From e4bb5bf01ba0efbe91fe702bfb08dd9d47b9f174 Mon Sep 17 00:00:00 2001 From: Sergii Dmytruk Date: Sun, 30 Jun 2024 19:17:38 +0300 Subject: [PATCH] DasharoPayloadPkg: optionally enable update capsules New CAPSULE_ENABLE define in DasharoPayloadPkg.dsc adds required libraries/DXEs/PCDs and enables building of CapsuleApp which is useful for testing. BlSupportPei now switches boot mode to BOOT_ON_FLASH_UPDATE if there are any capsules. It's not guarded by any PCD under the assumption that coreboot won't pass capsules if EDK shouldn't be handling them. EsrtDxe is enabled to manage and cache ESRT entries (caching is supposedly necessary after a capsule is processed, although don't really understand why). ProcessCapsules() internally looks up EsrtManagementProtocol and calls SyncEsrtFmp() to import data from available FMP instances. PlatformBootManagerLib was made to call ProcessCapsules() (twice). Signed-off-by: Sergii Dmytruk --- DasharoPayloadPkg/BlSupportPei/BlSupportPei.c | 5 ++++ DasharoPayloadPkg/DasharoPayloadPkg.dsc | 25 ++++++++++++++++- DasharoPayloadPkg/DasharoPayloadPkg.fdf | 4 +++ .../PlatformBootManager.c | 28 +++++++++++++++++++ .../PlatformBootManagerLib.inf | 2 ++ 5 files changed, 63 insertions(+), 1 deletion(-) diff --git a/DasharoPayloadPkg/BlSupportPei/BlSupportPei.c b/DasharoPayloadPkg/BlSupportPei/BlSupportPei.c index df0bdc9daa..53e014ebc1 100644 --- a/DasharoPayloadPkg/BlSupportPei/BlSupportPei.c +++ b/DasharoPayloadPkg/BlSupportPei/BlSupportPei.c @@ -761,6 +761,11 @@ BlPeiEntryPoint ( return Status; } + if (GetFirstHob (EFI_HOB_TYPE_UEFI_CAPSULE) != NULL) { + Status = PeiServicesSetBootMode (BOOT_ON_FLASH_UPDATE); + ASSERT_EFI_ERROR (Status); + } + // // Mask off all legacy 8259 interrupt sources // diff --git a/DasharoPayloadPkg/DasharoPayloadPkg.dsc b/DasharoPayloadPkg/DasharoPayloadPkg.dsc index 660bf50979..998a82b19d 100644 --- a/DasharoPayloadPkg/DasharoPayloadPkg.dsc +++ b/DasharoPayloadPkg/DasharoPayloadPkg.dsc @@ -109,6 +109,7 @@ DEFINE PERFORMANCE_MEASUREMENT_ENABLE = FALSE DEFINE RAM_DISK_ENABLE = FALSE DEFINE APU_CONFIG_ENABLE = FALSE + DEFINE CAPSULE_ENABLE = FALSE # # Network definition @@ -212,7 +213,12 @@ UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf +!if $(CAPSULE_ENABLE) == TRUE + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf + DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressLibText/DisplayUpdateProgressLibText.inf +!else CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf +!endif SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf @@ -409,6 +415,9 @@ DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebugLibReportStatusCode.inf PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf MbedTlsCrtLib|CryptoPkg/Library/MbedTlsCrtRuntimeLib/MbedTlsCrtRuntimeLib.inf +!if $(CAPSULE_ENABLE) == TRUE + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf +!endif [LibraryClasses.common.UEFI_DRIVER,LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -432,6 +441,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwarePerformanceDataTableS3Support|FALSE gEfiMdeModulePkgTokenSpaceGuid.PcdInstallAcpiSdtProtocol|TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdPs2KbdExtendedVerification|TRUE + gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset|$(CAPSULE_ENABLE) [PcdsFixedAtBuild] # UEFI spec: Minimal value is 0x8000! @@ -453,6 +463,8 @@ gDasharoPayloadPkgTokenSpaceGuid.PcdSerialOnSuperIo|$(UART_ON_SUPERIO) + gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleFmpSupport|$(CAPSULE_ENABLE) + !if $(SECURE_BOOT_DEFAULT_ENABLE) == TRUE gEfiSecurityPkgTokenSpaceGuid.PcdSecureBootDefaultEnable|1 !else @@ -682,7 +694,14 @@ UefiCpuPkg/CpuDxe/CpuDxe.inf MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf - MdeModulePkg/Universal/BdsDxe/BdsDxe.inf + MdeModulePkg/Universal/BdsDxe/BdsDxe.inf { + +!if $(CAPSULE_ENABLE) == TRUE + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf +!else + FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf +!endif + } MdeModulePkg/Logo/LogoDxe.inf MdeModulePkg/Application/UiApp/UiApp.inf { @@ -697,6 +716,10 @@ gDasharoSystemFeaturesTokenSpaceGuid.PcdShowPs2Option|$(PS2_KEYBOARD_ENABLE) } MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf +!if $(CAPSULE_ENABLE) == TRUE + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf +!endif !if $(RAM_DISK_ENABLE) == TRUE MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf !endif diff --git a/DasharoPayloadPkg/DasharoPayloadPkg.fdf b/DasharoPayloadPkg/DasharoPayloadPkg.fdf index e7aa3b9aa1..9a56d7c1d2 100644 --- a/DasharoPayloadPkg/DasharoPayloadPkg.fdf +++ b/DasharoPayloadPkg/DasharoPayloadPkg.fdf @@ -374,6 +374,10 @@ INF RuleOverride = BINARY USE = X64 ShellBinPkg/UefiShell/UefiShell.inf INF CrScreenshotDxe/CrScreenshotDxe.inf +!if $(CAPSULE_ENABLE) == TRUE +INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf +!endif + ################################################################################ # # Rules are use with the [FV] section's module INF type to define diff --git a/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c index 5236771b94..dd5e483c53 100644 --- a/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c +++ b/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c @@ -14,6 +14,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include +#include #include #include @@ -672,6 +674,19 @@ PlatformBootManagerBeforeConsole ( UnregisterBootManagerMenuAppBootOption (); } + // + // Process system firmware update capsules and possibly device update + // capsules that don't contain embedded drivers if those devices are already + // available. + // + if (GetBootModeHob() == BOOT_ON_FLASH_UPDATE) { + // TODO: when enabling capsule support for laptops, add a battery check here + Status = ProcessCapsules (); + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "%a(): ProcessCapsule() failed with: %r\n", __FUNCTION__, Status)); + } + } + // // Install ready to lock. // This needs to be done before option rom dispatched. @@ -1567,6 +1582,19 @@ PlatformBootManagerAfterConsole ( EfiBootManagerConnectAll (); EfiBootManagerRefreshAllBootOption (); + // + // Process device update capsules there weren't processed along with system + // firmware capsules on first call to ProcessCapsules() in + // PlatformBootManagerBeforeConsole(). + // + if (GetBootModeHob() == BOOT_ON_FLASH_UPDATE) { + // TODO: when enabling capsule support for laptops, add a battery check here + Status = ProcessCapsules (); + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "%a(): ProcessCapsule() failed with: %r\n", __FUNCTION__, Status)); + } + } + // // Process TPM PPI request // diff --git a/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf index 11360551c7..cfd974a57c 100644 --- a/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +++ b/DasharoPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf @@ -54,6 +54,8 @@ Tcg2PhysicalPresenceLib CustomizedDisplayLib LaptopBatteryLib + CapsuleLib + HobLib [Guids] gEfiEndOfDxeEventGroupGuid