From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.98]) by mx.groups.io with SMTP id smtpd.web10.4139.1607505893053223461 for ; Wed, 09 Dec 2020 01:24:53 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@os.amperecomputing.com header.s=selector2 header.b=ogwGQKWC; spf=pass (domain: os.amperecomputing.com, ip: 40.107.220.98, mailfrom: nhi@os.amperecomputing.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gCxnKSFJPr4Pu4+VMXE3kHaNxZjkUqfdqs6A72rffQExVIiv7MKrn35RBBLeKBJDBQvLWzu1JGIdmHO1t1sG4jat6PGmS/FJVml7ZMIDBscJf71C85Z/9l+b9y1Dq2W2unB0t3QBeXIv5b6/lGpSPzMUVgotYzf2mY2kV2AGxDQ5RhZP3YL/69EoW/4AZ9sYNXSL/U9p5dL+AH4SheOi4rMx0LBMU9WP6uNcXNhxxystBixmhnz0oX4JOMsmvoD7Nr5xNwBRy03isX/2b5nMx2uHS9De37Gpbgbt7hGdjSpjtf9oRUuv1VaGXZjEAPEDNnEQLq0dZTgwSphYRozCiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DOZOUl0Eq9C5sBtpt6TH2Zs+jb6nZ1+FGkz7zG/5LVM=; b=U9HFPW8gS6hdrHOnvT4aEDYDWkDytfEhaTVMfFXLymA4Y9mTYoYq1KsKgZ+dXEnWBHuF4WmjdFqUX27u6M+RSf9fThH7HV68Ss16FdTH89K4/njW43ltfzljdUHv1cJsNNrC/bNf83GgPhrHfZAISdi2pCpb7cZ/aXH9qFmyFR0afLOadm2vWxC7lqONx7b0LFmQ0DtNh7ZZ5ZRdl1NElFfCxR96I61DhDmtNEzYaNq2v9A6LXZLAw18uCZWRcnFcpbZ1bkMOcIYVNxIhbK74E1ckM68zNmoZnXN+l/pNxtw1cvh7RD91x1j/K7mKDGCMByjp+/44BXiR27dwIjNeg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=os.amperecomputing.com; dmarc=pass action=none header.from=os.amperecomputing.com; dkim=pass header.d=os.amperecomputing.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=os.amperecomputing.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DOZOUl0Eq9C5sBtpt6TH2Zs+jb6nZ1+FGkz7zG/5LVM=; b=ogwGQKWCZyLdtjGL1cVe/PULSvHQFsbsWQu0anP8bsasHJEB/XhR+vVB/0N2V6VXTZeWPVYZ140/gp1y284qdzVIiO+K9Aqqf8RZX3emTsCv5/n9a40gZdxiZXzUpoTo1zulN9XL50wFepScTYgOAw75Xk1TQIshOmjufIPxRco= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=os.amperecomputing.com; Received: from DM6PR01MB5849.prod.exchangelabs.com (2603:10b6:5:205::20) by DM6PR01MB5609.prod.exchangelabs.com (2603:10b6:5:157::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.21; Wed, 9 Dec 2020 09:24:51 +0000 Received: from DM6PR01MB5849.prod.exchangelabs.com ([fe80::c814:9a08:5c2e:4076]) by DM6PR01MB5849.prod.exchangelabs.com ([fe80::c814:9a08:5c2e:4076%5]) with mapi id 15.20.3632.023; Wed, 9 Dec 2020 09:24:51 +0000 From: "Nhi Pham" To: devel@edk2.groups.io Cc: Nhi Pham Subject: [edk2-platforms][PATCH 27/34] JadePkg: Add Capsule Update support Date: Wed, 9 Dec 2020 16:25:24 +0700 Message-Id: <20201209092531.30867-28-nhi@os.amperecomputing.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20201209092531.30867-1-nhi@os.amperecomputing.com> References: <20201209092531.30867-1-nhi@os.amperecomputing.com> X-Originating-IP: [118.69.219.201] X-ClientProxiedBy: HK0PR01CA0054.apcprd01.prod.exchangelabs.com (2603:1096:203:a6::18) To DM6PR01MB5849.prod.exchangelabs.com (2603:10b6:5:205::20) Return-Path: nhi@os.amperecomputing.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sw004.amperecomputing.com (118.69.219.201) by HK0PR01CA0054.apcprd01.prod.exchangelabs.com (2603:1096:203:a6::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.12 via Frontend Transport; Wed, 9 Dec 2020 09:24:50 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 815ed29b-1b62-402b-d261-08d89c244848 X-MS-TrafficTypeDiagnostic: DM6PR01MB5609: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FH2nPkUDMjaR0mJ38OwIsv17J7MDoXrgnFrEMUMj2bpj50VmaIVpnxDFC2YBWtoZ6FTLHi44DPvxp0V+iu2g5dVAKp+JQ5SRqhWAQoNA5MeIq9ORjMQtkNhWstUmtzOBXN67o3PTnUjKra6mQnGlQOKDeIwmYcbMf49VUEPRlITarwp9nvVZl6XOticf9Vs3WNFkgzKwatgFC/WG5uDLgdYIsQs7d7YOtqdTT6i3YQk4ZiNeZqI+dtLeZ0I7DXInBquO7Y+ZTPVU9XdWaiB2Xv1IRQIDPQVHcY/K8jv8k4WdGSPzf9Ctd9Z4WXyHqSn8zot7HEDvCrK2doTyUlDmxYKUP/qrMIfW4lbO5C+G33PTGEfVd0eoGLuX6u81Jw0v X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR01MB5849.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(346002)(366004)(5660300002)(956004)(508600001)(52116002)(30864003)(66946007)(6916009)(2616005)(1076003)(19627235002)(86362001)(6512007)(66476007)(26005)(8936002)(16526019)(107886003)(6666004)(186003)(6486002)(8676002)(6506007)(83380400001)(2906002)(15650500001)(34490700003)(66556008)(4326008);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?NcdbJNZTRoBtOQP07S1IodmTVHYJK2GEv5kEeYJsLVNB1GwrSKMNuGdGXXbV?= =?us-ascii?Q?WtWHYun+z0U0SBb+jubCGi9ocbl5FReyrsKvpXtmQtSPmZFdQYHnNxbDBGkb?= =?us-ascii?Q?+zqhzUJbVnEa7X7ZYUhFOyyjf2fCmwgOQ5q3wPCQF0DQZlpf0R8/IyPLK6S/?= =?us-ascii?Q?+Ejd6mUPBpo9njl2rmZYwOjWaGy84IA4sje0+PoeTSl06FcU+BxJfaW7YYzD?= =?us-ascii?Q?NM/cUgjhZclBF1JY2NGdyHCsBjGJk/BfRQz+VsD/HbIDBD7ThIJBtsSNw+wI?= =?us-ascii?Q?FV4WWCMLj8cd3CkyZWZGxnZyoq9c2rXlBG/Evi9FGy2rP/KsJGyO2d3w1cOe?= =?us-ascii?Q?dlQ97fS6Dr46pedFno2tiCF0RpxSEniNiCyERLpHhHhV5nstm2YJcEl135d4?= =?us-ascii?Q?dzONhkXb3jEort/F5prmLrp4M3hgofORL1xAlBgEeo8+Jj5hN9B0LzscCMO2?= =?us-ascii?Q?JdT/6Y/Cr85Ocni+NTLOruZlso4rD0Xyo9vwjAukpqGqcN/dAEEUCNsM4Fs+?= =?us-ascii?Q?V70l2nxS+Q+vfjrgG3HsUyyJ3C9ieMJQjuWyMG3HLIew1fLU7usOO6lmCasW?= =?us-ascii?Q?iTHWFiYIcfxwMf+M4kjM4LZZiGcp5GENAm6u3B7aXrmx5fH2WoR5wnJmJ1Nw?= =?us-ascii?Q?V4dxeXEOefGHGteWPZo+6E4eoguXcID6asKpS6yhPAThRQ1rIu0dVe/NbMqx?= =?us-ascii?Q?7kDwxfywseqLUoJSHY0NmD5xgB5gKA2jj6Z28zyjqxLiUF6Cng06EyCqG/Wq?= =?us-ascii?Q?H3Mf2j7z7PRjnZTy6Gmr0ivzZfAIK3IjG4m7vCmh1lpiDrnq6q/qYMEOzhGc?= =?us-ascii?Q?X8XkwD4dOG1b7TnVa4JAnW6z3Rspo7Jls0G9voKP5Gs/VyVwNXoGd/PGQ7X3?= =?us-ascii?Q?rflfcXtdCRS7Pfc1xhiZnhQWQVnHzVDKtAHK8jsAXFVq+S8Z0p2VjOyRZRxl?= =?us-ascii?Q?ymAVcmsEy3Um+msoNd0Bl2LLZj83Qd5UqLFdbi7mNdXOZDZ3Nl9ILnv7VGxK?= =?us-ascii?Q?Zdfb?= X-OriginatorOrg: os.amperecomputing.com X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB5849.prod.exchangelabs.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Dec 2020 09:24:51.7503 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3bc2b170-fd94-476d-b0ce-4229bdc904a7 X-MS-Exchange-CrossTenant-Network-Message-Id: 815ed29b-1b62-402b-d261-08d89c244848 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: TELZijiH5QQbfSjpwtkTMvtT+pzLGTtXOuo253dtPibsFp7ncHpN4IuYtabZtP1PHJPsVqM5mERyt1fS1Hal6FWvo8t9H7hRXeXQxuSy5+g= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR01MB5609 Content-Type: text/plain Wire up the various modules to implement signed capsule update. Also, add JadeCapsule DSC/FDF files to tweak the capsule build for combining both ATF binaries and UEFI image into a binary update image. Please note that the test key for signing the capsule is simply from EDK2 repository. In production, the product owner needs to handle and protect the key properly. The test key is found at the following path: BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer Per Secure Firmware Update mechanism provided by Ampere Trusted Firmware (ATF), the update image will be authenticated in the secure world before being written to flash device. So, the image must be signed with a firmware update key (DBU key) and place in the Build/Jade directory by name jade_atfedk2.img.signed. The DBU test key is available under the Platform/Ampere/TestKeys path. the Build/Jade directory. Signed-off-by: Nhi Pham --- Platform/Ampere/JadePkg/Jade.dsc | 32 +++++++ Platform/Ampere/JadePkg/JadeCapsule.dsc | 29 +++++++ Platform/Ampere/JadePkg/Jade.fdf | 53 ++++++++++++ Platform/Ampere/JadePkg/JadeCapsule.fdf | 90 ++++++++++++++++++++ Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.cer.pem | 25 ++++++ Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.priv.pem | 28 ++++++ 6 files changed, 257 insertions(+) diff --git a/Platform/Ampere/JadePkg/Jade.dsc b/Platform/Ampere/JadePkg/Jade.dsc index 6d2079117377..036971c565e3 100755 --- a/Platform/Ampere/JadePkg/Jade.dsc +++ b/Platform/Ampere/JadePkg/Jade.dsc @@ -50,6 +50,16 @@ [Defines] # ################################################################################ [LibraryClasses] + # + # Capsule Update requirements + # + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf + DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressLibGraphics/DisplayUpdateProgressLibGraphics.inf + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf + PlatformFlashAccessLib|Silicon/Ampere/AmpereAltraPkg/Library/PlatformFlashAccessLib/PlatformFlashAccessLib.inf # # RTC Library: Common RTC @@ -73,6 +83,9 @@ [LibraryClasses] # PcieBoardLib|Platform/Ampere/JadePkg/Library/Pcie/BoardPcie.inf +[LibraryClasses.common.DXE_RUNTIME_DRIVER] + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf + ################################################################################ # # Specific Platform Pcds @@ -93,6 +106,11 @@ [PcdsFixedAtBuild.common] gAmpereTokenSpaceGuid.PcdSmbiosTables1MajorVersion|$(MAJOR_VER) gAmpereTokenSpaceGuid.PcdSmbiosTables1MinorVersion|$(MINOR_VER) + # + # Increasing the maximum size of capsule is to cover ARM Trusted Firmware binaries + # + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxSizeNonPopulateCapsule|0xE00000 + !if $(SECURE_BOOT_ENABLE) == TRUE # Override the default values from SecurityPkg to ensure images # from all sources are verified in secure boot @@ -114,6 +132,11 @@ [PcdsDynamicDefault.common.DEFAULT] gAmpereTokenSpaceGuid.PcdSmbiosTables1SystemSerialNumber|"0123-4567-89AB-CDEF" gAmpereTokenSpaceGuid.PcdSmbiosTables1SystemSkuNumber|"01234567" +[PcdsDynamicExDefault.common.DEFAULT] + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x31, 0xca, 0x8b, 0xf0, 0x2e, 0x54, 0xea, 0x4c, 0x8b, 0x48, 0x8e, 0x54, 0xf9, 0x42, 0x25, 0x94} + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xed, 0x06, 0x1c, 0x43, 0xe2, 0x4f, 0x8f, 0x43, 0x98, 0xa3, 0xa9, 0xb1, 0xfd, 0x92, 0x30, 0x19} + [PcdsPatchableInModule] # # Console Resolution (HD mode) @@ -154,6 +177,15 @@ [Components.common] Platform/Ampere/JadePkg/Drivers/SmbiosCpuDxe/SmbiosCpuDxe.inf Platform/Ampere/JadePkg/Drivers/SmbiosMemInfoDxe/SmbiosMemInfoDxe.inf + # + # Firmware Capsule Update + # + Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf + # # HII # diff --git a/Platform/Ampere/JadePkg/JadeCapsule.dsc b/Platform/Ampere/JadePkg/JadeCapsule.dsc new file mode 100755 index 000000000000..933c4cf5144b --- /dev/null +++ b/Platform/Ampere/JadePkg/JadeCapsule.dsc @@ -0,0 +1,29 @@ +## @file +# +# Copyright (c) 2020, Ampere Computing LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ +[Defines] + PLATFORM_NAME = Jade + PLATFORM_GUID = 34C87B13-434A-4767-88FB-2D0CD2AED46F + PLATFORM_VERSION = 0.1 + DSC_SPECIFICATION = 0x0001001B + OUTPUT_DIRECTORY = Build/Jade + SUPPORTED_ARCHITECTURES = AARCH64 + BUILD_TARGETS = DEBUG|RELEASE + SKUID_IDENTIFIER = DEFAULT + FLASH_DEFINITION = Platform/Ampere/JadePkg/JadeCapsule.fdf + + # + # Defines for default states. These can be changed on the command line. + # -D FLAG=VALUE + # + DEFINE UEFI_ATF_IMAGE = Build/Jade/jade_atfedk2.img.signed diff --git a/Platform/Ampere/JadePkg/Jade.fdf b/Platform/Ampere/JadePkg/Jade.fdf index 2cf2678e1d76..636376ac9cb1 100755 --- a/Platform/Ampere/JadePkg/Jade.fdf +++ b/Platform/Ampere/JadePkg/Jade.fdf @@ -188,6 +188,8 @@ [FV.FV_PEI] INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf + INF RuleOverride = FMP_IMAGE_DESC Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf + [FV.FvMain] BlockSize = 0x40000 NumBlocks = 0x18 @@ -370,6 +372,17 @@ [FV.FvMain] INF Platform/Ampere/JadePkg/Drivers/SmbiosCpuDxe/SmbiosCpuDxe.inf INF Platform/Ampere/JadePkg/Drivers/SmbiosMemInfoDxe/SmbiosMemInfoDxe.inf + # + # Firmware Capsule Update + # + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf + + FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) { + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer + SECTION UI = "Pkcs7TestRoot" + } + # # HII # @@ -378,4 +391,44 @@ [FV.FvMain] INF Silicon/Ampere/AmpereAltraPkg/Drivers/CpuConfigDxe/CpuConfigDxe.inf INF Silicon/Ampere/AmpereAltraPkg/Drivers/AcpiConfigDxe/AcpiConfigDxe.inf +[FV.SystemFirmwareDescriptor] +FvAlignment = 8 +ERASE_POLARITY = 1 +MEMORY_MAPPED = TRUE +STICKY_WRITE = TRUE +LOCK_CAP = TRUE +LOCK_STATUS = TRUE +WRITE_DISABLED_CAP = TRUE +WRITE_ENABLED_CAP = TRUE +WRITE_STATUS = TRUE +WRITE_LOCK_CAP = TRUE +WRITE_LOCK_STATUS = TRUE +READ_DISABLED_CAP = TRUE +READ_ENABLED_CAP = TRUE +READ_STATUS = TRUE +READ_LOCK_CAP = TRUE +READ_LOCK_STATUS = TRUE + + INF RuleOverride = FMP_IMAGE_DESC Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf + +[FV.CapsuleDispatchFv] +FvAlignment = 8 +ERASE_POLARITY = 1 +MEMORY_MAPPED = TRUE +STICKY_WRITE = TRUE +LOCK_CAP = TRUE +LOCK_STATUS = TRUE +WRITE_DISABLED_CAP = TRUE +WRITE_ENABLED_CAP = TRUE +WRITE_STATUS = TRUE +WRITE_LOCK_CAP = TRUE +WRITE_LOCK_STATUS = TRUE +READ_DISABLED_CAP = TRUE +READ_ENABLED_CAP = TRUE +READ_STATUS = TRUE +READ_LOCK_CAP = TRUE +READ_LOCK_STATUS = TRUE + + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf + !include Platform/Ampere/FvRules.fdf.inc diff --git a/Platform/Ampere/JadePkg/JadeCapsule.fdf b/Platform/Ampere/JadePkg/JadeCapsule.fdf new file mode 100755 index 000000000000..28872d5751b8 --- /dev/null +++ b/Platform/Ampere/JadePkg/JadeCapsule.fdf @@ -0,0 +1,90 @@ +## @file +# +# Copyright (c) 2020, Ampere Computing LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +################################################################################ +# +# FD Section +# The [FD] Section is made up of the definition statements and a +# description of what goes into the Flash Device Image. Each FD section +# defines one flash "device" image. A flash device image may be one of +# the following: Removable media bootable image (like a boot floppy +# image,) an Option ROM image (that would be "flashed" into an add-in +# card,) a System "Flash" image (that would be burned into a system's +# flash) or an Update ("Capsule") image that will be used to update and +# existing system flash. +# +################################################################################ + +[FD.JADE_FIRMWARE_CAPSULE] +BaseAddress = 0x00000000 # The base address of the Firmware in NOR Flash. +Size = 0x00D10000 # The size in bytes of the FLASH Device +ErasePolarity = 1 + +0x00000000|0x00010000 +FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv + +0x00010000|0x00D00000 +FILE = $(UEFI_ATF_IMAGE) + +################################################################################ +# +# FV Section +# +# [FV] section is used to define what components or modules are placed within a flash +# device file. This section also defines order the components and modules are positioned +# within the image. The [FV] section consists of define statements, set statements and +# module statements. +# +################################################################################ + +[FV.SystemFirmwareUpdateCargo] +FvAlignment = 16 +ERASE_POLARITY = 1 +MEMORY_MAPPED = TRUE +STICKY_WRITE = TRUE +LOCK_CAP = TRUE +LOCK_STATUS = TRUE +WRITE_DISABLED_CAP = TRUE +WRITE_ENABLED_CAP = TRUE +WRITE_STATUS = TRUE +WRITE_LOCK_CAP = TRUE +WRITE_LOCK_STATUS = TRUE +READ_DISABLED_CAP = TRUE +READ_ENABLED_CAP = TRUE +READ_STATUS = TRUE +READ_LOCK_CAP = TRUE +READ_LOCK_STATUS = TRUE + +FILE RAW = 431C06ED-4FE2-438F-98A3-A9B1FD923019 { # PcdEdkiiSystemFirmwareFileGuid + FD = JADE_FIRMWARE_CAPSULE + } + +FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid + $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv + } + +FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid + Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini + } + +[FmpPayload.FmpPayloadSystemFirmwarePkcs7] +IMAGE_HEADER_INIT_VERSION = 0x02 +IMAGE_TYPE_ID = f08bca31-542e-4cea-8b48-8e54f9422594 # PcdSystemFmpCapsuleImageTypeIdGuid +IMAGE_INDEX = 0x1 +HARDWARE_INSTANCE = 0x0 +MONOTONIC_COUNT = 0x1 +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 + +FV = SystemFirmwareUpdateCargo + +[Capsule.JadeFirmwareUpdateCapsuleFmpPkcs7] +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid +CAPSULE_HEADER_SIZE = 0x20 +CAPSULE_HEADER_INIT_VERSION = 0x1 + +FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7 diff --git a/Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.cer.pem b/Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.cer.pem new file mode 100755 index 000000000000..af13a6de307c --- /dev/null +++ b/Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.cer.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEHzCCAwegAwIBAgIJANC2pw7xG4tpMA0GCSqGSIb3DQEBCwUAMIGlMQswCQYD +VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEUMBIGA1UEBwwLU2FudGEgQ2xh +cmExGzAZBgNVBAoMEkFwcGxpZWQgTWljcm8gQ29ycDEWMBQGA1UECwwNU29mdHdh +cmUgRGVwdDEVMBMGA1UEAwwMQVBNIFNvZnR3YXJlMR8wHQYJKoZIhvcNAQkBFhB0 +dG5ndXllbkBhcG0uY29tMB4XDTE3MTAxMDIxNDgyNloXDTE3MTEwOTIxNDgyNlow +gaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQHDAtT +YW50YSBDbGFyYTEbMBkGA1UECgwSQXBwbGllZCBNaWNybyBDb3JwMRYwFAYDVQQL +DA1Tb2Z0d2FyZSBEZXB0MRUwEwYDVQQDDAxBUE0gU29mdHdhcmUxHzAdBgkqhkiG +9w0BCQEWEHR0bmd1eWVuQGFwbS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDFRhbF5xAtFPHfzyPOMAJP3IAvV9Z9Wm7EpkS2+RzBXui8IyeXoLhp +jj+cd5oXkRRCXBxrTt72J2Unr7hPyZT9gPSNb+Zfaf5J3tEbAbjUAa8ziCddbKFc +H7uCICih0rQvH06UFbZoxOS58Wd/orZWlwbyeTWwxRervHApre5ywSJYqsmtGETu +v7Bzm1Vu+CXFrrcBTfEq40Z9P88TSo0nY1zA28aG7H4cG2JwPTsB9KzxSa5prycI +Xvp+lzXuOz+PDwgHdRtS48je6jEFrDfjNHH0drlBgm2/9CB3tBoQ1MatA9+FdiRu +mdyMlLjfuSNF1e1Y//dTKsj78BSYNpOFAgMBAAGjUDBOMB0GA1UdDgQWBBSUgaqU +W7QR+GznJh68YTtaqlfg6zAfBgNVHSMEGDAWgBSUgaqUW7QR+GznJh68YTtaqlfg +6zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBLUKPnipzWpOY0RZVZ +9UV9aTnU+iF3sQRUB9YRfGQY1yRA7l8HZc/FGFUF2Lhhz89jGd8NRiP09boNlBDD +YwppO4TdU82zvazCd6X/tI6r3v14CDIjh3yQ1et88VyqDQ7bM88kEdRH2zTbmHKg +kTGLSowt06EWBv02WdLhTde2pnjKwU7K8CLdBLlw1ZsQPoFcWxprO1bOtj/pmfQS +OSxKt7D6Pv0szcLzP4XX1YaLcxYHhZ0/bBWeFVzUY/KNEAL/NWakPDJxSmulZHzg +aFKGfsmiYdVVBJUFfEIm3l/HLgfjAtJQcHZeLJ9TFVl0yiNfiG4fYPxBxxC4gSgS +OxGb +-----END CERTIFICATE----- diff --git a/Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.priv.pem b/Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.priv.pem new file mode 100755 index 000000000000..1c67bcd9d75c --- /dev/null +++ b/Platform/Ampere/JadePkg/TestKeys/Dbu_AmpereTest.priv.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDFRhbF5xAtFPHf +zyPOMAJP3IAvV9Z9Wm7EpkS2+RzBXui8IyeXoLhpjj+cd5oXkRRCXBxrTt72J2Un +r7hPyZT9gPSNb+Zfaf5J3tEbAbjUAa8ziCddbKFcH7uCICih0rQvH06UFbZoxOS5 +8Wd/orZWlwbyeTWwxRervHApre5ywSJYqsmtGETuv7Bzm1Vu+CXFrrcBTfEq40Z9 +P88TSo0nY1zA28aG7H4cG2JwPTsB9KzxSa5prycIXvp+lzXuOz+PDwgHdRtS48je +6jEFrDfjNHH0drlBgm2/9CB3tBoQ1MatA9+FdiRumdyMlLjfuSNF1e1Y//dTKsj7 +8BSYNpOFAgMBAAECggEBALOx2XKhvFFkX8Kfm5zojGKUl0sItv9uTbHhRnxpRHE7 +88HUP+9VXkYAZh8vrvRCmfKsltKEgII2dmUFIl3DYGzed2UShgVptlExnsX79pFf +i2jkX/8wwXb6DMJGatyk4q591QT9FjAvEa3yoHVaEL+lSJW8JVUE4z/zITRGFAsA +GqZ6DaGDuOXbtDXn3gtVg39VkaX7YbuZZBoQsjeQx/2+2/Pcg4/SjwCpPRcWYSwd +2AFp4eM7ZEQh/85i85VfRXu1064X6h/jQn9B6OprqlIAvgwKWkyNGM7nPjBDJvVJ +q/IrMWrhLTcJMynbdE6BBtHsokzEkdAfHLk4hJgZVqECgYEA50I+3D/56JFcOH6Y +ATnmgmAUrc7TYy4kJdIwIJNCk2zeo4B1wgTeZRoUg6+Qt3Sy2jNlhoylXeFKOasQ +j9IAh9SkzkcG0HLqVHqVVa5DJDkG0ZInt+HwaIpvVtLqtI036q4tIzlP2zRi3use +z0LGRN7Aan4aOFMFfS6HbXM5q/kCgYEA2mEOjHtjfJ57kqzNNeRssn4P3/Q6s+aC +1/mSnr1KM7RW8VtcieHKll4VTkGWYXdQTwMP9sQUOK1EDb6ICLxrl6JrooC89N+Z +hfIzR0tVARkFxC344sSaAPAZX5UuFvaIZPyS8F2vreCxvSSFnraiY29rKBUZYACv +s89XgBrwzu0CgYBuIFzg89JljvtUp+xpARKlWW3fixOdMnbiT+K9UIMuw3SOdfkd +6MWjbbUBNNT8mCUnxbv+Q/Hn8AYxyiW752x7Qqcs2CQFlgPDMRD2WWL91+5IVIp3 +ha+/iNUWiqBcVLehGUrDcGJ3582BjIQCfTD/0Pfefqir09VUVJkHZQy8uQKBgEN7 +kp9e0dOEtfMRayioOd6+jfFK64kERpKvENv06qUnqWZUMTh6ibwFvte79NiRokOI +UrqSxRzujgUhR7BLaYQmMNS6q6mQH0UBH098u/vm251QB4Ur89suVujulJuL+4IZ +et7EVLGKqeIlExWEopHPsHFmc7zy+Vi7TfLMYHXRAoGBAK/Ccp2sFanC16XEXzFT +vwae/XjBYGzvCy+PihwF0DgxuYxg46cLjflO8Q27JbM1H0VJpT7KDQtspvH9G38v +bWmRbngWjCX9FmIzEc3eFJzutLQZxu8I51gHRzwIzwkD7gYBCVsWqahnf5bK/LRO +5MLVdsdNuor2VKVw3IBYEQnQ +-----END PRIVATE KEY----- -- 2.17.1