X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=MdeModulePkg%2FCore%2FDxe%2FImage%2FImage.c;h=c49ddfcc81d16cae42ff0f315dfe8fc405c8d6bf;hp=15b474aea9330ea6b3b809b64db1456fb0e62a94;hb=471048388cda4935866f829365922cdf70a6a45c;hpb=bc6b5892b007447b1024d98004681aa7a3305ddf
diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
index 15b474aea9..c49ddfcc81 100644
--- a/MdeModulePkg/Core/Dxe/Image/Image.c
+++ b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -1,8 +1,8 @@
/** @file
Core image handling services to load and unload PeImage.
-Copyright (c) 2006 - 2008, Intel Corporation.
-All rights reserved. This program and the accompanying materials
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
+This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
@@ -70,8 +70,53 @@ LOADED_IMAGE_PRIVATE_DATA mCorePrivateImage = {
NULL, // RuntimeData
NULL // LoadedImageDevicePath
};
+//
+// The field is define for Loading modules at fixed address feature to tracker the PEI code
+// memory range usage. It is a bit mapped array in which every bit indicates the correspoding memory page
+// available or not.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT64 *mDxeCodeMemoryRangeUsageBitMap=NULL;
+typedef struct {
+ UINT16 MachineType;
+ CHAR16 *MachineTypeName;
+} MACHINE_TYPE_INFO;
+//
+// EBC machine is not listed in this table, because EBC is in the default supported scopes of other machine type.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED MACHINE_TYPE_INFO mMachineTypeInfo[] = {
+ {EFI_IMAGE_MACHINE_IA32, L"IA32"},
+ {EFI_IMAGE_MACHINE_IA64, L"IA64"},
+ {EFI_IMAGE_MACHINE_X64, L"X64"},
+ {EFI_IMAGE_MACHINE_ARMTHUMB_MIXED, L"ARM"},
+ {EFI_IMAGE_MACHINE_AARCH64, L"AARCH64"}
+};
+
+UINT16 mDxeCoreImageMachineType = 0;
+
+/**
+ Return machine type name.
+
+ @param MachineType The machine type
+
+ @return machine type name
+**/
+CHAR16 *
+GetMachineTypeName (
+ UINT16 MachineType
+ )
+{
+ UINTN Index;
+
+ for (Index = 0; Index < sizeof(mMachineTypeInfo)/sizeof(mMachineTypeInfo[0]); Index++) {
+ if (mMachineTypeInfo[Index].MachineType == MachineType) {
+ return mMachineTypeInfo[Index].MachineTypeName;
+ }
+ }
+
+ return L"";
+}
/**
Add the Image Services to EFI Boot Services Table and install the protocol
@@ -93,6 +138,7 @@ CoreInitializeImageServices (
UINT64 DxeCoreImageLength;
VOID *DxeCoreEntryPoint;
EFI_PEI_HOB_POINTERS DxeCoreHob;
+
//
// Searching for image hob
//
@@ -112,6 +158,7 @@ CoreInitializeImageServices (
DxeCoreImageLength = DxeCoreHob.MemoryAllocationModule->MemoryAllocationHeader.MemoryLength;
DxeCoreEntryPoint = (VOID *) (UINTN) DxeCoreHob.MemoryAllocationModule->EntryPoint;
gDxeCoreFileName = &DxeCoreHob.MemoryAllocationModule->ModuleName;
+
//
// Initialize the fields for an internal driver
//
@@ -141,21 +188,243 @@ CoreInitializeImageServices (
//
// Fill in DXE globals
//
+ mDxeCoreImageMachineType = PeCoffLoaderGetMachineType (Image->Info.ImageBase);
gDxeCoreImageHandle = Image->Handle;
gDxeCoreLoadedImage = &Image->Info;
+ if (FeaturePcdGet (PcdFrameworkCompatibilitySupport)) {
+ //
+ // Export DXE Core PE Loader functionality for backward compatibility.
+ //
+ Status = CoreInstallProtocolInterface (
+ &mLoadPe32PrivateData.Handle,
+ &gEfiLoadPeImageProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mLoadPe32PrivateData.Pe32Image
+ );
+ }
+
+ ProtectUefiImage (&Image->Info, Image->LoadedImageDevicePath);
+
+ return Status;
+}
+
+/**
+ Read image file (specified by UserHandle) into user specified buffer with specified offset
+ and length.
+
+ @param UserHandle Image file handle
+ @param Offset Offset to the source file
+ @param ReadSize For input, pointer of size to read; For output,
+ pointer of size actually read.
+ @param Buffer Buffer to write into
+
+ @retval EFI_SUCCESS Successfully read the specified part of file
+ into buffer.
+
+**/
+EFI_STATUS
+EFIAPI
+CoreReadImageFile (
+ IN VOID *UserHandle,
+ IN UINTN Offset,
+ IN OUT UINTN *ReadSize,
+ OUT VOID *Buffer
+ )
+{
+ UINTN EndPosition;
+ IMAGE_FILE_HANDLE *FHand;
+
+ if (UserHandle == NULL || ReadSize == NULL || Buffer == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if (MAX_ADDRESS - Offset < *ReadSize) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ FHand = (IMAGE_FILE_HANDLE *)UserHandle;
+ ASSERT (FHand->Signature == IMAGE_FILE_HANDLE_SIGNATURE);
+
//
- // Export DXE Core PE Loader functionality
+ // Move data from our local copy of the file
//
- return CoreInstallProtocolInterface (
- &mLoadPe32PrivateData.Handle,
- &gEfiLoadPeImageProtocolGuid,
- EFI_NATIVE_INTERFACE,
- &mLoadPe32PrivateData.Pe32Image
- );
+ EndPosition = Offset + *ReadSize;
+ if (EndPosition > FHand->SourceSize) {
+ *ReadSize = (UINT32)(FHand->SourceSize - Offset);
+ }
+ if (Offset >= FHand->SourceSize) {
+ *ReadSize = 0;
+ }
+
+ CopyMem (Buffer, (CHAR8 *)FHand->Source + Offset, *ReadSize);
+ return EFI_SUCCESS;
+}
+/**
+ To check memory usage bit map array to figure out if the memory range the image will be loaded in is available or not. If
+ memory range is available, the function will mark the corresponding bits to 1 which indicates the memory range is used.
+ The function is only invoked when load modules at fixed address feature is enabled.
+
+ @param ImageBase The base address the image will be loaded at.
+ @param ImageSize The size of the image
+
+ @retval EFI_SUCCESS The memory range the image will be loaded in is available
+ @retval EFI_NOT_FOUND The memory range the image will be loaded in is not available
+**/
+EFI_STATUS
+CheckAndMarkFixLoadingMemoryUsageBitMap (
+ IN EFI_PHYSICAL_ADDRESS ImageBase,
+ IN UINTN ImageSize
+ )
+{
+ UINT32 DxeCodePageNumber;
+ UINT64 DxeCodeSize;
+ EFI_PHYSICAL_ADDRESS DxeCodeBase;
+ UINTN BaseOffsetPageNumber;
+ UINTN TopOffsetPageNumber;
+ UINTN Index;
+ //
+ // The DXE code range includes RuntimeCodePage range and Boot time code range.
+ //
+ DxeCodePageNumber = PcdGet32(PcdLoadFixAddressRuntimeCodePageNumber);
+ DxeCodePageNumber += PcdGet32(PcdLoadFixAddressBootTimeCodePageNumber);
+ DxeCodeSize = EFI_PAGES_TO_SIZE(DxeCodePageNumber);
+ DxeCodeBase = gLoadModuleAtFixAddressConfigurationTable.DxeCodeTopAddress - DxeCodeSize;
+
+ //
+ // If the memory usage bit map is not initialized, do it. Every bit in the array
+ // indicate the status of the corresponding memory page, available or not
+ //
+ if (mDxeCodeMemoryRangeUsageBitMap == NULL) {
+ mDxeCodeMemoryRangeUsageBitMap = AllocateZeroPool(((DxeCodePageNumber/64) + 1)*sizeof(UINT64));
+ }
+ //
+ // If the Dxe code memory range is not allocated or the bit map array allocation failed, return EFI_NOT_FOUND
+ //
+ if (!gLoadFixedAddressCodeMemoryReady || mDxeCodeMemoryRangeUsageBitMap == NULL) {
+ return EFI_NOT_FOUND;
+ }
+ //
+ // Test the memory range for loading the image in the DXE code range.
+ //
+ if (gLoadModuleAtFixAddressConfigurationTable.DxeCodeTopAddress < ImageBase + ImageSize ||
+ DxeCodeBase > ImageBase) {
+ return EFI_NOT_FOUND;
+ }
+ //
+ // Test if the memory is avalaible or not.
+ //
+ BaseOffsetPageNumber = EFI_SIZE_TO_PAGES((UINT32)(ImageBase - DxeCodeBase));
+ TopOffsetPageNumber = EFI_SIZE_TO_PAGES((UINT32)(ImageBase + ImageSize - DxeCodeBase));
+ for (Index = BaseOffsetPageNumber; Index < TopOffsetPageNumber; Index ++) {
+ if ((mDxeCodeMemoryRangeUsageBitMap[Index / 64] & LShiftU64(1, (Index % 64))) != 0) {
+ //
+ // This page is already used.
+ //
+ return EFI_NOT_FOUND;
+ }
+ }
+
+ //
+ // Being here means the memory range is available. So mark the bits for the memory range
+ //
+ for (Index = BaseOffsetPageNumber; Index < TopOffsetPageNumber; Index ++) {
+ mDxeCodeMemoryRangeUsageBitMap[Index / 64] |= LShiftU64(1, (Index % 64));
+ }
+ return EFI_SUCCESS;
}
+/**
+
+ Get the fixed loading address from image header assigned by build tool. This function only be called
+ when Loading module at Fixed address feature enabled.
+ @param ImageContext Pointer to the image context structure that describes the PE/COFF
+ image that needs to be examined by this function.
+ @retval EFI_SUCCESS An fixed loading address is assigned to this image by build tools .
+ @retval EFI_NOT_FOUND The image has no assigned fixed loading address.
+**/
+EFI_STATUS
+GetPeCoffImageFixLoadingAssignedAddress(
+ IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext
+ )
+{
+ UINTN SectionHeaderOffset;
+ EFI_STATUS Status;
+ EFI_IMAGE_SECTION_HEADER SectionHeader;
+ EFI_IMAGE_OPTIONAL_HEADER_UNION *ImgHdr;
+ UINT16 Index;
+ UINTN Size;
+ UINT16 NumberOfSections;
+ IMAGE_FILE_HANDLE *Handle;
+ UINT64 ValueInSectionHeader;
+
+
+ Status = EFI_NOT_FOUND;
+
+ //
+ // Get PeHeader pointer
+ //
+ Handle = (IMAGE_FILE_HANDLE*)ImageContext->Handle;
+ ImgHdr = (EFI_IMAGE_OPTIONAL_HEADER_UNION *)((CHAR8* )Handle->Source + ImageContext->PeCoffHeaderOffset);
+ SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
+ sizeof (UINT32) +
+ sizeof (EFI_IMAGE_FILE_HEADER) +
+ ImgHdr->Pe32.FileHeader.SizeOfOptionalHeader;
+ NumberOfSections = ImgHdr->Pe32.FileHeader.NumberOfSections;
+
+ //
+ // Get base address from the first section header that doesn't point to code section.
+ //
+ for (Index = 0; Index < NumberOfSections; Index++) {
+ //
+ // Read section header from file
+ //
+ Size = sizeof (EFI_IMAGE_SECTION_HEADER);
+ Status = ImageContext->ImageRead (
+ ImageContext->Handle,
+ SectionHeaderOffset,
+ &Size,
+ &SectionHeader
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ if (Size != sizeof (EFI_IMAGE_SECTION_HEADER)) {
+ return EFI_NOT_FOUND;
+ }
+
+ Status = EFI_NOT_FOUND;
+
+ if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_CNT_CODE) == 0) {
+ //
+ // Build tool will save the address in PointerToRelocations & PointerToLineNumbers fields in the first section header
+ // that doesn't point to code section in image header, as well as ImageBase field of image header. And there is an
+ // assumption that when the feature is enabled, if a module is assigned a loading address by tools, PointerToRelocations
+ // & PointerToLineNumbers fields should NOT be Zero, or else, these 2 fields should be set to Zero
+ //
+ ValueInSectionHeader = ReadUnaligned64((UINT64*)&SectionHeader.PointerToRelocations);
+ if (ValueInSectionHeader != 0) {
+ //
+ // When the feature is configured as load module at fixed absolute address, the ImageAddress field of ImageContext
+ // hold the spcified address. If the feature is configured as load module at fixed offset, ImageAddress hold an offset
+ // relative to top address
+ //
+ if ((INT64)PcdGet64(PcdLoadModuleAtFixAddressEnable) < 0) {
+ ImageContext->ImageAddress = gLoadModuleAtFixAddressConfigurationTable.DxeCodeTopAddress + (INT64)(INTN)ImageContext->ImageAddress;
+ }
+ //
+ // Check if the memory range is available.
+ //
+ Status = CheckAndMarkFixLoadingMemoryUsageBitMap (ImageContext->ImageAddress, (UINTN)(ImageContext->ImageSize + ImageContext->SectionAlignment));
+ }
+ break;
+ }
+ SectionHeaderOffset += sizeof (EFI_IMAGE_SECTION_HEADER);
+ }
+ DEBUG ((EFI_D_INFO|EFI_D_LOAD, "LOADING MODULE FIXED INFO: Loading module at fixed address 0x%11p. Status = %r \n", (VOID *)(UINTN)(ImageContext->ImageAddress), Status));
+ return Status;
+}
/**
Loads, relocates, and invokes a PE/COFF image
@@ -190,11 +459,7 @@ CoreLoadPeImage (
EFI_STATUS Status;
BOOLEAN DstBufAlocated;
UINTN Size;
- UINTN LinkTimeBase;
- EFI_TCG_PLATFORM_PROTOCOL *TcgPlatformProtocol;
- IMAGE_FILE_HANDLE *FHandle;
- FHandle = NULL;
ZeroMem (&Image->ImageContext, sizeof (Image->ImageContext));
Image->ImageContext.Handle = Pe32Handle;
@@ -214,6 +479,8 @@ CoreLoadPeImage (
// The PE/COFF loader can support loading image types that can be executed.
// If we loaded an image type that we can not execute return EFI_UNSUPORTED.
//
+ DEBUG ((EFI_D_ERROR, "Image type %s can't be loaded ", GetMachineTypeName(Image->ImageContext.Machine)));
+ DEBUG ((EFI_D_ERROR, "on %s UEFI system.\n", GetMachineTypeName(mDxeCoreImageMachineType)));
return EFI_UNSUPPORTED;
}
}
@@ -239,13 +506,9 @@ CoreLoadPeImage (
Image->ImageContext.ImageError = IMAGE_ERROR_INVALID_SUBSYSTEM;
return EFI_UNSUPPORTED;
}
- //
- // Get the image base address in the original PeImage.
- //
- LinkTimeBase = (UINTN) Image->ImageContext.ImageAddress;
//
- // Allocate memory of the correct memory type aligned on the required image boundry
+ // Allocate memory of the correct memory type aligned on the required image boundary
//
DstBufAlocated = FALSE;
if (DstBuffer == 0) {
@@ -269,21 +532,43 @@ CoreLoadPeImage (
// no modules whose preferred load addresses are below 1MB.
//
Status = EFI_OUT_OF_RESOURCES;
- if (Image->ImageContext.ImageAddress >= 0x100000 || Image->ImageContext.RelocationsStripped) {
- Status = CoreAllocatePages (
- AllocateAddress,
- (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
- Image->NumberOfPages,
- &Image->ImageContext.ImageAddress
- );
- }
- if (EFI_ERROR (Status) && !Image->ImageContext.RelocationsStripped) {
- Status = CoreAllocatePages (
- AllocateAnyPages,
- (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
- Image->NumberOfPages,
- &Image->ImageContext.ImageAddress
- );
+ //
+ // If Loading Module At Fixed Address feature is enabled, the module should be loaded to
+ // a specified address.
+ //
+ if (PcdGet64(PcdLoadModuleAtFixAddressEnable) != 0 ) {
+ Status = GetPeCoffImageFixLoadingAssignedAddress (&(Image->ImageContext));
+
+ if (EFI_ERROR (Status)) {
+ //
+ // If the code memory is not ready, invoke CoreAllocatePage with AllocateAnyPages to load the driver.
+ //
+ DEBUG ((EFI_D_INFO|EFI_D_LOAD, "LOADING MODULE FIXED ERROR: Loading module at fixed address failed since specified memory is not available.\n"));
+
+ Status = CoreAllocatePages (
+ AllocateAnyPages,
+ (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
+ Image->NumberOfPages,
+ &Image->ImageContext.ImageAddress
+ );
+ }
+ } else {
+ if (Image->ImageContext.ImageAddress >= 0x100000 || Image->ImageContext.RelocationsStripped) {
+ Status = CoreAllocatePages (
+ AllocateAddress,
+ (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
+ Image->NumberOfPages,
+ &Image->ImageContext.ImageAddress
+ );
+ }
+ if (EFI_ERROR (Status) && !Image->ImageContext.RelocationsStripped) {
+ Status = CoreAllocatePages (
+ AllocateAnyPages,
+ (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
+ Image->NumberOfPages,
+ &Image->ImageContext.ImageAddress
+ );
+ }
}
if (EFI_ERROR (Status)) {
return Status;
@@ -316,9 +601,9 @@ CoreLoadPeImage (
Image->ImageBasePage = Image->ImageContext.ImageAddress;
if (!Image->ImageContext.IsTeImage) {
- Image->ImageContext.ImageAddress =
- (Image->ImageContext.ImageAddress + Image->ImageContext.SectionAlignment - 1) &
- ~((UINTN)Image->ImageContext.SectionAlignment - 1);
+ Image->ImageContext.ImageAddress =
+ (Image->ImageContext.ImageAddress + Image->ImageContext.SectionAlignment - 1) &
+ ~((UINTN)Image->ImageContext.SectionAlignment - 1);
}
//
@@ -344,29 +629,6 @@ CoreLoadPeImage (
}
}
- //
- // Measure the image before applying fixup
- //
- Status = CoreLocateProtocol (
- &gEfiTcgPlatformProtocolGuid,
- NULL,
- (VOID **) &TcgPlatformProtocol
- );
- if (!EFI_ERROR (Status)) {
- FHandle = (IMAGE_FILE_HANDLE *) Image->ImageContext.Handle;
- Status = TcgPlatformProtocol->MeasurePeImage (
- BootPolicy,
- (EFI_PHYSICAL_ADDRESS) (UINTN) FHandle->Source,
- FHandle->SourceSize,
- LinkTimeBase,
- Image->ImageContext.ImageType,
- Image->Info.DeviceHandle,
- Image->Info.FilePath
- );
-
- ASSERT_EFI_ERROR (Status);
- }
-
//
// Relocate the image in memory
//
@@ -398,7 +660,7 @@ CoreLoadPeImage (
// Locate the EBC interpreter protocol
//
Status = CoreLocateProtocol (&gEfiEbcProtocolGuid, NULL, (VOID **)&Image->Ebc);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR(Status) || Image->Ebc == NULL) {
DEBUG ((DEBUG_LOAD | DEBUG_ERROR, "CoreLoadPeImage: There is no EBC interpreter for an EBC image.\n"));
goto Done;
}
@@ -449,6 +711,7 @@ CoreLoadPeImage (
Image->RuntimeData->RelocationData = Image->ImageContext.FixupData;
Image->RuntimeData->Handle = Image->Handle;
InsertTailList (&gRuntime->ImageHead, &Image->RuntimeData->Link);
+ InsertImageRecord (Image->RuntimeData);
}
}
@@ -525,6 +788,8 @@ Done:
if (DstBufAlocated) {
CoreFreePages (Image->ImageContext.ImageAddress, Image->NumberOfPages);
+ Image->ImageContext.ImageAddress = 0;
+ Image->ImageBasePage = 0;
}
if (Image->ImageContext.FixupData != NULL) {
@@ -593,6 +858,15 @@ CoreUnloadAndCloseImage (
UINTN OpenInfoCount;
UINTN OpenInfoIndex;
+ HandleBuffer = NULL;
+ ProtocolGuidArray = NULL;
+
+ if (Image->Started) {
+ UnregisterMemoryProfileImage (Image);
+ }
+
+ UnprotectUefiImage (&Image->Info, Image->LoadedImageDevicePath);
+
if (Image->Ebc != NULL) {
//
// If EBC protocol exists we must perform cleanups for this image.
@@ -672,6 +946,14 @@ CoreUnloadAndCloseImage (
&Image->Info
);
+ if (Image->ImageContext.HiiResourceData != 0) {
+ Status = CoreUninstallProtocolInterface (
+ Image->Handle,
+ &gEfiHiiPackageListProtocolGuid,
+ (VOID *) (UINTN) Image->ImageContext.HiiResourceData
+ );
+ }
+
}
if (Image->RuntimeData != NULL) {
@@ -680,6 +962,7 @@ CoreUnloadAndCloseImage (
// Remove the Image from the Runtime Image list as we are about to Free it!
//
RemoveEntryList (&Image->RuntimeData->Link);
+ RemoveImageRecord (Image->RuntimeData);
}
CoreFreePool (Image->RuntimeData);
}
@@ -744,6 +1027,14 @@ CoreUnloadAndCloseImage (
protocol for loading the file.
@retval EFI_OUT_OF_RESOURCES Image was not loaded due to insufficient
resources.
+ @retval EFI_LOAD_ERROR Image was not loaded because the image format was corrupt or not
+ understood.
+ @retval EFI_DEVICE_ERROR Image was not loaded because the device returned a read error.
+ @retval EFI_ACCESS_DENIED Image was not loaded because the platform policy prohibits the
+ image from being loaded. NULL is returned in *ImageHandle.
+ @retval EFI_SECURITY_VIOLATION Image was loaded and an ImageHandle was created with a
+ valid EFI_LOADED_IMAGE_PROTOCOL. However, the current
+ platform policy specifies that the image should not be started.
**/
EFI_STATUS
@@ -769,7 +1060,11 @@ CoreLoadImageCommon (
UINT32 AuthenticationStatus;
EFI_DEVICE_PATH_PROTOCOL *OriginalFilePath;
EFI_DEVICE_PATH_PROTOCOL *HandleFilePath;
+ EFI_DEVICE_PATH_PROTOCOL *InputFilePath;
+ EFI_DEVICE_PATH_PROTOCOL *Node;
UINTN FilePathSize;
+ BOOLEAN ImageIsFromFv;
+ BOOLEAN ImageIsFromLoadFile;
SecurityStatus = EFI_SUCCESS;
@@ -789,61 +1084,164 @@ CoreLoadImageCommon (
return EFI_INVALID_PARAMETER;
}
+ ZeroMem (&FHand, sizeof (IMAGE_FILE_HANDLE));
+ FHand.Signature = IMAGE_FILE_HANDLE_SIGNATURE;
+ OriginalFilePath = FilePath;
+ InputFilePath = FilePath;
+ HandleFilePath = FilePath;
+ DeviceHandle = NULL;
+ Status = EFI_SUCCESS;
+ AuthenticationStatus = 0;
+ ImageIsFromFv = FALSE;
+ ImageIsFromLoadFile = FALSE;
+
//
- // Get simple read access to the source file
+ // If the caller passed a copy of the file, then just use it
//
- OriginalFilePath = FilePath;
- Status = CoreOpenImageFile (
- BootPolicy,
- SourceBuffer,
- SourceSize,
- &FilePath,
- &DeviceHandle,
- &FHand,
- &AuthenticationStatus
- );
- if (Status == EFI_ALREADY_STARTED) {
+ if (SourceBuffer != NULL) {
+ FHand.Source = SourceBuffer;
+ FHand.SourceSize = SourceSize;
+ Status = CoreLocateDevicePath (&gEfiDevicePathProtocolGuid, &HandleFilePath, &DeviceHandle);
+ if (EFI_ERROR (Status)) {
+ DeviceHandle = NULL;
+ }
+ if (SourceSize > 0) {
+ Status = EFI_SUCCESS;
+ } else {
+ Status = EFI_LOAD_ERROR;
+ }
+ } else {
+ if (FilePath == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Try to get the image device handle by checking the match protocol.
+ //
+ Node = NULL;
+ Status = CoreLocateDevicePath (&gEfiFirmwareVolume2ProtocolGuid, &HandleFilePath, &DeviceHandle);
+ if (!EFI_ERROR (Status)) {
+ ImageIsFromFv = TRUE;
+ } else {
+ HandleFilePath = FilePath;
+ Status = CoreLocateDevicePath (&gEfiSimpleFileSystemProtocolGuid, &HandleFilePath, &DeviceHandle);
+ if (EFI_ERROR (Status)) {
+ if (!BootPolicy) {
+ HandleFilePath = FilePath;
+ Status = CoreLocateDevicePath (&gEfiLoadFile2ProtocolGuid, &HandleFilePath, &DeviceHandle);
+ }
+ if (EFI_ERROR (Status)) {
+ HandleFilePath = FilePath;
+ Status = CoreLocateDevicePath (&gEfiLoadFileProtocolGuid, &HandleFilePath, &DeviceHandle);
+ if (!EFI_ERROR (Status)) {
+ ImageIsFromLoadFile = TRUE;
+ Node = HandleFilePath;
+ }
+ }
+ }
+ }
+
+ //
+ // Get the source file buffer by its device path.
+ //
+ FHand.Source = GetFileBufferByFilePath (
+ BootPolicy,
+ FilePath,
+ &FHand.SourceSize,
+ &AuthenticationStatus
+ );
+ if (FHand.Source == NULL) {
+ Status = EFI_NOT_FOUND;
+ } else {
+ FHand.FreeBuffer = TRUE;
+ if (ImageIsFromLoadFile) {
+ //
+ // LoadFile () may cause the device path of the Handle be updated.
+ //
+ OriginalFilePath = AppendDevicePath (DevicePathFromHandle (DeviceHandle), Node);
+ }
+ }
+ }
+
+ if (EFI_ERROR (Status)) {
Image = NULL;
goto Done;
- } else if (EFI_ERROR (Status)) {
- return Status;
}
- //
- // Verify the Authentication Status through the Security Architectural Protocol
- //
- if ((gSecurity != NULL) && (OriginalFilePath != NULL)) {
+ if (gSecurity2 != NULL) {
+ //
+ // Verify File Authentication through the Security2 Architectural Protocol
+ //
+ SecurityStatus = gSecurity2->FileAuthentication (
+ gSecurity2,
+ OriginalFilePath,
+ FHand.Source,
+ FHand.SourceSize,
+ BootPolicy
+ );
+ if (!EFI_ERROR (SecurityStatus) && ImageIsFromFv) {
+ //
+ // When Security2 is installed, Security Architectural Protocol must be published.
+ //
+ ASSERT (gSecurity != NULL);
+
+ //
+ // Verify the Authentication Status through the Security Architectural Protocol
+ // Only on images that have been read using Firmware Volume protocol.
+ //
+ SecurityStatus = gSecurity->FileAuthenticationState (
+ gSecurity,
+ AuthenticationStatus,
+ OriginalFilePath
+ );
+ }
+ } else if ((gSecurity != NULL) && (OriginalFilePath != NULL)) {
+ //
+ // Verify the Authentication Status through the Security Architectural Protocol
+ //
SecurityStatus = gSecurity->FileAuthenticationState (
gSecurity,
AuthenticationStatus,
OriginalFilePath
);
- if (EFI_ERROR (SecurityStatus) && SecurityStatus != EFI_SECURITY_VIOLATION) {
- Status = SecurityStatus;
- Image = NULL;
- goto Done;
- }
}
+ //
+ // Check Security Status.
+ //
+ if (EFI_ERROR (SecurityStatus) && SecurityStatus != EFI_SECURITY_VIOLATION) {
+ if (SecurityStatus == EFI_ACCESS_DENIED) {
+ //
+ // Image was not loaded because the platform policy prohibits the image from being loaded.
+ // It's the only place we could meet EFI_ACCESS_DENIED.
+ //
+ *ImageHandle = NULL;
+ }
+ Status = SecurityStatus;
+ Image = NULL;
+ goto Done;
+ }
//
// Allocate a new image structure
//
Image = AllocateZeroPool (sizeof(LOADED_IMAGE_PRIVATE_DATA));
if (Image == NULL) {
- return EFI_OUT_OF_RESOURCES;
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
}
//
// Pull out just the file portion of the DevicePath for the LoadedImage FilePath
//
FilePath = OriginalFilePath;
- Status = CoreHandleProtocol (DeviceHandle, &gEfiDevicePathProtocolGuid, (VOID **)&HandleFilePath);
- if (!EFI_ERROR (Status)) {
- FilePathSize = GetDevicePathSize (HandleFilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL);
- FilePath = (EFI_DEVICE_PATH_PROTOCOL *) (((UINT8 *)FilePath) + FilePathSize );
+ if (DeviceHandle != NULL) {
+ Status = CoreHandleProtocol (DeviceHandle, &gEfiDevicePathProtocolGuid, (VOID **)&HandleFilePath);
+ if (!EFI_ERROR (Status)) {
+ FilePathSize = GetDevicePathSize (HandleFilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL);
+ FilePath = (EFI_DEVICE_PATH_PROTOCOL *) (((UINT8 *)FilePath) + FilePathSize );
+ }
}
-
//
// Initialize the fields for an internal driver
//
@@ -934,6 +1332,22 @@ CoreLoadImageCommon (
goto Done;
}
+ //
+ // Install HII Package List Protocol onto the image handle
+ //
+ if (Image->ImageContext.HiiResourceData != 0) {
+ Status = CoreInstallProtocolInterface (
+ &Image->Handle,
+ &gEfiHiiPackageListProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ (VOID *) (UINTN) Image->ImageContext.HiiResourceData
+ );
+ if (EFI_ERROR (Status)) {
+ goto Done;
+ }
+ }
+ ProtectUefiImage (&Image->Info, Image->LoadedImageDevicePath);
+
//
// Success. Return the image handle
//
@@ -947,6 +1361,9 @@ Done:
if (FHand.FreeBuffer) {
CoreFreePool (FHand.Source);
}
+ if (OriginalFilePath != InputFilePath) {
+ CoreFreePool (OriginalFilePath);
+ }
//
// There was an error. If there's an Image structure, free it
@@ -954,12 +1371,19 @@ Done:
if (EFI_ERROR (Status)) {
if (Image != NULL) {
CoreUnloadAndCloseImage (Image, (BOOLEAN)(DstBuffer == 0));
- *ImageHandle = NULL;
+ Image = NULL;
}
} else if (EFI_ERROR (SecurityStatus)) {
Status = SecurityStatus;
}
+ //
+ // Track the return status from LoadImage.
+ //
+ if (Image != NULL) {
+ Image->LoadImageStatus = Status;
+ }
+
return Status;
}
@@ -990,6 +1414,14 @@ Done:
protocol for loading the file.
@retval EFI_OUT_OF_RESOURCES Image was not loaded due to insufficient
resources.
+ @retval EFI_LOAD_ERROR Image was not loaded because the image format was corrupt or not
+ understood.
+ @retval EFI_DEVICE_ERROR Image was not loaded because the device returned a read error.
+ @retval EFI_ACCESS_DENIED Image was not loaded because the platform policy prohibits the
+ image from being loaded. NULL is returned in *ImageHandle.
+ @retval EFI_SECURITY_VIOLATION Image was loaded and an ImageHandle was created with a
+ valid EFI_LOADED_IMAGE_PROTOCOL. However, the current
+ platform policy specifies that the image should not be started.
**/
EFI_STATUS
@@ -1005,6 +1437,7 @@ CoreLoadImage (
{
EFI_STATUS Status;
UINT64 Tick;
+ EFI_HANDLE Handle;
Tick = 0;
PERF_CODE (
@@ -1024,8 +1457,16 @@ CoreLoadImage (
EFI_LOAD_PE_IMAGE_ATTRIBUTE_RUNTIME_REGISTRATION | EFI_LOAD_PE_IMAGE_ATTRIBUTE_DEBUG_IMAGE_INFO_TABLE_REGISTRATION
);
- PERF_START (*ImageHandle, "LoadImage:", NULL, Tick);
- PERF_END (*ImageHandle, "LoadImage:", NULL, 0);
+ Handle = NULL;
+ if (!EFI_ERROR (Status)) {
+ //
+ // ImageHandle will be valid only Status is success.
+ //
+ Handle = *ImageHandle;
+ }
+
+ PERF_START (Handle, "LoadImage:", NULL, Tick);
+ PERF_END (Handle, "LoadImage:", NULL, 0);
return Status;
}
@@ -1059,6 +1500,14 @@ CoreLoadImage (
protocol for loading the file.
@retval EFI_OUT_OF_RESOURCES Image was not loaded due to insufficient
resources.
+ @retval EFI_LOAD_ERROR Image was not loaded because the image format was corrupt or not
+ understood.
+ @retval EFI_DEVICE_ERROR Image was not loaded because the device returned a read error.
+ @retval EFI_ACCESS_DENIED Image was not loaded because the platform policy prohibits the
+ image from being loaded. NULL is returned in *ImageHandle.
+ @retval EFI_SECURITY_VIOLATION Image was loaded and an ImageHandle was created with a
+ valid EFI_LOADED_IMAGE_PROTOCOL. However, the current
+ platform policy specifies that the image should not be started.
**/
EFI_STATUS
@@ -1076,7 +1525,16 @@ CoreLoadImageEx (
IN UINT32 Attribute
)
{
- return CoreLoadImageCommon (
+ EFI_STATUS Status;
+ UINT64 Tick;
+ EFI_HANDLE Handle;
+
+ Tick = 0;
+ PERF_CODE (
+ Tick = GetPerformanceCounter ();
+ );
+
+ Status = CoreLoadImageCommon (
TRUE,
ParentImageHandle,
FilePath,
@@ -1088,6 +1546,19 @@ CoreLoadImageEx (
EntryPoint,
Attribute
);
+
+ Handle = NULL;
+ if (!EFI_ERROR (Status)) {
+ //
+ // ImageHandle will be valid only Status is success.
+ //
+ Handle = *ImageHandle;
+ }
+
+ PERF_START (Handle, "LoadImage:", NULL, Tick);
+ PERF_END (Handle, "LoadImage:", NULL, 0);
+
+ return Status;
}
@@ -1097,7 +1568,7 @@ CoreLoadImageEx (
@param ImageHandle Handle of image to be started.
@param ExitDataSize Pointer of the size to ExitData
@param ExitData Pointer to a pointer to a data buffer that
- includes a Null-terminated Unicode string,
+ includes a Null-terminated string,
optionally followed by additional binary data.
The string is a description that the caller may
use to further indicate the reason for the
@@ -1105,6 +1576,7 @@ CoreLoadImageEx (
@retval EFI_INVALID_PARAMETER Invalid parameter
@retval EFI_OUT_OF_RESOURCES No enough buffer to allocate
+ @retval EFI_SECURITY_VIOLATION The current platform policy specifies that the image should not be started.
@retval EFI_SUCCESS Successfully transfer control to the image's
entry point.
@@ -1122,16 +1594,36 @@ CoreStartImage (
LOADED_IMAGE_PRIVATE_DATA *LastImage;
UINT64 HandleDatabaseKey;
UINTN SetJumpFlag;
+ UINT64 Tick;
+ EFI_HANDLE Handle;
+
+ Tick = 0;
+ Handle = ImageHandle;
Image = CoreLoadedImageInfo (ImageHandle);
if (Image == NULL || Image->Started) {
return EFI_INVALID_PARAMETER;
}
+ if (EFI_ERROR (Image->LoadImageStatus)) {
+ return Image->LoadImageStatus;
+ }
//
- // Don't profile Objects or invalid start requests
+ // The image to be started must have the machine type supported by DxeCore.
//
- PERF_START (ImageHandle, "StartImage:", NULL, 0);
+ if (!EFI_IMAGE_MACHINE_TYPE_SUPPORTED (Image->Machine)) {
+ //
+ // Do not ASSERT here, because image might be loaded via EFI_IMAGE_MACHINE_CROSS_TYPE_SUPPORTED
+ // But it can not be started.
+ //
+ DEBUG ((EFI_D_ERROR, "Image type %s can't be started ", GetMachineTypeName(Image->Machine)));
+ DEBUG ((EFI_D_ERROR, "on %s UEFI system.\n", GetMachineTypeName(mDxeCoreImageMachineType)));
+ return EFI_UNSUPPORTED;
+ }
+
+ PERF_CODE (
+ Tick = GetPerformanceCounter ();
+ );
//
@@ -1151,7 +1643,18 @@ CoreStartImage (
//
Image->JumpBuffer = AllocatePool (sizeof (BASE_LIBRARY_JUMP_BUFFER) + BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);
if (Image->JumpBuffer == NULL) {
- PERF_END (ImageHandle, "StartImage:", NULL, 0);
+ //
+ // Image may be unloaded after return with failure,
+ // then ImageHandle may be invalid, so use NULL handle to record perf log.
+ //
+ PERF_START (NULL, "StartImage:", NULL, Tick);
+ PERF_END (NULL, "StartImage:", NULL, 0);
+
+ //
+ // Pop the current start image context
+ //
+ mCurrentImage = LastImage;
+
return EFI_OUT_OF_RESOURCES;
}
Image->JumpContext = ALIGN_POINTER (Image->JumpBuffer, BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);
@@ -1162,6 +1665,7 @@ CoreStartImage (
// Subsequent calls to LongJump() cause a non-zero value to be returned by SetJump().
//
if (SetJumpFlag == 0) {
+ RegisterMemoryProfileImage (Image, (Image->ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION ? EFI_FV_FILETYPE_APPLICATION : EFI_FV_FILETYPE_DRIVER));
//
// Call the image's entry point
//
@@ -1199,9 +1703,17 @@ CoreStartImage (
mCurrentImage = LastImage;
//
- // Go connect any handles that were created or modified while the image executed.
+ // UEFI Specification - StartImage() - EFI 1.10 Extension
+ // To maintain compatibility with UEFI drivers that are written to the EFI
+ // 1.02 Specification, StartImage() must monitor the handle database before
+ // and after each image is started. If any handles are created or modified
+ // when an image is started, then EFI_BOOT_SERVICES.ConnectController() must
+ // be called with the Recursive parameter set to TRUE for each of the newly
+ // created or modified handles before StartImage() returns.
//
- CoreConnectHandlesByKey (HandleDatabaseKey);
+ if (Image->Type != EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION) {
+ CoreConnectHandlesByKey (HandleDatabaseKey);
+ }
//
// Handle the image's returned ExitData
@@ -1242,12 +1754,17 @@ CoreStartImage (
//
if (EFI_ERROR (Image->Status) || Image->Type == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION) {
CoreUnloadAndCloseImage (Image, TRUE);
+ //
+ // ImageHandle may be invalid after the image is unloaded, so use NULL handle to record perf log.
+ //
+ Handle = NULL;
}
//
// Done
//
- PERF_END (ImageHandle, "StartImage:", NULL, 0);
+ PERF_START (Handle, "StartImage:", NULL, Tick);
+ PERF_END (Handle, "StartImage:", NULL, 0);
return Status;
}
@@ -1360,7 +1877,7 @@ Done:
unloaded.
@retval EFI_SUCCESS The image has been unloaded.
- @retval EFI_UNSUPPORTED The image has been sarted, and does not support
+ @retval EFI_UNSUPPORTED The image has been started, and does not support
unload.
@retval EFI_INVALID_PARAMPETER ImageHandle is not a valid image handle.