@@ -47,6 +47,7 @@ SRC_URI:append = " \
file://0037-corstone1000-enable-authenticated-capsule-config.patch \
file://0038-corstone1000-introduce-EFI-authenticated-capsule-upd.patch \
file://0039-enables-ondisk-capsule-update-feature.patch \
+ file://0040-fix-runtime-capsule-update-flags-checks.patch \
"
do_configure:append(){
new file mode 100644
@@ -0,0 +1,56 @@
+From a83aa9e1b8f6e312da82e54614fbca498493c34d Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Thu, 19 Oct 2023 14:56:55 +0100
+Subject: [PATCH] fix runtime capsule update flags checks for corstone1000
+
+Fixes capsule update flags checks in capsule update as these checks are missing
+in the platform-specific capsule-update implementation in corstone1000.
+
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Upstream-Status: Inappropriate [Redesign of Capsule update interface is required]
+---
+ lib/efi_loader/efi_capsule.c | 28 ++++++++++++++++++++++++++++
+ 1 file changed, 28 insertions(+)
+
+diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
+index 307bcfd73c..34507482b7 100644
+--- a/lib/efi_loader/efi_capsule.c
++++ b/lib/efi_loader/efi_capsule.c
+@@ -854,6 +854,34 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
+ continue;
+ }
+
++ /* According to UEFI specs when the flag is CAPSULE_FLAGS_PERSIST_ACROSS_RESET,
++ ScatterGatherList can't be NULL.*/
++ if ((capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) &&
++ scatter_gather_list == 0){
++ ret = EFI_INVALID_PARAMETER;
++ goto out;
++ }
++
++ /*According to UEFI specs a capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE
++ * flag must have CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its
++ * header as well.*/
++ if (capsule->flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE){
++ if(!(capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)){
++ ret = EFI_INVALID_PARAMETER;
++ goto out;
++ }
++ }
++
++ /* According to UEFI specs, a capsule which has the CAPSULE_FLAGS_INITIATE_RESET
++ * Flag must have CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its
++ * header as well.*/
++ if (capsule->flags & CAPSULE_FLAGS_INITIATE_RESET){
++ if(!(capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)){
++ ret = EFI_INVALID_PARAMETER;
++ goto out;
++ }
++ }
++
+ log_debug("Capsule[%d] (guid:%pUs)\n",
+ i, &capsule->capsule_guid);
+
+--
+2.25.1
+