tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update DxeCore and FwVolDxe drivers to inherit authentication status for the FV image, if the image came from an FV image file and section in another firmware volume. 

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13368 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
lzeng14 2012-05-29 05:22:01 +00:00
parent b504f51998
commit 0c3a1db40f
10 changed files with 195 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
View File

@ -174,6 +174,109 @@ FreeFvDeviceResource (
return ;
}
/**
Firmware volume inherits authentication status from the FV image file and section(in another firmware volume)
where it came from.
@param FvDevice A pointer to the FvDevice.
**/
VOID
FwVolInheritAuthenticationStatus (
IN FV_DEVICE *FvDevice
)
{
EFI_STATUS Status;
EFI_FIRMWARE_VOLUME_HEADER *CachedFvHeader;
EFI_FIRMWARE_VOLUME_EXT_HEADER *CachedFvExtHeader;
EFI_FIRMWARE_VOLUME2_PROTOCOL *ParentFvProtocol;
UINTN Key;
EFI_GUID FileNameGuid;
EFI_FV_FILETYPE FileType;
EFI_FV_FILE_ATTRIBUTES FileAttributes;
UINTN FileSize;
EFI_SECTION_TYPE SectionType;
UINT32 AuthenticationStatus;
EFI_FIRMWARE_VOLUME_HEADER *FvHeader;
EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;
UINTN BufferSize;
CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
if (FvDevice->Fv.ParentHandle != NULL) {
//
// By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from
//
Status = gBS->HandleProtocol (FvDevice->Fv.ParentHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **) &ParentFvProtocol);
if (!EFI_ERROR (Status) && (ParentFvProtocol != NULL)) {
Key = 0;
do {
FileType = EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE;
Status = ParentFvProtocol->GetNextFile (
ParentFvProtocol,
&Key,
&FileType,
&FileNameGuid,
&FileAttributes,
&FileSize
);
if (EFI_ERROR (Status)) {
return;
}
SectionType = EFI_SECTION_FIRMWARE_VOLUME_IMAGE;
FvHeader = NULL;
BufferSize = 0;
Status = ParentFvProtocol->ReadSection (
ParentFvProtocol,
&FileNameGuid,
SectionType,
0,
(VOID **) &FvHeader,
&BufferSize,
&AuthenticationStatus
);
if (!EFI_ERROR (Status)) {
if ((FvHeader->FvLength == CachedFvHeader->FvLength) &&
(FvHeader->ExtHeaderOffset == CachedFvHeader->ExtHeaderOffset)) {
if (FvHeader->ExtHeaderOffset !=0) {
//
// Both FVs contain extension header, then compare their FV Name GUID
//
FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *) ((UINTN) FvHeader + FvHeader->ExtHeaderOffset);
CachedFvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *) ((UINTN) CachedFvHeader + CachedFvHeader->ExtHeaderOffset);
if (CompareGuid (&FvExtHeader->FvName, &CachedFvExtHeader->FvName)) {
//
// Found the FV image section where the firmware volume came from,
// and then inherit authentication status from it.
//
FvDevice->AuthenticationStatus = AuthenticationStatus;
FreePool ((VOID *) FvHeader);
return;
}
} else {
//
// Both FVs don't contain extension header, then compare their whole FV Image.
//
if (CompareMem ((VOID *) FvHeader, (VOID *) CachedFvHeader, FvHeader->FvLength) == 0) {
//
// Found the FV image section where the firmware volume came from
// and then inherit authentication status from it.
//
FvDevice->AuthenticationStatus = AuthenticationStatus;
FreePool ((VOID *) FvHeader);
return;
}
}
}
FreePool ((VOID *) FvHeader);
}
} while (TRUE);
}
}
}
/**
Check if an FV is consistent and allocate cache for it.
@ -612,6 +715,7 @@ FwVolDriverInit (
FvDevice->Fv.KeySize = KEYSIZE;
FvDevice->Fv.GetInfo = FvGetVolumeInfo;
FvDevice->Fv.SetInfo = FvSetVolumeInfo;
FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
Status = FvCheck (FvDevice);
if (EFI_ERROR (Status)) {
@ -622,6 +726,8 @@ FwVolDriverInit (
continue;
}
FwVolInheritAuthenticationStatus (FvDevice);
if (Reinstall) {
//
// Reinstall an New FV protocol

3
IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
View File

@ -1,7 +1,7 @@
/** @file
Common defines and definitions for a FwVolDxe driver.
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions
@ -94,6 +94,7 @@ typedef struct {
FFS_FILE_LIST_ENTRY *CurrentFfsFile;
BOOLEAN IsFfs3Fv;
UINT32 AuthenticationStatus;
} FV_DEVICE;
#define FV_DEVICE_FROM_THIS(a) CR (a, FV_DEVICE, Fv, FV_DEVICE_SIGNATURE)

13
IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolRead.c
View File

@ -1,7 +1,7 @@
/** @file
Implements functions to read firmware file.
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions
@ -510,6 +510,7 @@ FvReadFileSection (
)
{
EFI_STATUS Status;
FV_DEVICE *FvDevice;
EFI_FV_ATTRIBUTES FvAttributes;
EFI_FV_FILETYPE FileType;
EFI_FV_FILE_ATTRIBUTES FileAttributes;
@ -522,6 +523,8 @@ FvReadFileSection (
return EFI_INVALID_PARAMETER;
}
FvDevice = FV_DEVICE_FROM_THIS (This);
Status = This->GetVolumeAttributes (This, &FvAttributes);
if (EFI_ERROR (Status)) {
return Status;
@ -607,6 +610,14 @@ FvReadFileSection (
AuthenticationStatus
);
}
if (!EFI_ERROR (Status)) {
//
// Inherit the authentication status.
//
*AuthenticationStatus |= FvDevice->AuthenticationStatus;
}
//
// Handle AuthenticationStatus if necessary
//

3
MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c
View File

@ -26,7 +26,7 @@
Depex - Dependency Expresion.
SOR - Schedule On Request - Don't schedule if this bit is set.
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -1039,6 +1039,7 @@ CoreProcessFvImageFile (
(EFI_PHYSICAL_ADDRESS) (UINTN) AlignedBuffer,
(UINT64)BufferSize,
FvHandle,
AuthenticationStatus,
NULL
);
}

18
MdeModulePkg/Core/Dxe/DxeMain.h
View File

@ -2429,6 +2429,19 @@ FwVolBlockDriverInit (
IN EFI_SYSTEM_TABLE *SystemTable
);
/**
Get FVB authentication status
@param FvbProtocol FVB protocol.
@return Authentication status.
**/
UINT32
GetFvbAuthenticationStatus (
IN EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol
);
/**
This routine produces a firmware volume block protocol on a given
@ -2437,8 +2450,10 @@ FwVolBlockDriverInit (
@param BaseAddress base address of the firmware volume image
@param Length length of the firmware volume image
@param ParentHandle handle of parent firmware volume, if this image
came from an FV image file in another firmware
came from an FV image file and section in another firmware
volume (ala capsules)
@param AuthenticationStatus Authentication status inherited, if this image
came from an FV image file and section in another firmware volume.
@param FvProtocol Firmware volume block protocol produced.
@retval EFI_VOLUME_CORRUPTED Volume corrupted.
@ -2452,6 +2467,7 @@ ProduceFVBProtocolOnBuffer (
IN EFI_PHYSICAL_ADDRESS BaseAddress,
IN UINT64 Length,
IN EFI_HANDLE ParentHandle,
IN UINT32 AuthenticationStatus,
OUT EFI_HANDLE *FvProtocol OPTIONAL
);

11
MdeModulePkg/Core/Dxe/FwVol/FwVol.c
View File

@ -45,6 +45,8 @@ FV_DEVICE mFvDevice = {
NULL,
NULL,
{ NULL, NULL },
0,
FALSE,
0
};
@ -638,8 +640,15 @@ NotifyFwVolBlock (
FvDevice->Fvb = Fvb;
FvDevice->Handle = Handle;
FvDevice->FwVolHeader = FwVolHeader;
FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
FvDevice->IsFfs3Fv = CompareGuid (&FwVolHeader->FileSystemGuid, &gEfiFirmwareFileSystem3Guid);
FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
if (Fvb->ParentHandle != NULL) {
//
// Inherit the authentication status from FVB.
//
FvDevice->AuthenticationStatus = GetFvbAuthenticationStatus (Fvb);
}
if (!EFI_ERROR (FvCheck (FvDevice))) {
//

1
MdeModulePkg/Core/Dxe/FwVol/FwVolDriver.h
View File

@ -44,6 +44,7 @@ typedef struct {
UINT8 ErasePolarity;
BOOLEAN IsFfs3Fv;
UINT32 AuthenticationStatus;
} FV_DEVICE;
#define FV_DEVICE_FROM_THIS(a) CR(a, FV_DEVICE, Fv, FV2_DEVICE_SIGNATURE)

9
MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c
View File

@ -1,7 +1,7 @@
/** @file
Implements functions to read firmware file
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -484,6 +484,13 @@ FvReadFileSection (
FvDevice->IsFfs3Fv
);
if (!EFI_ERROR (Status)) {
//
// Inherit the authentication status.
//
*AuthenticationStatus |= FvDevice->AuthenticationStatus;
}
//
// Close of stream defered to close of FfsHeader list to allow SEP to cache data
//

38
MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
View File

@ -4,7 +4,7 @@
It consumes FV HOBs and creates read-only Firmare Volume Block protocol
instances for each of them.
Copyright (c) 2006 - 2008, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -81,6 +81,7 @@ EFI_FW_VOL_BLOCK_DEVICE mFwVolBlock = {
0,
NULL,
0,
0,
0
};
@ -402,7 +403,31 @@ FwVolBlockGetBlockSize (
return EFI_SUCCESS;
}
/**
Get FVB authentication status
@param FvbProtocol FVB protocol.
@return Authentication status.
**/
UINT32
GetFvbAuthenticationStatus (
IN EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol
)
{
EFI_FW_VOL_BLOCK_DEVICE *FvbDevice;
UINT32 AuthenticationStatus;
AuthenticationStatus = 0;
FvbDevice = BASE_CR (FvbProtocol, EFI_FW_VOL_BLOCK_DEVICE, FwVolBlockInstance);
if (FvbDevice->Signature == FVB_DEVICE_SIGNATURE) {
AuthenticationStatus = FvbDevice->AuthenticationStatus;
}
return AuthenticationStatus;
}
/**
This routine produces a firmware volume block protocol on a given
@ -411,8 +436,10 @@ FwVolBlockGetBlockSize (
@param BaseAddress base address of the firmware volume image
@param Length length of the firmware volume image
@param ParentHandle handle of parent firmware volume, if this image
came from an FV image file in another firmware
came from an FV image file and section in another firmware
volume (ala capsules)
@param AuthenticationStatus Authentication status inherited, if this image
came from an FV image file and section in another firmware volume.
@param FvProtocol Firmware volume block protocol produced.
@retval EFI_VOLUME_CORRUPTED Volume corrupted.
@ -426,6 +453,7 @@ ProduceFVBProtocolOnBuffer (
IN EFI_PHYSICAL_ADDRESS BaseAddress,
IN UINT64 Length,
IN EFI_HANDLE ParentHandle,
IN UINT32 AuthenticationStatus,
OUT EFI_HANDLE *FvProtocol OPTIONAL
)
{
@ -473,6 +501,9 @@ ProduceFVBProtocolOnBuffer (
FvbDev->BaseAddress = BaseAddress;
FvbDev->FvbAttributes = FwVolHeader->Attributes;
FvbDev->FwVolBlockInstance.ParentHandle = ParentHandle;
if (ParentHandle != NULL) {
FvbDev->AuthenticationStatus = AuthenticationStatus;
}
//
// Init the block caching fields of the device
@ -587,7 +618,7 @@ FwVolBlockDriverInit (
//
// Produce an FVB protocol for it
//
ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, NULL);
ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, 0, NULL);
FvHob.Raw = GET_NEXT_HOB (FvHob);
}
@ -629,6 +660,7 @@ CoreProcessFirmwareVolume (
(EFI_PHYSICAL_ADDRESS) (UINTN) FvHeader,
(UINT64)Size,
NULL,
0,
FVProtocolHandle
);
//

3
MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.h
View File

@ -2,7 +2,7 @@
Firmware Volume Block protocol functions.
Consumes FV hobs and creates appropriate block protocols.
Copyright (c) 2006 - 2008, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -47,6 +47,7 @@ typedef struct {
LBA_CACHE *LbaCache;
UINT32 FvbAttributes;
EFI_PHYSICAL_ADDRESS BaseAddress;
UINT32 AuthenticationStatus;
} EFI_FW_VOL_BLOCK_DEVICE;