NIST 800-193 needs FW Resiliency support. It is to ensure the FW update is healthy and has a way to roll back to previous version if there was a bad update. If LSV is changed whenever the update is accomplished (health is not sure), there will be some difficulties to handle LSV when the update is judged as unhealth update by platform sides. Platform would roll back the update but has no way to roll back the LSV brought by the capsule. So, next attempt (maybe healthy one) would be blocked if the roll-backed image brought LSV equals the version of roll-backed image.

 

From: sean.brogan via [] <sean.brogan=microsoft.com@[]>
Sent: Thursday, October 10, 2019 2:28 PM
To: Chen; Chen, Kenji <kenji.chen@intel.com>; devel@edk2.groups.io
Subject: Re: [edk2-devel] Patch for Bug 2236 on Bugzilla

 

Since the LSV can be managed from within the FmpDeviceLib i don't understand why this change is required.  This adds yet again more complexity to all users of FmpDxe for a very niche use case.  I believe the hooks already exist that would allow you to achieve the same functionality from within your own FmpDeviceLib.  

Thanks
Sean