audk/FmpDevicePkg/FmpDxe/Dependency.h

/** @file
  Fmp Capsule Dependency support functions for Firmware Management Protocol based
  firmware updates.

  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>

  SPDX-License-Identifier: BSD-2-Clause-Patent

**/

#ifndef __DEPENDENCY_H__
#define __DEPENDENCY_H__

#include <Library/UefiLib.h>
#include <Protocol/FirmwareManagement.h>

#define DEPENDENCIES_SATISFIED    0
#define DEPENDENCIES_UNSATISFIED  1
#define DEPENDENCIES_INVALID      2

extern UINT8  mDependenciesCheckStatus;

/**
  Validate the dependency expression and output its size.

  @param[in]   ImageDepex      Pointer to the EFI_FIRMWARE_IMAGE_DEP.
  @param[in]   MaxDepexSize    Max size of the dependency.
  @param[out]  DepexSize       Size of dependency.

  @retval TRUE           The capsule is valid.
  @retval FALSE          The capsule is invalid.

**/
BOOLEAN
ValidateImageDepex (
  IN  EFI_FIRMWARE_IMAGE_DEP             *ImageDepex,
  IN  CONST UINTN                        MaxDepexSize,
  OUT UINT32                             *DepexSize
  );

/**
  Check dependency for firmware update.

  @param[in]   ImageTypeId         Image Type Id.
  @param[in]   Version             New version.
  @param[in]   Dependencies        The dependencies.
  @param[in]   DepexSize           Size of the dependencies
  @param[out]  IsSatisfied         Indicate the dependencies is satisfied or not.

  @retval  EFI_SUCCESS             Dependency Evaluation is successful.
  @retval  Others                  Dependency Evaluation fails with unexpected error.

**/
EFI_STATUS
EvaluateImageDependencies (
  IN CONST EFI_GUID                ImageTypeId,
  IN CONST UINT32                  Version,
  IN CONST EFI_FIRMWARE_IMAGE_DEP  *Dependencies,
  IN CONST UINT32                  DepexSize,
  OUT BOOLEAN                      *IsSatisfied
  );

#endif
FmdDevicePkg/FmpDxe: Support Fmp Capsule Dependency. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2421 Capsule Dependency is an incremental change of Fmp Capsule Update. The capsule format is extended to include a set of binary encoded dependency expression. The dependency expression is signed together with the Fmp payload and evaluated before update is applied. This feature is defined in UEFI Spec 2.8. The dependency evaluation has two steps: 1. Validate platform existing Fmp images' version satisfy the dependency expression in capsule image. 2. Validate the capsule image version satisfy all the platform existing Fmp image's dependency expression. If the dependency expression evaluates to FALSE, then the capsule update fails and last attempt status is set to LAST_ATTEMPT_STATUS_ERROR_UNSATISFIED_DEPENDENCIES. The dependency saving and getting is FmpDeviceLib implementation scope. The parameter "Image" of FmpDeviceSetImage and FmpDeviceGetImage function is extended to contain the dependency. The layout: +--------------------------+ \| Dependency Op-codes \| +--------------------------+ \| Fmp Payload Image \| +--------------------------+ 1. FmpDeviceSetImage is responsible for retrieving the dependency from the parameter "Image" and saving it to a protected storage. 2. FmpDeviceGetImage is responsible for retrieving the dependency from the storage where FmpDeviceSetImage saves dependency and combining it with the Fmp Payload Image into one buffer which is returned to the caller. This dependency will be populated into EFI_FIRMWARE_IMAGE_DESCRIPTOR and used for dependency evaluation. 3. FmpDeviceGetAttributes must set the bit IMAGE_ATTRIBUTE_DEPENDENCY to indicate the Fmp device supports Fmp Capsule Dependency feature. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Wei6 Xu <wei6.xu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> 2020-01-10 06:34:54 +01:00			`/** @file`
			`Fmp Capsule Dependency support functions for Firmware Management Protocol based`
			`firmware updates.`

			`Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>`

			`SPDX-License-Identifier: BSD-2-Clause-Patent`

			`**/`

			`#ifndef __DEPENDENCY_H__`
			`#define __DEPENDENCY_H__`

			`#include <Library/UefiLib.h>`
			`#include <Protocol/FirmwareManagement.h>`

			`#define DEPENDENCIES_SATISFIED 0`
			`#define DEPENDENCIES_UNSATISFIED 1`
			`#define DEPENDENCIES_INVALID 2`

			`extern UINT8 mDependenciesCheckStatus;`

			`/**`
			`Validate the dependency expression and output its size.`

			`@param[in] ImageDepex Pointer to the EFI_FIRMWARE_IMAGE_DEP.`
			`@param[in] MaxDepexSize Max size of the dependency.`
			`@param[out] DepexSize Size of dependency.`

			`@retval TRUE The capsule is valid.`
			`@retval FALSE The capsule is invalid.`

			`**/`
			`BOOLEAN`
			`ValidateImageDepex (`
			`IN EFI_FIRMWARE_IMAGE_DEP *ImageDepex,`
			`IN CONST UINTN MaxDepexSize,`
			`OUT UINT32 *DepexSize`
			`);`

			`/**`
			`Check dependency for firmware update.`

			`@param[in] ImageTypeId Image Type Id.`
			`@param[in] Version New version.`
			`@param[in] Dependencies The dependencies.`
			`@param[in] DepexSize Size of the dependencies`
			`@param[out] IsSatisfied Indicate the dependencies is satisfied or not.`

			`@retval EFI_SUCCESS Dependency Evaluation is successful.`
			`@retval Others Dependency Evaluation fails with unexpected error.`

			`**/`
			`EFI_STATUS`
			`EvaluateImageDependencies (`
			`IN CONST EFI_GUID ImageTypeId,`
			`IN CONST UINT32 Version,`
			`IN CONST EFI_FIRMWARE_IMAGE_DEP *Dependencies,`
FmpDevicePkg/FmpDxe: Issues reported by ECC in EDK2. https://bugzilla.tianocore.org/show_bug.cgi?id=2515 Change the FmpDevicePkg to match the ECC check rule Signed-off-by: GuoMinJ <newexplorerj@gmail.com> Reviewed-by: Liming Gao <liming.gao@intel.com> 2020-02-13 09:33:46 +01:00			`IN CONST UINT32 DepexSize,`
FmdDevicePkg/FmpDxe: Support Fmp Capsule Dependency. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2421 Capsule Dependency is an incremental change of Fmp Capsule Update. The capsule format is extended to include a set of binary encoded dependency expression. The dependency expression is signed together with the Fmp payload and evaluated before update is applied. This feature is defined in UEFI Spec 2.8. The dependency evaluation has two steps: 1. Validate platform existing Fmp images' version satisfy the dependency expression in capsule image. 2. Validate the capsule image version satisfy all the platform existing Fmp image's dependency expression. If the dependency expression evaluates to FALSE, then the capsule update fails and last attempt status is set to LAST_ATTEMPT_STATUS_ERROR_UNSATISFIED_DEPENDENCIES. The dependency saving and getting is FmpDeviceLib implementation scope. The parameter "Image" of FmpDeviceSetImage and FmpDeviceGetImage function is extended to contain the dependency. The layout: +--------------------------+ \| Dependency Op-codes \| +--------------------------+ \| Fmp Payload Image \| +--------------------------+ 1. FmpDeviceSetImage is responsible for retrieving the dependency from the parameter "Image" and saving it to a protected storage. 2. FmpDeviceGetImage is responsible for retrieving the dependency from the storage where FmpDeviceSetImage saves dependency and combining it with the Fmp Payload Image into one buffer which is returned to the caller. This dependency will be populated into EFI_FIRMWARE_IMAGE_DESCRIPTOR and used for dependency evaluation. 3. FmpDeviceGetAttributes must set the bit IMAGE_ATTRIBUTE_DEPENDENCY to indicate the Fmp device supports Fmp Capsule Dependency feature. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Wei6 Xu <wei6.xu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> 2020-01-10 06:34:54 +01:00			`OUT BOOLEAN *IsSatisfied`
			`);`

			`#endif`