diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst index 4ec9ec8..eea9a97 100644 --- a/source/chapter2-uefi.rst +++ b/source/chapter2-uefi.rst @@ -610,8 +610,9 @@ In-band firmware update If firmware update is performed in-band (firmware on the application processor updates itself), then the firmware shall implement the `UpdateCapsule()` runtime -service and accept updates in the "Firmware Management Protocol Data Capsule -Structure" format as described in :UEFI:`23.3`. [#FMPNote]_ +service and accept only authenticated updates in the "Firmware Management +Protocol Data Capsule Structure" format as described in :UEFI:`23.3`, with +`IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED` set. [#FMPNote]_ `UpdateCapsule()` is only required before `ExitBootServices()` is called. .. [#FMPNote] The `UpdateCapsule()` runtime service is expected to be suitable @@ -622,6 +623,13 @@ Structure" format as described in :UEFI:`23.3`. [#FMPNote]_ https://fwupd.org/ +Firmware is allowed to accept capsules not containing firmware updates in any +format, with or without authentication. [#SignalingNote]_ + +.. [#SignalingNote] Capsules not containing firmware updates can be used as a + signaling mean between OS and firmware, as described in [DEPBOOT]_ for + example. + Firmware is also required to provide an EFI System Resource Table (ESRT) as described in :UEFI:`23.4`. Every firmware image that can be updated in-band must be described in the ESRT. diff --git a/source/references.rst b/source/references.rst index 205b52f..7f05280 100644 --- a/source/references.rst +++ b/source/references.rst @@ -17,6 +17,10 @@ Bibliography `_, August 2022, `UEFI Forum `_ +.. [DEPBOOT] `Dependable Boot Specification version 0.1-alpha. + `_ + November 2021, `Linaro Limited and contributors `_ + .. [DTSCHEMA] `Devicetree schema tools v2024.02 `_, `Devicetree.org `_