[PATCH V4 00/15] Add capsule support lib and app.

[PATCH V4 00/15] Add capsule support lib and app.

[Jiewen Yao]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 12024 bytes --]

This is series 1 of the whole capsule solution. Version 4.
According to feedback, we split the big patch series to smaller one.

Series 1: Generic Update (MdeModulePkg/SecurityPkg)
	DxeCapsuleLib
	FmAuthenticationLib (*)
	CapsuleApp (*)

The code is also in https://github.com/jyao1/edk2
V4 is at Capsule_V4 branch.
V3, V2, V1 are also pushed to coresponding branch.

Below is detail description for each version.

==Below is V4 description==
1) SecurityPkg - Refine AuthenticateFmpImage() API to let caller
input PublicKeyData and PublicKeyDataLength, instead of PCD.
The benefit is that then this API can be used for a platform
which stores PublicKeyData in anywhere other than PCD.
2) SecurityPkg - Use OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)
for better understanding the code.
3) MdeModulePkg - Update CapsuleApp to let it consume
ShellParameters protocol to get Argc and Argv.
4) UefiCpuPkg - Update MicrocodeCapsuleApp to let it consume
ShellParameters protocol to get Argc and Argv.
5) QuarkPlatformPkg - Merge QuarkCapsule.fdf to Quark.fdf.

==Below is V3 description==
1) We move all EDKII related capsule definition to SignedCapsulePkg.
MdeModulePkg only contains FmAuthenticationLib and CapsuleApp,
because they are generic and follow UEFI specification on FMP/ESRT
and Microsoft platform firmware update document.
Any capsule implementation can use them.

Here is full library classes:
MdeModulePkg:
	FmpAuthenticationLib.h: new lib - follow UEFI spec. (*)
		Verify FMP signature of FMP Capsule
	CapsuleLib.h: new API ¨C ProcessCapsules()
		It processes all the capsules. Remove duplicated code in platform BDS.
UefiCpuPkg:
	MicrocodeFlashAccessLib.h: Update Microcode region.
SignedCapsulePkg:
	EdkiiSystemCapsuleLib.h ¨C Library for EDKII system FMP.
	IniParsingLib.h ¨C Library for INI file parsing.
	PlatformFlashAccessLib.h ¨C Library for write flash.

2) We will submit 5 series.
Series 1: Generic Update (MdeModulePkg/SecurityPkg)
	DxeCapsuleLib
	FmAuthenticationLib (*)
	CapsuleApp (*)
Series 2: EDKII Capsule (SignedCapsulePkg)
	IniParsingLib
	EdkiiSystemCapsuleLib
	PlatformFlashAccessLib
	SystemFirmwareUpdate driver
	RecoveryModuleLoadPei driver
Series 3: Microcode Update (UefiCpuPkg)
	MicrocodeFlashAccessLib
	MicrocodeUpdate driver.
Series 4: Quark update
Series 5: Vlv2 update

3) DxeCapsuleLib: Move code that performs authentication and parsing of
the capsule format into the implementation of the FMP Protocol.
We move the dispatch FV code from CapsuleLib to SystemFirmwareReport.efi.
SystemFirmwareReport.efi supports SetImage() to verify and dispatch the
SystemFirmwareUpdate.efi, then pass thru SetImage() request to
SystemFirmwareUpdate.efi.

Now the DxeCapsuleLib is very clean and it does not have any EDKII
capsule format knowledge.

4) DxeCapsuleLib: Fix issue where a reset may be too soon.
Defer reset to 2nd pass.

5) DxeCapsuleLib: Boot mode check is removed. 
Capsule should be populated to system table even boot mode is not BIOS_UPDATE.

5) FmAuthenticationLib: Add zero ImageSize check.

6) FmAuthenticationLib: Remove Authentication Library Registration.
Each FMP Producer needs to carry its own auth algoritms(s).
Now we have FmpAuthenticationLibPkcs7 and FmpAuthenticationLibRsa2048Sha256.
No registration is needed.

7) FmAuthenticationLib: Move MonotonicCount handling after Payload
We confirmed with USWG to process MonotonicCount after PayLoad.

==Below is V2 description==
The V2 series patch incorporated the feedback for V1.

There are 3 major updates.
1) BDS is update to display a warning message if TEST key
is used to sign recovery image or capsule image.
So a production BIOS should always use its own production singing
key for the capsule image generation. A production BIOS should
never use test key.
2) IniParsingLib is enhanced to do more sanity check for invalid
input. The detail data format is added in IniParsingLib.h header
file. If there is any vialation, the OpenInitFile() API will
return failure.
3) The *Bios* keyword is renamed to *SystemFirmware* in any
header file or c file data structure definition.

The rest is minor update, such as add help info, clean
up debug message, coding style.

==Below is V1 description==
This series patch provides sample on how to do signed capsule update
and recovery in EDKII.

This series patch is also checked into git@github.com:jyao1/edk2.git.

The feature includes:
1) Define EDKII signed system BIOS capsule format.
2) Provide EDKII signed system BIOS update sample.
3) Provide EDKII signed recovery sample.
4) Provide Microcode update sample for X86 system.
5) Update Quark to use new capsule/recovery solution.
6) Update Vlv2(MinnowMax) to use new capsule/recovery solution.

The signed capsule/recovery solution is in MdeModulePkg.
The capsule in IntelFrameworkModulePkg is deprecated.
The Microcode update solution is in UefiCpuPkg.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>

Jiewen Yao (15):
  MdeModulePkg/Include: Add FmpAuthenticationLib header.
  MdeModulePkg/CapsuleLib: Add ProcessCapsules() API.
  MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.
  MdeModulePkg/FmpAuthenticationLibNull: Add NULL instance FMP.
  MdeModulePkg/DxeCapsuleLibNull: Add ProcessCapsules() interface.
  MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.
  MdeModulePkg/Esrt: Add ESRT_FW_TYPE_SYSTEMFIRMWARE check.
  MdeModulePkg/CapsuleApp: Add CapsuleApp application.
  MdeModulePkg/UiApp: Show test key warning info in FrontPage.
  MdeModulePkg/MdeModulePkg.dsc: Add FMP related component.
  IntelFrameworkModulePkg/DxeCapsuleLib: Add ProcessCapsules()
    interface.
  SecurityPkg/SecurityPkg.dec: Add PcdPkcs7CertBuffer PCD.
  SecurityPkg/FmpAuthenticationLibPkcs7: Add PKCS7 instance for FMP.
  SecurityPkg/FmpAuthenticationLibRsa2048Sha256: Add RSA2048 instance.
  SecurityPkg/SecurityPkg.dsc: Add FmpAuthenticationLib*.

 IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c                               |   40 +-
 MdeModulePkg/Application/CapsuleApp/AppSupport.c                                            |  445 +++++++
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.c                                            |  853 ++++++++++++
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf                                          |   71 +
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni                                          |   22 +
 MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni                                     |   19 +
 MdeModulePkg/Application/CapsuleApp/CapsuleDump.c                                           |  740 +++++++++++
 MdeModulePkg/Application/UiApp/FrontPageCustomizedUi.c                                      |   13 +
 MdeModulePkg/Application/UiApp/FrontPageStrings.uni                                         |    4 +-
 MdeModulePkg/Application/UiApp/UiApp.inf                                                    |    3 +-
 MdeModulePkg/Include/Library/CapsuleLib.h                                                   |   46 +-
 MdeModulePkg/Include/Library/FmpAuthenticationLib.h                                         |   57 +
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c                                       | 1363 ++++++++++++++++++++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf                                     |   80 ++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni                                     |   22 +
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c                                |  486 +++++++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c                                 |  489 +++++++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c                                   |  112 ++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf                              |   83 ++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni                              |   22 +
 MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c                                  |   48 +-
 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.c                    |   57 +
 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf                  |   40 +
 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.uni                  |   22 +
 MdeModulePkg/MdeModulePkg.dec                                                               |   59 +
 MdeModulePkg/MdeModulePkg.dsc                                                               |   10 +
 MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf                                                  |    3 +-
 MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c                                                   |   37 +-
 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c                   |  213 +++
 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf                 |   49 +
 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.uni                 |   26 +
 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c   |  346 +++++
 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf |   53 +
 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.uni |   26 +
 SecurityPkg/SecurityPkg.dec                                                                 |    8 +-
 SecurityPkg/SecurityPkg.dsc                                                                 |    3 +
 36 files changed, 5957 insertions(+), 13 deletions(-)
 create mode 100644 MdeModulePkg/Application/CapsuleApp/AppSupport.c
 create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
 create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
 create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
 create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
 create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
 create mode 100644 MdeModulePkg/Include/Library/FmpAuthenticationLib.h
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
 create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
 create mode 100644 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.c
 create mode 100644 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
 create mode 100644 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.uni
 create mode 100644 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c
 create mode 100644 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
 create mode 100644 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.uni
 create mode 100644 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c
 create mode 100644 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf
 create mode 100644 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.uni

-- 
2.7.4.windows.1

[PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

[Jiewen Yao]

This library is used to authenticate a UEFI defined FMP Capsule.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Include/Library/FmpAuthenticationLib.h | 57 ++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/MdeModulePkg/Include/Library/FmpAuthenticationLib.h b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
new file mode 100644
index 0000000..ed098d4
--- /dev/null
+++ b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
@@ -0,0 +1,57 @@
+/** @file
+  FMP capsule authenitcation Library.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+
+#ifndef __FMP_AUTHENTICATION_LIB_H__
+#define __FMP_AUTHENTICATION_LIB_H__
+
+#include <Protocol/FirmwareManagement.h>
+
+/**
+  The fucntion is used to do the authentication for FMP capsule based upon
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
+
+  Caution: This function may receive untrusted input.
+
+  @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+  @param[in]  ImageSize               Size of the authentication image in bytes.
+  @param[in]  PublicKeyData           The public key data used to validate the signature.
+  @param[in]  PublicKeyDataLength     The length of the public key data.
+
+  @retval RETURN_SUCCESS            Authentication pass.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
+  @retval RETURN_SECURITY_VIOLATION Authentication fail.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
+  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
+**/
+RETURN_STATUS
+EFIAPI
+AuthenticateFmpImage (
+  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
+  IN UINTN                             ImageSize,
+  IN CONST UINT8                       *PublicKeyData,
+  IN UINTN                             PublicKeyDataLength
+  );
+
+#endif
+
-- 
2.7.4.windows.1

Re: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

[Kinney, Michael D]

Jiewen,

I am confused by the description of this API.

I refers to the LastAttemptStatus field, but that field is not in 
EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.  Instead, it is in the
EFI_FIRMWARE_IMAGE_DESCRIPTOR structure.

Is the prototype to this function correct?

Can you also update the description to include which structure the 
LastAttemptStatus field is in and how it is found from the input 
parameters?

One typo noted inline below.

Thanks,

Mike


> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Kinney, Michael
> D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.
> 
> This library is used to authenticate a UEFI defined FMP Capsule.
> 
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> Reviewed-by: Liming Gao <liming.gao@intel.com>
> ---
>  MdeModulePkg/Include/Library/FmpAuthenticationLib.h | 57 ++++++++++++++++++++
>  1 file changed, 57 insertions(+)
> 
> diff --git a/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> new file mode 100644
> index 0000000..ed098d4
> --- /dev/null
> +++ b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> @@ -0,0 +1,57 @@
> +/** @file
> +  FMP capsule authenitcation Library.
> +
> +Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +
> +#ifndef __FMP_AUTHENTICATION_LIB_H__
> +#define __FMP_AUTHENTICATION_LIB_H__
> +
> +#include <Protocol/FirmwareManagement.h>
> +
> +/**
> +  The fucntion is used to do the authentication for FMP capsule based upon

Typo.  Should be "The function is".

> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
> +
> +  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param[in]  Image                   Points to an FMP authentication image, started
> from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
> +  @param[in]  ImageSize               Size of the authentication image in bytes.
> +  @param[in]  PublicKeyData           The public key data used to validate the
> signature.
> +  @param[in]  PublicKeyDataLength     The length of the public key data.
> +
> +  @retval RETURN_SUCCESS            Authentication pass.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_SUCCESS.
> +  @retval RETURN_SECURITY_VIOLATION Authentication fail.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
> +  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_UNSUPPORTED        No Authentication handler associated with
> CertType.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with
> CertType.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
> +**/
> +RETURN_STATUS
> +EFIAPI
> +AuthenticateFmpImage (
> +  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
> +  IN UINTN                             ImageSize,
> +  IN CONST UINT8                       *PublicKeyData,
> +  IN UINTN                             PublicKeyDataLength
> +  );
> +
> +#endif
> +
> --
> 2.7.4.windows.1

Re: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

[Yao, Jiewen]

Hi Mike
Let me clarify:

The function is used to do the authentication for FMP capsule based upon   EFI_FIRMWARE_IMAGE_AUTHENTICATION.
This sentence is correct, because the capsule image input should be started by EFI_FIRMWARE_IMAGE_AUTHENTICATION.

LastAttemptStatus is the result of capsule process. The caller is expected convert the return Status to LastAttemptStatus.
It is recorded in ESRT entry and FMP.EFI_FIRMWARE_IMAGE_DESCRIPTOR in next boot.
Current consumer is SignedCapsulePkg\Library\EdkiiSystemCapsuleLib\ EdkiiSystemCapsuleLib.c, ExtractAuthenticatedImage() function.

I agree with you that it is confusing. I will add more sentence to describe. And I do not see any need to update function prototype. Do you think so?

The typo is fixed. Thanks.


From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 7:54 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

Jiewen,

I am confused by the description of this API.

I refers to the LastAttemptStatus field, but that field is not in
EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.  Instead, it is in the
EFI_FIRMWARE_IMAGE_DESCRIPTOR structure.

Is the prototype to this function correct?

Can you also update the description to include which structure the
LastAttemptStatus field is in and how it is found from the input
parameters?

One typo noted inline below.

Thanks,

Mike


> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.
>
> This library is used to authenticate a UEFI defined FMP Capsule.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/Include/Library/FmpAuthenticationLib.h | 57 ++++++++++++++++++++
>  1 file changed, 57 insertions(+)
>
> diff --git a/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> new file mode 100644
> index 0000000..ed098d4
> --- /dev/null
> +++ b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> @@ -0,0 +1,57 @@
> +/** @file
> +  FMP capsule authenitcation Library.
> +
> +Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +
> +#ifndef __FMP_AUTHENTICATION_LIB_H__
> +#define __FMP_AUTHENTICATION_LIB_H__
> +
> +#include <Protocol/FirmwareManagement.h>
> +
> +/**
> +  The fucntion is used to do the authentication for FMP capsule based upon

Typo.  Should be "The function is".

> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
> +
> +  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param[in]  Image                   Points to an FMP authentication image, started
> from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
> +  @param[in]  ImageSize               Size of the authentication image in bytes.
> +  @param[in]  PublicKeyData           The public key data used to validate the
> signature.
> +  @param[in]  PublicKeyDataLength     The length of the public key data.
> +
> +  @retval RETURN_SUCCESS            Authentication pass.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_SUCCESS.
> +  @retval RETURN_SECURITY_VIOLATION Authentication fail.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
> +  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_UNSUPPORTED        No Authentication handler associated with
> CertType.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with
> CertType.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
> +**/
> +RETURN_STATUS
> +EFIAPI
> +AuthenticateFmpImage (
> +  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
> +  IN UINTN                             ImageSize,
> +  IN CONST UINT8                       *PublicKeyData,
> +  IN UINTN                             PublicKeyDataLength
> +  );
> +
> +#endif
> +
> --
> 2.7.4.windows.1

Re: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

[Kinney, Michael D]

Jiewen,

I agree.  Please just update function description.

Mike

From: Yao, Jiewen
Sent: Tuesday, October 25, 2016 5:51 PM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

Hi Mike
Let me clarify:

The function is used to do the authentication for FMP capsule based upon   EFI_FIRMWARE_IMAGE_AUTHENTICATION.
This sentence is correct, because the capsule image input should be started by EFI_FIRMWARE_IMAGE_AUTHENTICATION.

LastAttemptStatus is the result of capsule process. The caller is expected convert the return Status to LastAttemptStatus.
It is recorded in ESRT entry and FMP.EFI_FIRMWARE_IMAGE_DESCRIPTOR in next boot.
Current consumer is SignedCapsulePkg\Library\EdkiiSystemCapsuleLib\ EdkiiSystemCapsuleLib.c, ExtractAuthenticatedImage() function.

I agree with you that it is confusing. I will add more sentence to describe. And I do not see any need to update function prototype. Do you think so?

The typo is fixed. Thanks.


From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 7:54 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
Subject: RE: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.

Jiewen,

I am confused by the description of this API.

I refers to the LastAttemptStatus field, but that field is not in
EFI_FIRMWARE_IMAGE_AUTHENTICATION structure.  Instead, it is in the
EFI_FIRMWARE_IMAGE_DESCRIPTOR structure.

Is the prototype to this function correct?

Can you also update the description to include which structure the
LastAttemptStatus field is in and how it is found from the input
parameters?

One typo noted inline below.

Thanks,

Mike


> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [PATCH V4 01/15] MdeModulePkg/Include: Add FmpAuthenticationLib header.
>
> This library is used to authenticate a UEFI defined FMP Capsule.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/Include/Library/FmpAuthenticationLib.h | 57 ++++++++++++++++++++
>  1 file changed, 57 insertions(+)
>
> diff --git a/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> new file mode 100644
> index 0000000..ed098d4
> --- /dev/null
> +++ b/MdeModulePkg/Include/Library/FmpAuthenticationLib.h
> @@ -0,0 +1,57 @@
> +/** @file
> +  FMP capsule authenitcation Library.
> +
> +Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +
> +#ifndef __FMP_AUTHENTICATION_LIB_H__
> +#define __FMP_AUTHENTICATION_LIB_H__
> +
> +#include <Protocol/FirmwareManagement.h>
> +
> +/**
> +  The fucntion is used to do the authentication for FMP capsule based upon

Typo.  Should be "The function is".

> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
> +
> +  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param[in]  Image                   Points to an FMP authentication image, started
> from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
> +  @param[in]  ImageSize               Size of the authentication image in bytes.
> +  @param[in]  PublicKeyData           The public key data used to validate the
> signature.
> +  @param[in]  PublicKeyDataLength     The length of the public key data.
> +
> +  @retval RETURN_SUCCESS            Authentication pass.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_SUCCESS.
> +  @retval RETURN_SECURITY_VIOLATION Authentication fail.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
> +  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_UNSUPPORTED        No Authentication handler associated with
> CertType.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
> +  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with
> CertType.
> +                                    The LastAttemptStatus should be
> LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
> +**/
> +RETURN_STATUS
> +EFIAPI
> +AuthenticateFmpImage (
> +  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
> +  IN UINTN                             ImageSize,
> +  IN CONST UINT8                       *PublicKeyData,
> +  IN UINTN                             PublicKeyDataLength
> +  );
> +
> +#endif
> +
> --
> 2.7.4.windows.1

[PATCH V4 02/15] MdeModulePkg/CapsuleLib: Add ProcessCapsules() API.

[Jiewen Yao]

ProcessCapsules() API can be used by platform BDS to process all capsules.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Include/Library/CapsuleLib.h | 46 ++++++++++++++++++--
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Include/Library/CapsuleLib.h b/MdeModulePkg/Include/Library/CapsuleLib.h
index 487cb0f..83ae57e 100644
--- a/MdeModulePkg/Include/Library/CapsuleLib.h
+++ b/MdeModulePkg/Include/Library/CapsuleLib.h
@@ -2,7 +2,7 @@
 
   This library class defines a set of interfaces for how to process capsule image updates.
 
-Copyright (c) 2007 - 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under 
 the terms and conditions of the BSD License that accompanies this distribution.  
 The full text of the license may be found at
@@ -20,7 +20,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
   The firmware checks whether the capsule image is supported 
   by the CapsuleGuid in CapsuleHeader or if there is other specific information in 
   the capsule image.
-  
+
+  Caution: This function may receive untrusted input.
+
   @param  CapsuleHeader    Pointer to the UEFI capsule image to be checked.
   
   @retval EFI_SUCESS       Input capsule is supported by firmware.
@@ -35,7 +37,9 @@ SupportCapsuleImage (
 /**
   The firmware-specific implementation processes the capsule image
   if it recognized the format of this capsule image.
-  
+
+  Caution: This function may receive untrusted input.
+
   @param  CapsuleHeader    Pointer to the UEFI capsule image to be processed. 
    
   @retval EFI_SUCESS       Capsule Image processed successfully. 
@@ -47,4 +51,40 @@ ProcessCapsuleImage (
   IN EFI_CAPSULE_HEADER *CapsuleHeader
   );
 
+/**
+
+  This routine is called to process capsules.
+
+  Caution: This function may receive untrusted input.
+
+  The capsules reported in EFI_HOB_UEFI_CAPSULE are processed.
+  If there is no EFI_HOB_UEFI_CAPSULE, this routine does nothing.
+
+  This routine should be called twice in BDS.
+  1) The first call must be before EndOfDxe. The system capsules is processed.
+     If device capsule FMP protocols are exposted at this time and device FMP
+     capsule has zero EmbeddedDriverCount, the device capsules are processed.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule and
+     all capsules are processed.
+     If not all capsules are processed, reset will be defered to second call.
+
+  2) The second call must be after EndOfDxe and after ConnectAll, so that all
+     device capsule FMP protocols are exposed.
+     The system capsules are skipped. If the device capsules are NOT processed
+     in first call, they are processed here.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule
+     processed in first call and second call.
+
+  @retval EFI_SUCCESS             There is no error when processing capsules.
+  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
+
+**/
+EFI_STATUS
+EFIAPI
+ProcessCapsules(
+  VOID
+  );
+
 #endif
-- 
2.7.4.windows.1

[PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

[Jiewen Yao]

1) Add capsule related library.
   FmpAuthenticationLib
2) Add capsule related status code PCD.
   PcdStatusCodeSubClassCapsule
   PcdCapsuleStatusCodeProcessCapsulesBegin
   PcdCapsuleStatusCodeProcessCapsulesEnd
   PcdCapsuleStatusCodeUpdatingFirmware
   PcdCapsuleStatusCodeUpdateFirmwareSuccess
   PcdCapsuleStatusCodeUpdateFirmwareFailed
   PcdCapsuleStatusCodeResettingSystem
3) Add capsule status variable PCD - CapsuleMax value.
   PcdCapsuleMax
4) Add system FMP indicator PCD - used by ESRT.
   PcdSystemFmpCapsuleImageTypeIdGuid
5) Add PcdTestKeyUsed PCD.
This PCD can be set by platform to indicate if there is any
test key used in current BIOS, such as recovery key,
or capsule update key.
Then the generic UI may consume this PCD to show warning information.
Other platform driver may also consume this PCD to know such info,
and report it via platform specific way.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/MdeModulePkg.dec | 59 ++++++++++++++++++++
 1 file changed, 59 insertions(+)

diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 74b8700..3f37cca 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -157,6 +157,10 @@
   ##
   FrameBufferBltLib|Include/Library/FrameBufferBltLib.h
 
+  ## @libraryclass  Provides services to authenticate a UEFI defined FMP Capsule.
+  #
+  FmpAuthenticationLib|Include/Library/FmpAuthenticationLib.h
+
 [Guids]
   ## MdeModule package token space guid
   # Include/Guid/MdeModulePkgTokenSpace.h
@@ -1141,6 +1145,52 @@
   #  The default value is 0 that means infinite.
   # @Prompt MAX repair count
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxRepairCount|0x00|UINT32|0x00010076
+  
+  ## Status Code for Capsule subclass definitions.<BR><BR>
+  #  EFI_SOFTWARE_CAPSULE  = (EFI_SOFTWARE | 0x00150000) = 0x03150000<BR>
+  # @Prompt Status Code for Capsule subclass definitions
+  # @ValidList  0x80000003 | 0x03150000
+  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03150000|UINT32|0x00000100
+
+  ## Status Code for Capsule definitions.<BR><BR>
+  #  EFI_CAPSULE_PROCESS_CAPSULES_BEGIN  = (EFI_SUBCLASS_SPECIFIC | 0x00000001) = 0x00010001<BR>
+  # @Prompt Status Code for Capsule definitions
+  # @ValidList  0x80000003 | 0x00010001
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00010001|UINT32|0x00000101
+
+  ## Status Code for Capsule definitions.<BR><BR>
+  #  EFI_CAPSULE_PROCESS_CAPSULES_END    = (EFI_SUBCLASS_SPECIFIC | 0x00000002) = 0x00010002<BR>
+  # @Prompt Status Code for Capsule definitions
+  # @ValidList  0x80000003 | 0x00010002
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00010002|UINT32|0x00000102
+
+  ## Status Code for Capsule definitions.<BR><BR>
+  #  EFI_CAPSULE_UPDATING_FIRMWARE       = (EFI_SUBCLASS_SPECIFIC | 0x00000003) = 0x00010003<BR>
+  # @Prompt Status Code for Capsule definitions
+  # @ValidList  0x80000003 | 0x00010003
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00010003|UINT32|0x00000103
+
+  ## Status Code for Capsule definitions.<BR><BR>
+  #  EFI_CAPSULE_UPDATE_FIRMWARE_SUCCESS = (EFI_SUBCLASS_SPECIFIC | 0x00000004) = 0x00010004<BR>
+  # @Prompt Status Code for Capsule definitions
+  # @ValidList  0x80000003 | 0x00010004
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00010004|UINT32|0x00000104
+
+  ## Status Code for Capsule definitions.<BR><BR>
+  #  EFI_CAPSULE_UPDATE_FIRMWARE_FAILED  = (EFI_SUBCLASS_SPECIFIC | 0x00000005) = 0x00010005<BR>
+  # @Prompt Status Code for Capsule definitions
+  # @ValidList  0x80000003 | 0x00010005
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00010005|UINT32|0x00000105
+
+  ## Status Code for Capsule definitions.<BR><BR>
+  #  EFI_CAPSULE_RESETTING_SYSTEM        = (EFI_SUBCLASS_SPECIFIC | 0x00000006) = 0x00010006<BR>
+  # @Prompt Status Code for Capsule definitions
+  # @ValidList  0x80000003 | 0x00010001
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00010006|UINT32|0x00000106
+
+  ## CapsuleMax value in capsule report variable.
+  # @Prompt CapsuleMax value in capsule report variable.
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax|0xFFFF|UINT16|0x00000107
 
 [PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## This PCD defines the Console output row. The default value is 25 according to UEFI spec.
@@ -1587,6 +1637,11 @@
   #  The PCD data must be in UNICODE format.
   gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"FVMAIN.FV"|VOID*|0x30001045
 
+  ## This PCD hold a list GUIDs for the ImageTypeId to indicate the
+  #  FMP capsule is a system FMP.
+  # @Prompt A list of system FMP ImageTypeId GUIDs
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xd3, 0xee, 0x7e, 0x3f, 0x91, 0xf4, 0x1e, 0x40, 0x9e, 0xce, 0x74, 0x31, 0x32, 0x2e, 0xad, 0xf6}|VOID*|0x30001046
+
 [PcdsPatchableInModule]
   ## Specify memory size with page number for PEI code when
   #  Loading Module at Fixed Address feature is enabled.
@@ -1639,5 +1694,9 @@
   # @ValidList  0x80000001 | 0x0
   gEfiMdeModulePkgTokenSpaceGuid.PcdIdentifyMappingPageTablePtr|0x0|UINT64|0x00030002
 
+  ## This dynamic PCD holds the information if there is any test key used by the platform.
+  # @Prompt If there is any test key used by the platform.
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
+
 [UserExtensions.TianoCore."ExtraFiles"]
   MdeModulePkgExtra.uni
-- 
2.7.4.windows.1

Re: [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

[Kinney, Michael D]

Jiewen,

Can you explain how you allocated the progress code values for capsule related operations?

How do you guarantee these will not conflict with future versions of PI specifications?

Also, is there a reason to make these PCDs?  If these can be fixed values in extensible
value regions of PI Status Codes, then couldn't #defines in a .h file be used instead
of adding more PCDs?

Thanks,

Mike

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Tian, Feng <feng.tian@intel.com>;
> Zhang, Chao B <chao.b.zhang@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star
> <star.zeng@intel.com>
> Subject: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related
> definition.
> 
> 1) Add capsule related library.
>    FmpAuthenticationLib
> 2) Add capsule related status code PCD.
>    PcdStatusCodeSubClassCapsule
>    PcdCapsuleStatusCodeProcessCapsulesBegin
>    PcdCapsuleStatusCodeProcessCapsulesEnd
>    PcdCapsuleStatusCodeUpdatingFirmware
>    PcdCapsuleStatusCodeUpdateFirmwareSuccess
>    PcdCapsuleStatusCodeUpdateFirmwareFailed
>    PcdCapsuleStatusCodeResettingSystem
> 3) Add capsule status variable PCD - CapsuleMax value.
>    PcdCapsuleMax
> 4) Add system FMP indicator PCD - used by ESRT.
>    PcdSystemFmpCapsuleImageTypeIdGuid
> 5) Add PcdTestKeyUsed PCD.
> This PCD can be set by platform to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
> Other platform driver may also consume this PCD to know such info,
> and report it via platform specific way.
> 
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> Reviewed-by: Liming Gao <liming.gao@intel.com>
> ---
>  MdeModulePkg/MdeModulePkg.dec | 59 ++++++++++++++++++++
>  1 file changed, 59 insertions(+)
> 
> diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
> index 74b8700..3f37cca 100644
> --- a/MdeModulePkg/MdeModulePkg.dec
> +++ b/MdeModulePkg/MdeModulePkg.dec
> @@ -157,6 +157,10 @@
>    ##
>    FrameBufferBltLib|Include/Library/FrameBufferBltLib.h
> 
> +  ## @libraryclass  Provides services to authenticate a UEFI defined FMP Capsule.
> +  #
> +  FmpAuthenticationLib|Include/Library/FmpAuthenticationLib.h
> +
>  [Guids]
>    ## MdeModule package token space guid
>    # Include/Guid/MdeModulePkgTokenSpace.h
> @@ -1141,6 +1145,52 @@
>    #  The default value is 0 that means infinite.
>    # @Prompt MAX repair count
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxRepairCount|0x00|UINT32|0x00010076
> +
> +  ## Status Code for Capsule subclass definitions.<BR><BR>
> +  #  EFI_SOFTWARE_CAPSULE  = (EFI_SOFTWARE | 0x00150000) = 0x03150000<BR>
> +  # @Prompt Status Code for Capsule subclass definitions
> +  # @ValidList  0x80000003 | 0x03150000
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03150000|UINT32|0x0000010
> 0
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_BEGIN  = (EFI_SUBCLASS_SPECIFIC | 0x00000001) =
> 0x00010001<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00010001|UINT
> 32|0x00000101
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_END    = (EFI_SUBCLASS_SPECIFIC | 0x00000002) =
> 0x00010002<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010002
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00010002|UINT32
> |0x00000102
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATING_FIRMWARE       = (EFI_SUBCLASS_SPECIFIC | 0x00000003) =
> 0x00010003<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010003
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00010003|UINT32|0
> x00000103
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_SUCCESS = (EFI_SUBCLASS_SPECIFIC | 0x00000004) =
> 0x00010004<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010004
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00010004|UIN
> T32|0x00000104
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_FAILED  = (EFI_SUBCLASS_SPECIFIC | 0x00000005) =
> 0x00010005<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010005
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00010005|UINT
> 32|0x00000105
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_RESETTING_SYSTEM        = (EFI_SUBCLASS_SPECIFIC | 0x00000006) =
> 0x00010006<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00010006|UINT32|0x
> 00000106
> +
> +  ## CapsuleMax value in capsule report variable.
> +  # @Prompt CapsuleMax value in capsule report variable.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax|0xFFFF|UINT16|0x00000107
> 
>  [PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
>    ## This PCD defines the Console output row. The default value is 25 according to
> UEFI spec.
> @@ -1587,6 +1637,11 @@
>    #  The PCD data must be in UNICODE format.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"FVMAIN.FV"|VOID*|0x30001045
> 
> +  ## This PCD hold a list GUIDs for the ImageTypeId to indicate the
> +  #  FMP capsule is a system FMP.
> +  # @Prompt A list of system FMP ImageTypeId GUIDs
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xd3, 0xee, 0x7e,
> 0x3f, 0x91, 0xf4, 0x1e, 0x40, 0x9e, 0xce, 0x74, 0x31, 0x32, 0x2e, 0xad,
> 0xf6}|VOID*|0x30001046
> +
>  [PcdsPatchableInModule]
>    ## Specify memory size with page number for PEI code when
>    #  Loading Module at Fixed Address feature is enabled.
> @@ -1639,5 +1694,9 @@
>    # @ValidList  0x80000001 | 0x0
>    gEfiMdeModulePkgTokenSpaceGuid.PcdIdentifyMappingPageTablePtr|0x0|UINT64|0x00030002
> 
> +  ## This dynamic PCD holds the information if there is any test key used by the
> platform.
> +  # @Prompt If there is any test key used by the platform.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
> +
>  [UserExtensions.TianoCore."ExtraFiles"]
>    MdeModulePkgExtra.uni
> --
> 2.7.4.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

[Yao, Jiewen]

That is good question.

I follow the EDKII guideline to add new status code into code.
If we need a new status code, which is not defined in PI spec, we will use PCD to avoid conflict.
The benefit is that

1)      The IBV/OEM implementation may choose to override this value, if the value is already used.

2)      We can change the default value, if the value is used in future PI spec.

We have below examples in current code base:
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(797):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderLoad|0x03058000|UINT32|0x30001030
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(803):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderStart|0x03058001|UINT32|0x30001031
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(809):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendStart|0x03078000|UINT32|0x30001032
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(815):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendEnd|0x03078001|UINT32|0x30001033
  C:\home\EdkIIGit\edk2\SecurityPkg\SecurityPkg.dec(300):  gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007

That is why I add them to be new PCD.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 10:02 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Jiewen,

Can you explain how you allocated the progress code values for capsule related operations?

How do you guarantee these will not conflict with future versions of PI specifications?

Also, is there a reason to make these PCDs?  If these can be fixed values in extensible
value regions of PI Status Codes, then couldn't #defines in a .h file be used instead
of adding more PCDs?

Thanks,

Mike

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>;
> Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Subject: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related
> definition.
>
> 1) Add capsule related library.
>    FmpAuthenticationLib
> 2) Add capsule related status code PCD.
>    PcdStatusCodeSubClassCapsule
>    PcdCapsuleStatusCodeProcessCapsulesBegin
>    PcdCapsuleStatusCodeProcessCapsulesEnd
>    PcdCapsuleStatusCodeUpdatingFirmware
>    PcdCapsuleStatusCodeUpdateFirmwareSuccess
>    PcdCapsuleStatusCodeUpdateFirmwareFailed
>    PcdCapsuleStatusCodeResettingSystem
> 3) Add capsule status variable PCD - CapsuleMax value.
>    PcdCapsuleMax
> 4) Add system FMP indicator PCD - used by ESRT.
>    PcdSystemFmpCapsuleImageTypeIdGuid
> 5) Add PcdTestKeyUsed PCD.
> This PCD can be set by platform to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
> Other platform driver may also consume this PCD to know such info,
> and report it via platform specific way.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/MdeModulePkg.dec | 59 ++++++++++++++++++++
>  1 file changed, 59 insertions(+)
>
> diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
> index 74b8700..3f37cca 100644
> --- a/MdeModulePkg/MdeModulePkg.dec
> +++ b/MdeModulePkg/MdeModulePkg.dec
> @@ -157,6 +157,10 @@
>    ##
>    FrameBufferBltLib|Include/Library/FrameBufferBltLib.h
>
> +  ## @libraryclass  Provides services to authenticate a UEFI defined FMP Capsule.
> +  #
> +  FmpAuthenticationLib|Include/Library/FmpAuthenticationLib.h
> +
>  [Guids]
>    ## MdeModule package token space guid
>    # Include/Guid/MdeModulePkgTokenSpace.h
> @@ -1141,6 +1145,52 @@
>    #  The default value is 0 that means infinite.
>    # @Prompt MAX repair count
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxRepairCount|0x00|UINT32|0x00010076
> +
> +  ## Status Code for Capsule subclass definitions.<BR><BR>
> +  #  EFI_SOFTWARE_CAPSULE  = (EFI_SOFTWARE | 0x00150000) = 0x03150000<BR>
> +  # @Prompt Status Code for Capsule subclass definitions
> +  # @ValidList  0x80000003 | 0x03150000
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03150000|UINT32|0x0000010
> 0
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_BEGIN  = (EFI_SUBCLASS_SPECIFIC | 0x00000001) =
> 0x00010001<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00010001|UINT
> 32|0x00000101
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_END    = (EFI_SUBCLASS_SPECIFIC | 0x00000002) =
> 0x00010002<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010002
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00010002|UINT32
> |0x00000102
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATING_FIRMWARE       = (EFI_SUBCLASS_SPECIFIC | 0x00000003) =
> 0x00010003<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010003
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00010003|UINT32|0
> x00000103
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_SUCCESS = (EFI_SUBCLASS_SPECIFIC | 0x00000004) =
> 0x00010004<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010004
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00010004|UIN
> T32|0x00000104
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_FAILED  = (EFI_SUBCLASS_SPECIFIC | 0x00000005) =
> 0x00010005<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010005
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00010005|UINT
> 32|0x00000105
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_RESETTING_SYSTEM        = (EFI_SUBCLASS_SPECIFIC | 0x00000006) =
> 0x00010006<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00010006|UINT32|0x
> 00000106
> +
> +  ## CapsuleMax value in capsule report variable.
> +  # @Prompt CapsuleMax value in capsule report variable.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax|0xFFFF|UINT16|0x00000107
>
>  [PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
>    ## This PCD defines the Console output row. The default value is 25 according to
> UEFI spec.
> @@ -1587,6 +1637,11 @@
>    #  The PCD data must be in UNICODE format.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"FVMAIN.FV"|VOID*|0x30001045
>
> +  ## This PCD hold a list GUIDs for the ImageTypeId to indicate the
> +  #  FMP capsule is a system FMP.
> +  # @Prompt A list of system FMP ImageTypeId GUIDs
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xd3, 0xee, 0x7e,
> 0x3f, 0x91, 0xf4, 0x1e, 0x40, 0x9e, 0xce, 0x74, 0x31, 0x32, 0x2e, 0xad,
> 0xf6}|VOID*|0x30001046
> +
>  [PcdsPatchableInModule]
>    ## Specify memory size with page number for PEI code when
>    #  Loading Module at Fixed Address feature is enabled.
> @@ -1639,5 +1694,9 @@
>    # @ValidList  0x80000001 | 0x0
>    gEfiMdeModulePkgTokenSpaceGuid.PcdIdentifyMappingPageTablePtr|0x0|UINT64|0x00030002
>
> +  ## This dynamic PCD holds the information if there is any test key used by the
> platform.
> +  # @Prompt If there is any test key used by the platform.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
> +
>  [UserExtensions.TianoCore."ExtraFiles"]
>    MdeModulePkgExtra.uni
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

[Kinney, Michael D]

Jiewen,

Are these default values allocated from the OEM extension areas?

Or are the allocated from the PI Spec reserved areas?  I do not think we should use values reserved for future PI Specifications.

I am ok with EDK II defining its own extended status codes.  However, the detailed description of each of these PCDs needs to add a note that states that the default value is a value that does not conflict with the PI Specification or any other EDK II defined status code values.  Platforms may need to override these values to prevent conflict with other OEM defined status code values.

Thanks,

Mike

From: Yao, Jiewen
Sent: Tuesday, October 25, 2016 7:28 PM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Tian, Feng <feng.tian@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

That is good question.

I follow the EDKII guideline to add new status code into code.
If we need a new status code, which is not defined in PI spec, we will use PCD to avoid conflict.
The benefit is that

1)       The IBV/OEM implementation may choose to override this value, if the value is already used.

2)       We can change the default value, if the value is used in future PI spec.

We have below examples in current code base:
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(797):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderLoad|0x03058000|UINT32|0x30001030
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(803):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderStart|0x03058001|UINT32|0x30001031
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(809):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendStart|0x03078000|UINT32|0x30001032
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(815):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendEnd|0x03078001|UINT32|0x30001033
  C:\home\EdkIIGit\edk2\SecurityPkg\SecurityPkg.dec(300):  gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007

That is why I add them to be new PCD.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 10:02 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Jiewen,

Can you explain how you allocated the progress code values for capsule related operations?

How do you guarantee these will not conflict with future versions of PI specifications?

Also, is there a reason to make these PCDs?  If these can be fixed values in extensible
value regions of PI Status Codes, then couldn't #defines in a .h file be used instead
of adding more PCDs?

Thanks,

Mike

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>;
> Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Subject: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related
> definition.
>
> 1) Add capsule related library.
>    FmpAuthenticationLib
> 2) Add capsule related status code PCD.
>    PcdStatusCodeSubClassCapsule
>    PcdCapsuleStatusCodeProcessCapsulesBegin
>    PcdCapsuleStatusCodeProcessCapsulesEnd
>    PcdCapsuleStatusCodeUpdatingFirmware
>    PcdCapsuleStatusCodeUpdateFirmwareSuccess
>    PcdCapsuleStatusCodeUpdateFirmwareFailed
>    PcdCapsuleStatusCodeResettingSystem
> 3) Add capsule status variable PCD - CapsuleMax value.
>    PcdCapsuleMax
> 4) Add system FMP indicator PCD - used by ESRT.
>    PcdSystemFmpCapsuleImageTypeIdGuid
> 5) Add PcdTestKeyUsed PCD.
> This PCD can be set by platform to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
> Other platform driver may also consume this PCD to know such info,
> and report it via platform specific way.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/MdeModulePkg.dec | 59 ++++++++++++++++++++
>  1 file changed, 59 insertions(+)
>
> diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
> index 74b8700..3f37cca 100644
> --- a/MdeModulePkg/MdeModulePkg.dec
> +++ b/MdeModulePkg/MdeModulePkg.dec
> @@ -157,6 +157,10 @@
>    ##
>    FrameBufferBltLib|Include/Library/FrameBufferBltLib.h
>
> +  ## @libraryclass  Provides services to authenticate a UEFI defined FMP Capsule.
> +  #
> +  FmpAuthenticationLib|Include/Library/FmpAuthenticationLib.h
> +
>  [Guids]
>    ## MdeModule package token space guid
>    # Include/Guid/MdeModulePkgTokenSpace.h
> @@ -1141,6 +1145,52 @@
>    #  The default value is 0 that means infinite.
>    # @Prompt MAX repair count
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxRepairCount|0x00|UINT32|0x00010076
> +
> +  ## Status Code for Capsule subclass definitions.<BR><BR>
> +  #  EFI_SOFTWARE_CAPSULE  = (EFI_SOFTWARE | 0x00150000) = 0x03150000<BR>
> +  # @Prompt Status Code for Capsule subclass definitions
> +  # @ValidList  0x80000003 | 0x03150000
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03150000|UINT32|0x0000010
> 0
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_BEGIN  = (EFI_SUBCLASS_SPECIFIC | 0x00000001) =
> 0x00010001<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00010001|UINT
> 32|0x00000101
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_END    = (EFI_SUBCLASS_SPECIFIC | 0x00000002) =
> 0x00010002<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010002
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00010002|UINT32
> |0x00000102
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATING_FIRMWARE       = (EFI_SUBCLASS_SPECIFIC | 0x00000003) =
> 0x00010003<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010003
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00010003|UINT32|0
> x00000103
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_SUCCESS = (EFI_SUBCLASS_SPECIFIC | 0x00000004) =
> 0x00010004<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010004
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00010004|UIN
> T32|0x00000104
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_FAILED  = (EFI_SUBCLASS_SPECIFIC | 0x00000005) =
> 0x00010005<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010005
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00010005|UINT
> 32|0x00000105
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_RESETTING_SYSTEM        = (EFI_SUBCLASS_SPECIFIC | 0x00000006) =
> 0x00010006<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00010006|UINT32|0x
> 00000106
> +
> +  ## CapsuleMax value in capsule report variable.
> +  # @Prompt CapsuleMax value in capsule report variable.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax|0xFFFF|UINT16|0x00000107
>
>  [PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
>    ## This PCD defines the Console output row. The default value is 25 according to
> UEFI spec.
> @@ -1587,6 +1637,11 @@
>    #  The PCD data must be in UNICODE format.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"FVMAIN.FV"|VOID*|0x30001045
>
> +  ## This PCD hold a list GUIDs for the ImageTypeId to indicate the
> +  #  FMP capsule is a system FMP.
> +  # @Prompt A list of system FMP ImageTypeId GUIDs
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xd3, 0xee, 0x7e,
> 0x3f, 0x91, 0xf4, 0x1e, 0x40, 0x9e, 0xce, 0x74, 0x31, 0x32, 0x2e, 0xad,
> 0xf6}|VOID*|0x30001046
> +
>  [PcdsPatchableInModule]
>    ## Specify memory size with page number for PEI code when
>    #  Loading Module at Fixed Address feature is enabled.
> @@ -1639,5 +1694,9 @@
>    # @ValidList  0x80000001 | 0x0
>    gEfiMdeModulePkgTokenSpaceGuid.PcdIdentifyMappingPageTablePtr|0x0|UINT64|0x00030002
>
> +  ## This dynamic PCD holds the information if there is any test key used by the
> platform.
> +  # @Prompt If there is any test key used by the platform.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
> +
>  [UserExtensions.TianoCore."ExtraFiles"]
>    MdeModulePkgExtra.uni
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

[Yao, Jiewen]

Mike
You are right. I forget adding EFI_OEM_SPECIFIC flag.
I will use that flag in V5 patch.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 11:01 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Jiewen,

Are these default values allocated from the OEM extension areas?

Or are the allocated from the PI Spec reserved areas?  I do not think we should use values reserved for future PI Specifications.

I am ok with EDK II defining its own extended status codes.  However, the detailed description of each of these PCDs needs to add a note that states that the default value is a value that does not conflict with the PI Specification or any other EDK II defined status code values.  Platforms may need to override these values to prevent conflict with other OEM defined status code values.

Thanks,

Mike

From: Yao, Jiewen
Sent: Tuesday, October 25, 2016 7:28 PM
To: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

That is good question.

I follow the EDKII guideline to add new status code into code.
If we need a new status code, which is not defined in PI spec, we will use PCD to avoid conflict.
The benefit is that

1)      The IBV/OEM implementation may choose to override this value, if the value is already used.

2)      We can change the default value, if the value is used in future PI spec.

We have below examples in current code base:
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(797):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderLoad|0x03058000|UINT32|0x30001030
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(803):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderStart|0x03058001|UINT32|0x30001031
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(809):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendStart|0x03078000|UINT32|0x30001032
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(815):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendEnd|0x03078001|UINT32|0x30001033
  C:\home\EdkIIGit\edk2\SecurityPkg\SecurityPkg.dec(300):  gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007

That is why I add them to be new PCD.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 10:02 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Jiewen,

Can you explain how you allocated the progress code values for capsule related operations?

How do you guarantee these will not conflict with future versions of PI specifications?

Also, is there a reason to make these PCDs?  If these can be fixed values in extensible
value regions of PI Status Codes, then couldn't #defines in a .h file be used instead
of adding more PCDs?

Thanks,

Mike

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>;
> Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Subject: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related
> definition.
>
> 1) Add capsule related library.
>    FmpAuthenticationLib
> 2) Add capsule related status code PCD.
>    PcdStatusCodeSubClassCapsule
>    PcdCapsuleStatusCodeProcessCapsulesBegin
>    PcdCapsuleStatusCodeProcessCapsulesEnd
>    PcdCapsuleStatusCodeUpdatingFirmware
>    PcdCapsuleStatusCodeUpdateFirmwareSuccess
>    PcdCapsuleStatusCodeUpdateFirmwareFailed
>    PcdCapsuleStatusCodeResettingSystem
> 3) Add capsule status variable PCD - CapsuleMax value.
>    PcdCapsuleMax
> 4) Add system FMP indicator PCD - used by ESRT.
>    PcdSystemFmpCapsuleImageTypeIdGuid
> 5) Add PcdTestKeyUsed PCD.
> This PCD can be set by platform to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
> Other platform driver may also consume this PCD to know such info,
> and report it via platform specific way.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/MdeModulePkg.dec | 59 ++++++++++++++++++++
>  1 file changed, 59 insertions(+)
>
> diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
> index 74b8700..3f37cca 100644
> --- a/MdeModulePkg/MdeModulePkg.dec
> +++ b/MdeModulePkg/MdeModulePkg.dec
> @@ -157,6 +157,10 @@
>    ##
>    FrameBufferBltLib|Include/Library/FrameBufferBltLib.h
>
> +  ## @libraryclass  Provides services to authenticate a UEFI defined FMP Capsule.
> +  #
> +  FmpAuthenticationLib|Include/Library/FmpAuthenticationLib.h
> +
>  [Guids]
>    ## MdeModule package token space guid
>    # Include/Guid/MdeModulePkgTokenSpace.h
> @@ -1141,6 +1145,52 @@
>    #  The default value is 0 that means infinite.
>    # @Prompt MAX repair count
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxRepairCount|0x00|UINT32|0x00010076
> +
> +  ## Status Code for Capsule subclass definitions.<BR><BR>
> +  #  EFI_SOFTWARE_CAPSULE  = (EFI_SOFTWARE | 0x00150000) = 0x03150000<BR>
> +  # @Prompt Status Code for Capsule subclass definitions
> +  # @ValidList  0x80000003 | 0x03150000
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03150000|UINT32|0x0000010
> 0
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_BEGIN  = (EFI_SUBCLASS_SPECIFIC | 0x00000001) =
> 0x00010001<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00010001|UINT
> 32|0x00000101
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_END    = (EFI_SUBCLASS_SPECIFIC | 0x00000002) =
> 0x00010002<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010002
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00010002|UINT32
> |0x00000102
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATING_FIRMWARE       = (EFI_SUBCLASS_SPECIFIC | 0x00000003) =
> 0x00010003<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010003
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00010003|UINT32|0
> x00000103
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_SUCCESS = (EFI_SUBCLASS_SPECIFIC | 0x00000004) =
> 0x00010004<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010004
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00010004|UIN
> T32|0x00000104
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_FAILED  = (EFI_SUBCLASS_SPECIFIC | 0x00000005) =
> 0x00010005<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010005
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00010005|UINT
> 32|0x00000105
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_RESETTING_SYSTEM        = (EFI_SUBCLASS_SPECIFIC | 0x00000006) =
> 0x00010006<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00010006|UINT32|0x
> 00000106
> +
> +  ## CapsuleMax value in capsule report variable.
> +  # @Prompt CapsuleMax value in capsule report variable.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax|0xFFFF|UINT16|0x00000107
>
>  [PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
>    ## This PCD defines the Console output row. The default value is 25 according to
> UEFI spec.
> @@ -1587,6 +1637,11 @@
>    #  The PCD data must be in UNICODE format.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"FVMAIN.FV"|VOID*|0x30001045
>
> +  ## This PCD hold a list GUIDs for the ImageTypeId to indicate the
> +  #  FMP capsule is a system FMP.
> +  # @Prompt A list of system FMP ImageTypeId GUIDs
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xd3, 0xee, 0x7e,
> 0x3f, 0x91, 0xf4, 0x1e, 0x40, 0x9e, 0xce, 0x74, 0x31, 0x32, 0x2e, 0xad,
> 0xf6}|VOID*|0x30001046
> +
>  [PcdsPatchableInModule]
>    ## Specify memory size with page number for PEI code when
>    #  Loading Module at Fixed Address feature is enabled.
> @@ -1639,5 +1694,9 @@
>    # @ValidList  0x80000001 | 0x0
>    gEfiMdeModulePkgTokenSpaceGuid.PcdIdentifyMappingPageTablePtr|0x0|UINT64|0x00030002
>
> +  ## This dynamic PCD holds the information if there is any test key used by the
> platform.
> +  # @Prompt If there is any test key used by the platform.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
> +
>  [UserExtensions.TianoCore."ExtraFiles"]
>    MdeModulePkgExtra.uni
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

[Yao, Jiewen]

Here is the status code allocated from OEM region, I plan to use

gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03810000|UINT32|0x00000100
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00008001|UINT32|0x00000101
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00008002|UINT32|0x00000102
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00008003|UINT32|0x00000103
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00008004|UINT32|0x00000104
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00008005|UINT32|0x00000105
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00008006|UINT32|0x00000106

SubClassCode is 0x81.
ProgressCode is 0x8001~0x8006.

Thank you
Yao Jiewen

From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Yao, Jiewen
Sent: Wednesday, October 26, 2016 12:45 PM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Zeng, Star <star.zeng@intel.com>; Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: Re: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Mike
You are right. I forget adding EFI_OEM_SPECIFIC flag.
I will use that flag in V5 patch.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 11:01 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Jiewen,

Are these default values allocated from the OEM extension areas?

Or are the allocated from the PI Spec reserved areas?  I do not think we should use values reserved for future PI Specifications.

I am ok with EDK II defining its own extended status codes.  However, the detailed description of each of these PCDs needs to add a note that states that the default value is a value that does not conflict with the PI Specification or any other EDK II defined status code values.  Platforms may need to override these values to prevent conflict with other OEM defined status code values.

Thanks,

Mike

From: Yao, Jiewen
Sent: Tuesday, October 25, 2016 7:28 PM
To: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com<mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com%3cmailto:chao.b.zhang@intel.com>>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com<mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

That is good question.

I follow the EDKII guideline to add new status code into code.
If we need a new status code, which is not defined in PI spec, we will use PCD to avoid conflict.
The benefit is that

1)      The IBV/OEM implementation may choose to override this value, if the value is already used.

2)      We can change the default value, if the value is used in future PI spec.

We have below examples in current code base:
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(797):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderLoad|0x03058000|UINT32|0x30001030
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(803):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeOsLoaderStart|0x03058001|UINT32|0x30001031
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(809):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendStart|0x03078000|UINT32|0x30001032
  C:\home\EdkIIGit\edk2\MdeModulePkg\MdeModulePkg.dec(815):  gEfiMdeModulePkgTokenSpaceGuid.PcdProgressCodeS3SuspendEnd|0x03078001|UINT32|0x30001033
  C:\home\EdkIIGit\edk2\SecurityPkg\SecurityPkg.dec(300):  gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007

That is why I add them to be new PCD.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 10:02 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com<mailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com>>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com<mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com%3cmailto:chao.b.zhang@intel.com>>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com<mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>
Subject: RE: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.

Jiewen,

Can you explain how you allocated the progress code values for capsule related operations?

How do you guarantee these will not conflict with future versions of PI specifications?

Also, is there a reason to make these PCDs?  If these can be fixed values in extensible
value regions of PI Status Codes, then couldn't #defines in a .h file be used instead
of adding more PCDs?

Thanks,

Mike

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:20 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
> Cc: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>; Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com<mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>;
> Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com%3cmailto:chao.b.zhang@intel.com>>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com<mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>
> Subject: [edk2] [PATCH V4 03/15] MdeModulePkg/MdeModulePkg.dec: Add capsule related
> definition.
>
> 1) Add capsule related library.
>    FmpAuthenticationLib
> 2) Add capsule related status code PCD.
>    PcdStatusCodeSubClassCapsule
>    PcdCapsuleStatusCodeProcessCapsulesBegin
>    PcdCapsuleStatusCodeProcessCapsulesEnd
>    PcdCapsuleStatusCodeUpdatingFirmware
>    PcdCapsuleStatusCodeUpdateFirmwareSuccess
>    PcdCapsuleStatusCodeUpdateFirmwareFailed
>    PcdCapsuleStatusCodeResettingSystem
> 3) Add capsule status variable PCD - CapsuleMax value.
>    PcdCapsuleMax
> 4) Add system FMP indicator PCD - used by ESRT.
>    PcdSystemFmpCapsuleImageTypeIdGuid
> 5) Add PcdTestKeyUsed PCD.
> This PCD can be set by platform to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
> Other platform driver may also consume this PCD to know such info,
> and report it via platform specific way.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com<mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com<mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com%3cmailto:chao.b.zhang@intel.com>>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com<mailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com>>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>
> ---
>  MdeModulePkg/MdeModulePkg.dec | 59 ++++++++++++++++++++
>  1 file changed, 59 insertions(+)
>
> diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
> index 74b8700..3f37cca 100644
> --- a/MdeModulePkg/MdeModulePkg.dec
> +++ b/MdeModulePkg/MdeModulePkg.dec
> @@ -157,6 +157,10 @@
>    ##
>    FrameBufferBltLib|Include/Library/FrameBufferBltLib.h
>
> +  ## @libraryclass  Provides services to authenticate a UEFI defined FMP Capsule.
> +  #
> +  FmpAuthenticationLib|Include/Library/FmpAuthenticationLib.h
> +
>  [Guids]
>    ## MdeModule package token space guid
>    # Include/Guid/MdeModulePkgTokenSpace.h
> @@ -1141,6 +1145,52 @@
>    #  The default value is 0 that means infinite.
>    # @Prompt MAX repair count
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxRepairCount|0x00|UINT32|0x00010076
> +
> +  ## Status Code for Capsule subclass definitions.<BR><BR>
> +  #  EFI_SOFTWARE_CAPSULE  = (EFI_SOFTWARE | 0x00150000) = 0x03150000<BR>
> +  # @Prompt Status Code for Capsule subclass definitions
> +  # @ValidList  0x80000003 | 0x03150000
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule|0x03150000|UINT32|0x0000010
> 0
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_BEGIN  = (EFI_SUBCLASS_SPECIFIC | 0x00000001) =
> 0x00010001<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin|0x00010001|UINT
> 32|0x00000101
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_PROCESS_CAPSULES_END    = (EFI_SUBCLASS_SPECIFIC | 0x00000002) =
> 0x00010002<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010002
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd|0x00010002|UINT32
> |0x00000102
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATING_FIRMWARE       = (EFI_SUBCLASS_SPECIFIC | 0x00000003) =
> 0x00010003<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010003
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware|0x00010003|UINT32|0
> x00000103
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_SUCCESS = (EFI_SUBCLASS_SPECIFIC | 0x00000004) =
> 0x00010004<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010004
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess|0x00010004|UIN
> T32|0x00000104
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_UPDATE_FIRMWARE_FAILED  = (EFI_SUBCLASS_SPECIFIC | 0x00000005) =
> 0x00010005<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010005
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed|0x00010005|UINT
> 32|0x00000105
> +
> +  ## Status Code for Capsule definitions.<BR><BR>
> +  #  EFI_CAPSULE_RESETTING_SYSTEM        = (EFI_SUBCLASS_SPECIFIC | 0x00000006) =
> 0x00010006<BR>
> +  # @Prompt Status Code for Capsule definitions
> +  # @ValidList  0x80000003 | 0x00010001
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem|0x00010006|UINT32|0x
> 00000106
> +
> +  ## CapsuleMax value in capsule report variable.
> +  # @Prompt CapsuleMax value in capsule report variable.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax|0xFFFF|UINT16|0x00000107
>
>  [PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
>    ## This PCD defines the Console output row. The default value is 25 according to
> UEFI spec.
> @@ -1587,6 +1637,11 @@
>    #  The PCD data must be in UNICODE format.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"FVMAIN.FV"|VOID*|0x30001045
>
> +  ## This PCD hold a list GUIDs for the ImageTypeId to indicate the
> +  #  FMP capsule is a system FMP.
> +  # @Prompt A list of system FMP ImageTypeId GUIDs
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xd3, 0xee, 0x7e,
> 0x3f, 0x91, 0xf4, 0x1e, 0x40, 0x9e, 0xce, 0x74, 0x31, 0x32, 0x2e, 0xad,
> 0xf6}|VOID*|0x30001046
> +
>  [PcdsPatchableInModule]
>    ## Specify memory size with page number for PEI code when
>    #  Loading Module at Fixed Address feature is enabled.
> @@ -1639,5 +1694,9 @@
>    # @ValidList  0x80000001 | 0x0
>    gEfiMdeModulePkgTokenSpaceGuid.PcdIdentifyMappingPageTablePtr|0x0|UINT64|0x00030002
>
> +  ## This dynamic PCD holds the information if there is any test key used by the
> platform.
> +  # @Prompt If there is any test key used by the platform.
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
> +
>  [UserExtensions.TianoCore."ExtraFiles"]
>    MdeModulePkgExtra.uni
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
> https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
https://lists.01.org/mailman/listinfo/edk2-devel

[PATCH V4 04/15] MdeModulePkg/FmpAuthenticationLibNull: Add NULL instance FMP.

[Jiewen Yao]

Add NULL instance to pass build.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.c   | 57 ++++++++++++++++++++
 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf | 40 ++++++++++++++
 MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.uni | 22 ++++++++
 3 files changed, 119 insertions(+)

diff --git a/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.c b/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.c
new file mode 100644
index 0000000..ff9ebb0
--- /dev/null
+++ b/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.c
@@ -0,0 +1,57 @@
+/** @file
+  NULL FMP authentication library.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php.
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+
+#include <Library/DebugLib.h>
+#include <Library/FmpAuthenticationLib.h>
+
+/**
+  The fucntion is used to do the authentication for FMP capsule based upon
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
+
+  Caution: This function may receive untrusted input.
+
+  @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+  @param[in]  ImageSize               Size of the authentication image in bytes.
+  @param[in]  PublicKeyData           The public key data used to validate the signature.
+  @param[in]  PublicKeyDataLength     The length of the public key data.
+
+  @retval RETURN_SUCCESS            Authentication pass.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
+  @retval RETURN_SECURITY_VIOLATION Authentication fail.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
+  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
+**/
+RETURN_STATUS
+EFIAPI
+AuthenticateFmpImage (
+  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
+  IN UINTN                             ImageSize,
+  IN CONST UINT8                       *PublicKeyData,
+  IN UINTN                             PublicKeyDataLength
+  )
+{
+  ASSERT(FALSE);
+  return RETURN_UNSUPPORTED;
+}
\ No newline at end of file
diff --git a/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf b/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
new file mode 100644
index 0000000..f9b87ca
--- /dev/null
+++ b/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
@@ -0,0 +1,40 @@
+## @file
+# FmpAuthentication Library
+#
+# NULL Instance of FmpAuthentication Library.
+#
+# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution. The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php.
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = FmpAuthenticationLibNull
+  MODULE_UNI_FILE                = FmpAuthenticationLibNull.uni
+  FILE_GUID                      = 5011522C-7B0E-4ACB-8E30-9B1D133CF2E0
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = FmpAuthenticationLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
+#
+
+[Sources]
+  FmpAuthenticationLibNull.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+  DebugLib
diff --git a/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.uni b/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.uni
new file mode 100644
index 0000000..69fd6e1
--- /dev/null
+++ b/MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.uni
@@ -0,0 +1,22 @@
+// /** @file
+// FmpAuthentication Library
+//
+// NULL Instance of FmpAuthentication Library.
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution.  The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "FmpAuthentication Library"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "NULL Instance of FmpAuthentication Library."
+
-- 
2.7.4.windows.1

[PATCH V4 05/15] MdeModulePkg/DxeCapsuleLibNull: Add ProcessCapsules() interface.

[Jiewen Yao]

Add ProcessCapsules() interface for DxeCapsuleLibNull.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c | 48 ++++++++++++++++++--
 1 file changed, 45 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c b/MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c
index fb5c255..e83a29d 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c
+++ b/MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c
@@ -1,7 +1,7 @@
 /** @file
   Null Dxe Capsule Library instance does nothing and returns unsupport status.
 
-Copyright (c) 2007 - 2008, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -17,7 +17,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 /**
   The firmware checks whether the capsule image is supported 
   by the CapsuleGuid in CapsuleHeader or other specific information in capsule image.
-  
+
+  Caution: This function may receive untrusted input.
+
   @param  CapsuleHeader    Point to the UEFI capsule image to be checked.
   
   @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
@@ -34,7 +36,9 @@ SupportCapsuleImage (
 /**
   The firmware specific implementation processes the capsule image
   if it recognized the format of this capsule image.
-  
+
+  Caution: This function may receive untrusted input.
+
   @param  CapsuleHeader    Point to the UEFI capsule image to be processed. 
    
   @retval EFI_UNSUPPORTED  Capsule image is not supported by the firmware.
@@ -48,4 +52,42 @@ ProcessCapsuleImage (
   return EFI_UNSUPPORTED;
 }
 
+/**
+
+  This routine is called to process capsules.
+
+  Caution: This function may receive untrusted input.
+
+  The capsules reported in EFI_HOB_UEFI_CAPSULE are processed.
+  If there is no EFI_HOB_UEFI_CAPSULE, this routine does nothing.
+
+  This routine should be called twice in BDS.
+  1) The first call must be before EndOfDxe. The system capsules is processed.
+     If device capsule FMP protocols are exposted at this time and device FMP
+     capsule has zero EmbeddedDriverCount, the device capsules are processed.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule and
+     all capsules are processed.
+     If not all capsules are processed, reset will be defered to second call.
+
+  2) The second call must be after EndOfDxe and after ConnectAll, so that all
+     device capsule FMP protocols are exposed.
+     The system capsules are skipped. If the device capsules are NOT processed
+     in first call, they are processed here.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule
+     processed in first call and second call.
+
+  @retval EFI_SUCCESS             There is no error when processing capsules.
+  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
+
+**/
+EFI_STATUS
+EFIAPI
+ProcessCapsules(
+  VOID
+  )
+{
+  return EFI_UNSUPPORTED;
+}
 
-- 
2.7.4.windows.1

[PATCH V4 06/15] MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.

[Jiewen Yao]

This instance handles Microsoft UX capsule, UEFI defined FMP capsule.
This instance should not assume any capsule image format.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c          | 1363 ++++++++++++++++++++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf        |   80 ++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni        |   22 +
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c   |  486 +++++++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c    |  489 +++++++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c      |  112 ++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf |   83 ++
 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni |   22 +
 8 files changed, 2657 insertions(+)

diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
new file mode 100644
index 0000000..20ef762
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
@@ -0,0 +1,1363 @@
+/** @file
+  DXE capsule library.
+
+  Caution: This module requires additional review when modified.
+  This module will have external input - capsule image.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  SupportCapsuleImage(), ProcessCapsuleImage(), IsValidCapsuleHeader(),
+  ValidateFmpCapsule(), DisplayCapsuleImage(), ConvertBmpToGopBlt() will
+  receive untrusted input and do basic validation.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+
+#include <IndustryStandard/Bmp.h>
+#include <IndustryStandard/WindowsUxCapsule.h>
+
+#include <Guid/FmpCapsule.h>
+#include <Guid/SystemResourceTable.h>
+#include <Guid/EventGroup.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DxeServicesTableLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/CapsuleLib.h>
+#include <Library/DevicePathLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PcdLib.h>
+
+#include <Protocol/GraphicsOutput.h>
+#include <Protocol/EsrtManagement.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Protocol/DevicePath.h>
+
+extern BOOLEAN            mAreAllImagesProcessed;
+
+EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable              = NULL;
+BOOLEAN                   mIsVirtualAddrConverted  = FALSE;
+BOOLEAN                   mDxeCapsuleLibEndOfDxe   = FALSE;
+
+/**
+  Initialize capsule related variables.
+**/
+VOID
+InitCapsuleVariable(
+  VOID
+  );
+
+/**
+  Check if this FMP capsule is processed.
+
+  @param CapsuleHeader  The capsule image header
+  @param PayloadIndex   FMP payload index
+  @param ImageHeader    FMP image header
+
+  @retval TRUE  This FMP capsule is processed.
+  @retval FALSE This FMP capsule is not processed.
+**/
+BOOLEAN
+IsFmpCapsuleProcessed(
+  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
+  IN UINTN                                        PayloadIndex,
+  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
+  );
+
+/**
+  Record capsule status variable.
+
+  @param CapsuleHeader  The capsule image header
+  @param CapsuleStatus  The capsule process stauts
+
+  @retval EFI_SUCCESS          The capsule status variable is recorded.
+  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
+**/
+EFI_STATUS
+RecordCapsuleStatusVariable(
+  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
+  IN EFI_STATUS                                   CapsuleStatus
+  );
+
+/**
+  Record FMP capsule status variable.
+
+  @param CapsuleHeader  The capsule image header
+  @param CapsuleStatus  The capsule process stauts
+  @param PayloadIndex   FMP payload index
+  @param ImageHeader    FMP image header
+
+  @retval EFI_SUCCESS          The capsule status variable is recorded.
+  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
+**/
+EFI_STATUS
+RecordFmpCapsuleStatusVariable(
+  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
+  IN EFI_STATUS                                   CapsuleStatus,
+  IN UINTN                                        PayloadIndex,
+  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
+  );
+
+/**
+  Function indicate the current completion progress of the firmware
+  update. Platform may override with own specific progress function.
+
+  @param  Completion    A value between 1 and 100 indicating the current completion progress of the firmware update
+
+  @retval EFI_SUCESS    Input capsule is a correct FMP capsule.
+**/
+EFI_STATUS
+EFIAPI
+Update_Image_Progress (
+  IN UINTN Completion
+  )
+{
+  return EFI_SUCCESS;
+}
+
+/**
+  Return if this CapsuleGuid is a FMP capsule GUID or not.
+
+  @param[in] CapsuleGuid A pointer to EFI_GUID
+
+  @retval TRUE  It is a FMP capsule GUID.
+  @retval FALSE It is not a FMP capsule GUID.
+**/
+BOOLEAN
+IsFmpCapsuleGuid(
+  IN EFI_GUID  *CapsuleGuid
+  )
+{
+  if (CompareGuid(&gEfiFmpCapsuleGuid, CapsuleGuid)) {
+    return TRUE;
+  }
+
+  return FALSE;
+}
+
+/**
+  Validate if it is valid capsule header
+
+  Caution: This function may receive untrusted input.
+
+  This function assumes the caller provided correct CapsuleHeader pointer
+  and CapsuleSize.
+
+  This function validates the fields in EFI_CAPSULE_HEADER.
+
+  @param  CapsuleHeader    Points to a capsule header.
+  @param  CapsuleSize      Size of the whole capsule image.
+
+**/
+BOOLEAN
+IsValidCapsuleHeader(
+  IN EFI_CAPSULE_HEADER  *CapsuleHeader,
+  IN UINT64              CapsuleSize
+  )
+{
+  if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
+    return FALSE;
+  }
+  if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
+    return FALSE;
+  }
+  return TRUE;
+}
+
+/**
+  Validate Fmp capsules layout.
+
+  Caution: This function may receive untrusted input.
+
+  This function assumes the caller validated the capsule by using
+  IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
+  The capsule buffer size is CapsuleHeader->CapsuleImageSize.
+
+  This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
+  and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
+
+  This function need support nested FMP capsule.
+
+  @param[in]   CapsuleHeader        Points to a capsule header.
+  @param[out]  EmbeddedDriverCount  The EmbeddedDriverCount in the FMP capsule.
+
+  @retval EFI_SUCESS             Input capsule is a correct FMP capsule.
+  @retval EFI_INVALID_PARAMETER  Input capsule is not a correct FMP capsule.
+**/
+EFI_STATUS
+ValidateFmpCapsule (
+  IN EFI_CAPSULE_HEADER *CapsuleHeader,
+  OUT UINT16            *EmbeddedDriverCount OPTIONAL
+  )
+{
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
+  UINT8                                        *EndOfCapsule;
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
+  UINT8                                        *EndOfPayload;
+  UINT64                                       *ItemOffsetList;
+  UINT32                                       ItemNum;
+  UINTN                                        Index;
+  UINTN                                        FmpCapsuleSize;
+  UINTN                                        FmpCapsuleHeaderSize;
+  UINT64                                       FmpImageSize;
+  UINTN                                        FmpImageHeaderSize;
+
+  if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
+    return ValidateFmpCapsule ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize), EmbeddedDriverCount);
+  }
+
+  if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
+    DEBUG((EFI_D_ERROR, "HeaderSize(0x%x) >= CapsuleImageSize(0x%x)\n", CapsuleHeader->HeaderSize, CapsuleHeader->CapsuleImageSize));
+    return EFI_INVALID_PARAMETER;
+  }
+
+  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *) CapsuleHeader + CapsuleHeader->HeaderSize);
+  EndOfCapsule     = (UINT8 *) CapsuleHeader + CapsuleHeader->CapsuleImageSize;
+  FmpCapsuleSize   = (UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader;
+
+  if (FmpCapsuleSize < sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER)) {
+    DEBUG((EFI_D_ERROR, "FmpCapsuleSize(0x%x) < EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER\n", FmpCapsuleSize));
+    return EFI_INVALID_PARAMETER;
+  }
+
+  // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
+  if (FmpCapsuleHeader->Version != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
+    DEBUG((EFI_D_ERROR, "FmpCapsuleHeader->Version(0x%x) != EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION\n", FmpCapsuleHeader->Version));
+    return EFI_INVALID_PARAMETER;
+  }
+  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
+
+  // No overflow
+  ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
+
+  if ((FmpCapsuleSize - sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER))/sizeof(UINT64) < ItemNum) {
+    DEBUG((EFI_D_ERROR, "ItemNum(0x%x) too big\n", ItemNum));
+    return EFI_INVALID_PARAMETER;
+  }
+  FmpCapsuleHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER) + sizeof(UINT64)*ItemNum;
+
+  // Check ItemOffsetList
+  for (Index = 0; Index < ItemNum; Index++) {
+    if (ItemOffsetList[Index] >= FmpCapsuleSize) {
+      DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) >= FmpCapsuleSize(0x%x)\n", Index, ItemOffsetList[Index], FmpCapsuleSize));
+      return EFI_INVALID_PARAMETER;
+    }
+    if (ItemOffsetList[Index] < FmpCapsuleHeaderSize) {
+      DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) < FmpCapsuleHeaderSize(0x%x)\n", Index, ItemOffsetList[Index], FmpCapsuleHeaderSize));
+      return EFI_INVALID_PARAMETER;
+    }
+    //
+    // All the address in ItemOffsetList must be stored in ascending order
+    //
+    if (Index > 0) {
+      if (ItemOffsetList[Index] <= ItemOffsetList[Index - 1]) {
+        DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) < ItemOffsetList[%d](0x%x)\n", Index, ItemOffsetList[Index], Index, ItemOffsetList[Index - 1]));
+        return EFI_INVALID_PARAMETER;
+      }
+    }
+  }
+
+  // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
+  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
+    ImageHeader  = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
+    if (Index == ItemNum - 1) {
+      EndOfPayload = (UINT8 *)((UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader);
+    } else {
+      EndOfPayload = (UINT8 *)(UINTN)ItemOffsetList[Index+1];
+    }
+    FmpImageSize = (UINTN)EndOfPayload - ItemOffsetList[Index];
+
+    if (FmpImageSize < OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance)) {
+      DEBUG((EFI_D_ERROR, "FmpImageSize(0x%lx) < EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER\n", FmpImageSize));
+      return EFI_INVALID_PARAMETER;
+    }
+    FmpImageHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER);
+    if ((ImageHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) ||
+        (ImageHeader->Version < 1)) {
+      DEBUG((EFI_D_ERROR, "ImageHeader->Version(0x%x) Unknown\n", ImageHeader->Version));
+      return EFI_INVALID_PARAMETER;
+    }
+    if (ImageHeader->Version < EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
+      FmpImageHeaderSize = OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
+    }
+
+    // No overflow
+    if (FmpImageSize != (UINT64)FmpImageHeaderSize + (UINT64)ImageHeader->UpdateImageSize + (UINT64)ImageHeader->UpdateVendorCodeSize) {
+      DEBUG((EFI_D_ERROR, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0x%x) UpdateVendorCodeSize(0x%x)\n", FmpImageSize, ImageHeader->UpdateImageSize, ImageHeader->UpdateVendorCodeSize));
+      return EFI_INVALID_PARAMETER;
+    }
+  }
+
+  if (ItemNum == 0) {
+    //
+    // No driver & payload element in FMP
+    //
+    EndOfPayload = (UINT8 *)(FmpCapsuleHeader + 1);
+    if (EndOfPayload != EndOfCapsule) {
+      DEBUG((EFI_D_ERROR, "EndOfPayload(0x%x) mismatch, EndOfCapsule(0x%x)\n", EndOfPayload, EndOfCapsule));
+      return EFI_INVALID_PARAMETER;
+    }
+    return EFI_UNSUPPORTED;
+  }
+
+  if (EmbeddedDriverCount != NULL) {
+    *EmbeddedDriverCount = FmpCapsuleHeader->EmbeddedDriverCount;
+  }
+
+  return EFI_SUCCESS;
+}
+
+/**
+  Convert a *.BMP graphics image to a GOP blt buffer. If a NULL Blt buffer
+  is passed in a GopBlt buffer will be allocated by this routine. If a GopBlt
+  buffer is passed in it will be used if it is big enough.
+
+  Caution: This function may receive untrusted input.
+
+  @param  BmpImage      Pointer to BMP file
+  @param  BmpImageSize  Number of bytes in BmpImage
+  @param  GopBlt        Buffer containing GOP version of BmpImage.
+  @param  GopBltSize    Size of GopBlt in bytes.
+  @param  PixelHeight   Height of GopBlt/BmpImage in pixels
+  @param  PixelWidth    Width of GopBlt/BmpImage in pixels
+
+  @retval EFI_SUCCESS           GopBlt and GopBltSize are returned.
+  @retval EFI_UNSUPPORTED       BmpImage is not a valid *.BMP image
+  @retval EFI_BUFFER_TOO_SMALL  The passed in GopBlt buffer is not big enough.
+                                GopBltSize will contain the required size.
+  @retval EFI_OUT_OF_RESOURCES  No enough buffer to allocate.
+
+**/
+STATIC
+EFI_STATUS
+ConvertBmpToGopBlt (
+  IN     VOID      *BmpImage,
+  IN     UINTN     BmpImageSize,
+  IN OUT VOID      **GopBlt,
+  IN OUT UINTN     *GopBltSize,
+     OUT UINTN     *PixelHeight,
+     OUT UINTN     *PixelWidth
+  )
+{
+  UINT8                         *Image;
+  UINT8                         *ImageHeader;
+  BMP_IMAGE_HEADER              *BmpHeader;
+  BMP_COLOR_MAP                 *BmpColorMap;
+  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer;
+  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
+  UINT64                        BltBufferSize;
+  UINTN                         Index;
+  UINTN                         Height;
+  UINTN                         Width;
+  UINTN                         ImageIndex;
+  UINT32                        DataSizePerLine;
+  BOOLEAN                       IsAllocated;
+  UINT32                        ColorMapNum;
+
+  if (sizeof (BMP_IMAGE_HEADER) > BmpImageSize) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  BmpHeader = (BMP_IMAGE_HEADER *) BmpImage;
+
+  if (BmpHeader->CharB != 'B' || BmpHeader->CharM != 'M') {
+    return EFI_UNSUPPORTED;
+  }
+
+  //
+  // Doesn't support compress.
+  //
+  if (BmpHeader->CompressionType != 0) {
+    return EFI_UNSUPPORTED;
+  }
+
+  //
+  // Only support BITMAPINFOHEADER format.
+  // BITMAPFILEHEADER + BITMAPINFOHEADER = BMP_IMAGE_HEADER
+  //
+  if (BmpHeader->HeaderSize != sizeof (BMP_IMAGE_HEADER) - OFFSET_OF(BMP_IMAGE_HEADER, HeaderSize)) {
+    return EFI_UNSUPPORTED;
+  }
+
+  //
+  // The data size in each line must be 4 byte alignment.
+  //
+  DataSizePerLine = ((BmpHeader->PixelWidth * BmpHeader->BitPerPixel + 31) >> 3) & (~0x3);
+  BltBufferSize = MultU64x32 (DataSizePerLine, BmpHeader->PixelHeight);
+  if (BltBufferSize > (UINT32) ~0) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  if ((BmpHeader->Size != BmpImageSize) ||
+      (BmpHeader->Size < BmpHeader->ImageOffset) ||
+      (BmpHeader->Size - BmpHeader->ImageOffset !=  BmpHeader->PixelHeight * DataSizePerLine)) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  //
+  // Calculate Color Map offset in the image.
+  //
+  Image       = BmpImage;
+  BmpColorMap = (BMP_COLOR_MAP *) (Image + sizeof (BMP_IMAGE_HEADER));
+  if (BmpHeader->ImageOffset < sizeof (BMP_IMAGE_HEADER)) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  if (BmpHeader->ImageOffset > sizeof (BMP_IMAGE_HEADER)) {
+    switch (BmpHeader->BitPerPixel) {
+      case 1:
+        ColorMapNum = 2;
+        break;
+      case 4:
+        ColorMapNum = 16;
+        break;
+      case 8:
+        ColorMapNum = 256;
+        break;
+      default:
+        ColorMapNum = 0;
+        break;
+      }
+    //
+    // BMP file may has padding data between the bmp header section and the bmp data section.
+    //
+    if (BmpHeader->ImageOffset - sizeof (BMP_IMAGE_HEADER) < sizeof (BMP_COLOR_MAP) * ColorMapNum) {
+      return EFI_INVALID_PARAMETER;
+    }
+  }
+
+  //
+  // Calculate graphics image data address in the image
+  //
+  Image         = ((UINT8 *) BmpImage) + BmpHeader->ImageOffset;
+  ImageHeader   = Image;
+
+  //
+  // Calculate the BltBuffer needed size.
+  //
+  BltBufferSize = MultU64x32 ((UINT64) BmpHeader->PixelWidth, BmpHeader->PixelHeight);
+  //
+  // Ensure the BltBufferSize * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL) doesn't overflow
+  //
+  if (BltBufferSize > DivU64x32 ((UINTN) ~0, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL))) {
+    return EFI_UNSUPPORTED;
+  }
+  BltBufferSize = MultU64x32 (BltBufferSize, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL));
+
+  IsAllocated   = FALSE;
+  if (*GopBlt == NULL) {
+    //
+    // GopBlt is not allocated by caller.
+    //
+    *GopBltSize = (UINTN) BltBufferSize;
+    *GopBlt     = AllocatePool (*GopBltSize);
+    IsAllocated = TRUE;
+    if (*GopBlt == NULL) {
+      return EFI_OUT_OF_RESOURCES;
+    }
+  } else {
+    //
+    // GopBlt has been allocated by caller.
+    //
+    if (*GopBltSize < (UINTN) BltBufferSize) {
+      *GopBltSize = (UINTN) BltBufferSize;
+      return EFI_BUFFER_TOO_SMALL;
+    }
+  }
+
+  *PixelWidth   = BmpHeader->PixelWidth;
+  *PixelHeight  = BmpHeader->PixelHeight;
+
+  //
+  // Convert image from BMP to Blt buffer format
+  //
+  BltBuffer = *GopBlt;
+  for (Height = 0; Height < BmpHeader->PixelHeight; Height++) {
+    Blt = &BltBuffer[(BmpHeader->PixelHeight - Height - 1) * BmpHeader->PixelWidth];
+    for (Width = 0; Width < BmpHeader->PixelWidth; Width++, Image++, Blt++) {
+      switch (BmpHeader->BitPerPixel) {
+      case 1:
+        //
+        // Convert 1-bit (2 colors) BMP to 24-bit color
+        //
+        for (Index = 0; Index < 8 && Width < BmpHeader->PixelWidth; Index++) {
+          Blt->Red    = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Red;
+          Blt->Green  = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Green;
+          Blt->Blue   = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Blue;
+          Blt++;
+          Width++;
+        }
+
+        Blt--;
+        Width--;
+        break;
+
+      case 4:
+        //
+        // Convert 4-bit (16 colors) BMP Palette to 24-bit color
+        //
+        Index       = (*Image) >> 4;
+        Blt->Red    = BmpColorMap[Index].Red;
+        Blt->Green  = BmpColorMap[Index].Green;
+        Blt->Blue   = BmpColorMap[Index].Blue;
+        if (Width < (BmpHeader->PixelWidth - 1)) {
+          Blt++;
+          Width++;
+          Index       = (*Image) & 0x0f;
+          Blt->Red    = BmpColorMap[Index].Red;
+          Blt->Green  = BmpColorMap[Index].Green;
+          Blt->Blue   = BmpColorMap[Index].Blue;
+        }
+        break;
+
+      case 8:
+        //
+        // Convert 8-bit (256 colors) BMP Palette to 24-bit color
+        //
+        Blt->Red    = BmpColorMap[*Image].Red;
+        Blt->Green  = BmpColorMap[*Image].Green;
+        Blt->Blue   = BmpColorMap[*Image].Blue;
+        break;
+
+      case 24:
+        //
+        // It is 24-bit BMP.
+        //
+        Blt->Blue   = *Image++;
+        Blt->Green  = *Image++;
+        Blt->Red    = *Image;
+        break;
+
+      case 32:
+        //
+        // it is 32-bit BMP. Skip pixel's highest byte
+        //
+        Blt->Blue  = *Image++;
+        Blt->Green = *Image++;
+        Blt->Red   = *Image++;
+        break;
+
+      default:
+        //
+        // Other bit format BMP is not supported.
+        //
+        if (IsAllocated) {
+          FreePool (*GopBlt);
+          *GopBlt = NULL;
+        }
+        return EFI_UNSUPPORTED;
+      };
+
+    }
+
+    ImageIndex = (UINTN) (Image - ImageHeader);
+    if ((ImageIndex % 4) != 0) {
+      //
+      // Bmp Image starts each row on a 32-bit boundary!
+      //
+      Image = Image + (4 - (ImageIndex % 4));
+    }
+  }
+
+  return EFI_SUCCESS;
+}
+
+
+/**
+  Those capsules supported by the firmwares.
+
+  Caution: This function may receive untrusted input.
+
+  @param  CapsuleHeader    Points to a capsule header.
+
+  @retval EFI_SUCESS       Input capsule is supported by firmware.
+  @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
+**/
+EFI_STATUS
+DisplayCapsuleImage (
+  IN EFI_CAPSULE_HEADER  *CapsuleHeader
+  )
+{
+  DISPLAY_DISPLAY_PAYLOAD       *ImagePayload;
+  UINTN                         PayloadSize;
+  EFI_STATUS                    Status;
+  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
+  UINTN                         BltSize;
+  UINTN                         Height;
+  UINTN                         Width;
+  EFI_GRAPHICS_OUTPUT_PROTOCOL  *GraphicsOutput;
+
+  ImagePayload = (DISPLAY_DISPLAY_PAYLOAD *)(CapsuleHeader + 1);
+  PayloadSize = (UINTN)(CapsuleHeader->CapsuleImageSize - sizeof(EFI_CAPSULE_HEADER));
+
+  if (ImagePayload->Version != 1) {
+    return EFI_UNSUPPORTED;
+  }
+  if (CalculateCheckSum8((UINT8 *)CapsuleHeader, CapsuleHeader->CapsuleImageSize) != 0) {
+    return EFI_UNSUPPORTED;
+  }
+  //
+  // Only Support Bitmap by now
+  //
+  if (ImagePayload->ImageType != 0) {
+    return EFI_UNSUPPORTED;
+  }
+
+  //
+  // Try to open GOP
+  //
+  Status = gBS->HandleProtocol (gST->ConsoleOutHandle, &gEfiGraphicsOutputProtocolGuid, (VOID **)&GraphicsOutput);
+  if (EFI_ERROR (Status)) {
+    Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&GraphicsOutput);
+    if (EFI_ERROR(Status)) {
+      return EFI_UNSUPPORTED;
+    }
+  }
+
+  if (GraphicsOutput->Mode->Mode != ImagePayload->Mode) {
+    return EFI_UNSUPPORTED;
+  }
+
+  Blt = NULL;
+  Width = 0;
+  Height = 0;
+  Status = ConvertBmpToGopBlt (
+             ImagePayload + 1,
+             PayloadSize - sizeof(DISPLAY_DISPLAY_PAYLOAD),
+             (VOID **)&Blt,
+             &BltSize,
+             &Height,
+             &Width
+             );
+
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  Status = GraphicsOutput->Blt (
+                             GraphicsOutput,
+                             Blt,
+                             EfiBltBufferToVideo,
+                             0,
+                             0,
+                             (UINTN) ImagePayload->OffsetX,
+                             (UINTN) ImagePayload->OffsetY,
+                             Width,
+                             Height,
+                             Width * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)
+                             );
+
+  FreePool(Blt);
+
+  return Status;
+}
+
+/**
+  Dump FMP information.
+
+  @param ImageInfoSize       The size of ImageInfo, in bytes.
+  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
+  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
+  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
+  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR, in bytes.
+  @param PackageVersion      The version of package.
+  @param PackageVersionName  The version name of package.
+**/
+VOID
+DumpFmpImageInfo(
+  IN UINTN                           ImageInfoSize,
+  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
+  IN UINT32                          DescriptorVersion,
+  IN UINT8                           DescriptorCount,
+  IN UINTN                           DescriptorSize,
+  IN UINT32                          PackageVersion,
+  IN CHAR16                          *PackageVersionName
+  )
+{
+  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
+  UINTN                                         Index;
+
+  DEBUG((DEBUG_VERBOSE, "  DescriptorVersion  - 0x%x\n", DescriptorVersion));
+  DEBUG((DEBUG_VERBOSE, "  DescriptorCount    - 0x%x\n", DescriptorCount));
+  DEBUG((DEBUG_VERBOSE, "  DescriptorSize     - 0x%x\n", DescriptorSize));
+  DEBUG((DEBUG_VERBOSE, "  PackageVersion     - 0x%x\n", PackageVersion));
+  DEBUG((DEBUG_VERBOSE, "  PackageVersionName - %s\n\n", PackageVersionName));
+  CurrentImageInfo = ImageInfo;
+  for (Index = 0; Index < DescriptorCount; Index++) {
+    DEBUG((DEBUG_VERBOSE, "  ImageDescriptor (%d)\n", Index));
+    DEBUG((DEBUG_VERBOSE, "    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex));
+    DEBUG((DEBUG_VERBOSE, "    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId));
+    DEBUG((DEBUG_VERBOSE, "    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId));
+    DEBUG((DEBUG_VERBOSE, "    ImageIdName                 - %s\n", CurrentImageInfo->ImageIdName));
+    DEBUG((DEBUG_VERBOSE, "    Version                     - 0x%x\n", CurrentImageInfo->Version));
+    DEBUG((DEBUG_VERBOSE, "    VersionName                 - %s\n", CurrentImageInfo->VersionName));
+    DEBUG((DEBUG_VERBOSE, "    Size                        - 0x%x\n", CurrentImageInfo->Size));
+    DEBUG((DEBUG_VERBOSE, "    AttributesSupported         - 0x%lx\n", CurrentImageInfo->AttributesSupported));
+    DEBUG((DEBUG_VERBOSE, "    AttributesSetting           - 0x%lx\n", CurrentImageInfo->AttributesSetting));
+    DEBUG((DEBUG_VERBOSE, "    Compatibilities             - 0x%lx\n", CurrentImageInfo->Compatibilities));
+    if (DescriptorVersion > 1) {
+      DEBUG((DEBUG_VERBOSE, "    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo->LowestSupportedImageVersion));
+      if (DescriptorVersion > 2) {
+        DEBUG((DEBUG_VERBOSE, "    LastAttemptVersion          - 0x%x\n", CurrentImageInfo->LastAttemptVersion));
+        DEBUG((DEBUG_VERBOSE, "    LastAttemptStatus           - 0x%x\n", CurrentImageInfo->LastAttemptStatus));
+        DEBUG((DEBUG_VERBOSE, "    HardwareInstance            - 0x%lx\n", CurrentImageInfo->HardwareInstance));
+      }
+    }
+    //
+    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different ImageInfo version
+    //
+    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo + DescriptorSize);
+  }
+}
+
+/**
+  Dump a non-nested FMP capsule.
+
+  @param  CapsuleHeader  A pointer to CapsuleHeader
+**/
+VOID
+DumpFmpCapsule(
+  IN EFI_CAPSULE_HEADER                *CapsuleHeader
+  )
+{
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *ImageHeader;
+  UINTN                                         Index;
+  UINT64                                        *ItemOffsetList;
+
+  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
+
+  DEBUG((DEBUG_VERBOSE, "FmpCapsule:\n"));
+  DEBUG((DEBUG_VERBOSE, "  Version                - 0x%x\n", FmpCapsuleHeader->Version));
+  DEBUG((DEBUG_VERBOSE, "  EmbeddedDriverCount    - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount));
+  DEBUG((DEBUG_VERBOSE, "  PayloadItemCount       - 0x%x\n", FmpCapsuleHeader->PayloadItemCount));
+
+  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
+  for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
+    DEBUG((DEBUG_VERBOSE, "  ItemOffsetList[%d]      - 0x%lx\n", Index, ItemOffsetList[Index]));
+  }
+  for (; Index < (UINTN)(FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount); Index++) {
+    DEBUG((DEBUG_VERBOSE, "  ItemOffsetList[%d]      - 0x%lx\n", Index, ItemOffsetList[Index]));
+    ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
+
+    DEBUG((DEBUG_VERBOSE, "  ImageHeader:\n"));
+    DEBUG((DEBUG_VERBOSE, "    Version                - 0x%x\n", ImageHeader->Version));
+    DEBUG((DEBUG_VERBOSE, "    UpdateImageTypeId      - %g\n", &ImageHeader->UpdateImageTypeId));
+    DEBUG((DEBUG_VERBOSE, "    UpdateImageIndex       - 0x%x\n", ImageHeader->UpdateImageIndex));
+    DEBUG((DEBUG_VERBOSE, "    UpdateImageSize        - 0x%x\n", ImageHeader->UpdateImageSize));
+    DEBUG((DEBUG_VERBOSE, "    UpdateVendorCodeSize   - 0x%x\n", ImageHeader->UpdateVendorCodeSize));
+    if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
+      DEBUG((DEBUG_VERBOSE, "    UpdateHardwareInstance - 0x%lx\n", ImageHeader->UpdateHardwareInstance));
+    }
+  }
+}
+
+/**
+  Process Firmware management protocol data capsule.
+
+  This function assumes the caller validated the capsule by using
+  ValidateFmpCapsule(), so that all fields in EFI_CAPSULE_HEADER,
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are correct.
+
+  This function need support nested FMP capsule.
+
+  @param  CapsuleHeader         Points to a capsule header.
+  @param  AreAllImagesProcessed If all the FMP images in the capsule are processed.
+
+  @retval EFI_SUCESS            Process Capsule Image successfully.
+  @retval EFI_UNSUPPORTED       Capsule image is not supported by the firmware.
+  @retval EFI_VOLUME_CORRUPTED  FV volume in the capsule is corrupted.
+  @retval EFI_OUT_OF_RESOURCES  Not enough memory.
+**/
+EFI_STATUS
+ProcessFmpCapsuleImage (
+  IN EFI_CAPSULE_HEADER *CapsuleHeader,
+  OUT BOOLEAN           *AreAllImagesProcessed
+  )
+{
+  EFI_STATUS                                    Status;
+  EFI_STATUS                                    StatusEsrt;
+  EFI_STATUS                                    StatusRet;
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *ImageHeader;
+  UINT8                                         *Image;
+  EFI_HANDLE                                    ImageHandle;
+  UINT64                                        *ItemOffsetList;
+  UINT32                                        ItemNum;
+  UINTN                                         Index;
+  UINTN                                         ExitDataSize;
+  EFI_HANDLE                                    *HandleBuffer;
+  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
+  UINTN                                         NumberOfHandles;
+  UINTN                                         DescriptorSize;
+  UINT8                                         FmpImageInfoCount;
+  UINT32                                        FmpImageInfoDescriptorVer;
+  UINTN                                         ImageInfoSize;
+  UINT32                                        PackageVersion;
+  CHAR16                                        *PackageVersionName;
+  CHAR16                                        *AbortReason;
+  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
+  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *TempFmpImageInfo;
+  UINTN                                         DriverLen;
+  UINTN                                         Index1;
+  UINTN                                         Index2;
+  MEMMAP_DEVICE_PATH                            MemMapNode;
+  EFI_DEVICE_PATH_PROTOCOL                      *DriverDevicePath;
+  ESRT_MANAGEMENT_PROTOCOL                      *EsrtProtocol;
+  EFI_SYSTEM_RESOURCE_ENTRY                     EsrtEntry;
+  VOID                                          *VendorCode;
+
+  if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
+    return ProcessFmpCapsuleImage ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize), AreAllImagesProcessed);
+  }
+
+  ASSERT(AreAllImagesProcessed != NULL);
+
+  Status           = EFI_SUCCESS;
+  StatusRet        = EFI_NOT_FOUND;
+  HandleBuffer     = NULL;
+  ExitDataSize     = 0;
+  DriverDevicePath = NULL;
+  EsrtProtocol     = NULL;
+  *AreAllImagesProcessed = FALSE;
+
+  DumpFmpCapsule(CapsuleHeader);
+
+  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *) CapsuleHeader + CapsuleHeader->HeaderSize);
+
+  if (FmpCapsuleHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
+    return EFI_INVALID_PARAMETER;
+  }
+  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
+
+  ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
+
+  //
+  // capsule in which driver count and payload count are both zero is not processed.
+  //
+  if (ItemNum == 0) {
+    *AreAllImagesProcessed = TRUE;
+    return EFI_SUCCESS;
+  }
+
+  //
+  // Update corresponding ESRT entry LastAttemp Status
+  //
+  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtProtocol);
+  if (EFI_ERROR (Status)) {
+    EsrtProtocol = NULL;
+  }
+
+  //
+  // 1. Try to load & start all the drivers within capsule
+  //
+  SetDevicePathNodeLength (&MemMapNode.Header, sizeof (MemMapNode));
+  MemMapNode.Header.Type     = HARDWARE_DEVICE_PATH;
+  MemMapNode.Header.SubType  = HW_MEMMAP_DP;
+  MemMapNode.MemoryType      = EfiBootServicesCode;
+  MemMapNode.StartingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)CapsuleHeader;
+  MemMapNode.EndingAddress   = (EFI_PHYSICAL_ADDRESS)(UINTN)((UINT8 *)CapsuleHeader + CapsuleHeader->CapsuleImageSize - 1);
+
+  DriverDevicePath = AppendDevicePathNode (NULL, &MemMapNode.Header);
+  if (DriverDevicePath == NULL) {
+    return EFI_OUT_OF_RESOURCES;
+  }
+
+  for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
+    if (FmpCapsuleHeader->PayloadItemCount == 0 && Index == (UINTN)FmpCapsuleHeader->EmbeddedDriverCount - 1) {
+      //
+      // When driver is last element in the ItemOffsetList array, the driver size is calculated by reference CapsuleImageSize in EFI_CAPSULE_HEADER
+      //
+      DriverLen = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize - (UINTN)ItemOffsetList[Index];
+    } else {
+      DriverLen = (UINTN)ItemOffsetList[Index + 1] - (UINTN)ItemOffsetList[Index];
+    }
+
+    DEBUG((EFI_D_INFO, "FmpCapsule: LoadImage ...\n"));
+    Status = gBS->LoadImage(
+                    FALSE,
+                    gImageHandle,
+                    DriverDevicePath,
+                    (UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index],
+                    DriverLen,
+                    &ImageHandle
+                    );
+    DEBUG((EFI_D_INFO, "FmpCapsule: LoadImage - %r\n", Status));
+    if (EFI_ERROR(Status)) {
+      StatusRet = Status;
+      goto EXIT;
+    }
+
+    DEBUG((EFI_D_INFO, "FmpCapsule: StartImage ...\n"));
+    Status = gBS->StartImage(
+                    ImageHandle,
+                    &ExitDataSize,
+                    NULL
+                    );
+    DEBUG((EFI_D_INFO, "FmpCapsule: StartImage - %r\n", Status));
+    if (EFI_ERROR(Status)) {
+      DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
+      StatusRet = Status;
+      goto EXIT;
+    }
+  }
+
+  //
+  // 2. Route payload to right FMP instance
+  //
+  DEBUG((EFI_D_INFO, "FmpCapsule: route payload to right FMP instance ...\n"));
+
+  Status = gBS->LocateHandleBuffer (
+                  ByProtocol,
+                  &gEfiFirmwareManagementProtocolGuid,
+                  NULL,
+                  &NumberOfHandles,
+                  &HandleBuffer
+                  );
+
+  if (!EFI_ERROR(Status)) {
+    for(Index1 = 0; Index1 < NumberOfHandles; Index1++) {
+      Status = gBS->HandleProtocol(
+                      HandleBuffer[Index1],
+                      &gEfiFirmwareManagementProtocolGuid,
+                      (VOID **)&Fmp
+                      );
+      if (EFI_ERROR(Status)) {
+        continue;
+      }
+
+      ImageInfoSize = 0;
+      Status = Fmp->GetImageInfo (
+                      Fmp,
+                      &ImageInfoSize,
+                      NULL,
+                      NULL,
+                      NULL,
+                      NULL,
+                      NULL,
+                      NULL
+                      );
+      if (Status != EFI_BUFFER_TOO_SMALL) {
+        continue;
+      }
+
+      FmpImageInfoBuf = NULL;
+      FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
+      if (FmpImageInfoBuf == NULL) {
+        StatusRet = EFI_OUT_OF_RESOURCES;
+        goto EXIT;
+      }
+
+      PackageVersionName = NULL;
+      Status = Fmp->GetImageInfo (
+                      Fmp,
+                      &ImageInfoSize,               // ImageInfoSize
+                      FmpImageInfoBuf,              // ImageInfo
+                      &FmpImageInfoDescriptorVer,   // DescriptorVersion
+                      &FmpImageInfoCount,           // DescriptorCount
+                      &DescriptorSize,              // DescriptorSize
+                      &PackageVersion,              // PackageVersion
+                      &PackageVersionName           // PackageVersionName
+                      );
+
+      //
+      // If FMP GetInformation interface failed, skip this resource
+      //
+      if (EFI_ERROR(Status)) {
+        FreePool(FmpImageInfoBuf);
+        continue;
+      }
+
+      DEBUG((EFI_D_INFO, "FMP (%d) ImageInfo:\n", Index));
+      DumpFmpImageInfo(
+        ImageInfoSize,               // ImageInfoSize
+        FmpImageInfoBuf,             // ImageInfo
+        FmpImageInfoDescriptorVer,   // DescriptorVersion
+        FmpImageInfoCount,           // DescriptorCount
+        DescriptorSize,              // DescriptorSize
+        PackageVersion,              // PackageVersion
+        PackageVersionName           // PackageVersionName
+        );
+
+      if (PackageVersionName != NULL) {
+        FreePool(PackageVersionName);
+      }
+
+      TempFmpImageInfo = FmpImageInfoBuf;
+      for (Index2 = 0; Index2 < FmpImageInfoCount; Index2++) {
+        //
+        // Check all the payload entry in capsule payload list
+        //
+        for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
+          ImageHeader  = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
+
+          if (IsFmpCapsuleProcessed(CapsuleHeader, Index - FmpCapsuleHeader->EmbeddedDriverCount, ImageHeader)) {
+            DEBUG((EFI_D_INFO, "FMP Capsule already processed (%g):", CapsuleHeader));
+            DEBUG((EFI_D_INFO, "ImageTypeId - %g, ", ImageHeader->UpdateImageTypeId));
+            DEBUG((EFI_D_INFO, "PayloadIndex - 0x%x, ImageIndex - 0x%x\n", Index - FmpCapsuleHeader->EmbeddedDriverCount, ImageHeader->UpdateImageIndex));
+            continue;
+          }
+
+          if (CompareGuid(&ImageHeader->UpdateImageTypeId, &TempFmpImageInfo->ImageTypeId) &&
+              ImageHeader->UpdateImageIndex == TempFmpImageInfo->ImageIndex) {
+            AbortReason = NULL;
+            if (ImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
+              if(ImageHeader->UpdateHardwareInstance != 0){
+                //
+                // FMP Version is >=2 & UpdateHardwareInstance Skip 2 case
+                //  1. FMP Image info Version < 3
+                //  2. HardwareInstance doesn't match
+                //
+                if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION ||
+                   ImageHeader->UpdateHardwareInstance != TempFmpImageInfo->HardwareInstance) {
+                  continue;
+                }
+              }
+              Image = (UINT8 *)(ImageHeader + 1);
+            } else {
+              //
+              // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1, only match ImageTypeId.
+              // Header should exclude UpdateHardwareInstance field
+              //
+              Image = (UINT8 *)ImageHeader + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
+            }
+
+            if (ImageHeader->UpdateVendorCodeSize == 0) {
+              VendorCode = NULL;
+            } else {
+              VendorCode = Image + ImageHeader->UpdateImageSize;
+            }
+            DEBUG((EFI_D_INFO, "Fmp->SetImage ...\n"));
+            Status = Fmp->SetImage(
+                            Fmp,
+                            ImageHeader->UpdateImageIndex,          // ImageIndex
+                            Image,                                  // Image
+                            ImageHeader->UpdateImageSize,           // ImageSize
+                            VendorCode,                                   // VendorCode
+                            Update_Image_Progress,                  // Progress
+                            &AbortReason                            // AbortReason
+                            );
+            DEBUG((EFI_D_INFO, "Fmp->SetImage - %r\n", Status));
+            if (AbortReason != NULL) {
+              DEBUG ((EFI_D_ERROR, "%s\n", AbortReason));
+              FreePool(AbortReason);
+            }
+            RecordFmpCapsuleStatusVariable(
+              CapsuleHeader,                                 // CapsuleGuid
+              Status,                                        // CapsuleStatus
+              Index - FmpCapsuleHeader->EmbeddedDriverCount, // PayloadIndex
+              ImageHeader                                    // ImageHeader
+              );
+            if (StatusRet != EFI_SUCCESS) {
+              StatusRet = Status;
+            }
+            //
+            // Update EsrtEntry For V1, V2 FMP instance. V3 FMP ESRT cache will be synced up through EsrtSyncFmp interface
+            //
+            if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION && EsrtProtocol != NULL) {
+               StatusEsrt = EsrtProtocol->GetEsrtEntry(&TempFmpImageInfo->ImageTypeId, &EsrtEntry);
+               if (!EFI_ERROR(StatusEsrt)){
+                 if (!EFI_ERROR(Status)) {
+                   EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
+                 } else {
+                   EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
+                 }
+                 EsrtEntry.LastAttemptVersion = 0;
+                 EsrtProtocol->UpdateEsrtEntry(&EsrtEntry);
+               }
+             }
+          }
+        }
+        //
+        // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different ImageInfo version
+        //
+        TempFmpImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)TempFmpImageInfo + DescriptorSize);
+      }
+      FreePool(FmpImageInfoBuf);
+    }
+  }
+
+  //
+  // final check for AreAllImagesProcessed
+  //
+  *AreAllImagesProcessed = TRUE;
+  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
+    ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
+
+    if (!IsFmpCapsuleProcessed(CapsuleHeader, Index - FmpCapsuleHeader->EmbeddedDriverCount, ImageHeader)) {
+      *AreAllImagesProcessed = FALSE;
+      break;
+    }
+  }
+
+EXIT:
+
+  if (HandleBuffer != NULL) {
+    FreePool(HandleBuffer);
+  }
+
+  if (DriverDevicePath != NULL) {
+    FreePool(DriverDevicePath);
+  }
+
+  return StatusRet;
+}
+
+/**
+  Return if there is a FMP header below capsule header.
+
+  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
+
+  @retval TRUE  There is a FMP header below capsule header.
+  @retval FALSE There is not a FMP header below capsule header
+**/
+BOOLEAN
+IsNestedFmpCapsule(
+  IN EFI_CAPSULE_HEADER         *CapsuleHeader
+  )
+{
+  EFI_STATUS                 Status;
+  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
+  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
+  UINTN                      Index;
+  BOOLEAN                    EsrtGuidFound;
+  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
+  UINTN                      NestedCapsuleSize;
+  ESRT_MANAGEMENT_PROTOCOL   *EsrtProtocol;
+  EFI_SYSTEM_RESOURCE_ENTRY  Entry;
+
+  EsrtGuidFound = FALSE;
+
+  //
+  // Check ESRT protocol
+  //
+  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtProtocol);
+  if (!EFI_ERROR(Status)) {
+    Status = EsrtProtocol->GetEsrtEntry(&CapsuleHeader->CapsuleGuid, &Entry);
+    if (!EFI_ERROR(Status)) {
+      EsrtGuidFound = TRUE;
+    }
+  }
+
+  //
+  // Check ESRT configuration table
+  //
+  if (!EsrtGuidFound) {
+    Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID **)&Esrt);
+    if (!EFI_ERROR(Status)) {
+      EsrtEntry = (VOID *)(Esrt + 1);
+      for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
+        if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
+          EsrtGuidFound = TRUE;
+          break;
+        }
+      }
+    }
+  }
+  if (!EsrtGuidFound) {
+    return FALSE;
+  }
+
+  //
+  // Check nested capsule header
+  // FMP GUID after ESRT one
+  //
+  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
+  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->CapsuleImageSize - (UINTN)NestedCapsuleHeader;
+  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
+    return FALSE;
+  }
+  if (!IsValidCapsuleHeader(NestedCapsuleHeader, NestedCapsuleSize)) {
+    return FALSE;
+  }
+  if (!IsFmpCapsuleGuid(&NestedCapsuleHeader->CapsuleGuid)) {
+    return FALSE;
+  }
+  DEBUG ((EFI_D_INFO, "IsNestedFmpCapsule\n"));
+  return TRUE;
+}
+
+/**
+  Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
+
+  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
+
+  @retval TRUE  It is a system FMP.
+  @retval FALSE It is a device FMP.
+**/
+BOOLEAN
+IsFmpCapsule(
+  IN EFI_CAPSULE_HEADER         *CapsuleHeader
+  )
+{
+  if (IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
+    return TRUE;
+  }
+  if (IsNestedFmpCapsule(CapsuleHeader)) {
+    return TRUE;
+  }
+  return FALSE;
+}
+
+/**
+  Those capsules supported by the firmwares.
+
+  Caution: This function may receive untrusted input.
+
+  @param  CapsuleHeader    Points to a capsule header.
+
+  @retval EFI_SUCESS       Input capsule is supported by firmware.
+  @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
+  @retval EFI_INVALID_PARAMETER Input capsule layout is not correct
+**/
+EFI_STATUS
+EFIAPI
+SupportCapsuleImage (
+  IN EFI_CAPSULE_HEADER *CapsuleHeader
+  )
+{
+  //
+  // check Display Capsule Guid
+  //
+  if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
+    return EFI_SUCCESS;
+  }
+
+  if (IsFmpCapsule(CapsuleHeader)) {
+    //
+    // Check layout of FMP capsule
+    //
+    return ValidateFmpCapsule(CapsuleHeader, NULL);
+  }
+  DEBUG((EFI_D_ERROR, "Unknown Capsule Guid - %g\n", &CapsuleHeader->CapsuleGuid));
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  The firmware implements to process the capsule image.
+
+  Caution: This function may receive untrusted input.
+
+  @param  CapsuleHeader         Points to a capsule header.
+
+  @retval EFI_SUCESS            Process Capsule Image successfully.
+  @retval EFI_UNSUPPORTED       Capsule image is not supported by the firmware.
+  @retval EFI_VOLUME_CORRUPTED  FV volume in the capsule is corrupted.
+  @retval EFI_OUT_OF_RESOURCES  Not enough memory.
+**/
+EFI_STATUS
+EFIAPI
+ProcessCapsuleImage (
+  IN EFI_CAPSULE_HEADER *CapsuleHeader
+  )
+{
+  EFI_STATUS                   Status;
+  BOOLEAN                      AreAllImagesProcessed;
+
+  if (SupportCapsuleImage (CapsuleHeader) != EFI_SUCCESS) {
+    return EFI_UNSUPPORTED;
+  }
+
+  //
+  // Display image in firmware update display capsule
+  //
+  if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
+    DEBUG((EFI_D_INFO, "ProcessCapsuleImage for WindowsUxCapsule ...\n"));
+    Status = DisplayCapsuleImage(CapsuleHeader);
+    RecordCapsuleStatusVariable(CapsuleHeader, Status);
+    return Status;
+  }
+
+  //
+  // Check FMP capsule layout
+  //
+  if (IsFmpCapsule (CapsuleHeader)) {
+    DEBUG((EFI_D_INFO, "ProcessCapsuleImage for FmpCapsule ...\n"));
+    DEBUG((EFI_D_INFO, "ValidateFmpCapsule ...\n"));
+    Status = ValidateFmpCapsule(CapsuleHeader, NULL);
+    DEBUG((EFI_D_INFO, "ValidateFmpCapsule - %r\n", Status));
+    if (EFI_ERROR(Status)) {
+      return Status;
+    }
+
+    //
+    // Press EFI FMP Capsule
+    //
+    DEBUG((EFI_D_INFO, "ProcessFmpCapsuleImage ...\n"));
+    Status = ProcessFmpCapsuleImage(CapsuleHeader, &AreAllImagesProcessed);
+    DEBUG((EFI_D_INFO, "ProcessFmpCapsuleImage - %r\n", Status));
+
+    if (!AreAllImagesProcessed) {
+      mAreAllImagesProcessed = FALSE;
+    }
+
+    return Status;
+  }
+
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Callback function executed when the EndOfDxe event group is signaled.
+
+  @param[in] Event      Event whose notification function is being invoked.
+  @param[in] Context    The pointer to the notification function's context, which
+                        is implementation-dependent.
+**/
+VOID
+EFIAPI
+DxeCapsuleLibEndOfDxe(
+  IN EFI_EVENT  Event,
+  IN VOID       *Context
+  )
+{
+  mDxeCapsuleLibEndOfDxe = TRUE;
+}
+
+/**
+  The constructor function.
+
+  @param  ImageHandle   The firmware allocated handle for the EFI image.
+  @param  SystemTable   A pointer to the EFI System Table.
+
+  @retval EFI_SUCCESS   The constructor successfully .
+**/
+EFI_STATUS
+EFIAPI
+DxeCapsuleLibConstructor(
+  IN EFI_HANDLE         ImageHandle,
+  IN EFI_SYSTEM_TABLE   *SystemTable
+  )
+{
+  EFI_EVENT     EndOfDxeEvent;
+  EFI_STATUS    Status;
+
+  Status = gBS->CreateEventEx (
+                  EVT_NOTIFY_SIGNAL,
+                  TPL_CALLBACK,
+                  DxeCapsuleLibEndOfDxe,
+                  NULL,
+                  &gEfiEndOfDxeEventGroupGuid,
+                  &EndOfDxeEvent
+                  );
+  ASSERT_EFI_ERROR (Status);
+
+  InitCapsuleVariable();
+
+  return EFI_SUCCESS;
+}
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
new file mode 100644
index 0000000..5e437dc
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
@@ -0,0 +1,80 @@
+## @file
+#  Capsule library instance for DXE_DRIVER.
+#
+#  Capsule library instance for DXE_DRIVER module types.
+#
+#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = DxeCapsuleLib
+  MODULE_UNI_FILE                = DxeCapsuleLib.uni
+  FILE_GUID                      = 534E35DE-8EB3-47b3-A4E0-72A571E50733
+  MODULE_TYPE                    = DXE_DRIVER
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = CapsuleLib|DXE_DRIVER UEFI_APPLICATION
+  CONSTRUCTOR                    = DxeCapsuleLibConstructor
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
+#
+
+[Sources]
+  DxeCapsuleLib.c
+  DxeCapsuleProcessLib.c
+  DxeCapsuleReportLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  DxeServicesTableLib
+  UefiBootServicesTableLib
+  DevicePathLib
+  ReportStatusCodeLib
+  PrintLib
+  HobLib
+
+[Pcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag      ## CONSUMES
+
+  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule                ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin    ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd      ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware        ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess   ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed    ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem         ## CONSUMES
+
+[Protocols]
+  gEsrtManagementProtocolGuid             ## CONSUMES
+  gEfiFirmwareManagementProtocolGuid      ## SOMETIMES_CONSUMES
+  gEdkiiVariableLockProtocolGuid          ## SOMETIMES_CONSUMES
+
+[Guids]
+  gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
+  gWindowsUxCapsuleGuid                   ## SOMETIMES_CONSUMES ## GUID
+  gEfiSystemResourceTableGuid             ## SOMETIMES_CONSUMES ## GUID
+  gEfiCapsuleReportGuid                   ## CONSUMES ## Variable
+  gEfiCapsuleVendorGuid                   ## CONSUMES ## Variable
+  gEfiEndOfDxeEventGroupGuid              ## CONSUMES ## Event
+
+[Depex]
+  gEfiVariableWriteArchProtocolGuid
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
new file mode 100644
index 0000000..05a80d0
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
@@ -0,0 +1,22 @@
+// /** @file
+// Capsule library instance for DXE_DRIVER.
+//
+// Capsule library instance for DXE_DRIVER module types.
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution.  The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "Capsule Support Library"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "Capsule library instance for DXE_DRIVER module types."
+
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
new file mode 100644
index 0000000..c84cd3e
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
@@ -0,0 +1,486 @@
+/** @file
+  DXE capsule process.
+
+  Caution: This module requires additional review when modified.
+  This module will have external input - capsule image.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  ProcessCapsules(), ProcessTheseCapsules() will receive untrusted
+  input and do basic validation.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+#include <Protocol/EsrtManagement.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PcdLib.h>
+#include <Library/HobLib.h>
+#include <Library/ReportStatusCodeLib.h>
+#include <Library/CapsuleLib.h>
+
+#include <IndustryStandard/WindowsUxCapsule.h>
+
+/**
+  Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
+
+  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
+
+  @retval TRUE  It is a system FMP.
+  @retval FALSE It is a device FMP.
+**/
+BOOLEAN
+IsFmpCapsule(
+  IN EFI_CAPSULE_HEADER *CapsuleHeader
+  );
+
+/**
+  Validate Fmp capsules layout.
+
+  Caution: This function may receive untrusted input.
+
+  This function assumes the caller validated the capsule by using
+  IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
+  The capsule buffer size is CapsuleHeader->CapsuleImageSize.
+
+  This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
+  and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
+
+  This function need support nested FMP capsule.
+
+  @param[in]   CapsuleHeader        Points to a capsule header.
+  @param[out]  EmbeddedDriverCount  The EmbeddedDriverCount in the FMP capsule.
+
+  @retval EFI_SUCESS             Input capsule is a correct FMP capsule.
+  @retval EFI_INVALID_PARAMETER  Input capsule is not a correct FMP capsule.
+**/
+EFI_STATUS
+ValidateFmpCapsule(
+  IN EFI_CAPSULE_HEADER *CapsuleHeader,
+  OUT UINT16            *EmbeddedDriverCount OPTIONAL
+  );
+
+/**
+  Validate if it is valid capsule header
+
+  This function assumes the caller provided correct CapsuleHeader pointer
+  and CapsuleSize.
+
+  This function validates the fields in EFI_CAPSULE_HEADER.
+
+  @param  CapsuleHeader    Points to a capsule header.
+  @param  CapsuleSize      Size of the whole capsule image.
+
+**/
+BOOLEAN
+IsValidCapsuleHeader(
+  IN EFI_CAPSULE_HEADER  *CapsuleHeader,
+  IN UINT64              CapsuleSize
+  );
+
+extern BOOLEAN                   mDxeCapsuleLibEndOfDxe;
+BOOLEAN                          mNeedReset;
+BOOLEAN                          mAreAllImagesProcessed;
+
+/**
+
+  This routine is called to process capsules.
+
+  Caution: This function may receive untrusted input.
+
+  Each individual capsule result is recorded in capsule record variable.
+
+  @param  NeedBlockDriver         TRUE: Need skip the FMP capsules with non zero EmbeddedDriverCount.
+                                  FALSE: No need to skip any FMP capsules.
+
+  @retval EFI_SUCCESS             There is no error when processing capsules.
+  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
+
+**/
+EFI_STATUS
+ProcessTheseCapsules (
+  IN BOOLEAN  NeedBlockDriver
+  )
+{
+  EFI_STATUS                  Status;
+  EFI_PEI_HOB_POINTERS        HobPointer;
+  EFI_CAPSULE_HEADER          *CapsuleHeader;
+  UINT32                      Size;
+  UINT32                      CapsuleNumber;
+  UINT32                      CapsuleTotalNumber;
+  EFI_CAPSULE_TABLE           *CapsuleTable;
+  UINT32                      Index;
+  UINT32                      CacheIndex;
+  UINT32                      CacheNumber;
+  VOID                        **CapsulePtr;
+  VOID                        **CapsulePtrCache;
+  EFI_GUID                    *CapsuleGuidCache;
+  EFI_STATUS                  *CapsuleStatusArray;
+  BOOLEAN                     DisplayCapsuleExist;
+  ESRT_MANAGEMENT_PROTOCOL    *EsrtManagement;
+  UINT16                      EmbeddedDriverCount;
+
+  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) | PcdGet32(PcdCapsuleStatusCodeProcessCapsulesBegin)));
+
+  CapsuleNumber       = 0;
+  CapsuleTotalNumber  = 0;
+  CacheIndex          = 0;
+  CacheNumber         = 0;
+  CapsulePtr          = NULL;
+  CapsulePtrCache     = NULL;
+  CapsuleGuidCache    = NULL;
+  DisplayCapsuleExist = FALSE;
+  EsrtManagement      = NULL;
+
+  Status = EFI_SUCCESS;
+  //
+  // Find all capsule images from hob
+  //
+  HobPointer.Raw = GetHobList ();
+  while ((HobPointer.Raw = GetNextHob (EFI_HOB_TYPE_UEFI_CAPSULE, HobPointer.Raw)) != NULL) {
+    if (!IsValidCapsuleHeader((VOID *)(UINTN)HobPointer.Capsule->BaseAddress, HobPointer.Capsule->Length)) {
+      HobPointer.Header->HobType = EFI_HOB_TYPE_UNUSED; // Mark this hob as invalid
+    } else {
+      CapsuleTotalNumber++;
+    }
+    HobPointer.Raw = GET_NEXT_HOB (HobPointer);
+  }
+
+  if (CapsuleTotalNumber == 0) {
+    //
+    // We didn't find a hob, so had no errors.
+    //
+    DEBUG ((EFI_D_ERROR, "We can not find capsule data in capsule update boot mode.\n"));
+    Status = EFI_SUCCESS;
+    goto Done;
+  }
+
+  //
+  // Init temp Capsule Data table.
+  //
+  CapsulePtr       = (VOID **) AllocateZeroPool (sizeof (VOID *) * CapsuleTotalNumber);
+  ASSERT (CapsulePtr != NULL);
+  if (CapsulePtr == NULL) {
+    Status = EFI_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CapsulePtrCache  = (VOID **) AllocateZeroPool (sizeof (VOID *) * CapsuleTotalNumber);
+  ASSERT (CapsulePtrCache != NULL);
+  if (CapsulePtrCache == NULL) {
+    Status = EFI_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CapsuleGuidCache = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID) * CapsuleTotalNumber);
+  ASSERT (CapsuleGuidCache != NULL);
+  if (CapsuleGuidCache == NULL) {
+    Status = EFI_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CapsuleStatusArray = (EFI_STATUS *) AllocateZeroPool (sizeof (EFI_STATUS) * CapsuleTotalNumber);
+  ASSERT (CapsuleStatusArray != NULL);
+  if (CapsuleStatusArray == NULL) {
+    Status = EFI_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  //
+  // Find all capsule images from hob
+  //
+  HobPointer.Raw = GetHobList ();
+  while ((HobPointer.Raw = GetNextHob (EFI_HOB_TYPE_UEFI_CAPSULE, HobPointer.Raw)) != NULL) {
+    CapsulePtr [CapsuleNumber++] = (VOID *) (UINTN) HobPointer.Capsule->BaseAddress;
+    HobPointer.Raw = GET_NEXT_HOB (HobPointer);
+  }
+
+  //
+  // Check the capsule flags,if contains CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE, install
+  // capsuleTable to configure table with EFI_CAPSULE_GUID
+  //
+
+  //
+  // Capsules who have CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE always are used for operating
+  // System to have information persist across a system reset. EFI System Table must
+  // point to an array of capsules that contains the same CapsuleGuid value. And agents
+  // searching for this type capsule will look in EFI System Table and search for the
+  // capsule's Guid and associated pointer to retrieve the data. Two steps below describes
+  // how to sorting the capsules by the unique guid and install the array to EFI System Table.
+  // Firstly, Loop for all coalesced capsules, record unique CapsuleGuids and cache them in an
+  // array for later sorting capsules by CapsuleGuid.
+  //
+  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
+    CapsuleStatusArray [Index] = EFI_UNSUPPORTED;
+    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
+    if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0) {
+      //
+      // For each capsule, we compare it with known CapsuleGuid in the CacheArray.
+      // If already has the Guid, skip it. Whereas, record it in the CacheArray as
+      // an additional one.
+      //
+      CacheIndex = 0;
+      while (CacheIndex < CacheNumber) {
+        if (CompareGuid(&CapsuleGuidCache[CacheIndex],&CapsuleHeader->CapsuleGuid)) {
+          break;
+        }
+        CacheIndex++;
+      }
+      if (CacheIndex == CacheNumber) {
+        CopyMem(&CapsuleGuidCache[CacheNumber++],&CapsuleHeader->CapsuleGuid,sizeof(EFI_GUID));
+      }
+    }
+  }
+
+  //
+  // Secondly, for each unique CapsuleGuid in CacheArray, gather all coalesced capsules
+  // whose guid is the same as it, and malloc memory for an array which preceding
+  // with UINT32. The array fills with entry point of capsules that have the same
+  // CapsuleGuid, and UINT32 represents the size of the array of capsules. Then install
+  // this array into EFI System Table, so that agents searching for this type capsule
+  // will look in EFI System Table and search for the capsule's Guid and associated
+  // pointer to retrieve the data.
+  //
+  CacheIndex = 0;
+  while (CacheIndex < CacheNumber) {
+    CapsuleNumber = 0;
+    for (Index = 0; Index < CapsuleTotalNumber; Index++) {
+      CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
+      if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0) {
+        if (CompareGuid (&CapsuleGuidCache[CacheIndex], &CapsuleHeader->CapsuleGuid)) {
+          //
+          // Cache Caspuleheader to the array, this array is uniqued with certain CapsuleGuid.
+          //
+          CapsulePtrCache[CapsuleNumber++] = (VOID*)CapsuleHeader;
+          //
+          // When a Capsule is listed in CapsulePtrCache, it will be reported in ConfigurationTable
+          // So, report the CapsuleStatus as "processed successfully".
+          //
+          CapsuleStatusArray [Index] = EFI_SUCCESS;
+        }
+      }
+    }
+    if (CapsuleNumber != 0) {
+      Size = sizeof(EFI_CAPSULE_TABLE) + (CapsuleNumber - 1) * sizeof(VOID*);
+      CapsuleTable = AllocateRuntimePool (Size);
+      ASSERT (CapsuleTable != NULL);
+      if (CapsuleTable == NULL) {
+        return EFI_OUT_OF_RESOURCES;
+      }
+      CapsuleTable->CapsuleArrayNumber =  CapsuleNumber;
+      CopyMem(&CapsuleTable->CapsulePtr[0], CapsulePtrCache, CapsuleNumber * sizeof(VOID*));
+      Status = gBS->InstallConfigurationTable (&CapsuleGuidCache[CacheIndex], (VOID*)CapsuleTable);
+      ASSERT_EFI_ERROR (Status);
+    }
+    CacheIndex++;
+  }
+
+  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) | PcdGet32(PcdCapsuleStatusCodeUpdatingFirmware)));
+
+  //
+  // If Windows UX capsule exist, process it first
+  //
+  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
+    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
+    if (CompareGuid(&CapsuleHeader->CapsuleGuid ,&gWindowsUxCapsuleGuid)) {
+      DEBUG ((EFI_D_INFO, "ProcessCapsuleImage (Ux) - 0x%x\n", CapsuleHeader));
+      DisplayCapsuleExist = TRUE;
+      DEBUG ((DEBUG_INFO, "Display logo capsule is found.\n"));
+      Status = ProcessCapsuleImage (CapsuleHeader);
+      DEBUG((EFI_D_INFO, "ProcessCapsuleImage (Ux) - %r\n", Status));
+      CapsuleStatusArray [Index] = Status;
+      break;
+    }
+  }
+
+  if (!DisplayCapsuleExist) {
+    //
+    // Display Capsule not found. Display the default string.
+    //
+    Print (L"Updating the firmware ......\r\n");
+  }
+
+  //
+  // All capsules left are recognized by platform.
+  //
+  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
+    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
+    if (!CompareGuid(&CapsuleHeader->CapsuleGuid ,&gWindowsUxCapsuleGuid)) {
+      //
+      // Call capsule library to process capsule image.
+      //
+      EmbeddedDriverCount = 0;
+      if (IsFmpCapsule(CapsuleHeader)) {
+        Status = ValidateFmpCapsule(CapsuleHeader, &EmbeddedDriverCount);
+        if (EFI_ERROR(Status)) {
+          DEBUG((DEBUG_ERROR, "ValidateFmpCapsule failed. Ignore!\n"));
+          continue;
+        }
+      }
+
+      if ((!NeedBlockDriver) || (EmbeddedDriverCount == 0)) {
+        DEBUG((EFI_D_INFO, "ProcessCapsuleImage - 0x%x\n", CapsuleHeader));
+        Status = ProcessCapsuleImage (CapsuleHeader);
+        CapsuleStatusArray [Index] = Status;
+        DEBUG((EFI_D_INFO, "ProcessCapsuleImage - %r\n", Status));
+
+        if (EFI_ERROR(Status)) {
+          REPORT_STATUS_CODE(EFI_ERROR_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) | PcdGet32(PcdCapsuleStatusCodeUpdateFirmwareFailed)));
+          DEBUG ((DEBUG_ERROR, "Capsule process failed. reset the system!\n"));
+          Print (L"Firmware update failed...\r\n");
+        } else {
+          REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) | PcdGet32(PcdCapsuleStatusCodeUpdateFirmwareSuccess)));
+        }
+
+        if ((CapsuleHeader->Flags & PcdGet16(PcdSystemRebootAfterCapsuleProcessFlag)) != 0 ||
+            IsFmpCapsule(CapsuleHeader)) {
+          mNeedReset = TRUE;
+        }
+      }
+    }
+  }
+
+  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtManagement);
+  //
+  // Always sync ESRT Cache from FMP Instance
+  //
+  if (!EFI_ERROR(Status)) {
+    EsrtManagement->SyncEsrtFmp();
+  }
+  Status = EFI_SUCCESS;
+
+Done:
+  //
+  // Free the allocated temp memory space.
+  //
+  if (CapsuleGuidCache != NULL) {
+    FreePool(CapsuleGuidCache);
+  }
+  if (CapsulePtrCache != NULL) {
+    FreePool(CapsulePtrCache);
+  }
+  if (CapsulePtr != NULL) {
+    FreePool(CapsulePtr);
+  }
+
+  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) | PcdGet32(PcdCapsuleStatusCodeProcessCapsulesEnd)));
+
+  return Status;
+}
+
+/**
+**/
+BOOLEAN
+IsAllCapsulesProcessed(
+  VOID
+  )
+{
+  // TBD
+  return TRUE;
+}
+
+/**
+  Do reset system.
+**/
+VOID
+DoResetSystem(
+  VOID
+  )
+{
+  UINTN                         Index;
+
+  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) | PcdGet32(PcdCapsuleStatusCodeResettingSystem)));
+
+  Print(L"Capsule Request Cold Reboot.\n");
+  DEBUG((EFI_D_INFO, "Capsule Request Cold Reboot."));
+
+  for (Index = 5; Index > 0; Index--) {
+    Print(L"\rResetting system in %d seconds ...", Index);
+    DEBUG((EFI_D_INFO, "\rResetting system in %d seconds ...", Index));
+    gBS->Stall(1000000);
+  }
+
+  gRT->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
+
+  CpuDeadLoop();
+}
+
+/**
+
+  This routine is called to process capsules.
+
+  Caution: This function may receive untrusted input.
+
+  The capsules reported in EFI_HOB_UEFI_CAPSULE are processed.
+  If there is no EFI_HOB_UEFI_CAPSULE, this routine does nothing.
+
+  This routine should be called twice in BDS.
+  1) The first call must be before EndOfDxe. The system capsules is processed.
+     If device capsule FMP protocols are exposted at this time and device FMP
+     capsule has zero EmbeddedDriverCount, the device capsules are processed.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule and
+     all capsules are processed.
+     If not all capsules are processed, reset will be defered to second call.
+
+  2) The second call must be after EndOfDxe and after ConnectAll, so that all
+     device capsule FMP protocols are exposed.
+     The system capsules are skipped. If the device capsules are NOT processed
+     in first call, they are processed here.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule
+     processed in first call and second call.
+
+  @retval EFI_SUCCESS             There is no error when processing capsules.
+  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
+
+**/
+EFI_STATUS
+EFIAPI
+ProcessCapsules(
+  VOID
+  )
+{
+  EFI_STATUS                    Status;
+
+  if (!mDxeCapsuleLibEndOfDxe) {
+    //
+    // Initialize mAreAllImagesProcessed to be TRUE.
+    //
+    // It will be updated to FALSE in ProcessTheseCapsules()->ProcessCapsuleImage(),
+    // if there is any FMP image in any FMP capsule not processed.
+    //
+    mAreAllImagesProcessed = TRUE;
+
+    Status = ProcessTheseCapsules(TRUE);
+    //
+    // Reboot System if and only if all capsule processed.
+    // If not, defer reset to 2nd process.
+    //
+    if (mNeedReset && mAreAllImagesProcessed) {
+      DoResetSystem();
+    }
+  } else {
+    Status = ProcessTheseCapsules(FALSE);
+    //
+    // Reboot System if required after all capsule processed
+    //
+    if (mNeedReset) {
+      DoResetSystem();
+    }
+  }
+  return Status;
+}
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
new file mode 100644
index 0000000..9edc353
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
@@ -0,0 +1,489 @@
+/** @file
+  DXE capsule report related function.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Protocol/VariableLock.h>
+#include <Guid/CapsuleReport.h>
+#include <Guid/FmpCapsule.h>
+#include <Guid/CapsuleVendor.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PcdLib.h>
+#include <Library/HobLib.h>
+#include <Library/PrintLib.h>
+#include <Library/ReportStatusCodeLib.h>
+#include <Library/CapsuleLib.h>
+
+#include <IndustryStandard/WindowsUxCapsule.h>
+
+typedef struct {
+  EFI_CAPSULE_RESULT_VARIABLE_HEADER  CapsuleResultHeader;
+  EFI_CAPSULE_RESULT_VARIABLE_FMP     CapsuleResultFmp;
+} CAPSULE_RESULT_VARIABLE_CACHE;
+
+#define CAPSULE_RESULT_VARIABLE_CACHE_COUNT   0x10
+
+CAPSULE_RESULT_VARIABLE_CACHE *mCapsuleResultVariableCache;
+UINTN                         mCapsuleResultVariableCacheMaxCount;
+UINTN                         mCapsuleResultVariableCacheCount;
+
+/**
+  Get current capsule last variable index.
+
+  @return Current capsule last variable index.
+  @retval -1  No current capsule last variable.
+**/
+INTN
+GetCurrentCapsuleLastIndex(
+  VOID
+  )
+{
+  UINTN                            Size;
+  CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
+  EFI_STATUS                       Status;
+  UINT16                           CurrentIndex;
+
+  Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
+  Status = gRT->GetVariable(
+                  L"CapsuleLast",
+                  &gEfiCapsuleReportGuid,
+                  NULL,
+                  &Size,
+                  CapsuleLastStr
+                  );
+  if (EFI_ERROR(Status)) {
+    return -1;
+  }
+  CurrentIndex = (UINT16)StrHexToUintn(&CapsuleLastStr[sizeof("Capsule") - 1]);
+  return CurrentIndex;
+}
+
+/**
+  Check if this FMP capsule is processed.
+
+  @param CapsuleHeader  The capsule image header
+  @param PayloadIndex   FMP payload index
+  @param ImageHeader    FMP image header
+
+  @retval TRUE  This FMP capsule is processed.
+  @retval FALSE This FMP capsule is not processed.
+**/
+BOOLEAN
+IsFmpCapsuleProcessed(
+  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
+  IN UINTN                                        PayloadIndex,
+  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
+  )
+{
+  UINTN                               Index;
+  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
+  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
+
+  for (Index = 0; Index < mCapsuleResultVariableCacheCount; Index++) {
+    //
+    // Check
+    //
+    CapsuleResult = &mCapsuleResultVariableCache[Index].CapsuleResultHeader;
+    if (CapsuleResult->VariableTotalSize >= sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
+      if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
+        if (CapsuleResult->VariableTotalSize >= sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
+          CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
+          if (CompareGuid(&CapsuleResultFmp->UpdateImageTypeId, &ImageHeader->UpdateImageTypeId) &&
+              (CapsuleResultFmp->UpdateImageIndex == ImageHeader->UpdateImageIndex) &&
+              (CapsuleResultFmp->PayloadIndex == PayloadIndex) ) {
+            return TRUE;
+          }
+        }
+      }
+    }
+  }
+
+  return FALSE;
+}
+
+/**
+  Write a new capsule status variable cache.
+
+  @param CapsuleResult      The capsule status variable
+  @param CapsuleResultSize  The size of the capsule stauts variable in bytes
+
+  @retval EFI_SUCCESS          The capsule status variable is cached.
+  @retval EFI_OUT_OF_RESOURCES No resource to cache the capsule status variable.
+**/
+EFI_STATUS
+WriteNewCapsuleResultVariableCache(
+  IN VOID    *CapsuleResult,
+  IN UINTN   CapsuleResultSize
+  )
+{
+  if (CapsuleResultSize > sizeof(CAPSULE_RESULT_VARIABLE_CACHE)) {
+    CapsuleResultSize = sizeof(CAPSULE_RESULT_VARIABLE_CACHE);
+  }
+
+  if (mCapsuleResultVariableCacheCount == mCapsuleResultVariableCacheMaxCount) {
+    mCapsuleResultVariableCache = ReallocatePool(
+                                    mCapsuleResultVariableCacheMaxCount * sizeof(CAPSULE_RESULT_VARIABLE_CACHE),
+                                    (mCapsuleResultVariableCacheMaxCount + CAPSULE_RESULT_VARIABLE_CACHE_COUNT) * sizeof(CAPSULE_RESULT_VARIABLE_CACHE),
+                                    mCapsuleResultVariableCache
+                                    );
+    if (mCapsuleResultVariableCache == NULL) {
+      return EFI_OUT_OF_RESOURCES;
+    }
+    mCapsuleResultVariableCacheMaxCount += CAPSULE_RESULT_VARIABLE_CACHE_COUNT;
+  }
+
+  ASSERT(mCapsuleResultVariableCacheCount < mCapsuleResultVariableCacheMaxCount);
+  ASSERT(mCapsuleResultVariableCache != NULL);
+  CopyMem(
+    &mCapsuleResultVariableCache[mCapsuleResultVariableCacheCount],
+    CapsuleResult,
+    CapsuleResultSize
+    );
+  mCapsuleResultVariableCacheCount++;
+
+  return EFI_SUCCESS;
+}
+
+/**
+  Get a new capsule status variable index.
+
+  @return A new capsule status variable index.
+  @retval -1  No new capsule status variable index.
+**/
+INTN
+GetNewCapsuleResultIndex(
+  VOID
+  )
+{
+  INTN                             CurrentIndex;
+
+  CurrentIndex = GetCurrentCapsuleLastIndex();
+  if (CurrentIndex >= PcdGet16(PcdCapsuleMax)) {
+    return -1;
+  }
+
+  return CurrentIndex + 1;
+}
+
+/**
+  Write a new capsule status variable.
+
+  @param CapsuleResult      The capsule status variable
+  @param CapsuleResultSize  The size of the capsule stauts variable in bytes
+
+  @retval EFI_SUCCESS          The capsule status variable is recorded.
+  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
+**/
+EFI_STATUS
+WriteNewCapsuleResultVariable(
+  IN VOID    *CapsuleResult,
+  IN UINTN   CapsuleResultSize
+  )
+{
+  INTN                                CapsuleResultIndex;
+  CHAR16                              CapsuleResultStr[sizeof("Capsule####")];
+  UINTN                               Size;
+  EFI_STATUS                          Status;
+
+  CapsuleResultIndex = GetNewCapsuleResultIndex();
+  DEBUG((EFI_D_INFO, "New CapsuleResultIndex - 0x%x\n", CapsuleResultIndex));
+  if (CapsuleResultIndex == -1) {
+    return EFI_OUT_OF_RESOURCES;
+  }
+  UnicodeSPrint(
+    CapsuleResultStr,
+    sizeof(CapsuleResultStr),
+    L"Capsule%04x",
+    CapsuleResultIndex
+    );
+
+  Status = gRT->SetVariable(
+                  CapsuleResultStr,
+                  &gEfiCapsuleReportGuid,
+                  EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+                  CapsuleResultSize,
+                  CapsuleResult
+                  );
+  if (!EFI_ERROR(Status)) {
+    Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
+    DEBUG((EFI_D_INFO, "Set CapsuleLast - %s\n", CapsuleResultStr));
+    Status = gRT->SetVariable(
+                    L"CapsuleLast",
+                    &gEfiCapsuleReportGuid,
+                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+                    Size,
+                    CapsuleResultStr
+                    );
+  }
+
+  return Status;
+}
+
+/**
+  Record capsule status variable and to local cache.
+
+  @param CapsuleHeader  The capsule image header
+  @param CapsuleStatus  The capsule process stauts
+
+  @retval EFI_SUCCESS          The capsule status variable is recorded.
+  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
+**/
+EFI_STATUS
+RecordCapsuleStatusVariable(
+  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
+  IN EFI_STATUS                                   CapsuleStatus
+  )
+{
+  EFI_CAPSULE_RESULT_VARIABLE_HEADER  CapsuleResultVariable;
+  EFI_STATUS                          Status;
+
+  CapsuleResultVariable.VariableTotalSize = sizeof(CapsuleResultVariable);
+  CopyGuid (&CapsuleResultVariable.CapsuleGuid, &CapsuleHeader->CapsuleGuid);
+  ZeroMem(&CapsuleResultVariable.CapsuleProcessed, sizeof(CapsuleResultVariable.CapsuleProcessed));
+  gRT->GetTime(&CapsuleResultVariable.CapsuleProcessed, NULL);
+  CapsuleResultVariable.CapsuleStatus = CapsuleStatus;
+
+  //
+  // Save Local Cache
+  //
+  Status = WriteNewCapsuleResultVariableCache(&CapsuleResultVariable, sizeof(CapsuleResultVariable));
+
+  if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
+    Status = WriteNewCapsuleResultVariable(&CapsuleResultVariable, sizeof(CapsuleResultVariable));
+  }
+  return Status;
+}
+
+/**
+  Record FMP capsule status variable and to local cache.
+
+  @param CapsuleHeader  The capsule image header
+  @param CapsuleStatus  The capsule process stauts
+  @param PayloadIndex   FMP payload index
+  @param ImageHeader    FMP image header
+
+  @retval EFI_SUCCESS          The capsule status variable is recorded.
+  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
+**/
+EFI_STATUS
+RecordFmpCapsuleStatusVariable(
+  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
+  IN EFI_STATUS                                   CapsuleStatus,
+  IN UINTN                                        PayloadIndex,
+  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
+  )
+{
+  UINT8                               CapsuleResultVariable[sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)];
+  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResultVariableHeader;
+  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultVariableFmp;
+  EFI_STATUS                          Status;
+
+  CapsuleResultVariableHeader = (VOID *)&CapsuleResultVariable[0];
+  CapsuleResultVariableHeader->VariableTotalSize = sizeof(CapsuleResultVariable);
+  CopyGuid(&CapsuleResultVariableHeader->CapsuleGuid, &CapsuleHeader->CapsuleGuid);
+  ZeroMem(&CapsuleResultVariableHeader->CapsuleProcessed, sizeof(CapsuleResultVariableHeader->CapsuleProcessed));
+  gRT->GetTime(&CapsuleResultVariableHeader->CapsuleProcessed, NULL);
+  CapsuleResultVariableHeader->CapsuleStatus = CapsuleStatus;
+
+  CapsuleResultVariableFmp = (VOID *)&CapsuleResultVariable[sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)];
+  CapsuleResultVariableFmp->Version = 0x1;
+  CapsuleResultVariableFmp->PayloadIndex = (UINT8)PayloadIndex;
+  CapsuleResultVariableFmp->UpdateImageIndex = ImageHeader->UpdateImageIndex;
+  CopyGuid (&CapsuleResultVariableFmp->UpdateImageTypeId, &ImageHeader->UpdateImageTypeId);
+
+  //
+  // Save Local Cache
+  //
+  Status = WriteNewCapsuleResultVariableCache(&CapsuleResultVariable, sizeof(CapsuleResultVariable));
+
+  if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
+    Status = WriteNewCapsuleResultVariable(&CapsuleResultVariable, sizeof(CapsuleResultVariable));
+  }
+  return Status;
+}
+
+/**
+  Initialize CapsuleMax variables.
+**/
+VOID
+InitCapsuleMaxVariable(
+  VOID
+  )
+{
+  EFI_STATUS                       Status;
+  UINTN                            Size;
+  CHAR16                           CapsuleMaxStr[sizeof("Capsule####")];
+  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
+
+  UnicodeSPrint(
+    CapsuleMaxStr,
+    sizeof(CapsuleMaxStr),
+    L"Capsule%04x",
+    PcdGet16(PcdCapsuleMax)
+    );
+
+  Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
+  Status = gRT->SetVariable(
+                  L"CapsuleMax",
+                  &gEfiCapsuleReportGuid,
+                  EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+                  Size,
+                  CapsuleMaxStr
+                  );
+  if (!EFI_ERROR(Status)) {
+    // Lock it per UEFI spec.
+    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLock);
+    if (!EFI_ERROR(Status)) {
+      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleMax", &gEfiCapsuleReportGuid);
+      ASSERT_EFI_ERROR(Status);
+    }
+  }
+}
+
+/**
+  Initialize CapsuleLast variables.
+**/
+VOID
+InitCapsuleLastVariable(
+  VOID
+  )
+{
+  EFI_STATUS                       Status;
+  EFI_BOOT_MODE                    BootMode;
+  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
+  VOID                             *CapsuleResult;
+  UINTN                            Size;
+  CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
+
+  BootMode = GetBootModeHob();
+  if (BootMode == BOOT_ON_FLASH_UPDATE) {
+    Status = gRT->SetVariable(
+                    L"CapsuleLast",
+                    &gEfiCapsuleReportGuid,
+                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+                    0,
+                    NULL
+                    );
+    // Do not lock it because it will be updated later.
+  } else {
+    //
+    // Check if OS/APP cleared L"Capsule####"
+    //
+    ZeroMem(CapsuleLastStr, sizeof(CapsuleLastStr));
+    Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
+    Status = gRT->GetVariable(
+                    L"CapsuleLast",
+                    &gEfiCapsuleReportGuid,
+                    NULL,
+                    &Size,
+                    CapsuleLastStr
+                    );
+    if (!EFI_ERROR(Status)) {
+      //
+      // L"CapsuleLast" is got, check if data is there.
+      //
+      Status = GetVariable2 (
+                 CapsuleLastStr,
+                 &gEfiCapsuleReportGuid,
+                 (VOID **) &CapsuleResult,
+                 NULL
+                 );
+      if (EFI_ERROR(Status)) {
+        //
+        // If no data, delete L"CapsuleLast"
+        //
+        Status = gRT->SetVariable(
+                        L"CapsuleLast",
+                        &gEfiCapsuleReportGuid,
+                        EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+                        0,
+                        NULL
+                        );
+      }
+    }
+
+    // Lock it in normal boot path per UEFI spec.
+    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLock);
+    if (!EFI_ERROR(Status)) {
+      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleLast", &gEfiCapsuleReportGuid);
+      ASSERT_EFI_ERROR(Status);
+    }
+  }
+}
+
+/**
+  Initialize capsule update variables.
+**/
+VOID
+InitCapsuleUpdateVariable(
+  VOID
+  )
+{
+  EFI_STATUS                     Status;
+  UINTN                          Index;
+  CHAR16                         CapsuleVarName[30];
+  CHAR16                         *TempVarName;
+
+  //
+  // Clear all the capsule variables CapsuleUpdateData, CapsuleUpdateData1, CapsuleUpdateData2...
+  // as early as possible which will avoid the next time boot after the capsule update
+  // will still into the capsule loop
+  //
+  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]), EFI_CAPSULE_VARIABLE_NAME);
+  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
+  Index = 0;
+  while (TRUE) {
+    if (Index > 0) {
+      UnicodeValueToString (TempVarName, 0, Index, 0);
+    }
+    Status = gRT->SetVariable (
+                    CapsuleVarName,
+                    &gEfiCapsuleVendorGuid,
+                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+                    0,
+                    (VOID *)NULL
+                    );
+    if (EFI_ERROR (Status)) {
+      //
+      // There is no capsule variables, quit
+      //
+      break;
+    }
+    Index++;
+  }
+}
+
+/**
+  Initialize capsule related variables.
+**/
+VOID
+InitCapsuleVariable(
+  VOID
+  )
+{
+  InitCapsuleUpdateVariable();
+  InitCapsuleMaxVariable();
+  InitCapsuleLastVariable();
+  //
+  // No need to clear L"Capsule####", because OS/APP should refer L"CapsuleLast"
+  // to check status and delete them.
+  //
+}
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
new file mode 100644
index 0000000..8801439
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
@@ -0,0 +1,112 @@
+/** @file
+  Capsule library runtime support.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+
+#include <Guid/FmpCapsule.h>
+#include <Guid/SystemResourceTable.h>
+#include <Guid/EventGroup.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DxeServicesTableLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+
+extern EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable;
+extern BOOLEAN                   mIsVirtualAddrConverted;
+
+/**
+  Convert EsrtTable physical address to virtual address.
+
+  @param[in] Event      Event whose notification function is being invoked.
+  @param[in] Context    The pointer to the notification function's context, which
+                        is implementation-dependent.
+**/
+VOID
+EFIAPI
+DxeCapsuleLibVirtualAddressChangeEvent (
+  IN  EFI_EVENT   Event,
+  IN  VOID        *Context
+  )
+{
+  UINTN                    Index;
+  EFI_CONFIGURATION_TABLE  *ConfigEntry;
+
+  //
+  // Get Esrt table first
+  //
+  ConfigEntry = gST->ConfigurationTable;
+  for (Index = 0; Index < gST->NumberOfTableEntries; Index++) {
+    if (CompareGuid(&gEfiSystemResourceTableGuid, &ConfigEntry->VendorGuid)) {
+      break;
+    }
+    ConfigEntry++;
+  }
+
+  //
+  // If no Esrt table installed in Configure Table
+  //
+  if (Index < gST->NumberOfTableEntries) {
+    //
+    // Search Esrt to check given capsule is qualified
+    //
+    mEsrtTable = (EFI_SYSTEM_RESOURCE_TABLE *) ConfigEntry->VendorTable;
+
+    //
+    // Update protocol pointer to Esrt Table.
+    //
+    gRT->ConvertPointer (0x00, (VOID**) &(mEsrtTable));
+  }
+
+  mIsVirtualAddrConverted = TRUE;
+
+}
+
+/**
+  The constructor function hook VirtualAddressChange event to use ESRT table as capsule routing table.
+
+  @param  ImageHandle   The firmware allocated handle for the EFI image.
+  @param  SystemTable   A pointer to the EFI System Table.
+
+  @retval EFI_SUCCESS   The constructor successfully .
+**/
+EFI_STATUS
+EFIAPI
+DxeRuntimeCapsuleLibConstructor (
+  IN EFI_HANDLE         ImageHandle,
+  IN EFI_SYSTEM_TABLE   *SystemTable
+  )
+{
+  EFI_STATUS     Status;
+  EFI_EVENT      Event;
+
+  //
+  // Make sure we can handle virtual address changes.
+  //
+  Event = NULL;
+  Status = gBS->CreateEventEx (
+                  EVT_NOTIFY_SIGNAL,
+                  TPL_NOTIFY,
+                  DxeCapsuleLibVirtualAddressChangeEvent,
+                  NULL,
+                  &gEfiEventVirtualAddressChangeGuid,
+                  &Event
+                  );
+  ASSERT_EFI_ERROR (Status);
+
+  return EFI_SUCCESS;
+}
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
new file mode 100644
index 0000000..cd3738e
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
@@ -0,0 +1,83 @@
+## @file
+#  Capsule library instance for DXE_RUNTIME_DRIVER.
+#
+#  Capsule library instance for DXE_RUNTIME_DRIVER module types.
+#
+#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = DxeRuntimeCapsuleLib
+  MODULE_UNI_FILE                = DxeRuntimeCapsuleLib.uni
+  FILE_GUID                      = 19BE1E4B-1A9A-44c1-8F12-32DD0470516A
+  MODULE_TYPE                    = DXE_DRIVER
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = CapsuleLib|DXE_RUNTIME_DRIVER
+  CONSTRUCTOR                    = DxeCapsuleLibConstructor
+  CONSTRUCTOR                    = DxeRuntimeCapsuleLibConstructor
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
+#
+
+[Sources]
+  DxeCapsuleLib.c
+  DxeCapsuleProcessLib.c
+  DxeCapsuleReportLib.c
+  DxeCapsuleRuntime.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  DxeServicesTableLib
+  UefiBootServicesTableLib
+  DevicePathLib
+  ReportStatusCodeLib
+  PrintLib
+  HobLib
+
+[Pcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag      ## CONSUMES
+
+  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule                ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin    ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd      ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware        ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess   ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed    ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem         ## CONSUMES
+
+[Protocols]
+  gEsrtManagementProtocolGuid             ## CONSUMES
+  gEfiFirmwareManagementProtocolGuid      ## SOMETIMES_CONSUMES
+  gEdkiiVariableLockProtocolGuid          ## SOMETIMES_CONSUMES
+
+[Guids]
+  gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
+  gWindowsUxCapsuleGuid                   ## SOMETIMES_CONSUMES ## GUID
+  gEfiSystemResourceTableGuid             ## SOMETIMES_CONSUMES ## GUID
+  gEfiCapsuleReportGuid                   ## CONSUMES ## Variable
+  gEfiCapsuleVendorGuid                   ## CONSUMES ## Variable
+  gEfiEndOfDxeEventGroupGuid              ## CONSUMES ## Event
+  gEfiEventVirtualAddressChangeGuid       ## CONSUMES ## Event
+
+[Depex]
+  gEfiVariableWriteArchProtocolGuid
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
new file mode 100644
index 0000000..cd89b13
--- /dev/null
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
@@ -0,0 +1,22 @@
+// /** @file
+// Capsule library instance for DXE_RUNTIME_DRIVER.
+//
+// Capsule library instance for DXE_RUNTIME_DRIVER module types.
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution.  The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "Capsule Support Library"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "Capsule library instance for DXE_RUNTIME_DRIVER module types."
+
-- 
2.7.4.windows.1

Re: [PATCH V4 06/15] MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.

[Kinney, Michael D]

Jiewen,

I have looked Microsoft UX capsule in the Microsoft
Windows UEFI Firmware Update Platform Specification, and 
that specification only define support for an ImageType value
of 0, which is bitmap format based on ACPI 5.0 BGRT.  There
are no defined ImageType values for BMP. We need to remove 
BMP graphics file format decoding from all capsule processing.
If a Microsoft UX capsule is present, it is already a raw
bitmap that can be passed to GOP.

Best regards,

Mike


> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Kinney, Michael
> D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [PATCH V4 06/15] MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.
> 
> This instance handles Microsoft UX capsule, UEFI defined FMP capsule.
> This instance should not assume any capsule image format.
> 
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> Reviewed-by: Liming Gao <liming.gao@intel.com>
> ---
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c          | 1363
> ++++++++++++++++++++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf        |   80 ++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni        |   22 +
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c   |  486 +++++++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c    |  489 +++++++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c      |  112 ++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf |   83 ++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni |   22 +
>  8 files changed, 2657 insertions(+)
> 
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
> new file mode 100644
> index 0000000..20ef762
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
> @@ -0,0 +1,1363 @@
> +/** @file
> +  DXE capsule library.
> +
> +  Caution: This module requires additional review when modified.
> +  This module will have external input - capsule image.
> +  This external input must be validated carefully to avoid security issue like
> +  buffer overflow, integer overflow.
> +
> +  SupportCapsuleImage(), ProcessCapsuleImage(), IsValidCapsuleHeader(),
> +  ValidateFmpCapsule(), DisplayCapsuleImage(), ConvertBmpToGopBlt() will
> +  receive untrusted input and do basic validation.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +
> +#include <IndustryStandard/Bmp.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#include <Guid/FmpCapsule.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/EventGroup.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/DxeServicesTableLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/CapsuleLib.h>
> +#include <Library/DevicePathLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PcdLib.h>
> +
> +#include <Protocol/GraphicsOutput.h>
> +#include <Protocol/EsrtManagement.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Protocol/DevicePath.h>
> +
> +extern BOOLEAN            mAreAllImagesProcessed;
> +
> +EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable              = NULL;
> +BOOLEAN                   mIsVirtualAddrConverted  = FALSE;
> +BOOLEAN                   mDxeCapsuleLibEndOfDxe   = FALSE;
> +
> +/**
> +  Initialize capsule related variables.
> +**/
> +VOID
> +InitCapsuleVariable(
> +  VOID
> +  );
> +
> +/**
> +  Check if this FMP capsule is processed.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval TRUE  This FMP capsule is processed.
> +  @retval FALSE This FMP capsule is not processed.
> +**/
> +BOOLEAN
> +IsFmpCapsuleProcessed(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  );
> +
> +/**
> +  Record capsule status variable.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus
> +  );
> +
> +/**
> +  Record FMP capsule status variable.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordFmpCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  );
> +
> +/**
> +  Function indicate the current completion progress of the firmware
> +  update. Platform may override with own specific progress function.
> +
> +  @param  Completion    A value between 1 and 100 indicating the current completion
> progress of the firmware update
> +
> +  @retval EFI_SUCESS    Input capsule is a correct FMP capsule.
> +**/
> +EFI_STATUS
> +EFIAPI
> +Update_Image_Progress (
> +  IN UINTN Completion
> +  )
> +{
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return if this CapsuleGuid is a FMP capsule GUID or not.
> +
> +  @param[in] CapsuleGuid A pointer to EFI_GUID
> +
> +  @retval TRUE  It is a FMP capsule GUID.
> +  @retval FALSE It is not a FMP capsule GUID.
> +**/
> +BOOLEAN
> +IsFmpCapsuleGuid(
> +  IN EFI_GUID  *CapsuleGuid
> +  )
> +{
> +  if (CompareGuid(&gEfiFmpCapsuleGuid, CapsuleGuid)) {
> +    return TRUE;
> +  }
> +
> +  return FALSE;
> +}
> +
> +/**
> +  Validate if it is valid capsule header
> +
> +  Caution: This function may receive untrusted input.
> +
> +  This function assumes the caller provided correct CapsuleHeader pointer
> +  and CapsuleSize.
> +
> +  This function validates the fields in EFI_CAPSULE_HEADER.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +  @param  CapsuleSize      Size of the whole capsule image.
> +
> +**/
> +BOOLEAN
> +IsValidCapsuleHeader(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader,
> +  IN UINT64              CapsuleSize
> +  )
> +{
> +  if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
> +    return FALSE;
> +  }
> +  if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Validate Fmp capsules layout.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  This function assumes the caller validated the capsule by using
> +  IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
> +  The capsule buffer size is CapsuleHeader->CapsuleImageSize.
> +
> +  This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
> +  and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
> +
> +  This function need support nested FMP capsule.
> +
> +  @param[in]   CapsuleHeader        Points to a capsule header.
> +  @param[out]  EmbeddedDriverCount  The EmbeddedDriverCount in the FMP capsule.
> +
> +  @retval EFI_SUCESS             Input capsule is a correct FMP capsule.
> +  @retval EFI_INVALID_PARAMETER  Input capsule is not a correct FMP capsule.
> +**/
> +EFI_STATUS
> +ValidateFmpCapsule (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader,
> +  OUT UINT16            *EmbeddedDriverCount OPTIONAL
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT8                                        *EndOfCapsule;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +  UINT8                                        *EndOfPayload;
> +  UINT64                                       *ItemOffsetList;
> +  UINT32                                       ItemNum;
> +  UINTN                                        Index;
> +  UINTN                                        FmpCapsuleSize;
> +  UINTN                                        FmpCapsuleHeaderSize;
> +  UINT64                                       FmpImageSize;
> +  UINTN                                        FmpImageHeaderSize;
> +
> +  if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
> +    return ValidateFmpCapsule ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader +
> CapsuleHeader->HeaderSize), EmbeddedDriverCount);
> +  }
> +
> +  if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
> +    DEBUG((EFI_D_ERROR, "HeaderSize(0x%x) >= CapsuleImageSize(0x%x)\n", CapsuleHeader-
> >HeaderSize, CapsuleHeader->CapsuleImageSize));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *)
> CapsuleHeader + CapsuleHeader->HeaderSize);
> +  EndOfCapsule     = (UINT8 *) CapsuleHeader + CapsuleHeader->CapsuleImageSize;
> +  FmpCapsuleSize   = (UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader;
> +
> +  if (FmpCapsuleSize < sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER)) {
> +    DEBUG((EFI_D_ERROR, "FmpCapsuleSize(0x%x) <
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER\n", FmpCapsuleSize));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
> +  if (FmpCapsuleHeader->Version !=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
> +    DEBUG((EFI_D_ERROR, "FmpCapsuleHeader->Version(0x%x) !=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION\n", FmpCapsuleHeader->Version));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +
> +  // No overflow
> +  ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader-
> >PayloadItemCount;
> +
> +  if ((FmpCapsuleSize - sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER))/sizeof(UINT64)
> < ItemNum) {
> +    DEBUG((EFI_D_ERROR, "ItemNum(0x%x) too big\n", ItemNum));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  FmpCapsuleHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER) +
> sizeof(UINT64)*ItemNum;
> +
> +  // Check ItemOffsetList
> +  for (Index = 0; Index < ItemNum; Index++) {
> +    if (ItemOffsetList[Index] >= FmpCapsuleSize) {
> +      DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) >= FmpCapsuleSize(0x%x)\n",
> Index, ItemOffsetList[Index], FmpCapsuleSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    if (ItemOffsetList[Index] < FmpCapsuleHeaderSize) {
> +      DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) < FmpCapsuleHeaderSize(0x%x)\n",
> Index, ItemOffsetList[Index], FmpCapsuleHeaderSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    //
> +    // All the address in ItemOffsetList must be stored in ascending order
> +    //
> +    if (Index > 0) {
> +      if (ItemOffsetList[Index] <= ItemOffsetList[Index - 1]) {
> +        DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) < ItemOffsetList[%d](0x%x)\n",
> Index, ItemOffsetList[Index], Index, ItemOffsetList[Index - 1]));
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +  }
> +
> +  // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
> +    ImageHeader  = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    if (Index == ItemNum - 1) {
> +      EndOfPayload = (UINT8 *)((UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader);
> +    } else {
> +      EndOfPayload = (UINT8 *)(UINTN)ItemOffsetList[Index+1];
> +    }
> +    FmpImageSize = (UINTN)EndOfPayload - ItemOffsetList[Index];
> +
> +    if (FmpImageSize < OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER,
> UpdateHardwareInstance)) {
> +      DEBUG((EFI_D_ERROR, "FmpImageSize(0x%lx) <
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER\n", FmpImageSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    FmpImageHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER);
> +    if ((ImageHeader->Version >
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) ||
> +        (ImageHeader->Version < 1)) {
> +      DEBUG((EFI_D_ERROR, "ImageHeader->Version(0x%x) Unknown\n", ImageHeader-
> >Version));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    if (ImageHeader->Version <
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      FmpImageHeaderSize = OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER,
> UpdateHardwareInstance);
> +    }
> +
> +    // No overflow
> +    if (FmpImageSize != (UINT64)FmpImageHeaderSize + (UINT64)ImageHeader-
> >UpdateImageSize + (UINT64)ImageHeader->UpdateVendorCodeSize) {
> +      DEBUG((EFI_D_ERROR, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0x%x)
> UpdateVendorCodeSize(0x%x)\n", FmpImageSize, ImageHeader->UpdateImageSize, ImageHeader-
> >UpdateVendorCodeSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  if (ItemNum == 0) {
> +    //
> +    // No driver & payload element in FMP
> +    //
> +    EndOfPayload = (UINT8 *)(FmpCapsuleHeader + 1);
> +    if (EndOfPayload != EndOfCapsule) {
> +      DEBUG((EFI_D_ERROR, "EndOfPayload(0x%x) mismatch, EndOfCapsule(0x%x)\n",
> EndOfPayload, EndOfCapsule));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (EmbeddedDriverCount != NULL) {
> +    *EmbeddedDriverCount = FmpCapsuleHeader->EmbeddedDriverCount;
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Convert a *.BMP graphics image to a GOP blt buffer. If a NULL Blt buffer
> +  is passed in a GopBlt buffer will be allocated by this routine. If a GopBlt
> +  buffer is passed in it will be used if it is big enough.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  BmpImage      Pointer to BMP file
> +  @param  BmpImageSize  Number of bytes in BmpImage
> +  @param  GopBlt        Buffer containing GOP version of BmpImage.
> +  @param  GopBltSize    Size of GopBlt in bytes.
> +  @param  PixelHeight   Height of GopBlt/BmpImage in pixels
> +  @param  PixelWidth    Width of GopBlt/BmpImage in pixels
> +
> +  @retval EFI_SUCCESS           GopBlt and GopBltSize are returned.
> +  @retval EFI_UNSUPPORTED       BmpImage is not a valid *.BMP image
> +  @retval EFI_BUFFER_TOO_SMALL  The passed in GopBlt buffer is not big enough.
> +                                GopBltSize will contain the required size.
> +  @retval EFI_OUT_OF_RESOURCES  No enough buffer to allocate.
> +
> +**/
> +STATIC
> +EFI_STATUS
> +ConvertBmpToGopBlt (
> +  IN     VOID      *BmpImage,
> +  IN     UINTN     BmpImageSize,
> +  IN OUT VOID      **GopBlt,
> +  IN OUT UINTN     *GopBltSize,
> +     OUT UINTN     *PixelHeight,
> +     OUT UINTN     *PixelWidth
> +  )
> +{
> +  UINT8                         *Image;
> +  UINT8                         *ImageHeader;
> +  BMP_IMAGE_HEADER              *BmpHeader;
> +  BMP_COLOR_MAP                 *BmpColorMap;
> +  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer;
> +  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
> +  UINT64                        BltBufferSize;
> +  UINTN                         Index;
> +  UINTN                         Height;
> +  UINTN                         Width;
> +  UINTN                         ImageIndex;
> +  UINT32                        DataSizePerLine;
> +  BOOLEAN                       IsAllocated;
> +  UINT32                        ColorMapNum;
> +
> +  if (sizeof (BMP_IMAGE_HEADER) > BmpImageSize) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  BmpHeader = (BMP_IMAGE_HEADER *) BmpImage;
> +
> +  if (BmpHeader->CharB != 'B' || BmpHeader->CharM != 'M') {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Doesn't support compress.
> +  //
> +  if (BmpHeader->CompressionType != 0) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Only support BITMAPINFOHEADER format.
> +  // BITMAPFILEHEADER + BITMAPINFOHEADER = BMP_IMAGE_HEADER
> +  //
> +  if (BmpHeader->HeaderSize != sizeof (BMP_IMAGE_HEADER) - OFFSET_OF(BMP_IMAGE_HEADER,
> HeaderSize)) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // The data size in each line must be 4 byte alignment.
> +  //
> +  DataSizePerLine = ((BmpHeader->PixelWidth * BmpHeader->BitPerPixel + 31) >> 3) &
> (~0x3);
> +  BltBufferSize = MultU64x32 (DataSizePerLine, BmpHeader->PixelHeight);
> +  if (BltBufferSize > (UINT32) ~0) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  if ((BmpHeader->Size != BmpImageSize) ||
> +      (BmpHeader->Size < BmpHeader->ImageOffset) ||
> +      (BmpHeader->Size - BmpHeader->ImageOffset !=  BmpHeader->PixelHeight *
> DataSizePerLine)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // Calculate Color Map offset in the image.
> +  //
> +  Image       = BmpImage;
> +  BmpColorMap = (BMP_COLOR_MAP *) (Image + sizeof (BMP_IMAGE_HEADER));
> +  if (BmpHeader->ImageOffset < sizeof (BMP_IMAGE_HEADER)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  if (BmpHeader->ImageOffset > sizeof (BMP_IMAGE_HEADER)) {
> +    switch (BmpHeader->BitPerPixel) {
> +      case 1:
> +        ColorMapNum = 2;
> +        break;
> +      case 4:
> +        ColorMapNum = 16;
> +        break;
> +      case 8:
> +        ColorMapNum = 256;
> +        break;
> +      default:
> +        ColorMapNum = 0;
> +        break;
> +      }
> +    //
> +    // BMP file may has padding data between the bmp header section and the bmp data
> section.
> +    //
> +    if (BmpHeader->ImageOffset - sizeof (BMP_IMAGE_HEADER) < sizeof (BMP_COLOR_MAP) *
> ColorMapNum) {
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  //
> +  // Calculate graphics image data address in the image
> +  //
> +  Image         = ((UINT8 *) BmpImage) + BmpHeader->ImageOffset;
> +  ImageHeader   = Image;
> +
> +  //
> +  // Calculate the BltBuffer needed size.
> +  //
> +  BltBufferSize = MultU64x32 ((UINT64) BmpHeader->PixelWidth, BmpHeader->PixelHeight);
> +  //
> +  // Ensure the BltBufferSize * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL) doesn't
> overflow
> +  //
> +  if (BltBufferSize > DivU64x32 ((UINTN) ~0, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)))
> {
> +    return EFI_UNSUPPORTED;
> +  }
> +  BltBufferSize = MultU64x32 (BltBufferSize, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL));
> +
> +  IsAllocated   = FALSE;
> +  if (*GopBlt == NULL) {
> +    //
> +    // GopBlt is not allocated by caller.
> +    //
> +    *GopBltSize = (UINTN) BltBufferSize;
> +    *GopBlt     = AllocatePool (*GopBltSize);
> +    IsAllocated = TRUE;
> +    if (*GopBlt == NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +  } else {
> +    //
> +    // GopBlt has been allocated by caller.
> +    //
> +    if (*GopBltSize < (UINTN) BltBufferSize) {
> +      *GopBltSize = (UINTN) BltBufferSize;
> +      return EFI_BUFFER_TOO_SMALL;
> +    }
> +  }
> +
> +  *PixelWidth   = BmpHeader->PixelWidth;
> +  *PixelHeight  = BmpHeader->PixelHeight;
> +
> +  //
> +  // Convert image from BMP to Blt buffer format
> +  //
> +  BltBuffer = *GopBlt;
> +  for (Height = 0; Height < BmpHeader->PixelHeight; Height++) {
> +    Blt = &BltBuffer[(BmpHeader->PixelHeight - Height - 1) * BmpHeader->PixelWidth];
> +    for (Width = 0; Width < BmpHeader->PixelWidth; Width++, Image++, Blt++) {
> +      switch (BmpHeader->BitPerPixel) {
> +      case 1:
> +        //
> +        // Convert 1-bit (2 colors) BMP to 24-bit color
> +        //
> +        for (Index = 0; Index < 8 && Width < BmpHeader->PixelWidth; Index++) {
> +          Blt->Red    = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Red;
> +          Blt->Green  = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Green;
> +          Blt->Blue   = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Blue;
> +          Blt++;
> +          Width++;
> +        }
> +
> +        Blt--;
> +        Width--;
> +        break;
> +
> +      case 4:
> +        //
> +        // Convert 4-bit (16 colors) BMP Palette to 24-bit color
> +        //
> +        Index       = (*Image) >> 4;
> +        Blt->Red    = BmpColorMap[Index].Red;
> +        Blt->Green  = BmpColorMap[Index].Green;
> +        Blt->Blue   = BmpColorMap[Index].Blue;
> +        if (Width < (BmpHeader->PixelWidth - 1)) {
> +          Blt++;
> +          Width++;
> +          Index       = (*Image) & 0x0f;
> +          Blt->Red    = BmpColorMap[Index].Red;
> +          Blt->Green  = BmpColorMap[Index].Green;
> +          Blt->Blue   = BmpColorMap[Index].Blue;
> +        }
> +        break;
> +
> +      case 8:
> +        //
> +        // Convert 8-bit (256 colors) BMP Palette to 24-bit color
> +        //
> +        Blt->Red    = BmpColorMap[*Image].Red;
> +        Blt->Green  = BmpColorMap[*Image].Green;
> +        Blt->Blue   = BmpColorMap[*Image].Blue;
> +        break;
> +
> +      case 24:
> +        //
> +        // It is 24-bit BMP.
> +        //
> +        Blt->Blue   = *Image++;
> +        Blt->Green  = *Image++;
> +        Blt->Red    = *Image;
> +        break;
> +
> +      case 32:
> +        //
> +        // it is 32-bit BMP. Skip pixel's highest byte
> +        //
> +        Blt->Blue  = *Image++;
> +        Blt->Green = *Image++;
> +        Blt->Red   = *Image++;
> +        break;
> +
> +      default:
> +        //
> +        // Other bit format BMP is not supported.
> +        //
> +        if (IsAllocated) {
> +          FreePool (*GopBlt);
> +          *GopBlt = NULL;
> +        }
> +        return EFI_UNSUPPORTED;
> +      };
> +
> +    }
> +
> +    ImageIndex = (UINTN) (Image - ImageHeader);
> +    if ((ImageIndex % 4) != 0) {
> +      //
> +      // Bmp Image starts each row on a 32-bit boundary!
> +      //
> +      Image = Image + (4 - (ImageIndex % 4));
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +
> +/**
> +  Those capsules supported by the firmwares.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +
> +  @retval EFI_SUCESS       Input capsule is supported by firmware.
> +  @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
> +**/
> +EFI_STATUS
> +DisplayCapsuleImage (
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  DISPLAY_DISPLAY_PAYLOAD       *ImagePayload;
> +  UINTN                         PayloadSize;
> +  EFI_STATUS                    Status;
> +  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
> +  UINTN                         BltSize;
> +  UINTN                         Height;
> +  UINTN                         Width;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL  *GraphicsOutput;
> +
> +  ImagePayload = (DISPLAY_DISPLAY_PAYLOAD *)(CapsuleHeader + 1);
> +  PayloadSize = (UINTN)(CapsuleHeader->CapsuleImageSize - sizeof(EFI_CAPSULE_HEADER));
> +
> +  if (ImagePayload->Version != 1) {
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CalculateCheckSum8((UINT8 *)CapsuleHeader, CapsuleHeader->CapsuleImageSize) !=
> 0) {
> +    return EFI_UNSUPPORTED;
> +  }
> +  //
> +  // Only Support Bitmap by now
> +  //
> +  if (ImagePayload->ImageType != 0) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Try to open GOP
> +  //
> +  Status = gBS->HandleProtocol (gST->ConsoleOutHandle,
> &gEfiGraphicsOutputProtocolGuid, (VOID **)&GraphicsOutput);
> +  if (EFI_ERROR (Status)) {
> +    Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID
> **)&GraphicsOutput);
> +    if (EFI_ERROR(Status)) {
> +      return EFI_UNSUPPORTED;
> +    }
> +  }
> +
> +  if (GraphicsOutput->Mode->Mode != ImagePayload->Mode) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  Blt = NULL;
> +  Width = 0;
> +  Height = 0;
> +  Status = ConvertBmpToGopBlt (
> +             ImagePayload + 1,
> +             PayloadSize - sizeof(DISPLAY_DISPLAY_PAYLOAD),
> +             (VOID **)&Blt,
> +             &BltSize,
> +             &Height,
> +             &Width
> +             );
> +
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  Status = GraphicsOutput->Blt (
> +                             GraphicsOutput,
> +                             Blt,
> +                             EfiBltBufferToVideo,
> +                             0,
> +                             0,
> +                             (UINTN) ImagePayload->OffsetX,
> +                             (UINTN) ImagePayload->OffsetY,
> +                             Width,
> +                             Height,
> +                             Width * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)
> +                             );
> +
> +  FreePool(Blt);
> +
> +  return Status;
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  DEBUG((DEBUG_VERBOSE, "  DescriptorVersion  - 0x%x\n", DescriptorVersion));
> +  DEBUG((DEBUG_VERBOSE, "  DescriptorCount    - 0x%x\n", DescriptorCount));
> +  DEBUG((DEBUG_VERBOSE, "  DescriptorSize     - 0x%x\n", DescriptorSize));
> +  DEBUG((DEBUG_VERBOSE, "  PackageVersion     - 0x%x\n", PackageVersion));
> +  DEBUG((DEBUG_VERBOSE, "  PackageVersionName - %s\n\n", PackageVersionName));
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    DEBUG((DEBUG_VERBOSE, "  ImageDescriptor (%d)\n", Index));
> +    DEBUG((DEBUG_VERBOSE, "    ImageIndex                  - 0x%x\n",
> CurrentImageInfo->ImageIndex));
> +    DEBUG((DEBUG_VERBOSE, "    ImageTypeId                 - %g\n", &CurrentImageInfo-
> >ImageTypeId));
> +    DEBUG((DEBUG_VERBOSE, "    ImageId                     - 0x%lx\n",
> CurrentImageInfo->ImageId));
> +    DEBUG((DEBUG_VERBOSE, "    ImageIdName                 - %s\n", CurrentImageInfo-
> >ImageIdName));
> +    DEBUG((DEBUG_VERBOSE, "    Version                     - 0x%x\n",
> CurrentImageInfo->Version));
> +    DEBUG((DEBUG_VERBOSE, "    VersionName                 - %s\n", CurrentImageInfo-
> >VersionName));
> +    DEBUG((DEBUG_VERBOSE, "    Size                        - 0x%x\n",
> CurrentImageInfo->Size));
> +    DEBUG((DEBUG_VERBOSE, "    AttributesSupported         - 0x%lx\n",
> CurrentImageInfo->AttributesSupported));
> +    DEBUG((DEBUG_VERBOSE, "    AttributesSetting           - 0x%lx\n",
> CurrentImageInfo->AttributesSetting));
> +    DEBUG((DEBUG_VERBOSE, "    Compatibilities             - 0x%lx\n",
> CurrentImageInfo->Compatibilities));
> +    if (DescriptorVersion > 1) {
> +      DEBUG((DEBUG_VERBOSE, "    LowestSupportedImageVersion - 0x%x\n",
> CurrentImageInfo->LowestSupportedImageVersion));
> +      if (DescriptorVersion > 2) {
> +        DEBUG((DEBUG_VERBOSE, "    LastAttemptVersion          - 0x%x\n",
> CurrentImageInfo->LastAttemptVersion));
> +        DEBUG((DEBUG_VERBOSE, "    LastAttemptStatus           - 0x%x\n",
> CurrentImageInfo->LastAttemptStatus));
> +        DEBUG((DEBUG_VERBOSE, "    HardwareInstance            - 0x%lx\n",
> CurrentImageInfo->HardwareInstance));
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER                *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *ImageHeader;
> +  UINTN                                         Index;
> +  UINT64                                        *ItemOffsetList;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +
> +  DEBUG((DEBUG_VERBOSE, "FmpCapsule:\n"));
> +  DEBUG((DEBUG_VERBOSE, "  Version                - 0x%x\n", FmpCapsuleHeader-
> >Version));
> +  DEBUG((DEBUG_VERBOSE, "  EmbeddedDriverCount    - 0x%x\n", FmpCapsuleHeader-
> >EmbeddedDriverCount));
> +  DEBUG((DEBUG_VERBOSE, "  PayloadItemCount       - 0x%x\n", FmpCapsuleHeader-
> >PayloadItemCount));
> +
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
> +    DEBUG((DEBUG_VERBOSE, "  ItemOffsetList[%d]      - 0x%lx\n", Index,
> ItemOffsetList[Index]));
> +  }
> +  for (; Index < (UINTN)(FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader-
> >PayloadItemCount); Index++) {
> +    DEBUG((DEBUG_VERBOSE, "  ItemOffsetList[%d]      - 0x%lx\n", Index,
> ItemOffsetList[Index]));
> +    ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +
> +    DEBUG((DEBUG_VERBOSE, "  ImageHeader:\n"));
> +    DEBUG((DEBUG_VERBOSE, "    Version                - 0x%x\n", ImageHeader-
> >Version));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateImageTypeId      - %g\n", &ImageHeader-
> >UpdateImageTypeId));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateImageIndex       - 0x%x\n", ImageHeader-
> >UpdateImageIndex));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateImageSize        - 0x%x\n", ImageHeader-
> >UpdateImageSize));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateVendorCodeSize   - 0x%x\n", ImageHeader-
> >UpdateVendorCodeSize));
> +    if (ImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      DEBUG((DEBUG_VERBOSE, "    UpdateHardwareInstance - 0x%lx\n", ImageHeader-
> >UpdateHardwareInstance));
> +    }
> +  }
> +}
> +
> +/**
> +  Process Firmware management protocol data capsule.
> +
> +  This function assumes the caller validated the capsule by using
> +  ValidateFmpCapsule(), so that all fields in EFI_CAPSULE_HEADER,
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are correct.
> +
> +  This function need support nested FMP capsule.
> +
> +  @param  CapsuleHeader         Points to a capsule header.
> +  @param  AreAllImagesProcessed If all the FMP images in the capsule are processed.
> +
> +  @retval EFI_SUCESS            Process Capsule Image successfully.
> +  @retval EFI_UNSUPPORTED       Capsule image is not supported by the firmware.
> +  @retval EFI_VOLUME_CORRUPTED  FV volume in the capsule is corrupted.
> +  @retval EFI_OUT_OF_RESOURCES  Not enough memory.
> +**/
> +EFI_STATUS
> +ProcessFmpCapsuleImage (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader,
> +  OUT BOOLEAN           *AreAllImagesProcessed
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_STATUS                                    StatusEsrt;
> +  EFI_STATUS                                    StatusRet;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *ImageHeader;
> +  UINT8                                         *Image;
> +  EFI_HANDLE                                    ImageHandle;
> +  UINT64                                        *ItemOffsetList;
> +  UINT32                                        ItemNum;
> +  UINTN                                         Index;
> +  UINTN                                         ExitDataSize;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         DescriptorSize;
> +  UINT8                                         FmpImageInfoCount;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  CHAR16                                        *AbortReason;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *TempFmpImageInfo;
> +  UINTN                                         DriverLen;
> +  UINTN                                         Index1;
> +  UINTN                                         Index2;
> +  MEMMAP_DEVICE_PATH                            MemMapNode;
> +  EFI_DEVICE_PATH_PROTOCOL                      *DriverDevicePath;
> +  ESRT_MANAGEMENT_PROTOCOL                      *EsrtProtocol;
> +  EFI_SYSTEM_RESOURCE_ENTRY                     EsrtEntry;
> +  VOID                                          *VendorCode;
> +
> +  if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
> +    return ProcessFmpCapsuleImage ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader +
> CapsuleHeader->HeaderSize), AreAllImagesProcessed);
> +  }
> +
> +  ASSERT(AreAllImagesProcessed != NULL);
> +
> +  Status           = EFI_SUCCESS;
> +  StatusRet        = EFI_NOT_FOUND;
> +  HandleBuffer     = NULL;
> +  ExitDataSize     = 0;
> +  DriverDevicePath = NULL;
> +  EsrtProtocol     = NULL;
> +  *AreAllImagesProcessed = FALSE;
> +
> +  DumpFmpCapsule(CapsuleHeader);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *)
> CapsuleHeader + CapsuleHeader->HeaderSize);
> +
> +  if (FmpCapsuleHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION)
> {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +
> +  ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader-
> >PayloadItemCount;
> +
> +  //
> +  // capsule in which driver count and payload count are both zero is not processed.
> +  //
> +  if (ItemNum == 0) {
> +    *AreAllImagesProcessed = TRUE;
> +    return EFI_SUCCESS;
> +  }
> +
> +  //
> +  // Update corresponding ESRT entry LastAttemp Status
> +  //
> +  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtProtocol);
> +  if (EFI_ERROR (Status)) {
> +    EsrtProtocol = NULL;
> +  }
> +
> +  //
> +  // 1. Try to load & start all the drivers within capsule
> +  //
> +  SetDevicePathNodeLength (&MemMapNode.Header, sizeof (MemMapNode));
> +  MemMapNode.Header.Type     = HARDWARE_DEVICE_PATH;
> +  MemMapNode.Header.SubType  = HW_MEMMAP_DP;
> +  MemMapNode.MemoryType      = EfiBootServicesCode;
> +  MemMapNode.StartingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)CapsuleHeader;
> +  MemMapNode.EndingAddress   = (EFI_PHYSICAL_ADDRESS)(UINTN)((UINT8 *)CapsuleHeader +
> CapsuleHeader->CapsuleImageSize - 1);
> +
> +  DriverDevicePath = AppendDevicePathNode (NULL, &MemMapNode.Header);
> +  if (DriverDevicePath == NULL) {
> +    return EFI_OUT_OF_RESOURCES;
> +  }
> +
> +  for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
> +    if (FmpCapsuleHeader->PayloadItemCount == 0 && Index == (UINTN)FmpCapsuleHeader-
> >EmbeddedDriverCount - 1) {
> +      //
> +      // When driver is last element in the ItemOffsetList array, the driver size is
> calculated by reference CapsuleImageSize in EFI_CAPSULE_HEADER
> +      //
> +      DriverLen = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize -
> (UINTN)ItemOffsetList[Index];
> +    } else {
> +      DriverLen = (UINTN)ItemOffsetList[Index + 1] - (UINTN)ItemOffsetList[Index];
> +    }
> +
> +    DEBUG((EFI_D_INFO, "FmpCapsule: LoadImage ...\n"));
> +    Status = gBS->LoadImage(
> +                    FALSE,
> +                    gImageHandle,
> +                    DriverDevicePath,
> +                    (UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index],
> +                    DriverLen,
> +                    &ImageHandle
> +                    );
> +    DEBUG((EFI_D_INFO, "FmpCapsule: LoadImage - %r\n", Status));
> +    if (EFI_ERROR(Status)) {
> +      StatusRet = Status;
> +      goto EXIT;
> +    }
> +
> +    DEBUG((EFI_D_INFO, "FmpCapsule: StartImage ...\n"));
> +    Status = gBS->StartImage(
> +                    ImageHandle,
> +                    &ExitDataSize,
> +                    NULL
> +                    );
> +    DEBUG((EFI_D_INFO, "FmpCapsule: StartImage - %r\n", Status));
> +    if (EFI_ERROR(Status)) {
> +      DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
> +      StatusRet = Status;
> +      goto EXIT;
> +    }
> +  }
> +
> +  //
> +  // 2. Route payload to right FMP instance
> +  //
> +  DEBUG((EFI_D_INFO, "FmpCapsule: route payload to right FMP instance ...\n"));
> +
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +
> +  if (!EFI_ERROR(Status)) {
> +    for(Index1 = 0; Index1 < NumberOfHandles; Index1++) {
> +      Status = gBS->HandleProtocol(
> +                      HandleBuffer[Index1],
> +                      &gEfiFirmwareManagementProtocolGuid,
> +                      (VOID **)&Fmp
> +                      );
> +      if (EFI_ERROR(Status)) {
> +        continue;
> +      }
> +
> +      ImageInfoSize = 0;
> +      Status = Fmp->GetImageInfo (
> +                      Fmp,
> +                      &ImageInfoSize,
> +                      NULL,
> +                      NULL,
> +                      NULL,
> +                      NULL,
> +                      NULL,
> +                      NULL
> +                      );
> +      if (Status != EFI_BUFFER_TOO_SMALL) {
> +        continue;
> +      }
> +
> +      FmpImageInfoBuf = NULL;
> +      FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +      if (FmpImageInfoBuf == NULL) {
> +        StatusRet = EFI_OUT_OF_RESOURCES;
> +        goto EXIT;
> +      }
> +
> +      PackageVersionName = NULL;
> +      Status = Fmp->GetImageInfo (
> +                      Fmp,
> +                      &ImageInfoSize,               // ImageInfoSize
> +                      FmpImageInfoBuf,              // ImageInfo
> +                      &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                      &FmpImageInfoCount,           // DescriptorCount
> +                      &DescriptorSize,              // DescriptorSize
> +                      &PackageVersion,              // PackageVersion
> +                      &PackageVersionName           // PackageVersionName
> +                      );
> +
> +      //
> +      // If FMP GetInformation interface failed, skip this resource
> +      //
> +      if (EFI_ERROR(Status)) {
> +        FreePool(FmpImageInfoBuf);
> +        continue;
> +      }
> +
> +      DEBUG((EFI_D_INFO, "FMP (%d) ImageInfo:\n", Index));
> +      DumpFmpImageInfo(
> +        ImageInfoSize,               // ImageInfoSize
> +        FmpImageInfoBuf,             // ImageInfo
> +        FmpImageInfoDescriptorVer,   // DescriptorVersion
> +        FmpImageInfoCount,           // DescriptorCount
> +        DescriptorSize,              // DescriptorSize
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName           // PackageVersionName
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +
> +      TempFmpImageInfo = FmpImageInfoBuf;
> +      for (Index2 = 0; Index2 < FmpImageInfoCount; Index2++) {
> +        //
> +        // Check all the payload entry in capsule payload list
> +        //
> +        for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++)
> {
> +          ImageHeader  = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +
> +          if (IsFmpCapsuleProcessed(CapsuleHeader, Index - FmpCapsuleHeader-
> >EmbeddedDriverCount, ImageHeader)) {
> +            DEBUG((EFI_D_INFO, "FMP Capsule already processed (%g):", CapsuleHeader));
> +            DEBUG((EFI_D_INFO, "ImageTypeId - %g, ", ImageHeader->UpdateImageTypeId));
> +            DEBUG((EFI_D_INFO, "PayloadIndex - 0x%x, ImageIndex - 0x%x\n", Index -
> FmpCapsuleHeader->EmbeddedDriverCount, ImageHeader->UpdateImageIndex));
> +            continue;
> +          }
> +
> +          if (CompareGuid(&ImageHeader->UpdateImageTypeId, &TempFmpImageInfo-
> >ImageTypeId) &&
> +              ImageHeader->UpdateImageIndex == TempFmpImageInfo->ImageIndex) {
> +            AbortReason = NULL;
> +            if (ImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +              if(ImageHeader->UpdateHardwareInstance != 0){
> +                //
> +                // FMP Version is >=2 & UpdateHardwareInstance Skip 2 case
> +                //  1. FMP Image info Version < 3
> +                //  2. HardwareInstance doesn't match
> +                //
> +                if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION
> ||
> +                   ImageHeader->UpdateHardwareInstance != TempFmpImageInfo-
> >HardwareInstance) {
> +                  continue;
> +                }
> +              }
> +              Image = (UINT8 *)(ImageHeader + 1);
> +            } else {
> +              //
> +              // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1,
> only match ImageTypeId.
> +              // Header should exclude UpdateHardwareInstance field
> +              //
> +              Image = (UINT8 *)ImageHeader +
> OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
> +            }
> +
> +            if (ImageHeader->UpdateVendorCodeSize == 0) {
> +              VendorCode = NULL;
> +            } else {
> +              VendorCode = Image + ImageHeader->UpdateImageSize;
> +            }
> +            DEBUG((EFI_D_INFO, "Fmp->SetImage ...\n"));
> +            Status = Fmp->SetImage(
> +                            Fmp,
> +                            ImageHeader->UpdateImageIndex,          // ImageIndex
> +                            Image,                                  // Image
> +                            ImageHeader->UpdateImageSize,           // ImageSize
> +                            VendorCode,                                   //
> VendorCode
> +                            Update_Image_Progress,                  // Progress
> +                            &AbortReason                            // AbortReason
> +                            );
> +            DEBUG((EFI_D_INFO, "Fmp->SetImage - %r\n", Status));
> +            if (AbortReason != NULL) {
> +              DEBUG ((EFI_D_ERROR, "%s\n", AbortReason));
> +              FreePool(AbortReason);
> +            }
> +            RecordFmpCapsuleStatusVariable(
> +              CapsuleHeader,                                 // CapsuleGuid
> +              Status,                                        // CapsuleStatus
> +              Index - FmpCapsuleHeader->EmbeddedDriverCount, // PayloadIndex
> +              ImageHeader                                    // ImageHeader
> +              );
> +            if (StatusRet != EFI_SUCCESS) {
> +              StatusRet = Status;
> +            }
> +            //
> +            // Update EsrtEntry For V1, V2 FMP instance. V3 FMP ESRT cache will be
> synced up through EsrtSyncFmp interface
> +            //
> +            if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION &&
> EsrtProtocol != NULL) {
> +               StatusEsrt = EsrtProtocol->GetEsrtEntry(&TempFmpImageInfo->ImageTypeId,
> &EsrtEntry);
> +               if (!EFI_ERROR(StatusEsrt)){
> +                 if (!EFI_ERROR(Status)) {
> +                   EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
> +                 } else {
> +                   EsrtEntry.LastAttemptStatus =
> LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
> +                 }
> +                 EsrtEntry.LastAttemptVersion = 0;
> +                 EsrtProtocol->UpdateEsrtEntry(&EsrtEntry);
> +               }
> +             }
> +          }
> +        }
> +        //
> +        // Use DescriptorSize to move ImageInfo Pointer to stay compatible with
> different ImageInfo version
> +        //
> +        TempFmpImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)TempFmpImageInfo
> + DescriptorSize);
> +      }
> +      FreePool(FmpImageInfoBuf);
> +    }
> +  }
> +
> +  //
> +  // final check for AreAllImagesProcessed
> +  //
> +  *AreAllImagesProcessed = TRUE;
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
> +    ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +
> +    if (!IsFmpCapsuleProcessed(CapsuleHeader, Index - FmpCapsuleHeader-
> >EmbeddedDriverCount, ImageHeader)) {
> +      *AreAllImagesProcessed = FALSE;
> +      break;
> +    }
> +  }
> +
> +EXIT:
> +
> +  if (HandleBuffer != NULL) {
> +    FreePool(HandleBuffer);
> +  }
> +
> +  if (DriverDevicePath != NULL) {
> +    FreePool(DriverDevicePath);
> +  }
> +
> +  return StatusRet;
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +  ESRT_MANAGEMENT_PROTOCOL   *EsrtProtocol;
> +  EFI_SYSTEM_RESOURCE_ENTRY  Entry;
> +
> +  EsrtGuidFound = FALSE;
> +
> +  //
> +  // Check ESRT protocol
> +  //
> +  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtProtocol);
> +  if (!EFI_ERROR(Status)) {
> +    Status = EsrtProtocol->GetEsrtEntry(&CapsuleHeader->CapsuleGuid, &Entry);
> +    if (!EFI_ERROR(Status)) {
> +      EsrtGuidFound = TRUE;
> +    }
> +  }
> +
> +  //
> +  // Check ESRT configuration table
> +  //
> +  if (!EsrtGuidFound) {
> +    Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +    if (!EFI_ERROR(Status)) {
> +      EsrtEntry = (VOID *)(Esrt + 1);
> +      for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +        if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +          EsrtGuidFound = TRUE;
> +          break;
> +        }
> +      }
> +    }
> +  }
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->CapsuleImageSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!IsValidCapsuleHeader(NestedCapsuleHeader, NestedCapsuleSize)) {
> +    return FALSE;
> +  }
> +  if (!IsFmpCapsuleGuid(&NestedCapsuleHeader->CapsuleGuid)) {
> +    return FALSE;
> +  }
> +  DEBUG ((EFI_D_INFO, "IsNestedFmpCapsule\n"));
> +  return TRUE;
> +}
> +
> +/**
> +  Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  It is a system FMP.
> +  @retval FALSE It is a device FMP.
> +**/
> +BOOLEAN
> +IsFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  if (IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
> +    return TRUE;
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    return TRUE;
> +  }
> +  return FALSE;
> +}
> +
> +/**
> +  Those capsules supported by the firmwares.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +
> +  @retval EFI_SUCESS       Input capsule is supported by firmware.
> +  @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
> +  @retval EFI_INVALID_PARAMETER Input capsule layout is not correct
> +**/
> +EFI_STATUS
> +EFIAPI
> +SupportCapsuleImage (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader
> +  )
> +{
> +  //
> +  // check Display Capsule Guid
> +  //
> +  if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
> +    return EFI_SUCCESS;
> +  }
> +
> +  if (IsFmpCapsule(CapsuleHeader)) {
> +    //
> +    // Check layout of FMP capsule
> +    //
> +    return ValidateFmpCapsule(CapsuleHeader, NULL);
> +  }
> +  DEBUG((EFI_D_ERROR, "Unknown Capsule Guid - %g\n", &CapsuleHeader->CapsuleGuid));
> +  return EFI_UNSUPPORTED;
> +}
> +
> +/**
> +  The firmware implements to process the capsule image.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  CapsuleHeader         Points to a capsule header.
> +
> +  @retval EFI_SUCESS            Process Capsule Image successfully.
> +  @retval EFI_UNSUPPORTED       Capsule image is not supported by the firmware.
> +  @retval EFI_VOLUME_CORRUPTED  FV volume in the capsule is corrupted.
> +  @retval EFI_OUT_OF_RESOURCES  Not enough memory.
> +**/
> +EFI_STATUS
> +EFIAPI
> +ProcessCapsuleImage (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                   Status;
> +  BOOLEAN                      AreAllImagesProcessed;
> +
> +  if (SupportCapsuleImage (CapsuleHeader) != EFI_SUCCESS) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Display image in firmware update display capsule
> +  //
> +  if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
> +    DEBUG((EFI_D_INFO, "ProcessCapsuleImage for WindowsUxCapsule ...\n"));
> +    Status = DisplayCapsuleImage(CapsuleHeader);
> +    RecordCapsuleStatusVariable(CapsuleHeader, Status);
> +    return Status;
> +  }
> +
> +  //
> +  // Check FMP capsule layout
> +  //
> +  if (IsFmpCapsule (CapsuleHeader)) {
> +    DEBUG((EFI_D_INFO, "ProcessCapsuleImage for FmpCapsule ...\n"));
> +    DEBUG((EFI_D_INFO, "ValidateFmpCapsule ...\n"));
> +    Status = ValidateFmpCapsule(CapsuleHeader, NULL);
> +    DEBUG((EFI_D_INFO, "ValidateFmpCapsule - %r\n", Status));
> +    if (EFI_ERROR(Status)) {
> +      return Status;
> +    }
> +
> +    //
> +    // Press EFI FMP Capsule
> +    //
> +    DEBUG((EFI_D_INFO, "ProcessFmpCapsuleImage ...\n"));
> +    Status = ProcessFmpCapsuleImage(CapsuleHeader, &AreAllImagesProcessed);
> +    DEBUG((EFI_D_INFO, "ProcessFmpCapsuleImage - %r\n", Status));
> +
> +    if (!AreAllImagesProcessed) {
> +      mAreAllImagesProcessed = FALSE;
> +    }
> +
> +    return Status;
> +  }
> +
> +  return EFI_UNSUPPORTED;
> +}
> +
> +/**
> +  Callback function executed when the EndOfDxe event group is signaled.
> +
> +  @param[in] Event      Event whose notification function is being invoked.
> +  @param[in] Context    The pointer to the notification function's context, which
> +                        is implementation-dependent.
> +**/
> +VOID
> +EFIAPI
> +DxeCapsuleLibEndOfDxe(
> +  IN EFI_EVENT  Event,
> +  IN VOID       *Context
> +  )
> +{
> +  mDxeCapsuleLibEndOfDxe = TRUE;
> +}
> +
> +/**
> +  The constructor function.
> +
> +  @param  ImageHandle   The firmware allocated handle for the EFI image.
> +  @param  SystemTable   A pointer to the EFI System Table.
> +
> +  @retval EFI_SUCCESS   The constructor successfully .
> +**/
> +EFI_STATUS
> +EFIAPI
> +DxeCapsuleLibConstructor(
> +  IN EFI_HANDLE         ImageHandle,
> +  IN EFI_SYSTEM_TABLE   *SystemTable
> +  )
> +{
> +  EFI_EVENT     EndOfDxeEvent;
> +  EFI_STATUS    Status;
> +
> +  Status = gBS->CreateEventEx (
> +                  EVT_NOTIFY_SIGNAL,
> +                  TPL_CALLBACK,
> +                  DxeCapsuleLibEndOfDxe,
> +                  NULL,
> +                  &gEfiEndOfDxeEventGroupGuid,
> +                  &EndOfDxeEvent
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  InitCapsuleVariable();
> +
> +  return EFI_SUCCESS;
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> new file mode 100644
> index 0000000..5e437dc
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> @@ -0,0 +1,80 @@
> +## @file
> +#  Capsule library instance for DXE_DRIVER.
> +#
> +#  Capsule library instance for DXE_DRIVER module types.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010005
> +  BASE_NAME                      = DxeCapsuleLib
> +  MODULE_UNI_FILE                = DxeCapsuleLib.uni
> +  FILE_GUID                      = 534E35DE-8EB3-47b3-A4E0-72A571E50733
> +  MODULE_TYPE                    = DXE_DRIVER
> +  VERSION_STRING                 = 1.0
> +  LIBRARY_CLASS                  = CapsuleLib|DXE_DRIVER UEFI_APPLICATION
> +  CONSTRUCTOR                    = DxeCapsuleLibConstructor
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
> +#
> +
> +[Sources]
> +  DxeCapsuleLib.c
> +  DxeCapsuleProcessLib.c
> +  DxeCapsuleReportLib.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[LibraryClasses]
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  MemoryAllocationLib
> +  DxeServicesTableLib
> +  UefiBootServicesTableLib
> +  DevicePathLib
> +  ReportStatusCodeLib
> +  PrintLib
> +  HobLib
> +
> +[Pcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag      ##
> CONSUMES
> +
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule                ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd      ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware        ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess   ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem         ##
> CONSUMES
> +
> +[Protocols]
> +  gEsrtManagementProtocolGuid             ## CONSUMES
> +  gEfiFirmwareManagementProtocolGuid      ## SOMETIMES_CONSUMES
> +  gEdkiiVariableLockProtocolGuid          ## SOMETIMES_CONSUMES
> +
> +[Guids]
> +  gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
> +  gWindowsUxCapsuleGuid                   ## SOMETIMES_CONSUMES ## GUID
> +  gEfiSystemResourceTableGuid             ## SOMETIMES_CONSUMES ## GUID
> +  gEfiCapsuleReportGuid                   ## CONSUMES ## Variable
> +  gEfiCapsuleVendorGuid                   ## CONSUMES ## Variable
> +  gEfiEndOfDxeEventGroupGuid              ## CONSUMES ## Event
> +
> +[Depex]
> +  gEfiVariableWriteArchProtocolGuid
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
> new file mode 100644
> index 0000000..05a80d0
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// Capsule library instance for DXE_DRIVER.
> +//
> +// Capsule library instance for DXE_DRIVER module types.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution.  The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +//
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "Capsule Support Library"
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "Capsule library instance for
> DXE_DRIVER module types."
> +
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
> new file mode 100644
> index 0000000..c84cd3e
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
> @@ -0,0 +1,486 @@
> +/** @file
> +  DXE capsule process.
> +
> +  Caution: This module requires additional review when modified.
> +  This module will have external input - capsule image.
> +  This external input must be validated carefully to avoid security issue like
> +  buffer overflow, integer overflow.
> +
> +  ProcessCapsules(), ProcessTheseCapsules() will receive untrusted
> +  input and do basic validation.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Protocol/EsrtManagement.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PcdLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/ReportStatusCodeLib.h>
> +#include <Library/CapsuleLib.h>
> +
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  It is a system FMP.
> +  @retval FALSE It is a device FMP.
> +**/
> +BOOLEAN
> +IsFmpCapsule(
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader
> +  );
> +
> +/**
> +  Validate Fmp capsules layout.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  This function assumes the caller validated the capsule by using
> +  IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
> +  The capsule buffer size is CapsuleHeader->CapsuleImageSize.
> +
> +  This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
> +  and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
> +
> +  This function need support nested FMP capsule.
> +
> +  @param[in]   CapsuleHeader        Points to a capsule header.
> +  @param[out]  EmbeddedDriverCount  The EmbeddedDriverCount in the FMP capsule.
> +
> +  @retval EFI_SUCESS             Input capsule is a correct FMP capsule.
> +  @retval EFI_INVALID_PARAMETER  Input capsule is not a correct FMP capsule.
> +**/
> +EFI_STATUS
> +ValidateFmpCapsule(
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader,
> +  OUT UINT16            *EmbeddedDriverCount OPTIONAL
> +  );
> +
> +/**
> +  Validate if it is valid capsule header
> +
> +  This function assumes the caller provided correct CapsuleHeader pointer
> +  and CapsuleSize.
> +
> +  This function validates the fields in EFI_CAPSULE_HEADER.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +  @param  CapsuleSize      Size of the whole capsule image.
> +
> +**/
> +BOOLEAN
> +IsValidCapsuleHeader(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader,
> +  IN UINT64              CapsuleSize
> +  );
> +
> +extern BOOLEAN                   mDxeCapsuleLibEndOfDxe;
> +BOOLEAN                          mNeedReset;
> +BOOLEAN                          mAreAllImagesProcessed;
> +
> +/**
> +
> +  This routine is called to process capsules.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  Each individual capsule result is recorded in capsule record variable.
> +
> +  @param  NeedBlockDriver         TRUE: Need skip the FMP capsules with non zero
> EmbeddedDriverCount.
> +                                  FALSE: No need to skip any FMP capsules.
> +
> +  @retval EFI_SUCCESS             There is no error when processing capsules.
> +  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
> +
> +**/
> +EFI_STATUS
> +ProcessTheseCapsules (
> +  IN BOOLEAN  NeedBlockDriver
> +  )
> +{
> +  EFI_STATUS                  Status;
> +  EFI_PEI_HOB_POINTERS        HobPointer;
> +  EFI_CAPSULE_HEADER          *CapsuleHeader;
> +  UINT32                      Size;
> +  UINT32                      CapsuleNumber;
> +  UINT32                      CapsuleTotalNumber;
> +  EFI_CAPSULE_TABLE           *CapsuleTable;
> +  UINT32                      Index;
> +  UINT32                      CacheIndex;
> +  UINT32                      CacheNumber;
> +  VOID                        **CapsulePtr;
> +  VOID                        **CapsulePtrCache;
> +  EFI_GUID                    *CapsuleGuidCache;
> +  EFI_STATUS                  *CapsuleStatusArray;
> +  BOOLEAN                     DisplayCapsuleExist;
> +  ESRT_MANAGEMENT_PROTOCOL    *EsrtManagement;
> +  UINT16                      EmbeddedDriverCount;
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeProcessCapsulesBegin)));
> +
> +  CapsuleNumber       = 0;
> +  CapsuleTotalNumber  = 0;
> +  CacheIndex          = 0;
> +  CacheNumber         = 0;
> +  CapsulePtr          = NULL;
> +  CapsulePtrCache     = NULL;
> +  CapsuleGuidCache    = NULL;
> +  DisplayCapsuleExist = FALSE;
> +  EsrtManagement      = NULL;
> +
> +  Status = EFI_SUCCESS;
> +  //
> +  // Find all capsule images from hob
> +  //
> +  HobPointer.Raw = GetHobList ();
> +  while ((HobPointer.Raw = GetNextHob (EFI_HOB_TYPE_UEFI_CAPSULE, HobPointer.Raw)) !=
> NULL) {
> +    if (!IsValidCapsuleHeader((VOID *)(UINTN)HobPointer.Capsule->BaseAddress,
> HobPointer.Capsule->Length)) {
> +      HobPointer.Header->HobType = EFI_HOB_TYPE_UNUSED; // Mark this hob as invalid
> +    } else {
> +      CapsuleTotalNumber++;
> +    }
> +    HobPointer.Raw = GET_NEXT_HOB (HobPointer);
> +  }
> +
> +  if (CapsuleTotalNumber == 0) {
> +    //
> +    // We didn't find a hob, so had no errors.
> +    //
> +    DEBUG ((EFI_D_ERROR, "We can not find capsule data in capsule update boot
> mode.\n"));
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  //
> +  // Init temp Capsule Data table.
> +  //
> +  CapsulePtr       = (VOID **) AllocateZeroPool (sizeof (VOID *) *
> CapsuleTotalNumber);
> +  ASSERT (CapsulePtr != NULL);
> +  if (CapsulePtr == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +  CapsulePtrCache  = (VOID **) AllocateZeroPool (sizeof (VOID *) *
> CapsuleTotalNumber);
> +  ASSERT (CapsulePtrCache != NULL);
> +  if (CapsulePtrCache == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +  CapsuleGuidCache = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID) *
> CapsuleTotalNumber);
> +  ASSERT (CapsuleGuidCache != NULL);
> +  if (CapsuleGuidCache == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +  CapsuleStatusArray = (EFI_STATUS *) AllocateZeroPool (sizeof (EFI_STATUS) *
> CapsuleTotalNumber);
> +  ASSERT (CapsuleStatusArray != NULL);
> +  if (CapsuleStatusArray == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  //
> +  // Find all capsule images from hob
> +  //
> +  HobPointer.Raw = GetHobList ();
> +  while ((HobPointer.Raw = GetNextHob (EFI_HOB_TYPE_UEFI_CAPSULE, HobPointer.Raw)) !=
> NULL) {
> +    CapsulePtr [CapsuleNumber++] = (VOID *) (UINTN) HobPointer.Capsule->BaseAddress;
> +    HobPointer.Raw = GET_NEXT_HOB (HobPointer);
> +  }
> +
> +  //
> +  // Check the capsule flags,if contains CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE, install
> +  // capsuleTable to configure table with EFI_CAPSULE_GUID
> +  //
> +
> +  //
> +  // Capsules who have CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE always are used for
> operating
> +  // System to have information persist across a system reset. EFI System Table must
> +  // point to an array of capsules that contains the same CapsuleGuid value. And
> agents
> +  // searching for this type capsule will look in EFI System Table and search for the
> +  // capsule's Guid and associated pointer to retrieve the data. Two steps below
> describes
> +  // how to sorting the capsules by the unique guid and install the array to EFI
> System Table.
> +  // Firstly, Loop for all coalesced capsules, record unique CapsuleGuids and cache
> them in an
> +  // array for later sorting capsules by CapsuleGuid.
> +  //
> +  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +    CapsuleStatusArray [Index] = EFI_UNSUPPORTED;
> +    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +    if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0) {
> +      //
> +      // For each capsule, we compare it with known CapsuleGuid in the CacheArray.
> +      // If already has the Guid, skip it. Whereas, record it in the CacheArray as
> +      // an additional one.
> +      //
> +      CacheIndex = 0;
> +      while (CacheIndex < CacheNumber) {
> +        if (CompareGuid(&CapsuleGuidCache[CacheIndex],&CapsuleHeader->CapsuleGuid)) {
> +          break;
> +        }
> +        CacheIndex++;
> +      }
> +      if (CacheIndex == CacheNumber) {
> +        CopyMem(&CapsuleGuidCache[CacheNumber++],&CapsuleHeader-
> >CapsuleGuid,sizeof(EFI_GUID));
> +      }
> +    }
> +  }
> +
> +  //
> +  // Secondly, for each unique CapsuleGuid in CacheArray, gather all coalesced
> capsules
> +  // whose guid is the same as it, and malloc memory for an array which preceding
> +  // with UINT32. The array fills with entry point of capsules that have the same
> +  // CapsuleGuid, and UINT32 represents the size of the array of capsules. Then
> install
> +  // this array into EFI System Table, so that agents searching for this type capsule
> +  // will look in EFI System Table and search for the capsule's Guid and associated
> +  // pointer to retrieve the data.
> +  //
> +  CacheIndex = 0;
> +  while (CacheIndex < CacheNumber) {
> +    CapsuleNumber = 0;
> +    for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +      CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +      if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0) {
> +        if (CompareGuid (&CapsuleGuidCache[CacheIndex], &CapsuleHeader->CapsuleGuid))
> {
> +          //
> +          // Cache Caspuleheader to the array, this array is uniqued with certain
> CapsuleGuid.
> +          //
> +          CapsulePtrCache[CapsuleNumber++] = (VOID*)CapsuleHeader;
> +          //
> +          // When a Capsule is listed in CapsulePtrCache, it will be reported in
> ConfigurationTable
> +          // So, report the CapsuleStatus as "processed successfully".
> +          //
> +          CapsuleStatusArray [Index] = EFI_SUCCESS;
> +        }
> +      }
> +    }
> +    if (CapsuleNumber != 0) {
> +      Size = sizeof(EFI_CAPSULE_TABLE) + (CapsuleNumber - 1) * sizeof(VOID*);
> +      CapsuleTable = AllocateRuntimePool (Size);
> +      ASSERT (CapsuleTable != NULL);
> +      if (CapsuleTable == NULL) {
> +        return EFI_OUT_OF_RESOURCES;
> +      }
> +      CapsuleTable->CapsuleArrayNumber =  CapsuleNumber;
> +      CopyMem(&CapsuleTable->CapsulePtr[0], CapsulePtrCache, CapsuleNumber *
> sizeof(VOID*));
> +      Status = gBS->InstallConfigurationTable (&CapsuleGuidCache[CacheIndex],
> (VOID*)CapsuleTable);
> +      ASSERT_EFI_ERROR (Status);
> +    }
> +    CacheIndex++;
> +  }
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeUpdatingFirmware)));
> +
> +  //
> +  // If Windows UX capsule exist, process it first
> +  //
> +  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +    if (CompareGuid(&CapsuleHeader->CapsuleGuid ,&gWindowsUxCapsuleGuid)) {
> +      DEBUG ((EFI_D_INFO, "ProcessCapsuleImage (Ux) - 0x%x\n", CapsuleHeader));
> +      DisplayCapsuleExist = TRUE;
> +      DEBUG ((DEBUG_INFO, "Display logo capsule is found.\n"));
> +      Status = ProcessCapsuleImage (CapsuleHeader);
> +      DEBUG((EFI_D_INFO, "ProcessCapsuleImage (Ux) - %r\n", Status));
> +      CapsuleStatusArray [Index] = Status;
> +      break;
> +    }
> +  }
> +
> +  if (!DisplayCapsuleExist) {
> +    //
> +    // Display Capsule not found. Display the default string.
> +    //
> +    Print (L"Updating the firmware ......\r\n");
> +  }
> +
> +  //
> +  // All capsules left are recognized by platform.
> +  //
> +  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +    if (!CompareGuid(&CapsuleHeader->CapsuleGuid ,&gWindowsUxCapsuleGuid)) {
> +      //
> +      // Call capsule library to process capsule image.
> +      //
> +      EmbeddedDriverCount = 0;
> +      if (IsFmpCapsule(CapsuleHeader)) {
> +        Status = ValidateFmpCapsule(CapsuleHeader, &EmbeddedDriverCount);
> +        if (EFI_ERROR(Status)) {
> +          DEBUG((DEBUG_ERROR, "ValidateFmpCapsule failed. Ignore!\n"));
> +          continue;
> +        }
> +      }
> +
> +      if ((!NeedBlockDriver) || (EmbeddedDriverCount == 0)) {
> +        DEBUG((EFI_D_INFO, "ProcessCapsuleImage - 0x%x\n", CapsuleHeader));
> +        Status = ProcessCapsuleImage (CapsuleHeader);
> +        CapsuleStatusArray [Index] = Status;
> +        DEBUG((EFI_D_INFO, "ProcessCapsuleImage - %r\n", Status));
> +
> +        if (EFI_ERROR(Status)) {
> +          REPORT_STATUS_CODE(EFI_ERROR_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeUpdateFirmwareFailed)));
> +          DEBUG ((DEBUG_ERROR, "Capsule process failed. reset the system!\n"));
> +          Print (L"Firmware update failed...\r\n");
> +        } else {
> +          REPORT_STATUS_CODE(EFI_PROGRESS_CODE,
> (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeUpdateFirmwareSuccess)));
> +        }
> +
> +        if ((CapsuleHeader->Flags & PcdGet16(PcdSystemRebootAfterCapsuleProcessFlag))
> != 0 ||
> +            IsFmpCapsule(CapsuleHeader)) {
> +          mNeedReset = TRUE;
> +        }
> +      }
> +    }
> +  }
> +
> +  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> +  //
> +  // Always sync ESRT Cache from FMP Instance
> +  //
> +  if (!EFI_ERROR(Status)) {
> +    EsrtManagement->SyncEsrtFmp();
> +  }
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  //
> +  // Free the allocated temp memory space.
> +  //
> +  if (CapsuleGuidCache != NULL) {
> +    FreePool(CapsuleGuidCache);
> +  }
> +  if (CapsulePtrCache != NULL) {
> +    FreePool(CapsulePtrCache);
> +  }
> +  if (CapsulePtr != NULL) {
> +    FreePool(CapsulePtr);
> +  }
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeProcessCapsulesEnd)));
> +
> +  return Status;
> +}
> +
> +/**
> +**/
> +BOOLEAN
> +IsAllCapsulesProcessed(
> +  VOID
> +  )
> +{
> +  // TBD
> +  return TRUE;
> +}
> +
> +/**
> +  Do reset system.
> +**/
> +VOID
> +DoResetSystem(
> +  VOID
> +  )
> +{
> +  UINTN                         Index;
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeResettingSystem)));
> +
> +  Print(L"Capsule Request Cold Reboot.\n");
> +  DEBUG((EFI_D_INFO, "Capsule Request Cold Reboot."));
> +
> +  for (Index = 5; Index > 0; Index--) {
> +    Print(L"\rResetting system in %d seconds ...", Index);
> +    DEBUG((EFI_D_INFO, "\rResetting system in %d seconds ...", Index));
> +    gBS->Stall(1000000);
> +  }
> +
> +  gRT->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
> +
> +  CpuDeadLoop();
> +}
> +
> +/**
> +
> +  This routine is called to process capsules.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  The capsules reported in EFI_HOB_UEFI_CAPSULE are processed.
> +  If there is no EFI_HOB_UEFI_CAPSULE, this routine does nothing.
> +
> +  This routine should be called twice in BDS.
> +  1) The first call must be before EndOfDxe. The system capsules is processed.
> +     If device capsule FMP protocols are exposted at this time and device FMP
> +     capsule has zero EmbeddedDriverCount, the device capsules are processed.
> +     Each individual capsule result is recorded in capsule record variable.
> +     System may reset in this function, if reset is required by capsule and
> +     all capsules are processed.
> +     If not all capsules are processed, reset will be defered to second call.
> +
> +  2) The second call must be after EndOfDxe and after ConnectAll, so that all
> +     device capsule FMP protocols are exposed.
> +     The system capsules are skipped. If the device capsules are NOT processed
> +     in first call, they are processed here.
> +     Each individual capsule result is recorded in capsule record variable.
> +     System may reset in this function, if reset is required by capsule
> +     processed in first call and second call.
> +
> +  @retval EFI_SUCCESS             There is no error when processing capsules.
> +  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +ProcessCapsules(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +
> +  if (!mDxeCapsuleLibEndOfDxe) {
> +    //
> +    // Initialize mAreAllImagesProcessed to be TRUE.
> +    //
> +    // It will be updated to FALSE in ProcessTheseCapsules()->ProcessCapsuleImage(),
> +    // if there is any FMP image in any FMP capsule not processed.
> +    //
> +    mAreAllImagesProcessed = TRUE;
> +
> +    Status = ProcessTheseCapsules(TRUE);
> +    //
> +    // Reboot System if and only if all capsule processed.
> +    // If not, defer reset to 2nd process.
> +    //
> +    if (mNeedReset && mAreAllImagesProcessed) {
> +      DoResetSystem();
> +    }
> +  } else {
> +    Status = ProcessTheseCapsules(FALSE);
> +    //
> +    // Reboot System if required after all capsule processed
> +    //
> +    if (mNeedReset) {
> +      DoResetSystem();
> +    }
> +  }
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
> new file mode 100644
> index 0000000..9edc353
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
> @@ -0,0 +1,489 @@
> +/** @file
> +  DXE capsule report related function.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Protocol/VariableLock.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/FmpCapsule.h>
> +#include <Guid/CapsuleVendor.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PcdLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/PrintLib.h>
> +#include <Library/ReportStatusCodeLib.h>
> +#include <Library/CapsuleLib.h>
> +
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +typedef struct {
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  CapsuleResultHeader;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     CapsuleResultFmp;
> +} CAPSULE_RESULT_VARIABLE_CACHE;
> +
> +#define CAPSULE_RESULT_VARIABLE_CACHE_COUNT   0x10
> +
> +CAPSULE_RESULT_VARIABLE_CACHE *mCapsuleResultVariableCache;
> +UINTN                         mCapsuleResultVariableCacheMaxCount;
> +UINTN                         mCapsuleResultVariableCacheCount;
> +
> +/**
> +  Get current capsule last variable index.
> +
> +  @return Current capsule last variable index.
> +  @retval -1  No current capsule last variable.
> +**/
> +INTN
> +GetCurrentCapsuleLastIndex(
> +  VOID
> +  )
> +{
> +  UINTN                            Size;
> +  CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
> +  EFI_STATUS                       Status;
> +  UINT16                           CurrentIndex;
> +
> +  Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +  Status = gRT->GetVariable(
> +                  L"CapsuleLast",
> +                  &gEfiCapsuleReportGuid,
> +                  NULL,
> +                  &Size,
> +                  CapsuleLastStr
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return -1;
> +  }
> +  CurrentIndex = (UINT16)StrHexToUintn(&CapsuleLastStr[sizeof("Capsule") - 1]);
> +  return CurrentIndex;
> +}
> +
> +/**
> +  Check if this FMP capsule is processed.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval TRUE  This FMP capsule is processed.
> +  @retval FALSE This FMP capsule is not processed.
> +**/
> +BOOLEAN
> +IsFmpCapsuleProcessed(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  )
> +{
> +  UINTN                               Index;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +
> +  for (Index = 0; Index < mCapsuleResultVariableCacheCount; Index++) {
> +    //
> +    // Check
> +    //
> +    CapsuleResult = &mCapsuleResultVariableCache[Index].CapsuleResultHeader;
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +        if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +          if (CompareGuid(&CapsuleResultFmp->UpdateImageTypeId, &ImageHeader-
> >UpdateImageTypeId) &&
> +              (CapsuleResultFmp->UpdateImageIndex == ImageHeader->UpdateImageIndex) &&
> +              (CapsuleResultFmp->PayloadIndex == PayloadIndex) ) {
> +            return TRUE;
> +          }
> +        }
> +      }
> +    }
> +  }
> +
> +  return FALSE;
> +}
> +
> +/**
> +  Write a new capsule status variable cache.
> +
> +  @param CapsuleResult      The capsule status variable
> +  @param CapsuleResultSize  The size of the capsule stauts variable in bytes
> +
> +  @retval EFI_SUCCESS          The capsule status variable is cached.
> +  @retval EFI_OUT_OF_RESOURCES No resource to cache the capsule status variable.
> +**/
> +EFI_STATUS
> +WriteNewCapsuleResultVariableCache(
> +  IN VOID    *CapsuleResult,
> +  IN UINTN   CapsuleResultSize
> +  )
> +{
> +  if (CapsuleResultSize > sizeof(CAPSULE_RESULT_VARIABLE_CACHE)) {
> +    CapsuleResultSize = sizeof(CAPSULE_RESULT_VARIABLE_CACHE);
> +  }
> +
> +  if (mCapsuleResultVariableCacheCount == mCapsuleResultVariableCacheMaxCount) {
> +    mCapsuleResultVariableCache = ReallocatePool(
> +                                    mCapsuleResultVariableCacheMaxCount *
> sizeof(CAPSULE_RESULT_VARIABLE_CACHE),
> +                                    (mCapsuleResultVariableCacheMaxCount +
> CAPSULE_RESULT_VARIABLE_CACHE_COUNT) * sizeof(CAPSULE_RESULT_VARIABLE_CACHE),
> +                                    mCapsuleResultVariableCache
> +                                    );
> +    if (mCapsuleResultVariableCache == NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +    mCapsuleResultVariableCacheMaxCount += CAPSULE_RESULT_VARIABLE_CACHE_COUNT;
> +  }
> +
> +  ASSERT(mCapsuleResultVariableCacheCount < mCapsuleResultVariableCacheMaxCount);
> +  ASSERT(mCapsuleResultVariableCache != NULL);
> +  CopyMem(
> +    &mCapsuleResultVariableCache[mCapsuleResultVariableCacheCount],
> +    CapsuleResult,
> +    CapsuleResultSize
> +    );
> +  mCapsuleResultVariableCacheCount++;
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Get a new capsule status variable index.
> +
> +  @return A new capsule status variable index.
> +  @retval -1  No new capsule status variable index.
> +**/
> +INTN
> +GetNewCapsuleResultIndex(
> +  VOID
> +  )
> +{
> +  INTN                             CurrentIndex;
> +
> +  CurrentIndex = GetCurrentCapsuleLastIndex();
> +  if (CurrentIndex >= PcdGet16(PcdCapsuleMax)) {
> +    return -1;
> +  }
> +
> +  return CurrentIndex + 1;
> +}
> +
> +/**
> +  Write a new capsule status variable.
> +
> +  @param CapsuleResult      The capsule status variable
> +  @param CapsuleResultSize  The size of the capsule stauts variable in bytes
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +WriteNewCapsuleResultVariable(
> +  IN VOID    *CapsuleResult,
> +  IN UINTN   CapsuleResultSize
> +  )
> +{
> +  INTN                                CapsuleResultIndex;
> +  CHAR16                              CapsuleResultStr[sizeof("Capsule####")];
> +  UINTN                               Size;
> +  EFI_STATUS                          Status;
> +
> +  CapsuleResultIndex = GetNewCapsuleResultIndex();
> +  DEBUG((EFI_D_INFO, "New CapsuleResultIndex - 0x%x\n", CapsuleResultIndex));
> +  if (CapsuleResultIndex == -1) {
> +    return EFI_OUT_OF_RESOURCES;
> +  }
> +  UnicodeSPrint(
> +    CapsuleResultStr,
> +    sizeof(CapsuleResultStr),
> +    L"Capsule%04x",
> +    CapsuleResultIndex
> +    );
> +
> +  Status = gRT->SetVariable(
> +                  CapsuleResultStr,
> +                  &gEfiCapsuleReportGuid,
> +                  EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                  CapsuleResultSize,
> +                  CapsuleResult
> +                  );
> +  if (!EFI_ERROR(Status)) {
> +    Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +    DEBUG((EFI_D_INFO, "Set CapsuleLast - %s\n", CapsuleResultStr));
> +    Status = gRT->SetVariable(
> +                    L"CapsuleLast",
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                    Size,
> +                    CapsuleResultStr
> +                    );
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Record capsule status variable and to local cache.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus
> +  )
> +{
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  CapsuleResultVariable;
> +  EFI_STATUS                          Status;
> +
> +  CapsuleResultVariable.VariableTotalSize = sizeof(CapsuleResultVariable);
> +  CopyGuid (&CapsuleResultVariable.CapsuleGuid, &CapsuleHeader->CapsuleGuid);
> +  ZeroMem(&CapsuleResultVariable.CapsuleProcessed,
> sizeof(CapsuleResultVariable.CapsuleProcessed));
> +  gRT->GetTime(&CapsuleResultVariable.CapsuleProcessed, NULL);
> +  CapsuleResultVariable.CapsuleStatus = CapsuleStatus;
> +
> +  //
> +  // Save Local Cache
> +  //
> +  Status = WriteNewCapsuleResultVariableCache(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +
> +  if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
> +    Status = WriteNewCapsuleResultVariable(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +  }
> +  return Status;
> +}
> +
> +/**
> +  Record FMP capsule status variable and to local cache.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordFmpCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  )
> +{
> +  UINT8
> CapsuleResultVariable[sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) +
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)];
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResultVariableHeader;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultVariableFmp;
> +  EFI_STATUS                          Status;
> +
> +  CapsuleResultVariableHeader = (VOID *)&CapsuleResultVariable[0];
> +  CapsuleResultVariableHeader->VariableTotalSize = sizeof(CapsuleResultVariable);
> +  CopyGuid(&CapsuleResultVariableHeader->CapsuleGuid, &CapsuleHeader->CapsuleGuid);
> +  ZeroMem(&CapsuleResultVariableHeader->CapsuleProcessed,
> sizeof(CapsuleResultVariableHeader->CapsuleProcessed));
> +  gRT->GetTime(&CapsuleResultVariableHeader->CapsuleProcessed, NULL);
> +  CapsuleResultVariableHeader->CapsuleStatus = CapsuleStatus;
> +
> +  CapsuleResultVariableFmp = (VOID
> *)&CapsuleResultVariable[sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)];
> +  CapsuleResultVariableFmp->Version = 0x1;
> +  CapsuleResultVariableFmp->PayloadIndex = (UINT8)PayloadIndex;
> +  CapsuleResultVariableFmp->UpdateImageIndex = ImageHeader->UpdateImageIndex;
> +  CopyGuid (&CapsuleResultVariableFmp->UpdateImageTypeId, &ImageHeader-
> >UpdateImageTypeId);
> +
> +  //
> +  // Save Local Cache
> +  //
> +  Status = WriteNewCapsuleResultVariableCache(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +
> +  if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
> +    Status = WriteNewCapsuleResultVariable(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +  }
> +  return Status;
> +}
> +
> +/**
> +  Initialize CapsuleMax variables.
> +**/
> +VOID
> +InitCapsuleMaxVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                       Status;
> +  UINTN                            Size;
> +  CHAR16                           CapsuleMaxStr[sizeof("Capsule####")];
> +  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
> +
> +  UnicodeSPrint(
> +    CapsuleMaxStr,
> +    sizeof(CapsuleMaxStr),
> +    L"Capsule%04x",
> +    PcdGet16(PcdCapsuleMax)
> +    );
> +
> +  Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +  Status = gRT->SetVariable(
> +                  L"CapsuleMax",
> +                  &gEfiCapsuleReportGuid,
> +                  EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
> +                  Size,
> +                  CapsuleMaxStr
> +                  );
> +  if (!EFI_ERROR(Status)) {
> +    // Lock it per UEFI spec.
> +    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID
> **)&VariableLock);
> +    if (!EFI_ERROR(Status)) {
> +      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleMax",
> &gEfiCapsuleReportGuid);
> +      ASSERT_EFI_ERROR(Status);
> +    }
> +  }
> +}
> +
> +/**
> +  Initialize CapsuleLast variables.
> +**/
> +VOID
> +InitCapsuleLastVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                       Status;
> +  EFI_BOOT_MODE                    BootMode;
> +  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
> +  VOID                             *CapsuleResult;
> +  UINTN                            Size;
> +  CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
> +
> +  BootMode = GetBootModeHob();
> +  if (BootMode == BOOT_ON_FLASH_UPDATE) {
> +    Status = gRT->SetVariable(
> +                    L"CapsuleLast",
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                    0,
> +                    NULL
> +                    );
> +    // Do not lock it because it will be updated later.
> +  } else {
> +    //
> +    // Check if OS/APP cleared L"Capsule####"
> +    //
> +    ZeroMem(CapsuleLastStr, sizeof(CapsuleLastStr));
> +    Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +    Status = gRT->GetVariable(
> +                    L"CapsuleLast",
> +                    &gEfiCapsuleReportGuid,
> +                    NULL,
> +                    &Size,
> +                    CapsuleLastStr
> +                    );
> +    if (!EFI_ERROR(Status)) {
> +      //
> +      // L"CapsuleLast" is got, check if data is there.
> +      //
> +      Status = GetVariable2 (
> +                 CapsuleLastStr,
> +                 &gEfiCapsuleReportGuid,
> +                 (VOID **) &CapsuleResult,
> +                 NULL
> +                 );
> +      if (EFI_ERROR(Status)) {
> +        //
> +        // If no data, delete L"CapsuleLast"
> +        //
> +        Status = gRT->SetVariable(
> +                        L"CapsuleLast",
> +                        &gEfiCapsuleReportGuid,
> +                        EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                        0,
> +                        NULL
> +                        );
> +      }
> +    }
> +
> +    // Lock it in normal boot path per UEFI spec.
> +    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID
> **)&VariableLock);
> +    if (!EFI_ERROR(Status)) {
> +      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleLast",
> &gEfiCapsuleReportGuid);
> +      ASSERT_EFI_ERROR(Status);
> +    }
> +  }
> +}
> +
> +/**
> +  Initialize capsule update variables.
> +**/
> +VOID
> +InitCapsuleUpdateVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                     Status;
> +  UINTN                          Index;
> +  CHAR16                         CapsuleVarName[30];
> +  CHAR16                         *TempVarName;
> +
> +  //
> +  // Clear all the capsule variables CapsuleUpdateData, CapsuleUpdateData1,
> CapsuleUpdateData2...
> +  // as early as possible which will avoid the next time boot after the capsule update
> +  // will still into the capsule loop
> +  //
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> EFI_CAPSULE_VARIABLE_NAME);
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +  while (TRUE) {
> +    if (Index > 0) {
> +      UnicodeValueToString (TempVarName, 0, Index, 0);
> +    }
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleVendorGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR (Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +    Index++;
> +  }
> +}
> +
> +/**
> +  Initialize capsule related variables.
> +**/
> +VOID
> +InitCapsuleVariable(
> +  VOID
> +  )
> +{
> +  InitCapsuleUpdateVariable();
> +  InitCapsuleMaxVariable();
> +  InitCapsuleLastVariable();
> +  //
> +  // No need to clear L"Capsule####", because OS/APP should refer L"CapsuleLast"
> +  // to check status and delete them.
> +  //
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
> new file mode 100644
> index 0000000..8801439
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
> @@ -0,0 +1,112 @@
> +/** @file
> +  Capsule library runtime support.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +
> +#include <Guid/FmpCapsule.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/EventGroup.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/DxeServicesTableLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +
> +extern EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable;
> +extern BOOLEAN                   mIsVirtualAddrConverted;
> +
> +/**
> +  Convert EsrtTable physical address to virtual address.
> +
> +  @param[in] Event      Event whose notification function is being invoked.
> +  @param[in] Context    The pointer to the notification function's context, which
> +                        is implementation-dependent.
> +**/
> +VOID
> +EFIAPI
> +DxeCapsuleLibVirtualAddressChangeEvent (
> +  IN  EFI_EVENT   Event,
> +  IN  VOID        *Context
> +  )
> +{
> +  UINTN                    Index;
> +  EFI_CONFIGURATION_TABLE  *ConfigEntry;
> +
> +  //
> +  // Get Esrt table first
> +  //
> +  ConfigEntry = gST->ConfigurationTable;
> +  for (Index = 0; Index < gST->NumberOfTableEntries; Index++) {
> +    if (CompareGuid(&gEfiSystemResourceTableGuid, &ConfigEntry->VendorGuid)) {
> +      break;
> +    }
> +    ConfigEntry++;
> +  }
> +
> +  //
> +  // If no Esrt table installed in Configure Table
> +  //
> +  if (Index < gST->NumberOfTableEntries) {
> +    //
> +    // Search Esrt to check given capsule is qualified
> +    //
> +    mEsrtTable = (EFI_SYSTEM_RESOURCE_TABLE *) ConfigEntry->VendorTable;
> +
> +    //
> +    // Update protocol pointer to Esrt Table.
> +    //
> +    gRT->ConvertPointer (0x00, (VOID**) &(mEsrtTable));
> +  }
> +
> +  mIsVirtualAddrConverted = TRUE;
> +
> +}
> +
> +/**
> +  The constructor function hook VirtualAddressChange event to use ESRT table as
> capsule routing table.
> +
> +  @param  ImageHandle   The firmware allocated handle for the EFI image.
> +  @param  SystemTable   A pointer to the EFI System Table.
> +
> +  @retval EFI_SUCCESS   The constructor successfully .
> +**/
> +EFI_STATUS
> +EFIAPI
> +DxeRuntimeCapsuleLibConstructor (
> +  IN EFI_HANDLE         ImageHandle,
> +  IN EFI_SYSTEM_TABLE   *SystemTable
> +  )
> +{
> +  EFI_STATUS     Status;
> +  EFI_EVENT      Event;
> +
> +  //
> +  // Make sure we can handle virtual address changes.
> +  //
> +  Event = NULL;
> +  Status = gBS->CreateEventEx (
> +                  EVT_NOTIFY_SIGNAL,
> +                  TPL_NOTIFY,
> +                  DxeCapsuleLibVirtualAddressChangeEvent,
> +                  NULL,
> +                  &gEfiEventVirtualAddressChangeGuid,
> +                  &Event
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  return EFI_SUCCESS;
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> new file mode 100644
> index 0000000..cd3738e
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> @@ -0,0 +1,83 @@
> +## @file
> +#  Capsule library instance for DXE_RUNTIME_DRIVER.
> +#
> +#  Capsule library instance for DXE_RUNTIME_DRIVER module types.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010005
> +  BASE_NAME                      = DxeRuntimeCapsuleLib
> +  MODULE_UNI_FILE                = DxeRuntimeCapsuleLib.uni
> +  FILE_GUID                      = 19BE1E4B-1A9A-44c1-8F12-32DD0470516A
> +  MODULE_TYPE                    = DXE_DRIVER
> +  VERSION_STRING                 = 1.0
> +  LIBRARY_CLASS                  = CapsuleLib|DXE_RUNTIME_DRIVER
> +  CONSTRUCTOR                    = DxeCapsuleLibConstructor
> +  CONSTRUCTOR                    = DxeRuntimeCapsuleLibConstructor
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
> +#
> +
> +[Sources]
> +  DxeCapsuleLib.c
> +  DxeCapsuleProcessLib.c
> +  DxeCapsuleReportLib.c
> +  DxeCapsuleRuntime.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[LibraryClasses]
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  MemoryAllocationLib
> +  DxeServicesTableLib
> +  UefiBootServicesTableLib
> +  DevicePathLib
> +  ReportStatusCodeLib
> +  PrintLib
> +  HobLib
> +
> +[Pcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag      ##
> CONSUMES
> +
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule                ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd      ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware        ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess   ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem         ##
> CONSUMES
> +
> +[Protocols]
> +  gEsrtManagementProtocolGuid             ## CONSUMES
> +  gEfiFirmwareManagementProtocolGuid      ## SOMETIMES_CONSUMES
> +  gEdkiiVariableLockProtocolGuid          ## SOMETIMES_CONSUMES
> +
> +[Guids]
> +  gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
> +  gWindowsUxCapsuleGuid                   ## SOMETIMES_CONSUMES ## GUID
> +  gEfiSystemResourceTableGuid             ## SOMETIMES_CONSUMES ## GUID
> +  gEfiCapsuleReportGuid                   ## CONSUMES ## Variable
> +  gEfiCapsuleVendorGuid                   ## CONSUMES ## Variable
> +  gEfiEndOfDxeEventGroupGuid              ## CONSUMES ## Event
> +  gEfiEventVirtualAddressChangeGuid       ## CONSUMES ## Event
> +
> +[Depex]
> +  gEfiVariableWriteArchProtocolGuid
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
> new file mode 100644
> index 0000000..cd89b13
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// Capsule library instance for DXE_RUNTIME_DRIVER.
> +//
> +// Capsule library instance for DXE_RUNTIME_DRIVER module types.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution.  The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +//
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "Capsule Support Library"
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "Capsule library instance for
> DXE_RUNTIME_DRIVER module types."
> +
> --
> 2.7.4.windows.1

Re: [PATCH V4 06/15] MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.

[Yao, Jiewen]

Hi Mike
I think that is misunderstanding.

Chao did test before and the UX capsule from Windows does contain a BMP file. He told me that I should use BMP file.
I will let Chao to clarify more.

I also include Sean Brogan to double check the Windows side.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Thursday, October 27, 2016 8:10 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [PATCH V4 06/15] MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.

Jiewen,

I have looked Microsoft UX capsule in the Microsoft
Windows UEFI Firmware Update Platform Specification, and
that specification only define support for an ImageType value
of 0, which is bitmap format based on ACPI 5.0 BGRT.  There
are no defined ImageType values for BMP. We need to remove
BMP graphics file format decoding from all capsule processing.
If a Microsoft UX capsule is present, it is already a raw
bitmap that can be passed to GOP.

Best regards,

Mike


> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [PATCH V4 06/15] MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.
>
> This instance handles Microsoft UX capsule, UEFI defined FMP capsule.
> This instance should not assume any capsule image format.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c          | 1363
> ++++++++++++++++++++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf        |   80 ++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni        |   22 +
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c   |  486 +++++++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c    |  489 +++++++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c      |  112 ++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf |   83 ++
>  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni |   22 +
>  8 files changed, 2657 insertions(+)
>
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
> new file mode 100644
> index 0000000..20ef762
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
> @@ -0,0 +1,1363 @@
> +/** @file
> +  DXE capsule library.
> +
> +  Caution: This module requires additional review when modified.
> +  This module will have external input - capsule image.
> +  This external input must be validated carefully to avoid security issue like
> +  buffer overflow, integer overflow.
> +
> +  SupportCapsuleImage(), ProcessCapsuleImage(), IsValidCapsuleHeader(),
> +  ValidateFmpCapsule(), DisplayCapsuleImage(), ConvertBmpToGopBlt() will
> +  receive untrusted input and do basic validation.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +
> +#include <IndustryStandard/Bmp.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#include <Guid/FmpCapsule.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/EventGroup.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/DxeServicesTableLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/CapsuleLib.h>
> +#include <Library/DevicePathLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PcdLib.h>
> +
> +#include <Protocol/GraphicsOutput.h>
> +#include <Protocol/EsrtManagement.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Protocol/DevicePath.h>
> +
> +extern BOOLEAN            mAreAllImagesProcessed;
> +
> +EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable              = NULL;
> +BOOLEAN                   mIsVirtualAddrConverted  = FALSE;
> +BOOLEAN                   mDxeCapsuleLibEndOfDxe   = FALSE;
> +
> +/**
> +  Initialize capsule related variables.
> +**/
> +VOID
> +InitCapsuleVariable(
> +  VOID
> +  );
> +
> +/**
> +  Check if this FMP capsule is processed.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval TRUE  This FMP capsule is processed.
> +  @retval FALSE This FMP capsule is not processed.
> +**/
> +BOOLEAN
> +IsFmpCapsuleProcessed(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  );
> +
> +/**
> +  Record capsule status variable.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus
> +  );
> +
> +/**
> +  Record FMP capsule status variable.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordFmpCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  );
> +
> +/**
> +  Function indicate the current completion progress of the firmware
> +  update. Platform may override with own specific progress function.
> +
> +  @param  Completion    A value between 1 and 100 indicating the current completion
> progress of the firmware update
> +
> +  @retval EFI_SUCESS    Input capsule is a correct FMP capsule.
> +**/
> +EFI_STATUS
> +EFIAPI
> +Update_Image_Progress (
> +  IN UINTN Completion
> +  )
> +{
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return if this CapsuleGuid is a FMP capsule GUID or not.
> +
> +  @param[in] CapsuleGuid A pointer to EFI_GUID
> +
> +  @retval TRUE  It is a FMP capsule GUID.
> +  @retval FALSE It is not a FMP capsule GUID.
> +**/
> +BOOLEAN
> +IsFmpCapsuleGuid(
> +  IN EFI_GUID  *CapsuleGuid
> +  )
> +{
> +  if (CompareGuid(&gEfiFmpCapsuleGuid, CapsuleGuid)) {
> +    return TRUE;
> +  }
> +
> +  return FALSE;
> +}
> +
> +/**
> +  Validate if it is valid capsule header
> +
> +  Caution: This function may receive untrusted input.
> +
> +  This function assumes the caller provided correct CapsuleHeader pointer
> +  and CapsuleSize.
> +
> +  This function validates the fields in EFI_CAPSULE_HEADER.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +  @param  CapsuleSize      Size of the whole capsule image.
> +
> +**/
> +BOOLEAN
> +IsValidCapsuleHeader(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader,
> +  IN UINT64              CapsuleSize
> +  )
> +{
> +  if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
> +    return FALSE;
> +  }
> +  if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Validate Fmp capsules layout.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  This function assumes the caller validated the capsule by using
> +  IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
> +  The capsule buffer size is CapsuleHeader->CapsuleImageSize.
> +
> +  This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
> +  and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
> +
> +  This function need support nested FMP capsule.
> +
> +  @param[in]   CapsuleHeader        Points to a capsule header.
> +  @param[out]  EmbeddedDriverCount  The EmbeddedDriverCount in the FMP capsule.
> +
> +  @retval EFI_SUCESS             Input capsule is a correct FMP capsule.
> +  @retval EFI_INVALID_PARAMETER  Input capsule is not a correct FMP capsule.
> +**/
> +EFI_STATUS
> +ValidateFmpCapsule (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader,
> +  OUT UINT16            *EmbeddedDriverCount OPTIONAL
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT8                                        *EndOfCapsule;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +  UINT8                                        *EndOfPayload;
> +  UINT64                                       *ItemOffsetList;
> +  UINT32                                       ItemNum;
> +  UINTN                                        Index;
> +  UINTN                                        FmpCapsuleSize;
> +  UINTN                                        FmpCapsuleHeaderSize;
> +  UINT64                                       FmpImageSize;
> +  UINTN                                        FmpImageHeaderSize;
> +
> +  if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
> +    return ValidateFmpCapsule ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader +
> CapsuleHeader->HeaderSize), EmbeddedDriverCount);
> +  }
> +
> +  if (CapsuleHeader->HeaderSize >= CapsuleHeader->CapsuleImageSize) {
> +    DEBUG((EFI_D_ERROR, "HeaderSize(0x%x) >= CapsuleImageSize(0x%x)\n", CapsuleHeader-
> >HeaderSize, CapsuleHeader->CapsuleImageSize));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *)
> CapsuleHeader + CapsuleHeader->HeaderSize);
> +  EndOfCapsule     = (UINT8 *) CapsuleHeader + CapsuleHeader->CapsuleImageSize;
> +  FmpCapsuleSize   = (UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader;
> +
> +  if (FmpCapsuleSize < sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER)) {
> +    DEBUG((EFI_D_ERROR, "FmpCapsuleSize(0x%x) <
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER\n", FmpCapsuleSize));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
> +  if (FmpCapsuleHeader->Version !=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION) {
> +    DEBUG((EFI_D_ERROR, "FmpCapsuleHeader->Version(0x%x) !=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION\n", FmpCapsuleHeader->Version));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +
> +  // No overflow
> +  ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader-
> >PayloadItemCount;
> +
> +  if ((FmpCapsuleSize - sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER))/sizeof(UINT64)
> < ItemNum) {
> +    DEBUG((EFI_D_ERROR, "ItemNum(0x%x) too big\n", ItemNum));
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  FmpCapsuleHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER) +
> sizeof(UINT64)*ItemNum;
> +
> +  // Check ItemOffsetList
> +  for (Index = 0; Index < ItemNum; Index++) {
> +    if (ItemOffsetList[Index] >= FmpCapsuleSize) {
> +      DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) >= FmpCapsuleSize(0x%x)\n",
> Index, ItemOffsetList[Index], FmpCapsuleSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    if (ItemOffsetList[Index] < FmpCapsuleHeaderSize) {
> +      DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) < FmpCapsuleHeaderSize(0x%x)\n",
> Index, ItemOffsetList[Index], FmpCapsuleHeaderSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    //
> +    // All the address in ItemOffsetList must be stored in ascending order
> +    //
> +    if (Index > 0) {
> +      if (ItemOffsetList[Index] <= ItemOffsetList[Index - 1]) {
> +        DEBUG((EFI_D_ERROR, "ItemOffsetList[%d](0x%lx) < ItemOffsetList[%d](0x%x)\n",
> Index, ItemOffsetList[Index], Index, ItemOffsetList[Index - 1]));
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +  }
> +
> +  // Check EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
> +    ImageHeader  = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    if (Index == ItemNum - 1) {
> +      EndOfPayload = (UINT8 *)((UINTN)EndOfCapsule - (UINTN)FmpCapsuleHeader);
> +    } else {
> +      EndOfPayload = (UINT8 *)(UINTN)ItemOffsetList[Index+1];
> +    }
> +    FmpImageSize = (UINTN)EndOfPayload - ItemOffsetList[Index];
> +
> +    if (FmpImageSize < OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER,
> UpdateHardwareInstance)) {
> +      DEBUG((EFI_D_ERROR, "FmpImageSize(0x%lx) <
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER\n", FmpImageSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    FmpImageHeaderSize = sizeof(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER);
> +    if ((ImageHeader->Version >
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) ||
> +        (ImageHeader->Version < 1)) {
> +      DEBUG((EFI_D_ERROR, "ImageHeader->Version(0x%x) Unknown\n", ImageHeader-
> >Version));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    if (ImageHeader->Version <
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      FmpImageHeaderSize = OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER,
> UpdateHardwareInstance);
> +    }
> +
> +    // No overflow
> +    if (FmpImageSize != (UINT64)FmpImageHeaderSize + (UINT64)ImageHeader-
> >UpdateImageSize + (UINT64)ImageHeader->UpdateVendorCodeSize) {
> +      DEBUG((EFI_D_ERROR, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0x%x)
> UpdateVendorCodeSize(0x%x)\n", FmpImageSize, ImageHeader->UpdateImageSize, ImageHeader-
> >UpdateVendorCodeSize));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  if (ItemNum == 0) {
> +    //
> +    // No driver & payload element in FMP
> +    //
> +    EndOfPayload = (UINT8 *)(FmpCapsuleHeader + 1);
> +    if (EndOfPayload != EndOfCapsule) {
> +      DEBUG((EFI_D_ERROR, "EndOfPayload(0x%x) mismatch, EndOfCapsule(0x%x)\n",
> EndOfPayload, EndOfCapsule));
> +      return EFI_INVALID_PARAMETER;
> +    }
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (EmbeddedDriverCount != NULL) {
> +    *EmbeddedDriverCount = FmpCapsuleHeader->EmbeddedDriverCount;
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Convert a *.BMP graphics image to a GOP blt buffer. If a NULL Blt buffer
> +  is passed in a GopBlt buffer will be allocated by this routine. If a GopBlt
> +  buffer is passed in it will be used if it is big enough.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  BmpImage      Pointer to BMP file
> +  @param  BmpImageSize  Number of bytes in BmpImage
> +  @param  GopBlt        Buffer containing GOP version of BmpImage.
> +  @param  GopBltSize    Size of GopBlt in bytes.
> +  @param  PixelHeight   Height of GopBlt/BmpImage in pixels
> +  @param  PixelWidth    Width of GopBlt/BmpImage in pixels
> +
> +  @retval EFI_SUCCESS           GopBlt and GopBltSize are returned.
> +  @retval EFI_UNSUPPORTED       BmpImage is not a valid *.BMP image
> +  @retval EFI_BUFFER_TOO_SMALL  The passed in GopBlt buffer is not big enough.
> +                                GopBltSize will contain the required size.
> +  @retval EFI_OUT_OF_RESOURCES  No enough buffer to allocate.
> +
> +**/
> +STATIC
> +EFI_STATUS
> +ConvertBmpToGopBlt (
> +  IN     VOID      *BmpImage,
> +  IN     UINTN     BmpImageSize,
> +  IN OUT VOID      **GopBlt,
> +  IN OUT UINTN     *GopBltSize,
> +     OUT UINTN     *PixelHeight,
> +     OUT UINTN     *PixelWidth
> +  )
> +{
> +  UINT8                         *Image;
> +  UINT8                         *ImageHeader;
> +  BMP_IMAGE_HEADER              *BmpHeader;
> +  BMP_COLOR_MAP                 *BmpColorMap;
> +  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer;
> +  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
> +  UINT64                        BltBufferSize;
> +  UINTN                         Index;
> +  UINTN                         Height;
> +  UINTN                         Width;
> +  UINTN                         ImageIndex;
> +  UINT32                        DataSizePerLine;
> +  BOOLEAN                       IsAllocated;
> +  UINT32                        ColorMapNum;
> +
> +  if (sizeof (BMP_IMAGE_HEADER) > BmpImageSize) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  BmpHeader = (BMP_IMAGE_HEADER *) BmpImage;
> +
> +  if (BmpHeader->CharB != 'B' || BmpHeader->CharM != 'M') {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Doesn't support compress.
> +  //
> +  if (BmpHeader->CompressionType != 0) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Only support BITMAPINFOHEADER format.
> +  // BITMAPFILEHEADER + BITMAPINFOHEADER = BMP_IMAGE_HEADER
> +  //
> +  if (BmpHeader->HeaderSize != sizeof (BMP_IMAGE_HEADER) - OFFSET_OF(BMP_IMAGE_HEADER,
> HeaderSize)) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // The data size in each line must be 4 byte alignment.
> +  //
> +  DataSizePerLine = ((BmpHeader->PixelWidth * BmpHeader->BitPerPixel + 31) >> 3) &
> (~0x3);
> +  BltBufferSize = MultU64x32 (DataSizePerLine, BmpHeader->PixelHeight);
> +  if (BltBufferSize > (UINT32) ~0) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  if ((BmpHeader->Size != BmpImageSize) ||
> +      (BmpHeader->Size < BmpHeader->ImageOffset) ||
> +      (BmpHeader->Size - BmpHeader->ImageOffset !=  BmpHeader->PixelHeight *
> DataSizePerLine)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // Calculate Color Map offset in the image.
> +  //
> +  Image       = BmpImage;
> +  BmpColorMap = (BMP_COLOR_MAP *) (Image + sizeof (BMP_IMAGE_HEADER));
> +  if (BmpHeader->ImageOffset < sizeof (BMP_IMAGE_HEADER)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  if (BmpHeader->ImageOffset > sizeof (BMP_IMAGE_HEADER)) {
> +    switch (BmpHeader->BitPerPixel) {
> +      case 1:
> +        ColorMapNum = 2;
> +        break;
> +      case 4:
> +        ColorMapNum = 16;
> +        break;
> +      case 8:
> +        ColorMapNum = 256;
> +        break;
> +      default:
> +        ColorMapNum = 0;
> +        break;
> +      }
> +    //
> +    // BMP file may has padding data between the bmp header section and the bmp data
> section.
> +    //
> +    if (BmpHeader->ImageOffset - sizeof (BMP_IMAGE_HEADER) < sizeof (BMP_COLOR_MAP) *
> ColorMapNum) {
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  //
> +  // Calculate graphics image data address in the image
> +  //
> +  Image         = ((UINT8 *) BmpImage) + BmpHeader->ImageOffset;
> +  ImageHeader   = Image;
> +
> +  //
> +  // Calculate the BltBuffer needed size.
> +  //
> +  BltBufferSize = MultU64x32 ((UINT64) BmpHeader->PixelWidth, BmpHeader->PixelHeight);
> +  //
> +  // Ensure the BltBufferSize * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL) doesn't
> overflow
> +  //
> +  if (BltBufferSize > DivU64x32 ((UINTN) ~0, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)))
> {
> +    return EFI_UNSUPPORTED;
> +  }
> +  BltBufferSize = MultU64x32 (BltBufferSize, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL));
> +
> +  IsAllocated   = FALSE;
> +  if (*GopBlt == NULL) {
> +    //
> +    // GopBlt is not allocated by caller.
> +    //
> +    *GopBltSize = (UINTN) BltBufferSize;
> +    *GopBlt     = AllocatePool (*GopBltSize);
> +    IsAllocated = TRUE;
> +    if (*GopBlt == NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +  } else {
> +    //
> +    // GopBlt has been allocated by caller.
> +    //
> +    if (*GopBltSize < (UINTN) BltBufferSize) {
> +      *GopBltSize = (UINTN) BltBufferSize;
> +      return EFI_BUFFER_TOO_SMALL;
> +    }
> +  }
> +
> +  *PixelWidth   = BmpHeader->PixelWidth;
> +  *PixelHeight  = BmpHeader->PixelHeight;
> +
> +  //
> +  // Convert image from BMP to Blt buffer format
> +  //
> +  BltBuffer = *GopBlt;
> +  for (Height = 0; Height < BmpHeader->PixelHeight; Height++) {
> +    Blt = &BltBuffer[(BmpHeader->PixelHeight - Height - 1) * BmpHeader->PixelWidth];
> +    for (Width = 0; Width < BmpHeader->PixelWidth; Width++, Image++, Blt++) {
> +      switch (BmpHeader->BitPerPixel) {
> +      case 1:
> +        //
> +        // Convert 1-bit (2 colors) BMP to 24-bit color
> +        //
> +        for (Index = 0; Index < 8 && Width < BmpHeader->PixelWidth; Index++) {
> +          Blt->Red    = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Red;
> +          Blt->Green  = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Green;
> +          Blt->Blue   = BmpColorMap[((*Image) >> (7 - Index)) & 0x1].Blue;
> +          Blt++;
> +          Width++;
> +        }
> +
> +        Blt--;
> +        Width--;
> +        break;
> +
> +      case 4:
> +        //
> +        // Convert 4-bit (16 colors) BMP Palette to 24-bit color
> +        //
> +        Index       = (*Image) >> 4;
> +        Blt->Red    = BmpColorMap[Index].Red;
> +        Blt->Green  = BmpColorMap[Index].Green;
> +        Blt->Blue   = BmpColorMap[Index].Blue;
> +        if (Width < (BmpHeader->PixelWidth - 1)) {
> +          Blt++;
> +          Width++;
> +          Index       = (*Image) & 0x0f;
> +          Blt->Red    = BmpColorMap[Index].Red;
> +          Blt->Green  = BmpColorMap[Index].Green;
> +          Blt->Blue   = BmpColorMap[Index].Blue;
> +        }
> +        break;
> +
> +      case 8:
> +        //
> +        // Convert 8-bit (256 colors) BMP Palette to 24-bit color
> +        //
> +        Blt->Red    = BmpColorMap[*Image].Red;
> +        Blt->Green  = BmpColorMap[*Image].Green;
> +        Blt->Blue   = BmpColorMap[*Image].Blue;
> +        break;
> +
> +      case 24:
> +        //
> +        // It is 24-bit BMP.
> +        //
> +        Blt->Blue   = *Image++;
> +        Blt->Green  = *Image++;
> +        Blt->Red    = *Image;
> +        break;
> +
> +      case 32:
> +        //
> +        // it is 32-bit BMP. Skip pixel's highest byte
> +        //
> +        Blt->Blue  = *Image++;
> +        Blt->Green = *Image++;
> +        Blt->Red   = *Image++;
> +        break;
> +
> +      default:
> +        //
> +        // Other bit format BMP is not supported.
> +        //
> +        if (IsAllocated) {
> +          FreePool (*GopBlt);
> +          *GopBlt = NULL;
> +        }
> +        return EFI_UNSUPPORTED;
> +      };
> +
> +    }
> +
> +    ImageIndex = (UINTN) (Image - ImageHeader);
> +    if ((ImageIndex % 4) != 0) {
> +      //
> +      // Bmp Image starts each row on a 32-bit boundary!
> +      //
> +      Image = Image + (4 - (ImageIndex % 4));
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +
> +/**
> +  Those capsules supported by the firmwares.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +
> +  @retval EFI_SUCESS       Input capsule is supported by firmware.
> +  @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
> +**/
> +EFI_STATUS
> +DisplayCapsuleImage (
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  DISPLAY_DISPLAY_PAYLOAD       *ImagePayload;
> +  UINTN                         PayloadSize;
> +  EFI_STATUS                    Status;
> +  EFI_GRAPHICS_OUTPUT_BLT_PIXEL *Blt;
> +  UINTN                         BltSize;
> +  UINTN                         Height;
> +  UINTN                         Width;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL  *GraphicsOutput;
> +
> +  ImagePayload = (DISPLAY_DISPLAY_PAYLOAD *)(CapsuleHeader + 1);
> +  PayloadSize = (UINTN)(CapsuleHeader->CapsuleImageSize - sizeof(EFI_CAPSULE_HEADER));
> +
> +  if (ImagePayload->Version != 1) {
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CalculateCheckSum8((UINT8 *)CapsuleHeader, CapsuleHeader->CapsuleImageSize) !=
> 0) {
> +    return EFI_UNSUPPORTED;
> +  }
> +  //
> +  // Only Support Bitmap by now
> +  //
> +  if (ImagePayload->ImageType != 0) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Try to open GOP
> +  //
> +  Status = gBS->HandleProtocol (gST->ConsoleOutHandle,
> &gEfiGraphicsOutputProtocolGuid, (VOID **)&GraphicsOutput);
> +  if (EFI_ERROR (Status)) {
> +    Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID
> **)&GraphicsOutput);
> +    if (EFI_ERROR(Status)) {
> +      return EFI_UNSUPPORTED;
> +    }
> +  }
> +
> +  if (GraphicsOutput->Mode->Mode != ImagePayload->Mode) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  Blt = NULL;
> +  Width = 0;
> +  Height = 0;
> +  Status = ConvertBmpToGopBlt (
> +             ImagePayload + 1,
> +             PayloadSize - sizeof(DISPLAY_DISPLAY_PAYLOAD),
> +             (VOID **)&Blt,
> +             &BltSize,
> +             &Height,
> +             &Width
> +             );
> +
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  Status = GraphicsOutput->Blt (
> +                             GraphicsOutput,
> +                             Blt,
> +                             EfiBltBufferToVideo,
> +                             0,
> +                             0,
> +                             (UINTN) ImagePayload->OffsetX,
> +                             (UINTN) ImagePayload->OffsetY,
> +                             Width,
> +                             Height,
> +                             Width * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)
> +                             );
> +
> +  FreePool(Blt);
> +
> +  return Status;
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  DEBUG((DEBUG_VERBOSE, "  DescriptorVersion  - 0x%x\n", DescriptorVersion));
> +  DEBUG((DEBUG_VERBOSE, "  DescriptorCount    - 0x%x\n", DescriptorCount));
> +  DEBUG((DEBUG_VERBOSE, "  DescriptorSize     - 0x%x\n", DescriptorSize));
> +  DEBUG((DEBUG_VERBOSE, "  PackageVersion     - 0x%x\n", PackageVersion));
> +  DEBUG((DEBUG_VERBOSE, "  PackageVersionName - %s\n\n", PackageVersionName));
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    DEBUG((DEBUG_VERBOSE, "  ImageDescriptor (%d)\n", Index));
> +    DEBUG((DEBUG_VERBOSE, "    ImageIndex                  - 0x%x\n",
> CurrentImageInfo->ImageIndex));
> +    DEBUG((DEBUG_VERBOSE, "    ImageTypeId                 - %g\n", &CurrentImageInfo-
> >ImageTypeId));
> +    DEBUG((DEBUG_VERBOSE, "    ImageId                     - 0x%lx\n",
> CurrentImageInfo->ImageId));
> +    DEBUG((DEBUG_VERBOSE, "    ImageIdName                 - %s\n", CurrentImageInfo-
> >ImageIdName));
> +    DEBUG((DEBUG_VERBOSE, "    Version                     - 0x%x\n",
> CurrentImageInfo->Version));
> +    DEBUG((DEBUG_VERBOSE, "    VersionName                 - %s\n", CurrentImageInfo-
> >VersionName));
> +    DEBUG((DEBUG_VERBOSE, "    Size                        - 0x%x\n",
> CurrentImageInfo->Size));
> +    DEBUG((DEBUG_VERBOSE, "    AttributesSupported         - 0x%lx\n",
> CurrentImageInfo->AttributesSupported));
> +    DEBUG((DEBUG_VERBOSE, "    AttributesSetting           - 0x%lx\n",
> CurrentImageInfo->AttributesSetting));
> +    DEBUG((DEBUG_VERBOSE, "    Compatibilities             - 0x%lx\n",
> CurrentImageInfo->Compatibilities));
> +    if (DescriptorVersion > 1) {
> +      DEBUG((DEBUG_VERBOSE, "    LowestSupportedImageVersion - 0x%x\n",
> CurrentImageInfo->LowestSupportedImageVersion));
> +      if (DescriptorVersion > 2) {
> +        DEBUG((DEBUG_VERBOSE, "    LastAttemptVersion          - 0x%x\n",
> CurrentImageInfo->LastAttemptVersion));
> +        DEBUG((DEBUG_VERBOSE, "    LastAttemptStatus           - 0x%x\n",
> CurrentImageInfo->LastAttemptStatus));
> +        DEBUG((DEBUG_VERBOSE, "    HardwareInstance            - 0x%lx\n",
> CurrentImageInfo->HardwareInstance));
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER                *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *ImageHeader;
> +  UINTN                                         Index;
> +  UINT64                                        *ItemOffsetList;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +
> +  DEBUG((DEBUG_VERBOSE, "FmpCapsule:\n"));
> +  DEBUG((DEBUG_VERBOSE, "  Version                - 0x%x\n", FmpCapsuleHeader-
> >Version));
> +  DEBUG((DEBUG_VERBOSE, "  EmbeddedDriverCount    - 0x%x\n", FmpCapsuleHeader-
> >EmbeddedDriverCount));
> +  DEBUG((DEBUG_VERBOSE, "  PayloadItemCount       - 0x%x\n", FmpCapsuleHeader-
> >PayloadItemCount));
> +
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
> +    DEBUG((DEBUG_VERBOSE, "  ItemOffsetList[%d]      - 0x%lx\n", Index,
> ItemOffsetList[Index]));
> +  }
> +  for (; Index < (UINTN)(FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader-
> >PayloadItemCount); Index++) {
> +    DEBUG((DEBUG_VERBOSE, "  ItemOffsetList[%d]      - 0x%lx\n", Index,
> ItemOffsetList[Index]));
> +    ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +
> +    DEBUG((DEBUG_VERBOSE, "  ImageHeader:\n"));
> +    DEBUG((DEBUG_VERBOSE, "    Version                - 0x%x\n", ImageHeader-
> >Version));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateImageTypeId      - %g\n", &ImageHeader-
> >UpdateImageTypeId));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateImageIndex       - 0x%x\n", ImageHeader-
> >UpdateImageIndex));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateImageSize        - 0x%x\n", ImageHeader-
> >UpdateImageSize));
> +    DEBUG((DEBUG_VERBOSE, "    UpdateVendorCodeSize   - 0x%x\n", ImageHeader-
> >UpdateVendorCodeSize));
> +    if (ImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      DEBUG((DEBUG_VERBOSE, "    UpdateHardwareInstance - 0x%lx\n", ImageHeader-
> >UpdateHardwareInstance));
> +    }
> +  }
> +}
> +
> +/**
> +  Process Firmware management protocol data capsule.
> +
> +  This function assumes the caller validated the capsule by using
> +  ValidateFmpCapsule(), so that all fields in EFI_CAPSULE_HEADER,
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER and
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER are correct.
> +
> +  This function need support nested FMP capsule.
> +
> +  @param  CapsuleHeader         Points to a capsule header.
> +  @param  AreAllImagesProcessed If all the FMP images in the capsule are processed.
> +
> +  @retval EFI_SUCESS            Process Capsule Image successfully.
> +  @retval EFI_UNSUPPORTED       Capsule image is not supported by the firmware.
> +  @retval EFI_VOLUME_CORRUPTED  FV volume in the capsule is corrupted.
> +  @retval EFI_OUT_OF_RESOURCES  Not enough memory.
> +**/
> +EFI_STATUS
> +ProcessFmpCapsuleImage (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader,
> +  OUT BOOLEAN           *AreAllImagesProcessed
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_STATUS                                    StatusEsrt;
> +  EFI_STATUS                                    StatusRet;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *ImageHeader;
> +  UINT8                                         *Image;
> +  EFI_HANDLE                                    ImageHandle;
> +  UINT64                                        *ItemOffsetList;
> +  UINT32                                        ItemNum;
> +  UINTN                                         Index;
> +  UINTN                                         ExitDataSize;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         DescriptorSize;
> +  UINT8                                         FmpImageInfoCount;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  CHAR16                                        *AbortReason;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *TempFmpImageInfo;
> +  UINTN                                         DriverLen;
> +  UINTN                                         Index1;
> +  UINTN                                         Index2;
> +  MEMMAP_DEVICE_PATH                            MemMapNode;
> +  EFI_DEVICE_PATH_PROTOCOL                      *DriverDevicePath;
> +  ESRT_MANAGEMENT_PROTOCOL                      *EsrtProtocol;
> +  EFI_SYSTEM_RESOURCE_ENTRY                     EsrtEntry;
> +  VOID                                          *VendorCode;
> +
> +  if (!IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
> +    return ProcessFmpCapsuleImage ((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader +
> CapsuleHeader->HeaderSize), AreAllImagesProcessed);
> +  }
> +
> +  ASSERT(AreAllImagesProcessed != NULL);
> +
> +  Status           = EFI_SUCCESS;
> +  StatusRet        = EFI_NOT_FOUND;
> +  HandleBuffer     = NULL;
> +  ExitDataSize     = 0;
> +  DriverDevicePath = NULL;
> +  EsrtProtocol     = NULL;
> +  *AreAllImagesProcessed = FALSE;
> +
> +  DumpFmpCapsule(CapsuleHeader);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *) ((UINT8 *)
> CapsuleHeader + CapsuleHeader->HeaderSize);
> +
> +  if (FmpCapsuleHeader->Version > EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION)
> {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +
> +  ItemNum = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader-
> >PayloadItemCount;
> +
> +  //
> +  // capsule in which driver count and payload count are both zero is not processed.
> +  //
> +  if (ItemNum == 0) {
> +    *AreAllImagesProcessed = TRUE;
> +    return EFI_SUCCESS;
> +  }
> +
> +  //
> +  // Update corresponding ESRT entry LastAttemp Status
> +  //
> +  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtProtocol);
> +  if (EFI_ERROR (Status)) {
> +    EsrtProtocol = NULL;
> +  }
> +
> +  //
> +  // 1. Try to load & start all the drivers within capsule
> +  //
> +  SetDevicePathNodeLength (&MemMapNode.Header, sizeof (MemMapNode));
> +  MemMapNode.Header.Type     = HARDWARE_DEVICE_PATH;
> +  MemMapNode.Header.SubType  = HW_MEMMAP_DP;
> +  MemMapNode.MemoryType      = EfiBootServicesCode;
> +  MemMapNode.StartingAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)CapsuleHeader;
> +  MemMapNode.EndingAddress   = (EFI_PHYSICAL_ADDRESS)(UINTN)((UINT8 *)CapsuleHeader +
> CapsuleHeader->CapsuleImageSize - 1);
> +
> +  DriverDevicePath = AppendDevicePathNode (NULL, &MemMapNode.Header);
> +  if (DriverDevicePath == NULL) {
> +    return EFI_OUT_OF_RESOURCES;
> +  }
> +
> +  for (Index = 0; Index < FmpCapsuleHeader->EmbeddedDriverCount; Index++) {
> +    if (FmpCapsuleHeader->PayloadItemCount == 0 && Index == (UINTN)FmpCapsuleHeader-
> >EmbeddedDriverCount - 1) {
> +      //
> +      // When driver is last element in the ItemOffsetList array, the driver size is
> calculated by reference CapsuleImageSize in EFI_CAPSULE_HEADER
> +      //
> +      DriverLen = CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize -
> (UINTN)ItemOffsetList[Index];
> +    } else {
> +      DriverLen = (UINTN)ItemOffsetList[Index + 1] - (UINTN)ItemOffsetList[Index];
> +    }
> +
> +    DEBUG((EFI_D_INFO, "FmpCapsule: LoadImage ...\n"));
> +    Status = gBS->LoadImage(
> +                    FALSE,
> +                    gImageHandle,
> +                    DriverDevicePath,
> +                    (UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index],
> +                    DriverLen,
> +                    &ImageHandle
> +                    );
> +    DEBUG((EFI_D_INFO, "FmpCapsule: LoadImage - %r\n", Status));
> +    if (EFI_ERROR(Status)) {
> +      StatusRet = Status;
> +      goto EXIT;
> +    }
> +
> +    DEBUG((EFI_D_INFO, "FmpCapsule: StartImage ...\n"));
> +    Status = gBS->StartImage(
> +                    ImageHandle,
> +                    &ExitDataSize,
> +                    NULL
> +                    );
> +    DEBUG((EFI_D_INFO, "FmpCapsule: StartImage - %r\n", Status));
> +    if (EFI_ERROR(Status)) {
> +      DEBUG ((DEBUG_ERROR, "Driver Return Status = %r\n", Status));
> +      StatusRet = Status;
> +      goto EXIT;
> +    }
> +  }
> +
> +  //
> +  // 2. Route payload to right FMP instance
> +  //
> +  DEBUG((EFI_D_INFO, "FmpCapsule: route payload to right FMP instance ...\n"));
> +
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +
> +  if (!EFI_ERROR(Status)) {
> +    for(Index1 = 0; Index1 < NumberOfHandles; Index1++) {
> +      Status = gBS->HandleProtocol(
> +                      HandleBuffer[Index1],
> +                      &gEfiFirmwareManagementProtocolGuid,
> +                      (VOID **)&Fmp
> +                      );
> +      if (EFI_ERROR(Status)) {
> +        continue;
> +      }
> +
> +      ImageInfoSize = 0;
> +      Status = Fmp->GetImageInfo (
> +                      Fmp,
> +                      &ImageInfoSize,
> +                      NULL,
> +                      NULL,
> +                      NULL,
> +                      NULL,
> +                      NULL,
> +                      NULL
> +                      );
> +      if (Status != EFI_BUFFER_TOO_SMALL) {
> +        continue;
> +      }
> +
> +      FmpImageInfoBuf = NULL;
> +      FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +      if (FmpImageInfoBuf == NULL) {
> +        StatusRet = EFI_OUT_OF_RESOURCES;
> +        goto EXIT;
> +      }
> +
> +      PackageVersionName = NULL;
> +      Status = Fmp->GetImageInfo (
> +                      Fmp,
> +                      &ImageInfoSize,               // ImageInfoSize
> +                      FmpImageInfoBuf,              // ImageInfo
> +                      &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                      &FmpImageInfoCount,           // DescriptorCount
> +                      &DescriptorSize,              // DescriptorSize
> +                      &PackageVersion,              // PackageVersion
> +                      &PackageVersionName           // PackageVersionName
> +                      );
> +
> +      //
> +      // If FMP GetInformation interface failed, skip this resource
> +      //
> +      if (EFI_ERROR(Status)) {
> +        FreePool(FmpImageInfoBuf);
> +        continue;
> +      }
> +
> +      DEBUG((EFI_D_INFO, "FMP (%d) ImageInfo:\n", Index));
> +      DumpFmpImageInfo(
> +        ImageInfoSize,               // ImageInfoSize
> +        FmpImageInfoBuf,             // ImageInfo
> +        FmpImageInfoDescriptorVer,   // DescriptorVersion
> +        FmpImageInfoCount,           // DescriptorCount
> +        DescriptorSize,              // DescriptorSize
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName           // PackageVersionName
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +
> +      TempFmpImageInfo = FmpImageInfoBuf;
> +      for (Index2 = 0; Index2 < FmpImageInfoCount; Index2++) {
> +        //
> +        // Check all the payload entry in capsule payload list
> +        //
> +        for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++)
> {
> +          ImageHeader  = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +
> +          if (IsFmpCapsuleProcessed(CapsuleHeader, Index - FmpCapsuleHeader-
> >EmbeddedDriverCount, ImageHeader)) {
> +            DEBUG((EFI_D_INFO, "FMP Capsule already processed (%g):", CapsuleHeader));
> +            DEBUG((EFI_D_INFO, "ImageTypeId - %g, ", ImageHeader->UpdateImageTypeId));
> +            DEBUG((EFI_D_INFO, "PayloadIndex - 0x%x, ImageIndex - 0x%x\n", Index -
> FmpCapsuleHeader->EmbeddedDriverCount, ImageHeader->UpdateImageIndex));
> +            continue;
> +          }
> +
> +          if (CompareGuid(&ImageHeader->UpdateImageTypeId, &TempFmpImageInfo-
> >ImageTypeId) &&
> +              ImageHeader->UpdateImageIndex == TempFmpImageInfo->ImageIndex) {
> +            AbortReason = NULL;
> +            if (ImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +              if(ImageHeader->UpdateHardwareInstance != 0){
> +                //
> +                // FMP Version is >=2 & UpdateHardwareInstance Skip 2 case
> +                //  1. FMP Image info Version < 3
> +                //  2. HardwareInstance doesn't match
> +                //
> +                if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION
> ||
> +                   ImageHeader->UpdateHardwareInstance != TempFmpImageInfo-
> >HardwareInstance) {
> +                  continue;
> +                }
> +              }
> +              Image = (UINT8 *)(ImageHeader + 1);
> +            } else {
> +              //
> +              // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1,
> only match ImageTypeId.
> +              // Header should exclude UpdateHardwareInstance field
> +              //
> +              Image = (UINT8 *)ImageHeader +
> OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER, UpdateHardwareInstance);
> +            }
> +
> +            if (ImageHeader->UpdateVendorCodeSize == 0) {
> +              VendorCode = NULL;
> +            } else {
> +              VendorCode = Image + ImageHeader->UpdateImageSize;
> +            }
> +            DEBUG((EFI_D_INFO, "Fmp->SetImage ...\n"));
> +            Status = Fmp->SetImage(
> +                            Fmp,
> +                            ImageHeader->UpdateImageIndex,          // ImageIndex
> +                            Image,                                  // Image
> +                            ImageHeader->UpdateImageSize,           // ImageSize
> +                            VendorCode,                                   //
> VendorCode
> +                            Update_Image_Progress,                  // Progress
> +                            &AbortReason                            // AbortReason
> +                            );
> +            DEBUG((EFI_D_INFO, "Fmp->SetImage - %r\n", Status));
> +            if (AbortReason != NULL) {
> +              DEBUG ((EFI_D_ERROR, "%s\n", AbortReason));
> +              FreePool(AbortReason);
> +            }
> +            RecordFmpCapsuleStatusVariable(
> +              CapsuleHeader,                                 // CapsuleGuid
> +              Status,                                        // CapsuleStatus
> +              Index - FmpCapsuleHeader->EmbeddedDriverCount, // PayloadIndex
> +              ImageHeader                                    // ImageHeader
> +              );
> +            if (StatusRet != EFI_SUCCESS) {
> +              StatusRet = Status;
> +            }
> +            //
> +            // Update EsrtEntry For V1, V2 FMP instance. V3 FMP ESRT cache will be
> synced up through EsrtSyncFmp interface
> +            //
> +            if (FmpImageInfoDescriptorVer < EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION &&
> EsrtProtocol != NULL) {
> +               StatusEsrt = EsrtProtocol->GetEsrtEntry(&TempFmpImageInfo->ImageTypeId,
> &EsrtEntry);
> +               if (!EFI_ERROR(StatusEsrt)){
> +                 if (!EFI_ERROR(Status)) {
> +                   EsrtEntry.LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
> +                 } else {
> +                   EsrtEntry.LastAttemptStatus =
> LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
> +                 }
> +                 EsrtEntry.LastAttemptVersion = 0;
> +                 EsrtProtocol->UpdateEsrtEntry(&EsrtEntry);
> +               }
> +             }
> +          }
> +        }
> +        //
> +        // Use DescriptorSize to move ImageInfo Pointer to stay compatible with
> different ImageInfo version
> +        //
> +        TempFmpImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)TempFmpImageInfo
> + DescriptorSize);
> +      }
> +      FreePool(FmpImageInfoBuf);
> +    }
> +  }
> +
> +  //
> +  // final check for AreAllImagesProcessed
> +  //
> +  *AreAllImagesProcessed = TRUE;
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < ItemNum; Index++) {
> +    ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +
> +    if (!IsFmpCapsuleProcessed(CapsuleHeader, Index - FmpCapsuleHeader-
> >EmbeddedDriverCount, ImageHeader)) {
> +      *AreAllImagesProcessed = FALSE;
> +      break;
> +    }
> +  }
> +
> +EXIT:
> +
> +  if (HandleBuffer != NULL) {
> +    FreePool(HandleBuffer);
> +  }
> +
> +  if (DriverDevicePath != NULL) {
> +    FreePool(DriverDevicePath);
> +  }
> +
> +  return StatusRet;
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +  ESRT_MANAGEMENT_PROTOCOL   *EsrtProtocol;
> +  EFI_SYSTEM_RESOURCE_ENTRY  Entry;
> +
> +  EsrtGuidFound = FALSE;
> +
> +  //
> +  // Check ESRT protocol
> +  //
> +  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtProtocol);
> +  if (!EFI_ERROR(Status)) {
> +    Status = EsrtProtocol->GetEsrtEntry(&CapsuleHeader->CapsuleGuid, &Entry);
> +    if (!EFI_ERROR(Status)) {
> +      EsrtGuidFound = TRUE;
> +    }
> +  }
> +
> +  //
> +  // Check ESRT configuration table
> +  //
> +  if (!EsrtGuidFound) {
> +    Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +    if (!EFI_ERROR(Status)) {
> +      EsrtEntry = (VOID *)(Esrt + 1);
> +      for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +        if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +          EsrtGuidFound = TRUE;
> +          break;
> +        }
> +      }
> +    }
> +  }
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->CapsuleImageSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!IsValidCapsuleHeader(NestedCapsuleHeader, NestedCapsuleSize)) {
> +    return FALSE;
> +  }
> +  if (!IsFmpCapsuleGuid(&NestedCapsuleHeader->CapsuleGuid)) {
> +    return FALSE;
> +  }
> +  DEBUG ((EFI_D_INFO, "IsNestedFmpCapsule\n"));
> +  return TRUE;
> +}
> +
> +/**
> +  Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  It is a system FMP.
> +  @retval FALSE It is a device FMP.
> +**/
> +BOOLEAN
> +IsFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  if (IsFmpCapsuleGuid(&CapsuleHeader->CapsuleGuid)) {
> +    return TRUE;
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    return TRUE;
> +  }
> +  return FALSE;
> +}
> +
> +/**
> +  Those capsules supported by the firmwares.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +
> +  @retval EFI_SUCESS       Input capsule is supported by firmware.
> +  @retval EFI_UNSUPPORTED  Input capsule is not supported by the firmware.
> +  @retval EFI_INVALID_PARAMETER Input capsule layout is not correct
> +**/
> +EFI_STATUS
> +EFIAPI
> +SupportCapsuleImage (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader
> +  )
> +{
> +  //
> +  // check Display Capsule Guid
> +  //
> +  if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
> +    return EFI_SUCCESS;
> +  }
> +
> +  if (IsFmpCapsule(CapsuleHeader)) {
> +    //
> +    // Check layout of FMP capsule
> +    //
> +    return ValidateFmpCapsule(CapsuleHeader, NULL);
> +  }
> +  DEBUG((EFI_D_ERROR, "Unknown Capsule Guid - %g\n", &CapsuleHeader->CapsuleGuid));
> +  return EFI_UNSUPPORTED;
> +}
> +
> +/**
> +  The firmware implements to process the capsule image.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  @param  CapsuleHeader         Points to a capsule header.
> +
> +  @retval EFI_SUCESS            Process Capsule Image successfully.
> +  @retval EFI_UNSUPPORTED       Capsule image is not supported by the firmware.
> +  @retval EFI_VOLUME_CORRUPTED  FV volume in the capsule is corrupted.
> +  @retval EFI_OUT_OF_RESOURCES  Not enough memory.
> +**/
> +EFI_STATUS
> +EFIAPI
> +ProcessCapsuleImage (
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                   Status;
> +  BOOLEAN                      AreAllImagesProcessed;
> +
> +  if (SupportCapsuleImage (CapsuleHeader) != EFI_SUCCESS) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  //
> +  // Display image in firmware update display capsule
> +  //
> +  if (CompareGuid (&gWindowsUxCapsuleGuid, &CapsuleHeader->CapsuleGuid)) {
> +    DEBUG((EFI_D_INFO, "ProcessCapsuleImage for WindowsUxCapsule ...\n"));
> +    Status = DisplayCapsuleImage(CapsuleHeader);
> +    RecordCapsuleStatusVariable(CapsuleHeader, Status);
> +    return Status;
> +  }
> +
> +  //
> +  // Check FMP capsule layout
> +  //
> +  if (IsFmpCapsule (CapsuleHeader)) {
> +    DEBUG((EFI_D_INFO, "ProcessCapsuleImage for FmpCapsule ...\n"));
> +    DEBUG((EFI_D_INFO, "ValidateFmpCapsule ...\n"));
> +    Status = ValidateFmpCapsule(CapsuleHeader, NULL);
> +    DEBUG((EFI_D_INFO, "ValidateFmpCapsule - %r\n", Status));
> +    if (EFI_ERROR(Status)) {
> +      return Status;
> +    }
> +
> +    //
> +    // Press EFI FMP Capsule
> +    //
> +    DEBUG((EFI_D_INFO, "ProcessFmpCapsuleImage ...\n"));
> +    Status = ProcessFmpCapsuleImage(CapsuleHeader, &AreAllImagesProcessed);
> +    DEBUG((EFI_D_INFO, "ProcessFmpCapsuleImage - %r\n", Status));
> +
> +    if (!AreAllImagesProcessed) {
> +      mAreAllImagesProcessed = FALSE;
> +    }
> +
> +    return Status;
> +  }
> +
> +  return EFI_UNSUPPORTED;
> +}
> +
> +/**
> +  Callback function executed when the EndOfDxe event group is signaled.
> +
> +  @param[in] Event      Event whose notification function is being invoked.
> +  @param[in] Context    The pointer to the notification function's context, which
> +                        is implementation-dependent.
> +**/
> +VOID
> +EFIAPI
> +DxeCapsuleLibEndOfDxe(
> +  IN EFI_EVENT  Event,
> +  IN VOID       *Context
> +  )
> +{
> +  mDxeCapsuleLibEndOfDxe = TRUE;
> +}
> +
> +/**
> +  The constructor function.
> +
> +  @param  ImageHandle   The firmware allocated handle for the EFI image.
> +  @param  SystemTable   A pointer to the EFI System Table.
> +
> +  @retval EFI_SUCCESS   The constructor successfully .
> +**/
> +EFI_STATUS
> +EFIAPI
> +DxeCapsuleLibConstructor(
> +  IN EFI_HANDLE         ImageHandle,
> +  IN EFI_SYSTEM_TABLE   *SystemTable
> +  )
> +{
> +  EFI_EVENT     EndOfDxeEvent;
> +  EFI_STATUS    Status;
> +
> +  Status = gBS->CreateEventEx (
> +                  EVT_NOTIFY_SIGNAL,
> +                  TPL_CALLBACK,
> +                  DxeCapsuleLibEndOfDxe,
> +                  NULL,
> +                  &gEfiEndOfDxeEventGroupGuid,
> +                  &EndOfDxeEvent
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  InitCapsuleVariable();
> +
> +  return EFI_SUCCESS;
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> new file mode 100644
> index 0000000..5e437dc
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> @@ -0,0 +1,80 @@
> +## @file
> +#  Capsule library instance for DXE_DRIVER.
> +#
> +#  Capsule library instance for DXE_DRIVER module types.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010005
> +  BASE_NAME                      = DxeCapsuleLib
> +  MODULE_UNI_FILE                = DxeCapsuleLib.uni
> +  FILE_GUID                      = 534E35DE-8EB3-47b3-A4E0-72A571E50733
> +  MODULE_TYPE                    = DXE_DRIVER
> +  VERSION_STRING                 = 1.0
> +  LIBRARY_CLASS                  = CapsuleLib|DXE_DRIVER UEFI_APPLICATION
> +  CONSTRUCTOR                    = DxeCapsuleLibConstructor
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
> +#
> +
> +[Sources]
> +  DxeCapsuleLib.c
> +  DxeCapsuleProcessLib.c
> +  DxeCapsuleReportLib.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[LibraryClasses]
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  MemoryAllocationLib
> +  DxeServicesTableLib
> +  UefiBootServicesTableLib
> +  DevicePathLib
> +  ReportStatusCodeLib
> +  PrintLib
> +  HobLib
> +
> +[Pcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag      ##
> CONSUMES
> +
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule                ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd      ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware        ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess   ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem         ##
> CONSUMES
> +
> +[Protocols]
> +  gEsrtManagementProtocolGuid             ## CONSUMES
> +  gEfiFirmwareManagementProtocolGuid      ## SOMETIMES_CONSUMES
> +  gEdkiiVariableLockProtocolGuid          ## SOMETIMES_CONSUMES
> +
> +[Guids]
> +  gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
> +  gWindowsUxCapsuleGuid                   ## SOMETIMES_CONSUMES ## GUID
> +  gEfiSystemResourceTableGuid             ## SOMETIMES_CONSUMES ## GUID
> +  gEfiCapsuleReportGuid                   ## CONSUMES ## Variable
> +  gEfiCapsuleVendorGuid                   ## CONSUMES ## Variable
> +  gEfiEndOfDxeEventGroupGuid              ## CONSUMES ## Event
> +
> +[Depex]
> +  gEfiVariableWriteArchProtocolGuid
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
> new file mode 100644
> index 0000000..05a80d0
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// Capsule library instance for DXE_DRIVER.
> +//
> +// Capsule library instance for DXE_DRIVER module types.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution.  The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +//
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "Capsule Support Library"
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "Capsule library instance for
> DXE_DRIVER module types."
> +
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
> new file mode 100644
> index 0000000..c84cd3e
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
> @@ -0,0 +1,486 @@
> +/** @file
> +  DXE capsule process.
> +
> +  Caution: This module requires additional review when modified.
> +  This module will have external input - capsule image.
> +  This external input must be validated carefully to avoid security issue like
> +  buffer overflow, integer overflow.
> +
> +  ProcessCapsules(), ProcessTheseCapsules() will receive untrusted
> +  input and do basic validation.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Protocol/EsrtManagement.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PcdLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/ReportStatusCodeLib.h>
> +#include <Library/CapsuleLib.h>
> +
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Return if this FMP is a system FMP or a device FMP, based upon CapsuleHeader.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  It is a system FMP.
> +  @retval FALSE It is a device FMP.
> +**/
> +BOOLEAN
> +IsFmpCapsule(
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader
> +  );
> +
> +/**
> +  Validate Fmp capsules layout.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  This function assumes the caller validated the capsule by using
> +  IsValidCapsuleHeader(), so that all fields in EFI_CAPSULE_HEADER are correct.
> +  The capsule buffer size is CapsuleHeader->CapsuleImageSize.
> +
> +  This function validates the fields in EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
> +  and EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.
> +
> +  This function need support nested FMP capsule.
> +
> +  @param[in]   CapsuleHeader        Points to a capsule header.
> +  @param[out]  EmbeddedDriverCount  The EmbeddedDriverCount in the FMP capsule.
> +
> +  @retval EFI_SUCESS             Input capsule is a correct FMP capsule.
> +  @retval EFI_INVALID_PARAMETER  Input capsule is not a correct FMP capsule.
> +**/
> +EFI_STATUS
> +ValidateFmpCapsule(
> +  IN EFI_CAPSULE_HEADER *CapsuleHeader,
> +  OUT UINT16            *EmbeddedDriverCount OPTIONAL
> +  );
> +
> +/**
> +  Validate if it is valid capsule header
> +
> +  This function assumes the caller provided correct CapsuleHeader pointer
> +  and CapsuleSize.
> +
> +  This function validates the fields in EFI_CAPSULE_HEADER.
> +
> +  @param  CapsuleHeader    Points to a capsule header.
> +  @param  CapsuleSize      Size of the whole capsule image.
> +
> +**/
> +BOOLEAN
> +IsValidCapsuleHeader(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader,
> +  IN UINT64              CapsuleSize
> +  );
> +
> +extern BOOLEAN                   mDxeCapsuleLibEndOfDxe;
> +BOOLEAN                          mNeedReset;
> +BOOLEAN                          mAreAllImagesProcessed;
> +
> +/**
> +
> +  This routine is called to process capsules.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  Each individual capsule result is recorded in capsule record variable.
> +
> +  @param  NeedBlockDriver         TRUE: Need skip the FMP capsules with non zero
> EmbeddedDriverCount.
> +                                  FALSE: No need to skip any FMP capsules.
> +
> +  @retval EFI_SUCCESS             There is no error when processing capsules.
> +  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
> +
> +**/
> +EFI_STATUS
> +ProcessTheseCapsules (
> +  IN BOOLEAN  NeedBlockDriver
> +  )
> +{
> +  EFI_STATUS                  Status;
> +  EFI_PEI_HOB_POINTERS        HobPointer;
> +  EFI_CAPSULE_HEADER          *CapsuleHeader;
> +  UINT32                      Size;
> +  UINT32                      CapsuleNumber;
> +  UINT32                      CapsuleTotalNumber;
> +  EFI_CAPSULE_TABLE           *CapsuleTable;
> +  UINT32                      Index;
> +  UINT32                      CacheIndex;
> +  UINT32                      CacheNumber;
> +  VOID                        **CapsulePtr;
> +  VOID                        **CapsulePtrCache;
> +  EFI_GUID                    *CapsuleGuidCache;
> +  EFI_STATUS                  *CapsuleStatusArray;
> +  BOOLEAN                     DisplayCapsuleExist;
> +  ESRT_MANAGEMENT_PROTOCOL    *EsrtManagement;
> +  UINT16                      EmbeddedDriverCount;
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeProcessCapsulesBegin)));
> +
> +  CapsuleNumber       = 0;
> +  CapsuleTotalNumber  = 0;
> +  CacheIndex          = 0;
> +  CacheNumber         = 0;
> +  CapsulePtr          = NULL;
> +  CapsulePtrCache     = NULL;
> +  CapsuleGuidCache    = NULL;
> +  DisplayCapsuleExist = FALSE;
> +  EsrtManagement      = NULL;
> +
> +  Status = EFI_SUCCESS;
> +  //
> +  // Find all capsule images from hob
> +  //
> +  HobPointer.Raw = GetHobList ();
> +  while ((HobPointer.Raw = GetNextHob (EFI_HOB_TYPE_UEFI_CAPSULE, HobPointer.Raw)) !=
> NULL) {
> +    if (!IsValidCapsuleHeader((VOID *)(UINTN)HobPointer.Capsule->BaseAddress,
> HobPointer.Capsule->Length)) {
> +      HobPointer.Header->HobType = EFI_HOB_TYPE_UNUSED; // Mark this hob as invalid
> +    } else {
> +      CapsuleTotalNumber++;
> +    }
> +    HobPointer.Raw = GET_NEXT_HOB (HobPointer);
> +  }
> +
> +  if (CapsuleTotalNumber == 0) {
> +    //
> +    // We didn't find a hob, so had no errors.
> +    //
> +    DEBUG ((EFI_D_ERROR, "We can not find capsule data in capsule update boot
> mode.\n"));
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  //
> +  // Init temp Capsule Data table.
> +  //
> +  CapsulePtr       = (VOID **) AllocateZeroPool (sizeof (VOID *) *
> CapsuleTotalNumber);
> +  ASSERT (CapsulePtr != NULL);
> +  if (CapsulePtr == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +  CapsulePtrCache  = (VOID **) AllocateZeroPool (sizeof (VOID *) *
> CapsuleTotalNumber);
> +  ASSERT (CapsulePtrCache != NULL);
> +  if (CapsulePtrCache == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +  CapsuleGuidCache = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID) *
> CapsuleTotalNumber);
> +  ASSERT (CapsuleGuidCache != NULL);
> +  if (CapsuleGuidCache == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +  CapsuleStatusArray = (EFI_STATUS *) AllocateZeroPool (sizeof (EFI_STATUS) *
> CapsuleTotalNumber);
> +  ASSERT (CapsuleStatusArray != NULL);
> +  if (CapsuleStatusArray == NULL) {
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  //
> +  // Find all capsule images from hob
> +  //
> +  HobPointer.Raw = GetHobList ();
> +  while ((HobPointer.Raw = GetNextHob (EFI_HOB_TYPE_UEFI_CAPSULE, HobPointer.Raw)) !=
> NULL) {
> +    CapsulePtr [CapsuleNumber++] = (VOID *) (UINTN) HobPointer.Capsule->BaseAddress;
> +    HobPointer.Raw = GET_NEXT_HOB (HobPointer);
> +  }
> +
> +  //
> +  // Check the capsule flags,if contains CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE, install
> +  // capsuleTable to configure table with EFI_CAPSULE_GUID
> +  //
> +
> +  //
> +  // Capsules who have CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE always are used for
> operating
> +  // System to have information persist across a system reset. EFI System Table must
> +  // point to an array of capsules that contains the same CapsuleGuid value. And
> agents
> +  // searching for this type capsule will look in EFI System Table and search for the
> +  // capsule's Guid and associated pointer to retrieve the data. Two steps below
> describes
> +  // how to sorting the capsules by the unique guid and install the array to EFI
> System Table.
> +  // Firstly, Loop for all coalesced capsules, record unique CapsuleGuids and cache
> them in an
> +  // array for later sorting capsules by CapsuleGuid.
> +  //
> +  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +    CapsuleStatusArray [Index] = EFI_UNSUPPORTED;
> +    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +    if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0) {
> +      //
> +      // For each capsule, we compare it with known CapsuleGuid in the CacheArray.
> +      // If already has the Guid, skip it. Whereas, record it in the CacheArray as
> +      // an additional one.
> +      //
> +      CacheIndex = 0;
> +      while (CacheIndex < CacheNumber) {
> +        if (CompareGuid(&CapsuleGuidCache[CacheIndex],&CapsuleHeader->CapsuleGuid)) {
> +          break;
> +        }
> +        CacheIndex++;
> +      }
> +      if (CacheIndex == CacheNumber) {
> +        CopyMem(&CapsuleGuidCache[CacheNumber++],&CapsuleHeader-
> >CapsuleGuid,sizeof(EFI_GUID));
> +      }
> +    }
> +  }
> +
> +  //
> +  // Secondly, for each unique CapsuleGuid in CacheArray, gather all coalesced
> capsules
> +  // whose guid is the same as it, and malloc memory for an array which preceding
> +  // with UINT32. The array fills with entry point of capsules that have the same
> +  // CapsuleGuid, and UINT32 represents the size of the array of capsules. Then
> install
> +  // this array into EFI System Table, so that agents searching for this type capsule
> +  // will look in EFI System Table and search for the capsule's Guid and associated
> +  // pointer to retrieve the data.
> +  //
> +  CacheIndex = 0;
> +  while (CacheIndex < CacheNumber) {
> +    CapsuleNumber = 0;
> +    for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +      CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +      if ((CapsuleHeader->Flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE) != 0) {
> +        if (CompareGuid (&CapsuleGuidCache[CacheIndex], &CapsuleHeader->CapsuleGuid))
> {
> +          //
> +          // Cache Caspuleheader to the array, this array is uniqued with certain
> CapsuleGuid.
> +          //
> +          CapsulePtrCache[CapsuleNumber++] = (VOID*)CapsuleHeader;
> +          //
> +          // When a Capsule is listed in CapsulePtrCache, it will be reported in
> ConfigurationTable
> +          // So, report the CapsuleStatus as "processed successfully".
> +          //
> +          CapsuleStatusArray [Index] = EFI_SUCCESS;
> +        }
> +      }
> +    }
> +    if (CapsuleNumber != 0) {
> +      Size = sizeof(EFI_CAPSULE_TABLE) + (CapsuleNumber - 1) * sizeof(VOID*);
> +      CapsuleTable = AllocateRuntimePool (Size);
> +      ASSERT (CapsuleTable != NULL);
> +      if (CapsuleTable == NULL) {
> +        return EFI_OUT_OF_RESOURCES;
> +      }
> +      CapsuleTable->CapsuleArrayNumber =  CapsuleNumber;
> +      CopyMem(&CapsuleTable->CapsulePtr[0], CapsulePtrCache, CapsuleNumber *
> sizeof(VOID*));
> +      Status = gBS->InstallConfigurationTable (&CapsuleGuidCache[CacheIndex],
> (VOID*)CapsuleTable);
> +      ASSERT_EFI_ERROR (Status);
> +    }
> +    CacheIndex++;
> +  }
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeUpdatingFirmware)));
> +
> +  //
> +  // If Windows UX capsule exist, process it first
> +  //
> +  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +    if (CompareGuid(&CapsuleHeader->CapsuleGuid ,&gWindowsUxCapsuleGuid)) {
> +      DEBUG ((EFI_D_INFO, "ProcessCapsuleImage (Ux) - 0x%x\n", CapsuleHeader));
> +      DisplayCapsuleExist = TRUE;
> +      DEBUG ((DEBUG_INFO, "Display logo capsule is found.\n"));
> +      Status = ProcessCapsuleImage (CapsuleHeader);
> +      DEBUG((EFI_D_INFO, "ProcessCapsuleImage (Ux) - %r\n", Status));
> +      CapsuleStatusArray [Index] = Status;
> +      break;
> +    }
> +  }
> +
> +  if (!DisplayCapsuleExist) {
> +    //
> +    // Display Capsule not found. Display the default string.
> +    //
> +    Print (L"Updating the firmware ......\r\n");
> +  }
> +
> +  //
> +  // All capsules left are recognized by platform.
> +  //
> +  for (Index = 0; Index < CapsuleTotalNumber; Index++) {
> +    CapsuleHeader = (EFI_CAPSULE_HEADER*) CapsulePtr [Index];
> +    if (!CompareGuid(&CapsuleHeader->CapsuleGuid ,&gWindowsUxCapsuleGuid)) {
> +      //
> +      // Call capsule library to process capsule image.
> +      //
> +      EmbeddedDriverCount = 0;
> +      if (IsFmpCapsule(CapsuleHeader)) {
> +        Status = ValidateFmpCapsule(CapsuleHeader, &EmbeddedDriverCount);
> +        if (EFI_ERROR(Status)) {
> +          DEBUG((DEBUG_ERROR, "ValidateFmpCapsule failed. Ignore!\n"));
> +          continue;
> +        }
> +      }
> +
> +      if ((!NeedBlockDriver) || (EmbeddedDriverCount == 0)) {
> +        DEBUG((EFI_D_INFO, "ProcessCapsuleImage - 0x%x\n", CapsuleHeader));
> +        Status = ProcessCapsuleImage (CapsuleHeader);
> +        CapsuleStatusArray [Index] = Status;
> +        DEBUG((EFI_D_INFO, "ProcessCapsuleImage - %r\n", Status));
> +
> +        if (EFI_ERROR(Status)) {
> +          REPORT_STATUS_CODE(EFI_ERROR_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeUpdateFirmwareFailed)));
> +          DEBUG ((DEBUG_ERROR, "Capsule process failed. reset the system!\n"));
> +          Print (L"Firmware update failed...\r\n");
> +        } else {
> +          REPORT_STATUS_CODE(EFI_PROGRESS_CODE,
> (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeUpdateFirmwareSuccess)));
> +        }
> +
> +        if ((CapsuleHeader->Flags & PcdGet16(PcdSystemRebootAfterCapsuleProcessFlag))
> != 0 ||
> +            IsFmpCapsule(CapsuleHeader)) {
> +          mNeedReset = TRUE;
> +        }
> +      }
> +    }
> +  }
> +
> +  Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> +  //
> +  // Always sync ESRT Cache from FMP Instance
> +  //
> +  if (!EFI_ERROR(Status)) {
> +    EsrtManagement->SyncEsrtFmp();
> +  }
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  //
> +  // Free the allocated temp memory space.
> +  //
> +  if (CapsuleGuidCache != NULL) {
> +    FreePool(CapsuleGuidCache);
> +  }
> +  if (CapsulePtrCache != NULL) {
> +    FreePool(CapsulePtrCache);
> +  }
> +  if (CapsulePtr != NULL) {
> +    FreePool(CapsulePtr);
> +  }
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeProcessCapsulesEnd)));
> +
> +  return Status;
> +}
> +
> +/**
> +**/
> +BOOLEAN
> +IsAllCapsulesProcessed(
> +  VOID
> +  )
> +{
> +  // TBD
> +  return TRUE;
> +}
> +
> +/**
> +  Do reset system.
> +**/
> +VOID
> +DoResetSystem(
> +  VOID
> +  )
> +{
> +  UINTN                         Index;
> +
> +  REPORT_STATUS_CODE(EFI_PROGRESS_CODE, (PcdGet32(PcdStatusCodeSubClassCapsule) |
> PcdGet32(PcdCapsuleStatusCodeResettingSystem)));
> +
> +  Print(L"Capsule Request Cold Reboot.\n");
> +  DEBUG((EFI_D_INFO, "Capsule Request Cold Reboot."));
> +
> +  for (Index = 5; Index > 0; Index--) {
> +    Print(L"\rResetting system in %d seconds ...", Index);
> +    DEBUG((EFI_D_INFO, "\rResetting system in %d seconds ...", Index));
> +    gBS->Stall(1000000);
> +  }
> +
> +  gRT->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
> +
> +  CpuDeadLoop();
> +}
> +
> +/**
> +
> +  This routine is called to process capsules.
> +
> +  Caution: This function may receive untrusted input.
> +
> +  The capsules reported in EFI_HOB_UEFI_CAPSULE are processed.
> +  If there is no EFI_HOB_UEFI_CAPSULE, this routine does nothing.
> +
> +  This routine should be called twice in BDS.
> +  1) The first call must be before EndOfDxe. The system capsules is processed.
> +     If device capsule FMP protocols are exposted at this time and device FMP
> +     capsule has zero EmbeddedDriverCount, the device capsules are processed.
> +     Each individual capsule result is recorded in capsule record variable.
> +     System may reset in this function, if reset is required by capsule and
> +     all capsules are processed.
> +     If not all capsules are processed, reset will be defered to second call.
> +
> +  2) The second call must be after EndOfDxe and after ConnectAll, so that all
> +     device capsule FMP protocols are exposed.
> +     The system capsules are skipped. If the device capsules are NOT processed
> +     in first call, they are processed here.
> +     Each individual capsule result is recorded in capsule record variable.
> +     System may reset in this function, if reset is required by capsule
> +     processed in first call and second call.
> +
> +  @retval EFI_SUCCESS             There is no error when processing capsules.
> +  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +ProcessCapsules(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +
> +  if (!mDxeCapsuleLibEndOfDxe) {
> +    //
> +    // Initialize mAreAllImagesProcessed to be TRUE.
> +    //
> +    // It will be updated to FALSE in ProcessTheseCapsules()->ProcessCapsuleImage(),
> +    // if there is any FMP image in any FMP capsule not processed.
> +    //
> +    mAreAllImagesProcessed = TRUE;
> +
> +    Status = ProcessTheseCapsules(TRUE);
> +    //
> +    // Reboot System if and only if all capsule processed.
> +    // If not, defer reset to 2nd process.
> +    //
> +    if (mNeedReset && mAreAllImagesProcessed) {
> +      DoResetSystem();
> +    }
> +  } else {
> +    Status = ProcessTheseCapsules(FALSE);
> +    //
> +    // Reboot System if required after all capsule processed
> +    //
> +    if (mNeedReset) {
> +      DoResetSystem();
> +    }
> +  }
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
> new file mode 100644
> index 0000000..9edc353
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
> @@ -0,0 +1,489 @@
> +/** @file
> +  DXE capsule report related function.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Protocol/VariableLock.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/FmpCapsule.h>
> +#include <Guid/CapsuleVendor.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PcdLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/PrintLib.h>
> +#include <Library/ReportStatusCodeLib.h>
> +#include <Library/CapsuleLib.h>
> +
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +typedef struct {
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  CapsuleResultHeader;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     CapsuleResultFmp;
> +} CAPSULE_RESULT_VARIABLE_CACHE;
> +
> +#define CAPSULE_RESULT_VARIABLE_CACHE_COUNT   0x10
> +
> +CAPSULE_RESULT_VARIABLE_CACHE *mCapsuleResultVariableCache;
> +UINTN                         mCapsuleResultVariableCacheMaxCount;
> +UINTN                         mCapsuleResultVariableCacheCount;
> +
> +/**
> +  Get current capsule last variable index.
> +
> +  @return Current capsule last variable index.
> +  @retval -1  No current capsule last variable.
> +**/
> +INTN
> +GetCurrentCapsuleLastIndex(
> +  VOID
> +  )
> +{
> +  UINTN                            Size;
> +  CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
> +  EFI_STATUS                       Status;
> +  UINT16                           CurrentIndex;
> +
> +  Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +  Status = gRT->GetVariable(
> +                  L"CapsuleLast",
> +                  &gEfiCapsuleReportGuid,
> +                  NULL,
> +                  &Size,
> +                  CapsuleLastStr
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return -1;
> +  }
> +  CurrentIndex = (UINT16)StrHexToUintn(&CapsuleLastStr[sizeof("Capsule") - 1]);
> +  return CurrentIndex;
> +}
> +
> +/**
> +  Check if this FMP capsule is processed.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval TRUE  This FMP capsule is processed.
> +  @retval FALSE This FMP capsule is not processed.
> +**/
> +BOOLEAN
> +IsFmpCapsuleProcessed(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  )
> +{
> +  UINTN                               Index;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +
> +  for (Index = 0; Index < mCapsuleResultVariableCacheCount; Index++) {
> +    //
> +    // Check
> +    //
> +    CapsuleResult = &mCapsuleResultVariableCache[Index].CapsuleResultHeader;
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +        if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +          if (CompareGuid(&CapsuleResultFmp->UpdateImageTypeId, &ImageHeader-
> >UpdateImageTypeId) &&
> +              (CapsuleResultFmp->UpdateImageIndex == ImageHeader->UpdateImageIndex) &&
> +              (CapsuleResultFmp->PayloadIndex == PayloadIndex) ) {
> +            return TRUE;
> +          }
> +        }
> +      }
> +    }
> +  }
> +
> +  return FALSE;
> +}
> +
> +/**
> +  Write a new capsule status variable cache.
> +
> +  @param CapsuleResult      The capsule status variable
> +  @param CapsuleResultSize  The size of the capsule stauts variable in bytes
> +
> +  @retval EFI_SUCCESS          The capsule status variable is cached.
> +  @retval EFI_OUT_OF_RESOURCES No resource to cache the capsule status variable.
> +**/
> +EFI_STATUS
> +WriteNewCapsuleResultVariableCache(
> +  IN VOID    *CapsuleResult,
> +  IN UINTN   CapsuleResultSize
> +  )
> +{
> +  if (CapsuleResultSize > sizeof(CAPSULE_RESULT_VARIABLE_CACHE)) {
> +    CapsuleResultSize = sizeof(CAPSULE_RESULT_VARIABLE_CACHE);
> +  }
> +
> +  if (mCapsuleResultVariableCacheCount == mCapsuleResultVariableCacheMaxCount) {
> +    mCapsuleResultVariableCache = ReallocatePool(
> +                                    mCapsuleResultVariableCacheMaxCount *
> sizeof(CAPSULE_RESULT_VARIABLE_CACHE),
> +                                    (mCapsuleResultVariableCacheMaxCount +
> CAPSULE_RESULT_VARIABLE_CACHE_COUNT) * sizeof(CAPSULE_RESULT_VARIABLE_CACHE),
> +                                    mCapsuleResultVariableCache
> +                                    );
> +    if (mCapsuleResultVariableCache == NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +    mCapsuleResultVariableCacheMaxCount += CAPSULE_RESULT_VARIABLE_CACHE_COUNT;
> +  }
> +
> +  ASSERT(mCapsuleResultVariableCacheCount < mCapsuleResultVariableCacheMaxCount);
> +  ASSERT(mCapsuleResultVariableCache != NULL);
> +  CopyMem(
> +    &mCapsuleResultVariableCache[mCapsuleResultVariableCacheCount],
> +    CapsuleResult,
> +    CapsuleResultSize
> +    );
> +  mCapsuleResultVariableCacheCount++;
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Get a new capsule status variable index.
> +
> +  @return A new capsule status variable index.
> +  @retval -1  No new capsule status variable index.
> +**/
> +INTN
> +GetNewCapsuleResultIndex(
> +  VOID
> +  )
> +{
> +  INTN                             CurrentIndex;
> +
> +  CurrentIndex = GetCurrentCapsuleLastIndex();
> +  if (CurrentIndex >= PcdGet16(PcdCapsuleMax)) {
> +    return -1;
> +  }
> +
> +  return CurrentIndex + 1;
> +}
> +
> +/**
> +  Write a new capsule status variable.
> +
> +  @param CapsuleResult      The capsule status variable
> +  @param CapsuleResultSize  The size of the capsule stauts variable in bytes
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +WriteNewCapsuleResultVariable(
> +  IN VOID    *CapsuleResult,
> +  IN UINTN   CapsuleResultSize
> +  )
> +{
> +  INTN                                CapsuleResultIndex;
> +  CHAR16                              CapsuleResultStr[sizeof("Capsule####")];
> +  UINTN                               Size;
> +  EFI_STATUS                          Status;
> +
> +  CapsuleResultIndex = GetNewCapsuleResultIndex();
> +  DEBUG((EFI_D_INFO, "New CapsuleResultIndex - 0x%x\n", CapsuleResultIndex));
> +  if (CapsuleResultIndex == -1) {
> +    return EFI_OUT_OF_RESOURCES;
> +  }
> +  UnicodeSPrint(
> +    CapsuleResultStr,
> +    sizeof(CapsuleResultStr),
> +    L"Capsule%04x",
> +    CapsuleResultIndex
> +    );
> +
> +  Status = gRT->SetVariable(
> +                  CapsuleResultStr,
> +                  &gEfiCapsuleReportGuid,
> +                  EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                  CapsuleResultSize,
> +                  CapsuleResult
> +                  );
> +  if (!EFI_ERROR(Status)) {
> +    Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +    DEBUG((EFI_D_INFO, "Set CapsuleLast - %s\n", CapsuleResultStr));
> +    Status = gRT->SetVariable(
> +                    L"CapsuleLast",
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                    Size,
> +                    CapsuleResultStr
> +                    );
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Record capsule status variable and to local cache.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus
> +  )
> +{
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  CapsuleResultVariable;
> +  EFI_STATUS                          Status;
> +
> +  CapsuleResultVariable.VariableTotalSize = sizeof(CapsuleResultVariable);
> +  CopyGuid (&CapsuleResultVariable.CapsuleGuid, &CapsuleHeader->CapsuleGuid);
> +  ZeroMem(&CapsuleResultVariable.CapsuleProcessed,
> sizeof(CapsuleResultVariable.CapsuleProcessed));
> +  gRT->GetTime(&CapsuleResultVariable.CapsuleProcessed, NULL);
> +  CapsuleResultVariable.CapsuleStatus = CapsuleStatus;
> +
> +  //
> +  // Save Local Cache
> +  //
> +  Status = WriteNewCapsuleResultVariableCache(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +
> +  if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
> +    Status = WriteNewCapsuleResultVariable(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +  }
> +  return Status;
> +}
> +
> +/**
> +  Record FMP capsule status variable and to local cache.
> +
> +  @param CapsuleHeader  The capsule image header
> +  @param CapsuleStatus  The capsule process stauts
> +  @param PayloadIndex   FMP payload index
> +  @param ImageHeader    FMP image header
> +
> +  @retval EFI_SUCCESS          The capsule status variable is recorded.
> +  @retval EFI_OUT_OF_RESOURCES No resource to record the capsule status variable.
> +**/
> +EFI_STATUS
> +RecordFmpCapsuleStatusVariable(
> +  IN EFI_CAPSULE_HEADER                           *CapsuleHeader,
> +  IN EFI_STATUS                                   CapsuleStatus,
> +  IN UINTN                                        PayloadIndex,
> +  IN EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader
> +  )
> +{
> +  UINT8
> CapsuleResultVariable[sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) +
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)];
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResultVariableHeader;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultVariableFmp;
> +  EFI_STATUS                          Status;
> +
> +  CapsuleResultVariableHeader = (VOID *)&CapsuleResultVariable[0];
> +  CapsuleResultVariableHeader->VariableTotalSize = sizeof(CapsuleResultVariable);
> +  CopyGuid(&CapsuleResultVariableHeader->CapsuleGuid, &CapsuleHeader->CapsuleGuid);
> +  ZeroMem(&CapsuleResultVariableHeader->CapsuleProcessed,
> sizeof(CapsuleResultVariableHeader->CapsuleProcessed));
> +  gRT->GetTime(&CapsuleResultVariableHeader->CapsuleProcessed, NULL);
> +  CapsuleResultVariableHeader->CapsuleStatus = CapsuleStatus;
> +
> +  CapsuleResultVariableFmp = (VOID
> *)&CapsuleResultVariable[sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)];
> +  CapsuleResultVariableFmp->Version = 0x1;
> +  CapsuleResultVariableFmp->PayloadIndex = (UINT8)PayloadIndex;
> +  CapsuleResultVariableFmp->UpdateImageIndex = ImageHeader->UpdateImageIndex;
> +  CopyGuid (&CapsuleResultVariableFmp->UpdateImageTypeId, &ImageHeader-
> >UpdateImageTypeId);
> +
> +  //
> +  // Save Local Cache
> +  //
> +  Status = WriteNewCapsuleResultVariableCache(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +
> +  if ((CapsuleHeader->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
> +    Status = WriteNewCapsuleResultVariable(&CapsuleResultVariable,
> sizeof(CapsuleResultVariable));
> +  }
> +  return Status;
> +}
> +
> +/**
> +  Initialize CapsuleMax variables.
> +**/
> +VOID
> +InitCapsuleMaxVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                       Status;
> +  UINTN                            Size;
> +  CHAR16                           CapsuleMaxStr[sizeof("Capsule####")];
> +  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
> +
> +  UnicodeSPrint(
> +    CapsuleMaxStr,
> +    sizeof(CapsuleMaxStr),
> +    L"Capsule%04x",
> +    PcdGet16(PcdCapsuleMax)
> +    );
> +
> +  Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +  Status = gRT->SetVariable(
> +                  L"CapsuleMax",
> +                  &gEfiCapsuleReportGuid,
> +                  EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
> +                  Size,
> +                  CapsuleMaxStr
> +                  );
> +  if (!EFI_ERROR(Status)) {
> +    // Lock it per UEFI spec.
> +    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID
> **)&VariableLock);
> +    if (!EFI_ERROR(Status)) {
> +      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleMax",
> &gEfiCapsuleReportGuid);
> +      ASSERT_EFI_ERROR(Status);
> +    }
> +  }
> +}
> +
> +/**
> +  Initialize CapsuleLast variables.
> +**/
> +VOID
> +InitCapsuleLastVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                       Status;
> +  EFI_BOOT_MODE                    BootMode;
> +  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
> +  VOID                             *CapsuleResult;
> +  UINTN                            Size;
> +  CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
> +
> +  BootMode = GetBootModeHob();
> +  if (BootMode == BOOT_ON_FLASH_UPDATE) {
> +    Status = gRT->SetVariable(
> +                    L"CapsuleLast",
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                    0,
> +                    NULL
> +                    );
> +    // Do not lock it because it will be updated later.
> +  } else {
> +    //
> +    // Check if OS/APP cleared L"Capsule####"
> +    //
> +    ZeroMem(CapsuleLastStr, sizeof(CapsuleLastStr));
> +    Size = sizeof(L"Capsule####") - sizeof(CHAR16); // no zero terminator
> +    Status = gRT->GetVariable(
> +                    L"CapsuleLast",
> +                    &gEfiCapsuleReportGuid,
> +                    NULL,
> +                    &Size,
> +                    CapsuleLastStr
> +                    );
> +    if (!EFI_ERROR(Status)) {
> +      //
> +      // L"CapsuleLast" is got, check if data is there.
> +      //
> +      Status = GetVariable2 (
> +                 CapsuleLastStr,
> +                 &gEfiCapsuleReportGuid,
> +                 (VOID **) &CapsuleResult,
> +                 NULL
> +                 );
> +      if (EFI_ERROR(Status)) {
> +        //
> +        // If no data, delete L"CapsuleLast"
> +        //
> +        Status = gRT->SetVariable(
> +                        L"CapsuleLast",
> +                        &gEfiCapsuleReportGuid,
> +                        EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |
> EFI_VARIABLE_RUNTIME_ACCESS,
> +                        0,
> +                        NULL
> +                        );
> +      }
> +    }
> +
> +    // Lock it in normal boot path per UEFI spec.
> +    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID
> **)&VariableLock);
> +    if (!EFI_ERROR(Status)) {
> +      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleLast",
> &gEfiCapsuleReportGuid);
> +      ASSERT_EFI_ERROR(Status);
> +    }
> +  }
> +}
> +
> +/**
> +  Initialize capsule update variables.
> +**/
> +VOID
> +InitCapsuleUpdateVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                     Status;
> +  UINTN                          Index;
> +  CHAR16                         CapsuleVarName[30];
> +  CHAR16                         *TempVarName;
> +
> +  //
> +  // Clear all the capsule variables CapsuleUpdateData, CapsuleUpdateData1,
> CapsuleUpdateData2...
> +  // as early as possible which will avoid the next time boot after the capsule update
> +  // will still into the capsule loop
> +  //
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> EFI_CAPSULE_VARIABLE_NAME);
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +  while (TRUE) {
> +    if (Index > 0) {
> +      UnicodeValueToString (TempVarName, 0, Index, 0);
> +    }
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleVendorGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR (Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +    Index++;
> +  }
> +}
> +
> +/**
> +  Initialize capsule related variables.
> +**/
> +VOID
> +InitCapsuleVariable(
> +  VOID
> +  )
> +{
> +  InitCapsuleUpdateVariable();
> +  InitCapsuleMaxVariable();
> +  InitCapsuleLastVariable();
> +  //
> +  // No need to clear L"Capsule####", because OS/APP should refer L"CapsuleLast"
> +  // to check status and delete them.
> +  //
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
> new file mode 100644
> index 0000000..8801439
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
> @@ -0,0 +1,112 @@
> +/** @file
> +  Capsule library runtime support.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +
> +#include <Guid/FmpCapsule.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/EventGroup.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/DxeServicesTableLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +
> +extern EFI_SYSTEM_RESOURCE_TABLE *mEsrtTable;
> +extern BOOLEAN                   mIsVirtualAddrConverted;
> +
> +/**
> +  Convert EsrtTable physical address to virtual address.
> +
> +  @param[in] Event      Event whose notification function is being invoked.
> +  @param[in] Context    The pointer to the notification function's context, which
> +                        is implementation-dependent.
> +**/
> +VOID
> +EFIAPI
> +DxeCapsuleLibVirtualAddressChangeEvent (
> +  IN  EFI_EVENT   Event,
> +  IN  VOID        *Context
> +  )
> +{
> +  UINTN                    Index;
> +  EFI_CONFIGURATION_TABLE  *ConfigEntry;
> +
> +  //
> +  // Get Esrt table first
> +  //
> +  ConfigEntry = gST->ConfigurationTable;
> +  for (Index = 0; Index < gST->NumberOfTableEntries; Index++) {
> +    if (CompareGuid(&gEfiSystemResourceTableGuid, &ConfigEntry->VendorGuid)) {
> +      break;
> +    }
> +    ConfigEntry++;
> +  }
> +
> +  //
> +  // If no Esrt table installed in Configure Table
> +  //
> +  if (Index < gST->NumberOfTableEntries) {
> +    //
> +    // Search Esrt to check given capsule is qualified
> +    //
> +    mEsrtTable = (EFI_SYSTEM_RESOURCE_TABLE *) ConfigEntry->VendorTable;
> +
> +    //
> +    // Update protocol pointer to Esrt Table.
> +    //
> +    gRT->ConvertPointer (0x00, (VOID**) &(mEsrtTable));
> +  }
> +
> +  mIsVirtualAddrConverted = TRUE;
> +
> +}
> +
> +/**
> +  The constructor function hook VirtualAddressChange event to use ESRT table as
> capsule routing table.
> +
> +  @param  ImageHandle   The firmware allocated handle for the EFI image.
> +  @param  SystemTable   A pointer to the EFI System Table.
> +
> +  @retval EFI_SUCCESS   The constructor successfully .
> +**/
> +EFI_STATUS
> +EFIAPI
> +DxeRuntimeCapsuleLibConstructor (
> +  IN EFI_HANDLE         ImageHandle,
> +  IN EFI_SYSTEM_TABLE   *SystemTable
> +  )
> +{
> +  EFI_STATUS     Status;
> +  EFI_EVENT      Event;
> +
> +  //
> +  // Make sure we can handle virtual address changes.
> +  //
> +  Event = NULL;
> +  Status = gBS->CreateEventEx (
> +                  EVT_NOTIFY_SIGNAL,
> +                  TPL_NOTIFY,
> +                  DxeCapsuleLibVirtualAddressChangeEvent,
> +                  NULL,
> +                  &gEfiEventVirtualAddressChangeGuid,
> +                  &Event
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  return EFI_SUCCESS;
> +}
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> new file mode 100644
> index 0000000..cd3738e
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> @@ -0,0 +1,83 @@
> +## @file
> +#  Capsule library instance for DXE_RUNTIME_DRIVER.
> +#
> +#  Capsule library instance for DXE_RUNTIME_DRIVER module types.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010005
> +  BASE_NAME                      = DxeRuntimeCapsuleLib
> +  MODULE_UNI_FILE                = DxeRuntimeCapsuleLib.uni
> +  FILE_GUID                      = 19BE1E4B-1A9A-44c1-8F12-32DD0470516A
> +  MODULE_TYPE                    = DXE_DRIVER
> +  VERSION_STRING                 = 1.0
> +  LIBRARY_CLASS                  = CapsuleLib|DXE_RUNTIME_DRIVER
> +  CONSTRUCTOR                    = DxeCapsuleLibConstructor
> +  CONSTRUCTOR                    = DxeRuntimeCapsuleLibConstructor
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
> +#
> +
> +[Sources]
> +  DxeCapsuleLib.c
> +  DxeCapsuleProcessLib.c
> +  DxeCapsuleReportLib.c
> +  DxeCapsuleRuntime.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[LibraryClasses]
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  MemoryAllocationLib
> +  DxeServicesTableLib
> +  UefiBootServicesTableLib
> +  DevicePathLib
> +  ReportStatusCodeLib
> +  PrintLib
> +  HobLib
> +
> +[Pcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag      ##
> CONSUMES
> +
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeSubClassCapsule                ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesBegin    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeProcessCapsulesEnd      ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdatingFirmware        ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareSuccess   ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeUpdateFirmwareFailed    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleStatusCodeResettingSystem         ##
> CONSUMES
> +
> +[Protocols]
> +  gEsrtManagementProtocolGuid             ## CONSUMES
> +  gEfiFirmwareManagementProtocolGuid      ## SOMETIMES_CONSUMES
> +  gEdkiiVariableLockProtocolGuid          ## SOMETIMES_CONSUMES
> +
> +[Guids]
> +  gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
> +  gWindowsUxCapsuleGuid                   ## SOMETIMES_CONSUMES ## GUID
> +  gEfiSystemResourceTableGuid             ## SOMETIMES_CONSUMES ## GUID
> +  gEfiCapsuleReportGuid                   ## CONSUMES ## Variable
> +  gEfiCapsuleVendorGuid                   ## CONSUMES ## Variable
> +  gEfiEndOfDxeEventGroupGuid              ## CONSUMES ## Event
> +  gEfiEventVirtualAddressChangeGuid       ## CONSUMES ## Event
> +
> +[Depex]
> +  gEfiVariableWriteArchProtocolGuid
> diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
> b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
> new file mode 100644
> index 0000000..cd89b13
> --- /dev/null
> +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// Capsule library instance for DXE_RUNTIME_DRIVER.
> +//
> +// Capsule library instance for DXE_RUNTIME_DRIVER module types.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution.  The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +//
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "Capsule Support Library"
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "Capsule library instance for
> DXE_RUNTIME_DRIVER module types."
> +
> --
> 2.7.4.windows.1

[PATCH V4 07/15] MdeModulePkg/Esrt: Add ESRT_FW_TYPE_SYSTEMFIRMWARE check.

[Jiewen Yao]

The previous ESRT driver unconditionally treat FMP to be
ESRT_FW_TYPE_DEVICEFIRMWARE.
EDKII System Capsule reuses FMP, but it is ESRT_FW_TYPE_SYSTEMFIRMWARE.

Add check to ImageTypeId check to see if it is ESRT_FW_TYPE_SYSTEMFIRMWARE.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf |  3 +-
 MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c  | 37 ++++++++++++++++++--
 2 files changed, 37 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf b/MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
index 8fbc75b..2c66f15 100644
--- a/MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+++ b/MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
@@ -4,7 +4,7 @@
 #  This driver produces EsrtManagement protocol to manage cache ESRT repository for FMP/Non-FMP instances.
 #  ESRT table based on repository is published on gEfiEventReadyToBootGuid.
 #
-#  Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
 #  which accompanies this distribution.  The full text of the license may be found at
@@ -64,6 +64,7 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxFmpEsrtCacheNum                  ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxNonFmpEsrtCacheNum               ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdSystemRebootAfterCapsuleProcessFlag ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid     ## CONSUMES
 
 [Depex]
   gEfiVariableArchProtocolGuid AND gEfiVariableWriteArchProtocolGuid
diff --git a/MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c b/MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c
index f6d1e97..35a237e 100644
--- a/MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c
+++ b/MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c
@@ -1,7 +1,7 @@
 /** @file
   Esrt management implementation.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -391,6 +391,35 @@ EXIT:
 }
 
 /**
+  Return if this FMP is a system FMP or a device FMP, based upon FmpImageInfo.
+
+  @param[in] FmpImageInfo A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR
+
+  @return TRUE  It is a system FMP.
+  @return FALSE It is a device FMP.
+**/
+BOOLEAN
+IsSystemFmp (
+  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *FmpImageInfo
+  )
+{
+  GUID      *Guid;
+  UINTN     Count;
+  UINTN     Index;
+
+  Guid = PcdGetPtr(PcdSystemFmpCapsuleImageTypeIdGuid);
+  Count = PcdGetSize(PcdSystemFmpCapsuleImageTypeIdGuid)/sizeof(GUID);
+
+  for (Index = 0; Index < Count; Index++, Guid++) {
+    if (CompareGuid(&FmpImageInfo->ImageTypeId, Guid)) {
+      return TRUE;
+    }
+  }
+
+  return FALSE;
+}
+
+/**
   Init one ESRT entry according to input FmpImageInfo (V1, V2, V3) .
 
   @param[in, out]     EsrtEntry            Esrt entry to be Init
@@ -407,7 +436,11 @@ SetEsrtEntryFromFmpInfo (
 {
   EsrtEntry->FwVersion                = FmpImageInfo->Version;
   EsrtEntry->FwClass                  = FmpImageInfo->ImageTypeId;
-  EsrtEntry->FwType                   = ESRT_FW_TYPE_DEVICEFIRMWARE;
+  if (IsSystemFmp(FmpImageInfo)) {
+    EsrtEntry->FwType                   = ESRT_FW_TYPE_SYSTEMFIRMWARE;
+  } else {
+    EsrtEntry->FwType                   = ESRT_FW_TYPE_DEVICEFIRMWARE;
+  }
   EsrtEntry->LowestSupportedFwVersion = 0;
   EsrtEntry->CapsuleFlags             = 0;
   EsrtEntry->LastAttemptVersion       = 0;
-- 
2.7.4.windows.1

[PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Jiewen Yao]

This CapsuleApp can help perform capsule update in UEFI shell environment.
It can also dump capsule information, capsule status variable, ESRT and FMP.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
 MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
 MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
 6 files changed, 2150 insertions(+)

diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
new file mode 100644
index 0000000..90ca1fd
--- /dev/null
+++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
@@ -0,0 +1,445 @@
+/** @file
+  A shell application that triggers capsule update process.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PrintLib.h>
+#include <Protocol/LoadedImage.h>
+#include <Protocol/SimpleFileSystem.h>
+#include <Protocol/ShellParameters.h>
+#include <Guid/FileInfo.h>
+#include <Guid/Gpt.h>
+
+#define MAX_ARG_NUM     11
+
+UINTN  Argc;
+CHAR16 **Argv;
+
+/**
+
+  This function parse application ARG.
+
+  @return Status
+**/
+EFI_STATUS
+GetArg (
+  VOID
+  )
+{
+  EFI_STATUS                    Status;
+  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
+
+  Status = gBS->HandleProtocol (
+                  gImageHandle,
+                  &gEfiShellParametersProtocolGuid,
+                  (VOID**)&ShellParameters
+                  );
+  if (EFI_ERROR(Status)) {
+    return Status;
+  }
+
+  Argc = ShellParameters->Argc;
+  Argv = ShellParameters->Argv;
+  return EFI_SUCCESS;
+}
+
+/**
+  Return File System Volume containing this shell application.
+
+  @return File System Volume containing this shell application.
+**/
+EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
+GetMyVol (
+  VOID
+  )
+{
+  EFI_STATUS                        Status;
+  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
+  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
+
+  Status = gBS->HandleProtocol (
+                  gImageHandle,
+                  &gEfiLoadedImageProtocolGuid,
+                  (VOID **)&LoadedImage
+                  );
+  ASSERT_EFI_ERROR (Status);
+
+  Status = gBS->HandleProtocol (
+                  LoadedImage->DeviceHandle,
+                  &gEfiSimpleFileSystemProtocolGuid,
+                  (VOID **)&Vol
+                  );
+  if (!EFI_ERROR (Status)) {
+    return Vol;
+  }
+
+  return NULL;
+}
+
+/**
+  Read a file from this volume.
+
+  @param Vol             File System Volume
+  @param FileName        The file to be read.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+
+  @retval EFI_SUCCESS    Read file successfully
+  @retval EFI_NOT_FOUND  File not found
+**/
+EFI_STATUS
+ReadFileFromVol (
+  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
+  IN  CHAR16                            *FileName,
+  OUT UINTN                             *BufferSize,
+  OUT VOID                              **Buffer
+  )
+{
+  EFI_STATUS                        Status;
+  EFI_FILE_HANDLE                   RootDir;
+  EFI_FILE_HANDLE                   Handle;
+  UINTN                             FileInfoSize;
+  EFI_FILE_INFO                     *FileInfo;
+  UINTN                             TempBufferSize;
+  VOID                              *TempBuffer;
+
+  //
+  // Open the root directory
+  //
+  Status = Vol->OpenVolume (Vol, &RootDir);
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  //
+  // Open the file
+  //
+  Status = RootDir->Open (
+                      RootDir,
+                      &Handle,
+                      FileName,
+                      EFI_FILE_MODE_READ,
+                      0
+                      );
+  if (EFI_ERROR (Status)) {
+    RootDir->Close (RootDir);
+    return Status;
+  }
+
+  RootDir->Close (RootDir);
+
+  //
+  // Get the file information
+  //
+  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
+
+  FileInfo = AllocateZeroPool (FileInfoSize);
+  if (FileInfo == NULL) {
+    Handle->Close (Handle);
+    return Status;
+  }
+
+  Status = Handle->GetInfo (
+                     Handle,
+                     &gEfiFileInfoGuid,
+                     &FileInfoSize,
+                     FileInfo
+                     );
+  if (EFI_ERROR (Status)) {
+    Handle->Close (Handle);
+    gBS->FreePool (FileInfo);
+    return Status;
+  }
+
+  //
+  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
+  //
+  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
+  TempBuffer = AllocateZeroPool (TempBufferSize);
+  if (TempBuffer == NULL) {
+    Handle->Close (Handle);
+    gBS->FreePool (FileInfo);
+    return Status;
+  }
+
+  gBS->FreePool (FileInfo);
+
+  //
+  // Read the file data to the buffer
+  //
+  Status = Handle->Read (
+                     Handle,
+                     &TempBufferSize,
+                     TempBuffer
+                     );
+  if (EFI_ERROR (Status)) {
+    Handle->Close (Handle);
+    gBS->FreePool (TempBuffer);
+    return Status;
+  }
+
+  Handle->Close (Handle);
+
+  *BufferSize = TempBufferSize;
+  *Buffer     = TempBuffer;
+  return EFI_SUCCESS;
+}
+
+/**
+  Read a file.
+  If ScanFs is FLASE, it will use this Vol as default Fs.
+  If ScanFs is TRUE, it will scan all FS and check the file.
+    If there is only one file match the name, it will be read.
+    If there is more than one file match the name, it will return Error.
+
+  @param ThisVol         File System Volume
+  @param FileName        The file to be read.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+  @param ScanFs          Need Scan all FS
+
+  @retval EFI_SUCCESS    Read file successfully
+  @retval EFI_NOT_FOUND  File not found
+  @retval EFI_NO_MAPPING There is duplicated files found
+**/
+EFI_STATUS
+ReadFileToBufferEx (
+  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
+  IN  CHAR16                               *FileName,
+  OUT UINTN                                *BufferSize,
+  OUT VOID                                 **Buffer,
+  IN  BOOLEAN                              ScanFs
+  )
+{
+  EFI_STATUS                        Status;
+  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
+  UINTN                             TempBufferSize;
+  VOID                              *TempBuffer;
+  UINTN                             NoHandles;
+  EFI_HANDLE                        *HandleBuffer;
+  UINTN                             Index;
+
+  //
+  // Check parameters
+  //
+  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  //
+  // not scan fs
+  //
+  if (!ScanFs) {
+    if (*ThisVol == NULL) {
+      *ThisVol = GetMyVol ();
+      if (*ThisVol == NULL) {
+        return EFI_INVALID_PARAMETER;
+      }
+    }
+    //
+    // Read file directly from Vol
+    //
+    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
+  }
+
+  //
+  // need scan fs
+  //
+
+  //
+  // Get all Vol handle
+  //
+  Status = gBS->LocateHandleBuffer (
+                   ByProtocol,
+                   &gEfiSimpleFileSystemProtocolGuid,
+                   NULL,
+                   &NoHandles,
+                   &HandleBuffer
+                   );
+  if (EFI_ERROR (Status) && (NoHandles == 0)) {
+    return EFI_NOT_FOUND;
+  }
+
+  //
+  // Walk through each Vol
+  //
+  *ThisVol = NULL;
+  *BufferSize = 0;
+  *Buffer     = NULL;
+  for (Index = 0; Index < NoHandles; Index++) {
+    Status = gBS->HandleProtocol (
+                    HandleBuffer[Index],
+                    &gEfiSimpleFileSystemProtocolGuid,
+                    (VOID **)&Vol
+                    );
+    if (EFI_ERROR(Status)) {
+      continue;
+    }
+
+    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
+    if (!EFI_ERROR (Status)) {
+      //
+      // Read file OK, check duplication
+      //
+      if (*ThisVol != NULL) {
+        //
+        // Find the duplicated file
+        //
+        gBS->FreePool (TempBuffer);
+        gBS->FreePool (*Buffer);
+        Print (L"Duplicated FileName found!\n");
+        return EFI_NO_MAPPING;
+      } else {
+        //
+        // Record value
+        //
+        *ThisVol = Vol;
+        *BufferSize = TempBufferSize;
+        *Buffer     = TempBuffer;
+      }
+    }
+  }
+
+  //
+  // Scan Fs done
+  //
+  if (*ThisVol == NULL) {
+    return EFI_NOT_FOUND;
+  }
+
+  //
+  // Done
+  //
+  return EFI_SUCCESS;
+}
+
+/**
+  Read a file.
+
+  @param FileName        The file to be read.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+
+  @retval EFI_SUCCESS    Read file successfully
+  @retval EFI_NOT_FOUND  File not found
+**/
+EFI_STATUS
+ReadFileToBuffer (
+  IN  CHAR16                               *FileName,
+  OUT UINTN                                *BufferSize,
+  OUT VOID                                 **Buffer
+  )
+{
+  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
+  Vol = NULL;
+  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
+}
+
+/**
+  Write a file.
+
+  @param FileName        The file to be written.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+
+  @retval EFI_SUCCESS    Write file successfully
+**/
+EFI_STATUS
+WriteFileFromBuffer(
+  IN  CHAR16                               *FileName,
+  IN  UINTN                                BufferSize,
+  IN  VOID                                 *Buffer
+  )
+{
+  EFI_STATUS                        Status;
+  EFI_FILE_HANDLE                   RootDir;
+  EFI_FILE_HANDLE                   Handle;
+  UINTN                             TempBufferSize;
+  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
+
+  Vol = GetMyVol();
+
+  //
+  // Open the root directory
+  //
+  Status = Vol->OpenVolume (Vol, &RootDir);
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  //
+  // Open the file
+  //
+  Status = RootDir->Open (
+                      RootDir,
+                      &Handle,
+                      FileName,
+                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
+                      0
+                      );
+  if (EFI_ERROR (Status)) {
+    RootDir->Close (RootDir);
+    return Status;
+  }
+
+  //
+  // Delete file
+  //
+  Status = Handle->Delete(Handle);
+  if (EFI_ERROR(Status)) {
+    return Status;
+  }
+
+  //
+  // Open the file again
+  //
+  Status = RootDir->Open (
+                      RootDir,
+                      &Handle,
+                      FileName,
+                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
+                      0
+                      );
+  if (EFI_ERROR (Status)) {
+    RootDir->Close (RootDir);
+    return Status;
+  }
+
+  RootDir->Close (RootDir);
+
+  //
+  // Write the file data from the buffer
+  //
+  TempBufferSize = BufferSize;
+  Status = Handle->Write (
+                     Handle,
+                     &TempBufferSize,
+                     Buffer
+                     );
+  if (EFI_ERROR (Status)) {
+    Handle->Close (Handle);
+    return Status;
+  }
+
+  Handle->Close (Handle);
+
+  return EFI_SUCCESS;
+}
+
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
new file mode 100644
index 0000000..6bb778a
--- /dev/null
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
@@ -0,0 +1,853 @@
+/** @file
+  A shell application that triggers capsule update process.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PrintLib.h>
+#include <Protocol/LoadedImage.h>
+#include <Protocol/SimpleFileSystem.h>
+#include <Protocol/GraphicsOutput.h>
+#include <Guid/FileInfo.h>
+#include <Guid/Gpt.h>
+#include <Guid/GlobalVariable.h>
+#include <Guid/CapsuleReport.h>
+#include <Guid/SystemResourceTable.h>
+#include <Guid/FmpCapsule.h>
+#include <IndustryStandard/WindowsUxCapsule.h>
+
+#define CAPSULE_HEADER_SIZE  0x20
+
+#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
+#define SYSTEM_FIRMWARE_FLAG 0x50000
+#define DEVICE_FIRMWARE_FLAG 0x78010
+
+#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\"
+#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
+
+#define MAJOR_VERSION   1
+#define MINOR_VERSION   0
+
+#define MAX_CAPSULE_NUM 10
+
+extern UINTN  Argc;
+extern CHAR16 **Argv;
+
+//
+// Define how many block descriptors we want to test with.
+//
+UINTN  NumberOfDescriptors = 1;
+UINTN  CapsuleFirstIndex;
+UINTN  CapsuleLastIndex;
+
+/**
+  Dump capsule information
+
+  @retval EFI_SUCCESS            The capsule information is dumped.
+  @retval EFI_UNSUPPORTED        Input parameter is not valid.
+**/
+EFI_STATUS
+DumpCapsule(
+  VOID
+  );
+
+/**
+  Dump capsule status variable.
+
+  @retval EFI_SUCCESS            The capsule status variable is dumped.
+  @retval EFI_UNSUPPORTED        Input parameter is not valid.
+**/
+EFI_STATUS
+DmpCapsuleStatusVariable(
+  VOID
+  );
+
+/**
+  Dump FMP protocol info.
+**/
+VOID
+DumpFmpData(
+  VOID
+  );
+
+/**
+  Dump ESRT info.
+**/
+VOID
+DumpEsrtData(
+  VOID
+  );
+
+/**
+  Read a file.
+
+  @param FileName        The file to be read.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+
+  @retval EFI_SUCCESS    Read file successfully
+  @retval EFI_NOT_FOUND  File not found
+**/
+EFI_STATUS
+ReadFileToBuffer(
+  IN  CHAR16                               *FileName,
+  OUT UINTN                                *BufferSize,
+  OUT VOID                                 **Buffer
+  );
+
+/**
+  Write a file.
+
+  @param FileName        The file to be written.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+
+  @retval EFI_SUCCESS    Write file successfully
+**/
+EFI_STATUS
+WriteFileFromBuffer(
+  IN  CHAR16                               *FileName,
+  IN  UINTN                                BufferSize,
+  IN  VOID                                 *Buffer
+  );
+
+/**
+
+  This function parse application ARG.
+
+  @return Status
+**/
+EFI_STATUS
+GetArg (
+  VOID
+  );
+
+/**
+  Create UX capsule.
+
+  @retval EFI_SUCCESS            The capsule header is appended.
+  @retval EFI_UNSUPPORTED        Input parameter is not valid.
+  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
+**/
+EFI_STATUS
+CreateBmpFmp(
+  VOID
+  )
+{
+  CHAR16                                        *OutputCapsuleName;
+  VOID                                          *BmpBuffer;
+  UINTN                                         FileSize;
+  CHAR16                                        *BmpName;
+  UINT8                                         *FullCapsuleBuffer;
+  UINTN                                         FullCapsuleBufferSize;
+  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
+  EFI_STATUS                                    Status;
+  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
+
+  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
+  if (EFI_ERROR(Status)) {
+    Print(L"CapsuleApp: NO GOP is found.\n");
+    return EFI_UNSUPPORTED;
+  }
+  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
+  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
+  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
+  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
+  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
+
+  if (Argc != 5) {
+    Print(L"CapsuleApp: Invalid Parameter.\n");
+    return EFI_UNSUPPORTED;
+  }
+
+  if (StrCmp(Argv[3], L"-O") != 0) {
+    Print(L"CapsuleApp: NO output capsule name.\n");
+    return EFI_UNSUPPORTED;
+  }
+  OutputCapsuleName = Argv[4];
+
+  BmpBuffer = NULL;
+  FileSize = 0;
+  FullCapsuleBuffer = NULL;
+
+  BmpName = Argv[2];
+  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
+  if (EFI_ERROR(Status)) {
+    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
+    goto Done;
+  }
+
+  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
+  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
+  if (FullCapsuleBuffer == NULL) {
+    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n", FullCapsuleBufferSize);
+    Status = EFI_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
+  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
+  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
+  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
+  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
+
+  DisplayCapsule->ImagePayload.Version = 1;
+  DisplayCapsule->ImagePayload.Checksum = 0;
+  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
+  DisplayCapsule->ImagePayload.Reserved = 0;
+  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
+  DisplayCapsule->ImagePayload.OffsetX = 0;
+  DisplayCapsule->ImagePayload.OffsetY = 0;
+
+  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
+
+  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer, FullCapsuleBufferSize);
+
+  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize, FullCapsuleBuffer);
+  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
+
+Done:
+  if (BmpBuffer != NULL) {
+    FreePool(BmpBuffer);
+  }
+
+  if (FullCapsuleBuffer != NULL) {
+    FreePool(FullCapsuleBuffer);
+  }
+
+  return Status;
+}
+
+/**
+  Get ImageTypeId in the FMP capsule header.
+
+  @param CapsuleHeader  The FMP capsule image header.
+
+  @return ImageTypeId
+**/
+EFI_GUID *
+GetCapsuleImageTypeId(
+  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
+  )
+{
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
+  UINT64                                       *ItemOffsetList;
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
+
+  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
+  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
+  if (FmpCapsuleHeader->PayloadItemCount == 0) {
+    return NULL;
+  }
+  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
+  return &ImageHeader->UpdateImageTypeId;
+}
+
+/**
+  Get ESRT FwType according to ImageTypeId
+
+  @param  ImageTypeId   ImageTypeId of an FMP capsule.
+
+  @return ESRT FwType
+**/
+UINT32
+GetEsrtFwType(
+  IN  EFI_GUID                                      *ImageTypeId
+  )
+{
+  EFI_STATUS                 Status;
+  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
+  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
+  UINTN                      Index;
+
+  //
+  // Check ESRT
+  //
+  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID **)&Esrt);
+  if (!EFI_ERROR(Status)) {
+    EsrtEntry = (VOID *)(Esrt + 1);
+    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
+      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
+        return EsrtEntry->FwType;
+      }
+    }
+  }
+
+  return ESRT_FW_TYPE_UNKNOWN;
+}
+
+/**
+  Append a capsule header on top of current image.
+  This function follows Windows UEFI Firmware Update Platform document.
+
+  @retval EFI_SUCCESS            The capsule header is appended.
+  @retval EFI_UNSUPPORTED        Input parameter is not valid.
+  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
+**/
+EFI_STATUS
+CreateNestedFmp(
+  VOID
+  )
+{
+  CHAR16                                        *OutputCapsuleName;
+  VOID                                          *CapsuleBuffer;
+  UINTN                                         FileSize;
+  CHAR16                                        *CapsuleName;
+  UINT8                                         *FullCapsuleBuffer;
+  UINTN                                         FullCapsuleBufferSize;
+  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
+  EFI_GUID                                      *ImageTypeId;
+  UINT32                                        FwType;
+  EFI_STATUS                                    Status;
+
+  if (Argc != 5) {
+    Print(L"CapsuleApp: Invalid Parameter.\n");
+    return EFI_UNSUPPORTED;
+  }
+
+  if (StrCmp(Argv[3], L"-O") != 0) {
+    Print(L"CapsuleApp: NO output capsule name.\n");
+    return EFI_UNSUPPORTED;
+  }
+  OutputCapsuleName = Argv[4];
+
+  CapsuleBuffer = NULL;
+  FileSize = 0;
+  FullCapsuleBuffer = NULL;
+
+  CapsuleName = Argv[2];
+  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
+  if (EFI_ERROR(Status)) {
+    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
+    goto Done;
+  }
+
+  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
+  if (ImageTypeId == NULL) {
+    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
+    goto Done;
+  }
+  FwType = GetEsrtFwType(ImageTypeId);
+  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType != ESRT_FW_TYPE_DEVICEFIRMWARE)) {
+    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
+    goto Done;
+  }
+
+  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
+  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
+  if (FullCapsuleBuffer == NULL) {
+    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n", FullCapsuleBufferSize);
+    Status = EFI_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
+  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
+  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
+  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
+  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ? SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
+  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
+
+  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize, CapsuleBuffer, FileSize);
+
+  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize, FullCapsuleBuffer);
+  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
+
+Done:
+  if (CapsuleBuffer != NULL) {
+    FreePool(CapsuleBuffer);
+  }
+
+  if (FullCapsuleBuffer != NULL) {
+    FreePool(FullCapsuleBuffer);
+  }
+
+  return Status;
+}
+
+
+/**
+  Clear capsule status variable.
+
+  @retval EFI_SUCCESS            The capsule status variable is cleared.
+**/
+EFI_STATUS
+ClearCapsuleStatusVariable(
+  VOID
+  )
+{
+  EFI_STATUS                          Status;
+  UINT32                              Index;
+  CHAR16                              CapsuleVarName[20];
+  CHAR16                              *TempVarName;
+
+  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]), L"Capsule");
+  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
+  Index = 0;
+
+  while (TRUE) {
+    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
+
+    Status = gRT->SetVariable (
+                    CapsuleVarName,
+                    &gEfiCapsuleReportGuid,
+                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+                    0,
+                    (VOID *)NULL
+                    );
+    if (EFI_ERROR(Status)) {
+      //
+      // There is no capsule variables, quit
+      //
+      break;
+    }
+
+    Index++;
+    if (Index > 0xFFFF) {
+      break;
+    }
+  }
+
+  return EFI_SUCCESS;
+}
+
+/**
+  Build Gather list for a list of capsule images.
+
+  @param[in]  CapsuleBuffer    An array of pointer to capsule images
+  @param[in]  FileSize         An array of UINTN to capsule images size
+  @param[in]  CapsuleNum       The count of capsule images
+  @param[out] BlockDescriptors The block descriptors for the capsule images
+
+  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
+**/
+EFI_STATUS
+BuildGatherList(
+  IN VOID                          **CapsuleBuffer,
+  IN UINTN                         *FileSize,
+  IN UINTN                         CapsuleNum,
+  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
+  )
+{
+  EFI_STATUS                    Status;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
+  UINT8                         *TempDataPtr;
+  UINTN                         SizeLeft;
+  UINTN                         Size;
+  INT32                         Count;
+  INT32                         Number;
+  UINTN                         Index;
+
+  TempBlockPtr           = NULL;
+  BlockDescriptors1      = NULL;
+  BlockDescriptors2      = NULL;
+  BlockDescriptorPre     = NULL;
+  BlockDescriptorsHeader = NULL;
+
+  for (Index = 0; Index < CapsuleNum; Index++) {
+    //
+    // Allocate memory for the descriptors.
+    //
+    if (NumberOfDescriptors == 1) {
+      Count = 2;
+    } else {
+      Count = (INT32)(NumberOfDescriptors + 2) / 2;
+    }
+
+    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
+    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
+    if (BlockDescriptors1 == NULL) {
+      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
+      Status = EFI_OUT_OF_RESOURCES;
+      goto ERREXIT;
+    } else {
+      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN) BlockDescriptors1);
+      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n", (UINTN) CapsuleBuffer, FileSize);
+    }
+
+    //
+    // Record descirptor header
+    //
+    if (Index == 0) {
+      BlockDescriptorsHeader = BlockDescriptors1;
+    }
+
+    if (BlockDescriptorPre != NULL) {
+      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
+      BlockDescriptorPre->Length = 0;
+    }
+
+    //
+    // Fill them in
+    //
+    TempBlockPtr  = BlockDescriptors1;
+    TempDataPtr   = CapsuleBuffer[Index];
+    SizeLeft      = FileSize[Index];
+    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
+      //
+      // Divide remaining data in half
+      //
+      if (NumberOfDescriptors != 1) {
+        if (SizeLeft == 1) {
+          Size = 1;
+        } else {
+          Size = SizeLeft / 2;
+        }
+      } else {
+        Size = SizeLeft;
+      }
+      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
+      TempBlockPtr->Length  = Size;
+      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN) TempDataPtr, Size);
+      SizeLeft -= Size;
+      TempDataPtr += Size;
+      TempBlockPtr++;
+    }
+
+    //
+    // Allocate the second list, point the first block's last entry to point
+    // to this one, and fill this one in. Worst case is that the previous
+    // list only had one element that pointed here, so we need at least two
+    // elements -- one to point to all the data, another to terminate the list.
+    //
+    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
+      Count = (INT32)(NumberOfDescriptors + 2) - Count;
+      if (Count == 1) {
+        Count++;
+      }
+
+      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
+      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
+      if (BlockDescriptors2 == NULL) {
+        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
+        Status = EFI_OUT_OF_RESOURCES;
+        goto ERREXIT;
+      }
+
+      //
+      // Point the first list's last element to point to this second list.
+      //
+      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
+
+      TempBlockPtr->Length  = 0;
+      TempBlockPtr = BlockDescriptors2;
+      for (Number = 0; Number < Count - 1; Number++) {
+        //
+        // If second-to-last one, then dump rest to this element
+        //
+        if (Number == (Count - 2)) {
+          Size = SizeLeft;
+        } else {
+          //
+          // Divide remaining data in half
+          //
+          if (SizeLeft == 1) {
+            Size = 1;
+          } else {
+            Size = SizeLeft / 2;
+          }
+        }
+
+        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
+        TempBlockPtr->Length  = Size;
+        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN) TempDataPtr, Size);
+        SizeLeft -= Size;
+        TempDataPtr += Size;
+        TempBlockPtr++;
+        if (SizeLeft == 0) {
+          break;
+        }
+      }
+    }
+
+    BlockDescriptorPre = TempBlockPtr;
+    BlockDescriptors1  = NULL;
+  }
+
+  //
+  // Null-terminate.
+  //
+  if (TempBlockPtr != NULL) {
+    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
+    TempBlockPtr->Length  = 0;
+    *BlockDescriptors = BlockDescriptorsHeader;
+  }
+
+  return EFI_SUCCESS;
+
+ERREXIT:
+  if (BlockDescriptors1 != NULL) {
+    FreePool(BlockDescriptors1);
+  }
+
+  if (BlockDescriptors2 != NULL) {
+    FreePool(BlockDescriptors2);
+  }
+
+  return Status;
+}
+
+/**
+  Clear the Gather list for a list of capsule images.
+
+  @param[in]  BlockDescriptors The block descriptors for the capsule images
+  @param[in]  CapsuleNum       The count of capsule images
+**/
+VOID
+CleanGatherList(
+  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
+  IN UINTN                          CapsuleNum
+  )
+{
+  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
+  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
+  UINTN                          Index;
+
+  if (BlockDescriptors != NULL) {
+    TempBlockPtr1 = BlockDescriptors;
+    while (1){
+      TempBlockPtr = TempBlockPtr1;
+      for (Index = 0; Index < CapsuleNum; Index++) {
+        if (TempBlockPtr[Index].Length == 0) {
+          break;
+        }
+      }
+
+      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
+        break;
+      }
+
+      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
+      FreePool(TempBlockPtr1);
+      TempBlockPtr1 = TempBlockPtr2;
+    }
+  }
+}
+
+/**
+  Print APP usage.
+**/
+VOID
+PrintUsage (
+  VOID
+  )
+{
+  Print(L"CapsuleApp:  usage\n");
+  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
+  Print(L"  CapsuleApp -S\n");
+  Print(L"  CapsuleApp -C\n");
+  Print(L"  CapsuleApp -P\n");
+  Print(L"  CapsuleApp -E\n");
+  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
+  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
+  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
+  Print(L"Parameter:\n");
+  Print(L"  -NR: No Reset.\n");
+  Print(L"  -S:  Dump capsule status.\n");
+  Print(L"  -C:  Clear capsule status.\n");
+  Print(L"  -P:  Dump FMP protocol info.\n");
+  Print(L"  -E:  Dump ESRT table info.\n");
+  Print(L"  -G:  Input BMP file name\n");
+  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
+  Print(L"  -O:  Output Capsule file name\n");
+  Print(L"  -D:  Dump Capsule\n");
+}
+
+/**
+  Update Capsule image.
+
+  @param[in]  ImageHandle     The image handle.
+  @param[in]  SystemTable     The system table.
+
+  @retval EFI_SUCCESS            Command completed successfully.
+  @retval EFI_INVALID_PARAMETER  Command usage error.
+  @retval EFI_NOT_FOUND          The input file can't be found.
+**/
+EFI_STATUS
+EFIAPI
+UefiMain (
+  IN EFI_HANDLE        ImageHandle,
+  IN EFI_SYSTEM_TABLE  *SystemTable
+  )
+{
+  EFI_STATUS                    Status;
+  UINTN                         FileSize[MAX_CAPSULE_NUM];
+  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
+  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
+  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
+  UINT64                         MaxCapsuleSize;
+  EFI_RESET_TYPE                 ResetType;
+  BOOLEAN                        NeedReset;
+  BOOLEAN                        NoReset;
+  CHAR16                         *CapsuleName;
+  UINTN                          CapsuleNum;
+  UINTN                          Index;
+
+  Status = GetArg();
+  if (EFI_ERROR(Status)) {
+    Print(L"Please use UEFI SHELL to run this application!\n", Status);
+    return Status;
+  }
+  if (Argc < 2) {
+    PrintUsage();
+    return EFI_INVALID_PARAMETER;
+  }
+  if (StrCmp(Argv[1], L"-D") == 0) {
+    Status = DumpCapsule();
+    return Status;
+  }
+  if (StrCmp(Argv[1], L"-G") == 0) {
+    Status = CreateBmpFmp();
+    return Status;
+  }
+  if (StrCmp(Argv[1], L"-N") == 0) {
+    Status = CreateNestedFmp();
+    return Status;
+  }
+  if (StrCmp(Argv[1], L"-S") == 0) {
+    Status = DmpCapsuleStatusVariable();
+    return EFI_SUCCESS;
+  }
+  if (StrCmp(Argv[1], L"-C") == 0) {
+    Status = ClearCapsuleStatusVariable();
+    return Status;
+  }
+  if (StrCmp(Argv[1], L"-P") == 0) {
+    DumpFmpData();
+    return EFI_SUCCESS;
+  }
+  if (StrCmp(Argv[1], L"-E") == 0) {
+    DumpEsrtData();
+    return EFI_SUCCESS;
+  }
+  CapsuleFirstIndex = 1;
+  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
+    NoReset = TRUE;
+    CapsuleLastIndex = Argc - 2;
+  } else {
+    NoReset = FALSE;
+    CapsuleLastIndex = Argc - 1;
+  }
+  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
+
+  if (CapsuleFirstIndex > CapsuleLastIndex) {
+    Print(L"CapsuleApp: NO capsule image.\n");
+    return EFI_UNSUPPORTED;
+  }
+  if (CapsuleNum > MAX_CAPSULE_NUM) {
+    Print(L"CapsuleApp: Too many capsule images.\n");
+    return EFI_UNSUPPORTED;
+  }
+
+  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
+  ZeroMem(&FileSize, sizeof(FileSize));
+  BlockDescriptors = NULL;
+
+  for (Index = 0; Index < CapsuleNum; Index++) {
+    CapsuleName = Argv[CapsuleFirstIndex + Index];
+    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
+    if (EFI_ERROR(Status)) {
+      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
+      goto Done;
+    }
+  }
+
+  //
+  // Every capsule use 2 descriptor 1 for data 1 for end
+  //
+  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
+  if (EFI_ERROR(Status)) {
+    goto Done;
+  }
+
+  //
+  // Call the runtime service capsule.
+  //
+  NeedReset = FALSE;
+  for (Index = 0; Index < CapsuleNum; Index++) {
+    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
+    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0) {
+      NeedReset = TRUE;
+    }
+  }
+  CapsuleHeaderArray[CapsuleNum] = NULL;
+  if (NoReset) {
+    NeedReset = FALSE;
+  }
+
+  //
+  // Inquire platform capability of UpdateCapsule.
+  //
+  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum, &MaxCapsuleSize, &ResetType);
+  if (EFI_ERROR(Status)) {
+    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
+    goto Done;
+  }
+
+  for (Index = 0; Index < CapsuleNum; Index++) {
+    if (FileSize[Index] > MaxCapsuleSize) {
+      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n", MaxCapsuleSize);
+      Status = EFI_UNSUPPORTED;
+      goto Done;
+    }
+  }
+
+  //
+  // Check whether the input capsule image has the flag of persist across system reset.
+  //
+  if (NeedReset) {
+    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN) BlockDescriptors);
+    if (Status != EFI_SUCCESS) {
+      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
+      goto Done;
+    }
+    //
+    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
+    // system reset to process capsule persist across a system reset.
+    //
+    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
+  } else {
+    //
+    // For capsule who has no reset flag, only call UpdateCapsule Service without a
+    // system reset. The service will process the capsule immediately.
+    //
+    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN) BlockDescriptors);
+    if (Status != EFI_SUCCESS) {
+      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
+    }
+  }
+
+  Status = EFI_SUCCESS;
+
+Done:
+  for (Index = 0; Index < CapsuleNum; Index++) {
+    if (CapsuleBuffer[Index] != NULL) {
+      FreePool (CapsuleBuffer[Index]);
+    }
+  }
+
+  CleanGatherList(BlockDescriptors, CapsuleNum);
+
+  return Status;
+}
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
new file mode 100644
index 0000000..2084e5f
--- /dev/null
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
@@ -0,0 +1,71 @@
+##  @file
+#  A shell application that triggers capsule update process.
+#
+# This application can trigger capsule update process. It can also
+# generate capsule image, or dump capsule variable information.
+#
+#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010006
+  BASE_NAME                      = CapsuleApp
+  MODULE_UNI_FILE                = CapsuleApp.uni
+  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
+  MODULE_TYPE                    = UEFI_APPLICATION
+  VERSION_STRING                 = 1.0
+  ENTRY_POINT                    = UefiMain
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64
+#
+
+[Sources]
+  CapsuleApp.c
+  CapsuleDump.c
+  AppSupport.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[Guids]
+  gEfiFileInfoGuid
+  gEfiPartTypeSystemPartGuid
+  gEfiGlobalVariableGuid
+  gEfiCapsuleReportGuid
+  gEfiFmpCapsuleGuid
+  gWindowsUxCapsuleGuid
+  gEfiCertTypeRsa2048Sha256Guid
+  gEfiCertPkcs7Guid
+  gEfiSystemResourceTableGuid
+
+[Protocols]
+  gEfiLoadedImageProtocolGuid
+  gEfiSimpleFileSystemProtocolGuid
+  gEfiGraphicsOutputProtocolGuid
+  gEfiFirmwareManagementProtocolGuid
+  gEfiShellParametersProtocolGuid
+
+[LibraryClasses]
+  BaseLib
+  UefiApplicationEntryPoint
+  DebugLib
+  MemoryAllocationLib
+  UefiBootServicesTableLib
+  UefiRuntimeServicesTableLib
+  UefiLib
+  PrintLib
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  CapsuleAppExtra.uni
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
new file mode 100644
index 0000000..54d6e12
--- /dev/null
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
@@ -0,0 +1,22 @@
+// /** @file
+// A shell application that triggers capsule update process.
+//
+// This application can trigger capsule update process. It can also
+// generate capsule image, or dump capsule variable information.
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "A shell application that triggers capsule update process."
+
+#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger capsule update process. It can also generate capsule image, or dump capsule variable information."
+
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
new file mode 100644
index 0000000..b5a8840
--- /dev/null
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
@@ -0,0 +1,19 @@
+// /** @file
+// CapsuleApp Localized Strings and Content
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+#string STR_PROPERTIES_MODULE_NAME
+#language en-US
+"Capsule Application"
+
+
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
new file mode 100644
index 0000000..b383fe1
--- /dev/null
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
@@ -0,0 +1,740 @@
+/** @file
+  Dump Capsule image information.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PrintLib.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Guid/ImageAuthentication.h>
+#include <Guid/CapsuleReport.h>
+#include <Guid/SystemResourceTable.h>
+#include <Guid/FmpCapsule.h>
+#include <IndustryStandard/WindowsUxCapsule.h>
+
+/**
+  Read a file.
+
+  @param FileName        The file to be read.
+  @param BufferSize      The file buffer size
+  @param Buffer          The file buffer
+
+  @retval EFI_SUCCESS    Read file successfully
+  @retval EFI_NOT_FOUND  File not found
+**/
+EFI_STATUS
+ReadFileToBuffer(
+  IN  CHAR16                               *FileName,
+  OUT UINTN                                *BufferSize,
+  OUT VOID                                 **Buffer
+  );
+
+extern UINTN  Argc;
+extern CHAR16 *Argv[];
+
+/**
+  Dump UX capsule information.
+
+  @param CapsuleHeader      The UX capsule header
+**/
+VOID
+DumpUxCapsule(
+  IN EFI_CAPSULE_HEADER  *CapsuleHeader
+  )
+{
+  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
+  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
+  Print(L"[UxCapusule]\n");
+  Print(L"CapsuleHeader:\n");
+  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
+  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
+  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
+  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule->CapsuleHeader.CapsuleImageSize);
+  Print(L"ImagePayload:\n");
+  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
+  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
+  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
+  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
+  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
+  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
+}
+
+/**
+  Dump FMP image authentication information.
+
+  @param Image      The FMP capsule image
+  @param ImageSize  The size of the FMP capsule image in bytes.
+
+  @return the size of FMP authentication.
+**/
+UINTN
+DumpImageAuthentication(
+  IN VOID   *Image,
+  IN UINTN  ImageSize
+  )
+{
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
+
+  ImageAuthentication = Image;
+  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
+      CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertTypeRsa2048Sha256Guid)) {
+    Print(L"[ImageAuthentication]\n");
+    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
+    Print(L"WIN_CERTIFICATE:\n");
+    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
+    Print(L"  wRevision        - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.wRevision);
+    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.wCertificateType);
+    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
+    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication->AuthInfo.Hdr.dwLength;
+  } else {
+    return 0;
+  }
+}
+
+/**
+  Dump a non-nested FMP capsule.
+
+  @param  CapsuleHeader  A pointer to CapsuleHeader
+**/
+VOID
+DumpFmpCapsule(
+  IN EFI_CAPSULE_HEADER  *CapsuleHeader
+  )
+{
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
+  UINT64                                        *ItemOffsetList;
+  UINTN                                         Index;
+  UINTN                                         Count;
+  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
+
+  Print(L"[FmpCapusule]\n");
+  Print(L"CapsuleHeader:\n");
+  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
+  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
+  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
+  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
+
+  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
+  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
+  Print(L"FmpHeader:\n");
+  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
+  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
+  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
+  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
+  for (Index = 0; Index < Count; Index++) {
+    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
+  }
+
+  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
+    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
+    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8 *)FmpCapsuleHeader + ItemOffsetList[Index]);
+    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
+    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
+    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
+    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
+    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
+    if (FmpImageHeader->Version >= EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
+      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader->UpdateHardwareInstance);
+    }
+  }
+}
+
+/**
+  Return if there is a FMP header below capsule header.
+
+  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
+
+  @retval TRUE  There is a FMP header below capsule header.
+  @retval FALSE There is not a FMP header below capsule header
+**/
+BOOLEAN
+IsNestedFmpCapsule(
+  IN EFI_CAPSULE_HEADER         *CapsuleHeader
+  )
+{
+  EFI_STATUS                 Status;
+  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
+  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
+  UINTN                      Index;
+  BOOLEAN                    EsrtGuidFound;
+  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
+  UINTN                      NestedCapsuleSize;
+
+  //
+  // Check ESRT
+  //
+  EsrtGuidFound = FALSE;
+  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID **)&Esrt);
+  if (!EFI_ERROR(Status)) {
+    EsrtEntry = (VOID *)(Esrt + 1);
+    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
+      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
+        EsrtGuidFound = TRUE;
+        break;
+      }
+    }
+  }
+
+  if (!EsrtGuidFound) {
+    return FALSE;
+  }
+
+  //
+  // Check nested capsule header
+  // FMP GUID after ESRT one
+  //
+  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);
+  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize - (UINTN)NestedCapsuleHeader;
+  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
+    return FALSE;
+  }
+  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
+    return FALSE;
+  }
+  return TRUE;
+}
+
+/**
+  Dump capsule information
+
+  @retval EFI_SUCCESS            The capsule information is dumped.
+  @retval EFI_UNSUPPORTED        Input parameter is not valid.
+**/
+EFI_STATUS
+DumpCapsule(
+  VOID
+  )
+{
+  CHAR16                                        *CapsuleName;
+  VOID                                          *Buffer;
+  UINTN                                         FileSize;
+  EFI_CAPSULE_HEADER                            *CapsuleHeader;
+  EFI_STATUS                                    Status;
+
+  if (Argc != 3) {
+    Print(L"CapsuleApp: Invalid Parameter.\n");
+    return EFI_UNSUPPORTED;
+  }
+
+  CapsuleName = Argv[2];
+  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
+  if (EFI_ERROR(Status)) {
+    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
+    goto Done;
+  }
+
+  CapsuleHeader = Buffer;
+  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
+    DumpUxCapsule(CapsuleHeader);
+    Status = EFI_SUCCESS;
+    goto Done;
+  }
+
+  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
+    DumpFmpCapsule(CapsuleHeader);
+  }
+  if (IsNestedFmpCapsule(CapsuleHeader)) {
+    Print(L"[NestedCapusule]\n");
+    Print(L"CapsuleHeader:\n");
+    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
+    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
+    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
+    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
+    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader->HeaderSize));
+  }
+
+Done:
+  FreePool(Buffer);
+  return Status;
+}
+
+/**
+  Dump capsule status variable.
+
+  @retval EFI_SUCCESS            The capsule status variable is dumped.
+  @retval EFI_UNSUPPORTED        Input parameter is not valid.
+**/
+EFI_STATUS
+DmpCapsuleStatusVariable(
+  VOID
+  )
+{
+  EFI_STATUS                          Status;
+  UINT32                              Index;
+  CHAR16                              CapsuleVarName[20];
+  CHAR16                              *TempVarName;
+  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
+  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
+  UINTN                               CapsuleFileNameSize;
+  CHAR16                              CapsuleIndexData[12];
+  CHAR16                              *CapsuleIndex;
+
+  Status = GetVariable2(
+             L"CapsuleMax",
+             &gEfiCapsuleReportGuid,
+             (VOID **)&CapsuleIndex,
+             NULL
+             );
+  if (!EFI_ERROR(Status)) {
+    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
+    CapsuleIndexData[11] = 0;
+    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
+    FreePool(CapsuleIndex);
+  }
+  Status = GetVariable2(
+             L"CapsuleLast",
+             &gEfiCapsuleReportGuid,
+             (VOID **)&CapsuleIndex,
+             NULL
+             );
+  if (!EFI_ERROR(Status)) {
+    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
+    CapsuleIndexData[11] = 0;
+    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
+    FreePool(CapsuleIndex);
+  }
+
+
+  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]), L"Capsule");
+  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
+  Index = 0;
+
+  while (TRUE) {
+    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
+
+    Status = GetVariable2 (
+               CapsuleVarName,
+               &gEfiCapsuleReportGuid,
+               (VOID **) &CapsuleResult,
+               NULL
+               );
+    if (Status == EFI_NOT_FOUND) {
+      break;
+    } else if (EFI_ERROR(Status)) {
+      continue;
+    }
+
+    //
+    // display capsule process status
+    //
+    if (CapsuleResult->VariableTotalSize >= sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
+      Print (L"CapsuleName: %s\n", CapsuleVarName);
+      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
+      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
+      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
+    }
+
+    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
+      if (CapsuleResult->VariableTotalSize >= sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
+        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
+        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
+        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
+        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp->UpdateImageIndex);
+        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp->UpdateImageTypeId);
+        if (CapsuleResult->VariableTotalSize > sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
+          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
+          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
+          if (CapsuleResult->VariableTotalSize > sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) + CapsuleFileNameSize) {
+            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp + 1) + CapsuleFileNameSize);
+          }
+        }
+      }
+    }
+
+    FreePool(CapsuleResult);
+
+    Index++;
+    if (Index > 0xFFFF) {
+      break;
+    }
+  }
+
+  return EFI_SUCCESS;
+}
+
+CHAR8 *mFwTypeString[] = {
+  "Unknown",
+  "SystemFirmware",
+  "DeviceFirmware",
+  "UefiDriver",
+};
+
+CHAR8 *mLastAttemptStatusString[] = {
+  "Success",
+  "Error: Unsuccessful",
+  "Error: Insufficient Resources",
+  "Error: Incorrect Version",
+  "Error: Invalid Format",
+  "Error: Auth Error",
+  "Error: Power Event AC",
+  "Error: Power Event Battery",
+};
+
+/**
+  Convert FwType to a string.
+
+  @param FwType  FwType in ESRT
+
+  @return a string for FwType.
+**/
+CHAR8 *
+FwTypeToString(
+  IN UINT32 FwType
+  )
+{
+  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
+    return mFwTypeString[FwType];
+  } else {
+    return "Invalid";
+  }
+}
+
+/**
+  Convert LastAttemptStatus to a string.
+
+  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
+
+  @return a string for LastAttemptStatus.
+**/
+CHAR8 *
+LastAttemptStatusToString(
+  IN UINT32 LastAttemptStatus
+  )
+{
+  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) / sizeof(mLastAttemptStatusString[0])) {
+    return mLastAttemptStatusString[LastAttemptStatus];
+  } else {
+    return "Error: Unknown";
+  }
+}
+
+/**
+  Dump ESRT entry.
+
+  @param EsrtEntry  ESRT entry
+**/
+VOID
+DumpEsrtEntry(
+  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
+  )
+{
+  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
+  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType, FwTypeToString(EsrtEntry->FwType));
+  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
+  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
+  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
+  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
+  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
+  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags & CAPSULE_FLAGS_INITIATE_RESET);
+  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
+  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus, LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
+}
+
+/**
+  Dump ESRT table.
+
+  @param Esrt  ESRT table
+**/
+VOID
+DumpEsrt(
+  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
+  )
+{
+  UINTN                      Index;
+  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
+
+  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
+  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
+  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
+  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
+
+  EsrtEntry = (VOID *)(Esrt + 1);
+  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
+    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
+    DumpEsrtEntry(EsrtEntry);
+    EsrtEntry++;
+  }
+}
+
+/**
+  Dump ESRT info.
+**/
+VOID
+DumpEsrtData (
+  VOID
+  )
+{
+  EFI_STATUS                 Status;
+  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
+
+  Print(L"##############\n");
+  Print(L"# ESRT TABLE #\n");
+  Print(L"##############\n");
+
+  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID **)&Esrt);
+  if (EFI_ERROR(Status)) {
+    Print(L"ESRT - %r\n", Status);
+    return;
+  }
+  DumpEsrt(Esrt);
+  Print(L"\n");
+}
+
+/**
+  Dump FMP information.
+
+  @param ImageInfoSize       The size of ImageInfo, in bytes.
+  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
+  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
+  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
+  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR, in bytes.
+  @param PackageVersion      The version of package.
+  @param PackageVersionName  The version name of package.
+**/
+VOID
+DumpFmpImageInfo(
+  IN UINTN                           ImageInfoSize,
+  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
+  IN UINT32                          DescriptorVersion,
+  IN UINT8                           DescriptorCount,
+  IN UINTN                           DescriptorSize,
+  IN UINT32                          PackageVersion,
+  IN CHAR16                          *PackageVersionName
+  )
+{
+  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
+  UINTN                                         Index;
+
+  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
+  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
+  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
+  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
+  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
+  CurrentImageInfo = ImageInfo;
+  for (Index = 0; Index < DescriptorCount; Index++) {
+    Print(L"  ImageDescriptor (%d)\n", Index);
+    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
+    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
+    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
+    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo->ImageIdName);
+    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
+    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo->VersionName);
+    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
+    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo->AttributesSupported);
+    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo->AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
+    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo->AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
+    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo->AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
+    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo->AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
+    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo->AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
+    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo->AttributesSetting);
+    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo->AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
+    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo->AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
+    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo->AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
+    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo->AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
+    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo->AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
+    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo->Compatibilities);
+    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo->Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
+    if (DescriptorVersion > 1) {
+      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo->LowestSupportedImageVersion);
+      if (DescriptorVersion > 2) {
+        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo->LastAttemptVersion);
+        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo->LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
+        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo->HardwareInstance);
+      }
+    }
+    //
+    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different ImageInfo version
+    //
+    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo + DescriptorSize);
+  }
+}
+
+/**
+  Dump FMP package information.
+
+  @param PackageVersion             The version of package.
+  @param PackageVersionName         The version name of package.
+  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
+  @param AttributesSupported        Package attributes that are supported by this device.
+  @param AttributesSetting          Package attributes.
+**/
+VOID
+DumpFmpPackageInfo(
+  IN UINT32                           PackageVersion,
+  IN CHAR16                           *PackageVersionName,
+  IN UINT32                           PackageVersionNameMaxLen,
+  IN UINT64                           AttributesSupported,
+  IN UINT64                           AttributesSetting
+  )
+{
+  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
+  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
+  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
+  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
+  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
+  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
+  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
+  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
+  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
+  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
+  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
+}
+
+/**
+  Dump FMP protocol info.
+**/
+VOID
+DumpFmpData (
+  VOID
+  )
+{
+  EFI_STATUS                                    Status;
+  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
+  EFI_HANDLE                                    *HandleBuffer;
+  UINTN                                         NumberOfHandles;
+  UINTN                                         Index;
+  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
+  UINTN                                         ImageInfoSize;
+  UINT32                                        FmpImageInfoDescriptorVer;
+  UINT8                                         FmpImageInfoCount;
+  UINTN                                         DescriptorSize;
+  UINT32                                        PackageVersion;
+  CHAR16                                        *PackageVersionName;
+  UINT32                                        PackageVersionNameMaxLen;
+  UINT64                                        AttributesSupported;
+  UINT64                                        AttributesSetting;
+
+  Print(L"############\n");
+  Print(L"# FMP DATA #\n");
+  Print(L"############\n");
+  Status = gBS->LocateHandleBuffer (
+                  ByProtocol,
+                  &gEfiFirmwareManagementProtocolGuid,
+                  NULL,
+                  &NumberOfHandles,
+                  &HandleBuffer
+                  );
+  if (EFI_ERROR(Status)) {
+    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
+    return;
+  }
+
+  for (Index = 0; Index < NumberOfHandles; Index++) {
+    Status = gBS->HandleProtocol(
+                    HandleBuffer[Index],
+                    &gEfiFirmwareManagementProtocolGuid,
+                    (VOID **)&Fmp
+                    );
+    if (EFI_ERROR(Status)) {
+      continue;
+    }
+
+    ImageInfoSize = 0;
+    Status = Fmp->GetImageInfo (
+                    Fmp,
+                    &ImageInfoSize,
+                    NULL,
+                    NULL,
+                    NULL,
+                    NULL,
+                    NULL,
+                    NULL
+                    );
+    if (Status != EFI_BUFFER_TOO_SMALL) {
+      continue;
+    }
+
+    FmpImageInfoBuf = NULL;
+    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
+    if (FmpImageInfoBuf == NULL) {
+      Status = EFI_OUT_OF_RESOURCES;
+      goto EXIT;
+    }
+
+    PackageVersionName = NULL;
+    Status = Fmp->GetImageInfo (
+                    Fmp,
+                    &ImageInfoSize,               // ImageInfoSize
+                    FmpImageInfoBuf,              // ImageInfo
+                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
+                    &FmpImageInfoCount,           // DescriptorCount
+                    &DescriptorSize,              // DescriptorSize
+                    &PackageVersion,              // PackageVersion
+                    &PackageVersionName           // PackageVersionName
+                    );
+
+    //
+    // If FMP GetInformation interface failed, skip this resource
+    //
+    if (EFI_ERROR(Status)) {
+      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
+      FreePool(FmpImageInfoBuf);
+      continue;
+    }
+
+    Print(L"FMP (%d) ImageInfo:\n", Index);
+    DumpFmpImageInfo(
+      ImageInfoSize,               // ImageInfoSize
+      FmpImageInfoBuf,             // ImageInfo
+      FmpImageInfoDescriptorVer,   // DescriptorVersion
+      FmpImageInfoCount,           // DescriptorCount
+      DescriptorSize,              // DescriptorSize
+      PackageVersion,              // PackageVersion
+      PackageVersionName           // PackageVersionName
+      );
+
+    if (PackageVersionName != NULL) {
+      FreePool(PackageVersionName);
+    }
+    FreePool(FmpImageInfoBuf);
+
+    //
+    // Get package info
+    //
+    PackageVersionName = NULL;
+    Status = Fmp->GetPackageInfo (
+                    Fmp,
+                    &PackageVersion,              // PackageVersion
+                    &PackageVersionName,          // PackageVersionName
+                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
+                    &AttributesSupported,         // AttributesSupported
+                    &AttributesSetting            // AttributesSetting
+                    );
+    if (EFI_ERROR(Status)) {
+      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
+    } else {
+      Print(L"FMP (%d) ImageInfo:\n", Index);
+      DumpFmpPackageInfo(
+        PackageVersion,              // PackageVersion
+        PackageVersionName,          // PackageVersionName
+        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
+        AttributesSupported,         // AttributesSupported
+        AttributesSetting            // AttributesSetting
+        );
+
+      if (PackageVersionName != NULL) {
+        FreePool(PackageVersionName);
+      }
+    }
+  }
+  Print(L"\n");
+
+EXIT:
+  FreePool(HandleBuffer);
+}
-- 
2.7.4.windows.1

Re: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Kinney, Michael D]

Hi Jiewen,

When I run the CapsuleApp.efi, it shows the following help:

CapsuleApp:  usage
  CapsuleApp <Capsule...> [-NR]
  CapsuleApp -S
  CapsuleApp -C
  CapsuleApp -P
  CapsuleApp -E
  CapsuleApp -G <BMP> -O <Capsule>
  CapsuleApp -N <Capsule> -O <NestedCapsule>
  CapsuleApp -D|-DS <Capsule>
Parameter:
  -NR: No Reset.
  -S:  Dump capsule status.
  -C:  Clear capsule status.
  -P:  Dump FMP protocol info.
  -E:  Dump ESRT table info.
  -G:  Input BMP file name
  -N:  Append Capsule Header accroding to Windows Firmware Update
  -O:  Output Capsule file name
  -D:  Dump Capsule

I have verified that that standard use case for Galileo Gen 2 works:

	CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap

I then explored some of the other options and there are some that do
not work as expected:


1) If I set the no reset flag (-NR), it still resets.

	CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap -NR

2) Because (1) does not work, the flags to view or operate on a previously
   Loaded capsule cannot be used such as -S, -C, -N, -O, -D.  So I do not 
   know if any of these flags work.  Have you tested them?

3) What does -G do?  I do not see a standard way to update only
   a BMP logo image in this series of patches.  If that is not
   really functional, then the code and help for -G should be 
   removed.

4) Typo in help for -N flag.  "accroding" should be "according".

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Kinney, Michael
> D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.
> 
> This CapsuleApp can help perform capsule update in UEFI shell environment.
> It can also dump capsule information, capsule status variable, ESRT and FMP.
> 
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> Reviewed-by: Liming Gao <liming.gao@intel.com>
> ---
>  MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
>  6 files changed, 2150 insertions(+)
> 
> diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> new file mode 100644
> index 0000000..90ca1fd
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> @@ -0,0 +1,445 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/ShellParameters.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +
> +#define MAX_ARG_NUM     11
> +
> +UINTN  Argc;
> +CHAR16 **Argv;
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiShellParametersProtocolGuid,
> +                  (VOID**)&ShellParameters
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  Argc = ShellParameters->Argc;
> +  Argv = ShellParameters->Argv;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return File System Volume containing this shell application.
> +
> +  @return File System Volume containing this shell application.
> +**/
> +EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
> +GetMyVol (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiLoadedImageProtocolGuid,
> +                  (VOID **)&LoadedImage
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  Status = gBS->HandleProtocol (
> +                  LoadedImage->DeviceHandle,
> +                  &gEfiSimpleFileSystemProtocolGuid,
> +                  (VOID **)&Vol
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return Vol;
> +  }
> +
> +  return NULL;
> +}
> +
> +/**
> +  Read a file from this volume.
> +
> +  @param Vol             File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileFromVol (
> +  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
> +  IN  CHAR16                            *FileName,
> +  OUT UINTN                             *BufferSize,
> +  OUT VOID                              **Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             FileInfoSize;
> +  EFI_FILE_INFO                     *FileInfo;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Get the file information
> +  //
> +  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
> +
> +  FileInfo = AllocateZeroPool (FileInfoSize);
> +  if (FileInfo == NULL) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Status = Handle->GetInfo (
> +                     Handle,
> +                     &gEfiFileInfoGuid,
> +                     &FileInfoSize,
> +                     FileInfo
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  //
> +  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
> +  //
> +  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
> +  TempBuffer = AllocateZeroPool (TempBufferSize);
> +  if (TempBuffer == NULL) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  gBS->FreePool (FileInfo);
> +
> +  //
> +  // Read the file data to the buffer
> +  //
> +  Status = Handle->Read (
> +                     Handle,
> +                     &TempBufferSize,
> +                     TempBuffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (TempBuffer);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  *BufferSize = TempBufferSize;
> +  *Buffer     = TempBuffer;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +  If ScanFs is FLASE, it will use this Vol as default Fs.
> +  If ScanFs is TRUE, it will scan all FS and check the file.
> +    If there is only one file match the name, it will be read.
> +    If there is more than one file match the name, it will return Error.
> +
> +  @param ThisVol         File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +  @param ScanFs          Need Scan all FS
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +  @retval EFI_NO_MAPPING There is duplicated files found
> +**/
> +EFI_STATUS
> +ReadFileToBufferEx (
> +  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer,
> +  IN  BOOLEAN                              ScanFs
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +  UINTN                             NoHandles;
> +  EFI_HANDLE                        *HandleBuffer;
> +  UINTN                             Index;
> +
> +  //
> +  // Check parameters
> +  //
> +  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // not scan fs
> +  //
> +  if (!ScanFs) {
> +    if (*ThisVol == NULL) {
> +      *ThisVol = GetMyVol ();
> +      if (*ThisVol == NULL) {
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +    //
> +    // Read file directly from Vol
> +    //
> +    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
> +  }
> +
> +  //
> +  // need scan fs
> +  //
> +
> +  //
> +  // Get all Vol handle
> +  //
> +  Status = gBS->LocateHandleBuffer (
> +                   ByProtocol,
> +                   &gEfiSimpleFileSystemProtocolGuid,
> +                   NULL,
> +                   &NoHandles,
> +                   &HandleBuffer
> +                   );
> +  if (EFI_ERROR (Status) && (NoHandles == 0)) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Walk through each Vol
> +  //
> +  *ThisVol = NULL;
> +  *BufferSize = 0;
> +  *Buffer     = NULL;
> +  for (Index = 0; Index < NoHandles; Index++) {
> +    Status = gBS->HandleProtocol (
> +                    HandleBuffer[Index],
> +                    &gEfiSimpleFileSystemProtocolGuid,
> +                    (VOID **)&Vol
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Read file OK, check duplication
> +      //
> +      if (*ThisVol != NULL) {
> +        //
> +        // Find the duplicated file
> +        //
> +        gBS->FreePool (TempBuffer);
> +        gBS->FreePool (*Buffer);
> +        Print (L"Duplicated FileName found!\n");
> +        return EFI_NO_MAPPING;
> +      } else {
> +        //
> +        // Record value
> +        //
> +        *ThisVol = Vol;
> +        *BufferSize = TempBufferSize;
> +        *Buffer     = TempBuffer;
> +      }
> +    }
> +  }
> +
> +  //
> +  // Scan Fs done
> +  //
> +  if (*ThisVol == NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Done
> +  //
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer (
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  )
> +{
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  Vol = NULL;
> +  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
> +}
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             TempBufferSize;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Vol = GetMyVol();
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  //
> +  // Delete file
> +  //
> +  Status = Handle->Delete(Handle);
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file again
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Write the file data from the buffer
> +  //
> +  TempBufferSize = BufferSize;
> +  Status = Handle->Write (
> +                     Handle,
> +                     &TempBufferSize,
> +                     Buffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> new file mode 100644
> index 0000000..6bb778a
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> @@ -0,0 +1,853 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/GraphicsOutput.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +#include <Guid/GlobalVariable.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#define CAPSULE_HEADER_SIZE  0x20
> +
> +#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
> +#define SYSTEM_FIRMWARE_FLAG 0x50000
> +#define DEVICE_FIRMWARE_FLAG 0x78010
> +
> +#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\"
> +#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
> +
> +#define MAJOR_VERSION   1
> +#define MINOR_VERSION   0
> +
> +#define MAX_CAPSULE_NUM 10
> +
> +extern UINTN  Argc;
> +extern CHAR16 **Argv;
> +
> +//
> +// Define how many block descriptors we want to test with.
> +//
> +UINTN  NumberOfDescriptors = 1;
> +UINTN  CapsuleFirstIndex;
> +UINTN  CapsuleLastIndex;
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  );
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  );
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData(
> +  VOID
> +  );
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData(
> +  VOID
> +  );
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  );
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  );
> +
> +/**
> +  Create UX capsule.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
> +**/
> +EFI_STATUS
> +CreateBmpFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *BmpBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *BmpName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  EFI_STATUS                                    Status;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
> +
> +  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: NO GOP is found.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
> +  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
> +  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
> +  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
> +  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  BmpBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  BmpName = Argv[2];
> +  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
> +  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
> +  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
> +  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
> +  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  DisplayCapsule->ImagePayload.Version = 1;
> +  DisplayCapsule->ImagePayload.Checksum = 0;
> +  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
> +  DisplayCapsule->ImagePayload.Reserved = 0;
> +  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
> +  DisplayCapsule->ImagePayload.OffsetX = 0;
> +  DisplayCapsule->ImagePayload.OffsetY = 0;
> +
> +  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
> +
> +  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer,
> FullCapsuleBufferSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (BmpBuffer != NULL) {
> +    FreePool(BmpBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Get ImageTypeId in the FMP capsule header.
> +
> +  @param CapsuleHeader  The FMP capsule image header.
> +
> +  @return ImageTypeId
> +**/
> +EFI_GUID *
> +GetCapsuleImageTypeId(
> +  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT64                                       *ItemOffsetList;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  if (FmpCapsuleHeader->PayloadItemCount == 0) {
> +    return NULL;
> +  }
> +  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
> +  return &ImageHeader->UpdateImageTypeId;
> +}
> +
> +/**
> +  Get ESRT FwType according to ImageTypeId
> +
> +  @param  ImageTypeId   ImageTypeId of an FMP capsule.
> +
> +  @return ESRT FwType
> +**/
> +UINT32
> +GetEsrtFwType(
> +  IN  EFI_GUID                                      *ImageTypeId
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +
> +  //
> +  // Check ESRT
> +  //
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
> +        return EsrtEntry->FwType;
> +      }
> +    }
> +  }
> +
> +  return ESRT_FW_TYPE_UNKNOWN;
> +}
> +
> +/**
> +  Append a capsule header on top of current image.
> +  This function follows Windows UEFI Firmware Update Platform document.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
> +**/
> +EFI_STATUS
> +CreateNestedFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *CapsuleBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *CapsuleName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
> +  EFI_GUID                                      *ImageTypeId;
> +  UINT32                                        FwType;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  CapsuleBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
> +  if (ImageTypeId == NULL) {
> +    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
> +    goto Done;
> +  }
> +  FwType = GetEsrtFwType(ImageTypeId);
> +  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType !=
> ESRT_FW_TYPE_DEVICEFIRMWARE)) {
> +    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
> +  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
> +  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
> +  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
> +  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ?
> SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
> +  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize,
> CapsuleBuffer, FileSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (CapsuleBuffer != NULL) {
> +    FreePool(CapsuleBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +
> +/**
> +  Clear capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is cleared.
> +**/
> +EFI_STATUS
> +ClearCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Build Gather list for a list of capsule images.
> +
> +  @param[in]  CapsuleBuffer    An array of pointer to capsule images
> +  @param[in]  FileSize         An array of UINTN to capsule images size
> +  @param[in]  CapsuleNum       The count of capsule images
> +  @param[out] BlockDescriptors The block descriptors for the capsule images
> +
> +  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
> +**/
> +EFI_STATUS
> +BuildGatherList(
> +  IN VOID                          **CapsuleBuffer,
> +  IN UINTN                         *FileSize,
> +  IN UINTN                         CapsuleNum,
> +  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
> +  UINT8                         *TempDataPtr;
> +  UINTN                         SizeLeft;
> +  UINTN                         Size;
> +  INT32                         Count;
> +  INT32                         Number;
> +  UINTN                         Index;
> +
> +  TempBlockPtr           = NULL;
> +  BlockDescriptors1      = NULL;
> +  BlockDescriptors2      = NULL;
> +  BlockDescriptorPre     = NULL;
> +  BlockDescriptorsHeader = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    //
> +    // Allocate memory for the descriptors.
> +    //
> +    if (NumberOfDescriptors == 1) {
> +      Count = 2;
> +    } else {
> +      Count = (INT32)(NumberOfDescriptors + 2) / 2;
> +    }
> +
> +    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
> +    if (BlockDescriptors1 == NULL) {
> +      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto ERREXIT;
> +    } else {
> +      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN)
> BlockDescriptors1);
> +      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n",
> (UINTN) CapsuleBuffer, FileSize);
> +    }
> +
> +    //
> +    // Record descirptor header
> +    //
> +    if (Index == 0) {
> +      BlockDescriptorsHeader = BlockDescriptors1;
> +    }
> +
> +    if (BlockDescriptorPre != NULL) {
> +      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
> +      BlockDescriptorPre->Length = 0;
> +    }
> +
> +    //
> +    // Fill them in
> +    //
> +    TempBlockPtr  = BlockDescriptors1;
> +    TempDataPtr   = CapsuleBuffer[Index];
> +    SizeLeft      = FileSize[Index];
> +    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
> +      //
> +      // Divide remaining data in half
> +      //
> +      if (NumberOfDescriptors != 1) {
> +        if (SizeLeft == 1) {
> +          Size = 1;
> +        } else {
> +          Size = SizeLeft / 2;
> +        }
> +      } else {
> +        Size = SizeLeft;
> +      }
> +      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +      TempBlockPtr->Length  = Size;
> +      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +      SizeLeft -= Size;
> +      TempDataPtr += Size;
> +      TempBlockPtr++;
> +    }
> +
> +    //
> +    // Allocate the second list, point the first block's last entry to point
> +    // to this one, and fill this one in. Worst case is that the previous
> +    // list only had one element that pointed here, so we need at least two
> +    // elements -- one to point to all the data, another to terminate the list.
> +    //
> +    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
> +      Count = (INT32)(NumberOfDescriptors + 2) - Count;
> +      if (Count == 1) {
> +        Count++;
> +      }
> +
> +      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
> +      if (BlockDescriptors2 == NULL) {
> +        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +        Status = EFI_OUT_OF_RESOURCES;
> +        goto ERREXIT;
> +      }
> +
> +      //
> +      // Point the first list's last element to point to this second list.
> +      //
> +      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
> +
> +      TempBlockPtr->Length  = 0;
> +      TempBlockPtr = BlockDescriptors2;
> +      for (Number = 0; Number < Count - 1; Number++) {
> +        //
> +        // If second-to-last one, then dump rest to this element
> +        //
> +        if (Number == (Count - 2)) {
> +          Size = SizeLeft;
> +        } else {
> +          //
> +          // Divide remaining data in half
> +          //
> +          if (SizeLeft == 1) {
> +            Size = 1;
> +          } else {
> +            Size = SizeLeft / 2;
> +          }
> +        }
> +
> +        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +        TempBlockPtr->Length  = Size;
> +        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +        SizeLeft -= Size;
> +        TempDataPtr += Size;
> +        TempBlockPtr++;
> +        if (SizeLeft == 0) {
> +          break;
> +        }
> +      }
> +    }
> +
> +    BlockDescriptorPre = TempBlockPtr;
> +    BlockDescriptors1  = NULL;
> +  }
> +
> +  //
> +  // Null-terminate.
> +  //
> +  if (TempBlockPtr != NULL) {
> +    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
> +    TempBlockPtr->Length  = 0;
> +    *BlockDescriptors = BlockDescriptorsHeader;
> +  }
> +
> +  return EFI_SUCCESS;
> +
> +ERREXIT:
> +  if (BlockDescriptors1 != NULL) {
> +    FreePool(BlockDescriptors1);
> +  }
> +
> +  if (BlockDescriptors2 != NULL) {
> +    FreePool(BlockDescriptors2);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Clear the Gather list for a list of capsule images.
> +
> +  @param[in]  BlockDescriptors The block descriptors for the capsule images
> +  @param[in]  CapsuleNum       The count of capsule images
> +**/
> +VOID
> +CleanGatherList(
> +  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
> +  IN UINTN                          CapsuleNum
> +  )
> +{
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
> +  UINTN                          Index;
> +
> +  if (BlockDescriptors != NULL) {
> +    TempBlockPtr1 = BlockDescriptors;
> +    while (1){
> +      TempBlockPtr = TempBlockPtr1;
> +      for (Index = 0; Index < CapsuleNum; Index++) {
> +        if (TempBlockPtr[Index].Length == 0) {
> +          break;
> +        }
> +      }
> +
> +      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
> +        break;
> +      }
> +
> +      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
> +      FreePool(TempBlockPtr1);
> +      TempBlockPtr1 = TempBlockPtr2;
> +    }
> +  }
> +}
> +
> +/**
> +  Print APP usage.
> +**/
> +VOID
> +PrintUsage (
> +  VOID
> +  )
> +{
> +  Print(L"CapsuleApp:  usage\n");
> +  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
> +  Print(L"  CapsuleApp -S\n");
> +  Print(L"  CapsuleApp -C\n");
> +  Print(L"  CapsuleApp -P\n");
> +  Print(L"  CapsuleApp -E\n");
> +  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
> +  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
> +  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
> +  Print(L"Parameter:\n");
> +  Print(L"  -NR: No Reset.\n");
> +  Print(L"  -S:  Dump capsule status.\n");
> +  Print(L"  -C:  Clear capsule status.\n");
> +  Print(L"  -P:  Dump FMP protocol info.\n");
> +  Print(L"  -E:  Dump ESRT table info.\n");
> +  Print(L"  -G:  Input BMP file name\n");
> +  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
> +  Print(L"  -O:  Output Capsule file name\n");
> +  Print(L"  -D:  Dump Capsule\n");
> +}
> +
> +/**
> +  Update Capsule image.
> +
> +  @param[in]  ImageHandle     The image handle.
> +  @param[in]  SystemTable     The system table.
> +
> +  @retval EFI_SUCCESS            Command completed successfully.
> +  @retval EFI_INVALID_PARAMETER  Command usage error.
> +  @retval EFI_NOT_FOUND          The input file can't be found.
> +**/
> +EFI_STATUS
> +EFIAPI
> +UefiMain (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  UINTN                         FileSize[MAX_CAPSULE_NUM];
> +  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
> +  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
> +  UINT64                         MaxCapsuleSize;
> +  EFI_RESET_TYPE                 ResetType;
> +  BOOLEAN                        NeedReset;
> +  BOOLEAN                        NoReset;
> +  CHAR16                         *CapsuleName;
> +  UINTN                          CapsuleNum;
> +  UINTN                          Index;
> +
> +  Status = GetArg();
> +  if (EFI_ERROR(Status)) {
> +    Print(L"Please use UEFI SHELL to run this application!\n", Status);
> +    return Status;
> +  }
> +  if (Argc < 2) {
> +    PrintUsage();
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  if (StrCmp(Argv[1], L"-D") == 0) {
> +    Status = DumpCapsule();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-G") == 0) {
> +    Status = CreateBmpFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-N") == 0) {
> +    Status = CreateNestedFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-S") == 0) {
> +    Status = DmpCapsuleStatusVariable();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-C") == 0) {
> +    Status = ClearCapsuleStatusVariable();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-P") == 0) {
> +    DumpFmpData();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-E") == 0) {
> +    DumpEsrtData();
> +    return EFI_SUCCESS;
> +  }
> +  CapsuleFirstIndex = 1;
> +  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
> +    NoReset = TRUE;
> +    CapsuleLastIndex = Argc - 2;
> +  } else {
> +    NoReset = FALSE;
> +    CapsuleLastIndex = Argc - 1;
> +  }
> +  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
> +
> +  if (CapsuleFirstIndex > CapsuleLastIndex) {
> +    Print(L"CapsuleApp: NO capsule image.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CapsuleNum > MAX_CAPSULE_NUM) {
> +    Print(L"CapsuleApp: Too many capsule images.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
> +  ZeroMem(&FileSize, sizeof(FileSize));
> +  BlockDescriptors = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleName = Argv[CapsuleFirstIndex + Index];
> +    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
> +    if (EFI_ERROR(Status)) {
> +      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Every capsule use 2 descriptor 1 for data 1 for end
> +  //
> +  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
> +  if (EFI_ERROR(Status)) {
> +    goto Done;
> +  }
> +
> +  //
> +  // Call the runtime service capsule.
> +  //
> +  NeedReset = FALSE;
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
> +    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0)
> {
> +      NeedReset = TRUE;
> +    }
> +  }
> +  CapsuleHeaderArray[CapsuleNum] = NULL;
> +  if (NoReset) {
> +    NeedReset = FALSE;
> +  }
> +
> +  //
> +  // Inquire platform capability of UpdateCapsule.
> +  //
> +  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum,
> &MaxCapsuleSize, &ResetType);
> +  if (EFI_ERROR(Status)) {
> +    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
> +    goto Done;
> +  }
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (FileSize[Index] > MaxCapsuleSize) {
> +      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n",
> MaxCapsuleSize);
> +      Status = EFI_UNSUPPORTED;
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Check whether the input capsule image has the flag of persist across system
> reset.
> +  //
> +  if (NeedReset) {
> +    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +      goto Done;
> +    }
> +    //
> +    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
> +    // system reset to process capsule persist across a system reset.
> +    //
> +    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
> +  } else {
> +    //
> +    // For capsule who has no reset flag, only call UpdateCapsule Service without a
> +    // system reset. The service will process the capsule immediately.
> +    //
> +    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +    }
> +  }
> +
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (CapsuleBuffer[Index] != NULL) {
> +      FreePool (CapsuleBuffer[Index]);
> +    }
> +  }
> +
> +  CleanGatherList(BlockDescriptors, CapsuleNum);
> +
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> new file mode 100644
> index 0000000..2084e5f
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> @@ -0,0 +1,71 @@
> +##  @file
> +#  A shell application that triggers capsule update process.
> +#
> +# This application can trigger capsule update process. It can also
> +# generate capsule image, or dump capsule variable information.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010006
> +  BASE_NAME                      = CapsuleApp
> +  MODULE_UNI_FILE                = CapsuleApp.uni
> +  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
> +  MODULE_TYPE                    = UEFI_APPLICATION
> +  VERSION_STRING                 = 1.0
> +  ENTRY_POINT                    = UefiMain
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64
> +#
> +
> +[Sources]
> +  CapsuleApp.c
> +  CapsuleDump.c
> +  AppSupport.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[Guids]
> +  gEfiFileInfoGuid
> +  gEfiPartTypeSystemPartGuid
> +  gEfiGlobalVariableGuid
> +  gEfiCapsuleReportGuid
> +  gEfiFmpCapsuleGuid
> +  gWindowsUxCapsuleGuid
> +  gEfiCertTypeRsa2048Sha256Guid
> +  gEfiCertPkcs7Guid
> +  gEfiSystemResourceTableGuid
> +
> +[Protocols]
> +  gEfiLoadedImageProtocolGuid
> +  gEfiSimpleFileSystemProtocolGuid
> +  gEfiGraphicsOutputProtocolGuid
> +  gEfiFirmwareManagementProtocolGuid
> +  gEfiShellParametersProtocolGuid
> +
> +[LibraryClasses]
> +  BaseLib
> +  UefiApplicationEntryPoint
> +  DebugLib
> +  MemoryAllocationLib
> +  UefiBootServicesTableLib
> +  UefiRuntimeServicesTableLib
> +  UefiLib
> +  PrintLib
> +
> +[UserExtensions.TianoCore."ExtraFiles"]
> +  CapsuleAppExtra.uni
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> new file mode 100644
> index 0000000..54d6e12
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// A shell application that triggers capsule update process.
> +//
> +// This application can trigger capsule update process. It can also
> +// generate capsule image, or dump capsule variable information.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "A shell application that
> triggers capsule update process."
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger
> capsule update process. It can also generate capsule image, or dump capsule variable
> information."
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> new file mode 100644
> index 0000000..b5a8840
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> @@ -0,0 +1,19 @@
> +// /** @file
> +// CapsuleApp Localized Strings and Content
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +#string STR_PROPERTIES_MODULE_NAME
> +#language en-US
> +"Capsule Application"
> +
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> new file mode 100644
> index 0000000..b383fe1
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> @@ -0,0 +1,740 @@
> +/** @file
> +  Dump Capsule image information.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/ImageAuthentication.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +extern UINTN  Argc;
> +extern CHAR16 *Argv[];
> +
> +/**
> +  Dump UX capsule information.
> +
> +  @param CapsuleHeader      The UX capsule header
> +**/
> +VOID
> +DumpUxCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
> +  Print(L"[UxCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule-
> >CapsuleHeader.CapsuleImageSize);
> +  Print(L"ImagePayload:\n");
> +  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
> +  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
> +  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
> +  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
> +  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
> +  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
> +}
> +
> +/**
> +  Dump FMP image authentication information.
> +
> +  @param Image      The FMP capsule image
> +  @param ImageSize  The size of the FMP capsule image in bytes.
> +
> +  @return the size of FMP authentication.
> +**/
> +UINTN
> +DumpImageAuthentication(
> +  IN VOID   *Image,
> +  IN UINTN  ImageSize
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
> +
> +  ImageAuthentication = Image;
> +  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
> +      CompareGuid(&ImageAuthentication->AuthInfo.CertType,
> &gEfiCertTypeRsa2048Sha256Guid)) {
> +    Print(L"[ImageAuthentication]\n");
> +    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
> +    Print(L"WIN_CERTIFICATE:\n");
> +    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
> +    Print(L"  wRevision        - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wRevision);
> +    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wCertificateType);
> +    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
> +    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication-
> >AuthInfo.Hdr.dwLength;
> +  } else {
> +    return 0;
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  UINT64                                        *ItemOffsetList;
> +  UINTN                                         Index;
> +  UINTN                                         Count;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
> +
> +  Print(L"[FmpCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  Print(L"FmpHeader:\n");
> +  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
> +  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
> +  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
> +  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
> +  for (Index = 0; Index < Count; Index++) {
> +    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
> +  }
> +
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
> +    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
> +    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
> +    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
> +    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
> +    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
> +    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
> +    if (FmpImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader-
> >UpdateHardwareInstance);
> +    }
> +  }
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +
> +  //
> +  // Check ESRT
> +  //
> +  EsrtGuidFound = FALSE;
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +        EsrtGuidFound = TRUE;
> +        break;
> +      }
> +    }
> +  }
> +
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *CapsuleName;
> +  VOID                                          *Buffer;
> +  UINTN                                         FileSize;
> +  EFI_CAPSULE_HEADER                            *CapsuleHeader;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 3) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  CapsuleHeader = Buffer;
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
> +    DumpUxCapsule(CapsuleHeader);
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    DumpFmpCapsule(CapsuleHeader);
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    Print(L"[NestedCapusule]\n");
> +    Print(L"CapsuleHeader:\n");
> +    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader-
> >HeaderSize));
> +  }
> +
> +Done:
> +  FreePool(Buffer);
> +  return Status;
> +}
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +  UINTN                               CapsuleFileNameSize;
> +  CHAR16                              CapsuleIndexData[12];
> +  CHAR16                              *CapsuleIndex;
> +
> +  Status = GetVariable2(
> +             L"CapsuleMax",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +  Status = GetVariable2(
> +             L"CapsuleLast",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = GetVariable2 (
> +               CapsuleVarName,
> +               &gEfiCapsuleReportGuid,
> +               (VOID **) &CapsuleResult,
> +               NULL
> +               );
> +    if (Status == EFI_NOT_FOUND) {
> +      break;
> +    } else if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    //
> +    // display capsule process status
> +    //
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      Print (L"CapsuleName: %s\n", CapsuleVarName);
> +      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
> +      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
> +      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
> +    }
> +
> +    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +      if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
> +        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
> +        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp-
> >UpdateImageIndex);
> +        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp-
> >UpdateImageTypeId);
> +        if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
> +          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
> +          if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) +
> CapsuleFileNameSize) {
> +            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp +
> 1) + CapsuleFileNameSize);
> +          }
> +        }
> +      }
> +    }
> +
> +    FreePool(CapsuleResult);
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +CHAR8 *mFwTypeString[] = {
> +  "Unknown",
> +  "SystemFirmware",
> +  "DeviceFirmware",
> +  "UefiDriver",
> +};
> +
> +CHAR8 *mLastAttemptStatusString[] = {
> +  "Success",
> +  "Error: Unsuccessful",
> +  "Error: Insufficient Resources",
> +  "Error: Incorrect Version",
> +  "Error: Invalid Format",
> +  "Error: Auth Error",
> +  "Error: Power Event AC",
> +  "Error: Power Event Battery",
> +};
> +
> +/**
> +  Convert FwType to a string.
> +
> +  @param FwType  FwType in ESRT
> +
> +  @return a string for FwType.
> +**/
> +CHAR8 *
> +FwTypeToString(
> +  IN UINT32 FwType
> +  )
> +{
> +  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
> +    return mFwTypeString[FwType];
> +  } else {
> +    return "Invalid";
> +  }
> +}
> +
> +/**
> +  Convert LastAttemptStatus to a string.
> +
> +  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
> +
> +  @return a string for LastAttemptStatus.
> +**/
> +CHAR8 *
> +LastAttemptStatusToString(
> +  IN UINT32 LastAttemptStatus
> +  )
> +{
> +  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) /
> sizeof(mLastAttemptStatusString[0])) {
> +    return mLastAttemptStatusString[LastAttemptStatus];
> +  } else {
> +    return "Error: Unknown";
> +  }
> +}
> +
> +/**
> +  Dump ESRT entry.
> +
> +  @param EsrtEntry  ESRT entry
> +**/
> +VOID
> +DumpEsrtEntry(
> +  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
> +  )
> +{
> +  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
> +  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType,
> FwTypeToString(EsrtEntry->FwType));
> +  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
> +  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
> +  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
> +  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
> +  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
> +  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_INITIATE_RESET);
> +  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
> +  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus,
> LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
> +}
> +
> +/**
> +  Dump ESRT table.
> +
> +  @param Esrt  ESRT table
> +**/
> +VOID
> +DumpEsrt(
> +  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
> +  )
> +{
> +  UINTN                      Index;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +
> +  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
> +  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
> +  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
> +  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
> +
> +  EsrtEntry = (VOID *)(Esrt + 1);
> +  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
> +    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
> +    DumpEsrtEntry(EsrtEntry);
> +    EsrtEntry++;
> +  }
> +}
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +
> +  Print(L"##############\n");
> +  Print(L"# ESRT TABLE #\n");
> +  Print(L"##############\n");
> +
> +  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"ESRT - %r\n", Status);
> +    return;
> +  }
> +  DumpEsrt(Esrt);
> +  Print(L"\n");
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
> +  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
> +  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
> +  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    Print(L"  ImageDescriptor (%d)\n", Index);
> +    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
> +    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
> +    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
> +    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo-
> >ImageIdName);
> +    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
> +    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo-
> >VersionName);
> +    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
> +    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo-
> >Compatibilities);
> +    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo-
> >Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
> +    if (DescriptorVersion > 1) {
> +      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo-
> >LowestSupportedImageVersion);
> +      if (DescriptorVersion > 2) {
> +        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo-
> >LastAttemptVersion);
> +        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo-
> >LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
> +        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo-
> >HardwareInstance);
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump FMP package information.
> +
> +  @param PackageVersion             The version of package.
> +  @param PackageVersionName         The version name of package.
> +  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
> +  @param AttributesSupported        Package attributes that are supported by this
> device.
> +  @param AttributesSetting          Package attributes.
> +**/
> +VOID
> +DumpFmpPackageInfo(
> +  IN UINT32                           PackageVersion,
> +  IN CHAR16                           *PackageVersionName,
> +  IN UINT32                           PackageVersionNameMaxLen,
> +  IN UINT64                           AttributesSupported,
> +  IN UINT64                           AttributesSetting
> +  )
> +{
> +  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
> +  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
> +  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +}
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         Index;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINT8                                         FmpImageInfoCount;
> +  UINTN                                         DescriptorSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  UINT32                                        PackageVersionNameMaxLen;
> +  UINT64                                        AttributesSupported;
> +  UINT64                                        AttributesSetting;
> +
> +  Print(L"############\n");
> +  Print(L"# FMP DATA #\n");
> +  Print(L"############\n");
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
> +    return;
> +  }
> +
> +  for (Index = 0; Index < NumberOfHandles; Index++) {
> +    Status = gBS->HandleProtocol(
> +                    HandleBuffer[Index],
> +                    &gEfiFirmwareManagementProtocolGuid,
> +                    (VOID **)&Fmp
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    ImageInfoSize = 0;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL
> +                    );
> +    if (Status != EFI_BUFFER_TOO_SMALL) {
> +      continue;
> +    }
> +
> +    FmpImageInfoBuf = NULL;
> +    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +    if (FmpImageInfoBuf == NULL) {
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto EXIT;
> +    }
> +
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,               // ImageInfoSize
> +                    FmpImageInfoBuf,              // ImageInfo
> +                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                    &FmpImageInfoCount,           // DescriptorCount
> +                    &DescriptorSize,              // DescriptorSize
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName           // PackageVersionName
> +                    );
> +
> +    //
> +    // If FMP GetInformation interface failed, skip this resource
> +    //
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
> +      FreePool(FmpImageInfoBuf);
> +      continue;
> +    }
> +
> +    Print(L"FMP (%d) ImageInfo:\n", Index);
> +    DumpFmpImageInfo(
> +      ImageInfoSize,               // ImageInfoSize
> +      FmpImageInfoBuf,             // ImageInfo
> +      FmpImageInfoDescriptorVer,   // DescriptorVersion
> +      FmpImageInfoCount,           // DescriptorCount
> +      DescriptorSize,              // DescriptorSize
> +      PackageVersion,              // PackageVersion
> +      PackageVersionName           // PackageVersionName
> +      );
> +
> +    if (PackageVersionName != NULL) {
> +      FreePool(PackageVersionName);
> +    }
> +    FreePool(FmpImageInfoBuf);
> +
> +    //
> +    // Get package info
> +    //
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetPackageInfo (
> +                    Fmp,
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName,          // PackageVersionName
> +                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +                    &AttributesSupported,         // AttributesSupported
> +                    &AttributesSetting            // AttributesSetting
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
> +    } else {
> +      Print(L"FMP (%d) ImageInfo:\n", Index);
> +      DumpFmpPackageInfo(
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName,          // PackageVersionName
> +        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +        AttributesSupported,         // AttributesSupported
> +        AttributesSetting            // AttributesSetting
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +    }
> +  }
> +  Print(L"\n");
> +
> +EXIT:
> +  FreePool(HandleBuffer);
> +}
> --
> 2.7.4.windows.1

Re: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Yao, Jiewen]

Comments inline:

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 7:26 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Hi Jiewen,

When I run the CapsuleApp.efi, it shows the following help:

CapsuleApp:  usage
  CapsuleApp <Capsule...> [-NR]
  CapsuleApp -S
  CapsuleApp -C
  CapsuleApp -P
  CapsuleApp -E
  CapsuleApp -G <BMP> -O <Capsule>
  CapsuleApp -N <Capsule> -O <NestedCapsule>
  CapsuleApp -D|-DS <Capsule>
Parameter:
  -NR: No Reset.
  -S:  Dump capsule status.
  -C:  Clear capsule status.
  -P:  Dump FMP protocol info.
  -E:  Dump ESRT table info.
  -G:  Input BMP file name
  -N:  Append Capsule Header accroding to Windows Firmware Update
  -O:  Output Capsule file name
  -D:  Dump Capsule

I have verified that that standard use case for Galileo Gen 2 works:

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap

I then explored some of the other options and there are some that do
not work as expected:


1) If I set the no reset flag (-NR), it still resets.

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap -NR
[Jiewen] This flag/code is inherit from the original EDKI code.
I made a mistake that I thought it should work.
But not actually because I just realize the reset process is moved to CapsuleService driver.
I will remove [NR] flag totally.


2) Because (1) does not work, the flags to view or operate on a previously
   Loaded capsule cannot be used such as -S, -C, -N, -O, -D.  So I do not
   know if any of these flags work.  Have you tested them?
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.
All of below are validated. None of them are related to [NR]

  -S:  Dump capsule status. // The capsule status variable is defined by UEFI spec. Just dump the variable. No touch capsule image.
  -C:  Clear capsule status. // The capsule status variable is defined by UEFI spec. Just clear the variable. No touch capsule image.
  -N:  Append Capsule Header accroding to Windows Firmware Update // this is to follow "Windows Firmware Update" document to append a header. We need input a capsule image and out a new capsule image. So we can test the nested capsule image. No capsule service is called. Just append header and generate a new image.
  -O:  Output Capsule file name // -O is an option working with others such as "-G <BMP> -O <Capsule>", or "-N <Capsule> -O <NestedCapsule>"
  -D:  Dump Capsule // this is just dump the capsule image information.

If you find some do not work, please let me know and I will fix them.

3) What does -G do?  I do not see a standard way to update only
   a BMP logo image in this series of patches.  If that is not
   really functional, then the code and help for -G should be
   removed.
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.

  -G:  Input BMP file name // this is to follow "windows firmware update" document to wrap a BMP file to be a UX capsule. So that end user may see a picture during capsule process, ideally. The prerequisite is that the platform need have a valid console.

This UX capsule is already supported in IntelFrameworkModulePkg\Library\DxeCapsuleLib.

I think this app just provides the capability to generate a UX capsule for unit test.
I think this is useful and I suggest we keep it.
If you find it does not work, please let me know and I will fix it.

4) Typo in help for -N flag.  "accroding" should be "according".
[Jiewen] Thank you. Fixed.

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.
>
> This CapsuleApp can help perform capsule update in UEFI shell environment.
> It can also dump capsule information, capsule status variable, ESRT and FMP.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
>  6 files changed, 2150 insertions(+)
>
> diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> new file mode 100644
> index 0000000..90ca1fd
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> @@ -0,0 +1,445 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/ShellParameters.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +
> +#define MAX_ARG_NUM     11
> +
> +UINTN  Argc;
> +CHAR16 **Argv;
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiShellParametersProtocolGuid,
> +                  (VOID**)&ShellParameters
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  Argc = ShellParameters->Argc;
> +  Argv = ShellParameters->Argv;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return File System Volume containing this shell application.
> +
> +  @return File System Volume containing this shell application.
> +**/
> +EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
> +GetMyVol (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiLoadedImageProtocolGuid,
> +                  (VOID **)&LoadedImage
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  Status = gBS->HandleProtocol (
> +                  LoadedImage->DeviceHandle,
> +                  &gEfiSimpleFileSystemProtocolGuid,
> +                  (VOID **)&Vol
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return Vol;
> +  }
> +
> +  return NULL;
> +}
> +
> +/**
> +  Read a file from this volume.
> +
> +  @param Vol             File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileFromVol (
> +  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
> +  IN  CHAR16                            *FileName,
> +  OUT UINTN                             *BufferSize,
> +  OUT VOID                              **Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             FileInfoSize;
> +  EFI_FILE_INFO                     *FileInfo;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Get the file information
> +  //
> +  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
> +
> +  FileInfo = AllocateZeroPool (FileInfoSize);
> +  if (FileInfo == NULL) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Status = Handle->GetInfo (
> +                     Handle,
> +                     &gEfiFileInfoGuid,
> +                     &FileInfoSize,
> +                     FileInfo
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  //
> +  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
> +  //
> +  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
> +  TempBuffer = AllocateZeroPool (TempBufferSize);
> +  if (TempBuffer == NULL) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  gBS->FreePool (FileInfo);
> +
> +  //
> +  // Read the file data to the buffer
> +  //
> +  Status = Handle->Read (
> +                     Handle,
> +                     &TempBufferSize,
> +                     TempBuffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (TempBuffer);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  *BufferSize = TempBufferSize;
> +  *Buffer     = TempBuffer;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +  If ScanFs is FLASE, it will use this Vol as default Fs.
> +  If ScanFs is TRUE, it will scan all FS and check the file.
> +    If there is only one file match the name, it will be read.
> +    If there is more than one file match the name, it will return Error.
> +
> +  @param ThisVol         File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +  @param ScanFs          Need Scan all FS
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +  @retval EFI_NO_MAPPING There is duplicated files found
> +**/
> +EFI_STATUS
> +ReadFileToBufferEx (
> +  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer,
> +  IN  BOOLEAN                              ScanFs
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +  UINTN                             NoHandles;
> +  EFI_HANDLE                        *HandleBuffer;
> +  UINTN                             Index;
> +
> +  //
> +  // Check parameters
> +  //
> +  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // not scan fs
> +  //
> +  if (!ScanFs) {
> +    if (*ThisVol == NULL) {
> +      *ThisVol = GetMyVol ();
> +      if (*ThisVol == NULL) {
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +    //
> +    // Read file directly from Vol
> +    //
> +    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
> +  }
> +
> +  //
> +  // need scan fs
> +  //
> +
> +  //
> +  // Get all Vol handle
> +  //
> +  Status = gBS->LocateHandleBuffer (
> +                   ByProtocol,
> +                   &gEfiSimpleFileSystemProtocolGuid,
> +                   NULL,
> +                   &NoHandles,
> +                   &HandleBuffer
> +                   );
> +  if (EFI_ERROR (Status) && (NoHandles == 0)) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Walk through each Vol
> +  //
> +  *ThisVol = NULL;
> +  *BufferSize = 0;
> +  *Buffer     = NULL;
> +  for (Index = 0; Index < NoHandles; Index++) {
> +    Status = gBS->HandleProtocol (
> +                    HandleBuffer[Index],
> +                    &gEfiSimpleFileSystemProtocolGuid,
> +                    (VOID **)&Vol
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Read file OK, check duplication
> +      //
> +      if (*ThisVol != NULL) {
> +        //
> +        // Find the duplicated file
> +        //
> +        gBS->FreePool (TempBuffer);
> +        gBS->FreePool (*Buffer);
> +        Print (L"Duplicated FileName found!\n");
> +        return EFI_NO_MAPPING;
> +      } else {
> +        //
> +        // Record value
> +        //
> +        *ThisVol = Vol;
> +        *BufferSize = TempBufferSize;
> +        *Buffer     = TempBuffer;
> +      }
> +    }
> +  }
> +
> +  //
> +  // Scan Fs done
> +  //
> +  if (*ThisVol == NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Done
> +  //
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer (
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  )
> +{
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  Vol = NULL;
> +  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
> +}
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             TempBufferSize;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Vol = GetMyVol();
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  //
> +  // Delete file
> +  //
> +  Status = Handle->Delete(Handle);
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file again
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Write the file data from the buffer
> +  //
> +  TempBufferSize = BufferSize;
> +  Status = Handle->Write (
> +                     Handle,
> +                     &TempBufferSize,
> +                     Buffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> new file mode 100644
> index 0000000..6bb778a
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> @@ -0,0 +1,853 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/GraphicsOutput.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +#include <Guid/GlobalVariable.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#define CAPSULE_HEADER_SIZE  0x20
> +
> +#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
> +#define SYSTEM_FIRMWARE_FLAG 0x50000
> +#define DEVICE_FIRMWARE_FLAG 0x78010
> +
> +#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\<file:///\\EFI\UpdateCapsule\>"
> +#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
> +
> +#define MAJOR_VERSION   1
> +#define MINOR_VERSION   0
> +
> +#define MAX_CAPSULE_NUM 10
> +
> +extern UINTN  Argc;
> +extern CHAR16 **Argv;
> +
> +//
> +// Define how many block descriptors we want to test with.
> +//
> +UINTN  NumberOfDescriptors = 1;
> +UINTN  CapsuleFirstIndex;
> +UINTN  CapsuleLastIndex;
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  );
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  );
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData(
> +  VOID
> +  );
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData(
> +  VOID
> +  );
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  );
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  );
> +
> +/**
> +  Create UX capsule.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
> +**/
> +EFI_STATUS
> +CreateBmpFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *BmpBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *BmpName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  EFI_STATUS                                    Status;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
> +
> +  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: NO GOP is found.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
> +  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
> +  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
> +  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
> +  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  BmpBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  BmpName = Argv[2];
> +  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
> +  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
> +  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
> +  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
> +  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  DisplayCapsule->ImagePayload.Version = 1;
> +  DisplayCapsule->ImagePayload.Checksum = 0;
> +  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
> +  DisplayCapsule->ImagePayload.Reserved = 0;
> +  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
> +  DisplayCapsule->ImagePayload.OffsetX = 0;
> +  DisplayCapsule->ImagePayload.OffsetY = 0;
> +
> +  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
> +
> +  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer,
> FullCapsuleBufferSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (BmpBuffer != NULL) {
> +    FreePool(BmpBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Get ImageTypeId in the FMP capsule header.
> +
> +  @param CapsuleHeader  The FMP capsule image header.
> +
> +  @return ImageTypeId
> +**/
> +EFI_GUID *
> +GetCapsuleImageTypeId(
> +  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT64                                       *ItemOffsetList;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  if (FmpCapsuleHeader->PayloadItemCount == 0) {
> +    return NULL;
> +  }
> +  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
> +  return &ImageHeader->UpdateImageTypeId;
> +}
> +
> +/**
> +  Get ESRT FwType according to ImageTypeId
> +
> +  @param  ImageTypeId   ImageTypeId of an FMP capsule.
> +
> +  @return ESRT FwType
> +**/
> +UINT32
> +GetEsrtFwType(
> +  IN  EFI_GUID                                      *ImageTypeId
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +
> +  //
> +  // Check ESRT
> +  //
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
> +        return EsrtEntry->FwType;
> +      }
> +    }
> +  }
> +
> +  return ESRT_FW_TYPE_UNKNOWN;
> +}
> +
> +/**
> +  Append a capsule header on top of current image.
> +  This function follows Windows UEFI Firmware Update Platform document.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
> +**/
> +EFI_STATUS
> +CreateNestedFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *CapsuleBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *CapsuleName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
> +  EFI_GUID                                      *ImageTypeId;
> +  UINT32                                        FwType;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  CapsuleBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
> +  if (ImageTypeId == NULL) {
> +    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
> +    goto Done;
> +  }
> +  FwType = GetEsrtFwType(ImageTypeId);
> +  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType !=
> ESRT_FW_TYPE_DEVICEFIRMWARE)) {
> +    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
> +  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
> +  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
> +  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
> +  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ?
> SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
> +  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize,
> CapsuleBuffer, FileSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (CapsuleBuffer != NULL) {
> +    FreePool(CapsuleBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +
> +/**
> +  Clear capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is cleared.
> +**/
> +EFI_STATUS
> +ClearCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Build Gather list for a list of capsule images.
> +
> +  @param[in]  CapsuleBuffer    An array of pointer to capsule images
> +  @param[in]  FileSize         An array of UINTN to capsule images size
> +  @param[in]  CapsuleNum       The count of capsule images
> +  @param[out] BlockDescriptors The block descriptors for the capsule images
> +
> +  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
> +**/
> +EFI_STATUS
> +BuildGatherList(
> +  IN VOID                          **CapsuleBuffer,
> +  IN UINTN                         *FileSize,
> +  IN UINTN                         CapsuleNum,
> +  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
> +  UINT8                         *TempDataPtr;
> +  UINTN                         SizeLeft;
> +  UINTN                         Size;
> +  INT32                         Count;
> +  INT32                         Number;
> +  UINTN                         Index;
> +
> +  TempBlockPtr           = NULL;
> +  BlockDescriptors1      = NULL;
> +  BlockDescriptors2      = NULL;
> +  BlockDescriptorPre     = NULL;
> +  BlockDescriptorsHeader = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    //
> +    // Allocate memory for the descriptors.
> +    //
> +    if (NumberOfDescriptors == 1) {
> +      Count = 2;
> +    } else {
> +      Count = (INT32)(NumberOfDescriptors + 2) / 2;
> +    }
> +
> +    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
> +    if (BlockDescriptors1 == NULL) {
> +      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto ERREXIT;
> +    } else {
> +      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN)
> BlockDescriptors1);
> +      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n",
> (UINTN) CapsuleBuffer, FileSize);
> +    }
> +
> +    //
> +    // Record descirptor header
> +    //
> +    if (Index == 0) {
> +      BlockDescriptorsHeader = BlockDescriptors1;
> +    }
> +
> +    if (BlockDescriptorPre != NULL) {
> +      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
> +      BlockDescriptorPre->Length = 0;
> +    }
> +
> +    //
> +    // Fill them in
> +    //
> +    TempBlockPtr  = BlockDescriptors1;
> +    TempDataPtr   = CapsuleBuffer[Index];
> +    SizeLeft      = FileSize[Index];
> +    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
> +      //
> +      // Divide remaining data in half
> +      //
> +      if (NumberOfDescriptors != 1) {
> +        if (SizeLeft == 1) {
> +          Size = 1;
> +        } else {
> +          Size = SizeLeft / 2;
> +        }
> +      } else {
> +        Size = SizeLeft;
> +      }
> +      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +      TempBlockPtr->Length  = Size;
> +      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +      SizeLeft -= Size;
> +      TempDataPtr += Size;
> +      TempBlockPtr++;
> +    }
> +
> +    //
> +    // Allocate the second list, point the first block's last entry to point
> +    // to this one, and fill this one in. Worst case is that the previous
> +    // list only had one element that pointed here, so we need at least two
> +    // elements -- one to point to all the data, another to terminate the list.
> +    //
> +    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
> +      Count = (INT32)(NumberOfDescriptors + 2) - Count;
> +      if (Count == 1) {
> +        Count++;
> +      }
> +
> +      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
> +      if (BlockDescriptors2 == NULL) {
> +        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +        Status = EFI_OUT_OF_RESOURCES;
> +        goto ERREXIT;
> +      }
> +
> +      //
> +      // Point the first list's last element to point to this second list.
> +      //
> +      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
> +
> +      TempBlockPtr->Length  = 0;
> +      TempBlockPtr = BlockDescriptors2;
> +      for (Number = 0; Number < Count - 1; Number++) {
> +        //
> +        // If second-to-last one, then dump rest to this element
> +        //
> +        if (Number == (Count - 2)) {
> +          Size = SizeLeft;
> +        } else {
> +          //
> +          // Divide remaining data in half
> +          //
> +          if (SizeLeft == 1) {
> +            Size = 1;
> +          } else {
> +            Size = SizeLeft / 2;
> +          }
> +        }
> +
> +        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +        TempBlockPtr->Length  = Size;
> +        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +        SizeLeft -= Size;
> +        TempDataPtr += Size;
> +        TempBlockPtr++;
> +        if (SizeLeft == 0) {
> +          break;
> +        }
> +      }
> +    }
> +
> +    BlockDescriptorPre = TempBlockPtr;
> +    BlockDescriptors1  = NULL;
> +  }
> +
> +  //
> +  // Null-terminate.
> +  //
> +  if (TempBlockPtr != NULL) {
> +    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
> +    TempBlockPtr->Length  = 0;
> +    *BlockDescriptors = BlockDescriptorsHeader;
> +  }
> +
> +  return EFI_SUCCESS;
> +
> +ERREXIT:
> +  if (BlockDescriptors1 != NULL) {
> +    FreePool(BlockDescriptors1);
> +  }
> +
> +  if (BlockDescriptors2 != NULL) {
> +    FreePool(BlockDescriptors2);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Clear the Gather list for a list of capsule images.
> +
> +  @param[in]  BlockDescriptors The block descriptors for the capsule images
> +  @param[in]  CapsuleNum       The count of capsule images
> +**/
> +VOID
> +CleanGatherList(
> +  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
> +  IN UINTN                          CapsuleNum
> +  )
> +{
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
> +  UINTN                          Index;
> +
> +  if (BlockDescriptors != NULL) {
> +    TempBlockPtr1 = BlockDescriptors;
> +    while (1){
> +      TempBlockPtr = TempBlockPtr1;
> +      for (Index = 0; Index < CapsuleNum; Index++) {
> +        if (TempBlockPtr[Index].Length == 0) {
> +          break;
> +        }
> +      }
> +
> +      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
> +        break;
> +      }
> +
> +      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
> +      FreePool(TempBlockPtr1);
> +      TempBlockPtr1 = TempBlockPtr2;
> +    }
> +  }
> +}
> +
> +/**
> +  Print APP usage.
> +**/
> +VOID
> +PrintUsage (
> +  VOID
> +  )
> +{
> +  Print(L"CapsuleApp:  usage\n");
> +  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
> +  Print(L"  CapsuleApp -S\n");
> +  Print(L"  CapsuleApp -C\n");
> +  Print(L"  CapsuleApp -P\n");
> +  Print(L"  CapsuleApp -E\n");
> +  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
> +  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
> +  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
> +  Print(L"Parameter:\n");
> +  Print(L"  -NR: No Reset.\n");
> +  Print(L"  -S:  Dump capsule status.\n");
> +  Print(L"  -C:  Clear capsule status.\n");
> +  Print(L"  -P:  Dump FMP protocol info.\n");
> +  Print(L"  -E:  Dump ESRT table info.\n");
> +  Print(L"  -G:  Input BMP file name\n");
> +  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
> +  Print(L"  -O:  Output Capsule file name\n");
> +  Print(L"  -D:  Dump Capsule\n");
> +}
> +
> +/**
> +  Update Capsule image.
> +
> +  @param[in]  ImageHandle     The image handle.
> +  @param[in]  SystemTable     The system table.
> +
> +  @retval EFI_SUCCESS            Command completed successfully.
> +  @retval EFI_INVALID_PARAMETER  Command usage error.
> +  @retval EFI_NOT_FOUND          The input file can't be found.
> +**/
> +EFI_STATUS
> +EFIAPI
> +UefiMain (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  UINTN                         FileSize[MAX_CAPSULE_NUM];
> +  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
> +  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
> +  UINT64                         MaxCapsuleSize;
> +  EFI_RESET_TYPE                 ResetType;
> +  BOOLEAN                        NeedReset;
> +  BOOLEAN                        NoReset;
> +  CHAR16                         *CapsuleName;
> +  UINTN                          CapsuleNum;
> +  UINTN                          Index;
> +
> +  Status = GetArg();
> +  if (EFI_ERROR(Status)) {
> +    Print(L"Please use UEFI SHELL to run this application!\n", Status);
> +    return Status;
> +  }
> +  if (Argc < 2) {
> +    PrintUsage();
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  if (StrCmp(Argv[1], L"-D") == 0) {
> +    Status = DumpCapsule();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-G") == 0) {
> +    Status = CreateBmpFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-N") == 0) {
> +    Status = CreateNestedFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-S") == 0) {
> +    Status = DmpCapsuleStatusVariable();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-C") == 0) {
> +    Status = ClearCapsuleStatusVariable();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-P") == 0) {
> +    DumpFmpData();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-E") == 0) {
> +    DumpEsrtData();
> +    return EFI_SUCCESS;
> +  }
> +  CapsuleFirstIndex = 1;
> +  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
> +    NoReset = TRUE;
> +    CapsuleLastIndex = Argc - 2;
> +  } else {
> +    NoReset = FALSE;
> +    CapsuleLastIndex = Argc - 1;
> +  }
> +  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
> +
> +  if (CapsuleFirstIndex > CapsuleLastIndex) {
> +    Print(L"CapsuleApp: NO capsule image.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CapsuleNum > MAX_CAPSULE_NUM) {
> +    Print(L"CapsuleApp: Too many capsule images.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
> +  ZeroMem(&FileSize, sizeof(FileSize));
> +  BlockDescriptors = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleName = Argv[CapsuleFirstIndex + Index];
> +    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
> +    if (EFI_ERROR(Status)) {
> +      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Every capsule use 2 descriptor 1 for data 1 for end
> +  //
> +  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
> +  if (EFI_ERROR(Status)) {
> +    goto Done;
> +  }
> +
> +  //
> +  // Call the runtime service capsule.
> +  //
> +  NeedReset = FALSE;
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
> +    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0)
> {
> +      NeedReset = TRUE;
> +    }
> +  }
> +  CapsuleHeaderArray[CapsuleNum] = NULL;
> +  if (NoReset) {
> +    NeedReset = FALSE;
> +  }
> +
> +  //
> +  // Inquire platform capability of UpdateCapsule.
> +  //
> +  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum,
> &MaxCapsuleSize, &ResetType);
> +  if (EFI_ERROR(Status)) {
> +    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
> +    goto Done;
> +  }
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (FileSize[Index] > MaxCapsuleSize) {
> +      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n",
> MaxCapsuleSize);
> +      Status = EFI_UNSUPPORTED;
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Check whether the input capsule image has the flag of persist across system
> reset.
> +  //
> +  if (NeedReset) {
> +    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +      goto Done;
> +    }
> +    //
> +    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
> +    // system reset to process capsule persist across a system reset.
> +    //
> +    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
> +  } else {
> +    //
> +    // For capsule who has no reset flag, only call UpdateCapsule Service without a
> +    // system reset. The service will process the capsule immediately.
> +    //
> +    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +    }
> +  }
> +
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (CapsuleBuffer[Index] != NULL) {
> +      FreePool (CapsuleBuffer[Index]);
> +    }
> +  }
> +
> +  CleanGatherList(BlockDescriptors, CapsuleNum);
> +
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> new file mode 100644
> index 0000000..2084e5f
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> @@ -0,0 +1,71 @@
> +##  @file
> +#  A shell application that triggers capsule update process.
> +#
> +# This application can trigger capsule update process. It can also
> +# generate capsule image, or dump capsule variable information.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010006
> +  BASE_NAME                      = CapsuleApp
> +  MODULE_UNI_FILE                = CapsuleApp.uni
> +  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
> +  MODULE_TYPE                    = UEFI_APPLICATION
> +  VERSION_STRING                 = 1.0
> +  ENTRY_POINT                    = UefiMain
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64
> +#
> +
> +[Sources]
> +  CapsuleApp.c
> +  CapsuleDump.c
> +  AppSupport.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[Guids]
> +  gEfiFileInfoGuid
> +  gEfiPartTypeSystemPartGuid
> +  gEfiGlobalVariableGuid
> +  gEfiCapsuleReportGuid
> +  gEfiFmpCapsuleGuid
> +  gWindowsUxCapsuleGuid
> +  gEfiCertTypeRsa2048Sha256Guid
> +  gEfiCertPkcs7Guid
> +  gEfiSystemResourceTableGuid
> +
> +[Protocols]
> +  gEfiLoadedImageProtocolGuid
> +  gEfiSimpleFileSystemProtocolGuid
> +  gEfiGraphicsOutputProtocolGuid
> +  gEfiFirmwareManagementProtocolGuid
> +  gEfiShellParametersProtocolGuid
> +
> +[LibraryClasses]
> +  BaseLib
> +  UefiApplicationEntryPoint
> +  DebugLib
> +  MemoryAllocationLib
> +  UefiBootServicesTableLib
> +  UefiRuntimeServicesTableLib
> +  UefiLib
> +  PrintLib
> +
> +[UserExtensions.TianoCore."ExtraFiles"]
> +  CapsuleAppExtra.uni
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> new file mode 100644
> index 0000000..54d6e12
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// A shell application that triggers capsule update process.
> +//
> +// This application can trigger capsule update process. It can also
> +// generate capsule image, or dump capsule variable information.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "A shell application that
> triggers capsule update process."
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger
> capsule update process. It can also generate capsule image, or dump capsule variable
> information."
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> new file mode 100644
> index 0000000..b5a8840
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> @@ -0,0 +1,19 @@
> +// /** @file
> +// CapsuleApp Localized Strings and Content
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +#string STR_PROPERTIES_MODULE_NAME
> +#language en-US
> +"Capsule Application"
> +
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> new file mode 100644
> index 0000000..b383fe1
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> @@ -0,0 +1,740 @@
> +/** @file
> +  Dump Capsule image information.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/ImageAuthentication.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +extern UINTN  Argc;
> +extern CHAR16 *Argv[];
> +
> +/**
> +  Dump UX capsule information.
> +
> +  @param CapsuleHeader      The UX capsule header
> +**/
> +VOID
> +DumpUxCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
> +  Print(L"[UxCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule-
> >CapsuleHeader.CapsuleImageSize);
> +  Print(L"ImagePayload:\n");
> +  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
> +  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
> +  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
> +  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
> +  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
> +  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
> +}
> +
> +/**
> +  Dump FMP image authentication information.
> +
> +  @param Image      The FMP capsule image
> +  @param ImageSize  The size of the FMP capsule image in bytes.
> +
> +  @return the size of FMP authentication.
> +**/
> +UINTN
> +DumpImageAuthentication(
> +  IN VOID   *Image,
> +  IN UINTN  ImageSize
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
> +
> +  ImageAuthentication = Image;
> +  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
> +      CompareGuid(&ImageAuthentication->AuthInfo.CertType,
> &gEfiCertTypeRsa2048Sha256Guid)) {
> +    Print(L"[ImageAuthentication]\n");
> +    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
> +    Print(L"WIN_CERTIFICATE:\n");
> +    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
> +    Print(L"  wRevision        - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wRevision);
> +    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wCertificateType);
> +    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
> +    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication-
> >AuthInfo.Hdr.dwLength;
> +  } else {
> +    return 0;
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  UINT64                                        *ItemOffsetList;
> +  UINTN                                         Index;
> +  UINTN                                         Count;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
> +
> +  Print(L"[FmpCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  Print(L"FmpHeader:\n");
> +  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
> +  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
> +  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
> +  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
> +  for (Index = 0; Index < Count; Index++) {
> +    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
> +  }
> +
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
> +    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
> +    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
> +    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
> +    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
> +    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
> +    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
> +    if (FmpImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader-
> >UpdateHardwareInstance);
> +    }
> +  }
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +
> +  //
> +  // Check ESRT
> +  //
> +  EsrtGuidFound = FALSE;
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +        EsrtGuidFound = TRUE;
> +        break;
> +      }
> +    }
> +  }
> +
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *CapsuleName;
> +  VOID                                          *Buffer;
> +  UINTN                                         FileSize;
> +  EFI_CAPSULE_HEADER                            *CapsuleHeader;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 3) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  CapsuleHeader = Buffer;
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
> +    DumpUxCapsule(CapsuleHeader);
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    DumpFmpCapsule(CapsuleHeader);
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    Print(L"[NestedCapusule]\n");
> +    Print(L"CapsuleHeader:\n");
> +    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader-
> >HeaderSize));
> +  }
> +
> +Done:
> +  FreePool(Buffer);
> +  return Status;
> +}
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +  UINTN                               CapsuleFileNameSize;
> +  CHAR16                              CapsuleIndexData[12];
> +  CHAR16                              *CapsuleIndex;
> +
> +  Status = GetVariable2(
> +             L"CapsuleMax",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +  Status = GetVariable2(
> +             L"CapsuleLast",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = GetVariable2 (
> +               CapsuleVarName,
> +               &gEfiCapsuleReportGuid,
> +               (VOID **) &CapsuleResult,
> +               NULL
> +               );
> +    if (Status == EFI_NOT_FOUND) {
> +      break;
> +    } else if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    //
> +    // display capsule process status
> +    //
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      Print (L"CapsuleName: %s\n", CapsuleVarName);
> +      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
> +      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
> +      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
> +    }
> +
> +    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +      if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
> +        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
> +        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp-
> >UpdateImageIndex);
> +        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp-
> >UpdateImageTypeId);
> +        if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
> +          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
> +          if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) +
> CapsuleFileNameSize) {
> +            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp +
> 1) + CapsuleFileNameSize);
> +          }
> +        }
> +      }
> +    }
> +
> +    FreePool(CapsuleResult);
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +CHAR8 *mFwTypeString[] = {
> +  "Unknown",
> +  "SystemFirmware",
> +  "DeviceFirmware",
> +  "UefiDriver",
> +};
> +
> +CHAR8 *mLastAttemptStatusString[] = {
> +  "Success",
> +  "Error: Unsuccessful",
> +  "Error: Insufficient Resources",
> +  "Error: Incorrect Version",
> +  "Error: Invalid Format",
> +  "Error: Auth Error",
> +  "Error: Power Event AC",
> +  "Error: Power Event Battery",
> +};
> +
> +/**
> +  Convert FwType to a string.
> +
> +  @param FwType  FwType in ESRT
> +
> +  @return a string for FwType.
> +**/
> +CHAR8 *
> +FwTypeToString(
> +  IN UINT32 FwType
> +  )
> +{
> +  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
> +    return mFwTypeString[FwType];
> +  } else {
> +    return "Invalid";
> +  }
> +}
> +
> +/**
> +  Convert LastAttemptStatus to a string.
> +
> +  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
> +
> +  @return a string for LastAttemptStatus.
> +**/
> +CHAR8 *
> +LastAttemptStatusToString(
> +  IN UINT32 LastAttemptStatus
> +  )
> +{
> +  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) /
> sizeof(mLastAttemptStatusString[0])) {
> +    return mLastAttemptStatusString[LastAttemptStatus];
> +  } else {
> +    return "Error: Unknown";
> +  }
> +}
> +
> +/**
> +  Dump ESRT entry.
> +
> +  @param EsrtEntry  ESRT entry
> +**/
> +VOID
> +DumpEsrtEntry(
> +  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
> +  )
> +{
> +  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
> +  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType,
> FwTypeToString(EsrtEntry->FwType));
> +  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
> +  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
> +  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
> +  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
> +  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
> +  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_INITIATE_RESET);
> +  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
> +  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus,
> LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
> +}
> +
> +/**
> +  Dump ESRT table.
> +
> +  @param Esrt  ESRT table
> +**/
> +VOID
> +DumpEsrt(
> +  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
> +  )
> +{
> +  UINTN                      Index;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +
> +  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
> +  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
> +  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
> +  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
> +
> +  EsrtEntry = (VOID *)(Esrt + 1);
> +  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
> +    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
> +    DumpEsrtEntry(EsrtEntry);
> +    EsrtEntry++;
> +  }
> +}
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +
> +  Print(L"##############\n");
> +  Print(L"# ESRT TABLE #\n");
> +  Print(L"##############\n");
> +
> +  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"ESRT - %r\n", Status);
> +    return;
> +  }
> +  DumpEsrt(Esrt);
> +  Print(L"\n");
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
> +  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
> +  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
> +  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    Print(L"  ImageDescriptor (%d)\n", Index);
> +    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
> +    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
> +    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
> +    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo-
> >ImageIdName);
> +    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
> +    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo-
> >VersionName);
> +    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
> +    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo-
> >Compatibilities);
> +    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo-
> >Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
> +    if (DescriptorVersion > 1) {
> +      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo-
> >LowestSupportedImageVersion);
> +      if (DescriptorVersion > 2) {
> +        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo-
> >LastAttemptVersion);
> +        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo-
> >LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
> +        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo-
> >HardwareInstance);
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump FMP package information.
> +
> +  @param PackageVersion             The version of package.
> +  @param PackageVersionName         The version name of package.
> +  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
> +  @param AttributesSupported        Package attributes that are supported by this
> device.
> +  @param AttributesSetting          Package attributes.
> +**/
> +VOID
> +DumpFmpPackageInfo(
> +  IN UINT32                           PackageVersion,
> +  IN CHAR16                           *PackageVersionName,
> +  IN UINT32                           PackageVersionNameMaxLen,
> +  IN UINT64                           AttributesSupported,
> +  IN UINT64                           AttributesSetting
> +  )
> +{
> +  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
> +  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
> +  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +}
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         Index;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINT8                                         FmpImageInfoCount;
> +  UINTN                                         DescriptorSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  UINT32                                        PackageVersionNameMaxLen;
> +  UINT64                                        AttributesSupported;
> +  UINT64                                        AttributesSetting;
> +
> +  Print(L"############\n");
> +  Print(L"# FMP DATA #\n");
> +  Print(L"############\n");
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
> +    return;
> +  }
> +
> +  for (Index = 0; Index < NumberOfHandles; Index++) {
> +    Status = gBS->HandleProtocol(
> +                    HandleBuffer[Index],
> +                    &gEfiFirmwareManagementProtocolGuid,
> +                    (VOID **)&Fmp
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    ImageInfoSize = 0;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL
> +                    );
> +    if (Status != EFI_BUFFER_TOO_SMALL) {
> +      continue;
> +    }
> +
> +    FmpImageInfoBuf = NULL;
> +    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +    if (FmpImageInfoBuf == NULL) {
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto EXIT;
> +    }
> +
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,               // ImageInfoSize
> +                    FmpImageInfoBuf,              // ImageInfo
> +                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                    &FmpImageInfoCount,           // DescriptorCount
> +                    &DescriptorSize,              // DescriptorSize
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName           // PackageVersionName
> +                    );
> +
> +    //
> +    // If FMP GetInformation interface failed, skip this resource
> +    //
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
> +      FreePool(FmpImageInfoBuf);
> +      continue;
> +    }
> +
> +    Print(L"FMP (%d) ImageInfo:\n", Index);
> +    DumpFmpImageInfo(
> +      ImageInfoSize,               // ImageInfoSize
> +      FmpImageInfoBuf,             // ImageInfo
> +      FmpImageInfoDescriptorVer,   // DescriptorVersion
> +      FmpImageInfoCount,           // DescriptorCount
> +      DescriptorSize,              // DescriptorSize
> +      PackageVersion,              // PackageVersion
> +      PackageVersionName           // PackageVersionName
> +      );
> +
> +    if (PackageVersionName != NULL) {
> +      FreePool(PackageVersionName);
> +    }
> +    FreePool(FmpImageInfoBuf);
> +
> +    //
> +    // Get package info
> +    //
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetPackageInfo (
> +                    Fmp,
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName,          // PackageVersionName
> +                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +                    &AttributesSupported,         // AttributesSupported
> +                    &AttributesSetting            // AttributesSetting
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
> +    } else {
> +      Print(L"FMP (%d) ImageInfo:\n", Index);
> +      DumpFmpPackageInfo(
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName,          // PackageVersionName
> +        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +        AttributesSupported,         // AttributesSupported
> +        AttributesSetting            // AttributesSetting
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +    }
> +  }
> +  Print(L"\n");
> +
> +EXIT:
> +  FreePool(HandleBuffer);
> +}
> --
> 2.7.4.windows.1

Re: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Yao, Jiewen]

Sorry. Fixed a typo in my rely.
This UX capsule is already supported in MdeModulePkg\Library\DxeCapsuleLib.

Sean also provides feedback to remove BMP handling from this and abstract BMP handle by using a new lib.
I think it is a good idea and will follow up on that.


From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Yao, Jiewen
Sent: Wednesday, October 26, 2016 8:42 AM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Tian, Feng <feng.tian@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>
Subject: Re: [edk2] [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Comments inline:

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 7:26 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Hi Jiewen,

When I run the CapsuleApp.efi, it shows the following help:

CapsuleApp:  usage
  CapsuleApp <Capsule...> [-NR]
  CapsuleApp -S
  CapsuleApp -C
  CapsuleApp -P
  CapsuleApp -E
  CapsuleApp -G <BMP> -O <Capsule>
  CapsuleApp -N <Capsule> -O <NestedCapsule>
  CapsuleApp -D|-DS <Capsule>
Parameter:
  -NR: No Reset.
  -S:  Dump capsule status.
  -C:  Clear capsule status.
  -P:  Dump FMP protocol info.
  -E:  Dump ESRT table info.
  -G:  Input BMP file name
  -N:  Append Capsule Header accroding to Windows Firmware Update
  -O:  Output Capsule file name
  -D:  Dump Capsule

I have verified that that standard use case for Galileo Gen 2 works:

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap

I then explored some of the other options and there are some that do
not work as expected:


1) If I set the no reset flag (-NR), it still resets.

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap -NR
[Jiewen] This flag/code is inherit from the original EDKI code.
I made a mistake that I thought it should work.
But not actually because I just realize the reset process is moved to CapsuleService driver.
I will remove [NR] flag totally.


2) Because (1) does not work, the flags to view or operate on a previously
   Loaded capsule cannot be used such as -S, -C, -N, -O, -D.  So I do not
   know if any of these flags work.  Have you tested them?
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.
All of below are validated. None of them are related to [NR]

  -S:  Dump capsule status. // The capsule status variable is defined by UEFI spec. Just dump the variable. No touch capsule image.
  -C:  Clear capsule status. // The capsule status variable is defined by UEFI spec. Just clear the variable. No touch capsule image.
  -N:  Append Capsule Header accroding to Windows Firmware Update // this is to follow "Windows Firmware Update" document to append a header. We need input a capsule image and out a new capsule image. So we can test the nested capsule image. No capsule service is called. Just append header and generate a new image.
  -O:  Output Capsule file name // -O is an option working with others such as "-G <BMP> -O <Capsule>", or "-N <Capsule> -O <NestedCapsule>"
  -D:  Dump Capsule // this is just dump the capsule image information.

If you find some do not work, please let me know and I will fix them.

3) What does -G do?  I do not see a standard way to update only
   a BMP logo image in this series of patches.  If that is not
   really functional, then the code and help for -G should be
   removed.
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.

  -G:  Input BMP file name // this is to follow "windows firmware update" document to wrap a BMP file to be a UX capsule. So that end user may see a picture during capsule process, ideally. The prerequisite is that the platform need have a valid console.

This UX capsule is already supported in IntelFrameworkModulePkg\Library\DxeCapsuleLib.

I think this app just provides the capability to generate a UX capsule for unit test.
I think this is useful and I suggest we keep it.
If you find it does not work, please let me know and I will fix it.

4) Typo in help for -N flag.  "accroding" should be "according".
[Jiewen] Thank you. Fixed.

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com<mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com<mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com%3cmailto:chao.b.zhang@intel.com>>>
> Subject: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.
>
> This CapsuleApp can help perform capsule update in UEFI shell environment.
> It can also dump capsule information, capsule status variable, ESRT and FMP.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com<mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com<mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com%3cmailto:chao.b.zhang@intel.com>>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com<mailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com>>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com<mailto:liming.gao@intel.com%3cmailto:liming.gao@intel.com>>>
> ---
>  MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
>  6 files changed, 2150 insertions(+)
>
> diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> new file mode 100644
> index 0000000..90ca1fd
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> @@ -0,0 +1,445 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/ShellParameters.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +
> +#define MAX_ARG_NUM     11
> +
> +UINTN  Argc;
> +CHAR16 **Argv;
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiShellParametersProtocolGuid,
> +                  (VOID**)&ShellParameters
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  Argc = ShellParameters->Argc;
> +  Argv = ShellParameters->Argv;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return File System Volume containing this shell application.
> +
> +  @return File System Volume containing this shell application.
> +**/
> +EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
> +GetMyVol (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiLoadedImageProtocolGuid,
> +                  (VOID **)&LoadedImage
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  Status = gBS->HandleProtocol (
> +                  LoadedImage->DeviceHandle,
> +                  &gEfiSimpleFileSystemProtocolGuid,
> +                  (VOID **)&Vol
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return Vol;
> +  }
> +
> +  return NULL;
> +}
> +
> +/**
> +  Read a file from this volume.
> +
> +  @param Vol             File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileFromVol (
> +  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
> +  IN  CHAR16                            *FileName,
> +  OUT UINTN                             *BufferSize,
> +  OUT VOID                              **Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             FileInfoSize;
> +  EFI_FILE_INFO                     *FileInfo;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Get the file information
> +  //
> +  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
> +
> +  FileInfo = AllocateZeroPool (FileInfoSize);
> +  if (FileInfo == NULL) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Status = Handle->GetInfo (
> +                     Handle,
> +                     &gEfiFileInfoGuid,
> +                     &FileInfoSize,
> +                     FileInfo
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  //
> +  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
> +  //
> +  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
> +  TempBuffer = AllocateZeroPool (TempBufferSize);
> +  if (TempBuffer == NULL) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  gBS->FreePool (FileInfo);
> +
> +  //
> +  // Read the file data to the buffer
> +  //
> +  Status = Handle->Read (
> +                     Handle,
> +                     &TempBufferSize,
> +                     TempBuffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (TempBuffer);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  *BufferSize = TempBufferSize;
> +  *Buffer     = TempBuffer;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +  If ScanFs is FLASE, it will use this Vol as default Fs.
> +  If ScanFs is TRUE, it will scan all FS and check the file.
> +    If there is only one file match the name, it will be read.
> +    If there is more than one file match the name, it will return Error.
> +
> +  @param ThisVol         File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +  @param ScanFs          Need Scan all FS
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +  @retval EFI_NO_MAPPING There is duplicated files found
> +**/
> +EFI_STATUS
> +ReadFileToBufferEx (
> +  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer,
> +  IN  BOOLEAN                              ScanFs
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +  UINTN                             NoHandles;
> +  EFI_HANDLE                        *HandleBuffer;
> +  UINTN                             Index;
> +
> +  //
> +  // Check parameters
> +  //
> +  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // not scan fs
> +  //
> +  if (!ScanFs) {
> +    if (*ThisVol == NULL) {
> +      *ThisVol = GetMyVol ();
> +      if (*ThisVol == NULL) {
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +    //
> +    // Read file directly from Vol
> +    //
> +    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
> +  }
> +
> +  //
> +  // need scan fs
> +  //
> +
> +  //
> +  // Get all Vol handle
> +  //
> +  Status = gBS->LocateHandleBuffer (
> +                   ByProtocol,
> +                   &gEfiSimpleFileSystemProtocolGuid,
> +                   NULL,
> +                   &NoHandles,
> +                   &HandleBuffer
> +                   );
> +  if (EFI_ERROR (Status) && (NoHandles == 0)) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Walk through each Vol
> +  //
> +  *ThisVol = NULL;
> +  *BufferSize = 0;
> +  *Buffer     = NULL;
> +  for (Index = 0; Index < NoHandles; Index++) {
> +    Status = gBS->HandleProtocol (
> +                    HandleBuffer[Index],
> +                    &gEfiSimpleFileSystemProtocolGuid,
> +                    (VOID **)&Vol
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Read file OK, check duplication
> +      //
> +      if (*ThisVol != NULL) {
> +        //
> +        // Find the duplicated file
> +        //
> +        gBS->FreePool (TempBuffer);
> +        gBS->FreePool (*Buffer);
> +        Print (L"Duplicated FileName found!\n");
> +        return EFI_NO_MAPPING;
> +      } else {
> +        //
> +        // Record value
> +        //
> +        *ThisVol = Vol;
> +        *BufferSize = TempBufferSize;
> +        *Buffer     = TempBuffer;
> +      }
> +    }
> +  }
> +
> +  //
> +  // Scan Fs done
> +  //
> +  if (*ThisVol == NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Done
> +  //
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer (
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  )
> +{
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  Vol = NULL;
> +  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
> +}
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             TempBufferSize;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Vol = GetMyVol();
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  //
> +  // Delete file
> +  //
> +  Status = Handle->Delete(Handle);
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file again
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Write the file data from the buffer
> +  //
> +  TempBufferSize = BufferSize;
> +  Status = Handle->Write (
> +                     Handle,
> +                     &TempBufferSize,
> +                     Buffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> new file mode 100644
> index 0000000..6bb778a
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> @@ -0,0 +1,853 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/GraphicsOutput.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +#include <Guid/GlobalVariable.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#define CAPSULE_HEADER_SIZE  0x20
> +
> +#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
> +#define SYSTEM_FIRMWARE_FLAG 0x50000
> +#define DEVICE_FIRMWARE_FLAG 0x78010
> +
> +#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\<file:///\\EFI\UpdateCapsule\><file:///\\EFI\UpdateCapsule\%3cfile:\EFI\UpdateCapsule\%3e>"
> +#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
> +
> +#define MAJOR_VERSION   1
> +#define MINOR_VERSION   0
> +
> +#define MAX_CAPSULE_NUM 10
> +
> +extern UINTN  Argc;
> +extern CHAR16 **Argv;
> +
> +//
> +// Define how many block descriptors we want to test with.
> +//
> +UINTN  NumberOfDescriptors = 1;
> +UINTN  CapsuleFirstIndex;
> +UINTN  CapsuleLastIndex;
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  );
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  );
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData(
> +  VOID
> +  );
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData(
> +  VOID
> +  );
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  );
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  );
> +
> +/**
> +  Create UX capsule.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
> +**/
> +EFI_STATUS
> +CreateBmpFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *BmpBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *BmpName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  EFI_STATUS                                    Status;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
> +
> +  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: NO GOP is found.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
> +  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
> +  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
> +  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
> +  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  BmpBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  BmpName = Argv[2];
> +  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
> +  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
> +  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
> +  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
> +  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  DisplayCapsule->ImagePayload.Version = 1;
> +  DisplayCapsule->ImagePayload.Checksum = 0;
> +  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
> +  DisplayCapsule->ImagePayload.Reserved = 0;
> +  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
> +  DisplayCapsule->ImagePayload.OffsetX = 0;
> +  DisplayCapsule->ImagePayload.OffsetY = 0;
> +
> +  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
> +
> +  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer,
> FullCapsuleBufferSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (BmpBuffer != NULL) {
> +    FreePool(BmpBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Get ImageTypeId in the FMP capsule header.
> +
> +  @param CapsuleHeader  The FMP capsule image header.
> +
> +  @return ImageTypeId
> +**/
> +EFI_GUID *
> +GetCapsuleImageTypeId(
> +  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT64                                       *ItemOffsetList;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  if (FmpCapsuleHeader->PayloadItemCount == 0) {
> +    return NULL;
> +  }
> +  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
> +  return &ImageHeader->UpdateImageTypeId;
> +}
> +
> +/**
> +  Get ESRT FwType according to ImageTypeId
> +
> +  @param  ImageTypeId   ImageTypeId of an FMP capsule.
> +
> +  @return ESRT FwType
> +**/
> +UINT32
> +GetEsrtFwType(
> +  IN  EFI_GUID                                      *ImageTypeId
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +
> +  //
> +  // Check ESRT
> +  //
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
> +        return EsrtEntry->FwType;
> +      }
> +    }
> +  }
> +
> +  return ESRT_FW_TYPE_UNKNOWN;
> +}
> +
> +/**
> +  Append a capsule header on top of current image.
> +  This function follows Windows UEFI Firmware Update Platform document.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
> +**/
> +EFI_STATUS
> +CreateNestedFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *CapsuleBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *CapsuleName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
> +  EFI_GUID                                      *ImageTypeId;
> +  UINT32                                        FwType;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  CapsuleBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
> +  if (ImageTypeId == NULL) {
> +    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
> +    goto Done;
> +  }
> +  FwType = GetEsrtFwType(ImageTypeId);
> +  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType !=
> ESRT_FW_TYPE_DEVICEFIRMWARE)) {
> +    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
> +  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
> +  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
> +  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
> +  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ?
> SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
> +  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize,
> CapsuleBuffer, FileSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (CapsuleBuffer != NULL) {
> +    FreePool(CapsuleBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +
> +/**
> +  Clear capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is cleared.
> +**/
> +EFI_STATUS
> +ClearCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Build Gather list for a list of capsule images.
> +
> +  @param[in]  CapsuleBuffer    An array of pointer to capsule images
> +  @param[in]  FileSize         An array of UINTN to capsule images size
> +  @param[in]  CapsuleNum       The count of capsule images
> +  @param[out] BlockDescriptors The block descriptors for the capsule images
> +
> +  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
> +**/
> +EFI_STATUS
> +BuildGatherList(
> +  IN VOID                          **CapsuleBuffer,
> +  IN UINTN                         *FileSize,
> +  IN UINTN                         CapsuleNum,
> +  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
> +  UINT8                         *TempDataPtr;
> +  UINTN                         SizeLeft;
> +  UINTN                         Size;
> +  INT32                         Count;
> +  INT32                         Number;
> +  UINTN                         Index;
> +
> +  TempBlockPtr           = NULL;
> +  BlockDescriptors1      = NULL;
> +  BlockDescriptors2      = NULL;
> +  BlockDescriptorPre     = NULL;
> +  BlockDescriptorsHeader = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    //
> +    // Allocate memory for the descriptors.
> +    //
> +    if (NumberOfDescriptors == 1) {
> +      Count = 2;
> +    } else {
> +      Count = (INT32)(NumberOfDescriptors + 2) / 2;
> +    }
> +
> +    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
> +    if (BlockDescriptors1 == NULL) {
> +      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto ERREXIT;
> +    } else {
> +      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN)
> BlockDescriptors1);
> +      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n",
> (UINTN) CapsuleBuffer, FileSize);
> +    }
> +
> +    //
> +    // Record descirptor header
> +    //
> +    if (Index == 0) {
> +      BlockDescriptorsHeader = BlockDescriptors1;
> +    }
> +
> +    if (BlockDescriptorPre != NULL) {
> +      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
> +      BlockDescriptorPre->Length = 0;
> +    }
> +
> +    //
> +    // Fill them in
> +    //
> +    TempBlockPtr  = BlockDescriptors1;
> +    TempDataPtr   = CapsuleBuffer[Index];
> +    SizeLeft      = FileSize[Index];
> +    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
> +      //
> +      // Divide remaining data in half
> +      //
> +      if (NumberOfDescriptors != 1) {
> +        if (SizeLeft == 1) {
> +          Size = 1;
> +        } else {
> +          Size = SizeLeft / 2;
> +        }
> +      } else {
> +        Size = SizeLeft;
> +      }
> +      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +      TempBlockPtr->Length  = Size;
> +      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +      SizeLeft -= Size;
> +      TempDataPtr += Size;
> +      TempBlockPtr++;
> +    }
> +
> +    //
> +    // Allocate the second list, point the first block's last entry to point
> +    // to this one, and fill this one in. Worst case is that the previous
> +    // list only had one element that pointed here, so we need at least two
> +    // elements -- one to point to all the data, another to terminate the list.
> +    //
> +    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
> +      Count = (INT32)(NumberOfDescriptors + 2) - Count;
> +      if (Count == 1) {
> +        Count++;
> +      }
> +
> +      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
> +      if (BlockDescriptors2 == NULL) {
> +        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +        Status = EFI_OUT_OF_RESOURCES;
> +        goto ERREXIT;
> +      }
> +
> +      //
> +      // Point the first list's last element to point to this second list.
> +      //
> +      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
> +
> +      TempBlockPtr->Length  = 0;
> +      TempBlockPtr = BlockDescriptors2;
> +      for (Number = 0; Number < Count - 1; Number++) {
> +        //
> +        // If second-to-last one, then dump rest to this element
> +        //
> +        if (Number == (Count - 2)) {
> +          Size = SizeLeft;
> +        } else {
> +          //
> +          // Divide remaining data in half
> +          //
> +          if (SizeLeft == 1) {
> +            Size = 1;
> +          } else {
> +            Size = SizeLeft / 2;
> +          }
> +        }
> +
> +        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +        TempBlockPtr->Length  = Size;
> +        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +        SizeLeft -= Size;
> +        TempDataPtr += Size;
> +        TempBlockPtr++;
> +        if (SizeLeft == 0) {
> +          break;
> +        }
> +      }
> +    }
> +
> +    BlockDescriptorPre = TempBlockPtr;
> +    BlockDescriptors1  = NULL;
> +  }
> +
> +  //
> +  // Null-terminate.
> +  //
> +  if (TempBlockPtr != NULL) {
> +    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
> +    TempBlockPtr->Length  = 0;
> +    *BlockDescriptors = BlockDescriptorsHeader;
> +  }
> +
> +  return EFI_SUCCESS;
> +
> +ERREXIT:
> +  if (BlockDescriptors1 != NULL) {
> +    FreePool(BlockDescriptors1);
> +  }
> +
> +  if (BlockDescriptors2 != NULL) {
> +    FreePool(BlockDescriptors2);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Clear the Gather list for a list of capsule images.
> +
> +  @param[in]  BlockDescriptors The block descriptors for the capsule images
> +  @param[in]  CapsuleNum       The count of capsule images
> +**/
> +VOID
> +CleanGatherList(
> +  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
> +  IN UINTN                          CapsuleNum
> +  )
> +{
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
> +  UINTN                          Index;
> +
> +  if (BlockDescriptors != NULL) {
> +    TempBlockPtr1 = BlockDescriptors;
> +    while (1){
> +      TempBlockPtr = TempBlockPtr1;
> +      for (Index = 0; Index < CapsuleNum; Index++) {
> +        if (TempBlockPtr[Index].Length == 0) {
> +          break;
> +        }
> +      }
> +
> +      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
> +        break;
> +      }
> +
> +      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
> +      FreePool(TempBlockPtr1);
> +      TempBlockPtr1 = TempBlockPtr2;
> +    }
> +  }
> +}
> +
> +/**
> +  Print APP usage.
> +**/
> +VOID
> +PrintUsage (
> +  VOID
> +  )
> +{
> +  Print(L"CapsuleApp:  usage\n");
> +  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
> +  Print(L"  CapsuleApp -S\n");
> +  Print(L"  CapsuleApp -C\n");
> +  Print(L"  CapsuleApp -P\n");
> +  Print(L"  CapsuleApp -E\n");
> +  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
> +  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
> +  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
> +  Print(L"Parameter:\n");
> +  Print(L"  -NR: No Reset.\n");
> +  Print(L"  -S:  Dump capsule status.\n");
> +  Print(L"  -C:  Clear capsule status.\n");
> +  Print(L"  -P:  Dump FMP protocol info.\n");
> +  Print(L"  -E:  Dump ESRT table info.\n");
> +  Print(L"  -G:  Input BMP file name\n");
> +  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
> +  Print(L"  -O:  Output Capsule file name\n");
> +  Print(L"  -D:  Dump Capsule\n");
> +}
> +
> +/**
> +  Update Capsule image.
> +
> +  @param[in]  ImageHandle     The image handle.
> +  @param[in]  SystemTable     The system table.
> +
> +  @retval EFI_SUCCESS            Command completed successfully.
> +  @retval EFI_INVALID_PARAMETER  Command usage error.
> +  @retval EFI_NOT_FOUND          The input file can't be found.
> +**/
> +EFI_STATUS
> +EFIAPI
> +UefiMain (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  UINTN                         FileSize[MAX_CAPSULE_NUM];
> +  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
> +  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
> +  UINT64                         MaxCapsuleSize;
> +  EFI_RESET_TYPE                 ResetType;
> +  BOOLEAN                        NeedReset;
> +  BOOLEAN                        NoReset;
> +  CHAR16                         *CapsuleName;
> +  UINTN                          CapsuleNum;
> +  UINTN                          Index;
> +
> +  Status = GetArg();
> +  if (EFI_ERROR(Status)) {
> +    Print(L"Please use UEFI SHELL to run this application!\n", Status);
> +    return Status;
> +  }
> +  if (Argc < 2) {
> +    PrintUsage();
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  if (StrCmp(Argv[1], L"-D") == 0) {
> +    Status = DumpCapsule();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-G") == 0) {
> +    Status = CreateBmpFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-N") == 0) {
> +    Status = CreateNestedFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-S") == 0) {
> +    Status = DmpCapsuleStatusVariable();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-C") == 0) {
> +    Status = ClearCapsuleStatusVariable();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-P") == 0) {
> +    DumpFmpData();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-E") == 0) {
> +    DumpEsrtData();
> +    return EFI_SUCCESS;
> +  }
> +  CapsuleFirstIndex = 1;
> +  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
> +    NoReset = TRUE;
> +    CapsuleLastIndex = Argc - 2;
> +  } else {
> +    NoReset = FALSE;
> +    CapsuleLastIndex = Argc - 1;
> +  }
> +  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
> +
> +  if (CapsuleFirstIndex > CapsuleLastIndex) {
> +    Print(L"CapsuleApp: NO capsule image.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CapsuleNum > MAX_CAPSULE_NUM) {
> +    Print(L"CapsuleApp: Too many capsule images.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
> +  ZeroMem(&FileSize, sizeof(FileSize));
> +  BlockDescriptors = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleName = Argv[CapsuleFirstIndex + Index];
> +    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
> +    if (EFI_ERROR(Status)) {
> +      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Every capsule use 2 descriptor 1 for data 1 for end
> +  //
> +  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
> +  if (EFI_ERROR(Status)) {
> +    goto Done;
> +  }
> +
> +  //
> +  // Call the runtime service capsule.
> +  //
> +  NeedReset = FALSE;
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
> +    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0)
> {
> +      NeedReset = TRUE;
> +    }
> +  }
> +  CapsuleHeaderArray[CapsuleNum] = NULL;
> +  if (NoReset) {
> +    NeedReset = FALSE;
> +  }
> +
> +  //
> +  // Inquire platform capability of UpdateCapsule.
> +  //
> +  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum,
> &MaxCapsuleSize, &ResetType);
> +  if (EFI_ERROR(Status)) {
> +    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
> +    goto Done;
> +  }
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (FileSize[Index] > MaxCapsuleSize) {
> +      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n",
> MaxCapsuleSize);
> +      Status = EFI_UNSUPPORTED;
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Check whether the input capsule image has the flag of persist across system
> reset.
> +  //
> +  if (NeedReset) {
> +    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +      goto Done;
> +    }
> +    //
> +    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
> +    // system reset to process capsule persist across a system reset.
> +    //
> +    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
> +  } else {
> +    //
> +    // For capsule who has no reset flag, only call UpdateCapsule Service without a
> +    // system reset. The service will process the capsule immediately.
> +    //
> +    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +    }
> +  }
> +
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (CapsuleBuffer[Index] != NULL) {
> +      FreePool (CapsuleBuffer[Index]);
> +    }
> +  }
> +
> +  CleanGatherList(BlockDescriptors, CapsuleNum);
> +
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> new file mode 100644
> index 0000000..2084e5f
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> @@ -0,0 +1,71 @@
> +##  @file
> +#  A shell application that triggers capsule update process.
> +#
> +# This application can trigger capsule update process. It can also
> +# generate capsule image, or dump capsule variable information.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010006
> +  BASE_NAME                      = CapsuleApp
> +  MODULE_UNI_FILE                = CapsuleApp.uni
> +  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
> +  MODULE_TYPE                    = UEFI_APPLICATION
> +  VERSION_STRING                 = 1.0
> +  ENTRY_POINT                    = UefiMain
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64
> +#
> +
> +[Sources]
> +  CapsuleApp.c
> +  CapsuleDump.c
> +  AppSupport.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[Guids]
> +  gEfiFileInfoGuid
> +  gEfiPartTypeSystemPartGuid
> +  gEfiGlobalVariableGuid
> +  gEfiCapsuleReportGuid
> +  gEfiFmpCapsuleGuid
> +  gWindowsUxCapsuleGuid
> +  gEfiCertTypeRsa2048Sha256Guid
> +  gEfiCertPkcs7Guid
> +  gEfiSystemResourceTableGuid
> +
> +[Protocols]
> +  gEfiLoadedImageProtocolGuid
> +  gEfiSimpleFileSystemProtocolGuid
> +  gEfiGraphicsOutputProtocolGuid
> +  gEfiFirmwareManagementProtocolGuid
> +  gEfiShellParametersProtocolGuid
> +
> +[LibraryClasses]
> +  BaseLib
> +  UefiApplicationEntryPoint
> +  DebugLib
> +  MemoryAllocationLib
> +  UefiBootServicesTableLib
> +  UefiRuntimeServicesTableLib
> +  UefiLib
> +  PrintLib
> +
> +[UserExtensions.TianoCore."ExtraFiles"]
> +  CapsuleAppExtra.uni
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> new file mode 100644
> index 0000000..54d6e12
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// A shell application that triggers capsule update process.
> +//
> +// This application can trigger capsule update process. It can also
> +// generate capsule image, or dump capsule variable information.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "A shell application that
> triggers capsule update process."
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger
> capsule update process. It can also generate capsule image, or dump capsule variable
> information."
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> new file mode 100644
> index 0000000..b5a8840
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> @@ -0,0 +1,19 @@
> +// /** @file
> +// CapsuleApp Localized Strings and Content
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +#string STR_PROPERTIES_MODULE_NAME
> +#language en-US
> +"Capsule Application"
> +
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> new file mode 100644
> index 0000000..b383fe1
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> @@ -0,0 +1,740 @@
> +/** @file
> +  Dump Capsule image information.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/ImageAuthentication.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +extern UINTN  Argc;
> +extern CHAR16 *Argv[];
> +
> +/**
> +  Dump UX capsule information.
> +
> +  @param CapsuleHeader      The UX capsule header
> +**/
> +VOID
> +DumpUxCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
> +  Print(L"[UxCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule-
> >CapsuleHeader.CapsuleImageSize);
> +  Print(L"ImagePayload:\n");
> +  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
> +  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
> +  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
> +  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
> +  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
> +  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
> +}
> +
> +/**
> +  Dump FMP image authentication information.
> +
> +  @param Image      The FMP capsule image
> +  @param ImageSize  The size of the FMP capsule image in bytes.
> +
> +  @return the size of FMP authentication.
> +**/
> +UINTN
> +DumpImageAuthentication(
> +  IN VOID   *Image,
> +  IN UINTN  ImageSize
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
> +
> +  ImageAuthentication = Image;
> +  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
> +      CompareGuid(&ImageAuthentication->AuthInfo.CertType,
> &gEfiCertTypeRsa2048Sha256Guid)) {
> +    Print(L"[ImageAuthentication]\n");
> +    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
> +    Print(L"WIN_CERTIFICATE:\n");
> +    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
> +    Print(L"  wRevision        - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wRevision);
> +    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wCertificateType);
> +    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
> +    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication-
> >AuthInfo.Hdr.dwLength;
> +  } else {
> +    return 0;
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  UINT64                                        *ItemOffsetList;
> +  UINTN                                         Index;
> +  UINTN                                         Count;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
> +
> +  Print(L"[FmpCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  Print(L"FmpHeader:\n");
> +  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
> +  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
> +  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
> +  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
> +  for (Index = 0; Index < Count; Index++) {
> +    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
> +  }
> +
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
> +    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
> +    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
> +    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
> +    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
> +    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
> +    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
> +    if (FmpImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader-
> >UpdateHardwareInstance);
> +    }
> +  }
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +
> +  //
> +  // Check ESRT
> +  //
> +  EsrtGuidFound = FALSE;
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +        EsrtGuidFound = TRUE;
> +        break;
> +      }
> +    }
> +  }
> +
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *CapsuleName;
> +  VOID                                          *Buffer;
> +  UINTN                                         FileSize;
> +  EFI_CAPSULE_HEADER                            *CapsuleHeader;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 3) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  CapsuleHeader = Buffer;
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
> +    DumpUxCapsule(CapsuleHeader);
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    DumpFmpCapsule(CapsuleHeader);
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    Print(L"[NestedCapusule]\n");
> +    Print(L"CapsuleHeader:\n");
> +    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader-
> >HeaderSize));
> +  }
> +
> +Done:
> +  FreePool(Buffer);
> +  return Status;
> +}
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +  UINTN                               CapsuleFileNameSize;
> +  CHAR16                              CapsuleIndexData[12];
> +  CHAR16                              *CapsuleIndex;
> +
> +  Status = GetVariable2(
> +             L"CapsuleMax",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +  Status = GetVariable2(
> +             L"CapsuleLast",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = GetVariable2 (
> +               CapsuleVarName,
> +               &gEfiCapsuleReportGuid,
> +               (VOID **) &CapsuleResult,
> +               NULL
> +               );
> +    if (Status == EFI_NOT_FOUND) {
> +      break;
> +    } else if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    //
> +    // display capsule process status
> +    //
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      Print (L"CapsuleName: %s\n", CapsuleVarName);
> +      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
> +      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
> +      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
> +    }
> +
> +    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +      if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
> +        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
> +        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp-
> >UpdateImageIndex);
> +        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp-
> >UpdateImageTypeId);
> +        if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
> +          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
> +          if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) +
> CapsuleFileNameSize) {
> +            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp +
> 1) + CapsuleFileNameSize);
> +          }
> +        }
> +      }
> +    }
> +
> +    FreePool(CapsuleResult);
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +CHAR8 *mFwTypeString[] = {
> +  "Unknown",
> +  "SystemFirmware",
> +  "DeviceFirmware",
> +  "UefiDriver",
> +};
> +
> +CHAR8 *mLastAttemptStatusString[] = {
> +  "Success",
> +  "Error: Unsuccessful",
> +  "Error: Insufficient Resources",
> +  "Error: Incorrect Version",
> +  "Error: Invalid Format",
> +  "Error: Auth Error",
> +  "Error: Power Event AC",
> +  "Error: Power Event Battery",
> +};
> +
> +/**
> +  Convert FwType to a string.
> +
> +  @param FwType  FwType in ESRT
> +
> +  @return a string for FwType.
> +**/
> +CHAR8 *
> +FwTypeToString(
> +  IN UINT32 FwType
> +  )
> +{
> +  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
> +    return mFwTypeString[FwType];
> +  } else {
> +    return "Invalid";
> +  }
> +}
> +
> +/**
> +  Convert LastAttemptStatus to a string.
> +
> +  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
> +
> +  @return a string for LastAttemptStatus.
> +**/
> +CHAR8 *
> +LastAttemptStatusToString(
> +  IN UINT32 LastAttemptStatus
> +  )
> +{
> +  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) /
> sizeof(mLastAttemptStatusString[0])) {
> +    return mLastAttemptStatusString[LastAttemptStatus];
> +  } else {
> +    return "Error: Unknown";
> +  }
> +}
> +
> +/**
> +  Dump ESRT entry.
> +
> +  @param EsrtEntry  ESRT entry
> +**/
> +VOID
> +DumpEsrtEntry(
> +  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
> +  )
> +{
> +  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
> +  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType,
> FwTypeToString(EsrtEntry->FwType));
> +  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
> +  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
> +  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
> +  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
> +  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
> +  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_INITIATE_RESET);
> +  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
> +  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus,
> LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
> +}
> +
> +/**
> +  Dump ESRT table.
> +
> +  @param Esrt  ESRT table
> +**/
> +VOID
> +DumpEsrt(
> +  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
> +  )
> +{
> +  UINTN                      Index;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +
> +  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
> +  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
> +  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
> +  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
> +
> +  EsrtEntry = (VOID *)(Esrt + 1);
> +  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
> +    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
> +    DumpEsrtEntry(EsrtEntry);
> +    EsrtEntry++;
> +  }
> +}
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +
> +  Print(L"##############\n");
> +  Print(L"# ESRT TABLE #\n");
> +  Print(L"##############\n");
> +
> +  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"ESRT - %r\n", Status);
> +    return;
> +  }
> +  DumpEsrt(Esrt);
> +  Print(L"\n");
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
> +  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
> +  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
> +  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    Print(L"  ImageDescriptor (%d)\n", Index);
> +    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
> +    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
> +    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
> +    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo-
> >ImageIdName);
> +    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
> +    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo-
> >VersionName);
> +    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
> +    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo-
> >Compatibilities);
> +    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo-
> >Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
> +    if (DescriptorVersion > 1) {
> +      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo-
> >LowestSupportedImageVersion);
> +      if (DescriptorVersion > 2) {
> +        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo-
> >LastAttemptVersion);
> +        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo-
> >LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
> +        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo-
> >HardwareInstance);
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump FMP package information.
> +
> +  @param PackageVersion             The version of package.
> +  @param PackageVersionName         The version name of package.
> +  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
> +  @param AttributesSupported        Package attributes that are supported by this
> device.
> +  @param AttributesSetting          Package attributes.
> +**/
> +VOID
> +DumpFmpPackageInfo(
> +  IN UINT32                           PackageVersion,
> +  IN CHAR16                           *PackageVersionName,
> +  IN UINT32                           PackageVersionNameMaxLen,
> +  IN UINT64                           AttributesSupported,
> +  IN UINT64                           AttributesSetting
> +  )
> +{
> +  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
> +  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
> +  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +}
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         Index;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINT8                                         FmpImageInfoCount;
> +  UINTN                                         DescriptorSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  UINT32                                        PackageVersionNameMaxLen;
> +  UINT64                                        AttributesSupported;
> +  UINT64                                        AttributesSetting;
> +
> +  Print(L"############\n");
> +  Print(L"# FMP DATA #\n");
> +  Print(L"############\n");
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
> +    return;
> +  }
> +
> +  for (Index = 0; Index < NumberOfHandles; Index++) {
> +    Status = gBS->HandleProtocol(
> +                    HandleBuffer[Index],
> +                    &gEfiFirmwareManagementProtocolGuid,
> +                    (VOID **)&Fmp
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    ImageInfoSize = 0;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL
> +                    );
> +    if (Status != EFI_BUFFER_TOO_SMALL) {
> +      continue;
> +    }
> +
> +    FmpImageInfoBuf = NULL;
> +    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +    if (FmpImageInfoBuf == NULL) {
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto EXIT;
> +    }
> +
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,               // ImageInfoSize
> +                    FmpImageInfoBuf,              // ImageInfo
> +                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                    &FmpImageInfoCount,           // DescriptorCount
> +                    &DescriptorSize,              // DescriptorSize
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName           // PackageVersionName
> +                    );
> +
> +    //
> +    // If FMP GetInformation interface failed, skip this resource
> +    //
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
> +      FreePool(FmpImageInfoBuf);
> +      continue;
> +    }
> +
> +    Print(L"FMP (%d) ImageInfo:\n", Index);
> +    DumpFmpImageInfo(
> +      ImageInfoSize,               // ImageInfoSize
> +      FmpImageInfoBuf,             // ImageInfo
> +      FmpImageInfoDescriptorVer,   // DescriptorVersion
> +      FmpImageInfoCount,           // DescriptorCount
> +      DescriptorSize,              // DescriptorSize
> +      PackageVersion,              // PackageVersion
> +      PackageVersionName           // PackageVersionName
> +      );
> +
> +    if (PackageVersionName != NULL) {
> +      FreePool(PackageVersionName);
> +    }
> +    FreePool(FmpImageInfoBuf);
> +
> +    //
> +    // Get package info
> +    //
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetPackageInfo (
> +                    Fmp,
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName,          // PackageVersionName
> +                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +                    &AttributesSupported,         // AttributesSupported
> +                    &AttributesSetting            // AttributesSetting
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
> +    } else {
> +      Print(L"FMP (%d) ImageInfo:\n", Index);
> +      DumpFmpPackageInfo(
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName,          // PackageVersionName
> +        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +        AttributesSupported,         // AttributesSupported
> +        AttributesSetting            // AttributesSetting
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +    }
> +  }
> +  Print(L"\n");
> +
> +EXIT:
> +  FreePool(HandleBuffer);
> +}
> --
> 2.7.4.windows.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Kinney, Michael D]

Jiewen,

Thanks for the details.  Can you add some more help information for CapsuleApp so the usage of the flags you keep are clear.  I agree that keeping flags that support some unit tests makes sense.

Mike

From: Yao, Jiewen
Sent: Tuesday, October 25, 2016 5:42 PM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Comments inline:

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 7:26 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Hi Jiewen,

When I run the CapsuleApp.efi, it shows the following help:

CapsuleApp:  usage
  CapsuleApp <Capsule...> [-NR]
  CapsuleApp -S
  CapsuleApp -C
  CapsuleApp -P
  CapsuleApp -E
  CapsuleApp -G <BMP> -O <Capsule>
  CapsuleApp -N <Capsule> -O <NestedCapsule>
  CapsuleApp -D|-DS <Capsule>
Parameter:
  -NR: No Reset.
  -S:  Dump capsule status.
  -C:  Clear capsule status.
  -P:  Dump FMP protocol info.
  -E:  Dump ESRT table info.
  -G:  Input BMP file name
  -N:  Append Capsule Header accroding to Windows Firmware Update
  -O:  Output Capsule file name
  -D:  Dump Capsule

I have verified that that standard use case for Galileo Gen 2 works:

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap

I then explored some of the other options and there are some that do
not work as expected:


1) If I set the no reset flag (-NR), it still resets.

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap -NR
[Jiewen] This flag/code is inherit from the original EDKI code.
I made a mistake that I thought it should work.
But not actually because I just realize the reset process is moved to CapsuleService driver.
I will remove [NR] flag totally.


2) Because (1) does not work, the flags to view or operate on a previously
   Loaded capsule cannot be used such as -S, -C, -N, -O, -D.  So I do not
   know if any of these flags work.  Have you tested them?
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.
All of below are validated. None of them are related to [NR]

  -S:  Dump capsule status. // The capsule status variable is defined by UEFI spec. Just dump the variable. No touch capsule image.
  -C:  Clear capsule status. // The capsule status variable is defined by UEFI spec. Just clear the variable. No touch capsule image.
  -N:  Append Capsule Header accroding to Windows Firmware Update // this is to follow "Windows Firmware Update" document to append a header. We need input a capsule image and out a new capsule image. So we can test the nested capsule image. No capsule service is called. Just append header and generate a new image.
  -O:  Output Capsule file name // -O is an option working with others such as "-G <BMP> -O <Capsule>", or "-N <Capsule> -O <NestedCapsule>"
  -D:  Dump Capsule // this is just dump the capsule image information.

If you find some do not work, please let me know and I will fix them.

3) What does -G do?  I do not see a standard way to update only
   a BMP logo image in this series of patches.  If that is not
   really functional, then the code and help for -G should be
   removed.
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.

  -G:  Input BMP file name // this is to follow "windows firmware update" document to wrap a BMP file to be a UX capsule. So that end user may see a picture during capsule process, ideally. The prerequisite is that the platform need have a valid console.

This UX capsule is already supported in IntelFrameworkModulePkg\Library\DxeCapsuleLib.

I think this app just provides the capability to generate a UX capsule for unit test.
I think this is useful and I suggest we keep it.
If you find it does not work, please let me know and I will fix it.

4) Typo in help for -N flag.  "accroding" should be "according".
[Jiewen] Thank you. Fixed.

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.
>
> This CapsuleApp can help perform capsule update in UEFI shell environment.
> It can also dump capsule information, capsule status variable, ESRT and FMP.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
>  6 files changed, 2150 insertions(+)
>
> diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> new file mode 100644
> index 0000000..90ca1fd
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> @@ -0,0 +1,445 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/ShellParameters.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +
> +#define MAX_ARG_NUM     11
> +
> +UINTN  Argc;
> +CHAR16 **Argv;
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiShellParametersProtocolGuid,
> +                  (VOID**)&ShellParameters
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  Argc = ShellParameters->Argc;
> +  Argv = ShellParameters->Argv;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return File System Volume containing this shell application.
> +
> +  @return File System Volume containing this shell application.
> +**/
> +EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
> +GetMyVol (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiLoadedImageProtocolGuid,
> +                  (VOID **)&LoadedImage
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  Status = gBS->HandleProtocol (
> +                  LoadedImage->DeviceHandle,
> +                  &gEfiSimpleFileSystemProtocolGuid,
> +                  (VOID **)&Vol
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return Vol;
> +  }
> +
> +  return NULL;
> +}
> +
> +/**
> +  Read a file from this volume.
> +
> +  @param Vol             File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileFromVol (
> +  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
> +  IN  CHAR16                            *FileName,
> +  OUT UINTN                             *BufferSize,
> +  OUT VOID                              **Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             FileInfoSize;
> +  EFI_FILE_INFO                     *FileInfo;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Get the file information
> +  //
> +  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
> +
> +  FileInfo = AllocateZeroPool (FileInfoSize);
> +  if (FileInfo == NULL) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Status = Handle->GetInfo (
> +                     Handle,
> +                     &gEfiFileInfoGuid,
> +                     &FileInfoSize,
> +                     FileInfo
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  //
> +  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
> +  //
> +  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
> +  TempBuffer = AllocateZeroPool (TempBufferSize);
> +  if (TempBuffer == NULL) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  gBS->FreePool (FileInfo);
> +
> +  //
> +  // Read the file data to the buffer
> +  //
> +  Status = Handle->Read (
> +                     Handle,
> +                     &TempBufferSize,
> +                     TempBuffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (TempBuffer);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  *BufferSize = TempBufferSize;
> +  *Buffer     = TempBuffer;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +  If ScanFs is FLASE, it will use this Vol as default Fs.
> +  If ScanFs is TRUE, it will scan all FS and check the file.
> +    If there is only one file match the name, it will be read.
> +    If there is more than one file match the name, it will return Error.
> +
> +  @param ThisVol         File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +  @param ScanFs          Need Scan all FS
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +  @retval EFI_NO_MAPPING There is duplicated files found
> +**/
> +EFI_STATUS
> +ReadFileToBufferEx (
> +  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer,
> +  IN  BOOLEAN                              ScanFs
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +  UINTN                             NoHandles;
> +  EFI_HANDLE                        *HandleBuffer;
> +  UINTN                             Index;
> +
> +  //
> +  // Check parameters
> +  //
> +  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // not scan fs
> +  //
> +  if (!ScanFs) {
> +    if (*ThisVol == NULL) {
> +      *ThisVol = GetMyVol ();
> +      if (*ThisVol == NULL) {
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +    //
> +    // Read file directly from Vol
> +    //
> +    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
> +  }
> +
> +  //
> +  // need scan fs
> +  //
> +
> +  //
> +  // Get all Vol handle
> +  //
> +  Status = gBS->LocateHandleBuffer (
> +                   ByProtocol,
> +                   &gEfiSimpleFileSystemProtocolGuid,
> +                   NULL,
> +                   &NoHandles,
> +                   &HandleBuffer
> +                   );
> +  if (EFI_ERROR (Status) && (NoHandles == 0)) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Walk through each Vol
> +  //
> +  *ThisVol = NULL;
> +  *BufferSize = 0;
> +  *Buffer     = NULL;
> +  for (Index = 0; Index < NoHandles; Index++) {
> +    Status = gBS->HandleProtocol (
> +                    HandleBuffer[Index],
> +                    &gEfiSimpleFileSystemProtocolGuid,
> +                    (VOID **)&Vol
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Read file OK, check duplication
> +      //
> +      if (*ThisVol != NULL) {
> +        //
> +        // Find the duplicated file
> +        //
> +        gBS->FreePool (TempBuffer);
> +        gBS->FreePool (*Buffer);
> +        Print (L"Duplicated FileName found!\n");
> +        return EFI_NO_MAPPING;
> +      } else {
> +        //
> +        // Record value
> +        //
> +        *ThisVol = Vol;
> +        *BufferSize = TempBufferSize;
> +        *Buffer     = TempBuffer;
> +      }
> +    }
> +  }
> +
> +  //
> +  // Scan Fs done
> +  //
> +  if (*ThisVol == NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Done
> +  //
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer (
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  )
> +{
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  Vol = NULL;
> +  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
> +}
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             TempBufferSize;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Vol = GetMyVol();
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  //
> +  // Delete file
> +  //
> +  Status = Handle->Delete(Handle);
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file again
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Write the file data from the buffer
> +  //
> +  TempBufferSize = BufferSize;
> +  Status = Handle->Write (
> +                     Handle,
> +                     &TempBufferSize,
> +                     Buffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> new file mode 100644
> index 0000000..6bb778a
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> @@ -0,0 +1,853 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/GraphicsOutput.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +#include <Guid/GlobalVariable.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#define CAPSULE_HEADER_SIZE  0x20
> +
> +#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
> +#define SYSTEM_FIRMWARE_FLAG 0x50000
> +#define DEVICE_FIRMWARE_FLAG 0x78010
> +
> +#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\<file:///\\EFI\UpdateCapsule\>"
> +#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
> +
> +#define MAJOR_VERSION   1
> +#define MINOR_VERSION   0
> +
> +#define MAX_CAPSULE_NUM 10
> +
> +extern UINTN  Argc;
> +extern CHAR16 **Argv;
> +
> +//
> +// Define how many block descriptors we want to test with.
> +//
> +UINTN  NumberOfDescriptors = 1;
> +UINTN  CapsuleFirstIndex;
> +UINTN  CapsuleLastIndex;
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  );
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  );
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData(
> +  VOID
> +  );
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData(
> +  VOID
> +  );
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  );
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  );
> +
> +/**
> +  Create UX capsule.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
> +**/
> +EFI_STATUS
> +CreateBmpFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *BmpBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *BmpName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  EFI_STATUS                                    Status;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
> +
> +  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: NO GOP is found.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
> +  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
> +  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
> +  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
> +  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  BmpBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  BmpName = Argv[2];
> +  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
> +  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
> +  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
> +  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
> +  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  DisplayCapsule->ImagePayload.Version = 1;
> +  DisplayCapsule->ImagePayload.Checksum = 0;
> +  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
> +  DisplayCapsule->ImagePayload.Reserved = 0;
> +  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
> +  DisplayCapsule->ImagePayload.OffsetX = 0;
> +  DisplayCapsule->ImagePayload.OffsetY = 0;
> +
> +  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
> +
> +  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer,
> FullCapsuleBufferSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (BmpBuffer != NULL) {
> +    FreePool(BmpBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Get ImageTypeId in the FMP capsule header.
> +
> +  @param CapsuleHeader  The FMP capsule image header.
> +
> +  @return ImageTypeId
> +**/
> +EFI_GUID *
> +GetCapsuleImageTypeId(
> +  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT64                                       *ItemOffsetList;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  if (FmpCapsuleHeader->PayloadItemCount == 0) {
> +    return NULL;
> +  }
> +  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
> +  return &ImageHeader->UpdateImageTypeId;
> +}
> +
> +/**
> +  Get ESRT FwType according to ImageTypeId
> +
> +  @param  ImageTypeId   ImageTypeId of an FMP capsule.
> +
> +  @return ESRT FwType
> +**/
> +UINT32
> +GetEsrtFwType(
> +  IN  EFI_GUID                                      *ImageTypeId
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +
> +  //
> +  // Check ESRT
> +  //
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
> +        return EsrtEntry->FwType;
> +      }
> +    }
> +  }
> +
> +  return ESRT_FW_TYPE_UNKNOWN;
> +}
> +
> +/**
> +  Append a capsule header on top of current image.
> +  This function follows Windows UEFI Firmware Update Platform document.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
> +**/
> +EFI_STATUS
> +CreateNestedFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *CapsuleBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *CapsuleName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
> +  EFI_GUID                                      *ImageTypeId;
> +  UINT32                                        FwType;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  CapsuleBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
> +  if (ImageTypeId == NULL) {
> +    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
> +    goto Done;
> +  }
> +  FwType = GetEsrtFwType(ImageTypeId);
> +  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType !=
> ESRT_FW_TYPE_DEVICEFIRMWARE)) {
> +    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
> +  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
> +  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
> +  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
> +  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ?
> SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
> +  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize,
> CapsuleBuffer, FileSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (CapsuleBuffer != NULL) {
> +    FreePool(CapsuleBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +
> +/**
> +  Clear capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is cleared.
> +**/
> +EFI_STATUS
> +ClearCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Build Gather list for a list of capsule images.
> +
> +  @param[in]  CapsuleBuffer    An array of pointer to capsule images
> +  @param[in]  FileSize         An array of UINTN to capsule images size
> +  @param[in]  CapsuleNum       The count of capsule images
> +  @param[out] BlockDescriptors The block descriptors for the capsule images
> +
> +  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
> +**/
> +EFI_STATUS
> +BuildGatherList(
> +  IN VOID                          **CapsuleBuffer,
> +  IN UINTN                         *FileSize,
> +  IN UINTN                         CapsuleNum,
> +  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
> +  UINT8                         *TempDataPtr;
> +  UINTN                         SizeLeft;
> +  UINTN                         Size;
> +  INT32                         Count;
> +  INT32                         Number;
> +  UINTN                         Index;
> +
> +  TempBlockPtr           = NULL;
> +  BlockDescriptors1      = NULL;
> +  BlockDescriptors2      = NULL;
> +  BlockDescriptorPre     = NULL;
> +  BlockDescriptorsHeader = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    //
> +    // Allocate memory for the descriptors.
> +    //
> +    if (NumberOfDescriptors == 1) {
> +      Count = 2;
> +    } else {
> +      Count = (INT32)(NumberOfDescriptors + 2) / 2;
> +    }
> +
> +    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
> +    if (BlockDescriptors1 == NULL) {
> +      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto ERREXIT;
> +    } else {
> +      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN)
> BlockDescriptors1);
> +      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n",
> (UINTN) CapsuleBuffer, FileSize);
> +    }
> +
> +    //
> +    // Record descirptor header
> +    //
> +    if (Index == 0) {
> +      BlockDescriptorsHeader = BlockDescriptors1;
> +    }
> +
> +    if (BlockDescriptorPre != NULL) {
> +      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
> +      BlockDescriptorPre->Length = 0;
> +    }
> +
> +    //
> +    // Fill them in
> +    //
> +    TempBlockPtr  = BlockDescriptors1;
> +    TempDataPtr   = CapsuleBuffer[Index];
> +    SizeLeft      = FileSize[Index];
> +    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
> +      //
> +      // Divide remaining data in half
> +      //
> +      if (NumberOfDescriptors != 1) {
> +        if (SizeLeft == 1) {
> +          Size = 1;
> +        } else {
> +          Size = SizeLeft / 2;
> +        }
> +      } else {
> +        Size = SizeLeft;
> +      }
> +      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +      TempBlockPtr->Length  = Size;
> +      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +      SizeLeft -= Size;
> +      TempDataPtr += Size;
> +      TempBlockPtr++;
> +    }
> +
> +    //
> +    // Allocate the second list, point the first block's last entry to point
> +    // to this one, and fill this one in. Worst case is that the previous
> +    // list only had one element that pointed here, so we need at least two
> +    // elements -- one to point to all the data, another to terminate the list.
> +    //
> +    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
> +      Count = (INT32)(NumberOfDescriptors + 2) - Count;
> +      if (Count == 1) {
> +        Count++;
> +      }
> +
> +      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
> +      if (BlockDescriptors2 == NULL) {
> +        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +        Status = EFI_OUT_OF_RESOURCES;
> +        goto ERREXIT;
> +      }
> +
> +      //
> +      // Point the first list's last element to point to this second list.
> +      //
> +      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
> +
> +      TempBlockPtr->Length  = 0;
> +      TempBlockPtr = BlockDescriptors2;
> +      for (Number = 0; Number < Count - 1; Number++) {
> +        //
> +        // If second-to-last one, then dump rest to this element
> +        //
> +        if (Number == (Count - 2)) {
> +          Size = SizeLeft;
> +        } else {
> +          //
> +          // Divide remaining data in half
> +          //
> +          if (SizeLeft == 1) {
> +            Size = 1;
> +          } else {
> +            Size = SizeLeft / 2;
> +          }
> +        }
> +
> +        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +        TempBlockPtr->Length  = Size;
> +        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +        SizeLeft -= Size;
> +        TempDataPtr += Size;
> +        TempBlockPtr++;
> +        if (SizeLeft == 0) {
> +          break;
> +        }
> +      }
> +    }
> +
> +    BlockDescriptorPre = TempBlockPtr;
> +    BlockDescriptors1  = NULL;
> +  }
> +
> +  //
> +  // Null-terminate.
> +  //
> +  if (TempBlockPtr != NULL) {
> +    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
> +    TempBlockPtr->Length  = 0;
> +    *BlockDescriptors = BlockDescriptorsHeader;
> +  }
> +
> +  return EFI_SUCCESS;
> +
> +ERREXIT:
> +  if (BlockDescriptors1 != NULL) {
> +    FreePool(BlockDescriptors1);
> +  }
> +
> +  if (BlockDescriptors2 != NULL) {
> +    FreePool(BlockDescriptors2);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Clear the Gather list for a list of capsule images.
> +
> +  @param[in]  BlockDescriptors The block descriptors for the capsule images
> +  @param[in]  CapsuleNum       The count of capsule images
> +**/
> +VOID
> +CleanGatherList(
> +  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
> +  IN UINTN                          CapsuleNum
> +  )
> +{
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
> +  UINTN                          Index;
> +
> +  if (BlockDescriptors != NULL) {
> +    TempBlockPtr1 = BlockDescriptors;
> +    while (1){
> +      TempBlockPtr = TempBlockPtr1;
> +      for (Index = 0; Index < CapsuleNum; Index++) {
> +        if (TempBlockPtr[Index].Length == 0) {
> +          break;
> +        }
> +      }
> +
> +      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
> +        break;
> +      }
> +
> +      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
> +      FreePool(TempBlockPtr1);
> +      TempBlockPtr1 = TempBlockPtr2;
> +    }
> +  }
> +}
> +
> +/**
> +  Print APP usage.
> +**/
> +VOID
> +PrintUsage (
> +  VOID
> +  )
> +{
> +  Print(L"CapsuleApp:  usage\n");
> +  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
> +  Print(L"  CapsuleApp -S\n");
> +  Print(L"  CapsuleApp -C\n");
> +  Print(L"  CapsuleApp -P\n");
> +  Print(L"  CapsuleApp -E\n");
> +  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
> +  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
> +  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
> +  Print(L"Parameter:\n");
> +  Print(L"  -NR: No Reset.\n");
> +  Print(L"  -S:  Dump capsule status.\n");
> +  Print(L"  -C:  Clear capsule status.\n");
> +  Print(L"  -P:  Dump FMP protocol info.\n");
> +  Print(L"  -E:  Dump ESRT table info.\n");
> +  Print(L"  -G:  Input BMP file name\n");
> +  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
> +  Print(L"  -O:  Output Capsule file name\n");
> +  Print(L"  -D:  Dump Capsule\n");
> +}
> +
> +/**
> +  Update Capsule image.
> +
> +  @param[in]  ImageHandle     The image handle.
> +  @param[in]  SystemTable     The system table.
> +
> +  @retval EFI_SUCCESS            Command completed successfully.
> +  @retval EFI_INVALID_PARAMETER  Command usage error.
> +  @retval EFI_NOT_FOUND          The input file can't be found.
> +**/
> +EFI_STATUS
> +EFIAPI
> +UefiMain (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  UINTN                         FileSize[MAX_CAPSULE_NUM];
> +  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
> +  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
> +  UINT64                         MaxCapsuleSize;
> +  EFI_RESET_TYPE                 ResetType;
> +  BOOLEAN                        NeedReset;
> +  BOOLEAN                        NoReset;
> +  CHAR16                         *CapsuleName;
> +  UINTN                          CapsuleNum;
> +  UINTN                          Index;
> +
> +  Status = GetArg();
> +  if (EFI_ERROR(Status)) {
> +    Print(L"Please use UEFI SHELL to run this application!\n", Status);
> +    return Status;
> +  }
> +  if (Argc < 2) {
> +    PrintUsage();
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  if (StrCmp(Argv[1], L"-D") == 0) {
> +    Status = DumpCapsule();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-G") == 0) {
> +    Status = CreateBmpFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-N") == 0) {
> +    Status = CreateNestedFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-S") == 0) {
> +    Status = DmpCapsuleStatusVariable();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-C") == 0) {
> +    Status = ClearCapsuleStatusVariable();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-P") == 0) {
> +    DumpFmpData();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-E") == 0) {
> +    DumpEsrtData();
> +    return EFI_SUCCESS;
> +  }
> +  CapsuleFirstIndex = 1;
> +  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
> +    NoReset = TRUE;
> +    CapsuleLastIndex = Argc - 2;
> +  } else {
> +    NoReset = FALSE;
> +    CapsuleLastIndex = Argc - 1;
> +  }
> +  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
> +
> +  if (CapsuleFirstIndex > CapsuleLastIndex) {
> +    Print(L"CapsuleApp: NO capsule image.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CapsuleNum > MAX_CAPSULE_NUM) {
> +    Print(L"CapsuleApp: Too many capsule images.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
> +  ZeroMem(&FileSize, sizeof(FileSize));
> +  BlockDescriptors = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleName = Argv[CapsuleFirstIndex + Index];
> +    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
> +    if (EFI_ERROR(Status)) {
> +      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Every capsule use 2 descriptor 1 for data 1 for end
> +  //
> +  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
> +  if (EFI_ERROR(Status)) {
> +    goto Done;
> +  }
> +
> +  //
> +  // Call the runtime service capsule.
> +  //
> +  NeedReset = FALSE;
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
> +    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0)
> {
> +      NeedReset = TRUE;
> +    }
> +  }
> +  CapsuleHeaderArray[CapsuleNum] = NULL;
> +  if (NoReset) {
> +    NeedReset = FALSE;
> +  }
> +
> +  //
> +  // Inquire platform capability of UpdateCapsule.
> +  //
> +  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum,
> &MaxCapsuleSize, &ResetType);
> +  if (EFI_ERROR(Status)) {
> +    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
> +    goto Done;
> +  }
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (FileSize[Index] > MaxCapsuleSize) {
> +      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n",
> MaxCapsuleSize);
> +      Status = EFI_UNSUPPORTED;
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Check whether the input capsule image has the flag of persist across system
> reset.
> +  //
> +  if (NeedReset) {
> +    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +      goto Done;
> +    }
> +    //
> +    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
> +    // system reset to process capsule persist across a system reset.
> +    //
> +    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
> +  } else {
> +    //
> +    // For capsule who has no reset flag, only call UpdateCapsule Service without a
> +    // system reset. The service will process the capsule immediately.
> +    //
> +    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +    }
> +  }
> +
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (CapsuleBuffer[Index] != NULL) {
> +      FreePool (CapsuleBuffer[Index]);
> +    }
> +  }
> +
> +  CleanGatherList(BlockDescriptors, CapsuleNum);
> +
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> new file mode 100644
> index 0000000..2084e5f
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> @@ -0,0 +1,71 @@
> +##  @file
> +#  A shell application that triggers capsule update process.
> +#
> +# This application can trigger capsule update process. It can also
> +# generate capsule image, or dump capsule variable information.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010006
> +  BASE_NAME                      = CapsuleApp
> +  MODULE_UNI_FILE                = CapsuleApp.uni
> +  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
> +  MODULE_TYPE                    = UEFI_APPLICATION
> +  VERSION_STRING                 = 1.0
> +  ENTRY_POINT                    = UefiMain
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64
> +#
> +
> +[Sources]
> +  CapsuleApp.c
> +  CapsuleDump.c
> +  AppSupport.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[Guids]
> +  gEfiFileInfoGuid
> +  gEfiPartTypeSystemPartGuid
> +  gEfiGlobalVariableGuid
> +  gEfiCapsuleReportGuid
> +  gEfiFmpCapsuleGuid
> +  gWindowsUxCapsuleGuid
> +  gEfiCertTypeRsa2048Sha256Guid
> +  gEfiCertPkcs7Guid
> +  gEfiSystemResourceTableGuid
> +
> +[Protocols]
> +  gEfiLoadedImageProtocolGuid
> +  gEfiSimpleFileSystemProtocolGuid
> +  gEfiGraphicsOutputProtocolGuid
> +  gEfiFirmwareManagementProtocolGuid
> +  gEfiShellParametersProtocolGuid
> +
> +[LibraryClasses]
> +  BaseLib
> +  UefiApplicationEntryPoint
> +  DebugLib
> +  MemoryAllocationLib
> +  UefiBootServicesTableLib
> +  UefiRuntimeServicesTableLib
> +  UefiLib
> +  PrintLib
> +
> +[UserExtensions.TianoCore."ExtraFiles"]
> +  CapsuleAppExtra.uni
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> new file mode 100644
> index 0000000..54d6e12
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// A shell application that triggers capsule update process.
> +//
> +// This application can trigger capsule update process. It can also
> +// generate capsule image, or dump capsule variable information.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "A shell application that
> triggers capsule update process."
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger
> capsule update process. It can also generate capsule image, or dump capsule variable
> information."
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> new file mode 100644
> index 0000000..b5a8840
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> @@ -0,0 +1,19 @@
> +// /** @file
> +// CapsuleApp Localized Strings and Content
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +#string STR_PROPERTIES_MODULE_NAME
> +#language en-US
> +"Capsule Application"
> +
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> new file mode 100644
> index 0000000..b383fe1
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> @@ -0,0 +1,740 @@
> +/** @file
> +  Dump Capsule image information.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/ImageAuthentication.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +extern UINTN  Argc;
> +extern CHAR16 *Argv[];
> +
> +/**
> +  Dump UX capsule information.
> +
> +  @param CapsuleHeader      The UX capsule header
> +**/
> +VOID
> +DumpUxCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
> +  Print(L"[UxCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule-
> >CapsuleHeader.CapsuleImageSize);
> +  Print(L"ImagePayload:\n");
> +  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
> +  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
> +  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
> +  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
> +  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
> +  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
> +}
> +
> +/**
> +  Dump FMP image authentication information.
> +
> +  @param Image      The FMP capsule image
> +  @param ImageSize  The size of the FMP capsule image in bytes.
> +
> +  @return the size of FMP authentication.
> +**/
> +UINTN
> +DumpImageAuthentication(
> +  IN VOID   *Image,
> +  IN UINTN  ImageSize
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
> +
> +  ImageAuthentication = Image;
> +  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
> +      CompareGuid(&ImageAuthentication->AuthInfo.CertType,
> &gEfiCertTypeRsa2048Sha256Guid)) {
> +    Print(L"[ImageAuthentication]\n");
> +    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
> +    Print(L"WIN_CERTIFICATE:\n");
> +    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
> +    Print(L"  wRevision        - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wRevision);
> +    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wCertificateType);
> +    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
> +    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication-
> >AuthInfo.Hdr.dwLength;
> +  } else {
> +    return 0;
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  UINT64                                        *ItemOffsetList;
> +  UINTN                                         Index;
> +  UINTN                                         Count;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
> +
> +  Print(L"[FmpCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  Print(L"FmpHeader:\n");
> +  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
> +  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
> +  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
> +  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
> +  for (Index = 0; Index < Count; Index++) {
> +    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
> +  }
> +
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
> +    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
> +    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
> +    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
> +    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
> +    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
> +    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
> +    if (FmpImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader-
> >UpdateHardwareInstance);
> +    }
> +  }
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +
> +  //
> +  // Check ESRT
> +  //
> +  EsrtGuidFound = FALSE;
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +        EsrtGuidFound = TRUE;
> +        break;
> +      }
> +    }
> +  }
> +
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *CapsuleName;
> +  VOID                                          *Buffer;
> +  UINTN                                         FileSize;
> +  EFI_CAPSULE_HEADER                            *CapsuleHeader;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 3) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  CapsuleHeader = Buffer;
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
> +    DumpUxCapsule(CapsuleHeader);
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    DumpFmpCapsule(CapsuleHeader);
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    Print(L"[NestedCapusule]\n");
> +    Print(L"CapsuleHeader:\n");
> +    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader-
> >HeaderSize));
> +  }
> +
> +Done:
> +  FreePool(Buffer);
> +  return Status;
> +}
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +  UINTN                               CapsuleFileNameSize;
> +  CHAR16                              CapsuleIndexData[12];
> +  CHAR16                              *CapsuleIndex;
> +
> +  Status = GetVariable2(
> +             L"CapsuleMax",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +  Status = GetVariable2(
> +             L"CapsuleLast",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = GetVariable2 (
> +               CapsuleVarName,
> +               &gEfiCapsuleReportGuid,
> +               (VOID **) &CapsuleResult,
> +               NULL
> +               );
> +    if (Status == EFI_NOT_FOUND) {
> +      break;
> +    } else if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    //
> +    // display capsule process status
> +    //
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      Print (L"CapsuleName: %s\n", CapsuleVarName);
> +      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
> +      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
> +      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
> +    }
> +
> +    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +      if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
> +        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
> +        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp-
> >UpdateImageIndex);
> +        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp-
> >UpdateImageTypeId);
> +        if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
> +          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
> +          if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) +
> CapsuleFileNameSize) {
> +            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp +
> 1) + CapsuleFileNameSize);
> +          }
> +        }
> +      }
> +    }
> +
> +    FreePool(CapsuleResult);
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +CHAR8 *mFwTypeString[] = {
> +  "Unknown",
> +  "SystemFirmware",
> +  "DeviceFirmware",
> +  "UefiDriver",
> +};
> +
> +CHAR8 *mLastAttemptStatusString[] = {
> +  "Success",
> +  "Error: Unsuccessful",
> +  "Error: Insufficient Resources",
> +  "Error: Incorrect Version",
> +  "Error: Invalid Format",
> +  "Error: Auth Error",
> +  "Error: Power Event AC",
> +  "Error: Power Event Battery",
> +};
> +
> +/**
> +  Convert FwType to a string.
> +
> +  @param FwType  FwType in ESRT
> +
> +  @return a string for FwType.
> +**/
> +CHAR8 *
> +FwTypeToString(
> +  IN UINT32 FwType
> +  )
> +{
> +  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
> +    return mFwTypeString[FwType];
> +  } else {
> +    return "Invalid";
> +  }
> +}
> +
> +/**
> +  Convert LastAttemptStatus to a string.
> +
> +  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
> +
> +  @return a string for LastAttemptStatus.
> +**/
> +CHAR8 *
> +LastAttemptStatusToString(
> +  IN UINT32 LastAttemptStatus
> +  )
> +{
> +  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) /
> sizeof(mLastAttemptStatusString[0])) {
> +    return mLastAttemptStatusString[LastAttemptStatus];
> +  } else {
> +    return "Error: Unknown";
> +  }
> +}
> +
> +/**
> +  Dump ESRT entry.
> +
> +  @param EsrtEntry  ESRT entry
> +**/
> +VOID
> +DumpEsrtEntry(
> +  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
> +  )
> +{
> +  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
> +  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType,
> FwTypeToString(EsrtEntry->FwType));
> +  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
> +  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
> +  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
> +  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
> +  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
> +  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_INITIATE_RESET);
> +  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
> +  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus,
> LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
> +}
> +
> +/**
> +  Dump ESRT table.
> +
> +  @param Esrt  ESRT table
> +**/
> +VOID
> +DumpEsrt(
> +  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
> +  )
> +{
> +  UINTN                      Index;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +
> +  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
> +  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
> +  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
> +  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
> +
> +  EsrtEntry = (VOID *)(Esrt + 1);
> +  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
> +    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
> +    DumpEsrtEntry(EsrtEntry);
> +    EsrtEntry++;
> +  }
> +}
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +
> +  Print(L"##############\n");
> +  Print(L"# ESRT TABLE #\n");
> +  Print(L"##############\n");
> +
> +  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"ESRT - %r\n", Status);
> +    return;
> +  }
> +  DumpEsrt(Esrt);
> +  Print(L"\n");
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
> +  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
> +  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
> +  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    Print(L"  ImageDescriptor (%d)\n", Index);
> +    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
> +    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
> +    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
> +    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo-
> >ImageIdName);
> +    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
> +    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo-
> >VersionName);
> +    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
> +    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo-
> >Compatibilities);
> +    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo-
> >Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
> +    if (DescriptorVersion > 1) {
> +      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo-
> >LowestSupportedImageVersion);
> +      if (DescriptorVersion > 2) {
> +        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo-
> >LastAttemptVersion);
> +        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo-
> >LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
> +        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo-
> >HardwareInstance);
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump FMP package information.
> +
> +  @param PackageVersion             The version of package.
> +  @param PackageVersionName         The version name of package.
> +  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
> +  @param AttributesSupported        Package attributes that are supported by this
> device.
> +  @param AttributesSetting          Package attributes.
> +**/
> +VOID
> +DumpFmpPackageInfo(
> +  IN UINT32                           PackageVersion,
> +  IN CHAR16                           *PackageVersionName,
> +  IN UINT32                           PackageVersionNameMaxLen,
> +  IN UINT64                           AttributesSupported,
> +  IN UINT64                           AttributesSetting
> +  )
> +{
> +  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
> +  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
> +  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +}
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         Index;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINT8                                         FmpImageInfoCount;
> +  UINTN                                         DescriptorSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  UINT32                                        PackageVersionNameMaxLen;
> +  UINT64                                        AttributesSupported;
> +  UINT64                                        AttributesSetting;
> +
> +  Print(L"############\n");
> +  Print(L"# FMP DATA #\n");
> +  Print(L"############\n");
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
> +    return;
> +  }
> +
> +  for (Index = 0; Index < NumberOfHandles; Index++) {
> +    Status = gBS->HandleProtocol(
> +                    HandleBuffer[Index],
> +                    &gEfiFirmwareManagementProtocolGuid,
> +                    (VOID **)&Fmp
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    ImageInfoSize = 0;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL
> +                    );
> +    if (Status != EFI_BUFFER_TOO_SMALL) {
> +      continue;
> +    }
> +
> +    FmpImageInfoBuf = NULL;
> +    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +    if (FmpImageInfoBuf == NULL) {
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto EXIT;
> +    }
> +
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,               // ImageInfoSize
> +                    FmpImageInfoBuf,              // ImageInfo
> +                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                    &FmpImageInfoCount,           // DescriptorCount
> +                    &DescriptorSize,              // DescriptorSize
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName           // PackageVersionName
> +                    );
> +
> +    //
> +    // If FMP GetInformation interface failed, skip this resource
> +    //
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
> +      FreePool(FmpImageInfoBuf);
> +      continue;
> +    }
> +
> +    Print(L"FMP (%d) ImageInfo:\n", Index);
> +    DumpFmpImageInfo(
> +      ImageInfoSize,               // ImageInfoSize
> +      FmpImageInfoBuf,             // ImageInfo
> +      FmpImageInfoDescriptorVer,   // DescriptorVersion
> +      FmpImageInfoCount,           // DescriptorCount
> +      DescriptorSize,              // DescriptorSize
> +      PackageVersion,              // PackageVersion
> +      PackageVersionName           // PackageVersionName
> +      );
> +
> +    if (PackageVersionName != NULL) {
> +      FreePool(PackageVersionName);
> +    }
> +    FreePool(FmpImageInfoBuf);
> +
> +    //
> +    // Get package info
> +    //
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetPackageInfo (
> +                    Fmp,
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName,          // PackageVersionName
> +                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +                    &AttributesSupported,         // AttributesSupported
> +                    &AttributesSetting            // AttributesSetting
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
> +    } else {
> +      Print(L"FMP (%d) ImageInfo:\n", Index);
> +      DumpFmpPackageInfo(
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName,          // PackageVersionName
> +        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +        AttributesSupported,         // AttributesSupported
> +        AttributesSetting            // AttributesSetting
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +    }
> +  }
> +  Print(L"\n");
> +
> +EXIT:
> +  FreePool(HandleBuffer);
> +}
> --
> 2.7.4.windows.1

Re: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Yao, Jiewen]

That is good idea. I will add more description.

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 10:05 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Jiewen,

Thanks for the details.  Can you add some more help information for CapsuleApp so the usage of the flags you keep are clear.  I agree that keeping flags that support some unit tests makes sense.

Mike

From: Yao, Jiewen
Sent: Tuesday, October 25, 2016 5:42 PM
To: Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Comments inline:

From: Kinney, Michael D
Sent: Wednesday, October 26, 2016 7:26 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
Subject: RE: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

Hi Jiewen,

When I run the CapsuleApp.efi, it shows the following help:

CapsuleApp:  usage
  CapsuleApp <Capsule...> [-NR]
  CapsuleApp -S
  CapsuleApp -C
  CapsuleApp -P
  CapsuleApp -E
  CapsuleApp -G <BMP> -O <Capsule>
  CapsuleApp -N <Capsule> -O <NestedCapsule>
  CapsuleApp -D|-DS <Capsule>
Parameter:
  -NR: No Reset.
  -S:  Dump capsule status.
  -C:  Clear capsule status.
  -P:  Dump FMP protocol info.
  -E:  Dump ESRT table info.
  -G:  Input BMP file name
  -N:  Append Capsule Header accroding to Windows Firmware Update
  -O:  Output Capsule file name
  -D:  Dump Capsule

I have verified that that standard use case for Galileo Gen 2 works:

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap

I then explored some of the other options and there are some that do
not work as expected:


1) If I set the no reset flag (-NR), it still resets.

  CapsuleApp.efi QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap -NR
[Jiewen] This flag/code is inherit from the original EDKI code.
I made a mistake that I thought it should work.
But not actually because I just realize the reset process is moved to CapsuleService driver.
I will remove [NR] flag totally.


2) Because (1) does not work, the flags to view or operate on a previously
   Loaded capsule cannot be used such as -S, -C, -N, -O, -D.  So I do not
   know if any of these flags work.  Have you tested them?
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.
All of below are validated. None of them are related to [NR]

  -S:  Dump capsule status. // The capsule status variable is defined by UEFI spec. Just dump the variable. No touch capsule image.
  -C:  Clear capsule status. // The capsule status variable is defined by UEFI spec. Just clear the variable. No touch capsule image.
  -N:  Append Capsule Header accroding to Windows Firmware Update // this is to follow "Windows Firmware Update" document to append a header. We need input a capsule image and out a new capsule image. So we can test the nested capsule image. No capsule service is called. Just append header and generate a new image.
  -O:  Output Capsule file name // -O is an option working with others such as "-G <BMP> -O <Capsule>", or "-N <Capsule> -O <NestedCapsule>"
  -D:  Dump Capsule // this is just dump the capsule image information.

If you find some do not work, please let me know and I will fix them.

3) What does -G do?  I do not see a standard way to update only
   a BMP logo image in this series of patches.  If that is not
   really functional, then the code and help for -G should be
   removed.
[Jiewen] Yes, any of these flags are new added by me to assist Capsule process debug.

  -G:  Input BMP file name // this is to follow "windows firmware update" document to wrap a BMP file to be a UX capsule. So that end user may see a picture during capsule process, ideally. The prerequisite is that the platform need have a valid console.

This UX capsule is already supported in IntelFrameworkModulePkg\Library\DxeCapsuleLib.

I think this app just provides the capability to generate a UX capsule for unit test.
I think this is useful and I suggest we keep it.
If you find it does not work, please let me know and I will fix it.

4) Typo in help for -N flag.  "accroding" should be "according".
[Jiewen] Thank you. Fixed.

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael
> D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.
>
> This CapsuleApp can help perform capsule update in UEFI shell environment.
> It can also dump capsule information, capsule status variable, ESRT and FMP.
>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Reviewed-by: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> ---
>  MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
>  6 files changed, 2150 insertions(+)
>
> diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> new file mode 100644
> index 0000000..90ca1fd
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> @@ -0,0 +1,445 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/ShellParameters.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +
> +#define MAX_ARG_NUM     11
> +
> +UINTN  Argc;
> +CHAR16 **Argv;
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiShellParametersProtocolGuid,
> +                  (VOID**)&ShellParameters
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  Argc = ShellParameters->Argc;
> +  Argv = ShellParameters->Argv;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return File System Volume containing this shell application.
> +
> +  @return File System Volume containing this shell application.
> +**/
> +EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
> +GetMyVol (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiLoadedImageProtocolGuid,
> +                  (VOID **)&LoadedImage
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  Status = gBS->HandleProtocol (
> +                  LoadedImage->DeviceHandle,
> +                  &gEfiSimpleFileSystemProtocolGuid,
> +                  (VOID **)&Vol
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return Vol;
> +  }
> +
> +  return NULL;
> +}
> +
> +/**
> +  Read a file from this volume.
> +
> +  @param Vol             File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileFromVol (
> +  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
> +  IN  CHAR16                            *FileName,
> +  OUT UINTN                             *BufferSize,
> +  OUT VOID                              **Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             FileInfoSize;
> +  EFI_FILE_INFO                     *FileInfo;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Get the file information
> +  //
> +  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
> +
> +  FileInfo = AllocateZeroPool (FileInfoSize);
> +  if (FileInfo == NULL) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Status = Handle->GetInfo (
> +                     Handle,
> +                     &gEfiFileInfoGuid,
> +                     &FileInfoSize,
> +                     FileInfo
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  //
> +  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
> +  //
> +  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
> +  TempBuffer = AllocateZeroPool (TempBufferSize);
> +  if (TempBuffer == NULL) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  gBS->FreePool (FileInfo);
> +
> +  //
> +  // Read the file data to the buffer
> +  //
> +  Status = Handle->Read (
> +                     Handle,
> +                     &TempBufferSize,
> +                     TempBuffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (TempBuffer);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  *BufferSize = TempBufferSize;
> +  *Buffer     = TempBuffer;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +  If ScanFs is FLASE, it will use this Vol as default Fs.
> +  If ScanFs is TRUE, it will scan all FS and check the file.
> +    If there is only one file match the name, it will be read.
> +    If there is more than one file match the name, it will return Error.
> +
> +  @param ThisVol         File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +  @param ScanFs          Need Scan all FS
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +  @retval EFI_NO_MAPPING There is duplicated files found
> +**/
> +EFI_STATUS
> +ReadFileToBufferEx (
> +  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer,
> +  IN  BOOLEAN                              ScanFs
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +  UINTN                             NoHandles;
> +  EFI_HANDLE                        *HandleBuffer;
> +  UINTN                             Index;
> +
> +  //
> +  // Check parameters
> +  //
> +  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // not scan fs
> +  //
> +  if (!ScanFs) {
> +    if (*ThisVol == NULL) {
> +      *ThisVol = GetMyVol ();
> +      if (*ThisVol == NULL) {
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +    //
> +    // Read file directly from Vol
> +    //
> +    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
> +  }
> +
> +  //
> +  // need scan fs
> +  //
> +
> +  //
> +  // Get all Vol handle
> +  //
> +  Status = gBS->LocateHandleBuffer (
> +                   ByProtocol,
> +                   &gEfiSimpleFileSystemProtocolGuid,
> +                   NULL,
> +                   &NoHandles,
> +                   &HandleBuffer
> +                   );
> +  if (EFI_ERROR (Status) && (NoHandles == 0)) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Walk through each Vol
> +  //
> +  *ThisVol = NULL;
> +  *BufferSize = 0;
> +  *Buffer     = NULL;
> +  for (Index = 0; Index < NoHandles; Index++) {
> +    Status = gBS->HandleProtocol (
> +                    HandleBuffer[Index],
> +                    &gEfiSimpleFileSystemProtocolGuid,
> +                    (VOID **)&Vol
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Read file OK, check duplication
> +      //
> +      if (*ThisVol != NULL) {
> +        //
> +        // Find the duplicated file
> +        //
> +        gBS->FreePool (TempBuffer);
> +        gBS->FreePool (*Buffer);
> +        Print (L"Duplicated FileName found!\n");
> +        return EFI_NO_MAPPING;
> +      } else {
> +        //
> +        // Record value
> +        //
> +        *ThisVol = Vol;
> +        *BufferSize = TempBufferSize;
> +        *Buffer     = TempBuffer;
> +      }
> +    }
> +  }
> +
> +  //
> +  // Scan Fs done
> +  //
> +  if (*ThisVol == NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Done
> +  //
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer (
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  )
> +{
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  Vol = NULL;
> +  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
> +}
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             TempBufferSize;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Vol = GetMyVol();
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  //
> +  // Delete file
> +  //
> +  Status = Handle->Delete(Handle);
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file again
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Write the file data from the buffer
> +  //
> +  TempBufferSize = BufferSize;
> +  Status = Handle->Write (
> +                     Handle,
> +                     &TempBufferSize,
> +                     Buffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> new file mode 100644
> index 0000000..6bb778a
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> @@ -0,0 +1,853 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/GraphicsOutput.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +#include <Guid/GlobalVariable.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#define CAPSULE_HEADER_SIZE  0x20
> +
> +#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
> +#define SYSTEM_FIRMWARE_FLAG 0x50000
> +#define DEVICE_FIRMWARE_FLAG 0x78010
> +
> +#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\<file:///\\EFI\UpdateCapsule\>"
> +#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
> +
> +#define MAJOR_VERSION   1
> +#define MINOR_VERSION   0
> +
> +#define MAX_CAPSULE_NUM 10
> +
> +extern UINTN  Argc;
> +extern CHAR16 **Argv;
> +
> +//
> +// Define how many block descriptors we want to test with.
> +//
> +UINTN  NumberOfDescriptors = 1;
> +UINTN  CapsuleFirstIndex;
> +UINTN  CapsuleLastIndex;
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  );
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  );
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData(
> +  VOID
> +  );
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData(
> +  VOID
> +  );
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  );
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  );
> +
> +/**
> +  Create UX capsule.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
> +**/
> +EFI_STATUS
> +CreateBmpFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *BmpBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *BmpName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  EFI_STATUS                                    Status;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
> +
> +  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: NO GOP is found.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
> +  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
> +  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
> +  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
> +  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  BmpBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  BmpName = Argv[2];
> +  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
> +  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
> +  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
> +  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
> +  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  DisplayCapsule->ImagePayload.Version = 1;
> +  DisplayCapsule->ImagePayload.Checksum = 0;
> +  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
> +  DisplayCapsule->ImagePayload.Reserved = 0;
> +  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
> +  DisplayCapsule->ImagePayload.OffsetX = 0;
> +  DisplayCapsule->ImagePayload.OffsetY = 0;
> +
> +  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
> +
> +  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer,
> FullCapsuleBufferSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (BmpBuffer != NULL) {
> +    FreePool(BmpBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Get ImageTypeId in the FMP capsule header.
> +
> +  @param CapsuleHeader  The FMP capsule image header.
> +
> +  @return ImageTypeId
> +**/
> +EFI_GUID *
> +GetCapsuleImageTypeId(
> +  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT64                                       *ItemOffsetList;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  if (FmpCapsuleHeader->PayloadItemCount == 0) {
> +    return NULL;
> +  }
> +  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
> +  return &ImageHeader->UpdateImageTypeId;
> +}
> +
> +/**
> +  Get ESRT FwType according to ImageTypeId
> +
> +  @param  ImageTypeId   ImageTypeId of an FMP capsule.
> +
> +  @return ESRT FwType
> +**/
> +UINT32
> +GetEsrtFwType(
> +  IN  EFI_GUID                                      *ImageTypeId
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +
> +  //
> +  // Check ESRT
> +  //
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
> +        return EsrtEntry->FwType;
> +      }
> +    }
> +  }
> +
> +  return ESRT_FW_TYPE_UNKNOWN;
> +}
> +
> +/**
> +  Append a capsule header on top of current image.
> +  This function follows Windows UEFI Firmware Update Platform document.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
> +**/
> +EFI_STATUS
> +CreateNestedFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *CapsuleBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *CapsuleName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
> +  EFI_GUID                                      *ImageTypeId;
> +  UINT32                                        FwType;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  CapsuleBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
> +  if (ImageTypeId == NULL) {
> +    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
> +    goto Done;
> +  }
> +  FwType = GetEsrtFwType(ImageTypeId);
> +  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType !=
> ESRT_FW_TYPE_DEVICEFIRMWARE)) {
> +    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
> +  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
> +  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
> +  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
> +  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ?
> SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
> +  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize,
> CapsuleBuffer, FileSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (CapsuleBuffer != NULL) {
> +    FreePool(CapsuleBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +
> +/**
> +  Clear capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is cleared.
> +**/
> +EFI_STATUS
> +ClearCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Build Gather list for a list of capsule images.
> +
> +  @param[in]  CapsuleBuffer    An array of pointer to capsule images
> +  @param[in]  FileSize         An array of UINTN to capsule images size
> +  @param[in]  CapsuleNum       The count of capsule images
> +  @param[out] BlockDescriptors The block descriptors for the capsule images
> +
> +  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
> +**/
> +EFI_STATUS
> +BuildGatherList(
> +  IN VOID                          **CapsuleBuffer,
> +  IN UINTN                         *FileSize,
> +  IN UINTN                         CapsuleNum,
> +  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
> +  UINT8                         *TempDataPtr;
> +  UINTN                         SizeLeft;
> +  UINTN                         Size;
> +  INT32                         Count;
> +  INT32                         Number;
> +  UINTN                         Index;
> +
> +  TempBlockPtr           = NULL;
> +  BlockDescriptors1      = NULL;
> +  BlockDescriptors2      = NULL;
> +  BlockDescriptorPre     = NULL;
> +  BlockDescriptorsHeader = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    //
> +    // Allocate memory for the descriptors.
> +    //
> +    if (NumberOfDescriptors == 1) {
> +      Count = 2;
> +    } else {
> +      Count = (INT32)(NumberOfDescriptors + 2) / 2;
> +    }
> +
> +    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
> +    if (BlockDescriptors1 == NULL) {
> +      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto ERREXIT;
> +    } else {
> +      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN)
> BlockDescriptors1);
> +      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n",
> (UINTN) CapsuleBuffer, FileSize);
> +    }
> +
> +    //
> +    // Record descirptor header
> +    //
> +    if (Index == 0) {
> +      BlockDescriptorsHeader = BlockDescriptors1;
> +    }
> +
> +    if (BlockDescriptorPre != NULL) {
> +      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
> +      BlockDescriptorPre->Length = 0;
> +    }
> +
> +    //
> +    // Fill them in
> +    //
> +    TempBlockPtr  = BlockDescriptors1;
> +    TempDataPtr   = CapsuleBuffer[Index];
> +    SizeLeft      = FileSize[Index];
> +    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
> +      //
> +      // Divide remaining data in half
> +      //
> +      if (NumberOfDescriptors != 1) {
> +        if (SizeLeft == 1) {
> +          Size = 1;
> +        } else {
> +          Size = SizeLeft / 2;
> +        }
> +      } else {
> +        Size = SizeLeft;
> +      }
> +      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +      TempBlockPtr->Length  = Size;
> +      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +      SizeLeft -= Size;
> +      TempDataPtr += Size;
> +      TempBlockPtr++;
> +    }
> +
> +    //
> +    // Allocate the second list, point the first block's last entry to point
> +    // to this one, and fill this one in. Worst case is that the previous
> +    // list only had one element that pointed here, so we need at least two
> +    // elements -- one to point to all the data, another to terminate the list.
> +    //
> +    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
> +      Count = (INT32)(NumberOfDescriptors + 2) - Count;
> +      if (Count == 1) {
> +        Count++;
> +      }
> +
> +      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
> +      if (BlockDescriptors2 == NULL) {
> +        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +        Status = EFI_OUT_OF_RESOURCES;
> +        goto ERREXIT;
> +      }
> +
> +      //
> +      // Point the first list's last element to point to this second list.
> +      //
> +      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
> +
> +      TempBlockPtr->Length  = 0;
> +      TempBlockPtr = BlockDescriptors2;
> +      for (Number = 0; Number < Count - 1; Number++) {
> +        //
> +        // If second-to-last one, then dump rest to this element
> +        //
> +        if (Number == (Count - 2)) {
> +          Size = SizeLeft;
> +        } else {
> +          //
> +          // Divide remaining data in half
> +          //
> +          if (SizeLeft == 1) {
> +            Size = 1;
> +          } else {
> +            Size = SizeLeft / 2;
> +          }
> +        }
> +
> +        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +        TempBlockPtr->Length  = Size;
> +        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +        SizeLeft -= Size;
> +        TempDataPtr += Size;
> +        TempBlockPtr++;
> +        if (SizeLeft == 0) {
> +          break;
> +        }
> +      }
> +    }
> +
> +    BlockDescriptorPre = TempBlockPtr;
> +    BlockDescriptors1  = NULL;
> +  }
> +
> +  //
> +  // Null-terminate.
> +  //
> +  if (TempBlockPtr != NULL) {
> +    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
> +    TempBlockPtr->Length  = 0;
> +    *BlockDescriptors = BlockDescriptorsHeader;
> +  }
> +
> +  return EFI_SUCCESS;
> +
> +ERREXIT:
> +  if (BlockDescriptors1 != NULL) {
> +    FreePool(BlockDescriptors1);
> +  }
> +
> +  if (BlockDescriptors2 != NULL) {
> +    FreePool(BlockDescriptors2);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Clear the Gather list for a list of capsule images.
> +
> +  @param[in]  BlockDescriptors The block descriptors for the capsule images
> +  @param[in]  CapsuleNum       The count of capsule images
> +**/
> +VOID
> +CleanGatherList(
> +  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
> +  IN UINTN                          CapsuleNum
> +  )
> +{
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
> +  UINTN                          Index;
> +
> +  if (BlockDescriptors != NULL) {
> +    TempBlockPtr1 = BlockDescriptors;
> +    while (1){
> +      TempBlockPtr = TempBlockPtr1;
> +      for (Index = 0; Index < CapsuleNum; Index++) {
> +        if (TempBlockPtr[Index].Length == 0) {
> +          break;
> +        }
> +      }
> +
> +      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
> +        break;
> +      }
> +
> +      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
> +      FreePool(TempBlockPtr1);
> +      TempBlockPtr1 = TempBlockPtr2;
> +    }
> +  }
> +}
> +
> +/**
> +  Print APP usage.
> +**/
> +VOID
> +PrintUsage (
> +  VOID
> +  )
> +{
> +  Print(L"CapsuleApp:  usage\n");
> +  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
> +  Print(L"  CapsuleApp -S\n");
> +  Print(L"  CapsuleApp -C\n");
> +  Print(L"  CapsuleApp -P\n");
> +  Print(L"  CapsuleApp -E\n");
> +  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
> +  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
> +  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
> +  Print(L"Parameter:\n");
> +  Print(L"  -NR: No Reset.\n");
> +  Print(L"  -S:  Dump capsule status.\n");
> +  Print(L"  -C:  Clear capsule status.\n");
> +  Print(L"  -P:  Dump FMP protocol info.\n");
> +  Print(L"  -E:  Dump ESRT table info.\n");
> +  Print(L"  -G:  Input BMP file name\n");
> +  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
> +  Print(L"  -O:  Output Capsule file name\n");
> +  Print(L"  -D:  Dump Capsule\n");
> +}
> +
> +/**
> +  Update Capsule image.
> +
> +  @param[in]  ImageHandle     The image handle.
> +  @param[in]  SystemTable     The system table.
> +
> +  @retval EFI_SUCCESS            Command completed successfully.
> +  @retval EFI_INVALID_PARAMETER  Command usage error.
> +  @retval EFI_NOT_FOUND          The input file can't be found.
> +**/
> +EFI_STATUS
> +EFIAPI
> +UefiMain (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  UINTN                         FileSize[MAX_CAPSULE_NUM];
> +  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
> +  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
> +  UINT64                         MaxCapsuleSize;
> +  EFI_RESET_TYPE                 ResetType;
> +  BOOLEAN                        NeedReset;
> +  BOOLEAN                        NoReset;
> +  CHAR16                         *CapsuleName;
> +  UINTN                          CapsuleNum;
> +  UINTN                          Index;
> +
> +  Status = GetArg();
> +  if (EFI_ERROR(Status)) {
> +    Print(L"Please use UEFI SHELL to run this application!\n", Status);
> +    return Status;
> +  }
> +  if (Argc < 2) {
> +    PrintUsage();
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  if (StrCmp(Argv[1], L"-D") == 0) {
> +    Status = DumpCapsule();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-G") == 0) {
> +    Status = CreateBmpFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-N") == 0) {
> +    Status = CreateNestedFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-S") == 0) {
> +    Status = DmpCapsuleStatusVariable();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-C") == 0) {
> +    Status = ClearCapsuleStatusVariable();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-P") == 0) {
> +    DumpFmpData();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-E") == 0) {
> +    DumpEsrtData();
> +    return EFI_SUCCESS;
> +  }
> +  CapsuleFirstIndex = 1;
> +  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
> +    NoReset = TRUE;
> +    CapsuleLastIndex = Argc - 2;
> +  } else {
> +    NoReset = FALSE;
> +    CapsuleLastIndex = Argc - 1;
> +  }
> +  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
> +
> +  if (CapsuleFirstIndex > CapsuleLastIndex) {
> +    Print(L"CapsuleApp: NO capsule image.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CapsuleNum > MAX_CAPSULE_NUM) {
> +    Print(L"CapsuleApp: Too many capsule images.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
> +  ZeroMem(&FileSize, sizeof(FileSize));
> +  BlockDescriptors = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleName = Argv[CapsuleFirstIndex + Index];
> +    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
> +    if (EFI_ERROR(Status)) {
> +      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Every capsule use 2 descriptor 1 for data 1 for end
> +  //
> +  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
> +  if (EFI_ERROR(Status)) {
> +    goto Done;
> +  }
> +
> +  //
> +  // Call the runtime service capsule.
> +  //
> +  NeedReset = FALSE;
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
> +    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0)
> {
> +      NeedReset = TRUE;
> +    }
> +  }
> +  CapsuleHeaderArray[CapsuleNum] = NULL;
> +  if (NoReset) {
> +    NeedReset = FALSE;
> +  }
> +
> +  //
> +  // Inquire platform capability of UpdateCapsule.
> +  //
> +  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum,
> &MaxCapsuleSize, &ResetType);
> +  if (EFI_ERROR(Status)) {
> +    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
> +    goto Done;
> +  }
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (FileSize[Index] > MaxCapsuleSize) {
> +      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n",
> MaxCapsuleSize);
> +      Status = EFI_UNSUPPORTED;
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Check whether the input capsule image has the flag of persist across system
> reset.
> +  //
> +  if (NeedReset) {
> +    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +      goto Done;
> +    }
> +    //
> +    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
> +    // system reset to process capsule persist across a system reset.
> +    //
> +    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
> +  } else {
> +    //
> +    // For capsule who has no reset flag, only call UpdateCapsule Service without a
> +    // system reset. The service will process the capsule immediately.
> +    //
> +    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +    }
> +  }
> +
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (CapsuleBuffer[Index] != NULL) {
> +      FreePool (CapsuleBuffer[Index]);
> +    }
> +  }
> +
> +  CleanGatherList(BlockDescriptors, CapsuleNum);
> +
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> new file mode 100644
> index 0000000..2084e5f
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> @@ -0,0 +1,71 @@
> +##  @file
> +#  A shell application that triggers capsule update process.
> +#
> +# This application can trigger capsule update process. It can also
> +# generate capsule image, or dump capsule variable information.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010006
> +  BASE_NAME                      = CapsuleApp
> +  MODULE_UNI_FILE                = CapsuleApp.uni
> +  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
> +  MODULE_TYPE                    = UEFI_APPLICATION
> +  VERSION_STRING                 = 1.0
> +  ENTRY_POINT                    = UefiMain
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64
> +#
> +
> +[Sources]
> +  CapsuleApp.c
> +  CapsuleDump.c
> +  AppSupport.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[Guids]
> +  gEfiFileInfoGuid
> +  gEfiPartTypeSystemPartGuid
> +  gEfiGlobalVariableGuid
> +  gEfiCapsuleReportGuid
> +  gEfiFmpCapsuleGuid
> +  gWindowsUxCapsuleGuid
> +  gEfiCertTypeRsa2048Sha256Guid
> +  gEfiCertPkcs7Guid
> +  gEfiSystemResourceTableGuid
> +
> +[Protocols]
> +  gEfiLoadedImageProtocolGuid
> +  gEfiSimpleFileSystemProtocolGuid
> +  gEfiGraphicsOutputProtocolGuid
> +  gEfiFirmwareManagementProtocolGuid
> +  gEfiShellParametersProtocolGuid
> +
> +[LibraryClasses]
> +  BaseLib
> +  UefiApplicationEntryPoint
> +  DebugLib
> +  MemoryAllocationLib
> +  UefiBootServicesTableLib
> +  UefiRuntimeServicesTableLib
> +  UefiLib
> +  PrintLib
> +
> +[UserExtensions.TianoCore."ExtraFiles"]
> +  CapsuleAppExtra.uni
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> new file mode 100644
> index 0000000..54d6e12
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// A shell application that triggers capsule update process.
> +//
> +// This application can trigger capsule update process. It can also
> +// generate capsule image, or dump capsule variable information.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "A shell application that
> triggers capsule update process."
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger
> capsule update process. It can also generate capsule image, or dump capsule variable
> information."
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> new file mode 100644
> index 0000000..b5a8840
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> @@ -0,0 +1,19 @@
> +// /** @file
> +// CapsuleApp Localized Strings and Content
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +#string STR_PROPERTIES_MODULE_NAME
> +#language en-US
> +"Capsule Application"
> +
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> new file mode 100644
> index 0000000..b383fe1
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> @@ -0,0 +1,740 @@
> +/** @file
> +  Dump Capsule image information.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/ImageAuthentication.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +extern UINTN  Argc;
> +extern CHAR16 *Argv[];
> +
> +/**
> +  Dump UX capsule information.
> +
> +  @param CapsuleHeader      The UX capsule header
> +**/
> +VOID
> +DumpUxCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
> +  Print(L"[UxCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule-
> >CapsuleHeader.CapsuleImageSize);
> +  Print(L"ImagePayload:\n");
> +  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
> +  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
> +  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
> +  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
> +  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
> +  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
> +}
> +
> +/**
> +  Dump FMP image authentication information.
> +
> +  @param Image      The FMP capsule image
> +  @param ImageSize  The size of the FMP capsule image in bytes.
> +
> +  @return the size of FMP authentication.
> +**/
> +UINTN
> +DumpImageAuthentication(
> +  IN VOID   *Image,
> +  IN UINTN  ImageSize
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
> +
> +  ImageAuthentication = Image;
> +  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
> +      CompareGuid(&ImageAuthentication->AuthInfo.CertType,
> &gEfiCertTypeRsa2048Sha256Guid)) {
> +    Print(L"[ImageAuthentication]\n");
> +    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
> +    Print(L"WIN_CERTIFICATE:\n");
> +    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
> +    Print(L"  wRevision        - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wRevision);
> +    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wCertificateType);
> +    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
> +    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication-
> >AuthInfo.Hdr.dwLength;
> +  } else {
> +    return 0;
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  UINT64                                        *ItemOffsetList;
> +  UINTN                                         Index;
> +  UINTN                                         Count;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
> +
> +  Print(L"[FmpCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  Print(L"FmpHeader:\n");
> +  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
> +  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
> +  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
> +  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
> +  for (Index = 0; Index < Count; Index++) {
> +    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
> +  }
> +
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
> +    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
> +    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
> +    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
> +    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
> +    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
> +    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
> +    if (FmpImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader-
> >UpdateHardwareInstance);
> +    }
> +  }
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +
> +  //
> +  // Check ESRT
> +  //
> +  EsrtGuidFound = FALSE;
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +        EsrtGuidFound = TRUE;
> +        break;
> +      }
> +    }
> +  }
> +
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *CapsuleName;
> +  VOID                                          *Buffer;
> +  UINTN                                         FileSize;
> +  EFI_CAPSULE_HEADER                            *CapsuleHeader;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 3) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  CapsuleHeader = Buffer;
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
> +    DumpUxCapsule(CapsuleHeader);
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    DumpFmpCapsule(CapsuleHeader);
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    Print(L"[NestedCapusule]\n");
> +    Print(L"CapsuleHeader:\n");
> +    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader-
> >HeaderSize));
> +  }
> +
> +Done:
> +  FreePool(Buffer);
> +  return Status;
> +}
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +  UINTN                               CapsuleFileNameSize;
> +  CHAR16                              CapsuleIndexData[12];
> +  CHAR16                              *CapsuleIndex;
> +
> +  Status = GetVariable2(
> +             L"CapsuleMax",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +  Status = GetVariable2(
> +             L"CapsuleLast",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = GetVariable2 (
> +               CapsuleVarName,
> +               &gEfiCapsuleReportGuid,
> +               (VOID **) &CapsuleResult,
> +               NULL
> +               );
> +    if (Status == EFI_NOT_FOUND) {
> +      break;
> +    } else if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    //
> +    // display capsule process status
> +    //
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      Print (L"CapsuleName: %s\n", CapsuleVarName);
> +      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
> +      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
> +      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
> +    }
> +
> +    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +      if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
> +        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
> +        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp-
> >UpdateImageIndex);
> +        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp-
> >UpdateImageTypeId);
> +        if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
> +          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
> +          if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) +
> CapsuleFileNameSize) {
> +            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp +
> 1) + CapsuleFileNameSize);
> +          }
> +        }
> +      }
> +    }
> +
> +    FreePool(CapsuleResult);
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +CHAR8 *mFwTypeString[] = {
> +  "Unknown",
> +  "SystemFirmware",
> +  "DeviceFirmware",
> +  "UefiDriver",
> +};
> +
> +CHAR8 *mLastAttemptStatusString[] = {
> +  "Success",
> +  "Error: Unsuccessful",
> +  "Error: Insufficient Resources",
> +  "Error: Incorrect Version",
> +  "Error: Invalid Format",
> +  "Error: Auth Error",
> +  "Error: Power Event AC",
> +  "Error: Power Event Battery",
> +};
> +
> +/**
> +  Convert FwType to a string.
> +
> +  @param FwType  FwType in ESRT
> +
> +  @return a string for FwType.
> +**/
> +CHAR8 *
> +FwTypeToString(
> +  IN UINT32 FwType
> +  )
> +{
> +  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
> +    return mFwTypeString[FwType];
> +  } else {
> +    return "Invalid";
> +  }
> +}
> +
> +/**
> +  Convert LastAttemptStatus to a string.
> +
> +  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
> +
> +  @return a string for LastAttemptStatus.
> +**/
> +CHAR8 *
> +LastAttemptStatusToString(
> +  IN UINT32 LastAttemptStatus
> +  )
> +{
> +  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) /
> sizeof(mLastAttemptStatusString[0])) {
> +    return mLastAttemptStatusString[LastAttemptStatus];
> +  } else {
> +    return "Error: Unknown";
> +  }
> +}
> +
> +/**
> +  Dump ESRT entry.
> +
> +  @param EsrtEntry  ESRT entry
> +**/
> +VOID
> +DumpEsrtEntry(
> +  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
> +  )
> +{
> +  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
> +  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType,
> FwTypeToString(EsrtEntry->FwType));
> +  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
> +  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
> +  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
> +  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
> +  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
> +  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_INITIATE_RESET);
> +  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
> +  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus,
> LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
> +}
> +
> +/**
> +  Dump ESRT table.
> +
> +  @param Esrt  ESRT table
> +**/
> +VOID
> +DumpEsrt(
> +  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
> +  )
> +{
> +  UINTN                      Index;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +
> +  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
> +  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
> +  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
> +  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
> +
> +  EsrtEntry = (VOID *)(Esrt + 1);
> +  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
> +    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
> +    DumpEsrtEntry(EsrtEntry);
> +    EsrtEntry++;
> +  }
> +}
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +
> +  Print(L"##############\n");
> +  Print(L"# ESRT TABLE #\n");
> +  Print(L"##############\n");
> +
> +  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"ESRT - %r\n", Status);
> +    return;
> +  }
> +  DumpEsrt(Esrt);
> +  Print(L"\n");
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
> +  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
> +  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
> +  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    Print(L"  ImageDescriptor (%d)\n", Index);
> +    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
> +    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
> +    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
> +    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo-
> >ImageIdName);
> +    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
> +    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo-
> >VersionName);
> +    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
> +    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo-
> >Compatibilities);
> +    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo-
> >Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
> +    if (DescriptorVersion > 1) {
> +      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo-
> >LowestSupportedImageVersion);
> +      if (DescriptorVersion > 2) {
> +        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo-
> >LastAttemptVersion);
> +        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo-
> >LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
> +        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo-
> >HardwareInstance);
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump FMP package information.
> +
> +  @param PackageVersion             The version of package.
> +  @param PackageVersionName         The version name of package.
> +  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
> +  @param AttributesSupported        Package attributes that are supported by this
> device.
> +  @param AttributesSetting          Package attributes.
> +**/
> +VOID
> +DumpFmpPackageInfo(
> +  IN UINT32                           PackageVersion,
> +  IN CHAR16                           *PackageVersionName,
> +  IN UINT32                           PackageVersionNameMaxLen,
> +  IN UINT64                           AttributesSupported,
> +  IN UINT64                           AttributesSetting
> +  )
> +{
> +  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
> +  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
> +  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +}
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         Index;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINT8                                         FmpImageInfoCount;
> +  UINTN                                         DescriptorSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  UINT32                                        PackageVersionNameMaxLen;
> +  UINT64                                        AttributesSupported;
> +  UINT64                                        AttributesSetting;
> +
> +  Print(L"############\n");
> +  Print(L"# FMP DATA #\n");
> +  Print(L"############\n");
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
> +    return;
> +  }
> +
> +  for (Index = 0; Index < NumberOfHandles; Index++) {
> +    Status = gBS->HandleProtocol(
> +                    HandleBuffer[Index],
> +                    &gEfiFirmwareManagementProtocolGuid,
> +                    (VOID **)&Fmp
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    ImageInfoSize = 0;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL
> +                    );
> +    if (Status != EFI_BUFFER_TOO_SMALL) {
> +      continue;
> +    }
> +
> +    FmpImageInfoBuf = NULL;
> +    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +    if (FmpImageInfoBuf == NULL) {
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto EXIT;
> +    }
> +
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,               // ImageInfoSize
> +                    FmpImageInfoBuf,              // ImageInfo
> +                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                    &FmpImageInfoCount,           // DescriptorCount
> +                    &DescriptorSize,              // DescriptorSize
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName           // PackageVersionName
> +                    );
> +
> +    //
> +    // If FMP GetInformation interface failed, skip this resource
> +    //
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
> +      FreePool(FmpImageInfoBuf);
> +      continue;
> +    }
> +
> +    Print(L"FMP (%d) ImageInfo:\n", Index);
> +    DumpFmpImageInfo(
> +      ImageInfoSize,               // ImageInfoSize
> +      FmpImageInfoBuf,             // ImageInfo
> +      FmpImageInfoDescriptorVer,   // DescriptorVersion
> +      FmpImageInfoCount,           // DescriptorCount
> +      DescriptorSize,              // DescriptorSize
> +      PackageVersion,              // PackageVersion
> +      PackageVersionName           // PackageVersionName
> +      );
> +
> +    if (PackageVersionName != NULL) {
> +      FreePool(PackageVersionName);
> +    }
> +    FreePool(FmpImageInfoBuf);
> +
> +    //
> +    // Get package info
> +    //
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetPackageInfo (
> +                    Fmp,
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName,          // PackageVersionName
> +                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +                    &AttributesSupported,         // AttributesSupported
> +                    &AttributesSetting            // AttributesSetting
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
> +    } else {
> +      Print(L"FMP (%d) ImageInfo:\n", Index);
> +      DumpFmpPackageInfo(
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName,          // PackageVersionName
> +        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +        AttributesSupported,         // AttributesSupported
> +        AttributesSetting            // AttributesSetting
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +    }
> +  }
> +  Print(L"\n");
> +
> +EXIT:
> +  FreePool(HandleBuffer);
> +}
> --
> 2.7.4.windows.1

Re: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.

[Kinney, Michael D]

Jiewen,

I have looked Microsoft UX capsule in the Microsoft
Windows UEFI Firmware Update Platform Specification, and 
that specification only defines support for an ImageType value
of 0, which is bitmap format based on ACPI 5.0 BGRT.  There
are no defined ImageType values for BMP. 

I recommend you update the capsule app for the unit test
that tests the bitmap capability to require the file to
be the same format as required by the Windows UEFI Firmware 
Update Platform Specification, and the variables and comments
in this patch should not reference the BMP file format at all.

A developer that wants to test this capability must convert
a graphics image to the right format before using it with
this utility.

Thanks,

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Saturday, October 22, 2016 7:21 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Kinney, Michael
> D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [PATCH V4 08/15] MdeModulePkg/CapsuleApp: Add CapsuleApp application.
> 
> This CapsuleApp can help perform capsule update in UEFI shell environment.
> It can also dump capsule information, capsule status variable, ESRT and FMP.
> 
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> Reviewed-by: Liming Gao <liming.gao@intel.com>
> ---
>  MdeModulePkg/Application/CapsuleApp/AppSupport.c        | 445 ++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.c        | 853 ++++++++++++++++++++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf      |  71 ++
>  MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni      |  22 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni |  19 +
>  MdeModulePkg/Application/CapsuleApp/CapsuleDump.c       | 740 +++++++++++++++++
>  6 files changed, 2150 insertions(+)
> 
> diff --git a/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> new file mode 100644
> index 0000000..90ca1fd
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/AppSupport.c
> @@ -0,0 +1,445 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/ShellParameters.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +
> +#define MAX_ARG_NUM     11
> +
> +UINTN  Argc;
> +CHAR16 **Argv;
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_SHELL_PARAMETERS_PROTOCOL *ShellParameters;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiShellParametersProtocolGuid,
> +                  (VOID**)&ShellParameters
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  Argc = ShellParameters->Argc;
> +  Argv = ShellParameters->Argv;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Return File System Volume containing this shell application.
> +
> +  @return File System Volume containing this shell application.
> +**/
> +EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *
> +GetMyVol (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_LOADED_IMAGE_PROTOCOL         *LoadedImage;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Status = gBS->HandleProtocol (
> +                  gImageHandle,
> +                  &gEfiLoadedImageProtocolGuid,
> +                  (VOID **)&LoadedImage
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +
> +  Status = gBS->HandleProtocol (
> +                  LoadedImage->DeviceHandle,
> +                  &gEfiSimpleFileSystemProtocolGuid,
> +                  (VOID **)&Vol
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return Vol;
> +  }
> +
> +  return NULL;
> +}
> +
> +/**
> +  Read a file from this volume.
> +
> +  @param Vol             File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileFromVol (
> +  IN  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol,
> +  IN  CHAR16                            *FileName,
> +  OUT UINTN                             *BufferSize,
> +  OUT VOID                              **Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             FileInfoSize;
> +  EFI_FILE_INFO                     *FileInfo;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Get the file information
> +  //
> +  FileInfoSize = sizeof(EFI_FILE_INFO) + 1024;
> +
> +  FileInfo = AllocateZeroPool (FileInfoSize);
> +  if (FileInfo == NULL) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Status = Handle->GetInfo (
> +                     Handle,
> +                     &gEfiFileInfoGuid,
> +                     &FileInfoSize,
> +                     FileInfo
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  //
> +  // Allocate buffer for the file data. The last CHAR16 is for L'\0'
> +  //
> +  TempBufferSize = (UINTN) FileInfo->FileSize + sizeof(CHAR16);
> +  TempBuffer = AllocateZeroPool (TempBufferSize);
> +  if (TempBuffer == NULL) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (FileInfo);
> +    return Status;
> +  }
> +
> +  gBS->FreePool (FileInfo);
> +
> +  //
> +  // Read the file data to the buffer
> +  //
> +  Status = Handle->Read (
> +                     Handle,
> +                     &TempBufferSize,
> +                     TempBuffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    gBS->FreePool (TempBuffer);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  *BufferSize = TempBufferSize;
> +  *Buffer     = TempBuffer;
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +  If ScanFs is FLASE, it will use this Vol as default Fs.
> +  If ScanFs is TRUE, it will scan all FS and check the file.
> +    If there is only one file match the name, it will be read.
> +    If there is more than one file match the name, it will return Error.
> +
> +  @param ThisVol         File System Volume
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +  @param ScanFs          Need Scan all FS
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +  @retval EFI_NO_MAPPING There is duplicated files found
> +**/
> +EFI_STATUS
> +ReadFileToBufferEx (
> +  IN OUT EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   **ThisVol,
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer,
> +  IN  BOOLEAN                              ScanFs
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  UINTN                             TempBufferSize;
> +  VOID                              *TempBuffer;
> +  UINTN                             NoHandles;
> +  EFI_HANDLE                        *HandleBuffer;
> +  UINTN                             Index;
> +
> +  //
> +  // Check parameters
> +  //
> +  if ((FileName == NULL) || (Buffer == NULL) || (ThisVol == NULL)) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  //
> +  // not scan fs
> +  //
> +  if (!ScanFs) {
> +    if (*ThisVol == NULL) {
> +      *ThisVol = GetMyVol ();
> +      if (*ThisVol == NULL) {
> +        return EFI_INVALID_PARAMETER;
> +      }
> +    }
> +    //
> +    // Read file directly from Vol
> +    //
> +    return ReadFileFromVol (*ThisVol, FileName, BufferSize, Buffer);
> +  }
> +
> +  //
> +  // need scan fs
> +  //
> +
> +  //
> +  // Get all Vol handle
> +  //
> +  Status = gBS->LocateHandleBuffer (
> +                   ByProtocol,
> +                   &gEfiSimpleFileSystemProtocolGuid,
> +                   NULL,
> +                   &NoHandles,
> +                   &HandleBuffer
> +                   );
> +  if (EFI_ERROR (Status) && (NoHandles == 0)) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Walk through each Vol
> +  //
> +  *ThisVol = NULL;
> +  *BufferSize = 0;
> +  *Buffer     = NULL;
> +  for (Index = 0; Index < NoHandles; Index++) {
> +    Status = gBS->HandleProtocol (
> +                    HandleBuffer[Index],
> +                    &gEfiSimpleFileSystemProtocolGuid,
> +                    (VOID **)&Vol
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    Status = ReadFileFromVol (Vol, FileName, &TempBufferSize, &TempBuffer);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Read file OK, check duplication
> +      //
> +      if (*ThisVol != NULL) {
> +        //
> +        // Find the duplicated file
> +        //
> +        gBS->FreePool (TempBuffer);
> +        gBS->FreePool (*Buffer);
> +        Print (L"Duplicated FileName found!\n");
> +        return EFI_NO_MAPPING;
> +      } else {
> +        //
> +        // Record value
> +        //
> +        *ThisVol = Vol;
> +        *BufferSize = TempBufferSize;
> +        *Buffer     = TempBuffer;
> +      }
> +    }
> +  }
> +
> +  //
> +  // Scan Fs done
> +  //
> +  if (*ThisVol == NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
> +  //
> +  // Done
> +  //
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer (
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  )
> +{
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +  Vol = NULL;
> +  return ReadFileToBufferEx(&Vol, FileName, BufferSize, Buffer, FALSE);
> +}
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  )
> +{
> +  EFI_STATUS                        Status;
> +  EFI_FILE_HANDLE                   RootDir;
> +  EFI_FILE_HANDLE                   Handle;
> +  UINTN                             TempBufferSize;
> +  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL   *Vol;
> +
> +  Vol = GetMyVol();
> +
> +  //
> +  // Open the root directory
> +  //
> +  Status = Vol->OpenVolume (Vol, &RootDir);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  //
> +  // Delete file
> +  //
> +  Status = Handle->Delete(Handle);
> +  if (EFI_ERROR(Status)) {
> +    return Status;
> +  }
> +
> +  //
> +  // Open the file again
> +  //
> +  Status = RootDir->Open (
> +                      RootDir,
> +                      &Handle,
> +                      FileName,
> +                      EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE| EFI_FILE_MODE_CREATE,
> +                      0
> +                      );
> +  if (EFI_ERROR (Status)) {
> +    RootDir->Close (RootDir);
> +    return Status;
> +  }
> +
> +  RootDir->Close (RootDir);
> +
> +  //
> +  // Write the file data from the buffer
> +  //
> +  TempBufferSize = BufferSize;
> +  Status = Handle->Write (
> +                     Handle,
> +                     &TempBufferSize,
> +                     Buffer
> +                     );
> +  if (EFI_ERROR (Status)) {
> +    Handle->Close (Handle);
> +    return Status;
> +  }
> +
> +  Handle->Close (Handle);
> +
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> new file mode 100644
> index 0000000..6bb778a
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
> @@ -0,0 +1,853 @@
> +/** @file
> +  A shell application that triggers capsule update process.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Uefi.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/LoadedImage.h>
> +#include <Protocol/SimpleFileSystem.h>
> +#include <Protocol/GraphicsOutput.h>
> +#include <Guid/FileInfo.h>
> +#include <Guid/Gpt.h>
> +#include <Guid/GlobalVariable.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +#define CAPSULE_HEADER_SIZE  0x20
> +
> +#define NESTED_CAPSULE_HEADER_SIZE  SIZE_4KB
> +#define SYSTEM_FIRMWARE_FLAG 0x50000
> +#define DEVICE_FIRMWARE_FLAG 0x78010
> +
> +#define EFI_CAPSULE_FROM_FILE_DIR                           L"\\EFI\\UpdateCapsule\\"
> +#define EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED  0x0000000000000004
> +
> +#define MAJOR_VERSION   1
> +#define MINOR_VERSION   0
> +
> +#define MAX_CAPSULE_NUM 10
> +
> +extern UINTN  Argc;
> +extern CHAR16 **Argv;
> +
> +//
> +// Define how many block descriptors we want to test with.
> +//
> +UINTN  NumberOfDescriptors = 1;
> +UINTN  CapsuleFirstIndex;
> +UINTN  CapsuleLastIndex;
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  );
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  );
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData(
> +  VOID
> +  );
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData(
> +  VOID
> +  );
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +/**
> +  Write a file.
> +
> +  @param FileName        The file to be written.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Write file successfully
> +**/
> +EFI_STATUS
> +WriteFileFromBuffer(
> +  IN  CHAR16                               *FileName,
> +  IN  UINTN                                BufferSize,
> +  IN  VOID                                 *Buffer
> +  );
> +
> +/**
> +
> +  This function parse application ARG.
> +
> +  @return Status
> +**/
> +EFI_STATUS
> +GetArg (
> +  VOID
> +  );
> +
> +/**
> +  Create UX capsule.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to create UX capsule.
> +**/
> +EFI_STATUS
> +CreateBmpFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *BmpBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *BmpName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  EFI_STATUS                                    Status;
> +  EFI_GRAPHICS_OUTPUT_PROTOCOL                  *Gop;
> +
> +  Status = gBS->LocateProtocol(&gEfiGraphicsOutputProtocolGuid, NULL, (VOID **)&Gop);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: NO GOP is found.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  Print(L"Current GOP: Mode - %d, ", Gop->Mode->Mode);
> +  Print(L"HorizontalResolution - %d, ", Gop->Mode->Info->HorizontalResolution);
> +  Print(L"VerticalResolution - %d\n", Gop->Mode->Info->VerticalResolution);
> +  // HorizontalResolution >= BMP_IMAGE_HEADER.PixelWidth
> +  // VerticalResolution   >= BMP_IMAGE_HEADER.PixelHeight
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  BmpBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  BmpName = Argv[2];
> +  Status = ReadFileToBuffer(BmpName, &FileSize, &BmpBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: BMP image (%s) is not found.\n", BmpName);
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = sizeof(EFI_DISPLAY_CAPSULE) + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)FullCapsuleBuffer;
> +  CopyGuid(&DisplayCapsule->CapsuleHeader.CapsuleGuid, &gWindowsUxCapsuleGuid);
> +  DisplayCapsule->CapsuleHeader.HeaderSize = sizeof(DisplayCapsule->CapsuleHeader);
> +  DisplayCapsule->CapsuleHeader.Flags = CAPSULE_FLAGS_PERSIST_ACROSS_RESET;
> +  DisplayCapsule->CapsuleHeader.CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  DisplayCapsule->ImagePayload.Version = 1;
> +  DisplayCapsule->ImagePayload.Checksum = 0;
> +  DisplayCapsule->ImagePayload.ImageType = 0; // BMP
> +  DisplayCapsule->ImagePayload.Reserved = 0;
> +  DisplayCapsule->ImagePayload.Mode = Gop->Mode->Mode;
> +  DisplayCapsule->ImagePayload.OffsetX = 0;
> +  DisplayCapsule->ImagePayload.OffsetY = 0;
> +
> +  CopyMem((DisplayCapsule + 1), BmpBuffer, FileSize);
> +
> +  DisplayCapsule->ImagePayload.Checksum = CalculateCheckSum8(FullCapsuleBuffer,
> FullCapsuleBufferSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (BmpBuffer != NULL) {
> +    FreePool(BmpBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Get ImageTypeId in the FMP capsule header.
> +
> +  @param CapsuleHeader  The FMP capsule image header.
> +
> +  @return ImageTypeId
> +**/
> +EFI_GUID *
> +GetCapsuleImageTypeId(
> +  IN EFI_CAPSULE_HEADER                            *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER       *FmpCapsuleHeader;
> +  UINT64                                       *ItemOffsetList;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *ImageHeader;
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  if (FmpCapsuleHeader->PayloadItemCount == 0) {
> +    return NULL;
> +  }
> +  ImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[FmpCapsuleHeader->EmbeddedDriverCount]);
> +  return &ImageHeader->UpdateImageTypeId;
> +}
> +
> +/**
> +  Get ESRT FwType according to ImageTypeId
> +
> +  @param  ImageTypeId   ImageTypeId of an FMP capsule.
> +
> +  @return ESRT FwType
> +**/
> +UINT32
> +GetEsrtFwType(
> +  IN  EFI_GUID                                      *ImageTypeId
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +
> +  //
> +  // Check ESRT
> +  //
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, ImageTypeId)) {
> +        return EsrtEntry->FwType;
> +      }
> +    }
> +  }
> +
> +  return ESRT_FW_TYPE_UNKNOWN;
> +}
> +
> +/**
> +  Append a capsule header on top of current image.
> +  This function follows Windows UEFI Firmware Update Platform document.
> +
> +  @retval EFI_SUCCESS            The capsule header is appended.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +  @retval EFI_OUT_OF_RESOURCES   No enough resource to append capsule header.
> +**/
> +EFI_STATUS
> +CreateNestedFmp(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *OutputCapsuleName;
> +  VOID                                          *CapsuleBuffer;
> +  UINTN                                         FileSize;
> +  CHAR16                                        *CapsuleName;
> +  UINT8                                         *FullCapsuleBuffer;
> +  UINTN                                         FullCapsuleBufferSize;
> +  EFI_CAPSULE_HEADER                            *NestedCapsuleHeader;
> +  EFI_GUID                                      *ImageTypeId;
> +  UINT32                                        FwType;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 5) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (StrCmp(Argv[3], L"-O") != 0) {
> +    Print(L"CapsuleApp: NO output capsule name.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  OutputCapsuleName = Argv[4];
> +
> +  CapsuleBuffer = NULL;
> +  FileSize = 0;
> +  FullCapsuleBuffer = NULL;
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &CapsuleBuffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
> +  if (ImageTypeId == NULL) {
> +    Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
> +    goto Done;
> +  }
> +  FwType = GetEsrtFwType(ImageTypeId);
> +  if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType !=
> ESRT_FW_TYPE_DEVICEFIRMWARE)) {
> +    Print(L"CapsuleApp: Capsule FwType is invalid.\n");
> +    goto Done;
> +  }
> +
> +  FullCapsuleBufferSize = NESTED_CAPSULE_HEADER_SIZE + FileSize;
> +  FullCapsuleBuffer = AllocatePool(FullCapsuleBufferSize);
> +  if (FullCapsuleBuffer == NULL) {
> +    Print(L"CapsuleApp: Capsule Buffer size (0x%x) too big.\n",
> FullCapsuleBufferSize);
> +    Status = EFI_OUT_OF_RESOURCES;
> +    goto Done;
> +  }
> +
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)FullCapsuleBuffer;
> +  ZeroMem(NestedCapsuleHeader, NESTED_CAPSULE_HEADER_SIZE);
> +  CopyGuid(&NestedCapsuleHeader->CapsuleGuid, ImageTypeId);
> +  NestedCapsuleHeader->HeaderSize = NESTED_CAPSULE_HEADER_SIZE;
> +  NestedCapsuleHeader->Flags = (FwType == ESRT_FW_TYPE_DEVICEFIRMWARE) ?
> SYSTEM_FIRMWARE_FLAG : DEVICE_FIRMWARE_FLAG;
> +  NestedCapsuleHeader->CapsuleImageSize = (UINT32)FullCapsuleBufferSize;
> +
> +  CopyMem((UINT8 *)NestedCapsuleHeader + NestedCapsuleHeader->HeaderSize,
> CapsuleBuffer, FileSize);
> +
> +  Status = WriteFileFromBuffer(OutputCapsuleName, FullCapsuleBufferSize,
> FullCapsuleBuffer);
> +  Print(L"CapsuleApp: Write %s %r\n", OutputCapsuleName, Status);
> +
> +Done:
> +  if (CapsuleBuffer != NULL) {
> +    FreePool(CapsuleBuffer);
> +  }
> +
> +  if (FullCapsuleBuffer != NULL) {
> +    FreePool(FullCapsuleBuffer);
> +  }
> +
> +  return Status;
> +}
> +
> +
> +/**
> +  Clear capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is cleared.
> +**/
> +EFI_STATUS
> +ClearCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = gRT->SetVariable (
> +                    CapsuleVarName,
> +                    &gEfiCapsuleReportGuid,
> +                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> +                    0,
> +                    (VOID *)NULL
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      //
> +      // There is no capsule variables, quit
> +      //
> +      break;
> +    }
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Build Gather list for a list of capsule images.
> +
> +  @param[in]  CapsuleBuffer    An array of pointer to capsule images
> +  @param[in]  FileSize         An array of UINTN to capsule images size
> +  @param[in]  CapsuleNum       The count of capsule images
> +  @param[out] BlockDescriptors The block descriptors for the capsule images
> +
> +  @retval EFI_SUCCESS The block descriptors for the capsule images are constructed.
> +**/
> +EFI_STATUS
> +BuildGatherList(
> +  IN VOID                          **CapsuleBuffer,
> +  IN UINTN                         *FileSize,
> +  IN UINTN                         CapsuleNum,
> +  OUT EFI_CAPSULE_BLOCK_DESCRIPTOR **BlockDescriptors
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors2;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorPre;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptorsHeader;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *TempBlockPtr;
> +  UINT8                         *TempDataPtr;
> +  UINTN                         SizeLeft;
> +  UINTN                         Size;
> +  INT32                         Count;
> +  INT32                         Number;
> +  UINTN                         Index;
> +
> +  TempBlockPtr           = NULL;
> +  BlockDescriptors1      = NULL;
> +  BlockDescriptors2      = NULL;
> +  BlockDescriptorPre     = NULL;
> +  BlockDescriptorsHeader = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    //
> +    // Allocate memory for the descriptors.
> +    //
> +    if (NumberOfDescriptors == 1) {
> +      Count = 2;
> +    } else {
> +      Count = (INT32)(NumberOfDescriptors + 2) / 2;
> +    }
> +
> +    Size               = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +    BlockDescriptors1  = AllocateRuntimeZeroPool (Size);
> +    if (BlockDescriptors1 == NULL) {
> +      Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto ERREXIT;
> +    } else {
> +      Print (L"CapsuleApp: creating capsule descriptors at 0x%X\n", (UINTN)
> BlockDescriptors1);
> +      Print (L"CapsuleApp: capsule data starts          at 0x%X with size 0x%X\n",
> (UINTN) CapsuleBuffer, FileSize);
> +    }
> +
> +    //
> +    // Record descirptor header
> +    //
> +    if (Index == 0) {
> +      BlockDescriptorsHeader = BlockDescriptors1;
> +    }
> +
> +    if (BlockDescriptorPre != NULL) {
> +      BlockDescriptorPre->Union.ContinuationPointer = (UINTN) BlockDescriptors1;
> +      BlockDescriptorPre->Length = 0;
> +    }
> +
> +    //
> +    // Fill them in
> +    //
> +    TempBlockPtr  = BlockDescriptors1;
> +    TempDataPtr   = CapsuleBuffer[Index];
> +    SizeLeft      = FileSize[Index];
> +    for (Number = 0; (Number < Count - 1) && (SizeLeft != 0); Number++) {
> +      //
> +      // Divide remaining data in half
> +      //
> +      if (NumberOfDescriptors != 1) {
> +        if (SizeLeft == 1) {
> +          Size = 1;
> +        } else {
> +          Size = SizeLeft / 2;
> +        }
> +      } else {
> +        Size = SizeLeft;
> +      }
> +      TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +      TempBlockPtr->Length  = Size;
> +      Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +      SizeLeft -= Size;
> +      TempDataPtr += Size;
> +      TempBlockPtr++;
> +    }
> +
> +    //
> +    // Allocate the second list, point the first block's last entry to point
> +    // to this one, and fill this one in. Worst case is that the previous
> +    // list only had one element that pointed here, so we need at least two
> +    // elements -- one to point to all the data, another to terminate the list.
> +    //
> +    if ((NumberOfDescriptors != 1) && (SizeLeft != 0)) {
> +      Count = (INT32)(NumberOfDescriptors + 2) - Count;
> +      if (Count == 1) {
> +        Count++;
> +      }
> +
> +      Size              = Count * sizeof (EFI_CAPSULE_BLOCK_DESCRIPTOR);
> +      BlockDescriptors2 = AllocateRuntimeZeroPool (Size);
> +      if (BlockDescriptors2 == NULL) {
> +        Print (L"CapsuleApp: failed to allocate memory for descriptors\n");
> +        Status = EFI_OUT_OF_RESOURCES;
> +        goto ERREXIT;
> +      }
> +
> +      //
> +      // Point the first list's last element to point to this second list.
> +      //
> +      TempBlockPtr->Union.ContinuationPointer   = (UINTN) BlockDescriptors2;
> +
> +      TempBlockPtr->Length  = 0;
> +      TempBlockPtr = BlockDescriptors2;
> +      for (Number = 0; Number < Count - 1; Number++) {
> +        //
> +        // If second-to-last one, then dump rest to this element
> +        //
> +        if (Number == (Count - 2)) {
> +          Size = SizeLeft;
> +        } else {
> +          //
> +          // Divide remaining data in half
> +          //
> +          if (SizeLeft == 1) {
> +            Size = 1;
> +          } else {
> +            Size = SizeLeft / 2;
> +          }
> +        }
> +
> +        TempBlockPtr->Union.DataBlock    = (UINTN)TempDataPtr;
> +        TempBlockPtr->Length  = Size;
> +        Print (L"CapsuleApp: capsule block/size              0x%X/0x%X\n", (UINTN)
> TempDataPtr, Size);
> +        SizeLeft -= Size;
> +        TempDataPtr += Size;
> +        TempBlockPtr++;
> +        if (SizeLeft == 0) {
> +          break;
> +        }
> +      }
> +    }
> +
> +    BlockDescriptorPre = TempBlockPtr;
> +    BlockDescriptors1  = NULL;
> +  }
> +
> +  //
> +  // Null-terminate.
> +  //
> +  if (TempBlockPtr != NULL) {
> +    TempBlockPtr->Union.ContinuationPointer    = (UINTN)NULL;
> +    TempBlockPtr->Length  = 0;
> +    *BlockDescriptors = BlockDescriptorsHeader;
> +  }
> +
> +  return EFI_SUCCESS;
> +
> +ERREXIT:
> +  if (BlockDescriptors1 != NULL) {
> +    FreePool(BlockDescriptors1);
> +  }
> +
> +  if (BlockDescriptors2 != NULL) {
> +    FreePool(BlockDescriptors2);
> +  }
> +
> +  return Status;
> +}
> +
> +/**
> +  Clear the Gather list for a list of capsule images.
> +
> +  @param[in]  BlockDescriptors The block descriptors for the capsule images
> +  @param[in]  CapsuleNum       The count of capsule images
> +**/
> +VOID
> +CleanGatherList(
> +  IN EFI_CAPSULE_BLOCK_DESCRIPTOR   *BlockDescriptors,
> +  IN UINTN                          CapsuleNum
> +  )
> +{
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr1;
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR   *TempBlockPtr2;
> +  UINTN                          Index;
> +
> +  if (BlockDescriptors != NULL) {
> +    TempBlockPtr1 = BlockDescriptors;
> +    while (1){
> +      TempBlockPtr = TempBlockPtr1;
> +      for (Index = 0; Index < CapsuleNum; Index++) {
> +        if (TempBlockPtr[Index].Length == 0) {
> +          break;
> +        }
> +      }
> +
> +      if (TempBlockPtr[Index].Union.ContinuationPointer == (UINTN)NULL) {
> +        break;
> +      }
> +
> +      TempBlockPtr2 = (VOID *) ((UINTN) TempBlockPtr->Union.ContinuationPointer);
> +      FreePool(TempBlockPtr1);
> +      TempBlockPtr1 = TempBlockPtr2;
> +    }
> +  }
> +}
> +
> +/**
> +  Print APP usage.
> +**/
> +VOID
> +PrintUsage (
> +  VOID
> +  )
> +{
> +  Print(L"CapsuleApp:  usage\n");
> +  Print(L"  CapsuleApp <Capsule...> [-NR]\n");
> +  Print(L"  CapsuleApp -S\n");
> +  Print(L"  CapsuleApp -C\n");
> +  Print(L"  CapsuleApp -P\n");
> +  Print(L"  CapsuleApp -E\n");
> +  Print(L"  CapsuleApp -G <BMP> -O <Capsule>\n");
> +  Print(L"  CapsuleApp -N <Capsule> -O <NestedCapsule>\n");
> +  Print(L"  CapsuleApp -D|-DS <Capsule>\n");
> +  Print(L"Parameter:\n");
> +  Print(L"  -NR: No Reset.\n");
> +  Print(L"  -S:  Dump capsule status.\n");
> +  Print(L"  -C:  Clear capsule status.\n");
> +  Print(L"  -P:  Dump FMP protocol info.\n");
> +  Print(L"  -E:  Dump ESRT table info.\n");
> +  Print(L"  -G:  Input BMP file name\n");
> +  Print(L"  -N:  Append Capsule Header accroding to Windows Firmware Update\n");
> +  Print(L"  -O:  Output Capsule file name\n");
> +  Print(L"  -D:  Dump Capsule\n");
> +}
> +
> +/**
> +  Update Capsule image.
> +
> +  @param[in]  ImageHandle     The image handle.
> +  @param[in]  SystemTable     The system table.
> +
> +  @retval EFI_SUCCESS            Command completed successfully.
> +  @retval EFI_INVALID_PARAMETER  Command usage error.
> +  @retval EFI_NOT_FOUND          The input file can't be found.
> +**/
> +EFI_STATUS
> +EFIAPI
> +UefiMain (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS                    Status;
> +  UINTN                         FileSize[MAX_CAPSULE_NUM];
> +  VOID                          *CapsuleBuffer[MAX_CAPSULE_NUM];
> +  EFI_CAPSULE_BLOCK_DESCRIPTOR  *BlockDescriptors;
> +  EFI_CAPSULE_HEADER             *CapsuleHeaderArray[MAX_CAPSULE_NUM + 1];
> +  UINT64                         MaxCapsuleSize;
> +  EFI_RESET_TYPE                 ResetType;
> +  BOOLEAN                        NeedReset;
> +  BOOLEAN                        NoReset;
> +  CHAR16                         *CapsuleName;
> +  UINTN                          CapsuleNum;
> +  UINTN                          Index;
> +
> +  Status = GetArg();
> +  if (EFI_ERROR(Status)) {
> +    Print(L"Please use UEFI SHELL to run this application!\n", Status);
> +    return Status;
> +  }
> +  if (Argc < 2) {
> +    PrintUsage();
> +    return EFI_INVALID_PARAMETER;
> +  }
> +  if (StrCmp(Argv[1], L"-D") == 0) {
> +    Status = DumpCapsule();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-G") == 0) {
> +    Status = CreateBmpFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-N") == 0) {
> +    Status = CreateNestedFmp();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-S") == 0) {
> +    Status = DmpCapsuleStatusVariable();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-C") == 0) {
> +    Status = ClearCapsuleStatusVariable();
> +    return Status;
> +  }
> +  if (StrCmp(Argv[1], L"-P") == 0) {
> +    DumpFmpData();
> +    return EFI_SUCCESS;
> +  }
> +  if (StrCmp(Argv[1], L"-E") == 0) {
> +    DumpEsrtData();
> +    return EFI_SUCCESS;
> +  }
> +  CapsuleFirstIndex = 1;
> +  if (StrCmp(Argv[Argc - 1], L"-NR") == 0) {
> +    NoReset = TRUE;
> +    CapsuleLastIndex = Argc - 2;
> +  } else {
> +    NoReset = FALSE;
> +    CapsuleLastIndex = Argc - 1;
> +  }
> +  CapsuleNum = CapsuleLastIndex - CapsuleFirstIndex + 1;
> +
> +  if (CapsuleFirstIndex > CapsuleLastIndex) {
> +    Print(L"CapsuleApp: NO capsule image.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +  if (CapsuleNum > MAX_CAPSULE_NUM) {
> +    Print(L"CapsuleApp: Too many capsule images.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  ZeroMem(&CapsuleBuffer, sizeof(CapsuleBuffer));
> +  ZeroMem(&FileSize, sizeof(FileSize));
> +  BlockDescriptors = NULL;
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleName = Argv[CapsuleFirstIndex + Index];
> +    Status = ReadFileToBuffer(CapsuleName, &FileSize[Index], &CapsuleBuffer[Index]);
> +    if (EFI_ERROR(Status)) {
> +      Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Every capsule use 2 descriptor 1 for data 1 for end
> +  //
> +  Status = BuildGatherList(CapsuleBuffer, FileSize, CapsuleNum, &BlockDescriptors);
> +  if (EFI_ERROR(Status)) {
> +    goto Done;
> +  }
> +
> +  //
> +  // Call the runtime service capsule.
> +  //
> +  NeedReset = FALSE;
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    CapsuleHeaderArray[Index] = (EFI_CAPSULE_HEADER *) CapsuleBuffer[Index];
> +    if ((CapsuleHeaderArray[Index]->Flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) != 0)
> {
> +      NeedReset = TRUE;
> +    }
> +  }
> +  CapsuleHeaderArray[CapsuleNum] = NULL;
> +  if (NoReset) {
> +    NeedReset = FALSE;
> +  }
> +
> +  //
> +  // Inquire platform capability of UpdateCapsule.
> +  //
> +  Status = gRT->QueryCapsuleCapabilities (CapsuleHeaderArray, CapsuleNum,
> &MaxCapsuleSize, &ResetType);
> +  if (EFI_ERROR(Status)) {
> +    Print (L"CapsuleApp: failed to query capsule capability - %r\n", Status);
> +    goto Done;
> +  }
> +
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (FileSize[Index] > MaxCapsuleSize) {
> +      Print (L"CapsuleApp: capsule is too large to update, %ld is allowed\n",
> MaxCapsuleSize);
> +      Status = EFI_UNSUPPORTED;
> +      goto Done;
> +    }
> +  }
> +
> +  //
> +  // Check whether the input capsule image has the flag of persist across system
> reset.
> +  //
> +  if (NeedReset) {
> +    Status = gRT->UpdateCapsule(CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +      goto Done;
> +    }
> +    //
> +    // For capsule who has reset flag, after calling UpdateCapsule service,triger a
> +    // system reset to process capsule persist across a system reset.
> +    //
> +    gRT->ResetSystem (ResetType, EFI_SUCCESS, 0, NULL);
> +  } else {
> +    //
> +    // For capsule who has no reset flag, only call UpdateCapsule Service without a
> +    // system reset. The service will process the capsule immediately.
> +    //
> +    Status = gRT->UpdateCapsule (CapsuleHeaderArray,CapsuleNum,(UINTN)
> BlockDescriptors);
> +    if (Status != EFI_SUCCESS) {
> +      Print (L"CapsuleApp: failed to update capsule - %r\n", Status);
> +    }
> +  }
> +
> +  Status = EFI_SUCCESS;
> +
> +Done:
> +  for (Index = 0; Index < CapsuleNum; Index++) {
> +    if (CapsuleBuffer[Index] != NULL) {
> +      FreePool (CapsuleBuffer[Index]);
> +    }
> +  }
> +
> +  CleanGatherList(BlockDescriptors, CapsuleNum);
> +
> +  return Status;
> +}
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> new file mode 100644
> index 0000000..2084e5f
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> @@ -0,0 +1,71 @@
> +##  @file
> +#  A shell application that triggers capsule update process.
> +#
> +# This application can trigger capsule update process. It can also
> +# generate capsule image, or dump capsule variable information.
> +#
> +#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution.  The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x00010006
> +  BASE_NAME                      = CapsuleApp
> +  MODULE_UNI_FILE                = CapsuleApp.uni
> +  FILE_GUID                      = 4CEF31DA-8682-4274-9CC4-AEE7516A5E7B
> +  MODULE_TYPE                    = UEFI_APPLICATION
> +  VERSION_STRING                 = 1.0
> +  ENTRY_POINT                    = UefiMain
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64
> +#
> +
> +[Sources]
> +  CapsuleApp.c
> +  CapsuleDump.c
> +  AppSupport.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +
> +[Guids]
> +  gEfiFileInfoGuid
> +  gEfiPartTypeSystemPartGuid
> +  gEfiGlobalVariableGuid
> +  gEfiCapsuleReportGuid
> +  gEfiFmpCapsuleGuid
> +  gWindowsUxCapsuleGuid
> +  gEfiCertTypeRsa2048Sha256Guid
> +  gEfiCertPkcs7Guid
> +  gEfiSystemResourceTableGuid
> +
> +[Protocols]
> +  gEfiLoadedImageProtocolGuid
> +  gEfiSimpleFileSystemProtocolGuid
> +  gEfiGraphicsOutputProtocolGuid
> +  gEfiFirmwareManagementProtocolGuid
> +  gEfiShellParametersProtocolGuid
> +
> +[LibraryClasses]
> +  BaseLib
> +  UefiApplicationEntryPoint
> +  DebugLib
> +  MemoryAllocationLib
> +  UefiBootServicesTableLib
> +  UefiRuntimeServicesTableLib
> +  UefiLib
> +  PrintLib
> +
> +[UserExtensions.TianoCore."ExtraFiles"]
> +  CapsuleAppExtra.uni
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> new file mode 100644
> index 0000000..54d6e12
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// A shell application that triggers capsule update process.
> +//
> +// This application can trigger capsule update process. It can also
> +// generate capsule image, or dump capsule variable information.
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "A shell application that
> triggers capsule update process."
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "This application can trigger
> capsule update process. It can also generate capsule image, or dump capsule variable
> information."
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> new file mode 100644
> index 0000000..b5a8840
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
> @@ -0,0 +1,19 @@
> +// /** @file
> +// CapsuleApp Localized Strings and Content
> +//
> +// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD License
> +// which accompanies this distribution. The full text of the license may be found at
> +// http://opensource.org/licenses/bsd-license.php
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +#string STR_PROPERTIES_MODULE_NAME
> +#language en-US
> +"Capsule Application"
> +
> +
> diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> new file mode 100644
> index 0000000..b383fe1
> --- /dev/null
> +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
> @@ -0,0 +1,740 @@
> +/** @file
> +  Dump Capsule image information.
> +
> +  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiDxe.h>
> +#include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> +#include <Library/UefiLib.h>
> +#include <Library/PrintLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/ImageAuthentication.h>
> +#include <Guid/CapsuleReport.h>
> +#include <Guid/SystemResourceTable.h>
> +#include <Guid/FmpCapsule.h>
> +#include <IndustryStandard/WindowsUxCapsule.h>
> +
> +/**
> +  Read a file.
> +
> +  @param FileName        The file to be read.
> +  @param BufferSize      The file buffer size
> +  @param Buffer          The file buffer
> +
> +  @retval EFI_SUCCESS    Read file successfully
> +  @retval EFI_NOT_FOUND  File not found
> +**/
> +EFI_STATUS
> +ReadFileToBuffer(
> +  IN  CHAR16                               *FileName,
> +  OUT UINTN                                *BufferSize,
> +  OUT VOID                                 **Buffer
> +  );
> +
> +extern UINTN  Argc;
> +extern CHAR16 *Argv[];
> +
> +/**
> +  Dump UX capsule information.
> +
> +  @param CapsuleHeader      The UX capsule header
> +**/
> +VOID
> +DumpUxCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_DISPLAY_CAPSULE                           *DisplayCapsule;
> +  DisplayCapsule = (EFI_DISPLAY_CAPSULE *)CapsuleHeader;
> +  Print(L"[UxCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &DisplayCapsule->CapsuleHeader.CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", DisplayCapsule->CapsuleHeader.HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", DisplayCapsule->CapsuleHeader.Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", DisplayCapsule-
> >CapsuleHeader.CapsuleImageSize);
> +  Print(L"ImagePayload:\n");
> +  Print(L"  Version          - 0x%x\n", DisplayCapsule->ImagePayload.Version);
> +  Print(L"  Checksum         - 0x%x\n", DisplayCapsule->ImagePayload.Checksum);
> +  Print(L"  ImageType        - 0x%x\n", DisplayCapsule->ImagePayload.ImageType);
> +  Print(L"  Mode             - 0x%x\n", DisplayCapsule->ImagePayload.Mode);
> +  Print(L"  OffsetX          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetX);
> +  Print(L"  OffsetY          - 0x%x\n", DisplayCapsule->ImagePayload.OffsetY);
> +}
> +
> +/**
> +  Dump FMP image authentication information.
> +
> +  @param Image      The FMP capsule image
> +  @param ImageSize  The size of the FMP capsule image in bytes.
> +
> +  @return the size of FMP authentication.
> +**/
> +UINTN
> +DumpImageAuthentication(
> +  IN VOID   *Image,
> +  IN UINTN  ImageSize
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_AUTHENTICATION             *ImageAuthentication;
> +
> +  ImageAuthentication = Image;
> +  if (CompareGuid(&ImageAuthentication->AuthInfo.CertType, &gEfiCertPkcs7Guid) ||
> +      CompareGuid(&ImageAuthentication->AuthInfo.CertType,
> &gEfiCertTypeRsa2048Sha256Guid)) {
> +    Print(L"[ImageAuthentication]\n");
> +    Print(L"  MonotonicCount   - 0x%lx\n", ImageAuthentication->MonotonicCount);
> +    Print(L"WIN_CERTIFICATE:\n");
> +    Print(L"  dwLength         - 0x%x\n", ImageAuthentication->AuthInfo.Hdr.dwLength);
> +    Print(L"  wRevision        - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wRevision);
> +    Print(L"  wCertificateType - 0x%x\n", ImageAuthentication-
> >AuthInfo.Hdr.wCertificateType);
> +    Print(L"  CertType         - %g\n", &ImageAuthentication->AuthInfo.CertType);
> +    return sizeof(ImageAuthentication->MonotonicCount) + ImageAuthentication-
> >AuthInfo.Hdr.dwLength;
> +  } else {
> +    return 0;
> +  }
> +}
> +
> +/**
> +  Dump a non-nested FMP capsule.
> +
> +  @param  CapsuleHeader  A pointer to CapsuleHeader
> +**/
> +VOID
> +DumpFmpCapsule(
> +  IN EFI_CAPSULE_HEADER  *CapsuleHeader
> +  )
> +{
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER        *FmpCapsuleHeader;
> +  UINT64                                        *ItemOffsetList;
> +  UINTN                                         Index;
> +  UINTN                                         Count;
> +  EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER  *FmpImageHeader;
> +
> +  Print(L"[FmpCapusule]\n");
> +  Print(L"CapsuleHeader:\n");
> +  Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +  Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +  Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +  Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +
> +  FmpCapsuleHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader
> + CapsuleHeader->HeaderSize);
> +  ItemOffsetList = (UINT64 *)(FmpCapsuleHeader + 1);
> +  Print(L"FmpHeader:\n");
> +  Print(L"  Version             - 0x%x\n", FmpCapsuleHeader->Version);
> +  Print(L"  EmbeddedDriverCount - 0x%x\n", FmpCapsuleHeader->EmbeddedDriverCount);
> +  Print(L"  PayloadItemCount    - 0x%x\n", FmpCapsuleHeader->PayloadItemCount);
> +  Count = FmpCapsuleHeader->EmbeddedDriverCount + FmpCapsuleHeader->PayloadItemCount;
> +  for (Index = 0; Index < Count; Index++) {
> +    Print(L"  Offset[%d]           - 0x%x\n", Index, ItemOffsetList[Index]);
> +  }
> +
> +  for (Index = FmpCapsuleHeader->EmbeddedDriverCount; Index < Count; Index++) {
> +    Print(L"FmpPayload[%d] ImageHeader:\n", Index);
> +    FmpImageHeader = (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER *)((UINT8
> *)FmpCapsuleHeader + ItemOffsetList[Index]);
> +    Print(L"  Version                - 0x%x\n", FmpImageHeader->Version);
> +    Print(L"  UpdateImageTypeId      - %g\n", &FmpImageHeader->UpdateImageTypeId);
> +    Print(L"  UpdateImageIndex       - 0x%x\n", FmpImageHeader->UpdateImageIndex);
> +    Print(L"  UpdateImageSize        - 0x%x\n", FmpImageHeader->UpdateImageSize);
> +    Print(L"  UpdateVendorCodeSize   - 0x%x\n", FmpImageHeader->UpdateVendorCodeSize);
> +    if (FmpImageHeader->Version >=
> EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION) {
> +      Print(L"  UpdateHardwareInstance - 0x%lx\n", FmpImageHeader-
> >UpdateHardwareInstance);
> +    }
> +  }
> +}
> +
> +/**
> +  Return if there is a FMP header below capsule header.
> +
> +  @param[in] CapsuleHeader A pointer to EFI_CAPSULE_HEADER
> +
> +  @retval TRUE  There is a FMP header below capsule header.
> +  @retval FALSE There is not a FMP header below capsule header
> +**/
> +BOOLEAN
> +IsNestedFmpCapsule(
> +  IN EFI_CAPSULE_HEADER         *CapsuleHeader
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +  UINTN                      Index;
> +  BOOLEAN                    EsrtGuidFound;
> +  EFI_CAPSULE_HEADER         *NestedCapsuleHeader;
> +  UINTN                      NestedCapsuleSize;
> +
> +  //
> +  // Check ESRT
> +  //
> +  EsrtGuidFound = FALSE;
> +  Status = EfiGetSystemConfigurationTable(&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (!EFI_ERROR(Status)) {
> +    EsrtEntry = (VOID *)(Esrt + 1);
> +    for (Index = 0; Index < Esrt->FwResourceCount; Index++, EsrtEntry++) {
> +      if (CompareGuid(&EsrtEntry->FwClass, &CapsuleHeader->CapsuleGuid)) {
> +        EsrtGuidFound = TRUE;
> +        break;
> +      }
> +    }
> +  }
> +
> +  if (!EsrtGuidFound) {
> +    return FALSE;
> +  }
> +
> +  //
> +  // Check nested capsule header
> +  // FMP GUID after ESRT one
> +  //
> +  NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader-
> >HeaderSize);
> +  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize -
> (UINTN)NestedCapsuleHeader;
> +  if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {
> +    return FALSE;
> +  }
> +  if (!CompareGuid(&NestedCapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Dump capsule information
> +
> +  @retval EFI_SUCCESS            The capsule information is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DumpCapsule(
> +  VOID
> +  )
> +{
> +  CHAR16                                        *CapsuleName;
> +  VOID                                          *Buffer;
> +  UINTN                                         FileSize;
> +  EFI_CAPSULE_HEADER                            *CapsuleHeader;
> +  EFI_STATUS                                    Status;
> +
> +  if (Argc != 3) {
> +    Print(L"CapsuleApp: Invalid Parameter.\n");
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  CapsuleName = Argv[2];
> +  Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
> +    goto Done;
> +  }
> +
> +  CapsuleHeader = Buffer;
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
> +    DumpUxCapsule(CapsuleHeader);
> +    Status = EFI_SUCCESS;
> +    goto Done;
> +  }
> +
> +  if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +    DumpFmpCapsule(CapsuleHeader);
> +  }
> +  if (IsNestedFmpCapsule(CapsuleHeader)) {
> +    Print(L"[NestedCapusule]\n");
> +    Print(L"CapsuleHeader:\n");
> +    Print(L"  CapsuleGuid      - %g\n", &CapsuleHeader->CapsuleGuid);
> +    Print(L"  HeaderSize       - 0x%x\n", CapsuleHeader->HeaderSize);
> +    Print(L"  Flags            - 0x%x\n", CapsuleHeader->Flags);
> +    Print(L"  CapsuleImageSize - 0x%x\n", CapsuleHeader->CapsuleImageSize);
> +    DumpFmpCapsule((EFI_CAPSULE_HEADER *)((UINTN)CapsuleHeader + CapsuleHeader-
> >HeaderSize));
> +  }
> +
> +Done:
> +  FreePool(Buffer);
> +  return Status;
> +}
> +
> +/**
> +  Dump capsule status variable.
> +
> +  @retval EFI_SUCCESS            The capsule status variable is dumped.
> +  @retval EFI_UNSUPPORTED        Input parameter is not valid.
> +**/
> +EFI_STATUS
> +DmpCapsuleStatusVariable(
> +  VOID
> +  )
> +{
> +  EFI_STATUS                          Status;
> +  UINT32                              Index;
> +  CHAR16                              CapsuleVarName[20];
> +  CHAR16                              *TempVarName;
> +  EFI_CAPSULE_RESULT_VARIABLE_HEADER  *CapsuleResult;
> +  EFI_CAPSULE_RESULT_VARIABLE_FMP     *CapsuleResultFmp;
> +  UINTN                               CapsuleFileNameSize;
> +  CHAR16                              CapsuleIndexData[12];
> +  CHAR16                              *CapsuleIndex;
> +
> +  Status = GetVariable2(
> +             L"CapsuleMax",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleMax - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +  Status = GetVariable2(
> +             L"CapsuleLast",
> +             &gEfiCapsuleReportGuid,
> +             (VOID **)&CapsuleIndex,
> +             NULL
> +             );
> +  if (!EFI_ERROR(Status)) {
> +    CopyMem(CapsuleIndexData, CapsuleIndex, 11 * sizeof(CHAR16));
> +    CapsuleIndexData[11] = 0;
> +    Print(L"CapsuleLast - %s\n", CapsuleIndexData);
> +    FreePool(CapsuleIndex);
> +  }
> +
> +
> +  StrCpyS (CapsuleVarName, sizeof(CapsuleVarName)/sizeof(CapsuleVarName[0]),
> L"Capsule");
> +  TempVarName = CapsuleVarName + StrLen (CapsuleVarName);
> +  Index = 0;
> +
> +  while (TRUE) {
> +    UnicodeSPrint (TempVarName, 5 * sizeof(CHAR16), L"%04x", Index);
> +
> +    Status = GetVariable2 (
> +               CapsuleVarName,
> +               &gEfiCapsuleReportGuid,
> +               (VOID **) &CapsuleResult,
> +               NULL
> +               );
> +    if (Status == EFI_NOT_FOUND) {
> +      break;
> +    } else if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    //
> +    // display capsule process status
> +    //
> +    if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER)) {
> +      Print (L"CapsuleName: %s\n", CapsuleVarName);
> +      Print (L"  Capsule Guid: %g\n", &CapsuleResult->CapsuleGuid);
> +      Print (L"  Capsule ProcessedTime: %t\n", &CapsuleResult->CapsuleProcessed);
> +      Print (L"  Capsule Status: %r\n", CapsuleResult->CapsuleStatus);
> +    }
> +
> +    if (CompareGuid(&CapsuleResult->CapsuleGuid, &gEfiFmpCapsuleGuid)) {
> +      if (CapsuleResult->VariableTotalSize >=
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +        CapsuleResultFmp = (EFI_CAPSULE_RESULT_VARIABLE_FMP *)(CapsuleResult + 1);
> +        Print(L"  Capsule FMP Version: 0x%x\n", CapsuleResultFmp->Version);
> +        Print(L"  Capsule FMP PayloadIndex: 0x%x\n", CapsuleResultFmp->PayloadIndex);
> +        Print(L"  Capsule FMP UpdateImageIndex: 0x%x\n", CapsuleResultFmp-
> >UpdateImageIndex);
> +        Print(L"  Capsule FMP UpdateImageTypeId: %g\n", &CapsuleResultFmp-
> >UpdateImageTypeId);
> +        if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP)) {
> +          Print(L"  Capsule FMP CapsuleFileName: %s\n", (CapsuleResultFmp + 1));
> +          CapsuleFileNameSize = StrSize((CHAR16 *)(CapsuleResultFmp + 1));
> +          if (CapsuleResult->VariableTotalSize >
> sizeof(EFI_CAPSULE_RESULT_VARIABLE_HEADER) + sizeof(EFI_CAPSULE_RESULT_VARIABLE_FMP) +
> CapsuleFileNameSize) {
> +            Print(L"  Capsule FMP CapsuleTarget: %s\n", (UINT8 *)(CapsuleResultFmp +
> 1) + CapsuleFileNameSize);
> +          }
> +        }
> +      }
> +    }
> +
> +    FreePool(CapsuleResult);
> +
> +    Index++;
> +    if (Index > 0xFFFF) {
> +      break;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +CHAR8 *mFwTypeString[] = {
> +  "Unknown",
> +  "SystemFirmware",
> +  "DeviceFirmware",
> +  "UefiDriver",
> +};
> +
> +CHAR8 *mLastAttemptStatusString[] = {
> +  "Success",
> +  "Error: Unsuccessful",
> +  "Error: Insufficient Resources",
> +  "Error: Incorrect Version",
> +  "Error: Invalid Format",
> +  "Error: Auth Error",
> +  "Error: Power Event AC",
> +  "Error: Power Event Battery",
> +};
> +
> +/**
> +  Convert FwType to a string.
> +
> +  @param FwType  FwType in ESRT
> +
> +  @return a string for FwType.
> +**/
> +CHAR8 *
> +FwTypeToString(
> +  IN UINT32 FwType
> +  )
> +{
> +  if (FwType < sizeof(mFwTypeString) / sizeof(mFwTypeString[0])) {
> +    return mFwTypeString[FwType];
> +  } else {
> +    return "Invalid";
> +  }
> +}
> +
> +/**
> +  Convert LastAttemptStatus to a string.
> +
> +  @param LastAttemptStatus  LastAttemptStatus in FMP or ESRT
> +
> +  @return a string for LastAttemptStatus.
> +**/
> +CHAR8 *
> +LastAttemptStatusToString(
> +  IN UINT32 LastAttemptStatus
> +  )
> +{
> +  if (LastAttemptStatus < sizeof(mLastAttemptStatusString) /
> sizeof(mLastAttemptStatusString[0])) {
> +    return mLastAttemptStatusString[LastAttemptStatus];
> +  } else {
> +    return "Error: Unknown";
> +  }
> +}
> +
> +/**
> +  Dump ESRT entry.
> +
> +  @param EsrtEntry  ESRT entry
> +**/
> +VOID
> +DumpEsrtEntry(
> +  IN EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry
> +  )
> +{
> +  Print(L"  FwClass                  - %g\n", &EsrtEntry->FwClass);
> +  Print(L"  FwType                   - 0x%x (%a)\n", EsrtEntry->FwType,
> FwTypeToString(EsrtEntry->FwType));
> +  Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);
> +  Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);
> +  Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);
> +  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_PERSIST_ACROSS_RESET);
> +  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);
> +  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags &
> CAPSULE_FLAGS_INITIATE_RESET);
> +  Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);
> +  Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus,
> LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));
> +}
> +
> +/**
> +  Dump ESRT table.
> +
> +  @param Esrt  ESRT table
> +**/
> +VOID
> +DumpEsrt(
> +  IN EFI_SYSTEM_RESOURCE_TABLE  *Esrt
> +  )
> +{
> +  UINTN                      Index;
> +  EFI_SYSTEM_RESOURCE_ENTRY  *EsrtEntry;
> +
> +  Print(L"EFI_SYSTEM_RESOURCE_TABLE:\n");
> +  Print(L"FwResourceCount    - 0x%x\n", Esrt->FwResourceCount);
> +  Print(L"FwResourceCountMax - 0x%x\n", Esrt->FwResourceCountMax);
> +  Print(L"FwResourceVersion  - 0x%lx\n", Esrt->FwResourceVersion);
> +
> +  EsrtEntry = (VOID *)(Esrt + 1);
> +  for (Index = 0; Index < Esrt->FwResourceCount; Index++) {
> +    Print(L"EFI_SYSTEM_RESOURCE_ENTRY (%d):\n", Index);
> +    DumpEsrtEntry(EsrtEntry);
> +    EsrtEntry++;
> +  }
> +}
> +
> +/**
> +  Dump ESRT info.
> +**/
> +VOID
> +DumpEsrtData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                 Status;
> +  EFI_SYSTEM_RESOURCE_TABLE  *Esrt;
> +
> +  Print(L"##############\n");
> +  Print(L"# ESRT TABLE #\n");
> +  Print(L"##############\n");
> +
> +  Status = EfiGetSystemConfigurationTable (&gEfiSystemResourceTableGuid, (VOID
> **)&Esrt);
> +  if (EFI_ERROR(Status)) {
> +    Print(L"ESRT - %r\n", Status);
> +    return;
> +  }
> +  DumpEsrt(Esrt);
> +  Print(L"\n");
> +}
> +
> +/**
> +  Dump FMP information.
> +
> +  @param ImageInfoSize       The size of ImageInfo, in bytes.
> +  @param ImageInfo           A pointer to EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorVersion   The version of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorCount     The count of EFI_FIRMWARE_IMAGE_DESCRIPTOR.
> +  @param DescriptorSize      The size of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR,
> in bytes.
> +  @param PackageVersion      The version of package.
> +  @param PackageVersionName  The version name of package.
> +**/
> +VOID
> +DumpFmpImageInfo(
> +  IN UINTN                           ImageInfoSize,
> +  IN EFI_FIRMWARE_IMAGE_DESCRIPTOR   *ImageInfo,
> +  IN UINT32                          DescriptorVersion,
> +  IN UINT8                           DescriptorCount,
> +  IN UINTN                           DescriptorSize,
> +  IN UINT32                          PackageVersion,
> +  IN CHAR16                          *PackageVersionName
> +  )
> +{
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *CurrentImageInfo;
> +  UINTN                                         Index;
> +
> +  Print(L"  DescriptorVersion  - 0x%x\n", DescriptorVersion);
> +  Print(L"  DescriptorCount    - 0x%x\n", DescriptorCount);
> +  Print(L"  DescriptorSize     - 0x%x\n", DescriptorSize);
> +  Print(L"  PackageVersion     - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName - \"%s\"\n", PackageVersionName);
> +  CurrentImageInfo = ImageInfo;
> +  for (Index = 0; Index < DescriptorCount; Index++) {
> +    Print(L"  ImageDescriptor (%d)\n", Index);
> +    Print(L"    ImageIndex                  - 0x%x\n", CurrentImageInfo->ImageIndex);
> +    Print(L"    ImageTypeId                 - %g\n", &CurrentImageInfo->ImageTypeId);
> +    Print(L"    ImageId                     - 0x%lx\n", CurrentImageInfo->ImageId);
> +    Print(L"    ImageIdName                 - \"%s\"\n", CurrentImageInfo-
> >ImageIdName);
> +    Print(L"    Version                     - 0x%x\n", CurrentImageInfo->Version);
> +    Print(L"    VersionName                 - \"%s\"\n", CurrentImageInfo-
> >VersionName);
> +    Print(L"    Size                        - 0x%x\n", CurrentImageInfo->Size);
> +    Print(L"    AttributesSupported         - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSupported & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    AttributesSetting           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting);
> +    Print(L"      IMAGE_UPDATABLE           - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +    Print(L"      RESET_REQUIRED            - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +    Print(L"      AUTHENTICATION_REQUIRED   - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +    Print(L"      IN_USE                    - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_IN_USE);
> +    Print(L"      UEFI_IMAGE                - 0x%lx\n", CurrentImageInfo-
> >AttributesSetting & IMAGE_ATTRIBUTE_UEFI_IMAGE);
> +    Print(L"    Compatibilities             - 0x%lx\n", CurrentImageInfo-
> >Compatibilities);
> +    Print(L"      COMPATIB_CHECK_SUPPORTED  - 0x%lx\n", CurrentImageInfo-
> >Compatibilities & IMAGE_COMPATIBILITY_CHECK_SUPPORTED);
> +    if (DescriptorVersion > 1) {
> +      Print(L"    LowestSupportedImageVersion - 0x%x\n", CurrentImageInfo-
> >LowestSupportedImageVersion);
> +      if (DescriptorVersion > 2) {
> +        Print(L"    LastAttemptVersion          - 0x%x\n", CurrentImageInfo-
> >LastAttemptVersion);
> +        Print(L"    LastAttemptStatus           - 0x%x (%a)\n", CurrentImageInfo-
> >LastAttemptStatus, LastAttemptStatusToString(CurrentImageInfo->LastAttemptStatus));
> +        Print(L"    HardwareInstance            - 0x%lx\n", CurrentImageInfo-
> >HardwareInstance);
> +      }
> +    }
> +    //
> +    // Use DescriptorSize to move ImageInfo Pointer to stay compatible with different
> ImageInfo version
> +    //
> +    CurrentImageInfo = (EFI_FIRMWARE_IMAGE_DESCRIPTOR *)((UINT8 *)CurrentImageInfo +
> DescriptorSize);
> +  }
> +}
> +
> +/**
> +  Dump FMP package information.
> +
> +  @param PackageVersion             The version of package.
> +  @param PackageVersionName         The version name of package.
> +  @param PackageVersionNameMaxLen   The maximum length of PackageVersionName.
> +  @param AttributesSupported        Package attributes that are supported by this
> device.
> +  @param AttributesSetting          Package attributes.
> +**/
> +VOID
> +DumpFmpPackageInfo(
> +  IN UINT32                           PackageVersion,
> +  IN CHAR16                           *PackageVersionName,
> +  IN UINT32                           PackageVersionNameMaxLen,
> +  IN UINT64                           AttributesSupported,
> +  IN UINT64                           AttributesSetting
> +  )
> +{
> +  Print(L"  PackageVersion              - 0x%x\n", PackageVersion);
> +  Print(L"  PackageVersionName          - \"%s\"\n", PackageVersionName);
> +  Print(L"  PackageVersionNameMaxLen    - 0x%x\n", PackageVersionNameMaxLen);
> +  Print(L"  AttributesSupported         - 0x%lx\n", AttributesSupported);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSupported &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +  Print(L"  AttributesSetting           - 0x%lx\n", AttributesSetting);
> +  Print(L"    IMAGE_UPDATABLE           - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_IMAGE_UPDATABLE);
> +  Print(L"    RESET_REQUIRED            - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_RESET_REQUIRED);
> +  Print(L"    AUTHENTICATION_REQUIRED   - 0x%lx\n", AttributesSetting &
> IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED);
> +}
> +
> +/**
> +  Dump FMP protocol info.
> +**/
> +VOID
> +DumpFmpData (
> +  VOID
> +  )
> +{
> +  EFI_STATUS                                    Status;
> +  EFI_FIRMWARE_MANAGEMENT_PROTOCOL              *Fmp;
> +  EFI_HANDLE                                    *HandleBuffer;
> +  UINTN                                         NumberOfHandles;
> +  UINTN                                         Index;
> +  EFI_FIRMWARE_IMAGE_DESCRIPTOR                 *FmpImageInfoBuf;
> +  UINTN                                         ImageInfoSize;
> +  UINT32                                        FmpImageInfoDescriptorVer;
> +  UINT8                                         FmpImageInfoCount;
> +  UINTN                                         DescriptorSize;
> +  UINT32                                        PackageVersion;
> +  CHAR16                                        *PackageVersionName;
> +  UINT32                                        PackageVersionNameMaxLen;
> +  UINT64                                        AttributesSupported;
> +  UINT64                                        AttributesSetting;
> +
> +  Print(L"############\n");
> +  Print(L"# FMP DATA #\n");
> +  Print(L"############\n");
> +  Status = gBS->LocateHandleBuffer (
> +                  ByProtocol,
> +                  &gEfiFirmwareManagementProtocolGuid,
> +                  NULL,
> +                  &NumberOfHandles,
> +                  &HandleBuffer
> +                  );
> +  if (EFI_ERROR(Status)) {
> +    Print(L"FMP protocol - %r\n", EFI_NOT_FOUND);
> +    return;
> +  }
> +
> +  for (Index = 0; Index < NumberOfHandles; Index++) {
> +    Status = gBS->HandleProtocol(
> +                    HandleBuffer[Index],
> +                    &gEfiFirmwareManagementProtocolGuid,
> +                    (VOID **)&Fmp
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      continue;
> +    }
> +
> +    ImageInfoSize = 0;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL,
> +                    NULL
> +                    );
> +    if (Status != EFI_BUFFER_TOO_SMALL) {
> +      continue;
> +    }
> +
> +    FmpImageInfoBuf = NULL;
> +    FmpImageInfoBuf = AllocateZeroPool (ImageInfoSize);
> +    if (FmpImageInfoBuf == NULL) {
> +      Status = EFI_OUT_OF_RESOURCES;
> +      goto EXIT;
> +    }
> +
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetImageInfo (
> +                    Fmp,
> +                    &ImageInfoSize,               // ImageInfoSize
> +                    FmpImageInfoBuf,              // ImageInfo
> +                    &FmpImageInfoDescriptorVer,   // DescriptorVersion
> +                    &FmpImageInfoCount,           // DescriptorCount
> +                    &DescriptorSize,              // DescriptorSize
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName           // PackageVersionName
> +                    );
> +
> +    //
> +    // If FMP GetInformation interface failed, skip this resource
> +    //
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) ImageInfo - %r\n", Index, Status);
> +      FreePool(FmpImageInfoBuf);
> +      continue;
> +    }
> +
> +    Print(L"FMP (%d) ImageInfo:\n", Index);
> +    DumpFmpImageInfo(
> +      ImageInfoSize,               // ImageInfoSize
> +      FmpImageInfoBuf,             // ImageInfo
> +      FmpImageInfoDescriptorVer,   // DescriptorVersion
> +      FmpImageInfoCount,           // DescriptorCount
> +      DescriptorSize,              // DescriptorSize
> +      PackageVersion,              // PackageVersion
> +      PackageVersionName           // PackageVersionName
> +      );
> +
> +    if (PackageVersionName != NULL) {
> +      FreePool(PackageVersionName);
> +    }
> +    FreePool(FmpImageInfoBuf);
> +
> +    //
> +    // Get package info
> +    //
> +    PackageVersionName = NULL;
> +    Status = Fmp->GetPackageInfo (
> +                    Fmp,
> +                    &PackageVersion,              // PackageVersion
> +                    &PackageVersionName,          // PackageVersionName
> +                    &PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +                    &AttributesSupported,         // AttributesSupported
> +                    &AttributesSetting            // AttributesSetting
> +                    );
> +    if (EFI_ERROR(Status)) {
> +      Print(L"FMP (%d) PackageInfo - %r\n", Index, Status);
> +    } else {
> +      Print(L"FMP (%d) ImageInfo:\n", Index);
> +      DumpFmpPackageInfo(
> +        PackageVersion,              // PackageVersion
> +        PackageVersionName,          // PackageVersionName
> +        PackageVersionNameMaxLen,    // PackageVersionNameMaxLen
> +        AttributesSupported,         // AttributesSupported
> +        AttributesSetting            // AttributesSetting
> +        );
> +
> +      if (PackageVersionName != NULL) {
> +        FreePool(PackageVersionName);
> +      }
> +    }
> +  }
> +  Print(L"\n");
> +
> +EXIT:
> +  FreePool(HandleBuffer);
> +}
> --
> 2.7.4.windows.1

[PATCH V4 09/15] MdeModulePkg/UiApp: Show test key warning info in FrontPage.

[Jiewen Yao]

The UiApp is updated to consume PcdTestKeyUsed to know if there is any
test key used in current BIOS, such as recovery key,
or capsule update key.
Then UiApp show warning information in front page.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
 MdeModulePkg/Application/UiApp/FrontPageCustomizedUi.c | 13 +++++++++++++
 MdeModulePkg/Application/UiApp/FrontPageStrings.uni    |  4 +++-
 MdeModulePkg/Application/UiApp/UiApp.inf               |  3 ++-
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/Application/UiApp/FrontPageCustomizedUi.c b/MdeModulePkg/Application/UiApp/FrontPageCustomizedUi.c
index 6e4f7b5..a9d2269 100644
--- a/MdeModulePkg/Application/UiApp/FrontPageCustomizedUi.c
+++ b/MdeModulePkg/Application/UiApp/FrontPageCustomizedUi.c
@@ -16,8 +16,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Protocol/HiiConfigAccess.h>
 #include <Library/BaseLib.h>
 #include <Library/MemoryAllocationLib.h>
+#include "FrontPage.h"
 #include "FrontPageCustomizedUiSupport.h"
 
+extern FRONT_PAGE_CALLBACK_DATA  gFrontPagePrivate;
+
 /**
   Customize menus in the page.
 
@@ -129,4 +132,14 @@ UiCustomizeFrontPageBanner (
   IN OUT EFI_STRING     *BannerStr
   )
 {
+  if ((LineIndex == 5) && LeftOrRight) {
+    // Update STR_CUSTOMIZE_BANNER_LINE5_LEFT
+    if (PcdGetBool(PcdTestKeyUsed)) {
+      if (BannerStr != NULL) {
+        FreePool(*BannerStr);
+      }
+      *BannerStr = HiiGetString(gFrontPagePrivate.HiiHandle, STRING_TOKEN(STR_TEST_KEY_USED), NULL);
+    }
+  }
+  return;
 }
diff --git a/MdeModulePkg/Application/UiApp/FrontPageStrings.uni b/MdeModulePkg/Application/UiApp/FrontPageStrings.uni
index 71cb788..8080a20 100644
--- a/MdeModulePkg/Application/UiApp/FrontPageStrings.uni
+++ b/MdeModulePkg/Application/UiApp/FrontPageStrings.uni
@@ -2,7 +2,7 @@
 //
 //  String definitions for BdsPlatform formset.
 //
-//  Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
+//  Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
 //  This program and the accompanying materials
 //  are licensed and made available under the terms and conditions of the BSD License
 //  which accompanies this distribution.  The full text of the license may be found at
@@ -68,5 +68,7 @@
                                          #language fr-FR  ""
 #string STR_CUSTOMIZE_BANNER_LINE5_RIGHT #language en-US  ""
                                          #language fr-FR  ""
+#string STR_TEST_KEY_USED                #language en-US  "WARNING: Test key detected."
+                                         #language fr-FR  "WARNING: Test key detected."
 #string STR_NULL_STRING                #language en-US  " "
                                        #language fr-FR  " "
diff --git a/MdeModulePkg/Application/UiApp/UiApp.inf b/MdeModulePkg/Application/UiApp/UiApp.inf
index 6df6e47..d144462 100644
--- a/MdeModulePkg/Application/UiApp/UiApp.inf
+++ b/MdeModulePkg/Application/UiApp/UiApp.inf
@@ -1,7 +1,7 @@
 ## @file
 #  UiApp module is driver for BDS phase.
 #
-#  Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
 #  which accompanies this distribution.  The full text of the license may be found at
@@ -82,6 +82,7 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution  ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution    ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString           ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed                     ## CONSUMES
 
 [UserExtensions.TianoCore."ExtraFiles"]
   UiAppExtra.uni
-- 
2.7.4.windows.1

[PATCH V4 10/15] MdeModulePkg/MdeModulePkg.dsc: Add FMP related component.

[Jiewen Yao]

Add FMP related component to check build.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
 MdeModulePkg/MdeModulePkg.dsc | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index 71505d3..a058009 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -103,6 +103,9 @@
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
   FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 
+  FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
+  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
+
 [LibraryClasses.EBC.PEIM]
   IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
 
@@ -126,12 +129,14 @@
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
   MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
   ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf
+  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
 
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
   MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
   DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
+  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
 
 [LibraryClasses.common.SMM_CORE]
   HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@@ -408,6 +413,11 @@
   MdeModulePkg/Universal/SerialDxe/SerialDxe.inf
   MdeModulePkg/Universal/LoadFileOnFv2/LoadFileOnFv2.inf
 
+  MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
+  MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
+  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+  MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
+
 [Components.IA32, Components.X64, Components.IPF]  
   MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf
   MdeModulePkg/Universal/DebugSupportDxe/DebugSupportDxe.inf
-- 
2.7.4.windows.1

[PATCH V4 11/15] IntelFrameworkModulePkg/DxeCapsuleLib: Add ProcessCapsules() interface.

[Jiewen Yao]

Add NULL ProcessCapsules() interface for DxeCapsuleLib.
IntelFrameworkModulePkg is under maintenance phase.
We stop adding new feature there.
Just add NULL function to make it pass build.

Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
---
 IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c | 40 +++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c b/IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c
index fc9b533..5f3beac 100644
--- a/IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c
+++ b/IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c
@@ -1,7 +1,7 @@
 /** @file
   Capsule Library instance to process capsule images.
 
-  Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD License
@@ -515,4 +515,42 @@ ProcessCapsuleImage (
   return Status;
 }
 
+/**
+
+  This routine is called to process capsules.
+
+  Caution: This function may receive untrusted input.
+
+  The capsules reported in EFI_HOB_UEFI_CAPSULE are processed.
+  If there is no EFI_HOB_UEFI_CAPSULE, this routine does nothing.
+
+  This routine should be called twice in BDS.
+  1) The first call must be before EndOfDxe. The system capsules is processed.
+     If device capsule FMP protocols are exposted at this time and device FMP
+     capsule has zero EmbeddedDriverCount, the device capsules are processed.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule and
+     all capsules are processed.
+     If not all capsules are processed, reset will be defered to second call.
+
+  2) The second call must be after EndOfDxe and after ConnectAll, so that all
+     device capsule FMP protocols are exposed.
+     The system capsules are skipped. If the device capsules are NOT processed
+     in first call, they are processed here.
+     Each individual capsule result is recorded in capsule record variable.
+     System may reset in this function, if reset is required by capsule
+     processed in first call and second call.
+
+  @retval EFI_SUCCESS             There is no error when processing capsules.
+  @retval EFI_OUT_OF_RESOURCES    No enough resource to process capsules.
+
+**/
+EFI_STATUS
+EFIAPI
+ProcessCapsules(
+  VOID
+  )
+{
+  return EFI_UNSUPPORTED;
+}
 
-- 
2.7.4.windows.1

[PATCH V4 12/15] SecurityPkg/SecurityPkg.dec: Add PcdPkcs7CertBuffer PCD.

[Jiewen Yao]

This PCD is similar to PcdRsa2048Sha256PublicKeyBuffer.
It provides trusted cert for PKCS7 verification.
It can be used for Recovery and Capsule Update images.

We added warning message for both PcdPkcs7CertBuffer and
PcdRsa2048Sha256PublicKeyBuffer. The default value is only for
test purpose.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
---
 SecurityPkg/SecurityPkg.dec | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index f4f4d19..dab332a 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -400,11 +400,17 @@
   gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks|0x0|UINT32|0x00010015
   
   ## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images
-  #
+  #  WARNING: The default value is treated as test key. Please do not use default value in the production.
   # @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images
   #
   gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
 
+  ## Provides one PKCS7 cert used to verify Recovery and Capsule Update images
+  #  WARNING: The default value is treated as test key. Please do not use default value in the production.
+  # @Prompt One PKCS7 cert used to verify Recovery and Capsule Update images
+  #
+  gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0x30, 0x82, 0x02, 0xf0, 0x30, 0x82, 0x01, 0xdc, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x34, 0x30, 0x27, 0x7f, 0x05, 0x3d, 0x95, 0x85, 0x43, 0xa0, 0xa4, 0xf5, 0x0c, 0x9a, 0xe7, 0xca, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, 0x05, 0x00, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x30, 0x34, 0x31, 0x35, 0x30, 0x31, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0x94, 0xe6, 0x33, 0x4f, 0x56, 0xc3, 0x07, 0xa0, 0xd0, 0x99, 0x57, 0xc3, 0xe1, 0x56, 0x42, 0x01, 0x70, 0x59, 0x1c, 0x2f, 0x4a, 0x66, 0x8f, 0x34, 0x9e, 0x93, 0xbd, 0xb6, 0xec, 0x92, 0xa4, 0x90, 0x51, 0x5d, 0xc6, 0x8f, 0xb5, 0xc3, 0x86, 0x15, 0xdf, 0x60, 0x80, 0xbe, 0xb8, 0x78, 0x59, 0x5b, 0x9b, 0xfd, 0x27, 0x92, 0x69, 0xcc, 0xca, 0x8e, 0x3e, 0x9e, 0x81, 0x47, 0x5b, 0x84, 0xef, 0x5c, 0x9b, 0xb3, 0x4a, 0x43, 0x5b, 0x8d, 0x0b, 0x31, 0x04, 0x00, 0xb6, 0x8a, 0xc0, 0xa9, 0xf5, 0x21, 0xd0, 0x3f, 0xcd, 0xb0, 0x67, 0x7d, 0x50, 0x33, 0x2e, 0xfb, 0x1b, 0x2c, 0x16, 0x2e, 0xee, 0x56, 0x01, 0x87, 0xf6, 0xc8, 0xd4, 0x53, 0x07, 0x67, 0x99, 0x0b, 0x46, 0xbf, 0x1d, 0x90, 0xc6, 0xdb, 0x7f, 0x6d, 0x62, 0x0c, 0x4a, 0xac, 0xa8, 0xa2, 0x3c, 0x79, 0x0f, 0xad, 0x8f, 0xfe, 0xc1, 0xe8, 0xe5, 0x27, 0x3d, 0xf9, 0xa6, 0x9a, 0x1d, 0xec, 0x9a, 0x5f, 0x62, 0x51, 0x2e, 0x98, 0x1d, 0x29, 0xba, 0x6b, 0x8a, 0xfb, 0x43, 0x0e, 0x68, 0x29, 0xf5, 0xbe, 0x67, 0x48, 0x44, 0x28, 0x45, 0xfe, 0x1d, 0x3b, 0x50, 0x72, 0x6a, 0xc0, 0xbb, 0x0c, 0x9f, 0x02, 0x61, 0xad, 0x63, 0xa7, 0x87, 0xf6, 0x32, 0x9f, 0x3e, 0x16, 0x5c, 0xee, 0xcc, 0x05, 0xbd, 0x17, 0xe8, 0x46, 0x52, 0xaf, 0x50, 0x8a, 0xa6, 0x7e, 0x16, 0x69, 0x83, 0x69, 0x5b, 0x6e, 0x4d, 0xc7, 0xcf, 0x80, 0xb8, 0xcd, 0xf6, 0x66, 0x3f, 0xbe, 0x6c, 0xa0, 0xe8, 0x9c, 0x26, 0x60, 0xba, 0xa9, 0x05, 0xdd, 0x71, 0x4a, 0xbd, 0x00, 0xa8, 0x0c, 0xf7, 0x50, 0xab, 0x44, 0xd6, 0x3e, 0x87, 0x21, 0x3c, 0x2d, 0xe6, 0x33, 0x27, 0x5e, 0x21, 0x27, 0xb9, 0xdc, 0x38, 0x48, 0xd6, 0x3a, 0x96, 0xe1, 0x17, 0x47, 0x65, 0x65, 0xce, 0x3d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x48, 0x30, 0x46, 0x30, 0x44, 0x06, 0x03, 0x55, 0x1d, 0x01, 0x04, 0x3d, 0x30, 0x3b, 0x80, 0x10, 0xce, 0xb5, 0x7a, 0xcf, 0xe5, 0x21, 0xc7, 0x6b, 0xf3, 0xec, 0x92, 0xd4, 0xbf, 0x65, 0x2a, 0x35, 0xa1, 0x15, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x82, 0x10, 0x34, 0x30, 0x27, 0x7f, 0x05, 0x3d, 0x95, 0x85, 0x43, 0xa0, 0xa4, 0xf5, 0x0c, 0x9a, 0xe7, 0xca, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x6b, 0x0d, 0xe0, 0x0a, 0xd0, 0xee, 0x5b, 0x3f, 0xb6, 0x73, 0x48, 0x62, 0xe8, 0xf4, 0x5b, 0xe1, 0xed, 0xd9, 0x00, 0xc5, 0xe5, 0x0e, 0x68, 0xfb, 0x53, 0x33, 0x30, 0x6a, 0x60, 0xba, 0xee, 0x38, 0x5b, 0x51, 0x63, 0x70, 0xd5, 0x7e, 0x05, 0xfe, 0xe4, 0x45, 0x2a, 0x15, 0x62, 0x1b, 0xfc, 0xd8, 0x75, 0x93, 0x56, 0xf6, 0xe6, 0x06, 0x85, 0x21, 0xf7, 0x08, 0x47, 0x26, 0xb9, 0xfe, 0x05, 0x4e, 0x90, 0x22, 0x54, 0xf4, 0x39, 0x09, 0x4c, 0x5c, 0x8e, 0xcd, 0x7c, 0x3b, 0xaf, 0x4b, 0x2d, 0x18, 0x06, 0xf4, 0x5c, 0x24, 0x2a, 0x64, 0xf7, 0x59, 0x75, 0x28, 0x97, 0xa9, 0x90, 0x2c, 0xba, 0x46, 0x02, 0x6a, 0x64, 0x66, 0x49, 0x32, 0xcb, 0x5d, 0x34, 0xfe, 0x24, 0xe4, 0x44, 0xb0, 0xc2, 0xad, 0x17, 0x1b, 0x05, 0x7d, 0xd3, 0x58, 0x88, 0x2e, 0xbe, 0x0e, 0xd7, 0x2b, 0xca, 0x5c, 0xbf, 0x28, 0x25, 0x3d, 0xd8, 0xbb, 0x3c, 0x38, 0x52, 0xe6, 0x27, 0xfa, 0xd2, 0xb8, 0x45, 0x6b, 0x5f, 0x7f, 0x4b, 0xb0, 0x23, 0x05, 0xe8, 0xaf, 0x67, 0xe8, 0xe2, 0x6c, 0x2f, 0x9f, 0xf8, 0x73, 0x7f, 0xc3, 0x17, 0xbc, 0xb2, 0x6a, 0x5b, 0x2a, 0xf3, 0x6b, 0xd3, 0xdc, 0x7f, 0xdf, 0x2f, 0xd0, 0xab, 0x06, 0x0c, 0xfe, 0x03, 0xe7, 0x8d, 0x82, 0xec, 0x84, 0x3d, 0xc8, 0x7d, 0xed, 0xcb, 0x6a, 0x5b, 0x35, 0x48, 0x55, 0x07, 0xfb, 0xaa, 0x78, 0x1a, 0x01, 0xbb, 0x98, 0x45, 0x8b, 0xda, 0x8a, 0xe3, 0x21, 0x57, 0x86, 0x15, 0x23, 0x17, 0x50, 0x1b, 0x9c, 0xbc, 0x1a, 0x59, 0xa8, 0x2a, 0xad, 0x3a, 0x7e, 0x01, 0x24, 0x83, 0xf7, 0xb0, 0x61, 0xe6, 0xbd, 0x4f, 0xd9, 0x91, 0x90, 0xa7, 0x2a, 0xb9, 0x0c, 0x3b, 0xab, 0x95, 0x20, 0x1c, 0xf0, 0x74, 0xce, 0x02, 0xba, 0x14, 0x5d, 0xf1, 0x91, 0x25, 0x4a}|VOID*|0x00010014
+
   ## This PCD defines minimum length(in bytes) of the system preboot TCG event log area(LAML).
   #  For PC Client Implementation spec up to and including 1.2 the minimum log size is 64KB.
   # @Prompt Minimum length(in bytes) of the system preboot TCG event log area(LAML).
-- 
2.7.4.windows.1

[PATCH V4 13/15] SecurityPkg/FmpAuthenticationLibPkcs7: Add PKCS7 instance for FMP.

[Jiewen Yao]

It provides PKCS7 based FMP authentication.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
---
 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c   | 213 ++++++++++++++++++++
 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf |  49 +++++
 SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.uni |  26 +++
 3 files changed, 288 insertions(+)

diff --git a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c
new file mode 100644
index 0000000..6a05b6b
--- /dev/null
+++ b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c
@@ -0,0 +1,213 @@
+/** @file
+  FMP Authentication PKCS7 handler.
+  Provide generic FMP authentication functions for DXE/PEI post memory phase.
+
+  Caution: This module requires additional review when modified.
+  This module will have external input - capsule image.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  FmpAuthenticatedHandlerPkcs7(), AuthenticateFmpImage() will receive
+  untrusted input and do basic validation.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+
+#include <Guid/SystemResourceTable.h>
+#include <Guid/FirmwareContentsSigned.h>
+#include <Guid/WinCertificate.h>
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseCryptLib.h>
+#include <Library/FmpAuthenticationLib.h>
+#include <Library/PcdLib.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Guid/SystemResourceTable.h>
+
+/**
+  The handler is used to do the authentication for FMP capsule based upon
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  Caution: This function may receive untrusted input.
+
+  This function assumes the caller AuthenticateFmpImage()
+  already did basic validation for EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+  @param[in]  ImageSize               Size of the authentication image in bytes.
+  @param[in]  PublicKeyData           The public key data used to validate the signature.
+  @param[in]  PublicKeyDataLength     The length of the public key data.
+
+  @retval RETURN_SUCCESS            Authentication pass.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
+  @retval RETURN_SECURITY_VIOLATION Authentication fail.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
+  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
+**/
+RETURN_STATUS
+FmpAuthenticatedHandlerPkcs7 (
+  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
+  IN UINTN                             ImageSize,
+  IN CONST UINT8                       *PublicKeyData,
+  IN UINTN                             PublicKeyDataLength
+  )
+{
+  RETURN_STATUS                             Status;
+  BOOLEAN                                   CryptoStatus;
+  VOID                                      *P7Data;
+  UINTN                                     P7Length;
+  VOID                                      *TempBuffer;
+
+  DEBUG((DEBUG_INFO, "FmpAuthenticatedHandlerPkcs7 - Image: 0x%08x - 0x%08x\n", (UINTN)Image, (UINTN)ImageSize));
+
+  P7Length = Image->AuthInfo.Hdr.dwLength - (OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData));
+  P7Data = Image->AuthInfo.CertData;
+
+  // It is a signature across the variable data and the Monotonic Count value.
+  TempBuffer = AllocatePool(ImageSize - Image->AuthInfo.Hdr.dwLength);
+  if (TempBuffer == NULL) {
+    DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerPkcs7: TempBuffer == NULL\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  CopyMem(
+    TempBuffer,
+    (UINT8 *)Image + sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
+    ImageSize - sizeof(Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
+    );
+  CopyMem(
+    (UINT8 *)TempBuffer + ImageSize - sizeof(Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength,
+    &Image->MonotonicCount,
+    sizeof(Image->MonotonicCount)
+    );
+  CryptoStatus = Pkcs7Verify(
+                   P7Data,
+                   P7Length,
+                   PublicKeyData,
+                   PublicKeyDataLength,
+                   (UINT8 *)TempBuffer,
+                   ImageSize - Image->AuthInfo.Hdr.dwLength
+                   );
+  FreePool(TempBuffer);
+  if (!CryptoStatus) {
+    //
+    // If PKCS7 signature verification fails, AUTH tested failed bit is set.
+    //
+    DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerPkcs7: Pkcs7Verify() failed\n"));
+    Status = RETURN_SECURITY_VIOLATION;
+    goto Done;
+  }
+  DEBUG((DEBUG_INFO, "FmpAuthenticatedHandlerPkcs7: PASS verification\n"));
+
+  Status = RETURN_SUCCESS;
+
+Done:
+  return Status;
+}
+
+/**
+  The fucntion is used to do the authentication for FMP capsule based upon
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
+
+  Caution: This function may receive untrusted input.
+
+  @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+  @param[in]  ImageSize               Size of the authentication image in bytes.
+  @param[in]  PublicKeyData           The public key data used to validate the signature.
+  @param[in]  PublicKeyDataLength     The length of the public key data.
+
+  @retval RETURN_SUCCESS            Authentication pass.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
+  @retval RETURN_SECURITY_VIOLATION Authentication fail.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
+  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
+**/
+RETURN_STATUS
+EFIAPI
+AuthenticateFmpImage (
+  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
+  IN UINTN                             ImageSize,
+  IN CONST UINT8                       *PublicKeyData,
+  IN UINTN                             PublicKeyDataLength
+  )
+{
+  GUID                                      *CertType;
+  EFI_STATUS                                Status;
+
+  if ((Image == NULL) || (ImageSize == 0)) {
+    return RETURN_UNSUPPORTED;
+  }
+
+  if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof(UINT64)) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (ImageSize <= sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.wRevision != 0x0200) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
+    return RETURN_INVALID_PARAMETER;
+  }
+
+  CertType = &Image->AuthInfo.CertType;
+  DEBUG((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
+
+  if (CompareGuid (&gEfiCertPkcs7Guid, CertType)) {
+    //
+    // Call the match handler to extract raw data for the input section data.
+    //
+    Status = FmpAuthenticatedHandlerPkcs7 (
+               Image,
+               ImageSize,
+               PublicKeyData,
+               PublicKeyDataLength
+               );
+    return Status;
+  }
+
+  //
+  // Not found, the input guided section is not supported.
+  //
+  return RETURN_UNSUPPORTED;
+}
+
diff --git a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
new file mode 100644
index 0000000..ac263bf
--- /dev/null
+++ b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
@@ -0,0 +1,49 @@
+## @file
+#  FMP Authentication PKCS7 handler.
+#
+# Instance of FmpAuthentication Library for DXE/PEI post memory phase.
+#
+#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = FmpAuthenticationLibPkcs7
+  MODULE_UNI_FILE                = FmpAuthenticationLibPkcs7.uni
+  FILE_GUID                      = F4EA205B-7345-452C-9D62-53BA6F3B8910
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = FmpAuthenticationLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
+#
+
+[Sources]
+  FmpAuthenticationLibPkcs7.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  SecurityPkg/SecurityPkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  BaseCryptLib
+
+[Guids]
+  gEfiCertPkcs7Guid
diff --git a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.uni b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.uni
new file mode 100644
index 0000000..d327e53
--- /dev/null
+++ b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.uni
@@ -0,0 +1,26 @@
+// /** @file
+// FMP Authentication PKCS7 handler.
+//
+// This library provide FMP Authentication PKCS7 handler to verify EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+//
+// Caution: This module requires additional review when modified.
+// This library will have external input - capsule image.
+// This external input must be validated carefully to avoid security issues such as
+// buffer overflow or integer overflow.
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "FMP Authentication PKCS7 handler."
+
+#string STR_MODULE_DESCRIPTION          #language en-US "This library provide FMP Authentication PKCS7 handler to verify EFI_FIRMWARE_IMAGE_AUTHENTICATION."
+
-- 
2.7.4.windows.1

[PATCH V4 14/15] SecurityPkg/FmpAuthenticationLibRsa2048Sha256: Add RSA2048 instance.

[Jiewen Yao]

It provides Rsa2048Sha256 based FMP authentication.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
---
 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c   | 346 ++++++++++++++++++++
 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf |  53 +++
 SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.uni |  26 ++
 3 files changed, 425 insertions(+)

diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c
new file mode 100644
index 0000000..79da65f
--- /dev/null
+++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c
@@ -0,0 +1,346 @@
+/** @file
+  FMP Authentication RSA2048SHA256 handler.
+  Provide generic FMP authentication functions for DXE/PEI post memory phase.
+
+  Caution: This module requires additional review when modified.
+  This module will have external input - capsule image.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  FmpAuthenticatedHandlerRsa2048Sha256(), AuthenticateFmpImage() will receive
+  untrusted input and do basic validation.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Uefi.h>
+
+#include <Guid/SystemResourceTable.h>
+#include <Guid/FirmwareContentsSigned.h>
+#include <Guid/WinCertificate.h>
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseCryptLib.h>
+#include <Library/FmpAuthenticationLib.h>
+#include <Library/PcdLib.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Guid/SystemResourceTable.h>
+
+///
+/// Public Exponent of RSA Key.
+///
+STATIC CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
+
+/**
+  The handler is used to do the authentication for FMP capsule based upon
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  Caution: This function may receive untrusted input.
+
+  This function assumes the caller AuthenticateFmpImage()
+  already did basic validation for EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+  @param[in]  ImageSize               Size of the authentication image in bytes.
+  @param[in]  PublicKeyData           The public key data used to validate the signature.
+  @param[in]  PublicKeyDataLength     The length of the public key data.
+
+  @retval RETURN_SUCCESS            Authentication pass.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
+  @retval RETURN_SECURITY_VIOLATION Authentication fail.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
+  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
+**/
+RETURN_STATUS
+FmpAuthenticatedHandlerRsa2048Sha256(
+  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
+  IN UINTN                             ImageSize,
+  IN CONST UINT8                       *PublicKeyData,
+  IN UINTN                             PublicKeyDataLength
+  )
+{
+  RETURN_STATUS                             Status;
+  EFI_CERT_BLOCK_RSA_2048_SHA256            *CertBlockRsa2048Sha256;
+  BOOLEAN                                   CryptoStatus;
+  UINT8                                     Digest[SHA256_DIGEST_SIZE];
+  UINT8                                     *PublicKey;
+  UINTN                                     PublicKeyBufferSize;
+  VOID                                      *HashContext;
+  VOID                                      *Rsa;
+
+  DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerRsa2048Sha256 - Image: 0x%08x - 0x%08x\n", (UINTN)Image, (UINTN)ImageSize));
+
+  if (Image->AuthInfo.Hdr.dwLength != OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256)) {
+    DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN)Image->AuthInfo.Hdr.dwLength, (UINTN)OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256)));
+    return RETURN_INVALID_PARAMETER;
+  }
+
+  CertBlockRsa2048Sha256 = (EFI_CERT_BLOCK_RSA_2048_SHA256 *)Image->AuthInfo.CertData;
+  if (!CompareGuid(&CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid)) {
+    DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid));
+    return RETURN_INVALID_PARAMETER;
+  }
+
+  HashContext = NULL;
+  Rsa = NULL;
+
+  //
+  // Allocate hash context buffer required for SHA 256
+  //
+  HashContext = AllocatePool (Sha256GetContextSize ());
+  if (HashContext == NULL) {
+    CryptoStatus = FALSE;
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Can not allocate hash context\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  //
+  // Hash public key from data payload with SHA256.
+  //
+  ZeroMem (Digest, SHA256_DIGEST_SIZE);
+  CryptoStatus = Sha256Init (HashContext);
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CryptoStatus  = Sha256Final (HashContext, Digest);
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  //
+  // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
+  //
+  PublicKey = (VOID *)PublicKeyData;
+  PublicKeyBufferSize = PublicKeyDataLength;
+  CryptoStatus = FALSE;
+  while (PublicKeyBufferSize != 0) {
+    if (CompareMem (Digest, PublicKey, SHA256_DIGEST_SIZE) == 0) {
+      CryptoStatus = TRUE;
+      break;
+    }
+    PublicKey = PublicKey + SHA256_DIGEST_SIZE;
+    PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
+  }
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Public key in section is not supported\n"));
+    Status = RETURN_SECURITY_VIOLATION;
+    goto Done;
+  }
+
+  //
+  // Generate & Initialize RSA Context.
+  //
+  Rsa = RsaNew ();
+  if (Rsa == NULL) {
+    CryptoStatus = FALSE;
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaNew() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  //
+  // Set RSA Key Components.
+  // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
+  //
+  CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  //
+  // Hash data payload with SHA256.
+  //
+  ZeroMem (Digest, SHA256_DIGEST_SIZE);
+  CryptoStatus = Sha256Init (HashContext);
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Init() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  // It is a signature across the variable data and the Monotonic Count value.
+  CryptoStatus = Sha256Update (
+                   HashContext,
+                   (UINT8 *)Image + sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
+                   ImageSize - sizeof(Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
+                   );
+  if (!CryptoStatus) {
+    DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CryptoStatus = Sha256Update (
+                   HashContext,
+                   (UINT8 *)&Image->MonotonicCount,
+                   sizeof(Image->MonotonicCount)
+                   );
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+  CryptoStatus  = Sha256Final (HashContext, Digest);
+  if (!CryptoStatus) {
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
+    Status = RETURN_OUT_OF_RESOURCES;
+    goto Done;
+  }
+
+  //
+  // Verify the RSA 2048 SHA 256 signature.
+  //
+  CryptoStatus = RsaPkcs1Verify (
+                   Rsa,
+                   Digest,
+                   SHA256_DIGEST_SIZE,
+                   CertBlockRsa2048Sha256->Signature,
+                   sizeof (CertBlockRsa2048Sha256->Signature)
+                   );
+  if (!CryptoStatus) {
+    //
+    // If RSA 2048 SHA 256 signature verification fails, AUTH tested failed bit is set.
+    //
+    DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaPkcs1Verify() failed\n"));
+    Status = RETURN_SECURITY_VIOLATION;
+    goto Done;
+  }
+  DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerRsa2048Sha256: PASS verification\n"));
+
+  Status = RETURN_SUCCESS;
+
+Done:
+  //
+  // Free allocated resources used to perform RSA 2048 SHA 256 signature verification
+  //
+  if (Rsa != NULL) {
+    RsaFree (Rsa);
+  }
+  if (HashContext != NULL) {
+    FreePool (HashContext);
+  }
+
+  return Status;
+}
+
+/**
+  The fucntion is used to do the authentication for FMP capsule based upon
+  EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+
+  The caller may convert the RETURN_STATUS to ESRT/FMP LastAttemptStatus.
+
+  Caution: This function may receive untrusted input.
+
+  @param[in]  Image                   Points to an FMP authentication image, started from EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+  @param[in]  ImageSize               Size of the authentication image in bytes.
+  @param[in]  PublicKeyData           The public key data used to validate the signature.
+  @param[in]  PublicKeyDataLength     The length of the public key data.
+
+  @retval RETURN_SUCCESS            Authentication pass.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_SUCCESS.
+  @retval RETURN_SECURITY_VIOLATION Authentication fail.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR.
+  @retval RETURN_INVALID_PARAMETER  The image is in an invalid format.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_UNSUPPORTED        Image or ImageSize is invalid.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT.
+  @retval RETURN_OUT_OF_RESOURCES   No Authentication handler associated with CertType.
+                                    The LastAttemptStatus should be LAST_ATTEMPT_STATUS_ERROR_INSUFFICIENT_RESOURCES.
+**/
+RETURN_STATUS
+EFIAPI
+AuthenticateFmpImage (
+  IN EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image,
+  IN UINTN                             ImageSize,
+  IN CONST UINT8                       *PublicKeyData,
+  IN UINTN                             PublicKeyDataLength
+  )
+{
+  GUID                                      *CertType;
+  EFI_STATUS                                Status;
+
+  if ((Image == NULL) || (ImageSize == 0)) {
+    return RETURN_UNSUPPORTED;
+  }
+
+  if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof(UINT64)) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (ImageSize <= sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.wRevision != 0x0200) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
+    return RETURN_INVALID_PARAMETER;
+  }
+  if (Image->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
+    DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
+    return RETURN_INVALID_PARAMETER;
+  }
+
+  CertType = &Image->AuthInfo.CertType;
+  DEBUG((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
+
+  if (CompareGuid (&gEfiCertTypeRsa2048Sha256Guid, CertType)) {
+    //
+    // Call the match handler to extract raw data for the input section data.
+    //
+    Status = FmpAuthenticatedHandlerRsa2048Sha256 (
+               Image,
+               ImageSize,
+               PublicKeyData,
+               PublicKeyDataLength
+               );
+    return Status;
+  }
+
+  //
+  // Not found, the input guided section is not supported.
+  //
+  return RETURN_UNSUPPORTED;
+}
+
diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf
new file mode 100644
index 0000000..fbff00e
--- /dev/null
+++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf
@@ -0,0 +1,53 @@
+## @file
+#  FMP Authentication RSA2048SHA256 handler.
+#
+# Instance of FmpAuthentication Library for DXE/PEI post memory phase.
+#
+#  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = FmpAuthenticationLibRsa2048Sha256
+  MODULE_UNI_FILE                = FmpAuthenticationLibRsa2048Sha256.uni
+  FILE_GUID                      = 105FF0EA-A0C0-48A8-B8F7-E8B4D62A1019
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = FmpAuthenticationLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
+#
+
+[Sources]
+  FmpAuthenticationLibRsa2048Sha256.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  SecurityPkg/SecurityPkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  BaseCryptLib
+
+[Pcd]
+  gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
+
+[Guids]
+  gEfiCertTypeRsa2048Sha256Guid
+  gEfiHashAlgorithmSha256Guid
diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.uni b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.uni
new file mode 100644
index 0000000..902edef
--- /dev/null
+++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.uni
@@ -0,0 +1,26 @@
+// /** @file
+// FMP Authentication RSA2048SHA256 handler.
+//
+// This library provide FMP Authentication RSA2048SHA256 handler to verify EFI_FIRMWARE_IMAGE_AUTHENTICATION.
+//
+// Caution: This module requires additional review when modified.
+// This library will have external input - capsule image.
+// This external input must be validated carefully to avoid security issues such as
+// buffer overflow or integer overflow.
+//
+// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "FMP Authentication RSA2048SHA256 handler."
+
+#string STR_MODULE_DESCRIPTION          #language en-US "This library provide FMP Authentication RSA2048SHA256 handler to verify EFI_FIRMWARE_IMAGE_AUTHENTICATION."
+
-- 
2.7.4.windows.1

[PATCH V4 15/15] SecurityPkg/SecurityPkg.dsc: Add FmpAuthenticationLib*.

[Jiewen Yao]

Add FmpAuthenticationLib* to check build.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
---
 SecurityPkg/SecurityPkg.dsc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 2ebd0a4..e5cce21 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -212,6 +212,9 @@
   SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf
   SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf
 
+  SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+  SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf
+
   SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
 
 [Components.IA32, Components.X64, Components.IPF]
-- 
2.7.4.windows.1