Support updates via UEFI capsules #509

Change-Id: I02d917fb5f9c98fd2792e2c7d3cfaaf84b430ffd Signed-off-by: Sergii Dmytruk <[email protected]>

New CONFIG_DRIVERS_EFI_FW_INFO is off by default, enabling it adds DRIVERS_EFI_FW_{GUID,VERSION,LSV} to be used to specify firmware version/update information. Existing forms of versions wouldn't be sufficient because there is no universal way of conversion to 32-bit unsigned integers and there are no GUIDs or lowest supported versions. Change-Id: Ic1b768d7bed43edf7ca8e41552087734054de033 Signed-off-by: Sergii Dmytruk <[email protected]>

How it approximately works: (During a normal system run): 1. OS puts a capsule into RAM and calls UpdateCapsule() function of EFI runtime 2. If applying the update requires a reboot, EFI implementation creates a new CapsuleUpdateData* EFI variable pointing at the beginning of capsules description (not data, but description of the data) and does a warm reboot leaving capsule data and its description in RAM to be picked by firmware on the next boot process (After DEV_INIT:) 3. Capsules are discovered by checking for CapsuleUpdateData* variables 4. Capsule description in memory and capsule data is validated for sanity 5. Capsule data is coalesced into a continuous piece of memory (On BS_WRITE_TABLES via dasharo_add_capsules_to_bootmem() hook:) 6. Buffer with coalesced capsules is marked as reserved (On BS_WRITE_TABLES via lb_uefi_capsules() hook:) 7. coreboot table entry is added for each of the discovered capsules (In UEFI payload:) 8. CapsuleUpdateData* get removed 9. coreboot table is checked for any update capsules which are then applied Change-Id: I162d678ae5c504906084b59c1a8d8c26dadb9433 Signed-off-by: Sergii Dmytruk <[email protected]>

Change-Id: I30058c4b4d43ef622bddfe69892d02ffffc039db Signed-off-by: Sergii Dmytruk <[email protected]>

Change-Id: Ic7dbdc044ea7cd799eb29800a8245e67c67b90d1 Signed-off-by: Krystian Hebel <[email protected]> Signed-off-by: Sergii Dmytruk <[email protected]>

With DRIVERS_EFI_UPDATE_CAPSULES enabled, SMMSTORE SMI handler can use commands with highest bit (0x80) set to access whole flash instead of just the SMMSTORE region. The rest of interface is identical to regular SMMSTORE v2. Change-Id: I7f3dbfa965b9dcbade8b2f06a5bd2ac1345c7972 Signed-off-by: Krystian Hebel <[email protected]>

This adds a call to SMMSTORE that saves information about availability of capsules in SMM memory. This new call is ignored when run more than once, which means that there should be no way of enabling full flash handling after it was disabled and vice versa. The call should be always made by the firmware to lock further calls, otherwise OS could gain full flash access. This is done on entry to BS_POST_DEVICE, after capsules are obtained in BS_DEV_INIT. Change-Id: I3dc175ea313aae1edae304520595b82db7206cbb Signed-off-by: Krystian Hebel <[email protected]>

This commit adds a description of capsule update commands implemented in SMMSTORE in previous patches. Change-Id: I94761d18be567e5302d1a836f09f0a7eecb4fb00 Signed-off-by: Krystian Hebel <[email protected]>

This requires version of EDK2 in use to understand those defines, but the build isn't affected negatively if they aren't handled. Upstream EDK2 understands only CAPSULE_SUPPORT at the moment. Change-Id: I1c684cb8929842a5d3c4b06e8a9c0a748470ea41 Signed-off-by: Sergii Dmytruk <[email protected]>

Change-Id: Ia72cff286f2dd4399d7874c1defe114ef8d95f33 Signed-off-by: Sergii Dmytruk <[email protected]>

Add CONFIG_EXT_BIOS_FILL_UP to make BIOS region include everything preceding it in the flash. Change-Id: I885252a488bd35fc3afef571e6178642a059f883 Signed-off-by: Sergii Dmytruk <[email protected]>

UEFI board variants use UEFI variables directly instead of using them through options API. More importantly, be consistent with Z690-A. Change-Id: I283b2198dbbb81baebf84d2eff33c0cd238b118d Signed-off-by: Sergii Dmytruk <[email protected]>

Allows specifying how many performance/efficiency cores should run and whether hyper-threading is enabled. Change-Id: I540305af30be59652429f44d58f094aed549e9d1 Signed-off-by: Sergii Dmytruk <[email protected]>

Change-Id: I0e309d79cf4d58e8f5d7468c74eb2281ea4f9857 Signed-off-by: Sergii Dmytruk <[email protected]>

ms7d25 and ms7e06 contain the same microcode. Signed-off-by: Sergii Dmytruk <[email protected]>

This version is necessary to enable testing capsule updates first introduced for these boards. Change-Id: I9d709c08cf771b5ddecdda936d7507c7f81016a5 Signed-off-by: Sergii Dmytruk <[email protected]>

This is real release candidate for these releases. Change-Id: I6b48ca82f6fc756b6032ef0695309db06328251f Signed-off-by: Sergii Dmytruk <[email protected]>

It results in duplicated output. Signed-off-by: Sergii Dmytruk <[email protected]>

Signed-off-by: Sergii Dmytruk <[email protected]>

One more release candidate. Signed-off-by: Sergii Dmytruk <[email protected]>

Signed-off-by: Michał Żygowski <[email protected]>

Another release candidate. Change-Id: I4b1d607ad874c824ab99e17e218c58efe4193984 Signed-off-by: Sergii Dmytruk <[email protected]>

Change-Id: I489db304d6dc51a64fa3f15c8ccfe10ff08d302d Signed-off-by: Maciej Pijanowski <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support updates via UEFI capsules #509

Support updates via UEFI capsules #509

Commits on Nov 4, 2024

Commits on Nov 21, 2024

Support updates via UEFI capsules #509

Are you sure you want to change the base?

Support updates via UEFI capsules #509

Commits on Nov 4, 2024

Commits on Nov 21, 2024