From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Sughosh Ganu <sughosh.ganu@linaro.org>
Cc: u-boot@lists.denx.de, Heinrich Schuchardt <xypron.glpk@gmx.de>,
AKASHI Takahiro <takahiro.akashi@linaro.org>,
Ying-Chun Liu <paul.liu@linaro.org>,
Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>,
Heiko Thiery <heiko.thiery@gmail.com>,
Frieder Schrempf <frieder.schrempf@kontron.de>,
Michael Walle <michael@walle.cc>,
Masami Hiramatsu <masami.hiramatsu@linaro.org>,
Jassi Brar <jaswinder.singh@linaro.org>,
Michal Simek <monstr@monstr.eu>,
Michal Simek <michal.simek@xilinx.com>
Subject: Re: [PATCH v4 3/8] capsule: Put a check for image index before the update
Date: Thu, 31 Mar 2022 21:47:08 +0300 [thread overview]
Message-ID: <YkX3LICJsJQobeJq@hades> (raw)
In-Reply-To: <20220331132750.1532722-4-sughosh.ganu@linaro.org>
On Thu, Mar 31, 2022 at 06:57:45PM +0530, Sughosh Ganu wrote:
> The current capsule update code compares the image GUID value in the
> capsule header with the image GUID value obtained from the
> GetImageInfo function of the Firmware Management Protocol(FMP). This
> comparison is done to ascertain if the FMP's SetImage function can be
> called for the update. Make this checking more robust by comparing the
> image_index value passed through the capsule with that returned by the
> FMP's GetImageInfo function. This protects against the scenario of the
> firmware being updated in a wrong partition/location on the storage
> device if an incorrect value has been passed through the capsule,
> since the image_index is used to determine the location of the update
> on the storage device.
>
> Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
> Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
> ---
>
> Changes since V3: None
>
> lib/efi_loader/efi_capsule.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
> index f00440163d..f03f4c9044 100644
> --- a/lib/efi_loader/efi_capsule.c
> +++ b/lib/efi_loader/efi_capsule.c
> @@ -128,6 +128,7 @@ void set_capsule_result(int index, struct efi_capsule_header *capsule,
> /**
> * efi_fmp_find - search for Firmware Management Protocol drivers
> * @image_type: Image type guid
> + * @image_index: Image Index
> * @instance: Instance number
> * @handles: Handles of FMP drivers
> * @no_handles: Number of handles
> @@ -141,8 +142,8 @@ void set_capsule_result(int index, struct efi_capsule_header *capsule,
> * * NULL - on failure
> */
> static struct efi_firmware_management_protocol *
> -efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles,
> - efi_uintn_t no_handles)
> +efi_fmp_find(efi_guid_t *image_type, u8 image_index, u64 instance,
> + efi_handle_t *handles, efi_uintn_t no_handles)
> {
> efi_handle_t *handle;
> struct efi_firmware_management_protocol *fmp;
> @@ -203,6 +204,7 @@ efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles,
> log_debug("+++ desc[%d] index: %d, name: %ls\n",
> j, desc->image_index, desc->image_id_name);
> if (!guidcmp(&desc->image_type_id, image_type) &&
> + (desc->image_index == image_index) &&
> (!instance ||
> !desc->hardware_instance ||
> desc->hardware_instance == instance))
> @@ -449,8 +451,8 @@ static efi_status_t efi_capsule_update_firmware(
> }
>
> /* find a device for update firmware */
> - /* TODO: should we pass index as well, or nothing but type? */
> fmp = efi_fmp_find(&image->update_image_type_id,
> + image->update_image_index,
> image->update_hardware_instance,
> handles, no_handles);
> if (!fmp) {
> --
> 2.25.1
>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
next prev parent reply other threads:[~2022-03-31 18:47 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-31 13:27 [PATCH v4 0/8] efi: capsule: Capsule Update fixes and enhancements Sughosh Ganu
2022-03-31 13:27 ` [PATCH v4 1/8] capsule: Add Image GUIDs and image index for platforms using capsule updates Sughosh Ganu
2022-03-31 14:03 ` Ilias Apalodimas
2022-03-31 13:27 ` [PATCH v4 2/8] capsule: FMP: Populate the image descriptor array from platform data Sughosh Ganu
2022-03-31 15:08 ` Ilias Apalodimas
2022-03-31 16:29 ` Sughosh Ganu
2022-03-31 13:27 ` [PATCH v4 3/8] capsule: Put a check for image index before the update Sughosh Ganu
2022-03-31 18:47 ` Ilias Apalodimas [this message]
2022-03-31 13:27 ` [PATCH v4 4/8] board: Define set_dfu_alt_info() for boards with UEFI capsule update enabled Sughosh Ganu
2022-03-31 14:08 ` Masami Hiramatsu
2022-03-31 19:35 ` Ilias Apalodimas
2022-04-01 6:58 ` Sughosh Ganu
2022-04-01 9:55 ` Ilias Apalodimas
2022-03-31 13:27 ` [PATCH v4 5/8] test: capsule: Modify the capsule tests to use GUID values for sandbox Sughosh Ganu
2022-03-31 13:27 ` [PATCH v4 6/8] FMP: Remove GUIDs for FIT and raw images Sughosh Ganu
2022-03-31 18:10 ` Ilias Apalodimas
2022-03-31 13:27 ` [PATCH v4 7/8] mkeficapsule: Remove raw and FIT GUID types Sughosh Ganu
2022-03-31 18:10 ` Ilias Apalodimas
2022-03-31 13:27 ` [PATCH v4 8/8] doc: uefi: Update the capsule update related documentation Sughosh Ganu
2022-03-31 18:14 ` Ilias Apalodimas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YkX3LICJsJQobeJq@hades \
--to=ilias.apalodimas@linaro.org \
--cc=frieder.schrempf@kontron.de \
--cc=heiko.thiery@gmail.com \
--cc=jaswinder.singh@linaro.org \
--cc=masami.hiramatsu@linaro.org \
--cc=michael@walle.cc \
--cc=michal.simek@xilinx.com \
--cc=monstr@monstr.eu \
--cc=paul.liu@linaro.org \
--cc=sughosh.ganu@linaro.org \
--cc=takahiro.akashi@linaro.org \
--cc=tuomas.tynkkynen@iki.fi \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.