Support updates via UEFI capsules #509
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
macpijan
reviewed
May 23, 2024
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
from
0ca0983 to
1dbd006
Compare
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
3 times, most recently
from
c588ab4 to
7668529
Compare
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
2 times, most recently
from
7c23b79 to
33e9865
Compare
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
5 times, most recently
from
d5fb127 to
bd70bb5
Compare
miczyg1
requested changes
Jun 24, 2024
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
from
bd70bb5 to
7a9776c
Compare
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
from
7a9776c to
11de72c
Compare
krystian-hebel
previously approved these changes
Jun 26, 2024
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
from
11de72c to
628cce5
Compare
SergiiDmytruk
force-pushed
the
uefi-capsules
branch
from
628cce5 to
0b4ea65
Compare
|
Fixed GUID of |
SergiiDmytruk
temporarily deployed
to
NovaCustom
GitHub Actions
Inactive
Are you sure, seems to build? Dasharo/edk2@11b2679 is there and it's part of some branches/tags. |
Huh, I must've be mistaken... |
Change-Id: I02d917fb5f9c98fd2792e2c7d3cfaaf84b430ffd Signed-off-by: Sergii Dmytruk <[email protected]>
New CONFIG_DRIVERS_EFI_FW_INFO is off by default, enabling it adds
DRIVERS_EFI_FW_{GUID,VERSION,LSV} to be used to specify firmware
version/update information.
Existing forms of versions wouldn't be sufficient because there is no
universal way of conversion to 32-bit unsigned integers and there are no
GUIDs or lowest supported versions.
Change-Id: Ic1b768d7bed43edf7ca8e41552087734054de033
Signed-off-by: Sergii Dmytruk <[email protected]>
How it approximately works: (During a normal system run): 1. OS puts a capsule into RAM and calls UpdateCapsule() function of EFI runtime 2. If applying the update requires a reboot, EFI implementation creates a new CapsuleUpdateData* EFI variable pointing at the beginning of capsules description (not data, but description of the data) and does a warm reboot leaving capsule data and its description in RAM to be picked by firmware on the next boot process (After DEV_INIT:) 3. Capsules are discovered by checking for CapsuleUpdateData* variables 4. Capsule description in memory and capsule data is validated for sanity 5. Capsule data is coalesced into a continuous piece of memory (On BS_WRITE_TABLES via dasharo_add_capsules_to_bootmem() hook:) 6. Buffer with coalesced capsules is marked as reserved (On BS_WRITE_TABLES via lb_uefi_capsules() hook:) 7. coreboot table entry is added for each of the discovered capsules (In UEFI payload:) 8. CapsuleUpdateData* get removed 9. coreboot table is checked for any update capsules which are then applied Change-Id: I162d678ae5c504906084b59c1a8d8c26dadb9433 Signed-off-by: Sergii Dmytruk <[email protected]>
Change-Id: I30058c4b4d43ef622bddfe69892d02ffffc039db Signed-off-by: Sergii Dmytruk <[email protected]>
Change-Id: Ic7dbdc044ea7cd799eb29800a8245e67c67b90d1 Signed-off-by: Krystian Hebel <[email protected]> Signed-off-by: Sergii Dmytruk <[email protected]>
With DRIVERS_EFI_UPDATE_CAPSULES enabled, SMMSTORE SMI handler can use commands with highest bit (0x80) set to access whole flash instead of just the SMMSTORE region. The rest of interface is identical to regular SMMSTORE v2. Change-Id: I7f3dbfa965b9dcbade8b2f06a5bd2ac1345c7972 Signed-off-by: Krystian Hebel <[email protected]>
This adds a call to SMMSTORE that saves information about availability of capsules in SMM memory. This new call is ignored when run more than once, which means that there should be no way of enabling full flash handling after it was disabled and vice versa. The call should be always made by the firmware to lock further calls, otherwise OS could gain full flash access. This is done on entry to BS_POST_DEVICE, after capsules are obtained in BS_DEV_INIT. Change-Id: I3dc175ea313aae1edae304520595b82db7206cbb Signed-off-by: Krystian Hebel <[email protected]>
This commit adds a description of capsule update commands implemented in SMMSTORE in previous patches. Change-Id: I94761d18be567e5302d1a836f09f0a7eecb4fb00 Signed-off-by: Krystian Hebel <[email protected]>
This requires version of EDK2 in use to understand those defines, but the build isn't affected negatively if they aren't handled. Upstream EDK2 understands only CAPSULE_SUPPORT at the moment. Change-Id: I1c684cb8929842a5d3c4b06e8a9c0a748470ea41 Signed-off-by: Sergii Dmytruk <[email protected]>
Change-Id: Ia72cff286f2dd4399d7874c1defe114ef8d95f33 Signed-off-by: Sergii Dmytruk <[email protected]>
Add CONFIG_EXT_BIOS_FILL_UP to make BIOS region include everything preceding it in the flash. Change-Id: I885252a488bd35fc3afef571e6178642a059f883 Signed-off-by: Sergii Dmytruk <[email protected]>
UEFI board variants use UEFI variables directly instead of using them through options API. More importantly, be consistent with Z690-A. Change-Id: I283b2198dbbb81baebf84d2eff33c0cd238b118d Signed-off-by: Sergii Dmytruk <[email protected]>
Allows specifying how many performance/efficiency cores should run and whether hyper-threading is enabled. Change-Id: I540305af30be59652429f44d58f094aed549e9d1 Signed-off-by: Sergii Dmytruk <[email protected]>
Change-Id: I0e309d79cf4d58e8f5d7468c74eb2281ea4f9857 Signed-off-by: Sergii Dmytruk <[email protected]>
ms7d25 and ms7e06 contain the same microcode. Signed-off-by: Sergii Dmytruk <[email protected]>
This version is necessary to enable testing capsule updates first introduced for these boards. Change-Id: I9d709c08cf771b5ddecdda936d7507c7f81016a5 Signed-off-by: Sergii Dmytruk <[email protected]>
This is real release candidate for these releases. Change-Id: I6b48ca82f6fc756b6032ef0695309db06328251f Signed-off-by: Sergii Dmytruk <[email protected]>
It results in duplicated output. Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Sergii Dmytruk <[email protected]>
One more release candidate. Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
Another release candidate. Change-Id: I4b1d607ad874c824ab99e17e218c58efe4193984 Signed-off-by: Sergii Dmytruk <[email protected]>
Change-Id: I489db304d6dc51a64fa3f15c8ccfe10ff08d302d Signed-off-by: Maciej Pijanowski <[email protected]>
krystian-hebel
force-pushed
the
uefi-capsules
branch
from
b9d6d8c to
6233d0e
Compare
krystian-hebel
approved these changes
Dec 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Originally: capsule parsing and coalescing.
Now: integration branch for UEFI capsules.
Other coreboot PRs merged into this one:
Related EDK PRs: