From nobody Tue Apr 23 05:29:18 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 153386452466919.77658264942818; Thu, 9 Aug 2018 18:28:44 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 83FD0210E8D75; Thu, 9 Aug 2018 18:28:33 -0700 (PDT) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8CBA1210E8D68 for ; Thu, 9 Aug 2018 18:28:31 -0700 (PDT) Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Aug 2018 18:28:30 -0700 Received: from mdkinney-mobl2.amr.corp.intel.com ([10.241.98.57]) by orsmga007.jf.intel.com with ESMTP; 09 Aug 2018 18:28:30 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=michael.d.kinney@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,217,1531810800"; d="scan'208";a="63770855" From: Michael D Kinney To: edk2-devel@lists.01.org Date: Thu, 9 Aug 2018 18:28:26 -0700 Message-Id: <20180810012826.4052-5-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.14.2.windows.3 In-Reply-To: <20180810012826.4052-1-michael.d.kinney@intel.com> References: <20180810012826.4052-1-michael.d.kinney@intel.com> Subject: [edk2] [Patch 4/4] Vlv2TbltDevicePkg: Update DSC/FDF to use FmpDevicePkg X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Wei MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RDMRC_1 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Cc: David Wei Cc: Mang Guo Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney --- Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc | 61 +++++++++++++++++++++++++++ Vlv2TbltDevicePkg/FmpCertificate.dsc | 28 +++++++++++++ Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc | 61 +++++++++++++++++++++++++++ Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc | 65 ++++++++++++++++++++++++++= +++ Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc | 61 +++++++++++++++++++++++++++ Vlv2TbltDevicePkg/PlatformCapsule.dsc | 1 + Vlv2TbltDevicePkg/PlatformCapsule.fdf | 23 ----------- Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf | 23 ----------- Vlv2TbltDevicePkg/PlatformPkg.dec | 5 +++ Vlv2TbltDevicePkg/PlatformPkg.fdf | 61 ++++++++------------------- Vlv2TbltDevicePkg/PlatformPkgConfig.dsc | 19 +++++++-- Vlv2TbltDevicePkg/PlatformPkgGcc.fdf | 61 ++++++++------------------- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc | 66 ++++++++++++--------------= ---- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc | 64 ++++++++++++--------------= --- Vlv2TbltDevicePkg/PlatformPkgX64.dsc | 62 +++++++++++---------------= -- 15 files changed, 409 insertions(+), 252 deletions(-) create mode 100644 Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc create mode 100644 Vlv2TbltDevicePkg/FmpCertificate.dsc create mode 100644 Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc create mode 100644 Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc create mode 100644 Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc diff --git a/Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc b/Vlv2TbltDevicePkg/= FmpBlueSampleDevice.dsc new file mode 100644 index 0000000000..5f59845866 --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc @@ -0,0 +1,61 @@ +#/** @file +# FmpDxe driver for Blue Sample device firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for sample device capsule update + # + FILE_GUID =3D $(FMP_BLUE_SAMPLE_DEVICE) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmwar= e Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|2 + + # + # Capsule Update Progress Bar Color. Set to Blue (RGB) (0, 0, 255) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x000000FF + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/FmpCertificate.dsc b/Vlv2TbltDevicePkg/FmpCe= rtificate.dsc new file mode 100644 index 0000000000..c510c90582 --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpCertificate.dsc @@ -0,0 +1,28 @@ +#/** @file +# FMP Certificates shared by multiple FmpDxe drivers for firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + +!if $(CAPSULE_PKCS7_CERT) =3D=3D SAMPLE_DEVELOPMENT_SAMPLE_PRODUCTION + !include Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELO= PMENT_SAMPLE_PRODUCTION.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7Ce= rtBufferXdr.inc +!endif +!if $(CAPSULE_PKCS7_CERT) =3D=3D SAMPLE_DEVELOPMENT + !include Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/SAMPLE_DEVELO= PMENT.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc +!endif +!if $(CAPSULE_PKCS7_CERT) =3D=3D EDKII_TEST + !include BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTok= enSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc +!endif +!if $(CAPSULE_PKCS7_CERT) =3D=3D NEW_ROOT + !include Vlv2TbltDevicePkg/Feature/Capsule/GenerateCapsule/NewRoot.cer.g= FmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc +!endif diff --git a/Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc b/Vlv2TbltDevicePkg= /FmpGreenSampleDevice.dsc new file mode 100644 index 0000000000..085318fa5d --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc @@ -0,0 +1,61 @@ +#/** @file +# FmpDxe driver for Green Sample device firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for sample device capsule update + # + FILE_GUID =3D $(FMP_GREEN_SAMPLE_DEVICE) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmwar= e Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|2 + + # + # Capsule Update Progress Bar Color. Set to Green (RGB) (0, 255, 0) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x0000FF00 + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc b/Vlv2TbltDevicePkg/F= mpMinnowMaxSystem.dsc new file mode 100644 index 0000000000..3b5d303e9e --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc @@ -0,0 +1,65 @@ +#/** @file +# FmpDxe driver for Minnow Max system firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for system firmware capsule update + # + FILE_GUID =3D $(FMP_MINNOW_MAX_SYSTEM) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Minnow Max Sys= tem Firmware Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpLowestSupportedVer= sion|0x00000000 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersion|0x00000000 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersionString|"000= .000.000.000" + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|4 + + # + # Capsule Update Progress Bar Color. Set to Purple (RGB) (255, 0, 2= 55) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FF00FF + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLib/= FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc b/Vlv2TbltDevicePkg/F= mpRedSampleDevice.dsc new file mode 100644 index 0000000000..6e181acf57 --- /dev/null +++ b/Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc @@ -0,0 +1,61 @@ +#/** @file +# FmpDxe driver for Red Sample device firmware update. +# +# Copyright (c) 2018, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made availa= ble under +# the terms and conditions of the BSD License that accompanies this distri= bution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +# +#**/ + + FmpDevicePkg/FmpDxe/FmpDxe.inf { + + # + # ESRT and FMP GUID for sample device capsule update + # + FILE_GUID =3D $(FMP_RED_SAMPLE_DEVICE) + + # + # Unicode name string that is used to populate FMP Image Descriptor = for this capsule update module + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"Sample Firmwar= e Device" + + # + # ESRT and FMP Lowest Support Version for this capsule update module + # 000.000.000.000 + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVers= ion|0x00000000 + + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSecond= s|2 + + # + # Capsule Update Progress Bar Color. Set to Blue (RGB) (255, 0, 0) + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FF0000 + + # + # Certificates used to authenticate capsule update image + # + !include Vlv2TbltDevicePkg/FmpCertificate.dsc + + + # + # Generic libraries that are used "as is" by all FMP modules + # + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPa= yloadHeaderLibV1.inf + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf + # + # Platform specific capsule policy library + # + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNu= ll/CapsuleUpdatePolicyLibNull.inf + # + # Device specific library that processes a capsule and updates the F= W storage device + # + FmpDeviceLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/FmpDeviceLibS= ample/FmpDeviceLib.inf + } diff --git a/Vlv2TbltDevicePkg/PlatformCapsule.dsc b/Vlv2TbltDevicePkg/Plat= formCapsule.dsc index a619ed853a..80cda88384 100644 --- a/Vlv2TbltDevicePkg/PlatformCapsule.dsc +++ b/Vlv2TbltDevicePkg/PlatformCapsule.dsc @@ -23,6 +23,7 @@ [Defines] SUPPORTED_ARCHITECTURES =3D IA32|X64 BUILD_TARGETS =3D DEBUG|RELEASE SKUID_IDENTIFIER =3D DEFAULT + POSTBUILD =3D Vlv2TbltDevicePkg/Feature/Capsule/Gen= erateCapsule/GenCapsuleAll.bat =20 ##########################################################################= ######################### # diff --git a/Vlv2TbltDevicePkg/PlatformCapsule.fdf b/Vlv2TbltDevicePkg/Plat= formCapsule.fdf index a80a75cf83..a05f6c6e6e 100644 --- a/Vlv2TbltDevicePkg/PlatformCapsule.fdf +++ b/Vlv2TbltDevicePkg/PlatformCapsule.fdf @@ -35,24 +35,10 @@ [FV.SystemFirmwareUpdateCargo] $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/Vlv.ROM } =20 -FILE RAW =3D ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsu= leDriverFvFileGuid - $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSUL= EDISPATCHFV.Fv - } - FILE RAW =3D 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsu= leConfigFileGuid Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFir= mwareUpdateConfig.ini } =20 -[FmpPayload.FmpPayloadSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION =3D 0x02 -IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid -IMAGE_INDEX =3D 0x1 -HARDWARE_INSTANCE =3D 0x0 -MONOTONIC_COUNT =3D 0x2 -CERTIFICATE_GUID =3D 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 - -FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv - [FmpPayload.FmpPayloadSystemFirmwareRsa2048] IMAGE_HEADER_INIT_VERSION =3D 0x02 IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid @@ -63,14 +49,6 @@ [FmpPayload.FmpPayloadSystemFirmwareRsa2048] =20 FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv =20 -[Capsule.Vlv2FirmwareUpdateCapsuleFmpPkcs7] -CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid -CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset -CAPSULE_HEADER_SIZE =3D 0x20 -CAPSULE_HEADER_INIT_VERSION =3D 0x1 - -FMP_PAYLOAD =3D FmpPayloadSystemFirmwarePkcs7 - [Capsule.Vlv2Rec] CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset @@ -78,4 +56,3 @@ [Capsule.Vlv2Rec] CAPSULE_HEADER_INIT_VERSION =3D 0x1 =20 FMP_PAYLOAD =3D FmpPayloadSystemFirmwareRsa2048 - diff --git a/Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf b/Vlv2TbltDevicePkg/P= latformCapsuleGcc.fdf index f4f396cf4e..b7ea8bf839 100644 --- a/Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf +++ b/Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf @@ -35,24 +35,10 @@ [FV.SystemFirmwareUpdateCargo] $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/Vlv.ROM } =20 -FILE RAW =3D ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsu= leDriverFvFileGuid - $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSUL= EDISPATCHFV.Fv - } - FILE RAW =3D 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsu= leConfigFileGuid Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFir= mwareUpdateConfigGcc.ini } =20 -[FmpPayload.FmpPayloadSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION =3D 0x02 -IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid -IMAGE_INDEX =3D 0x1 -HARDWARE_INSTANCE =3D 0x0 -MONOTONIC_COUNT =3D 0x2 -CERTIFICATE_GUID =3D 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 - -FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv - [FmpPayload.FmpPayloadSystemFirmwareRsa2048] IMAGE_HEADER_INIT_VERSION =3D 0x02 IMAGE_TYPE_ID =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 # PcdSy= stemFmpCapsuleImageTypeIdGuid @@ -63,14 +49,6 @@ [FmpPayload.FmpPayloadSystemFirmwareRsa2048] =20 FILE DATA =3D $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)= /FV/SYSTEMFIRMWAREUPDATECARGO.Fv =20 -[Capsule.Vlv2FirmwareUpdateCapsuleFmpPkcs7] -CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid -CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset -CAPSULE_HEADER_SIZE =3D 0x20 -CAPSULE_HEADER_INIT_VERSION =3D 0x1 - -FMP_PAYLOAD =3D FmpPayloadSystemFirmwarePkcs7 - [Capsule.Vlv2Rec] CAPSULE_GUID =3D 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEf= iFmpCapsuleGuid CAPSULE_FLAGS =3D PersistAcrossReset,InitiateReset @@ -78,4 +56,3 @@ [Capsule.Vlv2Rec] CAPSULE_HEADER_INIT_VERSION =3D 0x1 =20 FMP_PAYLOAD =3D FmpPayloadSystemFirmwareRsa2048 - diff --git a/Vlv2TbltDevicePkg/PlatformPkg.dec b/Vlv2TbltDevicePkg/Platform= Pkg.dec index 731fd05ed5..8fccd7f1b1 100644 --- a/Vlv2TbltDevicePkg/PlatformPkg.dec +++ b/Vlv2TbltDevicePkg/PlatformPkg.dec @@ -165,6 +165,11 @@ [PcdsFixedAtBuild] gPlatformModuleTokenSpaceGuid.PcdBiosRomBase|0xFFC00000|UINT32|0x4000000B gPlatformModuleTokenSpaceGuid.PcdBiosRomSize|0x00400000|UINT32|0x4000000C =20 + # PCDs for System Firmware FMP instance + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpLowestSupportedVersion= |0x00000000|UINT32|0x40000100 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersion|0x00000000|UIN= T32|0x40000101 + gPlatformModuleTokenSpaceGuid.PcdSystemFirmwareFmpVersionString|""|VOID*= |0x40000102 + [PcdsFeatureFlag] ## This PCD specifies whether StatusCode is reported via ISA Serial port. gEfiSerialPortTokenSpaceGuid.PcdStatusCodeUseIsaSerial|TRUE|BOOLEAN|0x00= 000020 diff --git a/Vlv2TbltDevicePkg/PlatformPkg.fdf b/Vlv2TbltDevicePkg/Platform= Pkg.fdf index 85309650db..b7a0e584de 100644 --- a/Vlv2TbltDevicePkg/PlatformPkg.fdf +++ b/Vlv2TbltDevicePkg/PlatformPkg.fdf @@ -242,7 +242,7 @@ [FV.MICROCODE_FV] READ_LOCK_STATUS =3D TRUE =20 FILE RAW =3D 197DB236-F856-4924-90F8-CDF12FB875F3 { - $(OUTPUT_DIRECTORY)\$(TARGET)_$(TOOL_CHAIN_TAG)\$(DXE_ARCHITECTURE)\Micr= ocodeUpdates.bin + $(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/$(DXE_ARCHITECTURE)/Micr= ocodeUpdates.bin } =20 !if $(RECOVERY_ENABLE) @@ -413,11 +413,6 @@ [FV.FVRECOVERY] =20 INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor -INF RuleOverride =3D FMP_IMAGE_DESC Vlv2TbltDevicePkg/Feature/Capsule/Syst= emFirmwareDescriptor/SystemFirmwareDescriptor.inf -!endif - [FV.FVMAIN] BlockSize =3D $(FLASH_BLOCK_SIZE) FvAlignment =3D 16 @@ -775,14 +770,25 @@ [FV.FVMAIN] !endif !endif =20 -!if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) +!if $(CAPSULE_ENABLE) INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + +# +# Minnow Max System Firmware FMP +# +INF FILE_GUID =3D $(FMP_MINNOW_MAX_SYSTEM) FmpDevicePkg/FmpDxe/FmpDxe.inf + +# +# Sample Device FMP +# +INF FILE_GUID =3D $(FMP_GREEN_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_BLUE_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_RED_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf + !endif -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportD= xe.inf -!endif + !if $(MICOCODE_CAPSULE_ENABLE) -INF UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf +INF IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe= .inf !endif =20 !if $(RECOVERY_ENABLE) @@ -792,13 +798,6 @@ [FV.FVMAIN] } !endif =20 -!if $(CAPSULE_ENABLE) -FILE FREEFORM =3D PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7Test= PublicKeyFileGuid) { - SECTION RAW =3D BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer - SECTION UI =3D "Pkcs7TestRoot" - } -!endif - [FV.FVMAIN_COMPACT] BlockSize =3D $(FLASH_BLOCK_SIZE) FvAlignment =3D 16 @@ -861,32 +860,6 @@ [FV.SETUP_DATA] READ_LOCK_CAP =3D TRUE READ_LOCK_STATUS =3D TRUE =20 - -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) -[FV.CapsuleDispatchFv] -FvAlignment =3D 16 -ERASE_POLARITY =3D 1 -MEMORY_MAPPED =3D TRUE -STICKY_WRITE =3D TRUE -LOCK_CAP =3D TRUE -LOCK_STATUS =3D TRUE -WRITE_DISABLED_CAP =3D TRUE -WRITE_ENABLED_CAP =3D TRUE -WRITE_STATUS =3D TRUE -WRITE_LOCK_CAP =3D TRUE -WRITE_LOCK_STATUS =3D TRUE -READ_DISABLED_CAP =3D TRUE -READ_ENABLED_CAP =3D TRUE -READ_STATUS =3D TRUE -READ_LOCK_CAP =3D TRUE -READ_LOCK_STATUS =3D TRUE - -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateD= xe.inf -!endif - -!endif - ##########################################################################= ###### # # Rules are use with the [FV] section's module INF type to define diff --git a/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc b/Vlv2TbltDevicePkg/Pl= atformPkgConfig.dsc index c93ca8a457..672853dda6 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc @@ -66,7 +66,7 @@ DEFINE CAPSULE_ENABLE =3D TRUE DEFINE CAPSULE_RESET_ENABLE =3D TRUE DEFINE RECOVERY_ENABLE =3D FALSE -DEFINE MICOCODE_CAPSULE_ENABLE =3D FALSE +DEFINE MICOCODE_CAPSULE_ENABLE =3D TRUE =20 DEFINE GOP_DRIVER_ENABLE =3D TRUE DEFINE DATAHUB_ENABLE =3D TRUE @@ -94,6 +94,19 @@ # DEFINE SOURCE_DEBUG_ENABLE =3D FALSE =20 +# +# Capsule Pubic Certificate. Default is EDK_TEST. Options are: +# SAMPLE_DEVELOPMENT - Only signtool SAMPLE_DEVELOPME= NT +# SAMPLE_DEVELOPMENT_SAMPLE_PRODUCTION - Both signtool SAMPLE_DEVELOPME= NT and SAMPLE_PRODUCTION +# EDKII_TEST - Only openssl EDK II test certi= ficate +# NEW_ROOT - Only openssl new VLV2 certific= ate +# +DEFINE CAPSULE_PKCS7_CERT =3D EDKII_TEST =20 - - +# +# Define ESRT GUIDs for Firmware Management Protocol instances +# +DEFINE FMP_MINNOW_MAX_SYSTEM =3D 4096267b-da0a-42eb-b5eb-fef31d207cb4 +DEFINE FMP_RED_SAMPLE_DEVICE =3D 72E2945A-00DA-448E-9AA7-075AD840F9D4 +DEFINE FMP_BLUE_SAMPLE_DEVICE =3D 149DA854-7D19-4FAA-A91E-862EA1324BE6 +DEFINE FMP_GREEN_SAMPLE_DEVICE =3D 79179BFD-704D-4C90-9E02-0AB8D968C18A diff --git a/Vlv2TbltDevicePkg/PlatformPkgGcc.fdf b/Vlv2TbltDevicePkg/Platf= ormPkgGcc.fdf index 51a620ea15..eca273e33f 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgGcc.fdf +++ b/Vlv2TbltDevicePkg/PlatformPkgGcc.fdf @@ -123,7 +123,6 @@ [FD.Vlv] $(FLASH_REGION_VLVMICROCODE_OFFSET)|$(FLASH_REGION_VLVMICROCODE_SIZE) gPlatformModuleTokenSpaceGuid.PcdFlashMicroCodeAddress|gPlatformModuleToke= nSpaceGuid.PcdFlashMicroCodeSize FV =3D MICROCODE_FV - $(FLASH_REGION_VPD_OFFSET)|$(FLASH_REGION_VPD_SIZE) gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|gEfiMdeModule= PkgTokenSpaceGuid.PcdFlashNvStorageVariableSize FILE =3D $(WORKSPACE)/Vlv2TbltDevicePkg/Stitch/Gcc/NvStorageVariable.bin @@ -370,11 +369,6 @@ [FV.FVRECOVERY] =20 INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor -INF RuleOverride =3D FMP_IMAGE_DESC Vlv2TbltDevicePkg/Feature/Capsule/Syst= emFirmwareDescriptor/SystemFirmwareDescriptor.inf -!endif - [FV.FVMAIN] BlockSize =3D $(FLASH_BLOCK_SIZE) FvAlignment =3D 16 @@ -732,14 +726,25 @@ [FV.FVMAIN] !endif !endif =20 -!if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) +!if $(CAPSULE_ENABLE) INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + +# +# Minnow Max System Firmware FMP +# +INF FILE_GUID =3D $(FMP_MINNOW_MAX_SYSTEM) FmpDevicePkg/FmpDxe/FmpDxe.inf + +# +# Sample Device FMP +# +INF FILE_GUID =3D $(FMP_GREEN_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_BLUE_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf +INF FILE_GUID =3D $(FMP_RED_SAMPLE_DEVICE) FmpDevicePkg/FmpDxe/FmpDxe.i= nf + !endif -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportD= xe.inf -!endif + !if $(MICOCODE_CAPSULE_ENABLE) -INF UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf +INF IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe= .inf !endif =20 !if $(RECOVERY_ENABLE) @@ -748,13 +753,6 @@ [FV.FVMAIN] SECTION UI =3D "Rsa2048Sha256TestSigningPublicKey" } !endif - =20 -!if $(CAPSULE_ENABLE) -FILE FREEFORM =3D PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7Test= PublicKeyFileGuid) { - SECTION RAW =3D BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer - SECTION UI =3D "Pkcs7TestRoot" - } -!endif =20 [FV.FVMAIN_COMPACT] BlockSize =3D $(FLASH_BLOCK_SIZE) @@ -818,32 +816,6 @@ [FV.SETUP_DATA] READ_LOCK_CAP =3D TRUE READ_LOCK_STATUS =3D TRUE =20 - -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) -[FV.CapsuleDispatchFv] -FvAlignment =3D 16 -ERASE_POLARITY =3D 1 -MEMORY_MAPPED =3D TRUE -STICKY_WRITE =3D TRUE -LOCK_CAP =3D TRUE -LOCK_STATUS =3D TRUE -WRITE_DISABLED_CAP =3D TRUE -WRITE_ENABLED_CAP =3D TRUE -WRITE_STATUS =3D TRUE -WRITE_LOCK_CAP =3D TRUE -WRITE_LOCK_STATUS =3D TRUE -READ_DISABLED_CAP =3D TRUE -READ_ENABLED_CAP =3D TRUE -READ_STATUS =3D TRUE -READ_LOCK_CAP =3D TRUE -READ_LOCK_STATUS =3D TRUE - -!if $(CAPSULE_ENABLE) -INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateD= xe.inf -!endif - -!endif - ##########################################################################= ###### # # Rules are use with the [FV] section's module INF type to define @@ -1086,4 +1058,3 @@ [Rule.Common.PEIM.FMP_IMAGE_DESC] UI STRING=3D"$(MODULE_NAME)" Optional VERSION STRING=3D"$(INF_VERSION)" Optional BUILD_NUM=3D$(BUILD_NUMBE= R) } - diff --git a/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc b/Vlv2TbltDevicePkg/Pl= atformPkgGccX64.dsc index 8b8a55ae6f..3e3522aee9 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc @@ -190,7 +190,6 @@ [LibraryClasses.common] !else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf !endif - EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/Edk= iiSystemCapsuleLib.inf FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAu= thenticationLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/Platfor= mFlashAccessLib/PlatformFlashAccessLib.inf @@ -336,7 +335,7 @@ [LibraryClasses.IA32.PEIM, LibraryClasses.IA32.PEI_CORE= , LibraryClasses.IA32.SEC DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull= .inf !else - DebugLib|IntelFrameworkModulePkg/Library/PeiDxeDebugLibReportStatusCode/= PeiDxeDebugLibReportStatusCode.inf + DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebug= LibReportStatusCode.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf !endif =20 @@ -706,7 +705,23 @@ [PcdsFixedAtBuild.common] # gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000 =20 -[PcdsFixedAtBuild.IA32.PEIM, PcdsFixedAtBuild.IA32.PEI_CORE, PcdsFixedAtBu= ild.IA32.SEC] + # + # Clear unused single certificate PCD + # + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0} + + # + # Lock all updatable firmware devices at End of DXE + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEndOfDxe= EventGroupGuid)} +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEventRe= adyToBootGuid)} + + # + # Set PcdFmpDeviceTestKeySha256Digest to {0} to disable test key detecti= on + # +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0} + +[PcdsFixedAtBuild.IA32] !if $(TARGET) =3D=3D RELEASE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x3 @@ -910,10 +925,10 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiVLVTokenSpaceGuid.PcdCpuSmramCpuDataAddress|0 gEfiVLVTokenSpaceGuid.PcdCpuLockBoxSize|0 =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor= |{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x7b,= 0x26, 0x96, 0x40, 0x0a, 0xda, 0xeb, 0x42, 0xb5, 0xeb, 0xfe, 0xf3, 0x1d, 0x= 20, 0x7c, 0xb4} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xb2,= 0x9e, 0x9c, 0xaf, 0xad, 0x12, 0x3e, 0x4d, 0xa4, 0xd4, 0x96, 0xf6, 0xc9, 0x= 96, 0x62, 0x15} +[PcdsDynamicExDefault.X64.DEFAULT] +!if $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID(= "AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215")}|VOID*|0x10 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID(= "4096267b-da0a-42eb-b5eb-fef31d207cb4")}|VOID*|0x10 !endif =20 [Components.IA32] @@ -937,14 +952,6 @@ [Components.IA32] } !endif =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor - Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwar= eDescriptor.inf { - - PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - } -!endif - MdeModulePkg/Core/Pei/PeiMain.inf { !if $(TARGET) =3D=3D DEBUG @@ -1199,11 +1206,6 @@ [Components.X64] DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf -!if $(CAPSULE_ENABLE) - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf -!else - FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/F= mpAuthenticationLibNull.inf -!endif !if $(FTPM_ENABLE) =3D=3D TRUE Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2Devi= ceLibSeC.inf !else @@ -1572,32 +1574,20 @@ [Components.X64] !endif !endif =20 - Vlv2TbltDevicePkg/Application/FirmwareUpdate/FirmwareUpdate.inf - !if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf !endif =20 !if $(CAPSULE_ENABLE) - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } + !include Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc + !include Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc !endif =20 !if $(MICOCODE_CAPSULE_ENABLE) - UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf { + IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.in= f { DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -1787,8 +1777,6 @@ [BuildOptions.Common.EDKII] =20 =20 [Components.X64] - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTUR= E)/SysFwUpdateCapsuleDxe.inf - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTU= RE)/I2cBus.inf { gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0xF0000043 diff --git a/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc b/Vlv2TbltDevicePkg/Plat= formPkgIA32.dsc index cbdfb1b83a..55c873d565 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc @@ -190,7 +190,6 @@ [LibraryClasses.common] !else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf !endif - EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/Edk= iiSystemCapsuleLib.inf FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAu= thenticationLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/Platfor= mFlashAccessLib/PlatformFlashAccessLib.inf @@ -706,7 +705,23 @@ [PcdsFixedAtBuild.common] # gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000 =20 -[PcdsFixedAtBuild.IA32.PEIM, PcdsFixedAtBuild.IA32.PEI_CORE, PcdsFixedAtBu= ild.IA32.SEC] + # + # Clear unused single certificate PCD + # + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0} + + # + # Lock all updatable firmware devices at End of DXE + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEndOfDxe= EventGroupGuid)} +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEventRe= adyToBootGuid)} + + # + # Set PcdFmpDeviceTestKeySha256Digest to {0} to disable test key detecti= on + # +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0} + +[PcdsFixedAtBuild.IA32] !if $(TARGET) =3D=3D RELEASE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x3 @@ -910,10 +925,10 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiVLVTokenSpaceGuid.PcdCpuSmramCpuDataAddress|0 gEfiVLVTokenSpaceGuid.PcdCpuLockBoxSize|0 =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor= |{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x7b,= 0x26, 0x96, 0x40, 0x0a, 0xda, 0xeb, 0x42, 0xb5, 0xeb, 0xfe, 0xf3, 0x1d, 0x= 20, 0x7c, 0xb4} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xb2,= 0x9e, 0x9c, 0xaf, 0xad, 0x12, 0x3e, 0x4d, 0xa4, 0xd4, 0x96, 0xf6, 0xc9, 0x= 96, 0x62, 0x15} +[PcdsDynamicExDefault.X64.DEFAULT] +!if $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID(= "AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215")}|VOID*|0x10 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID(= "4096267b-da0a-42eb-b5eb-fef31d207cb4")}|VOID*|0x10 !endif =20 [Components.IA32] @@ -937,14 +952,6 @@ [Components.IA32] } !endif =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor - Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwar= eDescriptor.inf { - - PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - } -!endif - MdeModulePkg/Core/Pei/PeiMain.inf { !if $(TARGET) =3D=3D DEBUG @@ -1187,11 +1194,6 @@ [Components.IA32] DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf -!if $(CAPSULE_ENABLE) - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf -!else - FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/F= mpAuthenticationLibNull.inf -!endif !if $(FTPM_ENABLE) =3D=3D TRUE Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2Devi= ceLibSeC.inf !else @@ -1560,32 +1562,20 @@ [Components.IA32] !endif !endif =20 - Vlv2TbltDevicePkg/Application/FirmwareUpdate/FirmwareUpdate.inf - !if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf !endif =20 !if $(CAPSULE_ENABLE) - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } + !include Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc + !include Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc !endif =20 !if $(MICOCODE_CAPSULE_ENABLE) - UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf { + IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.in= f { DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -1776,8 +1766,6 @@ [BuildOptions.Common.EDKII] =20 =20 [Components.IA32] - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTUR= E)/SysFwUpdateCapsuleDxe.inf - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTU= RE)/I2cBus.inf { gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0xF0000043 diff --git a/Vlv2TbltDevicePkg/PlatformPkgX64.dsc b/Vlv2TbltDevicePkg/Platf= ormPkgX64.dsc index 6396f7aad4..fa6aa63491 100644 --- a/Vlv2TbltDevicePkg/PlatformPkgX64.dsc +++ b/Vlv2TbltDevicePkg/PlatformPkgX64.dsc @@ -190,7 +190,6 @@ [LibraryClasses.common] !else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf !endif - EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/Edk= iiSystemCapsuleLib.inf FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAu= thenticationLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Vlv2TbltDevicePkg/Feature/Capsule/Library/Platfor= mFlashAccessLib/PlatformFlashAccessLib.inf @@ -706,6 +705,22 @@ [PcdsFixedAtBuild.common] # gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackSize|0x4000 =20 + # + # Clear unused single certificate PCD + # + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0} + + # + # Lock all updatable firmware devices at End of DXE + # + gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEndOfDxe= EventGroupGuid)} +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceLockEventGuid|{GUID(gEfiEventRe= adyToBootGuid)} + + # + # Set PcdFmpDeviceTestKeySha256Digest to {0} to disable test key detecti= on + # +# gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest|{0} + [PcdsFixedAtBuild.IA32] !if $(TARGET) =3D=3D RELEASE gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0 @@ -910,10 +925,10 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiVLVTokenSpaceGuid.PcdCpuSmramCpuDataAddress|0 gEfiVLVTokenSpaceGuid.PcdCpuLockBoxSize|0 =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor= |{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x7b,= 0x26, 0x96, 0x40, 0x0a, 0xda, 0xeb, 0x42, 0xb5, 0xeb, 0xfe, 0xf3, 0x1d, 0x= 20, 0x7c, 0xb4} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xb2,= 0x9e, 0x9c, 0xaf, 0xad, 0x12, 0x3e, 0x4d, 0xa4, 0xd4, 0x96, 0xf6, 0xc9, 0x= 96, 0x62, 0x15} +[PcdsDynamicExDefault.X64.DEFAULT] +!if $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID(= "AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215")}|VOID*|0x10 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID(= "4096267b-da0a-42eb-b5eb-fef31d207cb4")}|VOID*|0x10 !endif =20 [Components.IA32] @@ -937,14 +952,6 @@ [Components.IA32] } !endif =20 -!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) - # FMP image decriptor - Vlv2TbltDevicePkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwar= eDescriptor.inf { - - PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - } -!endif - MdeModulePkg/Core/Pei/PeiMain.inf { !if $(TARGET) =3D=3D DEBUG @@ -1199,11 +1206,6 @@ [Components.X64] DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf -!if $(CAPSULE_ENABLE) - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf -!else - FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/F= mpAuthenticationLibNull.inf -!endif !if $(FTPM_ENABLE) =3D=3D TRUE Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2Devi= ceLibSeC.inf !else @@ -1572,32 +1574,20 @@ [Components.X64] !endif !endif =20 - Vlv2TbltDevicePkg/Application/FirmwareUpdate/FirmwareUpdate.inf - !if $(CAPSULE_ENABLE) || $(MICOCODE_CAPSULE_ENABLE) MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf !endif =20 !if $(CAPSULE_ENABLE) - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.= inf { - - DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLi= b.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/F= mpAuthenticationLibPkcs7.inf - } + !include Vlv2TbltDevicePkg/FmpMinnowMaxSystem.dsc + !include Vlv2TbltDevicePkg/FmpGreenSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpBlueSampleDevice.dsc + !include Vlv2TbltDevicePkg/FmpRedSampleDevice.dsc !endif =20 !if $(MICOCODE_CAPSULE_ENABLE) - UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf { + IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.in= f { DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPor= t.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -1788,8 +1778,6 @@ [BuildOptions.Common.EDKII] =20 =20 [Components.X64] - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTUR= E)/SysFwUpdateCapsuleDxe.inf - $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTU= RE)/I2cBus.inf { gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0xF0000043 --=20 2.14.2.windows.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel