From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=104.47.37.136; helo=nam02-cy1-obe.outbound.protection.outlook.com; envelope-from=sean.brogan@microsoft.com; receiver=edk2-devel@lists.01.org Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0136.outbound.protection.outlook.com [104.47.37.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B2DB12263DD8D for ; Tue, 17 Apr 2018 15:26:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=VBU1uSEVOuTkzuKGMwo3WYfpr3fk3trbD+hDQRVTAQc=; b=ns/892az/1WE3cgAEjV8+UsQJIf92remaelVHEDix9Jgc3+YlWbXLOxRB0rHxpOXN3F8umWkh7nJMNeKynLHfR8wg6AYrCNPuyhInuj7v9vLZJ0GMPzLIixU3BdKpFaPw/Vvg592kRHiElz7Enl9WASz00/LW06VBrjna03E4dU= Received: from CY4PR21MB0789.namprd21.prod.outlook.com (10.175.121.143) by CY4PR21MB0837.namprd21.prod.outlook.com (10.173.192.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.715.4; Tue, 17 Apr 2018 22:26:24 +0000 Received: from CY4PR21MB0789.namprd21.prod.outlook.com ([fe80::1468:84b3:8592:87aa]) by CY4PR21MB0789.namprd21.prod.outlook.com ([fe80::1468:84b3:8592:87aa%7]) with mapi id 15.20.0715.004; Tue, 17 Apr 2018 22:26:24 +0000 From: Sean Brogan To: "Kinney, Michael D" , "edk2-devel@lists.01.org" CC: Jiewen Yao Thread-Topic: [RFC v2 1/4] FmpDevicePkg: Add package, library classes, and PCDs Thread-Index: AQHT1o/SfsfreCqhE0KhOau0bXiCG6QFiQXA Date: Tue, 17 Apr 2018 22:26:24 +0000 Message-ID: References: <20180417210522.29644-1-michael.d.kinney@intel.com> <20180417210522.29644-2-michael.d.kinney@intel.com> In-Reply-To: <20180417210522.29644-2-michael.d.kinney@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=sebrogan@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2018-04-17T22:26:22.2061970Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General x-originating-ip: [131.107.32.41] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0837; 7:t4p/VamNA0Xqoug7RLS5JCMz4WW/V9vuRpMgJgxlQKA5LNbHY3rUID20NKRFcVtIQ5Nf4+fD2jobPpf2bgg9h573441PXoAGY6Zf/obOiwx1ArzsWK8zNSrjfooNaREPUI5uOVEZ2VnlMCzR0qnRoU8LrcFO/zZq/m7myT1erKdkYbnXXTLHDapFZzTLH+EhfbrcnM1fyrGqHYJVvytqnHJkLJMXgM91oTlf2IJQbhUKzv+sn/dIprDVaNwYatuJ; 20:X5IdwpTD+P3rt+uy3iu2G1MDNYX6lkUMextVRyXUoRWqdIgaCtrJOjfEH1l6usBOLchJwCWbvREY2MTMQ9v/I5IyqYkG/8oO+rA8f3lPmuoGL4RFPeWMM4J+znHvT0Q0J1Njc9N2arQ/YgABZtIi7hhRu7t/8HFVd1OaOqtSWjA= x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(2017052603328)(7193020); SRVR:CY4PR21MB0837; x-ms-traffictypediagnostic: CY4PR21MB0837: authentication-results: outbound.protection.outlook.com; spf=skipped (originating message); dkim=none (message not signed) header.d=none; dmarc=none action=none header.from=microsoft.com; x-o365ent-eop-header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY) x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(28532068793085)(89211679590171)(189930954265078)(162533806227266)(219752817060721)(211171220733660)(228905959029699); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(61425038)(6040522)(2401047)(8121501046)(5005006)(3231232)(944501361)(52105095)(3002001)(93006095)(93001095)(10201501046)(6055026)(61426038)(61427038)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(6072148)(201708071742011); SRVR:CY4PR21MB0837; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0837; x-forefront-prvs: 0645BEB7AA x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39380400002)(376002)(366004)(39860400002)(13464003)(10290500003)(478600001)(9686003)(3846002)(86612001)(53936002)(53946003)(6246003)(55016002)(6306002)(110136005)(316002)(5660300001)(8936002)(81166006)(186003)(26005)(7736002)(74316002)(8676002)(305945005)(3660700001)(33656002)(6436002)(229853002)(25786009)(3280700002)(966005)(11346002)(446003)(22452003)(4326008)(10090500001)(476003)(86362001)(575784001)(2501003)(2906002)(102836004)(44832011)(99286004)(7696005)(59450400001)(6506007)(53546011)(76176011)(5250100002)(66066001)(16799955002)(559001)(579004)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0837; H:CY4PR21MB0789.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:; x-microsoft-antispam-message-info: kQ4XpdSNT41quTZTZAPYT1DRkmHjrmWkwv1FYO6jCpwqZW6pdRtafVfHyTZyk9qr4sfn87a8tImx4oedByD7EfThTCPA9Uh4pRu/sGkaBcgry1DSit931oqIaXe7dPBb8QhMpAd9MUYvP/FScPwz+GdMXI/YKCpxWwUsd7hoUOw5mtyXJW2bNayjc7gsF82n spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: e3bb5bdb-1773-4936-0605-08d5a4b2411a X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: e3bb5bdb-1773-4936-0605-08d5a4b2411a X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2018 22:26:24.0757 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0837 Subject: Re: [RFC v2 1/4] FmpDevicePkg: Add package, library classes, and PCDs X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Apr 2018 22:26:27 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Signed-off-by: Sean Brogan -----Original Message----- From: Kinney, Michael D =20 Sent: Tuesday, April 17, 2018 2:05 PM To: edk2-devel@lists.01.org Cc: Sean Brogan ; Jiewen Yao ; Michael D Kinney Subject: [RFC v2 1/4] FmpDevicePkg: Add package, library classes, and PCDs https://na01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugzilla= .tianocore.org%2Fshow_bug.cgi%3Fid%3D922&data=3D02%7C01%7Csean.brogan%40mic= rosoft.com%7C04f31611ee15497b0dc008d5a4a6f254%7C72f988bf86f141af91ab2d7cd01= 1db47%7C1%7C0%7C636595959308945858&sdata=3D8ZqxciO9%2BNUehHIZ%2B8PbZJYK8c%2= FAzBZy1Z7c8x8GkSo%3D&reserved=3D0 Based on content from the following branch: https://na01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgithub.c= om%2FMicrosoft%2FMS_UEFI%2Ftree%2Fshare%2FMsCapsuleSupport%2FMsCapsuleUpdat= ePkg&data=3D02%7C01%7Csean.brogan%40microsoft.com%7C04f31611ee15497b0dc008d= 5a4a6f254%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636595959308945858&s= data=3DBEp%2F7u4rN5Jx%2FY8Qh9I847n4yF6LyisgSl1r%2FgCtmPU%3D&reserved=3D0 Create FmpDevicePkg with library classes and PCDs used to customize the behavior of a Firmware Management Protocol instance. Library Classes =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * FmpDeviceLib - Provides firmware device specific services to support updates of a firmware image stored in a firmware device. * CapsuleUpdatePolicyLib - Provides platform policy services used during a capsule update. * FmpPayloadHeaderLib - Provides services to retrieve values from a capsule's FMP Payload Header. The structure is not included in the library class. Instead, services are provided to retrieve information from the FMP Payload Header. If information is added to the FMP Payload Header, then new services may be added to this library class to retrieve the new information. PCDs set per module =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * PcdFmpDeviceSystemResetRequired - Indicates if a full system reset is required before a firmware update to a firmware devices takes effect * PcdFmpDeviceTestKeySha256Digest - The SHA-256 hash of a PKCS7 test key that is used to detect if a test key is being used to authenticate capsules. Test key detection is disabled by setting the value to {0}. * PcdFmpDeviceProgressColor - The color of the progress bar during a firmware update. * PcdFmpDeviceImageIdName - The Null-terminated Unicode string used to fill in the ImageIdName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo() service of the Firmware Management Protocol for the firmware device. * PcdFmpDeviceBuildTimeLowestSupportedVersion - The build time value used to fill in the LowestSupportedVersion field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImageInfo() service of the Firmware Management Protocol. * PcdFmpDeviceProgressWatchdogTimeInSeconds - The time in seconds to arm a watchdog timer during the update of a firmware device. PCDs set per module or for entire platform =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D * PcdFmpDevicePkcs7CertBufferXdr - One or more PKCS7 certificates used to verify a firmware device capsule update image. * PcdFmpDeviceLockEventGuid - An event GUID that locks the firmware device when the event is signaled. Cc: Sean Brogan Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- FmpDevicePkg/FmpDevicePkg.dec | 132 +++++++ FmpDevicePkg/FmpDevicePkg.uni | 80 ++++ FmpDevicePkg/FmpDevicePkgExtra.uni | 18 + .../Include/Library/CapsuleUpdatePolicyLib.h | 120 ++++++ FmpDevicePkg/Include/Library/FmpDeviceLib.h | 405 +++++++++++++++++= ++++ FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h | 100 +++++ 6 files changed, 855 insertions(+) create mode 100644 FmpDevicePkg/FmpDevicePkg.dec create mode 100644 FmpDevicePkg/FmpDevicePkg.uni create mode 100644 FmpDevicePkg/FmpDevicePkgExtra.uni create mode 100644 FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h create mode 100644 FmpDevicePkg/Include/Library/FmpDeviceLib.h create mode 100644 FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h diff --git a/FmpDevicePkg/FmpDevicePkg.dec b/FmpDevicePkg/FmpDevicePkg.dec new file mode 100644 index 0000000000..9ea0d73359 --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.dec @@ -0,0 +1,132 @@ +## @file +# Firmware Management Protocol Device Package +# +# This package provides an implementation of a Firmware Management Protoco= l +# instance that supports the update of firmware storage devices using UEFI +# Capsules. The behavior of the Firmware Management Protocol instance is +# customized using libraries and PCDs. +# +# Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are m= et: +# 1. Redistributions of source code must retain the above copyright notice= , +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright not= ice, +# this list of conditions and the following disclaimer in the documentatio= n +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. +# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, +# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN I= F +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +## + +[Defines] + DEC_SPECIFICATION =3D 0x00010005 + PACKAGE_NAME =3D FmpDevicePkg + PACKAGE_UNI_FILE =3D FmpDevicePkg.uni + PACKAGE_GUID =3D 080b5b4f-27c6-11e8-84d1-f8597177a00a + PACKAGE_VERSION =3D 0.1 + +[Includes] + Include + +[LibraryClasses] + ## @libraryclass Provides services to retrieve values from a capsule's= FMP + # Payload Header. The structure is not included in the + # library class. Instead, services are provided to ret= rieve + # information from the FMP Payload Header. If informat= ion is + # added to the FMP Payload Header, then new services ma= y be + # added to this library class to retrieve the new infor= mation. + FmpPayloadHeaderLib|Include/Library/FmpPayloadHeaderLib.h + + ## @libraryclass Provides platform policy services used during a capsu= le + # update. + CapsuleUpdatePolicyLib|Include/Library/CapsuleUpdatePolicyLib.h + + ## @libraryclass Provides firmware device specific services to support + # updates of a firmware image stored in a firmware devi= ce. + FmpDeviceLib|Include/Library/FmpDeviceLib.h + +[Guids] + ## Firmware Management Protocol Device Package Token Space GUID + gFmpDevicePkgTokenSpaceGuid =3D { 0x40b2d964, 0xfe11, 0x40dc, { 0x82, 0x= 83, 0x2e, 0xfb, 0xda, 0x29, 0x53, 0x56 } } + +[PcdsFixedAtBuild] + ## Indicates if a full system reset is required before a firmware update= to a + # firmware devices takes effect.

+ # TRUE - System reset is required.
+ # FALSE - System reset is not required.
+ # @Prompt FMP Device System Reset Required. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceSystemResetRequired|TRUE|BOOLEAN= |0x40000008 + + ## The SHA-256 hash of a PKCS7 test key that is used to detect if a test= key + # is being used to authenticate capsules. Test key detection is disabl= ed by + # setting the value to {0}. + # @Prompt SHA-256 hash of PKCS7 test key. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0x2E, 0x97,= 0x89, 0x1B, 0xDB, 0xE7, 0x08, 0xAA, 0x8C, 0xB2, 0x8F, 0xAD, 0x20, 0xA9, 0= x83, 0xC7, 0x84, 0x7D, 0x4F, 0xEE, 0x48, 0x25, 0xE9, 0x4D, 0x39, 0xFA, 0x= 34, 0x9A, 0xB8, 0xB1, 0xC4, 0x26}|VOID*|0x40000009 + +[PcdsFixedAtBuild, PcdsPatchableInModule] + ## The color of the progress bar during a firmware update. Each firmwar= e + # device can set its own color. The default color is white.

+ # Bits 7..0 - Red
+ # Bits 15..8 - Green
+ # Bits 23..16 - Blue
+ # @Prompt Firmware Device Progress Bar Color. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FFFFFF|UINT32|= 0x40000004 + + ## The Null-terminated Unicode string used to fill in the ImageIdName fi= eld of + # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the + # GetImageInfo() service of the Firmware Management Protocol for the fi= rmware + # device. An ImageIdName string must be provided for each firmware dev= ice. + # The default value is an empty string. + # @Prompt Firmware Device ImageIdName string. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L""|VOID*|0x40000007 + + ## The build time value used to fill in the LowestSupportedVersion field= of + # the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the + # GetImageInfo() service of the Firmware Management Protocol. This val= ue is + # only used if the firmware device does not provide a method to report = the + # lowest supported version value from the current firmware image and th= e + # UEFI variable used to provide the lowest supported version value does= not + # exist. The default value is 0. + # @Prompt Build Time Firmware Device Lowest Support Version. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion|= 0x0|UINT32|0x4000000C + + ## The time in seconds to arm a watchdog timer during the update of a fi= rmware + # device. The watchdog is re-armed each time the FmpDeviceLib calls th= e + # Progress() function passed into FmpDeviceSetImage() function. The + # FmpDeviceLib calls Progress() to update the percent completion of a + # firmware update. If the watchdog timer expires, the system reboots. = A + # value of 0 disables the watchdog timer. The default value is 0 (watc= hdog + # disabled). + # @Prompt Firmware Device Watchdog Time in Seconds. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds|0x= 0|UINT8|0x4000000D + +[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] + ## One or more PKCS7 certificates used to verify a firmware device capsu= le + # update image. Encoded using the Variable-Length Opaque Data format o= f RFC + # 4506 External Data Representation Standard (XDR). The default value = is + # empty with 0 certificates. + # @Prompt One or more XDR encoded PKCS7 certificates used to verify firm= ware device capsule update images. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr|{0x0}|VOID*|0= x4000000E + + ## An event GUID that locks the firmware device when the event is signal= ed. + # If this PCD is not a valid GUID value, then the firmware device is lo= cked + # when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is signaled. The + # default value is empty, so by default the firmware device is locked a= t the + # end of the DXE phase. + # @Prompt Firmware Device Lock Event GUID. + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{0}|VOID*|0x400000= 0F + +[UserExtensions.TianoCore."ExtraFiles"] + FmpDevicePkgExtra.uni diff --git a/FmpDevicePkg/FmpDevicePkg.uni b/FmpDevicePkg/FmpDevicePkg.uni new file mode 100644 index 0000000000..da31d0ac81 --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkg.uni @@ -0,0 +1,80 @@ +// /** @file +// Firmware Management Protocol Device Package +// +// This package provides an implementation of a Firmware Management Protoc= ol +// instance that supports the update of firmware storage devices using UEF= I +// Capsules. The behavior of the Firmware Management Protocol instance is +// customized using libraries and PCDs. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials are licensed and made avail= able under +// the terms and conditions of the BSD License which accompanies this dist= ribution. +// The full text of the license may be found at +// https://na01.safelinks.protection.outlook.com/?url=3Dhttp%3A%2F%2Fopens= ource.org%2Flicenses%2Fbsd-license.php&data=3D02%7C01%7Csean.brogan%40micro= soft.com%7C04f31611ee15497b0dc008d5a4a6f254%7C72f988bf86f141af91ab2d7cd011d= b47%7C1%7C0%7C636595959308945858&sdata=3DP2MItPvKtzoQAh7BCamtK9Mj2K3JNuXPGz= Mnvp%2BBVhA%3D&reserved=3D0 +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_PACKAGE_ABSTRACT #language en-US "Firmware Management Pro= tocol Software Development Kit" + +#string STR_PACKAGE_DESCRIPTION #language en-US "This package provides l= ibraries that support the implementation of a module that produces the Firm= ware Management Protocol to support the update of a system firmware compone= nt." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_PR= OMPT #language en-US "FMP Device System Reset Required." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceSystemResetRequired_HE= LP #language en-US "Indicates if a full system reset is required before = a firmware update to a firmware device takes effect.

\n" + = "TRUE - System reset is required.
\n" + = "FALSE - System reset is not required.
" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceTestKeySha256Digest_PR= OMPT #language en-US "SHA-256 hash of PKCS7 test key." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceTestKeySha256Digest_HE= LP #language en-US "The SHA-256 hash of a PKCS7 test key that is used to= detect if a test key" + = "is being used to authenticate capsules. Test key de= tection can be disabled" + = "by setting the value to {0}" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_PROMPT = #language en-US "Firmware Device Progress Bar Color." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressColor_HELP = #language en-US "The color of the progress bar during a firmware update. E= ach firmware" + = "device can set its own color. The default color is white.=

\n" + = "Bits 7..0 - Red
\n" + = "Bits 15..8 - Green
\n" + = "Bits 23..16 - Blue
\n" + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_PROMPT #l= anguage en-US "Firmware Device ImageIdName string." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceImageIdName_HELP #l= anguage en-US "The Null-terminated Unicode string used to fill in the Image= IdName field of" + = "the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned= by the" + = "GetImageInfo() service of the Firmware Management Protocol f= or the firmware" + = "device. An ImageIdName string must be provided for each fir= mware device." + = "The default value is an empty string." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupport= edVersion_PROMPT #language en-US "Build Time Firmware Device Lowest Suppor= t Version." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceBuildTimeLowestSupport= edVersion_HELP #language en-US "The build time value used to fill in the= LowestSupportedVersion field of" + = "the EFI_FIRMWARE_IMAGE_DESCRIPTOR struct= ure that is returned by the" + = "GetImageInfo() service of the Firmware M= anagement Protocol. This value is" + = "only used if the firmware device does no= t provide a method to report the" + = "lowest supported version value from the = current firmware image and the" + = "UEFI variable used to provide the lowest= supported version value does not" + = "exist. The default value is 0." + +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeIn= Seconds_PROMPT #language en-US "Firmware Device Watchdog Time in Seconds." +#string STR_gFmpDevicePkgTokenSpaceGuid_PcdFmpDeviceProgressWatchdogTimeIn= Seconds_HELP #language en-US "Indicates the time in seconds to arm a wat= chdog timer during the update of" + = "a firmware device. The watchdog is re-arm= ed each time the FmpDeviceLib" + = "calls the Progress() function passed into = FmpDeviceSetImage() function." + = "The FmpDeviceLib calls Progress() to updat= e the percent completion of a" + = "firmware update. If the watchdog timer ex= pires, the system reboots. A" + = "value of 0 disables the watchdog timer. T= he default value is 0 (watchdog" + = "disabled)." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_P= ROMPT #language en-US "One or more XDR encoded PKCS7 certificates used to = verify firmware device capsule update images" +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDevicePkcs7CertBufferXdr_H= ELP #language en-US "Provides one or more PKCS7 certificates used to ver= ify a firmware device" + = "capsule update image. This PCD is encoded using th= e Variable-Length Opaque" + = "Data format of RFC 4506 External Data Representatio= n Standard (XDR)." + = "The default value is empty with 0 certificates." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_PROMPT= #language en-US "Firmware Device Lock Event GUID." +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdFmpDeviceLockEventGuid_HELP = #language en-US "An event GUID that locks the firmware device when the ev= ent is signaled." + = "If this PCD is not a valid GUID value, then the firmware= device is locked" + = "when gEfiEndOfDxeEventGroupGuid (End of DXE Phase) is si= gnaled. The" + = "default value is empty, so by default the firmware devic= e is locked at the" + = "end of the DXE phase." + + diff --git a/FmpDevicePkg/FmpDevicePkgExtra.uni b/FmpDevicePkg/FmpDevicePkg= Extra.uni new file mode 100644 index 0000000000..fe49e8cd6c --- /dev/null +++ b/FmpDevicePkg/FmpDevicePkgExtra.uni @@ -0,0 +1,18 @@ +// /** @file +// Firmware Management Protocol Device Package Localized Strings and Conte= nt. +// +// Copyright (c) 2018, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials are licensed and made avail= able under +// the terms and conditions of the BSD License which accompanies this dist= ribution. +// The full text of the license may be found at +// https://na01.safelinks.protection.outlook.com/?url=3Dhttp%3A%2F%2Fopens= ource.org%2Flicenses%2Fbsd-license.php&data=3D02%7C01%7Csean.brogan%40micro= soft.com%7C04f31611ee15497b0dc008d5a4a6f254%7C72f988bf86f141af91ab2d7cd011d= b47%7C1%7C0%7C636595959308945858&sdata=3DP2MItPvKtzoQAh7BCamtK9Mj2K3JNuXPGz= Mnvp%2BBVhA%3D&reserved=3D0 +// +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + +#string STR_PROPERTIES_PACKAGE_NAME +#language en-US +"Firmware Management Protocol Device package" diff --git a/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h b/FmpDev= icePkg/Include/Library/CapsuleUpdatePolicyLib.h new file mode 100644 index 0000000000..b38f212859 --- /dev/null +++ b/FmpDevicePkg/Include/Library/CapsuleUpdatePolicyLib.h @@ -0,0 +1,120 @@ +/** @file + Provides platform policy services used during a capsule update. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice= , + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentatio= n + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN I= F + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __CAPSULE_UPDATE_POLICY_LIB__ +#define __CAPSULE_UPDATE_POLICY_LIB__ + +/** + Determine if the system power state supports a capsule update. + + @param[out] Good Returns TRUE if system power state supports a capsule + update. Returns FALSE if system power state does not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System power state can not be determined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemPower ( + OUT BOOLEAN *Good + ); + +/** + Determines if the system thermal state supports a capsule update. + + @param[out] Good Returns TRUE if system thermal state supports a capsul= e + update. Returns FALSE if system thermal state does no= t + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System thermal state can not be determine= d. + +**/ +EFI_STATUS +EFIAPI +CheckSystemThermal ( + IN OUT BOOLEAN *Good + ); + +/** + Determines if the system environment state supports a capsule update. + + @param[out] Good Returns TRUE if system environment state supports a ca= psule + update. Returns FALSE if system environment state doe= s not + support a capsule update. Return value is only valid = if + return status is EFI_SUCCESS. + + @retval EFI_SUCCESS Good parameter has been updated with resu= lt. + @retval EFI_INVALID_PARAMETER Good is NULL. + @retval EFI_DEVICE_ERROR System environment state can not be deter= mined. + +**/ +EFI_STATUS +EFIAPI +CheckSystemEnvironment ( + IN OUT BOOLEAN *Good + ); + +/** + Determines if the Lowest Supported Version checks should be performed. = The + expected result from this function is TRUE. A platform can choose to re= turn + FALSE (e.g. during manufacturing or servicing) to allow a capsule update= to a + version below the current Lowest Supported Version. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +CheckLowestSupportedVersion ( + VOID + ); + +/** + Determines if the FMP device should be locked when the event specified b= y + PcdFmpDeviceLockEventGuid is signaled. The expected result from this fun= ction + is TRUE so the FMP device is always locked. A platform can choose to re= turn + FALSE (e.g. during manufacturing) to allow FMP devices to remain unlocke= d. + + @retval TRUE Perform Lowest Support Version check. + @retval FALSE Do not perform Lowest Support Version check. + +**/ +BOOLEAN +EFIAPI +LockFmpDeviceAtLockEventGuid ( + VOID + ); + +#endif diff --git a/FmpDevicePkg/Include/Library/FmpDeviceLib.h b/FmpDevicePkg/Inc= lude/Library/FmpDeviceLib.h new file mode 100644 index 0000000000..08125f0096 --- /dev/null +++ b/FmpDevicePkg/Include/Library/FmpDeviceLib.h @@ -0,0 +1,405 @@ +/** @file + Provides firmware device specific services to support updates of a firmw= are + image stored in a firmware device. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice= , + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentatio= n + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN I= F + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __FMP_DEVICE_LIB__ +#define __FMP_DEVICE_LIB__ + +#include + +/** + Callback function that installs a Firmware Management Protocol instance = onto + a handle. + + @param[in] Handle The device handle to install a Firmware Management + Protocol instance. + + @retval EFI_SUCCESS A Firmware Management Protocol instance = was + installed onto Handle. + @retval EFI_INVALID_PARAMETER Handle is invalid + @retval other A Firmware Management Protocol instance = could + not be installed onto Handle. + +**/ +typedef +EFI_STATUS +(EFIAPI *FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER)( + IN EFI_HANDLE Handle + ); + +/** + Provide a function to install the Firmware Management Protocol instance = onto a + device handle when the device is managed by a driver that follows the UE= FI + Driver Model. If the device is not managed by a driver that follows the= UEFI + Driver Model, then EFI_UNSUPPORTED is returned. + + @param[in] FmpInstaller Function that installs the Firmware Management + Protocol. + + @retval EFI_SUCCESS The device is managed by a driver that follows = the + UEFI Driver Model. FmpInstaller must be called= on + each Driver Binding Start(). + @retval EFI_UNSUPPORTED The device is not managed by a driver that foll= ows + the UEFI Driver Model. + @retval other The Firmware Management Protocol for this firmw= are + device is not installed. The firmware device i= s + still locked using FmpDeviceLock(). + +**/ +EFI_STATUS +EFIAPI +RegisterFmpInstaller ( + IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER FmpInstaller + ); + +/** + Returns the size, in bytes, of the firmware image currently stored in th= e + firmware device. This function is used to by the GetImage() and + GetImageInfo() services of the Firmware Management Protocol. If the ima= ge + size can not be determined from the firmware device, then 0 must be retu= rned. + + @param[out] Size Pointer to the size, in bytes, of the firmware image + currently stored in the firmware device. + + @retval EFI_SUCCESS The size of the firmware image currently + stored in the firmware device was returne= d. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support repo= rting + the size of the currently stored firmware= image. + @retval EFI_DEVICE_ERROR An error occured attempting to determine = the + size of the firmware image currently stor= ed in + in the firmware device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetSize ( + OUT UINTN *Size + ); + +/** + Returns the GUID value used to fill in the ImageTypeId field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_UNSUPPORTED is retu= rned, + then the ImageTypeId field is set to gEfiCallerIdGuid. If EFI_SUCCESS i= s + returned, then ImageTypeId is set to the Guid returned from this functio= n. + + @param[out] Guid Double pointer to a GUID value that is updated to poin= t to + to a GUID value. The GUID value is not allocated and = must + not be modified or freed by the caller. + + @retval EFI_SUCCESS EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID = is set + to the returned Guid value. + @retval EFI_UNSUPPORTED EFI_FIRMWARE_IMAGE_DESCRIPTOR ImageTypeId GUID = is set + to gEfiCallerIdGuid. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImageTypeIdGuidPtr ( + OUT EFI_GUID **Guid + ); + +/** + Returns values used to fill in the AttributesSupported and AttributesSet= tings + fields of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned b= y the + GetImageInfo() service of the Firmware Management Protocol. The followi= ng + bit values from the Firmware Management Protocol may be combined: + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE + IMAGE_ATTRIBUTE_RESET_REQUIRED + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED + IMAGE_ATTRIBUTE_IN_USE + IMAGE_ATTRIBUTE_UEFI_IMAGE + + @param[out] Supported Attributes supported by this firmware device. + @param[out] Setting Attributes settings for this firmware device. + + @retval EFI_SUCCESS The attributes supported by the firmware + device were returned. + @retval EFI_INVALID_PARAMETER Supported is NULL. + @retval EFI_INVALID_PARAMETER Setting is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetAttributes ( + IN OUT UINT64 *Supported, + IN OUT UINT64 *Setting + ); + +/** + Returns the value used to fill in the LowestSupportedVersion field of th= e + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_SUCCESS is returned= , then + the firmware device supports a method to report the LowestSupportedVersi= on + value from the currently stored firmware image. If the value can not be + reported for the firmware image currently stored in the firmware device,= then + EFI_UNSUPPORTED must be returned. EFI_DEVICE_ERROR is returned if an er= ror + occurs attempting to retrieve the LowestSupportedVersion value for the + currently stored firmware image. + + @note It is recommended that all firmware devices support a method to re= port + the LowestSupportedVersion value from the currently stored firmwar= e + image. + + @param[out] LowestSupportedVersion LowestSupportedVersion value retriev= ed + from the currently stored firmware i= mage. + + @retval EFI_SUCCESS The lowest supported version of currently stor= ed + firmware image was returned in LowestSupported= Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method = to + report the lowest supported version of the cur= rently + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the l= owest + supported version of the currently stored firm= ware + image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetLowestSupportedVersion ( + OUT UINT32 *LowestSupportedVersion + ); + +/** + Returns the Null-terminated Unicode string that is used to fill in the + VersionName field of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the GetImageInfo() service of the Firmware Management Protoc= ol. + The returned string must be allocated using EFI_BOOT_SERVICES.AllocatePo= ol(). + + @note It is recommended that all firmware devices support a method to re= port + the VersionName string from the currently stored firmware image. + + @param[out] VersionString The version string retrieved from the current= ly + stored firmware image. + + @retval EFI_SUCCESS The version string of currently stored + firmware image was returned in Version. + @retval EFI_INVALID_PARAMETER VersionString is NULL. + @retval EFI_UNSUPPORTED The firmware device does not support a me= thod + to report the version string of the curre= ntly + stored firmware image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + version string of the currently stored + firmware image. + @retval EFI_OUT_OF_RESOURCES There are not enough resources to allocat= e the + buffer for the version string of the curr= ently + stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersionString ( + OUT CHAR16 **VersionString + ); + +/** + Returns the value used to fill in the Version field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned by the GetImage= Info() + service of the Firmware Management Protocol. If EFI_SUCCESS is returned= , then + the firmware device supports a method to report the Version value from t= he + currently stored firmware image. If the value can not be reported for t= he + firmware image currently stored in the firmware device, then EFI_UNSUPPO= RTED + must be returned. EFI_DEVICE_ERROR is returned if an error occurs attem= pting + to retrieve the LowestSupportedVersion value for the currently stored fi= rmware + image. + + @note It is recommended that all firmware devices support a method to re= port + the Version value from the currently stored firmware image. + + @param[out] Version The version value retrieved from the currently stor= ed + firmware image. + + @retval EFI_SUCCESS The version of currently stored firmware image= was + returned in Version. + @retval EFI_UNSUPPORTED The firmware device does not support a method = to + report the version of the currently stored fir= mware + image. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve the v= ersion + of the currently stored firmware image. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetVersion ( + OUT UINT32 *Version + ); + +/** + Returns a copy of the firmware image currently stored in the firmware de= vice. + + @note It is recommended that all firmware devices support a method to re= trieve + a copy currently stored firmware image. This can be used to suppo= rt + features such as recovery and rollback. + + @param[out] Image Pointer to a caller allocated buffer where the + currently stored firmware image is copied to. + @param[in out] ImageSize Pointer the size, in bytes, of the Image buffe= r. + On return, points to the size, in bytes, of fi= rmware + image currently stored in the firmware device. + + @retval EFI_SUCCESS Image contains a copy of the firmware ima= ge + currently stored in the firmware device, = and + ImageSize contains the size, in bytes, of= the + firmware image currently stored in the + firmware device. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too = small + to hold the firmware image currently stor= ed in + the firmware device. The buffer size requ= ired + is returned in ImageSize. + @retval EFI_INVALID_PARAMETER The Image is NULL. + @retval EFI_INVALID_PARAMETER The ImageSize is NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_DEVICE_ERROR An error occurred attempting to retrieve = the + firmware image currently stored in the fi= rmware + device. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceGetImage ( + IN OUT VOID *Image, + IN IN OUT UINTN *ImageSize + ); + +/** + Checks if a new firmware image is valid for the firmware device. This + function allows firmware update operation to validate the firmware image + before FmpDeviceSetImage() is called. + + @param[in] Image Points to a new firmware image. + @param[in] ImageSize Size, in bytes, of a new firmware image. + @param[out] ImageUpdatable Indicates if a new firmware image is valid f= or + a firmware update to the firmware device. T= he + following values from the Firmware Managemen= t + Protocol are supported: + IMAGE_UPDATABLE_VALID + IMAGE_UPDATABLE_INVALID + IMAGE_UPDATABLE_INVALID_TYPE + IMAGE_UPDATABLE_INVALID_OLD + IMAGE_UPDATABLE_VALID_WITH_VENDOR_CODE + + @retval EFI_SUCCESS The image was successfully checked. Addi= tional + status information is returned in + ImageUpdateable. + @retval EFI_INVALID_PARAMETER Image is NULL. + @retval EFI_INVALID_PARAMETER ImageUpdateable is NULL. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceCheckImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdateable + ); + +/** + Updates a firmware device with a new firmware image. This function retu= rns + EFI_UNSUPPORTED if the firmware image is not updatable. If the firmware= image + is updatable, the function should perform the following minimal validati= ons + before proceeding to do the firmware image update. + - Validate that the image is a supported image for this firmware devic= e. + Return EFI_ABORTED if the image is not supported. Additional detail= s + on why the image is not a supported image may be returned in AbortRe= ason. + - Validate the data from VendorCode if is not NULL. Firmware image + validation must be performed before VendorCode data validation. + VendorCode data is ignored or considered invalid if image validation + fails. Return EFI_ABORTED if the VendorCode data is invalid. + + VendorCode enables vendor to implement vendor-specific firmware image up= date + policy. Null if the caller did not specify the policy or use the defaul= t + policy. As an example, vendor can implement a policy to allow an option= to + force a firmware image update when the abort reason is due to the new fi= rmware + image version is older than the current firmware image version or bad im= age + checksum. Sensitive operations such as those wiping the entire firmware= image + and render the device to be non-functional should be encoded in the imag= e + itself rather than passed with the VendorCode. AbortReason enables vend= or to + have the option to provide a more detailed description of the abort reas= on to + the caller. + + @param[in] Image Points to the new firmware image. + @param[in] ImageSize Size, in bytes, of the new firmware image. + @param[in] VendorCode This enables vendor to implement vendor-sp= ecific + firmware image update policy. NULL indica= tes + the caller did not specify the policy or u= se the + default policy. + @param[in] Progress A function used to report the progress of + updating the firmware device with the new + firmware image. + @param[in] CapsuleFwVersion The version of the new firmware image from= the + update capsule that provided the new firmw= are + image. + @param[out] AbortReason A pointer to a pointer to a Null-terminate= d + Unicode string providing more details on a= n + aborted operation. The buffer is allocated= by + this function with + EFI_BOOT_SERVICES.AllocatePool(). It is t= he + caller's responsibility to free this buffe= r with + EFI_BOOT_SERVICES.FreePool(). + + @retval EFI_SUCCESS The firmware device was successfully upda= ted + with the new firmware image. + @retval EFI_ABORTED The operation is aborted. Additional det= ails + are provided in AbortReason. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +EFI_STATUS +EFIAPI +FmpDeviceSetImage ( + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, OP= TIONAL + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OP= TIONAL + IN UINT32 CapsuleFwVersion, + OUT CHAR16 **AbortReason + ); + +/** + Lock the firmware device that contains a firmware image. Once a firmwar= e + device is locked, any attempts to modify the firmware image contents in = the + firmware device must fail. + + @note It is recommended that all firmware devices support a lock method = to + prevent modifications to a stored firmware image. + + @note A firmware device lock mechanism is typically only cleared by a fu= ll + system reset (not just sleep state/low power mode). + + @retval EFI_SUCCESS The firmware device was locked. + @retval EFI_UNSUPPORTED The firmware device does not support locking + +**/ +EFI_STATUS +EFIAPI +FmpDeviceLock ( + VOID + ); + +#endif diff --git a/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h b/FmpDevice= Pkg/Include/Library/FmpPayloadHeaderLib.h new file mode 100644 index 0000000000..cb5622e9ce --- /dev/null +++ b/FmpDevicePkg/Include/Library/FmpPayloadHeaderLib.h @@ -0,0 +1,100 @@ +/** @file + Provides services to retrieve values from a capsule's FMP Payload Header= . + The structure is not included in the library class. Instead, services a= re + provided to retrieve information from the FMP Payload Header. If inform= ation + is added to the FMP Payload Header, then new services may be added to th= is + library class to retrieve the new information. + + Copyright (c) 2016, Microsoft Corporation. All rights reserved.
+ Copyright (c) 2018, Intel Corporation. All rights reserved.
+ + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are m= et: + 1. Redistributions of source code must retain the above copyright notice= , + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright not= ice, + this list of conditions and the following disclaimer in the documentatio= n + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS = IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IM= PLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D= ISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY= DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCL= UDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF= USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY TH= EORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN I= F + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef _FMP_PAYLOAD_HEADER_LIB_H__ +#define _FMP_PAYLOAD_HEADER_LIB_H__ + +/** + Returns the FMP Payload Header size in bytes. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Size The size, in bytes, of the FMP Payload Heade= r. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Size is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderSize ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Size + ); + +/** + Returns the version described in the FMP Payload Header. + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] Version The firmware version described in the FMP Pa= yload + Header. + + @retval EFI_SUCCESS The firmware version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER Version is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + OUT UINT32 *Version + ); + +/** + Returns the lowest supported version described in the FMP Payload Header= . + + @param[in] Header FMP Payload Header to evaluate + @param[in] FmpPayloadSize Size of FMP payload + @param[out] LowestSupportedVersion The lowest supported version describ= ed in + the FMP Payload Header. + + @retval EFI_SUCCESS The lowest support version was returned. + @retval EFI_INVALID_PARAMETER Header is NULL. + @retval EFI_INVALID_PARAMETER LowestSupportedVersion is NULL. + @retval EFI_INVALID_PARAMETER Header is not a valid FMP Payload Header. + +**/ +EFI_STATUS +EFIAPI +GetFmpPayloadHeaderLowestSupportedVersion ( + IN CONST VOID *Header, + IN CONST UINTN FmpPayloadSize, + IN OUT UINT32 *LowestSupportedVersion + ); + +#endif --=20 2.14.2.windows.3