From nobody Mon May 6 07:10:11 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1523999130126959.815052861365; Tue, 17 Apr 2018 14:05:30 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 7E04722590E39; Tue, 17 Apr 2018 14:05:27 -0700 (PDT) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3B2AC21F2E10F for ; Tue, 17 Apr 2018 14:05:26 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Apr 2018 14:05:25 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.51]) by fmsmga006.fm.intel.com with ESMTP; 17 Apr 2018 14:05:25 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.151; helo=mga17.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,464,1517904000"; d="scan'208";a="221226931" From: "Kinney, Michael D" To: edk2-devel@lists.01.org Date: Tue, 17 Apr 2018 14:05:19 -0700 Message-Id: <20180417210522.29644-2-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180417210522.29644-1-michael.d.kinney@intel.com> References: <20180417210522.29644-1-michael.d.kinney@intel.com> Subject: [edk2] [RFC v2 1/4] FmpDevicePkg: Add package, library classes, and PCDs X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Jiewen Yao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D922 Based on content from the following branch: https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleU= pdatePkg Create FmpDevicePkg with library classes and PCDs used to customize the behavior of a Firmware Management Protocol instance. Library Classes =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * FmpDeviceLib - Provides firmware device specific services to support updates of a firmware image stored in a firmware device. * CapsuleUpdatePolicyLib - Provides platform policy services used during a capsule update. * FmpPayloadHeaderLib - Provides services to retrieve values from a capsule's FMP Payload Header. The structure is not included in the library class. Instead, services are provided to retrieve information from the FMP Payload Header. If information is added to the FMP Payload Header, then new services may be added to this library class to retrieve the new information. PCDs set per module =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * PcdFmpDeviceSystemResetRequired - Indicates if a full system reset is required before a firmware update to a firmware devices takes effect * PcdFmpDeviceTestKeySha256Digest - The SHA-256 hash of a PKCS7 test key that is used to detect if a test key is being used to authenticate capsules. Test key detection is disabled by setting the value to {0}. * PcdFmpDeviceProgressColor - The color of the progress bar during a firmware update. * PcdFmpDeviceImageIdName - The Null-terminated Unicode string used to fill in the ImageIdName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo() service of the Firmware Management Protocol for the firmware device. * PcdFmpDeviceBuildTimeLowestSupportedVersion - The build time value used to fill in the LowestSupportedVersion field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo() service of the Firmware Management Protocol. * PcdFmpDeviceProgressWatchdogTimeInSeconds - The time in seconds to arm a watchdog timer during the update of a firmware device. PCDs set per module or for entire platform =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * PcdFmpDevicePkcs7CertBufferXdr - One or more PKCS7 certificates used to verify a firmware device capsule update image. * PcdFmpDeviceLockEventGuid - An event GUID that locks the firmware device when the event is signaled. Cc: Sean Brogan Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- FmpDevicePkg/FmpDevicePkg.dec | 132 +++++++ FmpDevicePkg/FmpDevicePkg.uni | 80 ++++ FmpDevicePkg/FmpDevicePkgExtra.uni | 18 + .../Include/Library/CapsuleUpdatePolicyLib.h | 120 ++++++ FmpDevicePkg/Include/Library/FmpDeviceLib.h | 405 +++++++++++++++++= ++++ FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h | 100 +++++ 6 files changed, 855 insertions(+) create mode 100644 FmpDevicePkg/FmpDevicePkg.dec create mode 100644 FmpDevicePkg/FmpDevicePkg.uni create mode 100644 FmpDevicePkg/FmpDevicePkgExtra.uni create mode 100644 FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h create mode 100644 FmpDevicePkg/Include/Library/FmpDeviceLib.h create mode 100644 FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h diff --git a/FmpDevicePkg/FmpDevicePkg.dec b/FmpDevicePkg/FmpDevicePkg.dec new file mode 100644 index 0000000000..9ea0d73359 --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.dec @@ -0,0 +1,132 @@ +## @file +# Firmware Management Protocol Device Package +# +# This package provides an implementation of a Firmware Management Protocol +# instance that supports the update of firmware storage devices using UEFI +# Capsules. The behavior of the Firmware Management Protocol instance is +# customized using libraries and PCDs. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are m= et: +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright not= ice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +## + +[Defines] + DEC_SPECIFICATION =3D 0x00010005 + PACKAGE_NAME =3D FmpDevicePkg + PACKAGE_UNI_FILE =3D FmpDevicePkg.uni + PACKAGE_GUID =3D 080b5b4f-27c6-11e8-84d1-f8597177a00a + PACKAGE_VERSION =3D 0.1 + +[Includes] + Include + +[LibraryClasses] + ## @libraryclass Provides services to retrieve values from a capsule's= FMP + # Payload Header. The structure is not included in the + # library class. Instead, services are provided to ret= rieve + # information from the FMP Payload Header. If informat= ion is + # added to the FMP Payload Header, then new services ma= y be + # added to this library class to retrieve the new infor= mation. + FmpPayloadHeaderLib|Include/Library/FmpPayloadHeaderLib.h + + ## @libraryclass Provides platform policy services used during a capsu= le + # update. + CapsuleUpdatePolicyLib|Include/Library/CapsuleUpdatePolicyLib.h + + ## @libraryclass Provides firmware device specific services to support + # updates of a firmware image stored in a firmware devi= ce. + FmpDeviceLib|Include/Library/FmpDeviceLib.h + +[Guids] + ## Firmware Management Protocol Device Package Token Space GUID + gFmpDevicePkgTokenSpaceGuid =3D { 0x40b2d964, 0xfe11, 0x40dc, { 0x82, 0x= 83, 0x2e, 0xfb, 0xda, 0x29, 0x53, 0x56 } } + +[PcdsFixedAtBuild] + ## Indicates if a full system reset is required before a firmware update= to a + # firmware devices takes effect.

+ # TRUE - System reset is required.
+ # FALSE - System reset is not required.
+ # @Prompt FMP Device System Reset Required. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceSystemResetRequired|TRUE|BOOLEAN= |0x40000008 + + ## The SHA-256 hash of a PKCS7 test key that is used to detect if a test= key + # is being used to authenticate capsules. Test key detection is disabl= ed by + # setting the value to {0}. + # @Prompt SHA-256 hash of PKCS7 test key. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0x2E, 0x97,= 0x89, 0x1B, 0xDB, 0xE7, 0x08, 0xAA, 0x8C, 0xB2, 0x8F, 0xAD, 0x20, 0xA9, 0= x83, 0xC7, 0x84, 0x7D, 0x4F, 0xEE, 0x48, 0x25, 0xE9, 0x4D, 0x39, 0xFA, 0x= 34, 0x9A, 0xB8, 0xB1, 0xC4, 0x26}|VOID*|0x40000009 + +[PcdsFixedAtBuild, PcdsPatchableInModule] + ## The color of the progress bar during a firmware update. Each firmware + # device can set its own color. The default color is white.

+ # Bits 7..0 - Red
+ # Bits 15..8 - Green
+ # Bits 23..16 - Blue
+ # @Prompt Firmware Device Progress Bar Color. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FFFFFF|UINT32|= 0x40000004 + + ## The Null-terminated Unicode string used to fill in the ImageIdName fi= eld of + # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the + # GetImageInfo() service of the Firmware Management Protocol for the fi= rmware + # device. An ImageIdName string must be provided for each firmware dev= ice. + # The default value is an empty string. + # @Prompt Firmware Device ImageIdName string. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L""|VOID*|0x40000007 + + ## The build time value used to fill in the LowestSupportedVersion field= of + # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the + # GetImageInfo() service of the Firmware Management Protocol. This val= ue is + # only used if the firmware device does not provide a method to report = the + # lowest supported version value from the current firmware image and the + # UEFI variable used to provide the lowest supported version value does= not + # exist. The default value is 0. + # @Prompt Build Time Firmware Device Lowest Support Version. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion|= 0x0|UINT32|0x4000000C + + ## The time in seconds to arm a watchdog timer during the update of a fi= rmware + # device. The watchdog is re-armed each time the FmpDeviceLib calls the + # Progress() function passed into FmpDeviceSetImage() function. The + # FmpDeviceLib calls Progress() to update the percent completion of a + # firmware update. If the watchdog timer expires, the system reboots. = A + # value of 0 disables the watchdog timer. The default value is 0 (watc= hdog + # disabled). + # @Prompt Firmware Device Watchdog Time in Seconds. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds|0x= 0|UINT8|0x4000000D + +[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] + ## One or more PKCS7 certificates used to verify a firmware device capsu= le + # update image. Encoded using the Variable-Length Opaque Data format o= f RFC + # 4506 External Data Representation Standard (XDR). The default value = is + # empty with 0 certificates. + # @Prompt One or more XDR encoded PKCS7 certificates used to verify firm= ware device capsule update images. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr|{0x0}|VOID*|0= x4000000E + + ## An event GUID that locks the firmware device when the event is signal= ed. + # If this PCD is not a valid GUID value, then the firmware device is lo= cked + # when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is signaled. The + # default value is empty, so by default the firmware device is locked a= t the + # end of the DXE phase. + # @Prompt Firmware Device Lock Event GUID. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{0}|VOID*|0x400000= 0F + +[UserExtensions.TianoCore."ExtraFiles"] + FmpDevicePkgExtra.uni diff --git a/FmpDevicePkg/FmpDevicePkg.uni b/FmpDevicePkg/FmpDevicePkg.uni new file mode 100644 index 0000000000..da31d0ac81 --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.uni @@ -0,0 +1,80 @@ +// /** @file +// Firmware Management Protocol Device Package +// +// This package provides an implementation of a Firmware Management Protoc= ol +// instance that supports the update of firmware storage devices using UEFI +// Capsules. The behavior of the Firmware Management Protocol instance is +// customized using libraries and PCDs. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials are licensed and made avail= able under +// the terms and conditions of the BSD License which accompanies this dist= ribution. +// The full text of the license may be found at +// http://opensource.org/licenses/bsd-license.php +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_PACKAGE_ABSTRACT #language en-US "Firmware Management Pro= tocol Software Development Kit" + +#string STR_PACKAGE_DESCRIPTION #language en-US "This package provides l= ibraries that support the implementation of a module that produces the Firm= ware Management Protocol to support the update of a system firmware compone= nt." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_PR= OMPT #language en-US "FMP Device System Reset Required." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_HE= LP #language en-US "Indicates if a full system reset is required before = a firmware update to a firmware device takes effect.

\n" + = "TRUE - System reset is required.
\n" + = "FALSE - System reset is not required.
" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceTestKeySha256Digest_PR= OMPT #language en-US "SHA-256 hash of PKCS7 test key." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceTestKeySha256Digest_HE= LP #language en-US "The SHA-256 hash of a PKCS7 test key that is used to= detect if a test key" + = "is being used to authenticate capsules. Test key de= tection can be disabled" + = "by setting the value to {0}" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_PROMPT = #language en-US "Firmware Device Progress Bar Color." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_HELP = #language en-US "The color of the progress bar during a firmware update. E= ach firmware" + = "device can set its own color. The default color is white.=

\n" + = "Bits 7..0 - Red
\n" + = "Bits 15..8 - Green
\n" + = "Bits 23..16 - Blue
\n" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_PROMPT #l= anguage en-US "Firmware Device ImageIdName string." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_HELP #l= anguage en-US "The Null-terminated Unicode string used to fill in the Image= IdName field of" + = "the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned= by the" + = "GetImageInfo() service of the Firmware Management Protocol f= or the firmware" + = "device. An ImageIdName string must be provided for each fir= mware device." + = "The default value is an empty string." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupport= edVersion_PROMPT #language en-US "Build Time Firmware Device Lowest Suppor= t Version." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupport= edVersion_HELP #language en-US "The build time value used to fill in the= LowestSupportedVersion field of" + = "the EFI_FIRMWARE_IMAGE_DESCRIPTOR struct= ure that is returned by the" + = "GetImageInfo() service of the Firmware M= anagement Protocol. This value is" + = "only used if the firmware device does no= t provide a method to report the" + = "lowest supported version value from the = current firmware image and the" + = "UEFI variable used to provide the lowest= supported version value does not" + = "exist. The default value is 0." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeIn= Seconds_PROMPT #language en-US "Firmware Device Watchdog Time in Seconds." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeIn= Seconds_HELP #language en-US "Indicates the time in seconds to arm a wat= chdog timer during the update of" + = "a firmware device. The watchdog is re-arm= ed each time the FmpDeviceLib" + = "calls the Progress() function passed into = FmpDeviceSetImage() function." + = "The FmpDeviceLib calls Progress() to updat= e the percent completion of a" + = "firmware update. If the watchdog timer ex= pires, the system reboots. A" + = "value of 0 disables the watchdog timer. T= he default value is 0 (watchdog" + = "disabled)." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_P= ROMPT #language en-US "One or more XDR encoded PKCS7 certificates used to = verify firmware device capsule update images" +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_H= ELP #language en-US "Provides one or more PKCS7 certificates used to ver= ify a firmware device" + = "capsule update image. This PCD is encoded using th= e Variable-Length Opaque" + = "Data format of RFC 4506 External Data Representatio= n Standard (XDR)." + = "The default value is empty with 0 certificates." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_PROMPT= #language en-US "Firmware Device Lock Event GUID." +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_HELP = #language en-US "An event GUID that locks the firmware device when the ev= ent is signaled." + = "If this PCD is not a valid GUID value, then the firmware= device is locked" + = "when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is si= gnaled. The" + = "default value is empty, so by default the firmware devic= e is locked at the" + = "end of the DXE phase." + + diff --git a/FmpDevicePkg/FmpDevicePkgExtra.uni b/FmpDevicePkg/FmpDevicePkg= Extra.uni new file mode 100644 index 0000000000..fe49e8cd6c --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkgExtra.uni @@ -0,0 +1,18 @@ +// /** @file +// Firmware Management Protocol Device Package Localized Strings and Conte= nt. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials are licensed and made avail= able under +// the terms and conditions of the BSD License which accompanies this dist= ribution. +// The full text of the license may be found at +// http://opensource.org/licenses/bsd-license.php +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_PROPERTIES_PACKAGE_NAME +#language en-US +"Firmware Management Protocol Device package" diff --git a/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h b/FmpDev= icePkg/Include/Library/CapsuleUpdatePolicyLib.h new file mode 100644 index 0000000000..b38f212859 --- /dev/null +++ b/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h @@ -0,0 +1,120 @@ +/** @file + Provides platform policy services used during a capsule update. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __CAPSULE_UPDATE_POLICY_LIB__ +#define __CAPSULE_UPDATE_POLICY_LIB__ + +/** + Determine if the system power state supports a capsule update. + + @param[out] Good Returns TRUE if system power state supports a capsule + update. Returns FALSE if system power state does not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System power state can not be determined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemPower ( + OUT BOOLEAN *Good + ); + +/** + Determines if the system thermal state supports a capsule update. + + @param[out] Good Returns TRUE if system thermal state supports a capsule + update. Returns FALSE if system thermal state does not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System thermal state can not be determine= d. + +**/ +EFI_STATUS +EFIAPI +CheckSystemThermal ( + IN OUT BOOLEAN *Good + ); + +/** + Determines if the system environment state supports a capsule update. + + @param[out] Good Returns TRUE if system environment state supports a ca= psule + update. Returns FALSE if system environment state doe= s not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System environment state can not be deter= mined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemEnvironment ( + IN OUT BOOLEAN *Good + ); + +/** + Determines if the Lowest Supported Version checks should be performed. = The + expected result from this function is TRUE. A platform can choose to re= turn + FALSE (e.g. during manufacturing or servicing) to allow a capsule update= to a + version below the current Lowest Supported Version. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +CheckLowestSupportedVersion ( + VOID + ); + +/** + Determines if the FMP device should be locked when the event specified by + PcdFmpDeviceLockEventGuid is signaled. The expected result from this fun= ction + is TRUE so the FMP device is always locked. A platform can choose to re= turn + FALSE (e.g. during manufacturing) to allow FMP devices to remain unlocke= d. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +LockFmpDeviceAtLockEventGuid ( + VOID + ); + +#endif diff --git a/FmpDevicePkg/Include/Library/FmpDeviceLib.h b/FmpDevicePkg/Inc= lude/Library/FmpDeviceLib.h new file mode 100644 index 0000000000..08125f0096 --- /dev/null +++ b/FmpDevicePkg/Include/Library/FmpDeviceLib.h @@ -0,0 +1,405 @@ +/** @file + Provides firmware device specific services to support updates of a firmw= are + image stored in a firmware device. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __FMP_DEVICE_LIB__ +#define __FMP_DEVICE_LIB__ + +#include + +/** + Callback function that installs a Firmware Management Protocol instance = onto + a handle. + + @param[in] Handle The device handle to install a Firmware Management + Protocol instance. + + @retval EFI_SUCCESS A Firmware Management Protocol instance = was + installed onto Handle. + @retval EFI_INVALID_PARAMETER Handle is invalid + @retval other A Firmware Management Protocol instance = could + not be installed onto Handle. + +**/ +typedef +EFI_STATUS +(EFIAPI *FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER)( + IN EFI_HANDLE Handle + ); + +/** + Provide a function to install the Firmware Management Protocol instance = onto a + device handle when the device is managed by a driver that follows the UE= FI + Driver Model. If the device is not managed by a driver that follows the= UEFI + Driver Model, then EFI_UNSUPPORTED is returned. + + @param[in] FmpInstaller Function that installs the Firmware Management + Protocol. + + @retval EFI_SUCCESS The device is managed by a driver that follows = the + UEFI Driver Model. FmpInstaller must be called= on + each Driver Binding Start(). + @retval EFI_UNSUPPORTED The device is not managed by a driver that foll= ows + the UEFI Driver Model. + @retval other The Firmware Management Protocol for this firmw= are + device is not installed. The firmware device is + still locked using FmpDeviceLock(). + +**/ +EFI_STATUS +EFIAPI +RegisterFmpInstaller ( + IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER FmpInstaller + ); + +/** + Returns the size, in bytes, of the firmware image currently stored in the + firmware device. This function is used to by the GetImage() and + GetImageInfo() services of the Firmware Management Protocol. If the ima= ge + size can not be determined from the firmware device, then 0 must be retu= rned. + + @param[out] Size Pointer to the size, in bytes, of the firmware image + currently stored in the firmware device. + + @retval EFI_SUCCESS The size of the firmware image currently + stored in the firmware device was returne= d. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support repo= rting + the size of the currently stored firmware= image. + @retval EFI_DEVICE_ERROR An error occured attempting to determine = the + size of the firmware image currently stor= ed in + in the firmware device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetSize ( + OUT UINTN *Size + ); + +/** + Returns the GUID value used to fill in the ImageTypeId field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_UNSUPPORTED is retu= rned, + then the ImageTypeId field is set to gEfiCallerIdGuid. If EFI_SUCCESS is + returned, then ImageTypeId is set to the Guid returned from this functio= n. + + @param[out] Guid Double pointer to a GUID value that is updated to poin= t to + to a GUID value. The GUID value is not allocated and = must + not be modified or freed by the caller. + + @retval EFI_SUCCESS EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID = is set + to the returned Guid value. + @retval EFI_UNSUPPORTED EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID = is set + to gEfiCallerIdGuid. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImageTypeIdGuidPtr ( + OUT EFI_GUID **Guid + ); + +/** + Returns values used to fill in the AttributesSupported and AttributesSet= tings + fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned b= y the + GetImageInfo() service of the Firmware Management Protocol. The followi= ng + bit values from the Firmware Management Protocol may be combined: + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE + IMAGE_ATTRIBUTE_RESET_REQUIRED + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED + IMAGE_ATTRIBUTE_IN_USE + IMAGE_ATTRIBUTE_UEFI_IMAGE + + @param[out] Supported Attributes supported by this firmware device. + @param[out] Setting Attributes settings for this firmware device. + + @retval EFI_SUCCESS The attributes supported by the firmware + device were returned. + @retval EFI_INVALID_PARAMETER Supported is NULL. + @retval EFI_INVALID_PARAMETER Setting is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetAttributes ( + IN OUT UINT64 *Supported, + IN OUT UINT64 *Setting + ); + +/** + Returns the value used to fill in the LowestSupportedVersion field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_SUCCESS is returned= , then + the firmware device supports a method to report the LowestSupportedVersi= on + value from the currently stored firmware image. If the value can not be + reported for the firmware image currently stored in the firmware device,= then + EFI_UNSUPPORTED must be returned. EFI_DEVICE_ERROR is returned if an er= ror + occurs attempting to retrieve the LowestSupportedVersion value for the + currently stored firmware image. + + @note It is recommended that all firmware devices support a method to re= port + the LowestSupportedVersion value from the currently stored firmware + image. + + @param[out] LowestSupportedVersion LowestSupportedVersion value retriev= ed + from the currently stored firmware i= mage. + + @retval EFI_SUCCESS The lowest supported version of currently stor= ed + firmware image was returned in LowestSupported= Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method = to + report the lowest supported version of the cur= rently + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the l= owest + supported version of the currently stored firm= ware + image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetLowestSupportedVersion ( + OUT UINT32 *LowestSupportedVersion + ); + +/** + Returns the Null-terminated Unicode string that is used to fill in the + VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the GetImageInfo() service of the Firmware Management Protoc= ol. + The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePo= ol(). + + @note It is recommended that all firmware devices support a method to re= port + the VersionName string from the currently stored firmware image. + + @param[out] VersionString The version string retrieved from the current= ly + stored firmware image. + + @retval EFI_SUCCESS The version string of currently stored + firmware image was returned in Version. + @retval EFI_INVALID_PARAMETER VersionString is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support a me= thod + to report the version string of the curre= ntly + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + version string of the currently stored + firmware image. + @retval EFI_OUT_OF_RESOURCES There are not enough resources to allocat= e the + buffer for the version string of the curr= ently + stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersionString ( + OUT CHAR16 **VersionString + ); + +/** + Returns the value used to fill in the Version field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_SUCCESS is returned= , then + the firmware device supports a method to report the Version value from t= he + currently stored firmware image. If the value can not be reported for t= he + firmware image currently stored in the firmware device, then EFI_UNSUPPO= RTED + must be returned. EFI_DEVICE_ERROR is returned if an error occurs attem= pting + to retrieve the LowestSupportedVersion value for the currently stored fi= rmware + image. + + @note It is recommended that all firmware devices support a method to re= port + the Version value from the currently stored firmware image. + + @param[out] Version The version value retrieved from the currently stor= ed + firmware image. + + @retval EFI_SUCCESS The version of currently stored firmware image= was + returned in Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method = to + report the version of the currently stored fir= mware + image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the v= ersion + of the currently stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersion ( + OUT UINT32 *Version + ); + +/** + Returns a copy of the firmware image currently stored in the firmware de= vice. + + @note It is recommended that all firmware devices support a method to re= trieve + a copy currently stored firmware image. This can be used to suppo= rt + features such as recovery and rollback. + + @param[out] Image Pointer to a caller allocated buffer where the + currently stored firmware image is copied to. + @param[in out] ImageSize Pointer the size, in bytes, of the Image buffe= r. + On return, points to the size, in bytes, of fi= rmware + image currently stored in the firmware device. + + @retval EFI_SUCCESS Image contains a copy of the firmware ima= ge + currently stored in the firmware device, = and + ImageSize contains the size, in bytes, of= the + firmware image currently stored in the + firmware device. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too = small + to hold the firmware image currently stor= ed in + the firmware device. The buffer size requ= ired + is returned in ImageSize. + @retval EFI_INVALID_PARAMETER The Image is NULL. + @retval EFI_INVALID_PARAMETER The ImageSize is NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + firmware image currently stored in the fi= rmware + device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImage ( + IN OUT VOID *Image, + IN IN OUT UINTN *ImageSize + ); + +/** + Checks if a new firmware image is valid for the firmware device. This + function allows firmware update operation to validate the firmware image + before FmpDeviceSetImage() is called. + + @param[in] Image Points to a new firmware image. + @param[in] ImageSize Size, in bytes, of a new firmware image. + @param[out] ImageUpdatable Indicates if a new firmware image is valid f= or + a firmware update to the firmware device. T= he + following values from the Firmware Management + Protocol are supported: + IMAGE_UPDATABLE_VALID + IMAGE_UPDATABLE_INVALID + IMAGE_UPDATABLE_INVALID_TYPE + IMAGE_UPDATABLE_INVALID_OLD + IMAGE_UPDATABLE_VALID_WITH_VENDOR_CODE + + @retval EFI_SUCCESS The image was successfully checked. Addi= tional + status information is returned in + ImageUpdateable. + @retval EFI_INVALID_PARAMETER Image is NULL. + @retval EFI_INVALID_PARAMETER ImageUpdateable is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceCheckImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdateable + ); + +/** + Updates a firmware device with a new firmware image. This function retu= rns + EFI_UNSUPPORTED if the firmware image is not updatable. If the firmware= image + is updatable, the function should perform the following minimal validati= ons + before proceeding to do the firmware image update. + - Validate that the image is a supported image for this firmware devic= e. + Return EFI_ABORTED if the image is not supported. Additional details + on why the image is not a supported image may be returned in AbortRe= ason. + - Validate the data from VendorCode if is not NULL. Firmware image + validation must be performed before VendorCode data validation. + VendorCode data is ignored or considered invalid if image validation + fails. Return EFI_ABORTED if the VendorCode data is invalid. + + VendorCode enables vendor to implement vendor-specific firmware image up= date + policy. Null if the caller did not specify the policy or use the default + policy. As an example, vendor can implement a policy to allow an option= to + force a firmware image update when the abort reason is due to the new fi= rmware + image version is older than the current firmware image version or bad im= age + checksum. Sensitive operations such as those wiping the entire firmware= image + and render the device to be non-functional should be encoded in the image + itself rather than passed with the VendorCode. AbortReason enables vend= or to + have the option to provide a more detailed description of the abort reas= on to + the caller. + + @param[in] Image Points to the new firmware image. + @param[in] ImageSize Size, in bytes, of the new firmware image. + @param[in] VendorCode This enables vendor to implement vendor-sp= ecific + firmware image update policy. NULL indica= tes + the caller did not specify the policy or u= se the + default policy. + @param[in] Progress A function used to report the progress of + updating the firmware device with the new + firmware image. + @param[in] CapsuleFwVersion The version of the new firmware image from= the + update capsule that provided the new firmw= are + image. + @param[out] AbortReason A pointer to a pointer to a Null-terminated + Unicode string providing more details on an + aborted operation. The buffer is allocated= by + this function with + EFI_BOOT_SERVICES.AllocatePool(). It is t= he + caller's responsibility to free this buffe= r with + EFI_BOOT_SERVICES.FreePool(). + + @retval EFI_SUCCESS The firmware device was successfully upda= ted + with the new firmware image. + @retval EFI_ABORTED The operation is aborted. Additional det= ails + are provided in AbortReason. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceSetImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, OP= TIONAL + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OP= TIONAL + IN UINT32 CapsuleFwVersion, + OUT CHAR16 **AbortReason + ); + +/** + Lock the firmware device that contains a firmware image. Once a firmware + device is locked, any attempts to modify the firmware image contents in = the + firmware device must fail. + + @note It is recommended that all firmware devices support a lock method = to + prevent modifications to a stored firmware image. + + @note A firmware device lock mechanism is typically only cleared by a fu= ll + system reset (not just sleep state/low power mode). + + @retval EFI_SUCCESS The firmware device was locked. + @retval EFI_UNSUPPORTED The firmware device does not support locking + +**/ +EFI_STATUS +EFIAPI +FmpDeviceLock ( + VOID + ); + +#endif diff --git a/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h b/FmpDevice= Pkg/Include/Library/FmpPayloadHeaderLib.h new file mode 100644 index 0000000000..cb5622e9ce --- /dev/null +++ b/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h @@ -0,0 +1,100 @@ +/** @file + Provides services to retrieve values from a capsule's FMP Payload Header. + The structure is not included in the library class. Instead, services a= re + provided to retrieve information from the FMP Payload Header. If inform= ation + is added to the FMP Payload Header, then new services may be added to th= is + library class to retrieve the new information. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef _FMP_PAYLOAD_HEADER_LIB_H__ +#define _FMP_PAYLOAD_HEADER_LIB_H__ + +/** + Returns the FMP Payload Header size in bytes. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Size The size, in bytes, of the FMP Payload Heade= r. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderSize ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Size + ); + +/** + Returns the version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Version The firmware version described in the FMP Pa= yload + Header. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Version is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Version + ); + +/** + Returns the lowest supported version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] LowestSupportedVersion The lowest supported version describ= ed in + the FMP Payload Header. + + @retval EFI_SUCCESS The lowest support version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER LowestSupportedVersion is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderLowestSupportedVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + IN OUT UINT32 *LowestSupportedVersion + ); + +#endif --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Mon May 6 07:10:11 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1523999133736854.7832530190163; Tue, 17 Apr 2018 14:05:33 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id A617C2263DD7D; Tue, 17 Apr 2018 14:05:27 -0700 (PDT) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6DB262265A189 for ; Tue, 17 Apr 2018 14:05:26 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Apr 2018 14:05:26 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.51]) by fmsmga006.fm.intel.com with ESMTP; 17 Apr 2018 14:05:26 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.151; helo=mga17.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,464,1517904000"; d="scan'208";a="221226934" From: "Kinney, Michael D" To: edk2-devel@lists.01.org Date: Tue, 17 Apr 2018 14:05:20 -0700 Message-Id: <20180417210522.29644-3-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180417210522.29644-1-michael.d.kinney@intel.com> References: <20180417210522.29644-1-michael.d.kinney@intel.com> Subject: [edk2] [RFC v2 2/4] FmpDevicePkg: Add library instances X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Jiewen Yao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D922 Based on content from the following branch: https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleU= pdatePkg Add library instances for FmpDeviceLib, CapsuleUpdatePolicyLib, and FmpPayloadHeaderLib. Library Classes =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * FmpDeviceLibNull - Non-functional template of the FmpDeviceLib that can be used as a starting point for an FmpDeviceLib for a specific firmware storage device. * CapsuleUpdatePolicyLibNull - Functional template of the CapsuleUpdatePolicyLib that can be used as a starting point of a platform specific implementation. * FmpPayloadHeaderLibV1 - Version 1 of the FmpPayloadHeaderLib. This library is indented to be used "as is" with no need for any device specific or platform specific changes. Cc: Sean Brogan Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- .../CapsuleUpdatePolicyLibNull.c | 136 +++++++ .../CapsuleUpdatePolicyLibNull.inf | 45 +++ .../CapsuleUpdatePolicyLibNull.uni | 17 + .../Library/FmpDeviceLibNull/FmpDeviceLib.c | 427 +++++++++++++++++= ++++ .../Library/FmpDeviceLibNull/FmpDeviceLibNull.inf | 48 +++ .../Library/FmpDeviceLibNull/FmpDeviceLibNull.uni | 18 + .../FmpPayloadHeaderLibV1/FmpPayloadHeaderLib.c | 188 +++++++++ .../FmpPayloadHeaderLibV1.inf | 48 +++ .../FmpPayloadHeaderLibV1.uni | 21 + 9 files changed, 948 insertions(+) create mode 100644 FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/Capsule= UpdatePolicyLibNull.c create mode 100644 FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/Capsule= UpdatePolicyLibNull.inf create mode 100644 FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/Capsule= UpdatePolicyLibNull.uni create mode 100644 FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLib.c create mode 100644 FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.= inf create mode 100644 FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.= uni create mode 100644 FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHe= aderLib.c create mode 100644 FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHe= aderLibV1.inf create mode 100644 FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHe= aderLibV1.uni diff --git a/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdateP= olicyLibNull.c b/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpd= atePolicyLibNull.c new file mode 100644 index 0000000000..943fe372cb --- /dev/null +++ b/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLi= bNull.c @@ -0,0 +1,136 @@ +/** @file + Provides platform policy services used during a capsule update. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include +#include + +/** + Determine if the system power state supports a capsule update. + + @param[out] Good Returns TRUE if system power state supports a capsule + update. Returns FALSE if system power state does not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System power state can not be determined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemPower ( + OUT BOOLEAN *Good + ) +{ + *Good =3D TRUE; + return EFI_SUCCESS; +} + +/** + Determines if the system thermal state supports a capsule update. + + @param[out] Good Returns TRUE if system thermal state supports a capsule + update. Returns FALSE if system thermal state does not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System thermal state can not be determine= d. + +**/ +EFI_STATUS +EFIAPI +CheckSystemThermal ( + IN OUT BOOLEAN *Good + ) +{ + *Good =3D TRUE; + return EFI_SUCCESS; +} + +/** + Determines if the system environment state supports a capsule update. + + @param[out] Good Returns TRUE if system environment state supports a ca= psule + update. Returns FALSE if system environment state doe= s not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System environment state can not be deter= mined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemEnvironment ( + IN OUT BOOLEAN *Good + ) +{ + *Good =3D TRUE; + return EFI_SUCCESS; +} + +/** + Determines if the Lowest Supported Version checks should be performed. = The + expected result from this function is TRUE. A platform can choose to re= turn + FALSE (e.g. during manufacturing or servicing) to allow a capsule update= to a + version below the current Lowest Supported Version. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +CheckLowestSupportedVersion ( + VOID + ) +{ + return TRUE; +} + +/** + Determines if the FMP device should be locked when the event specified by + PcdFmpDeviceLockEventGuid is signaled. The expected result from this fun= ction + is TRUE so the FMP device is always locked. A platform can choose to re= turn + FALSE (e.g. during manufacturing) to allow FMP devices to remain unlocke= d. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +LockFmpDeviceAtLockEventGuid ( + VOID + ) +{ + return TRUE; +} diff --git a/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdateP= olicyLibNull.inf b/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleU= pdatePolicyLibNull.inf new file mode 100644 index 0000000000..c7c669e3e0 --- /dev/null +++ b/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLi= bNull.inf @@ -0,0 +1,45 @@ +## @file +# Provides platform policy services used during a capsule update. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are = met: +# 1. Redistributions of source code must retain the above copyright notic= e, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright no= tice, +# this list of conditions and the following disclaimer in the documentati= on +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS= IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE I= MPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE = DISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR AN= Y DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INC= LUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY T= HEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NE= GLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN = IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D CapsuleUpdatePolicyLibNull + MODULE_UNI_FILE =3D CapsuleUpdatePolicyLibNull.uni + FILE_GUID =3D 8E36EC87-440D-44F9-AB2F-AA806C61A1A6 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D CapsuleUpdatePolicyLib + +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF ARM AARCH64 +# + +[Sources] + CapsuleUpdatePolicyLibNull.c + +[Packages] + MdePkg/MdePkg.dec + FmpDevicePkg/FmpDevicePkg.dec diff --git a/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdateP= olicyLibNull.uni b/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleU= pdatePolicyLibNull.uni new file mode 100644 index 0000000000..0f16fea391 --- /dev/null +++ b/FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLi= bNull.uni @@ -0,0 +1,17 @@ +// /** @file +// Provides platform policy services used during a capsule update. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the B= SD License +// which accompanies this distribution. The full text of the license may b= e found at +// http://opensource.org/licenses/bsd-license.php +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "Provides platform policy= services used during a capsule update." + +#string STR_MODULE_DESCRIPTION #language en-US "Provides platform policy= services used during a capsule update." diff --git a/FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLib.c b/FmpDevi= cePkg/Library/FmpDeviceLibNull/FmpDeviceLib.c new file mode 100644 index 0000000000..03e8750661 --- /dev/null +++ b/FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLib.c @@ -0,0 +1,427 @@ +/** @file + Provides firmware device specific services to support updates of a firmw= are + image stored in a firmware device. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include +#include + +/** + Provide a function to install the Firmware Management Protocol instance = onto a + device handle when the device is managed by a driver that follows the UE= FI + Driver Model. If the device is not managed by a driver that follows the= UEFI + Driver Model, then EFI_UNSUPPORTED is returned. + + @param[in] FmpInstaller Function that installs the Firmware Management + Protocol. + + @retval EFI_SUCCESS The device is managed by a driver that follows = the + UEFI Driver Model. FmpInstaller must be called= on + each Driver Binding Start(). + @retval EFI_UNSUPPORTED The device is not managed by a driver that foll= ows + the UEFI Driver Model. + @retval other The Firmware Management Protocol for this firmw= are + device is not installed. The firmware device is + still locked using FmpDeviceLock(). + +**/ +EFI_STATUS +EFIAPI +RegisterFmpInstaller ( + IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER Function + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Returns the size, in bytes, of the firmware image currently stored in the + firmware device. This function is used to by the GetImage() and + GetImageInfo() services of the Firmware Management Protocol. If the ima= ge + size can not be determined from the firmware device, then 0 must be retu= rned. + + @param[out] Size Pointer to the size, in bytes, of the firmware image + currently stored in the firmware device. + + @retval EFI_SUCCESS The size of the firmware image currently + stored in the firmware device was returne= d. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support repo= rting + the size of the currently stored firmware= image. + @retval EFI_DEVICE_ERROR An error occurred attempting to determine= the + size of the firmware image currently stor= ed in + in the firmware device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetSize ( + IN UINTN *Size + ) +{ + if (Size =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *Size =3D 0; + return EFI_SUCCESS; +} + +/** + Returns the GUID value used to fill in the ImageTypeId field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_UNSUPPORTED is retu= rned, + then the ImageTypeId field is set to gEfiCallerIdGuid. If EFI_SUCCESS is + returned, then ImageTypeId is set to the Guid returned from this functio= n. + + @param[out] Guid Double pointer to a GUID value that is updated to poin= t to + to a GUID value. The GUID value is not allocated and = must + not be modified or freed by the caller. + + @retval EFI_SUCCESS EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID = is set + to the returned Guid value. + @retval EFI_UNSUPPORTED EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID = is set + to gEfiCallerIdGuid. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImageTypeIdGuidPtr ( + OUT EFI_GUID **Guid + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Returns values used to fill in the AttributesSupported and AttributesSet= tings + fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned b= y the + GetImageInfo() service of the Firmware Management Protocol. The followi= ng + bit values from the Firmware Management Protocol may be combined: + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE + IMAGE_ATTRIBUTE_RESET_REQUIRED + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED + IMAGE_ATTRIBUTE_IN_USE + IMAGE_ATTRIBUTE_UEFI_IMAGE + + @param[out] Supported Attributes supported by this firmware device. + @param[out] Setting Attributes settings for this firmware device. + + @retval EFI_SUCCESS The attributes supported by the firmware + device were returned. + @retval EFI_INVALID_PARAMETER Supported is NULL. + @retval EFI_INVALID_PARAMETER Setting is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetAttributes ( + IN OUT UINT64 *Supported, + IN OUT UINT64 *Setting + ) +{ + if (Supported =3D=3D NULL || Setting =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *Supported =3D 0; + *Setting =3D 0; + return EFI_SUCCESS; +} + +/** + Returns the value used to fill in the LowestSupportedVersion field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_SUCCESS is returned= , then + the firmware device supports a method to report the LowestSupportedVersi= on + value from the currently stored firmware image. If the value can not be + reported for the firmware image currently stored in the firmware device,= then + EFI_UNSUPPORTED must be returned. EFI_DEVICE_ERROR is returned if an er= ror + occurs attempting to retrieve the LowestSupportedVersion value for the + currently stored firmware image. + + @note It is recommended that all firmware devices support a method to re= port + the LowestSupportedVersion value from the currently stored firmware + image. + + @param[out] LowestSupportedVersion LowestSupportedVersion value retriev= ed + from the currently stored firmware i= mage. + + @retval EFI_SUCCESS The lowest supported version of currently stor= ed + firmware image was returned in LowestSupported= Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method = to + report the lowest supported version of the cur= rently + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the l= owest + supported version of the currently stored firm= ware + image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetLowestSupportedVersion ( + OUT UINT32 *LowestSupportedVersion + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Returns the Null-terminated Unicode string that is used to fill in the + VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the GetImageInfo() service of the Firmware Management Protoc= ol. + The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePo= ol(). + + @note It is recommended that all firmware devices support a method to re= port + the VersionName string from the currently stored firmware image. + + @param[out] VersionString The version string retrieved from the current= ly + stored firmware image. + + @retval EFI_SUCCESS The version string of currently stored + firmware image was returned in Version. + @retval EFI_INVALID_PARAMETER VersionString is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support a me= thod + to report the version string of the curre= ntly + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + version string of the currently stored + firmware image. + @retval EFI_OUT_OF_RESOURCES There are not enough resources to allocat= e the + buffer for the version string of the curr= ently + stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersionString ( + OUT CHAR16 **VersionString + ) +{ + if (VersionString =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *VersionString =3D NULL; + return EFI_UNSUPPORTED; +} + +/** + Returns the value used to fill in the Version field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_SUCCESS is returned= , then + the firmware device supports a method to report the Version value from t= he + currently stored firmware image. If the value can not be reported for t= he + firmware image currently stored in the firmware device, then EFI_UNSUPPO= RTED + must be returned. EFI_DEVICE_ERROR is returned if an error occurs attem= pting + to retrieve the LowestSupportedVersion value for the currently stored fi= rmware + image. + + @note It is recommended that all firmware devices support a method to re= port + the Version value from the currently stored firmware image. + + @param[out] Version The version value retrieved from the currently stor= ed + firmware image. + + @retval EFI_SUCCESS The version of currently stored firmware image= was + returned in Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method = to + report the version of the currently stored fir= mware + image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the v= ersion + of the currently stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersion ( + OUT UINT32 *Version + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Returns a copy of the firmware image currently stored in the firmware de= vice. + + @note It is recommended that all firmware devices support a method to re= trieve + a copy currently stored firmware image. This can be used to suppo= rt + features such as recovery and rollback. + + @param[out] Image Pointer to a caller allocated buffer where the + currently stored firmware image is copied to. + @param[in out] ImageSize Pointer the size, in bytes, of the Image buffe= r. + On return, points to the size, in bytes, of fi= rmware + image currently stored in the firmware device. + + @retval EFI_SUCCESS Image contains a copy of the firmware ima= ge + currently stored in the firmware device, = and + ImageSize contains the size, in bytes, of= the + firmware image currently stored in the + firmware device. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too = small + to hold the firmware image currently stor= ed in + the firmware device. The buffer size requ= ired + is returned in ImageSize. + @retval EFI_INVALID_PARAMETER The Image is NULL. + @retval EFI_INVALID_PARAMETER The ImageSize is NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + firmware image currently stored in the fi= rmware + device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImage ( + IN OUT VOID *Image, + IN IN OUT UINTN *ImageSize + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Checks if a new firmware image is valid for the firmware device. This + function allows firmware update operation to validate the firmware image + before FmpDeviceSetImage() is called. + + @param[in] Image Points to a new firmware image. + @param[in] ImageSize Size, in bytes, of a new firmware image. + @param[out] ImageUpdatable Indicates if a new firmware image is valid f= or + a firmware update to the firmware device. T= he + following values from the Firmware Management + Protocol are supported: + IMAGE_UPDATABLE_VALID + IMAGE_UPDATABLE_INVALID + IMAGE_UPDATABLE_INVALID_TYPE + IMAGE_UPDATABLE_INVALID_OLD + IMAGE_UPDATABLE_VALID_WITH_VENDOR_CODE + + @retval EFI_SUCCESS The image was successfully checked. Addi= tional + status information is returned in + ImageUpdateable. + @retval EFI_INVALID_PARAMETER Image is NULL. + @retval EFI_INVALID_PARAMETER ImageUpdateable is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceCheckImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdateable + ) +{ + return EFI_SUCCESS; +} + +/** + Updates a firmware device with a new firmware image. This function retu= rns + EFI_UNSUPPORTED if the firmware image is not updatable. If the firmware= image + is updatable, the function should perform the following minimal validati= ons + before proceeding to do the firmware image update. + - Validate that the image is a supported image for this firmware devic= e. + Return EFI_ABORTED if the image is not supported. Additional details + on why the image is not a supported image may be returned in AbortRe= ason. + - Validate the data from VendorCode if is not NULL. Firmware image + validation must be performed before VendorCode data validation. + VendorCode data is ignored or considered invalid if image validation + fails. Return EFI_ABORTED if the VendorCode data is invalid. + + VendorCode enables vendor to implement vendor-specific firmware image up= date + policy. Null if the caller did not specify the policy or use the default + policy. As an example, vendor can implement a policy to allow an option= to + force a firmware image update when the abort reason is due to the new fi= rmware + image version is older than the current firmware image version or bad im= age + checksum. Sensitive operations such as those wiping the entire firmware= image + and render the device to be non-functional should be encoded in the image + itself rather than passed with the VendorCode. AbortReason enables vend= or to + have the option to provide a more detailed description of the abort reas= on to + the caller. + + @param[in] Image Points to the new firmware image. + @param[in] ImageSize Size, in bytes, of the new firmware image. + @param[in] VendorCode This enables vendor to implement vendor-sp= ecific + firmware image update policy. NULL indica= tes + the caller did not specify the policy or u= se the + default policy. + @param[in] Progress A function used to report the progress of + updating the firmware device with the new + firmware image. + @param[in] CapsuleFwVersion The version of the new firmware image from= the + update capsule that provided the new firmw= are + image. + @param[out] AbortReason A pointer to a pointer to a Null-terminated + Unicode string providing more details on an + aborted operation. The buffer is allocated= by + this function with + EFI_BOOT_SERVICES.AllocatePool(). It is t= he + caller's responsibility to free this buffe= r with + EFI_BOOT_SERVICES.FreePool(). + + @retval EFI_SUCCESS The firmware device was successfully upda= ted + with the new firmware image. + @retval EFI_ABORTED The operation is aborted. Additional det= ails + are provided in AbortReason. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceSetImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, OP= TIONAL + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OP= TIONAL + IN UINT32 CapsuleFwVersion, + OUT CHAR16 **AbortReason + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Lock the firmware device that contains a firmware image. Once a firmware + device is locked, any attempts to modify the firmware image contents in = the + firmware device must fail. + + @note It is recommended that all firmware devices support a lock method = to + prevent modifications to a stored firmware image. + + @note A firmware device lock mechanism is typically only cleared by a fu= ll + system reset (not just sleep state/low power mode). + + @retval EFI_SUCCESS The firmware device was locked. + @retval EFI_UNSUPPORTED The firmware device does not support locking + +**/ +EFI_STATUS +EFIAPI +FmpDeviceLock ( + VOID + ) +{ + return EFI_UNSUPPORTED; +} diff --git a/FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.inf b/F= mpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.inf new file mode 100644 index 0000000000..d51f69d0b9 --- /dev/null +++ b/FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.inf @@ -0,0 +1,48 @@ +## @file +# Provides firmware device specific services to support updates of a firm= ware +# image stored in a firmware device. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are = met: +# 1. Redistributions of source code must retain the above copyright notic= e, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright no= tice, +# this list of conditions and the following disclaimer in the documentati= on +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS= IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE I= MPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE = DISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR AN= Y DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INC= LUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY T= HEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NE= GLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN = IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D FmpDeviceLibNull + MODULE_UNI_FILE =3D FmpDeviceLibNull.uni + FILE_GUID =3D 8507642B-AE92-4664-B713-807F7774A96D + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D FmpDeviceLib|DXE_DRIVER + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF ARM AARCH64 +# + +[Sources] + FmpDeviceLib.c + +[Packages] + MdePkg/MdePkg.dec + FmpDevicePkg/FmpDevicePkg.dec diff --git a/FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.uni b/F= mpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.uni new file mode 100644 index 0000000000..bedb38e9cf --- /dev/null +++ b/FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.uni @@ -0,0 +1,18 @@ +// /** @file +// Provides firmware device specific services to support updates of a firm= ware +// image stored in a firmware device. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the B= SD License +// which accompanies this distribution. The full text of the license may b= e found at +// http://opensource.org/licenses/bsd-license.php +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "Provides firmware device= specific services to support updates of a firmware image stored in a firmw= are device." + +#string STR_MODULE_DESCRIPTION #language en-US "Provides firmware device= specific services to support updates of a firmware image stored in a firmw= are device." diff --git a/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLib= .c b/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLib.c new file mode 100644 index 0000000000..5f08e8b0fd --- /dev/null +++ b/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLib.c @@ -0,0 +1,188 @@ +/** @file + Provides services to retrieve values from Version 1 of a capsule's FMP P= ayload + Header. The FMP Payload Header structure is not defined in the library c= lass. + Instead, services are provided to retrieve information from the FMP Payl= oad + Header. If information is added to the FMP Payload Header, then new ser= vices + may be added to this library class to retrieve the new information. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include +#include + +/// +/// Define FMP Payload Header structure here so it is not public +/// + +#pragma pack(1) + +typedef struct { + UINT32 Signature; + UINT32 HeaderSize; + UINT32 FwVersion; + UINT32 LowestSupportedVersion; +} FMP_PAYLOAD_HEADER; + +#pragma pack() + +/// +/// Identifier is used to make sure the data in the header is for this str= ucture +/// and version. If the structure changes update the last digit. +/// +#define FMP_PAYLOAD_HEADER_SIGNATURE SIGNATURE_32 ('M', 'S', 'S', '1') + +/** + Returns the FMP Payload Header size in bytes. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Size The size, in bytes, of the FMP Payload Heade= r. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderSize ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Size + ) +{ + FMP_PAYLOAD_HEADER *FmpPayloadHeader; + + FmpPayloadHeader =3D NULL; + + if (Header =3D=3D NULL || Size =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + FmpPayloadHeader =3D (FMP_PAYLOAD_HEADER *)Header; + if ((UINTN)FmpPayloadHeader + sizeof (FMP_PAYLOAD_HEADER) < (UINTN)FmpPa= yloadHeader || + (UINTN)FmpPayloadHeader + sizeof (FMP_PAYLOAD_HEADER) >=3D (UINTN)Fm= pPayloadHeader + FmpPayloadSize || + FmpPayloadHeader->HeaderSize < sizeof (FMP_PAYLOAD_HEADER)) { + return EFI_INVALID_PARAMETER; + } + + if (FmpPayloadHeader->Signature !=3D FMP_PAYLOAD_HEADER_SIGNATURE) { + return EFI_INVALID_PARAMETER; + } + + *Size =3D FmpPayloadHeader->HeaderSize; + return EFI_SUCCESS; +} + +/** + Returns the version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Version The firmware version described in the FMP Pa= yload + Header. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Version is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Version + ) +{ + FMP_PAYLOAD_HEADER *FmpPayloadHeader; + + FmpPayloadHeader =3D NULL; + + if (Header =3D=3D NULL || Version =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + FmpPayloadHeader =3D (FMP_PAYLOAD_HEADER *)Header; + if ((UINTN)FmpPayloadHeader + sizeof (FMP_PAYLOAD_HEADER) < (UINTN)FmpPa= yloadHeader || + (UINTN)FmpPayloadHeader + sizeof (FMP_PAYLOAD_HEADER) >=3D (UINTN)Fm= pPayloadHeader + FmpPayloadSize || + FmpPayloadHeader->HeaderSize < sizeof (FMP_PAYLOAD_HEADER)) { + return EFI_INVALID_PARAMETER; + } + + if (FmpPayloadHeader->Signature !=3D FMP_PAYLOAD_HEADER_SIGNATURE) { + return EFI_INVALID_PARAMETER; + } + + *Version =3D FmpPayloadHeader->FwVersion; + return EFI_SUCCESS; +} + +/** + Returns the lowest supported version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] LowestSupportedVersion The lowest supported version describ= ed in + the FMP Payload Header. + + @retval EFI_SUCCESS The lowest support version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER LowestSupportedVersion is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderLowestSupportedVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + IN OUT UINT32 *LowestSupportedVersion + ) +{ + FMP_PAYLOAD_HEADER *FmpPayloadHeader; + + FmpPayloadHeader =3D NULL; + + if (Header =3D=3D NULL || LowestSupportedVersion =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + FmpPayloadHeader =3D (FMP_PAYLOAD_HEADER *)Header; + if ((UINTN)FmpPayloadHeader + sizeof (FMP_PAYLOAD_HEADER) < (UINTN)FmpPa= yloadHeader || + (UINTN)FmpPayloadHeader + sizeof (FMP_PAYLOAD_HEADER) >=3D (UINTN)Fm= pPayloadHeader + FmpPayloadSize || + FmpPayloadHeader->HeaderSize < sizeof (FMP_PAYLOAD_HEADER)) { + return EFI_INVALID_PARAMETER; + } + + if (FmpPayloadHeader->Signature !=3D FMP_PAYLOAD_HEADER_SIGNATURE) { + return EFI_INVALID_PARAMETER; + } + + *LowestSupportedVersion =3D FmpPayloadHeader->LowestSupportedVersion; + return EFI_SUCCESS; +} diff --git a/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLib= V1.inf b/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.i= nf new file mode 100644 index 0000000000..41ed6e2aca --- /dev/null +++ b/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.inf @@ -0,0 +1,48 @@ +## @file +# Provides services to retrieve values from Version 1 of a capsule's FMP = Payload +# Header. The FMP Payload Header structure is not defined in the library = class. +# Instead, services are provided to retrieve information from the FMP Pay= load +# Header. If information is added to the FMP Payload Header, then new se= rvices +# may be added to this library class to retrieve the new information. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are = met: +# 1. Redistributions of source code must retain the above copyright notic= e, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright no= tice, +# this list of conditions and the following disclaimer in the documentati= on +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS= IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE I= MPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE = DISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR AN= Y DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INC= LUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY T= HEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NE= GLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN = IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D FmpPayloadHeaderLibV1 + FILE_GUID =3D 98A79A6C-513C-4E72-8375-39C0A7244C4B + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D FmpPayloadHeaderLib|DXE_DRIVER UEFI_A= PPLICATION + +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF ARM AARCH64 +# + +[Sources] + FmpPayloadHeaderLib.c + +[Packages] + MdePkg/MdePkg.dec + FmpDevicePkg/FmpDevicePkg.dec diff --git a/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLib= V1.uni b/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.u= ni new file mode 100644 index 0000000000..4eef31753d --- /dev/null +++ b/FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.uni @@ -0,0 +1,21 @@ +// /** @file +// Provides services to retrieve values from Version 1 of a capsule's FMP = Payload +// Header. The FMP Payload Header structure is not defined in the library = class. +// Instead, services are provided to retrieve information from the FMP Pay= load +// Header. If information is added to the FMP Payload Header, then new se= rvices +// may be added to this library class to retrieve the new information. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the B= SD License +// which accompanies this distribution. The full text of the license may b= e found at +// http://opensource.org/licenses/bsd-license.php +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "Provides services to ret= rieve values from Version 1 of a capsule's FMP Payload Header." + +#string STR_MODULE_DESCRIPTION #language en-US "Provides services to ret= rieve values from Version 1 of a capsule's FMP Payload Header." --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Mon May 6 07:10:11 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1523999136875120.64721311066046; Tue, 17 Apr 2018 14:05:36 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id D88BF2263DD80; Tue, 17 Apr 2018 14:05:27 -0700 (PDT) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id E12642244E3FC for ; Tue, 17 Apr 2018 14:05:26 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Apr 2018 14:05:26 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.51]) by fmsmga006.fm.intel.com with ESMTP; 17 Apr 2018 14:05:26 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.151; helo=mga17.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,464,1517904000"; d="scan'208";a="221226937" From: "Kinney, Michael D" To: edk2-devel@lists.01.org Date: Tue, 17 Apr 2018 14:05:21 -0700 Message-Id: <20180417210522.29644-4-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180417210522.29644-1-michael.d.kinney@intel.com> References: <20180417210522.29644-1-michael.d.kinney@intel.com> Subject: [edk2] [RFC v2 3/4] FmpDevicePkg: Add FmpDxe module X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Jiewen Yao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D922 Based on content from the following branch: https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleU= pdatePkg The FmpDxe directory contains 2 INF files. FmpDxe.inf is a DXE driver that is used in a platform to add a Firmware Management Protocol for firmware device that supports firmware updates. FmpDxeLib.inf is a NULL library instance with the exact same functionality as FmpDxe.inf, but allows the the Firmware Management Protocol feature to be added to an existing device driver. The FmpDxe component is intended to be used "as is" with no need for any device specific or platform specific changes. Cc: Sean Brogan Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- FmpDevicePkg/FmpDxe/DetectTestKey.c | 166 ++++ FmpDevicePkg/FmpDxe/FmpDxe.c | 1451 +++++++++++++++++++++++++++++= ++++ FmpDevicePkg/FmpDxe/FmpDxe.inf | 93 +++ FmpDevicePkg/FmpDxe/FmpDxe.uni | 20 + FmpDevicePkg/FmpDxe/FmpDxeExtra.uni | 18 + FmpDevicePkg/FmpDxe/FmpDxeLib.inf | 90 ++ FmpDevicePkg/FmpDxe/VariableSupport.c | 461 +++++++++++ FmpDevicePkg/FmpDxe/VariableSupport.h | 180 ++++ 8 files changed, 2479 insertions(+) create mode 100644 FmpDevicePkg/FmpDxe/DetectTestKey.c create mode 100644 FmpDevicePkg/FmpDxe/FmpDxe.c create mode 100644 FmpDevicePkg/FmpDxe/FmpDxe.inf create mode 100644 FmpDevicePkg/FmpDxe/FmpDxe.uni create mode 100644 FmpDevicePkg/FmpDxe/FmpDxeExtra.uni create mode 100644 FmpDevicePkg/FmpDxe/FmpDxeLib.inf create mode 100644 FmpDevicePkg/FmpDxe/VariableSupport.c create mode 100644 FmpDevicePkg/FmpDxe/VariableSupport.h diff --git a/FmpDevicePkg/FmpDxe/DetectTestKey.c b/FmpDevicePkg/FmpDxe/Dete= ctTestKey.c new file mode 100644 index 0000000000..0a6e37eded --- /dev/null +++ b/FmpDevicePkg/FmpDxe/DetectTestKey.c @@ -0,0 +1,166 @@ +/** @file + Detects if PcdFmpDevicePkcs7CertBufferXdr contains a test key. + + Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include +#include +#include +#include +#include +#include +#include + +/** + Check to see if any of the keys in PcdFmpDevicePkcs7CertBufferXdr matches + the test key. PcdFmpDeviceTestKeySha256Digest contains the SHA256 hash = of + the test key. For each key in PcdFmpDevicePkcs7CertBufferXdr, compute t= he + SHA256 hash and compare it to PcdFmpDeviceTestKeySha256Digest. If the + SHA256 hash matches or there is then error computing the SHA256 hash, th= en + set PcdTestKeyUsed to TRUE. Skip this check if PcdTestKeyUsed is already + TRUE or PcdFmpDeviceTestKeySha256Digest is not exactly SHA256_DIGEST_SIZE + bytes. +**/ +VOID +DetectTestKey ( + VOID + ) +{ + BOOLEAN TestKeyUsed; + UINTN PublicKeyDataLength; + UINT8 *PublicKeyDataXdr; + UINT8 *PublicKeyDataXdrEnd; + VOID *HashContext; + UINT8 Digest[SHA256_DIGEST_SIZE]; + + // + // If PcdFmpDeviceTestKeySha256Digest is not exacty SHA256_DIGEST_SIZE b= ytes, + // then skip the test key detection. + // + if (PcdGetSize (PcdFmpDeviceTestKeySha256Digest) !=3D SHA256_DIGEST_SIZE= ) { + return; + } + + // + // If PcdTestKeyUsed is already TRUE, then skip test key detection + // + TestKeyUsed =3D PcdGetBool (PcdTestKeyUsed); + if (TestKeyUsed) { + return; + } + + // + // If PcdFmpDevicePkcs7CertBufferXdr is invalid, then skip test key dete= ction + // + PublicKeyDataXdr =3D PcdGetPtr (PcdFmpDevicePkcs7CertBufferXdr); + PublicKeyDataXdrEnd =3D PublicKeyDataXdr + PcdGetSize (PcdFmpDevicePkcs7= CertBufferXdr); + if (PublicKeyDataXdr =3D=3D NULL || PublicKeyDataXdr =3D=3D PublicKeyDat= aXdrEnd) { + return; + } + + // + // Allocate hash context buffer required for SHA 256 + // + HashContext =3D AllocatePool (Sha256GetContextSize ()); + if (HashContext =3D=3D NULL) { + TestKeyUsed =3D TRUE; + } + + // + // Loop through all keys in PcdFmpDevicePkcs7CertBufferXdr + // + while (!TestKeyUsed && PublicKeyDataXdr < PublicKeyDataXdrEnd) { + if (PublicKeyDataXdr + sizeof (UINT32) > PublicKeyDataXdrEnd) { + // + // Key data extends beyond end of PCD + // + break; + } + // + // Read key length stored in big endian format + // + PublicKeyDataLength =3D SwapBytes32 (*(UINT32 *)(PublicKeyDataXdr)); + // + // Point to the start of the key data + // + PublicKeyDataXdr +=3D sizeof (UINT32); + if (PublicKeyDataXdr + PublicKeyDataLength > PublicKeyDataXdrEnd) { + // + // Key data extends beyond end of PCD + // + break; + } + + // + // Hash public key from PcdFmpDevicePkcs7CertBufferXdr using SHA256. + // If error occurs computing SHA256, then assume test key is in use. + // + ZeroMem (Digest, SHA256_DIGEST_SIZE); + if (!Sha256Init (HashContext)) { + TestKeyUsed =3D TRUE; + break; + } + if (!Sha256Update (HashContext, PublicKeyDataXdr, PublicKeyDataLength)= ) { + TestKeyUsed =3D TRUE; + break; + } + if (!Sha256Final (HashContext, Digest)) { + TestKeyUsed =3D TRUE; + break; + } + + // + // Check if SHA256 hash of public key matches SHA256 hash of test key + // + if (CompareMem (Digest, PcdGetPtr (PcdFmpDeviceTestKeySha256Digest), S= HA256_DIGEST_SIZE) =3D=3D 0) { + TestKeyUsed =3D TRUE; + break; + } + + // + // Point to start of next key + // + PublicKeyDataXdr +=3D PublicKeyDataLength; + PublicKeyDataXdr =3D (UINT8 *)ALIGN_POINTER (PublicKeyDataXdr, sizeof = (UINT32)); + } + + // + // Free hash context buffer required for SHA 256 + // + if (HashContext !=3D NULL) { + FreePool (HashContext); + HashContext =3D NULL; + } + + // + // If test key detected or an error occured checking for the test key, t= hen + // set PcdTestKeyUsed to TRUE. + // + if (TestKeyUsed) { + DEBUG ((DEBUG_INFO, "FmpDxe: Test key detected in PcdFmpDevicePkcs7Cer= tBufferXdr.\n")); + PcdSetBoolS (PcdTestKeyUsed, TRUE); + } else { + DEBUG ((DEBUG_INFO, "FmpDxe: No test key detected in PcdFmpDevicePkcs7= CertBufferXdr.\n")); + } +} diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.c b/FmpDevicePkg/FmpDxe/FmpDxe.c new file mode 100644 index 0000000000..1c611617f9 --- /dev/null +++ b/FmpDevicePkg/FmpDxe/FmpDxe.c @@ -0,0 +1,1451 @@ +/** @file + Produces a Firmware Management Protocol that supports updates to a firmw= are + image stored in a firmware device with platform and firmware device spec= ific + information provided through PCDs and libraries. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "VariableSupport.h" + +#define VERSION_STRING_NOT_SUPPORTED L"VERSION STRING NOT SUPPORTED" +#define VERSION_STRING_NOT_AVAILABLE L"VERSION STRING NOT AVAILABLE" + +/** + Check to see if any of the keys in PcdFmpDevicePkcs7CertBufferXdr matches + the test key. PcdFmpDeviceTestKeySha256Digest contains the SHA256 hash = of + the test key. For each key in PcdFmpDevicePkcs7CertBufferXdr, compute t= he + SHA256 hash and compare it to PcdFmpDeviceTestKeySha256Digest. If the + SHA256 hash matches or there is then error computing the SHA256 hash, th= en + set PcdTestKeyUsed to TRUE. Skip this check if PcdTestKeyUsed is already + TRUE or PcdFmpDeviceTestKeySha256Digest is not exactly SHA256_DIGEST_SIZE + bytes. +**/ +VOID +DetectTestKey ( + VOID + ); + +/// +/// FILE_GUID from FmpDxe.inf. When FmpDxe.inf is used in a platform, the +/// FILE_GUID must always be overridden in the section to provide +/// the ESRT GUID value associated with the updatable firmware image. A +/// check is made in this module's driver entry point to verify that a +/// new FILE_GUID value has been defined. +/// +const EFI_GUID mDefaultModuleFileGuid =3D { + 0x78ef0a56, 0x1cf0, 0x4535, { 0xb5, 0xda, 0xf6, 0xfd, 0x2f, 0x40, 0x5a, = 0x11 } +}; + +EFI_FIRMWARE_IMAGE_DESCRIPTOR mDesc; +BOOLEAN mDescriptorPopulated =3D FALSE; +BOOLEAN mRuntimeVersionSupported =3D TRUE; +BOOLEAN mFmpInstalled =3D FALSE; + +/// +/// Function pointer to progress function +/// +EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS mProgressFunc =3D NULL; +BOOLEAN mProgressSupported =3D FALS= E; + +CHAR16 *mImageIdName =3D NULL; +UINT64 mImageId =3D 0x1; +CHAR16 *mVersionName =3D NULL; + +EFI_EVENT mFmpDeviceLockEvent; +BOOLEAN mFmpDeviceLocked =3D FALSE; + +/** + Callback function to report the process of the firmware updating. + + Wrap the caller's version in this so that progress from the device lib is + within the expected range. Convert device lib 0%-100% to 25%-98%. + + FmpDxe 0% - 5% for validation + FmpDeviceLib 6% - 98% for flashing/update + FmpDxe 99% - 100% finish + + @param[in] Completion A value between 1 and 100 indicating the current + completion progress of the firmware update. Compl= etion + progress is reported as from 1 to 100 percent. A = value + of 0 is used by the driver to indicate that progr= ess + reporting is not supported. + + @retval EFI_SUCCESS The progress was updated. + @retval EFI_UNSUPPORTED Updating progress is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDxeProgress ( + IN UINTN Completion + ) +{ + EFI_STATUS Status; + + Status =3D EFI_UNSUPPORTED; + + if (!mProgressSupported) { + return Status; + } + + if (mProgressFunc =3D=3D NULL) { + return Status; + } + + // + // Reserve 6% - 98% for the FmpDeviceLib. Call the real progress functi= on. + // + Status =3D mProgressFunc (((Completion * 92) / 100) + 6); + + if (Status =3D=3D EFI_UNSUPPORTED) { + mProgressSupported =3D FALSE; + mProgressFunc =3D NULL; + } + + return Status; +} + +/** + Returns a pointer to the ImageTypeId GUID value. An attempt is made to = get + the GUID value from the FmpDeviceLib. If the FmpDeviceLib does not provi= de + a GUID value, then gEfiCallerIdGuid is returned. + + @return The ImageTypeId GUID + +**/ +EFI_GUID * +GetImageTypeIdGuid ( + VOID + ) +{ + EFI_STATUS Status; + EFI_GUID *FmpDeviceLibGuid; + + FmpDeviceLibGuid =3D NULL; + Status =3D FmpDeviceGetImageTypeIdGuidPtr (&FmpDeviceLibGuid); + if (EFI_ERROR (Status)) { + if (Status !=3D EFI_UNSUPPORTED) { + DEBUG ((DEBUG_ERROR, "FmpDxe: FmpDeviceLib GetImageTypeIdGuidPtr() r= eturned invalid error %r\n", Status)); + } + return &gEfiCallerIdGuid; + } + if (FmpDeviceLibGuid =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: FmpDeviceLib GetImageTypeIdGuidPtr() ret= urned invalid GUID\n")); + return &gEfiCallerIdGuid; + } + return FmpDeviceLibGuid; +} + +/** + Returns a pointer to the Null-terminated Unicode ImageIdName string. + + @return Null-terminated Unicode ImageIdName string. + +**/ +CHAR16 * +GetImageTypeNameString ( + VOID + ) +{ + return mImageIdName; +} + +/** + Lowest supported version is a combo of three parts. + 1. Check if the device lib has a lowest supported version + 2. Check if we have a variable for lowest supported version (this will b= e updated with each capsule applied) + 3. Check Fixed at build PCD + + Take the largest value + +**/ +UINT32 +GetLowestSupportedVersion ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 DeviceLibLowestSupportedVersion; + UINT32 VariableLowestSupportedVersion; + UINT32 ReturnLsv; + + // + // Get the LowestSupportedVersion. + // + + DeviceLibLowestSupportedVersion =3D DEFAULT_LOWESTSUPPORTEDVERSION; + ReturnLsv =3D PcdGet32 (PcdFmpDeviceBuildTimeLowestSupportedVersion); + if (CheckLowestSupportedVersion() =3D=3D FALSE) { + return 1; + } + + // + // Check the FmpDeviceLib + // + Status =3D FmpDeviceGetLowestSupportedVersion (&DeviceLibLowestSupported= Version); + if (EFI_ERROR (Status)) { + DeviceLibLowestSupportedVersion =3D DEFAULT_LOWESTSUPPORTEDVERSION; + } + + if (DeviceLibLowestSupportedVersion > ReturnLsv) { + ReturnLsv =3D DeviceLibLowestSupportedVersion; + } + + // + // Check the lowest supported version UEFI variable for this device + // + VariableLowestSupportedVersion =3D GetLowestSupportedVersionFromVariable= (); + if (VariableLowestSupportedVersion > ReturnLsv) { + ReturnLsv =3D VariableLowestSupportedVersion; + } + + // + // Return the largest value + // + return ReturnLsv; +} + +/** + Populates the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure in the module glob= al + variable mDesc. + +**/ +VOID +PopulateDescriptor ( + VOID + ) +{ + EFI_STATUS Status; + + mDesc.ImageIndex =3D 1; + CopyGuid (&mDesc.ImageTypeId, GetImageTypeIdGuid()); + mDesc.ImageId =3D mImageId; + mDesc.ImageIdName =3D GetImageTypeNameString(); + + // + // Get the version. Some devices don't support getting the firmware ver= sion + // at runtime. If FmpDeviceLib does not support returning a version, th= en + // it is stored in a UEFI variable. + // + Status =3D FmpDeviceGetVersion (&mDesc.Version); + if (Status =3D=3D EFI_UNSUPPORTED) { + mRuntimeVersionSupported =3D FALSE; + mDesc.Version =3D GetVersionFromVariable(); + } else if (EFI_ERROR (Status)) { + // + // Unexpected error. Use default version. + // + DEBUG ((DEBUG_ERROR, "FmpDxe: GetVersion() from FmpDeviceLib (%s) retu= rned %r\n", GetImageTypeNameString(), Status)); + mDesc.Version =3D DEFAULT_VERSION; + } + + // + // Free the current version name. Shouldn't really happen but this popu= late + // function could be called multiple times (to refresh). + // + if (mVersionName !=3D NULL) { + FreePool (mVersionName); + mVersionName =3D NULL; + } + + // + // Attempt to get the version string from the FmpDeviceLib + // + Status =3D FmpDeviceGetVersionString (&mVersionName); + if (Status =3D=3D EFI_UNSUPPORTED) { + DEBUG ((DEBUG_INFO, "FmpDxe: GetVersionString() unsupported in FmpDevi= ceLib.\n")); + mVersionName =3D AllocateCopyPool ( + sizeof (VERSION_STRING_NOT_SUPPORTED), + VERSION_STRING_NOT_SUPPORTED + ); + } else if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_INFO, "FmpDxe: GetVersionString() not available in FmpDe= viceLib.\n")); + mVersionName =3D AllocateCopyPool ( + sizeof (VERSION_STRING_NOT_AVAILABLE), + VERSION_STRING_NOT_AVAILABLE + ); + } + + mDesc.VersionName =3D mVersionName; + + mDesc.LowestSupportedImageVersion =3D GetLowestSupportedVersion(); + + // + // Get attributes from the FmpDeviceLib + // + FmpDeviceGetAttributes (&mDesc.AttributesSupported, &mDesc.AttributesSet= ting); + + // + // Force set the updatable bits in the attributes; + // + mDesc.AttributesSupported |=3D IMAGE_ATTRIBUTE_IMAGE_UPDATABLE; + mDesc.AttributesSetting |=3D IMAGE_ATTRIBUTE_IMAGE_UPDATABLE; + + // + // Force set the authentication bits in the attributes; + // + mDesc.AttributesSupported |=3D (IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED); + mDesc.AttributesSetting |=3D (IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED); + + mDesc.Compatibilities =3D 0; + + // + // Get the size of the firmware image from the FmpDeviceLib + // + Status =3D FmpDeviceGetSize (&mDesc.Size); + if (EFI_ERROR (Status)) { + mDesc.Size =3D 0; + } + + mDesc.LastAttemptVersion =3D GetLastAttemptVersionFromVariable (); + mDesc.LastAttemptStatus =3D GetLastAttemptStatusFromVariable (); + + mDescriptorPopulated =3D TRUE; +} + +/** + Returns information about the current firmware image(s) of the device. + + This function allows a copy of the current firmware image to be created = and saved. + The saved copy could later been used, for example, in firmware image rec= overy or rollback. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEM= ENT_PROTOCOL instance. + @param[in, out] ImageInfoSize A pointer to the size, in bytes, of t= he ImageInfo buffer. + On input, this is the size of the buf= fer allocated by the caller. + On output, it is the size of the buff= er returned by the firmware + if the buffer was large enough, or th= e size of the buffer needed + to contain the image(s) information i= f the buffer was too small. + @param[in, out] ImageInfo A pointer to the buffer in which firm= ware places the current image(s) + information. The information is an ar= ray of EFI_FIRMWARE_IMAGE_DESCRIPTORs. + @param[out] DescriptorVersion A pointer to the location in which fi= rmware returns the version number + associated with the EFI_FIRMWARE_IMAG= E_DESCRIPTOR. + @param[out] DescriptorCount A pointer to the location in which fi= rmware returns the number of + descriptors or firmware images within= this device. + @param[out] DescriptorSize A pointer to the location in which fi= rmware returns the size, in bytes, + of an individual EFI_FIRMWARE_IMAGE_D= ESCRIPTOR. + @param[out] PackageVersion A version number that represents all = the firmware images in the device. + The format is vendor specific and new= version must have a greater value + than the old version. If PackageVersi= on is not supported, the value is + 0xFFFFFFFF. A value of 0xFFFFFFFE ind= icates that package version comparison + is to be performed using PackageVersi= onName. A value of 0xFFFFFFFD indicates + that package version update is in pro= gress. + @param[out] PackageVersionName A pointer to a pointer to a null-term= inated string representing the + package version name. The buffer is a= llocated by this function with + AllocatePool(), and it is the caller'= s responsibility to free it with a call + to FreePool(). + + @retval EFI_SUCCESS The device was successfully updated w= ith the new image. + @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. T= he current buffer size + needed to hold the image(s) informati= on is returned in ImageInfoSize. + @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL. + @retval EFI_DEVICE_ERROR Valid information could not be return= ed. Possible corrupted image. + +**/ +EFI_STATUS +EFIAPI +GetTheImageInfo ( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN OUT UINTN *ImageInfoSize, + IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo, + OUT UINT32 *DescriptorVersion, + OUT UINT8 *DescriptorCount, + OUT UINTN *DescriptorSize, + OUT UINT32 *PackageVersion, + OUT CHAR16 **PackageVersionName + ) +{ + EFI_STATUS Status; + + Status =3D EFI_SUCCESS; + + // + // Check for valid pointer + // + if (ImageInfoSize =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: GetImageInfo() - ImageInfoSize is NULL.\= n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + // + // Check the buffer size + // NOTE: Check this first so caller can get the necessary memory size it= must allocate. + // + if (*ImageInfoSize < (sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR))) { + *ImageInfoSize =3D sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR); + DEBUG ((DEBUG_VERBOSE, "FmpDxe: GetImageInfo() - ImageInfoSize is to s= mall.\n")); + Status =3D EFI_BUFFER_TOO_SMALL; + goto cleanup; + } + + // + // Confirm that buffer isn't null + // + if ( (ImageInfo =3D=3D NULL) || (DescriptorVersion =3D=3D NULL) || (Desc= riptorCount =3D=3D NULL) || (DescriptorSize =3D=3D NULL) + || (PackageVersion =3D=3D NULL)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: GetImageInfo() - Pointer Parameter is NU= LL.\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + // + // Set the size to whatever we need + // + *ImageInfoSize =3D sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR); + + + if (!mDescriptorPopulated) { + PopulateDescriptor(); + } + + // + // Copy the image descriptor + // + CopyMem (ImageInfo, &mDesc, sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR)); + + *DescriptorVersion =3D EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION; + *DescriptorCount =3D 1; + *DescriptorSize =3D sizeof (EFI_FIRMWARE_IMAGE_DESCRIPTOR); + // + // means unsupported + // + *PackageVersion =3D 0xFFFFFFFF; + + // + // Do not update PackageVersionName since it is not supported in this in= stance. + // + +cleanup: + + return Status; +} + +/** + Retrieves a copy of the current firmware image of the device. + + This function allows a copy of the current firmware image to be created = and saved. + The saved copy could later been used, for example, in firmware image rec= overy or rollback. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_= PROTOCOL instance. + @param[in] ImageIndex A unique number identifying the firmware = image(s) within the device. + The number is between 1 and DescriptorCou= nt. + @param[out] Image Points to the buffer where the current im= age is copied to. + @param[out] ImageSize On entry, points to the size of the buffe= r pointed to by Image, in bytes. + On return, points to the length of the im= age, in bytes. + + @retval EFI_SUCCESS The device was successfully updated with = the new image. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too = small to hold the + image. The current buffer size needed to = hold the image is returned + in ImageSize. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_NOT_FOUND The current image is not copied to the bu= ffer. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due = to an authentication failure. + +**/ +EFI_STATUS +EFIAPI +GetTheImage ( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN UINT8 ImageIndex, + IN OUT VOID *Image, + IN OUT UINTN *ImageSize + ) +{ + EFI_STATUS Status; + UINTN Size; + + Status =3D EFI_SUCCESS; + + if ((ImageSize =3D=3D NULL)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: GetImage() - ImageSize Pointer Parameter= is NULL.\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + // + // Check the buffer size + // + Status =3D FmpDeviceGetSize (&Size); + if (EFI_ERROR (Status)) { + Size =3D 0; + } + if (*ImageSize < Size) { + *ImageSize =3D Size; + DEBUG ((DEBUG_VERBOSE, "FmpDxe: GetImage() - ImageSize is to small.\n"= )); + Status =3D EFI_BUFFER_TOO_SMALL; + goto cleanup; + } + + if (Image =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: GetImage() - Image Pointer Parameter is = NULL.\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + // + // Check to make sure index is 1 (only 1 image for this device) + // + if (ImageIndex !=3D 1) { + DEBUG ((DEBUG_ERROR, "FmpDxe: GetImage() - Image Index Invalid.\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + + Status =3D FmpDeviceGetImage (Image, ImageSize); +cleanup: + + return Status; +} + +/** + Helper function to safely retrieve the FMP header from + within an EFI_FIRMWARE_IMAGE_AUTHENTICATION structure. + + @param[in] Image Pointer to the image. + @param[in] ImageSize Size of the image. + @param[out] PayloadSize + + @retval !NULL Valid pointer to the header. + @retval NULL Structure is bad and pointer cannot be found. + +**/ +VOID * +GetFmpHeader ( + IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image, + IN CONST UINTN ImageSize, + OUT UINTN *PayloadSize + ) +{ + // + // Check to make sure that operation can be safely performed. + // + if (((UINTN)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr= .dwLength) < (UINTN)Image || \ + ((UINTN)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr= .dwLength) >=3D (UINTN)Image + ImageSize) { + // + // Pointer overflow. Invalid image. + // + return NULL; + } + + *PayloadSize =3D ImageSize - (sizeof (Image->MonotonicCount) + Image->Au= thInfo.Hdr.dwLength); + return (VOID *)((UINT8 *)Image + sizeof (Image->MonotonicCount) + Image-= >AuthInfo.Hdr.dwLength); +} + +/** + Helper function to safely calculate the size of all headers + within an EFI_FIRMWARE_IMAGE_AUTHENTICATION structure. + + @param[in] Image Pointer to the image. + @param[in] AdditionalHeaderSize Size of any headers that cannot be cal= culated by this function. + + @retval UINT32>0 Valid size of all the headers. + @retval 0 Structure is bad and size cannot be found. + +**/ +UINT32 +GetAllHeaderSize ( + IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image, + IN UINT32 AdditionalHeaderSize + ) +{ + UINT32 CalculatedSize; + + CalculatedSize =3D sizeof (Image->MonotonicCount) + + AdditionalHeaderSize + + Image->AuthInfo.Hdr.dwLength; + + // + // Check to make sure that operation can be safely performed. + // + if (CalculatedSize < sizeof (Image->MonotonicCount) || + CalculatedSize < AdditionalHeaderSize || + CalculatedSize < Image->AuthInfo.Hdr.dwLength ) { + // + // Integer overflow. Invalid image. + // + return 0; + } + + return CalculatedSize; +} + +/** + Checks if the firmware image is valid for the device. + + This function allows firmware update application to validate the firmwar= e image without + invoking the SetImage() first. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_= PROTOCOL instance. + @param[in] ImageIndex A unique number identifying the firmware = image(s) within the device. + The number is between 1 and DescriptorCou= nt. + @param[in] Image Points to the new image. + @param[in] ImageSize Size of the new image in bytes. + @param[out] ImageUpdatable Indicates if the new image is valid for u= pdate. It also provides, + if available, additional information if t= he image is invalid. + + @retval EFI_SUCCESS The image was successfully checked. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due = to an authentication failure. + +**/ +EFI_STATUS +EFIAPI +CheckTheImage ( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN UINT8 ImageIndex, + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdateable + ) +{ + EFI_STATUS Status; + UINTN RawSize; + VOID *FmpPayloadHeader; + UINTN FmpPayloadSize; + UINT32 Version; + UINT32 FmpHeaderSize; + UINTN AllHeaderSize; + UINT32 Index; + VOID *PublicKeyData; + UINTN PublicKeyDataLength; + UINT8 *PublicKeyDataXdr; + UINT8 *PublicKeyDataXdrEnd; + + Status =3D EFI_SUCCESS; + RawSize =3D 0; + FmpPayloadHeader =3D NULL; + FmpPayloadSize =3D 0; + Version =3D 0; + FmpHeaderSize =3D 0; + AllHeaderSize =3D 0; + + // + // make sure the descriptor has already been loaded + // + if (!mDescriptorPopulated) { + PopulateDescriptor(); + } + + if (ImageUpdateable =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckImage() - ImageUpdateable Pointer P= arameter is NULL.\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + // + //Set to valid and then if any tests fail it will update this flag. + // + *ImageUpdateable =3D IMAGE_UPDATABLE_VALID; + + if (Image =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckImage() - Image Pointer Parameter i= s NULL.\n")); + // + // not sure if this is needed + // + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID; + return EFI_INVALID_PARAMETER; + } + + PublicKeyDataXdr =3D PcdGetPtr (PcdFmpDevicePkcs7CertBufferXdr); + PublicKeyDataXdrEnd =3D PublicKeyDataXdr + PcdGetSize (PcdFmpDevicePkcs7= CertBufferXdr); + + if (PublicKeyDataXdr =3D=3D NULL || (PublicKeyDataXdr =3D=3D PublicKeyDa= taXdrEnd)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Invalid certificate, skipping it.\n")); + Status =3D EFI_ABORTED; + } else { + // + // Try each key from PcdFmpDevicePkcs7CertBufferXdr + // + for (Index =3D 1; PublicKeyDataXdr < PublicKeyDataXdrEnd; Index++) { + Index++; + DEBUG ( + (DEBUG_INFO, + "FmpDxe: Certificate #%d [%p..%p].\n", + Index, + PublicKeyDataXdr, + PublicKeyDataXdrEnd + ) + ); + + if ((PublicKeyDataXdr + sizeof (UINT32)) > PublicKeyDataXdrEnd) { + // + // Key data extends beyond end of PCD + // + DEBUG ((DEBUG_ERROR, "FmpDxe: Certificate size extends beyond end = of PCD, skipping it.\n")); + Status =3D EFI_ABORTED; + break; + } + // + // Read key length stored in big-endian format + // + PublicKeyDataLength =3D SwapBytes32 (*(UINT32 *)(PublicKeyDataXdr)); + // + // Point to the start of the key data + // + PublicKeyDataXdr +=3D sizeof (UINT32); + if (PublicKeyDataXdr + PublicKeyDataLength > PublicKeyDataXdrEnd) { + // + // Key data extends beyond end of PCD + // + DEBUG ((DEBUG_ERROR, "FmpDxe: Certificate extends beyond end of PC= D, skipping it.\n")); + Status =3D EFI_ABORTED; + break; + } + PublicKeyData =3D PublicKeyDataXdr; + Status =3D AuthenticateFmpImage ( + (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, + ImageSize, + PublicKeyData, + PublicKeyDataLength + ); + if (!EFI_ERROR (Status)) { + break; + } + PublicKeyDataXdr +=3D PublicKeyDataLength; + PublicKeyDataXdr =3D (UINT8 *)ALIGN_POINTER (PublicKeyDataXdr, sizeo= f (UINT32)); + } + } + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - Authentication Failed = %r.\n", Status)); + goto cleanup; + } + + // + // Check to make sure index is 1 + // + if (ImageIndex !=3D 1) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckImage() - Image Index Invalid.\n")); + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID_TYPE; + Status =3D EFI_SUCCESS; + goto cleanup; + } + + + // + // Check the FmpPayloadHeader + // + FmpPayloadHeader =3D GetFmpHeader ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION *= )Image, ImageSize, &FmpPayloadSize ); + if (FmpPayloadHeader =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - GetFmpHeader failed.\n= ")); + Status =3D EFI_ABORTED; + goto cleanup; + } + Status =3D GetFmpPayloadHeaderVersion (FmpPayloadHeader, FmpPayloadSize,= &Version); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - GetFmpPayloadHeaderVer= sion failed %r.\n", Status)); + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID; + Status =3D EFI_SUCCESS; + goto cleanup; + } + + // + // Check the lowest supported version + // + if (Version < mDesc.LowestSupportedImageVersion) { + DEBUG ( + (DEBUG_ERROR, + "FmpDxe: CheckTheImage() - Version Lower than lowest supported versi= on. 0x%08X < 0x%08X\n", + Version, mDesc.LowestSupportedImageVersion) + ); + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID_OLD; + Status =3D EFI_SUCCESS; + goto cleanup; + } + + // + // Get the FmpHeaderSize so we can determine the real payload size + // + Status =3D GetFmpPayloadHeaderSize (FmpPayloadHeader, FmpPayloadSize, &F= mpHeaderSize); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - GetFmpPayloadHeaderSiz= e failed %r.\n", Status)); + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID; + Status =3D EFI_SUCCESS; + goto cleanup; + } + + // + // Call FmpDevice Lib Check Image on the + // Raw payload. So all headers need stripped off + // + AllHeaderSize =3D GetAllHeaderSize ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION = *)Image, FmpHeaderSize ); + if (AllHeaderSize =3D=3D 0) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - GetAllHeaderSize faile= d.\n")); + Status =3D EFI_ABORTED; + goto cleanup; + } + RawSize =3D ImageSize - AllHeaderSize; + + // + // FmpDeviceLib CheckImage function to do any specific checks + // + Status =3D FmpDeviceCheckImage ((((UINT8 *)Image) + AllHeaderSize), RawS= ize, ImageUpdateable); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: CheckTheImage() - FmpDeviceLib CheckImag= e failed. Status =3D %r\n", Status)); + } + +cleanup: + return Status; +} + +/** + Updates the firmware image of the device. + + This function updates the hardware with the new firmware image. + This function returns EFI_UNSUPPORTED if the firmware image is not updat= able. + If the firmware image is updatable, the function should perform the foll= owing minimal validations + before proceeding to do the firmware image update. + - Validate the image authentication if image has attribute + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns + EFI_SECURITY_VIOLATION if the validation fails. + - Validate the image is a supported image for this device. The function = returns EFI_ABORTED if + the image is unsupported. The function can optionally provide more det= ailed information on + why the image is not a supported image. + - Validate the data from VendorCode if not null. Image validation must b= e performed before + VendorCode data validation. VendorCode data is ignored or considered i= nvalid if image + validation failed. The function returns EFI_ABORTED if the data is inv= alid. + + VendorCode enables vendor to implement vendor-specific firmware image up= date policy. Null if + the caller did not specify the policy or use the default policy. As an e= xample, vendor can implement + a policy to allow an option to force a firmware image update when the ab= ort reason is due to the new + firmware image version is older than the current firmware image version = or bad image checksum. + Sensitive operations such as those wiping the entire firmware image and = render the device to be + non-functional should be encoded in the image itself rather than passed = with the VendorCode. + AbortReason enables vendor to have the option to provide a more detailed= description of the abort + reason to the caller. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_= PROTOCOL instance. + @param[in] ImageIndex A unique number identifying the firmware = image(s) within the device. + The number is between 1 and DescriptorCou= nt. + @param[in] Image Points to the new image. + @param[in] ImageSize Size of the new image in bytes. + @param[in] VendorCode This enables vendor to implement vendor-s= pecific firmware image update policy. + Null indicates the caller did not specify= the policy or use the default policy. + @param[in] Progress A function used by the driver to report t= he progress of the firmware update. + @param[out] AbortReason A pointer to a pointer to a null-terminat= ed string providing more + details for the aborted operation. The bu= ffer is allocated by this function + with AllocatePool(), and it is the caller= 's responsibility to free it with a + call to FreePool(). + + @retval EFI_SUCCESS The device was successfully updated with = the new image. + @retval EFI_ABORTED The operation is aborted. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due = to an authentication failure. + +**/ +EFI_STATUS +EFIAPI +SetTheImage ( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN UINT8 ImageIndex, + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, + OUT CHAR16 **AbortReason + ) +{ + EFI_STATUS Status; + UINT32 Updateable; + BOOLEAN BooleanValue; + UINT32 FmpHeaderSize; + VOID *FmpHeader; + UINTN FmpPayloadSize; + UINT32 AllHeaderSize; + UINT32 IncommingFwVersion; + UINT32 LastAttemptStatus; + + Status =3D EFI_SUCCESS; + Updateable =3D 0; + BooleanValue =3D FALSE; + FmpHeaderSize =3D 0; + FmpHeader =3D NULL; + FmpPayloadSize =3D 0; + AllHeaderSize =3D 0; + IncommingFwVersion =3D 0; + LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; + + + SetLastAttemptVersionInVariable (IncommingFwVersion); //set to 0 to clea= r any previous results. + + // + // if we have locked the device, then skip the set operation. + // it should be blocked by hardware too but we can catch here even faster + // + if (mFmpDeviceLocked) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - Device is already locked= . Can't update.\n")); + Status =3D EFI_ACCESS_DENIED; + goto cleanup; + } + + // + // Call check image to verify the image + // + Status =3D CheckTheImage (This, ImageIndex, Image, ImageSize, &Updateabl= e); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - Check The Image failed w= ith %r.\n", Status)); + if (Status =3D=3D EFI_SECURITY_VIOLATION) { + LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR; + } + goto cleanup; + } + + // + // No functional error in CheckTheImage. Attempt to get the Version to + // support better error reporting. + // + FmpHeader =3D GetFmpHeader ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image,= ImageSize, &FmpPayloadSize ); + if (FmpHeader =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - GetFmpHeader failed.\n")= ); + Status =3D EFI_ABORTED; + goto cleanup; + } + Status =3D GetFmpPayloadHeaderVersion (FmpHeader, FmpPayloadSize, &Incom= mingFwVersion); + if (!EFI_ERROR (Status)) { + // + // Set to actual value + // + SetLastAttemptVersionInVariable (IncommingFwVersion); + } + + + if (Updateable !=3D IMAGE_UPDATABLE_VALID) { + DEBUG ( + (DEBUG_ERROR, + "FmpDxed: SetTheImage() - Check The Image returned that the Image wa= s not valid for update. Updatable value =3D 0x%X.\n", + Updateable) + ); + Status =3D EFI_ABORTED; + goto cleanup; + } + + if (Progress =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - Invalid progress callbac= k\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + mProgressFunc =3D Progress; + mProgressSupported =3D TRUE; + + // + // Checking the image is at least 1% + // + Status =3D Progress (1); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - Progress Callback failed= with Status %r.\n", Status)); + } + + // + //Check System Power + // + Status =3D CheckSystemPower (&BooleanValue); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - CheckSystemPower - API c= all failed %r.\n", Status)); + goto cleanup; + } + if (!BooleanValue) { + Status =3D EFI_ABORTED; + DEBUG ( + (DEBUG_ERROR, + "FmpDxe: SetTheImage() - CheckSystemPower - returned False. Update = not allowed due to System Power.\n") + ); + LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_PWR_EVT_BATT; + goto cleanup; + } + + Progress (2); + + // + //Check System Thermal + // + Status =3D CheckSystemThermal (&BooleanValue); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - CheckSystemThermal - API= call failed %r.\n", Status)); + goto cleanup; + } + if (!BooleanValue) { + Status =3D EFI_ABORTED; + DEBUG ( + (DEBUG_ERROR, + "FmpDxe: SetTheImage() - CheckSystemThermal - returned False. Updat= e not allowed due to System Thermal.\n") + ); + goto cleanup; + } + + Progress (3); + + // + //Check System Environment + // + Status =3D CheckSystemEnvironment (&BooleanValue); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - CheckSystemEnvironment -= API call failed %r.\n", Status)); + goto cleanup; + } + if (!BooleanValue) { + Status =3D EFI_ABORTED; + DEBUG ( + (DEBUG_ERROR, + "FmpDxe: SetTheImage() - CheckSystemEnvironment - returned False. U= pdate not allowed due to System Environment.\n") + ); + goto cleanup; + } + + Progress (4); + + // + // Save LastAttemptStatus as error so that if SetImage never returns the= error + // state is recorded. + // + SetLastAttemptStatusInVariable (LastAttemptStatus); + + // + // Strip off all the headers so the device can process its firmware + // + Status =3D GetFmpPayloadHeaderSize (FmpHeader, FmpPayloadSize, &FmpHeade= rSize); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - GetFmpPayloadHeaderSize = failed %r.\n", Status)); + goto cleanup; + } + + AllHeaderSize =3D GetAllHeaderSize ( (EFI_FIRMWARE_IMAGE_AUTHENTICATION = *)Image, FmpHeaderSize ); + if (AllHeaderSize =3D=3D 0) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() - GetAllHeaderSize failed.= \n")); + Status =3D EFI_ABORTED; + goto cleanup; + } + + // + // Indicate that control is handed off to FmpDeviceLib + // + Progress (5); + + // + //Copy the requested image to the firmware using the FmpDeviceLib + // + Status =3D FmpDeviceSetImage ( + (((UINT8 *)Image) + AllHeaderSize), + ImageSize - AllHeaderSize, + VendorCode, + FmpDxeProgress, + IncommingFwVersion, + AbortReason + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: SetTheImage() SetImage from FmpDeviceLib= failed. Status =3D %r.\n", Status)); + goto cleanup; + } + + + // + // Finished the update without error + // Indicate that control has been returned from FmpDeviceLib + // + Progress (99); + + // + // Update the version stored in variable + // + if (!mRuntimeVersionSupported) { + UINT32 Version =3D DEFAULT_VERSION; + GetFmpPayloadHeaderVersion (FmpHeader, FmpPayloadSize, &Version); + SetVersionInVariable (Version); + } + + // + // Update lowest supported variable + // + { + UINT32 Version =3D DEFAULT_LOWESTSUPPORTEDVERSION; + GetFmpPayloadHeaderLowestSupportedVersion (FmpHeader, FmpPayloadSize, = &Version); + SetLowestSupportedVersionInVariable (Version); + } + + LastAttemptStatus =3D LAST_ATTEMPT_STATUS_SUCCESS; + + // + // Set flag so the descriptor is repopulated + // This only applied to devices that do not require system reboot + // + if (!PcdGetBool (PcdFmpDeviceSystemResetRequired)) { + mDescriptorPopulated =3D FALSE; + } + +cleanup: + mProgressFunc =3D NULL; + mProgressSupported =3D FALSE; + SetLastAttemptStatusInVariable (LastAttemptStatus); + + // + // Set progress to 100 after everything is done including recording Stat= us. + // + Progress (100); + + return Status; +} + +/** + Returns information about the firmware package. + + This function returns package information. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAG= EMENT_PROTOCOL instance. + @param[out] PackageVersion A version number that represents al= l the firmware images in the device. + The format is vendor specific and n= ew version must have a greater value + than the old version. If PackageVer= sion is not supported, the value is + 0xFFFFFFFF. A value of 0xFFFFFFFE i= ndicates that package version + comparison is to be performed using= PackageVersionName. A value of + 0xFFFFFFFD indicates that package v= ersion update is in progress. + @param[out] PackageVersionName A pointer to a pointer to a null-te= rminated string representing + the package version name. The buffe= r is allocated by this function with + AllocatePool(), and it is the calle= r's responsibility to free it with a + call to FreePool(). + @param[out] PackageVersionNameMaxLen The maximum length of package versi= on name if device supports update of + package version name. A value of 0 = indicates the device does not support + update of package version name. Len= gth is the number of Unicode characters, + including the terminating null char= acter. + @param[out] AttributesSupported Package attributes that are support= ed by this device. See 'Package Attribute + Definitions' for possible returned = values of this parameter. A value of 1 + indicates the attribute is supporte= d and the current setting value is + indicated in AttributesSetting. A v= alue of 0 indicates the attribute is not + supported and the current setting v= alue in AttributesSetting is meaningless. + @param[out] AttributesSetting Package attributes. See 'Package At= tribute Definitions' for possible returned + values of this parameter + + @retval EFI_SUCCESS The package information was success= fully returned. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +GetPackageInfo ( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + OUT UINT32 *PackageVersion, + OUT CHAR16 **PackageVersionName, + OUT UINT32 *PackageVersionNameMaxLen, + OUT UINT64 *AttributesSupported, + OUT UINT64 *AttributesSetting + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Updates information about the firmware package. + + This function updates package information. + This function returns EFI_UNSUPPORTED if the package information is not = updatable. + VendorCode enables vendor to implement vendor-specific package informati= on update policy. + Null if the caller did not specify this policy or use the default policy. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_= PROTOCOL instance. + @param[in] Image Points to the authentication image. + Null if authentication is not required. + @param[in] ImageSize Size of the authentication image in bytes. + 0 if authentication is not required. + @param[in] VendorCode This enables vendor to implement vendor-s= pecific firmware + image update policy. + Null indicates the caller did not specify= this policy or use + the default policy. + @param[in] PackageVersion The new package version. + @param[in] PackageVersionName A pointer to the new null-terminated Unic= ode string representing + the package version name. + The string length is equal to or less tha= n the value returned in + PackageVersionNameMaxLen. + + @retval EFI_SUCCESS The device was successfully updated with = the new package + information. + @retval EFI_INVALID_PARAMETER The PackageVersionName length is longer t= han the value + returned in PackageVersionNameMaxLen. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due = to an authentication failure. + +**/ +EFI_STATUS +EFIAPI +SetPackageInfo ( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, + IN UINT32 PackageVersion, + IN CONST CHAR16 *PackageVersionName + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Event notification function that is invoked when the event GUID specifie= d by + PcdFmpDeviceLockEventGuid is signaled. + + @param[in] Event Event whose notification function is being invoked. + @param[in] Context The pointer to the notification function's context, + which is implementation-dependent. +**/ +VOID +EFIAPI +FmpDxeLockEventNotify ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + + if (!mFmpDeviceLocked) { + if (LockFmpDeviceAtLockEventGuid ()) { + // + // Lock all UEFI Variables used by this module. + // + Status =3D LockAllFmpVariables (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Failed to lock variables. Status = =3D %r.\n")); + } else { + DEBUG ((DEBUG_INFO, "FmpDxe: All variables locked\n")); + } + + // + // Lock the firmware device + // + Status =3D FmpDeviceLock(); + if (EFI_ERROR (Status)) { + if (Status !=3D EFI_UNSUPPORTED) { + DEBUG ((DEBUG_ERROR, "FmpDxe: FmpDeviceLock() returned error. S= tatus =3D %r\n", Status)); + } else { + DEBUG ((DEBUG_WARN, "FmpDxe: FmpDeviceLock() returned error. St= atus =3D %r\n", Status)); + } + } + mFmpDeviceLocked =3D TRUE; + } else { + DEBUG ((DEBUG_VERBOSE, "FmpDxe: Not calling FmpDeviceLock() because = mfg mode\n")); + } + } +} + +/** + Function to install FMP instance. + + @param[in] Handle The device handle to install a FMP instance on. + + @retval EFI_SUCCESS FMP Installed + @retval EFI_INVALID_PARAMETER Handle was invalid + @retval other Error installing FMP + +**/ +EFI_STATUS +EFIAPI +InstallFmpInstance ( + IN EFI_HANDLE Handle + ) +{ + EFI_STATUS Status; + EFI_FIRMWARE_MANAGEMENT_PROTOCOL *Fmp; + EDKII_FIRMWARE_MANAGEMENT_PROGRESS_PROTOCOL *FmpProgress; + + Status =3D EFI_SUCCESS; + Fmp =3D NULL; + FmpProgress =3D NULL; + + // + // Only allow a single FMP Protocol instance to be installed + // + if (mFmpInstalled) { + return EFI_ALREADY_STARTED; + } + + // + // Allocate FMP Protocol instance + // + Fmp =3D AllocateZeroPool (sizeof (EFI_FIRMWARE_MANAGEMENT_PROTOCOL)); + if (Fmp =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Failed to allocate memory for FMP Protoc= ol instance.\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto cleanup; + } + + // + // Allocate FMP Progress Protocol instance + // + FmpProgress =3D AllocateZeroPool (sizeof (EDKII_FIRMWARE_MANAGEMENT_PROG= RESS_PROTOCOL)); + if (FmpProgress =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Failed to allocate memory for FMP Progre= ss Protocol instance.\n")); + Status =3D EFI_OUT_OF_RESOURCES; + FreePool (Fmp); + goto cleanup; + } + + // + // Set up FMP Protocol function pointers + // + Fmp->GetImageInfo =3D GetTheImageInfo; + Fmp->GetImage =3D GetTheImage; + Fmp->SetImage =3D SetTheImage; + Fmp->CheckImage =3D CheckTheImage; + Fmp->GetPackageInfo =3D GetPackageInfo; + Fmp->SetPackageInfo =3D SetPackageInfo; + + // + // Fill in FMP Progress Protocol fields + // + FmpProgress->ProgressBarForegroundColor.Raw =3D PcdGet32 (PcdFmpDevicePr= ogressColor); + FmpProgress->WatchdogSeconds =3D PcdGet8 (PcdFmpDevicePro= gressWatchdogTimeInSeconds); + + // + // Install FMP Protocol and FMP Progress Protocol + // + Status =3D gBS->InstallMultipleProtocolInterfaces ( + &Handle, + &gEfiFirmwareManagementProtocolGuid, + Fmp, + &gEdkiiFirmwareManagementProgressProtocolGuid, + FmpProgress, + NULL + ); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: FMP Protocol install error. Status =3D %= r.\n", Status)); + FreePool (Fmp); + goto cleanup; + } + + DEBUG ((DEBUG_INFO, "FmpDxe: FMP Protocol Installed!\n")); + mFmpInstalled =3D TRUE; + +cleanup: + + return Status; +} + +/** + Main entry for this library. + + @param[in] ImageHandle Image handle this driver. + @param[in] SystemTable Pointer to SystemTable. + +**/ +EFI_STATUS +EFIAPI +FmpDxeEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + EFI_GUID *LockGuid; + + // + // Verify that a new FILE_GUID value has been provided in the + // section of this module. The FILE_GUID is the ESRT GUID that must be + // unique for each updatable firmware image. + // + if (CompareGuid (&mDefaultModuleFileGuid, &gEfiCallerIdGuid)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Use of default FILE_GUID detected. FILE= _GUID must be set to a unique value.\n")); + ASSERT (FALSE); + return EFI_UNSUPPORTED; + } + + // + // Get the ImageIdName value for the EFI_FIRMWARE_IMAGE_DESCRIPTOR from = a PCD. + // + mImageIdName =3D (CHAR16 *) PcdGetPtr (PcdFmpDeviceImageIdName); + if (PcdGetSize (PcdFmpDeviceImageIdName) <=3D 2 || mImageIdName[0] =3D= =3D 0) { + // + // PcdFmpDeviceImageIdName must be set to a non-empty Unicode string + // + DEBUG ((DEBUG_ERROR, "FmpDxe: FmpDeviceLib PcdFmpDeviceImageIdName is = an empty string.\n")); + ASSERT (FALSE); + } + + // + // Detects if PcdFmpDevicePkcs7CertBufferXdr contains a test key. + // + DetectTestKey (); + + // + // Register with library the install function so if the library uses + // UEFI driver model/driver binding protocol it can install FMP on its d= evice handle + // If library is simple lib that does not use driver binding then it sho= uld return + // unsupported and this will install the FMP instance on the ImageHandle + // + Status =3D RegisterFmpInstaller (InstallFmpInstance); + if (Status =3D=3D EFI_UNSUPPORTED) { + DEBUG ((DEBUG_INFO, "FmpDxe: FmpDeviceLib registration returned EFI_UN= SUPPORTED. Installing single FMP instance.\n")); + Status =3D InstallFmpInstance (ImageHandle); + } else if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: FmpDeviceLib registration returned %r. = No FMP installed.\n", Status)); + } else { + DEBUG (( + DEBUG_INFO, + "FmpDxe: FmpDeviceLib registration returned EFI_SUCCESS. Expect FMP= to be installed during the BDS/Device connection phase.\n" + )); + } + + // + // Register notify function to lock the FMP device. + // The lock event GUID is retrieved from PcdFmpDeviceLockEventGuid. + // If PcdFmpDeviceLockEventGuid is not the size of an EFI_GUID, then + // gEfiEndOfDxeEventGroupGuid is used. + // + LockGuid =3D &gEfiEndOfDxeEventGroupGuid; + if (PcdGetSize (PcdFmpDeviceLockEventGuid) =3D=3D sizeof (EFI_GUID)) { + LockGuid =3D (EFI_GUID *)PcdGetPtr (PcdFmpDeviceLockEventGuid); + } + DEBUG ((DEBUG_INFO, "FmpDxe: Lock GUID: %g\n", LockGuid)); + + Status =3D gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_CALLBACK, + FmpDxeLockEventNotify, + NULL, + LockGuid, + &mFmpDeviceLockEvent + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Failed to register for ready to boot. S= tatus =3D %r\n", Status)); + } + ASSERT_EFI_ERROR (Status); + + return Status; +} diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf b/FmpDevicePkg/FmpDxe/FmpDxe.inf new file mode 100644 index 0000000000..256c50bf03 --- /dev/null +++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf @@ -0,0 +1,93 @@ +## @file +# Produces a Firmware Management Protocol that supports updates to a firm= ware +# image stored in a firmware device with platform and firmware device spe= cific +# information provided through PCDs and libraries. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are = met: +# 1. Redistributions of source code must retain the above copyright notic= e, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright no= tice, +# this list of conditions and the following disclaimer in the documentati= on +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS= IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE I= MPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE = DISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR AN= Y DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INC= LUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY T= HEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NE= GLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN = IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D FmpDxe + MODULE_UNI_FILE =3D FmpDxe.uni + FILE_GUID =3D 78EF0A56-1CF0-4535-B5DA-F6FD2F405A11 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D FmpDxeEntryPoint + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF ARM AARCH64 +# + +[Sources] + FmpDxe.c + DetectTestKey.c + VariableSupport.h + VariableSupport.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + CryptoPkg/CryptoPkg.dec + FmpDevicePkg/FmpDevicePkg.dec + +[LibraryClasses] + UefiDriverEntryPoint + DebugLib + BaseLib + BaseMemoryLib + UefiBootServicesTableLib + MemoryAllocationLib + UefiLib + BaseCryptLib + FmpAuthenticationLib + FmpDeviceLib + FmpPayloadHeaderLib + CapsuleUpdatePolicyLib + +[Guids] + gEfiEndOfDxeEventGroupGuid + +[Protocols] + gEdkiiVariableLockProtocolGuid ## CONSUMES + gEfiFirmwareManagementProtocolGuid ## PRODUCES + gEdkiiFirmwareManagementProgressProtocolGuid ## PRODUCES + +[Pcd] + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceSystemResetRequired = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed = ## SOMETIMES_PRODUCES + +[Depex] + gEfiVariableWriteArchProtocolGuid AND gEdkiiVariableLockProtocolGuid + +[UserExtensions.TianoCore."ExtraFiles"] + FmpDxeExtra.uni diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.uni b/FmpDevicePkg/FmpDxe/FmpDxe.uni new file mode 100644 index 0000000000..502ec0660d --- /dev/null +++ b/FmpDevicePkg/FmpDxe/FmpDxe.uni @@ -0,0 +1,20 @@ +// /** @file +// Produces a Firmware Management Protocol that supports updates to a firm= ware +// image stored in a firmware device with platform and firmware device spe= cific +// information provided through PCDs and libraries. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the B= SD License +// which accompanies this distribution. The full text of the license may = be found at +// http://opensource.org/licenses/bsd-license.php +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "Produces a Firmwa= re Management Protocol to support firmware updates" + +#string STR_MODULE_DESCRIPTION #language en-US "Produces a Firmwa= re Management Protocol that supports updates to a firmware image stored in = a firmware device with platform and firmware device specific information pr= ovided through PCDs and libraries." diff --git a/FmpDevicePkg/FmpDxe/FmpDxeExtra.uni b/FmpDevicePkg/FmpDxe/FmpD= xeExtra.uni new file mode 100644 index 0000000000..8f3cc4367c --- /dev/null +++ b/FmpDevicePkg/FmpDxe/FmpDxeExtra.uni @@ -0,0 +1,18 @@ +// /** @file +// FmpDxe Localized Strings and Content +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the B= SD License +// which accompanies this distribution. The full text of the license may = be found at +// http://opensource.org/licenses/bsd-license.php +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_PROPERTIES_MODULE_NAME +#language en-US +"Firmware Management Protocol DXE DXE Driver" diff --git a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf b/FmpDevicePkg/FmpDxe/FmpDxe= Lib.inf new file mode 100644 index 0000000000..c8fe49e0c0 --- /dev/null +++ b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf @@ -0,0 +1,90 @@ +## @file +# Produces a Firmware Management Protocol that supports updates to a firm= ware +# image stored in a firmware device with platform and firmware device spe= cific +# information provided through PCDs and libraries. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are = met: +# 1. Redistributions of source code must retain the above copyright notic= e, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright no= tice, +# this list of conditions and the following disclaimer in the documentati= on +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS= IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE I= MPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE = DISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR AN= Y DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INC= LUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY T= HEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NE= GLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN = IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D FmpDxeLib + MODULE_UNI_FILE =3D FmpDxe.uni + FILE_GUID =3D 4B11717A-30B3-4122-8C69-8E0D5E141C32 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D NULL + CONSTRUCTOR =3D FmpDxeEntryPoint + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF ARM AARCH64 +# + +[Sources] + FmpDxe.c + DetectTestKey.c + VariableSupport.h + VariableSupport.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + CryptoPkg/CryptoPkg.dec + FmpDevicePkg/FmpDevicePkg.dec + +[LibraryClasses] + DebugLib + BaseLib + BaseMemoryLib + UefiBootServicesTableLib + MemoryAllocationLib + UefiLib + BaseCryptLib + FmpAuthenticationLib + FmpDeviceLib + FmpPayloadHeaderLib + CapsuleUpdatePolicyLib + +[Guids] + gEfiEndOfDxeEventGroupGuid + +[Protocols] + gEdkiiVariableLockProtocolGuid ## CONSUMES + gEfiFirmwareManagementProtocolGuid ## PRODUCES + gEdkiiFirmwareManagementProgressProtocolGuid ## PRODUCES + +[Pcd] + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceSystemResetRequired = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr = ## CONSUMES + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed = ## SOMETIMES_PRODUCES + +[Depex] + gEfiVariableWriteArchProtocolGuid AND gEdkiiVariableLockProtocolGuid diff --git a/FmpDevicePkg/FmpDxe/VariableSupport.c b/FmpDevicePkg/FmpDxe/Va= riableSupport.c new file mode 100644 index 0000000000..c15178d099 --- /dev/null +++ b/FmpDevicePkg/FmpDxe/VariableSupport.c @@ -0,0 +1,461 @@ +/** @file + UEFI variable support functions for Firmware Management Protocol based + firmware updates. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include "VariableSupport.h" + +/// +/// Array of UEFI variable names that are locked in LockAllFmpVariables(). +/// +const CHAR16 *mFmpVariableLockList[] =3D { + VARNAME_VERSION, + VARNAME_LSV, + VARNAME_LASTATTEMPTSTATUS, + VARNAME_LASTATTEMPTVERSION +}; + +/** + Returns the value used to fill in the Version field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default version = value + is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpVersion" + + @return The version of the firmware image in the firmware device. + +**/ +UINT32 +GetVersionFromVariable ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 *Value; + UINTN Size; + UINT32 Version; + + Value =3D NULL; + Size =3D 0; + Version =3D DEFAULT_VERSION; + + Status =3D GetVariable2 (VARNAME_VERSION, &gEfiCallerIdGuid, (VOID **)&V= alue, &Size); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to get the Version from variable. Status= =3D %r\n", Status)); + return Version; + } + + // + // No error from call + // + if (Size =3D=3D sizeof (*Value)) { + // + // Successful read + // + Version =3D *Value; + } else { + // + // Return default since size was unknown + // + DEBUG ((DEBUG_ERROR, "Getting version Variable returned a size differe= nt than expected. Size =3D 0x%x\n", Size)); + } + + FreePool (Value); + + return Version; +} + +/** + Returns the value used to fill in the LowestSupportedVersion field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default lowest + supported version value is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpLsv" + + @return The lowest supported version of the firmware image in the firmw= are + device. + +**/ +UINT32 +GetLowestSupportedVersionFromVariable ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 *Value; + UINTN Size; + UINT32 Version; + + Value =3D NULL; + Size =3D 0; + Version =3D DEFAULT_LOWESTSUPPORTEDVERSION; + + Status =3D GetVariable2 (VARNAME_LSV, &gEfiCallerIdGuid, (VOID **)&Value= , &Size); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "Warning: Failed to get the Lowest Supported Versi= on from variable. Status =3D %r\n", Status)); + return Version; + } + + // + // No error from call + // + if (Size =3D=3D sizeof (*Value)) { + // + // Successful read + // + Version =3D *Value; + } else { + // + // Return default since size was unknown + // + DEBUG ((DEBUG_ERROR, "Getting LSV Variable returned a size different t= han expected. Size =3D 0x%x\n", Size)); + } + + FreePool (Value); + + return Version; +} + +/** + Returns the value used to fill in the LastAttemptStatus field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default last att= empt + status value is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tStatus" + + @return The last attempt status value for the most recent capsule updat= e. + +**/ +UINT32 +GetLastAttemptStatusFromVariable ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 *Value; + UINTN Size; + UINT32 LastAttemptStatus; + + Value =3D NULL; + Size =3D 0; + LastAttemptStatus =3D DEFAULT_LASTATTEMPT; + + Status =3D GetVariable2 (VARNAME_LASTATTEMPTSTATUS, &gEfiCallerIdGuid, (= VOID **)&Value, &Size); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "Warning: Failed to get the Last Attempt Status fr= om variable. Status =3D %r\n", Status)); + return LastAttemptStatus; + } + + // + // No error from call + // + if (Size =3D=3D sizeof (*Value)) { + // + // Successful read + // + LastAttemptStatus =3D *Value; + } else { + // + // Return default since size was unknown + // + DEBUG ( + (DEBUG_ERROR, + "Getting Last Attempt Status Variable returned a size different than= expected. Size =3D 0x%x\n", + Size) + ); + } + + FreePool (Value); + + return LastAttemptStatus; +} + +/** + Returns the value used to fill in the LastAttemptVersion field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default last att= empt + version value is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tVersion" + + @return The last attempt version value for the most recent capsule upda= te. + +**/ +UINT32 +GetLastAttemptVersionFromVariable ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 *Value; + UINTN Size; + UINT32 Version; + + Value =3D NULL; + Size =3D 0; + Version =3D DEFAULT_LASTATTEMPT; + + Status =3D GetVariable2 (VARNAME_LASTATTEMPTVERSION, &gEfiCallerIdGuid, = (VOID **)&Value, &Size); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "Warning: Failed to get the Last Attempt Version f= rom variable. Status =3D %r\n", Status)); + return Version; + } + + // + // No error from call + // + if (Size =3D=3D sizeof (*Value)) { + // + // Successful read + // + Version =3D *Value; + } else { + // + // Return default since size was unknown + // + DEBUG ( + (DEBUG_ERROR, + "Getting Last Attempt Version variable returned a size different tha= n expected. Size =3D 0x%x\n", + Size) + ); + } + + FreePool (Value); + + return Version; +} + + +/** + Saves the version current of the firmware image in the firmware device t= o a + UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpVersion" + + @param[in] Version The version of the firmware image in the firmware de= vice. + +**/ +VOID +SetVersionInVariable ( + UINT32 Version + ) +{ + EFI_STATUS Status; + UINT32 Current; + + Status =3D EFI_SUCCESS; + + Current =3D GetVersionFromVariable(); + if (Current !=3D Version) { + Status =3D gRT->SetVariable ( + VARNAME_VERSION, + &gEfiCallerIdGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_A= CCESS, + sizeof (Version), + &Version + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to set the Version into a variable. St= atus =3D %r\n", Status)); + } + } else { + DEBUG ((DEBUG_INFO, "Version variable doesn't need to update. Same va= lue as before.\n")); + } +} + +/** + Saves the lowest supported version current of the firmware image in the + firmware device to a UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpLsv" + + @param[in] LowestSupported The lowest supported version of the firmware= image + in the firmware device. + +**/ +VOID +SetLowestSupportedVersionInVariable ( + UINT32 LowestSupportedVersion + ) +{ + EFI_STATUS Status; + UINT32 Current; + + Status =3D EFI_SUCCESS; + + Current =3D GetLowestSupportedVersionFromVariable(); + if (LowestSupportedVersion > Current) { + Status =3D gRT->SetVariable ( + VARNAME_LSV, + &gEfiCallerIdGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_A= CCESS, + sizeof (LowestSupportedVersion), &LowestSupportedVersi= on + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to set the LSV into a variable. Status= =3D %r\n", Status)); + } + } else { + DEBUG ((DEBUG_INFO, "LSV variable doesn't need to update. Same value = as before.\n")); + } +} + +/** + Saves the last attempt status value of the most recent FMP capsule updat= e to a + UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tStatus" + + @param[in] LastAttemptStatus The last attempt status of the most recent= FMP + capsule update. + +**/ +VOID +SetLastAttemptStatusInVariable ( + UINT32 LastAttemptStatus + ) +{ + EFI_STATUS Status; + UINT32 Current; + + Status =3D EFI_SUCCESS; + + Current =3D GetLastAttemptStatusFromVariable(); + if (Current !=3D LastAttemptStatus) { + Status =3D gRT->SetVariable ( + VARNAME_LASTATTEMPTSTATUS, + &gEfiCallerIdGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_A= CCESS, + sizeof (LastAttemptStatus), + &LastAttemptStatus + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to set the LastAttemptStatus into a var= iable. Status =3D %r\n", Status)); + } + } else { + DEBUG ((DEBUG_INFO, "LastAttemptStatus variable doesn't need to update= . Same value as before.\n")); + } +} + +/** + Saves the last attempt version value of the most recent FMP capsule upda= te to + a UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tVersion" + + @param[in] LastAttemptVersion The last attempt version value of the most + recent FMP capsule update. + +**/ +VOID +SetLastAttemptVersionInVariable ( + UINT32 LastAttemptVersion + ) +{ + EFI_STATUS Status; + UINT32 Current; + + Status =3D EFI_SUCCESS; + + Current =3D GetLastAttemptVersionFromVariable(); + if (Current !=3D LastAttemptVersion) { + Status =3D gRT->SetVariable ( + VARNAME_LASTATTEMPTVERSION, + &gEfiCallerIdGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_A= CCESS, + sizeof (LastAttemptVersion), + &LastAttemptVersion + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed to set the LastAttemptVersion into a va= riable. Status =3D %r\n", Status)); + } + } else { + DEBUG ((DEBUG_INFO, "LastAttemptVersion variable doesn't need to updat= e. Same value as before.\n")); + } +} + +/** + Locks all the UEFI Variables used by this module. + + @retval EFI_SUCCESS All UEFI variables are locked. + @retval EFI_UNSUPPORTED Variable Lock Protocol not found. + @retval Other One of the UEFI variables could not be locked. + +**/ +EFI_STATUS +LockAllFmpVariables ( + VOID + ) +{ + EFI_STATUS Status; + EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock; + EFI_STATUS ReturnStatus; + UINTN Index; + + VariableLock =3D NULL; + Status =3D gBS->LocateProtocol ( + &gEdkiiVariableLockProtocolGuid, + NULL, + (VOID **)&VariableLock + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Failed to locate Variable Lock Protocol = (%r).\n", Status)); + return EFI_UNSUPPORTED; + } + + ReturnStatus =3D EFI_SUCCESS; + for (Index =3D 0; Index < ARRAY_SIZE (mFmpVariableLockList); Index++) { + Status =3D VariableLock->RequestToLock ( + VariableLock, + (CHAR16 *)mFmpVariableLockList[Index], + &gEfiCallerIdGuid + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe: Failed to lock variable %g %s. Status= =3D %r\n", + &gEfiCallerIdGuid, + mFmpVariableLockList[Index], + Status + )); + if (!EFI_ERROR (ReturnStatus)) { + ReturnStatus =3D Status; + } + } + } + + return ReturnStatus; +} diff --git a/FmpDevicePkg/FmpDxe/VariableSupport.h b/FmpDevicePkg/FmpDxe/Va= riableSupport.h new file mode 100644 index 0000000000..e7e34f5d8f --- /dev/null +++ b/FmpDevicePkg/FmpDxe/VariableSupport.h @@ -0,0 +1,180 @@ +/** @file + UEFI variable support functions for Firmware Management Protocol based + firmware updates. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __VARIABLE_SUPPORT_H__ +#define __VARIABLE_SUPPORT_H__ + +#define DEFAULT_VERSION 0x1 +#define DEFAULT_LOWESTSUPPORTEDVERSION 0x0 +#define DEFAULT_LASTATTEMPT 0x0 + +#define VARNAME_VERSION L"FmpVersion" +#define VARNAME_LSV L"FmpLsv" + +#define VARNAME_LASTATTEMPTSTATUS L"LastAttemptStatus" +#define VARNAME_LASTATTEMPTVERSION L"LastAttemptVersion" + +/** + Returns the value used to fill in the Version field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default version = value + is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpVersion" + + @return The version of the firmware image in the firmware device. + +**/ +UINT32 +GetVersionFromVariable ( + VOID + ); + +/** + Returns the value used to fill in the LowestSupportedVersion field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default lowest + supported version value is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpLsv" + + @return The lowest supported version of the firmware image in the firmw= are + device. + +**/ +UINT32 +GetLowestSupportedVersionFromVariable ( + VOID + ); + +/** + Returns the value used to fill in the LastAttemptStatus field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default last att= empt + status value is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tStatus" + + @return The last attempt status value for the most recent capsule updat= e. + +**/ +UINT32 +GetLastAttemptStatusFromVariable ( + VOID + ); + +/** + Returns the value used to fill in the LastAttemptVersion field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. The value is read from a U= EFI + variable. If the UEFI variables does not exist, then a default last att= empt + version value is returned. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tVersion" + + @return The last attempt version value for the most recent capsule upda= te. + +**/ +UINT32 +GetLastAttemptVersionFromVariable ( + VOID + ); + +/** + Saves the version current of the firmware image in the firmware device t= o a + UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpVersion" + + @param[in] Version The version of the firmware image in the firmware de= vice. + +**/ +VOID +SetVersionInVariable ( + UINT32 Version + ); + +/** + Saves the lowest supported version current of the firmware image in the + firmware device to a UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"FmpLsv" + + @param[in] LowestSupported The lowest supported version of the firmware= image + in the firmware device. + +**/ +VOID +SetLowestSupportedVersionInVariable ( + UINT32 LowestSupportedVersion + ); + +/** + Saves the last attempt status value of the most recent FMP capsule updat= e to a + UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tStatus" + + @param[in] LastAttemptStatus The last attempt status of the most recent= FMP + capsule update. + +**/ +VOID +SetLastAttemptStatusInVariable ( + UINT32 LastAttemptStatus + ); + +/** + Saves the last attempt version value of the most recent FMP capsule upda= te to + a UEFI variable. + + UEFI Variable accessed: GUID =3D gEfiCallerIdGuid, Name =3D L"LastAttemp= tVersion" + + @param[in] LastAttemptVersion The last attempt version value of the most + recent FMP capsule update. + +**/ +VOID +SetLastAttemptVersionInVariable ( + UINT32 LastAttemptVersion + ); + +/** + Locks all the UEFI Variables that use gEfiCallerIdGuid of the currently + executing module. + +**/ +EFI_STATUS +LockAllFmpVariables ( + VOID + ); + +#endif --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Mon May 6 07:10:11 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1523999140370957.0485021822552; Tue, 17 Apr 2018 14:05:40 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 111AD2263DD83; Tue, 17 Apr 2018 14:05:28 -0700 (PDT) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2A7A422590E00 for ; Tue, 17 Apr 2018 14:05:27 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Apr 2018 14:05:27 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.51]) by fmsmga006.fm.intel.com with ESMTP; 17 Apr 2018 14:05:26 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.151; helo=mga17.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,464,1517904000"; d="scan'208";a="221226940" From: "Kinney, Michael D" To: edk2-devel@lists.01.org Date: Tue, 17 Apr 2018 14:05:22 -0700 Message-Id: <20180417210522.29644-5-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180417210522.29644-1-michael.d.kinney@intel.com> References: <20180417210522.29644-1-michael.d.kinney@intel.com> Subject: [edk2] [RFC v2 4/4] FmpDevicePkg: Add DSC file to build all package components X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney , Jiewen Yao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D922 Based on content from the following branch: https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleU= pdatePkg Adds a DSC file that is used to verify that all of the FmpDevicePkg libraries and modules build without error. Cc: Sean Brogan Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- FmpDevicePkg/FmpDevicePkg.dsc | 134 ++++++++++++++++++++++++++++++++++++++= ++++ 1 file changed, 134 insertions(+) create mode 100644 FmpDevicePkg/FmpDevicePkg.dsc diff --git a/FmpDevicePkg/FmpDevicePkg.dsc b/FmpDevicePkg/FmpDevicePkg.dsc new file mode 100644 index 0000000000..4d08a2cf9e --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.dsc @@ -0,0 +1,134 @@ +## @file +# Firmware Management Protocol Device Package +# +# This package provides an implementation of a Firmware Management Protocol +# instance that supports the update of firmware storage devices using UEFI +# Capsules. The behavior of the Firmware Management Protocol instance is +# customized using libraries and PCDs. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are m= et: +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright not= ice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +## + +[Defines] + PLATFORM_NAME =3D FmpDevicePkg + PLATFORM_GUID =3D 0af3d540-27c6-11e8-828b-f8597177a00a + PLATFORM_VERSION =3D 0.1 + DSC_SPECIFICATION =3D 0x00010005 + OUTPUT_DIRECTORY =3D Build/FmpDevicePkg + SUPPORTED_ARCHITECTURES =3D IA32|IPF|X64|ARM|AARCH64 + BUILD_TARGETS =3D DEBUG|RELEASE + SKUID_IDENTIFIER =3D DEFAULT + + # + # Define ESRT GUIDs for Firmware Management Protocol instances + # + DEFINE FMP_GRAPHICS_ESRT_GUID =3D B461B3BD-E62A-4A71-841C-50BA4E500267 + DEFINE FMP_TEXT_ESRT_GUID =3D 226034C4-8B67-4536-8653-D6EE7CE5A316 + +[LibraryClasses] + UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntry= Point.inf + UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiA= pplicationEntryPoint.inf + UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBoo= tServicesTableLib.inf + UefiLib|MdePkg/Library/UefiLib/UefiLib.inf + UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/U= efiRuntimeServicesTableLib.inf + UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf + UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf + UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf + BaseLib|MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchroniza= tionLib.inf + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf + DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf + DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf + PostCodeLib|MdePkg/Library/BasePostCodeLibPort80/BasePostCodeLibPort80.i= nf + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf + + UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/U= efiRuntimeServicesTableLib.inf + UefiLib|MdePkg/Library/UefiLib/UefiLib.inf + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf + UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag= erLib.inf + DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableL= ib.inf + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAu= thenticationLibPkcs7.inf + + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/C= apsuleUpdatePolicyLibNull.inf + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloa= dHeaderLibV1.inf + FmpDeviceLib|FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.inf + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.i= nf + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf + +[LibraryClasses.ARM, LibraryClasses.AARCH64] + # + # It is not possible to prevent the ARM compiler for generic intrinsic f= unctions. + # This library provides the instrinsic functions generate by a given com= piler. + # [LibraryClasses.ARM, LibraryClasses.AARCH64] and NULL mean link this l= ibrary + # into all ARM and AARCH64 images. + # + NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf + + # Add support for stack protector + NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + +[LibraryClasses.ARM] + ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf + +[Components] + # + # Libraries + # + FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLibNu= ll.inf + FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.inf + FmpDevicePkg/Library/FmpDeviceLibNull/FmpDeviceLibNull.inf + FmpDevicePkg/FmpDxe/FmpDxeLib.inf + + # + # Modules + # + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # FILE_GUID is FMP ESRT GUID + # + FILE_GUID =3D $(FMP_GRAPHICS_ESRT_GUID) + + DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressL= ibGraphics/DisplayUpdateProgressLibGraphics.inf + } + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # FILE_GUID is used as ESRT GUID + # + FILE_GUID =3D $(FMP_TEXT_ESRT_GUID) + + DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressL= ibText/DisplayUpdateProgressLibText.inf + } --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel