Add all the boilerplate to make the SPI NOR image updateable using
signed capsules and the FMP protocol.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc | 20 +++++
Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.fdf | 86 ++++++++++++++++++++
Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc | 80 ++++++++++++++++++
Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf | 46 +++++++++++
Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c | 68 ++++++++++++++++
Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini | 25 ++++++
6 files changed, 325 insertions(+)
diff --git a/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc b/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc
index 5d2736a6130e..c2d84481dc4c 100644
--- a/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc
+++ b/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc
@@ -120,6 +120,10 @@ [LibraryClasses.common]
NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+
[LibraryClasses.common.SEC]
PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
@@ -154,7 +158,15 @@ [LibraryClasses.common.DXE_CORE]
[LibraryClasses.common.DXE_DRIVER]
SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf
+
+ #
+ # Firmware update
+ #
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+ EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+ PlatformFlashAccessLib|Silicon/Socionext/SynQuacer/Library/SynQuacerPlatformFlashAccessLib/SynQuacerPlatformFlashAccessLib.inf
+ IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
#
# PCI
@@ -586,3 +598,11 @@ [Components.common]
<LibraryClasses>
DtPlatformDtbLoaderLib|EmbeddedPkg/Library/DxeDtPlatformDtbLoaderLibDefault/DxeDtPlatformDtbLoaderLibDefault.inf
}
+
+ #
+ # Firmware update
+ #
+ Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
+ MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+ SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
+ SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
diff --git a/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.fdf b/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.fdf
index 53f5fef96466..a57581f9ac5a 100644
--- a/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.fdf
+++ b/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.fdf
@@ -218,6 +218,16 @@ [FV.FvMain]
INF EmbeddedPkg/Drivers/DtPlatformDxe/DtPlatformDxe.inf
INF RuleOverride = DTB Silicon/Socionext/SynQuacer/DeviceTree/SynQuacerEvalBoard.inf
+ #
+ # Firmware update
+ #
+ INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+ INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
+ FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
+ SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
+ SECTION UI = "Pkcs7TestRoot"
+ }
+
[FV.FVMAIN_PEI]
FvAlignment = 16
ERASE_POLARITY = 1
@@ -245,6 +255,7 @@ [FV.FVMAIN_PEI]
INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
+ INF RuleOverride = FMP_IMAGE_DESC Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
[FV.FVMAIN_COMPACT]
@@ -273,6 +284,72 @@ [FV.FVMAIN_COMPACT]
}
}
+[FV.CapsuleDispatchFv]
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
+
+[FV.SystemFirmwareUpdateCargo]
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ FILE RAW = e99b89f7-c120-4b25-4db1-8394edb0b4f5 { # PcdEdkiiSystemFirmwareFileGuid
+ FD = BL33_AP_UEFI
+ }
+
+ FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
+ FV = CapsuleDispatchFv
+ }
+
+ FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
+ Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
+ }
+
+[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
+IMAGE_HEADER_INIT_VERSION = 0x02
+IMAGE_TYPE_ID = 50b94ce5-8b63-4849-8af4-ea479356f0e3 # PcdSystemFmpCapsuleImageTypeIdGuid
+IMAGE_INDEX = 0x1
+HARDWARE_INSTANCE = 0x0
+MONOTONIC_COUNT = 0x1
+CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
+
+FV = SystemFirmwareUpdateCargo
+
+[Capsule.SynQuacerFirmwareUpdateCapsuleFmpPkcs7]
+CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
+CAPSULE_HEADER_SIZE = 0x20
+CAPSULE_HEADER_INIT_VERSION = 0x1
+
+FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
################################################################################
#
@@ -387,3 +464,12 @@ [Rule.Common.USER_DEFINED.DTB]
FILE FREEFORM = $(NAMED_GUID) {
RAW BIN |.dtb
}
+
+[Rule.Common.PEIM.FMP_IMAGE_DESC]
+ FILE PEIM = $(NAMED_GUID) {
+ RAW BIN |.acpi
+ PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
diff --git a/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc
new file mode 100644
index 000000000000..3413f76f95c7
--- /dev/null
+++ b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc
@@ -0,0 +1,80 @@
+/** @file
+ System Firmware descriptor.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2017, Linaro, Ltd. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiPei.h>
+#include <Guid/EdkiiSystemFmpCapsule.h>
+#include <Protocol/FirmwareManagement.h>
+
+#define PACKAGE_VERSION 0xFFFFFFFF
+#define PACKAGE_VERSION_STRING L"Unknown"
+
+#define CURRENT_FIRMWARE_VERSION 0x00000001
+#define CURRENT_FIRMWARE_VERSION_STRING L"0x00000001"
+#define LOWEST_SUPPORTED_FIRMWARE_VERSION 0x00000001
+
+#define IMAGE_ID SIGNATURE_64('S', 'N', 'I', 'S', 'Y', 'N', 'Q', 'U')
+#define IMAGE_ID_STRING L"Socionext SynQuacer EVB"
+
+// PcdSystemFmpCapsuleImageTypeIdGuid
+#define IMAGE_TYPE_ID_GUID { 0x50b94ce5, 0x8b63, 0x4849, { 0x8a, 0xf4, 0xea, 0x47, 0x93, 0x56, 0xf0, 0xe3 } }
+
+typedef struct {
+ EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR Descriptor;
+ // real string data
+ CHAR16 ImageIdNameStr[sizeof(IMAGE_ID_STRING)/sizeof(CHAR16)];
+ CHAR16 VersionNameStr[sizeof(CURRENT_FIRMWARE_VERSION_STRING)/sizeof(CHAR16)];
+ CHAR16 PackageVersionNameStr[sizeof(PACKAGE_VERSION_STRING)/sizeof(CHAR16)];
+} IMAGE_DESCRIPTOR;
+
+STATIC IMAGE_DESCRIPTOR mImageDescriptor =
+{
+ {
+ EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE,
+ sizeof(EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR),
+ sizeof(IMAGE_DESCRIPTOR),
+ PACKAGE_VERSION, // PackageVersion
+ OFFSET_OF (IMAGE_DESCRIPTOR, PackageVersionNameStr), // PackageVersionName
+ 1, // ImageIndex;
+ {0x0}, // Reserved
+ IMAGE_TYPE_ID_GUID, // ImageTypeId;
+ IMAGE_ID, // ImageId;
+ OFFSET_OF (IMAGE_DESCRIPTOR, ImageIdNameStr), // ImageIdName;
+ CURRENT_FIRMWARE_VERSION, // Version;
+ OFFSET_OF (IMAGE_DESCRIPTOR, VersionNameStr), // VersionName;
+ {0x0}, // Reserved2
+ FixedPcdGet32(PcdFdSize), // Size;
+ IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
+ IMAGE_ATTRIBUTE_RESET_REQUIRED |
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED |
+ IMAGE_ATTRIBUTE_IN_USE, // AttributesSupported;
+ IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
+ IMAGE_ATTRIBUTE_RESET_REQUIRED |
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED |
+ IMAGE_ATTRIBUTE_IN_USE, // AttributesSetting;
+ 0x0, // Compatibilities;
+ LOWEST_SUPPORTED_FIRMWARE_VERSION, // LowestSupportedImageVersion;
+ 0x00000000, // LastAttemptVersion;
+ 0, // LastAttemptStatus;
+ {0x0}, // Reserved3
+ 0, // HardwareInstance;
+ },
+ // real string data
+ {IMAGE_ID_STRING},
+ {CURRENT_FIRMWARE_VERSION_STRING},
+ {PACKAGE_VERSION_STRING},
+};
+
+VOID* CONST ReferenceAcpiTable = &mImageDescriptor;
diff --git a/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
new file mode 100644
index 000000000000..dc271dbda8f0
--- /dev/null
+++ b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
@@ -0,0 +1,46 @@
+## @file
+# System Firmware descriptor.
+#
+# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x0001001A
+ BASE_NAME = SystemFirmwareDescriptor
+ FILE_GUID = 90B2B846-CA6D-4D6E-A8D3-C140A8E110AC
+ MODULE_TYPE = PEIM
+ VERSION_STRING = 1.0
+ ENTRY_POINT = SystemFirmwareDescriptorPeimEntry
+
+[Sources]
+ SystemFirmwareDescriptor.aslc
+ SystemFirmwareDescriptorPei.c
+
+[Packages]
+ ArmPkg/ArmPkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ SignedCapsulePkg/SignedCapsulePkg.dec
+
+[LibraryClasses]
+ DebugLib
+ PcdLib
+ PeimEntryPoint
+ PeiServicesLib
+
+[FixedPcd]
+ gArmTokenSpaceGuid.PcdFdSize
+
+[Pcd]
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor
+
+[Depex]
+ TRUE
diff --git a/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c
new file mode 100644
index 000000000000..f89d9f4842fe
--- /dev/null
+++ b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c
@@ -0,0 +1,68 @@
+/** @file
+ System Firmware descriptor producer.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiPei.h>
+#include <Guid/EdkiiSystemFmpCapsule.h>
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+#include <Library/PeiServicesLib.h>
+#include <Protocol/FirmwareManagement.h>
+
+/**
+ Entrypoint for SystemFirmwareDescriptor PEIM.
+
+ @param[in] FileHandle Handle of the file being invoked.
+ @param[in] PeiServices Describes the list of possible PEI Services.
+
+ @retval EFI_SUCCESS PPI successfully installed.
+**/
+EFI_STATUS
+EFIAPI
+SystemFirmwareDescriptorPeimEntry (
+ IN EFI_PEI_FILE_HANDLE FileHandle,
+ IN CONST EFI_PEI_SERVICES **PeiServices
+ )
+{
+ EFI_STATUS Status;
+ EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR *Descriptor;
+ UINTN Size;
+ UINTN Index;
+ UINT32 AuthenticationStatus;
+
+ //
+ // Search RAW section.
+ //
+ Index = 0;
+ while (TRUE) {
+ Status = PeiServicesFfsFindSectionData3(EFI_SECTION_RAW, Index, FileHandle,
+ (VOID **)&Descriptor, &AuthenticationStatus);
+ if (EFI_ERROR(Status)) {
+ // Should not happen, must something wrong in FDF.
+ ASSERT(FALSE);
+ return EFI_NOT_FOUND;
+ }
+ if (Descriptor->Signature == EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE) {
+ break;
+ }
+ Index++;
+ }
+
+ DEBUG((DEBUG_INFO, "EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR size - 0x%x\n",
+ Descriptor->Length));
+
+ Size = Descriptor->Length;
+ PcdSetPtrS (PcdEdkiiSystemFirmwareImageDescriptor, &Size, Descriptor);
+
+ return EFI_SUCCESS;
+}
diff --git a/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
new file mode 100644
index 000000000000..f3983da961f1
--- /dev/null
+++ b/Platform/Socionext/SynQuacerEvalBoard/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
@@ -0,0 +1,25 @@
+## @file
+#
+# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Head]
+NumOfUpdate = 1
+NumOfRecovery = 0
+Update0 = SynQuacerFvMain
+
+[SynQuacerFvMain]
+FirmwareType = 0 # SystemFirmware
+AddressType = 1 # 0 - relative address, 1 - absolute address.
+BaseAddress = 0x08200000 # Base address offset on flash
+Length = 0x001C0000 # Length
+ImageOffset = 0x00000000 # Image offset of this SystemFirmware image
+FileGuid = e99b89f7-c120-4b25-4db1-8394edb0b4f5 # PcdEdkiiSystemFirmwareFileGuid
--
2.11.0
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel