CapsuleCoalesce.c revision 2e4c9e0158cc10226dc0e2de679bc984e288f18a
1/** @file 2 The logic to process capsule. 3 4Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> 5This program and the accompanying materials 6are licensed and made available under the terms and conditions of the BSD License 7which accompanies this distribution. The full text of the license may be found at 8http://opensource.org/licenses/bsd-license.php 9 10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13**/ 14 15#include <Uefi.h> 16#include <PiPei.h> 17 18#include <Guid/CapsuleVendor.h> 19 20#include <Library/BaseMemoryLib.h> 21#include <Library/DebugLib.h> 22#include <Library/PrintLib.h> 23#include <Library/BaseLib.h> 24 25#define MIN_COALESCE_ADDR (1024 * 1024) 26#define MAX_SUPPORT_CAPSULE_NUM 50 27 28#define EFI_CAPSULE_PEIM_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('C', 'a', 'p', 'D') 29 30typedef struct { 31 UINT32 Signature; 32 UINT32 CapsuleSize; 33} EFI_CAPSULE_PEIM_PRIVATE_DATA; 34 35/** 36 Given a pointer to the capsule block list, info on the available system 37 memory, and the size of a buffer, find a free block of memory where a 38 buffer of the given size can be copied to safely. 39 40 @param BlockList Pointer to head of capsule block descriptors 41 @param MemBase Pointer to the base of memory in which we want to find free space 42 @param MemSize The size of the block of memory pointed to by MemBase 43 @param DataSize How big a free block we want to find 44 45 @return A pointer to a memory block of at least DataSize that lies somewhere 46 between MemBase and (MemBase + MemSize). The memory pointed to does not 47 contain any of the capsule block descriptors or capsule blocks pointed to 48 by the BlockList. 49 50**/ 51UINT8 * 52FindFreeMem ( 53 EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList, 54 UINT8 *MemBase, 55 UINTN MemSize, 56 UINTN DataSize 57 ); 58 59/** 60 Check the integrity of the capsule descriptors. 61 62 @param BlockList Pointer to the capsule descriptors 63 64 @retval NULL BlockList is not valid. 65 @retval LastBlockDesc Last one Block in BlockList 66 67**/ 68EFI_CAPSULE_BLOCK_DESCRIPTOR * 69ValidateCapsuleIntegrity ( 70 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList 71 ); 72 73/** 74 The capsule block descriptors may be fragmented and spread all over memory. 75 To simplify the coalescing of capsule blocks, first coalesce all the 76 capsule block descriptors low in memory. 77 78 The descriptors passed in can be fragmented throughout memory. Here 79 they are relocated into memory to turn them into a contiguous (null 80 terminated) array. 81 82 @param PeiServices pointer to PEI services table 83 @param BlockList pointer to the capsule block descriptors 84 @param MemBase base of system memory in which we can work 85 @param MemSize size of the system memory pointed to by MemBase 86 87 @retval NULL could not relocate the descriptors 88 @retval Pointer to the base of the successfully-relocated block descriptors. 89 90**/ 91EFI_CAPSULE_BLOCK_DESCRIPTOR * 92RelocateBlockDescriptors ( 93 IN EFI_PEI_SERVICES **PeiServices, 94 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList, 95 IN UINT8 *MemBase, 96 IN UINTN MemSize 97 ); 98 99/** 100 Check every capsule header. 101 102 @param CapsuleHeader The pointer to EFI_CAPSULE_HEADER 103 104 @retval FALSE Capsule is OK 105 @retval TRUE Capsule is corrupted 106 107**/ 108BOOLEAN 109IsCapsuleCorrupted ( 110 IN EFI_CAPSULE_HEADER *CapsuleHeader 111 ); 112 113/** 114 Determine if two buffers overlap in memory. 115 116 @param Buff1 pointer to first buffer 117 @param Size1 size of Buff1 118 @param Buff2 pointer to second buffer 119 @param Size2 size of Buff2 120 121 @retval TRUE Buffers overlap in memory. 122 @retval FALSE Buffer doesn't overlap. 123 124**/ 125BOOLEAN 126IsOverlapped ( 127 UINT8 *Buff1, 128 UINTN Size1, 129 UINT8 *Buff2, 130 UINTN Size2 131 ); 132 133/** 134 Given a pointer to a capsule block descriptor, traverse the list to figure 135 out how many legitimate descriptors there are, and how big the capsule it 136 refers to is. 137 138 @param Desc Pointer to the capsule block descriptors 139 NumDescriptors - optional pointer to where to return the number of descriptors 140 CapsuleSize - optional pointer to where to return the capsule size 141 @param NumDescriptors Optional pointer to where to return the number of descriptors 142 @param CapsuleSize Optional pointer to where to return the capsule size 143 144 @retval EFI_NOT_FOUND No descriptors containing data in the list 145 @retval EFI_SUCCESS Return data is valid 146 147**/ 148EFI_STATUS 149GetCapsuleInfo ( 150 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *Desc, 151 IN OUT UINTN *NumDescriptors OPTIONAL, 152 IN OUT UINTN *CapsuleSize OPTIONAL 153 ); 154 155/** 156 Given a pointer to the capsule block list, info on the available system 157 memory, and the size of a buffer, find a free block of memory where a 158 buffer of the given size can be copied to safely. 159 160 @param BlockList Pointer to head of capsule block descriptors 161 @param MemBase Pointer to the base of memory in which we want to find free space 162 @param MemSize The size of the block of memory pointed to by MemBase 163 @param DataSize How big a free block we want to find 164 165 @return A pointer to a memory block of at least DataSize that lies somewhere 166 between MemBase and (MemBase + MemSize). The memory pointed to does not 167 contain any of the capsule block descriptors or capsule blocks pointed to 168 by the BlockList. 169 170**/ 171UINT8 * 172FindFreeMem ( 173 EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList, 174 UINT8 *MemBase, 175 UINTN MemSize, 176 UINTN DataSize 177 ) 178{ 179 UINTN Size; 180 EFI_CAPSULE_BLOCK_DESCRIPTOR *CurrDesc; 181 EFI_CAPSULE_BLOCK_DESCRIPTOR *TempDesc; 182 UINT8 *MemEnd; 183 BOOLEAN Failed; 184 185 // 186 // Need at least enough to copy the data to at the end of the buffer, so 187 // say the end is less the data size for easy comparisons here. 188 // 189 MemEnd = MemBase + MemSize - DataSize; 190 CurrDesc = BlockList; 191 // 192 // Go through all the descriptor blocks and see if any obstruct the range 193 // 194 while (CurrDesc != NULL) { 195 // 196 // Get the size of this block list and see if it's in the way 197 // 198 Failed = FALSE; 199 TempDesc = CurrDesc; 200 Size = sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR); 201 while (TempDesc->Length != 0) { 202 Size += sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR); 203 TempDesc++; 204 } 205 206 if (IsOverlapped (MemBase, DataSize, (UINT8 *) CurrDesc, Size)) { 207 // 208 // Set our new base to the end of this block list and start all over 209 // 210 MemBase = (UINT8 *) CurrDesc + Size; 211 CurrDesc = BlockList; 212 if (MemBase > MemEnd) { 213 return NULL; 214 } 215 216 Failed = TRUE; 217 } 218 // 219 // Now go through all the blocks and make sure none are in the way 220 // 221 while ((CurrDesc->Length != 0) && (!Failed)) { 222 if (IsOverlapped (MemBase, DataSize, (UINT8 *) (UINTN) CurrDesc->Union.DataBlock, (UINTN) CurrDesc->Length)) { 223 // 224 // Set our new base to the end of this block and start all over 225 // 226 Failed = TRUE; 227 MemBase = (UINT8 *) ((UINTN) CurrDesc->Union.DataBlock) + CurrDesc->Length; 228 CurrDesc = BlockList; 229 if (MemBase > MemEnd) { 230 return NULL; 231 } 232 } 233 CurrDesc++; 234 } 235 // 236 // Normal continuation -- jump to next block descriptor list 237 // 238 if (!Failed) { 239 CurrDesc = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) CurrDesc->Union.ContinuationPointer; 240 } 241 } 242 return MemBase; 243} 244 245/** 246 Check the integrity of the capsule descriptors. 247 248 @param BlockList Pointer to the capsule descriptors 249 250 @retval NULL BlockList is not valid. 251 @retval LastBlockDesc Last one Block in BlockList 252 253**/ 254EFI_CAPSULE_BLOCK_DESCRIPTOR * 255ValidateCapsuleIntegrity ( 256 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList 257 ) 258{ 259 EFI_CAPSULE_HEADER *CapsuleHeader; 260 UINT64 CapsuleSize; 261 UINT32 CapsuleCount; 262 EFI_CAPSULE_BLOCK_DESCRIPTOR *Ptr; 263 264 // 265 // Go through the list to look for inconsistencies. Check for: 266 // * misaligned block descriptors. 267 // * The first capsule header guid 268 // * The first capsule header flag 269 // * Data + Length < Data (wrap) 270 CapsuleSize = 0; 271 CapsuleCount = 0; 272 Ptr = BlockList; 273 while ((Ptr->Length != 0) || (Ptr->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL)) { 274 // 275 // Make sure the descriptor is aligned at UINT64 in memory 276 // 277 if ((UINTN) Ptr & 0x07) { 278 DEBUG ((EFI_D_ERROR, "BlockList address failed alignment check\n")); 279 return NULL; 280 } 281 282 if (Ptr->Length == 0) { 283 // 284 // Descriptor points to another list of block descriptors somewhere 285 // else. 286 // 287 Ptr = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) Ptr->Union.ContinuationPointer; 288 } else { 289 // 290 //To enhance the reliability of check-up, the first capsule's header is checked here. 291 //More reliabilities check-up will do later. 292 // 293 if (CapsuleSize == 0) { 294 // 295 //Move to the first capsule to check its header. 296 // 297 CapsuleHeader = (EFI_CAPSULE_HEADER*)((UINTN)Ptr->Union.DataBlock); 298 if (IsCapsuleCorrupted (CapsuleHeader)) { 299 return NULL; 300 } 301 CapsuleCount ++; 302 CapsuleSize = CapsuleHeader->CapsuleImageSize; 303 } else { 304 if (CapsuleSize >= Ptr->Length) { 305 CapsuleSize = CapsuleSize - Ptr->Length; 306 } else { 307 CapsuleSize = 0; 308 } 309 } 310 // 311 // Move to next BLOCK descriptor 312 // 313 Ptr++; 314 } 315 } 316 317 if (CapsuleCount == 0) { 318 // 319 // No any capsule is found in BlockList. 320 // 321 return NULL; 322 } 323 324 return Ptr; 325} 326 327/** 328 The capsule block descriptors may be fragmented and spread all over memory. 329 To simplify the coalescing of capsule blocks, first coalesce all the 330 capsule block descriptors low in memory. 331 332 The descriptors passed in can be fragmented throughout memory. Here 333 they are relocated into memory to turn them into a contiguous (null 334 terminated) array. 335 336 @param PeiServices pointer to PEI services table 337 @param BlockList pointer to the capsule block descriptors 338 @param MemBase base of system memory in which we can work 339 @param MemSize size of the system memory pointed to by MemBase 340 341 @retval NULL could not relocate the descriptors 342 @retval Pointer to the base of the successfully-relocated block descriptors. 343 344**/ 345EFI_CAPSULE_BLOCK_DESCRIPTOR * 346RelocateBlockDescriptors ( 347 IN EFI_PEI_SERVICES **PeiServices, 348 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList, 349 IN UINT8 *MemBase, 350 IN UINTN MemSize 351 ) 352{ 353 EFI_CAPSULE_BLOCK_DESCRIPTOR *NewBlockList; 354 EFI_CAPSULE_BLOCK_DESCRIPTOR *CurrBlockDescHead; 355 EFI_CAPSULE_BLOCK_DESCRIPTOR *TempBlockDesc; 356 EFI_CAPSULE_BLOCK_DESCRIPTOR *PrevBlockDescTail; 357 UINTN NumDescriptors; 358 UINTN BufferSize; 359 UINT8 *RelocBuffer; 360 UINTN BlockListSize; 361 // 362 // Get the info on the blocks and descriptors. Since we're going to move 363 // the descriptors low in memory, adjust the base/size values accordingly here. 364 // GetCapsuleInfo() returns the number of legit descriptors, so add one for 365 // a terminator. 366 // 367 if (GetCapsuleInfo (BlockList, &NumDescriptors, NULL) != EFI_SUCCESS) { 368 return NULL; 369 } 370 371 NumDescriptors++; 372 BufferSize = NumDescriptors * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR); 373 NewBlockList = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) MemBase; 374 if (MemSize < BufferSize) { 375 return NULL; 376 } 377 378 MemSize -= BufferSize; 379 MemBase += BufferSize; 380 // 381 // Go through all the blocks and make sure none are in the way 382 // 383 TempBlockDesc = BlockList; 384 while (TempBlockDesc->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL) { 385 if (TempBlockDesc->Length == 0) { 386 // 387 // Next block of descriptors 388 // 389 TempBlockDesc = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) TempBlockDesc->Union.ContinuationPointer; 390 } else { 391 // 392 // If the capsule data pointed to by this descriptor is in the way, 393 // move it. 394 // 395 if (IsOverlapped ( 396 (UINT8 *) NewBlockList, 397 BufferSize, 398 (UINT8 *) (UINTN) TempBlockDesc->Union.DataBlock, 399 (UINTN) TempBlockDesc->Length 400 )) { 401 // 402 // Relocate the block 403 // 404 RelocBuffer = FindFreeMem (BlockList, MemBase, MemSize, (UINTN) TempBlockDesc->Length); 405 if (RelocBuffer == NULL) { 406 return NULL; 407 } 408 409 CopyMem ((VOID *) RelocBuffer, (VOID *) (UINTN) TempBlockDesc->Union.DataBlock, (UINTN) TempBlockDesc->Length); 410 TempBlockDesc->Union.DataBlock = (EFI_PHYSICAL_ADDRESS) (UINTN) RelocBuffer; 411 412 DEBUG ((EFI_D_INFO, "Capsule relocate descriptors from/to/size 0x%X 0x%X 0x%X\n", (UINT32)(UINTN)TempBlockDesc->Union.DataBlock, (UINT32)(UINTN)RelocBuffer, (UINT32)(UINTN)TempBlockDesc->Length)); 413 } 414 } 415 TempBlockDesc++; 416 } 417 // 418 // Now go through all the block descriptors to make sure that they're not 419 // in the memory region we want to copy them to. 420 // 421 CurrBlockDescHead = BlockList; 422 PrevBlockDescTail = NULL; 423 while ((CurrBlockDescHead != NULL) && (CurrBlockDescHead->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL)) { 424 // 425 // Get the size of this list then see if it overlaps our low region 426 // 427 TempBlockDesc = CurrBlockDescHead; 428 BlockListSize = sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR); 429 while (TempBlockDesc->Length != 0) { 430 BlockListSize += sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR); 431 TempBlockDesc++; 432 } 433 434 if (IsOverlapped ( 435 (UINT8 *) NewBlockList, 436 BufferSize, 437 (UINT8 *) CurrBlockDescHead, 438 BlockListSize 439 )) { 440 // 441 // Overlaps, so move it out of the way 442 // 443 RelocBuffer = FindFreeMem (BlockList, MemBase, MemSize, BlockListSize); 444 if (RelocBuffer == NULL) { 445 return NULL; 446 } 447 CopyMem ((VOID *) RelocBuffer, (VOID *) CurrBlockDescHead, BlockListSize); 448 DEBUG ((EFI_D_INFO, "Capsule reloc descriptor block #2\n")); 449 // 450 // Point the previous block's next point to this copied version. If 451 // the tail pointer is null, then this is the first descriptor block. 452 // 453 if (PrevBlockDescTail == NULL) { 454 BlockList = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) RelocBuffer; 455 } else { 456 PrevBlockDescTail->Union.DataBlock = (EFI_PHYSICAL_ADDRESS) (UINTN) RelocBuffer; 457 } 458 } 459 // 460 // Save our new tail and jump to the next block list 461 // 462 PrevBlockDescTail = TempBlockDesc; 463 CurrBlockDescHead = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) TempBlockDesc->Union.ContinuationPointer; 464 } 465 // 466 // Cleared out low memory. Now copy the descriptors down there. 467 // 468 TempBlockDesc = BlockList; 469 CurrBlockDescHead = NewBlockList; 470 while ((TempBlockDesc != NULL) && (TempBlockDesc->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL)) { 471 if (TempBlockDesc->Length != 0) { 472 CurrBlockDescHead->Union.DataBlock = TempBlockDesc->Union.DataBlock; 473 CurrBlockDescHead->Length = TempBlockDesc->Length; 474 CurrBlockDescHead++; 475 TempBlockDesc++; 476 } else { 477 TempBlockDesc = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) TempBlockDesc->Union.ContinuationPointer; 478 } 479 } 480 // 481 // Null terminate 482 // 483 CurrBlockDescHead->Union.ContinuationPointer = (EFI_PHYSICAL_ADDRESS) (UINTN) NULL; 484 CurrBlockDescHead->Length = 0; 485 return NewBlockList; 486} 487 488/** 489 Determine if two buffers overlap in memory. 490 491 @param Buff1 pointer to first buffer 492 @param Size1 size of Buff1 493 @param Buff2 pointer to second buffer 494 @param Size2 size of Buff2 495 496 @retval TRUE Buffers overlap in memory. 497 @retval FALSE Buffer doesn't overlap. 498 499**/ 500BOOLEAN 501IsOverlapped ( 502 UINT8 *Buff1, 503 UINTN Size1, 504 UINT8 *Buff2, 505 UINTN Size2 506 ) 507{ 508 // 509 // If buff1's end is less than the start of buff2, then it's ok. 510 // Also, if buff1's start is beyond buff2's end, then it's ok. 511 // 512 if (((Buff1 + Size1) <= Buff2) || (Buff1 >= (Buff2 + Size2))) { 513 return FALSE; 514 } 515 516 return TRUE; 517} 518 519/** 520 Given a pointer to a capsule block descriptor, traverse the list to figure 521 out how many legitimate descriptors there are, and how big the capsule it 522 refers to is. 523 524 @param Desc Pointer to the capsule block descriptors 525 NumDescriptors - optional pointer to where to return the number of descriptors 526 CapsuleSize - optional pointer to where to return the capsule size 527 @param NumDescriptors Optional pointer to where to return the number of descriptors 528 @param CapsuleSize Optional pointer to where to return the capsule size 529 530 @retval EFI_NOT_FOUND No descriptors containing data in the list 531 @retval EFI_SUCCESS Return data is valid 532 533**/ 534EFI_STATUS 535GetCapsuleInfo ( 536 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *Desc, 537 IN OUT UINTN *NumDescriptors OPTIONAL, 538 IN OUT UINTN *CapsuleSize OPTIONAL 539 ) 540{ 541 UINTN Count; 542 UINTN Size; 543 544 ASSERT (Desc != NULL); 545 546 Count = 0; 547 Size = 0; 548 549 while (Desc->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL) { 550 if (Desc->Length == 0) { 551 // 552 // Descriptor points to another list of block descriptors somewhere 553 // 554 Desc = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) Desc->Union.ContinuationPointer; 555 } else { 556 Size += (UINTN) Desc->Length; 557 Count++; 558 Desc++; 559 } 560 } 561 // 562 // If no descriptors, then fail 563 // 564 if (Count == 0) { 565 return EFI_NOT_FOUND; 566 } 567 568 if (NumDescriptors != NULL) { 569 *NumDescriptors = Count; 570 } 571 572 if (CapsuleSize != NULL) { 573 *CapsuleSize = Size; 574 } 575 576 return EFI_SUCCESS; 577} 578 579/** 580 Check every capsule header. 581 582 @param CapsuleHeader The pointer to EFI_CAPSULE_HEADER 583 584 @retval FALSE Capsule is OK 585 @retval TRUE Capsule is corrupted 586 587**/ 588BOOLEAN 589IsCapsuleCorrupted ( 590 IN EFI_CAPSULE_HEADER *CapsuleHeader 591 ) 592{ 593 // 594 //A capsule to be updated across a system reset should contain CAPSULE_FLAGS_PERSIST_ACROSS_RESET. 595 // 596 if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) == 0) { 597 return TRUE; 598 } 599 // 600 //Make sure the flags combination is supported by the platform. 601 // 602 if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE)) == CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) { 603 return TRUE; 604 } 605 if ((CapsuleHeader->Flags & (CAPSULE_FLAGS_PERSIST_ACROSS_RESET | CAPSULE_FLAGS_INITIATE_RESET)) == CAPSULE_FLAGS_INITIATE_RESET) { 606 return TRUE; 607 } 608 609 return FALSE; 610} 611 612/** 613 Try to verify the integrity of a capsule test pattern before the 614 capsule gets coalesced. This can be useful in narrowing down 615 where capsule data corruption occurs. 616 617 The test pattern mode fills in memory with a counting UINT32 value. 618 If the capsule is not divided up in a multiple of 4-byte blocks, then 619 things get messy doing the check. Therefore there are some cases 620 here where we just give up and skip the pre-coalesce check. 621 622 @param PeiServices PEI services table 623 @param Desc Pointer to capsule descriptors 624**/ 625VOID 626CapsuleTestPatternPreCoalesce ( 627 IN EFI_PEI_SERVICES **PeiServices, 628 IN EFI_CAPSULE_BLOCK_DESCRIPTOR *Desc 629 ) 630{ 631 UINT32 *TestPtr; 632 UINT32 TestCounter; 633 UINT32 TestSize; 634 // 635 // Find first data descriptor 636 // 637 while ((Desc->Length == 0) && (Desc->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL)) { 638 Desc = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) Desc->Union.ContinuationPointer; 639 } 640 641 if (Desc->Union.ContinuationPointer == 0) { 642 return ; 643 } 644 // 645 // First one better be long enough to at least hold the test signature 646 // 647 if (Desc->Length < sizeof (UINT32)) { 648 DEBUG ((EFI_D_INFO, "Capsule test pattern pre-coalesce punted #1\n")); 649 return ; 650 } 651 652 TestPtr = (UINT32 *) (UINTN) Desc->Union.DataBlock; 653 // 654 // 0x54534554 "TEST" 655 // 656 if (*TestPtr != 0x54534554) { 657 return ; 658 } 659 660 TestCounter = 0; 661 TestSize = (UINT32) Desc->Length - 2 * sizeof (UINT32); 662 // 663 // Skip over the signature and the size fields in the pattern data header 664 // 665 TestPtr += 2; 666 while (1) { 667 if ((TestSize & 0x03) != 0) { 668 DEBUG ((EFI_D_INFO, "Capsule test pattern pre-coalesce punted #2\n")); 669 return ; 670 } 671 672 while (TestSize > 0) { 673 if (*TestPtr != TestCounter) { 674 DEBUG ((EFI_D_INFO, "Capsule test pattern pre-coalesce failed data corruption check\n")); 675 return ; 676 } 677 678 TestSize -= sizeof (UINT32); 679 TestCounter++; 680 TestPtr++; 681 } 682 Desc++; 683 while ((Desc->Length == 0) && (Desc->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL)) { 684 Desc = (EFI_CAPSULE_BLOCK_DESCRIPTOR *) (UINTN) Desc->Union.ContinuationPointer; 685 } 686 687 if (Desc->Union.ContinuationPointer == (EFI_PHYSICAL_ADDRESS) (UINTN) NULL) { 688 return ; 689 } 690 TestSize = (UINT32) Desc->Length; 691 TestPtr = (UINT32 *) (UINTN) Desc->Union.DataBlock; 692 } 693} 694 695/** 696 Checks for the presence of capsule descriptors. 697 Get capsule descriptors from variable CapsuleUpdateData, CapsuleUpdateData1, CapsuleUpdateData2... 698 699 @param BlockListBuffer Pointer to the buffer of capsule descriptors variables 700 @param BlockDescriptorList Pointer to the capsule descriptors list 701 702 @retval EFI_SUCCESS a valid capsule is present 703 @retval EFI_NOT_FOUND if a valid capsule is not present 704**/ 705EFI_STATUS 706BuildCapsuleDescriptors ( 707 IN EFI_PHYSICAL_ADDRESS *BlockListBuffer, 708 OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptorList 709 ) 710{ 711 UINTN Index; 712 EFI_CAPSULE_BLOCK_DESCRIPTOR *LastBlock; 713 EFI_CAPSULE_BLOCK_DESCRIPTOR *TempBlock; 714 EFI_CAPSULE_BLOCK_DESCRIPTOR *HeadBlock; 715 716 LastBlock = NULL; 717 HeadBlock = NULL; 718 TempBlock = NULL; 719 Index = 0; 720 721 while (BlockListBuffer[Index] != 0) { 722 if (Index == 0) { 723 // 724 // For the first Capsule Image, test integrity of descriptors. 725 // 726 LastBlock = ValidateCapsuleIntegrity ((EFI_CAPSULE_BLOCK_DESCRIPTOR *)(UINTN)BlockListBuffer[Index]); 727 if (LastBlock == NULL) { 728 return EFI_NOT_FOUND; 729 } 730 // 731 // Return the base of the block descriptors 732 // 733 HeadBlock = (EFI_CAPSULE_BLOCK_DESCRIPTOR *)(UINTN)BlockListBuffer[Index]; 734 } else { 735 // 736 // Test integrity of descriptors. 737 // 738 TempBlock = ValidateCapsuleIntegrity ((EFI_CAPSULE_BLOCK_DESCRIPTOR *)(UINTN)BlockListBuffer[Index]); 739 if (TempBlock == NULL) { 740 return EFI_NOT_FOUND; 741 } 742 // 743 // Combine the different BlockList into single BlockList. 744 // 745 LastBlock->Union.DataBlock = (EFI_PHYSICAL_ADDRESS)(UINTN)BlockListBuffer[Index]; 746 LastBlock->Length = 0; 747 LastBlock = TempBlock; 748 } 749 Index ++; 750 } 751 752 if (HeadBlock != NULL) { 753 *BlockDescriptorList = HeadBlock; 754 return EFI_SUCCESS; 755 } 756 return EFI_NOT_FOUND; 757} 758 759/** 760 The function to coalesce a fragmented capsule in memory. 761 762 Memory Map for coalesced capsule: 763 MemBase + ---->+---------------------------+<-----------+ 764 MemSize | CapsuleOffset[49] | | 765 +---------------------------+ | 766 | ................ | | 767 +---------------------------+ | 768 | CapsuleOffset[2] | | 769 +---------------------------+ | 770 | CapsuleOffset[1] | | 771 +---------------------------+ | 772 | CapsuleOffset[0] | CapsuleSize 773 +---------------------------+ | 774 | CapsuleNumber | | 775 +---------------------------+ | 776 | | | 777 | | | 778 | Capsule Image | | 779 | | | 780 | | | 781 +---------------------------+ | 782 | PrivateData | | 783 DestPtr ----> +---------------------------+<-----------+ 784 | | | 785 | FreeMem | FreeMemSize 786 | | | 787 FreeMemBase --->+---------------------------+<-----------+ 788 | Terminator | 789 +---------------------------+ 790 | BlockDescriptor n | 791 +---------------------------+ 792 | ................. | 793 +---------------------------+ 794 | BlockDescriptor 1 | 795 +---------------------------+ 796 | BlockDescriptor 0 | 797 +---------------------------+ 798 | PrivateDataDesc 0 | 799 MemBase ---->+---------------------------+<----- BlockList 800 801 @param PeiServices General purpose services available to every PEIM. 802 @param BlockListBuffer Point to the buffer of Capsule Descriptor Variables. 803 @param MemoryBase Pointer to the base of a block of memory that we can walk 804 all over while trying to coalesce our buffers. 805 On output, this variable will hold the base address of 806 a coalesced capsule. 807 @param MemorySize Size of the memory region pointed to by MemoryBase. 808 On output, this variable will contain the size of the 809 coalesced capsule. 810 811 @retval EFI_NOT_FOUND If we could not find the capsule descriptors. 812 813 @retval EFI_BUFFER_TOO_SMALL 814 If we could not coalesce the capsule in the memory 815 region provided to us. 816 817 @retval EFI_SUCCESS Processed the capsule successfully. 818**/ 819EFI_STATUS 820EFIAPI 821CapsuleDataCoalesce ( 822 IN EFI_PEI_SERVICES **PeiServices, 823 IN EFI_PHYSICAL_ADDRESS *BlockListBuffer, 824 IN OUT VOID **MemoryBase, 825 IN OUT UINTN *MemorySize 826 ) 827{ 828 VOID *NewCapsuleBase; 829 VOID *DataPtr; 830 UINT8 CapsuleIndex; 831 UINT8 *FreeMemBase; 832 UINT8 *DestPtr; 833 UINT8 *RelocPtr; 834 UINT32 CapsuleOffset[MAX_SUPPORT_CAPSULE_NUM]; 835 UINT32 *AddDataPtr; 836 UINT32 CapsuleTimes; 837 UINT64 SizeLeft; 838 UINT64 CapsuleImageSize; 839 UINTN CapsuleSize; 840 UINTN DescriptorsSize; 841 UINTN FreeMemSize; 842 UINTN NumDescriptors; 843 BOOLEAN IsCorrupted; 844 BOOLEAN CapsuleBeginFlag; 845 EFI_STATUS Status; 846 EFI_CAPSULE_HEADER *CapsuleHeader; 847 EFI_CAPSULE_PEIM_PRIVATE_DATA PrivateData; 848 EFI_CAPSULE_PEIM_PRIVATE_DATA *PrivateDataPtr; 849 EFI_CAPSULE_BLOCK_DESCRIPTOR *BlockList; 850 EFI_CAPSULE_BLOCK_DESCRIPTOR *CurrentBlockDesc; 851 EFI_CAPSULE_BLOCK_DESCRIPTOR *TempBlockDesc; 852 EFI_CAPSULE_BLOCK_DESCRIPTOR PrivateDataDesc[2]; 853 854 CapsuleIndex = 0; 855 SizeLeft = 0; 856 CapsuleTimes = 0; 857 CapsuleImageSize = 0; 858 PrivateDataPtr = NULL; 859 AddDataPtr = NULL; 860 CapsuleHeader = NULL; 861 CapsuleBeginFlag = TRUE; 862 IsCorrupted = TRUE; 863 CapsuleSize = 0; 864 NumDescriptors = 0; 865 866 // 867 // Build capsule descriptors list 868 // 869 Status = BuildCapsuleDescriptors (BlockListBuffer, &BlockList); 870 if (EFI_ERROR (Status)) { 871 return Status; 872 } 873 874 DEBUG_CODE ( 875 CapsuleTestPatternPreCoalesce (PeiServices, BlockList); 876 ); 877 878 // 879 // Get the size of our descriptors and the capsule size. GetCapsuleInfo() 880 // returns the number of descriptors that actually point to data, so add 881 // one for a terminator. Do that below. 882 // 883 GetCapsuleInfo (BlockList, &NumDescriptors, &CapsuleSize); 884 if ((CapsuleSize == 0) || (NumDescriptors == 0)) { 885 return EFI_NOT_FOUND; 886 } 887 888 // 889 // Initialize our local copy of private data. When we're done, we'll create a 890 // descriptor for it as well so that it can be put into free memory without 891 // trashing anything. 892 // 893 PrivateData.Signature = EFI_CAPSULE_PEIM_PRIVATE_DATA_SIGNATURE; 894 PrivateData.CapsuleSize = (UINT32) CapsuleSize; 895 PrivateDataDesc[0].Union.DataBlock = (EFI_PHYSICAL_ADDRESS) (UINTN) &PrivateData; 896 PrivateDataDesc[0].Length = sizeof (EFI_CAPSULE_PEIM_PRIVATE_DATA); 897 PrivateDataDesc[1].Union.DataBlock = (EFI_PHYSICAL_ADDRESS) (UINTN) BlockList; 898 PrivateDataDesc[1].Length = 0; 899 // 900 // In addition to PrivateDataDesc[1:0], one terminator is added 901 // See below RelocateBlockDescriptors() 902 // 903 NumDescriptors += 3; 904 CapsuleSize += sizeof (EFI_CAPSULE_PEIM_PRIVATE_DATA) + sizeof(CapsuleOffset) + sizeof(UINT32); 905 BlockList = PrivateDataDesc; 906 DescriptorsSize = NumDescriptors * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR); 907 908 // 909 // Don't go below some min address. If the base is below it, 910 // then move it up and adjust the size accordingly. 911 // 912 DEBUG ((EFI_D_INFO, "Capsule Memory range from 0x%8X to 0x%8X\n", (UINTN) *MemoryBase, (UINTN)*MemoryBase + *MemorySize)); 913 if ((UINTN)*MemoryBase < (UINTN) MIN_COALESCE_ADDR) { 914 if (((UINTN)*MemoryBase + *MemorySize) < (UINTN) MIN_COALESCE_ADDR) { 915 return EFI_BUFFER_TOO_SMALL; 916 } else { 917 *MemorySize = *MemorySize - ((UINTN) MIN_COALESCE_ADDR - (UINTN) *MemoryBase); 918 *MemoryBase = (VOID *) (UINTN) MIN_COALESCE_ADDR; 919 } 920 } 921 922 if (*MemorySize <= (CapsuleSize + DescriptorsSize)) { 923 return EFI_BUFFER_TOO_SMALL; 924 } 925 926 FreeMemBase = *MemoryBase; 927 FreeMemSize = *MemorySize; 928 DEBUG ((EFI_D_INFO, "Capsule Free Memory from 0x%8X to 0x%8X\n", (UINTN) FreeMemBase, (UINTN) FreeMemBase + FreeMemSize)); 929 930 // 931 // Relocate all the block descriptors to low memory to make further 932 // processing easier. 933 // 934 BlockList = RelocateBlockDescriptors (PeiServices, BlockList, FreeMemBase, FreeMemSize); 935 if (BlockList == NULL) { 936 // 937 // Not enough room to relocate the descriptors 938 // 939 return EFI_BUFFER_TOO_SMALL; 940 } 941 942 // 943 // Take the top of memory for the capsule. Naturally align. 944 // 945 DestPtr = FreeMemBase + FreeMemSize - CapsuleSize; 946 DestPtr = (UINT8 *) ((UINTN) DestPtr &~ (UINTN) (sizeof (UINTN) - 1)); 947 FreeMemBase = (UINT8 *) BlockList + DescriptorsSize; 948 FreeMemSize = FreeMemSize - DescriptorsSize - CapsuleSize; 949 NewCapsuleBase = (VOID *) DestPtr; 950 951 // 952 // Move all the blocks to the top (high) of memory. 953 // Relocate all the obstructing blocks. Note that the block descriptors 954 // were coalesced when they were relocated, so we can just ++ the pointer. 955 // 956 CurrentBlockDesc = BlockList; 957 while ((CurrentBlockDesc->Length != 0) || (CurrentBlockDesc->Union.ContinuationPointer != (EFI_PHYSICAL_ADDRESS) (UINTN) NULL)) { 958 // 959 // See if any of the remaining capsule blocks are in the way 960 // 961 TempBlockDesc = CurrentBlockDesc; 962 while (TempBlockDesc->Length != 0) { 963 // 964 // Is this block in the way of where we want to copy the current descriptor to? 965 // 966 if (IsOverlapped ( 967 (UINT8 *) DestPtr, 968 (UINTN) CurrentBlockDesc->Length, 969 (UINT8 *) (UINTN) TempBlockDesc->Union.DataBlock, 970 (UINTN) TempBlockDesc->Length 971 )) { 972 // 973 // Relocate the block 974 // 975 RelocPtr = FindFreeMem (BlockList, FreeMemBase, FreeMemSize, (UINTN) TempBlockDesc->Length); 976 if (RelocPtr == NULL) { 977 return EFI_BUFFER_TOO_SMALL; 978 } 979 980 CopyMem ((VOID *) RelocPtr, (VOID *) (UINTN) TempBlockDesc->Union.DataBlock, (UINTN) TempBlockDesc->Length); 981 DEBUG ((EFI_D_INFO, "Capsule reloc data block from 0x%8X to 0x%8X with size 0x%8X\n", 982 (UINTN) TempBlockDesc->Union.DataBlock, (UINTN) RelocPtr, (UINTN) TempBlockDesc->Length)); 983 984 TempBlockDesc->Union.DataBlock = (EFI_PHYSICAL_ADDRESS) (UINTN) RelocPtr; 985 } 986 // 987 // Next descriptor 988 // 989 TempBlockDesc++; 990 } 991 // 992 // Ok, we made it through. Copy the block. 993 // we just support greping one capsule from the lists of block descs list. 994 // 995 CapsuleTimes ++; 996 // 997 //Skip the first block descriptor that filled with EFI_CAPSULE_PEIM_PRIVATE_DATA 998 // 999 if (CapsuleTimes > 1) { 1000 // 1001 //For every capsule entry point, check its header to determine whether to relocate it. 1002 //If it is invalid, skip it and move on to the next capsule. If it is valid, relocate it. 1003 // 1004 if (CapsuleBeginFlag) { 1005 CapsuleBeginFlag = FALSE; 1006 CapsuleHeader = (EFI_CAPSULE_HEADER*)(UINTN)CurrentBlockDesc->Union.DataBlock; 1007 SizeLeft = CapsuleHeader->CapsuleImageSize; 1008 if (!IsCapsuleCorrupted (CapsuleHeader)) { 1009 1010 if (CapsuleIndex > (MAX_SUPPORT_CAPSULE_NUM - 1)) { 1011 DEBUG ((EFI_D_ERROR, "Capsule number exceeds the max number of %d!\n", MAX_SUPPORT_CAPSULE_NUM)); 1012 return EFI_BUFFER_TOO_SMALL; 1013 } 1014 1015 // 1016 // Relocate this valid capsule 1017 // 1018 IsCorrupted = FALSE; 1019 CapsuleImageSize += SizeLeft; 1020 CopyMem ((VOID *) DestPtr, (VOID *) (UINTN) CurrentBlockDesc->Union.DataBlock, (UINTN) CurrentBlockDesc->Length); 1021 DEBUG ((EFI_D_INFO, "Capsule coalesce block no.0x%8X from 0x%8lX to 0x%8lX with size 0x%8X\n",CapsuleTimes, 1022 (UINTN)CurrentBlockDesc->Union.DataBlock, (UINTN)DestPtr, (UINTN)CurrentBlockDesc->Length)); 1023 // 1024 // Cache the begin offset of this capsule 1025 // 1026 CapsuleOffset[CapsuleIndex++] = (UINT32) (UINTN) DestPtr - (UINT32)(UINTN)NewCapsuleBase - (UINT32)sizeof(EFI_CAPSULE_PEIM_PRIVATE_DATA); 1027 DestPtr += CurrentBlockDesc->Length; 1028 } 1029 // 1030 // If the current block length is greater than or equal to SizeLeft, this is the 1031 // start of the next capsule 1032 // 1033 if (CurrentBlockDesc->Length < SizeLeft) { 1034 SizeLeft -= CurrentBlockDesc->Length; 1035 } else { 1036 // 1037 // Start the next cycle 1038 // 1039 SizeLeft = 0; 1040 IsCorrupted = TRUE; 1041 CapsuleBeginFlag = TRUE; 1042 } 1043 } else { 1044 // 1045 //Go on relocating the current capule image. 1046 // 1047 if (CurrentBlockDesc->Length < SizeLeft) { 1048 if (!IsCorrupted) { 1049 CopyMem ((VOID *) DestPtr, (VOID *) (UINTN) (CurrentBlockDesc->Union.DataBlock), (UINTN)CurrentBlockDesc->Length); 1050 DEBUG ((EFI_D_INFO, "Capsule coalesce block no.0x%8X from 0x%8lX to 0x%8lX with size 0x%8X\n",CapsuleTimes, 1051 (UINTN)CurrentBlockDesc->Union.DataBlock, (UINTN)DestPtr, (UINTN)CurrentBlockDesc->Length)); 1052 DestPtr += CurrentBlockDesc->Length; 1053 } 1054 SizeLeft -= CurrentBlockDesc->Length; 1055 } else { 1056 // 1057 //Here is the end of the current capsule image. 1058 // 1059 if (!IsCorrupted) { 1060 CopyMem ((VOID *) DestPtr, (VOID *)(UINTN)(CurrentBlockDesc->Union.DataBlock), (UINTN)CurrentBlockDesc->Length); 1061 DEBUG ((EFI_D_INFO, "Capsule coalesce block no.0x%8X from 0x%8lX to 0x%8lX with size 0x%8X\n",CapsuleTimes, 1062 (UINTN)CurrentBlockDesc->Union.DataBlock, (UINTN)DestPtr, (UINTN)CurrentBlockDesc->Length)); 1063 DestPtr += CurrentBlockDesc->Length; 1064 } 1065 // 1066 // Start the next cycle 1067 // 1068 SizeLeft = 0; 1069 IsCorrupted = TRUE; 1070 CapsuleBeginFlag = TRUE; 1071 } 1072 } 1073 } else { 1074 // 1075 //The first entry is the block descriptor for EFI_CAPSULE_PEIM_PRIVATE_DATA. 1076 // 1077 CopyMem ((VOID *) DestPtr, (VOID *) (UINTN) CurrentBlockDesc->Union.DataBlock, (UINTN) CurrentBlockDesc->Length); 1078 DestPtr += CurrentBlockDesc->Length; 1079 } 1080 // 1081 //Walk through the block descriptor list. 1082 // 1083 CurrentBlockDesc++; 1084 } 1085 // 1086 // We return the base of memory we want reserved, and the size. 1087 // The memory peim should handle it appropriately from there. 1088 // 1089 *MemorySize = (UINTN) CapsuleSize; 1090 *MemoryBase = (VOID *) NewCapsuleBase; 1091 1092 // 1093 //Append the offsets of mutiply capsules to the continous buffer 1094 // 1095 DataPtr = (VOID*)((UINTN)NewCapsuleBase + sizeof(EFI_CAPSULE_PEIM_PRIVATE_DATA) + (UINTN)CapsuleImageSize); 1096 AddDataPtr = (UINT32*)(((UINTN) DataPtr + sizeof(UINT32) - 1) &~ (UINT32) (sizeof (UINT32) - 1)); 1097 1098 *AddDataPtr++ = CapsuleIndex; 1099 1100 CopyMem (AddDataPtr, &CapsuleOffset[0], sizeof (UINT32) * CapsuleIndex); 1101 1102 PrivateDataPtr = (EFI_CAPSULE_PEIM_PRIVATE_DATA *) NewCapsuleBase; 1103 PrivateDataPtr->CapsuleSize = (UINT32) CapsuleImageSize; 1104 1105 return EFI_SUCCESS; 1106} 1107