Blame - lib/efi_loader/efi_firmware.c - filogic/uboot

blob: 112775daf4c3ede750ec2069d68163fc476df8e9 [file] [log] [blame]

AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	1	// SPDX-License-Identifier: GPL-2.0+
				2	/*
				3	* EFI Firmware management protocol
				4	*
				5	* Copyright (c) 2020 Linaro Limited
				6	* Author: AKASHI Takahiro
				7	*/
				8
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	9	#include <charset.h>
				10	#include <dfu.h>
				11	#include <efi_loader.h>
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	12	#include <efi_variable.h>
Sughosh Ganu	1cadae2	2022-10-21 18:16:03 +0530	[diff] [blame]	13	#include <fwu.h>
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	14	#include <image.h>
Sughosh Ganu	7221c6e	2020-12-30 19:27:05 +0530	[diff] [blame]	15	#include <signatures.h>
				16
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	17	#include <linux/list.h>
				18
Sughosh Ganu	7221c6e	2020-12-30 19:27:05 +0530	[diff] [blame]	19	#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1')
				20
				21	/**
				22	* struct fmp_payload_header - EDK2 header for the FMP payload
				23	*
				24	* This structure describes the header which is preprended to the
				25	* FMP payload by the edk2 capsule generation scripts.
				26	*
				27	* @signature: Header signature used to identify the header
				28	* @header_size: Size of the structure
				29	* @fw_version: Firmware versions used
				30	* @lowest_supported_version: Lowest supported version
				31	*/
				32	struct fmp_payload_header {
				33	u32 signature;
				34	u32 header_size;
				35	u32 fw_version;
				36	u32 lowest_supported_version;
				37	};
				38
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	39	/**
				40	* struct fmp_state - fmp firmware update state
				41	*
				42	* This structure describes the state of the firmware update
				43	* through FMP protocol.
				44	*
				45	* @fw_version: Firmware versions used
				46	* @lowest_supported_version: Lowest supported version
				47	* @last_attempt_version: Last attempt version
				48	* @last_attempt_status: Last attempt status
				49	*/
				50	struct fmp_state {
				51	u32 fw_version;
				52	u32 lowest_supported_version; /* not used */
				53	u32 last_attempt_version; /* not used */
				54	u32 last_attempt_status; /* not used */
				55	};
				56
Sughosh Ganu	a1d9f67	2022-04-15 11:29:37 +0530	[diff] [blame]	57	__weak void set_dfu_alt_info(char interface, char devstr)
				58	{
				59	env_set("dfu_alt_info", update_info.dfu_string);
				60	}
				61
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	62	/**
				63	* efi_firmware_get_image_type_id - get image_type_id
				64	* @image_index: image index
				65	*
				66	* Return the image_type_id identified by the image index.
				67	*
				68	* Return: pointer to the image_type_id, NULL if image_index is invalid
				69	*/
				70	static
				71	efi_guid_t *efi_firmware_get_image_type_id(u8 image_index)
				72	{
				73	int i;
				74	struct efi_fw_image *fw_array;
				75
				76	fw_array = update_info.images;
				77	for (i = 0; i < update_info.num_images; i++) {
				78	if (fw_array[i].image_index == image_index)
				79	return &fw_array[i].image_type_id;
				80	}
				81
				82	return NULL;
				83	}
				84
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	85	/* Place holder; not supported */
				86	static
				87	efi_status_t EFIAPI efi_firmware_get_image_unsupported(
				88	struct efi_firmware_management_protocol *this,
				89	u8 image_index,
				90	void *image,
				91	efi_uintn_t *image_size)
				92	{
				93	EFI_ENTRY("%p %d %p %p\n", this, image_index, image, image_size);
				94
				95	return EFI_EXIT(EFI_UNSUPPORTED);
				96	}
				97
				98	/* Place holder; not supported */
				99	static
				100	efi_status_t EFIAPI efi_firmware_check_image_unsupported(
				101	struct efi_firmware_management_protocol *this,
				102	u8 image_index,
				103	const void *image,
				104	efi_uintn_t *image_size,
				105	u32 *image_updatable)
				106	{
				107	EFI_ENTRY("%p %d %p %p %p\n", this, image_index, image, image_size,
				108	image_updatable);
				109
				110	return EFI_EXIT(EFI_UNSUPPORTED);
				111	}
				112
				113	/* Place holder; not supported */
				114	static
				115	efi_status_t EFIAPI efi_firmware_get_package_info_unsupported(
				116	struct efi_firmware_management_protocol *this,
				117	u32 *package_version,
				118	u16 **package_version_name,
				119	u32 *package_version_name_maxlen,
				120	u64 *attributes_supported,
				121	u64 *attributes_setting)
				122	{
				123	EFI_ENTRY("%p %p %p %p %p %p\n", this, package_version,
				124	package_version_name, package_version_name_maxlen,
				125	attributes_supported, attributes_setting);
				126
				127	return EFI_EXIT(EFI_UNSUPPORTED);
				128	}
				129
				130	/* Place holder; not supported */
				131	static
				132	efi_status_t EFIAPI efi_firmware_set_package_info_unsupported(
				133	struct efi_firmware_management_protocol *this,
				134	const void *image,
				135	efi_uintn_t *image_size,
				136	const void *vendor_code,
				137	u32 package_version,
				138	const u16 *package_version_name)
				139	{
				140	EFI_ENTRY("%p %p %p %p %x %p\n", this, image, image_size, vendor_code,
				141	package_version, package_version_name);
				142
				143	return EFI_EXIT(EFI_UNSUPPORTED);
				144	}
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	145
				146	/**
Masahisa Kojima	941353c	2023-06-07 14:41:54 +0900	[diff] [blame]	147	* efi_firmware_get_lsv_from_dtb - get lowest supported version from dtb
				148	* @image_index: Image index
				149	* @image_type_id: Image type id
				150	* @lsv: Pointer to store the lowest supported version
				151	*
				152	* Read the firmware version information from dtb.
				153	*/
				154	static void efi_firmware_get_lsv_from_dtb(u8 image_index,
				155	efi_guid_t image_type_id, u32 lsv)
				156	{
				157	const void *fdt = gd->fdt_blob;
				158	const fdt32_t *val;
				159	const char *guid_str;
				160	int len, offset, index;
Masahisa Kojima	73a5a26	2023-07-31 17:53:02 +0900	[diff] [blame]	161	int parent, ret;
Masahisa Kojima	941353c	2023-06-07 14:41:54 +0900	[diff] [blame]	162
				163	*lsv = 0;
				164
				165	parent = fdt_subnode_offset(fdt, 0, "firmware-version");
				166	if (parent < 0)
				167	return;
				168
				169	fdt_for_each_subnode(offset, fdt, parent) {
				170	efi_guid_t guid;
				171
				172	guid_str = fdt_getprop(fdt, offset, "image-type-id", &len);
				173	if (!guid_str)
				174	continue;
Masahisa Kojima	73a5a26	2023-07-31 17:53:02 +0900	[diff] [blame]	175	ret = uuid_str_to_bin(guid_str, guid.b, UUID_STR_FORMAT_GUID);
				176	if (ret < 0) {
				177	log_warning("Wrong image-type-id format.\n");
				178	continue;
				179	}
Masahisa Kojima	941353c	2023-06-07 14:41:54 +0900	[diff] [blame]	180
				181	val = fdt_getprop(fdt, offset, "image-index", &len);
				182	if (!val)
				183	continue;
				184	index = fdt32_to_cpu(*val);
				185
				186	if (!guidcmp(&guid, image_type_id) && index == image_index) {
				187	val = fdt_getprop(fdt, offset,
				188	"lowest-supported-version", &len);
				189	if (val)
				190	lsv = fdt32_to_cpu(val);
				191	}
				192	}
				193	}
				194
				195	/**
Masahisa Kojima	ff96fa1	2023-06-07 14:41:53 +0900	[diff] [blame]	196	* efi_firmware_fill_version_info - fill the version information
				197	* @image_info: Image information
				198	* @fw_array: Pointer to size of new image
				199	*
				200	* Fill the version information into image_info strucrure.
				201	*
				202	*/
				203	static
				204	void efi_firmware_fill_version_info(struct efi_firmware_image_descriptor *image_info,
				205	struct efi_fw_image *fw_array)
				206	{
				207	u16 varname[13]; /* u"FmpStateXXXX" */
				208	efi_status_t ret;
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	209	efi_uintn_t size, expected_size;
				210	uint num_banks = 1;
				211	uint active_index = 0;
				212	struct fmp_state *var_state;
Masahisa Kojima	ff96fa1	2023-06-07 14:41:53 +0900	[diff] [blame]	213
Masahisa Kojima	941353c	2023-06-07 14:41:54 +0900	[diff] [blame]	214	efi_firmware_get_lsv_from_dtb(fw_array->image_index,
				215	&fw_array->image_type_id,
				216	&image_info->lowest_supported_image_version);
				217
Masahisa Kojima	ff96fa1	2023-06-07 14:41:53 +0900	[diff] [blame]	218	image_info->version_name = NULL; /* not supported */
Masahisa Kojima	ff96fa1	2023-06-07 14:41:53 +0900	[diff] [blame]	219	image_info->last_attempt_version = 0;
				220	image_info->last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS;
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	221	image_info->version = 0;
				222
				223	/* get the fw_version */
				224	efi_create_indexed_name(varname, sizeof(varname), "FmpState",
				225	fw_array->image_index);
				226	if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
				227	ret = fwu_get_active_index(&active_index);
				228	if (ret)
				229	return;
				230
				231	num_banks = CONFIG_FWU_NUM_BANKS;
				232	}
				233
				234	size = num_banks * sizeof(*var_state);
				235	expected_size = size;
				236	var_state = calloc(1, size);
				237	if (!var_state)
				238	return;
				239
				240	ret = efi_get_variable_int(varname, &fw_array->image_type_id,
				241	NULL, &size, var_state, NULL);
				242	if (ret == EFI_SUCCESS && expected_size == size)
				243	image_info->version = var_state[active_index].fw_version;
				244
				245	free(var_state);
Masahisa Kojima	ff96fa1	2023-06-07 14:41:53 +0900	[diff] [blame]	246	}
				247
				248	/**
Caleb Connolly	3744e47	2024-08-30 13:34:33 +0100	[diff] [blame]	249	* efi_gen_capsule_guids - generate GUIDs for the images
				250	*
				251	* Generate the image_type_id for each image in the update_info.images array
				252	* using the first compatible from the device tree and a salt
				253	* UUID defined at build time.
				254	*
				255	* Returns: status code
				256	*/
				257	static efi_status_t efi_gen_capsule_guids(void)
				258	{
				259	int ret, i;
				260	struct uuid namespace;
				261	const char compatible; / Full array including null bytes */
				262	struct efi_fw_image *fw_array;
				263
				264	fw_array = update_info.images;
				265	/* Check if we need to run (there are images and we didn't already generate their IDs) */
				266	if (!update_info.num_images \|\|
				267	memchr_inv(&fw_array[0].image_type_id, 0, sizeof(fw_array[0].image_type_id)))
				268	return EFI_SUCCESS;
				269
				270	ret = uuid_str_to_bin(CONFIG_EFI_CAPSULE_NAMESPACE_GUID,
				271	(unsigned char *)&namespace, UUID_STR_FORMAT_GUID);
				272	if (ret) {
				273	log_debug("%s: EFI_CAPSULE_NAMESPACE_GUID is invalid: %d\n", __func__, ret);
				274	return EFI_INVALID_PARAMETER;
				275	}
				276
				277	compatible = ofnode_read_string(ofnode_root(), "compatible");
				278	if (!compatible) {
				279	log_debug("%s: model or compatible not defined\n", __func__);
				280	return EFI_INVALID_PARAMETER;
				281	}
				282
				283	for (i = 0; i < update_info.num_images; i++) {
Ilias Apalodimas	33cfbc0	2024-12-03 18:13:37 +0200	[diff] [blame]	284	if (!fw_array[i].fw_name) {
				285	log_err("fw_name is not defined. Not generating capsule GUIDs\n");
				286	return EFI_INVALID_PARAMETER;
				287	}
Caleb Connolly	3744e47	2024-08-30 13:34:33 +0100	[diff] [blame]	288	gen_v5_guid(&namespace,
				289	&fw_array[i].image_type_id,
				290	compatible, strlen(compatible),
				291	fw_array[i].fw_name, u16_strlen(fw_array[i].fw_name) * sizeof(uint16_t),
				292	NULL);
				293
				294	log_debug("Image %ls UUID %pUl\n", fw_array[i].fw_name,
				295	&fw_array[i].image_type_id);
				296	}
				297
				298	return EFI_SUCCESS;
				299	}
				300
				301	/**
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	302	* efi_fill_image_desc_array - populate image descriptor array
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	303	* @image_info_size: Size of @image_info
				304	* @image_info: Image information
				305	* @descriptor_version: Pointer to version number
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	306	* @descriptor_count: Image count
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	307	* @descriptor_size: Pointer to descriptor size
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	308	* @package_version: Package version
				309	* @package_version_name: Package version's name
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	310	*
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	311	* Return information about the current firmware image in @image_info.
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	312	* @image_info will consist of a number of descriptors.
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	313	* Each descriptor will be created based on efi_fw_image array.
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	314	*
				315	* Return status code
				316	*/
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	317	static efi_status_t efi_fill_image_desc_array(
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	318	efi_uintn_t *image_info_size,
				319	struct efi_firmware_image_descriptor *image_info,
				320	u32 *descriptor_version,
				321	u8 *descriptor_count,
				322	efi_uintn_t *descriptor_size,
				323	u32 *package_version,
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	324	u16 **package_version_name)
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	325	{
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	326	size_t total_size;
				327	struct efi_fw_image *fw_array;
Caleb Connolly	3744e47	2024-08-30 13:34:33 +0100	[diff] [blame]	328	int i, ret;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	329
Masahisa Kojima	5d2438b	2023-06-07 14:41:51 +0900	[diff] [blame]	330	total_size = sizeof(image_info) update_info.num_images;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	331
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	332	if (*image_info_size < total_size) {
				333	*image_info_size = total_size;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	334
				335	return EFI_BUFFER_TOO_SMALL;
				336	}
				337	*image_info_size = total_size;
				338
Caleb Connolly	3744e47	2024-08-30 13:34:33 +0100	[diff] [blame]	339	ret = efi_gen_capsule_guids();
				340	if (ret != EFI_SUCCESS)
				341	return ret;
				342
Sughosh Ganu	c212fc7	2022-05-31 12:45:33 +0530	[diff] [blame]	343	fw_array = update_info.images;
Masahisa Kojima	5d2438b	2023-06-07 14:41:51 +0900	[diff] [blame]	344	*descriptor_count = update_info.num_images;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	345	*descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	346	descriptor_size = sizeof(image_info);
				347	package_version = 0xffffffff; / not supported */
				348	package_version_name = NULL; / not supported */
				349
Masahisa Kojima	5d2438b	2023-06-07 14:41:51 +0900	[diff] [blame]	350	for (i = 0; i < update_info.num_images; i++) {
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	351	image_info[i].image_index = fw_array[i].image_index;
				352	image_info[i].image_type_id = fw_array[i].image_type_id;
				353	image_info[i].image_id = fw_array[i].image_index;
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	354	image_info[i].image_id_name = fw_array[i].fw_name;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	355
Masahisa Kojima	ff96fa1	2023-06-07 14:41:53 +0900	[diff] [blame]	356	efi_firmware_fill_version_info(&image_info[i], &fw_array[i]);
				357
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	358	image_info[i].size = 0;
				359	image_info[i].attributes_supported =
Sughosh Ganu	c9a821b	2020-12-30 19:27:10 +0530	[diff] [blame]	360	IMAGE_ATTRIBUTE_IMAGE_UPDATABLE \|
				361	IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	362	image_info[i].attributes_setting =
				363	IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;
Sughosh Ganu	c9a821b	2020-12-30 19:27:10 +0530	[diff] [blame]	364
				365	/* Check if the capsule authentication is enabled */
Sughosh Ganu	d1bd849	2021-04-12 20:35:23 +0530	[diff] [blame]	366	if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE))
Sughosh Ganu	c9a821b	2020-12-30 19:27:10 +0530	[diff] [blame]	367	image_info[0].attributes_setting \|=
				368	IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
				369
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	370	image_info[i].hardware_instance = 1;
				371	image_info[i].dependencies = NULL;
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	372	}
				373
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	374	return EFI_SUCCESS;
				375	}
				376
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	377	/**
				378	* efi_firmware_capsule_authenticate - authenticate the capsule if enabled
				379	* @p_image: Pointer to new image
				380	* @p_image_size: Pointer to size of new image
				381	*
				382	* Authenticate the capsule if authentication is enabled.
				383	* The image pointer and the image size are updated in case of success.
				384	*
				385	* Return: status code
				386	*/
				387	static
				388	efi_status_t efi_firmware_capsule_authenticate(const void **p_image,
				389	efi_uintn_t *p_image_size)
				390	{
				391	const void image = p_image;
				392	efi_uintn_t image_size = *p_image_size;
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	393	void *capsule_payload;
				394	efi_status_t status;
				395	efi_uintn_t capsule_payload_size;
				396
				397	if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE)) {
				398	capsule_payload = NULL;
				399	capsule_payload_size = 0;
				400	status = efi_capsule_authenticate(image, image_size,
				401	&capsule_payload,
				402	&capsule_payload_size);
				403
				404	if (status == EFI_SECURITY_VIOLATION) {
				405	printf("Capsule authentication check failed. Aborting update\n");
				406	return status;
				407	} else if (status != EFI_SUCCESS) {
				408	return status;
				409	}
				410
				411	debug("Capsule authentication successful\n");
				412	image = capsule_payload;
				413	image_size = capsule_payload_size;
				414	} else {
				415	debug("Capsule authentication disabled. ");
				416	debug("Updating capsule without authenticating.\n");
				417	}
				418
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	419	*p_image = image;
				420	*p_image_size = image_size;
				421	return EFI_SUCCESS;
				422	}
				423
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	424	/**
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	425	* efi_firmware_set_fmp_state_var - set FmpStateXXXX variable
				426	* @state: Pointer to fmp state
				427	* @image_index: image index
				428	*
				429	* Update the FmpStateXXXX variable with the firmware update state.
				430	*
				431	* Return: status code
				432	*/
				433	static
				434	efi_status_t efi_firmware_set_fmp_state_var(struct fmp_state *state, u8 image_index)
				435	{
				436	u16 varname[13]; /* u"FmpStateXXXX" */
				437	efi_status_t ret;
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	438	uint num_banks = 1;
				439	uint update_bank = 0;
				440	efi_uintn_t size;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	441	efi_guid_t *image_type_id;
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	442	struct fmp_state *var_state;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	443
				444	image_type_id = efi_firmware_get_image_type_id(image_index);
				445	if (!image_type_id)
				446	return EFI_INVALID_PARAMETER;
				447
				448	efi_create_indexed_name(varname, sizeof(varname), "FmpState",
				449	image_index);
				450
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	451	if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
				452	ret = fwu_plat_get_update_index(&update_bank);
				453	if (ret)
				454	return EFI_INVALID_PARAMETER;
				455
				456	num_banks = CONFIG_FWU_NUM_BANKS;
				457	}
				458
				459	size = num_banks * sizeof(*var_state);
Masahisa Kojima	6187c7c	2024-01-29 11:51:14 +0900	[diff] [blame]	460	var_state = malloc(size);
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	461	if (!var_state)
				462	return EFI_OUT_OF_RESOURCES;
				463
				464	/*
				465	* GetVariable may fail, EFI_NOT_FOUND is returned if FmpState
				466	* variable has not been set yet.
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	467	*/
Masahisa Kojima	6187c7c	2024-01-29 11:51:14 +0900	[diff] [blame]	468	ret = efi_get_variable_int(varname, image_type_id, NULL, &size,
				469	var_state, NULL);
				470	if (ret != EFI_SUCCESS)
				471	memset(var_state, 0, num_banks * sizeof(*var_state));
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	472
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	473	/*
				474	* Only the fw_version is set here.
				475	* lowest_supported_version in FmpState variable is ignored since
				476	* it can be tampered if the file based EFI variable storage is used.
				477	*/
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	478	var_state[update_bank].fw_version = state->fw_version;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	479
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	480	size = num_banks * sizeof(*var_state);
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	481	ret = efi_set_variable_int(varname, image_type_id,
				482	EFI_VARIABLE_READ_ONLY \|
				483	EFI_VARIABLE_NON_VOLATILE \|
				484	EFI_VARIABLE_BOOTSERVICE_ACCESS \|
				485	EFI_VARIABLE_RUNTIME_ACCESS,
Masahisa Kojima	c6319bd	2024-01-11 14:35:40 +0900	[diff] [blame]	486	size, var_state, false);
				487
				488	free(var_state);
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	489
				490	return ret;
				491	}
				492
				493	/**
				494	* efi_firmware_get_fw_version - get fw_version from FMP payload header
				495	* @p_image: Pointer to new image
				496	* @p_image_size: Pointer to size of new image
				497	* @state: Pointer to fmp state
				498	*
				499	* Parse the FMP payload header and fill the fmp_state structure.
				500	* If no FMP payload header is found, fmp_state structure is not updated.
				501	*
				502	*/
				503	static void efi_firmware_get_fw_version(const void **p_image,
				504	efi_uintn_t *p_image_size,
				505	struct fmp_state *state)
				506	{
				507	const struct fmp_payload_header *header;
				508	u32 fmp_hdr_signature = FMP_PAYLOAD_HDR_SIGNATURE;
				509
				510	header = *p_image;
				511	if (header->signature == fmp_hdr_signature) {
				512	/* FMP header is inserted above the capsule payload */
				513	state->fw_version = header->fw_version;
				514
				515	*p_image += header->header_size;
				516	*p_image_size -= header->header_size;
				517	}
				518	}
				519
				520	/**
				521	* efi_firmware_verify_image - verify image
				522	* @p_image: Pointer to new image
				523	* @p_image_size: Pointer to size of new image
				524	* @image_index: Image index
				525	* @state: Pointer to fmp state
				526	*
Masahisa Kojima	94f4780	2023-06-07 14:41:55 +0900	[diff] [blame]	527	* Verify the capsule authentication and check if the fw_version
				528	* is equal or greater than the lowest supported version.
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	529	*
				530	* Return: status code
				531	*/
				532	static
				533	efi_status_t efi_firmware_verify_image(const void **p_image,
				534	efi_uintn_t *p_image_size,
				535	u8 image_index,
				536	struct fmp_state *state)
				537	{
Masahisa Kojima	94f4780	2023-06-07 14:41:55 +0900	[diff] [blame]	538	u32 lsv;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	539	efi_status_t ret;
Masahisa Kojima	94f4780	2023-06-07 14:41:55 +0900	[diff] [blame]	540	efi_guid_t *image_type_id;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	541
				542	ret = efi_firmware_capsule_authenticate(p_image, p_image_size);
Masahisa Kojima	94f4780	2023-06-07 14:41:55 +0900	[diff] [blame]	543	if (ret != EFI_SUCCESS)
				544	return ret;
				545
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	546	efi_firmware_get_fw_version(p_image, p_image_size, state);
				547
Masahisa Kojima	94f4780	2023-06-07 14:41:55 +0900	[diff] [blame]	548	image_type_id = efi_firmware_get_image_type_id(image_index);
				549	if (!image_type_id)
				550	return EFI_INVALID_PARAMETER;
				551
				552	efi_firmware_get_lsv_from_dtb(image_index, image_type_id, &lsv);
				553	if (state->fw_version < lsv) {
				554	log_err("Firmware version %u too low. Expecting >= %u. Aborting update\n",
				555	state->fw_version, lsv);
				556	return EFI_INVALID_PARAMETER;
				557	}
				558
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	559	return ret;
				560	}
				561
				562	/**
Sughosh Ganu	4ed7261	2022-06-01 23:30:41 +0530	[diff] [blame]	563	* efi_firmware_get_image_info - return information about the current
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	564	* firmware image
				565	* @this: Protocol instance
				566	* @image_info_size: Size of @image_info
				567	* @image_info: Image information
				568	* @descriptor_version: Pointer to version number
				569	* @descriptor_count: Pointer to number of descriptors
				570	* @descriptor_size: Pointer to descriptor size
Vincent Stehlé	0f3c922	2022-05-25 11:20:22 +0200	[diff] [blame]	571	* @package_version: Package version
				572	* @package_version_name: Package version's name
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	573	*
				574	* Return information bout the current firmware image in @image_info.
				575	* @image_info will consist of a number of descriptors.
				576	* Each descriptor will be created based on "dfu_alt_info" variable.
				577	*
				578	* Return status code
				579	*/
				580	static
Sughosh Ganu	4ed7261	2022-06-01 23:30:41 +0530	[diff] [blame]	581	efi_status_t EFIAPI efi_firmware_get_image_info(
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	582	struct efi_firmware_management_protocol *this,
				583	efi_uintn_t *image_info_size,
				584	struct efi_firmware_image_descriptor *image_info,
				585	u32 *descriptor_version,
				586	u8 *descriptor_count,
				587	efi_uintn_t *descriptor_size,
				588	u32 *package_version,
				589	u16 **package_version_name)
				590	{
				591	efi_status_t ret;
				592
				593	EFI_ENTRY("%p %p %p %p %p %p %p %p\n", this,
				594	image_info_size, image_info,
				595	descriptor_version, descriptor_count, descriptor_size,
				596	package_version, package_version_name);
				597
				598	if (!image_info_size)
				599	return EFI_EXIT(EFI_INVALID_PARAMETER);
				600
				601	if (*image_info_size &&
				602	(!image_info \|\| !descriptor_version \|\| !descriptor_count \|\|
				603	!descriptor_size \|\| !package_version \|\| !package_version_name))
				604	return EFI_EXIT(EFI_INVALID_PARAMETER);
				605
Sughosh Ganu	2a9fd7d	2022-04-15 11:29:35 +0530	[diff] [blame]	606	ret = efi_fill_image_desc_array(image_info_size, image_info,
				607	descriptor_version, descriptor_count,
				608	descriptor_size, package_version,
				609	package_version_name);
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	610
				611	return EFI_EXIT(ret);
				612	}
				613
Sughosh Ganu	4ed7261	2022-06-01 23:30:41 +0530	[diff] [blame]	614	#ifdef CONFIG_EFI_CAPSULE_FIRMWARE_FIT
				615	/*
				616	* This FIRMWARE_MANAGEMENT_PROTOCOL driver provides a firmware update
				617	* method with existing FIT image format, and handles
				618	* - multiple regions of firmware via DFU
				619	* but doesn't support
				620	* - versioning of firmware image
				621	* - package information
				622	*/
				623
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	624	/**
				625	* efi_firmware_fit_set_image - update the firmware image
				626	* @this: Protocol instance
				627	* @image_index: Image index number
				628	* @image: New image
				629	* @image_size: Size of new image
				630	* @vendor_code: Vendor-specific update policy
				631	* @progress: Function to report the progress of update
				632	* @abort_reason: Pointer to string of abort reason
				633	*
				634	* Update the firmware to new image, using dfu. The new image should
				635	* have FIT image format commonly used in U-Boot.
				636	* @vendor_code, @progress and @abort_reason are not supported.
				637	*
				638	* Return: status code
				639	*/
				640	static
				641	efi_status_t EFIAPI efi_firmware_fit_set_image(
				642	struct efi_firmware_management_protocol *this,
				643	u8 image_index,
				644	const void *image,
				645	efi_uintn_t image_size,
				646	const void *vendor_code,
				647	efi_status_t (*progress)(efi_uintn_t completion),
				648	u16 **abort_reason)
				649	{
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	650	efi_status_t status;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	651	struct fmp_state state = { 0 };
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	652
Heinrich Schuchardt	94f09e0	2022-02-03 20:13:17 +0100	[diff] [blame]	653	EFI_ENTRY("%p %d %p %zu %p %p %p\n", this, image_index, image,
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	654	image_size, vendor_code, progress, abort_reason);
				655
				656	if (!image \|\| image_index != 1)
				657	return EFI_EXIT(EFI_INVALID_PARAMETER);
				658
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	659	status = efi_firmware_verify_image(&image, &image_size, image_index,
				660	&state);
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	661	if (status != EFI_SUCCESS)
				662	return EFI_EXIT(status);
				663
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	664	if (fit_update(image))
				665	return EFI_EXIT(EFI_DEVICE_ERROR);
				666
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	667	efi_firmware_set_fmp_state_var(&state, image_index);
				668
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	669	return EFI_EXIT(EFI_SUCCESS);
				670	}
				671
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	672	const struct efi_firmware_management_protocol efi_fmp_fit = {
Sughosh Ganu	4ed7261	2022-06-01 23:30:41 +0530	[diff] [blame]	673	.get_image_info = efi_firmware_get_image_info,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	674	.get_image = efi_firmware_get_image_unsupported,
				675	.set_image = efi_firmware_fit_set_image,
				676	.check_image = efi_firmware_check_image_unsupported,
				677	.get_package_info = efi_firmware_get_package_info_unsupported,
				678	.set_package_info = efi_firmware_set_package_info_unsupported,
				679	};
				680	#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_FIT */
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	681
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	682	#ifdef CONFIG_EFI_CAPSULE_FIRMWARE_RAW
				683	/*
				684	* This FIRMWARE_MANAGEMENT_PROTOCOL driver provides a firmware update
				685	* method with raw data.
				686	*/
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	687
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	688	/**
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	689	* efi_firmware_raw_set_image - update the firmware image
				690	* @this: Protocol instance
				691	* @image_index: Image index number
				692	* @image: New image
				693	* @image_size: Size of new image
				694	* @vendor_code: Vendor-specific update policy
				695	* @progress: Function to report the progress of update
				696	* @abort_reason: Pointer to string of abort reason
				697	*
				698	* Update the firmware to new image, using dfu. The new image should
				699	* be a single raw image.
				700	* @vendor_code, @progress and @abort_reason are not supported.
				701	*
				702	* Return: status code
				703	*/
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	704	static
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	705	efi_status_t EFIAPI efi_firmware_raw_set_image(
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	706	struct efi_firmware_management_protocol *this,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	707	u8 image_index,
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	708	const void *image,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	709	efi_uintn_t image_size,
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	710	const void *vendor_code,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	711	efi_status_t (*progress)(efi_uintn_t completion),
				712	u16 **abort_reason)
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	713	{
Sughosh Ganu	1cadae2	2022-10-21 18:16:03 +0530	[diff] [blame]	714	int ret;
Masahisa Kojima	c1c48e4	2024-01-11 14:35:39 +0900	[diff] [blame]	715	u8 dfu_alt_num;
Sughosh Ganu	c9a821b	2020-12-30 19:27:10 +0530	[diff] [blame]	716	efi_status_t status;
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	717	struct fmp_state state = { 0 };
Sughosh Ganu	7221c6e	2020-12-30 19:27:05 +0530	[diff] [blame]	718
Heinrich Schuchardt	94f09e0	2022-02-03 20:13:17 +0100	[diff] [blame]	719	EFI_ENTRY("%p %d %p %zu %p %p %p\n", this, image_index, image,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	720	image_size, vendor_code, progress, abort_reason);
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	721
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	722	if (!image)
				723	return EFI_EXIT(EFI_INVALID_PARAMETER);
				724
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	725	status = efi_firmware_verify_image(&image, &image_size, image_index,
				726	&state);
Vincent Stehlé	6a4625e	2022-05-31 09:55:34 +0200	[diff] [blame]	727	if (status != EFI_SUCCESS)
				728	return EFI_EXIT(status);
Sughosh Ganu	7221c6e	2020-12-30 19:27:05 +0530	[diff] [blame]	729
Masahisa Kojima	c1c48e4	2024-01-11 14:35:39 +0900	[diff] [blame]	730	/*
				731	* dfu_alt_num is assigned from 0 while image_index starts from 1.
				732	* dfu_alt_num is calculated by (image_index - 1) when multi bank update
				733	* is not used.
				734	*/
				735	dfu_alt_num = image_index - 1;
Sughosh Ganu	1cadae2	2022-10-21 18:16:03 +0530	[diff] [blame]	736	if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
				737	/*
				738	* Based on the value of update bank, derive the
				739	* image index value.
				740	*/
Masahisa Kojima	c1c48e4	2024-01-11 14:35:39 +0900	[diff] [blame]	741	ret = fwu_get_dfu_alt_num(image_index, &dfu_alt_num);
Sughosh Ganu	1cadae2	2022-10-21 18:16:03 +0530	[diff] [blame]	742	if (ret) {
				743	log_debug("Unable to get FWU image_index\n");
				744	return EFI_EXIT(EFI_DEVICE_ERROR);
				745	}
				746	}
				747
Masahisa Kojima	c1c48e4	2024-01-11 14:35:39 +0900	[diff] [blame]	748	if (dfu_write_by_alt(dfu_alt_num, (void *)image, image_size,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	749	NULL, NULL))
				750	return EFI_EXIT(EFI_DEVICE_ERROR);
				751
Masahisa Kojima	45a18f0	2023-06-07 14:41:52 +0900	[diff] [blame]	752	efi_firmware_set_fmp_state_var(&state, image_index);
				753
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	754	return EFI_EXIT(EFI_SUCCESS);
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	755	}
				756
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	757	const struct efi_firmware_management_protocol efi_fmp_raw = {
Sughosh Ganu	4ed7261	2022-06-01 23:30:41 +0530	[diff] [blame]	758	.get_image_info = efi_firmware_get_image_info,
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	759	.get_image = efi_firmware_get_image_unsupported,
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	760	.set_image = efi_firmware_raw_set_image,
AKASHI Takahiro	f4818e6	2020-11-30 18:12:12 +0900	[diff] [blame]	761	.check_image = efi_firmware_check_image_unsupported,
				762	.get_package_info = efi_firmware_get_package_info_unsupported,
				763	.set_package_info = efi_firmware_set_package_info_unsupported,
				764	};
AKASHI Takahiro	7ff3f3c	2020-11-17 09:28:00 +0900	[diff] [blame]	765	#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_RAW */