From nobody Wed May 1 21:37:16 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1533864514834258.45788246566656; Thu, 9 Aug 2018 18:28:34 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id F37EB210E8D68; Thu, 9 Aug 2018 18:28:31 -0700 (PDT) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1840B210E8D67 for ; Thu, 9 Aug 2018 18:28:31 -0700 (PDT) Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Aug 2018 18:28:30 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.57]) by orsmga007.jf.intel.com with ESMTP; 09 Aug 2018 18:28:30 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,217,1531810800"; d="scan'208";a="63770846" From: Michael D Kinney To: edk2-devel@lists.01.org Date: Thu, 9 Aug 2018 18:28:23 -0700 Message-Id: <20180810012826.4052-2-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180810012826.4052-1-michael.d.kinney@intel.com> References: <20180810012826.4052-1-michael.d.kinney@intel.com> Subject: [edk2] [Patch 1/4] Vlv2TbltDevicePkg/Override/Bds: Add test key notification X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Kinney, Michael D" , David Wei MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RDMRC_1 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: "Kinney, Michael D" Cc: David Wei Cc: Mang Guo Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney Reviewed-by: Guo Mang --- .../Library/GenericBdsLib/BdsConsole.c | 11 +++++++= ++++ .../Library/GenericBdsLib/GenericBdsLib.inf | 1 + 2 files changed, 12 insertions(+) diff --git a/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/Gen= ericBdsLib/BdsConsole.c b/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePk= g/Library/GenericBdsLib/BdsConsole.c index 9c21cfcd59..b8968048f4 100644 --- a/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/GenericBds= Lib/BdsConsole.c +++ b/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/GenericBds= Lib/BdsConsole.c @@ -568,6 +568,17 @@ BdsLibConnectAllDefaultConsoles ( ); } =20 + // + // If any component set PcdTestKeyUsed to TRUE because use of a test key + // was detected, then display a warning message on the debug log and the= console + // + if (PcdGetBool (PcdTestKeyUsed) =3D=3D TRUE) { + DEBUG ((DEBUG_ERROR, "**********************************\n")); + DEBUG ((DEBUG_ERROR, "** WARNING: Test Key is used. **\n")); + DEBUG ((DEBUG_ERROR, "**********************************\n")); + Print (L"** WARNING: Test Key is used. **\n"); + } + return EFI_SUCCESS; =20 } diff --git a/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/Gen= ericBdsLib/GenericBdsLib.inf b/Vlv2TbltDevicePkg/Override/IntelFrameworkMod= ulePkg/Library/GenericBdsLib/GenericBdsLib.inf index bd93847941..a4a2a9db98 100644 --- a/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/GenericBds= Lib/GenericBdsLib.inf +++ b/Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/GenericBds= Lib/GenericBdsLib.inf @@ -138,6 +138,7 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderStart ## SOMETIMES= _CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable ## CONSUMES gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdShellFile ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed ## C= ONSUMES =20 # # [BootMode]=20 --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Wed May 1 21:37:16 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 153386451786277.94272240632608; Thu, 9 Aug 2018 18:28:37 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 295E221CAD998; Thu, 9 Aug 2018 18:28:32 -0700 (PDT) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3D48021B02822 for ; Thu, 9 Aug 2018 18:28:31 -0700 (PDT) Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Aug 2018 18:28:30 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.57]) by orsmga007.jf.intel.com with ESMTP; 09 Aug 2018 18:28:30 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,217,1531810800"; d="scan'208";a="63770850" From: Michael D Kinney To: edk2-devel@lists.01.org Date: Thu, 9 Aug 2018 18:28:24 -0700 Message-Id: <20180810012826.4052-3-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180810012826.4052-1-michael.d.kinney@intel.com> References: <20180810012826.4052-1-michael.d.kinney@intel.com> Subject: [edk2] [Patch 2/4] Vlv2TbltDevicePkg/Feature/Capsule: Add FmpDeviceLib instances X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Wei MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RDMRC_1 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Cc: David Wei Cc: Mang Guo Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney Reviewed-by: Guo Mang --- .../Capsule/Library/FmpDeviceLib/FmpDeviceLib.c | 607 +++++++++++++++++= ++++ .../Capsule/Library/FmpDeviceLib/FmpDeviceLib.inf | 63 +++ .../Library/FmpDeviceLibSample/FmpDeviceLib.c | 429 +++++++++++++++ .../Library/FmpDeviceLibSample/FmpDeviceLib.inf | 51 ++ 4 files changed, 1150 insertions(+) create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/= FmpDeviceLib.c create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/= FmpDeviceLib.inf create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.c create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/FmpDevi= ceLib.c b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/FmpDeviceL= ib.c new file mode 100644 index 0000000000..6725632664 --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/FmpDeviceLib.c @@ -0,0 +1,607 @@ +/** + +Copyright (c) 2016, Microsoft Corporation + +All rights reserved. +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: +1. Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright notic= e, +this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS= " AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPL= IED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DIS= CLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY D= IRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUD= ING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF U= SE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEO= RY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLI= GENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#include + +#include + +#include +#include +#include +#include +#include + +#include + +//#include + +//#include + +typedef struct { + PLATFORM_FIRMWARE_TYPE FirmwareType; + FLASH_ADDRESS_TYPE AddressType; + EFI_PHYSICAL_ADDRESS BaseAddress; + UINTN Length; + UINTN ImageOffset; +} UPDATE_CONFIG_DATA; + +UPDATE_CONFIG_DATA mUpdateConfigData[] =3D { + { PlatformFirmwareTypeSystemFirmware, FlashAddressTypeRelativeAddress, 0= x00000000, 0x00040000, 0x00000000 }, + { PlatformFirmwareTypeSystemFirmware, FlashAddressTypeRelativeAddress, 0= x000C0000, 0x00050000, 0x000C0000 }, + { PlatformFirmwareTypeSystemFirmware, FlashAddressTypeRelativeAddress, 0= x00110000, 0x00210000, 0x00110000 }, + { PlatformFirmwareTypeSystemFirmware, FlashAddressTypeRelativeAddress, 0= x00320000, 0x00070000, 0x00320000 }, + { PlatformFirmwareTypeSystemFirmware, FlashAddressTypeRelativeAddress, 0= x00390000, 0x00070000, 0x00390000 }, + { PlatformFirmwareTypeNvRam, FlashAddressTypeRelativeAddress, 0= x00040000, 0x00080000, 0x00040000 } +}; + +/** + Used to pass the FMP install function to this lib. This allows the libr= ary to + have control of the handle that the FMP instance is installed on. This = allows + the library to use DriverBinding protocol model to locate its device(s) = in the + system. + + @param[in] Func Function pointer to FMP install function. + + @retval EFI_SUCCESS Library has saved function pointer and will ca= ll + function pointer on each DriverBinding Start. + @retval EFI_UNSUPPORTED Library doesn't use driver binding and only su= pports + a single instance. + @retval other error Error occurred. Don't install FMP + +**/ +EFI_STATUS +EFIAPI +RegisterFmpInstaller ( + IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER Func + ) +{ + // + // This is a system firmware update that does not use Driver Binding Pro= tocol + // + return EFI_UNSUPPORTED; +} + + +/** + Returns the size, in bytes, of the firmware image currently stored in the + firmware device. This function is used to by the GetImage() and + GetImageInfo() services of the Firmware Management Protocol. If the ima= ge + size can not be determined from the firmware device, then 0 must be retu= rned. + + @param[out] Size Pointer to the size, in bytes, of the firmware image + currently stored in the firmware device. + + @retval EFI_SUCCESS The size of the firmware image currently + stored in the firmware device was returne= d. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support repo= rting + the size of the currently stored firmware= image. + @retval EFI_DEVICE_ERROR An error occured attempting to determine = the + size of the firmware image currently stor= ed in + in the firmware device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetSize ( + IN UINTN *Size + ) +{ + if (Size =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *Size =3D PcdGet32 (PcdBiosRomBase); + return EFI_SUCCESS; +} + +/** + Used to return a library supplied guid that will be the ImageTypeId guid= of + the FMP descriptor. This is optional but can be used if at runtime the = guid + needs to be determined. + + @param[out] Guid Double Guid Ptr that will be updated to point to guid. + This should be from static memory and will not be free= d. + + @return EFI_UNSUPPORTED Library instance doesn't need dynamic guid. + @return Error Any error will cause the wrapper to use the GUID + defined by PCD. + @return EFI_SUCCESS Guid ptr should be updated to point to static m= emeory + which contains a valid guid. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImageTypeIdGuidPtr ( + OUT EFI_GUID **Guid + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Returns values used to fill in the AttributesSupported and AttributesSet= tings + fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned b= y the + GetImageInfo() service of the Firmware Management Protocol. The followi= ng + bit values from the Firmware Management Protocol may be combined: + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE + IMAGE_ATTRIBUTE_RESET_REQUIRED + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED + IMAGE_ATTRIBUTE_IN_USE + IMAGE_ATTRIBUTE_UEFI_IMAGE + + @param[out] Supported Attributes supported by this firmware device. + @param[out] Setting Attributes settings for this firmware device. + + @retval EFI_SUCCESS The attributes supported by the firmware + device were returned. + @retval EFI_INVALID_PARAMETER Supported is NULL. + @retval EFI_INVALID_PARAMETER Setting is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetAttributes ( + IN OUT UINT64 *Supported, + IN OUT UINT64 *Setting + ) +{ + if (Supported =3D=3D NULL || Setting =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *Supported =3D (IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | + IMAGE_ATTRIBUTE_RESET_REQUIRED | + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED | + IMAGE_ATTRIBUTE_IN_USE + ); + *Setting =3D (IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | + IMAGE_ATTRIBUTE_RESET_REQUIRED | + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED | + IMAGE_ATTRIBUTE_IN_USE + ); + return EFI_SUCCESS; +} + +/** + Gets the current Lowest Supported Version. + + This is a protection mechanism so that a previous version with known iss= ue is + not applied. ONLY implement this if your running firmware has a method = to + return this at runtime. If EFI_UNSUPPORTED is returned, then the Lowest + Supported Version is stored in a UEFI Variable. + + @param[out] Version On return this value represents the current Lowest + Supported Version (in same format as GetVersion). + + @retval EFI_SUCCESS The Lowest Supported Version was correctly ret= rieved + @retval EFI_UNSUPPORTED Device firmware doesn't support reporting LSV + @retval EFI_DEVICE_ERROR Error occurred when trying to get the LSV +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetLowestSupportedVersion ( + IN OUT UINT32 *LowestSupportedVersion + ) +{ + // + // Retrieve the lowest support version from a PCD + // NOTE: This method of using a PCD can only be used for the system firm= ware + // FMP instance that is updated every time the system firmware is + // updated. If system firmware updates support partial updates th= at + // would not include the system firmware FMP instance, then a PCD = can + // not be used and the value must come from the currently running = system + // firmware image. + // + *LowestSupportedVersion =3D PcdGet32 (PcdSystemFirmwareFmpLowestSupporte= dVersion); + return EFI_SUCCESS; +} + + +/** + Returns the Null-terminated Unicode string that is used to fill in the + VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the GetImageInfo() service of the Firmware Management Protoc= ol. + The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePo= ol(). + + @note It is recommended that all firmware devices support a method to re= port + the VersionName string from the currently stored firmware image. + + @param[out] VersionString The version string retrieved from the current= ly + stored firmware image. + + @retval EFI_SUCCESS The version string of currently stored + firmware image was returned in Version. + @retval EFI_INVALID_PARAMETER VersionString is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support a me= thod + to report the version string of the curre= ntly + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + version string of the currently stored + firmware image. + @retval EFI_OUT_OF_RESOURCES There are not enough resources to allocat= e the + buffer for the version string of the curr= ently + stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersionString ( + OUT CHAR16 **VersionString + ) +{ + if (VersionString =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // + // Retrieve the version string from a PCD + // NOTE: This method of using a PCD can only be used for the system firm= ware + // FMP instance that is updated every time the system firmware is + // updated. If system firmware updates support partial updates th= at + // would not include the system firmware FMP instance, then a PCD = can + // not be used and the value must come from the currently running = system + // firmware image. + // + *VersionString =3D (CHAR16 *)AllocateCopyPool ( + PcdGetSize (PcdSystemFirmwareFmpVersionStri= ng), + PcdGetPtr (PcdSystemFirmwareFmpVersionStrin= g) + ); + if (*VersionString =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + return EFI_SUCCESS; +} + +/** + Gets the current running version. + + ONLY implement this if your running firmware has a method to return this= at + runtime. + + @param[out] Version On return this value represents the current running + version. + + @retval EFI_SUCCESS The version was correctly retrieved. + @retval EFI_UNSUPPORTED Device firmware doesn't support reporting curr= ent + version. + @retval EFI_DEVICE_ERROR Error occurred when trying to get the version. +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersion ( + IN OUT UINT32 *Version + ) +{ + // + // Retrieve the version string from a PCD + // NOTE: This method of using a PCD can only be used for the system firm= ware + // FMP instance that is updated every time the system firmware is + // updated. If system firmware updates support partial updates th= at + // would not include the system firmware FMP instance, then a PCD = can + // not be used and the value must come from the currently running = system + // firmware image. + // + *Version =3D PcdGet32 (PcdSystemFirmwareFmpVersion); + return EFI_SUCCESS; +} + + +/** + Retrieves a copy of the current firmware image of the device. + + This function allows a copy of the current firmware image to be created = and + saved. The saved copy could later been used, for example, in firmware i= mage + recovery or rollback. + + @param[out] Image Points to the buffer where the current image is c= opied + to. + @param[out] ImageSize On entry, points to the size of the buffer pointe= d to + by Image, in bytes. On return, points to the len= gth of + the image, in bytes. + + @retval EFI_SUCCESS The image was successfully read from the = device. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too = small + to hold the image. The current buffer size + needed to hold the image is returned in + ImageSize. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_NOT_FOUND The current image is not copied to the bu= ffer. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImage ( + IN OUT VOID *Image, + IN OUT UINTN *ImageSize + ) +{ + // + // Check for invalid p;arameters + // + if (Image =3D=3D NULL || ImageSize =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // + // Make sure the buffer is big enough to hold the device image + // + if (*ImageSize < PcdGet32 (PcdBiosRomSize)) { + *ImageSize =3D PcdGet32 (PcdBiosRomSize); + return EFI_BUFFER_TOO_SMALL; + } + + // + // Copy the device image to the buffer + // + *ImageSize =3D PcdGet32 (PcdBiosRomSize); + CopyMem ( + Image, + (VOID *)(UINTN)PcdGet32 (PcdBiosRomBase), + *ImageSize + ); + + return EFI_SUCCESS; +} + +/** + Updates the firmware image of the device. + + This function updates the hardware with the new firmware image. This fu= nction + returns EFI_UNSUPPORTED if the firmware image is not updatable. If the + firmware image is updatable, the function should perform the following m= inimal + validations before proceeding to do the firmware image update. + - Validate the image is a supported image for this device. The functi= on + returns EFI_ABORTED if the image is unsupported. The function can + optionally provide more detailed information on why the image is not= a + supported image. + - Validate the data from VendorCode if not null. Image validation mus= t be + performed before VendorCode data validation. VendorCode data is ign= ored + or considered invalid if image validation failed. The function retu= rns + EFI_ABORTED if the data is invalid. + + VendorCode enables vendor to implement vendor-specific firmware image up= date + policy. Null if the caller did not specify the policy or use the default + policy. As an example, vendor can implement a policy to allow an option= to + force a firmware image update when the abort reason is due to the new fi= rmware + image version is older than the current firmware image version or bad im= age + checksum. Sensitive operations such as those wiping the entire firmware= image + and render the device to be non-functional should be encoded in the image + itself rather than passed with the VendorCode. AbortReason enables vend= or to + have the option to provide a more detailed description of the abort reas= on to + the caller. + + @param[in] Image Points to the new image. + @param[in] ImageSize Size of the new image in bytes. + @param[in] VendorCode This enables vendor to implement vendor-sp= ecific + firmware image update policy. Null indicat= es the + caller did not specify the policy or use t= he + default policy. + @param[in] Progress A function used by the driver to report the + progress of the firmware update. + @param[in] CapsuleFwVersion FMP Payload Header version of the image. + @param[out] AbortReason A pointer to a pointer to a null-terminated + string providing more details for the abor= ted + operation. The buffer is allocated by this + function with AllocatePool(), and it is the + caller's responsibility to free it with a = call + to FreePool(). + + @retval EFI_SUCCESS The device was successfully updated with = the + new image. + @retval EFI_ABORTED The operation is aborted. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceSetImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, + IN UINT32 CapsuleFwVersion, + OUT CHAR16 **AbortReason + ) +{ + EFI_STATUS Status; + UINT32 Updateable; + UINTN Percentage; + UINTN Index; + UPDATE_CONFIG_DATA *ConfigData; + UINTN TotalSize; + UINTN BytesWritten; + + Updateable =3D 0; + Status =3D FmpDeviceCheckImage (Image, ImageSize, &Updateable); + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "FmpDeviceSetImage - Check Image failed with %r.\n= ", Status)); + return Status; + } + + if (Updateable !=3D IMAGE_UPDATABLE_VALID) { + DEBUG((DEBUG_ERROR, "FmpDeviceSetImage - Check Image returned that the= Image was not valid for update. Updatable value =3D 0x%X.\n", Updateable)= ); + return EFI_ABORTED; + } + + if (Progress =3D=3D NULL) { + DEBUG((DEBUG_ERROR, "FmpDeviceSetImage - Invalid progress callback\n")= ); + return EFI_INVALID_PARAMETER; + } + + Status =3D Progress (15); + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "FmpDeviceSetImage - Progress Callback failed with= Status %r.\n", Status)); + } + + // + // Write the image to the firmware device + // + Progress (20); + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "FmpDeviceSetImage - Progress Callback failed with= Status %r.\n", Status)); + } + + // + // Simulate update with delays between progress updates + // + for (Percentage =3D 20; Percentage <=3D 100; Percentage++) { + // + // Wait 0.05 seconds + // +// gBS->Stall (50000); + +// Progress (Percentage); +// if (EFI_ERROR (Status)) { +// DEBUG((DEBUG_ERROR, "FmpDeviceSetImage - Progress Callback failed = with Status %r.\n", Status)); +// } + } + + DEBUG ((DEBUG_INFO, "FmpDeviceSetImage - %d Images ...\n", ARRAY_SIZE (m= UpdateConfigData))); + + if (ARRAY_SIZE (mUpdateConfigData) =3D=3D 0) { + DEBUG((DEBUG_INFO, "PlatformUpdate: BaseAddress - 0x%lx ImageOffset - = 0x%x Length - 0x%x\n", 0, 0, ImageSize)); + Status =3D PerformFlashWriteWithProgress ( + PlatformFirmwareTypeSystemFirmware, // FirmwareType + 0x00000000, // FlashAddress + FlashAddressTypeRelativeAddress, // FlashAddressType + (VOID *)(UINTN)Image, // Buffer + ImageSize, // BufferLength + Progress, // Progress + 20, // StartPercentage + 100 // EndPercentage + ); + } + + + // + // Compute total size of update + // + for (Index =3D 0, TotalSize =3D 0; Index < ARRAY_SIZE (mUpdateConfigData= ); Index++) { + TotalSize +=3D mUpdateConfigData[Index].Length; + } + + BytesWritten =3D 0; + for (Index =3D 0, ConfigData =3D mUpdateConfigData; Index < ARRAY_SIZE (= mUpdateConfigData); Index++, ConfigData++) { + DEBUG((DEBUG_INFO, "PlatformUpdate(%d): BaseAddress - 0x%lx ImageOffse= t - 0x%x Length - 0x%x\n", + Index, + ConfigData->BaseAddress, + ConfigData->ImageOffset, + ConfigData->Length + )); + Status =3D PerformFlashWriteWithProgress ( + ConfigData->FirmwareType, = // FirmwareType + ConfigData->BaseAddress, = // FlashAddress + ConfigData->AddressType, = // FlashAddressType + (VOID *)((UINTN)Image + (UINTN)ConfigData->ImageOffset), = // Buffer + ConfigData->Length, = // BufferLength + Progress, = // Progress + 20 + (BytesWritten * 80) / TotalSize, = // StartPercentage + 20 + ((BytesWritten + ConfigData->Length) * 80) / TotalSize= // EndPercentage + ); + if (EFI_ERROR(Status)) { + break; + } + BytesWritten +=3D ConfigData->Length; + } + + DEBUG ((DEBUG_INFO, "FmpDeviceSetImage - %r\n", Status)); + + return Status; +} + +/** +Checks if the firmware image is valid for the device. + +This function allows firmware update application to validate the firmware = image without +invoking the SetImage() first. + +@param[in] Image Points to the new image. +@param[in] ImageSize Size of the new image in bytes. +@param[out] ImageUpdatable Indicates if the new image is valid for upd= ate. It also provides, +if available, additional information if the image is invalid. + +@retval EFI_SUCCESS The image was successfully checked. +@retval EFI_INVALID_PARAMETER The Image was NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceCheckImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdateable + ) +{ + if (ImageUpdateable =3D=3D NULL) { + DEBUG((DEBUG_ERROR, "CheckImage - ImageUpdateable Pointer Parameter is= NULL.\n")); + return EFI_INVALID_PARAMETER; + } + + // + //Set to valid and then if any tests fail it will update this flag. + // + *ImageUpdateable =3D IMAGE_UPDATABLE_VALID; + + if (Image =3D=3D NULL) { + DEBUG((DEBUG_ERROR, "CheckImage - Image Pointer Parameter is NULL.\n")= ); + // + // Not sure if this is needed + // + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID; + return EFI_INVALID_PARAMETER; + } + + // + // Make sure the image size is correct + // + if (ImageSize !=3D PcdGet32 (PcdBiosRomSize)) { + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID; + return EFI_INVALID_PARAMETER; + } + + return EFI_SUCCESS; +} + +/** + Device firmware should trigger lock mechanism so that device fw can not = be + updated or tampered with. This lock mechanism is generally only cleared = by a + full system reset (not just sleep state/low power mode) + + @retval EFI_SUCCESS The device was successfully locked. + @retval EFI_UNSUPPORTED The hardware device/firmware doesn't suppo= rt locking + +**/ +EFI_STATUS +EFIAPI +FmpDeviceLock ( + VOID + ) +{ + DEBUG ((DEBUG_INFO, "VLV2: FmpDeviceLock() for system FLASH\n")); + // TODO: Add lock logic + return EFI_UNSUPPORTED; +} diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/FmpDevi= ceLib.inf b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/FmpDevic= eLib.inf new file mode 100644 index 0000000000..af4eabf0ad --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/FmpDeviceLib.i= nf @@ -0,0 +1,63 @@ +## +# Copyright (c) 2016, Microsoft Corporation + +# All rights reserved. +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are m= et: +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright not= ice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D Vlv2FmpDeviceLib + FILE_GUID =3D 83723F51-39B5-4D99-A974-90132AB55F83 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D FmpDeviceLib|DXE_DRIVER + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Sources] + FmpDeviceLib.c + +[Packages] + MdePkg/MdePkg.dec + FmpDevicePkg/FmpDevicePkg.dec + SignedCapsulePkg/SignedCapsulePkg.dec + Vlv2TbltDevicePkg/PlatformPkg.dec + +[LibraryClasses] + DebugLib + BaseLib + BaseMemoryLib + MemoryAllocationLib + UefiBootServicesTableLib + PlatformFlashAccessLib + +[Pcd] + gPlatformModuleTokenSpaceGuid.PcdBiosRomBase + gPlatformModuleTokenSpaceGuid.PcdBiosRomSize + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpLowestSupportedVersion + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersion + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersionString + diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibSample/F= mpDeviceLib.c b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibSampl= e/FmpDeviceLib.c new file mode 100644 index 0000000000..19a152bfc5 --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibSample/FmpDevic= eLib.c @@ -0,0 +1,429 @@ +/** + +Copyright (c) 2016, Microsoft Corporation + +All rights reserved. +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: +1. Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright notic= e, +this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS= " AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPL= IED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DIS= CLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY D= IRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUD= ING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF U= SE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEO= RY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLI= GENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + + +#include +#include +#include +#include +#include +#include +#include +#include + +/** + Used to pass the FMP install function to this lib. + This allows the library to have control of the handle + that the FMP instance is installed on. This allows the library + to use DriverBinding protocol model to locate its device(s) in the + system. + + @param[in] Function pointer to FMP install function. + + @retval EFI_SUCCESS Library has saved function pointer and will cal= l function pointer on each DriverBinding Start. + @retval EFI_UNSUPPORTED Library doesn't use driver binding and only sup= ports a single instance. + @retval other error Error occurred. Don't install FMP + +**/ +EFI_STATUS +EFIAPI +RegisterFmpInstaller( +IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER Func +) +{ + // Because this is a sample lib with very simple fake device we don't use + // the driverbinding protocol to locate our device. + // + return EFI_UNSUPPORTED; +} + + +/** +Used to get the size of the image in bytes. +NOTE - Do not return zero as that will identify the device as +not updatable. + +@retval UINTN that represents the size of the firmware. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetSize ( + IN UINTN *Size + ) +{ + if (Size =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *Size =3D 0x1000; + return EFI_SUCCESS; +} + +/** +Used to return a library supplied guid that will be the ImageTypeId guid o= f the FMP descriptor. +This is optional but can be used if at runtime the guid needs to be determ= ined. + +@param Guid: Double Guid Ptr that will be updated to point to guid. Thi= s should be from static memory +and will not be freed. +@return EFI_UNSUPPORTED: if you library instance doesn't need dynamic guid= return this. +@return Error: Any error will cause the wrapper to use the GUID defined by= PCD +@return EFI_SUCCESS: Guid ptr should be updated to point to static memeor= y which contains a valid guid +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImageTypeIdGuidPtr( + OUT EFI_GUID** Guid) +{ + //this instance doesn't need dynamic guid detection. + return EFI_UNSUPPORTED; +} + +/** + Returns values used to fill in the AttributesSupported and AttributesSet= tings + fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned b= y the + GetImageInfo() service of the Firmware Management Protocol. The followi= ng + bit values from the Firmware Management Protocol may be combined: + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE + IMAGE_ATTRIBUTE_RESET_REQUIRED + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED + IMAGE_ATTRIBUTE_IN_USE + IMAGE_ATTRIBUTE_UEFI_IMAGE + + @param[out] Supported Attributes supported by this firmware device. + @param[out] Setting Attributes settings for this firmware device. + + @retval EFI_SUCCESS The attributes supported by the firmware + device were returned. + @retval EFI_INVALID_PARAMETER Supported is NULL. + @retval EFI_INVALID_PARAMETER Setting is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetAttributes ( + IN OUT UINT64 *Supported, + IN OUT UINT64 *Setting + ) +{ + if (Supported =3D=3D NULL || Setting =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *Supported =3D (IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | IMAGE_ATTRIBUTE_IN_USE= ); + *Setting =3D (IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | IMAGE_ATTRIBUTE_IN_USE= ); + return EFI_SUCCESS; +} + +/** +Gets the current Lowest Supported Version. +This is a protection mechanism so that a previous version with known issue= is not +applied. + +ONLY implement this if your running firmware has a method to return this a= t runtime. + +@param[out] Version On return this value represents the +current Lowest Supported Version (in same format as GetVersion). + +@retval EFI_SUCCESS The Lowest Supported Version was correctly r= etrieved +@retval EFI_UNSUPPORTED Device firmware doesn't support reporting LSV +@retval EFI_DEVICE_ERROR Error occurred when trying to get the LSV +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetLowestSupportedVersion ( + IN OUT UINT32* LowestSupportedVersion + ) +{ + return EFI_UNSUPPORTED; +} + + +/** + Returns the Null-terminated Unicode string that is used to fill in the + VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the GetImageInfo() service of the Firmware Management Protoc= ol. + The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePo= ol(). + + @note It is recommended that all firmware devices support a method to re= port + the VersionName string from the currently stored firmware image. + + @param[out] VersionString The version string retrieved from the current= ly + stored firmware image. + + @retval EFI_SUCCESS The version string of currently stored + firmware image was returned in Version. + @retval EFI_INVALID_PARAMETER VersionString is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support a me= thod + to report the version string of the curre= ntly + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + version string of the currently stored + firmware image. + @retval EFI_OUT_OF_RESOURCES There are not enough resources to allocat= e the + buffer for the version string of the curr= ently + stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersionString ( + OUT CHAR16 **VersionString + ) +{ + if (VersionString =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + *VersionString =3D NULL; + return EFI_UNSUPPORTED; +} + +/** +Gets the current running version. +ONLY implement this if your running firmware has a method to return this a= t runtime. + +@param[out] Version On return this value represents the current = running version + +@retval EFI_SUCCESS The version was correctly retrieved +@retval EFI_UNSUPPORTED Device firmware doesn't support reporting cu= rrent version +@retval EFI_DEVICE_ERROR Error occurred when trying to get the version +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersion( +IN OUT UINT32* Version +) +{ + return EFI_UNSUPPORTED; +} + + +/** +Retrieves a copy of the current firmware image of the device. + +This function allows a copy of the current firmware image to be created an= d saved. +The saved copy could later been used, for example, in firmware image recov= ery or rollback. + +@param[out] Image Points to the buffer where the current imag= e is copied to. +@param[out] ImageSize On entry, points to the size of the buffer = pointed to by Image, in bytes. +On return, points to the length of the image, in bytes. + +@retval EFI_SUCCESS The device was successfully updated with th= e new image. +@retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too sm= all to hold the +image. The current buffer size needed to hold the image is returned +in ImageSize. +@retval EFI_INVALID_PARAMETER The Image was NULL. +@retval EFI_NOT_FOUND The current image is not copied to the buff= er. +@retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImage( +IN OUT VOID *Image, +IN OUT UINTN *ImageSize +) +/*++ + +Routine Description: + + This is a function used to read the current firmware from the device i= nto memory. + This is an optional function and can return EFI_UNSUPPORTED. This is = useful for + test and diagnostics. + +Arguments: + Image -- Buffer to place the image into. + ImageSize -- Size of the Image buffer. + +Return Value: + + EFI_STATUS code. + If not possible or not practical return EFI_UNSUPPORTED. + +--*/ +{ + return EFI_UNSUPPORTED; +}//GetImage() + + +/** +Updates the firmware image of the device. + +This function updates the hardware with the new firmware image. +This function returns EFI_UNSUPPORTED if the firmware image is not updatab= le. +If the firmware image is updatable, the function should perform the follow= ing minimal validations +before proceeding to do the firmware image update. +- Validate the image is a supported image for this device. The function r= eturns EFI_ABORTED if +the image is unsupported. The function can optionally provide more detail= ed information on +why the image is not a supported image. +- Validate the data from VendorCode if not null. Image validation must be= performed before +VendorCode data validation. VendorCode data is ignored or considered inva= lid if image +validation failed. The function returns EFI_ABORTED if the data is invali= d. + +VendorCode enables vendor to implement vendor-specific firmware image upda= te policy. Null if +the caller did not specify the policy or use the default policy. As an ex= ample, vendor can implement +a policy to allow an option to force a firmware image update when the abor= t reason is due to the new +firmware image version is older than the current firmware image version or= bad image checksum. +Sensitive operations such as those wiping the entire firmware image and re= nder the device to be +non-functional should be encoded in the image itself rather than passed wi= th the VendorCode. +AbortReason enables vendor to have the option to provide a more detailed d= escription of the abort +reason to the caller. + +@param[in] Image Points to the new image. +@param[in] ImageSize Size of the new image in bytes. +@param[in] VendorCode This enables vendor to implement vendor-spe= cific firmware image update policy. +Null indicates the caller did not specify the policy or use the default po= licy. +@param[in] Progress A function used by the driver to report the= progress of the firmware update. +@param[in] CapsuleFwVersion FMP Payload Header version of the image +@param[out] AbortReason A pointer to a pointer to a null-terminated= string providing more +details for the aborted operation. The buffer is allocated by this function +with AllocatePool(), and it is the caller's responsibility to free it with= a +call to FreePool(). + +@retval EFI_SUCCESS The device was successfully updated with th= e new image. +@retval EFI_ABORTED The operation is aborted. +@retval EFI_INVALID_PARAMETER The Image was NULL. +@retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceSetImage ( +IN CONST VOID *Image, +IN UINTN ImageSize, +IN CONST VOID *VendorCode, +IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, +IN UINT32 CapsuleFwVersion, +OUT CHAR16 **AbortReason +) +{ + EFI_STATUS Status =3D EFI_SUCCESS; + UINT32 Updateable =3D 0; + + Status =3D FmpDeviceCheckImage(Image, ImageSize, &Updateable); + if (EFI_ERROR(Status)) + { + DEBUG((DEBUG_ERROR, "SetImage - Check Image failed with %r.\n", St= atus)); + goto cleanup; + } + + if (Updateable !=3D IMAGE_UPDATABLE_VALID) + { + DEBUG((DEBUG_ERROR, "SetImage - Check Image returned that the Imag= e was not valid for update. Updatable value =3D 0x%X.\n", Updateable)); + Status =3D EFI_ABORTED; + goto cleanup; + } + + if (Progress =3D=3D NULL) + { + DEBUG((DEBUG_ERROR, "SetImage - Invalid progress callback\n")); + Status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + Status =3D Progress(15); + if (EFI_ERROR(Status)) + { + DEBUG((DEBUG_ERROR, "SetImage - Progress Callback failed with Stat= us %r.\n", Status)); + } + + { + UINTN p; + + for (p =3D 20; p < 100; p++) { + gBS->Stall (100000); //us =3D 0.1 seconds + Progress (p); + } + } + + //TODO: add support for VendorCode, and AbortReason +cleanup: + return Status; +}// SetImage() + + + +/** +Checks if the firmware image is valid for the device. + +This function allows firmware update application to validate the firmware = image without +invoking the SetImage() first. + +@param[in] Image Points to the new image. +@param[in] ImageSize Size of the new image in bytes. +@param[out] ImageUpdatable Indicates if the new image is valid for upd= ate. It also provides, +if available, additional information if the image is invalid. + +@retval EFI_SUCCESS The image was successfully checked. +@retval EFI_INVALID_PARAMETER The Image was NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceCheckImage( +IN CONST VOID *Image, +IN UINTN ImageSize, +OUT UINT32 *ImageUpdateable +) +{ + EFI_STATUS status =3D EFI_SUCCESS; + + if (ImageUpdateable =3D=3D NULL) + { + DEBUG((DEBUG_ERROR, "CheckImage - ImageUpdateable Pointer Paramete= r is NULL.\n")); + status =3D EFI_INVALID_PARAMETER; + goto cleanup; + } + + // + //Set to valid and then if any tests fail it will update this flag. + // + *ImageUpdateable =3D IMAGE_UPDATABLE_VALID; + + if (Image =3D=3D NULL) + { + DEBUG((DEBUG_ERROR, "CheckImage - Image Pointer Parameter is NULL.= \n")); + *ImageUpdateable =3D IMAGE_UPDATABLE_INVALID; //not sure if this i= s needed + return EFI_INVALID_PARAMETER; + } + +cleanup: + return status; +}// CheckImage() + +/** +Device firmware should trigger lock mechanism so that device fw can not be= updated or tampered with. +This lock mechanism is generally only cleared by a full system reset (not = just sleep state/low power mode) + +@retval EFI_SUCCESS The device was successfully locked. +@retval EFI_UNSUPPORTED The hardware device/firmware doesn't support= locking + +**/ +EFI_STATUS +EFIAPI +FmpDeviceLock( +) +{ + return EFI_SUCCESS; +} diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibSample/F= mpDeviceLib.inf b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibSam= ple/FmpDeviceLib.inf new file mode 100644 index 0000000000..6914c57ee7 --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibSample/FmpDevic= eLib.inf @@ -0,0 +1,51 @@ +## +# Copyright (c) 2016, Microsoft Corporation + +# All rights reserved. +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are m= et: +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright not= ice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D Vlv2FmpDeviceLibSample + FILE_GUID =3D 582DF9AB-E626-42A8-A11C-3FEA098FF3FA + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D FmpDeviceLib|DXE_DRIVER + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Sources] + FmpDeviceLib.c + +[Packages] + MdePkg/MdePkg.dec + FmpDevicePkg/FmpDevicePkg.dec + +[LibraryClasses] + DebugLib + BaseLib + UefiBootServicesTableLib #for stall...remove later as stall is only ne= eded to show progress + --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Wed May 1 21:37:16 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1533864520916745.4993210639007; Thu, 9 Aug 2018 18:28:40 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 5A880210E8D70; Thu, 9 Aug 2018 18:28:33 -0700 (PDT) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 676FA21962301 for ; Thu, 9 Aug 2018 18:28:31 -0700 (PDT) Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Aug 2018 18:28:30 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.57]) by orsmga007.jf.intel.com with ESMTP; 09 Aug 2018 18:28:30 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,217,1531810800"; d="scan'208";a="63770852" From: Michael D Kinney To: edk2-devel@lists.01.org Date: Thu, 9 Aug 2018 18:28:25 -0700 Message-Id: <20180810012826.4052-4-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180810012826.4052-1-michael.d.kinney@intel.com> References: <20180810012826.4052-1-michael.d.kinney@intel.com> Subject: [edk2] [Patch 3/4] Vlv2TbltDevicePkg/Capsule: Add scripts to generate capsules X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Wei MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RDMRC_1 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Use GenerateCapsule to generate capsules for MinnowMax debug and release builds and sample devices. Cc: David Wei Cc: Mang Guo Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney Reviewed-by: Guo Mang --- .../Capsule/GenerateCapsule/GenCapsuleAll.bat | 35 +++++ .../GenerateCapsule/GenCapsuleMinnowMax.bat | 139 +++++++++++++++++= +++ .../GenerateCapsule/GenCapsuleMinnowMaxRelease.bat | 139 +++++++++++++++++= +++ .../GenerateCapsule/GenCapsuleSampleColor.bat | 145 +++++++++++++++++= ++++ ...kenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc | 1 + ...kenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc | 1 + ...kenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc | 1 + 7 files changed, 461 insertions(+) create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCa= psuleAll.bat create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCa= psuleMinnowMax.bat create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCa= psuleMinnowMaxRelease.bat create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCa= psuleSampleColor.bat create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/NewRo= ot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPL= E_DEVELOPMENT.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXd= r.inc create mode 100644 Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPL= E_DEVELOPMENT_SAMPLE_PRODUCTION.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevic= ePkcs7CertBufferXdr.inc diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleAl= l.bat b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleAll.bat new file mode 100644 index 0000000000..df326dc3af --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleAll.bat @@ -0,0 +1,35 @@ +@REM @file +@REM Windows batch file to generate UEFI capsules for system firmware and +@REM firmware for sample devices +@REM +@REM Copyright (c) 2018, Intel Corporation. All rights reserved.
+@REM This program and the accompanying materials +@REM are licensed and made available under the terms and conditions of the= BSD License +@REM which accompanies this distribution. The full text of the license ma= y be found at +@REM http://opensource.org/licenses/bsd-license.php +@REM +@REM THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +@REM WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR = IMPLIED. +@REM + +@echo off +setlocal +cd /d %~dp0 + +rmdir /s /q %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules +mkdir %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules +mkdir %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\SampleDevelopment +mkdir %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\NewCert +mkdir %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\TestCert +copy %WORKSPACE%\Build\Vlv2TbltDevicePkg\DEBUG_VS2015x86\X64\CapsuleApp.ef= i %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\SampleDevelopment\CapsuleApp= .efi +copy %WORKSPACE%\Build\Vlv2TbltDevicePkg\RELEASE_VS2015x86\X64\CapsuleApp.= efi %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\SampleDevelopment\CapsuleA= ppRelease.efi +copy %WORKSPACE%\Build\Vlv2TbltDevicePkg\DEBUG_VS2015x86\X64\CapsuleApp.ef= i %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\NewCert\CapsuleApp.efi +copy %WORKSPACE%\Build\Vlv2TbltDevicePkg\RELEASE_VS2015x86\X64\CapsuleApp.= efi %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\NewCert\CapsuleAppRelease.= efi +copy %WORKSPACE%\Build\Vlv2TbltDevicePkg\DEBUG_VS2015x86\X64\CapsuleApp.ef= i %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\TestCert\CapsuleApp.efi +copy %WORKSPACE%\Build\Vlv2TbltDevicePkg\RELEASE_VS2015x86\X64\CapsuleApp.= efi %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\TestCert\CapsuleAppRelease= .efi + +call GenCapsuleMinnowMax.bat +call GenCapsuleMinnowMaxRelease.bat +call GenCapsuleSampleColor.bat Blue 149DA854-7D19-4FAA-A91E-862EA1324BE6 +call GenCapsuleSampleColor.bat Green 79179BFD-704D-4C90-9E02-0AB8D968C18A +call GenCapsuleSampleColor.bat Red 72E2945A-00DA-448E-9AA7-075AD840F9D4 diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleMi= nnowMax.bat b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleM= innowMax.bat new file mode 100644 index 0000000000..2a049c4c0f --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleMinnowMax= .bat @@ -0,0 +1,139 @@ +@REM @file +@REM Windows batch file to generate UEFI capsules for system firmware +@REM +@REM Copyright (c) 2018, Intel Corporation. All rights reserved.
+@REM This program and the accompanying materials +@REM are licensed and made available under the terms and conditions of the= BSD License +@REM which accompanies this distribution. The full text of the license ma= y be found at +@REM http://opensource.org/licenses/bsd-license.php +@REM +@REM THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +@REM WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR = IMPLIED. +@REM + +@echo off +setlocal + +set FMP_CAPSULE_VENDOR=3DIntel +set FMP_CAPSULE_GUID=3D4096267B-DA0A-42EB-B5EB-FEF31D207CB4 +set FMP_CAPSULE_FILE=3DMinnowMax.cap +set FMP_CAPSULE_VERSION=3D0x00000009 +set FMP_CAPSULE_STRING=3D0.0.0.9 +set FMP_CAPSULE_NAME=3D"Intel MinnowMax DEBUG UEFI %FMP_CAPSULE_STRING%" +set FMP_CAPSULE_LSV=3D0x00000000 +set FMP_CAPSULE_KEY=3DSAMPLE_DEVELOPMENT.pfx +set FMP_CAPSULE_PAYLOAD=3D%WORKSPACE%\Build\Vlv2TbltDevicePkg\DEBUG_VS2015= x86\FV\Vlv.ROM +set WINDOWS_CAPSULE_KEY=3DSAMPLE_DEVELOPMENT.pfx + +if not exist "%FMP_CAPSULE_PAYLOAD%" exit /b + +if exist "%FMP_CAPSULE_KEY%" ( + REM + REM Sign capsule using signtool + REM + call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3D"c:\Program Files (x86)\Windows Kits\8.1\bin\x86= " ^ + --pfx-file %FMP_CAPSULE_KEY% ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + + copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\Sam= pleDevelopment + + if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Ca= psules\SampleDevelopment\MinnowMaxWindowsCapsule + rmdir /s /q WindowsCapsule + ) + erase %FMP_CAPSULE_FILE% +) + +if exist "NewCert.pem" ( + REM + REM Sign capsule using OpenSSL with a new certificate + REM + call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3Dc:\OpenSSL-Win32\bin ^ + --signer-private-cert=3DNewCert.pem ^ + --other-public-cert=3DNewSub.pub.pem ^ + --trusted-public-cert=3DNewRoot.pub.pem ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + + copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\New= Cert + + if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Ca= psules\NewCert\MinnowMaxWindowsCapsule + rmdir /s /q WindowsCapsule + ) + erase %FMP_CAPSULE_FILE% +) + +REM +REM Sign capsule using OpenSSL with EDK II Test Certificate +REM +call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3Dc:\OpenSSL-Win32\bin ^ + --signer-private-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Si= gn\TestCert.pem ^ + --other-public-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Sign= \TestSub.pub.pem ^ + --trusted-public-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Si= gn\TestRoot.pub.pem ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + +copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\TestC= ert + +if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Caps= ules\TestCert\MinnowMaxWindowsCapsule + rmdir /s /q WindowsCapsule +) + +erase %FMP_CAPSULE_FILE% diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleMi= nnowMaxRelease.bat b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenC= apsuleMinnowMaxRelease.bat new file mode 100644 index 0000000000..c0cdac0904 --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleMinnowMax= Release.bat @@ -0,0 +1,139 @@ +@REM @file +@REM Windows batch file to generate UEFI capsules for system firmware +@REM +@REM Copyright (c) 2018, Intel Corporation. All rights reserved.
+@REM This program and the accompanying materials +@REM are licensed and made available under the terms and conditions of the= BSD License +@REM which accompanies this distribution. The full text of the license ma= y be found at +@REM http://opensource.org/licenses/bsd-license.php +@REM +@REM THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +@REM WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR = IMPLIED. +@REM + +@echo off +setlocal + +set FMP_CAPSULE_VENDOR=3DIntel +set FMP_CAPSULE_GUID=3D4096267B-DA0A-42EB-B5EB-FEF31D207CB4 +set FMP_CAPSULE_FILE=3DMinnowMaxRelease.cap +set FMP_CAPSULE_VERSION=3D0x00000009 +set FMP_CAPSULE_STRING=3D0.0.0.9 +set FMP_CAPSULE_NAME=3D"Intel MinnowMax RELEASE UEFI %FMP_CAPSULE_STRING%" +set FMP_CAPSULE_LSV=3D0x00000000 +set FMP_CAPSULE_KEY=3DSAMPLE_DEVELOPMENT.pfx +set FMP_CAPSULE_PAYLOAD=3D%WORKSPACE%\Build\Vlv2TbltDevicePkg\RELEASE_VS20= 15x86\FV\Vlv.ROM +set WINDOWS_CAPSULE_KEY=3DSAMPLE_DEVELOPMENT.pfx + +if not exist "%FMP_CAPSULE_PAYLOAD%" exit /b + +if exist "%FMP_CAPSULE_KEY%" ( + REM + REM Sign capsule using signtool + REM + call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3D"c:\Program Files (x86)\Windows Kits\8.1\bin\x86= " ^ + --pfx-file %FMP_CAPSULE_KEY% ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + + copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\Sam= pleDevelopment + + if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Ca= psules\SampleDevelopment\MinnowMaxReleaseWindowsCapsule + rmdir /s /q WindowsCapsule + ) + erase %FMP_CAPSULE_FILE% +) + +if exist "NewCert.pem" ( + REM + REM Sign capsule using OpenSSL with a new certificate + REM + call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3Dc:\OpenSSL-Win32\bin ^ + --signer-private-cert=3DNewCert.pem ^ + --other-public-cert=3DNewSub.pub.pem ^ + --trusted-public-cert=3DNewRoot.pub.pem ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + + copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\New= Cert + + if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Ca= psules\NewCert\MinnowMaxReleaseWindowsCapsule + rmdir /s /q WindowsCapsule + ) + erase %FMP_CAPSULE_FILE% +) + +REM +REM Sign capsule using OpenSSL with EDK II Test Certificate +REM +call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3Dc:\OpenSSL-Win32\bin ^ + --signer-private-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Si= gn\TestCert.pem ^ + --other-public-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Sign= \TestSub.pub.pem ^ + --trusted-public-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Si= gn\TestRoot.pub.pem ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + +copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\TestC= ert + +if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Caps= ules\TestCert\MinnowMaxReleaseWindowsCapsule + rmdir /s /q WindowsCapsule +) + +erase %FMP_CAPSULE_FILE% diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleSa= mpleColor.bat b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsul= eSampleColor.bat new file mode 100644 index 0000000000..c7f70ff958 --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/GenCapsuleSampleCol= or.bat @@ -0,0 +1,145 @@ +@REM @file +@REM Windows batch file to generate UEFI capsules for a sample device +@REM +@REM Copyright (c) 2018, Intel Corporation. All rights reserved.
+@REM This program and the accompanying materials +@REM are licensed and made available under the terms and conditions of the= BSD License +@REM which accompanies this distribution. The full text of the license ma= y be found at +@REM http://opensource.org/licenses/bsd-license.php +@REM +@REM THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +@REM WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR = IMPLIED. +@REM + +@echo off +setlocal + +set COLOR=3D%1 + +set FMP_CAPSULE_VENDOR=3DIntel +set FMP_CAPSULE_GUID=3D%2 +set FMP_CAPSULE_FILE=3D%COLOR%.cap +set FMP_CAPSULE_VERSION=3D0x00000010 +set FMP_CAPSULE_STRING=3D0.0.0.16 +set FMP_CAPSULE_NAME=3D"%COLOR% Progress Bar %FMP_CAPSULE_STRING%" +set FMP_CAPSULE_LSV=3D0x00000000 +set FMP_CAPSULE_KEY=3DSAMPLE_DEVELOPMENT.pfx +set FMP_CAPSULE_PAYLOAD=3DPayload.bin +set WINDOWS_CAPSULE_KEY=3DSAMPLE_DEVELOPMENT.pfx + +echo "%COLOR% Progress Bar" > %FMP_CAPSULE_PAYLOAD% + +if not exist "%FMP_CAPSULE_PAYLOAD%" exit + +if exist "%FMP_CAPSULE_KEY%" ( + REM + REM Sign capsule using signtool + REM + call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3D"c:\Program Files (x86)\Windows Kits\8.1\bin\x86= " ^ + --pfx-file %FMP_CAPSULE_KEY% ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + + copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\Sam= pleDevelopment + + if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Ca= psules\SampleDevelopment\%COLOR%WindowsCapsule + rmdir /s /q WindowsCapsule + ) + erase %FMP_CAPSULE_FILE% +) + +if exist "NewCert.pem" ( + REM + REM Sign capsule using OpenSSL with a new certificate + REM + call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3Dc:\OpenSSL-Win32\bin ^ + --signer-private-cert=3DNewCert.pem ^ + --other-public-cert=3DNewSub.pub.pem ^ + --trusted-public-cert=3DNewRoot.pub.pem ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + + copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\New= Cert + + if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Ca= psules\NewCert\%COLOR%WindowsCapsule + rmdir /s /q WindowsCapsule + ) + erase %FMP_CAPSULE_FILE% +) + +REM +REM Sign capsule using OpenSSL with EDK II Test Certificate +REM +call GenerateCapsule ^ + --encode ^ + -v ^ + --guid %FMP_CAPSULE_GUID% ^ + --fw-version %FMP_CAPSULE_VERSION% ^ + --lsv %FMP_CAPSULE_LSV% ^ + --capflag PersistAcrossReset ^ + --capflag InitiateReset ^ + --signing-tool-path=3Dc:\OpenSSL-Win32\bin ^ + --signer-private-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Si= gn\TestCert.pem ^ + --other-public-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Sign= \TestSub.pub.pem ^ + --trusted-public-cert=3D%WORKSPACE%\edk2\BaseTools\Source\Python\Pkcs7Si= gn\TestRoot.pub.pem ^ + -o %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_PAYLOAD% + +copy %FMP_CAPSULE_FILE% %WORKSPACE%\Build\Vlv2TbltDevicePkg\Capsules\TestC= ert + +if exist "%WINDOWS_CAPSULE_KEY%" ( + CreateWindowsCapsule.py ^ + UEFI ^ + %FMP_CAPSULE_STRING% ^ + %FMP_CAPSULE_GUID% ^ + %FMP_CAPSULE_FILE% ^ + %FMP_CAPSULE_VERSION% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_VENDOR% ^ + %FMP_CAPSULE_NAME% %WINDOWS_CAPSULE_KEY% + + xcopy /s/e/v/i/y WindowsCapsule %WORKSPACE%\Build\Vlv2TbltDevicePkg\Caps= ules\TestCert\%COLOR%WindowsCapsule + rmdir /s /q WindowsCapsule +) + +erase %FMP_CAPSULE_FILE% + +erase %FMP_CAPSULE_PAYLOAD% diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/NewRoot.cer.= gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc b/Vlv2TbltDe= vicePkg/Feature/Capsule/GenerateCapsule/NewRoot.cer.gFmpDevicePkgTokenSpace= Guid.PcdFmpDevicePkcs7CertBufferXdr.inc new file mode 100644 index 0000000000..d3f5a12faa --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/NewRoot.cer.gFmpDev= icePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc @@ -0,0 +1 @@ + diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVEL= OPMENT.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc b= /Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELOPMENT.cer.g= FmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc new file mode 100644 index 0000000000..d3f5a12faa --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELOPMENT.= cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc @@ -0,0 +1 @@ + diff --git a/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVEL= OPMENT_SAMPLE_PRODUCTION.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7C= ertBufferXdr.inc b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE= _DEVELOPMENT_SAMPLE_PRODUCTION.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevice= Pkcs7CertBufferXdr.inc new file mode 100644 index 0000000000..d3f5a12faa --- /dev/null +++ b/Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELOPMENT_= SAMPLE_PRODUCTION.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBuff= erXdr.inc @@ -0,0 +1 @@ + --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Wed May 1 21:37:16 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 153386452466919.77658264942818; Thu, 9 Aug 2018 18:28:44 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 83FD0210E8D75; Thu, 9 Aug 2018 18:28:33 -0700 (PDT) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8CBA1210E8D68 for ; Thu, 9 Aug 2018 18:28:31 -0700 (PDT) Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Aug 2018 18:28:30 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.57]) by orsmga007.jf.intel.com with ESMTP; 09 Aug 2018 18:28:30 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,217,1531810800"; d="scan'208";a="63770855" From: Michael D Kinney To: edk2-devel@lists.01.org Date: Thu, 9 Aug 2018 18:28:26 -0700 Message-Id: <20180810012826.4052-5-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180810012826.4052-1-michael.d.kinney@intel.com> References: <20180810012826.4052-1-michael.d.kinney@intel.com> Subject: [edk2] [Patch 4/4] Vlv2TbltDevicePkg: Update DSC/FDF to use FmpDevicePkg X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Wei MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RDMRC_1 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Cc: David Wei Cc: Mang Guo Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney Reviewed-by: Guo Mang --- Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc | 61 +++++++++++++++++++++++++++ Vlv2TbltDevicePkg/FmpCertificate.dsc | 28 +++++++++++++ Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc | 61 +++++++++++++++++++++++++++ Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc | 65 ++++++++++++++++++++++++++= +++ Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc | 61 +++++++++++++++++++++++++++ Vlv2TbltDevicePkg/PlatformCapsule.dsc | 1 + Vlv2TbltDevicePkg/PlatformCapsule.fdf | 23 ----------- Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf | 23 ----------- Vlv2TbltDevicePkg/PlatformPkg.dec | 5 +++ Vlv2TbltDevicePkg/PlatformPkg.fdf | 61 ++++++++------------------- Vlv2TbltDevicePkg/PlatformPkgConfig.dsc | 19 +++++++-- Vlv2TbltDevicePkg/PlatformPkgGcc.fdf | 61 ++++++++------------------- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc | 66 ++++++++++++--------------= ---- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc | 64 ++++++++++++--------------= --- Vlv2TbltDevicePkg/PlatformPkgX64.dsc | 62 +++++++++++---------------= -- 15 files changed, 409 insertions(+), 252 deletions(-) create mode 100644 Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc create mode 100644 Vlv2TbltDevicePkg/FmpCertificate.dsc create mode 100644 Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc create mode 100644 Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc create mode 100644 Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc diff --git a/Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc b/Vlv2TbltDevicePkg/= FmpBlueSampleDevice.dsc new file mode 100644 index 0000000000..5f59845866 --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc @@ -0,0 +1,61 @@ +#/** @file +# FmpDxe driver for Blue Sample device firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for sample device capsule update + # + FILE_GUID =3D $(FMP_BLUE_SAMPLE_DEVICE) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmwar= e Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|2 + + # + # Capsule Update Progress Bar Color. Set to Blue (RGB) (0, 0, 255) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x000000FF + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/FmpCertificate.dsc b/Vlv2TbltDevicePkg/FmpCe= rtificate.dsc new file mode 100644 index 0000000000..c510c90582 --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpCertificate.dsc @@ -0,0 +1,28 @@ +#/** @file +# FMP Certificates shared by multiple FmpDxe drivers for firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + +!if $(CAPSULE_PKCS7_CERT) =3D=3D SAMPLE_DEVELOPMENT_SAMPLE_PRODUCTION + !include Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELO= PMENT_SAMPLE_PRODUCTION.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7Ce= rtBufferXdr.inc +!endif +!if $(CAPSULE_PKCS7_CERT) =3D=3D SAMPLE_DEVELOPMENT + !include Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELO= PMENT.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc +!endif +!if $(CAPSULE_PKCS7_CERT) =3D=3D EDKII_TEST + !include BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTok= enSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc +!endif +!if $(CAPSULE_PKCS7_CERT) =3D=3D NEW_ROOT + !include Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/NewRoot.cer.g= FmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc +!endif diff --git a/Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc b/Vlv2TbltDevicePkg= /FmpGreenSampleDevice.dsc new file mode 100644 index 0000000000..085318fa5d --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc @@ -0,0 +1,61 @@ +#/** @file +# FmpDxe driver for Green Sample device firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for sample device capsule update + # + FILE_GUID =3D $(FMP_GREEN_SAMPLE_DEVICE) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmwar= e Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|2 + + # + # Capsule Update Progress Bar Color. Set to Green (RGB) (0, 255, 0) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x0000FF00 + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc b/Vlv2TbltDevicePkg/F= mpMinnowMaxSystem.dsc new file mode 100644 index 0000000000..3b5d303e9e --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc @@ -0,0 +1,65 @@ +#/** @file +# FmpDxe driver for Minnow Max system firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for system firmware capsule update + # + FILE_GUID =3D $(FMP_MINNOW_MAX_SYSTEM) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Minnow Max Sys= tem Firmware Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpLowestSupportedVer= sion|0x00000000 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersion|0x00000000 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersionString|"000= .000.000.000" + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|4 + + # + # Capsule Update Progress Bar Color. Set to Purple (RGB) (255, 0, 2= 55) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FF00FF + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/= FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc b/Vlv2TbltDevicePkg/F= mpRedSampleDevice.dsc new file mode 100644 index 0000000000..6e181acf57 --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc @@ -0,0 +1,61 @@ +#/** @file +# FmpDxe driver for Red Sample device firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for sample device capsule update + # + FILE_GUID =3D $(FMP_RED_SAMPLE_DEVICE) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmwar= e Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|2 + + # + # Capsule Update Progress Bar Color. Set to Blue (RGB) (255, 0, 0) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FF0000 + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/PlatformCapsule.dsc b/Vlv2TbltDevicePkg/Plat= formCapsule.dsc index a619ed853a..80cda88384 100644 --- a/Vlv2TbltDevicePkg/PlatformCapsule.dsc +++ b/Vlv2TbltDevicePkg/PlatformCapsule.dsc @@ -23,6 +23,7 @@ [Defines] SUPPORTED_ARCHITECTURES =3D IA32|X64 BUILD_TARGETS =3D DEBUG|RELEASE SKUID_IDENTIFIER =3D DEFAULT + POSTBUILD =3D Vlv2TbltDevicePkg/Feature/Capsule/Gen= erateCapsule/GenCapsuleAll.bat =20 ##########################################################################= ######################### # diff --git a/Vlv2TbltDevicePkg/PlatformCapsule.fdf b/Vlv2TbltDevicePkg/Plat= formCapsule.fdf index a80a75cf83..a05f6c6e6e 100644 --- a/Vlv2TbltDevicePkg/PlatformCapsule.fdf +++ b/Vlv2TbltDevicePkg/PlatformCapsule.fdf @@ -35,24 +35,10 @@ [FV.SystemFirmwareUpdateCargo] $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/Vlv.ROM } =20 -FILE RAW =3D ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsu= leDriverFvFileGuid - $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSUL= EDISPATCHFV.Fv - } - FILE RAW =3D 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsu= leConfigFileGuid Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFir= mwareUpdateConfig.ini } =20 -[FmpPayload.FmpPayloadSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION =3D 0x02 -IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid -IMAGE_INDEX =3D 0x1 -HARDWARE_INSTANCE =3D 0x0 -MONOTONIC_COUNT =3D 0x2 -CERTIFICATE_GUID =3D 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 - -FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv - [FmpPayload.FmpPayloadSystemFirmwareRsa2048] IMAGE_HEADER_INIT_VERSION =3D 0x02 IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid @@ -63,14 +49,6 @@ [FmpPayload.FmpPayloadSystemFirmwareRsa2048] =20 FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv =20 -[Capsule.Vlv2FirmwareUpdateCapsuleFmpPkcs7] -CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid -CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset -CAPSULE_HEADER_SIZE =3D 0x20 -CAPSULE_HEADER_INIT_VERSION =3D 0x1 - -FMP_PAYLOAD =3D FmpPayloadSystemFirmwarePkcs7 - [Capsule.Vlv2Rec] CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset @@ -78,4 +56,3 @@ [Capsule.Vlv2Rec] CAPSULE_HEADER_INIT_VERSION =3D 0x1 =20 FMP_PAYLOAD =3D FmpPayloadSystemFirmwareRsa2048 - diff --git a/Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf b/Vlv2TbltDevicePkg/P= latformCapsuleGcc.fdf index f4f396cf4e..b7ea8bf839 100644 --- a/Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf +++ b/Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf @@ -35,24 +35,10 @@ [FV.SystemFirmwareUpdateCargo] $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/Vlv.ROM } =20 -FILE RAW =3D ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsu= leDriverFvFileGuid - $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSUL= EDISPATCHFV.Fv - } - FILE RAW =3D 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsu= leConfigFileGuid Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFir= mwareUpdateConfigGcc.ini } =20 -[FmpPayload.FmpPayloadSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION =3D 0x02 -IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid -IMAGE_INDEX =3D 0x1 -HARDWARE_INSTANCE =3D 0x0 -MONOTONIC_COUNT =3D 0x2 -CERTIFICATE_GUID =3D 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 - -FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv - [FmpPayload.FmpPayloadSystemFirmwareRsa2048] IMAGE_HEADER_INIT_VERSION =3D 0x02 IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid @@ -63,14 +49,6 @@ [FmpPayload.FmpPayloadSystemFirmwareRsa2048] =20 FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv =20 -[Capsule.Vlv2FirmwareUpdateCapsuleFmpPkcs7] -CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid -CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset -CAPSULE_HEADER_SIZE =3D 0x20 -CAPSULE_HEADER_INIT_VERSION =3D 0x1 - -FMP_PAYLOAD =3D FmpPayloadSystemFirmwarePkcs7 - [Capsule.Vlv2Rec] CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset @@ -78,4 +56,3 @@ [Capsule.Vlv2Rec] CAPSULE_HEADER_INIT_VERSION =3D 0x1 =20 FMP_PAYLOAD =3D FmpPayloadSystemFirmwareRsa2048 - diff --git a/Vlv2TbltDevicePkg/PlatformPkg.dec b/Vlv2TbltDevicePkg/Platform= Pkg.dec index 731fd05ed5..8fccd7f1b1 100644 --- a/Vlv2TbltDevicePkg/PlatformPkg.dec +++ b/Vlv2TbltDevicePkg/PlatformPkg.dec @@ -165,6 +165,11 @@ [PcdsFixedAtBuild] gPlatformModuleTokenSpaceGuid.PcdBiosRomBase|0xFFC00000|UINT32|0x4000000B gPlatformModuleTokenSpaceGuid.PcdBiosRomSize|0x00400000|UINT32|0x4000000C =20 + # PCDs for System Firmware FMP instance + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpLowestSupportedVersion= |0x00000000|UINT32|0x40000100 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersion|0x00000000|UIN= T32|0x40000101 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersionString|""|VOID*= |0x40000102 + [PcdsFeatureFlag] ## This PCD specifies whether StatusCode is reported via ISA Serial port. gEfiSerialPortTokenSpaceGuid.PcdStatusCodeUseIsaSerial|TRUE|BOOLEAN|0x00= 000020 diff --git a/Vlv2TbltDevicePkg/PlatformPkg.fdf b/Vlv2TbltDevicePkg/Platform= Pkg.fdf index 85309650db..b7a0e584de 100644 --- a/Vlv2TbltDevicePkg/PlatformPkg.fdf +++ b/Vlv2TbltDevicePkg/PlatformPkg.fdf @@ -242,7 +242,7 @@ [FV.MICROCODE_FV] READ_LOCK_STATUS =3D TRUE =20 FILE RAW =3D 197DB236-F856-4924-90F8-CDF12FB875F3 { - $(OUTPUT_DIRECTORY)\$(TARGET)_$(TOOL_CHAIN_TAG)\$(DXE_ARCHITECTURE)\Micr= ocodeUpdates.bin + $(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/$(DXE_ARCHITECTURE)/Micr= ocodeUpdates.bin } =20 !if $(RECOVERY_ENABLE) @@ -413,11 +413,6 @@ [FV.FVRECOVERY] =20 INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor -INF RuleOverride =3D FMP_IMAGE_DESC Vlv2TbltDevicePkg/Feature/Capsule/Syst= emFirmwareDescriptor/SystemFirmwareDescriptor.inf -!endif - [FV.FVMAIN] BlockSize =3D $(FLASH_BLOCK_SIZE) FvAlignment =3D 16 @@ -775,14 +770,25 @@ [FV.FVMAIN] !endif !endif =20 -!if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) +!if $(CAPSULE_ENABLE) INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + +# +# Minnow Max System Firmware FMP +# +INF FILE_GUID =3D $(FMP_MINNOW_MAX_SYSTEM) FmpDevicePkg/FmpDxe/FmpDxe.inf + +# +# Sample Device FMP +# +INF FILE_GUID =3D $(FMP_GREEN_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_BLUE_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_RED_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf + !endif -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportD= xe.inf -!endif + !if $(MICOCODE_CAPSULE_ENABLE) -INF UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf +INF IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe= .inf !endif =20 !if $(RECOVERY_ENABLE) @@ -792,13 +798,6 @@ [FV.FVMAIN] } !endif =20 -!if $(CAPSULE_ENABLE) -FILE FREEFORM =3D PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7Test= PublicKeyFileGuid) { - SECTION RAW =3D BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer - SECTION UI =3D "Pkcs7TestRoot" - } -!endif - [FV.FVMAIN_COMPACT] BlockSize =3D $(FLASH_BLOCK_SIZE) FvAlignment =3D 16 @@ -861,32 +860,6 @@ [FV.SETUP_DATA] READ_LOCK_CAP =3D TRUE READ_LOCK_STATUS =3D TRUE =20 - -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) -[FV.CapsuleDispatchFv] -FvAlignment =3D 16 -ERASE_POLARITY =3D 1 -MEMORY_MAPPED =3D TRUE -STICKY_WRITE =3D TRUE -LOCK_CAP =3D TRUE -LOCK_STATUS =3D TRUE -WRITE_DISABLED_CAP =3D TRUE -WRITE_ENABLED_CAP =3D TRUE -WRITE_STATUS =3D TRUE -WRITE_LOCK_CAP =3D TRUE -WRITE_LOCK_STATUS =3D TRUE -READ_DISABLED_CAP =3D TRUE -READ_ENABLED_CAP =3D TRUE -READ_STATUS =3D TRUE -READ_LOCK_CAP =3D TRUE -READ_LOCK_STATUS =3D TRUE - -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateD= xe.inf -!endif - -!endif - ##########################################################################= ###### # # Rules are use with the [FV] section's module INF type to define diff --git a/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc b/Vlv2TbltDevicePkg/Pl= atformPkgConfig.dsc index c93ca8a457..672853dda6 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc @@ -66,7 +66,7 @@ DEFINE CAPSULE_ENABLE =3D TRUE DEFINE CAPSULE_RESET_ENABLE =3D TRUE DEFINE RECOVERY_ENABLE =3D FALSE -DEFINE MICOCODE_CAPSULE_ENABLE =3D FALSE +DEFINE MICOCODE_CAPSULE_ENABLE =3D TRUE =20 DEFINE GOP_DRIVER_ENABLE =3D TRUE DEFINE DATAHUB_ENABLE =3D TRUE @@ -94,6 +94,19 @@ # DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 +# +# Capsule Pubic Certificate. Default is EDK_TEST. Options are: +# SAMPLE_DEVELOPMENT - Only signtool SAMPLE_DEVELOPME= NT +# SAMPLE_DEVELOPMENT_SAMPLE_PRODUCTION - Both signtool SAMPLE_DEVELOPME= NT and SAMPLE_PRODUCTION +# EDKII_TEST - Only openssl EDK II test certi= ficate +# NEW_ROOT - Only openssl new VLV2 certific= ate +# +DEFINE CAPSULE_PKCS7_CERT =3D EDKII_TEST =20 - - +# +# Define ESRT GUIDs for Firmware Management Protocol instances +# +DEFINE FMP_MINNOW_MAX_SYSTEM =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 +DEFINE FMP_RED_SAMPLE_DEVICE =3D 72E2945A-00DA-448E-9AA7-075AD840F9D4 +DEFINE FMP_BLUE_SAMPLE_DEVICE =3D 149DA854-7D19-4FAA-A91E-862EA1324BE6 +DEFINE FMP_GREEN_SAMPLE_DEVICE =3D 79179BFD-704D-4C90-9E02-0AB8D968C18A diff --git a/Vlv2TbltDevicePkg/PlatformPkgGcc.fdf b/Vlv2TbltDevicePkg/Platf= ormPkgGcc.fdf index 51a620ea15..eca273e33f 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgGcc.fdf +++ b/Vlv2TbltDevicePkg/PlatformPkgGcc.fdf @@ -123,7 +123,6 @@ [FD.Vlv] $(FLASH_REGION_VLVMICROCODE_OFFSET)|$(FLASH_REGION_VLVMICROCODE_SIZE) gPlatformModuleTokenSpaceGuid.PcdFlashMicroCodeAddress|gPlatformModuleToke= nSpaceGuid.PcdFlashMicroCodeSize FV =3D MICROCODE_FV - $(FLASH_REGION_VPD_OFFSET)|$(FLASH_REGION_VPD_SIZE) gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|gEfiMdeModule= PkgTokenSpaceGuid.PcdFlashNvStorageVariableSize FILE =3D $(WORKSPACE)/Vlv2TbltDevicePkg/Stitch/Gcc/NvStorageVariable.bin @@ -370,11 +369,6 @@ [FV.FVRECOVERY] =20 INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor -INF RuleOverride =3D FMP_IMAGE_DESC Vlv2TbltDevicePkg/Feature/Capsule/Syst= emFirmwareDescriptor/SystemFirmwareDescriptor.inf -!endif - [FV.FVMAIN] BlockSize =3D $(FLASH_BLOCK_SIZE) FvAlignment =3D 16 @@ -732,14 +726,25 @@ [FV.FVMAIN] !endif !endif =20 -!if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) +!if $(CAPSULE_ENABLE) INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + +# +# Minnow Max System Firmware FMP +# +INF FILE_GUID =3D $(FMP_MINNOW_MAX_SYSTEM) FmpDevicePkg/FmpDxe/FmpDxe.inf + +# +# Sample Device FMP +# +INF FILE_GUID =3D $(FMP_GREEN_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_BLUE_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_RED_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf + !endif -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportD= xe.inf -!endif + !if $(MICOCODE_CAPSULE_ENABLE) -INF UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf +INF IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe= .inf !endif =20 !if $(RECOVERY_ENABLE) @@ -748,13 +753,6 @@ [FV.FVMAIN] SECTION UI =3D "Rsa2048Sha256TestSigningPublicKey" } !endif - =20 -!if $(CAPSULE_ENABLE) -FILE FREEFORM =3D PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7Test= PublicKeyFileGuid) { - SECTION RAW =3D BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer - SECTION UI =3D "Pkcs7TestRoot" - } -!endif =20 [FV.FVMAIN_COMPACT] BlockSize =3D $(FLASH_BLOCK_SIZE) @@ -818,32 +816,6 @@ [FV.SETUP_DATA] READ_LOCK_CAP =3D TRUE READ_LOCK_STATUS =3D TRUE =20 - -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) -[FV.CapsuleDispatchFv] -FvAlignment =3D 16 -ERASE_POLARITY =3D 1 -MEMORY_MAPPED =3D TRUE -STICKY_WRITE =3D TRUE -LOCK_CAP =3D TRUE -LOCK_STATUS =3D TRUE -WRITE_DISABLED_CAP =3D TRUE -WRITE_ENABLED_CAP =3D TRUE -WRITE_STATUS =3D TRUE -WRITE_LOCK_CAP =3D TRUE -WRITE_LOCK_STATUS =3D TRUE -READ_DISABLED_CAP =3D TRUE -READ_ENABLED_CAP =3D TRUE -READ_STATUS =3D TRUE -READ_LOCK_CAP =3D TRUE -READ_LOCK_STATUS =3D TRUE - -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateD= xe.inf -!endif - -!endif - ##########################################################################= ###### # # Rules are use with the [FV] section's module INF type to define @@ -1086,4 +1058,3 @@ [Rule.Common.PEIM.FMP_IMAGE_DESC] UI STRING=3D"$(MODULE_NAME)" Optional VERSION STRING=3D"$(INF_VERSION)" Optional BUILD_NUM=3D$(BUILD_NUMBE= R) } - diff --git a/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc b/Vlv2TbltDevicePkg/Pl= atformPkgGccX64.dsc index 8b8a55ae6f..3e3522aee9 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc @@ -190,7 +190,6 @@ [LibraryClasses.common] !else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf !endif - EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/Edk= iiSystemCapsuleLib.inf FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAu= thenticationLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/Platfor= mFlashAccessLib/PlatformFlashAccessLib.inf @@ -336,7 +335,7 @@ [LibraryClasses.IA32.PEIM, LibraryClasses.IA32.PEI_CORE= , LibraryClasses.IA32.SEC DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull= .inf !else - DebugLib|IntelFrameworkModulePkg/Library/PeiDxeDebugLibReportStatusCode/= PeiDxeDebugLibReportStatusCode.inf + DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebug= LibReportStatusCode.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf !endif =20 @@ -706,7 +705,23 @@ [PcdsFixedAtBuild.common] # gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000 =20 -[PcdsFixedAtBuild.IA32.PEIM, PcdsFixedAtBuild.IA32.PEI_CORE, PcdsFixedAtBu= ild.IA32.SEC] + # + # Clear unused single certificate PCD + # + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0} + + # + # Lock all updatable firmware devices at End of DXE + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEndOfDxe= EventGroupGuid)} +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEventRe= adyToBootGuid)} + + # + # Set PcdFmpDeviceTestKeySha256Digest to {0} to disable test key detecti= on + # +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0} + +[PcdsFixedAtBuild.IA32] !if $(TARGET) =3D=3D RELEASE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x3 @@ -910,10 +925,10 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiVLVTokenSpaceGuid.PcdCpuSmramCpuDataAddress|0 gEfiVLVTokenSpaceGuid.PcdCpuLockBoxSize|0 =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor= |{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x7b,= 0x26, 0x96, 0x40, 0x0a, 0xda, 0xeb, 0x42, 0xb5, 0xeb, 0xfe, 0xf3, 0x1d, 0x= 20, 0x7c, 0xb4} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xb2,= 0x9e, 0x9c, 0xaf, 0xad, 0x12, 0x3e, 0x4d, 0xa4, 0xd4, 0x96, 0xf6, 0xc9, 0x= 96, 0x62, 0x15} +[PcdsDynamicExDefault.X64.DEFAULT] +!if $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID(= "AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215")}|VOID*|0x10 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID(= "4096267b-da0a-42eb-b5eb-fef31d207cb4")}|VOID*|0x10 !endif =20 [Components.IA32] @@ -937,14 +952,6 @@ [Components.IA32] } !endif =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor - Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwar= eDescriptor.inf { - - PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - } -!endif - MdeModulePkg/Core/Pei/PeiMain.inf { !if $(TARGET) =3D=3D DEBUG @@ -1199,11 +1206,6 @@ [Components.X64] DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf -!if $(CAPSULE_ENABLE) - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf -!else - FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/F= mpAuthenticationLibNull.inf -!endif !if $(FTPM_ENABLE) =3D=3D TRUE Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2Devi= ceLibSeC.inf !else @@ -1572,32 +1574,20 @@ [Components.X64] !endif !endif =20 - Vlv2TbltDevicePkg/Application/FirmwareUpdate/FirmwareUpdate.inf - !if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf !endif =20 !if $(CAPSULE_ENABLE) - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } + !include Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc + !include Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc !endif =20 !if $(MICOCODE_CAPSULE_ENABLE) - UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf { + IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.in= f { DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -1787,8 +1777,6 @@ [BuildOptions.Common.EDKII] =20 =20 [Components.X64] - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTUR= E)/SysFwUpdateCapsuleDxe.inf - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTU= RE)/I2cBus.inf { gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0xF0000043 diff --git a/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc b/Vlv2TbltDevicePkg/Plat= formPkgIA32.dsc index cbdfb1b83a..55c873d565 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc @@ -190,7 +190,6 @@ [LibraryClasses.common] !else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf !endif - EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/Edk= iiSystemCapsuleLib.inf FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAu= thenticationLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/Platfor= mFlashAccessLib/PlatformFlashAccessLib.inf @@ -706,7 +705,23 @@ [PcdsFixedAtBuild.common] # gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000 =20 -[PcdsFixedAtBuild.IA32.PEIM, PcdsFixedAtBuild.IA32.PEI_CORE, PcdsFixedAtBu= ild.IA32.SEC] + # + # Clear unused single certificate PCD + # + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0} + + # + # Lock all updatable firmware devices at End of DXE + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEndOfDxe= EventGroupGuid)} +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEventRe= adyToBootGuid)} + + # + # Set PcdFmpDeviceTestKeySha256Digest to {0} to disable test key detecti= on + # +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0} + +[PcdsFixedAtBuild.IA32] !if $(TARGET) =3D=3D RELEASE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x3 @@ -910,10 +925,10 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiVLVTokenSpaceGuid.PcdCpuSmramCpuDataAddress|0 gEfiVLVTokenSpaceGuid.PcdCpuLockBoxSize|0 =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor= |{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x7b,= 0x26, 0x96, 0x40, 0x0a, 0xda, 0xeb, 0x42, 0xb5, 0xeb, 0xfe, 0xf3, 0x1d, 0x= 20, 0x7c, 0xb4} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xb2,= 0x9e, 0x9c, 0xaf, 0xad, 0x12, 0x3e, 0x4d, 0xa4, 0xd4, 0x96, 0xf6, 0xc9, 0x= 96, 0x62, 0x15} +[PcdsDynamicExDefault.X64.DEFAULT] +!if $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID(= "AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215")}|VOID*|0x10 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID(= "4096267b-da0a-42eb-b5eb-fef31d207cb4")}|VOID*|0x10 !endif =20 [Components.IA32] @@ -937,14 +952,6 @@ [Components.IA32] } !endif =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor - Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwar= eDescriptor.inf { - - PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - } -!endif - MdeModulePkg/Core/Pei/PeiMain.inf { !if $(TARGET) =3D=3D DEBUG @@ -1187,11 +1194,6 @@ [Components.IA32] DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf -!if $(CAPSULE_ENABLE) - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf -!else - FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/F= mpAuthenticationLibNull.inf -!endif !if $(FTPM_ENABLE) =3D=3D TRUE Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2Devi= ceLibSeC.inf !else @@ -1560,32 +1562,20 @@ [Components.IA32] !endif !endif =20 - Vlv2TbltDevicePkg/Application/FirmwareUpdate/FirmwareUpdate.inf - !if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf !endif =20 !if $(CAPSULE_ENABLE) - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } + !include Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc + !include Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc !endif =20 !if $(MICOCODE_CAPSULE_ENABLE) - UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf { + IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.in= f { DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -1776,8 +1766,6 @@ [BuildOptions.Common.EDKII] =20 =20 [Components.IA32] - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTUR= E)/SysFwUpdateCapsuleDxe.inf - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTU= RE)/I2cBus.inf { gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0xF0000043 diff --git a/Vlv2TbltDevicePkg/PlatformPkgX64.dsc b/Vlv2TbltDevicePkg/Platf= ormPkgX64.dsc index 6396f7aad4..fa6aa63491 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgX64.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgX64.dsc @@ -190,7 +190,6 @@ [LibraryClasses.common] !else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf !endif - EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/Edk= iiSystemCapsuleLib.inf FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAu= thenticationLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/Platfor= mFlashAccessLib/PlatformFlashAccessLib.inf @@ -706,6 +705,22 @@ [PcdsFixedAtBuild.common] # gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000 =20 + # + # Clear unused single certificate PCD + # + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0} + + # + # Lock all updatable firmware devices at End of DXE + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEndOfDxe= EventGroupGuid)} +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEventRe= adyToBootGuid)} + + # + # Set PcdFmpDeviceTestKeySha256Digest to {0} to disable test key detecti= on + # +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0} + [PcdsFixedAtBuild.IA32] !if $(TARGET) =3D=3D RELEASE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0 @@ -910,10 +925,10 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiVLVTokenSpaceGuid.PcdCpuSmramCpuDataAddress|0 gEfiVLVTokenSpaceGuid.PcdCpuLockBoxSize|0 =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor= |{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x7b,= 0x26, 0x96, 0x40, 0x0a, 0xda, 0xeb, 0x42, 0xb5, 0xeb, 0xfe, 0xf3, 0x1d, 0x= 20, 0x7c, 0xb4} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xb2,= 0x9e, 0x9c, 0xaf, 0xad, 0x12, 0x3e, 0x4d, 0xa4, 0xd4, 0x96, 0xf6, 0xc9, 0x= 96, 0x62, 0x15} +[PcdsDynamicExDefault.X64.DEFAULT] +!if $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID(= "AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215")}|VOID*|0x10 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID(= "4096267b-da0a-42eb-b5eb-fef31d207cb4")}|VOID*|0x10 !endif =20 [Components.IA32] @@ -937,14 +952,6 @@ [Components.IA32] } !endif =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor - Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwar= eDescriptor.inf { - - PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - } -!endif - MdeModulePkg/Core/Pei/PeiMain.inf { !if $(TARGET) =3D=3D DEBUG @@ -1199,11 +1206,6 @@ [Components.X64] DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf -!if $(CAPSULE_ENABLE) - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf -!else - FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/F= mpAuthenticationLibNull.inf -!endif !if $(FTPM_ENABLE) =3D=3D TRUE Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2Devi= ceLibSeC.inf !else @@ -1572,32 +1574,20 @@ [Components.X64] !endif !endif =20 - Vlv2TbltDevicePkg/Application/FirmwareUpdate/FirmwareUpdate.inf - !if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf !endif =20 !if $(CAPSULE_ENABLE) - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } + !include Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc + !include Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc !endif =20 !if $(MICOCODE_CAPSULE_ENABLE) - UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf { + IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.in= f { DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -1788,8 +1778,6 @@ [BuildOptions.Common.EDKII] =20 =20 [Components.X64] - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTUR= E)/SysFwUpdateCapsuleDxe.inf - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTU= RE)/I2cBus.inf { gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0xF0000043 --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel