From: "Kinney, Michael D" <michael.d.kinney@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=922
Based on content from the following branch:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleUpdatePkg
Create FmpDevicePkg with library classes and PCDs used to
customize the behavior of a Firmware Management Protocol
instance.
Library Classes
===============
* FmpDeviceLib - Provides firmware device specific services
to support updates of a firmware image stored in a firmware
device.
* CapsuleUpdatePolicyLib - Provides platform policy services
used during a capsule update.
* FmpPayloadHeaderLib - Provides services to retrieve values
from a capsule's FMP Payload Header. The structure is not
included in the library class. Instead, services are
provided to retrieve information from the FMP Payload Header.
If information is added to the FMP Payload Header, then new
services may be added to this library class to retrieve the
new information.
PCDs set per module
====================
* PcdFmpDeviceSystemResetRequired - Indicates if a full
system reset is required before a firmware update to a
firmware devices takes effect
* PcdFmpDeviceProgressColor - The color of the progress bar
during a firmware update.
* PcdFmpDeviceImageIdName - The Null-terminated Unicode
string used to fill in the ImageIdName field of the
EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned
by the GetImageInfo() service of the Firmware Management
Protocol for the firmware device.
* PcdFmpDeviceBuildTimeLowestSupportedVersion - The build
time value used to fill in the LowestSupportedVersion field
of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is
returned by the GetImageInfo() service of the Firmware
Management Protocol.
* PcdFmpDeviceProgressWatchdogTimeInSeconds - The time in
seconds to arm a watchdog timer during the update of a
firmware device.
PCDs set per module or for entire platform
==========================================
* PcdFmpDevicePkcs7CertBufferXdr - One or more PKCS7
certificates used to verify a firmware device capsule
update image.
* PcdFmpDeviceLockEventGuid - An event GUID that locks
the firmware device when the event is signaled.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
---
FmpDevicePkg/FmpDevicePkg.dec | 126 +++++++
FmpDevicePkg/FmpDevicePkg.uni | 75 ++++
FmpDevicePkg/FmpDevicePkgExtra.uni | 18 +
.../Include/Library/CapsuleUpdatePolicyLib.h | 120 +++++++
FmpDevicePkg/Include/Library/FmpDeviceLib.h | 385 +++++++++++++++++++++
FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h | 100 ++++++
6 files changed, 824 insertions(+)
create mode 100644 FmpDevicePkg/FmpDevicePkg.dec
create mode 100644 FmpDevicePkg/FmpDevicePkg.uni
create mode 100644 FmpDevicePkg/FmpDevicePkgExtra.uni
create mode 100644 FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h
create mode 100644 FmpDevicePkg/Include/Library/FmpDeviceLib.h
create mode 100644 FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h
diff --git a/FmpDevicePkg/FmpDevicePkg.dec b/FmpDevicePkg/FmpDevicePkg.dec
new file mode 100644
index 0000000000..62fb98dbdb
--- /dev/null
+++ b/FmpDevicePkg/FmpDevicePkg.dec
@@ -0,0 +1,126 @@
+## @file
+# Firmware Management Protocol Device Package
+#
+# This package provides an implementation of a Firmware Management Protocol
+# instance that supports the update of firmware storage devices using UEFI
+# Capsules. The behavior of the Firmware Management Protocol instance is
+# customized using libraries and PCDs.
+#
+# Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# 1. Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+##
+
+[Defines]
+ DEC_SPECIFICATION = 0x00010005
+ PACKAGE_NAME = FmpDevicePkg
+ PACKAGE_UNI_FILE = FmpDevicePkg.uni
+ PACKAGE_GUID = 080b5b4f-27c6-11e8-84d1-f8597177a00a
+ PACKAGE_VERSION = 0.1
+
+[Includes]
+ Include
+
+[LibraryClasses]
+ ## @libraryclass Provides services to retrieve values from a capsule's FMP
+ # Payload Header. The structure is not included in the
+ # library class. Instead, services are provided to retrieve
+ # information from the FMP Payload Header. If information is
+ # added to the FMP Payload Header, then new services may be
+ # added to this library class to retrieve the new information.
+ FmpPayloadHeaderLib|Include/Library/FmpPayloadHeaderLib.h
+
+ ## @libraryclass Provides platform policy services used during a capsule
+ # update.
+ CapsuleUpdatePolicyLib|Include/Library/CapsuleUpdatePolicyLib.h
+
+ ## @libraryclass Provides firmware device specific services to support
+ # updates of a firmware image stored in a firmware device.
+ FmpDeviceLib|Include/Library/FmpDeviceLib.h
+
+[Guids]
+ ## Firmware Management Protocol Device Package Token Space GUID
+ gFmpDevicePkgTokenSpaceGuid = { 0x40b2d964, 0xfe11, 0x40dc, { 0x82, 0x83, 0x2e, 0xfb, 0xda, 0x29, 0x53, 0x56 } }
+
+[PcdsFeatureFlag]
+ ## Indicates if a full system reset is required before a firmware update to a
+ # firmware devices takes effect.<BR><BR>
+ # TRUE - System reset is required.<BR>
+ # FALSE - System reset is not required.<BR>
+ # @Prompt FMP Device System Reset Required.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceSystemResetRequired|TRUE|BOOLEAN|0x40000008
+
+[PcdsFixedAtBuild, PcdsPatchableInModule]
+ ## The color of the progress bar during a firmware update. Each firmware
+ # device can set its own color. The default color is white.<BR><BR>
+ # Bits 7..0 - Red<BR>
+ # Bits 15..8 - Green<BR>
+ # Bits 23..16 - Blue<BR>
+ # @Prompt Firmware Device Progress Bar Color.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FFFFFF|UINT32|0x40000004
+
+ ## The Null-terminated Unicode string used to fill in the ImageIdName field of
+ # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the
+ # GetImageInfo() service of the Firmware Management Protocol for the firmware
+ # device. An ImageIdName string must be provided for each firmware device.
+ # The default value is an empty string.
+ # @Prompt Firmware Device ImageIdName string.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L""|VOID*|0x40000007
+
+ ## The build time value used to fill in the LowestSupportedVersion field of
+ # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the
+ # GetImageInfo() service of the Firmware Management Protocol. This value is
+ # only used if the firmware device does not provide a method to report the
+ # lowest supported version value from the current firmware image and the
+ # UEFI variable used to provide the lowest supported version value does not
+ # exist. The default value is 0.
+ # @Prompt Build Time Firmware Device Lowest Support Version.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion|0x0|UINT32|0x4000000C
+
+ ## The time in seconds to arm a watchdog timer during the update of a firmware
+ # device. The watchdog is re-armed each time the FmpDeviceLib calls the
+ # Progress() function passed into FmpDeviceSetImage() function. The
+ # FmpDeviceLib calls Progress() to update the percent completion of a
+ # firmware update. If the watchdog timer expires, the system reboots. A
+ # value of 0 disables the watchdog timer. The default value is 0 (watchdog
+ # disabled).
+ # @Prompt Firmware Device Watchdog Time in Seconds.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds|0x0|UINT8|0x4000000D
+
+[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
+ ## One or more PKCS7 certificates used to verify a firmware device capsule
+ # update image. Encoded using the Variable-Length Opaque Data format of RFC
+ # 4506 External Data Representation Standard (XDR). The default value is
+ # empty with 0 certificates.
+ # @Prompt One or more XDR encoded PKCS7 certificates used to verify firmware device capsule update images.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr|{0x0}|VOID*|0x4000000E
+
+ ## An event GUID that locks the firmware device when the event is signaled.
+ # If this PCD is not a valid GUID value, then the firmware device is locked
+ # when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is signaled. The
+ # default value is empty, so by default the firmware device is locked at the
+ # end of the DXE phase.
+ # @Prompt Firmware Device Lock Event GUID.
+ gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{0}|VOID*|0x4000000F
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ FmpDevicePkgExtra.uni
diff --git a/FmpDevicePkg/FmpDevicePkg.uni b/FmpDevicePkg/FmpDevicePkg.uni
new file mode 100644
index 0000000000..ba3f6d64c2
--- /dev/null
+++ b/FmpDevicePkg/FmpDevicePkg.uni
@@ -0,0 +1,75 @@
+// /** @file
+// Firmware Management Protocol Device Package
+//
+// This package provides an implementation of a Firmware Management Protocol
+// instance that supports the update of firmware storage devices using UEFI
+// Capsules. The behavior of the Firmware Management Protocol instance is
+// customized using libraries and PCDs.
+//
+// Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials are licensed and made available under
+// the terms and conditions of the BSD License which accompanies this distribution.
+// The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+#string STR_PACKAGE_ABSTRACT #language en-US "Firmware Management Protocol Software Development Kit"
+
+#string STR_PACKAGE_DESCRIPTION #language en-US "This package provides libraries that support the implementation of a module that produces the Firmware Management Protocol to support the update of a system firmware component."
+
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_PROMPT #language en-US "FMP Device System Reset Required."
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_HELP #language en-US "Indicates if a full system reset is required before a firmware update to a firmware device takes effect.<BR><BR>\n"
+ "TRUE - System reset is required.<BR>\n"
+ "FALSE - System reset is not required.<BR>"
+
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_PROMPT #language en-US "Firmware Device Progress Bar Color."
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_HELP #language en-US "The color of the progress bar during a firmware update. Each firmware"
+ "device can set its own color. The default color is white.<BR><BR>\n"
+ "Bits 7..0 - Red<BR>\n"
+ "Bits 15..8 - Green<BR>\n"
+ "Bits 23..16 - Blue<BR>\n"
+
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_PROMPT #language en-US "Firmware Device ImageIdName string."
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_HELP #language en-US "The Null-terminated Unicode string used to fill in the ImageIdName field of"
+ "the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the"
+ "GetImageInfo() service of the Firmware Management Protocol for the firmware"
+ "device. An ImageIdName string must be provided for each firmware device."
+ "The default value is an empty string."
+
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupportedVersion_PROMPT #language en-US "Build Time Firmware Device Lowest Support Version."
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupportedVersion_HELP #language en-US "The build time value used to fill in the LowestSupportedVersion field of"
+ "the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the"
+ "GetImageInfo() service of the Firmware Management Protocol. This value is"
+ "only used if the firmware device does not provide a method to report the"
+ "lowest supported version value from the current firmware image and the"
+ "UEFI variable used to provide the lowest supported version value does not"
+ "exist. The default value is 0."
+
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeInSeconds_PROMPT #language en-US "Firmware Device Watchdog Time in Seconds."
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeInSeconds_HELP #language en-US "Indicates the time in seconds to arm a watchdog timer during the update of"
+ "a firmware device. The watchdog is re-armed each time the FmpDeviceLib"
+ "calls the Progress() function passed into FmpDeviceSetImage() function."
+ "The FmpDeviceLib calls Progress() to update the percent completion of a"
+ "firmware update. If the watchdog timer expires, the system reboots. A"
+ "value of 0 disables the watchdog timer. The default value is 0 (watchdog"
+ "disabled)."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_PROMPT #language en-US "One or more XDR encoded PKCS7 certificates used to verify firmware device capsule update images"
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_HELP #language en-US "Provides one or more PKCS7 certificates used to verify a firmware device"
+ "capsule update image. This PCD is encoded using the Variable-Length Opaque"
+ "Data format of RFC 4506 External Data Representation Standard (XDR)."
+ "The default value is empty with 0 certificates."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_PROMPT #language en-US "Firmware Device Lock Event GUID."
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_HELP #language en-US "An event GUID that locks the firmware device when the event is signaled."
+ "If this PCD is not a valid GUID value, then the firmware device is locked"
+ "when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is signaled. The"
+ "default value is empty, so by default the firmware device is locked at the"
+ "end of the DXE phase."
+
+
diff --git a/FmpDevicePkg/FmpDevicePkgExtra.uni b/FmpDevicePkg/FmpDevicePkgExtra.uni
new file mode 100644
index 0000000000..fe49e8cd6c
--- /dev/null
+++ b/FmpDevicePkg/FmpDevicePkgExtra.uni
@@ -0,0 +1,18 @@
+// /** @file
+// Firmware Management Protocol Device Package Localized Strings and Content.
+//
+// Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials are licensed and made available under
+// the terms and conditions of the BSD License which accompanies this distribution.
+// The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+#string STR_PROPERTIES_PACKAGE_NAME
+#language en-US
+"Firmware Management Protocol Device package"
diff --git a/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h b/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h
new file mode 100644
index 0000000000..b38f212859
--- /dev/null
+++ b/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h
@@ -0,0 +1,120 @@
+/** @file
+ Provides platform policy services used during a capsule update.
+
+ Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
+ Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+**/
+
+#ifndef __CAPSULE_UPDATE_POLICY_LIB__
+#define __CAPSULE_UPDATE_POLICY_LIB__
+
+/**
+ Determine if the system power state supports a capsule update.
+
+ @param[out] Good Returns TRUE if system power state supports a capsule
+ update. Returns FALSE if system power state does not
+ support a capsule update. Return value is only valid if
+ return status is EFI_SUCCESS.
+
+ @retval EFI_SUCCESS Good parameter has been updated with result.
+ @retval EFI_INVALID_PARAMETER Good is NULL.
+ @retval EFI_DEVICE_ERROR System power state can not be determined.
+
+**/
+EFI_STATUS
+EFIAPI
+CheckSystemPower (
+ OUT BOOLEAN *Good
+ );
+
+/**
+ Determines if the system thermal state supports a capsule update.
+
+ @param[out] Good Returns TRUE if system thermal state supports a capsule
+ update. Returns FALSE if system thermal state does not
+ support a capsule update. Return value is only valid if
+ return status is EFI_SUCCESS.
+
+ @retval EFI_SUCCESS Good parameter has been updated with result.
+ @retval EFI_INVALID_PARAMETER Good is NULL.
+ @retval EFI_DEVICE_ERROR System thermal state can not be determined.
+
+**/
+EFI_STATUS
+EFIAPI
+CheckSystemThermal (
+ IN OUT BOOLEAN *Good
+ );
+
+/**
+ Determines if the system environment state supports a capsule update.
+
+ @param[out] Good Returns TRUE if system environment state supports a capsule
+ update. Returns FALSE if system environment state does not
+ support a capsule update. Return value is only valid if
+ return status is EFI_SUCCESS.
+
+ @retval EFI_SUCCESS Good parameter has been updated with result.
+ @retval EFI_INVALID_PARAMETER Good is NULL.
+ @retval EFI_DEVICE_ERROR System environment state can not be determined.
+
+**/
+EFI_STATUS
+EFIAPI
+CheckSystemEnvironment (
+ IN OUT BOOLEAN *Good
+ );
+
+/**
+ Determines if the Lowest Supported Version checks should be performed. The
+ expected result from this function is TRUE. A platform can choose to return
+ FALSE (e.g. during manufacturing or servicing) to allow a capsule update to a
+ version below the current Lowest Supported Version.
+
+ @retval TRUE Perform Lowest Support Version check.
+ @retval FALSE Do not perform Lowest Support Version check.
+
+**/
+BOOLEAN
+EFIAPI
+CheckLowestSupportedVersion (
+ VOID
+ );
+
+/**
+ Determines if the FMP device should be locked when the event specified by
+ PcdFmpDeviceLockEventGuid is signaled. The expected result from this function
+ is TRUE so the FMP device is always locked. A platform can choose to return
+ FALSE (e.g. during manufacturing) to allow FMP devices to remain unlocked.
+
+ @retval TRUE Perform Lowest Support Version check.
+ @retval FALSE Do not perform Lowest Support Version check.
+
+**/
+BOOLEAN
+EFIAPI
+LockFmpDeviceAtLockEventGuid (
+ VOID
+ );
+
+#endif
diff --git a/FmpDevicePkg/Include/Library/FmpDeviceLib.h b/FmpDevicePkg/Include/Library/FmpDeviceLib.h
new file mode 100644
index 0000000000..cdbe980183
--- /dev/null
+++ b/FmpDevicePkg/Include/Library/FmpDeviceLib.h
@@ -0,0 +1,385 @@
+/** @file
+ Provides firmware device specific services to support updates of a firmware
+ image stored in a firmware device.
+
+ Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
+ Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+**/
+
+#ifndef __FMP_DEVICE_LIB__
+#define __FMP_DEVICE_LIB__
+
+#include <Protocol/FirmwareManagement.h>
+
+/**
+ Callback function that installs a Firmware Management Protocol instance onto
+ a handle.
+
+ @param[in] Handle The device handle to install a Firmware Management
+ Protocol instance.
+
+ @retval EFI_SUCCESS A Firmware Management Protocol instance was
+ installed onto Handle.
+ @retval EFI_INVALID_PARAMETER Handle is invalid
+ @retval other A Firmware Management Protocol instance could
+ not be installed onto Handle.
+
+**/
+typedef
+EFI_STATUS
+(EFIAPI *FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER)(
+ IN EFI_HANDLE Handle
+ );
+
+/**
+ Provide a function to install the Firmware Management Protocol instance onto a
+ device handle when the device is managed by a driver that follows the UEFI
+ Driver Model. If the device is not managed by a driver that follows the UEFI
+ Driver Model, then EFI_UNSUPPORTED is returned.
+
+ @param[in] FmpInstaller Function that installs the Firmware Management
+ Protocol.
+
+ @retval EFI_SUCCESS The device is managed by a driver that follows the
+ UEFI Driver Model. FmpInstaller must be called on
+ each Driver Binding Start().
+ @retval EFI_UNSUPPORTED The device is not managed by a driver that follows
+ the UEFI Driver Model.
+ @retval other The Firmware Management Protocol for this firmware
+ device is not installed. The firmware device is
+ still locked using FmpDeviceLock().
+
+**/
+EFI_STATUS
+EFIAPI
+RegisterFmpInstaller (
+ IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER FmpInstaller
+ );
+
+/**
+ Returns the size, in bytes, of the firmware image currently stored in the
+ firmware device. This function is used to by the GetImage() and
+ GetImageInfo() services of the Firmware Management Protocol. If the image
+ size can not be determined from the firmware device, then 0 must be returned.
+
+ @return The size, in bytes, of the firmware image current stored in the
+ firmware device. Return 0 if the size can not be determined.
+
+**/
+UINTN
+EFIAPI
+FmpDeviceGetSize (
+ VOID
+ );
+
+/**
+ Returns the GUID value used to fill in the ImageTypeId field of the
+ EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo()
+ service of the Firmware Management Protocol. If EFI_UNSUPPORTED is returned,
+ then the ImageTypeId field is set to gEfiCallerIdGuid. If EFI_SUCCESS is
+ returned, then ImageTypeId is set to the Guid returned from this function.
+
+ @param[out] Guid Double pointer to a GUID value that is updated to point to
+ to a GUID value. The GUID value is not allocated and must
+ not be modified or freed by the caller.
+
+ @retval EFI_SUCCESS EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID is set
+ to the returned Guid value.
+ @retval EFI_UNSUPPORTED EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID is set
+ to gEfiCallerIdGuid.
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceGetImageTypeIdGuidPtr (
+ OUT EFI_GUID **Guid
+ );
+
+/**
+ Returns values used to fill in the AttributesSupported and AttributesSettings
+ fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the
+ GetImageInfo() service of the Firmware Management Protocol. The following
+ bit values from the Firmware Management Protocol may be combined:
+ IMAGE_ATTRIBUTE_IMAGE_UPDATABLE
+ IMAGE_ATTRIBUTE_RESET_REQUIRED
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED
+ IMAGE_ATTRIBUTE_IN_USE
+ IMAGE_ATTRIBUTE_UEFI_IMAGE
+
+ @param[out] Supported Attributes supported by this firmware device.
+ @param[out] Setting Attributes settings for this firmware device.
+
+**/
+VOID
+EFIAPI
+FmpDeviceGetAttributes (
+ IN OUT UINT64 *Supported,
+ IN OUT UINT64 *Setting
+ );
+
+/**
+ Returns the value used to fill in the LowestSupportedVersion field of the
+ EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo()
+ service of the Firmware Management Protocol. If EFI_SUCCESS is returned, then
+ the firmware device supports a method to report the LowestSupportedVersion
+ value from the currently stored firmware image. If the value can not be
+ reported for the firmware image currently stored in the firmware device, then
+ EFI_UNSUPPORTED must be returned. EFI_DEVICE_ERROR is returned if an error
+ occurs attempting to retrieve the LowestSupportedVersion value for the
+ currently stored firmware image.
+
+ @note It is recommended that all firmware devices support a method to report
+ the LowestSupportedVersion value from the currently stored firmware
+ image.
+
+ @param[out] LowestSupportedVersion LowestSupportedVersion value retrieved
+ from the currently stored firmware image.
+
+ @retval EFI_SUCCESS The lowest supported version of currently stored
+ firmware image was returned in LowestSupportedVersion.
+ @retval EFI_UNSUPPORTED The firmware device does not support a method to
+ report the lowest supported version of the currently
+ stored firmware image.
+ @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the lowest
+ supported version of the currently stored firmware
+ image.
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceGetLowestSupportedVersion (
+ OUT UINT32 *LowestSupportedVersion
+ );
+
+/**
+ Returns the Null-terminated Unicode string that is used to fill in the
+ VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is
+ returned by the GetImageInfo() service of the Firmware Management Protocol.
+ If the VersionName string can not be reported by the firmware image currently
+ stored in the firmware device, then NULL must be returned. Otherwise,
+ a Null-terminated Unicode string containing the VersioName is returned.
+ The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePool().
+
+ @note It is recommended that all firmware devices support a method to report
+ the VersionName string from the currently stored firmware image.
+
+ @retval NULL The firmware device does not support a method to report the
+ version string for the currently stored firmware image.
+ @retval NULL An error occurred attempting to retrieve the version string
+ for the currently stored firmware image.
+ @retval non NULL A pointer to an allocated buffer containing the version
+ string for the currently stored firmware image.
+
+**/
+CHAR16 *
+EFIAPI
+FmpDeviceGetVersionString (
+ VOID
+ );
+
+/**
+ Returns the value used to fill in the Version field of the
+ EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo()
+ service of the Firmware Management Protocol. If EFI_SUCCESS is returned, then
+ the firmware device supports a method to report the Version value from the
+ currently stored firmware image. If the value can not be reported for the
+ firmware image currently stored in the firmware device, then EFI_UNSUPPORTED
+ must be returned. EFI_DEVICE_ERROR is returned if an error occurs attempting
+ to retrieve the LowestSupportedVersion value for the currently stored firmware
+ image.
+
+ @note It is recommended that all firmware devices support a method to report
+ the Version value from the currently stored firmware image.
+
+ @param[out] Version The version value retrieved from the currently stored
+ firmware image.
+
+ @retval EFI_SUCCESS The version of currently stored firmware image was
+ returned in Version.
+ @retval EFI_UNSUPPORTED The firmware device does not support a method to
+ report the version of the currently stored firmware
+ image.
+ @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the version
+ of the currently stored firmware image.
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceGetVersion (
+ OUT UINT32 *Version
+ );
+
+/**
+ Returns a copy of the firmware image currently stored in the firmware device.
+
+ @note It is recommended that all firmware devices support a method to retrieve
+ a copy currently stored firmware image. This can be used to support
+ features such as recovery and rollback.
+
+ @param[out] Image Pointer to a caller allocated buffer where the
+ currently stored firmware image is copied to.
+ @param[in out] ImageSize Pointer the size, in bytes, of the Image buffer.
+ On return, points to the size, in bytes, of firmware
+ image currently stored in the firmware device.
+
+ @retval EFI_SUCCESS Image contains a copy of the firmware image
+ currently stored in the firmware device, and
+ ImageSize contains the size, in bytes, of the
+ firmware image currently stored in the
+ firmware device.
+ @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small
+ to hold the firmware image currently stored in
+ the firmware device. The buffer size required
+ is returned in ImageSize.
+ @retval EFI_INVALID_PARAMETER The Image is NULL.
+ @retval EFI_INVALID_PARAMETER The ImageSize is NULL.
+ @retval EFI_UNSUPPORTED The operation is not supported.
+ @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the
+ firmware image currently stored in the firmware
+ device.
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceGetImage (
+ IN OUT VOID *Image,
+ IN IN OUT UINTN *ImageSize
+ );
+
+/**
+ Checks if a new firmware image is valid for the firmware device. This
+ function allows firmware update operation to validate the firmware image
+ before FmpDeviceSetImage() is called.
+
+ @param[in] Image Points to a new firmware image.
+ @param[in] ImageSize Size, in bytes, of a new firmware image.
+ @param[out] ImageUpdatable Indicates if a new firmware image is valid for
+ a firmware update to the firmware device. The
+ following values from the Firmware Management
+ Protocol are supported:
+ IMAGE_UPDATABLE_VALID
+ IMAGE_UPDATABLE_INVALID
+ IMAGE_UPDATABLE_INVALID_TYPE
+ IMAGE_UPDATABLE_INVALID_OLD
+ IMAGE_UPDATABLE_VALID_WITH_VENDOR_CODE
+
+ @retval EFI_SUCCESS The image was successfully checked. Additional
+ status information is returned in
+ ImageUpdateable.
+ @retval EFI_INVALID_PARAMETER Image is NULL.
+ @retval EFI_INVALID_PARAMETER ImageUpdateable is NULL.
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceCheckImage (
+ IN CONST VOID *Image,
+ IN UINTN ImageSize,
+ OUT UINT32 *ImageUpdateable
+ );
+
+/**
+ Updates a firmware device with a new firmware image. This function returns
+ EFI_UNSUPPORTED if the firmware image is not updatable. If the firmware image
+ is updatable, the function should perform the following minimal validations
+ before proceeding to do the firmware image update.
+ - Validate that the image is a supported image for this firmware device.
+ Return EFI_ABORTED if the image is not supported. Additional details
+ on why the image is not a supported image may be returned in AbortReason.
+ - Validate the data from VendorCode if is not NULL. Firmware image
+ validation must be performed before VendorCode data validation.
+ VendorCode data is ignored or considered invalid if image validation
+ fails. Return EFI_ABORTED if the VendorCode data is invalid.
+
+ VendorCode enables vendor to implement vendor-specific firmware image update
+ policy. Null if the caller did not specify the policy or use the default
+ policy. As an example, vendor can implement a policy to allow an option to
+ force a firmware image update when the abort reason is due to the new firmware
+ image version is older than the current firmware image version or bad image
+ checksum. Sensitive operations such as those wiping the entire firmware image
+ and render the device to be non-functional should be encoded in the image
+ itself rather than passed with the VendorCode. AbortReason enables vendor to
+ have the option to provide a more detailed description of the abort reason to
+ the caller.
+
+ @param[in] Image Points to the new firmware image.
+ @param[in] ImageSize Size, in bytes, of the new firmware image.
+ @param[in] VendorCode This enables vendor to implement vendor-specific
+ firmware image update policy. NULL indicates
+ the caller did not specify the policy or use the
+ default policy.
+ @param[in] Progress A function used to report the progress of
+ updating the firmware device with the new
+ firmware image.
+ @param[in] CapsuleFwVersion The version of the new firmware image from the
+ update capsule that provided the new firmware
+ image.
+ @param[out] AbortReason A pointer to a pointer to a Null-terminated
+ Unicode string providing more details on an
+ aborted operation. The buffer is allocated by
+ this function with
+ EFI_BOOT_SERVICES.AllocatePool(). It is the
+ caller's responsibility to free this buffer with
+ EFI_BOOT_SERVICES.FreePool().
+
+ @retval EFI_SUCCESS The firmware device was successfully updated
+ with the new firmware image.
+ @retval EFI_ABORTED The operation is aborted. Additional details
+ are provided in AbortReason.
+ @retval EFI_INVALID_PARAMETER The Image was NULL.
+ @retval EFI_UNSUPPORTED The operation is not supported.
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceSetImage (
+ IN CONST VOID *Image,
+ IN UINTN ImageSize,
+ IN CONST VOID *VendorCode, OPTIONAL
+ IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OPTIONAL
+ IN UINT32 CapsuleFwVersion,
+ OUT CHAR16 **AbortReason
+ );
+
+/**
+ Lock the firmware device that contains a firmware image. Once a firmware
+ device is locked, any attempts to modify the firmware image contents in the
+ firmware device must fail.
+
+ @note It is recommended that all firmware devices support a lock method to
+ prevent modifications to a stored firmware image.
+
+ @note A firmware device lock mechanism is typically only cleared by a full
+ system reset (not just sleep state/low power mode).
+
+ @retval EFI_SUCCESS The firmware device was locked.
+ @retval EFI_UNSUPPORTED The firmware device does not support locking
+
+**/
+EFI_STATUS
+EFIAPI
+FmpDeviceLock (
+ VOID
+ );
+
+#endif
diff --git a/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h b/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h
new file mode 100644
index 0000000000..cb5622e9ce
--- /dev/null
+++ b/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h
@@ -0,0 +1,100 @@
+/** @file
+ Provides services to retrieve values from a capsule's FMP Payload Header.
+ The structure is not included in the library class. Instead, services are
+ provided to retrieve information from the FMP Payload Header. If information
+ is added to the FMP Payload Header, then new services may be added to this
+ library class to retrieve the new information.
+
+ Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
+ Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+**/
+
+#ifndef _FMP_PAYLOAD_HEADER_LIB_H__
+#define _FMP_PAYLOAD_HEADER_LIB_H__
+
+/**
+ Returns the FMP Payload Header size in bytes.
+
+ @param[in] Header FMP Payload Header to evaluate
+ @param[in] FmpPayloadSize Size of FMP payload
+ @param[out] Size The size, in bytes, of the FMP Payload Header.
+
+ @retval EFI_SUCCESS The firmware version was returned.
+ @retval EFI_INVALID_PARAMETER Header is NULL.
+ @retval EFI_INVALID_PARAMETER Size is NULL.
+ @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header.
+
+**/
+EFI_STATUS
+EFIAPI
+GetFmpPayloadHeaderSize (
+ IN CONST VOID *Header,
+ IN CONST UINTN FmpPayloadSize,
+ OUT UINT32 *Size
+ );
+
+/**
+ Returns the version described in the FMP Payload Header.
+
+ @param[in] Header FMP Payload Header to evaluate
+ @param[in] FmpPayloadSize Size of FMP payload
+ @param[out] Version The firmware version described in the FMP Payload
+ Header.
+
+ @retval EFI_SUCCESS The firmware version was returned.
+ @retval EFI_INVALID_PARAMETER Header is NULL.
+ @retval EFI_INVALID_PARAMETER Version is NULL.
+ @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header.
+
+**/
+EFI_STATUS
+EFIAPI
+GetFmpPayloadHeaderVersion (
+ IN CONST VOID *Header,
+ IN CONST UINTN FmpPayloadSize,
+ OUT UINT32 *Version
+ );
+
+/**
+ Returns the lowest supported version described in the FMP Payload Header.
+
+ @param[in] Header FMP Payload Header to evaluate
+ @param[in] FmpPayloadSize Size of FMP payload
+ @param[out] LowestSupportedVersion The lowest supported version described in
+ the FMP Payload Header.
+
+ @retval EFI_SUCCESS The lowest support version was returned.
+ @retval EFI_INVALID_PARAMETER Header is NULL.
+ @retval EFI_INVALID_PARAMETER LowestSupportedVersion is NULL.
+ @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header.
+
+**/
+EFI_STATUS
+EFIAPI
+GetFmpPayloadHeaderLowestSupportedVersion (
+ IN CONST VOID *Header,
+ IN CONST UINTN FmpPayloadSize,
+ IN OUT UINT32 *LowestSupportedVersion
+ );
+
+#endif
--
2.14.2.windows.3
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Since PcdFmpDeviceBuildTimeLowestSupportedVersion is defined to support only FixedAtBuild and PatchableInModule, it is definitely for build time. Do we really need "BuildTime" keyword in the PCD name PcdFmpDeviceBuildTimeLowestSupportedVersion? Thanks, Star -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Michael D Kinney Sent: Thursday, April 5, 2018 5:29 AM To: edk2-devel@lists.01.org Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Yao, Jiewen <jiewen.yao@intel.com> Subject: [edk2] [RFC 1/4] FmpDevicePkg: Add package, library classes, and PCDs From: "Kinney, Michael D" <michael.d.kinney@intel.com> https://bugzilla.tianocore.org/show_bug.cgi?id=922 Based on content from the following branch: https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleUpdatePkg Create FmpDevicePkg with library classes and PCDs used to customize the behavior of a Firmware Management Protocol instance. Library Classes =============== * FmpDeviceLib - Provides firmware device specific services to support updates of a firmware image stored in a firmware device. * CapsuleUpdatePolicyLib - Provides platform policy services used during a capsule update. * FmpPayloadHeaderLib - Provides services to retrieve values from a capsule's FMP Payload Header. The structure is not included in the library class. Instead, services are provided to retrieve information from the FMP Payload Header. If information is added to the FMP Payload Header, then new services may be added to this library class to retrieve the new information. PCDs set per module ==================== * PcdFmpDeviceSystemResetRequired - Indicates if a full system reset is required before a firmware update to a firmware devices takes effect * PcdFmpDeviceProgressColor - The color of the progress bar during a firmware update. * PcdFmpDeviceImageIdName - The Null-terminated Unicode string used to fill in the ImageIdName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo() service of the Firmware Management Protocol for the firmware device. * PcdFmpDeviceBuildTimeLowestSupportedVersion - The build time value used to fill in the LowestSupportedVersion field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo() service of the Firmware Management Protocol. * PcdFmpDeviceProgressWatchdogTimeInSeconds - The time in seconds to arm a watchdog timer during the update of a firmware device. PCDs set per module or for entire platform ========================================== * PcdFmpDevicePkcs7CertBufferXdr - One or more PKCS7 certificates used to verify a firmware device capsule update image. * PcdFmpDeviceLockEventGuid - An event GUID that locks the firmware device when the event is signaled. Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> --- FmpDevicePkg/FmpDevicePkg.dec | 126 +++++++ FmpDevicePkg/FmpDevicePkg.uni | 75 ++++ FmpDevicePkg/FmpDevicePkgExtra.uni | 18 + .../Include/Library/CapsuleUpdatePolicyLib.h | 120 +++++++ FmpDevicePkg/Include/Library/FmpDeviceLib.h | 385 +++++++++++++++++++++ FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h | 100 ++++++ 6 files changed, 824 insertions(+) create mode 100644 FmpDevicePkg/FmpDevicePkg.dec create mode 100644 FmpDevicePkg/FmpDevicePkg.uni create mode 100644 FmpDevicePkg/FmpDevicePkgExtra.uni create mode 100644 FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h create mode 100644 FmpDevicePkg/Include/Library/FmpDeviceLib.h create mode 100644 FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h diff --git a/FmpDevicePkg/FmpDevicePkg.dec b/FmpDevicePkg/FmpDevicePkg.dec new file mode 100644 index 0000000000..62fb98dbdb --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.dec @@ -0,0 +1,126 @@ +## @file +# Firmware Management Protocol Device Package # # This package provides +an implementation of a Firmware Management Protocol # instance that +supports the update of firmware storage devices using UEFI # Capsules. +The behavior of the Firmware Management Protocol instance is # +customized using libraries and PCDs. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR> # +Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> # # +Redistribution and use in source and binary forms, with or without # +modification, are permitted provided that the following conditions are met: +# 1. Redistributions of source code must retain the above copyright +notice, # this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +notice, # this list of conditions and the following disclaimer in the +documentation # and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR +ANY DIRECT, # INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, # BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF # LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +## + +[Defines] + DEC_SPECIFICATION = 0x00010005 + PACKAGE_NAME = FmpDevicePkg + PACKAGE_UNI_FILE = FmpDevicePkg.uni + PACKAGE_GUID = 080b5b4f-27c6-11e8-84d1-f8597177a00a + PACKAGE_VERSION = 0.1 + +[Includes] + Include + +[LibraryClasses] + ## @libraryclass Provides services to retrieve values from a capsule's FMP + # Payload Header. The structure is not included in the + # library class. Instead, services are provided to retrieve + # information from the FMP Payload Header. If information is + # added to the FMP Payload Header, then new services may be + # added to this library class to retrieve the new information. + FmpPayloadHeaderLib|Include/Library/FmpPayloadHeaderLib.h + + ## @libraryclass Provides platform policy services used during a capsule + # update. + CapsuleUpdatePolicyLib|Include/Library/CapsuleUpdatePolicyLib.h + + ## @libraryclass Provides firmware device specific services to support + # updates of a firmware image stored in a firmware device. + FmpDeviceLib|Include/Library/FmpDeviceLib.h + +[Guids] + ## Firmware Management Protocol Device Package Token Space GUID + gFmpDevicePkgTokenSpaceGuid = { 0x40b2d964, 0xfe11, 0x40dc, { 0x82, +0x83, 0x2e, 0xfb, 0xda, 0x29, 0x53, 0x56 } } + +[PcdsFeatureFlag] + ## Indicates if a full system reset is required before a firmware +update to a + # firmware devices takes effect.<BR><BR> + # TRUE - System reset is required.<BR> + # FALSE - System reset is not required.<BR> + # @Prompt FMP Device System Reset Required. + +gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceSystemResetRequired|TRUE|BOOLEA +N|0x40000008 + +[PcdsFixedAtBuild, PcdsPatchableInModule] + ## The color of the progress bar during a firmware update. Each +firmware + # device can set its own color. The default color is white.<BR><BR> + # Bits 7..0 - Red<BR> + # Bits 15..8 - Green<BR> + # Bits 23..16 - Blue<BR> + # @Prompt Firmware Device Progress Bar Color. + +gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FFFFFF|UINT32 +|0x40000004 + + ## The Null-terminated Unicode string used to fill in the ImageIdName + field of # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the # GetImageInfo() service of the Firmware Management + Protocol for the firmware # device. An ImageIdName string must be provided for each firmware device. + # The default value is an empty string. + # @Prompt Firmware Device ImageIdName string. + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L""|VOID*|0x400000 + 07 + + ## The build time value used to fill in the LowestSupportedVersion + field of # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the # GetImageInfo() service of the Firmware Management + Protocol. This value is # only used if the firmware device does not + provide a method to report the # lowest supported version value from + the current firmware image and the # UEFI variable used to provide + the lowest supported version value does not # exist. The default value is 0. + # @Prompt Build Time Firmware Device Lowest Support Version. + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersio + n|0x0|UINT32|0x4000000C + + ## The time in seconds to arm a watchdog timer during the update of a + firmware # device. The watchdog is re-armed each time the + FmpDeviceLib calls the # Progress() function passed into + FmpDeviceSetImage() function. The # FmpDeviceLib calls Progress() + to update the percent completion of a # firmware update. If the + watchdog timer expires, the system reboots. A # value of 0 disables + the watchdog timer. The default value is 0 (watchdog # disabled). + # @Prompt Firmware Device Watchdog Time in Seconds. + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds| + 0x0|UINT8|0x4000000D + +[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] + ## One or more PKCS7 certificates used to verify a firmware device +capsule + # update image. Encoded using the Variable-Length Opaque Data +format of RFC + # 4506 External Data Representation Standard (XDR). The default +value is + # empty with 0 certificates. + # @Prompt One or more XDR encoded PKCS7 certificates used to verify firmware device capsule update images. + +gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr|{0x0}|VOID*| +0x4000000E + + ## An event GUID that locks the firmware device when the event is signaled. + # If this PCD is not a valid GUID value, then the firmware device is + locked # when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is + signaled. The # default value is empty, so by default the firmware + device is locked at the # end of the DXE phase. + # @Prompt Firmware Device Lock Event GUID. + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{0}|VOID*|0x4000 + 000F + +[UserExtensions.TianoCore."ExtraFiles"] + FmpDevicePkgExtra.uni diff --git a/FmpDevicePkg/FmpDevicePkg.uni b/FmpDevicePkg/FmpDevicePkg.uni new file mode 100644 index 0000000000..ba3f6d64c2 --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.uni @@ -0,0 +1,75 @@ +// /** @file +// Firmware Management Protocol Device Package // // This package +provides an implementation of a Firmware Management Protocol // +instance that supports the update of firmware storage devices using +UEFI // Capsules. The behavior of the Firmware Management Protocol +instance is // customized using libraries and PCDs. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> // +// This program and the accompanying materials are licensed and made +available under // the terms and conditions of the BSD License which accompanies this distribution. +// The full text of the license may be found at // +http://opensource.org/licenses/bsd-license.php +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" +BASIS, // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +// +// **/ + +#string STR_PACKAGE_ABSTRACT #language en-US "Firmware Management Protocol Software Development Kit" + +#string STR_PACKAGE_DESCRIPTION #language en-US "This package provides libraries that support the implementation of a module that produces the Firmware Management Protocol to support the update of a system firmware component." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_PROMPT #language en-US "FMP Device System Reset Required." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_HELP #language en-US "Indicates if a full system reset is required before a firmware update to a firmware device takes effect.<BR><BR>\n" + "TRUE - System reset is required.<BR>\n" + "FALSE - System reset is not required.<BR>" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_PROMPT #language en-US "Firmware Device Progress Bar Color." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_HELP #language en-US "The color of the progress bar during a firmware update. Each firmware" + "device can set its own color. The default color is white.<BR><BR>\n" + "Bits 7..0 - Red<BR>\n" + "Bits 15..8 - Green<BR>\n" + "Bits 23..16 - Blue<BR>\n" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_PROMPT #language en-US "Firmware Device ImageIdName string." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_HELP #language en-US "The Null-terminated Unicode string used to fill in the ImageIdName field of" + "the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the" + "GetImageInfo() service of the Firmware Management Protocol for the firmware" + "device. An ImageIdName string must be provided for each firmware device." + "The default value is an empty string." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupportedVersion_PROMPT #language en-US "Build Time Firmware Device Lowest Support Version." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupportedVersion_HELP #language en-US "The build time value used to fill in the LowestSupportedVersion field of" + "the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the" + "GetImageInfo() service of the Firmware Management Protocol. This value is" + "only used if the firmware device does not provide a method to report the" + "lowest supported version value from the current firmware image and the" + "UEFI variable used to provide the lowest supported version value does not" + "exist. The default value is 0." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeInSeconds_PROMPT #language en-US "Firmware Device Watchdog Time in Seconds." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeInSeconds_HELP #language en-US "Indicates the time in seconds to arm a watchdog timer during the update of" + "a firmware device. The watchdog is re-armed each time the FmpDeviceLib" + "calls the Progress() function passed into FmpDeviceSetImage() function." + "The FmpDeviceLib calls Progress() to update the percent completion of a" + "firmware update. If the watchdog timer expires, the system reboots. A" + "value of 0 disables the watchdog timer. The default value is 0 (watchdog" + "disabled)." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_PROMPT #language en-US "One or more XDR encoded PKCS7 certificates used to verify firmware device capsule update images" +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_HELP #language en-US "Provides one or more PKCS7 certificates used to verify a firmware device" + "capsule update image. This PCD is encoded using the Variable-Length Opaque" + "Data format of RFC 4506 External Data Representation Standard (XDR)." + "The default value is empty with 0 certificates." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_PROMPT #language en-US "Firmware Device Lock Event GUID." +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_HELP #language en-US "An event GUID that locks the firmware device when the event is signaled." + "If this PCD is not a valid GUID value, then the firmware device is locked" + "when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is signaled. The" + "default value is empty, so by default the firmware device is locked at the" + "end of the DXE phase." + + diff --git a/FmpDevicePkg/FmpDevicePkgExtra.uni b/FmpDevicePkg/FmpDevicePkgExtra.uni new file mode 100644 index 0000000000..fe49e8cd6c --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkgExtra.uni @@ -0,0 +1,18 @@ +// /** @file +// Firmware Management Protocol Device Package Localized Strings and Content. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> // +// This program and the accompanying materials are licensed and made +available under // the terms and conditions of the BSD License which accompanies this distribution. +// The full text of the license may be found at // +http://opensource.org/licenses/bsd-license.php +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" +BASIS, // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +// +// **/ + +#string STR_PROPERTIES_PACKAGE_NAME +#language en-US +"Firmware Management Protocol Device package" diff --git a/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h b/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h new file mode 100644 index 0000000000..b38f212859 --- /dev/null +++ b/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h @@ -0,0 +1,120 @@ +/** @file + Provides platform policy services used during a capsule update. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR> + Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __CAPSULE_UPDATE_POLICY_LIB__ +#define __CAPSULE_UPDATE_POLICY_LIB__ + +/** + Determine if the system power state supports a capsule update. + + @param[out] Good Returns TRUE if system power state supports a capsule + update. Returns FALSE if system power state does not + support a capsule update. Return value is only valid if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with result. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System power state can not be determined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemPower ( + OUT BOOLEAN *Good + ); + +/** + Determines if the system thermal state supports a capsule update. + + @param[out] Good Returns TRUE if system thermal state supports a capsule + update. Returns FALSE if system thermal state does not + support a capsule update. Return value is only valid if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with result. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System thermal state can not be determined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemThermal ( + IN OUT BOOLEAN *Good + ); + +/** + Determines if the system environment state supports a capsule update. + + @param[out] Good Returns TRUE if system environment state supports a capsule + update. Returns FALSE if system environment state does not + support a capsule update. Return value is only valid if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with result. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System environment state can not be determined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemEnvironment ( + IN OUT BOOLEAN *Good + ); + +/** + Determines if the Lowest Supported Version checks should be +performed. The + expected result from this function is TRUE. A platform can choose to +return + FALSE (e.g. during manufacturing or servicing) to allow a capsule +update to a + version below the current Lowest Supported Version. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +CheckLowestSupportedVersion ( + VOID + ); + +/** + Determines if the FMP device should be locked when the event +specified by + PcdFmpDeviceLockEventGuid is signaled. The expected result from this +function + is TRUE so the FMP device is always locked. A platform can choose to +return + FALSE (e.g. during manufacturing) to allow FMP devices to remain unlocked. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +LockFmpDeviceAtLockEventGuid ( + VOID + ); + +#endif diff --git a/FmpDevicePkg/Include/Library/FmpDeviceLib.h b/FmpDevicePkg/Include/Library/FmpDeviceLib.h new file mode 100644 index 0000000000..cdbe980183 --- /dev/null +++ b/FmpDevicePkg/Include/Library/FmpDeviceLib.h @@ -0,0 +1,385 @@ +/** @file + Provides firmware device specific services to support updates of a +firmware + image stored in a firmware device. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR> + Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __FMP_DEVICE_LIB__ +#define __FMP_DEVICE_LIB__ + +#include <Protocol/FirmwareManagement.h> + +/** + Callback function that installs a Firmware Management Protocol +instance onto + a handle. + + @param[in] Handle The device handle to install a Firmware Management + Protocol instance. + + @retval EFI_SUCCESS A Firmware Management Protocol instance was + installed onto Handle. + @retval EFI_INVALID_PARAMETER Handle is invalid + @retval other A Firmware Management Protocol instance could + not be installed onto Handle. + +**/ +typedef +EFI_STATUS +(EFIAPI *FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER)( + IN EFI_HANDLE Handle + ); + +/** + Provide a function to install the Firmware Management Protocol +instance onto a + device handle when the device is managed by a driver that follows the +UEFI + Driver Model. If the device is not managed by a driver that follows +the UEFI + Driver Model, then EFI_UNSUPPORTED is returned. + + @param[in] FmpInstaller Function that installs the Firmware Management + Protocol. + + @retval EFI_SUCCESS The device is managed by a driver that follows the + UEFI Driver Model. FmpInstaller must be called on + each Driver Binding Start(). + @retval EFI_UNSUPPORTED The device is not managed by a driver that follows + the UEFI Driver Model. + @retval other The Firmware Management Protocol for this firmware + device is not installed. The firmware device is + still locked using FmpDeviceLock(). + +**/ +EFI_STATUS +EFIAPI +RegisterFmpInstaller ( + IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER FmpInstaller + ); + +/** + Returns the size, in bytes, of the firmware image currently stored in +the + firmware device. This function is used to by the GetImage() and + GetImageInfo() services of the Firmware Management Protocol. If the +image + size can not be determined from the firmware device, then 0 must be returned. + + @return The size, in bytes, of the firmware image current stored in the + firmware device. Return 0 if the size can not be determined. + +**/ +UINTN +EFIAPI +FmpDeviceGetSize ( + VOID + ); + +/** + Returns the GUID value used to fill in the ImageTypeId field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the +GetImageInfo() + service of the Firmware Management Protocol. If EFI_UNSUPPORTED is +returned, + then the ImageTypeId field is set to gEfiCallerIdGuid. If +EFI_SUCCESS is + returned, then ImageTypeId is set to the Guid returned from this function. + + @param[out] Guid Double pointer to a GUID value that is updated to point to + to a GUID value. The GUID value is not allocated and must + not be modified or freed by the caller. + + @retval EFI_SUCCESS EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID is set + to the returned Guid value. + @retval EFI_UNSUPPORTED EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID is set + to gEfiCallerIdGuid. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImageTypeIdGuidPtr ( + OUT EFI_GUID **Guid + ); + +/** + Returns values used to fill in the AttributesSupported and +AttributesSettings + fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is +returned by the + GetImageInfo() service of the Firmware Management Protocol. The +following + bit values from the Firmware Management Protocol may be combined: + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE + IMAGE_ATTRIBUTE_RESET_REQUIRED + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED + IMAGE_ATTRIBUTE_IN_USE + IMAGE_ATTRIBUTE_UEFI_IMAGE + + @param[out] Supported Attributes supported by this firmware device. + @param[out] Setting Attributes settings for this firmware device. + +**/ +VOID +EFIAPI +FmpDeviceGetAttributes ( + IN OUT UINT64 *Supported, + IN OUT UINT64 *Setting + ); + +/** + Returns the value used to fill in the LowestSupportedVersion field of +the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the +GetImageInfo() + service of the Firmware Management Protocol. If EFI_SUCCESS is +returned, then + the firmware device supports a method to report the +LowestSupportedVersion + value from the currently stored firmware image. If the value can not +be + reported for the firmware image currently stored in the firmware +device, then + EFI_UNSUPPORTED must be returned. EFI_DEVICE_ERROR is returned if an +error + occurs attempting to retrieve the LowestSupportedVersion value for +the + currently stored firmware image. + + @note It is recommended that all firmware devices support a method to report + the LowestSupportedVersion value from the currently stored firmware + image. + + @param[out] LowestSupportedVersion LowestSupportedVersion value retrieved + from the currently stored firmware image. + + @retval EFI_SUCCESS The lowest supported version of currently stored + firmware image was returned in LowestSupportedVersion. + @retval EFI_UNSUPPORTED The firmware device does not support a method to + report the lowest supported version of the currently + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the lowest + supported version of the currently stored firmware + image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetLowestSupportedVersion ( + OUT UINT32 *LowestSupportedVersion + ); + +/** + Returns the Null-terminated Unicode string that is used to fill in +the + VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that +is + returned by the GetImageInfo() service of the Firmware Management Protocol. + If the VersionName string can not be reported by the firmware image +currently + stored in the firmware device, then NULL must be returned. +Otherwise, + a Null-terminated Unicode string containing the VersioName is returned. + The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePool(). + + @note It is recommended that all firmware devices support a method to report + the VersionName string from the currently stored firmware image. + + @retval NULL The firmware device does not support a method to report the + version string for the currently stored firmware image. + @retval NULL An error occurred attempting to retrieve the version string + for the currently stored firmware image. + @retval non NULL A pointer to an allocated buffer containing the version + string for the currently stored firmware image. + +**/ +CHAR16 * +EFIAPI +FmpDeviceGetVersionString ( + VOID + ); + +/** + Returns the value used to fill in the Version field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the +GetImageInfo() + service of the Firmware Management Protocol. If EFI_SUCCESS is +returned, then + the firmware device supports a method to report the Version value +from the + currently stored firmware image. If the value can not be reported +for the + firmware image currently stored in the firmware device, then +EFI_UNSUPPORTED + must be returned. EFI_DEVICE_ERROR is returned if an error occurs +attempting + to retrieve the LowestSupportedVersion value for the currently stored +firmware + image. + + @note It is recommended that all firmware devices support a method to report + the Version value from the currently stored firmware image. + + @param[out] Version The version value retrieved from the currently stored + firmware image. + + @retval EFI_SUCCESS The version of currently stored firmware image was + returned in Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method to + report the version of the currently stored firmware + image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the version + of the currently stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersion ( + OUT UINT32 *Version + ); + +/** + Returns a copy of the firmware image currently stored in the firmware device. + + @note It is recommended that all firmware devices support a method to retrieve + a copy currently stored firmware image. This can be used to support + features such as recovery and rollback. + + @param[out] Image Pointer to a caller allocated buffer where the + currently stored firmware image is copied to. + @param[in out] ImageSize Pointer the size, in bytes, of the Image buffer. + On return, points to the size, in bytes, of firmware + image currently stored in the firmware device. + + @retval EFI_SUCCESS Image contains a copy of the firmware image + currently stored in the firmware device, and + ImageSize contains the size, in bytes, of the + firmware image currently stored in the + firmware device. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small + to hold the firmware image currently stored in + the firmware device. The buffer size required + is returned in ImageSize. + @retval EFI_INVALID_PARAMETER The Image is NULL. + @retval EFI_INVALID_PARAMETER The ImageSize is NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the + firmware image currently stored in the firmware + device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImage ( + IN OUT VOID *Image, + IN IN OUT UINTN *ImageSize + ); + +/** + Checks if a new firmware image is valid for the firmware device. +This + function allows firmware update operation to validate the firmware +image + before FmpDeviceSetImage() is called. + + @param[in] Image Points to a new firmware image. + @param[in] ImageSize Size, in bytes, of a new firmware image. + @param[out] ImageUpdatable Indicates if a new firmware image is valid for + a firmware update to the firmware device. The + following values from the Firmware Management + Protocol are supported: + IMAGE_UPDATABLE_VALID + IMAGE_UPDATABLE_INVALID + IMAGE_UPDATABLE_INVALID_TYPE + IMAGE_UPDATABLE_INVALID_OLD + IMAGE_UPDATABLE_VALID_WITH_VENDOR_CODE + + @retval EFI_SUCCESS The image was successfully checked. Additional + status information is returned in + ImageUpdateable. + @retval EFI_INVALID_PARAMETER Image is NULL. + @retval EFI_INVALID_PARAMETER ImageUpdateable is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceCheckImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdateable + ); + +/** + Updates a firmware device with a new firmware image. This function +returns + EFI_UNSUPPORTED if the firmware image is not updatable. If the +firmware image + is updatable, the function should perform the following minimal +validations + before proceeding to do the firmware image update. + - Validate that the image is a supported image for this firmware device. + Return EFI_ABORTED if the image is not supported. Additional details + on why the image is not a supported image may be returned in AbortReason. + - Validate the data from VendorCode if is not NULL. Firmware image + validation must be performed before VendorCode data validation. + VendorCode data is ignored or considered invalid if image validation + fails. Return EFI_ABORTED if the VendorCode data is invalid. + + VendorCode enables vendor to implement vendor-specific firmware image + update policy. Null if the caller did not specify the policy or use + the default policy. As an example, vendor can implement a policy to + allow an option to force a firmware image update when the abort + reason is due to the new firmware image version is older than the + current firmware image version or bad image checksum. Sensitive + operations such as those wiping the entire firmware image and render + the device to be non-functional should be encoded in the image itself + rather than passed with the VendorCode. AbortReason enables vendor to + have the option to provide a more detailed description of the abort reason to the caller. + + @param[in] Image Points to the new firmware image. + @param[in] ImageSize Size, in bytes, of the new firmware image. + @param[in] VendorCode This enables vendor to implement vendor-specific + firmware image update policy. NULL indicates + the caller did not specify the policy or use the + default policy. + @param[in] Progress A function used to report the progress of + updating the firmware device with the new + firmware image. + @param[in] CapsuleFwVersion The version of the new firmware image from the + update capsule that provided the new firmware + image. + @param[out] AbortReason A pointer to a pointer to a Null-terminated + Unicode string providing more details on an + aborted operation. The buffer is allocated by + this function with + EFI_BOOT_SERVICES.AllocatePool(). It is the + caller's responsibility to free this buffer with + EFI_BOOT_SERVICES.FreePool(). + + @retval EFI_SUCCESS The firmware device was successfully updated + with the new firmware image. + @retval EFI_ABORTED The operation is aborted. Additional details + are provided in AbortReason. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceSetImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, OPTIONAL + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OPTIONAL + IN UINT32 CapsuleFwVersion, + OUT CHAR16 **AbortReason + ); + +/** + Lock the firmware device that contains a firmware image. Once a +firmware + device is locked, any attempts to modify the firmware image contents +in the + firmware device must fail. + + @note It is recommended that all firmware devices support a lock method to + prevent modifications to a stored firmware image. + + @note A firmware device lock mechanism is typically only cleared by a full + system reset (not just sleep state/low power mode). + + @retval EFI_SUCCESS The firmware device was locked. + @retval EFI_UNSUPPORTED The firmware device does not support + locking + +**/ +EFI_STATUS +EFIAPI +FmpDeviceLock ( + VOID + ); + +#endif diff --git a/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h b/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h new file mode 100644 index 0000000000..cb5622e9ce --- /dev/null +++ b/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h @@ -0,0 +1,100 @@ +/** @file + Provides services to retrieve values from a capsule's FMP Payload Header. + The structure is not included in the library class. Instead, +services are + provided to retrieve information from the FMP Payload Header. If +information + is added to the FMP Payload Header, then new services may be added to +this + library class to retrieve the new information. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR> + Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef _FMP_PAYLOAD_HEADER_LIB_H__ +#define _FMP_PAYLOAD_HEADER_LIB_H__ + +/** + Returns the FMP Payload Header size in bytes. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Size The size, in bytes, of the FMP Payload Header. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderSize ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Size + ); + +/** + Returns the version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Version The firmware version described in the FMP Payload + Header. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Version is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Version + ); + +/** + Returns the lowest supported version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] LowestSupportedVersion The lowest supported version described in + the FMP Payload Header. + + @retval EFI_SUCCESS The lowest support version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER LowestSupportedVersion is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderLowestSupportedVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + IN OUT UINT32 *LowestSupportedVersion + ); + +#endif -- 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2024 Red Hat, Inc.