From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: hao.a.wu@intel.com, jian.j.wang@intel.com,
michael.d.kinney@intel.com,
Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH v2] MdeModulePkg/DxeCapsuleLibFmp: avoid ESRT accesses at runtime
Date: Sat, 20 Apr 2019 12:34:54 +0200 [thread overview]
Message-ID: <20190420103454.5148-1-ard.biesheuvel@linaro.org> (raw)
The DxeCapsuleLibFmp code accesses the ESRT table to decide whether
a certain capsule is an FMP capsule. Since the UEFI spec mandates
that the ESRT resides in EfiBootServicesData memory, this results
in problems at OS runtime, since the firmware implementation itself
cannot access memory that has not been virtually remapped.
So let's take a private copy of the ESRT at ReadyToBoot, and store
it in EfiRuntimeServicesData memory. The ESRT's size is order 10s
of bytes so the memory footprint is going to be negligigble.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
v2: copy the whole table instead of just the list of GUIDs
Still build tested only.
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c | 58 ++++++++++++++++----
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf | 1 +
2 files changed, 49 insertions(+), 10 deletions(-)
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
index 602921d13c06..9e0327afb53b 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
@@ -23,6 +23,7 @@
extern EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable;
extern BOOLEAN mIsVirtualAddrConverted;
EFI_EVENT mDxeRuntimeCapsuleLibVirtualAddressChangeEvent = NULL;
+EFI_EVENT mDxeRuntimeCapsuleLibReadyToBootEvent = NULL;
/**
Convert EsrtTable physical address to virtual address.
@@ -38,8 +39,28 @@ DxeCapsuleLibVirtualAddressChangeEvent (
IN VOID *Context
)
{
- UINTN Index;
- EFI_CONFIGURATION_TABLE *ConfigEntry;
+ gRT->ConvertPointer (EFI_OPTIONAL_PTR, (VOID **)&mEsrtTable);
+ mIsVirtualAddrConverted = TRUE;
+}
+
+/**
+ Notify function for event group EFI_EVENT_GROUP_READY_TO_BOOT.
+
+ @param[in] Event The Event that is being processed.
+ @param[in] Context The Event Context.
+
+**/
+STATIC
+VOID
+EFIAPI
+DxeCapsuleLibReadyToBootEventNotify (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ UINTN Index;
+ EFI_CONFIGURATION_TABLE *ConfigEntry;
+ EFI_SYSTEM_RESOURCE_TABLE *EsrtTable;
//
// Get Esrt table first
@@ -59,16 +80,14 @@ DxeCapsuleLibVirtualAddressChangeEvent (
//
// Search Esrt to check given capsule is qualified
//
- mEsrtTable = (EFI_SYSTEM_RESOURCE_TABLE *) ConfigEntry->VendorTable;
+ EsrtTable = (EFI_SYSTEM_RESOURCE_TABLE *) ConfigEntry->VendorTable;
- //
- // Update protocol pointer to Esrt Table.
- //
- gRT->ConvertPointer (0x00, (VOID**) &(mEsrtTable));
+ mEsrtTable = AllocateRuntimeCopyPool (
+ sizeof (EFI_SYSTEM_RESOURCE_TABLE) +
+ EsrtTable->FwResourceCount * sizeof (EFI_SYSTEM_RESOURCE_ENTRY),
+ EsrtTable);
+ ASSERT (mEsrtTable != NULL);
}
-
- mIsVirtualAddrConverted = TRUE;
-
}
/**
@@ -101,6 +120,19 @@ DxeRuntimeCapsuleLibConstructor (
);
ASSERT_EFI_ERROR (Status);
+ //
+ // Register notify function to cache the FMP capsule GUIDs at ReadyToBoot.
+ //
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ DxeCapsuleLibReadyToBootEventNotify,
+ NULL,
+ &gEfiEventReadyToBootGuid,
+ &mDxeRuntimeCapsuleLibReadyToBootEvent
+ );
+ ASSERT_EFI_ERROR (Status);
+
return EFI_SUCCESS;
}
@@ -127,5 +159,11 @@ DxeRuntimeCapsuleLibDestructor (
Status = gBS->CloseEvent (mDxeRuntimeCapsuleLibVirtualAddressChangeEvent);
ASSERT_EFI_ERROR (Status);
+ //
+ // Close the ReadyToBoot event.
+ //
+ Status = gBS->CloseEvent (mDxeRuntimeCapsuleLibReadyToBootEvent);
+ ASSERT_EFI_ERROR (Status);
+
return EFI_SUCCESS;
}
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
index 700d0d5dcddd..2c93e6870023 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
@@ -66,6 +66,7 @@
gEfiCapsuleReportGuid
gEfiCapsuleVendorGuid ## SOMETIMES_CONSUMES ## Variable:L"CapsuleUpdateData"
gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
+ gEfiEventReadyToBootGuid ## CONSUMES ## Event
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
[Depex]
--
2.20.1
next reply other threads:[~2019-04-20 10:35 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-20 10:34 Ard Biesheuvel [this message]
2019-04-22 7:14 ` [edk2-devel] [PATCH v2] MdeModulePkg/DxeCapsuleLibFmp: avoid ESRT accesses at runtime Wu, Hao A
2019-04-22 22:03 ` Ard Biesheuvel
2019-04-22 22:37 ` Michael D Kinney
2019-04-22 22:40 ` Ard Biesheuvel
2019-04-22 23:02 ` Michael D Kinney
2019-04-23 16:52 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190420103454.5148-1-ard.biesheuvel@linaro.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox