Capsule Command support added for anti rollback
security version number. User can create command
in text file and create capsule with CMDI mode.
{ARBSVNCOMMIT}
Platform APIs would be invoked to do SVN
commit operations by useing HECI interfaces.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
This patch adds generic functionality to
process Flash descriptor lock. It follows
Capsule Firmware update flow and interface
is updated. Command (CMDI) interface is added
to GenCapsuleFirmware which takes file with
command as input.
Sample Command format in text file input,
{FLASHDESCLOCK}
{Command2}
{Command3}
Firmware update lib handler parses high level commands
Specific command process and functionlity would be
performed by platform specific libraries.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
Current code does not clear firmware update trigger incase
of failures like, capsule image not found or capsule image
authentication failed.
Code is modified to fix this issue. As part of this change,
EndFirmwareUpdate function is moved from platform code to
core firmwareupdate.c. EndFirmwareUpdate function will call
ClearFwUpdateTrigger and this will end firmware update.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
Currently each component inside capsule is identified with GUID
but going forward support is being added to update multiple components
inside sbl and container, so larger number of GUID's are required, also
GUID need to be passed for unknown components through command line.
Instead 4 character unique signature from flash map that is passed
through command line to indentify the component is added to the
component header. This signature is used during runtime to indentify
the component from flash map and container.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
FirmwareUpdate.c is already a big file and for convenience
moved update routines to internal file. Also created a internal
header file.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch does the following
1) Enable triggering firmware update from OS
2) When firmware update mode is given control, state machine
is set to capsule processing and firmware update platform
specific trigger is cleared. State machine will be used
hereafter to track firmware update
3) Created CheckStateMachine method in BoardSupportLib.c to
check state machine to see if firmware update is in progress
and set boot mode to firmware update.
4) Removed CMOS way of triggering firmware update and wrote code
to use Over-Clocking WDT Scratchpad (OC_WDT_SCRATCH) bits for
triggering firmware update
5) Update shell fwupdate command to use OC_WDT_SCRATCH bits.
6) Removed extra reset during sbl firmware update
7) Removed reset after updating configuration data update
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This will fully support PatchCheck.py.
- Remove all trailing whitespace
- Convert LF to CRLF by default
- Update EFI_D_* to DEBUG_*
- Re-enable CRLF check in PatchCheck.py
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch added csme wrapper driver for csme update library.
following functionality is added in this patch
1. Boardconfig PCD option ENABLE_CSME_UPDATE is added to
enable/disable csme update support
2. Boardconfig PCD option BUILD_CSME_UPDATE_DRIVER is added
to enable/disable building csme update driver
3. If BUILD_CSME_UPDATE_DRIVER is 1, user need to create
library that inludes csme update library
this newly created library will get linked to csme update
wrapper driver providing csme update driver
4. By default ENABLE_CSME_UPDATE is set to 0
5. Revision control for input and output data structure to
update driver is not implemented and will be avaiable
in further patches.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch will add support for updating multiple firmwares
using a single capsule image.
Following modifications are made for existing firmware update flow
1) Gather and validate capsule image
2) State Machine will be set to capsule processing state.
3) Signature of the capsule image is now stored in reserved region
During each reboot until the end of firmware update, stored signature
will be compared against the capsule image signature to make sure
capsule image is not modified until the end of firmware update.
4) Process Capsule image to gather firmware images
5) Each Firmware image information will be stored in reserved region
using FW_UPDATE_COMP_STATUS. Update pending will be marked to
update pending state indicating that this image is not processed.
6) Firmware update will use the reserved region comp structures starting
with the first image with update pending state, update the comp update
pending field to processing and applies the image. After the update, pending
field will be updated to Done and updates the status of the update in the
component structure and moves on to next image found.
7) After all the component structure in the reserved region updating pending
field are set to Done. Firmware update mode is exited.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch added support for FWST ACPI table. This table
contains generic address structure which has pointer to the
EFI System Resource Table.
ESRT table for now supports only system firmware. This table
will provide the operating system and tools knowledge of what
is the last attempt status and version of the system firmare
update.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch updates firmware update code to get capsule location
information from configuration data instead of searching in all the
available boot media.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
Subash Lakkimsetti
raghavag
Raghava Gudla
Aiden Park
Guo Dong