MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.c

   1 /** @file
   2   Capsule Runtime Driver produces two UEFI capsule runtime services.
   3   (UpdateCapsule, QueryCapsuleCapabilities)
   4   It installs the Capsule Architectural Protocol defined in PI1.0a to signify
   5   the capsule runtime services are ready.
   6
   7 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
   8 SPDX-License-Identifier: BSD-2-Clause-Patent
   9
  10 **/
  11
  12 #include "CapsuleService.h"
  13
  14 //
  15 // Handle for the installation of Capsule Architecture Protocol.
  16 //
  17 EFI_HANDLE  mNewHandle = NULL;
  18
  19 //
  20 // The times of calling UpdateCapsule ()
  21 //
  22 UINTN       mTimes      = 0;
  23
  24 UINT32      mMaxSizePopulateCapsule     = 0;
  25 UINT32      mMaxSizeNonPopulateCapsule  = 0;
  26
  27 /**
  28   Passes capsules to the firmware with both virtual and physical mapping. Depending on the intended
  29   consumption, the firmware may process the capsule immediately. If the payload should persist
  30   across a system reset, the reset value returned from EFI_QueryCapsuleCapabilities must
  31   be passed into ResetSystem() and will cause the capsule to be processed by the firmware as
  32   part of the reset process.
  33
  34   @param  CapsuleHeaderArray    Virtual pointer to an array of virtual pointers to the capsules
  35                                 being passed into update capsule.
  36   @param  CapsuleCount          Number of pointers to EFI_CAPSULE_HEADER in
  37                                 CaspuleHeaderArray.
  38   @param  ScatterGatherList     Physical pointer to a set of
  39                                 EFI_CAPSULE_BLOCK_DESCRIPTOR that describes the
  40                                 location in physical memory of a set of capsules.
  41
  42   @retval EFI_SUCCESS           Valid capsule was passed. If
  43                                 CAPSULE_FLAGS_PERSIT_ACROSS_RESET is not set, the
  44                                 capsule has been successfully processed by the firmware.
  45   @retval EFI_DEVICE_ERROR      The capsule update was started, but failed due to a device error.
  46   @retval EFI_INVALID_PARAMETER CapsuleSize is NULL, or an incompatible set of flags were
  47                                 set in the capsule header.
  48   @retval EFI_INVALID_PARAMETER CapsuleCount is Zero.
  49   @retval EFI_INVALID_PARAMETER For across reset capsule image, ScatterGatherList is NULL.
  50   @retval EFI_UNSUPPORTED       CapsuleImage is not recognized by the firmware.
  51   @retval EFI_OUT_OF_RESOURCES  When ExitBootServices() has been previously called this error indicates the capsule
  52                                 is compatible with this platform but is not capable of being submitted or processed
  53                                 in runtime. The caller may resubmit the capsule prior to ExitBootServices().
  54   @retval EFI_OUT_OF_RESOURCES  When ExitBootServices() has not been previously called then this error indicates
  55                                 the capsule is compatible with this platform but there are insufficient resources to process.
  56
  57 **/
  58 EFI_STATUS
  59 EFIAPI
  60 UpdateCapsule (
  61   IN EFI_CAPSULE_HEADER      **CapsuleHeaderArray,
  62   IN UINTN                   CapsuleCount,
  63   IN EFI_PHYSICAL_ADDRESS    ScatterGatherList OPTIONAL
  64   )
  65 {
  66   UINTN                     ArrayNumber;
  67   EFI_STATUS                Status;
  68   EFI_CAPSULE_HEADER        *CapsuleHeader;
  69   BOOLEAN                   NeedReset;
  70   BOOLEAN                   InitiateReset;
  71   CHAR16                    CapsuleVarName[30];
  72   CHAR16                    *TempVarName;
  73
  74   //
  75   // Capsule Count can't be less than one.
  76   //
  77   if (CapsuleCount < 1) {
  78     return EFI_INVALID_PARAMETER;
  79   }
  80
  81   NeedReset         = FALSE;
  82   InitiateReset     = FALSE;
  83   CapsuleHeader     = NULL;
  84   CapsuleVarName[0] = 0;
  85
  86   for (ArrayNumber = 0; ArrayNumber < CapsuleCount; ArrayNumber++) {
  87     //
  88     // A capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE flag must have
  89     // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
  90     //
  91     CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
  92     if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE)) == CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) {
  93       return EFI_INVALID_PARAMETER;
  94     }
  95     //
  96     // A capsule which has the CAPSULE_FLAGS_INITIATE_RESET flag must have
  97     // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
  98     //
  99     if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_INITIATE_RESET)) == CAPSULE_FLAGS_INITIATE_RESET) {
 100       return EFI_INVALID_PARAMETER;
 101     }
 102
 103     //
 104     // Check FMP capsule flag
 105     //
 106     if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)
 107      && (CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0 ) {
 108        return EFI_INVALID_PARAMETER;
 109     }
 110
 111     //
 112     // Check Capsule image without populate flag by firmware support capsule function
 113     //
 114     if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) == 0) {
 115       Status = SupportCapsuleImage (CapsuleHeader);
 116       if (EFI_ERROR(Status)) {
 117         return Status;
 118       }
 119     }
 120   }
 121
 122   //
 123   // Walk through all capsules, record whether there is a capsule needs reset
 124   // or initiate reset. And then process capsules which has no reset flag directly.
 125   //
 126   for (ArrayNumber = 0; ArrayNumber < CapsuleCount ; ArrayNumber++) {
 127     CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
 128     //
 129     // Here should be in the boot-time for non-reset capsule image
 130     // Platform specific update for the non-reset capsule image.
 131     //
 132     if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) == 0) {
 133       if (EfiAtRuntime ()) {
 134         Status = EFI_OUT_OF_RESOURCES;
 135       } else {
 136         Status = ProcessCapsuleImage(CapsuleHeader);
 137       }
 138       if (EFI_ERROR(Status)) {
 139         return Status;
 140       }
 141     } else {
 142       NeedReset = TRUE;
 143       if ((CapsuleHeader->Flags & CAPSULE_FLAGS_INITIATE_RESET) != 0) {
 144         InitiateReset = TRUE;
 145       }
 146     }
 147   }
 148
 149   //
 150   // After launching all capsules who has no reset flag, if no more capsules claims
 151   // for a system reset just return.
 152   //
 153   if (!NeedReset) {
 154     return EFI_SUCCESS;
 155   }
 156
 157   //
 158   // ScatterGatherList is only referenced if the capsules are defined to persist across
 159   // system reset.
 160   //
 161   if (ScatterGatherList == (EFI_PHYSICAL_ADDRESS) (UINTN) NULL) {
 162     return EFI_INVALID_PARAMETER;
 163   }
 164
 165   //
 166   // Check if the platform supports update capsule across a system reset
 167   //
 168   if (!IsPersistAcrossResetCapsuleSupported ()) {
 169     return EFI_UNSUPPORTED;
 170   }
 171
 172   CapsuleCacheWriteBack (ScatterGatherList);
 173
 174   //
 175   // Construct variable name CapsuleUpdateData, CapsuleUpdateData1, CapsuleUpdateData2...
 176   // if user calls UpdateCapsule multiple times.
 177   //
 178   StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CHAR16), EFI_CAPSULE_VARIABLE_NAME);
 179   TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
 180   if (mTimes > 0) {
 181     UnicodeValueToStringS (
 182       TempVarName,
 183       sizeof (CapsuleVarName) - ((UINTN)TempVarName - (UINTN)CapsuleVarName),
 184       0,
 185       mTimes,
 186       0
 187       );
 188   }
 189
 190   //
 191   // ScatterGatherList is only referenced if the capsules are defined to persist across
 192   // system reset. Set its value into NV storage to let pre-boot driver to pick it up
 193   // after coming through a system reset.
 194   //
 195   Status = EfiSetVariable (
 196              CapsuleVarName,
 197              &gEfiCapsuleVendorGuid,
 198              EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
 199              sizeof (UINTN),
 200              (VOID *) &ScatterGatherList
 201              );
 202   if (!EFI_ERROR (Status)) {
 203      //
 204      // Variable has been set successfully, increase variable index.
 205      //
 206      mTimes++;
 207      if(InitiateReset) {
 208        //
 209        // Firmware that encounters a capsule which has the CAPSULE_FLAGS_INITIATE_RESET Flag set in its header
 210        // will initiate a reset of the platform which is compatible with the passed-in capsule request and will
 211        // not return back to the caller.
 212        //
 213        EfiResetSystem (EfiResetWarm, EFI_SUCCESS, 0, NULL);
 214      }
 215   }
 216   return Status;
 217 }
 218
 219 /**
 220   Returns if the capsule can be supported via UpdateCapsule().
 221
 222   @param  CapsuleHeaderArray    Virtual pointer to an array of virtual pointers to the capsules
 223                                 being passed into update capsule.
 224   @param  CapsuleCount          Number of pointers to EFI_CAPSULE_HEADER in
 225                                 CaspuleHeaderArray.
 226   @param  MaxiumCapsuleSize     On output the maximum size that UpdateCapsule() can
 227                                 support as an argument to UpdateCapsule() via
 228                                 CapsuleHeaderArray and ScatterGatherList.
 229   @param  ResetType             Returns the type of reset required for the capsule update.
 230
 231   @retval EFI_SUCCESS           Valid answer returned.
 232   @retval EFI_UNSUPPORTED       The capsule image is not supported on this platform, and
 233                                 MaximumCapsuleSize and ResetType are undefined.
 234   @retval EFI_INVALID_PARAMETER MaximumCapsuleSize is NULL, or ResetTyep is NULL,
 235                                 Or CapsuleCount is Zero, or CapsuleImage is not valid.
 236
 237 **/
 238 EFI_STATUS
 239 EFIAPI
 240 QueryCapsuleCapabilities (
 241   IN  EFI_CAPSULE_HEADER   **CapsuleHeaderArray,
 242   IN  UINTN                CapsuleCount,
 243   OUT UINT64               *MaxiumCapsuleSize,
 244   OUT EFI_RESET_TYPE       *ResetType
 245   )
 246 {
 247   EFI_STATUS                Status;
 248   UINTN                     ArrayNumber;
 249   EFI_CAPSULE_HEADER        *CapsuleHeader;
 250   BOOLEAN                   NeedReset;
 251
 252   //
 253   // Capsule Count can't be less than one.
 254   //
 255   if (CapsuleCount < 1) {
 256     return EFI_INVALID_PARAMETER;
 257   }
 258
 259   //
 260   // Check whether input parameter is valid
 261   //
 262   if ((MaxiumCapsuleSize == NULL) ||(ResetType == NULL)) {
 263     return EFI_INVALID_PARAMETER;
 264   }
 265
 266   CapsuleHeader = NULL;
 267   NeedReset     = FALSE;
 268
 269   for (ArrayNumber = 0; ArrayNumber < CapsuleCount; ArrayNumber++) {
 270     CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
 271     //
 272     // A capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE flag must have
 273     // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
 274     //
 275     if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE)) == CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) {
 276       return EFI_INVALID_PARAMETER;
 277     }
 278     //
 279     // A capsule which has the CAPSULE_FLAGS_INITIATE_RESET flag must have
 280     // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
 281     //
 282     if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_INITIATE_RESET)) == CAPSULE_FLAGS_INITIATE_RESET) {
 283       return EFI_INVALID_PARAMETER;
 284     }
 285
 286     //
 287     // Check FMP capsule flag
 288     //
 289     if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)
 290      && (CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0 ) {
 291        return EFI_INVALID_PARAMETER;
 292     }
 293
 294     //
 295     // Check Capsule image without populate flag is supported by firmware
 296     //
 297     if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) == 0) {
 298       Status = SupportCapsuleImage (CapsuleHeader);
 299       if (EFI_ERROR(Status)) {
 300         return Status;
 301       }
 302     }
 303   }
 304
 305   //
 306   // Find out whether there is any capsule defined to persist across system reset.
 307   //
 308   for (ArrayNumber = 0; ArrayNumber < CapsuleCount ; ArrayNumber++) {
 309     CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
 310     if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
 311       NeedReset = TRUE;
 312       break;
 313     }
 314   }
 315
 316   if (NeedReset) {
 317     //
 318     //Check if the platform supports update capsule across a system reset
 319     //
 320     if (!IsPersistAcrossResetCapsuleSupported ()) {
 321       return EFI_UNSUPPORTED;
 322     }
 323     *ResetType = EfiResetWarm;
 324     *MaxiumCapsuleSize = (UINT64) mMaxSizePopulateCapsule;
 325   } else {
 326     //
 327     // For non-reset capsule image.
 328     //
 329     *ResetType = EfiResetCold;
 330     *MaxiumCapsuleSize = (UINT64) mMaxSizeNonPopulateCapsule;
 331   }
 332
 333   return EFI_SUCCESS;
 334 }
 335
 336
 337 /**
 338
 339   This code installs UEFI capsule runtime service.
 340
 341   @param  ImageHandle    The firmware allocated handle for the EFI image.
 342   @param  SystemTable    A pointer to the EFI System Table.
 343
 344   @retval EFI_SUCCESS    UEFI Capsule Runtime Services are installed successfully.
 345
 346 **/
 347 EFI_STATUS
 348 EFIAPI
 349 CapsuleServiceInitialize (
 350   IN EFI_HANDLE         ImageHandle,
 351   IN EFI_SYSTEM_TABLE   *SystemTable
 352   )
 353 {
 354   EFI_STATUS  Status;
 355
 356   mMaxSizePopulateCapsule = PcdGet32(PcdMaxSizePopulateCapsule);
 357   mMaxSizeNonPopulateCapsule = PcdGet32(PcdMaxSizeNonPopulateCapsule);
 358
 359   //
 360   // When PEI phase is IA32, DXE phase is X64, it is possible that capsule data are
 361   // put above 4GB, so capsule PEI will transfer to long mode to get capsule data.
 362   // The page table and stack is used to transfer processor mode from IA32 to long mode.
 363   // Create the base address of page table and stack, and save them into variable.
 364   // This is not needed when capsule with reset type is not supported.
 365   //
 366   SaveLongModeContext ();
 367
 368   //
 369   // Install capsule runtime services into UEFI runtime service tables.
 370   //
 371   gRT->UpdateCapsule                    = UpdateCapsule;
 372   gRT->QueryCapsuleCapabilities         = QueryCapsuleCapabilities;
 373
 374   //
 375   // Install the Capsule Architectural Protocol on a new handle
 376   // to signify the capsule runtime services are ready.
 377   //
 378   Status = gBS->InstallMultipleProtocolInterfaces (
 379                   &mNewHandle,
 380                   &gEfiCapsuleArchProtocolGuid,
 381                   NULL,
 382                   NULL
 383                   );
 384   ASSERT_EFI_ERROR (Status);
 385
 386   return Status;
 387 }