ded5410f6d
Unconditionally delete FWUPDATE_VERBOSE and FWUPDATE_DEBUG_LOG when deploying the update using fwupdtool or fwupd and leave it to fwupdate. If you want to debug the efi binary you then have to use fwupdate and squirt the .cap file rather than using all the other layers. |
||
|---|---|---|
| .. | ||
| efi | ||
| tests | ||
| fu-plugin-uefi.c | ||
| fu-self-test.c | ||
| fu-ucs2.c | ||
| fu-ucs2.h | ||
| fu-uefi-bgrt.c | ||
| fu-uefi-bgrt.h | ||
| fu-uefi-bootmgr.c | ||
| fu-uefi-bootmgr.h | ||
| fu-uefi-common.c | ||
| fu-uefi-common.h | ||
| fu-uefi-device.c | ||
| fu-uefi-device.h | ||
| fu-uefi-devpath.c | ||
| fu-uefi-devpath.h | ||
| fu-uefi-pcrs.c | ||
| fu-uefi-pcrs.h | ||
| fu-uefi-tool.c | ||
| fu-uefi-update-info.c | ||
| fu-uefi-update-info.h | ||
| meson.build | ||
| README.md | ||
| uefi.conf | ||
| uefi.quirk | ||
UEFI Support
Introduction
The Unified Extensible Firmware Interface (UEFI) is a specification that defines the software interface between an OS and platform firmware. With the UpdateCapsule boot service it can be used to update system firmware.
If you don't want or need this functionality you can use the
-Dplugin_uefi=false option.
Firmware Format
The daemon will decompress the cabinet archive and extract a firmware blob in EFI capsule file format.
See https://www.uefi.org/sites/default/files/resources/UEFI%20Spec%202_6.pdf for details.
This plugin supports the following protocol ID:
- org.uefi.capsule
GUID Generation
These devices use the UEFI GUID as provided in the ESRT. Additionally, for the
system device the main-system-firmware GUID is also added.
For compatibility with Windows 10, the plugin also adds GUIDs of the form
UEFI\RES_{$(esrt)}.
Vendor ID Security
The vendor ID is set from the BIOS vendor, for example DMI:LENOVO for all
devices that are not marked as supporting Firmware Management Protocol. For FMP
device no vendor ID is set.
UEFI Unlock Support
On some Dell systems it is possible to turn on and off UEFI capsule support from within the BIOS. This functionality can also be adjusted from within the OS by fwupd. This requires compiling with libsmbios support.
When fwupd has been compiled with this support you will be able to enable UEFI
support on the device by using the unlock command.
Custom EFI System Partition
Since version 1.1.0 fwupd will autodetect the ESP when it is mounted on
/boot/efi, /boot, or /efi. A custom EFI system partition location can be
used by modifying OverrideESPMountPoint in /etc/fwupd/uefi.conf.
Setting an invalid directory will disable the fwupd plugin.
External interface access
This plugin requires:
- read/write access to the EFI system partition.
- read access to
/sys/firmware/efi/esrt/ - read access to
/sys/firmware/efi/fw_platform_size - read/write access to
/sys/firmware/efi/efivars