SystemFirmwareReportDxe.c File Reference

#include "SystemFirmwareDxe.h"

Go to the source code of this file.

Functions
EFI_STATUS	DispatchSystemFmpImages (IN VOID *Image, IN UINTN ImageSize, OUT UINT32 *LastAttemptVersion, OUT UINT32 *LastAttemptStatus)
EFI_STATUS EFIAPI	FmpSetImage (IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, IN UINT8 ImageIndex, IN CONST VOID *Image, IN UINTN ImageSize, IN CONST VOID *VendorCode, IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OUT CHAR16 **AbortReason)
EFI_STATUS EFIAPI	SystemFirmwareReportMainDxe (IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable)

Variables
SYSTEM_FMP_PRIVATE_DATA *	mSystemFmpPrivate = NULL

Detailed Description

SetImage instance to report system firmware and act as agent to system update.

Caution: This module requires additional review when modified. This module will have external input - capsule image. This external input must be validated carefully to avoid security issue like buffer overflow, integer overflow.

FmpSetImage() will receive untrusted input and do basic validation.

Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file SystemFirmwareReportDxe.c.

Function Documentation

DispatchSystemFmpImages()

EFI_STATUS DispatchSystemFmpImages	(	IN VOID *	Image,
		IN UINTN	ImageSize,
		OUT UINT32 *	LastAttemptVersion,
		OUT UINT32 *	LastAttemptStatus
	)

Dispatch system FMP images.

Caution: This function may receive untrusted input.

Parameters

[in]	Image	The EDKII system FMP capsule image.
[in]	ImageSize	The size of the EDKII system FMP capsule image in bytes.
[out]	LastAttemptVersion	The last attempt version, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.
[out]	LastAttemptStatus	The last attempt status, which will be recorded in ESRT and FMP EFI_FIRMWARE_IMAGE_DESCRIPTOR.

Return values

EFI_SUCCESS	Process Capsule Image successfully.
EFI_UNSUPPORTED	Capsule image is not supported by the firmware.
EFI_VOLUME_CORRUPTED	FV volume in the capsule is corrupted.
EFI_OUT_OF_RESOURCES	Not enough memory.

Definition at line 39 of file SystemFirmwareReportDxe.c.

FmpSetImage()

EFI_STATUS EFIAPI FmpSetImage	(	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *	This,
		IN UINT8	ImageIndex,
		IN CONST VOID *	Image,
		IN UINTN	ImageSize,
		IN CONST VOID *	VendorCode,
		IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS	Progress,
		OUT CHAR16 **	AbortReason
	)

Updates the firmware image of the device.

This function updates the hardware with the new firmware image. This function returns EFI_UNSUPPORTED if the firmware image is not updatable. If the firmware image is updatable, the function should perform the following minimal validations before proceeding to do the firmware image update.

• Validate the image authentication if image has attribute IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns EFI_SECURITY_VIOLATION if the validation fails.
• Validate the image is a supported image for this device. The function returns EFI_ABORTED if the image is unsupported. The function can optionally provide more detailed information on why the image is not a supported image.
• Validate the data from VendorCode if not null. Image validation must be performed before VendorCode data validation. VendorCode data is ignored or considered invalid if image validation failed. The function returns EFI_ABORTED if the data is invalid.

VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if the caller did not specify the policy or use the default policy. As an example, vendor can implement a policy to allow an option to force a firmware image update when the abort reason is due to the new firmware image version is older than the current firmware image version or bad image checksum. Sensitive operations such as those wiping the entire firmware image and render the device to be non-functional should be encoded in the image itself rather than passed with the VendorCode. AbortReason enables vendor to have the option to provide a more detailed description of the abort reason to the caller.

Parameters

[in]	This	A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.
[in]	ImageIndex	A unique number identifying the firmware image(s) within the device. The number is between 1 and DescriptorCount.
[in]	Image	Points to the new image.
[in]	ImageSize	Size of the new image in bytes.
[in]	VendorCode	This enables vendor to implement vendor-specific firmware image update policy. Null indicates the caller did not specify the policy or use the default policy.
[in]	Progress	A function used by the driver to report the progress of the firmware update.
[out]	AbortReason	A pointer to a pointer to a null-terminated string providing more details for the aborted operation. The buffer is allocated by this function with AllocatePool(), and it is the caller's responsibility to free it with a call to FreePool().

Return values

EFI_SUCCESS	The device was successfully updated with the new image.
EFI_ABORTED	The operation is aborted.
EFI_INVALID_PARAMETER	The Image was NULL.
EFI_UNSUPPORTED	The operation is not supported.
EFI_SECURITY_VIOLATION	The operation could not be performed due to an authentication failure.

Definition at line 147 of file SystemFirmwareReportDxe.c.

SystemFirmwareReportMainDxe()

EFI_STATUS EFIAPI SystemFirmwareReportMainDxe	(	IN EFI_HANDLE	ImageHandle,
		IN EFI_SYSTEM_TABLE *	SystemTable
	)

System FMP module entrypoint

Parameters

[in]	ImageHandle	The firmware allocated handle for the EFI image.
[in]	SystemTable	A pointer to the EFI System Table.

Returns

EFI_SUCCESS System FMP module is initialized.

Definition at line 232 of file SystemFirmwareReportDxe.c.

Variable Documentation

mSystemFmpPrivate

SYSTEM_FMP_PRIVATE_DATA* mSystemFmpPrivate = NULL

Definition at line 21 of file SystemFirmwareReportDxe.c.