Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 76b708a864c1abee780e441a61f36830a0288301 / . / lib / efi_loader / efi_capsule.c
blob: d39d73108045af12259dcbc0d11c9be3bd856cf1 [file] [log] [blame]
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * EFI Capsule
4 *
5 * Copyright (c) 2018 Linaro Limited
6 * Author: AKASHI Takahiro
7 */
8
9#include <common.h>
10#include <efi_loader.h>
11#include <efi_variable.h>
12#include <fs.h>
13#include <malloc.h>
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]14#include <mapmem.h>
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]15#include <sort.h>
16
Sughosh Ganu586bb982020-12-30 19:27:09 +0530[diff] [blame]17#include <crypto/pkcs7.h>
18#include <crypto/pkcs7_parser.h>
19#include <linux/err.h>
20
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]21const efi_guid_t efi_guid_capsule_report = EFI_CAPSULE_REPORT_GUID;
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]22static const efi_guid_t efi_guid_firmware_management_capsule_id =
23 EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
24const efi_guid_t efi_guid_firmware_management_protocol =
25 EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GUID;
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]26
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]27#ifdef CONFIG_EFI_CAPSULE_ON_DISK
28/* for file system access */
29static struct efi_file_handle *bootdev_root;
30#endif
31
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]32/**
33 * get_last_capsule - get the last capsule index
34 *
35 * Retrieve the index of the capsule invoked last time from "CapsuleLast"
36 * variable.
37 *
38 * Return:
39 * * > 0 - the last capsule index invoked
40 * * 0xffff - on error, or no capsule invoked yet
41 */
42static __maybe_unused unsigned int get_last_capsule(void)
43{
44 u16 value16[11]; /* "CapsuleXXXX": non-null-terminated */
45 char value[11], *p;
46 efi_uintn_t size;
47 unsigned long index = 0xffff;
48 efi_status_t ret;
49
50 size = sizeof(value16);
51 ret = efi_get_variable_int(L"CapsuleLast", &efi_guid_capsule_report,
52 NULL, &size, value16, NULL);
53 if (ret != EFI_SUCCESS || u16_strncmp(value16, L"Capsule", 7))
54 goto err;
55
56 p = value;
57 utf16_utf8_strcpy(&p, value16);
58 strict_strtoul(&value[7], 16, &index);
59err:
60 return index;
61}
62
63/**
64 * set_capsule_result - set a result variable
65 * @capsule: Capsule
66 * @return_status: Return status
67 *
68 * Create and set a result variable, "CapsuleXXXX", for the capsule,
69 * @capsule.
70 */
71static __maybe_unused
72void set_capsule_result(int index, struct efi_capsule_header *capsule,
73 efi_status_t return_status)
74{
75 u16 variable_name16[12];
76 struct efi_capsule_result_variable_header result;
77 struct efi_time time;
78 efi_status_t ret;
79
Ilias Apalodimas21575292020-12-31 12:26:46 +0200[diff] [blame]80 efi_create_indexed_name(variable_name16, sizeof(variable_name16),
81 "Capsule", index);
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]82 result.variable_total_size = sizeof(result);
83 result.capsule_guid = capsule->capsule_guid;
84 ret = EFI_CALL((*efi_runtime_services.get_time)(&time, NULL));
85 if (ret == EFI_SUCCESS)
86 memcpy(&result.capsule_processed, &time, sizeof(time));
87 else
88 memset(&result.capsule_processed, 0, sizeof(time));
89 result.capsule_status = return_status;
90 ret = efi_set_variable(variable_name16, &efi_guid_capsule_report,
91 EFI_VARIABLE_NON_VOLATILE |
92 EFI_VARIABLE_BOOTSERVICE_ACCESS |
93 EFI_VARIABLE_RUNTIME_ACCESS,
94 sizeof(result), &result);
95 if (ret)
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]96 log_err("EFI: creating %ls failed\n", variable_name16);
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]97}
98
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]99#ifdef CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT
100/**
101 * efi_fmp_find - search for Firmware Management Protocol drivers
102 * @image_type: Image type guid
103 * @instance: Instance number
104 * @handles: Handles of FMP drivers
105 * @no_handles: Number of handles
106 *
107 * Search for Firmware Management Protocol drivers, matching the image
108 * type, @image_type and the machine instance, @instance, from the list,
109 * @handles.
110 *
111 * Return:
112 * * Protocol instance - on success
113 * * NULL - on failure
114 */
115static struct efi_firmware_management_protocol *
116efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles,
117 efi_uintn_t no_handles)
118{
119 efi_handle_t *handle;
120 struct efi_firmware_management_protocol *fmp;
121 struct efi_firmware_image_descriptor *image_info, *desc;
122 efi_uintn_t info_size, descriptor_size;
123 u32 descriptor_version;
124 u8 descriptor_count;
125 u32 package_version;
126 u16 *package_version_name;
127 bool found = false;
128 int i, j;
129 efi_status_t ret;
130
131 for (i = 0, handle = handles; i < no_handles; i++, handle++) {
132 ret = EFI_CALL(efi_handle_protocol(
133 *handle,
134 &efi_guid_firmware_management_protocol,
135 (void **)&fmp));
136 if (ret != EFI_SUCCESS)
137 continue;
138
139 /* get device's image info */
140 info_size = 0;
141 image_info = NULL;
142 descriptor_version = 0;
143 descriptor_count = 0;
144 descriptor_size = 0;
145 package_version = 0;
146 package_version_name = NULL;
147 ret = EFI_CALL(fmp->get_image_info(fmp, &info_size,
148 image_info,
149 &descriptor_version,
150 &descriptor_count,
151 &descriptor_size,
152 &package_version,
153 &package_version_name));
154 if (ret != EFI_BUFFER_TOO_SMALL)
155 goto skip;
156
157 image_info = malloc(info_size);
158 if (!image_info)
159 goto skip;
160
161 ret = EFI_CALL(fmp->get_image_info(fmp, &info_size,
162 image_info,
163 &descriptor_version,
164 &descriptor_count,
165 &descriptor_size,
166 &package_version,
167 &package_version_name));
168 if (ret != EFI_SUCCESS ||
169 descriptor_version != EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION)
170 goto skip;
171
172 /* matching */
173 for (j = 0, desc = image_info; j < descriptor_count;
174 j++, desc = (void *)desc + descriptor_size) {
175 log_debug("+++ desc[%d] index: %d, name: %ls\n",
176 j, desc->image_index, desc->image_id_name);
177 if (!guidcmp(&desc->image_type_id, image_type) &&
178 (!instance ||
179 !desc->hardware_instance ||
180 desc->hardware_instance == instance))
181 found = true;
182 }
183
184skip:
185 efi_free_pool(package_version_name);
186 free(image_info);
187 EFI_CALL(efi_close_protocol(
188 (efi_handle_t)fmp,
189 &efi_guid_firmware_management_protocol,
190 NULL, NULL));
191 if (found)
192 return fmp;
193 }
194
195 return NULL;
196}
197
Sughosh Ganu586bb982020-12-30 19:27:09 +0530[diff] [blame]198#if defined(CONFIG_EFI_CAPSULE_AUTHENTICATE)
199
200const efi_guid_t efi_guid_capsule_root_cert_guid =
201 EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
202
203__weak int efi_get_public_key_data(void **pkey, efi_uintn_t *pkey_len)
204{
205 /* The platform is supposed to provide
206 * a method for getting the public key
207 * stored in the form of efi signature
208 * list
209 */
210 return 0;
211}
212
213efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
214 void **image, efi_uintn_t *image_size)
215{
216 u8 *buf;
217 int ret;
218 void *fdt_pkey, *pkey;
219 efi_uintn_t pkey_len;
220 uint64_t monotonic_count;
221 struct efi_signature_store *truststore;
222 struct pkcs7_message *capsule_sig;
223 struct efi_image_regions *regs;
224 struct efi_firmware_image_authentication *auth_hdr;
225 efi_status_t status;
226
227 status = EFI_SECURITY_VIOLATION;
228 capsule_sig = NULL;
229 truststore = NULL;
230 regs = NULL;
231
232 /* Sanity checks */
233 if (capsule == NULL || capsule_size == 0)
234 goto out;
235
236 auth_hdr = (struct efi_firmware_image_authentication *)capsule;
237 if (capsule_size < sizeof(*auth_hdr))
238 goto out;
239
240 if (auth_hdr->auth_info.hdr.dwLength <=
241 offsetof(struct win_certificate_uefi_guid, cert_data))
242 goto out;
243
244 if (guidcmp(&auth_hdr->auth_info.cert_type, &efi_guid_cert_type_pkcs7))
245 goto out;
246
247 *image = (uint8_t *)capsule + sizeof(auth_hdr->monotonic_count) +
248 auth_hdr->auth_info.hdr.dwLength;
249 *image_size = capsule_size - auth_hdr->auth_info.hdr.dwLength -
250 sizeof(auth_hdr->monotonic_count);
251 memcpy(&monotonic_count, &auth_hdr->monotonic_count,
252 sizeof(monotonic_count));
253
254 /* data to be digested */
255 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * 2, 1);
256 if (!regs)
257 goto out;
258
259 regs->max = 2;
260 efi_image_region_add(regs, (uint8_t *)*image,
261 (uint8_t *)*image + *image_size, 1);
262
263 efi_image_region_add(regs, (uint8_t *)&monotonic_count,
264 (uint8_t *)&monotonic_count + sizeof(monotonic_count),
265 1);
266
267 capsule_sig = efi_parse_pkcs7_header(auth_hdr->auth_info.cert_data,
268 auth_hdr->auth_info.hdr.dwLength
269 - sizeof(auth_hdr->auth_info),
270 &buf);
271 if (IS_ERR(capsule_sig)) {
272 debug("Parsing variable's pkcs7 header failed\n");
273 capsule_sig = NULL;
274 goto out;
275 }
276
277 ret = efi_get_public_key_data(&fdt_pkey, &pkey_len);
278 if (ret < 0)
279 goto out;
280
281 pkey = malloc(pkey_len);
282 if (!pkey)
283 goto out;
284
285 memcpy(pkey, fdt_pkey, pkey_len);
286 truststore = efi_build_signature_store(pkey, pkey_len);
287 if (!truststore)
288 goto out;
289
290 /* verify signature */
291 if (efi_signature_verify(regs, capsule_sig, truststore, NULL)) {
292 debug("Verified\n");
293 } else {
294 debug("Verifying variable's signature failed\n");
295 goto out;
296 }
297
298 status = EFI_SUCCESS;
299
300out:
301 efi_sigstore_free(truststore);
302 pkcs7_free_message(capsule_sig);
303 free(regs);
304
305 return status;
306}
307#else
308efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
309 void **image, efi_uintn_t *image_size)
310{
311 return EFI_UNSUPPORTED;
312}
313#endif /* CONFIG_EFI_CAPSULE_AUTHENTICATE */
314
315
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]316/**
317 * efi_capsule_update_firmware - update firmware from capsule
318 * @capsule_data: Capsule
319 *
320 * Update firmware, using a capsule, @capsule_data. Loading any FMP
321 * drivers embedded in a capsule is not supported.
322 *
323 * Return: status code
324 */
325static efi_status_t efi_capsule_update_firmware(
326 struct efi_capsule_header *capsule_data)
327{
328 struct efi_firmware_management_capsule_header *capsule;
329 struct efi_firmware_management_capsule_image_header *image;
330 size_t capsule_size;
331 void *image_binary, *vendor_code;
332 efi_handle_t *handles;
333 efi_uintn_t no_handles;
334 int item;
335 struct efi_firmware_management_protocol *fmp;
336 u16 *abort_reason;
337 efi_status_t ret = EFI_SUCCESS;
338
339 /* sanity check */
340 if (capsule_data->header_size < sizeof(*capsule) ||
341 capsule_data->header_size >= capsule_data->capsule_image_size)
342 return EFI_INVALID_PARAMETER;
343
344 capsule = (void *)capsule_data + capsule_data->header_size;
345 capsule_size = capsule_data->capsule_image_size
346 - capsule_data->header_size;
347
348 if (capsule->version != 0x00000001)
349 return EFI_UNSUPPORTED;
350
351 handles = NULL;
352 ret = EFI_CALL(efi_locate_handle_buffer(
353 BY_PROTOCOL,
354 &efi_guid_firmware_management_protocol,
355 NULL, &no_handles, (efi_handle_t **)&handles));
356 if (ret != EFI_SUCCESS)
357 return EFI_UNSUPPORTED;
358
359 /* Payload */
360 for (item = capsule->embedded_driver_count;
361 item < capsule->embedded_driver_count
362 + capsule->payload_item_count; item++) {
363 /* sanity check */
364 if ((capsule->item_offset_list[item] + sizeof(*image)
365 >= capsule_size)) {
366 log_err("EFI: A capsule has not enough data\n");
367 ret = EFI_INVALID_PARAMETER;
368 goto out;
369 }
370
371 image = (void *)capsule + capsule->item_offset_list[item];
372
373 if (image->version != 0x00000003) {
374 ret = EFI_UNSUPPORTED;
375 goto out;
376 }
377
378 /* find a device for update firmware */
379 /* TODO: should we pass index as well, or nothing but type? */
380 fmp = efi_fmp_find(&image->update_image_type_id,
381 image->update_hardware_instance,
382 handles, no_handles);
383 if (!fmp) {
384 log_err("EFI Capsule: driver not found for firmware type: %pUl, hardware instance: %lld\n",
385 &image->update_image_type_id,
386 image->update_hardware_instance);
387 ret = EFI_UNSUPPORTED;
388 goto out;
389 }
390
391 /* do update */
392 image_binary = (void *)image + sizeof(*image);
393 vendor_code = image_binary + image->update_image_size;
394
395 abort_reason = NULL;
396 ret = EFI_CALL(fmp->set_image(fmp, image->update_image_index,
397 image_binary,
398 image->update_image_size,
399 vendor_code, NULL,
400 &abort_reason));
401 if (ret != EFI_SUCCESS) {
402 log_err("EFI Capsule: firmware update failed: %ls\n",
403 abort_reason);
404 efi_free_pool(abort_reason);
405 goto out;
406 }
407 }
408
409out:
410 efi_free_pool(handles);
411
412 return ret;
413}
414#else
415static efi_status_t efi_capsule_update_firmware(
416 struct efi_capsule_header *capsule_data)
417{
418 return EFI_UNSUPPORTED;
419}
420#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT */
421
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]422/**
423 * efi_update_capsule() - process information from operating system
424 * @capsule_header_array: Array of virtual address pointers
425 * @capsule_count: Number of pointers in capsule_header_array
426 * @scatter_gather_list: Array of physical address pointers
427 *
428 * This function implements the UpdateCapsule() runtime service.
429 *
430 * See the Unified Extensible Firmware Interface (UEFI) specification for
431 * details.
432 *
433 * Return: status code
434 */
435efi_status_t EFIAPI efi_update_capsule(
436 struct efi_capsule_header **capsule_header_array,
437 efi_uintn_t capsule_count,
438 u64 scatter_gather_list)
439{
440 struct efi_capsule_header *capsule;
441 unsigned int i;
442 efi_status_t ret;
443
444 EFI_ENTRY("%p, %lu, %llu\n", capsule_header_array, capsule_count,
445 scatter_gather_list);
446
447 if (!capsule_count) {
448 ret = EFI_INVALID_PARAMETER;
449 goto out;
450 }
451
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]452 ret = EFI_SUCCESS;
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]453 for (i = 0, capsule = *capsule_header_array; i < capsule_count;
454 i++, capsule = *(++capsule_header_array)) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]455 /* sanity check */
456 if (capsule->header_size < sizeof(*capsule) ||
457 capsule->capsule_image_size < sizeof(*capsule)) {
458 log_err("EFI: A capsule has not enough data\n");
459 continue;
460 }
461
462 log_debug("Capsule[%d] (guid:%pUl)\n",
463 i, &capsule->capsule_guid);
464 if (!guidcmp(&capsule->capsule_guid,
465 &efi_guid_firmware_management_capsule_id)) {
466 ret = efi_capsule_update_firmware(capsule);
467 } else {
468 log_err("EFI: not support capsule type: %pUl\n",
469 &capsule->capsule_guid);
470 ret = EFI_UNSUPPORTED;
471 }
472
473 if (ret != EFI_SUCCESS)
474 goto out;
AKASHI Takahiro473d9b32020-11-17 09:27:55 +0900[diff] [blame]475 }
476out:
477 return EFI_EXIT(ret);
478}
479
480/**
481 * efi_query_capsule_caps() - check if capsule is supported
482 * @capsule_header_array: Array of virtual pointers
483 * @capsule_count: Number of pointers in capsule_header_array
484 * @maximum_capsule_size: Maximum capsule size
485 * @reset_type: Type of reset needed for capsule update
486 *
487 * This function implements the QueryCapsuleCapabilities() runtime service.
488 *
489 * See the Unified Extensible Firmware Interface (UEFI) specification for
490 * details.
491 *
492 * Return: status code
493 */
494efi_status_t EFIAPI efi_query_capsule_caps(
495 struct efi_capsule_header **capsule_header_array,
496 efi_uintn_t capsule_count,
497 u64 *maximum_capsule_size,
498 u32 *reset_type)
499{
500 struct efi_capsule_header *capsule __attribute__((unused));
501 unsigned int i;
502 efi_status_t ret;
503
504 EFI_ENTRY("%p, %lu, %p, %p\n", capsule_header_array, capsule_count,
505 maximum_capsule_size, reset_type);
506
507 if (!maximum_capsule_size) {
508 ret = EFI_INVALID_PARAMETER;
509 goto out;
510 }
511
512 *maximum_capsule_size = U64_MAX;
513 *reset_type = EFI_RESET_COLD;
514
515 ret = EFI_SUCCESS;
516 for (i = 0, capsule = *capsule_header_array; i < capsule_count;
517 i++, capsule = *(++capsule_header_array)) {
518 /* TODO */
519 }
520out:
521 return EFI_EXIT(ret);
522}
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]523
524#ifdef CONFIG_EFI_CAPSULE_ON_DISK
525/**
526 * get_dp_device - retrieve a device path from boot variable
527 * @boot_var: Boot variable name
528 * @device_dp Device path
529 *
530 * Retrieve a device patch from boot variable, @boot_var.
531 *
532 * Return: status code
533 */
534static efi_status_t get_dp_device(u16 *boot_var,
535 struct efi_device_path **device_dp)
536{
537 void *buf = NULL;
538 efi_uintn_t size;
539 struct efi_load_option lo;
540 struct efi_device_path *file_dp;
541 efi_status_t ret;
542
543 size = 0;
544 ret = efi_get_variable_int(boot_var, &efi_global_variable_guid,
545 NULL, &size, NULL, NULL);
546 if (ret == EFI_BUFFER_TOO_SMALL) {
547 buf = malloc(size);
548 if (!buf)
549 return EFI_OUT_OF_RESOURCES;
550 ret = efi_get_variable_int(boot_var, &efi_global_variable_guid,
551 NULL, &size, buf, NULL);
552 }
553 if (ret != EFI_SUCCESS)
554 return ret;
555
556 efi_deserialize_load_option(&lo, buf, &size);
557
558 if (lo.attributes & LOAD_OPTION_ACTIVE) {
559 efi_dp_split_file_path(lo.file_path, device_dp, &file_dp);
560 efi_free_pool(file_dp);
561
562 ret = EFI_SUCCESS;
563 } else {
564 ret = EFI_NOT_FOUND;
565 }
566
567 free(buf);
568
569 return ret;
570}
571
572/**
573 * device_is_present_and_system_part - check if a device exists
574 * @dp Device path
575 *
576 * Check if a device pointed to by the device path, @dp, exists and is
577 * located in UEFI system partition.
578 *
579 * Return: true - yes, false - no
580 */
581static bool device_is_present_and_system_part(struct efi_device_path *dp)
582{
583 efi_handle_t handle;
584
585 handle = efi_dp_find_obj(dp, NULL);
586 if (!handle)
587 return false;
588
589 return efi_disk_is_system_part(handle);
590}
591
592/**
593 * find_boot_device - identify the boot device
594 *
595 * Identify the boot device from boot-related variables as UEFI
596 * specification describes and put its handle into bootdev_root.
597 *
598 * Return: status code
599 */
600static efi_status_t find_boot_device(void)
601{
602 char boot_var[9];
603 u16 boot_var16[9], *p, bootnext, *boot_order = NULL;
604 efi_uintn_t size;
605 int i, num;
606 struct efi_simple_file_system_protocol *volume;
607 struct efi_device_path *boot_dev = NULL;
608 efi_status_t ret;
609
610 /* find active boot device in BootNext */
611 bootnext = 0;
612 size = sizeof(bootnext);
613 ret = efi_get_variable_int(L"BootNext",
614 (efi_guid_t *)&efi_global_variable_guid,
615 NULL, &size, &bootnext, NULL);
616 if (ret == EFI_SUCCESS || ret == EFI_BUFFER_TOO_SMALL) {
617 /* BootNext does exist here */
618 if (ret == EFI_BUFFER_TOO_SMALL || size != sizeof(u16)) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]619 log_err("BootNext must be 16-bit integer\n");
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]620 goto skip;
621 }
622 sprintf((char *)boot_var, "Boot%04X", bootnext);
623 p = boot_var16;
624 utf8_utf16_strcpy(&p, boot_var);
625
626 ret = get_dp_device(boot_var16, &boot_dev);
627 if (ret == EFI_SUCCESS) {
628 if (device_is_present_and_system_part(boot_dev)) {
629 goto out;
630 } else {
631 efi_free_pool(boot_dev);
632 boot_dev = NULL;
633 }
634 }
635 }
636
637skip:
638 /* find active boot device in BootOrder */
639 size = 0;
640 ret = efi_get_variable_int(L"BootOrder", &efi_global_variable_guid,
641 NULL, &size, NULL, NULL);
642 if (ret == EFI_BUFFER_TOO_SMALL) {
643 boot_order = malloc(size);
644 if (!boot_order) {
645 ret = EFI_OUT_OF_RESOURCES;
646 goto out;
647 }
648
649 ret = efi_get_variable_int(L"BootOrder",
650 &efi_global_variable_guid,
651 NULL, &size, boot_order, NULL);
652 }
653 if (ret != EFI_SUCCESS)
654 goto out;
655
656 /* check in higher order */
657 num = size / sizeof(u16);
658 for (i = 0; i < num; i++) {
659 sprintf((char *)boot_var, "Boot%04X", boot_order[i]);
660 p = boot_var16;
661 utf8_utf16_strcpy(&p, boot_var);
662 ret = get_dp_device(boot_var16, &boot_dev);
663 if (ret != EFI_SUCCESS)
664 continue;
665
666 if (device_is_present_and_system_part(boot_dev))
667 break;
668
669 efi_free_pool(boot_dev);
670 boot_dev = NULL;
671 }
672out:
673 if (boot_dev) {
674 u16 *path_str;
675
676 path_str = efi_dp_str(boot_dev);
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]677 log_debug("EFI Capsule: bootdev is %ls\n", path_str);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]678 efi_free_pool(path_str);
679
680 volume = efi_fs_from_path(boot_dev);
681 if (!volume)
682 ret = EFI_DEVICE_ERROR;
683 else
684 ret = EFI_CALL(volume->open_volume(volume,
685 &bootdev_root));
686 efi_free_pool(boot_dev);
687 } else {
688 ret = EFI_NOT_FOUND;
689 }
690 free(boot_order);
691
692 return ret;
693}
694
695/**
696 * efi_capsule_scan_dir - traverse a capsule directory in boot device
697 * @files: Array of file names
698 * @num: Number of elements in @files
699 *
700 * Traverse a capsule directory in boot device.
701 * Called by initialization code, and returns an array of capsule file
702 * names in @files.
703 *
704 * Return: status code
705 */
706static efi_status_t efi_capsule_scan_dir(u16 ***files, unsigned int *num)
707{
708 struct efi_file_handle *dirh;
709 struct efi_file_info *dirent;
710 efi_uintn_t dirent_size, tmp_size;
711 unsigned int count;
712 u16 **tmp_files;
713 efi_status_t ret;
714
715 ret = find_boot_device();
716 if (ret == EFI_NOT_FOUND) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]717 log_debug("EFI Capsule: bootdev is not set\n");
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]718 *num = 0;
719 return EFI_SUCCESS;
720 } else if (ret != EFI_SUCCESS) {
721 return EFI_DEVICE_ERROR;
722 }
723
724 /* count capsule files */
725 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
726 EFI_CAPSULE_DIR,
727 EFI_FILE_MODE_READ, 0));
728 if (ret != EFI_SUCCESS) {
729 *num = 0;
730 return EFI_SUCCESS;
731 }
732
733 dirent_size = 256;
734 dirent = malloc(dirent_size);
735 if (!dirent)
736 return EFI_OUT_OF_RESOURCES;
737
738 count = 0;
739 while (1) {
740 tmp_size = dirent_size;
741 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
742 if (ret == EFI_BUFFER_TOO_SMALL) {
743 dirent = realloc(dirent, tmp_size);
744 if (!dirent) {
745 ret = EFI_OUT_OF_RESOURCES;
746 goto err;
747 }
748 dirent_size = tmp_size;
749 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
750 }
751 if (ret != EFI_SUCCESS)
752 goto err;
753 if (!tmp_size)
754 break;
755
Heinrich Schuchardt76b708a2021-02-09 17:45:33 +0100[diff] [blame^]756 if (!(dirent->attribute & EFI_FILE_DIRECTORY))
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]757 count++;
758 }
759
760 ret = EFI_CALL((*dirh->setpos)(dirh, 0));
761 if (ret != EFI_SUCCESS)
762 goto err;
763
764 /* make a list */
AKASHI Takahiroc8fc12f2021-01-22 10:43:27 +0900[diff] [blame]765 tmp_files = malloc(count * sizeof(*tmp_files));
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]766 if (!tmp_files) {
767 ret = EFI_OUT_OF_RESOURCES;
768 goto err;
769 }
770
771 count = 0;
772 while (1) {
773 tmp_size = dirent_size;
774 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
775 if (ret != EFI_SUCCESS)
776 goto err;
777 if (!tmp_size)
778 break;
779
780 if (!(dirent->attribute & EFI_FILE_DIRECTORY) &&
781 u16_strcmp(dirent->file_name, L".") &&
782 u16_strcmp(dirent->file_name, L".."))
783 tmp_files[count++] = u16_strdup(dirent->file_name);
784 }
785 /* ignore an error */
786 EFI_CALL((*dirh->close)(dirh));
787
788 /* in ascii order */
789 /* FIXME: u16 version of strcasecmp */
790 qsort(tmp_files, count, sizeof(*tmp_files),
791 (int (*)(const void *, const void *))strcasecmp);
792 *files = tmp_files;
793 *num = count;
794 ret = EFI_SUCCESS;
795err:
796 free(dirent);
797
798 return ret;
799}
800
801/**
802 * efi_capsule_read_file - read in a capsule file
803 * @filename: File name
804 * @capsule: Pointer to buffer for capsule
805 *
806 * Read a capsule file and put its content in @capsule.
807 *
808 * Return: status code
809 */
810static efi_status_t efi_capsule_read_file(const u16 *filename,
811 struct efi_capsule_header **capsule)
812{
813 struct efi_file_handle *dirh, *fh;
814 struct efi_file_info *file_info = NULL;
815 struct efi_capsule_header *buf = NULL;
816 efi_uintn_t size;
817 efi_status_t ret;
818
819 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
820 EFI_CAPSULE_DIR,
821 EFI_FILE_MODE_READ, 0));
822 if (ret != EFI_SUCCESS)
823 return ret;
824 ret = EFI_CALL((*dirh->open)(dirh, &fh, (u16 *)filename,
825 EFI_FILE_MODE_READ, 0));
826 /* ignore an error */
827 EFI_CALL((*dirh->close)(dirh));
828 if (ret != EFI_SUCCESS)
829 return ret;
830
831 /* file size */
832 size = 0;
833 ret = EFI_CALL((*fh->getinfo)(fh, &efi_file_info_guid,
834 &size, file_info));
835 if (ret == EFI_BUFFER_TOO_SMALL) {
836 file_info = malloc(size);
837 if (!file_info) {
838 ret = EFI_OUT_OF_RESOURCES;
839 goto err;
840 }
841 ret = EFI_CALL((*fh->getinfo)(fh, &efi_file_info_guid,
842 &size, file_info));
843 }
844 if (ret != EFI_SUCCESS)
845 goto err;
846 size = file_info->file_size;
847 free(file_info);
848 buf = malloc(size);
849 if (!buf) {
850 ret = EFI_OUT_OF_RESOURCES;
851 goto err;
852 }
853
854 /* fetch data */
855 ret = EFI_CALL((*fh->read)(fh, &size, buf));
856 if (ret == EFI_SUCCESS) {
857 if (size >= buf->capsule_image_size) {
858 *capsule = buf;
859 } else {
860 free(buf);
861 ret = EFI_INVALID_PARAMETER;
862 }
863 } else {
864 free(buf);
865 }
866err:
867 EFI_CALL((*fh->close)(fh));
868
869 return ret;
870}
871
872/**
873 * efi_capsule_delete_file - delete a capsule file
874 * @filename: File name
875 *
876 * Delete a capsule file from capsule directory.
877 *
878 * Return: status code
879 */
880static efi_status_t efi_capsule_delete_file(const u16 *filename)
881{
882 struct efi_file_handle *dirh, *fh;
883 efi_status_t ret;
884
885 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
886 EFI_CAPSULE_DIR,
887 EFI_FILE_MODE_READ, 0));
888 if (ret != EFI_SUCCESS)
889 return ret;
890 ret = EFI_CALL((*dirh->open)(dirh, &fh, (u16 *)filename,
891 EFI_FILE_MODE_READ, 0));
892 /* ignore an error */
893 EFI_CALL((*dirh->close)(dirh));
894
895 ret = EFI_CALL((*fh->delete)(fh));
896
897 return ret;
898}
899
900/**
901 * efi_capsule_scan_done - reset a scan help function
902 *
903 * Reset a scan help function
904 */
905static void efi_capsule_scan_done(void)
906{
907 EFI_CALL((*bootdev_root->close)(bootdev_root));
908 bootdev_root = NULL;
909}
910
911/**
912 * arch_efi_load_capsule_drivers - initialize capsule drivers
913 *
914 * Architecture or board specific initialization routine
915 *
916 * Return: status code
917 */
918efi_status_t __weak arch_efi_load_capsule_drivers(void)
919{
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900[diff] [blame]920 __maybe_unused efi_handle_t handle;
921 efi_status_t ret = EFI_SUCCESS;
922
923 if (IS_ENABLED(CONFIG_EFI_CAPSULE_FIRMWARE_FIT)) {
924 handle = NULL;
925 ret = EFI_CALL(efi_install_multiple_protocol_interfaces(
926 &handle, &efi_guid_firmware_management_protocol,
927 &efi_fmp_fit, NULL));
928 }
929
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900[diff] [blame]930 if (IS_ENABLED(CONFIG_EFI_CAPSULE_FIRMWARE_RAW)) {
931 handle = NULL;
932 ret = EFI_CALL(efi_install_multiple_protocol_interfaces(
933 &efi_root,
934 &efi_guid_firmware_management_protocol,
935 &efi_fmp_raw, NULL));
936 }
937
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900[diff] [blame]938 return ret;
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]939}
940
941/**
942 * efi_launch_capsule - launch capsules
943 *
944 * Launch all the capsules in system at boot time.
945 * Called by efi init code
946 *
947 * Return: status codde
948 */
949efi_status_t efi_launch_capsules(void)
950{
951 u64 os_indications;
952 efi_uintn_t size;
953 struct efi_capsule_header *capsule = NULL;
954 u16 **files;
955 unsigned int nfiles, index, i;
956 u16 variable_name16[12];
957 efi_status_t ret;
958
959 size = sizeof(os_indications);
960 ret = efi_get_variable_int(L"OsIndications", &efi_global_variable_guid,
961 NULL, &size, &os_indications, NULL);
962 if (ret != EFI_SUCCESS ||
963 !(os_indications
964 & EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED))
965 return EFI_SUCCESS;
966
967 index = get_last_capsule();
968
969 /* Load capsule drivers */
970 ret = arch_efi_load_capsule_drivers();
971 if (ret != EFI_SUCCESS)
972 return ret;
973
974 /*
975 * Find capsules on disk.
976 * All the capsules are collected at the beginning because
977 * capsule files will be removed instantly.
978 */
979 nfiles = 0;
980 files = NULL;
981 ret = efi_capsule_scan_dir(&files, &nfiles);
982 if (ret != EFI_SUCCESS)
983 return ret;
984 if (!nfiles)
985 return EFI_SUCCESS;
986
987 /* Launch capsules */
988 for (i = 0, ++index; i < nfiles; i++, index++) {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]989 log_debug("capsule from %ls ...\n", files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]990 if (index > 0xffff)
991 index = 0;
992 ret = efi_capsule_read_file(files[i], &capsule);
993 if (ret == EFI_SUCCESS) {
994 ret = EFI_CALL(efi_update_capsule(&capsule, 1, 0));
995 if (ret != EFI_SUCCESS)
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]996 log_err("EFI Capsule update failed at %ls\n",
997 files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]998
999 free(capsule);
1000 } else {
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]1001 log_err("EFI: reading capsule failed: %ls\n", files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]1002 }
1003 /* create CapsuleXXXX */
1004 set_capsule_result(index, capsule, ret);
1005
1006 /* delete a capsule either in case of success or failure */
1007 ret = efi_capsule_delete_file(files[i]);
1008 if (ret != EFI_SUCCESS)
AKASHI Takahiro0d963782020-11-30 18:12:11 +0900[diff] [blame]1009 log_err("EFI: deleting a capsule file failed: %ls\n",
1010 files[i]);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]1011 }
1012 efi_capsule_scan_done();
1013
1014 for (i = 0; i < nfiles; i++)
1015 free(files[i]);
1016 free(files);
1017
1018 /* CapsuleLast */
Ilias Apalodimas21575292020-12-31 12:26:46 +0200[diff] [blame]1019 efi_create_indexed_name(variable_name16, sizeof(variable_name16),
1020 "Capsule", index - 1);
AKASHI Takahiro45b819542020-11-17 09:27:56 +0900[diff] [blame]1021 efi_set_variable_int(L"CapsuleLast", &efi_guid_capsule_report,
1022 EFI_VARIABLE_READ_ONLY |
1023 EFI_VARIABLE_NON_VOLATILE |
1024 EFI_VARIABLE_BOOTSERVICE_ACCESS |
1025 EFI_VARIABLE_RUNTIME_ACCESS,
1026 22, variable_name16, false);
1027
1028 return ret;
1029}
1030#endif /* CONFIG_EFI_CAPSULE_ON_DISK */