From patchwork Fri Jun 11 16:15:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Vincent_Stehl=C3=A9?= X-Patchwork-Id: 458505 Delivered-To: patch@linaro.org Received: by 2002:a02:735a:0:0:0:0:0 with SMTP id a26csp1086996jae; Fri, 11 Jun 2021 09:18:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwuKDK6iwALzqhqRSwXsG66BPlJ+7VwwErWfwUokUmiZuQx8rfnxfRYZcygnCy1G/h8D7rb X-Received: by 2002:a05:6402:1593:: with SMTP id c19mr4678927edv.66.1623428285599; Fri, 11 Jun 2021 09:18:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623428285; cv=none; d=google.com; s=arc-20160816; b=FBG4Bwm/X1GpL7mPKZGX4uzN+yH/ZbDyGKvA8U86lNe3tPy8cvzNYs9jxwopOlpDh2 ajRtaVT4Fe1eWUD6nliJ7+7CKCRsSU7Y1qmfAT+6ve9yShps7dFKcoTTCNA6SPWjLrmh eb5ZgytP1DiImXY3tpBlkeHYWZTIkE1OeFTmBBZV4oM+ouGyKbuqPbSKHAYdqzCNy40B S0egQIKAZoIuF5pH75IUmsE07O3iFIg7qZtB+cwQtdUxBQCmO7VBH8zmCR/NQWrLAUix RM7stNndlXyzt/BMLbFIe17FO2pbCGp0sOHjwGRcTWRizlsYSrV7IQXxJU6FJf2aP6vX VN3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from; bh=swldNRttG4vy1LsDnwqujLo81z2co8ZPbZqHg3t+zM0=; b=v/Qto8qvAbT86U3muUdp+wrF+j7Wy0QA/K/a+wCMfO03DIHiZMjparnpmObyE/nqyU gCYZtMaf7CNGkKteER5J6VppkmHbiYIy4D7hxm0pCZIFx3wpILaXxuEbS5epkRgZN8qt NEKIVtqKGgfANHYfehQc0leTg/Q2o+M/vrryAAT+Hu0gbYcUu6xK9PMkuucrOoeHhoSL P2ISnTC6sGEg57bccxEROvMVIlkJEpv/wBnyZO51xTKFrzNodCMcZJDME9iH3JBiv+7k 3u5fjvmXwIt32u21tEnUlwZR1tSmlIGVaYnlChNpfDk9mjpeEM84RJr5Ikhr4i/bqF5R ixfg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id jo17si5281933ejb.32.2021.06.11.09.18.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 11 Jun 2021 09:18:05 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E45718288D; Fri, 11 Jun 2021 18:16:40 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 90AD582900; Fri, 11 Jun 2021 18:16:39 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 782858288D for ; Fri, 11 Jun 2021 18:16:36 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=vincent.stehle@arm.com Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C41E8D6E; Fri, 11 Jun 2021 09:16:35 -0700 (PDT) Received: from localhost.localdomain (unknown [10.57.40.126]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1DFE33F719; Fri, 11 Jun 2021 09:16:33 -0700 (PDT) From: =?utf-8?q?Vincent_Stehl=C3=A9?= To: u-boot@lists.denx.de Cc: =?utf-8?q?Vincent_Stehl=C3=A9?= , Grant Likely , Heinrich Schuchardt , Alexander Graf Subject: [PATCH] efi_loader: check update capsule parameters Date: Fri, 11 Jun 2021 18:15:20 +0200 Message-Id: <20210611161520.30315-1-vincent.stehle@arm.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean UpdateCapsule() must return EFI_INVALID_PARAMETER in a number of cases, listed by the UEFI specification and tested by the SCT. Add a common function to do that. This fixes SCT UpdateCapsule_Conf failures. Reviewed-by: Grant Likely Signed-off-by: Vincent Stehlé Cc: Heinrich Schuchardt Cc: Alexander Graf --- include/efi_loader.h | 24 ++++++++++++++++++++++++ lib/efi_loader/efi_capsule.c | 8 ++++---- lib/efi_loader/efi_runtime.c | 8 ++++++++ 3 files changed, 36 insertions(+), 4 deletions(-) -- 2.30.2 diff --git a/include/efi_loader.h b/include/efi_loader.h index 0a9c82a257e..426d1c72d7d 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -910,6 +910,30 @@ extern const struct efi_firmware_management_protocol efi_fmp_fit; extern const struct efi_firmware_management_protocol efi_fmp_raw; /* Capsule update */ +static inline efi_status_t +efi_valid_update_capsule_params(struct efi_capsule_header + **capsule_header_array, + efi_uintn_t capsule_count, + u64 scatter_gather_list) +{ + u32 flags; + + if (!capsule_count) + return EFI_INVALID_PARAMETER; + + flags = capsule_header_array[0]->flags; + + if (((flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) && + !scatter_gather_list) || + ((flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) && + !(flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)) || + ((flags & CAPSULE_FLAGS_INITIATE_RESET) && + !(flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET))) + return EFI_INVALID_PARAMETER; + + return EFI_SUCCESS; +} + efi_status_t EFIAPI efi_update_capsule( struct efi_capsule_header **capsule_header_array, efi_uintn_t capsule_count, diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index 60309d4a07d..380cfd70290 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -442,12 +442,12 @@ efi_status_t EFIAPI efi_update_capsule( EFI_ENTRY("%p, %zu, %llu\n", capsule_header_array, capsule_count, scatter_gather_list); - if (!capsule_count) { - ret = EFI_INVALID_PARAMETER; + ret = efi_valid_update_capsule_params(capsule_header_array, + capsule_count, + scatter_gather_list); + if (ret != EFI_SUCCESS) goto out; - } - ret = EFI_SUCCESS; for (i = 0, capsule = *capsule_header_array; i < capsule_count; i++, capsule = *(++capsule_header_array)) { /* sanity check */ diff --git a/lib/efi_loader/efi_runtime.c b/lib/efi_loader/efi_runtime.c index 93a695fc27e..449ad8b9f36 100644 --- a/lib/efi_loader/efi_runtime.c +++ b/lib/efi_loader/efi_runtime.c @@ -467,6 +467,14 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule_unsupported( efi_uintn_t capsule_count, u64 scatter_gather_list) { + efi_status_t ret; + + ret = efi_valid_update_capsule_params(capsule_header_array, + capsule_count, + scatter_gather_list); + if (ret != EFI_SUCCESS) + return ret; + return EFI_UNSUPPORTED; }