On 2/15/21 6:17 PM, AKASHI Takahiro wrote:
Hi Grant,
# apart from capsule update/EBBR,
On Mon, Feb 15, 2021 at 05:28:32PM +0000, Grant Likely wrote:
On 12/02/2021 21:50, Heinrich Schuchardt wrote:
On 2/12/21 7:59 PM, Grant Likely wrote:
EFI_UPDATE_CAPSULE is the industry standard method for applying firmware updates. Make it a requirement in EBBR so that fwupd, Windows Update, and any other generic firmware update service can support EBBR platforms.
This is made required because the ability to update firmware is a critical part of building secure platforms.
Fixes: #69 Signed-off-by: Grant Likely grant.likely@arm.com
source/chapter2-uefi.rst | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst index 3d48c99..4e8a24d 100644 --- a/source/chapter2-uefi.rst +++ b/source/chapter2-uefi.rst @@ -352,7 +352,7 @@ are required to be implemented during boot services and runtime services. - Required - Optional * - `EFI_UPDATE_CAPSULE`
As you have secure firmware in mind, shouldn't we explicitly require signature verification of capsules?
Yes, but not yet. All the security requirements need to come in at the same time so that it makes sense, and it may be that we adopt BBSR as the security standard instead of adding it into EBBR.
looking at BBSR (v1.0a, downloaded from Arm site), it mentions EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as one of required attributes for authenticated variables. But it is already marked as deprecated in UEFI spec, and I didn't implement it on U-Boot UEFI.
Has that statement in BBSR already been modified/fixed?
That is removed in BBSR v1.1, which will be published later this Spring.
Stuart