[mirror_edk2.git] / FmpDevicePkg / FmpDxe / FmpDxe.h

/** @file\r
  Produces a Firmware Management Protocol that supports updates to a firmware\r
  image stored in a firmware device with platform and firmware device specific\r
  information provided through PCDs and libraries.\r
\r
  Copyright (c) Microsoft Corporation.<BR>\r
  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#ifndef _FMP_DXE_H_\r
#define _FMP_DXE_H_\r
\r
#include <PiDxe.h>\r
#include <Library/DebugLib.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/BaseCryptLib.h>\r
#include <Library/PcdLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiLib.h>\r
#include <Library/PrintLib.h>\r
#include <Library/FmpAuthenticationLib.h>\r
#include <Library/FmpDeviceLib.h>\r
#include <Library/FmpPayloadHeaderLib.h>\r
#include <Library/CapsuleUpdatePolicyLib.h>\r
#include <Library/FmpDependencyLib.h>\r
#include <Library/FmpDependencyCheckLib.h>\r
#include <Library/FmpDependencyDeviceLib.h>\r
#include <Protocol/FirmwareManagement.h>\r
#include <Protocol/FirmwareManagementProgress.h>\r
#include <Guid/SystemResourceTable.h>\r
#include <Guid/EventGroup.h>\r
#include <LastAttemptStatus.h>\r
#include <FmpLastAttemptStatus.h>\r
#include <Library/VariablePolicyHelperLib.h>\r
\r
#define VERSION_STRING_NOT_SUPPORTED  L"VERSION STRING NOT SUPPORTED"\r
#define VERSION_STRING_NOT_AVAILABLE  L"VERSION STRING NOT AVAILABLE"\r
\r
///\r
///\r
///\r
#define FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE  SIGNATURE_32 ('f','m','p','p')\r
\r
typedef struct {\r
  UINTN                               Signature;\r
  EFI_HANDLE                          Handle;\r
  EFI_FIRMWARE_MANAGEMENT_PROTOCOL    Fmp;\r
  BOOLEAN                             DescriptorPopulated;\r
  EFI_FIRMWARE_IMAGE_DESCRIPTOR       Descriptor;\r
  CHAR16                              *ImageIdName;\r
  CHAR16                              *VersionName;\r
  BOOLEAN                             RuntimeVersionSupported;\r
  EFI_EVENT                           FmpDeviceLockEvent;\r
  //\r
  // Indicates if an attempt has been made to lock a\r
  // FLASH storage device by calling FmpDeviceLock().\r
  // A FLASH storage device may not support being locked,\r
  // so this variable is set to TRUE even if FmpDeviceLock()\r
  // returns an error.\r
  //\r
  BOOLEAN                             FmpDeviceLocked;\r
  VOID                                *FmpDeviceContext;\r
  CHAR16                              *VersionVariableName;\r
  CHAR16                              *LsvVariableName;\r
  CHAR16                              *LastAttemptStatusVariableName;\r
  CHAR16                              *LastAttemptVersionVariableName;\r
  CHAR16                              *FmpStateVariableName;\r
  BOOLEAN                             DependenciesSatisfied;\r
} FIRMWARE_MANAGEMENT_PRIVATE_DATA;\r
\r
///\r
///\r
///\r
#define FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS(a) \\r
  CR (a, FIRMWARE_MANAGEMENT_PRIVATE_DATA, Fmp, FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE)\r
\r
///\r
/// Null-terminated Unicode string retrieved from PcdFmpDeviceImageIdName.\r
///\r
extern CHAR16  *mImageIdName;\r
\r
/**\r
  Check to see if any of the keys in PcdFmpDevicePkcs7CertBufferXdr matches\r
  the test key.  PcdFmpDeviceTestKeySha256Digest contains the SHA256 hash of\r
  the test key.  For each key in PcdFmpDevicePkcs7CertBufferXdr, compute the\r
  SHA256 hash and compare it to PcdFmpDeviceTestKeySha256Digest.  If the\r
  SHA256 hash matches or there is then error computing the SHA256 hash, then\r
  set PcdTestKeyUsed to TRUE.  Skip this check if PcdTestKeyUsed is already\r
  TRUE or PcdFmpDeviceTestKeySha256Digest is not exactly SHA256_DIGEST_SIZE\r
  bytes.\r
**/\r
VOID\r
DetectTestKey (\r
  VOID\r
  );\r
\r
/**\r
  Returns information about the current firmware image(s) of the device.\r
\r
  This function allows a copy of the current firmware image to be created and saved.\r
  The saved copy could later been used, for example, in firmware image recovery or rollback.\r
\r
  @param[in]      This               A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
  @param[in, out] ImageInfoSize      A pointer to the size, in bytes, of the ImageInfo buffer.\r
                                     On input, this is the size of the buffer allocated by the caller.\r
                                     On output, it is the size of the buffer returned by the firmware\r
                                     if the buffer was large enough, or the size of the buffer needed\r
                                     to contain the image(s) information if the buffer was too small.\r
  @param[in, out] ImageInfo          A pointer to the buffer in which firmware places the current image(s)\r
                                     information. The information is an array of EFI_FIRMWARE_IMAGE_DESCRIPTORs.\r
  @param[out]     DescriptorVersion  A pointer to the location in which firmware returns the version number\r
                                     associated with the EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
  @param[out]     DescriptorCount    A pointer to the location in which firmware returns the number of\r
                                     descriptors or firmware images within this device.\r
  @param[out]     DescriptorSize     A pointer to the location in which firmware returns the size, in bytes,\r
                                     of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
  @param[out]     PackageVersion     A version number that represents all the firmware images in the device.\r
                                     The format is vendor specific and new version must have a greater value\r
                                     than the old version. If PackageVersion is not supported, the value is\r
                                     0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version comparison\r
                                     is to be performed using PackageVersionName. A value of 0xFFFFFFFD indicates\r
                                     that package version update is in progress.\r
  @param[out]     PackageVersionName A pointer to a pointer to a null-terminated string representing the\r
                                     package version name. The buffer is allocated by this function with\r
                                     AllocatePool(), and it is the caller's responsibility to free it with a call\r
                                     to FreePool().\r
\r
  @retval EFI_SUCCESS                The device was successfully updated with the new image.\r
  @retval EFI_BUFFER_TOO_SMALL       The ImageInfo buffer was too small. The current buffer size\r
                                     needed to hold the image(s) information is returned in ImageInfoSize.\r
  @retval EFI_INVALID_PARAMETER      ImageInfoSize is NULL.\r
  @retval EFI_DEVICE_ERROR           Valid information could not be returned. Possible corrupted image.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
GetTheImageInfo (\r
  IN     EFI_FIRMWARE_MANAGEMENT_PROTOCOL  *This,\r
  IN OUT UINTN                             *ImageInfoSize,\r
  IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR     *ImageInfo,\r
  OUT    UINT32                            *DescriptorVersion,\r
  OUT    UINT8                             *DescriptorCount,\r
  OUT    UINTN                             *DescriptorSize,\r
  OUT    UINT32                            *PackageVersion,\r
  OUT    CHAR16                            **PackageVersionName\r
  );\r
\r
/**\r
  Retrieves a copy of the current firmware image of the device.\r
\r
  This function allows a copy of the current firmware image to be created and saved.\r
  The saved copy could later been used, for example, in firmware image recovery or rollback.\r
\r
  @param[in]      This           A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
  @param[in]      ImageIndex     A unique number identifying the firmware image(s) within the device.\r
                                 The number is between 1 and DescriptorCount.\r
  @param[in, out] Image          Points to the buffer where the current image is copied to.\r
  @param[in, out] ImageSize      On entry, points to the size of the buffer pointed to by Image, in bytes.\r
                                 On return, points to the length of the image, in bytes.\r
\r
  @retval EFI_SUCCESS            The device was successfully updated with the new image.\r
  @retval EFI_BUFFER_TOO_SMALL   The buffer specified by ImageSize is too small to hold the\r
                                 image. The current buffer size needed to hold the image is returned\r
                                 in ImageSize.\r
  @retval EFI_INVALID_PARAMETER  The Image was NULL.\r
  @retval EFI_NOT_FOUND          The current image is not copied to the buffer.\r
  @retval EFI_UNSUPPORTED        The operation is not supported.\r
  @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
GetTheImage (\r
  IN     EFI_FIRMWARE_MANAGEMENT_PROTOCOL  *This,\r
  IN     UINT8                             ImageIndex,\r
  IN OUT VOID                              *Image,\r
  IN OUT UINTN                             *ImageSize\r
  );\r
\r
/**\r
  Checks if the firmware image is valid for the device.\r
\r
  This function allows firmware update application to validate the firmware image without\r
  invoking the SetImage() first.\r
\r
  @param[in]  This               A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
  @param[in]  ImageIndex         A unique number identifying the firmware image(s) within the device.\r
                                 The number is between 1 and DescriptorCount.\r
  @param[in]  Image              Points to the new image.\r
  @param[in]  ImageSize          Size of the new image in bytes.\r
  @param[out] ImageUpdatable     Indicates if the new image is valid for update. It also provides,\r
                                 if available, additional information if the image is invalid.\r
\r
  @retval EFI_SUCCESS            The image was successfully checked.\r
  @retval EFI_ABORTED            The operation is aborted.\r
  @retval EFI_INVALID_PARAMETER  The Image was NULL.\r
  @retval EFI_UNSUPPORTED        The operation is not supported.\r
  @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
CheckTheImage (\r
  IN  EFI_FIRMWARE_MANAGEMENT_PROTOCOL  *This,\r
  IN  UINT8                             ImageIndex,\r
  IN  CONST VOID                        *Image,\r
  IN  UINTN                             ImageSize,\r
  OUT UINT32                            *ImageUpdatable\r
  );\r
\r
/**\r
  Updates the firmware image of the device.\r
\r
  This function updates the hardware with the new firmware image.\r
  This function returns EFI_UNSUPPORTED if the firmware image is not updatable.\r
  If the firmware image is updatable, the function should perform the following minimal validations\r
  before proceeding to do the firmware image update.\r
  - Validate the image authentication if image has attribute\r
    IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns\r
    EFI_SECURITY_VIOLATION if the validation fails.\r
  - Validate the image is a supported image for this device. The function returns EFI_ABORTED if\r
    the image is unsupported. The function can optionally provide more detailed information on\r
    why the image is not a supported image.\r
  - Validate the data from VendorCode if not null. Image validation must be performed before\r
    VendorCode data validation. VendorCode data is ignored or considered invalid if image\r
    validation failed. The function returns EFI_ABORTED if the data is invalid.\r
\r
  VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if\r
  the caller did not specify the policy or use the default policy. As an example, vendor can implement\r
  a policy to allow an option to force a firmware image update when the abort reason is due to the new\r
  firmware image version is older than the current firmware image version or bad image checksum.\r
  Sensitive operations such as those wiping the entire firmware image and render the device to be\r
  non-functional should be encoded in the image itself rather than passed with the VendorCode.\r
  AbortReason enables vendor to have the option to provide a more detailed description of the abort\r
  reason to the caller.\r
\r
  @param[in]  This               A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
  @param[in]  ImageIndex         A unique number identifying the firmware image(s) within the device.\r
                                 The number is between 1 and DescriptorCount.\r
  @param[in]  Image              Points to the new image.\r
  @param[in]  ImageSize          Size of the new image in bytes.\r
  @param[in]  VendorCode         This enables vendor to implement vendor-specific firmware image update policy.\r
                                 Null indicates the caller did not specify the policy or use the default policy.\r
  @param[in]  Progress           A function used by the driver to report the progress of the firmware update.\r
  @param[out] AbortReason        A pointer to a pointer to a null-terminated string providing more\r
                                 details for the aborted operation. The buffer is allocated by this function\r
                                 with AllocatePool(), and it is the caller's responsibility to free it with a\r
                                 call to FreePool().\r
\r
  @retval EFI_SUCCESS            The device was successfully updated with the new image.\r
  @retval EFI_ABORTED            The operation is aborted.\r
  @retval EFI_INVALID_PARAMETER  The Image was NULL.\r
  @retval EFI_UNSUPPORTED        The operation is not supported.\r
  @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SetTheImage (\r
  IN  EFI_FIRMWARE_MANAGEMENT_PROTOCOL               *This,\r
  IN  UINT8                                          ImageIndex,\r
  IN  CONST VOID                                     *Image,\r
  IN  UINTN                                          ImageSize,\r
  IN  CONST VOID                                     *VendorCode,\r
  IN  EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS  Progress,\r
  OUT CHAR16                                         **AbortReason\r
  );\r
\r
/**\r
  Returns information about the firmware package.\r
\r
  This function returns package information.\r
\r
  @param[in]  This                     A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
  @param[out] PackageVersion           A version number that represents all the firmware images in the device.\r
                                       The format is vendor specific and new version must have a greater value\r
                                       than the old version. If PackageVersion is not supported, the value is\r
                                       0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version\r
                                       comparison is to be performed using PackageVersionName. A value of\r
                                       0xFFFFFFFD indicates that package version update is in progress.\r
  @param[out] PackageVersionName       A pointer to a pointer to a null-terminated string representing\r
                                       the package version name. The buffer is allocated by this function with\r
                                       AllocatePool(), and it is the caller's responsibility to free it with a\r
                                       call to FreePool().\r
  @param[out] PackageVersionNameMaxLen The maximum length of package version name if device supports update of\r
                                       package version name. A value of 0 indicates the device does not support\r
                                       update of package version name. Length is the number of Unicode characters,\r
                                       including the terminating null character.\r
  @param[out] AttributesSupported      Package attributes that are supported by this device. See 'Package Attribute\r
                                       Definitions' for possible returned values of this parameter. A value of 1\r
                                       indicates the attribute is supported and the current setting value is\r
                                       indicated in AttributesSetting. A value of 0 indicates the attribute is not\r
                                       supported and the current setting value in AttributesSetting is meaningless.\r
  @param[out] AttributesSetting        Package attributes. See 'Package Attribute Definitions' for possible returned\r
                                       values of this parameter\r
\r
  @retval EFI_SUCCESS                  The package information was successfully returned.\r
  @retval EFI_UNSUPPORTED              The operation is not supported.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
GetPackageInfo (\r
  IN  EFI_FIRMWARE_MANAGEMENT_PROTOCOL  *This,\r
  OUT UINT32                            *PackageVersion,\r
  OUT CHAR16                            **PackageVersionName,\r
  OUT UINT32                            *PackageVersionNameMaxLen,\r
  OUT UINT64                            *AttributesSupported,\r
  OUT UINT64                            *AttributesSetting\r
  );\r
\r
/**\r
  Updates information about the firmware package.\r
\r
  This function updates package information.\r
  This function returns EFI_UNSUPPORTED if the package information is not updatable.\r
  VendorCode enables vendor to implement vendor-specific package information update policy.\r
  Null if the caller did not specify this policy or use the default policy.\r
\r
  @param[in]  This               A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
  @param[in]  Image              Points to the authentication image.\r
                                 Null if authentication is not required.\r
  @param[in]  ImageSize          Size of the authentication image in bytes.\r
                                 0 if authentication is not required.\r
  @param[in]  VendorCode         This enables vendor to implement vendor-specific firmware\r
                                 image update policy.\r
                                 Null indicates the caller did not specify this policy or use\r
                                 the default policy.\r
  @param[in]  PackageVersion     The new package version.\r
  @param[in]  PackageVersionName A pointer to the new null-terminated Unicode string representing\r
                                 the package version name.\r
                                 The string length is equal to or less than the value returned in\r
                                 PackageVersionNameMaxLen.\r
\r
  @retval EFI_SUCCESS            The device was successfully updated with the new package\r
                                 information.\r
  @retval EFI_INVALID_PARAMETER  The PackageVersionName length is longer than the value\r
                                 returned in PackageVersionNameMaxLen.\r
  @retval EFI_UNSUPPORTED        The operation is not supported.\r
  @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SetPackageInfo (\r
  IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL  *This,\r
  IN CONST VOID                        *Image,\r
  IN UINTN                             ImageSize,\r
  IN CONST VOID                        *VendorCode,\r
  IN UINT32                            PackageVersion,\r
  IN CONST CHAR16                      *PackageVersionName\r
  );\r
\r
#endif\r
Commit	Line	Data
4f0544b1 EJ	1	/** @file\r
	2	Produces a Firmware Management Protocol that supports updates to a firmware\r
	3	image stored in a firmware device with platform and firmware device specific\r
	4	information provided through PCDs and libraries.\r
	5	\r
5550f4d3	6	Copyright (c) Microsoft Corporation.<BR>\r
2f6f3329	7	Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>\r
4f0544b1 EJ	8	\r
	9	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	10	\r
	11	**/\r
	12	\r
	13	#ifndef _FMP_DXE_H_\r
	14	#define _FMP_DXE_H_\r
	15	\r
	16	#include <PiDxe.h>\r
	17	#include <Library/DebugLib.h>\r
	18	#include <Library/BaseLib.h>\r
	19	#include <Library/BaseMemoryLib.h>\r
e0961677 EJ	20	#include <Library/BaseCryptLib.h>\r
e0961677 EJ	21	#include <Library/PcdLib.h>\r
4f0544b1	22	#include <Library/UefiBootServicesTableLib.h>\r
67c1e5ee	23	#include <Library/UefiRuntimeServicesTableLib.h>\r
4f0544b1 EJ	24	#include <Library/MemoryAllocationLib.h>\r
4f0544b1 EJ	25	#include <Library/UefiLib.h>\r
a5944b6a	26	#include <Library/PrintLib.h>\r
4f0544b1 EJ	27	#include <Library/FmpAuthenticationLib.h>\r
	28	#include <Library/FmpDeviceLib.h>\r
	29	#include <Library/FmpPayloadHeaderLib.h>\r
	30	#include <Library/CapsuleUpdatePolicyLib.h>\r
0f30087b WX	31	#include <Library/FmpDependencyLib.h>\r
	32	#include <Library/FmpDependencyCheckLib.h>\r
	33	#include <Library/FmpDependencyDeviceLib.h>\r
4f0544b1 EJ	34	#include <Protocol/FirmwareManagement.h>\r
	35	#include <Protocol/FirmwareManagementProgress.h>\r
	36	#include <Guid/SystemResourceTable.h>\r
	37	#include <Guid/EventGroup.h>\r
5550f4d3 MK	38	#include <LastAttemptStatus.h>\r
5550f4d3 MK	39	#include <FmpLastAttemptStatus.h>\r
2f6f3329	40	#include <Library/VariablePolicyHelperLib.h>\r
4f0544b1 EJ	41	\r
	42	#define VERSION_STRING_NOT_SUPPORTED L"VERSION STRING NOT SUPPORTED"\r
	43	#define VERSION_STRING_NOT_AVAILABLE L"VERSION STRING NOT AVAILABLE"\r
	44	\r
	45	///\r
	46	///\r
	47	///\r
45ce0a67	48	#define FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('f','m','p','p')\r
4f0544b1 EJ	49	\r
4f0544b1 EJ	50	typedef struct {\r
45ce0a67 MK	51	UINTN Signature;\r
	52	EFI_HANDLE Handle;\r
	53	EFI_FIRMWARE_MANAGEMENT_PROTOCOL Fmp;\r
	54	BOOLEAN DescriptorPopulated;\r
	55	EFI_FIRMWARE_IMAGE_DESCRIPTOR Descriptor;\r
	56	CHAR16 *ImageIdName;\r
	57	CHAR16 *VersionName;\r
	58	BOOLEAN RuntimeVersionSupported;\r
	59	EFI_EVENT FmpDeviceLockEvent;\r
4f0544b1 EJ	60	//\r
	61	// Indicates if an attempt has been made to lock a\r
	62	// FLASH storage device by calling FmpDeviceLock().\r
	63	// A FLASH storage device may not support being locked,\r
	64	// so this variable is set to TRUE even if FmpDeviceLock()\r
	65	// returns an error.\r
	66	//\r
45ce0a67 MK	67	BOOLEAN FmpDeviceLocked;\r
	68	VOID *FmpDeviceContext;\r
	69	CHAR16 *VersionVariableName;\r
	70	CHAR16 *LsvVariableName;\r
	71	CHAR16 *LastAttemptStatusVariableName;\r
	72	CHAR16 *LastAttemptVersionVariableName;\r
	73	CHAR16 *FmpStateVariableName;\r
	74	BOOLEAN DependenciesSatisfied;\r
4f0544b1 EJ	75	} FIRMWARE_MANAGEMENT_PRIVATE_DATA;\r
	76	\r
	77	///\r
	78	///\r
	79	///\r
	80	#define FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS(a) \\r
	81	CR (a, FIRMWARE_MANAGEMENT_PRIVATE_DATA, Fmp, FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE)\r
	82	\r
e0961677 EJ	83	///\r
	84	/// Null-terminated Unicode string retrieved from PcdFmpDeviceImageIdName.\r
	85	///\r
	86	extern CHAR16 *mImageIdName;\r
	87	\r
4f0544b1 EJ	88	/**\r
	89	Check to see if any of the keys in PcdFmpDevicePkcs7CertBufferXdr matches\r
	90	the test key. PcdFmpDeviceTestKeySha256Digest contains the SHA256 hash of\r
	91	the test key. For each key in PcdFmpDevicePkcs7CertBufferXdr, compute the\r
	92	SHA256 hash and compare it to PcdFmpDeviceTestKeySha256Digest. If the\r
	93	SHA256 hash matches or there is then error computing the SHA256 hash, then\r
	94	set PcdTestKeyUsed to TRUE. Skip this check if PcdTestKeyUsed is already\r
	95	TRUE or PcdFmpDeviceTestKeySha256Digest is not exactly SHA256_DIGEST_SIZE\r
	96	bytes.\r
	97	**/\r
	98	VOID\r
	99	DetectTestKey (\r
	100	VOID\r
	101	);\r
	102	\r
	103	/**\r
	104	Returns information about the current firmware image(s) of the device.\r
	105	\r
	106	This function allows a copy of the current firmware image to be created and saved.\r
	107	The saved copy could later been used, for example, in firmware image recovery or rollback.\r
	108	\r
	109	@param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
	110	@param[in, out] ImageInfoSize A pointer to the size, in bytes, of the ImageInfo buffer.\r
	111	On input, this is the size of the buffer allocated by the caller.\r
	112	On output, it is the size of the buffer returned by the firmware\r
	113	if the buffer was large enough, or the size of the buffer needed\r
	114	to contain the image(s) information if the buffer was too small.\r
	115	@param[in, out] ImageInfo A pointer to the buffer in which firmware places the current image(s)\r
	116	information. The information is an array of EFI_FIRMWARE_IMAGE_DESCRIPTORs.\r
	117	@param[out] DescriptorVersion A pointer to the location in which firmware returns the version number\r
	118	associated with the EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
	119	@param[out] DescriptorCount A pointer to the location in which firmware returns the number of\r
	120	descriptors or firmware images within this device.\r
	121	@param[out] DescriptorSize A pointer to the location in which firmware returns the size, in bytes,\r
	122	of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
	123	@param[out] PackageVersion A version number that represents all the firmware images in the device.\r
	124	The format is vendor specific and new version must have a greater value\r
	125	than the old version. If PackageVersion is not supported, the value is\r
	126	0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version comparison\r
	127	is to be performed using PackageVersionName. A value of 0xFFFFFFFD indicates\r
	128	that package version update is in progress.\r
	129	@param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing the\r
	130	package version name. The buffer is allocated by this function with\r
	131	AllocatePool(), and it is the caller's responsibility to free it with a call\r
	132	to FreePool().\r
	133	\r
	134	@retval EFI_SUCCESS The device was successfully updated with the new image.\r
	135	@retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size\r
	136	needed to hold the image(s) information is returned in ImageInfoSize.\r
	137	@retval EFI_INVALID_PARAMETER ImageInfoSize is NULL.\r
	138	@retval EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image.\r
	139	\r
	140	**/\r
	141	EFI_STATUS\r
	142	EFIAPI\r
	143	GetTheImageInfo (\r
	144	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
	145	IN OUT UINTN *ImageInfoSize,\r
	146	IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo,\r
	147	OUT UINT32 *DescriptorVersion,\r
	148	OUT UINT8 *DescriptorCount,\r
	149	OUT UINTN *DescriptorSize,\r
	150	OUT UINT32 *PackageVersion,\r
	151	OUT CHAR16 **PackageVersionName\r
152	);\r
153	\r
154	/**\r
155	Retrieves a copy of the current firmware image of the device.\r
156	\r
157	This function allows a copy of the current firmware image to be created and saved.\r
158	The saved copy could later been used, for example, in firmware image recovery or rollback.\r
159	\r
160	@param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
161	@param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
162	The number is between 1 and DescriptorCount.\r
163	@param[in, out] Image Points to the buffer where the current image is copied to.\r
164	@param[in, out] ImageSize On entry, points to the size of the buffer pointed to by Image, in bytes.\r
165	On return, points to the length of the image, in bytes.\r
166	\r
167	@retval EFI_SUCCESS The device was successfully updated with the new image.\r
168	@retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small to hold the\r
169	image. The current buffer size needed to hold the image is returned\r
170	in ImageSize.\r
171	@retval EFI_INVALID_PARAMETER The Image was NULL.\r
172	@retval EFI_NOT_FOUND The current image is not copied to the buffer.\r
173	@retval EFI_UNSUPPORTED The operation is not supported.\r
174	@retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
175	\r
176	**/\r
177	EFI_STATUS\r
178	EFIAPI\r
179	GetTheImage (\r
180	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
181	IN UINT8 ImageIndex,\r
182	IN OUT VOID *Image,\r
183	IN OUT UINTN *ImageSize\r
184	);\r
185	\r
4f0544b1 EJ	186	/**\r
	187	Checks if the firmware image is valid for the device.\r
	188	\r
	189	This function allows firmware update application to validate the firmware image without\r
	190	invoking the SetImage() first.\r
	191	\r
	192	@param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
	193	@param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
	194	The number is between 1 and DescriptorCount.\r
	195	@param[in] Image Points to the new image.\r
	196	@param[in] ImageSize Size of the new image in bytes.\r
	197	@param[out] ImageUpdatable Indicates if the new image is valid for update. It also provides,\r
	198	if available, additional information if the image is invalid.\r
	199	\r
	200	@retval EFI_SUCCESS The image was successfully checked.\r
	201	@retval EFI_ABORTED The operation is aborted.\r
	202	@retval EFI_INVALID_PARAMETER The Image was NULL.\r
	203	@retval EFI_UNSUPPORTED The operation is not supported.\r
	204	@retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
	205	\r
	206	**/\r
	207	EFI_STATUS\r
	208	EFIAPI\r
	209	CheckTheImage (\r
	210	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
	211	IN UINT8 ImageIndex,\r
	212	IN CONST VOID *Image,\r
	213	IN UINTN ImageSize,\r
	214	OUT UINT32 *ImageUpdatable\r
	215	);\r
	216	\r
	217	/**\r
	218	Updates the firmware image of the device.\r
	219	\r
	220	This function updates the hardware with the new firmware image.\r
	221	This function returns EFI_UNSUPPORTED if the firmware image is not updatable.\r
	222	If the firmware image is updatable, the function should perform the following minimal validations\r
	223	before proceeding to do the firmware image update.\r
	224	- Validate the image authentication if image has attribute\r
	225	IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns\r
	226	EFI_SECURITY_VIOLATION if the validation fails.\r
	227	- Validate the image is a supported image for this device. The function returns EFI_ABORTED if\r
	228	the image is unsupported. The function can optionally provide more detailed information on\r
	229	why the image is not a supported image.\r
	230	- Validate the data from VendorCode if not null. Image validation must be performed before\r
	231	VendorCode data validation. VendorCode data is ignored or considered invalid if image\r
	232	validation failed. The function returns EFI_ABORTED if the data is invalid.\r
	233	\r
	234	VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if\r
	235	the caller did not specify the policy or use the default policy. As an example, vendor can implement\r
	236	a policy to allow an option to force a firmware image update when the abort reason is due to the new\r
	237	firmware image version is older than the current firmware image version or bad image checksum.\r
	238	Sensitive operations such as those wiping the entire firmware image and render the device to be\r
	239	non-functional should be encoded in the image itself rather than passed with the VendorCode.\r
	240	AbortReason enables vendor to have the option to provide a more detailed description of the abort\r
	241	reason to the caller.\r
	242	\r
	243	@param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
	244	@param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
	245	The number is between 1 and DescriptorCount.\r
	246	@param[in] Image Points to the new image.\r
	247	@param[in] ImageSize Size of the new image in bytes.\r
	248	@param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy.\r
	249	Null indicates the caller did not specify the policy or use the default policy.\r
250	@param[in] Progress A function used by the driver to report the progress of the firmware update.\r
251	@param[out] AbortReason A pointer to a pointer to a null-terminated string providing more\r
252	details for the aborted operation. The buffer is allocated by this function\r
253	with AllocatePool(), and it is the caller's responsibility to free it with a\r
254	call to FreePool().\r
255	\r
256	@retval EFI_SUCCESS The device was successfully updated with the new image.\r
257	@retval EFI_ABORTED The operation is aborted.\r
258	@retval EFI_INVALID_PARAMETER The Image was NULL.\r
259	@retval EFI_UNSUPPORTED The operation is not supported.\r
260	@retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
261	\r
262	**/\r
263	EFI_STATUS\r
264	EFIAPI\r
265	SetTheImage (\r
266	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
267	IN UINT8 ImageIndex,\r
268	IN CONST VOID *Image,\r
269	IN UINTN ImageSize,\r
270	IN CONST VOID *VendorCode,\r
271	IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress,\r
272	OUT CHAR16 **AbortReason\r
273	);\r
274	\r
275	/**\r
276	Returns information about the firmware package.\r
277	\r
278	This function returns package information.\r
279	\r
280	@param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
281	@param[out] PackageVersion A version number that represents all the firmware images in the device.\r
282	The format is vendor specific and new version must have a greater value\r
283	than the old version. If PackageVersion is not supported, the value is\r
284	0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version\r
285	comparison is to be performed using PackageVersionName. A value of\r
286	0xFFFFFFFD indicates that package version update is in progress.\r
287	@param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing\r
288	the package version name. The buffer is allocated by this function with\r
289	AllocatePool(), and it is the caller's responsibility to free it with a\r
290	call to FreePool().\r
291	@param[out] PackageVersionNameMaxLen The maximum length of package version name if device supports update of\r
292	package version name. A value of 0 indicates the device does not support\r
293	update of package version name. Length is the number of Unicode characters,\r
294	including the terminating null character.\r
295	@param[out] AttributesSupported Package attributes that are supported by this device. See 'Package Attribute\r
296	Definitions' for possible returned values of this parameter. A value of 1\r
297	indicates the attribute is supported and the current setting value is\r
298	indicated in AttributesSetting. A value of 0 indicates the attribute is not\r
299	supported and the current setting value in AttributesSetting is meaningless.\r
300	@param[out] AttributesSetting Package attributes. See 'Package Attribute Definitions' for possible returned\r
301	values of this parameter\r
302	\r
303	@retval EFI_SUCCESS The package information was successfully returned.\r
304	@retval EFI_UNSUPPORTED The operation is not supported.\r
305	\r
306	**/\r
307	EFI_STATUS\r
308	EFIAPI\r
309	GetPackageInfo (\r
310	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
311	OUT UINT32 *PackageVersion,\r
312	OUT CHAR16 **PackageVersionName,\r
313	OUT UINT32 *PackageVersionNameMaxLen,\r
314	OUT UINT64 *AttributesSupported,\r
315	OUT UINT64 *AttributesSetting\r
316	);\r
317	\r
318	/**\r
319	Updates information about the firmware package.\r
320	\r
321	This function updates package information.\r
322	This function returns EFI_UNSUPPORTED if the package information is not updatable.\r
323	VendorCode enables vendor to implement vendor-specific package information update policy.\r
324	Null if the caller did not specify this policy or use the default policy.\r
325	\r
326	@param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
327	@param[in] Image Points to the authentication image.\r
328	Null if authentication is not required.\r
329	@param[in] ImageSize Size of the authentication image in bytes.\r
330	0 if authentication is not required.\r
331	@param[in] VendorCode This enables vendor to implement vendor-specific firmware\r
332	image update policy.\r
333	Null indicates the caller did not specify this policy or use\r
334	the default policy.\r
335	@param[in] PackageVersion The new package version.\r
336	@param[in] PackageVersionName A pointer to the new null-terminated Unicode string representing\r
337	the package version name.\r
338	The string length is equal to or less than the value returned in\r
339	PackageVersionNameMaxLen.\r
340	\r
341	@retval EFI_SUCCESS The device was successfully updated with the new package\r
342	information.\r
343	@retval EFI_INVALID_PARAMETER The PackageVersionName length is longer than the value\r
344	returned in PackageVersionNameMaxLen.\r
345	@retval EFI_UNSUPPORTED The operation is not supported.\r
346	@retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
347	\r
348	**/\r
349	EFI_STATUS\r
350	EFIAPI\r
351	SetPackageInfo (\r
352	IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
353	IN CONST VOID *Image,\r
354	IN UINTN ImageSize,\r
355	IN CONST VOID *VendorCode,\r
356	IN UINT32 PackageVersion,\r
357	IN CONST CHAR16 *PackageVersionName\r
358	);\r
359	\r
360	#endif\r