REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1089
FmpDevicePkg use OpensslLib and when OpenSSL upgrade to 1.1.1b,
TimerLib is required by OpensslLib in CryptoPkg(commit 456dd8b99f,
CryptoPkg: Upgrade OpenSSL to 1.1.1b)
So add TimerLib to DSC file.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Current code locks variables in PcdFmpDeviceLockEventGuid callback by
VariableLock protocol whose interface will be closed at EndOfDxe.
So the PcdFmpDeviceLockEventGuid callback needs be executed before
the EndOfDxe callback in Variable driver.
When PcdFmpDeviceLockEventGuid = gEfiEndOfDxeEventGroupGuid, the
callback's execution sequence depends on the callback's TPL and
registration sequence.
When PcdFmpDeviceLockEventGuid = gEfiEventReadyToBootGuid, the
PcdFmpDeviceLockEventGuid callback will be executed after the
EndOfDxe callback in Variable driver, the locking will fail.
The patch moves the variables locking logic to entrypoint.
The patch also moves the IsLockFmpDeviceAtLockEventGuidRequired ()
checking to entrypoint.
The entrypoint's final return status should be better to depend on
the return status of RegisterFmpInstaller/InstallFmpInstance, but not
gBS->CreateEventEx.
So the patch also moves the RegisterFmpInstaller/InstallFmpInstance
calling to the end of entrypoint.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
No need repopulate if SetImage is not called.
But need repopulate after SetImage is called to update
LastAttemptVersion and LastAttemptStatus
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
NOTE: This patch is based on thread
https://lists.01.org/pipermail/edk2-devel/2018-July/027810.html.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
FmpDxe.c:517:18: error: equality comparison with extraneous
parentheses [-Werror,-Wparentheses-equality]
NOTE: This patch is based on thread
https://lists.01.org/pipermail/edk2-devel/2018-July/027810.html.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Some static tool reports "the condition in 'if' statement is constant".
This patch updates the code to use local variable to store test key
digest size. It can pass the static tool's check.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Some static tool reports "DeviceLibLowestSupportedVersion" is used,
but is uninitialized. It is false positive reporting based because
DeviceLibLowestSupportedVersion will have assigned value after
FmpDeviceGetLowestSupportedVersion() returns SUCCESS.
This patch updates the code to initialize
DeviceLibLowestSupportedVersion
to DEFAULT_LOWESTSUPPORTEDVERSION before calling
FmpDeviceGetLowestSupportedVersion().
It can pass the static tool's check.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Instead of EFI_ACCESS_DENIED which is not defined in retval by
UEFI spec, return UNSUPPORTED if device has been locked in
SetTheImage().
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Add comment in mFmpDeviceLocked's declaration to make it more clear.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1040
Use Attributes to know whether reset is required and remove
PcdFmpDeviceSystemResetRequired.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
It does not make sense to check the Image/ImageSize if ImageIndex
has been invalid.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
FmpDxe does not consume DisplayUpdateProgressLib, so remove the
mapping in FmpDevicePkg.dsc.
Also rename the ESRT GUIDs.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Fix typo "EFI_SECURITY_VIOLATIO" to "EFI_SECURITY_VIOLATION".
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Add DISABLE_NEW_DEPRECATED_INTERFACES build options to make sure
no deprecated interface used in this package.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Current code return 1 when LSV check is not required,
but 1 LSV will make 0 Version capsule image update failed.
0 LSV is valid, this patch updates the code to return 0 when
LSV check is not required
We can see even the DEFAULT_LOWESTSUPPORTEDVERSION is 0.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
FmpDxeEntryPoint is used by both FmpDxe and FmpDxeLib.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=922
Based on content from the following branch:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleUpdatePkg
Adds a DSC file that is used to verify that all of the
FmpDevicePkg libraries and modules build without error.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=922
Based on content from the following branch:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleUpdatePkg
The FmpDxe directory contains 2 INF files. FmpDxe.inf
is a DXE driver that is used in a platform to add a
Firmware Management Protocol for firmware device that
supports firmware updates.
FmpDxeLib.inf is a NULL library instance with the exact
same functionality as FmpDxe.inf, but allows the the
Firmware Management Protocol feature to be added to
an existing device driver.
The FmpDxe component is intended to be used "as is"
with no need for any device specific or platform specific
changes.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=922
Based on content from the following branch:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleUpdatePkg
Add library instances for FmpDeviceLib, CapsuleUpdatePolicyLib,
and FmpPayloadHeaderLib.
Library Classes
===============
* FmpDeviceLibNull - Non-functional template of the FmpDeviceLib
that can be used as a starting point for an FmpDeviceLib for
a specific firmware storage device.
* CapsuleUpdatePolicyLibNull - Functional template of the
CapsuleUpdatePolicyLib that can be used as a starting point
of a platform specific implementation.
* FmpPayloadHeaderLibV1 - Version 1 of the FmpPayloadHeaderLib.
This library is indented to be used "as is" with no need for
any device specific or platform specific changes.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=922
Based on content from the following branch:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsuleUpdatePkg
Create FmpDevicePkg with library classes and PCDs used to
customize the behavior of a Firmware Management Protocol
instance.
Library Classes
===============
* FmpDeviceLib - Provides firmware device specific services
to support updates of a firmware image stored in a firmware
device.
* CapsuleUpdatePolicyLib - Provides platform policy services
used during a capsule update.
* FmpPayloadHeaderLib - Provides services to retrieve values
from a capsule's FMP Payload Header. The structure is not
included in the library class. Instead, services are
provided to retrieve information from the FMP Payload Header.
If information is added to the FMP Payload Header, then new
services may be added to this library class to retrieve the
new information.
PCDs set per module
====================
* PcdFmpDeviceSystemResetRequired - Indicates if a full
system reset is required before a firmware update to a
firmware devices takes effect
* PcdFmpDeviceTestKeySha256Digest - The SHA-256 hash of a
PKCS7 test key that is used to detect if a test key is
being used to authenticate capsules. Test key detection
is disabled by setting the value to {0}.
* PcdFmpDeviceProgressColor - The color of the progress bar
during a firmware update.
* PcdFmpDeviceImageIdName - The Null-terminated Unicode
string used to fill in the ImageIdName field of the
EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned
by the GetImageInfo() service of the Firmware Management
Protocol for the firmware device.
* PcdFmpDeviceBuildTimeLowestSupportedVersion - The build
time value used to fill in the LowestSupportedVersion field
of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is
returned by the GetImageInfo() service of the Firmware
Management Protocol.
* PcdFmpDeviceProgressWatchdogTimeInSeconds - The time in
seconds to arm a watchdog timer during the update of a
firmware device.
PCDs set per module or for entire platform
==========================================
* PcdFmpDevicePkcs7CertBufferXdr - One or more PKCS7
certificates used to verify a firmware device capsule
update image.
* PcdFmpDeviceLockEventGuid - An event GUID that locks
the firmware device when the event is signaled.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Antoine Cœur
Xiaoyu Lu
Michael D Kinney
Liming Gao
Star Zeng