blob: 7a3cca279364ecf4bd4877884523d50c93266f15 [file] [log] [blame]
AKASHI Takahirof4818e62020-11-30 18:12:12 +09001// SPDX-License-Identifier: GPL-2.0+
2/*
3 * EFI Firmware management protocol
4 *
5 * Copyright (c) 2020 Linaro Limited
6 * Author: AKASHI Takahiro
7 */
8
9#include <common.h>
10#include <charset.h>
11#include <dfu.h>
12#include <efi_loader.h>
13#include <image.h>
Sughosh Ganu7221c6e2020-12-30 19:27:05 +053014#include <signatures.h>
15
AKASHI Takahirof4818e62020-11-30 18:12:12 +090016#include <linux/list.h>
17
Sughosh Ganu7221c6e2020-12-30 19:27:05 +053018#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1')
19
20/**
21 * struct fmp_payload_header - EDK2 header for the FMP payload
22 *
23 * This structure describes the header which is preprended to the
24 * FMP payload by the edk2 capsule generation scripts.
25 *
26 * @signature: Header signature used to identify the header
27 * @header_size: Size of the structure
28 * @fw_version: Firmware versions used
29 * @lowest_supported_version: Lowest supported version
30 */
31struct fmp_payload_header {
32 u32 signature;
33 u32 header_size;
34 u32 fw_version;
35 u32 lowest_supported_version;
36};
37
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +090038/* Place holder; not supported */
39static
40efi_status_t EFIAPI efi_firmware_get_image_unsupported(
41 struct efi_firmware_management_protocol *this,
42 u8 image_index,
43 void *image,
44 efi_uintn_t *image_size)
45{
46 EFI_ENTRY("%p %d %p %p\n", this, image_index, image, image_size);
47
48 return EFI_EXIT(EFI_UNSUPPORTED);
49}
50
51/* Place holder; not supported */
52static
53efi_status_t EFIAPI efi_firmware_check_image_unsupported(
54 struct efi_firmware_management_protocol *this,
55 u8 image_index,
56 const void *image,
57 efi_uintn_t *image_size,
58 u32 *image_updatable)
59{
60 EFI_ENTRY("%p %d %p %p %p\n", this, image_index, image, image_size,
61 image_updatable);
62
63 return EFI_EXIT(EFI_UNSUPPORTED);
64}
65
66/* Place holder; not supported */
67static
68efi_status_t EFIAPI efi_firmware_get_package_info_unsupported(
69 struct efi_firmware_management_protocol *this,
70 u32 *package_version,
71 u16 **package_version_name,
72 u32 *package_version_name_maxlen,
73 u64 *attributes_supported,
74 u64 *attributes_setting)
75{
76 EFI_ENTRY("%p %p %p %p %p %p\n", this, package_version,
77 package_version_name, package_version_name_maxlen,
78 attributes_supported, attributes_setting);
79
80 return EFI_EXIT(EFI_UNSUPPORTED);
81}
82
83/* Place holder; not supported */
84static
85efi_status_t EFIAPI efi_firmware_set_package_info_unsupported(
86 struct efi_firmware_management_protocol *this,
87 const void *image,
88 efi_uintn_t *image_size,
89 const void *vendor_code,
90 u32 package_version,
91 const u16 *package_version_name)
92{
93 EFI_ENTRY("%p %p %p %p %x %p\n", this, image, image_size, vendor_code,
94 package_version, package_version_name);
95
96 return EFI_EXIT(EFI_UNSUPPORTED);
97}
AKASHI Takahirof4818e62020-11-30 18:12:12 +090098
99/**
100 * efi_get_dfu_info - return information about the current firmware image
101 * @this: Protocol instance
102 * @image_info_size: Size of @image_info
103 * @image_info: Image information
104 * @descriptor_version: Pointer to version number
105 * @descriptor_count: Pointer to number of descriptors
106 * @descriptor_size: Pointer to descriptor size
107 * package_version: Package version
108 * package_version_name: Package version's name
109 * image_type: Image type GUID
110 *
111 * Return information bout the current firmware image in @image_info.
112 * @image_info will consist of a number of descriptors.
113 * Each descriptor will be created based on "dfu_alt_info" variable.
114 *
115 * Return status code
116 */
117static efi_status_t efi_get_dfu_info(
118 efi_uintn_t *image_info_size,
119 struct efi_firmware_image_descriptor *image_info,
120 u32 *descriptor_version,
121 u8 *descriptor_count,
122 efi_uintn_t *descriptor_size,
123 u32 *package_version,
124 u16 **package_version_name,
125 const efi_guid_t *image_type)
126{
127 struct dfu_entity *dfu;
128 size_t names_len, total_size;
129 int dfu_num, i;
130 u16 *name, *next;
131
132 dfu_init_env_entities(NULL, NULL);
133
134 names_len = 0;
135 dfu_num = 0;
136 list_for_each_entry(dfu, &dfu_list, list) {
137 names_len += (utf8_utf16_strlen(dfu->name) + 1) * 2;
138 dfu_num++;
139 }
140 if (!dfu_num) {
141 log_warning("Probably dfu_alt_info not defined\n");
142 *image_info_size = 0;
143 dfu_free_entities();
144
145 return EFI_SUCCESS;
146 }
147
148 total_size = sizeof(*image_info) * dfu_num + names_len;
149 /*
150 * we will assume that sizeof(*image_info) * dfu_name
151 * is, at least, a multiple of 2. So the start address for
152 * image_id_name would be aligned with 2 bytes.
153 */
154 if (*image_info_size < total_size) {
155 *image_info_size = total_size;
156 dfu_free_entities();
157
158 return EFI_BUFFER_TOO_SMALL;
159 }
160 *image_info_size = total_size;
161
162 *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION;
163 *descriptor_count = dfu_num;
164 *descriptor_size = sizeof(*image_info);
165 *package_version = 0xffffffff; /* not supported */
166 *package_version_name = NULL; /* not supported */
167
168 /* DFU alt number should correspond to image_index */
169 i = 0;
170 /* Name area starts just after descriptors */
171 name = (u16 *)((u8 *)image_info + sizeof(*image_info) * dfu_num);
172 next = name;
173 list_for_each_entry(dfu, &dfu_list, list) {
174 image_info[i].image_index = dfu->alt + 1;
175 image_info[i].image_type_id = *image_type;
176 image_info[i].image_id = dfu->alt;
177
178 /* copy the DFU entity name */
179 utf8_utf16_strcpy(&next, dfu->name);
180 image_info[i].image_id_name = name;
181 name = ++next;
182
183 image_info[i].version = 0; /* not supported */
184 image_info[i].version_name = NULL; /* not supported */
185 image_info[i].size = 0;
186 image_info[i].attributes_supported =
Sughosh Ganuc9a821b2020-12-30 19:27:10 +0530187 IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
188 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900189 image_info[i].attributes_setting =
190 IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;
Sughosh Ganuc9a821b2020-12-30 19:27:10 +0530191
192 /* Check if the capsule authentication is enabled */
193 if (env_get("capsule_authentication_enabled"))
194 image_info[0].attributes_setting |=
195 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
196
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900197 image_info[i].lowest_supported_image_version = 0;
198 image_info[i].last_attempt_version = 0;
199 image_info[i].last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS;
200 image_info[i].hardware_instance = 1;
201 image_info[i].dependencies = NULL;
202
203 i++;
204 }
205
206 dfu_free_entities();
207
208 return EFI_SUCCESS;
209}
210
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900211#ifdef CONFIG_EFI_CAPSULE_FIRMWARE_FIT
212/*
213 * This FIRMWARE_MANAGEMENT_PROTOCOL driver provides a firmware update
214 * method with existing FIT image format, and handles
215 * - multiple regions of firmware via DFU
216 * but doesn't support
217 * - versioning of firmware image
218 * - package information
219 */
220const efi_guid_t efi_firmware_image_type_uboot_fit =
221 EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID;
222
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900223/**
224 * efi_firmware_fit_get_image_info - return information about the current
225 * firmware image
226 * @this: Protocol instance
227 * @image_info_size: Size of @image_info
228 * @image_info: Image information
229 * @descriptor_version: Pointer to version number
230 * @descriptor_count: Pointer to number of descriptors
231 * @descriptor_size: Pointer to descriptor size
232 * package_version: Package version
233 * package_version_name: Package version's name
234 *
235 * Return information bout the current firmware image in @image_info.
236 * @image_info will consist of a number of descriptors.
237 * Each descriptor will be created based on "dfu_alt_info" variable.
238 *
239 * Return status code
240 */
241static
242efi_status_t EFIAPI efi_firmware_fit_get_image_info(
243 struct efi_firmware_management_protocol *this,
244 efi_uintn_t *image_info_size,
245 struct efi_firmware_image_descriptor *image_info,
246 u32 *descriptor_version,
247 u8 *descriptor_count,
248 efi_uintn_t *descriptor_size,
249 u32 *package_version,
250 u16 **package_version_name)
251{
252 efi_status_t ret;
253
254 EFI_ENTRY("%p %p %p %p %p %p %p %p\n", this,
255 image_info_size, image_info,
256 descriptor_version, descriptor_count, descriptor_size,
257 package_version, package_version_name);
258
259 if (!image_info_size)
260 return EFI_EXIT(EFI_INVALID_PARAMETER);
261
262 if (*image_info_size &&
263 (!image_info || !descriptor_version || !descriptor_count ||
264 !descriptor_size || !package_version || !package_version_name))
265 return EFI_EXIT(EFI_INVALID_PARAMETER);
266
267 ret = efi_get_dfu_info(image_info_size, image_info,
268 descriptor_version, descriptor_count,
269 descriptor_size,
270 package_version, package_version_name,
271 &efi_firmware_image_type_uboot_fit);
272
273 return EFI_EXIT(ret);
274}
275
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900276/**
277 * efi_firmware_fit_set_image - update the firmware image
278 * @this: Protocol instance
279 * @image_index: Image index number
280 * @image: New image
281 * @image_size: Size of new image
282 * @vendor_code: Vendor-specific update policy
283 * @progress: Function to report the progress of update
284 * @abort_reason: Pointer to string of abort reason
285 *
286 * Update the firmware to new image, using dfu. The new image should
287 * have FIT image format commonly used in U-Boot.
288 * @vendor_code, @progress and @abort_reason are not supported.
289 *
290 * Return: status code
291 */
292static
293efi_status_t EFIAPI efi_firmware_fit_set_image(
294 struct efi_firmware_management_protocol *this,
295 u8 image_index,
296 const void *image,
297 efi_uintn_t image_size,
298 const void *vendor_code,
299 efi_status_t (*progress)(efi_uintn_t completion),
300 u16 **abort_reason)
301{
Simon Glassc665dbf2021-02-07 14:27:02 -0700302 EFI_ENTRY("%p %d %p %zd %p %p %p\n", this, image_index, image,
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900303 image_size, vendor_code, progress, abort_reason);
304
305 if (!image || image_index != 1)
306 return EFI_EXIT(EFI_INVALID_PARAMETER);
307
308 if (fit_update(image))
309 return EFI_EXIT(EFI_DEVICE_ERROR);
310
311 return EFI_EXIT(EFI_SUCCESS);
312}
313
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900314const struct efi_firmware_management_protocol efi_fmp_fit = {
315 .get_image_info = efi_firmware_fit_get_image_info,
316 .get_image = efi_firmware_get_image_unsupported,
317 .set_image = efi_firmware_fit_set_image,
318 .check_image = efi_firmware_check_image_unsupported,
319 .get_package_info = efi_firmware_get_package_info_unsupported,
320 .set_package_info = efi_firmware_set_package_info_unsupported,
321};
322#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_FIT */
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900323
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900324#ifdef CONFIG_EFI_CAPSULE_FIRMWARE_RAW
325/*
326 * This FIRMWARE_MANAGEMENT_PROTOCOL driver provides a firmware update
327 * method with raw data.
328 */
329const efi_guid_t efi_firmware_image_type_uboot_raw =
330 EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900331
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900332/**
333 * efi_firmware_raw_get_image_info - return information about the current
334 firmware image
335 * @this: Protocol instance
336 * @image_info_size: Size of @image_info
337 * @image_info: Image information
338 * @descriptor_version: Pointer to version number
339 * @descriptor_count: Pointer to number of descriptors
340 * @descriptor_size: Pointer to descriptor size
341 * package_version: Package version
342 * package_version_name: Package version's name
343 *
344 * Return information bout the current firmware image in @image_info.
345 * @image_info will consist of a number of descriptors.
346 * Each descriptor will be created based on "dfu_alt_info" variable.
347 *
348 * Return status code
349 */
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900350static
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900351efi_status_t EFIAPI efi_firmware_raw_get_image_info(
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900352 struct efi_firmware_management_protocol *this,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900353 efi_uintn_t *image_info_size,
354 struct efi_firmware_image_descriptor *image_info,
355 u32 *descriptor_version,
356 u8 *descriptor_count,
357 efi_uintn_t *descriptor_size,
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900358 u32 *package_version,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900359 u16 **package_version_name)
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900360{
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900361 efi_status_t ret = EFI_SUCCESS;
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900362
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900363 EFI_ENTRY("%p %p %p %p %p %p %p %p\n", this,
364 image_info_size, image_info,
365 descriptor_version, descriptor_count, descriptor_size,
366 package_version, package_version_name);
367
368 if (!image_info_size)
369 return EFI_EXIT(EFI_INVALID_PARAMETER);
370
371 if (*image_info_size &&
372 (!image_info || !descriptor_version || !descriptor_count ||
373 !descriptor_size || !package_version || !package_version_name))
374 return EFI_EXIT(EFI_INVALID_PARAMETER);
375
376 ret = efi_get_dfu_info(image_info_size, image_info,
377 descriptor_version, descriptor_count,
378 descriptor_size,
379 package_version, package_version_name,
380 &efi_firmware_image_type_uboot_raw);
381
382 return EFI_EXIT(ret);
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900383}
384
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900385/**
386 * efi_firmware_raw_set_image - update the firmware image
387 * @this: Protocol instance
388 * @image_index: Image index number
389 * @image: New image
390 * @image_size: Size of new image
391 * @vendor_code: Vendor-specific update policy
392 * @progress: Function to report the progress of update
393 * @abort_reason: Pointer to string of abort reason
394 *
395 * Update the firmware to new image, using dfu. The new image should
396 * be a single raw image.
397 * @vendor_code, @progress and @abort_reason are not supported.
398 *
399 * Return: status code
400 */
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900401static
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900402efi_status_t EFIAPI efi_firmware_raw_set_image(
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900403 struct efi_firmware_management_protocol *this,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900404 u8 image_index,
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900405 const void *image,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900406 efi_uintn_t image_size,
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900407 const void *vendor_code,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900408 efi_status_t (*progress)(efi_uintn_t completion),
409 u16 **abort_reason)
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900410{
Sughosh Ganu7221c6e2020-12-30 19:27:05 +0530411 u32 fmp_hdr_signature;
412 struct fmp_payload_header *header;
Sughosh Ganuc9a821b2020-12-30 19:27:10 +0530413 void *capsule_payload;
414 efi_status_t status;
415 efi_uintn_t capsule_payload_size;
Sughosh Ganu7221c6e2020-12-30 19:27:05 +0530416
Simon Glassc665dbf2021-02-07 14:27:02 -0700417 EFI_ENTRY("%p %d %p %zd %p %p %p\n", this, image_index, image,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900418 image_size, vendor_code, progress, abort_reason);
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900419
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900420 if (!image)
421 return EFI_EXIT(EFI_INVALID_PARAMETER);
422
Sughosh Ganuc9a821b2020-12-30 19:27:10 +0530423 /* Authenticate the capsule if authentication enabled */
424 if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) &&
425 env_get("capsule_authentication_enabled")) {
426 capsule_payload = NULL;
427 capsule_payload_size = 0;
428 status = efi_capsule_authenticate(image, image_size,
429 &capsule_payload,
430 &capsule_payload_size);
431
432 if (status == EFI_SECURITY_VIOLATION) {
433 printf("Capsule authentication check failed. Aborting update\n");
434 return EFI_EXIT(status);
435 } else if (status != EFI_SUCCESS) {
436 return EFI_EXIT(status);
437 }
438
439 debug("Capsule authentication successfull\n");
440 image = capsule_payload;
441 image_size = capsule_payload_size;
442 } else {
443 debug("Capsule authentication disabled. ");
444 debug("Updating capsule without authenticating.\n");
445 }
446
Sughosh Ganu7221c6e2020-12-30 19:27:05 +0530447 fmp_hdr_signature = FMP_PAYLOAD_HDR_SIGNATURE;
448 header = (void *)image;
449
450 if (!memcmp(&header->signature, &fmp_hdr_signature,
451 sizeof(fmp_hdr_signature))) {
452 /*
453 * When building the capsule with the scripts in
454 * edk2, a FMP header is inserted above the capsule
455 * payload. Compensate for this header to get the
456 * actual payload that is to be updated.
457 */
458 image += header->header_size;
459 image_size -= header->header_size;
460
461 }
462
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900463 if (dfu_write_by_alt(image_index - 1, (void *)image, image_size,
464 NULL, NULL))
465 return EFI_EXIT(EFI_DEVICE_ERROR);
466
467 return EFI_EXIT(EFI_SUCCESS);
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900468}
469
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900470const struct efi_firmware_management_protocol efi_fmp_raw = {
471 .get_image_info = efi_firmware_raw_get_image_info,
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900472 .get_image = efi_firmware_get_image_unsupported,
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900473 .set_image = efi_firmware_raw_set_image,
AKASHI Takahirof4818e62020-11-30 18:12:12 +0900474 .check_image = efi_firmware_check_image_unsupported,
475 .get_package_info = efi_firmware_get_package_info_unsupported,
476 .set_package_info = efi_firmware_set_package_info_unsupported,
477};
AKASHI Takahiro7ff3f3c2020-11-17 09:28:00 +0900478#endif /* CONFIG_EFI_CAPSULE_FIRMWARE_RAW */