2 SetImage instance to update system firmware.
4 Caution: This module requires additional review when modified.
5 This module will have external input - capsule image.
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
9 FmpSetImage() will receive untrusted input and do basic validation.
11 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
12 SPDX-License-Identifier: BSD-2-Clause-Patent
16 #include "SystemFirmwareDxe.h"
19 // SystemFmp driver private data
21 SYSTEM_FMP_PRIVATE_DATA
*mSystemFmpPrivate
= NULL
;
23 EFI_GUID mCurrentImageTypeId
;
25 BOOLEAN mNvRamUpdated
= FALSE
;
28 Parse Config data file to get the updated data array.
30 @param[in] DataBuffer Config raw file buffer.
31 @param[in] BufferSize Size of raw buffer.
32 @param[in, out] ConfigHeader Pointer to the config header.
33 @param[in, out] UpdateArray Pointer to the config of update data.
35 @retval EFI_NOT_FOUND No config data is found.
36 @retval EFI_OUT_OF_RESOURCES No enough memory is allocated.
37 @retval EFI_SUCCESS Parse the config file successfully.
44 IN OUT CONFIG_HEADER
*ConfigHeader
,
45 IN OUT UPDATE_CONFIG_DATA
**UpdateArray
49 Update System Firmware image component.
51 @param[in] SystemFirmwareImage Points to the System Firmware image.
52 @param[in] SystemFirmwareImageSize The length of the System Firmware image in bytes.
53 @param[in] ConfigData Points to the component configuration structure.
54 @param[out] LastAttemptVersion The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
55 @param[out] LastAttemptStatus The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
56 @param[in] Progress A function used by the driver to report the progress of the firmware update.
57 @param[in] StartPercentage The start completion percentage value that may be used to report progress during the flash write operation.
58 @param[in] EndPercentage The end completion percentage value that may be used to report progress during the flash write operation.
60 @retval EFI_SUCCESS The System Firmware image is updated.
61 @retval EFI_WRITE_PROTECTED The flash device is read only.
65 IN VOID
*SystemFirmwareImage
,
66 IN UINTN SystemFirmwareImageSize
,
67 IN UPDATE_CONFIG_DATA
*ConfigData
,
68 OUT UINT32
*LastAttemptVersion
,
69 OUT UINT32
*LastAttemptStatus
,
70 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
,
71 IN UINTN StartPercentage
,
72 IN UINTN EndPercentage
77 DEBUG ((DEBUG_INFO
, "PlatformUpdate:"));
78 DEBUG ((DEBUG_INFO
, " BaseAddress - 0x%lx,", ConfigData
->BaseAddress
));
79 DEBUG ((DEBUG_INFO
, " ImageOffset - 0x%x,", ConfigData
->ImageOffset
));
80 DEBUG ((DEBUG_INFO
, " Legnth - 0x%x\n", ConfigData
->Length
));
81 if (Progress
!= NULL
) {
82 Progress (StartPercentage
);
85 Status
= PerformFlashWriteWithProgress (
86 ConfigData
->FirmwareType
,
87 ConfigData
->BaseAddress
,
88 ConfigData
->AddressType
,
89 (VOID
*)((UINTN
)SystemFirmwareImage
+ (UINTN
)ConfigData
->ImageOffset
),
95 if (Progress
!= NULL
) {
96 Progress (EndPercentage
);
99 if (!EFI_ERROR (Status
)) {
100 *LastAttemptStatus
= LAST_ATTEMPT_STATUS_SUCCESS
;
101 if (ConfigData
->FirmwareType
== PlatformFirmwareTypeNvRam
) {
102 mNvRamUpdated
= TRUE
;
105 *LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL
;
112 Update System Firmware image.
114 @param[in] SystemFirmwareImage Points to the System Firmware image.
115 @param[in] SystemFirmwareImageSize The length of the System Firmware image in bytes.
116 @param[in] ConfigImage Points to the config file image.
117 @param[in] ConfigImageSize The length of the config file image in bytes.
118 @param[out] LastAttemptVersion The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
119 @param[out] LastAttemptStatus The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
120 @param[in] Progress A function used by the driver to report the progress of the firmware update.
122 @retval EFI_SUCCESS The System Firmware image is updated.
123 @retval EFI_WRITE_PROTECTED The flash device is read only.
127 IN VOID
*SystemFirmwareImage
,
128 IN UINTN SystemFirmwareImageSize
,
129 IN VOID
*ConfigImage
,
130 IN UINTN ConfigImageSize
,
131 OUT UINT32
*LastAttemptVersion
,
132 OUT UINT32
*LastAttemptStatus
,
133 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
137 UPDATE_CONFIG_DATA
*ConfigData
;
138 UPDATE_CONFIG_DATA
*UpdateConfigData
;
139 CONFIG_HEADER ConfigHeader
;
143 UINTN StartPercentage
;
146 if (ConfigImage
== NULL
) {
147 DEBUG ((DEBUG_INFO
, "PlatformUpdate (NoConfig):"));
148 DEBUG ((DEBUG_INFO
, " BaseAddress - 0x%x,", 0));
149 DEBUG ((DEBUG_INFO
, " Length - 0x%x\n", SystemFirmwareImageSize
));
150 // ASSUME the whole System Firmware include NVRAM region.
153 if (Progress
!= NULL
) {
154 Progress (StartPercentage
);
157 Status
= PerformFlashWriteWithProgress (
158 PlatformFirmwareTypeNvRam
,
160 FlashAddressTypeRelativeAddress
,
162 SystemFirmwareImageSize
,
167 if (Progress
!= NULL
) {
168 Progress (EndPercentage
);
171 if (!EFI_ERROR (Status
)) {
172 *LastAttemptStatus
= LAST_ATTEMPT_STATUS_SUCCESS
;
173 mNvRamUpdated
= TRUE
;
175 *LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL
;
181 DEBUG ((DEBUG_INFO
, "PlatformUpdate (With Config):\n"));
183 ZeroMem (&ConfigHeader
, sizeof (ConfigHeader
));
184 Status
= ParseUpdateDataFile (
190 DEBUG ((DEBUG_INFO
, "ParseUpdateDataFile - %r\n", Status
));
191 if (EFI_ERROR (Status
)) {
192 *LastAttemptStatus
= LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL
;
193 return EFI_INVALID_PARAMETER
;
196 DEBUG ((DEBUG_INFO
, "ConfigHeader.NumOfUpdates - 0x%x\n", ConfigHeader
.NumOfUpdates
));
197 DEBUG ((DEBUG_INFO
, "PcdEdkiiSystemFirmwareFileGuid - %g\n", PcdGetPtr (PcdEdkiiSystemFirmwareFileGuid
)));
200 for (Index
= 0; Index
< ConfigHeader
.NumOfUpdates
; Index
++) {
201 if (CompareGuid (&ConfigData
[Index
].FileGuid
, PcdGetPtr (PcdEdkiiSystemFirmwareFileGuid
))) {
202 TotalSize
= TotalSize
+ ConfigData
[Index
].Length
;
208 UpdateConfigData
= ConfigData
;
209 while (Index
< ConfigHeader
.NumOfUpdates
) {
210 if (CompareGuid (&UpdateConfigData
->FileGuid
, PcdGetPtr (PcdEdkiiSystemFirmwareFileGuid
))) {
211 DEBUG ((DEBUG_INFO
, "FileGuid - %g (processing)\n", &UpdateConfigData
->FileGuid
));
212 StartPercentage
= (BytesWritten
* 100) / TotalSize
;
213 EndPercentage
= ((BytesWritten
+ UpdateConfigData
->Length
) * 100) / TotalSize
;
214 Status
= PerformUpdate (
216 SystemFirmwareImageSize
,
225 // Shall updates be serialized so that if an update is not successfully completed,
226 // the remaining updates won't be performed.
228 if (EFI_ERROR (Status
)) {
232 DEBUG ((DEBUG_INFO
, "FileGuid - %g (ignored)\n", &UpdateConfigData
->FileGuid
));
235 BytesWritten
+= UpdateConfigData
->Length
;
245 Authenticate and update System Firmware image.
247 Caution: This function may receive untrusted input.
249 @param[in] Image The EDKII system FMP capsule image.
250 @param[in] ImageSize The size of the EDKII system FMP capsule image in bytes.
251 @param[out] LastAttemptVersion The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
252 @param[out] LastAttemptStatus The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
253 @param[in] Progress A function used by the driver to report the progress of the firmware update.
255 @retval EFI_SUCCESS EDKII system FMP capsule passes authentication and the System Firmware image is updated.
256 @retval EFI_SECURITY_VIOLATION EDKII system FMP capsule fails authentication and the System Firmware image is not updated.
257 @retval EFI_WRITE_PROTECTED The flash device is read only.
260 SystemFirmwareAuthenticatedUpdate (
263 OUT UINT32
*LastAttemptVersion
,
264 OUT UINT32
*LastAttemptStatus
,
265 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
269 VOID
*SystemFirmwareImage
;
270 UINTN SystemFirmwareImageSize
;
272 UINTN ConfigImageSize
;
273 VOID
*AuthenticatedImage
;
274 UINTN AuthenticatedImageSize
;
276 AuthenticatedImage
= NULL
;
277 AuthenticatedImageSize
= 0;
279 DEBUG ((DEBUG_INFO
, "SystemFirmwareAuthenticatedUpdate...\n"));
281 Status
= CapsuleAuthenticateSystemFirmware (Image
, ImageSize
, FALSE
, LastAttemptVersion
, LastAttemptStatus
, &AuthenticatedImage
, &AuthenticatedImageSize
);
282 if (EFI_ERROR (Status
)) {
283 DEBUG ((DEBUG_INFO
, "SystemFirmwareAuthenticateImage - %r\n", Status
));
287 DEBUG ((DEBUG_INFO
, "ExtractSystemFirmwareImage ...\n"));
288 ExtractSystemFirmwareImage (AuthenticatedImage
, AuthenticatedImageSize
, &SystemFirmwareImage
, &SystemFirmwareImageSize
);
289 DEBUG ((DEBUG_INFO
, "ExtractConfigImage ...\n"));
290 ExtractConfigImage (AuthenticatedImage
, AuthenticatedImageSize
, &ConfigImage
, &ConfigImageSize
);
292 DEBUG ((DEBUG_INFO
, "UpdateImage ...\n"));
293 Status
= UpdateImage (SystemFirmwareImage
, SystemFirmwareImageSize
, ConfigImage
, ConfigImageSize
, LastAttemptVersion
, LastAttemptStatus
, Progress
);
294 if (EFI_ERROR (Status
)) {
295 DEBUG ((DEBUG_INFO
, "UpdateImage - %r\n", Status
));
299 DEBUG ((DEBUG_INFO
, "SystemFirmwareAuthenticatedUpdate Done\n"));
306 This code finds variable in storage blocks (Volatile or Non-Volatile).
308 @param[in] VariableName Name of Variable to be found.
309 @param[in] VendorGuid Variable vendor GUID.
310 @param[out] Attributes Attribute value of the variable found.
311 @param[in, out] DataSize Size of Data found. If size is less than the
312 data, this value contains the required size.
313 @param[out] Data Data pointer.
315 @return EFI_INVALID_PARAMETER Invalid parameter.
316 @return EFI_SUCCESS Find the specified variable.
317 @return EFI_NOT_FOUND Not found.
318 @return EFI_BUFFER_TO_SMALL DataSize is too small for the result.
324 IN CHAR16
*VariableName
,
325 IN EFI_GUID
*VendorGuid
,
326 OUT UINT32
*Attributes OPTIONAL
,
327 IN OUT UINTN
*DataSize
,
331 DEBUG ((DEBUG_INFO
, "GetVariableHook - %S, %g\n", VariableName
, VendorGuid
));
332 return EFI_NOT_AVAILABLE_YET
;
337 This code Finds the Next available variable.
339 @param[in, out] VariableNameSize Size of the variable name.
340 @param[in, out] VariableName Pointer to variable name.
341 @param[in, out] VendorGuid Variable Vendor Guid.
343 @return EFI_INVALID_PARAMETER Invalid parameter.
344 @return EFI_SUCCESS Find the specified variable.
345 @return EFI_NOT_FOUND Not found.
346 @return EFI_BUFFER_TO_SMALL DataSize is too small for the result.
351 GetNextVariableNameHook (
352 IN OUT UINTN
*VariableNameSize
,
353 IN OUT CHAR16
*VariableName
,
354 IN OUT EFI_GUID
*VendorGuid
357 DEBUG ((DEBUG_INFO
, "GetNextVariableNameHook - %S, %g\n", VariableName
, VendorGuid
));
358 return EFI_NOT_AVAILABLE_YET
;
363 This code sets variable in storage blocks (Volatile or Non-Volatile).
365 @param[in] VariableName Name of Variable to be found.
366 @param[in] VendorGuid Variable vendor GUID.
367 @param[in] Attributes Attribute value of the variable found
368 @param[in] DataSize Size of Data found. If size is less than the
369 data, this value contains the required size.
370 @param[in] Data Data pointer.
372 @return EFI_INVALID_PARAMETER Invalid parameter.
373 @return EFI_SUCCESS Set successfully.
374 @return EFI_OUT_OF_RESOURCES Resource not enough to set variable.
375 @return EFI_NOT_FOUND Not found.
376 @return EFI_WRITE_PROTECTED Variable is read-only.
382 IN CHAR16
*VariableName
,
383 IN EFI_GUID
*VendorGuid
,
384 IN UINT32 Attributes
,
389 DEBUG ((DEBUG_INFO
, "SetVariableHook - %S, %g, 0x%x (0x%x)\n", VariableName
, VendorGuid
, Attributes
, DataSize
));
390 return EFI_NOT_AVAILABLE_YET
;
395 This code returns information about the EFI variables.
397 @param[in] Attributes Attributes bitmask to specify the type of variables
398 on which to return information.
399 @param[out] MaximumVariableStorageSize Pointer to the maximum size of the storage space available
400 for the EFI variables associated with the attributes specified.
401 @param[out] RemainingVariableStorageSize Pointer to the remaining size of the storage space available
402 for EFI variables associated with the attributes specified.
403 @param[out] MaximumVariableSize Pointer to the maximum size of an individual EFI variables
404 associated with the attributes specified.
406 @return EFI_SUCCESS Query successfully.
411 QueryVariableInfoHook (
412 IN UINT32 Attributes
,
413 OUT UINT64
*MaximumVariableStorageSize
,
414 OUT UINT64
*RemainingVariableStorageSize
,
415 OUT UINT64
*MaximumVariableSize
418 DEBUG ((DEBUG_INFO
, "QueryVariableInfoHook - 0x%x\n", Attributes
));
419 return EFI_NOT_AVAILABLE_YET
;
423 Updates the firmware image of the device.
425 This function updates the hardware with the new firmware image.
426 This function returns EFI_UNSUPPORTED if the firmware image is not updatable.
427 If the firmware image is updatable, the function should perform the following minimal validations
428 before proceeding to do the firmware image update.
429 - Validate the image authentication if image has attribute
430 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns
431 EFI_SECURITY_VIOLATION if the validation fails.
432 - Validate the image is a supported image for this device. The function returns EFI_ABORTED if
433 the image is unsupported. The function can optionally provide more detailed information on
434 why the image is not a supported image.
435 - Validate the data from VendorCode if not null. Image validation must be performed before
436 VendorCode data validation. VendorCode data is ignored or considered invalid if image
437 validation failed. The function returns EFI_ABORTED if the data is invalid.
439 VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if
440 the caller did not specify the policy or use the default policy. As an example, vendor can implement
441 a policy to allow an option to force a firmware image update when the abort reason is due to the new
442 firmware image version is older than the current firmware image version or bad image checksum.
443 Sensitive operations such as those wiping the entire firmware image and render the device to be
444 non-functional should be encoded in the image itself rather than passed with the VendorCode.
445 AbortReason enables vendor to have the option to provide a more detailed description of the abort
446 reason to the caller.
448 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
449 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.
450 The number is between 1 and DescriptorCount.
451 @param[in] Image Points to the new image.
452 @param[in] ImageSize Size of the new image in bytes.
453 @param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy.
454 Null indicates the caller did not specify the policy or use the default policy.
455 @param[in] Progress A function used by the driver to report the progress of the firmware update.
456 @param[out] AbortReason A pointer to a pointer to a null-terminated string providing more
457 details for the aborted operation. The buffer is allocated by this function
458 with AllocatePool(), and it is the caller's responsibility to free it with a
461 @retval EFI_SUCCESS The device was successfully updated with the new image.
462 @retval EFI_ABORTED The operation is aborted.
463 @retval EFI_INVALID_PARAMETER The Image was NULL.
464 @retval EFI_UNSUPPORTED The operation is not supported.
465 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.
471 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*This
,
473 IN CONST VOID
*Image
,
475 IN CONST VOID
*VendorCode
,
476 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress
,
477 OUT CHAR16
**AbortReason
481 EFI_STATUS VarStatus
;
482 SYSTEM_FMP_PRIVATE_DATA
*SystemFmpPrivate
;
484 if ((Image
== NULL
) || (ImageSize
== 0) || (AbortReason
== NULL
)) {
485 return EFI_INVALID_PARAMETER
;
488 SystemFmpPrivate
= SYSTEM_FMP_PRIVATE_DATA_FROM_FMP (This
);
491 if ((ImageIndex
== 0) || (ImageIndex
> SystemFmpPrivate
->DescriptorCount
)) {
492 return EFI_INVALID_PARAMETER
;
495 Status
= SystemFirmwareAuthenticatedUpdate ((VOID
*)Image
, ImageSize
, &SystemFmpPrivate
->LastAttempt
.LastAttemptVersion
, &SystemFmpPrivate
->LastAttempt
.LastAttemptStatus
, Progress
);
496 DEBUG ((DEBUG_INFO
, "SetImage - LastAttempt Version - 0x%x, State - 0x%x\n", SystemFmpPrivate
->LastAttempt
.LastAttemptVersion
, SystemFmpPrivate
->LastAttempt
.LastAttemptStatus
));
499 // If NVRAM is updated, we should no longer touch variable services, because
500 // the current variable driver may not manage the new NVRAM region.
503 DEBUG ((DEBUG_INFO
, "NvRamUpdated, Update Variable Services\n"));
504 gRT
->GetVariable
= GetVariableHook
;
505 gRT
->GetNextVariableName
= GetNextVariableNameHook
;
506 gRT
->SetVariable
= SetVariableHook
;
507 gRT
->QueryVariableInfo
= QueryVariableInfoHook
;
510 gBS
->CalculateCrc32 (
517 VarStatus
= gRT
->SetVariable (
518 SYSTEM_FMP_LAST_ATTEMPT_VARIABLE_NAME
,
519 &gSystemFmpLastAttemptVariableGuid
,
520 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
521 sizeof (SystemFmpPrivate
->LastAttempt
),
522 &SystemFmpPrivate
->LastAttempt
524 DEBUG ((DEBUG_INFO
, "SetLastAttempt - %r\n", VarStatus
));
530 Get the set of EFI_FIRMWARE_IMAGE_DESCRIPTOR structures from an FMP Protocol.
532 @param[in] Handle Handle with an FMP Protocol or a System FMP
534 @param[in] ProtocolGuid Pointer to the FMP Protocol GUID or System FMP
536 @param[out] FmpImageInfoCount Pointer to the number of
537 EFI_FIRMWARE_IMAGE_DESCRIPTOR structures.
538 @param[out] DescriptorSize Pointer to the size, in bytes, of each
539 EFI_FIRMWARE_IMAGE_DESCRIPTOR structure.
541 @return NULL No EFI_FIRMWARE_IMAGE_DESCRIPTOR structures found.
542 @return !NULL Pointer to a buffer of EFI_FIRMWARE_IMAGE_DESCRIPTOR structures
543 allocated using AllocatePool(). Caller must free buffer with
546 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*
547 GetFmpImageDescriptors (
548 IN EFI_HANDLE Handle
,
549 IN EFI_GUID
*ProtocolGuid
,
550 OUT UINT8
*FmpImageInfoCount
,
551 OUT UINTN
*DescriptorSize
555 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*Fmp
;
557 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*FmpImageInfoBuf
;
558 UINT32 FmpImageInfoDescriptorVer
;
559 UINT32 PackageVersion
;
560 CHAR16
*PackageVersionName
;
562 *FmpImageInfoCount
= 0;
565 Status
= gBS
->HandleProtocol (
570 if (EFI_ERROR (Status
)) {
575 // Determine the size required for the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
578 Status
= Fmp
->GetImageInfo (
580 &ImageInfoSize
, // Buffer Size (in this case 0)
581 NULL
, // NULL so we can get size
582 &FmpImageInfoDescriptorVer
, // DescriptorVersion
583 FmpImageInfoCount
, // DescriptorCount
584 DescriptorSize
, // DescriptorSize
585 &PackageVersion
, // PackageVersion
586 &PackageVersionName
// PackageVersionName
588 if (Status
!= EFI_BUFFER_TOO_SMALL
) {
589 DEBUG ((DEBUG_ERROR
, "SystemFirmwareUpdateDxe: Unexpected Failure. Status = %r\n", Status
));
594 // Allocate buffer for the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
596 FmpImageInfoBuf
= NULL
;
597 FmpImageInfoBuf
= AllocateZeroPool (ImageInfoSize
);
598 if (FmpImageInfoBuf
== NULL
) {
599 DEBUG ((DEBUG_ERROR
, "SystemFirmwareUpdateDxe: Failed to allocate memory for descriptors.\n"));
604 // Retrieve the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
606 PackageVersionName
= NULL
;
607 Status
= Fmp
->GetImageInfo (
609 &ImageInfoSize
, // ImageInfoSize
610 FmpImageInfoBuf
, // ImageInfo
611 &FmpImageInfoDescriptorVer
, // DescriptorVersion
612 FmpImageInfoCount
, // DescriptorCount
613 DescriptorSize
, // DescriptorSize
614 &PackageVersion
, // PackageVersion
615 &PackageVersionName
// PackageVersionName
619 // Free unused PackageVersionName return buffer
621 if (PackageVersionName
!= NULL
) {
622 FreePool (PackageVersionName
);
623 PackageVersionName
= NULL
;
626 if (EFI_ERROR (Status
)) {
627 DEBUG ((DEBUG_ERROR
, "SystemFirmwareUpdateDxe: Failure in GetImageInfo. Status = %r\n", Status
));
628 if (FmpImageInfoBuf
!= NULL
) {
629 FreePool (FmpImageInfoBuf
);
635 return FmpImageInfoBuf
;
639 Search for handles with an FMP protocol whose EFI_FIRMWARE_IMAGE_DESCRIPTOR
640 ImageTypeId matches the ImageTypeId produced by this module.
642 @param[in] ProtocolGuid Pointer to the GUID of the protocol to search.
643 @param[out] HandleCount Pointer to the number of returned handles.
645 @return NULL No matching handles found.
646 @return !NULL Pointer to a buffer of handles allocated using AllocatePool().
647 Caller must free buffer with FreePool().
650 FindMatchingFmpHandles (
651 IN EFI_GUID
*ProtocolGuid
,
652 OUT UINTN
*HandleCount
656 UINTN TempHandleCount
;
657 EFI_HANDLE
*HandleBuffer
;
661 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*OriginalFmpImageInfoBuf
;
662 EFI_FIRMWARE_IMAGE_DESCRIPTOR
*FmpImageInfoBuf
;
663 UINT8 FmpImageInfoCount
;
664 UINTN DescriptorSize
;
670 Status
= gBS
->LocateHandleBuffer (
677 if (EFI_ERROR (Status
)) {
681 for (Index
= 0; Index
< TempHandleCount
; Index
++) {
682 OriginalFmpImageInfoBuf
= GetFmpImageDescriptors (
690 // Loop through the set of EFI_FIRMWARE_IMAGE_DESCRIPTORs.
693 if (OriginalFmpImageInfoBuf
!= NULL
) {
694 FmpImageInfoBuf
= OriginalFmpImageInfoBuf
;
696 for (Index2
= 0; Index2
< FmpImageInfoCount
; Index2
++) {
697 for (Index3
= 0; Index3
< mSystemFmpPrivate
->DescriptorCount
; Index3
++) {
698 MatchFound
= CompareGuid (
699 &FmpImageInfoBuf
->ImageTypeId
,
700 &mSystemFmpPrivate
->ImageDescriptor
[Index3
].ImageTypeId
712 // Increment the buffer pointer ahead by the size of the descriptor
714 FmpImageInfoBuf
= (EFI_FIRMWARE_IMAGE_DESCRIPTOR
*)(((UINT8
*)FmpImageInfoBuf
) + DescriptorSize
);
718 HandleBuffer
[*HandleCount
] = HandleBuffer
[Index
];
722 FreePool (OriginalFmpImageInfoBuf
);
726 if ((*HandleCount
) == 0) {
728 // No any matching handle.
730 FreePool (HandleBuffer
);
738 Uninstall System FMP Protocol instances that may have been installed by
739 SystemFirmwareUpdateDxe drivers dispatches by other capsules.
741 @retval EFI_SUCCESS All System FMP Protocols found were uninstalled.
742 @return Other One or more System FMP Protocols could not be uninstalled.
746 UninstallMatchingSystemFmpProtocols (
751 EFI_HANDLE
*HandleBuffer
;
754 EFI_FIRMWARE_MANAGEMENT_PROTOCOL
*SystemFmp
;
757 // Uninstall SystemFmpProtocol instances that may have been produced by
758 // the SystemFirmwareUpdate drivers in FVs dispatched by other capsules.
760 HandleBuffer
= FindMatchingFmpHandles (
761 &gSystemFmpProtocolGuid
,
764 DEBUG ((DEBUG_INFO
, "SystemFirmwareUpdateDxe: Found %d matching System FMP instances\n", HandleCount
));
766 for (Index
= 0; Index
< HandleCount
; Index
++) {
767 Status
= gBS
->HandleProtocol (
769 &gSystemFmpProtocolGuid
,
772 if (EFI_ERROR (Status
)) {
776 DEBUG ((DEBUG_INFO
, "SystemFirmwareUpdateDxe: Uninstall SystemFmp produced by another capsule\n"));
777 Status
= gBS
->UninstallProtocolInterface (
779 &gSystemFmpProtocolGuid
,
782 if (EFI_ERROR (Status
)) {
783 DEBUG ((DEBUG_ERROR
, "SystemFirmwareUpdateDxe: Failed to uninstall SystemFmp %r. Exiting.\n", Status
));
784 FreePool (HandleBuffer
);
789 if (HandleBuffer
!= NULL
) {
790 FreePool (HandleBuffer
);
797 System FMP module entrypoint
799 @param[in] ImageHandle The firmware allocated handle for the EFI image.
800 @param[in] SystemTable A pointer to the EFI System Table.
802 @retval EFI_SUCCESS System FMP module is initialized.
803 @retval EFI_OUT_OF_RESOURCES There are not enough resources avaulable to
804 initialize this module.
805 @retval Other System FMP Protocols could not be uninstalled.
806 @retval Other System FMP Protocol could not be installed.
807 @retval Other FMP Protocol could not be installed.
811 SystemFirmwareUpdateMainDxe (
812 IN EFI_HANDLE ImageHandle
,
813 IN EFI_SYSTEM_TABLE
*SystemTable
817 EFI_HANDLE
*HandleBuffer
;
821 // Initialize SystemFmpPrivateData
823 mSystemFmpPrivate
= AllocateZeroPool (sizeof (SYSTEM_FMP_PRIVATE_DATA
));
824 if (mSystemFmpPrivate
== NULL
) {
825 return EFI_OUT_OF_RESOURCES
;
828 Status
= InitializePrivateData (mSystemFmpPrivate
);
829 if (EFI_ERROR (Status
)) {
830 FreePool (mSystemFmpPrivate
);
831 mSystemFmpPrivate
= NULL
;
836 // Uninstall SystemFmpProtocol instances that may have been produced by
837 // the SystemFirmwareUpdate drivers in FVs dispatched by other capsules.
839 Status
= UninstallMatchingSystemFmpProtocols ();
840 if (EFI_ERROR (Status
)) {
841 FreePool (mSystemFmpPrivate
);
842 mSystemFmpPrivate
= NULL
;
847 // Look for a handle with matching Firmware Management Protocol
850 HandleBuffer
= FindMatchingFmpHandles (
851 &gEfiFirmwareManagementProtocolGuid
,
854 DEBUG ((DEBUG_INFO
, "SystemFirmwareUpdateDxe: Found %d matching FMP instances\n", HandleCount
));
856 switch (HandleCount
) {
859 // Install FMP protocol onto a new handle.
861 DEBUG ((DEBUG_INFO
, "SystemFirmwareUpdateDxe: Install FMP onto a new handle\n"));
862 Status
= gBS
->InstallMultipleProtocolInterfaces (
863 &mSystemFmpPrivate
->Handle
,
864 &gEfiFirmwareManagementProtocolGuid
,
865 &mSystemFmpPrivate
->Fmp
,
871 // Install System FMP protocol onto handle with matching FMP Protocol
873 DEBUG ((DEBUG_INFO
, "SystemFirmwareUpdateDxe: Install System FMP onto matching FMP handle\n"));
874 mSystemFmpPrivate
->Handle
= HandleBuffer
[0];
875 Status
= gBS
->InstallMultipleProtocolInterfaces (
877 &gSystemFmpProtocolGuid
,
878 &mSystemFmpPrivate
->Fmp
,
884 // More than one matching handle is not expected. Unload driver.
886 DEBUG ((DEBUG_ERROR
, "SystemFirmwareUpdateDxe: More than one matching FMP handle. Unload driver.\n"));
887 Status
= EFI_DEVICE_ERROR
;
891 if (HandleBuffer
!= NULL
) {
892 FreePool (HandleBuffer
);
895 if (EFI_ERROR (Status
)) {
896 FreePool (mSystemFmpPrivate
);
897 mSystemFmpPrivate
= NULL
;