drivers/smmstore: allow full flash access for capsule updates

With DRIVERS_EFI_UPDATE_CAPSULES enabled and when at least one capsule was found, SMMSTORE SMI handler can use commands with the highest bit (0x80) set to access the whole flash instead of just the SMMSTORE region. The rest of the interface is identical to regular SMMSTORE v2 except for a new call to control full flash access. The added call saves information about the availability of capsules in SMM memory. The call is ignored when run more than once, meaning there should be no way of enabling full flash handling after it was disabled and vice versa. The call should always be made by the firmware to lock further calls, so that an OS could not gain full flash access. This is done on entry to BS_POST_DEVICE after capsules are obtained in BS_DEV_INIT. Change-Id: I7f3dbfa965b9dcbade8b2f06a5bd2ac1345c7972 Signed-off-by: Krystian Hebel <krystian.hebel@3mdeb.com> Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/83424 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
2024-06-26 19:52:19 +02:00 · 2024-06-26 19:52:19 +02:00 · 0cc0e6996c
commit 0cc0e6996c
parent 7814b8a6be
5 changed files with 104 additions and 1 deletions
--- a/src/include/smmstore.h
+++ b/src/include/smmstore.h
@ -21,6 +21,16 @@
 #define SMMSTORE_CMD_RAW_WRITE 6
 #define SMMSTORE_CMD_RAW_CLEAR 7

+/*
+ * Used by capsule updates as a standalone command or modifier to v2 commands.
+ *
+ * Availability depends on CONFIG(DRIVERS_EFI_UPDATE_CAPSULES). Usage of this
+ * extension requires considering which portions of the flash is read-only or
+ * otherwise protected to avoid causing problems while trying to overwrite
+ * them.
+ */
+#define SMMSTORE_CMD_USE_FULL_FLASH 0x80
+
 /* Version 1 */
 struct smmstore_params_read {
 	void *buf;
@ -117,6 +127,8 @@ int smmstore_get_info(struct smmstore_params_info *info);
 #endif
 struct region_device;
 int smmstore_lookup_region(struct region_device *rstore);
+/* Returns 0 if normal parsing should continue, 1 otherwise */
+int smmstore_preprocess_cmd(uint8_t *cmd, void *param);

 /* Advertise SMMSTORE v2 support */
 struct lb_header;