1 /** @file
2 Capsule Runtime Driver produces two UEFI capsule runtime services.
3 (UpdateCapsule, QueryCapsuleCapabilities)
4 It installs the Capsule Architectural Protocol defined in PI1.0a to signify
5 the capsule runtime services are ready.
6
7 Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
8 This program and the accompanying materials
9 are licensed and made available under the terms and conditions of the BSD License
10 which accompanies this distribution. The full text of the license may be found at
11 http://opensource.org/licenses/bsd-license.php
12
13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
14 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15
16 **/
17
18 #include <Uefi.h>
19
20 #include <Protocol/Capsule.h>
21 #include <Guid/CapsuleVendor.h>
22 #include <Guid/FmpCapsule.h>
23
24 #include <Library/DebugLib.h>
25 #include <Library/PcdLib.h>
26 #include <Library/CapsuleLib.h>
27 #include <Library/UefiDriverEntryPoint.h>
28 #include <Library/UefiBootServicesTableLib.h>
29 #include <Library/UefiRuntimeServicesTableLib.h>
30 #include <Library/UefiRuntimeLib.h>
31 #include <Library/BaseLib.h>
32 #include <Library/PrintLib.h>
33 #include <Library/BaseMemoryLib.h>
34 //
35 // Handle for the installation of Capsule Architecture Protocol.
36 //
37 EFI_HANDLE mNewHandle = NULL;
38
39 //
40 // The times of calling UpdateCapsule ()
41 //
42 UINTN mTimes = 0;
43
44 UINT32 mMaxSizePopulateCapsule = 0;
45 UINT32 mMaxSizeNonPopulateCapsule = 0;
46
47 /**
48 Create the variable to save the base address of page table and stack
49 for transferring into long mode in IA32 PEI.
50 **/
51 VOID
52 SaveLongModeContext (
53 VOID
54 );
55
56 /**
57 Passes capsules to the firmware with both virtual and physical mapping. Depending on the intended
58 consumption, the firmware may process the capsule immediately. If the payload should persist
59 across a system reset, the reset value returned from EFI_QueryCapsuleCapabilities must
60 be passed into ResetSystem() and will cause the capsule to be processed by the firmware as
61 part of the reset process.
62
63 @param CapsuleHeaderArray Virtual pointer to an array of virtual pointers to the capsules
64 being passed into update capsule.
65 @param CapsuleCount Number of pointers to EFI_CAPSULE_HEADER in
66 CaspuleHeaderArray.
67 @param ScatterGatherList Physical pointer to a set of
68 EFI_CAPSULE_BLOCK_DESCRIPTOR that describes the
69 location in physical memory of a set of capsules.
70
71 @retval EFI_SUCCESS Valid capsule was passed. If
72 CAPSULE_FLAGS_PERSIT_ACROSS_RESET is not set, the
73 capsule has been successfully processed by the firmware.
74 @retval EFI_DEVICE_ERROR The capsule update was started, but failed due to a device error.
75 @retval EFI_INVALID_PARAMETER CapsuleSize is NULL, or an incompatible set of flags were
76 set in the capsule header.
77 @retval EFI_INVALID_PARAMETER CapsuleCount is Zero.
78 @retval EFI_INVALID_PARAMETER For across reset capsule image, ScatterGatherList is NULL.
79 @retval EFI_UNSUPPORTED CapsuleImage is not recognized by the firmware.
80 @retval EFI_OUT_OF_RESOURCES When ExitBootServices() has been previously called this error indicates the capsule
81 is compatible with this platform but is not capable of being submitted or processed
82 in runtime. The caller may resubmit the capsule prior to ExitBootServices().
83 @retval EFI_OUT_OF_RESOURCES When ExitBootServices() has not been previously called then this error indicates
84 the capsule is compatible with this platform but there are insufficient resources to process.
85
86 **/
87 EFI_STATUS
88 EFIAPI
UpdateCapsule(IN EFI_CAPSULE_HEADER ** CapsuleHeaderArray,IN UINTN CapsuleCount,IN EFI_PHYSICAL_ADDRESS ScatterGatherList OPTIONAL)89 UpdateCapsule (
90 IN EFI_CAPSULE_HEADER **CapsuleHeaderArray,
91 IN UINTN CapsuleCount,
92 IN EFI_PHYSICAL_ADDRESS ScatterGatherList OPTIONAL
93 )
94 {
95 UINTN ArrayNumber;
96 EFI_STATUS Status;
97 EFI_CAPSULE_HEADER *CapsuleHeader;
98 BOOLEAN NeedReset;
99 BOOLEAN InitiateReset;
100 CHAR16 CapsuleVarName[30];
101 CHAR16 *TempVarName;
102
103 //
104 // Capsule Count can't be less than one.
105 //
106 if (CapsuleCount < 1) {
107 return EFI_INVALID_PARAMETER;
108 }
109
110 NeedReset = FALSE;
111 InitiateReset = FALSE;
112 CapsuleHeader = NULL;
113 CapsuleVarName[0] = 0;
114
115 for (ArrayNumber = 0; ArrayNumber < CapsuleCount; ArrayNumber++) {
116 //
117 // A capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE flag must have
118 // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
119 //
120 CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
121 if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE)) == CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) {
122 return EFI_INVALID_PARAMETER;
123 }
124 //
125 // A capsule which has the CAPSULE_FLAGS_INITIATE_RESET flag must have
126 // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
127 //
128 if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_INITIATE_RESET)) == CAPSULE_FLAGS_INITIATE_RESET) {
129 return EFI_INVALID_PARAMETER;
130 }
131
132 //
133 // Check FMP capsule flag
134 //
135 if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)
136 && (CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0 ) {
137 return EFI_INVALID_PARAMETER;
138 }
139
140 //
141 // Check Capsule image without populate flag by firmware support capsule function
142 //
143 if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) == 0) {
144 Status = SupportCapsuleImage (CapsuleHeader);
145 if (EFI_ERROR(Status)) {
146 return Status;
147 }
148 }
149 }
150
151 //
152 // Walk through all capsules, record whether there is a capsule needs reset
153 // or initiate reset. And then process capsules which has no reset flag directly.
154 //
155 for (ArrayNumber = 0; ArrayNumber < CapsuleCount ; ArrayNumber++) {
156 CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
157 //
158 // Here should be in the boot-time for non-reset capsule image
159 // Platform specific update for the non-reset capsule image.
160 //
161 if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) == 0) {
162 if (EfiAtRuntime ()) {
163 Status = EFI_OUT_OF_RESOURCES;
164 } else {
165 Status = ProcessCapsuleImage(CapsuleHeader);
166 }
167 if (EFI_ERROR(Status)) {
168 return Status;
169 }
170 } else {
171 NeedReset = TRUE;
172 if ((CapsuleHeader->Flags & CAPSULE_FLAGS_INITIATE_RESET) != 0) {
173 InitiateReset = TRUE;
174 }
175 }
176 }
177
178 //
179 // After launching all capsules who has no reset flag, if no more capsules claims
180 // for a system reset just return.
181 //
182 if (!NeedReset) {
183 return EFI_SUCCESS;
184 }
185
186 //
187 // ScatterGatherList is only referenced if the capsules are defined to persist across
188 // system reset.
189 //
190 if (ScatterGatherList == (EFI_PHYSICAL_ADDRESS) (UINTN) NULL) {
191 return EFI_INVALID_PARAMETER;
192 }
193
194 //
195 // Check if the platform supports update capsule across a system reset
196 //
197 if (!FeaturePcdGet(PcdSupportUpdateCapsuleReset)) {
198 return EFI_UNSUPPORTED;
199 }
200
201 //
202 // Construct variable name CapsuleUpdateData, CapsuleUpdateData1, CapsuleUpdateData2...
203 // if user calls UpdateCapsule multiple times.
204 //
205 StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CHAR16), EFI_CAPSULE_VARIABLE_NAME);
206 TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
207 if (mTimes > 0) {
208 UnicodeValueToString (TempVarName, 0, mTimes, 0);
209 }
210
211 //
212 // ScatterGatherList is only referenced if the capsules are defined to persist across
213 // system reset. Set its value into NV storage to let pre-boot driver to pick it up
214 // after coming through a system reset.
215 //
216 Status = EfiSetVariable (
217 CapsuleVarName,
218 &gEfiCapsuleVendorGuid,
219 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
220 sizeof (UINTN),
221 (VOID *) &ScatterGatherList
222 );
223 if (!EFI_ERROR (Status)) {
224 //
225 // Variable has been set successfully, increase variable index.
226 //
227 mTimes++;
228 if(InitiateReset) {
229 //
230 // Firmware that encounters a capsule which has the CAPSULE_FLAGS_INITIATE_RESET Flag set in its header
231 // will initiate a reset of the platform which is compatible with the passed-in capsule request and will
232 // not return back to the caller.
233 //
234 EfiResetSystem (EfiResetWarm, EFI_SUCCESS, 0, NULL);
235 }
236 }
237 return Status;
238 }
239
240 /**
241 Returns if the capsule can be supported via UpdateCapsule().
242
243 @param CapsuleHeaderArray Virtual pointer to an array of virtual pointers to the capsules
244 being passed into update capsule.
245 @param CapsuleCount Number of pointers to EFI_CAPSULE_HEADER in
246 CaspuleHeaderArray.
247 @param MaxiumCapsuleSize On output the maximum size that UpdateCapsule() can
248 support as an argument to UpdateCapsule() via
249 CapsuleHeaderArray and ScatterGatherList.
250 @param ResetType Returns the type of reset required for the capsule update.
251
252 @retval EFI_SUCCESS Valid answer returned.
253 @retval EFI_UNSUPPORTED The capsule image is not supported on this platform, and
254 MaximumCapsuleSize and ResetType are undefined.
255 @retval EFI_INVALID_PARAMETER MaximumCapsuleSize is NULL, or ResetTyep is NULL,
256 Or CapsuleCount is Zero, or CapsuleImage is not valid.
257
258 **/
259 EFI_STATUS
260 EFIAPI
QueryCapsuleCapabilities(IN EFI_CAPSULE_HEADER ** CapsuleHeaderArray,IN UINTN CapsuleCount,OUT UINT64 * MaxiumCapsuleSize,OUT EFI_RESET_TYPE * ResetType)261 QueryCapsuleCapabilities (
262 IN EFI_CAPSULE_HEADER **CapsuleHeaderArray,
263 IN UINTN CapsuleCount,
264 OUT UINT64 *MaxiumCapsuleSize,
265 OUT EFI_RESET_TYPE *ResetType
266 )
267 {
268 EFI_STATUS Status;
269 UINTN ArrayNumber;
270 EFI_CAPSULE_HEADER *CapsuleHeader;
271 BOOLEAN NeedReset;
272
273 //
274 // Capsule Count can't be less than one.
275 //
276 if (CapsuleCount < 1) {
277 return EFI_INVALID_PARAMETER;
278 }
279
280 //
281 // Check whether input parameter is valid
282 //
283 if ((MaxiumCapsuleSize == NULL) ||(ResetType == NULL)) {
284 return EFI_INVALID_PARAMETER;
285 }
286
287 CapsuleHeader = NULL;
288 NeedReset = FALSE;
289
290 for (ArrayNumber = 0; ArrayNumber < CapsuleCount; ArrayNumber++) {
291 CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
292 //
293 // A capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE flag must have
294 // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
295 //
296 if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE)) == CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) {
297 return EFI_INVALID_PARAMETER;
298 }
299 //
300 // A capsule which has the CAPSULE_FLAGS_INITIATE_RESET flag must have
301 // CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its header as well.
302 //
303 if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_INITIATE_RESET)) == CAPSULE_FLAGS_INITIATE_RESET) {
304 return EFI_INVALID_PARAMETER;
305 }
306
307 //
308 // Check FMP capsule flag
309 //
310 if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)
311 && (CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0 ) {
312 return EFI_INVALID_PARAMETER;
313 }
314
315 //
316 // Check Capsule image without populate flag is supported by firmware
317 //
318 if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) == 0) {
319 Status = SupportCapsuleImage (CapsuleHeader);
320 if (EFI_ERROR(Status)) {
321 return Status;
322 }
323 }
324 }
325
326 //
327 // Find out whether there is any capsule defined to persist across system reset.
328 //
329 for (ArrayNumber = 0; ArrayNumber < CapsuleCount ; ArrayNumber++) {
330 CapsuleHeader = CapsuleHeaderArray[ArrayNumber];
331 if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
332 NeedReset = TRUE;
333 break;
334 }
335 }
336
337 if (NeedReset) {
338 //
339 //Check if the platform supports update capsule across a system reset
340 //
341 if (!FeaturePcdGet(PcdSupportUpdateCapsuleReset)) {
342 return EFI_UNSUPPORTED;
343 }
344 *ResetType = EfiResetWarm;
345 *MaxiumCapsuleSize = (UINT64) mMaxSizePopulateCapsule;
346 } else {
347 //
348 // For non-reset capsule image.
349 //
350 *ResetType = EfiResetCold;
351 *MaxiumCapsuleSize = (UINT64) mMaxSizeNonPopulateCapsule;
352 }
353
354 return EFI_SUCCESS;
355 }
356
357
358 /**
359
360 This code installs UEFI capsule runtime service.
361
362 @param ImageHandle The firmware allocated handle for the EFI image.
363 @param SystemTable A pointer to the EFI System Table.
364
365 @retval EFI_SUCCESS UEFI Capsule Runtime Services are installed successfully.
366
367 **/
368 EFI_STATUS
369 EFIAPI
CapsuleServiceInitialize(IN EFI_HANDLE ImageHandle,IN EFI_SYSTEM_TABLE * SystemTable)370 CapsuleServiceInitialize (
371 IN EFI_HANDLE ImageHandle,
372 IN EFI_SYSTEM_TABLE *SystemTable
373 )
374 {
375 EFI_STATUS Status;
376
377 mMaxSizePopulateCapsule = PcdGet32(PcdMaxSizePopulateCapsule);
378 mMaxSizeNonPopulateCapsule = PcdGet32(PcdMaxSizeNonPopulateCapsule);
379
380 //
381 // When PEI phase is IA32, DXE phase is X64, it is possible that capsule data are
382 // put above 4GB, so capsule PEI will transfer to long mode to get capsule data.
383 // The page table and stack is used to transfer processor mode from IA32 to long mode.
384 // Create the base address of page table and stack, and save them into variable.
385 // This is not needed when capsule with reset type is not supported.
386 //
387 SaveLongModeContext ();
388
389 //
390 // Install capsule runtime services into UEFI runtime service tables.
391 //
392 gRT->UpdateCapsule = UpdateCapsule;
393 gRT->QueryCapsuleCapabilities = QueryCapsuleCapabilities;
394
395 //
396 // Install the Capsule Architectural Protocol on a new handle
397 // to signify the capsule runtime services are ready.
398 //
399 Status = gBS->InstallMultipleProtocolInterfaces (
400 &mNewHandle,
401 &gEfiCapsuleArchProtocolGuid,
402 NULL,
403 NULL
404 );
405 ASSERT_EFI_ERROR (Status);
406
407 return Status;
408 }
409