Attention is currently required from: Arthur Heymans, Benjamin Doron, Felix Held, Krystian Hebel, Martin L Roth, Patrick Rudolph, Paul Menzel.

Sergii Dmytruk has posted comments on this change by Sergii Dmytruk. ( https://review.coreboot.org/c/coreboot/+/83424?usp=email )

Change subject: drivers/smmstore: add ability to write to whole flash ......................................................................

Patch Set 13:

(1 comment)

File src/drivers/smmstore/store.c:

https://review.coreboot.org/c/coreboot/+/83424/comment/3604c2c2_dcd6cfbe?usp... : PS9, Line 63: const struct region_device *rdev = boot_device_rw();

Okay, thanks. […]

All details like FD unlocking are considered outside of the scope of this option as it's not of generic utility and shouldn't be enabled without due consideration. But yes, they are handled by the "update mode" which affects both coreboot and EDK working together to perform an upgrade.

We have enabled capsule updates for MSI PRO Z690-A/Z790-P, although it will take another release to use them for a firmware upgrade. At least as of now the whole BIOS is being written, which allows updating ME and changing FD if needed (e.g., to give BIOS region more space). I think it was successfully tested on NovaCustom laptops (also Intel), I used it on some PC Engines APU board with AMD. AMD didn't require any extra steps, although that might depend on CPU family.

Somewhat unfortunate, ME needs to be disabled prior to trying to do a capsule update as disabling ME takes a hard reset which in-RAM capsules can't survive. On-disk capsules might help with that but EDK handles them by loading in RAM and doing a warm reset, so at least without changing implementation much in-RAM capsules are also needed.