blob: 0d5a7b63ec8e2fac403e9845ec0a5f5bdcb943a1 [file] [log] [blame]
AKASHI Takahiro473d9b32020-11-17 09:27:55 +09001// SPDX-License-Identifier: GPL-2.0+
2/*
3 * EFI Capsule
4 *
5 * Copyright (c) 2018 Linaro Limited
6 * Author: AKASHI Takahiro
7 */
8
9#include <common.h>
10#include <efi_loader.h>
11#include <efi_variable.h>
12#include <fs.h>
13#include <malloc.h>
AKASHI Takahiro45b819542020-11-17 09:27:56 +090014#include <mapmem.h>
AKASHI Takahiro473d9b32020-11-17 09:27:55 +090015#include <sort.h>
16
Sughosh Ganu586bb982020-12-30 19:27:09 +053017#include <crypto/pkcs7.h>
18#include <crypto/pkcs7_parser.h>
19#include <linux/err.h>
20
AKASHI Takahiro473d9b32020-11-17 09:27:55 +090021const efi_guid_t efi_guid_capsule_report = EFI_CAPSULE_REPORT_GUID;
AKASHI Takahiro0d963782020-11-30 18:12:11 +090022static const efi_guid_t efi_guid_firmware_management_capsule_id =
23 EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
24const efi_guid_t efi_guid_firmware_management_protocol =
25 EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GUID;
AKASHI Takahiro473d9b32020-11-17 09:27:55 +090026
AKASHI Takahiro45b819542020-11-17 09:27:56 +090027#ifdef CONFIG_EFI_CAPSULE_ON_DISK
28/* for file system access */
29static struct efi_file_handle *bootdev_root;
30#endif
31
AKASHI Takahiro473d9b32020-11-17 09:27:55 +090032/**
33 * get_last_capsule - get the last capsule index
34 *
35 * Retrieve the index of the capsule invoked last time from "CapsuleLast"
36 * variable.
37 *
38 * Return:
39 * * > 0 - the last capsule index invoked
40 * * 0xffff - on error, or no capsule invoked yet
41 */
42static __maybe_unused unsigned int get_last_capsule(void)
43{
44 u16 value16[11]; /* "CapsuleXXXX": non-null-terminated */
45 char value[11], *p;
46 efi_uintn_t size;
47 unsigned long index = 0xffff;
48 efi_status_t ret;
49
50 size = sizeof(value16);
51 ret = efi_get_variable_int(L"CapsuleLast", &efi_guid_capsule_report,
52 NULL, &size, value16, NULL);
53 if (ret != EFI_SUCCESS || u16_strncmp(value16, L"Capsule", 7))
54 goto err;
55
56 p = value;
57 utf16_utf8_strcpy(&p, value16);
58 strict_strtoul(&value[7], 16, &index);
59err:
60 return index;
61}
62
63/**
64 * set_capsule_result - set a result variable
65 * @capsule: Capsule
66 * @return_status: Return status
67 *
68 * Create and set a result variable, "CapsuleXXXX", for the capsule,
69 * @capsule.
70 */
71static __maybe_unused
72void set_capsule_result(int index, struct efi_capsule_header *capsule,
73 efi_status_t return_status)
74{
75 u16 variable_name16[12];
76 struct efi_capsule_result_variable_header result;
77 struct efi_time time;
78 efi_status_t ret;
79
Ilias Apalodimas21575292020-12-31 12:26:46 +020080 efi_create_indexed_name(variable_name16, sizeof(variable_name16),
81 "Capsule", index);
AKASHI Takahiro473d9b32020-11-17 09:27:55 +090082 result.variable_total_size = sizeof(result);
83 result.capsule_guid = capsule->capsule_guid;
84 ret = EFI_CALL((*efi_runtime_services.get_time)(&time, NULL));
85 if (ret == EFI_SUCCESS)
86 memcpy(&result.capsule_processed, &time, sizeof(time));
87 else
88 memset(&result.capsule_processed, 0, sizeof(time));
89 result.capsule_status = return_status;
90 ret = efi_set_variable(variable_name16, &efi_guid_capsule_report,
91 EFI_VARIABLE_NON_VOLATILE |
92 EFI_VARIABLE_BOOTSERVICE_ACCESS |
93 EFI_VARIABLE_RUNTIME_ACCESS,
94 sizeof(result), &result);
95 if (ret)
AKASHI Takahiro0d963782020-11-30 18:12:11 +090096 log_err("EFI: creating %ls failed\n", variable_name16);
AKASHI Takahiro473d9b32020-11-17 09:27:55 +090097}
98
AKASHI Takahiro0d963782020-11-30 18:12:11 +090099#ifdef CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT
100/**
101 * efi_fmp_find - search for Firmware Management Protocol drivers
102 * @image_type: Image type guid
103 * @instance: Instance number
104 * @handles: Handles of FMP drivers
105 * @no_handles: Number of handles
106 *
107 * Search for Firmware Management Protocol drivers, matching the image
108 * type, @image_type and the machine instance, @instance, from the list,
109 * @handles.
110 *
111 * Return:
112 * * Protocol instance - on success
113 * * NULL - on failure
114 */
115static struct efi_firmware_management_protocol *
116efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles,
117 efi_uintn_t no_handles)
118{
119 efi_handle_t *handle;
120 struct efi_firmware_management_protocol *fmp;
121 struct efi_firmware_image_descriptor *image_info, *desc;
122 efi_uintn_t info_size, descriptor_size;
123 u32 descriptor_version;
124 u8 descriptor_count;
125 u32 package_version;
126 u16 *package_version_name;
127 bool found = false;
128 int i, j;
129 efi_status_t ret;
130
131 for (i = 0, handle = handles; i < no_handles; i++, handle++) {
132 ret = EFI_CALL(efi_handle_protocol(
133 *handle,
134 &efi_guid_firmware_management_protocol,
135 (void **)&fmp));
136 if (ret != EFI_SUCCESS)
137 continue;
138
139 /* get device's image info */
140 info_size = 0;
141 image_info = NULL;
142 descriptor_version = 0;
143 descriptor_count = 0;
144 descriptor_size = 0;
145 package_version = 0;
146 package_version_name = NULL;
147 ret = EFI_CALL(fmp->get_image_info(fmp, &info_size,
148 image_info,
149 &descriptor_version,
150 &descriptor_count,
151 &descriptor_size,
152 &package_version,
153 &package_version_name));
154 if (ret != EFI_BUFFER_TOO_SMALL)
155 goto skip;
156
157 image_info = malloc(info_size);
158 if (!image_info)
159 goto skip;
160
161 ret = EFI_CALL(fmp->get_image_info(fmp, &info_size,
162 image_info,
163 &descriptor_version,
164 &descriptor_count,
165 &descriptor_size,
166 &package_version,
167 &package_version_name));
168 if (ret != EFI_SUCCESS ||
169 descriptor_version != EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION)
170 goto skip;
171
172 /* matching */
173 for (j = 0, desc = image_info; j < descriptor_count;
174 j++, desc = (void *)desc + descriptor_size) {
175 log_debug("+++ desc[%d] index: %d, name: %ls\n",
176 j, desc->image_index, desc->image_id_name);
177 if (!guidcmp(&desc->image_type_id, image_type) &&
178 (!instance ||
179 !desc->hardware_instance ||
180 desc->hardware_instance == instance))
181 found = true;
182 }
183
184skip:
185 efi_free_pool(package_version_name);
186 free(image_info);
187 EFI_CALL(efi_close_protocol(
188 (efi_handle_t)fmp,
189 &efi_guid_firmware_management_protocol,
190 NULL, NULL));
191 if (found)
192 return fmp;
193 }
194
195 return NULL;
196}
197
Sughosh Ganu586bb982020-12-30 19:27:09 +0530198#if defined(CONFIG_EFI_CAPSULE_AUTHENTICATE)
199
200const efi_guid_t efi_guid_capsule_root_cert_guid =
201 EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
202
203__weak int efi_get_public_key_data(void **pkey, efi_uintn_t *pkey_len)
204{
205 /* The platform is supposed to provide
206 * a method for getting the public key
207 * stored in the form of efi signature
208 * list
209 */
210 return 0;
211}
212
213efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
214 void **image, efi_uintn_t *image_size)
215{
216 u8 *buf;
217 int ret;
218 void *fdt_pkey, *pkey;
219 efi_uintn_t pkey_len;
220 uint64_t monotonic_count;
221 struct efi_signature_store *truststore;
222 struct pkcs7_message *capsule_sig;
223 struct efi_image_regions *regs;
224 struct efi_firmware_image_authentication *auth_hdr;
225 efi_status_t status;
226
227 status = EFI_SECURITY_VIOLATION;
228 capsule_sig = NULL;
229 truststore = NULL;
230 regs = NULL;
231
232 /* Sanity checks */
233 if (capsule == NULL || capsule_size == 0)
234 goto out;
235
236 auth_hdr = (struct efi_firmware_image_authentication *)capsule;
237 if (capsule_size < sizeof(*auth_hdr))
238 goto out;
239
240 if (auth_hdr->auth_info.hdr.dwLength <=
241 offsetof(struct win_certificate_uefi_guid, cert_data))
242 goto out;
243
244 if (guidcmp(&auth_hdr->auth_info.cert_type, &efi_guid_cert_type_pkcs7))
245 goto out;
246
247 *image = (uint8_t *)capsule + sizeof(auth_hdr->monotonic_count) +
248 auth_hdr->auth_info.hdr.dwLength;
249 *image_size = capsule_size - auth_hdr->auth_info.hdr.dwLength -
250 sizeof(auth_hdr->monotonic_count);
251 memcpy(&monotonic_count, &auth_hdr->monotonic_count,
252 sizeof(monotonic_count));
253
254 /* data to be digested */
255 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * 2, 1);
256 if (!regs)
257 goto out;
258
259 regs->max = 2;
260 efi_image_region_add(regs, (uint8_t *)*image,
261 (uint8_t *)*image + *image_size, 1);
262
263 efi_image_region_add(regs, (uint8_t *)&monotonic_count,
264 (uint8_t *)&monotonic_count + sizeof(monotonic_count),
265 1);
266
267 capsule_sig = efi_parse_pkcs7_header(auth_hdr->auth_info.cert_data,
268 auth_hdr->auth_info.hdr.dwLength
269 - sizeof(auth_hdr->auth_info),
270 &buf);
271 if (IS_ERR(capsule_sig)) {
272 debug("Parsing variable's pkcs7 header failed\n");
273 capsule_sig = NULL;
274 goto out;
275 }
276
277 ret = efi_get_public_key_data(&fdt_pkey, &pkey_len);
278 if (ret < 0)
279 goto out;
280
281 pkey = malloc(pkey_len);
282 if (!pkey)
283 goto out;
284
285 memcpy(pkey, fdt_pkey, pkey_len);
286 truststore = efi_build_signature_store(pkey, pkey_len);
287 if (!truststore)
288 goto out;
289
290 /* verify signature */
291 if (efi_signature_verify(regs, capsule_sig, truststore, NULL)) {
292 debug("Verified\n");
293 } else {
294 debug("Verifying variable's signature failed\n");
295 goto out;
296 }
297
298 status = EFI_SUCCESS;
299
300out:
301 efi_sigstore_free(truststore);
302 pkcs7_free_message(capsule_sig);
303 free(regs);
304
305 return status;
306}
307#else
308efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
309 void **image, efi_uintn_t *image_size)
310{
311 return EFI_UNSUPPORTED;
312}
313#endif /* CONFIG_EFI_CAPSULE_AUTHENTICATE */
314
315
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900316/**
317 * efi_capsule_update_firmware - update firmware from capsule
318 * @capsule_data: Capsule
319 *
320 * Update firmware, using a capsule, @capsule_data. Loading any FMP
321 * drivers embedded in a capsule is not supported.
322 *
323 * Return: status code
324 */
325static efi_status_t efi_capsule_update_firmware(
326 struct efi_capsule_header *capsule_data)
327{
328 struct efi_firmware_management_capsule_header *capsule;
329 struct efi_firmware_management_capsule_image_header *image;
330 size_t capsule_size;
331 void *image_binary, *vendor_code;
332 efi_handle_t *handles;
333 efi_uintn_t no_handles;
334 int item;
335 struct efi_firmware_management_protocol *fmp;
336 u16 *abort_reason;
337 efi_status_t ret = EFI_SUCCESS;
338
339 /* sanity check */
340 if (capsule_data->header_size < sizeof(*capsule) ||
341 capsule_data->header_size >= capsule_data->capsule_image_size)
342 return EFI_INVALID_PARAMETER;
343
344 capsule = (void *)capsule_data + capsule_data->header_size;
345 capsule_size = capsule_data->capsule_image_size
346 - capsule_data->header_size;
347
348 if (capsule->version != 0x00000001)
349 return EFI_UNSUPPORTED;
350
351 handles = NULL;
352 ret = EFI_CALL(efi_locate_handle_buffer(
353 BY_PROTOCOL,
354 &efi_guid_firmware_management_protocol,
355 NULL, &no_handles, (efi_handle_t **)&handles));
356 if (ret != EFI_SUCCESS)
357 return EFI_UNSUPPORTED;
358
359 /* Payload */
360 for (item = capsule->embedded_driver_count;
361 item < capsule->embedded_driver_count
362 + capsule->payload_item_count; item++) {
363 /* sanity check */
364 if ((capsule->item_offset_list[item] + sizeof(*image)
365 >= capsule_size)) {
366 log_err("EFI: A capsule has not enough data\n");
367 ret = EFI_INVALID_PARAMETER;
368 goto out;
369 }
370
371 image = (void *)capsule + capsule->item_offset_list[item];
372
373 if (image->version != 0x00000003) {
374 ret = EFI_UNSUPPORTED;
375 goto out;
376 }
377
378 /* find a device for update firmware */
379 /* TODO: should we pass index as well, or nothing but type? */
380 fmp = efi_fmp_find(&image->update_image_type_id,
381 image->update_hardware_instance,
382 handles, no_handles);
383 if (!fmp) {
384 log_err("EFI Capsule: driver not found for firmware type: %pUl, hardware instance: %lld\n",
385 &image->update_image_type_id,
386 image->update_hardware_instance);
387 ret = EFI_UNSUPPORTED;
388 goto out;
389 }
390
391 /* do update */
392 image_binary = (void *)image + sizeof(*image);
393 vendor_code = image_binary + image->update_image_size;
394
395 abort_reason = NULL;
396 ret = EFI_CALL(fmp->set_image(fmp, image->update_image_index,
397 image_binary,
398 image->update_image_size,
399 vendor_code, NULL,
400 &abort_reason));
401 if (ret != EFI_SUCCESS) {
402 log_err("EFI Capsule: firmware update failed: %ls\n",
403 abort_reason);
404 efi_free_pool(abort_reason);
405 goto out;
406 }
407 }
408
409out:
410 efi_free_pool(handles);
411
412 return ret;
413}
414#else
415static efi_status_t efi_capsule_update_firmware(
416 struct efi_capsule_header *capsule_data)
417{
418 return EFI_UNSUPPORTED;
419}
420#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT */
421
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900422/**
423 * efi_update_capsule() - process information from operating system
424 * @capsule_header_array: Array of virtual address pointers
425 * @capsule_count: Number of pointers in capsule_header_array
426 * @scatter_gather_list: Array of physical address pointers
427 *
428 * This function implements the UpdateCapsule() runtime service.
429 *
430 * See the Unified Extensible Firmware Interface (UEFI) specification for
431 * details.
432 *
433 * Return: status code
434 */
435efi_status_t EFIAPI efi_update_capsule(
436 struct efi_capsule_header **capsule_header_array,
437 efi_uintn_t capsule_count,
438 u64 scatter_gather_list)
439{
440 struct efi_capsule_header *capsule;
441 unsigned int i;
442 efi_status_t ret;
443
444 EFI_ENTRY("%p, %lu, %llu\n", capsule_header_array, capsule_count,
445 scatter_gather_list);
446
447 if (!capsule_count) {
448 ret = EFI_INVALID_PARAMETER;
449 goto out;
450 }
451
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900452 ret = EFI_SUCCESS;
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900453 for (i = 0, capsule = *capsule_header_array; i < capsule_count;
454 i++, capsule = *(++capsule_header_array)) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900455 /* sanity check */
456 if (capsule->header_size < sizeof(*capsule) ||
457 capsule->capsule_image_size < sizeof(*capsule)) {
458 log_err("EFI: A capsule has not enough data\n");
459 continue;
460 }
461
462 log_debug("Capsule[%d] (guid:%pUl)\n",
463 i, &capsule->capsule_guid);
464 if (!guidcmp(&capsule->capsule_guid,
465 &efi_guid_firmware_management_capsule_id)) {
466 ret = efi_capsule_update_firmware(capsule);
467 } else {
468 log_err("EFI: not support capsule type: %pUl\n",
469 &capsule->capsule_guid);
470 ret = EFI_UNSUPPORTED;
471 }
472
473 if (ret != EFI_SUCCESS)
474 goto out;
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900475 }
476out:
477 return EFI_EXIT(ret);
478}
479
480/**
481 * efi_query_capsule_caps() - check if capsule is supported
482 * @capsule_header_array: Array of virtual pointers
483 * @capsule_count: Number of pointers in capsule_header_array
484 * @maximum_capsule_size: Maximum capsule size
485 * @reset_type: Type of reset needed for capsule update
486 *
487 * This function implements the QueryCapsuleCapabilities() runtime service.
488 *
489 * See the Unified Extensible Firmware Interface (UEFI) specification for
490 * details.
491 *
492 * Return: status code
493 */
494efi_status_t EFIAPI efi_query_capsule_caps(
495 struct efi_capsule_header **capsule_header_array,
496 efi_uintn_t capsule_count,
497 u64 *maximum_capsule_size,
498 u32 *reset_type)
499{
500 struct efi_capsule_header *capsule __attribute__((unused));
501 unsigned int i;
502 efi_status_t ret;
503
504 EFI_ENTRY("%p, %lu, %p, %p\n", capsule_header_array, capsule_count,
505 maximum_capsule_size, reset_type);
506
507 if (!maximum_capsule_size) {
508 ret = EFI_INVALID_PARAMETER;
509 goto out;
510 }
511
512 *maximum_capsule_size = U64_MAX;
513 *reset_type = EFI_RESET_COLD;
514
515 ret = EFI_SUCCESS;
516 for (i = 0, capsule = *capsule_header_array; i < capsule_count;
517 i++, capsule = *(++capsule_header_array)) {
518 /* TODO */
519 }
520out:
521 return EFI_EXIT(ret);
522}
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900523
524#ifdef CONFIG_EFI_CAPSULE_ON_DISK
525/**
526 * get_dp_device - retrieve a device path from boot variable
527 * @boot_var: Boot variable name
528 * @device_dp Device path
529 *
530 * Retrieve a device patch from boot variable, @boot_var.
531 *
532 * Return: status code
533 */
534static efi_status_t get_dp_device(u16 *boot_var,
535 struct efi_device_path **device_dp)
536{
537 void *buf = NULL;
538 efi_uintn_t size;
539 struct efi_load_option lo;
540 struct efi_device_path *file_dp;
541 efi_status_t ret;
542
543 size = 0;
544 ret = efi_get_variable_int(boot_var, &efi_global_variable_guid,
545 NULL, &size, NULL, NULL);
546 if (ret == EFI_BUFFER_TOO_SMALL) {
547 buf = malloc(size);
548 if (!buf)
549 return EFI_OUT_OF_RESOURCES;
550 ret = efi_get_variable_int(boot_var, &efi_global_variable_guid,
551 NULL, &size, buf, NULL);
552 }
553 if (ret != EFI_SUCCESS)
554 return ret;
555
556 efi_deserialize_load_option(&lo, buf, &size);
557
558 if (lo.attributes & LOAD_OPTION_ACTIVE) {
559 efi_dp_split_file_path(lo.file_path, device_dp, &file_dp);
560 efi_free_pool(file_dp);
561
562 ret = EFI_SUCCESS;
563 } else {
564 ret = EFI_NOT_FOUND;
565 }
566
567 free(buf);
568
569 return ret;
570}
571
572/**
573 * device_is_present_and_system_part - check if a device exists
574 * @dp Device path
575 *
576 * Check if a device pointed to by the device path, @dp, exists and is
577 * located in UEFI system partition.
578 *
579 * Return: true - yes, false - no
580 */
581static bool device_is_present_and_system_part(struct efi_device_path *dp)
582{
583 efi_handle_t handle;
584
585 handle = efi_dp_find_obj(dp, NULL);
586 if (!handle)
587 return false;
588
589 return efi_disk_is_system_part(handle);
590}
591
592/**
593 * find_boot_device - identify the boot device
594 *
595 * Identify the boot device from boot-related variables as UEFI
596 * specification describes and put its handle into bootdev_root.
597 *
598 * Return: status code
599 */
600static efi_status_t find_boot_device(void)
601{
602 char boot_var[9];
603 u16 boot_var16[9], *p, bootnext, *boot_order = NULL;
604 efi_uintn_t size;
605 int i, num;
606 struct efi_simple_file_system_protocol *volume;
607 struct efi_device_path *boot_dev = NULL;
608 efi_status_t ret;
609
610 /* find active boot device in BootNext */
611 bootnext = 0;
612 size = sizeof(bootnext);
613 ret = efi_get_variable_int(L"BootNext",
614 (efi_guid_t *)&efi_global_variable_guid,
615 NULL, &size, &bootnext, NULL);
616 if (ret == EFI_SUCCESS || ret == EFI_BUFFER_TOO_SMALL) {
617 /* BootNext does exist here */
618 if (ret == EFI_BUFFER_TOO_SMALL || size != sizeof(u16)) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900619 log_err("BootNext must be 16-bit integer\n");
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900620 goto skip;
621 }
622 sprintf((char *)boot_var, "Boot%04X", bootnext);
623 p = boot_var16;
624 utf8_utf16_strcpy(&p, boot_var);
625
626 ret = get_dp_device(boot_var16, &boot_dev);
627 if (ret == EFI_SUCCESS) {
628 if (device_is_present_and_system_part(boot_dev)) {
629 goto out;
630 } else {
631 efi_free_pool(boot_dev);
632 boot_dev = NULL;
633 }
634 }
635 }
636
637skip:
638 /* find active boot device in BootOrder */
639 size = 0;
640 ret = efi_get_variable_int(L"BootOrder", &efi_global_variable_guid,
641 NULL, &size, NULL, NULL);
642 if (ret == EFI_BUFFER_TOO_SMALL) {
643 boot_order = malloc(size);
644 if (!boot_order) {
645 ret = EFI_OUT_OF_RESOURCES;
646 goto out;
647 }
648
649 ret = efi_get_variable_int(L"BootOrder",
650 &efi_global_variable_guid,
651 NULL, &size, boot_order, NULL);
652 }
653 if (ret != EFI_SUCCESS)
654 goto out;
655
656 /* check in higher order */
657 num = size / sizeof(u16);
658 for (i = 0; i < num; i++) {
659 sprintf((char *)boot_var, "Boot%04X", boot_order[i]);
660 p = boot_var16;
661 utf8_utf16_strcpy(&p, boot_var);
662 ret = get_dp_device(boot_var16, &boot_dev);
663 if (ret != EFI_SUCCESS)
664 continue;
665
666 if (device_is_present_and_system_part(boot_dev))
667 break;
668
669 efi_free_pool(boot_dev);
670 boot_dev = NULL;
671 }
672out:
673 if (boot_dev) {
674 u16 *path_str;
675
676 path_str = efi_dp_str(boot_dev);
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900677 log_debug("EFI Capsule: bootdev is %ls\n", path_str);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900678 efi_free_pool(path_str);
679
680 volume = efi_fs_from_path(boot_dev);
681 if (!volume)
682 ret = EFI_DEVICE_ERROR;
683 else
684 ret = EFI_CALL(volume->open_volume(volume,
685 &bootdev_root));
686 efi_free_pool(boot_dev);
687 } else {
688 ret = EFI_NOT_FOUND;
689 }
690 free(boot_order);
691
692 return ret;
693}
694
695/**
696 * efi_capsule_scan_dir - traverse a capsule directory in boot device
697 * @files: Array of file names
698 * @num: Number of elements in @files
699 *
700 * Traverse a capsule directory in boot device.
701 * Called by initialization code, and returns an array of capsule file
702 * names in @files.
703 *
704 * Return: status code
705 */
706static efi_status_t efi_capsule_scan_dir(u16 ***files, unsigned int *num)
707{
708 struct efi_file_handle *dirh;
709 struct efi_file_info *dirent;
710 efi_uintn_t dirent_size, tmp_size;
711 unsigned int count;
712 u16 **tmp_files;
713 efi_status_t ret;
714
715 ret = find_boot_device();
716 if (ret == EFI_NOT_FOUND) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900717 log_debug("EFI Capsule: bootdev is not set\n");
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900718 *num = 0;
719 return EFI_SUCCESS;
720 } else if (ret != EFI_SUCCESS) {
721 return EFI_DEVICE_ERROR;
722 }
723
724 /* count capsule files */
725 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
726 EFI_CAPSULE_DIR,
727 EFI_FILE_MODE_READ, 0));
728 if (ret != EFI_SUCCESS) {
729 *num = 0;
730 return EFI_SUCCESS;
731 }
732
733 dirent_size = 256;
734 dirent = malloc(dirent_size);
735 if (!dirent)
736 return EFI_OUT_OF_RESOURCES;
737
738 count = 0;
739 while (1) {
740 tmp_size = dirent_size;
741 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
742 if (ret == EFI_BUFFER_TOO_SMALL) {
743 dirent = realloc(dirent, tmp_size);
744 if (!dirent) {
745 ret = EFI_OUT_OF_RESOURCES;
746 goto err;
747 }
748 dirent_size = tmp_size;
749 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
750 }
751 if (ret != EFI_SUCCESS)
752 goto err;
753 if (!tmp_size)
754 break;
755
756 if (!(dirent->attribute & EFI_FILE_DIRECTORY) &&
757 u16_strcmp(dirent->file_name, L".") &&
758 u16_strcmp(dirent->file_name, L".."))
759 count++;
760 }
761
762 ret = EFI_CALL((*dirh->setpos)(dirh, 0));
763 if (ret != EFI_SUCCESS)
764 goto err;
765
766 /* make a list */
AKASHI Takahiroc8fc12f2021-01-22 10:43:27 +0900767 tmp_files = malloc(count * sizeof(*tmp_files));
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900768 if (!tmp_files) {
769 ret = EFI_OUT_OF_RESOURCES;
770 goto err;
771 }
772
773 count = 0;
774 while (1) {
775 tmp_size = dirent_size;
776 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
777 if (ret != EFI_SUCCESS)
778 goto err;
779 if (!tmp_size)
780 break;
781
782 if (!(dirent->attribute & EFI_FILE_DIRECTORY) &&
783 u16_strcmp(dirent->file_name, L".") &&
784 u16_strcmp(dirent->file_name, L".."))
785 tmp_files[count++] = u16_strdup(dirent->file_name);
786 }
787 /* ignore an error */
788 EFI_CALL((*dirh->close)(dirh));
789
790 /* in ascii order */
791 /* FIXME: u16 version of strcasecmp */
792 qsort(tmp_files, count, sizeof(*tmp_files),
793 (int (*)(const void *, const void *))strcasecmp);
794 *files = tmp_files;
795 *num = count;
796 ret = EFI_SUCCESS;
797err:
798 free(dirent);
799
800 return ret;
801}
802
803/**
804 * efi_capsule_read_file - read in a capsule file
805 * @filename: File name
806 * @capsule: Pointer to buffer for capsule
807 *
808 * Read a capsule file and put its content in @capsule.
809 *
810 * Return: status code
811 */
812static efi_status_t efi_capsule_read_file(const u16 *filename,
813 struct efi_capsule_header **capsule)
814{
815 struct efi_file_handle *dirh, *fh;
816 struct efi_file_info *file_info = NULL;
817 struct efi_capsule_header *buf = NULL;
818 efi_uintn_t size;
819 efi_status_t ret;
820
821 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
822 EFI_CAPSULE_DIR,
823 EFI_FILE_MODE_READ, 0));
824 if (ret != EFI_SUCCESS)
825 return ret;
826 ret = EFI_CALL((*dirh->open)(dirh, &fh, (u16 *)filename,
827 EFI_FILE_MODE_READ, 0));
828 /* ignore an error */
829 EFI_CALL((*dirh->close)(dirh));
830 if (ret != EFI_SUCCESS)
831 return ret;
832
833 /* file size */
834 size = 0;
835 ret = EFI_CALL((*fh->getinfo)(fh, &efi_file_info_guid,
836 &size, file_info));
837 if (ret == EFI_BUFFER_TOO_SMALL) {
838 file_info = malloc(size);
839 if (!file_info) {
840 ret = EFI_OUT_OF_RESOURCES;
841 goto err;
842 }
843 ret = EFI_CALL((*fh->getinfo)(fh, &efi_file_info_guid,
844 &size, file_info));
845 }
846 if (ret != EFI_SUCCESS)
847 goto err;
848 size = file_info->file_size;
849 free(file_info);
850 buf = malloc(size);
851 if (!buf) {
852 ret = EFI_OUT_OF_RESOURCES;
853 goto err;
854 }
855
856 /* fetch data */
857 ret = EFI_CALL((*fh->read)(fh, &size, buf));
858 if (ret == EFI_SUCCESS) {
859 if (size >= buf->capsule_image_size) {
860 *capsule = buf;
861 } else {
862 free(buf);
863 ret = EFI_INVALID_PARAMETER;
864 }
865 } else {
866 free(buf);
867 }
868err:
869 EFI_CALL((*fh->close)(fh));
870
871 return ret;
872}
873
874/**
875 * efi_capsule_delete_file - delete a capsule file
876 * @filename: File name
877 *
878 * Delete a capsule file from capsule directory.
879 *
880 * Return: status code
881 */
882static efi_status_t efi_capsule_delete_file(const u16 *filename)
883{
884 struct efi_file_handle *dirh, *fh;
885 efi_status_t ret;
886
887 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
888 EFI_CAPSULE_DIR,
889 EFI_FILE_MODE_READ, 0));
890 if (ret != EFI_SUCCESS)
891 return ret;
892 ret = EFI_CALL((*dirh->open)(dirh, &fh, (u16 *)filename,
893 EFI_FILE_MODE_READ, 0));
894 /* ignore an error */
895 EFI_CALL((*dirh->close)(dirh));
896
897 ret = EFI_CALL((*fh->delete)(fh));
898
899 return ret;
900}
901
902/**
903 * efi_capsule_scan_done - reset a scan help function
904 *
905 * Reset a scan help function
906 */
907static void efi_capsule_scan_done(void)
908{
909 EFI_CALL((*bootdev_root->close)(bootdev_root));
910 bootdev_root = NULL;
911}
912
913/**
914 * arch_efi_load_capsule_drivers - initialize capsule drivers
915 *
916 * Architecture or board specific initialization routine
917 *
918 * Return: status code
919 */
920efi_status_t __weak arch_efi_load_capsule_drivers(void)
921{
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900922 __maybe_unused efi_handle_t handle;
923 efi_status_t ret = EFI_SUCCESS;
924
925 if (IS_ENABLED(CONFIG_EFI_CAPSULE_FIRMWARE_FIT)) {
926 handle = NULL;
927 ret = EFI_CALL(efi_install_multiple_protocol_interfaces(
928 &handle, &efi_guid_firmware_management_protocol,
929 &efi_fmp_fit, NULL));
930 }
931
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900932 if (IS_ENABLED(CONFIG_EFI_CAPSULE_FIRMWARE_RAW)) {
933 handle = NULL;
934 ret = EFI_CALL(efi_install_multiple_protocol_interfaces(
935 &efi_root,
936 &efi_guid_firmware_management_protocol,
937 &efi_fmp_raw, NULL));
938 }
939
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900940 return ret;
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900941}
942
943/**
944 * efi_launch_capsule - launch capsules
945 *
946 * Launch all the capsules in system at boot time.
947 * Called by efi init code
948 *
949 * Return: status codde
950 */
951efi_status_t efi_launch_capsules(void)
952{
953 u64 os_indications;
954 efi_uintn_t size;
955 struct efi_capsule_header *capsule = NULL;
956 u16 **files;
957 unsigned int nfiles, index, i;
958 u16 variable_name16[12];
959 efi_status_t ret;
960
961 size = sizeof(os_indications);
962 ret = efi_get_variable_int(L"OsIndications", &efi_global_variable_guid,
963 NULL, &size, &os_indications, NULL);
964 if (ret != EFI_SUCCESS ||
965 !(os_indications
966 & EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED))
967 return EFI_SUCCESS;
968
969 index = get_last_capsule();
970
971 /* Load capsule drivers */
972 ret = arch_efi_load_capsule_drivers();
973 if (ret != EFI_SUCCESS)
974 return ret;
975
976 /*
977 * Find capsules on disk.
978 * All the capsules are collected at the beginning because
979 * capsule files will be removed instantly.
980 */
981 nfiles = 0;
982 files = NULL;
983 ret = efi_capsule_scan_dir(&files, &nfiles);
984 if (ret != EFI_SUCCESS)
985 return ret;
986 if (!nfiles)
987 return EFI_SUCCESS;
988
989 /* Launch capsules */
990 for (i = 0, ++index; i < nfiles; i++, index++) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900991 log_debug("capsule from %ls ...\n", files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900992 if (index > 0xffff)
993 index = 0;
994 ret = efi_capsule_read_file(files[i], &capsule);
995 if (ret == EFI_SUCCESS) {
996 ret = EFI_CALL(efi_update_capsule(&capsule, 1, 0));
997 if (ret != EFI_SUCCESS)
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900998 log_err("EFI Capsule update failed at %ls\n",
999 files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +09001000
1001 free(capsule);
1002 } else {
AKASHI Takahiro0d963782020-11-30 18:12:11 +09001003 log_err("EFI: reading capsule failed: %ls\n", files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +09001004 }
1005 /* create CapsuleXXXX */
1006 set_capsule_result(index, capsule, ret);
1007
1008 /* delete a capsule either in case of success or failure */
1009 ret = efi_capsule_delete_file(files[i]);
1010 if (ret != EFI_SUCCESS)
AKASHI Takahiro0d963782020-11-30 18:12:11 +09001011 log_err("EFI: deleting a capsule file failed: %ls\n",
1012 files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +09001013 }
1014 efi_capsule_scan_done();
1015
1016 for (i = 0; i < nfiles; i++)
1017 free(files[i]);
1018 free(files);
1019
1020 /* CapsuleLast */
Ilias Apalodimas21575292020-12-31 12:26:46 +02001021 efi_create_indexed_name(variable_name16, sizeof(variable_name16),
1022 "Capsule", index - 1);
AKASHI Takahiro45b819542020-11-17 09:27:56 +09001023 efi_set_variable_int(L"CapsuleLast", &efi_guid_capsule_report,
1024 EFI_VARIABLE_READ_ONLY |
1025 EFI_VARIABLE_NON_VOLATILE |
1026 EFI_VARIABLE_BOOTSERVICE_ACCESS |
1027 EFI_VARIABLE_RUNTIME_ACCESS,
1028 22, variable_name16, false);
1029
1030 return ret;
1031}
1032#endif /* CONFIG_EFI_CAPSULE_ON_DISK */