| Message ID | 20230216163003.2343218-1-etienne.carriere@linaro.org |
|---|---|
| State | Superseded |
| Headers | show |
| Series | efi_loader: set CapsuleMax from CONFIG_EFI_CAPSULE_MAX | expand |
On 2/16/23 17:30, Etienne Carriere wrote: > Adds CONFIG_EFI_CAPSULE_MAX to configure the max index value used in > EFI capsule reports. The config default value is 65535 as the index max > value used before this change. Platforms with limited storage capacity > can set a lower configuration value to prevent storage capacity > overflow or even waste of storage space. > > Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> > --- > lib/efi_loader/Kconfig | 8 ++++++ > lib/efi_loader/efi_capsule.c | 48 +++++++++++++++++++++++++----------- > lib/efi_loader/efi_setup.c | 7 +++++- > 3 files changed, 48 insertions(+), 15 deletions(-) > > diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig > index c56904afc2..69bb66e09c 100644 > --- a/lib/efi_loader/Kconfig > +++ b/lib/efi_loader/Kconfig > @@ -226,6 +226,14 @@ config EFI_CAPSULE_AUTHENTICATE > Select this option if you want to enable capsule > authentication > > +config EFI_CAPSULE_MAX > + int "Max value for capsule index" > + default 65535 This number of variables does not fit into any variable store. CONFIG_EFI_VAR_BUF_SIZE defaults to 16 KiB. A maximum of 16 coexisting Capsule#### variables would be a reasonable number. As there seems to be no process that deletes Capsule####, please, default to 15. Best regards Heinrich > + range 0 65535 > + help > + Select the max capsule index value used for capsule report > + variables. This value is used to create CapsuleMax variable. > + > config EFI_DEVICE_PATH_TO_TEXT > bool "Device path to text protocol" > default y > diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c > index 0997cd248f..d5d3ede7ae 100644 > --- a/lib/efi_loader/efi_capsule.c > +++ b/lib/efi_loader/efi_capsule.c > @@ -45,17 +45,7 @@ const efi_guid_t fwu_guid_os_request_fw_accept = > static struct efi_file_handle *bootdev_root; > #endif > > -/** > - * get_last_capsule - get the last capsule index > - * > - * Retrieve the index of the capsule invoked last time from "CapsuleLast" > - * variable. > - * > - * Return: > - * * > 0 - the last capsule index invoked > - * * 0xffff - on error, or no capsule invoked yet > - */ > -static __maybe_unused unsigned int get_last_capsule(void) > +static __maybe_unused unsigned int get_capsule_index(const u16 *variable_name) > { > u16 value16[11]; /* "CapsuleXXXX": non-null-terminated */ > char value[5]; > @@ -65,7 +55,7 @@ static __maybe_unused unsigned int get_last_capsule(void) > int i; > > size = sizeof(value16); > - ret = efi_get_variable_int(u"CapsuleLast", &efi_guid_capsule_report, > + ret = efi_get_variable_int(variable_name, &efi_guid_capsule_report, > NULL, &size, value16, NULL); > if (ret != EFI_SUCCESS || size != 22 || > u16_strncmp(value16, u"Capsule", 7)) > @@ -84,6 +74,35 @@ err: > return index; > } > > +/** > + * get_last_capsule - get the last capsule index > + * > + * Retrieve the index of the capsule invoked last time from "CapsuleLast" > + * variable. > + * > + * Return: > + * * > 0 - the last capsule index invoked > + * * 0xffff - on error, or no capsule invoked yet > + */ > +static __maybe_unused unsigned int get_last_capsule(void) > +{ > + return get_capsule_index(u"CapsuleLast"); > +} > + > +/** > + * get_max_capsule - get the max capsule index > + * > + * Retrieve the max capsule index value from "CapsuleMax" variable. > + * > + * Return: > + * * > 0 - the max capsule index > + * * 0xffff - on error, or "CapsuleMax" variable does not exist > + */ > +static __maybe_unused unsigned int get_max_capsule(void) > +{ > + return get_capsule_index(u"CapsuleMax"); > +} > + > /** > * set_capsule_result - set a result variable > * @capsule: Capsule > @@ -1290,7 +1309,7 @@ efi_status_t efi_launch_capsules(void) > { > struct efi_capsule_header *capsule = NULL; > u16 **files; > - unsigned int nfiles, index, i; > + unsigned int nfiles, index, index_max, i; > efi_status_t ret; > bool capsule_update = true; > bool update_status = true; > @@ -1299,6 +1318,7 @@ efi_status_t efi_launch_capsules(void) > if (check_run_capsules() != EFI_SUCCESS) > return EFI_SUCCESS; > > + index_max = get_max_capsule(); > index = get_last_capsule(); > > /* > @@ -1317,7 +1337,7 @@ efi_status_t efi_launch_capsules(void) > /* Launch capsules */ > for (i = 0, ++index; i < nfiles; i++, index++) { > log_debug("Applying %ls\n", files[i]); > - if (index > 0xffff) > + if (index > index_max) > index = 0; > ret = efi_capsule_read_file(files[i], &capsule); > if (ret == EFI_SUCCESS) { > diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c > index f0f01d3b1d..04da4cf14d 100644 > --- a/lib/efi_loader/efi_setup.c > +++ b/lib/efi_loader/efi_setup.c > @@ -129,12 +129,17 @@ static efi_status_t efi_init_capsule(void) > efi_status_t ret = EFI_SUCCESS; > > if (IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)) { > + u16 var_name16[12]; > + > + efi_create_indexed_name(var_name16, sizeof(var_name16), > + "Capsule", CONFIG_EFI_CAPSULE_MAX); > + > ret = efi_set_variable_int(u"CapsuleMax", > &efi_guid_capsule_report, > EFI_VARIABLE_READ_ONLY | > EFI_VARIABLE_BOOTSERVICE_ACCESS | > EFI_VARIABLE_RUNTIME_ACCESS, > - 22, u"CapsuleFFFF", false); > + 22, var_name16, false); > if (ret != EFI_SUCCESS) > printf("EFI: cannot initialize CapsuleMax variable\n"); > }
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index c56904afc2..69bb66e09c 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -226,6 +226,14 @@ config EFI_CAPSULE_AUTHENTICATE Select this option if you want to enable capsule authentication +config EFI_CAPSULE_MAX + int "Max value for capsule index" + default 65535 + range 0 65535 + help + Select the max capsule index value used for capsule report + variables. This value is used to create CapsuleMax variable. + config EFI_DEVICE_PATH_TO_TEXT bool "Device path to text protocol" default y diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index 0997cd248f..d5d3ede7ae 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -45,17 +45,7 @@ const efi_guid_t fwu_guid_os_request_fw_accept = static struct efi_file_handle *bootdev_root; #endif -/** - * get_last_capsule - get the last capsule index - * - * Retrieve the index of the capsule invoked last time from "CapsuleLast" - * variable. - * - * Return: - * * > 0 - the last capsule index invoked - * * 0xffff - on error, or no capsule invoked yet - */ -static __maybe_unused unsigned int get_last_capsule(void) +static __maybe_unused unsigned int get_capsule_index(const u16 *variable_name) { u16 value16[11]; /* "CapsuleXXXX": non-null-terminated */ char value[5]; @@ -65,7 +55,7 @@ static __maybe_unused unsigned int get_last_capsule(void) int i; size = sizeof(value16); - ret = efi_get_variable_int(u"CapsuleLast", &efi_guid_capsule_report, + ret = efi_get_variable_int(variable_name, &efi_guid_capsule_report, NULL, &size, value16, NULL); if (ret != EFI_SUCCESS || size != 22 || u16_strncmp(value16, u"Capsule", 7)) @@ -84,6 +74,35 @@ err: return index; } +/** + * get_last_capsule - get the last capsule index + * + * Retrieve the index of the capsule invoked last time from "CapsuleLast" + * variable. + * + * Return: + * * > 0 - the last capsule index invoked + * * 0xffff - on error, or no capsule invoked yet + */ +static __maybe_unused unsigned int get_last_capsule(void) +{ + return get_capsule_index(u"CapsuleLast"); +} + +/** + * get_max_capsule - get the max capsule index + * + * Retrieve the max capsule index value from "CapsuleMax" variable. + * + * Return: + * * > 0 - the max capsule index + * * 0xffff - on error, or "CapsuleMax" variable does not exist + */ +static __maybe_unused unsigned int get_max_capsule(void) +{ + return get_capsule_index(u"CapsuleMax"); +} + /** * set_capsule_result - set a result variable * @capsule: Capsule @@ -1290,7 +1309,7 @@ efi_status_t efi_launch_capsules(void) { struct efi_capsule_header *capsule = NULL; u16 **files; - unsigned int nfiles, index, i; + unsigned int nfiles, index, index_max, i; efi_status_t ret; bool capsule_update = true; bool update_status = true; @@ -1299,6 +1318,7 @@ efi_status_t efi_launch_capsules(void) if (check_run_capsules() != EFI_SUCCESS) return EFI_SUCCESS; + index_max = get_max_capsule(); index = get_last_capsule(); /* @@ -1317,7 +1337,7 @@ efi_status_t efi_launch_capsules(void) /* Launch capsules */ for (i = 0, ++index; i < nfiles; i++, index++) { log_debug("Applying %ls\n", files[i]); - if (index > 0xffff) + if (index > index_max) index = 0; ret = efi_capsule_read_file(files[i], &capsule); if (ret == EFI_SUCCESS) { diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c index f0f01d3b1d..04da4cf14d 100644 --- a/lib/efi_loader/efi_setup.c +++ b/lib/efi_loader/efi_setup.c @@ -129,12 +129,17 @@ static efi_status_t efi_init_capsule(void) efi_status_t ret = EFI_SUCCESS; if (IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)) { + u16 var_name16[12]; + + efi_create_indexed_name(var_name16, sizeof(var_name16), + "Capsule", CONFIG_EFI_CAPSULE_MAX); + ret = efi_set_variable_int(u"CapsuleMax", &efi_guid_capsule_report, EFI_VARIABLE_READ_ONLY | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS, - 22, u"CapsuleFFFF", false); + 22, var_name16, false); if (ret != EFI_SUCCESS) printf("EFI: cannot initialize CapsuleMax variable\n"); }
Adds CONFIG_EFI_CAPSULE_MAX to configure the max index value used in EFI capsule reports. The config default value is 65535 as the index max value used before this change. Platforms with limited storage capacity can set a lower configuration value to prevent storage capacity overflow or even waste of storage space. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> --- lib/efi_loader/Kconfig | 8 ++++++ lib/efi_loader/efi_capsule.c | 48 +++++++++++++++++++++++++----------- lib/efi_loader/efi_setup.c | 7 +++++- 3 files changed, 48 insertions(+), 15 deletions(-)