public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH 09/14] FmpDevicePkg/FmpDxe: Add PcdFmpDeviceStorageAccessEnable
@ 2019-08-01  8:46 Eric Jin
  0 siblings, 0 replies; only message in thread
From: Eric Jin @ 2019-08-01  8:46 UTC (permalink / raw)
  To: devel; +Cc: Sean Brogan, Bret Barkelew, Liming Gao, Michael D Kinney

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1525

Add PCD PcdFmpDeviceStorageAccessEnable.  If this PCD is
TRUE, then the Firmware Management Protocol supports access
to the firmware storage device.  This is the default setting.
If FALSE, then Firmware Management Protocol services that
access the firmware storage device return EFI_UNSUPPORTED
except GetImageInfo().  Setting this value to FALSE produces
the smallest possible FmpDxe driver that still advertises the
updatable firmware component in the ESRT.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Eric Jin <eric.jin@intel.com>
---
 FmpDevicePkg/FmpDevicePkg.dec     | 12 ++++++++++++
 FmpDevicePkg/FmpDevicePkg.dsc     | 18 ++++++++++++++++++
 FmpDevicePkg/FmpDevicePkg.uni     | 10 ++++++++++
 FmpDevicePkg/FmpDxe/FmpDxe.c      | 12 ++++++++++++
 FmpDevicePkg/FmpDxe/FmpDxe.inf    |  1 +
 FmpDevicePkg/FmpDxe/FmpDxeLib.inf |  1 +
 6 files changed, 54 insertions(+)

diff --git a/FmpDevicePkg/FmpDevicePkg.dec b/FmpDevicePkg/FmpDevicePkg.dec
index 56ed5fbb4a..8312b7cb22 100644
--- a/FmpDevicePkg/FmpDevicePkg.dec
+++ b/FmpDevicePkg/FmpDevicePkg.dec
@@ -52,6 +52,18 @@
   ## Capsule Update Policy Protocol
   gEdkiiCapuleUpdatePolicyProtocolGuid = { 0x487784c5, 0x6299, 0x4ba6, { 0xb0, 0x96, 0x5c, 0xc5, 0x27, 0x7c, 0xf7, 0x57 } }
 
+[PcdsFeatureFlag]
+  ## Indicates if the Firmware Management Protocol supports access to
+  #  to a firmware storage device.  If set to FALSE, then only GetImageInfo()
+  #  is supported.  This is used by FMP drivers that require the samllest
+  #  possible Firmware Management Protocol implementation that supports
+  #  advertising the updatable firmware device in the ESRT.<BR>
+  #    TRUE  - All Firmware Management Protocol services supported.<BR>
+  #    FALSE - Firmware Management Protocol returns EFI_UNSUPPORTED for
+  #            all services except GetImageInfo().<BR>
+  # @Prompt Firmware Device Storage Access Enabled.
+  gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable|TRUE|BOOLEAN|0x40000011
+
 [PcdsFixedAtBuild]
   ## The SHA-256 hash of a PKCS7 test key that is used to detect if a test key
   #  is being used to authenticate capsules.  Test key detection is disabled by
diff --git a/FmpDevicePkg/FmpDevicePkg.dsc b/FmpDevicePkg/FmpDevicePkg.dsc
index 4e2bd8de3d..bf283b93ea 100644
--- a/FmpDevicePkg/FmpDevicePkg.dsc
+++ b/FmpDevicePkg/FmpDevicePkg.dsc
@@ -29,6 +29,12 @@
   DEFINE SYSTEM_FMP_ESRT_GUID   = B461B3BD-E62A-4A71-841C-50BA4E500267
   DEFINE DEVICE_FMP_ESRT_GUID   = 226034C4-8B67-4536-8653-D6EE7CE5A316
 
+  #
+  # TRUE  - Build FmpDxe module for with storage access enabled
+  # FALSE - Build FmpDxe module for with storage access disabled
+  #
+  DEFINE DEVICE_FMP_STORAGE_ACCESS_ENABLE = TRUE
+
 [LibraryClasses]
   UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
   UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
@@ -118,11 +124,23 @@
       # FILE_GUID is used as ESRT GUID
       #
       FILE_GUID = $(DEVICE_FMP_ESRT_GUID)
+    <PcdsFeatureFlag>
+      gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable|$(DEVICE_FMP_STORAGE_ACCESS_ENABLE)
     <PcdsFixedAtBuild>
+!if $(DEVICE_FMP_STORAGE_ACCESS_ENABLE) == FALSE
+      #
+      # Disable test key detection
+      #
+      gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0}
+!endif
       #
       # Unicode name string that is used to populate FMP Image Descriptor for this capsule update module
       #
+!if $(DEVICE_FMP_STORAGE_ACCESS_ENABLE) == TRUE
       gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmware Device"
+!else
+      gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmware Device No Storage Access"
+!endif
       #
       # Certificates used to authenticate capsule update image
       #
diff --git a/FmpDevicePkg/FmpDevicePkg.uni b/FmpDevicePkg/FmpDevicePkg.uni
index b7fe643186..9e21130fae 100644
--- a/FmpDevicePkg/FmpDevicePkg.uni
+++ b/FmpDevicePkg/FmpDevicePkg.uni
@@ -16,6 +16,16 @@
 
 #string STR_PACKAGE_DESCRIPTION  #language en-US  "This package provides libraries that support the implementation of a module that produces the Firmware Management Protocol to support the update of a system firmware component."
 
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceStorageAccessEnable_PROMPT  #language en-US "Firmware Device Storage Access Enabled."
+#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceStorageAccessEnable_HELP    #language en-US "Indicates if the Firmware Management Protocol supports access to"
+                                                                                                "to a firmware storage device.  If set to FALSE, then only GetImageInfo()"
+                                                                                                "is supported.  This is used by FMP drivers that require the samllest"
+                                                                                                "possible Firmware Management Protocol implementation that supports"
+                                                                                                "advertising the updatable firmware device in the ESRT.<BR>"
+                                                                                                "  TRUE  - All Firmware Management Protocol services supported.<BR>"
+                                                                                                "  FALSE - Firmware Management Protocol returns EFI_UNSUPPORTED for"
+                                                                                                "          all services except GetImageInfo().<BR>"
+
 #string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceTestKeySha256Digest_PROMPT  #language en-US "SHA-256 hash of PKCS7 test key."
 #string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceTestKeySha256Digest_HELP    #language en-US "The SHA-256 hash of a PKCS7 test key that is used to detect if a test key"
                                                                                                 "is being used to authenticate capsules.  Test key detection can be disabled"
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.c b/FmpDevicePkg/FmpDxe/FmpDxe.c
index 85b9ddee3f..2af9c472d5 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.c
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.c
@@ -535,6 +535,10 @@ GetTheImage (
   FIRMWARE_MANAGEMENT_PRIVATE_DATA  *Private;
   UINTN                             Size;
 
+  if (!FeaturePcdGet (PcdFmpDeviceStorageAccessEnable)) {
+    return EFI_UNSUPPORTED;
+  }
+
   Status = EFI_SUCCESS;
 
   //
@@ -709,6 +713,10 @@ CheckTheImage (
   FmpHeaderSize    = 0;
   AllHeaderSize    = 0;
 
+  if (!FeaturePcdGet (PcdFmpDeviceStorageAccessEnable)) {
+    return EFI_UNSUPPORTED;
+  }
+
   //
   // Retrieve the private context structure
   //
@@ -964,6 +972,10 @@ SetTheImage (
   IncommingFwVersion = 0;
   LastAttemptStatus  = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL;
 
+  if (!FeaturePcdGet (PcdFmpDeviceStorageAccessEnable)) {
+    return EFI_UNSUPPORTED;
+  }
+
   //
   // Retrieve the private context structure
   //
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf b/FmpDevicePkg/FmpDxe/FmpDxe.inf
index 21fa7e1b14..361ae9a5fc 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.inf
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf
@@ -60,6 +60,7 @@
   gEdkiiFirmwareManagementProgressProtocolGuid  ## PRODUCES
 
 [Pcd]
+  gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable              ## CONSUMES
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName                      ## CONSUMES
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion  ## CONSUMES
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid                    ## CONSUMES
diff --git a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf
index d951ba7dd2..cc4dca5e9c 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf
+++ b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf
@@ -60,6 +60,7 @@
   gEdkiiFirmwareManagementProgressProtocolGuid  ## PRODUCES
 
 [Pcd]
+  gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable              ## CONSUMES
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName                      ## CONSUMES
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion  ## CONSUMES
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid                    ## CONSUMES
-- 
2.20.1.windows.1


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2019-08-01  8:46 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-08-01  8:46 [PATCH 09/14] FmpDevicePkg/FmpDxe: Add PcdFmpDeviceStorageAccessEnable Eric Jin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox