From nobody Tue Apr 30 13:34:09 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1531696612327158.24251826063835; Sun, 15 Jul 2018 16:16:52 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 6FF7120986ADC; Sun, 15 Jul 2018 16:16:50 -0700 (PDT) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6D4AA2096FACB for ; Sun, 15 Jul 2018 16:16:49 -0700 (PDT) Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Jul 2018 16:16:48 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.252.140.135]) by FMSMGA003.fm.intel.com with ESMTP; 15 Jul 2018 16:16:48 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.20; helo=mga02.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,358,1526367600"; d="scan'208";a="64904055" From: "Kinney, Michael D" To: edk2-devel@lists.01.org Date: Sun, 15 Jul 2018 16:16:42 -0700 Message-Id: <20180715231642.20380-1-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 Subject: [edk2] [staging/FmpDevicePkg-master] staging/FmpDevicePkg-master: Update Readme.MD for new branch X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael D Kinney MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Update Readme.MD for the FmpDevicePkg-master branch in the edk2-staging repository. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- Readme.md | 159 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= ++++ 1 file changed, 159 insertions(+) diff --git a/Readme.md b/Readme.md index 1ef0780ee0..bb6d0e1c2a 100644 --- a/Readme.md +++ b/Readme.md @@ -27,3 +27,162 @@ are listed in [Maintainers.txt](Maintainers.txt). * [Mailing Lists](https://github.com/tianocore/tianocore.github.io/wiki/Ma= iling-Lists) * [TianoCore Bugzilla](https://bugzilla.tianocore.org) * [How To Contribute](https://github.com/tianocore/tianocore.github.io/wik= i/How-To-Contribute) + +# FmpDevicePkg-master edk2-staging branch + +The FmpDevicePkg provides a simple method to support UEFI Capsules for fir= mware +update of system firmware or devices using the Firmware Management Protoco= l. + +The content in this edk2-staging branch is based on content from the follo= wing: + + https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport/MsCapsu= leUpdatePkg + +The Firmware Management Protocol advertises that a component supports a fi= rmware +update using a UEFI capsule. The FmpDevicePkg provides library classes an= d PCDs +used to customize the behavior of a Firmware Management Protocol instance. + +## Goals +The goal of this branch in edk2-staging is to provide a version of the sou= rce +code that can be used to validate the functionality before it is added to +edk2/master. The target date for integration into edk2/master is early Au= gust +2018. + +## Developers +* Michael D Kinney +* Sean Brogan +* Jiewen Yao +* Yonghong Zhu +* Liming Gao +* Ruiyu Ni +* Star Zeng +* Eric Dong +* David Wei +* Mang Guo + +## Library Classes +* FmpDeviceLib - Provides firmware device specific services + to support updates of a firmware image stored in a firmware + device. +* CapsuleUpdatePolicyLib - Provides platform policy services + used during a capsule update. +* FmpPayloadHeaderLib - Provides services to retrieve values + from a capsule's FMP Payload Header. The structure is not + included in the library class. Instead, services are + provided to retrieve information from the FMP Payload Header. + If information is added to the FMP Payload Header, then new + services may be added to this library class to retrieve the + new information. + +## PCDs set per module +* PcdFmpDeviceSystemResetRequired - Indicates if a full + system reset is required before a firmware update to a + firmware devices takes effect +* PcdFmpDeviceTestKeySha256Digest - The SHA-256 hash of a + PKCS7 test key that is used to detect if a test key is + being used to authenticate capsules. Test key detection + is disabled by setting the value to {0}. +* PcdFmpDeviceProgressColor - The color of the progress bar + during a firmware update. +* PcdFmpDeviceImageIdName - The Null-terminated Unicode + string used to fill in the ImageIdName field of the + EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is returned + by the GetImageInfo() service of the Firmware Management + Protocol for the firmware device. +* PcdFmpDeviceBuildTimeLowestSupportedVersion - The build + time value used to fill in the LowestSupportedVersion field + of the EFI_FIRMWARE_IMAGE_DESCRIPTOR structure that is + returned by the GetImageInfo() service of the Firmware + Management Protocol. +* PcdFmpDeviceProgressWatchdogTimeInSeconds - The time in + seconds to arm a watchdog timer during the update of a + firmware device. + +## PCDs set per module or for entire platform +* PcdFmpDevicePkcs7CertBufferXdr - One or more PKCS7 + certificates used to verify a firmware device capsule + update image. +* PcdFmpDeviceLockEventGuid - An event GUID that locks + the firmware device when the event is signaled. + +## GenerateCapsule tool to create UEFI Capsules +* GenerateCapsule is a new standalone tool that is used to create a UEFI + capsule that can be processed by an FmpDxe module from the FmpDevicePkg. + +``` + usage: GenerateCapsule [-h] [-o OUTPUTFILE] (-e | -d | --dump-info) + [--capflag {PersistAcrossReset,PopulateSystemTa= ble,InitiateReset}] + [--capoemflag CAPSULEOEMFLAG] [--guid GUID] + [--hardware-instance HARDWAREINSTANCE] + [--monotonic-count MONOTONICCOUNT] + [--fw-version FWVERSION] [--lsv LOWESTSUPPORTED= VERSION] + [--pfx-file SIGNTOOLPFXFILE] + [--signer-private-cert OPENSSLSIGNERPRIVATECERT= FILE] + [--other-public-cert OPENSSLOTHERPUBLICCERTFILE] + [--trusted-public-cert OPENSSLTRUSTEDPUBLICCERT= FILE] + [--signing-tool-path SIGNINGTOOLPATH] [--versio= n] [-v] + [-q] [--debug [0-9]] + InputFile +``` + +``` + Generate a capsule. Copyright (c) 2018, Intel Corporation. All rights + reserved. + + positional arguments: + InputFile Input binary payload filename. + + optional arguments: + -h, --help show this help message and exit + -o OUTPUTFILE, --output OUTPUTFILE + Output filename. + -e, --encode Encode file + -d, --decode Decode file + --dump-info Display FMP Payload Header information + --capflag {PersistAcrossReset,PopulateSystemTable,InitiateReset} + Capsule flag can be PersistAcrossReset, or + PopulateSystemTable or InitiateReset or not set + --capoemflag CAPSULEOEMFLAG + Capsule OEM Flag is an integer between 0x0000 = and + 0xffff. + --guid GUID The FMP/ESRT GUID in registry format. Required= for + encode operations. + --hardware-instance HARDWAREINSTANCE + The 64-bit hardware instance. The default is + 0x0000000000000000 + --monotonic-count MONOTONICCOUNT + 64-bit monotonic count value in header. Defaul= t is + 0x0000000000000000. + --fw-version FWVERSION + The 32-bit version of the binary payload (e.g. + 0x11223344 or 5678). + --lsv LOWESTSUPPORTEDVERSION + The 32-bit lowest supported version of the bin= ary + payload (e.g. 0x11223344 or 5678). + --pfx-file SIGNTOOLPFXFILE + signtool PFX certificate filename. + --signer-private-cert OPENSSLSIGNERPRIVATECERTFILE + OpenSSL signer private certificate filename. + --other-public-cert OPENSSLOTHERPUBLICCERTFILE + OpenSSL other public certificate filename. + --trusted-public-cert OPENSSLTRUSTEDPUBLICCERTFILE + OpenSSL trusted public certificate filename. + --signing-tool-path SIGNINGTOOLPATH + Path to signtool or OpenSSL tool. Optional if = path to + tools are already in PATH. + --version show program's version number and exit + -v, --verbose Turn on verbose output with informational mess= ages + printed, including capsule headers and warning + messages. + -q, --quiet Disable all messages except fatal errors. + --debug [0-9] Set debug level +``` + +## Vlv2TbltDevicePkg Platform +* Support system firmware update +* Support device firmware device update for three sample devices (Red, Gre= en, Blue) + +## Validation Plans + +## Documentation Links +* [FmpDevicewPkg High Level Design Overview]() +* [FmpDevicePkg Platform Integration Guide]() --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel