; Is that possible to make it earlier?
> >
> >
> > Thank you
> > Yao Jiewen
> >
> > > -Original Message-
> > > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> > > Ard Biesheuvel
> > > Sent: Friday, Jun
-devel@lists.01.org;
leif.lindh...@linaro.org; Zeng, Star
Subject: RE: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
ProcessCapsules () to be called once
The difference between 1st call and 2nd call is that: The system will reset
even there are capsules not dispatched in 2nd call
t: Monday, June 11, 2018 6:56 AM
> To: Ard Biesheuvel
> Cc: Kinney, Michael D ;
> edk2-devel@lists.01.org; Zeng, Star
> ; leif.lindh...@linaro.org
> Subject: RE: [edk2] [PATCH v2 2/5]
> MdeModulePkg/DxeCapsuleLibFmp: permit ProcessCapsules
> () to be called once
>
> Ah. G
11, 2018 5:40 AM
>> To: Yao, Jiewen
>> Cc: Kinney, Michael D ; edk2-devel@lists.01.org;
>> Zeng, Star ; leif.lindh...@linaro.org
>> Subject: Re: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
>> ProcessCapsules () to be called once
>>
>> On 11 Ju
ng, Star ; leif.lindh...@linaro.org
> Subject: Re: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
> ProcessCapsules () to be called once
>
> On 11 June 2018 at 14:37, Yao, Jiewen wrote:
> > If all fmp can be processed one time,you just need call once. Then system
> reset.
>
ce
>>>> between a platform dispatching SystemCapsule after EndOfDxe *purposely* and
>>>> a platform dispatching SystemCapsule after EndOfDxe *by mistake*.
>>>>
>>>> Maybe some policy enforcement in the core logic. Static policy, at build
>>>>
boun...@lists.01.org] On Behalf Of Yao,
>>> Jiewen
>>> Sent: Sunday, June 10, 2018 12:02 PM
>>> To: Kinney, Michael D ; Ard Biesheuvel
>>>
>>> Cc: edk2-devel@lists.01.org; leif.lindh...@linaro.org; Zeng, Star
>>>
>>> Subject: Re:
-boun...@lists.01.org] On Behalf Of Yao,
>> Jiewen
>> Sent: Sunday, June 10, 2018 12:02 PM
>> To: Kinney, Michael D ; Ard Biesheuvel
>>
>> Cc: edk2-devel@lists.01.org; leif.lindh...@linaro.org; Zeng, Star
>>
>> Subject: Re: [edk2] [PATCH v2 2/5] Md
ng, Star
>
> Subject: Re: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
> ProcessCapsules () to be called once
>
> My concern is that *always allowing* processing SystemCapsule after EndOfDxe
> has security risk.
>
> IMHO, the risk is not *process*, if
hael D
> Sent: Sunday, June 10, 2018 8:57 AM
> To: Ard Biesheuvel ; Yao, Jiewen
> ; Kinney, Michael D
> Cc: edk2-devel@lists.01.org; Zeng, Star ;
> leif.lindh...@linaro.org
> Subject: RE: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
> ProcessCapsules () to be called
.01.org; Kinney, Michael D
> ; Zeng, Star
> ; leif.lindh...@linaro.org
> Subject: Re: [edk2] [PATCH v2 2/5]
> MdeModulePkg/DxeCapsuleLibFmp: permit ProcessCapsules
> () to be called once
>
> On 10 June 2018 at 07:38, Yao, Jiewen
> wrote:
> > Hi Ard
> > Accordin
o for us the distinction does not make sense.
>>
>> > Thank you
>> > Yao Jiewen
>> >
>> >> -Original Message-
>> >> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
>> Ard
>> >> Bieshe
; Cc: edk2-devel@lists.01.org; Kinney, Michael D ;
> Zeng, Star ; leif.lindh...@linaro.org
> Subject: Re: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
> ProcessCapsules () to be called once
>
>
>
> > On 8 Jun 2018, at 14:34, Yao, Jiewen wrote:
> >
wen
>> ; Zeng, Star ;
>> leif.lindh...@linaro.org; Ard Biesheuvel
>> Subject: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
>> ProcessCapsules () to be called once
>>
>> Permit ProcessCapsules () to be called only a single time, after
>>
bject: [edk2] [PATCH v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: permit
> ProcessCapsules () to be called once
>
> Permit ProcessCapsules () to be called only a single time, after
> EndOfDxe. This allows platforms that are able to update system
> firmware after EndOfDxe (e.g., because th
Permit ProcessCapsules () to be called only a single time, after
EndOfDxe. This allows platforms that are able to update system
firmware after EndOfDxe (e.g., because the flash ROM is not locked
down) to do so at a time when a non-trusted console is up and running,
and progress can be reported to
16 matches
Mail list logo
