UefiCapsule.c revision 4fd606d1f5abe38e1f42c38de1d2e895166bd0f4
/** @file
Capsule update PEIM for UEFI2.0
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions
of the BSD License which accompanies this distribution. The
full text of the license may be found at
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Capsule.h"
#ifdef MDE_CPU_IA32
//
// Global Descriptor Table (GDT)
//
/* selector { Global Segment Descriptor } */
/* 0x00 */ {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, //null descriptor
/* 0x08 */ {{0xffff, 0, 0, 0x3, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //linear data segment descriptor
/* 0x10 */ {{0xffff, 0, 0, 0xf, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //linear code segment descriptor
/* 0x18 */ {{0xffff, 0, 0, 0x3, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //system data segment descriptor
/* 0x20 */ {{0xffff, 0, 0, 0xb, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //system code segment descriptor
/* 0x28 */ {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, //spare segment descriptor
/* 0x30 */ {{0xffff, 0, 0, 0x3, 1, 0, 1, 0xf, 0, 0, 1, 1, 0}}, //system data segment descriptor
/* 0x38 */ {{0xffff, 0, 0, 0xb, 1, 0, 1, 0xf, 0, 1, 0, 1, 0}}, //system code segment descriptor
/* 0x40 */ {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, //spare segment descriptor
};
//
// IA32 Gdt register
//
sizeof (mGdtEntries) - 1,
};
/**
Calculate the total size of page table.
@return The size of page table.
**/
)
{
if (PcdGetBool(PcdUse1GPageTable)) {
if (RegEax >= 0x80000001) {
}
}
}
//
// Get physical address bits supported.
//
} else {
if (RegEax >= 0x80000008) {
} else {
PhysicalAddressBits = 36;
}
}
//
// IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.
//
if (PhysicalAddressBits > 48) {
PhysicalAddressBits = 48;
}
//
// Calculate the table entries needed.
//
if (PhysicalAddressBits <= 39 ) {
} else {
NumberOfPdpEntriesNeeded = 512;
}
if (!Page1GSupport) {
} else {
}
return EFI_PAGES_TO_SIZE (TotalPagesNum);
}
/**
Allocates and fills in the Page Directory and Page Table Entries to
establish a 1:1 Virtual to Physical mapping.
@param[in] PageTablesAddress The base address of page table.
**/
)
{
if (RegEax >= 0x80000001) {
}
}
//
// Get physical address bits supported.
//
} else {
if (RegEax >= 0x80000008) {
} else {
PhysicalAddressBits = 36;
}
}
//
// IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.
//
if (PhysicalAddressBits > 48) {
PhysicalAddressBits = 48;
}
//
// Calculate the table entries needed.
//
if (PhysicalAddressBits <= 39 ) {
} else {
NumberOfPdpEntriesNeeded = 512;
}
//
// Pre-allocate big pages to avoid later allocations.
//
//
// By architecture only one PageMapLevel4 exists - so lets allocate storage for it.
//
PageAddress = 0;
for (IndexOfPml4Entries = 0; IndexOfPml4Entries < NumberOfPml4EntriesNeeded; IndexOfPml4Entries++, PageMapLevel4Entry++) {
//
// Each PML4 entry points to a page of Page Directory Pointer entires.
// So lets allocate space for them and fill them in in the IndexOfPdpEntries loop.
//
//
// Make a PML4 Entry
//
if (Page1GSupport) {
for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += SIZE_1GB) {
//
// Fill in the Page Directory entries
//
}
} else {
for (IndexOfPdpEntries = 0; IndexOfPdpEntries < NumberOfPdpEntriesNeeded; IndexOfPdpEntries++, PageDirectoryPointerEntry++) {
//
// Each Directory Pointer entries points to a page of Page Directory entires.
// So allocate space for them and fill them in in the IndexOfPageDirectoryEntries loop.
//
//
// Fill in a Page Directory Pointer Entries
//
for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += SIZE_2MB) {
//
// Fill in the Page Directory entries
//
}
}
ZeroMem (
sizeof(PAGE_MAP_AND_DIRECTORY_POINTER)
);
}
}
}
//
// For the PML4 entries we are not using fill in a null entry.
//
ZeroMem (
sizeof (PAGE_MAP_AND_DIRECTORY_POINTER)
);
}
}
/**
Return function from long mode to 32-bit mode.
@param EntrypointContext Context for mode switching
@param ReturnContext Context for mode switching
**/
)
{
//
// Restore original GDT
//
//
// return to original caller
//
//
// never be here
//
}
/**
Thunk function from 32-bit protection mode to long mode.
@param PageTableAddress Page table base address
@param Context Context for mode switching
@param ReturnContext Context for mode switching
@retval EFI_SUCCESS Function successfully executed.
**/
)
{
//
// Save return address, LongJump will return here then
//
if (SetJumpFlag == 0) {
//
// Build Page Tables for all physical memory processor supports
//
//
// Create 64-bit GDT
//
AsmWriteGdtr (&mGdt);
//
// Write CR3
//
//
// Transfer to long mode
//
0x38,
);
}
//
// Convert to 32-bit Status and return
//
}
return Status;
}
/**
If in 32 bit protection mode, and coalesce image is of X64, switch to long mode.
@param LongModeBuffer The context of long mode.
@param CoalesceEntry Entry of coalesce image.
@param BlockListAddr Address of block list.
@param MemoryBase Base of memory range.
@param MemorySize Size of memory range.
@retval EFI_SUCCESS Successfully switched to long mode and execute coalesce.
@retval Others Failed to execute coalesce in long mode.
**/
)
{
//
// Merge memory range reserved for stack and page table
//
} else {
}
//
// Check if memory range reserved is overlap with MemoryBase ~ MemoryBase + MemorySize.
// If they are overlapped, get a larger range to process capsule data.
//
if (ReservedRangeBase <= MemoryBase64) {
if (ReservedRangeEnd < MemoryEnd64) {
} else {
return EFI_OUT_OF_RESOURCES;
}
} else if (ReservedRangeBase < MemoryEnd64) {
if (ReservedRangeEnd < MemoryEnd64 &&
} else {
}
}
//
// Initialize context jumping to 64-bit enviroment
//
//
// Prepare data for return back
//
//
// Will save the return status of processing capsule
//
//
// Save original GDT
//
}
return Status;
}
/**
Locates the coalesce image entry point, and detects its machine type.
@param CoalesceImageEntryPoint Pointer to coalesce image entry point for output.
@param CoalesceImageMachineType Pointer to machine type of coalesce image.
@retval EFI_SUCCESS Coalesce image successfully located.
@retval Others Failed to locate the coalesce image.
**/
)
{
Instance = 0;
while (TRUE) {
return Status;
}
Status = PeiServicesFfsFindFileByName (PcdGetPtr(PcdCapsuleCoalesceFile), VolumeHandle, &FileHandle);
);
return Status;
}
break;
} else {
continue;
}
}
return Status;
}
#endif
/**
Checks for the presence of capsule descriptors.
Get capsule descriptors from variable CapsuleUpdateData, CapsuleUpdateData1, CapsuleUpdateData2...
and save to DescriptorBuffer.
@param DescriptorBuffer Pointer to the capsule descriptors
@retval EFI_SUCCESS a valid capsule is present
@retval EFI_NOT_FOUND if a valid capsule is not present
**/
)
{
Index = 0;
TempVarName = NULL;
CapsuleVarName[0] = 0;
ValidIndex = 0;
0,
NULL,
(VOID **) &PPIVariableServices
);
if (Status == EFI_SUCCESS) {
Size = sizeof (CapsuleDataPtr64);
while (1) {
if (Index == 0) {
//
// For the first Capsule Image
//
NULL,
&Size,
(VOID *) &CapsuleDataPtr64
);
return EFI_NOT_FOUND;
}
//
// know the boot mode prior to initializing memory. For this case, our
// validate function will fail. We can detect if this is the case if blocklist
// pointer is null. In that case, return success since we know that the
// variable is set.
//
if (DescriptorBuffer == NULL) {
return EFI_SUCCESS;
}
} else {
NULL,
&Size,
(VOID *) &CapsuleDataPtr64
);
break;
}
//
// If this BlockList has been linked before, skip this variable
//
break;
}
}
if (Flag) {
Index ++;
continue;
}
}
//
// Cache BlockList which has been processed
//
Index ++;
}
}
return EFI_SUCCESS;
}
/**
Gets the reserved long mode buffer.
@param LongModeBuffer Pointer to the long mode buffer for output.
@retval EFI_SUCCESS Long mode buffer successfully retrieved.
@retval Others Variable storing long mode buffer not found.
**/
)
{
0,
NULL,
(VOID **) &PPIVariableServices
);
Size = sizeof (EFI_CAPSULE_LONG_MODE_BUFFER);
NULL,
&Size,
);
}
return Status;
}
/**
Capsule PPI service to coalesce a fragmented capsule in memory.
@param PeiServices General purpose services available to every PEIM.
@param MemoryBase Pointer to the base of a block of memory that we can walk
all over while trying to coalesce our buffers.
On output, this variable will hold the base address of
a coalesced capsule.
@param MemorySize Size of the memory region pointed to by MemoryBase.
On output, this variable will contain the size of the
coalesced capsule.
@retval EFI_NOT_FOUND if we can't determine the boot mode
if the boot mode is not flash-update
if we could not find the capsule descriptors
@retval EFI_BUFFER_TOO_SMALL
if we could not coalesce the capsule in the memory
region provided to us
@retval EFI_SUCCESS if there's no capsule, or if we processed the
capsule successfully.
**/
)
{
#ifdef MDE_CPU_IA32
#endif
Index = 0;
VariableCount = 0;
CapsuleVarName[0] = 0;
//
// Someone should have already ascertained the boot mode. If it's not
// capsule update, then return normally.
//
goto Done;
}
//
// User may set the same ScatterGatherList with several different variables,
// so cache all ScatterGatherList for check later.
//
0,
NULL,
(VOID **) &PPIVariableServices
);
goto Done;
}
Size = sizeof (CapsuleDataPtr64);
while (TRUE) {
if (Index > 0) {
}
NULL,
&Size,
(VOID *) &CapsuleDataPtr64
);
//
// There is no capsule variables, quit
//
break;
}
Index++;
}
//
// The last entry is the end flag.
//
(VOID **)&VariableArrayAddress
);
if (Status != EFI_SUCCESS) {
goto Done;
}
//
// Find out if we actually have a capsule.
// GetCapsuleDescriptors depends on variable PPI, so it should run in 32-bit environment.
//
goto Done;
}
#ifdef MDE_CPU_IA32
if (FeaturePcdGet (PcdDxeIplSwitchToLongMode)) {
//
// Switch to 64-bit mode to process capsule data when:
// 1. When DXE phase is 64-bit
// 2. When the buffer for 64-bit transition exists
// 3. When Capsule X64 image is built in BIOS image
// In 64-bit mode, we can process capsule data above 4GB.
//
goto Done;
}
goto Done;
}
ASSERT (CoalesceImageEntryPoint != 0);
Status = ModeSwitch (&LongModeBuffer, CoalesceEntry, (EFI_PHYSICAL_ADDRESS)(UINTN)VariableArrayAddress, MemoryBase, MemorySize);
} else {
//
// Capsule is processed in IA32 mode.
//
Status = CapsuleDataCoalesce (PeiServices, (EFI_PHYSICAL_ADDRESS *)(UINTN)VariableArrayAddress, MemoryBase, MemorySize);
}
#else
//
// Process capsule directly.
//
Status = CapsuleDataCoalesce (PeiServices, (EFI_PHYSICAL_ADDRESS *)(UINTN)VariableArrayAddress, MemoryBase, MemorySize);
#endif
if (Status == EFI_BUFFER_TOO_SMALL) {
}
if (Status == EFI_NOT_FOUND) {
);
}
Done:
return Status;
}
/**
Determine if we're in capsule update boot mode.
@param PeiServices PEI services table
@retval EFI_SUCCESS if we have a capsule available
@retval EFI_NOT_FOUND no capsule detected
**/
)
{
return Status;
}
/**
This function will look at a capsule and determine if it's a test pattern.
If it is, then it will verify it and emit an error message if corruption is detected.
@param PeiServices Standard pei services pointer
@param CapsuleBase Base address of coalesced capsule, which is preceeded
by private data. Very implementation specific.
@retval TRUE Capsule image is the test image
@retval FALSE Capsule image is not the test image.
**/
)
{
//
// Look at the capsule data and determine if it's a test pattern. If it
// is, then test it now.
//
//
// 0x54534554 "TEST"
//
if (*TestPtr == 0x54534554) {
//
// Skip over the signature and the size fields in the pattern data header
//
TestPtr += 2;
TestCounter = 0;
while (TestSize > 0) {
if (*TestPtr != TestCounter) {
DEBUG ((EFI_D_INFO, "Capsule test pattern mode FAILED: BaseAddr/FailAddr 0x%X 0x%X\n", (UINT32)(UINTN)(EFI_CAPSULE_PEIM_PRIVATE_DATA *)CapsuleBase, (UINT32)(UINTN)TestPtr));
return TRUE;
}
TestPtr++;
TestCounter++;
TestSize--;
}
}
return RetValue;
}
/**
Capsule PPI service that gets called after memory is available. The
capsule coalesce function, which must be called first, returns a base
address and size, which can be anything actually. Once the memory init
PEIM has discovered memory, then it should call this function and pass in
the base address and size returned by the coalesce function. Then this
function can create a capsule HOB and return.
@param PeiServices standard pei services pointer
@param CapsuleBase address returned by the capsule coalesce function. Most
likely this will actually be a pointer to private data.
@param CapsuleSize value returned by the capsule coalesce function.
@retval EFI_VOLUME_CORRUPTED CapsuleBase does not appear to point to a
coalesced capsule
@retval EFI_SUCCESS if all goes well.
**/
)
{
CapsuleNumber = 0;
return EFI_VOLUME_CORRUPTED;
}
//
// Capsule Number and Capsule Offset is in the tail of Capsule data.
//
CapsuleNumber = *DataPtr++;
//
// Allocate the memory so that it gets preserved into DXE
//
);
if (Status != EFI_SUCCESS) {
return Status;
}
//
// Copy to our new buffer for DXE
//
DEBUG ((EFI_D_INFO, "Capsule copy from 0x%8X to 0x%8X with size 0x%8X\n", (UINTN) (PrivateData + 1), (UINTN) NewBuffer, Size));
//
// Check for test data pattern. If it is the test pattern, then we'll
// test it ans still create the HOB so that it can be used to verify
// that capsules don't get corrupted all the way into BDS. BDS will
// still try to turn it into a firmware volume, but will think it's
// corrupted so nothing will happen.
//
);
//
// Build the UEFI Capsule Hob for each capsule image.
//
}
return EFI_SUCCESS;
}
};
};
/**
Entry point function for the PEIM
@param FileHandle Handle of the file being invoked.
@param PeiServices Describes the list of possible PEI Services.
@return EFI_SUCCESS If we installed our PPI
**/
)
{
//
// Just produce our PPI
//
return PeiServicesInstallPpi (&mUefiPpiListCapsule);
}