1 // SPDX-License-Identifier: GPL-2.0+
5 * Copyright (c) 2018 Linaro Limited
6 * Author: AKASHI Takahiro
9 #define LOG_CATEGORY LOGC_EFI
12 #include <efi_loader.h>
13 #include <efi_variable.h>
20 #include <asm/global_data.h>
22 #include <crypto/pkcs7.h>
23 #include <crypto/pkcs7_parser.h>
24 #include <linux/err.h>
26 DECLARE_GLOBAL_DATA_PTR;
28 const efi_guid_t efi_guid_capsule_report = EFI_CAPSULE_REPORT_GUID;
29 static const efi_guid_t efi_guid_firmware_management_capsule_id =
30 EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
31 const efi_guid_t efi_guid_firmware_management_protocol =
32 EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GUID;
34 #ifdef CONFIG_EFI_CAPSULE_ON_DISK
35 /* for file system access */
36 static struct efi_file_handle *bootdev_root;
40 * get_last_capsule - get the last capsule index
42 * Retrieve the index of the capsule invoked last time from "CapsuleLast"
46 * * > 0 - the last capsule index invoked
47 * * 0xffff - on error, or no capsule invoked yet
49 static __maybe_unused unsigned int get_last_capsule(void)
51 u16 value16[11]; /* "CapsuleXXXX": non-null-terminated */
54 unsigned long index = 0xffff;
58 size = sizeof(value16);
59 ret = efi_get_variable_int(L"CapsuleLast", &efi_guid_capsule_report,
60 NULL, &size, value16, NULL);
61 if (ret != EFI_SUCCESS || size != 22 ||
62 u16_strncmp(value16, L"Capsule", 7))
64 for (i = 0; i < 4; ++i) {
65 u16 c = value16[i + 7];
72 if (strict_strtoul(value, 16, &index))
79 * set_capsule_result - set a result variable
81 * @return_status: Return status
83 * Create and set a result variable, "CapsuleXXXX", for the capsule,
87 void set_capsule_result(int index, struct efi_capsule_header *capsule,
88 efi_status_t return_status)
90 u16 variable_name16[12];
91 struct efi_capsule_result_variable_header result;
95 efi_create_indexed_name(variable_name16, sizeof(variable_name16),
97 result.variable_total_size = sizeof(result);
98 result.capsule_guid = capsule->capsule_guid;
99 ret = EFI_CALL((*efi_runtime_services.get_time)(&time, NULL));
100 if (ret == EFI_SUCCESS)
101 memcpy(&result.capsule_processed, &time, sizeof(time));
103 memset(&result.capsule_processed, 0, sizeof(time));
104 result.capsule_status = return_status;
105 ret = efi_set_variable_int(variable_name16, &efi_guid_capsule_report,
106 EFI_VARIABLE_NON_VOLATILE |
107 EFI_VARIABLE_BOOTSERVICE_ACCESS |
108 EFI_VARIABLE_RUNTIME_ACCESS,
109 sizeof(result), &result, false);
110 if (ret != EFI_SUCCESS) {
111 log_err("Setting %ls failed\n", variable_name16);
115 /* Variable CapsuleLast must not include terminating 0x0000 */
116 ret = efi_set_variable_int(L"CapsuleLast", &efi_guid_capsule_report,
117 EFI_VARIABLE_READ_ONLY |
118 EFI_VARIABLE_NON_VOLATILE |
119 EFI_VARIABLE_BOOTSERVICE_ACCESS |
120 EFI_VARIABLE_RUNTIME_ACCESS,
121 22, variable_name16, false);
122 if (ret != EFI_SUCCESS)
123 log_err("Setting %ls failed\n", L"CapsuleLast");
126 #ifdef CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT
128 * efi_fmp_find - search for Firmware Management Protocol drivers
129 * @image_type: Image type guid
130 * @instance: Instance number
131 * @handles: Handles of FMP drivers
132 * @no_handles: Number of handles
134 * Search for Firmware Management Protocol drivers, matching the image
135 * type, @image_type and the machine instance, @instance, from the list,
139 * * Protocol instance - on success
140 * * NULL - on failure
142 static struct efi_firmware_management_protocol *
143 efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles,
144 efi_uintn_t no_handles)
146 efi_handle_t *handle;
147 struct efi_firmware_management_protocol *fmp;
148 struct efi_firmware_image_descriptor *image_info, *desc;
149 efi_uintn_t info_size, descriptor_size;
150 u32 descriptor_version;
153 u16 *package_version_name;
158 for (i = 0, handle = handles; i < no_handles; i++, handle++) {
159 ret = EFI_CALL(efi_handle_protocol(
161 &efi_guid_firmware_management_protocol,
163 if (ret != EFI_SUCCESS)
166 /* get device's image info */
169 descriptor_version = 0;
170 descriptor_count = 0;
173 package_version_name = NULL;
174 ret = EFI_CALL(fmp->get_image_info(fmp, &info_size,
180 &package_version_name));
181 if (ret != EFI_BUFFER_TOO_SMALL)
184 image_info = malloc(info_size);
188 ret = EFI_CALL(fmp->get_image_info(fmp, &info_size,
194 &package_version_name));
195 if (ret != EFI_SUCCESS ||
196 descriptor_version != EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION)
200 for (j = 0, desc = image_info; j < descriptor_count;
201 j++, desc = (void *)desc + descriptor_size) {
202 log_debug("+++ desc[%d] index: %d, name: %ls\n",
203 j, desc->image_index, desc->image_id_name);
204 if (!guidcmp(&desc->image_type_id, image_type) &&
206 !desc->hardware_instance ||
207 desc->hardware_instance == instance))
212 efi_free_pool(package_version_name);
214 EFI_CALL(efi_close_protocol(
216 &efi_guid_firmware_management_protocol,
226 * efi_remove_auth_hdr - remove authentication data from image
227 * @image: Pointer to pointer to Image
228 * @image_size: Pointer to Image size
230 * Remove the authentication data from image if possible.
231 * Update @image and @image_size.
233 * Return: status code
235 static efi_status_t efi_remove_auth_hdr(void **image, efi_uintn_t *image_size)
237 struct efi_firmware_image_authentication *auth_hdr;
238 efi_status_t ret = EFI_INVALID_PARAMETER;
240 auth_hdr = (struct efi_firmware_image_authentication *)*image;
241 if (*image_size < sizeof(*auth_hdr))
244 if (auth_hdr->auth_info.hdr.dwLength <=
245 offsetof(struct win_certificate_uefi_guid, cert_data))
248 *image = (uint8_t *)*image + sizeof(auth_hdr->monotonic_count) +
249 auth_hdr->auth_info.hdr.dwLength;
250 *image_size = *image_size - auth_hdr->auth_info.hdr.dwLength -
251 sizeof(auth_hdr->monotonic_count);
258 #if defined(CONFIG_EFI_CAPSULE_AUTHENTICATE)
259 int efi_get_public_key_data(void **pkey, efi_uintn_t *pkey_len)
261 const void *fdt_blob = gd->fdt_blob;
263 const char *cnode_name = "capsule-key";
264 const char *snode_name = "signature";
268 sig_node = fdt_subnode_offset(fdt_blob, 0, snode_name);
270 log_err("Unable to get signature node offset\n");
272 return -FDT_ERR_NOTFOUND;
275 blob = fdt_getprop(fdt_blob, sig_node, cnode_name, &len);
277 if (!blob || len < 0) {
278 log_err("Unable to get capsule-key value\n");
282 return -FDT_ERR_NOTFOUND;
285 *pkey = (void *)blob;
291 efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
292 void **image, efi_uintn_t *image_size)
296 void *fdt_pkey, *pkey;
297 efi_uintn_t pkey_len;
298 uint64_t monotonic_count;
299 struct efi_signature_store *truststore;
300 struct pkcs7_message *capsule_sig;
301 struct efi_image_regions *regs;
302 struct efi_firmware_image_authentication *auth_hdr;
305 status = EFI_SECURITY_VIOLATION;
311 if (capsule == NULL || capsule_size == 0)
314 *image = (uint8_t *)capsule;
315 *image_size = capsule_size;
316 if (efi_remove_auth_hdr(image, image_size) != EFI_SUCCESS)
319 auth_hdr = (struct efi_firmware_image_authentication *)capsule;
320 if (guidcmp(&auth_hdr->auth_info.cert_type, &efi_guid_cert_type_pkcs7))
323 memcpy(&monotonic_count, &auth_hdr->monotonic_count,
324 sizeof(monotonic_count));
326 /* data to be digested */
327 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * 2, 1);
332 efi_image_region_add(regs, (uint8_t *)*image,
333 (uint8_t *)*image + *image_size, 1);
335 efi_image_region_add(regs, (uint8_t *)&monotonic_count,
336 (uint8_t *)&monotonic_count + sizeof(monotonic_count),
339 capsule_sig = efi_parse_pkcs7_header(auth_hdr->auth_info.cert_data,
340 auth_hdr->auth_info.hdr.dwLength
341 - sizeof(auth_hdr->auth_info),
343 if (IS_ERR(capsule_sig)) {
344 debug("Parsing variable's pkcs7 header failed\n");
349 ret = efi_get_public_key_data(&fdt_pkey, &pkey_len);
353 pkey = malloc(pkey_len);
357 memcpy(pkey, fdt_pkey, pkey_len);
358 truststore = efi_build_signature_store(pkey, pkey_len);
362 /* verify signature */
363 if (efi_signature_verify(regs, capsule_sig, truststore, NULL)) {
366 debug("Verifying variable's signature failed\n");
370 status = EFI_SUCCESS;
373 efi_sigstore_free(truststore);
374 pkcs7_free_message(capsule_sig);
380 efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
381 void **image, efi_uintn_t *image_size)
383 return EFI_UNSUPPORTED;
385 #endif /* CONFIG_EFI_CAPSULE_AUTHENTICATE */
389 * efi_capsule_update_firmware - update firmware from capsule
390 * @capsule_data: Capsule
392 * Update firmware, using a capsule, @capsule_data. Loading any FMP
393 * drivers embedded in a capsule is not supported.
395 * Return: status code
397 static efi_status_t efi_capsule_update_firmware(
398 struct efi_capsule_header *capsule_data)
400 struct efi_firmware_management_capsule_header *capsule;
401 struct efi_firmware_management_capsule_image_header *image;
402 size_t capsule_size, image_binary_size;
403 void *image_binary, *vendor_code;
404 efi_handle_t *handles;
405 efi_uintn_t no_handles;
407 struct efi_firmware_management_protocol *fmp;
409 efi_status_t ret = EFI_SUCCESS;
412 if (capsule_data->header_size < sizeof(*capsule) ||
413 capsule_data->header_size >= capsule_data->capsule_image_size)
414 return EFI_INVALID_PARAMETER;
416 capsule = (void *)capsule_data + capsule_data->header_size;
417 capsule_size = capsule_data->capsule_image_size
418 - capsule_data->header_size;
420 if (capsule->version != 0x00000001)
421 return EFI_UNSUPPORTED;
424 ret = EFI_CALL(efi_locate_handle_buffer(
426 &efi_guid_firmware_management_protocol,
427 NULL, &no_handles, (efi_handle_t **)&handles));
428 if (ret != EFI_SUCCESS)
429 return EFI_UNSUPPORTED;
432 for (item = capsule->embedded_driver_count;
433 item < capsule->embedded_driver_count
434 + capsule->payload_item_count; item++) {
436 if ((capsule->item_offset_list[item] + sizeof(*image)
438 log_err("Capsule does not have enough data\n");
439 ret = EFI_INVALID_PARAMETER;
443 image = (void *)capsule + capsule->item_offset_list[item];
445 if (image->version != 0x00000003) {
446 ret = EFI_UNSUPPORTED;
450 /* find a device for update firmware */
451 /* TODO: should we pass index as well, or nothing but type? */
452 fmp = efi_fmp_find(&image->update_image_type_id,
453 image->update_hardware_instance,
454 handles, no_handles);
456 log_err("FMP driver not found for firmware type %pUl, hardware instance %lld\n",
457 &image->update_image_type_id,
458 image->update_hardware_instance);
459 ret = EFI_UNSUPPORTED;
464 if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) &&
465 !(image->image_capsule_support &
466 CAPSULE_SUPPORT_AUTHENTICATION)) {
468 ret = EFI_SECURITY_VIOLATION;
472 image_binary = (void *)image + sizeof(*image);
473 image_binary_size = image->update_image_size;
474 vendor_code = image_binary + image_binary_size;
475 if (!IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) &&
476 (image->image_capsule_support &
477 CAPSULE_SUPPORT_AUTHENTICATION)) {
478 ret = efi_remove_auth_hdr(&image_binary,
480 if (ret != EFI_SUCCESS)
485 ret = EFI_CALL(fmp->set_image(fmp, image->update_image_index,
490 if (ret != EFI_SUCCESS) {
491 log_err("Firmware update failed: %ls\n",
493 efi_free_pool(abort_reason);
499 efi_free_pool(handles);
504 static efi_status_t efi_capsule_update_firmware(
505 struct efi_capsule_header *capsule_data)
507 return EFI_UNSUPPORTED;
509 #endif /* CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT */
512 * efi_update_capsule() - process information from operating system
513 * @capsule_header_array: Array of virtual address pointers
514 * @capsule_count: Number of pointers in capsule_header_array
515 * @scatter_gather_list: Array of physical address pointers
517 * This function implements the UpdateCapsule() runtime service.
519 * See the Unified Extensible Firmware Interface (UEFI) specification for
522 * Return: status code
524 efi_status_t EFIAPI efi_update_capsule(
525 struct efi_capsule_header **capsule_header_array,
526 efi_uintn_t capsule_count,
527 u64 scatter_gather_list)
529 struct efi_capsule_header *capsule;
533 EFI_ENTRY("%p, %zu, %llu\n", capsule_header_array, capsule_count,
534 scatter_gather_list);
536 if (!capsule_count) {
537 ret = EFI_INVALID_PARAMETER;
542 for (i = 0, capsule = *capsule_header_array; i < capsule_count;
543 i++, capsule = *(++capsule_header_array)) {
545 if (capsule->header_size < sizeof(*capsule) ||
546 capsule->capsule_image_size < sizeof(*capsule)) {
547 log_err("Capsule does not have enough data\n");
551 log_debug("Capsule[%d] (guid:%pUl)\n",
552 i, &capsule->capsule_guid);
553 if (!guidcmp(&capsule->capsule_guid,
554 &efi_guid_firmware_management_capsule_id)) {
555 ret = efi_capsule_update_firmware(capsule);
557 log_err("Unsupported capsule type: %pUl\n",
558 &capsule->capsule_guid);
559 ret = EFI_UNSUPPORTED;
562 if (ret != EFI_SUCCESS)
566 if (IS_ENABLED(CONFIG_EFI_ESRT)) {
567 /* Rebuild the ESRT to reflect any updated FW images. */
568 ret = efi_esrt_populate();
569 if (ret != EFI_SUCCESS)
570 log_warning("ESRT update failed\n");
574 return EFI_EXIT(ret);
578 * efi_query_capsule_caps() - check if capsule is supported
579 * @capsule_header_array: Array of virtual pointers
580 * @capsule_count: Number of pointers in capsule_header_array
581 * @maximum_capsule_size: Maximum capsule size
582 * @reset_type: Type of reset needed for capsule update
584 * This function implements the QueryCapsuleCapabilities() runtime service.
586 * See the Unified Extensible Firmware Interface (UEFI) specification for
589 * Return: status code
591 efi_status_t EFIAPI efi_query_capsule_caps(
592 struct efi_capsule_header **capsule_header_array,
593 efi_uintn_t capsule_count,
594 u64 *maximum_capsule_size,
597 struct efi_capsule_header *capsule __attribute__((unused));
601 EFI_ENTRY("%p, %zu, %p, %p\n", capsule_header_array, capsule_count,
602 maximum_capsule_size, reset_type);
604 if (!maximum_capsule_size) {
605 ret = EFI_INVALID_PARAMETER;
609 *maximum_capsule_size = U64_MAX;
610 *reset_type = EFI_RESET_COLD;
613 for (i = 0, capsule = *capsule_header_array; i < capsule_count;
614 i++, capsule = *(++capsule_header_array)) {
618 return EFI_EXIT(ret);
621 #ifdef CONFIG_EFI_CAPSULE_ON_DISK
623 * get_dp_device - retrieve a device path from boot variable
624 * @boot_var: Boot variable name
625 * @device_dp Device path
627 * Retrieve a device patch from boot variable, @boot_var.
629 * Return: status code
631 static efi_status_t get_dp_device(u16 *boot_var,
632 struct efi_device_path **device_dp)
636 struct efi_load_option lo;
637 struct efi_device_path *file_dp;
641 ret = efi_get_variable_int(boot_var, &efi_global_variable_guid,
642 NULL, &size, NULL, NULL);
643 if (ret == EFI_BUFFER_TOO_SMALL) {
646 return EFI_OUT_OF_RESOURCES;
647 ret = efi_get_variable_int(boot_var, &efi_global_variable_guid,
648 NULL, &size, buf, NULL);
650 if (ret != EFI_SUCCESS)
653 efi_deserialize_load_option(&lo, buf, &size);
655 if (lo.attributes & LOAD_OPTION_ACTIVE) {
656 efi_dp_split_file_path(lo.file_path, device_dp, &file_dp);
657 efi_free_pool(file_dp);
670 * device_is_present_and_system_part - check if a device exists
673 * Check if a device pointed to by the device path, @dp, exists and is
674 * located in UEFI system partition.
676 * Return: true - yes, false - no
678 static bool device_is_present_and_system_part(struct efi_device_path *dp)
682 handle = efi_dp_find_obj(dp, NULL);
686 return efi_disk_is_system_part(handle);
690 * find_boot_device - identify the boot device
692 * Identify the boot device from boot-related variables as UEFI
693 * specification describes and put its handle into bootdev_root.
695 * Return: status code
697 static efi_status_t find_boot_device(void)
700 u16 boot_var16[9], *p, bootnext, *boot_order = NULL;
703 struct efi_simple_file_system_protocol *volume;
704 struct efi_device_path *boot_dev = NULL;
707 /* find active boot device in BootNext */
709 size = sizeof(bootnext);
710 ret = efi_get_variable_int(L"BootNext",
711 (efi_guid_t *)&efi_global_variable_guid,
712 NULL, &size, &bootnext, NULL);
713 if (ret == EFI_SUCCESS || ret == EFI_BUFFER_TOO_SMALL) {
714 /* BootNext does exist here */
715 if (ret == EFI_BUFFER_TOO_SMALL || size != sizeof(u16)) {
716 log_err("BootNext must be 16-bit integer\n");
719 sprintf((char *)boot_var, "Boot%04X", bootnext);
721 utf8_utf16_strcpy(&p, boot_var);
723 ret = get_dp_device(boot_var16, &boot_dev);
724 if (ret == EFI_SUCCESS) {
725 if (device_is_present_and_system_part(boot_dev)) {
728 efi_free_pool(boot_dev);
735 /* find active boot device in BootOrder */
737 ret = efi_get_variable_int(L"BootOrder", &efi_global_variable_guid,
738 NULL, &size, NULL, NULL);
739 if (ret == EFI_BUFFER_TOO_SMALL) {
740 boot_order = malloc(size);
742 ret = EFI_OUT_OF_RESOURCES;
746 ret = efi_get_variable_int(L"BootOrder",
747 &efi_global_variable_guid,
748 NULL, &size, boot_order, NULL);
750 if (ret != EFI_SUCCESS)
753 /* check in higher order */
754 num = size / sizeof(u16);
755 for (i = 0; i < num; i++) {
756 sprintf((char *)boot_var, "Boot%04X", boot_order[i]);
758 utf8_utf16_strcpy(&p, boot_var);
759 ret = get_dp_device(boot_var16, &boot_dev);
760 if (ret != EFI_SUCCESS)
763 if (device_is_present_and_system_part(boot_dev))
766 efi_free_pool(boot_dev);
771 log_debug("Boot device %pD\n", boot_dev);
773 volume = efi_fs_from_path(boot_dev);
775 ret = EFI_DEVICE_ERROR;
777 ret = EFI_CALL(volume->open_volume(volume,
779 efi_free_pool(boot_dev);
790 * efi_capsule_scan_dir - traverse a capsule directory in boot device
791 * @files: Array of file names
792 * @num: Number of elements in @files
794 * Traverse a capsule directory in boot device.
795 * Called by initialization code, and returns an array of capsule file
798 * Return: status code
800 static efi_status_t efi_capsule_scan_dir(u16 ***files, unsigned int *num)
802 struct efi_file_handle *dirh;
803 struct efi_file_info *dirent;
804 efi_uintn_t dirent_size, tmp_size;
809 ret = find_boot_device();
810 if (ret == EFI_NOT_FOUND) {
811 log_debug("Boot device is not set\n");
814 } else if (ret != EFI_SUCCESS) {
815 return EFI_DEVICE_ERROR;
818 /* count capsule files */
819 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
821 EFI_FILE_MODE_READ, 0));
822 if (ret != EFI_SUCCESS) {
828 dirent = malloc(dirent_size);
830 return EFI_OUT_OF_RESOURCES;
834 tmp_size = dirent_size;
835 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
836 if (ret == EFI_BUFFER_TOO_SMALL) {
837 struct efi_file_info *old_dirent = dirent;
839 dirent = realloc(dirent, tmp_size);
842 ret = EFI_OUT_OF_RESOURCES;
845 dirent_size = tmp_size;
846 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
848 if (ret != EFI_SUCCESS)
853 if (!(dirent->attribute & EFI_FILE_DIRECTORY))
857 ret = EFI_CALL((*dirh->setpos)(dirh, 0));
858 if (ret != EFI_SUCCESS)
862 tmp_files = malloc(count * sizeof(*tmp_files));
864 ret = EFI_OUT_OF_RESOURCES;
870 tmp_size = dirent_size;
871 ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent));
872 if (ret != EFI_SUCCESS)
877 if (!(dirent->attribute & EFI_FILE_DIRECTORY) &&
878 u16_strcmp(dirent->file_name, L".") &&
879 u16_strcmp(dirent->file_name, L".."))
880 tmp_files[count++] = u16_strdup(dirent->file_name);
882 /* ignore an error */
883 EFI_CALL((*dirh->close)(dirh));
886 /* FIXME: u16 version of strcasecmp */
887 qsort(tmp_files, count, sizeof(*tmp_files),
888 (int (*)(const void *, const void *))strcasecmp);
899 * efi_capsule_read_file - read in a capsule file
900 * @filename: File name
901 * @capsule: Pointer to buffer for capsule
903 * Read a capsule file and put its content in @capsule.
905 * Return: status code
907 static efi_status_t efi_capsule_read_file(const u16 *filename,
908 struct efi_capsule_header **capsule)
910 struct efi_file_handle *dirh, *fh;
911 struct efi_file_info *file_info = NULL;
912 struct efi_capsule_header *buf = NULL;
916 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
918 EFI_FILE_MODE_READ, 0));
919 if (ret != EFI_SUCCESS)
921 ret = EFI_CALL((*dirh->open)(dirh, &fh, (u16 *)filename,
922 EFI_FILE_MODE_READ, 0));
923 /* ignore an error */
924 EFI_CALL((*dirh->close)(dirh));
925 if (ret != EFI_SUCCESS)
930 ret = EFI_CALL((*fh->getinfo)(fh, &efi_file_info_guid,
932 if (ret == EFI_BUFFER_TOO_SMALL) {
933 file_info = malloc(size);
935 ret = EFI_OUT_OF_RESOURCES;
938 ret = EFI_CALL((*fh->getinfo)(fh, &efi_file_info_guid,
941 if (ret != EFI_SUCCESS)
943 size = file_info->file_size;
947 ret = EFI_OUT_OF_RESOURCES;
952 ret = EFI_CALL((*fh->read)(fh, &size, buf));
953 if (ret == EFI_SUCCESS) {
954 if (size >= buf->capsule_image_size) {
958 ret = EFI_INVALID_PARAMETER;
964 EFI_CALL((*fh->close)(fh));
970 * efi_capsule_delete_file - delete a capsule file
971 * @filename: File name
973 * Delete a capsule file from capsule directory.
975 * Return: status code
977 static efi_status_t efi_capsule_delete_file(const u16 *filename)
979 struct efi_file_handle *dirh, *fh;
982 ret = EFI_CALL((*bootdev_root->open)(bootdev_root, &dirh,
984 EFI_FILE_MODE_READ, 0));
985 if (ret != EFI_SUCCESS)
987 ret = EFI_CALL((*dirh->open)(dirh, &fh, (u16 *)filename,
988 EFI_FILE_MODE_READ, 0));
989 /* ignore an error */
990 EFI_CALL((*dirh->close)(dirh));
992 if (ret == EFI_SUCCESS)
993 ret = EFI_CALL((*fh->delete)(fh));
999 * efi_capsule_scan_done - reset a scan help function
1001 * Reset a scan help function
1003 static void efi_capsule_scan_done(void)
1005 EFI_CALL((*bootdev_root->close)(bootdev_root));
1006 bootdev_root = NULL;
1010 * efi_load_capsule_drivers - initialize capsule drivers
1012 * Generic FMP drivers backed by DFU
1014 * Return: status code
1016 efi_status_t __weak efi_load_capsule_drivers(void)
1018 __maybe_unused efi_handle_t handle;
1019 efi_status_t ret = EFI_SUCCESS;
1021 if (IS_ENABLED(CONFIG_EFI_CAPSULE_FIRMWARE_FIT)) {
1023 ret = EFI_CALL(efi_install_multiple_protocol_interfaces(
1024 &handle, &efi_guid_firmware_management_protocol,
1025 &efi_fmp_fit, NULL));
1028 if (IS_ENABLED(CONFIG_EFI_CAPSULE_FIRMWARE_RAW)) {
1030 ret = EFI_CALL(efi_install_multiple_protocol_interfaces(
1032 &efi_guid_firmware_management_protocol,
1033 &efi_fmp_raw, NULL));
1040 * check_run_capsules - Check whether capsule update should run
1042 * The spec says OsIndications must be set in order to run the capsule update
1043 * on-disk. Since U-Boot doesn't support runtime SetVariable, allow capsules to
1044 * run explicitly if CONFIG_EFI_IGNORE_OSINDICATIONS is selected
1046 static bool check_run_capsules(void)
1052 if (IS_ENABLED(CONFIG_EFI_IGNORE_OSINDICATIONS))
1055 size = sizeof(os_indications);
1056 ret = efi_get_variable_int(L"OsIndications", &efi_global_variable_guid,
1057 NULL, &size, &os_indications, NULL);
1058 if (ret == EFI_SUCCESS &&
1060 & EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED))
1067 * efi_launch_capsule - launch capsules
1069 * Launch all the capsules in system at boot time.
1070 * Called by efi init code
1072 * Return: status codde
1074 efi_status_t efi_launch_capsules(void)
1076 struct efi_capsule_header *capsule = NULL;
1078 unsigned int nfiles, index, i;
1081 if (!check_run_capsules())
1084 index = get_last_capsule();
1087 * Find capsules on disk.
1088 * All the capsules are collected at the beginning because
1089 * capsule files will be removed instantly.
1093 ret = efi_capsule_scan_dir(&files, &nfiles);
1094 if (ret != EFI_SUCCESS)
1099 /* Launch capsules */
1100 for (i = 0, ++index; i < nfiles; i++, index++) {
1101 log_debug("Applying %ls\n", files[i]);
1104 ret = efi_capsule_read_file(files[i], &capsule);
1105 if (ret == EFI_SUCCESS) {
1106 ret = EFI_CALL(efi_update_capsule(&capsule, 1, 0));
1107 if (ret != EFI_SUCCESS)
1108 log_err("Applying capsule %ls failed\n",
1113 log_err("Reading capsule %ls failed\n", files[i]);
1115 /* create CapsuleXXXX */
1116 set_capsule_result(index, capsule, ret);
1118 /* delete a capsule either in case of success or failure */
1119 ret = efi_capsule_delete_file(files[i]);
1120 if (ret != EFI_SUCCESS)
1121 log_err("Deleting capsule %ls failed\n",
1124 efi_capsule_scan_done();
1126 for (i = 0; i < nfiles; i++)
1132 #endif /* CONFIG_EFI_CAPSULE_ON_DISK */
projects / platform / kernel / u-boot.git / blob