From 252b9c7a9fc5c35e6ba59f06c32bf6b88db05b3d Mon Sep 17 00:00:00 2001 From: vanjeff Date: Wed, 9 Sep 2009 02:47:39 +0000 Subject: [PATCH] 1. add EFI Firmware Management protocol definition in MdePkg. 2. update comments in EapManagement.h git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9251 6f19259b-4bc3-4df7-8a09-765794883524 --- MdePkg/Include/Protocol/EapManagement.h | 2 +- MdePkg/Include/Protocol/FirmwareManagement.h | 492 +++++++++++++++++++ MdePkg/MdePkg.dec | 6 + 3 files changed, 499 insertions(+), 1 deletion(-) create mode 100644 MdePkg/Include/Protocol/FirmwareManagement.h diff --git a/MdePkg/Include/Protocol/EapManagement.h b/MdePkg/Include/Protocol/EapManagement.h index 5af75d01e3..877b802c46 100644 --- a/MdePkg/Include/Protocol/EapManagement.h +++ b/MdePkg/Include/Protocol/EapManagement.h @@ -3,7 +3,7 @@ The EFI EAP Management Protocol is designed to provide ease of management and ease of test for EAPOL state machine. It is intended for the supplicant side. It conforms to IEEE 802.1x specification. - The definitions in this file are defined in UEFI Specification 2.3, which have + The definitions in this file are defined in UEFI Specification 2.2, which have not been verified by one implementation yet. Copyright (c) 2009, Intel Corporation diff --git a/MdePkg/Include/Protocol/FirmwareManagement.h b/MdePkg/Include/Protocol/FirmwareManagement.h new file mode 100644 index 0000000000..4bca4d3ec4 --- /dev/null +++ b/MdePkg/Include/Protocol/FirmwareManagement.h @@ -0,0 +1,492 @@ +/** @file + UEFI Firmware Management Protocol definition + Firmware Management Protocol provides an abstraction for device to provide firmware + management support. The base requirements for managing device firmware images include + identifying firmware image revision level and programming the image into the device. + + GetImageInfo() is the only required function. GetImage(), SetImage(), + CheckImage(), GetPackageInfo(), and SetPackageInfo() shall return + EFI_UNSUPPORTED if not supported by the driver. + + Copyright (c) 2009, Intel Corporation + All rights reserved. This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + + @par Revision Reference: + This Protocol is introduced in UEFI Specification 2.3 + +**/ + +#ifndef __EFI_FIRMWARE_MANAGEMENT_PROTOCOL_H__ +#define __EFI_FIRMWARE_MANAGEMENT_PROTOCOL_H__ + + +#define EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GUID \ + { \ + 0x86c77a67, 0xb97, 0x4633, {0xa1, 0x87, 0x49, 0x10, 0x4d, 0x6, 0x85, 0xc7 } \ + } + +typedef struct _EFI_FIRMWARE_MANAGEMENT_PROTOCOL EFI_FIRMWARE_MANAGEMENT_PROTOCOL; + +/// +/// EFI_FIRMWARE_IMAGE_DESCRIPTOR +/// +typedef struct { + /// + /// A unique number identifying the firmware image within the device. The number is + /// between 1 and DescriptorCount. + /// + UINT8 ImageIndex; + /// + /// A unique number identifying the firmware image type. + /// + EFI_GUID ImageTypeId; + /// + /// A unique number identifying the firmware image. + /// + UINT64 ImageId; + /// + /// A pointer to a null-terminated Unicode string representing the firmware image name. + /// + CHAR16 *ImageIdName; + /// + /// Identifies the version of the device firmware. The format is vendor specific and new + /// version must have a greater value than an old version. + /// + UINT32 Version; + /// + /// A pointer to a null-terminated Unicode string representing the firmware image version name. + /// + CHAR16 *VersionName; + /// + /// Size of the image in bytes. If size=0, then only ImageIndex and ImageTypeId are valid. + /// + UINTN Size; + /// + /// Image attributes that are supported by this device. See 'Image Attribute Definitions' + /// for possible returned values of this parameter. A value of 1 indicates the attribute is + /// supported and the current setting value is indicated in AttributesSetting. A + /// value of 0 indicates the attribute is not supported and the current setting value in + /// AttributesSetting is meaningless. + /// + UINT64 AttributesSupported; + /// + /// Image attributes. See 'Image Attribute Definitions' for possible returned values of + /// this parameter. + /// + UINT64 AttributesSetting; + /// + /// Image compatibilities. See 'Image Compatibility Definitions' for possible returned + /// values of this parameter. + /// + UINT64 Compatibilities; +} EFI_FIRMWARE_IMAGE_DESCRIPTOR; + + +// +// Image Attribute Definitions +// +/// +/// The attribute IMAGE_ATTRIBUTE_IMAGE_UPDATABLE indicates this device supports firmware +/// image update. +/// +#define IMAGE_ATTRIBUTE_IMAGE_UPDATABLE 0x0000000000000001 +/// +/// The attribute IMAGE_ATTRIBUTE_RESET_REQUIRED indicates a reset of the device is required +/// for the new firmware image to take effect after a firmware update. The device is the device hosting +/// the firmware image. +/// +#define IMAGE_ATTRIBUTE_RESET_REQUIRED 0x0000000000000002 +/// +/// The attribute IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED indicates authentication is +/// required to perform the following image operations: GetImage(), SetImage(), and +/// CheckImage(). See 'Image Attribute - Authentication'. +/// +#define IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED 0x0000000000000004 +/// +/// The attribute IMAGE_ATTRIBUTE_IN_USE indicates the current state of the firmware image. +/// This distinguishes firmware images in a device that supports redundant images. +/// +#define IMAGE_ATTRIBUTE_IN_USE 0x0000000000000008 + + +// +// Image Compatibility Definitions +// +/// Values from 0x0000000000000002 thru 0x000000000000FFFF are reserved for future assignments. +/// Values from 0x0000000000010000 thru 0xFFFFFFFFFFFFFFFF are used by firmware vendor for +/// compatibility check. +/// +#define IMAGE_COMPATIBILITY_CHECK_SUPPORTED 0x0000000000000001 + +/// +/// Descriptor Version +/// +#define EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION 1 + + +/// +/// Image Attribute ¨CAuthentication Required +/// +typedef struct { + /// + /// It is included in the signature of AuthInfo. It is used to ensure freshness/no replay. + /// It is incremented during each firmware image operation. + /// + UINT64 MonotonicCount; + /// + /// Provides the authorization for the firmware image operations. It is a signature across + /// the image data and the Monotonic Count value. Caller uses the private key that is + /// associated with a public key that has been provisioned via the key exchange. + /// + WIN_CERTIFICATE_UEFI_GUID AuthInfo; +} EFI_FIRMWARE_IMAGE_AUTHENTICATION; + + +// +// ImageUpdatable Definitions +// +/// +/// IMAGE_UPDATABLE_VALID indicates SetImage() will accept the new image and update the +/// device with the new image. +/// +#define IMAGE_UPDATABLE_VALID 0x0000000000000001 +/// +/// IMAGE_UPDATABLE_INVALID indicates SetImage() will reject the new image. No additional +/// information is provided for the rejection. +/// +#define IMAGE_UPDATABLE_INVALID 0x0000000000000002 +/// +/// IMAGE_UPDATABLE_INVALID_TYPE indicates SetImage() will reject the new image. The +/// rejection is due to the new image is not a firmware image recognized for this device. +/// +#define IMAGE_UPDATABLE_INVALID_TYPE 0x0000000000000004 +/// +/// IMAGE_UPDATABLE_INVALID_OLD indicates SetImage() will reject the new image. The +/// rejection is due to the new image version is older than the current firmware image +/// version in the device. The device firmware update policy does not support firmware +/// version downgrade. +/// +#define IMAGE_UPDATABLE_INVALID_OLD 0x0000000000000008 + + +// +// Package Attribute Definitions +// +/// +/// The attribute PACKAGE_ATTRIBUTE_VERSION_UPDATABLE indicates this device supports the +/// update of the firmware package version. +/// +#define PACKAGE_ATTRIBUTE_VERSION_UPDATABLE 0x0000000000000001 +/// +/// The attribute PACKAGE_ATTRIBUTE_RESET_REQUIRED indicates a reset of the device is +/// required for the new package info to take effect after an update. +/// +#define PACKAGE_ATTRIBUTE_RESET_REQUIRED 0x0000000000000002 +/// +/// The attribute PACKAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED indicates authentication +/// is required to update the package info. +/// +#define PACKAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED 0x0000000000000004 + +/** + Callback funtion to report the process of the firmware updating. + + @param[in] Completion A value between 1 and 100 indicating the current completion + progress of the firmware update. Completion progress is + reported as from 1 to 100 percent. A value of 0 is used by + the driver to indicate that progress reporting is not supported. + + @retval EFI_SUCCESS SetImage() continues to do the callback if supported. + @retval other SetImage() discontinues the callback and completes + the update and returns. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS)( + IN UINTN Completion + ); + +/** + Returns information about the current firmware image(s) of the device. + + This function allows a copy of the current firmware image to be created and saved. + The saved copy could later been used, for example, in firmware image recovery or rollback. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance. + @param[in, out] ImageInfoSize A pointer to the size, in bytes, of the ImageInfo buffer. + On input, this is the size of the buffer allocated by the caller. + On output, it is the size of the buffer returned by the firmware + if the buffer was large enough, or the size of the buffer needed + to contain the image(s) information if the buffer was too small. + @param[in, out] ImageInfo A pointer to the buffer in which firmware places the current image(s) + information. The information is an array of EFI_FIRMWARE_IMAGE_DESCRIPTORs. + @param[out] DescriptorVersion A pointer to the location in which firmware returns the version number + associated with the EFI_FIRMWARE_IMAGE_DESCRIPTOR. + @param[out] DescriptorCount A pointer to the location in which firmware returns the number of + descriptors or firmware images within this device. + @param[out] DescriptorSize A pointer to the location in which firmware returns the size, in bytes, + of an individual EFI_FIRMWARE_IMAGE_DESCRIPTOR. + @param[out] PackageVersion A version number that represents all the firmware images in the device. + The format is vendor specific and new version must have a greater value + than the old version. If PackageVersion is not supported, the value is + 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version comparison + is to be performed using PackageVersionName. A value of 0xFFFFFFFD indicates + that package version update is in progress. + @param[out] PackageVersionName A pointer to a pointer to a null-terminated Unicode string representing the + package version name. The buffer is allocated by this function with + AllocatePool(), and it is the caller's responsibility to free it with a call + to FreePool(). + + @retval EFI_SUCCESS The device was successfully updated with the new image. + @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size + needed to hold the image(s) information is returned in ImageInfoSize. + @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL. + @retval EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GET_IMAGE_INFO)( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN OUT UINTN *ImageInfoSize, + IN OUT EFI_FIRMWARE_IMAGE_DESCRIPTOR *ImageInfo, + OUT UINT32 *DescriptorVersion, + OUT UINT8 *DescriptorCount, + OUT UINTN *DescriptorSize, + OUT UINT32 *PackageVersion, + OUT CHAR16 **PackageVersionName + ); + +/** + Retrieves a copy of the current firmware image of the device. + + This function allows a copy of the current firmware image to be created and saved. + The saved copy could later been used, for example, in firmware image recovery or rollback. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance. + @param[in] ImageIndex A unique number identifying the firmware image(s) within the device. + The number is between 1 and DescriptorCount. + @param[out] Image Points to the buffer where the current image is copied to. + @param[out] ImageSize On entry, points to the size of the buffer pointed to by Image, in bytes. + On return, points to the length of the image, in bytes. + + @retval EFI_SUCCESS The device was successfully updated with the new image. + @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize is too small to hold the + image. The current buffer size needed to hold the image is returned + in ImageSize. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_NOT_FOUND The current image is not copied to the buffer. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due to an authentication failure. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GET_IMAGE)( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN UINT8 ImageIndex, + IN OUT VOID *Image, + IN OUT UINTN *ImageSize + ); + +/** + Updates the firmware image of the device. + + This function updates the hardware with the new firmware image. + This function returns EFI_UNSUPPORTED if the firmware image is not updatable. + If the firmware image is updatable, the function should perform the following minimal validations + before proceeding to do the firmware image update. + - Validate the image authentication if image has attribute + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED. The function returns + EFI_SECURITY_VIOLATION if the validation fails. + - Validate the image is a supported image for this device. The function returns EFI_ABORTED if + the image is unsupported. The function can optionally provide more detailed information on + why the image is not a supported image. + - Validate the data from VendorCode if not null. Image validation must be performed before + VendorCode data validation. VendorCode data is ignored or considered invalid if image + validation failed. The function returns EFI_ABORTED if the data is invalid. + + VendorCode enables vendor to implement vendor-specific firmware image update policy. Null if + the caller did not specify the policy or use the default policy. As an example, vendor can implement + a policy to allow an option to force a firmware image update when the abort reason is due to the new + firmware image version is older than the current firmware image version or bad image checksum. + Sensitive operations such as those wiping the entire firmware image and render the device to be + non-functional should be encoded in the image itself rather than passed with the VendorCode. + AbortReason enables vendor to have the option to provide a more detailed description of the abort + reason to the caller. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance. + @param[in] ImageIndex A unique number identifying the firmware image(s) within the device. + The number is between 1 and DescriptorCount. + @param[in] Image Points to the new image. + @param[in] ImageSize Size of the new image in bytes. + @param[in] VendorCode This enables vendor to implement vendor-specific firmware image update policy. + Null indicates the caller did not specify the policy or use the default policy. + @param[in] Progress A function used by the driver to report the progress of the firmware update. + @param[out] AbortReason A pointer to a pointer to a null-terminated Unicode string providing more + details for the aborted operation. The buffer is allocated by this function + with AllocatePool(), and it is the caller's responsibility to free it with a + call to FreePool(). + + @retval EFI_SUCCESS The device was successfully updated with the new image. + @retval EFI_ABORTED The operation is aborted. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due to an authentication failure. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_PROTOCOL_SET_IMAGE)( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN UINT8 ImageIndex, + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, + IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, + OUT CHAR16 **AbortReason + ); + +/** + Checks if the firmware image is valid for the device. + + This function allows firmware update application to validate the firmware image without + invoking the SetImage() first. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance. + @param[in] ImageIndex A unique number identifying the firmware image(s) within the device. + The number is between 1 and DescriptorCount. + @param[in] Image Points to the new image. + @param[in] ImageSize Size of the new image in bytes. + @param[out] ImageUpdatable Indicates if the new image is valid for update. It also provides, + if available, additional information if the image is invalid. + + @retval EFI_SUCCESS The image was successfully checked. + @retval EFI_INVALID_PARAMETER The Image was NULL. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due to an authentication failure. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_PROTOCOL_CHECK_IMAGE)( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN UINT8 ImageIndex, + IN CONST VOID *Image, + IN UINTN ImageSize, + OUT UINT32 *ImageUpdatable + ); + +/** + Returns information about the firmware package. + + This function returns package information. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance. + @param[out] PackageVersion A version number that represents all the firmware images in the device. + The format is vendor specific and new version must have a greater value + than the old version. If PackageVersion is not supported, the value is + 0xFFFFFFFF. A value of 0xFFFFFFFE indicates that package version + comparison is to be performed using PackageVersionName. A value of + 0xFFFFFFFD indicates that package version update is in progress. + @param[out] PackageVersionName A pointer to a pointer to a null-terminated Unicode string representing + the package version name. The buffer is allocated by this function with + AllocatePool(), and it is the caller's responsibility to free it with a + call to FreePool(). + @param[out] PackageVersionNameMaxLen The maximum length of package version name if device supports update of + package version name. A value of 0 indicates the device does not support + update of package version name. Length is the number of Unicode characters, + including the terminating null character. + @param[out] AttributesSupported Package attributes that are supported by this device. See 'Package Attribute + Definitions' for possible returned values of this parameter. A value of 1 + indicates the attribute is supported and the current setting value is + indicated in AttributesSetting. A value of 0 indicates the attribute is not + supported and the current setting value in AttributesSetting is meaningless. + @param[out] AttributesSetting Package attributes. See 'Package Attribute Definitions' for possible returned + values of this parameter + + @retval EFI_SUCCESS The package information was successfully returned. + @retval EFI_UNSUPPORTED The operation is not supported. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GET_PACKAGE_INFO)( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + OUT UINT32 *PackageVersion, + OUT CHAR16 **PackageVersionName, + OUT UINT32 *PackageVersionNameMaxLen, + OUT UINT64 *AttributesSupported, + OUT UINT64 *AttributesSetting + ); + +/** + Updates information about the firmware package. + + This function updates package information. + This function returns EFI_UNSUPPORTED if the package information is not updatable. + VendorCode enables vendor to implement vendor-specific package information update policy. + Null if the caller did not specify this policy or use the default policy. + + @param[in] This A pointer to the EFI_FIRMWARE_MANAGEMENT_PROTOCOL instance. + @param[in] Image Points to the authentication image. + Null if authentication is not required. + @param[in] ImageSize Size of the authentication image in bytes. + 0 if authentication is not required. + @param[in] VendorCode This enables vendor to implement vendor-specific firmware + image update policy. + Null indicates the caller did not specify this policy or use + the default policy. + @param[in] PackageVersion The new package version. + @param[in] PackageVersionName A pointer to the new null-terminated Unicode string representing + the package version name. + The string length is equal to or less than the value returned in + PackageVersionNameMaxLen. + + @retval EFI_SUCCESS The device was successfully updated with the new package + information. + @retval EFI_INVALID_PARAMETER The PackageVersionName length is longer than the value + returned in PackageVersionNameMaxLen. + @retval EFI_UNSUPPORTED The operation is not supported. + @retval EFI_SECURITY_VIOLATIO The operation could not be performed due to an authentication failure. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_FIRMWARE_MANAGEMENT_PROTOCOL_SET_PACKAGE_INFO)( + IN EFI_FIRMWARE_MANAGEMENT_PROTOCOL *This, + IN CONST VOID *Image, + IN UINTN ImageSize, + IN CONST VOID *VendorCode, + IN UINT32 PackageVersion, + IN CONST CHAR16 *PackageVersionName + ); + +/// +/// EFI_FIRMWARE_MANAGEMENT_PROTOCOL +/// The protocol for managing firmware provides the following services. +/// - Get the attributes of the current firmware image. Attributes include revision level. +/// - Get a copy of the current firmware image. As an example, this service could be used by a +/// management application to facilitate a firmware roll-back. +/// - Program the device with a firmware image supplied by the user. +/// - Label all the firmware images within a device with a single version. +/// +struct _EFI_FIRMWARE_MANAGEMENT_PROTOCOL { + EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GET_IMAGE_INFO GetImageInfo; + EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GET_IMAGE GetImage; + EFI_FIRMWARE_MANAGEMENT_PROTOCOL_SET_IMAGE SetImage; + EFI_FIRMWARE_MANAGEMENT_PROTOCOL_CHECK_IMAGE CheckImage; + EFI_FIRMWARE_MANAGEMENT_PROTOCOL_GET_PACKAGE_INFO GetPackageInfo; + EFI_FIRMWARE_MANAGEMENT_PROTOCOL_SET_PACKAGE_INFO SetPackageInfo; +}; + +extern EFI_GUID gEfiFirmwareManagementProtocolGuid; + +#endif diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index beb456dc82..5922788edb 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -996,6 +996,12 @@ ## Include/Protocol/AtaPassThru.h gEfiAtaPassThruProtocolGuid = { 0x1d3de7f0, 0x807, 0x424f, {0xaa, 0x69, 0x11, 0xa5, 0x4e, 0x19, 0xa4, 0x6f }} + # + # Protocols defined in UEFI2.3 + # + ## Include/Protocol/FirmwareManagement.h + gEfiFirmwareManagementProtocolGuid = { 0x86c77a67, 0xb97, 0x4633, {0xa1, 0x87, 0x49, 0x10, 0x4d, 0x6, 0x85, 0xc7 }} + [PcdsFeatureFlag] ## If TRUE, the component name protocol will not be installed. gEfiMdePkgTokenSpaceGuid.PcdComponentNameDisable|FALSE|BOOLEAN|0x0000000d -- 2.39.2