI_SUCCESS if all goes well.
977 **/
978 EFI_STATUS
979 EFIAPI
980 CreateState (
981 IN EFI_PEI_SERVICES **PeiServices,
982 IN VOID *CapsuleBase,
983 IN UINTN CapsuleSize
984 )
985 {
986 EFI_STATUS Status;
987 EFI_CAPSULE_PEIM_PRIVATE_DATA *PrivateData;
988 UINTN Size;
989 EFI_PHYSICAL_ADDRESS NewBuffer;
990 UINTN CapsuleNumber;
991 UINT32 Index;
992 EFI_PHYSICAL_ADDRESS BaseAddress;
993 UINT64 Length;
994
995 PrivateData = (EFI_CAPSULE_PEIM_PRIVATE_DATA *) CapsuleBase;
996 if (PrivateData->Signature != EFI_CAPSULE_PEIM_PRIVATE_DATA_SIGNATURE) {
997 return EFI_VOLUME_CORRUPTED;
998 }
999 if (PrivateData->CapsuleAllImageSize >= MAX_ADDRESS) {
1000 DEBUG ((EFI_D_ERROR, "CapsuleAllImageSize too big - 0x%lx\n", PrivateData->CapsuleAllImageSize));
1001 return EFI_OUT_OF_RESOURCES;
1002 }
1003 if (PrivateData->CapsuleNumber >= MAX_ADDRESS) {
1004 DEBUG ((EFI_D_ERROR, "CapsuleNumber too big - 0x%lx\n", PrivateData->CapsuleNumber));
1005 return EFI_OUT_OF_RESOURCES;
1006 }
1007 //
1008 // Capsule Number and Capsule Offset is in the tail of Capsule data.
1009 //
1010 Size = (UINTN)PrivateData->CapsuleAllImageSize;
1011 CapsuleNumber = (UINTN)PrivateData->CapsuleNumber;
1012 //
1013 // Allocate the memory so that it gets preserved into DXE
1014 //
1015 Status = PeiServicesAllocatePages (
1016 EfiRuntimeServicesData,
1017 EFI_SIZE_TO_PAGES (Size),
1018 &NewBuffer
1019 );
1020
1021 if (Status != EFI_SUCCESS) {
1022 DEBUG ((EFI_D_ERROR, "AllocatePages Failed!\n"));
1023 return Status;
1024 }
1025 //
1026 // Copy to our new buffer for DXE
1027 //
1028 DEBUG ((EFI_D_INFO, "Capsule copy from 0x%8X to 0x%8X with size 0x%8X\n", (UINTN)((UINT8 *)PrivateData + sizeof(EFI_CAPSULE_PEIM_PRIVATE_DATA) + (CapsuleNumber - 1) * sizeof(UINT64)), (UINTN) NewBuffer, Size));
1029 CopyMem ((VOID *) (UINTN) NewBuffer, (VOID *) (UINTN) ((UINT8 *)PrivateData + sizeof(EFI_CAPSULE_PEIM_PRIVATE_DATA) + (CapsuleNumber - 1) * sizeof(UINT64)), Size);
1030 //
1031 // Check for test data pattern. If it is the test pattern, then we'll
1032 // test it ans still create the HOB so that it can be used to verify
1033 // that capsules don't get corrupted all the way into BDS. BDS will
1034 // still try to turn it into a firmware volume, but will think it's
1035 // corrupted so nothing will happen.
1036 //
1037 DEBUG_CODE (
1038 CapsuleTestPattern (PeiServices, (VOID *) (UINTN) NewBuffer);
1039 );
1040
1041 //
1042 // Build the UEFI Capsule Hob for each capsule image.
1043 //
1044 for (Index = 0; Index < CapsuleNumber; Index ++) {
1045 BaseAddress = NewBuffer + PrivateData->CapsuleOffset[Index];
1046 Length = ((EFI_CAPSULE_HEADER *)((UINTN) BaseAddress))->CapsuleImageSize;
1047
1048 BuildCvHob (BaseAddress, Length);
1049 }
1050
1051 return EFI_SUCCESS;
1052 }
1053
1054 CONST PEI_CAPSULE_PPI mCapsulePpi = {
1055 CapsuleCoalesce,
1056 CheckCapsuleUpdate,
1057 CreateState
1058 };
1059
1060 CONST EFI_PEI_PPI_DESCRIPTOR mUefiPpiListCapsule = {
1061 (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
1062 &gPeiCapsulePpiGuid,
1063 (PEI_CAPSULE_PPI *) &mCapsulePpi
1064 };
1065
1066 /**
1067 Entry point function for the PEIM
1068
1069 @param FileHandle Handle of the file being invoked.
1070 @param PeiServices Describes the list of possible PEI Services.
1071
1072 @return EFI_SUCCESS If we installed our PPI
1073
1074 **/
1075 EFI_STATUS
1076 EFIAPI
1077 CapsuleMain (
1078 IN EFI_PEI_FILE_HANDLE FileHandle,
1079 IN CONST EFI_PEI_SERVICES **PeiServices
1080 )
1081 {
1082 //
1083 // Just produce our PPI
1084 //
1085 return PeiServicesInstallPpi (&mUefiPpiListCapsule);
1086 }
EFI Development Kit II mirror for PVE