SignedCapsulePkg: Update EdkiiSystemCapsuleLib to check PCD value
authorLiming Gao <liming.gao@intel.com>
Tue, 28 Nov 2017 03:26:34 +0000 (11:26 +0800)
committerLiming Gao <liming.gao@intel.com>
Fri, 8 Dec 2017 05:31:00 +0000 (13:31 +0800)
If PCD value is not set, register PcdCallBack to hook PCD value set

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.c
SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf

index 62be8eb..876d225 100644 (file)
@@ -29,6 +29,7 @@
 #include <Library/BaseLib.h>\r
 #include <Library/BaseMemoryLib.h>\r
 #include <Library/DebugLib.h>\r
+#include <Library/PcdLib.h>\r
 #include <Library/MemoryAllocationLib.h>\r
 #include <Library/EdkiiSystemCapsuleLib.h>\r
 #include <Library/FmpAuthenticationLib.h>\r
@@ -600,6 +601,10 @@ CapsuleAuthenticateSystemFirmware (
   // NOTE: This function need run in an isolated environment.\r
   // Do not touch FMP protocol and its private structure.\r
   //\r
+  if (mImageFmpInfo == NULL) {\r
+    DEBUG((DEBUG_INFO, "ImageFmpInfo is not set\n"));\r
+    return EFI_SECURITY_VIOLATION;\r
+  }\r
 \r
   Result = ExtractAuthenticatedImage((VOID *)Image, ImageSize, LastAttemptStatus, AuthenticatedImage, AuthenticatedImageSize);\r
   if (!Result) {\r
@@ -654,6 +659,53 @@ CapsuleAuthenticateSystemFirmware (
   return EFI_SUCCESS;\r
 }\r
 \r
+/**\r
+  PcdCallBack gets the real set PCD value\r
+\r
+  @param[in]      CallBackGuid    The PCD token GUID being set.\r
+  @param[in]      CallBackToken   The PCD token number being set.\r
+  @param[in, out] TokenData       A pointer to the token data being set.\r
+  @param[in]      TokenDataSize   The size, in bytes, of the data being set.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+EdkiiSystemCapsuleLibPcdCallBack (\r
+  IN        CONST GUID        *CallBackGuid, OPTIONAL\r
+  IN        UINTN             CallBackToken,\r
+  IN  OUT   VOID              *TokenData,\r
+  IN        UINTN             TokenDataSize\r
+  )\r
+{\r
+  if (CompareGuid (CallBackGuid, &gEfiSignedCapsulePkgTokenSpaceGuid) &&\r
+      CallBackToken == PcdToken (PcdEdkiiSystemFirmwareImageDescriptor)) {\r
+    mImageFmpInfoSize = TokenDataSize;\r
+    mImageFmpInfo = AllocateCopyPool (mImageFmpInfoSize, TokenData);\r
+    ASSERT(mImageFmpInfo != NULL);\r
+    //\r
+    // Cancel Callback after get the real set value\r
+    //\r
+    LibPcdCancelCallback (\r
+      &gEfiSignedCapsulePkgTokenSpaceGuid,\r
+      PcdToken (PcdEdkiiSystemFirmwareImageDescriptor),\r
+      EdkiiSystemCapsuleLibPcdCallBack\r
+      );\r
+  }\r
+\r
+  if (CompareGuid (CallBackGuid, &gEfiSignedCapsulePkgTokenSpaceGuid) &&\r
+      CallBackToken == PcdToken (PcdEdkiiSystemFirmwareFileGuid)) {\r
+    CopyGuid(&mEdkiiSystemFirmwareFileGuid, TokenData);\r
+    //\r
+    // Cancel Callback after get the real set value\r
+    //\r
+    LibPcdCancelCallback (\r
+      &gEfiSignedCapsulePkgTokenSpaceGuid,\r
+      PcdToken (PcdEdkiiSystemFirmwareFileGuid),\r
+      EdkiiSystemCapsuleLibPcdCallBack\r
+      );\r
+  }\r
+}\r
+\r
 /**\r
   The constructor function.\r
 \r
@@ -666,8 +718,38 @@ EdkiiSystemCapsuleLibConstructor (
   )\r
 {\r
   mImageFmpInfoSize = PcdGetSize(PcdEdkiiSystemFirmwareImageDescriptor);\r
-  mImageFmpInfo = AllocateCopyPool (mImageFmpInfoSize, PcdGetPtr(PcdEdkiiSystemFirmwareImageDescriptor));\r
-  ASSERT(mImageFmpInfo != NULL);\r
+  mImageFmpInfo     = PcdGetPtr(PcdEdkiiSystemFirmwareImageDescriptor);\r
+  //\r
+  // Verify Firmware Image Descriptor first\r
+  //\r
+  if (mImageFmpInfoSize < sizeof (EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR) ||\r
+      mImageFmpInfo->Signature != EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE) {\r
+    //\r
+    // SystemFirmwareImageDescriptor is not set.\r
+    // Register PCD set callback to hook PCD value set.\r
+    //\r
+    mImageFmpInfo     = NULL;\r
+    mImageFmpInfoSize = 0;\r
+    LibPcdCallbackOnSet (\r
+      &gEfiSignedCapsulePkgTokenSpaceGuid,\r
+      PcdToken (PcdEdkiiSystemFirmwareImageDescriptor),\r
+      EdkiiSystemCapsuleLibPcdCallBack\r
+      );\r
+  } else {\r
+    mImageFmpInfo = AllocateCopyPool (mImageFmpInfoSize, mImageFmpInfo);\r
+    ASSERT(mImageFmpInfo != NULL);\r
+  }\r
+\r
   CopyGuid(&mEdkiiSystemFirmwareFileGuid, PcdGetPtr(PcdEdkiiSystemFirmwareFileGuid));\r
+  //\r
+  // Verify GUID value first\r
+  //\r
+  if (CompareGuid (&mEdkiiSystemFirmwareFileGuid, &gZeroGuid)) {\r
+    LibPcdCallbackOnSet (\r
+      &gEfiSignedCapsulePkgTokenSpaceGuid,\r
+      PcdToken (PcdEdkiiSystemFirmwareFileGuid),\r
+      EdkiiSystemCapsuleLibPcdCallBack\r
+      );\r
+  }\r
   return EFI_SUCCESS;\r
 }\r
index a21e75c..a721619 100644 (file)
@@ -43,6 +43,7 @@
   BaseLib\r
   BaseMemoryLib\r
   DebugLib\r
+  PcdLib\r
   MemoryAllocationLib\r
   FmpAuthenticationLib\r
 \r
@@ -58,4 +59,6 @@
   gEdkiiSystemFmpCapsuleDriverFvFileGuid               ## SOMETIMES_CONSUMES   ## GUID\r
   gEfiCertPkcs7Guid                                    ## SOMETIMES_CONSUMES   ## GUID\r
   gEfiCertTypeRsa2048Sha256Guid                        ## SOMETIMES_CONSUMES   ## GUID\r
+  gEfiSignedCapsulePkgTokenSpaceGuid                   ## SOMETIMES_CONSUMES   ## GUID\r
+  gZeroGuid                                            ## SOMETIMES_CONSUMES   ## GUID\r
 \r