]> git.proxmox.com Git - mirror_edk2.git/blob - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm
[mirror_edk2.git] / SignedCapsulePkg / Universal / SystemFirmwareUpdate / SystemFirmwareUpdateDxe.c
1 /** @file
2 SetImage instance to update system firmware.
3
4 Caution: This module requires additional review when modified.
5 This module will have external input - capsule image.
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
8
9 FmpSetImage() will receive untrusted input and do basic validation.
10
11 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
12 SPDX-License-Identifier: BSD-2-Clause-Patent
13
14 **/
15
16 #include "SystemFirmwareDxe.h"
17
18 //
19 // SystemFmp driver private data
20 //
21 SYSTEM_FMP_PRIVATE_DATA *mSystemFmpPrivate = NULL;
22
23 EFI_GUID mCurrentImageTypeId;
24
25 BOOLEAN mNvRamUpdated = FALSE;
26
27 /**
28 Parse Config data file to get the updated data array.
29
30 @param[in] DataBuffer Config raw file buffer.
31 @param[in] BufferSize Size of raw buffer.
32 @param[in, out] ConfigHeader Pointer to the config header.
33 @param[in, out] UpdateArray Pointer to the config of update data.
34
35 @retval EFI_NOT_FOUND No config data is found.
36 @retval EFI_OUT_OF_RESOURCES No enough memory is allocated.
37 @retval EFI_SUCCESS Parse the config file successfully.
38
39 **/
40 EFI_STATUS
41 ParseUpdateDataFile (
42 IN UINT8 *DataBuffer,
43 IN UINTN BufferSize,
44 IN OUT CONFIG_HEADER *ConfigHeader,
45 IN OUT UPDATE_CONFIG_DATA **UpdateArray
46 );
47
48 /**
49 Update System Firmware image component.
50
51 @param[in] SystemFirmwareImage Points to the System Firmware image.
52 @param[in] SystemFirmwareImageSize The length of the System Firmware image in bytes.
53 @param[in] ConfigData Points to the component configuration structure.
54 @param[out] LastAttemptVersion The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
55 @param[out] LastAttemptStatus The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
56 @param[in] Progress A function used by the driver to report the progress of the firmware update.
57 @param[in] StartPercentage The start completion percentage value that may be used to report progress during the flash write operation.
58 @param[in] EndPercentage The end completion percentage value that may be used to report progress during the flash write operation.
59
60 @retval EFI_SUCCESS The System Firmware image is updated.
61 @retval EFI_WRITE_PROTECTED The flash device is read only.
62 **/
63 EFI_STATUS
64 PerformUpdate (
65 IN VOID *SystemFirmwareImage,
66 IN UINTN SystemFirmwareImageSize,
67 IN UPDATE_CONFIG_DATA *ConfigData,
68 OUT UINT32 *LastAttemptVersion,
69 OUT UINT32 *LastAttemptStatus,
70 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress,
71 IN UINTN StartPercentage,
72 IN UINTN EndPercentage
73 )
74 {
75 EFI_STATUS Status;
76
77 DEBUG ((DEBUG_INFO, "PlatformUpdate:"));
78 DEBUG ((DEBUG_INFO, " BaseAddress - 0x%lx,", ConfigData->BaseAddress));
79 DEBUG ((DEBUG_INFO, " ImageOffset - 0x%x,", ConfigData->ImageOffset));
80 DEBUG ((DEBUG_INFO, " Legnth - 0x%x\n", ConfigData->Length));
81 if (Progress != NULL) {
82 Progress (StartPercentage);
83 }
84
85 Status = PerformFlashWriteWithProgress (
86 ConfigData->FirmwareType,
87 ConfigData->BaseAddress,
88 ConfigData->AddressType,
89 (VOID *)((UINTN)SystemFirmwareImage + (UINTN)ConfigData->ImageOffset),
90 ConfigData->Length,
91 Progress,
92 StartPercentage,
93 EndPercentage
94 );
95 if (Progress != NULL) {
96 Progress (EndPercentage);
97 }
98
99 if (!EFI_ERROR (Status)) {
100 *LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
101 if (ConfigData->FirmwareType == PlatformFirmwareTypeNvRam) {
102 mNvRamUpdated = TRUE;
103 }
104 } else {
105 *LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
106 }
107
108 return Status;
109 }
110
111 /**
112 Update System Firmware image.
113
114 @param[in] SystemFirmwareImage Points to the System Firmware image.
115 @param[in] SystemFirmwareImageSize The length of the System Firmware image in bytes.
116 @param[in] ConfigImage Points to the config file image.
117 @param[in] ConfigImageSize The length of the config file image in bytes.
118 @param[out] LastAttemptVersion The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
119 @param[out] LastAttemptStatus The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
120 @param[in] Progress A function used by the driver to report the progress of the firmware update.
121
122 @retval EFI_SUCCESS The System Firmware image is updated.
123 @retval EFI_WRITE_PROTECTED The flash device is read only.
124 **/
125 EFI_STATUS
126 UpdateImage (
127 IN VOID *SystemFirmwareImage,
128 IN UINTN SystemFirmwareImageSize,
129 IN VOID *ConfigImage,
130 IN UINTN ConfigImageSize,
131 OUT UINT32 *LastAttemptVersion,
132 OUT UINT32 *LastAttemptStatus,
133 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
134 )
135 {
136 EFI_STATUS Status;
137 UPDATE_CONFIG_DATA *ConfigData;
138 UPDATE_CONFIG_DATA *UpdateConfigData;
139 CONFIG_HEADER ConfigHeader;
140 UINTN Index;
141 UINTN TotalSize;
142 UINTN BytesWritten;
143 UINTN StartPercentage;
144 UINTN EndPercentage;
145
146 if (ConfigImage == NULL) {
147 DEBUG ((DEBUG_INFO, "PlatformUpdate (NoConfig):"));
148 DEBUG ((DEBUG_INFO, " BaseAddress - 0x%x,", 0));
149 DEBUG ((DEBUG_INFO, " Length - 0x%x\n", SystemFirmwareImageSize));
150 // ASSUME the whole System Firmware include NVRAM region.
151 StartPercentage = 0;
152 EndPercentage = 100;
153 if (Progress != NULL) {
154 Progress (StartPercentage);
155 }
156
157 Status = PerformFlashWriteWithProgress (
158 PlatformFirmwareTypeNvRam,
159 0,
160 FlashAddressTypeRelativeAddress,
161 SystemFirmwareImage,
162 SystemFirmwareImageSize,
163 Progress,
164 StartPercentage,
165 EndPercentage
166 );
167 if (Progress != NULL) {
168 Progress (EndPercentage);
169 }
170
171 if (!EFI_ERROR (Status)) {
172 *LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
173 mNvRamUpdated = TRUE;
174 } else {
175 *LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
176 }
177
178 return Status;
179 }
180
181 DEBUG ((DEBUG_INFO, "PlatformUpdate (With Config):\n"));
182 ConfigData = NULL;
183 ZeroMem (&ConfigHeader, sizeof (ConfigHeader));
184 Status = ParseUpdateDataFile (
185 ConfigImage,
186 ConfigImageSize,
187 &ConfigHeader,
188 &ConfigData
189 );
190 DEBUG ((DEBUG_INFO, "ParseUpdateDataFile - %r\n", Status));
191 if (EFI_ERROR (Status)) {
192 *LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
193 return EFI_INVALID_PARAMETER;
194 }
195
196 DEBUG ((DEBUG_INFO, "ConfigHeader.NumOfUpdates - 0x%x\n", ConfigHeader.NumOfUpdates));
197 DEBUG ((DEBUG_INFO, "PcdEdkiiSystemFirmwareFileGuid - %g\n", PcdGetPtr (PcdEdkiiSystemFirmwareFileGuid)));
198
199 TotalSize = 0;
200 for (Index = 0; Index < ConfigHeader.NumOfUpdates; Index++) {
201 if (CompareGuid (&ConfigData[Index].FileGuid, PcdGetPtr (PcdEdkiiSystemFirmwareFileGuid))) {
202 TotalSize = TotalSize + ConfigData[Index].Length;
203 }
204 }
205
206 BytesWritten = 0;
207 Index = 0;
208 UpdateConfigData = ConfigData;
209 while (Index < ConfigHeader.NumOfUpdates) {
210 if (CompareGuid (&UpdateConfigData->FileGuid, PcdGetPtr (PcdEdkiiSystemFirmwareFileGuid))) {
211 DEBUG ((DEBUG_INFO, "FileGuid - %g (processing)\n", &UpdateConfigData->FileGuid));
212 StartPercentage = (BytesWritten * 100) / TotalSize;
213 EndPercentage = ((BytesWritten + UpdateConfigData->Length) * 100) / TotalSize;
214 Status = PerformUpdate (
215 SystemFirmwareImage,
216 SystemFirmwareImageSize,
217 UpdateConfigData,
218 LastAttemptVersion,
219 LastAttemptStatus,
220 Progress,
221 StartPercentage,
222 EndPercentage
223 );
224 //
225 // Shall updates be serialized so that if an update is not successfully completed,
226 // the remaining updates won't be performed.
227 //
228 if (EFI_ERROR (Status)) {
229 break;
230 }
231 } else {
232 DEBUG ((DEBUG_INFO, "FileGuid - %g (ignored)\n", &UpdateConfigData->FileGuid));
233 }
234
235 BytesWritten += UpdateConfigData->Length;
236
237 Index++;
238 UpdateConfigData++;
239 }
240
241 return Status;
242 }
243
244 /**
245 Authenticate and update System Firmware image.
246
247 Caution: This function may receive untrusted input.
248
249 @param[in] Image The EDKII system FMP capsule image.
250 @param[in] ImageSize The size of the EDKII system FMP capsule image in bytes.
251 @param[out] LastAttemptVersion The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
252 @param[out] LastAttemptStatus The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
253 @param[in] Progress A function used by the driver to report the progress of the firmware update.
254
255 @retval EFI_SUCCESS EDKII system FMP capsule passes authentication and the System Firmware image is updated.
256 @retval EFI_SECURITY_VIOLATION EDKII system FMP capsule fails authentication and the System Firmware image is not updated.
257 @retval EFI_WRITE_PROTECTED The flash device is read only.
258 **/
259 EFI_STATUS
260 SystemFirmwareAuthenticatedUpdate (
261 IN VOID *Image,
262 IN UINTN ImageSize,
263 OUT UINT32 *LastAttemptVersion,
264 OUT UINT32 *LastAttemptStatus,
265 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
266 )
267 {
268 EFI_STATUS Status;
269 VOID *SystemFirmwareImage;
270 UINTN SystemFirmwareImageSize;
271 VOID *ConfigImage;
272 UINTN ConfigImageSize;
273 VOID *AuthenticatedImage;
274 UINTN AuthenticatedImageSize;
275
276 AuthenticatedImage = NULL;
277 AuthenticatedImageSize = 0;
278
279 DEBUG ((DEBUG_INFO, "SystemFirmwareAuthenticatedUpdate...\n"));
280
281 Status = CapsuleAuthenticateSystemFirmware (Image, ImageSize, FALSE, LastAttemptVersion, LastAttemptStatus, &AuthenticatedImage, &AuthenticatedImageSize);
282 if (EFI_ERROR (Status)) {
283 DEBUG ((DEBUG_INFO, "SystemFirmwareAuthenticateImage - %r\n", Status));
284 return Status;
285 }
286
287 DEBUG ((DEBUG_INFO, "ExtractSystemFirmwareImage ...\n"));
288 ExtractSystemFirmwareImage (AuthenticatedImage, AuthenticatedImageSize, &SystemFirmwareImage, &SystemFirmwareImageSize);
289 DEBUG ((DEBUG_INFO, "ExtractConfigImage ...\n"));
290 ExtractConfigImage (AuthenticatedImage, AuthenticatedImageSize, &ConfigImage, &ConfigImageSize);
291
292 DEBUG ((DEBUG_INFO, "UpdateImage ...\n"));
293 Status = UpdateImage (SystemFirmwareImage, SystemFirmwareImageSize, ConfigImage, ConfigImageSize, LastAttemptVersion, LastAttemptStatus, Progress);
294 if (EFI_ERROR (Status)) {
295 DEBUG ((DEBUG_INFO, "UpdateImage - %r\n", Status));
296 return Status;
297 }
298
299 DEBUG ((DEBUG_INFO, "SystemFirmwareAuthenticatedUpdate Done\n"));
300
301 return EFI_SUCCESS;
302 }
303
304 /**
305
306 This code finds variable in storage blocks (Volatile or Non-Volatile).
307
308 @param[in] VariableName Name of Variable to be found.
309 @param[in] VendorGuid Variable vendor GUID.
310 @param[out] Attributes Attribute value of the variable found.
311 @param[in, out] DataSize Size of Data found. If size is less than the
312 data, this value contains the required size.
313 @param[out] Data Data pointer.
314
315 @return EFI_INVALID_PARAMETER Invalid parameter.
316 @return EFI_SUCCESS Find the specified variable.
317 @return EFI_NOT_FOUND Not found.
318 @return EFI_BUFFER_TO_SMALL DataSize is too small for the result.
319
320 **/
321 EFI_STATUS
322 EFIAPI
323 GetVariableHook (
324 IN CHAR16 *VariableName,
325 IN EFI_GUID *VendorGuid,
326 OUT UINT32 *Attributes OPTIONAL,
327 IN OUT UINTN *DataSize,
328 OUT VOID *Data
329 )
330 {
331 DEBUG ((DEBUG_INFO, "GetVariableHook - %S, %g\n", VariableName, VendorGuid));
332 return EFI_NOT_AVAILABLE_YET;
333 }
334
335 /**
336
337 This code Finds the Next available variable.
338
339 @param[in, out] VariableNameSize Size of the variable name.
340 @param[in, out] VariableName Pointer to variable name.
341 @param[in, out] VendorGuid Variable Vendor Guid.
342
343 @return EFI_INVALID_PARAMETER Invalid parameter.
344 @return EFI_SUCCESS Find the specified variable.
345 @return EFI_NOT_FOUND Not found.
346 @return EFI_BUFFER_TO_SMALL DataSize is too small for the result.
347
348 **/
349 EFI_STATUS
350 EFIAPI
351 GetNextVariableNameHook (
352 IN OUT UINTN *VariableNameSize,
353 IN OUT CHAR16 *VariableName,
354 IN OUT EFI_GUID *VendorGuid
355 )
356 {
357 DEBUG ((DEBUG_INFO, "GetNextVariableNameHook - %S, %g\n", VariableName, VendorGuid));
358 return EFI_NOT_AVAILABLE_YET;
359 }
360
361 /**
362
363 This code sets variable in storage blocks (Volatile or Non-Volatile).
364
365 @param[in] VariableName Name of Variable to be found.
366 @param[in] VendorGuid Variable vendor GUID.
367 @param[in] Attributes Attribute value of the variable found
368 @param[in] DataSize Size of Data found. If size is less than the
369 data, this value contains the required size.
370 @param[in] Data Data pointer.
371
372 @return EFI_INVALID_PARAMETER Invalid parameter.
373 @return EFI_SUCCESS Set successfully.
374 @return EFI_OUT_OF_RESOURCES Resource not enough to set variable.
375 @return EFI_NOT_FOUND Not found.
376 @return EFI_WRITE_PROTECTED Variable is read-only.
377
378 **/
379 EFI_STATUS
380 EFIAPI
381 SetVariableHook (
382 IN CHAR16 *VariableName,
383 IN EFI_GUID *VendorGuid,
384 IN UINT32 Attributes,
385 IN UINTN DataSize,
386 IN VOID *Data
387 )
388 {
389 DEBUG ((DEBUG_INFO, "SetVariableHook - %S, %g, 0x%x (0x%x)\n", VariableName, VendorGuid, Attributes, DataSize));
390 return EFI_NOT_AVAILABLE_YET;
391 }
392
393 /**
394
395 This code returns information about the EFI variables.
396
397 @param[in] Attributes Attributes bitmask to specify the type of variables
398 on which to return information.
399 @param[out] MaximumVariableStorageSize Pointer to the maximum size of the storage space available
400 for the EFI variables associated with the attributes specified.
401 @param[out] RemainingVariableStorageSize Pointer to the remaining size of the storage space available
402 for EFI variables associated with the attributes specified.
403 @param[out] MaximumVariableSize Pointer to the maximum size of an individual EFI variables
404 associated with the attributes specified.
405
406 @return EFI_SUCCESS Query successfully.
407
408 **/
409 EFI_STATUS
410 EFIAPI
411 QueryVariableInfoHook (
412 IN UINT32 Attributes,
413 OUT UINT64 *MaximumVariableStorageSize,
414 OUT UINT64 *RemainingVariableStorageSize,
415 OUT UINT64 *MaximumVariableSize
416 )
417 {
418 DEBUG ((DEBUG_INFO, "QueryVariableInfoHook - 0x%x\n", Attributes));
419 return EFI_NOT_AVAILABLE_YET;
420 }
421
422 /**
423 Updates the firmware image of the device.
424
425 This function updates the hardware with the new firmware image.
426 This function returns EFI_UNSUPPORTED if the firmware image is not updatable.
427 If the firmware image is updatable, the function should perform the following minimal validations
428 before proceeding to do the firmware image update.
429 - Validate the image authentication if image has attribute
430 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns
431 EFI_SECURITY_VIOLATION if the validation fails.
432 - Validate the image is a supported image for this device. The function returns EFI_ABORTED if
433 the image is unsupported. The function can optionally provide more detailed information on
434 why the image is not a supported image.
435 - Validate the data from VendorCode if not null. Image validation must be performed before
436 VendorCode data validation. VendorCode data is ignored or considered invalid if image
437 validation failed. The function returns EFI_ABORTED if the data is invalid.
438
439 VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if
440 the caller did not specify the policy or use the default policy. As an example, vendor can implement
441 a policy to allow an option to force a firmware image update when the abort reason is due to the new
442 firmware image version is older than the current firmware image version or bad image checksum.
443 Sensitive operations such as those wiping the entire firmware image and render the device to be
444 non-functional should be encoded in the image itself rather than passed with the VendorCode.
445 AbortReason enables vendor to have the option to provide a more detailed description of the abort
446 reason to the caller.
447
448 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
449 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.
450 The number is between 1 and DescriptorCount.
451 @param[in] Image Points to the new image.
452 @param[in] ImageSize Size of the new image in bytes.
453 @param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy.
454 Null indicates the caller did not specify the policy or use the default policy.
455 @param[in] Progress A function used by the driver to report the progress of the firmware update.
456 @param[out] AbortReason A pointer to a pointer to a null-terminated string providing more
457 details for the aborted operation. The buffer is allocated by this function
458 with AllocatePool(), and it is the caller's responsibility to free it with a
459 call to FreePool().
460
461 @retval EFI_SUCCESS The device was successfully updated with the new image.
462 @retval EFI_ABORTED The operation is aborted.
463 @retval EFI_INVALID_PARAMETER The Image was NULL.
464 @retval EFI_UNSUPPORTED The operation is not supported.
465 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.
466
467 **/
468 EFI_STATUS
469 EFIAPI
470 FmpSetImage (
471 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,
472 IN UINT8 ImageIndex,
473 IN CONST VOID *Image,
474 IN UINTN ImageSize,
475 IN CONST VOID *VendorCode,
476 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress,
477 OUT CHAR16 **AbortReason
478 )
479 {
480 EFI_STATUS Status;
481 EFI_STATUS VarStatus;
482 SYSTEM_FMP_PRIVATE_DATA *SystemFmpPrivate;
483
484 if ((Image == NULL) || (ImageSize == 0) || (AbortReason == NULL)) {
485 return EFI_INVALID_PARAMETER;
486 }
487
488 SystemFmpPrivate = SYSTEM_FMP_PRIVATE_DATA_FROM_FMP (This);
489 *AbortReason = NULL;
490
491 if ((ImageIndex == 0) || (ImageIndex > SystemFmpPrivate->DescriptorCount)) {
492 return EFI_INVALID_PARAMETER;
493 }
494
495 Status = SystemFirmwareAuthenticatedUpdate ((VOID *)Image, ImageSize, &SystemFmpPrivate->LastAttempt.LastAttemptVersion, &SystemFmpPrivate->LastAttempt.LastAttemptStatus, Progress);
496 DEBUG ((DEBUG_INFO, "SetImage - LastAttempt Version - 0x%x, State - 0x%x\n", SystemFmpPrivate->LastAttempt.LastAttemptVersion, SystemFmpPrivate->LastAttempt.LastAttemptStatus));
497
498 //
499 // If NVRAM is updated, we should no longer touch variable services, because
500 // the current variable driver may not manage the new NVRAM region.
501 //
502 if (mNvRamUpdated) {
503 DEBUG ((DEBUG_INFO, "NvRamUpdated, Update Variable Services\n"));
504 gRT->GetVariable = GetVariableHook;
505 gRT->GetNextVariableName = GetNextVariableNameHook;
506 gRT->SetVariable = SetVariableHook;
507 gRT->QueryVariableInfo = QueryVariableInfoHook;
508
509 gRT->Hdr.CRC32 = 0;
510 gBS->CalculateCrc32 (
511 (UINT8 *)&gRT->Hdr,
512 gRT->Hdr.HeaderSize,
513 &gRT->Hdr.CRC32
514 );
515 }
516
517 VarStatus = gRT->SetVariable (
518 SYSTEM_FMP_LAST_ATTEMPT_VARIABLE_NAME,
519 &gSystemFmpLastAttemptVariableGuid,
520 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
521 sizeof (SystemFmpPrivate->LastAttempt),
522 &SystemFmpPrivate->LastAttempt
523 );
524 DEBUG ((DEBUG_INFO, "SetLastAttempt - %r\n", VarStatus));
525
526 return Status;
527 }
528
529 /**
530 Get the set of EFI_FIRMWARE_IMAGE_DESCRIPTOR structures from an FMP Protocol.
531
532 @param[in] Handle Handle with an FMP Protocol or a System FMP
533 Protocol.
534 @param[in] ProtocolGuid Pointer to the FMP Protocol GUID or System FMP
535 Protocol GUID.
536 @param[out] FmpImageInfoCount Pointer to the number of
537 EFI_FIRMWARE_IMAGE_DESCRIPTOR structures.
538 @param[out] DescriptorSize Pointer to the size, in bytes, of each
539 EFI_FIRMWARE_IMAGE_DESCRIPTOR structure.
540
541 @return NULL No EFI_FIRMWARE_IMAGE_DESCRIPTOR structures found.
542 @return !NULL Pointer to a buffer of EFI_FIRMWARE_IMAGE_DESCRIPTOR structures
543 allocated using AllocatePool(). Caller must free buffer with
544 FreePool().
545 **/
546 EFI_FIRMWARE_IMAGE_DESCRIPTOR *
547 GetFmpImageDescriptors (
548 IN EFI_HANDLE Handle,
549 IN EFI_GUID *ProtocolGuid,
550 OUT UINT8 *FmpImageInfoCount,
551 OUT UINTN *DescriptorSize
552 )
553 {
554 EFI_STATUS Status;
555 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp;
556 UINTN ImageInfoSize;
557 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
558 UINT32 FmpImageInfoDescriptorVer;
559 UINT32 PackageVersion;
560 CHAR16 *PackageVersionName;
561
562 *FmpImageInfoCount = 0;
563 *DescriptorSize = 0;
564
565 Status = gBS->HandleProtocol (
566 Handle,
567 ProtocolGuid,
568 (VOID **)&Fmp
569 );
570 if (EFI_ERROR (Status)) {
571 return NULL;
572 }
573
574 //
575 // Determine the size required for the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
576 //
577 ImageInfoSize = 0;
578 Status = Fmp->GetImageInfo (
579 Fmp, // FMP Pointer
580 &ImageInfoSize, // Buffer Size (in this case 0)
581 NULL, // NULL so we can get size
582 &FmpImageInfoDescriptorVer, // DescriptorVersion
583 FmpImageInfoCount, // DescriptorCount
584 DescriptorSize, // DescriptorSize
585 &PackageVersion, // PackageVersion
586 &PackageVersionName // PackageVersionName
587 );
588 if (Status != EFI_BUFFER_TOO_SMALL) {
589 DEBUG ((DEBUG_ERROR, "SystemFirmwareUpdateDxe: Unexpected Failure. Status = %r\n", Status));
590 return NULL;
591 }
592
593 //
594 // Allocate buffer for the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
595 //
596 FmpImageInfoBuf = NULL;
597 FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
598 if (FmpImageInfoBuf == NULL) {
599 DEBUG ((DEBUG_ERROR, "SystemFirmwareUpdateDxe: Failed to allocate memory for descriptors.\n"));
600 return NULL;
601 }
602
603 //
604 // Retrieve the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
605 //
606 PackageVersionName = NULL;
607 Status = Fmp->GetImageInfo (
608 Fmp,
609 &ImageInfoSize, // ImageInfoSize
610 FmpImageInfoBuf, // ImageInfo
611 &FmpImageInfoDescriptorVer, // DescriptorVersion
612 FmpImageInfoCount, // DescriptorCount
613 DescriptorSize, // DescriptorSize
614 &PackageVersion, // PackageVersion
615 &PackageVersionName // PackageVersionName
616 );
617
618 //
619 // Free unused PackageVersionName return buffer
620 //
621 if (PackageVersionName != NULL) {
622 FreePool (PackageVersionName);
623 PackageVersionName = NULL;
624 }
625
626 if (EFI_ERROR (Status)) {
627 DEBUG ((DEBUG_ERROR, "SystemFirmwareUpdateDxe: Failure in GetImageInfo. Status = %r\n", Status));
628 if (FmpImageInfoBuf != NULL) {
629 FreePool (FmpImageInfoBuf);
630 }
631
632 return NULL;
633 }
634
635 return FmpImageInfoBuf;
636 }
637
638 /**
639 Search for handles with an FMP protocol whose EFI_FIRMWARE_IMAGE_DESCRIPTOR
640 ImageTypeId matches the ImageTypeId produced by this module.
641
642 @param[in] ProtocolGuid Pointer to the GUID of the protocol to search.
643 @param[out] HandleCount Pointer to the number of returned handles.
644
645 @return NULL No matching handles found.
646 @return !NULL Pointer to a buffer of handles allocated using AllocatePool().
647 Caller must free buffer with FreePool().
648 **/
649 EFI_HANDLE *
650 FindMatchingFmpHandles (
651 IN EFI_GUID *ProtocolGuid,
652 OUT UINTN *HandleCount
653 )
654 {
655 EFI_STATUS Status;
656 UINTN TempHandleCount;
657 EFI_HANDLE *HandleBuffer;
658 UINTN Index;
659 UINTN Index2;
660 UINTN Index3;
661 EFI_FIRMWARE_IMAGE_DESCRIPTOR *OriginalFmpImageInfoBuf;
662 EFI_FIRMWARE_IMAGE_DESCRIPTOR *FmpImageInfoBuf;
663 UINT8 FmpImageInfoCount;
664 UINTN DescriptorSize;
665 BOOLEAN MatchFound;
666
667 *HandleCount = 0;
668 TempHandleCount = 0;
669 HandleBuffer = NULL;
670 Status = gBS->LocateHandleBuffer (
671 ByProtocol,
672 ProtocolGuid,
673 NULL,
674 &TempHandleCount,
675 &HandleBuffer
676 );
677 if (EFI_ERROR (Status)) {
678 return NULL;
679 }
680
681 for (Index = 0; Index < TempHandleCount; Index++) {
682 OriginalFmpImageInfoBuf = GetFmpImageDescriptors (
683 HandleBuffer[Index],
684 ProtocolGuid,
685 &FmpImageInfoCount,
686 &DescriptorSize
687 );
688
689 //
690 // Loop through the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
691 //
692 MatchFound = FALSE;
693 if (OriginalFmpImageInfoBuf != NULL) {
694 FmpImageInfoBuf = OriginalFmpImageInfoBuf;
695
696 for (Index2 = 0; Index2 < FmpImageInfoCount; Index2++) {
697 for (Index3 = 0; Index3 < mSystemFmpPrivate->DescriptorCount; Index3++) {
698 MatchFound = CompareGuid (
699 &FmpImageInfoBuf->ImageTypeId,
700 &mSystemFmpPrivate->ImageDescriptor[Index3].ImageTypeId
701 );
702 if (MatchFound) {
703 break;
704 }
705 }
706
707 if (MatchFound) {
708 break;
709 }
710
711 //
712 // Increment the buffer pointer ahead by the size of the descriptor
713 //
714 FmpImageInfoBuf = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)(((UINT8 *)FmpImageInfoBuf) + DescriptorSize);
715 }
716
717 if (MatchFound) {
718 HandleBuffer[*HandleCount] = HandleBuffer[Index];
719 (*HandleCount)++;
720 }
721
722 FreePool (OriginalFmpImageInfoBuf);
723 }
724 }
725
726 if ((*HandleCount) == 0) {
727 //
728 // No any matching handle.
729 //
730 FreePool (HandleBuffer);
731 return NULL;
732 }
733
734 return HandleBuffer;
735 }
736
737 /**
738 Uninstall System FMP Protocol instances that may have been installed by
739 SystemFirmwareUpdateDxe drivers dispatches by other capsules.
740
741 @retval EFI_SUCCESS All System FMP Protocols found were uninstalled.
742 @return Other One or more System FMP Protocols could not be uninstalled.
743
744 **/
745 EFI_STATUS
746 UninstallMatchingSystemFmpProtocols (
747 VOID
748 )
749 {
750 EFI_STATUS Status;
751 EFI_HANDLE *HandleBuffer;
752 UINTN HandleCount;
753 UINTN Index;
754 EFI_FIRMWARE_MANAGEMENT_PROTOCOL *SystemFmp;
755
756 //
757 // Uninstall SystemFmpProtocol instances that may have been produced by
758 // the SystemFirmwareUpdate drivers in FVs dispatched by other capsules.
759 //
760 HandleBuffer = FindMatchingFmpHandles (
761 &gSystemFmpProtocolGuid,
762 &HandleCount
763 );
764 DEBUG ((DEBUG_INFO, "SystemFirmwareUpdateDxe: Found %d matching System FMP instances\n", HandleCount));
765
766 for (Index = 0; Index < HandleCount; Index++) {
767 Status = gBS->HandleProtocol (
768 HandleBuffer[Index],
769 &gSystemFmpProtocolGuid,
770 (VOID **)&SystemFmp
771 );
772 if (EFI_ERROR (Status)) {
773 continue;
774 }
775
776 DEBUG ((DEBUG_INFO, "SystemFirmwareUpdateDxe: Uninstall SystemFmp produced by another capsule\n"));
777 Status = gBS->UninstallProtocolInterface (
778 HandleBuffer[Index],
779 &gSystemFmpProtocolGuid,
780 SystemFmp
781 );
782 if (EFI_ERROR (Status)) {
783 DEBUG ((DEBUG_ERROR, "SystemFirmwareUpdateDxe: Failed to uninstall SystemFmp %r. Exiting.\n", Status));
784 FreePool (HandleBuffer);
785 return Status;
786 }
787 }
788
789 if (HandleBuffer != NULL) {
790 FreePool (HandleBuffer);
791 }
792
793 return EFI_SUCCESS;
794 }
795
796 /**
797 System FMP module entrypoint
798
799 @param[in] ImageHandle The firmware allocated handle for the EFI image.
800 @param[in] SystemTable A pointer to the EFI System Table.
801
802 @retval EFI_SUCCESS System FMP module is initialized.
803 @retval EFI_OUT_OF_RESOURCES There are not enough resources avaulable to
804 initialize this module.
805 @retval Other System FMP Protocols could not be uninstalled.
806 @retval Other System FMP Protocol could not be installed.
807 @retval Other FMP Protocol could not be installed.
808 **/
809 EFI_STATUS
810 EFIAPI
811 SystemFirmwareUpdateMainDxe (
812 IN EFI_HANDLE ImageHandle,
813 IN EFI_SYSTEM_TABLE *SystemTable
814 )
815 {
816 EFI_STATUS Status;
817 EFI_HANDLE *HandleBuffer;
818 UINTN HandleCount;
819
820 //
821 // Initialize SystemFmpPrivateData
822 //
823 mSystemFmpPrivate = AllocateZeroPool (sizeof (SYSTEM_FMP_PRIVATE_DATA));
824 if (mSystemFmpPrivate == NULL) {
825 return EFI_OUT_OF_RESOURCES;
826 }
827
828 Status = InitializePrivateData (mSystemFmpPrivate);
829 if (EFI_ERROR (Status)) {
830 FreePool (mSystemFmpPrivate);
831 mSystemFmpPrivate = NULL;
832 return Status;
833 }
834
835 //
836 // Uninstall SystemFmpProtocol instances that may have been produced by
837 // the SystemFirmwareUpdate drivers in FVs dispatched by other capsules.
838 //
839 Status = UninstallMatchingSystemFmpProtocols ();
840 if (EFI_ERROR (Status)) {
841 FreePool (mSystemFmpPrivate);
842 mSystemFmpPrivate = NULL;
843 return Status;
844 }
845
846 //
847 // Look for a handle with matching Firmware Management Protocol
848 //
849 HandleCount = 0;
850 HandleBuffer = FindMatchingFmpHandles (
851 &gEfiFirmwareManagementProtocolGuid,
852 &HandleCount
853 );
854 DEBUG ((DEBUG_INFO, "SystemFirmwareUpdateDxe: Found %d matching FMP instances\n", HandleCount));
855
856 switch (HandleCount) {
857 case 0:
858 //
859 // Install FMP protocol onto a new handle.
860 //
861 DEBUG ((DEBUG_INFO, "SystemFirmwareUpdateDxe: Install FMP onto a new handle\n"));
862 Status = gBS->InstallMultipleProtocolInterfaces (
863 &mSystemFmpPrivate->Handle,
864 &gEfiFirmwareManagementProtocolGuid,
865 &mSystemFmpPrivate->Fmp,
866 NULL
867 );
868 break;
869 case 1:
870 //
871 // Install System FMP protocol onto handle with matching FMP Protocol
872 //
873 DEBUG ((DEBUG_INFO, "SystemFirmwareUpdateDxe: Install System FMP onto matching FMP handle\n"));
874 mSystemFmpPrivate->Handle = HandleBuffer[0];
875 Status = gBS->InstallMultipleProtocolInterfaces (
876 &HandleBuffer[0],
877 &gSystemFmpProtocolGuid,
878 &mSystemFmpPrivate->Fmp,
879 NULL
880 );
881 break;
882 default:
883 //
884 // More than one matching handle is not expected. Unload driver.
885 //
886 DEBUG ((DEBUG_ERROR, "SystemFirmwareUpdateDxe: More than one matching FMP handle. Unload driver.\n"));
887 Status = EFI_DEVICE_ERROR;
888 break;
889 }
890
891 if (HandleBuffer != NULL) {
892 FreePool (HandleBuffer);
893 }
894
895 if (EFI_ERROR (Status)) {
896 FreePool (mSystemFmpPrivate);
897 mSystemFmpPrivate = NULL;
898 }
899
900 return Status;
901 }
EFI Development Kit II mirror for PVE