Re: [PATCH 00/45] Add capsule update and recovery sample.


Yao, Jiewen
 

Thanks, Mike. That is very good suggestion. See below detail:

For feature testing, I did below:

1) CapsuleUpdate

a) Test capsule with EDKII System Capsule PKCS7 format.

b) Capsule Generation: in build phase.

c) Capsule trigger: In UEFI SHELL, use CapsuleApp in this patch.

d) Platform: an internal Platform, MinnowMax and Quark.

e) No auth header, or auth fail: rejected.

f) Version lower: rejected.

2) Recovery

a) Test capsule with EDKII System Capsule RSA2048SHA256 format.

b) Capsule Generation: in build phase.

c) Recovery Media: USB KEY.

d) Platform: an internal platform, MinnowMax. (Quark platform has USB issue in PEI phase and cause system resest. So I cannot test Quark)

e) No auth header, or auth fail: rejected.

f) Version mismatch: rejected.

3) MicrocodeUpdate

a) Test capsule with Microcode FMP format.

b) Capsule Generation: in UEFI SHELL use MicrocodeCapsuleApp, or in build phase.

c) Capsule trigger: In UEFI SHELL, use CapsuleApp in this patch.

d) Platform: an internal Platform, MinnowMax. (Not for Quark, because Quark uses different style binary)

e) ProcessorSignature/ProcessorFlags mismatch: rejected.

f) MicrocodeLoad fail: rejected.

The API which will get direct external input is below:

1) MdeModulePkg\Library\DxeCapsuleLibFmp\DxeCapsuleLib.c:

a) SupportCapsuleImage()

b) ProcessCapsuleImage()

c) IsValidCapsuleHeader()

d) ValidateFmpCapsule() <== This is the API to valid the FMP capsule header.

e) DisplayCapsuleImage() <== This is the API to process UX capsule.

f) ConvertBmpToGopBlt() <== This is the API to parse BMP

2) MdeModulePkg\Library\DxeCapsuleLibFmp\DxeCapsuleProcessLib.c:

a) ProcessTheseCapsules()

3) MdeModulePkg\Library\EdkiiSystemCapsuleLib\EdkiiSystemCapsuleLib.c

a) CapsuleAuthenticateSystemFirmware()

4) MdeModulePkg\Library\FmpAuthenitcationLib\FmpAuthenitcationLib.c

a) ExecuteFmpAuthenticationHandler() <== This is the API to valid FMP AUTH HEADER.

5) MdeModulePkg\Universal\SystemBiosUpdate\SystemBiosMainSetImage.c

a) BiosAuthenticatedUpdate()

6) MdeModulePkg\Universal\RecoveryModuleLoadPei\RecoveryModuleLoadPei.c

a) ProcessRecoveryCapsule()

b) ProcessFmpCapsuleImage ()

c) ProcessRecoveryImage ()

d) IsValidCapsuleHeader()

e) ValidateFmpCapsule () <== This is the API to valid the FMP capsule header.

7) SecurityPkg\Library\FmpAuthenticationPkcs7Lib\FmpAuthenticationPkcs7Lib.c

a) FmpAuthenticatedHandlerPkcs7() <== This is the API to valid FMP PKCS7 AUTH data

8) SecurityPkg\Library\FmpAuthenticationRsa2048Sha256Lib\FmpAuthenticationRsa2048Sha256Lib.c

a) FmpAuthenticatedHandlerRsa2048Sha256 () <== This is the API to valid FMP RSA2048SHA256 AUTH data

9) UefiCpuPkg\MicrocodeUpdate\MicrocodeUpdate.c

a) VerifyMicrocode () <== This is the API to valid Microcode capsule.
The RED part is the goal keeper.

For security testing, I did below:
The capsule image is external input, so those API need validate the format.

1) FMP capsule

a) Unit Test: Generate invalid field below:

i. EFI_CAPSULE_HEADER.CapsuleGuid (All zero)

ii. EFI_CAPSULE_HEADER.HeaderSize (0)

iii. EFI_CAPSULE_HEADER.CapsuleImageSize (0, 0xFFFFFFFF)

iv. EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER.Version (EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION - 1, EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER_INIT_VERSION + 1)

v. EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER.EmbeddedDriverCount (0, 0xFFFF)

vi. EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER.PayloadItemCount (0, 0xFFFF)

vii. EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER.ItemOffsetList (0, 0xFFFFFFFF, 0xFFFFFFFFFFFFFFFF)

viii. EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.Version (EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION - 1, EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER_INIT_VERSION + 1)

ix. EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.UpdateImageSize (0, 0xFFFFFFFF, Valid - 1)

x. EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER.UpdateVendorCodeSize (0xFFFFFFFF)

xi. EFI_FIRMWARE_IMAGE_AUTHENTICATION.UpdateImageTypeId (all zero)

xii. EFI_FIRMWARE_IMAGE_AUTHENTICATION.AuthInfo.Hdr.dwLength (0, 0xFFFFFFFF)

xiii. EFI_FIRMWARE_IMAGE_AUTHENTICATION.AuthInfo.Hdr.wRevision (Valid - 1, Valid + 1)

xiv. EFI_FIRMWARE_IMAGE_AUTHENTICATION.AuthInfo.Hdr.wCertificateType (0)

xv. EFI_FIRMWARE_IMAGE_AUTHENTICATION.AuthInfo.CertType (all zero)

b) Fuzzing Test: Generate invalid field below: (Similar to above)

i. EFI_CAPSULE_HEADER

ii. EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER

iii. EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER

iv. EFI_FIRMWARE_IMAGE_AUTHENTICATION

2) Microsoft defined UX capsule

a) Unit Test: Generate invalid field below:

i. EFI_CAPSULE_HEADER.CapsuleGuid (All zero)

ii. EFI_CAPSULE_HEADER.HeaderSize (0)

iii. EFI_CAPSULE_HEADER.CapsuleImageSize (0, 0xFFFFFFFF)

iv. EFI_DISPLAY_CAPSULE.ImagePayload.Version (Valid - 1, Valid + 1)

v. EFI_DISPLAY_CAPSULE.ImagePayload.Checksum (~Valid)

vi. EFI_DISPLAY_CAPSULE.ImagePayload.ImageType (Valid - 1, Valid + 1)

vii. EFI_DISPLAY_CAPSULE.ImagePayload.Mode (Valid - 1, Valid + 1)

viii. EFI_DISPLAY_CAPSULE.ImagePayload.OffsetX (0xFFFFFFFF, Gop->Mode->Info->HorizontalResolution)

ix. EFI_DISPLAY_CAPSULE.ImagePayload.OffsetY (0xFFFFFFFF, Gop->Mode->Info->VerticalResolution)

b) Fuzzing Test: Generate invalid field below: (Similar to above)

i. EFI_CAPSULE_HEADER

ii. EFI_DISPLAY_CAPSULE.ImagePayload

3) Microcode capsule

a) Unit Test: Generate invalid field below:

i. CPU_MICROCODE_HEADER.HeaderVersion (0)

ii. CPU_MICROCODE_HEADER.UpdateVersion (0)

iii. CPU_MICROCODE_HEADER.ProcessorSignature.Uint32 (0)

iv. CPU_MICROCODE_HEADER.Checksum (~Valid)

v. CPU_MICROCODE_HEADER.LoaderRevision (0)

vi. CPU_MICROCODE_HEADER.ProcessorFlags (0)

vii. CPU_MICROCODE_HEADER.DataSize (1, 0xFFFFFFFF)

viii. CPU_MICROCODE_HEADER.TotalSize (1, 0xFFFFFFFF)

ix. CPU_MICROCODE_EXTENDED_TABLE_HEADER.ExtendedSignatureCount (0, 0xFFFFFFFF)

x. CPU_MICROCODE_EXTENDED_TABLE_HEADER.Checksum (~Valid)

xi. CPU_MICROCODE_EXTENDED_TABLE_HEADER.ProcessorSignature.Uint32 (0)

xii. CPU_MICROCODE_EXTENDED_TABLE_HEADER.ProcessorFlags (0)

xiii. CPU_MICROCODE_EXTENDED_TABLE.Checksum (~Valid)

b) Fuzzing Test: Generate invalid field below: (Similar to above)

i. CPU_MICROCODE_HEADER

If reviewed can help double check the API and test case, to see if the validation is enough, that will be great.
I will be happy to add more test per request.

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Thursday, September 22, 2016 12:36 AM
To: Yao, Jiewen <jiewen.yao@...>; edk2-devel@...; Kinney, Michael D <michael.d.kinney@...>
Cc: Tian, Feng <feng.tian@...>; Gao, Liming <liming.gao@...>; Zeng, Star <star.zeng@...>; Fan, Jeff <jeff.fan@...>; Zhang, Chao B <chao.b.zhang@...>
Subject: RE: [edk2] [PATCH 00/45] Add capsule update and recovery sample.

Jiewen,

Thanks for this contribution and thank you for also providing a version of
it on your GitHub fork to make it easier for some to evaluate such a large
series.

Can you provide a more detailed summary of this feature along with
A summary of any testing that has already been performed?


I see some of the comments have a Caution about an API taking external
input. This implies that some amount of security analysis and review
may have already been performed. The summary should include the set of
APIs that do take external input and what review or testing was done on
those APIs?

What amount of additional testing do you think this series requires?

Thanks,

Mike

-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@...] On Behalf Of Jiewen Yao
Sent: Tuesday, September 20, 2016 11:45 PM
To: edk2-devel@...<mailto:edk2-devel@...>
Cc: Tian, Feng <feng.tian@...<mailto:feng.tian@...>>; Gao, Liming <liming.gao@...<mailto:liming.gao@...>>; Zeng, Star
<star.zeng@...<mailto:star.zeng@...>>; Kinney, Michael D <michael.d.kinney@...<mailto:michael.d.kinney@...>>; Fan, Jeff
<jeff.fan@...<mailto:jeff.fan@...>>; Zhang, Chao B <chao.b.zhang@...<mailto:chao.b.zhang@...>>
Subject: [edk2] [PATCH 00/45] Add capsule update and recovery sample.

This series patch provides sample on how to do signed capsule update
and recovery in EDKII.

This series patch is also checked into git@...:jyao1/edk2.git<mailto:git@...:jyao1/edk2.git>.

The feature includes:
1) Define EDKII signed system BIOS capsule format.
2) Provide EDKII signed system BIOS update sample.
3) Provide EDKII signed recovery sample.
4) Provide Microcode update sample for X86 system.
5) Update Quark to use new capsule/recovery solution.
6) Update Vlv2(MinnowMax) to use new capsule/recovery solution.

The signed capsule/recovery solution is in MdeModulePkg.
The capsule in IntelFrameworkModulePkg is deprecated.
The Microcode update solution is in UefiCpuPkg.

Cc: Feng Tian <feng.tian@...<mailto:feng.tian@...>>
Cc: Star Zeng <star.zeng@...<mailto:star.zeng@...>>
Cc: Michael D Kinney <michael.d.kinney@...<mailto:michael.d.kinney@...>>
Cc: Liming Gao <liming.gao@...<mailto:liming.gao@...>>
Cc: Chao Zhang <chao.b.zhang@...<mailto:chao.b.zhang@...>>
Cc: Jeff Fan <jeff.fan@...<mailto:jeff.fan@...>>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@...<mailto:jiewen.yao@...>>


Jiewen Yao (45):
MdeModulePkg/Include: Add EDKII system FMP capsule header.
MdeModulePkg/Include: Add EdkiiSystemCapsuleLib definition.
MdeModulePkg/Include: Add FmpAuthenticationLib header.
MdeModulePkg/Include: Add IniParsingLib header.
MdeModulePkg/Include: Add PlatformFlashAccessLib header.
MdeModulePkg/CapsuleLib: Add ProcessCapsules() API.
MdeModulePkg/MdeModulePkg.dec: Add capsule related definition.
MdeModulePkg/IniParsingLib: Add InitParsingLib instance.
MdeModulePkg/FmpAuthenticationLib: Add FmpAuthenticationLib instance.
MdeModulePkg/DxeCapsuleLibFmp: Add DxeCapsuleLibFmp instance.
MdeModulePkg/DxeCapsuleLibNull: Add ProcessCapsules() interface.
MdeModulePkg/EdkiiSystemCapsuleLib: Add EdkiiSystemCapsuleLib
instance.
MdeModulePkg/PlatformFlashAccessLib: Add NULL PlatformFlashAccessLib.
MdeModulePkg/Esrt: Add ESRT_FW_TYPE_SYSTEMFIRMWARE check.
MdeModulePkg/SystemBiosUpdate: Add SystemBiosUpdate component.
MdeModulePkg/RecoveryModuleLoadPei: Add RecoveryModuleLoadPei.
MdeModulePkg/CapsuleApp: Add CapsuleApp application.
MdeModulePkg/MdeModulePkg.dsc: Add capsule related component.
IntelFrameworkModulePkg/DxeCapsuleLib: Add ProcessCapsules()
interface.
SecurityPkg/SecurityPkg.dec: Add PcdPkcs7CertBuffer PCD.
SecurityPkg/FmpAuthenticationPkcs7Lib: Add PKCS7 NULL class for FMP.
SecurityPkg/FmpAuthenticationRsa2048Sha256Lib: Add NULL class for FMP.
SecurityPkg/SecurityPkg.dsc: Add FmpAuthentication*Lib.
UefiCpuPkg/Include: Add Microcode FMP definition.
UefiCpuPkg/Include: Add MicrocodeFlashAccessLib header.
UefiCpuPkg/UefiCpuPkg.dec: Add Microcode capsule related definition.
UefiCpuPkg/MicrocodeUpdate: Add MicrocodeUpdate component.
UefiCpuPkg/MicrocodeFlashAccessLib: Add NULL MicrocodeFlashAccessLib.
UefiCpuPkg/MicrocodeCapsuleApp: Add MicrocodeCapsuleApp application.
UefiCpuPkg/UefiCpuPkg.dsc: Add MicrocodeCapsule related component.
QuarkPlatformPkg/PlatformFlashAccessLib: Add instance for capsule
update.
QuarkPlatformPkg/SystemBiosDescriptor: Add Descriptor for capsule
update.
QuarkPlatformPkg/SystemBiosUpdateConfig: Add capsule config file.
QuarkPlatformPkg/PlatformInit: Remove recovery PPI installation.
QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
QuarkPlatformPkg/dsc/fdf: add capsule generation DSC/FDF.
Vlv2TbltDevicePkg/PlatformFlashAccessLib: Add instance for capsule
update.
Vlv2TbltDevicePkg/SystemBiosDescriptor: Add Descriptor for capsule
update.
Vlv2TbltDevicePkg/SystemBiosUpdateConfig: Add capsule config file.
Vlv2TbltDevicePkg/FlashDeviceLib: Add DXE flash device lib.
Vlv2TbltDevicePkg/PlatformBootManager: Add capsule/recovery handling.
Vlv2TbltDevicePkg/dsc/fdf: Add capsule/recovery support.
Vlv2TbltDevicePkg/dsc/fdf: add capsule generation DSC/FDF.
Vlv2TbltDevicePkg/bat: add capsule generation in bat.

IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.c
| 39 +-
MdeModulePkg/Application/CapsuleApp/AppSupport.c
| 480 ++++++
MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
| 1047 +++++++++++++
MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
| 71 +
MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
| 22 +
MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
| 19 +
MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
| 840 +++++++++++
MdeModulePkg/Include/Guid/EdkiiSystemFmpCapsule.h
| 110 ++
MdeModulePkg/Include/Library/CapsuleLib.h
| 45 +-
MdeModulePkg/Include/Library/EdkiiSystemCapsuleLib.h
| 152 ++
MdeModulePkg/Include/Library/FmpAuthenticationLib.h
| 91 ++
MdeModulePkg/Include/Library/IniParsingLib.h
| 153 ++
MdeModulePkg/Include/Library/PlatformFlashAccessLib.h
| 59 +
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
| 1538 ++++++++++++++++++++
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
| 82 ++
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
| 22 +
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
| 517 +++++++
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
| 447 ++++++
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
| 112 ++
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
| 85 ++
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
| 22 +
MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.c
| 47 +-
MdeModulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.c
| 609 ++++++++
MdeModulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
| 55 +
MdeModulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.uni
| 22 +
MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.c
| 274 ++++
MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.inf
| 47 +
MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.uni
| 22 +
MdeModulePkg/Library/IniParsingLib/IniParsingLib.c
| 1053 ++++++++++++++
MdeModulePkg/Library/IniParsingLib/IniParsingLib.inf
| 42 +
MdeModulePkg/Library/IniParsingLib/IniParsingLib.uni
| 22 +
MdeModulePkg/Library/PlatformFlashAccessLibNull/PlatformFlashAccessLibNull.c
| 54 +
MdeModulePkg/Library/PlatformFlashAccessLibNull/PlatformFlashAccessLibNull.inf
| 40 +
MdeModulePkg/Library/PlatformFlashAccessLibNull/PlatformFlashAccessLibNull.uni
| 21 +
MdeModulePkg/MdeModulePkg.dec
| 106 ++
MdeModulePkg/MdeModulePkg.dsc
| 24 +
MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
| 3 +-
MdeModulePkg/Universal/EsrtDxe/EsrtImpl.c
| 37 +-
MdeModulePkg/Universal/RecoveryModuleLoadPei/ParseConfigProfile.c
| 158 ++
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.c
| 746 ++++++++++
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.h
| 44 +
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf
| 71 +
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.uni
| 21 +
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPeiExtra.uni
| 20 +
MdeModulePkg/Universal/SystemBiosUpdate/ParseConfigProfile.c
| 219 +++
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosDxe.h
| 393 +++++
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosMainDxe.c
| 484 ++++++
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosMainSetImage.c
| 453 ++++++
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosMainSetImageDummy.c
| 90 ++
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosReportDxe.inf
| 66 +
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosReportDxe.uni
| 21 +
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosReportDxeExtra.uni
| 20 +
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosUpdateDxe.inf
| 70 +
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosUpdateDxe.uni
| 21 +
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosUpdateDxeExtra.uni
| 20 +

QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLi
bDxe.c | 200 +++

QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLi
bDxe.inf | 52 +
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c
| 336 +++++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h
| 186 +++
QuarkPlatformPkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.aslc
| 88 ++
QuarkPlatformPkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.inf
| 45 +
QuarkPlatformPkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptorPei.c
| 66 +
QuarkPlatformPkg/Feature/Capsule/SystemBiosUpdateConfig/SystemBiosUpdateConfig.ini
| 62 +
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
| 95 +-
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
| 8 +-
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
| 8 +-
QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c
| 3 +-
QuarkPlatformPkg/Quark.dsc
| 61 +-
QuarkPlatformPkg/Quark.fdf
| 53 +
QuarkPlatformPkg/QuarkCapsule.dsc
| 44 +
QuarkPlatformPkg/QuarkCapsule.fdf
| 82 ++
QuarkPlatformPkg/QuarkMin.dsc
| 7 +-
SecurityPkg/Library/FmpAuthenticationPkcs7Lib/FmpAuthenticationPkcs7Lib.c
| 144 ++
SecurityPkg/Library/FmpAuthenticationPkcs7Lib/FmpAuthenticationPkcs7Lib.inf
| 52 +
SecurityPkg/Library/FmpAuthenticationPkcs7Lib/FmpAuthenticationPkcs7Lib.uni
| 26 +

SecurityPkg/Library/FmpAuthenticationRsa2048Sha256Lib/FmpAuthenticationRsa2048Sha256L
ib.c | 286 ++++

SecurityPkg/Library/FmpAuthenticationRsa2048Sha256Lib/FmpAuthenticationRsa2048Sha256L
ib.inf | 53 +

SecurityPkg/Library/FmpAuthenticationRsa2048Sha256Lib/FmpAuthenticationRsa2048Sha256L
ib.uni | 26 +
SecurityPkg/SecurityPkg.dec
| 6 +
SecurityPkg/SecurityPkg.dsc
| 3 +
UefiCpuPkg/Application/MicrocodeCapsuleApp/AppSupport.c
| 480 ++++++
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleApp.c
| 283 ++++
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleApp.inf
| 62 +
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleApp.uni
| 22 +
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleAppExtra.uni
| 19 +
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleDump.c
| 171 +++
UefiCpuPkg/Include/Guid/MicrocodeFmp.h
| 21 +
UefiCpuPkg/Include/Library/MicrocodeFlashAccessLib.h
| 39 +
UefiCpuPkg/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.c
| 42 +
UefiCpuPkg/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.inf
| 40 +
UefiCpuPkg/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.uni
| 21 +
UefiCpuPkg/MicrocodeUpdate/MicrocodeFmp.c
| 641 ++++++++
UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdate.c
| 775 ++++++++++
UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdate.h
| 299 ++++
UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdate.inf
| 68 +
UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdateDxe.uni
| 21 +
UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdateDxeExtra.uni
| 20 +
UefiCpuPkg/UefiCpuPkg.dec
| 7 +
UefiCpuPkg/UefiCpuPkg.dsc
| 3 +

Vlv2TbltDevicePkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessL
ib.c | 192 +++

Vlv2TbltDevicePkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessL
ib.inf | 47 +
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.aslc
| 86 ++
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.inf
| 45 +
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptorPei.c
| 66 +
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosUpdateConfig/SystemBiosUpdateConfig.ini
| 72 +

Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosUpdateConfig/SystemBiosUpdateConfigGcc.in
i | 72 +
Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLib.c
| 156 +-
Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLib.inf
| 8 +-
Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLibDxe.c
| 62 +
Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLibDxe.inf
| 49 +
Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLibDxeRuntimeSmm.c
| 188 +++
Vlv2TbltDevicePkg/Library/FlashDeviceLib/SpiChipDefinitions.h
| 5 +-
Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
| 117 +-
Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf
| 2 +
Vlv2TbltDevicePkg/PlatformCapsule.dsc
| 44 +
Vlv2TbltDevicePkg/PlatformCapsule.fdf
| 81 ++
Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf
| 81 ++
Vlv2TbltDevicePkg/PlatformPkg.fdf
| 132 +-
Vlv2TbltDevicePkg/PlatformPkgConfig.dsc
| 3 +-
Vlv2TbltDevicePkg/PlatformPkgGcc.fdf
| 132 +-
Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
| 70 +-
Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
| 70 +-
Vlv2TbltDevicePkg/PlatformPkgX64.dsc
| 70 +-
Vlv2TbltDevicePkg/bld_vlv.bat
| 8 +-
124 files changed, 17848 insertions(+), 384 deletions(-)
create mode 100644 MdeModulePkg/Application/CapsuleApp/AppSupport.c
create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleApp.uni
create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleAppExtra.uni
create mode 100644 MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
create mode 100644 MdeModulePkg/Include/Guid/EdkiiSystemFmpCapsule.h
create mode 100644 MdeModulePkg/Include/Library/EdkiiSystemCapsuleLib.h
create mode 100644 MdeModulePkg/Include/Library/FmpAuthenticationLib.h
create mode 100644 MdeModulePkg/Include/Library/IniParsingLib.h
create mode 100644 MdeModulePkg/Include/Library/PlatformFlashAccessLib.h
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.uni
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleProcessLib.c
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleRuntime.c
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
create mode 100644 MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.uni
create mode 100644
MdeModulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.c
create mode 100644
MdeModulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
create mode 100644
MdeModulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.uni
create mode 100644 MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.c
create mode 100644
MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.inf
create mode 100644
MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.uni
create mode 100644 MdeModulePkg/Library/IniParsingLib/IniParsingLib.c
create mode 100644 MdeModulePkg/Library/IniParsingLib/IniParsingLib.inf
create mode 100644 MdeModulePkg/Library/IniParsingLib/IniParsingLib.uni
create mode 100644
MdeModulePkg/Library/PlatformFlashAccessLibNull/PlatformFlashAccessLibNull.c
create mode 100644
MdeModulePkg/Library/PlatformFlashAccessLibNull/PlatformFlashAccessLibNull.inf
create mode 100644
MdeModulePkg/Library/PlatformFlashAccessLibNull/PlatformFlashAccessLibNull.uni
create mode 100644 MdeModulePkg/Universal/RecoveryModuleLoadPei/ParseConfigProfile.c
create mode 100644
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.c
create mode 100644
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.h
create mode 100644
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf
create mode 100644
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.uni
create mode 100644
MdeModulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPeiExtra.uni
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/ParseConfigProfile.c
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosDxe.h
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosMainDxe.c
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosMainSetImage.c
create mode 100644
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosMainSetImageDummy.c
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosReportDxe.inf
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosReportDxe.uni
create mode 100644
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosReportDxeExtra.uni
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosUpdateDxe.inf
create mode 100644 MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosUpdateDxe.uni
create mode 100644
MdeModulePkg/Universal/SystemBiosUpdate/SystemBiosUpdateDxeExtra.uni
create mode 100644
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLi
bDxe.c
create mode 100644
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLi
bDxe.inf
create mode 100644
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c
create mode 100644
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h
create mode 100644
QuarkPlatformPkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.aslc
create mode 100644
QuarkPlatformPkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.inf
create mode 100644
QuarkPlatformPkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptorPei.c
create mode 100644
QuarkPlatformPkg/Feature/Capsule/SystemBiosUpdateConfig/SystemBiosUpdateConfig.ini
create mode 100644 QuarkPlatformPkg/QuarkCapsule.dsc
create mode 100644 QuarkPlatformPkg/QuarkCapsule.fdf
create mode 100644
SecurityPkg/Library/FmpAuthenticationPkcs7Lib/FmpAuthenticationPkcs7Lib.c
create mode 100644
SecurityPkg/Library/FmpAuthenticationPkcs7Lib/FmpAuthenticationPkcs7Lib.inf
create mode 100644
SecurityPkg/Library/FmpAuthenticationPkcs7Lib/FmpAuthenticationPkcs7Lib.uni
create mode 100644
SecurityPkg/Library/FmpAuthenticationRsa2048Sha256Lib/FmpAuthenticationRsa2048Sha256L
ib.c
create mode 100644
SecurityPkg/Library/FmpAuthenticationRsa2048Sha256Lib/FmpAuthenticationRsa2048Sha256L
ib.inf
create mode 100644
SecurityPkg/Library/FmpAuthenticationRsa2048Sha256Lib/FmpAuthenticationRsa2048Sha256L
ib.uni
create mode 100644 UefiCpuPkg/Application/MicrocodeCapsuleApp/AppSupport.c
create mode 100644 UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleApp.c
create mode 100644
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleApp.inf
create mode 100644
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleApp.uni
create mode 100644
UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleAppExtra.uni
create mode 100644 UefiCpuPkg/Application/MicrocodeCapsuleApp/MicrocodeCapsuleDump.c
create mode 100644 UefiCpuPkg/Include/Guid/MicrocodeFmp.h
create mode 100644 UefiCpuPkg/Include/Library/MicrocodeFlashAccessLib.h
create mode 100644
UefiCpuPkg/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.c
create mode 100644
UefiCpuPkg/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.inf
create mode 100644
UefiCpuPkg/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.uni
create mode 100644 UefiCpuPkg/MicrocodeUpdate/MicrocodeFmp.c
create mode 100644 UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdate.c
create mode 100644 UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdate.h
create mode 100644 UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdate.inf
create mode 100644 UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdateDxe.uni
create mode 100644 UefiCpuPkg/MicrocodeUpdate/MicrocodeUpdateDxeExtra.uni
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessL
ib.c
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessL
ib.inf
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.aslc
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptor.inf
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosDescriptor/SystemBiosDescriptorPei.c
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosUpdateConfig/SystemBiosUpdateConfig.ini
create mode 100644
Vlv2TbltDevicePkg/Feature/Capsule/SystemBiosUpdateConfig/SystemBiosUpdateConfigGcc.in
i
create mode 100644 Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLibDxe.c
create mode 100644 Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLibDxe.inf
create mode 100644
Vlv2TbltDevicePkg/Library/FlashDeviceLib/FlashDeviceLibDxeRuntimeSmm.c
create mode 100644 Vlv2TbltDevicePkg/PlatformCapsule.dsc
create mode 100644 Vlv2TbltDevicePkg/PlatformCapsule.fdf
create mode 100644 Vlv2TbltDevicePkg/PlatformCapsuleGcc.fdf

--
2.7.4.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@...<mailto:edk2-devel@...>
https://lists.01.org/mailman/listinfo/edk2-devel

Join devel@edk2.groups.io to automatically receive all group messages.