ArmPkg: only attempt buildin MmCommunicationDxe for AArch64
[mirror_edk2.git] / FmpDevicePkg / FmpDxe / FmpDxe.h
CommitLineData
4f0544b1
EJ
1/** @file\r
2 Produces a Firmware Management Protocol that supports updates to a firmware\r
3 image stored in a firmware device with platform and firmware device specific\r
4 information provided through PCDs and libraries.\r
5\r
6 Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>\r
7 Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>\r
8\r
9 SPDX-License-Identifier: BSD-2-Clause-Patent\r
10\r
11**/\r
12\r
13#ifndef _FMP_DXE_H_\r
14#define _FMP_DXE_H_\r
15\r
16#include <PiDxe.h>\r
17#include <Library/DebugLib.h>\r
18#include <Library/BaseLib.h>\r
19#include <Library/BaseMemoryLib.h>\r
e0961677
EJ
20#include <Library/BaseCryptLib.h>\r
21#include <Library/PcdLib.h>\r
4f0544b1 22#include <Library/UefiBootServicesTableLib.h>\r
67c1e5ee 23#include <Library/UefiRuntimeServicesTableLib.h>\r
4f0544b1
EJ
24#include <Library/MemoryAllocationLib.h>\r
25#include <Library/UefiLib.h>\r
a5944b6a 26#include <Library/PrintLib.h>\r
4f0544b1
EJ
27#include <Library/FmpAuthenticationLib.h>\r
28#include <Library/FmpDeviceLib.h>\r
29#include <Library/FmpPayloadHeaderLib.h>\r
30#include <Library/CapsuleUpdatePolicyLib.h>\r
0f30087b
WX
31#include <Library/FmpDependencyLib.h>\r
32#include <Library/FmpDependencyCheckLib.h>\r
33#include <Library/FmpDependencyDeviceLib.h>\r
4f0544b1
EJ
34#include <Protocol/FirmwareManagement.h>\r
35#include <Protocol/FirmwareManagementProgress.h>\r
67c1e5ee 36#include <Protocol/VariableLock.h>\r
4f0544b1
EJ
37#include <Guid/SystemResourceTable.h>\r
38#include <Guid/EventGroup.h>\r
4f0544b1
EJ
39\r
40#define VERSION_STRING_NOT_SUPPORTED L"VERSION STRING NOT SUPPORTED"\r
41#define VERSION_STRING_NOT_AVAILABLE L"VERSION STRING NOT AVAILABLE"\r
42\r
43///\r
44///\r
45///\r
46#define FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('f','m','p','p')\r
47\r
48typedef struct {\r
49 UINTN Signature;\r
50 EFI_HANDLE Handle;\r
51 EFI_FIRMWARE_MANAGEMENT_PROTOCOL Fmp;\r
52 BOOLEAN DescriptorPopulated;\r
53 EFI_FIRMWARE_IMAGE_DESCRIPTOR Descriptor;\r
54 CHAR16 *ImageIdName;\r
55 CHAR16 *VersionName;\r
56 BOOLEAN RuntimeVersionSupported;\r
57 EFI_EVENT FmpDeviceLockEvent;\r
58 //\r
59 // Indicates if an attempt has been made to lock a\r
60 // FLASH storage device by calling FmpDeviceLock().\r
61 // A FLASH storage device may not support being locked,\r
62 // so this variable is set to TRUE even if FmpDeviceLock()\r
63 // returns an error.\r
64 //\r
65 BOOLEAN FmpDeviceLocked;\r
66 VOID *FmpDeviceContext;\r
67c1e5ee
EJ
67 CHAR16 *VersionVariableName;\r
68 CHAR16 *LsvVariableName;\r
69 CHAR16 *LastAttemptStatusVariableName;\r
70 CHAR16 *LastAttemptVersionVariableName;\r
71 CHAR16 *FmpStateVariableName;\r
0f30087b 72 BOOLEAN DependenciesSatisfied;\r
4f0544b1
EJ
73} FIRMWARE_MANAGEMENT_PRIVATE_DATA;\r
74\r
75///\r
76///\r
77///\r
78#define FIRMWARE_MANAGEMENT_PRIVATE_DATA_FROM_THIS(a) \\r
79 CR (a, FIRMWARE_MANAGEMENT_PRIVATE_DATA, Fmp, FIRMWARE_MANAGEMENT_PRIVATE_DATA_SIGNATURE)\r
80\r
e0961677
EJ
81///\r
82/// Null-terminated Unicode string retrieved from PcdFmpDeviceImageIdName.\r
83///\r
84extern CHAR16 *mImageIdName;\r
85\r
4f0544b1
EJ
86/**\r
87 Check to see if any of the keys in PcdFmpDevicePkcs7CertBufferXdr matches\r
88 the test key. PcdFmpDeviceTestKeySha256Digest contains the SHA256 hash of\r
89 the test key. For each key in PcdFmpDevicePkcs7CertBufferXdr, compute the\r
90 SHA256 hash and compare it to PcdFmpDeviceTestKeySha256Digest. If the\r
91 SHA256 hash matches or there is then error computing the SHA256 hash, then\r
92 set PcdTestKeyUsed to TRUE. Skip this check if PcdTestKeyUsed is already\r
93 TRUE or PcdFmpDeviceTestKeySha256Digest is not exactly SHA256_DIGEST_SIZE\r
94 bytes.\r
95**/\r
96VOID\r
97DetectTestKey (\r
98 VOID\r
99 );\r
100\r
101/**\r
102 Returns information about the current firmware image(s) of the device.\r
103\r
104 This function allows a copy of the current firmware image to be created and saved.\r
105 The saved copy could later been used, for example, in firmware image recovery or rollback.\r
106\r
107 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
108 @param[in, out] ImageInfoSize A pointer to the size, in bytes, of the ImageInfo buffer.\r
109 On input, this is the size of the buffer allocated by the caller.\r
110 On output, it is the size of the buffer returned by the firmware\r
111 if the buffer was large enough, or the size of the buffer needed\r
112 to contain the image(s) information if the buffer was too small.\r
113 @param[in, out] ImageInfo A pointer to the buffer in which firmware places the current image(s)\r
114 information. The information is an array of EFI_FIRMWARE_IMAGE_DESCRIPTORs.\r
115 @param[out] DescriptorVersion A pointer to the location in which firmware returns the version number\r
116 associated with the EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
117 @param[out] DescriptorCount A pointer to the location in which firmware returns the number of\r
118 descriptors or firmware images within this device.\r
119 @param[out] DescriptorSize A pointer to the location in which firmware returns the size, in bytes,\r
120 of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR.\r
121 @param[out] PackageVersion A version number that represents all the firmware images in the device.\r
122 The format is vendor specific and new version must have a greater value\r
123 than the old version. If PackageVersion is not supported, the value is\r
124 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version comparison\r
125 is to be performed using PackageVersionName. A value of 0xFFFFFFFD indicates\r
126 that package version update is in progress.\r
127 @param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing the\r
128 package version name. The buffer is allocated by this function with\r
129 AllocatePool(), and it is the caller's responsibility to free it with a call\r
130 to FreePool().\r
131\r
132 @retval EFI_SUCCESS The device was successfully updated with the new image.\r
133 @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size\r
134 needed to hold the image(s) information is returned in ImageInfoSize.\r
135 @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL.\r
136 @retval EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image.\r
137\r
138**/\r
139EFI_STATUS\r
140EFIAPI\r
141GetTheImageInfo (\r
142 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
143 IN OUT UINTN *ImageInfoSize,\r
144 IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo,\r
145 OUT UINT32 *DescriptorVersion,\r
146 OUT UINT8 *DescriptorCount,\r
147 OUT UINTN *DescriptorSize,\r
148 OUT UINT32 *PackageVersion,\r
149 OUT CHAR16 **PackageVersionName\r
150 );\r
151\r
152/**\r
153 Retrieves a copy of the current firmware image of the device.\r
154\r
155 This function allows a copy of the current firmware image to be created and saved.\r
156 The saved copy could later been used, for example, in firmware image recovery or rollback.\r
157\r
158 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
159 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
160 The number is between 1 and DescriptorCount.\r
161 @param[in, out] Image Points to the buffer where the current image is copied to.\r
162 @param[in, out] ImageSize On entry, points to the size of the buffer pointed to by Image, in bytes.\r
163 On return, points to the length of the image, in bytes.\r
164\r
165 @retval EFI_SUCCESS The device was successfully updated with the new image.\r
166 @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small to hold the\r
167 image. The current buffer size needed to hold the image is returned\r
168 in ImageSize.\r
169 @retval EFI_INVALID_PARAMETER The Image was NULL.\r
170 @retval EFI_NOT_FOUND The current image is not copied to the buffer.\r
171 @retval EFI_UNSUPPORTED The operation is not supported.\r
172 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
173\r
174**/\r
175EFI_STATUS\r
176EFIAPI\r
177GetTheImage (\r
178 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
179 IN UINT8 ImageIndex,\r
180 IN OUT VOID *Image,\r
181 IN OUT UINTN *ImageSize\r
182 );\r
183\r
184\r
185/**\r
186 Checks if the firmware image is valid for the device.\r
187\r
188 This function allows firmware update application to validate the firmware image without\r
189 invoking the SetImage() first.\r
190\r
191 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
192 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
193 The number is between 1 and DescriptorCount.\r
194 @param[in] Image Points to the new image.\r
195 @param[in] ImageSize Size of the new image in bytes.\r
196 @param[out] ImageUpdatable Indicates if the new image is valid for update. It also provides,\r
197 if available, additional information if the image is invalid.\r
198\r
199 @retval EFI_SUCCESS The image was successfully checked.\r
200 @retval EFI_ABORTED The operation is aborted.\r
201 @retval EFI_INVALID_PARAMETER The Image was NULL.\r
202 @retval EFI_UNSUPPORTED The operation is not supported.\r
203 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
204\r
205**/\r
206EFI_STATUS\r
207EFIAPI\r
208CheckTheImage (\r
209 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
210 IN UINT8 ImageIndex,\r
211 IN CONST VOID *Image,\r
212 IN UINTN ImageSize,\r
213 OUT UINT32 *ImageUpdatable\r
214 );\r
215\r
216/**\r
217 Updates the firmware image of the device.\r
218\r
219 This function updates the hardware with the new firmware image.\r
220 This function returns EFI_UNSUPPORTED if the firmware image is not updatable.\r
221 If the firmware image is updatable, the function should perform the following minimal validations\r
222 before proceeding to do the firmware image update.\r
223 - Validate the image authentication if image has attribute\r
224 IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns\r
225 EFI_SECURITY_VIOLATION if the validation fails.\r
226 - Validate the image is a supported image for this device. The function returns EFI_ABORTED if\r
227 the image is unsupported. The function can optionally provide more detailed information on\r
228 why the image is not a supported image.\r
229 - Validate the data from VendorCode if not null. Image validation must be performed before\r
230 VendorCode data validation. VendorCode data is ignored or considered invalid if image\r
231 validation failed. The function returns EFI_ABORTED if the data is invalid.\r
232\r
233 VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if\r
234 the caller did not specify the policy or use the default policy. As an example, vendor can implement\r
235 a policy to allow an option to force a firmware image update when the abort reason is due to the new\r
236 firmware image version is older than the current firmware image version or bad image checksum.\r
237 Sensitive operations such as those wiping the entire firmware image and render the device to be\r
238 non-functional should be encoded in the image itself rather than passed with the VendorCode.\r
239 AbortReason enables vendor to have the option to provide a more detailed description of the abort\r
240 reason to the caller.\r
241\r
242 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
243 @param[in] ImageIndex A unique number identifying the firmware image(s) within the device.\r
244 The number is between 1 and DescriptorCount.\r
245 @param[in] Image Points to the new image.\r
246 @param[in] ImageSize Size of the new image in bytes.\r
247 @param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy.\r
248 Null indicates the caller did not specify the policy or use the default policy.\r
249 @param[in] Progress A function used by the driver to report the progress of the firmware update.\r
250 @param[out] AbortReason A pointer to a pointer to a null-terminated string providing more\r
251 details for the aborted operation. The buffer is allocated by this function\r
252 with AllocatePool(), and it is the caller's responsibility to free it with a\r
253 call to FreePool().\r
254\r
255 @retval EFI_SUCCESS The device was successfully updated with the new image.\r
256 @retval EFI_ABORTED The operation is aborted.\r
257 @retval EFI_INVALID_PARAMETER The Image was NULL.\r
258 @retval EFI_UNSUPPORTED The operation is not supported.\r
259 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
260\r
261**/\r
262EFI_STATUS\r
263EFIAPI\r
264SetTheImage (\r
265 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
266 IN UINT8 ImageIndex,\r
267 IN CONST VOID *Image,\r
268 IN UINTN ImageSize,\r
269 IN CONST VOID *VendorCode,\r
270 IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress,\r
271 OUT CHAR16 **AbortReason\r
272 );\r
273\r
274/**\r
275 Returns information about the firmware package.\r
276\r
277 This function returns package information.\r
278\r
279 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
280 @param[out] PackageVersion A version number that represents all the firmware images in the device.\r
281 The format is vendor specific and new version must have a greater value\r
282 than the old version. If PackageVersion is not supported, the value is\r
283 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version\r
284 comparison is to be performed using PackageVersionName. A value of\r
285 0xFFFFFFFD indicates that package version update is in progress.\r
286 @param[out] PackageVersionName A pointer to a pointer to a null-terminated string representing\r
287 the package version name. The buffer is allocated by this function with\r
288 AllocatePool(), and it is the caller's responsibility to free it with a\r
289 call to FreePool().\r
290 @param[out] PackageVersionNameMaxLen The maximum length of package version name if device supports update of\r
291 package version name. A value of 0 indicates the device does not support\r
292 update of package version name. Length is the number of Unicode characters,\r
293 including the terminating null character.\r
294 @param[out] AttributesSupported Package attributes that are supported by this device. See 'Package Attribute\r
295 Definitions' for possible returned values of this parameter. A value of 1\r
296 indicates the attribute is supported and the current setting value is\r
297 indicated in AttributesSetting. A value of 0 indicates the attribute is not\r
298 supported and the current setting value in AttributesSetting is meaningless.\r
299 @param[out] AttributesSetting Package attributes. See 'Package Attribute Definitions' for possible returned\r
300 values of this parameter\r
301\r
302 @retval EFI_SUCCESS The package information was successfully returned.\r
303 @retval EFI_UNSUPPORTED The operation is not supported.\r
304\r
305**/\r
306EFI_STATUS\r
307EFIAPI\r
308GetPackageInfo (\r
309 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
310 OUT UINT32 *PackageVersion,\r
311 OUT CHAR16 **PackageVersionName,\r
312 OUT UINT32 *PackageVersionNameMaxLen,\r
313 OUT UINT64 *AttributesSupported,\r
314 OUT UINT64 *AttributesSetting\r
315 );\r
316\r
317/**\r
318 Updates information about the firmware package.\r
319\r
320 This function updates package information.\r
321 This function returns EFI_UNSUPPORTED if the package information is not updatable.\r
322 VendorCode enables vendor to implement vendor-specific package information update policy.\r
323 Null if the caller did not specify this policy or use the default policy.\r
324\r
325 @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance.\r
326 @param[in] Image Points to the authentication image.\r
327 Null if authentication is not required.\r
328 @param[in] ImageSize Size of the authentication image in bytes.\r
329 0 if authentication is not required.\r
330 @param[in] VendorCode This enables vendor to implement vendor-specific firmware\r
331 image update policy.\r
332 Null indicates the caller did not specify this policy or use\r
333 the default policy.\r
334 @param[in] PackageVersion The new package version.\r
335 @param[in] PackageVersionName A pointer to the new null-terminated Unicode string representing\r
336 the package version name.\r
337 The string length is equal to or less than the value returned in\r
338 PackageVersionNameMaxLen.\r
339\r
340 @retval EFI_SUCCESS The device was successfully updated with the new package\r
341 information.\r
342 @retval EFI_INVALID_PARAMETER The PackageVersionName length is longer than the value\r
343 returned in PackageVersionNameMaxLen.\r
344 @retval EFI_UNSUPPORTED The operation is not supported.\r
345 @retval EFI_SECURITY_VIOLATION The operation could not be performed due to an authentication failure.\r
346\r
347**/\r
348EFI_STATUS\r
349EFIAPI\r
350SetPackageInfo (\r
351 IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This,\r
352 IN CONST VOID *Image,\r
353 IN UINTN ImageSize,\r
354 IN CONST VOID *VendorCode,\r
355 IN UINT32 PackageVersion,\r
356 IN CONST CHAR16 *PackageVersionName\r
357 );\r
358\r
359#endif\r