Insyde Security Flash Release Notes Version 2.01.07 --------------- 1. Support passing "WITHOUTBIOS" signature string via IHISI 19h when input capsule not contains BIOS binary. 2. Allow to flash on low DC for specific OEM. [For specific OEM/ODM] 3. Add return error code. 4. Support to pass FFT error code and error message to BIOS via protocol. [For specific OEM/ODM] 5. Add read compare before write for BIOS guard update method. Version 2.01.06 --------------- 1. Support passing input image BIOS version to onboard BIOS. 2. Support customize update sequence data start address not align to ROM block address case. e.g. ROM block size is 64KB, but customize update area start address is FFBFE000. Old: Data which want to write to FFBFE000 will write to FFBF0000 and write 0x10000 (64KB) size. New: Data which want to write to FFBFE000 will write to FFBFE000 and write 0x2000 (8KB) size. 3. Update iEFIFlashSigner.exe to 1.1.6.3 3-1. Add to specify GUID (-guid) and capsule flags (-capflag) for capsule header command. This two command also valid in capsuleheader method. When -guid not used, tool will using the GUID in BIOS ESRT instead. Usage: Signing Secure Image and also add header a. Using the GUID in BIOS ESRT iEFIFlashSigner.exe sign -n "QA Certificate." -bios BIOS.fd -ini platform.ini -capsuleheader -capflag PersistAcrossReset -capflag InitiateReset b. Input GUID iEFIFlashSigner.exe sign -n "QA Certificate." -bios BIOS.fd -ini platform.ini -capsuleheader -guid 12345678-1234-1234-1234-123456789ABC -capflag PersistAcrossReset -capflag InitiateReset Add capsule header to binary image file without signing a. Using the GUID in BIOS ESRT iEFIFlashSigner.exe capsuleheader -bios isflash.bin -capflag PersistAcrossReset -capflag InitiateReset b. Input GUID iEFIFlashSigner.exe capsuleheader -bios isflash.bin -guid 12345678-1234-1234-1234-123456789ABC -capflag PersistAcrossReset -capflag InitiateReset 3-2. Fix signing BIOS guard BIOS with device firmware will not pack device firmware in capsule issue. 3-3. Fix signbin method signing microcode with BIOS Guard header cannot sign correctly issue. (issue occurs on signer v1.1.6.2) Version 2.01.05 --------------- 1. Auto detecting EC need to write to EC part or Intel EC region (via 17h and 21h). 2. Correct the UI when doing device firmware update via 23h/24h. Version 2.01.04 --------------- 1. Fix update Intel external EC may hang issue when EC binary smaller than EC region size. 2. Add platform.ini [UI] IndentSpace2 to control the update XXX message location. Version 2.01.03 --------------- 1. Support BIOS guard block header using BIOS region base offset in write address field. When BIOS guard block header offset 0x3C is 0xFFFFFFFF means the write address field (0x4C) is using BIOS region base offset, otherwize this field is using ROM base offset. 2. Update iEFIFlashSigner.exe to 1.1.6.2 2-1. Add signpfat method to sign BIOS Guard binary with non-capsule format. 2-2. signefi method support to sign all the efi files. Previous version only can sign shell flash. 3. Support BIOS region not at the bottom of ROM and BIOS guard ChasmFalls enable case. Version 2.01.02 ------------ 1. Add platform.ini [UI] IndentSpace to control the model name and BIOS version message location. 2. Support UTF16 format platform.ini file. NOTE: UTF16 format platform.ini only number settings and single-byte character set message strings are valid in shell/secure flash. Any character using double-byte character set will be change to space character. Version 2.01.01 ------------ 1. Fix the issue that data in BIOS image BVDT (with multi model name and multi version) will be changed after write to ROM. Ex: binary BVDT -> Model_1,Model_2,Model_3[0x00] After write to ROM -> Model_1[0x00]Model_2[0x00]Model_3[0x00] 2. Update iEFIFlashSigner.exe to 1.1.6.1 2-1. Fix the signed binary using full path and not put in signer main program folder will sign failed issue. Version 2.01.00 ------------ 1. Update the layout of update message and progress. 2. Support new parameter-buffer based SMI function calling (IB02961344). Version 2.00.22 ------------ 1. Normalize all firmware update progress as progress bar. Version 2.00.21 ------------ 1. Add [FlashComplete] SecureFlashDelayBeforeExit to customize the delay time before secure flash exit. When the flash complete action is donothing, secure flash will do delay before terminated and then return to BIOS. When the action is reboot or shutdown, secure flash will do reboot or shutdown in IHISI 16h. 2. Update iEFIFlashSigner.exe to 1.1.6.0 2-1. Support to sign BIOS with BIOS Guard header and EC with BIOS Guard header in the same capsule. 2-2. Support AMD one bios compress and decompress. Compress: iEFIFlashSigner onebios -compress isflash.bin [-output compress.fd] Decompress: iEFIFlashSigner onebios -decompress compress.fd [-output isflash.bin] Without the -output option, the output filename will be input filename add "_cmp" or "_decmp" postfix. In the example above the default output filename will be isflash_cmp.bin for compress and compress_decmp.fd for decompress. 2-3. Add signbiosregion method and -bin -guid command to sign BIOS region FV (such as BTG Acm). 3. Support -secondlogo command for specific OEM. [For specific OEM/ODM] Version 2.00.20 ------------ 1. Support specific OEM vendor ID for non share EC firmware update with version and size check. [For specific OEM/ODM] 2. Support BIOS customize update sequence feature on BIOS Guard enable case. Version 2.00.19 ------------ 1. Support to update the capsule file which only contains non-share EC. 2. Extend BIOS customize update block count to 24 for BIOS customize update sequence feature. 3. Update iEFIFlashSigner.exe to 1.1.5.9 3-1. Add command -microcode in signbin method. 3-2. Support to sign BIOS Guard binary with specifying block offset. (PFAT header version 3) Version 2.00.18 ------------ 1. Support BIOS customize update sequence feature. BIOS report the update area type, address, size and input image offset table from IHISI, tool will update base on this table. 2. Support partial protect of update block. The update block size is reported from IHISI, when the size is not minimum update size (4KB) the protect area may cover on a part of update block. Old behavior: The update block which is partial protected will not be updated. New behavior: The update block which is partial protected, the unprotected part will be updated with 4KB by 4KB. Version 2.00.17 ------------ 1. Support EC_Compare, EC_Verify, EC_VerifyErrorRetry in platform.ini [UpdateEC] section. 2. Add [AC_Adapter] Flag=2~4, when Flag >= 2 the BatteryCheck setting will not be referenced. Now the power check behavior as below: Flag=0: Don't check AC power and battery life percentage. Skip power check and continue flash. Flag=1: Check AC power not check battery life percentage. Only AC power meets the requirement can continue flash. Flag=2: Check battery life percentage not check AC power. Only DC power meets the requirement can continue flash. Flag=3: Check AC power and battery life percentage. Both AC and DC power meet the requirement can continue flash. Flag=4: Check AC power or battery life percentage. One of AC or DC power meets the requirement can continue flash. 3. Add [UI] PauseWhenUpdateBinaryWithoutBiosFail setting let user can disable the pause when using Windows capsule update. The default value set as 0 (disable), the behavior of updating binary without BIOS will be changed as below. Old default behavior: When binary update failed, it will show error and pause, after user press a key it will return to BIOS. New default behavior: When binary update failed, it will show error and not pause and return to BIOS directly. Version 2.00.16 ------------ 1. Support to update full ROM size BIOS Guard (PFAT) format capsule. 2. Support to update the capsule file which contains native ME, BIOS region and external EC. Version 2.00.15 ------------ 1. When input image contains BIOS region only, it don't need to set [Region] bios=1 or use command -bios. AP can auto detect and recognize input image. 2. Update iEFIFlashSigner.exe to 1.1.5.8 2-1. Fix device firmware cannot pack in capsule issue in 1.1.5.7. Version 2.00.14 ------------ 1. Support to update BIOS Guard (PFAT) format EC only capsule. 2. Update iEFIFlashSigner.exe to 1.1.5.7 2-1. Remove output file when the sign process failed. 2-2. Support to sign EC + BIOS Guard (PFAT) header image. (Using the same command as sign EC only image.) 3. Support to hide model name display via [UI] DisplayID and IHISI 11h. Version 2.00.13 ------------ 1. Support specific OEM vendor ID for EC firmware update. [For specific OEM/ODM] 2. Update iEFIFlashSigner.exe to 1.1.5.6 2-1. Fix merge method will show error in merge stage 2 issue. Symptom: Using iEFIFlashSigner.exe merge -in isflash_drv.efi will get "Error: Load iFlashDriver.efi binary failed.". Version 2.00.12 ------------ 1. Support kernel code 5.4 (enable PcdH2OIhisiAuthEnabled and PcdH2OIhisiAuthSupported). Version 2.00.11 ------------ 1. Support to update new BIOS Guard (PFAT) format which different update block size in single file. 2. Update iEFIFlashSigner.exe to 1.1.5.5 2-1. Support to sign new BIOS Guard (PFAT) format which different update block size in single file. 3. Fix when BIOS Guard (PFAT) update failed, IHISI 16h flash complete status not AP terminate issue. Version 2.00.10 ------------ 1. Support to update Retimer only capsule. 2. Update iEFIFlashSigner.exe to 1.1.5.4 2-1. Add command -retimer, -ver and -funcnum in sign method, merge method, and signbin method. Version 2.00.09 ------------ 1. Support boot guard version verification. 2. Fix CPU exception issue when flash complete do nothing in secure flash. 3. Fix Windows capsule update will display 100% at start then increase from 0% issue. Version 2.00.08 ------------ 1. Fix flash utility will return incorrect update result to BIOS when calling UnloadImage function failed. Symptom: BIOS update succeess but it popup a blue dialog shows update failed. Version 2.00.07 ------------ 1. Support specific OEM command override. [For specific OEM/ODM] Version 2.00.06.01 ------------ 1. Update iEFIFlashSigner.exe to 1.1.5.3 1-1. Fix signing EFI flash file may cause signer program terminate issue. Version 2.00.06 ------------ 1. Support -all, -ft:TYPE command override. Version 2.00.05 ------------ 1. Support to update IOM, MGPHY and TBT only capsule. 2. Update iEFIFlashSigner.exe to 1.1.5.2 2-1. Add command -iom, -mgphy and -tbt in sign method, merge method. 3. Add [UpdateDeviceFirmware] VerifyErrorRetry setting to enable/disable verify and do the retry times on error when updating device firmware. VerifyErrorRetry = 0 is default, means disable verify. VerifyErrorRetry = 1 means enable verify. VerifyErrorRetry = 3 means enable verify and will do the write-read-verify for max 3 times. 4. Remove call 16h after write ROM for OEM. [For specific OEM/ODM] Version 2.00.04 ------------ 1. Correct the error message on update binary without BIOS failed case. EX: When update failed in EC only case, it will show "Error: Update EC failed!" instead of "Error: Update BIOS failed!". 2. Support [UI] ExtEcUpdateErrorMessage### settings in platform.ini. The ### is number in hex, valid range 1~FFFFFFFF. It will be shown when EC version check error. 3. Correct [Flash Complete] pause behavior. When set [Flash Complete] pause=1, secure flash will show "Press any key to continue...". Old (incorrect) behavior: After press a key it still waiting 5 seconds then end program. New (correct) behavior: After press a key it will end program. Version 2.00.03 ------------ 1. Fix secure flash didn't pass progress to BIOS in BIOS Guard (PFAT) update case. 2. Fix secure flash didn't call IHISI 19h on update EC only case. 3. Support [ParamForBiosReference] section in platform.ini to pass specific parameter string to BIOS via IHISI 19h. 4. Fix IHISI Get Device Firmware Information using wrong register issue. 5. Fix secure flash didn't pass progress to BIOS in external EC only update case. Version 2.00.02 ------------ 1. Revise the update behavior of secure capsule with ME. Old behavior: When ME update failed, the flash process will be terminated, BIOS will not be updated. (v2.00.00 and v2.00.01) New behavior: When ME update failed, it will continue to update BIOS. 2. Fix secure flash will hang when enable debug log issue. This issue occurs on v2.00.00 and v2.00.01. Version 2.00.01 ------------ 1. Support [PreFlash] EraseDataType setting to erase specific data type (which reported from IHISI 1Eh or 12h) before flash. Version 2.00.00 ------------ 1. Do model name and BIOS version check in secure flash. 2. Support Intel Runtime BIOS Resilience (Intel Copper Point). 3. Update iEFIFlashSigner.exe to 1.1.5.1 3-1. Support -f [PFX_FILE] and -p [PFX_PASSWORD] command for using key from pfx file instead of the key installed in system key store. 3-2. Support -sha1 [HASH] command to specify which key will be used when the key store have more than 1 keys have the same subject name. 3-3. Support -o [FILENAME] command to specify output file name. Version 1.00.62 ------------ 1. Add [UI] ShowEcUpdateProgress to hide or show the EC update percentage. Version 1.00.61 ------------ 1. Support update EC image to Intel external region. 2. Support to pass capsule update progress to BIOS via protocol. (Kernel code supports in 05.22.49.) 3. Reference platform.ini [FlashComplete] Action setting when update native ME only capsule. 4. Fix the issue that secure flash complete action will reference the Action setting in [FlashSecureBIOSOverride] section when it enabled. Version 1.00.60 ------------ 1. Update pass update progress to BIOS via IHISI behavior. When it get any fail in this feature, AP will ignore this IHISI for following process. 2. Update iEFIFlashSigner.exe to 1.1.4.8 2-1. Command signbin support -ini option. 2-2. Support to sign ec in signbin method. Version 1.00.59 ------------ 1. Support device firmware update. 2. Update iEFIFlashSigner.exe to 1.1.4.7 2-1. Support nosign method for packing binary only. 2-2. Add -df## command in sign method and nosign method. Version 1.00.58 ------------ 1. Fix tool will hang when the override command too long issue. Version 1.00.57 ------------ 1. Support 32MB ROM. 2. Support pause after flash complete when /forceit command used without /nopause to meet OEM spec. [For specific OEM/ODM] Version 1.00.56 ------------ 1. Show error message when EC update failed. Version 1.00.55.01 ------------ 1. Update iEFIFlashSigner.exe to 1.1.4.6 1-1 Support to backup/restore unsigned area in signefi method. Version 1.00.55 ------------ 1. Fix [Log_file] Flag=1 cannot save out log file issue. 2. Fix when flashing ROM it doesn't read block for compare before writing issue. Version 1.00.54 ------------ 1. Remove [Others] EnableMeLockReadFailErrorRetry key. Always enable this retry feature, but only do once in whole read ROM loop. Version 1.00.53 ------------ 1. Add [UI] PassUpdateProgressToBios flag to enable/disable passing flash progress to BIOS. 2. Support to update ish + pdt capsule. 3. Update iEFIFlashSigner.exe to 1.1.4.5 3-1. Support to sign pdt and ish at the same time in signbin method. 3-2. Display a warning message when signing with Insyde QA key. Version 1.00.52 ------------ 1. Support to update Intel PDT image. 2. Add [Others] EnableMeLockReadFailErrorRetry=1 setting in platform.ini for reading ROM again when it read failed because ME is locked. 3. Update iEFIFlashSigner.exe to 1.1.4.4 3-1. Add command -pdt in sign and merge method for signing Intel PDT binary. Version 1.00.51 ------------ 1. Fix the passing platform.ini to BIOS feature not terminate with [55AA] issue. 2. Support -p= command. [For specific OEM/ODM] Version 1.00.50 ------------ 1. Support multi-SKU package. [For specific OEM/ODM] 2. Passing platform.ini [Region] section to BIOS via IHISI 1Dh. Version 1.00.49 ------------ 1. Support to update Intel ISH (Integrated Sensor Hub) image. 2. Update iEFIFlashSigner.exe to 1.1.4.3 2-1. Add command -ish in sign and merge method for signing Intel ISH binary. Version 1.00.48 ------------ 1. Fix progress bar flicking issue while flashing BIOS. Version 1.00.47 ------------ 1. Fix EC cannot update issue. Version 1.00.46 ------------ 1. Support BVDT multiple product name and multiple bios version. Version 1.00.45 ------------ 1. Add Private/Protection Region Movement feature. 2. Support update PFAT image with secure capsule method. NOTE: The new PFAT update method need BIOS to enable secure flash and PFAT feature at the same time when building. 3. Update iEFIFlashSigner.exe to 1.1.4.2 3-1. Modify sign PFAT image method. Currently the PFAT image is a kind of secure BIOS, it will be signed as secure BIOS method. Signing a PFAT image without update engine method is not supported from this version. Version 1.00.44 ------------ 1. Use new method for security flash template. (iEFIFlashSigner version required: v1.1.4.1) 2. Support update Intel native ME. (BIOS version required: 05.05.07.0019) 3. Support customize EC update block size. 4. Update iEFIFlashSigner.exe to 1.1.4.1 4-1. Support -me and -oemid in sign method and merge method. 4-2. Support -me and -oemid in sign PFAT image method. 4-3. Support -me and -oemid in signbin method for signing Intel native ME only capsule. Version 1.00.43 ------------ 1. UEFI flash for OEM need to call 16h between flash BIOS and EC. [For specific OEM/ODM] 2. Fix AP will return success to BIOS when flash failed. Version 1.00.42 ------------ 1. Support BVDT private/protection ROM map override IHISI 12h feature. Version 1.00.41 ------------ 1. Update iEFIFlashSigner.exe to 1.1.4.0 1-1. Support signlogo method. 1-2. Add -capsuleheader in sign method to generate a EFI capsule header structure in front of signed secure capsule. 2. Update flash sequence let the BVDT block update at the end of flash process. Version 1.00.40 ------------ 1. Fix it will not update EC when flashing a capsule with EC. Version 1.00.39 ------------ 1. Fix the memory for IHISI may allocated higher than 4G issue. (ITS#33259) Version 1.00.38 ------------ 1. Supports feature: skip update region ME if ME locked and [Region] ME=1. 2. Update iEFIFlashSigner.exe to 1.1.3.0 2-1.Support merge method. Version 1.00.37 ------------ 1. Supports feature: update to NOT call Ihisi 1Bh in secure update. Version 1.00.36 ------------ 1. Supports feature: supports EC flash flag of Ihisi 19h. Version 1.00.35 ------------ 1. fix bugs : fix passing incorrect action code via Ihisi 20h in secure update.(For specific OEM/ODM) Version 1.00.34 ------------ 1. supports feature: supports Action_20h in [UpdateEC] for passing action code via Ihisi 20h.(For specific OEM/ODM) 2. fix bugs : fix update error of alias to type#xx (BB_PEI,DXE,EC) in [ForceFlash]. (#31396) Version 1.00.33 ------------ 1. fix bugs : fix update error if alp of [ForceFlash] enabled. 2. fix bugs : fix DisableVerify of [Others] not works. 3. fix bugs : add warning message for Ihisi 15h fail. 4. fix bugs : add warning message for DC not connected when checking both AC and DC. Version 1.00.32 ------------ 1. Fix AC/DC check behavior incorrect issue in secure flash. Version 1.00.31 ------------ 1. fix bugs : fix update error in secure update if [UpdateOEMME] enabled. Version 1.00.30 ------------ 1. Update iEFIFlashSigner.exe to 1.1.2.9. 1-a. disable UAC. Version 1.00.29 ------------ 1. fix bugs : fix the default behavior of updating EC to block by block. Version 1.00.28 ------------ 1. supports feature: supports EC size un-defined in IHISI 21h. (IHISI version required: 2.0.4) 2. fix bugs : update the IHISI version for funcation 10h to 204; Platforms support 0x1F ------------+-------------------- Broadwell 05.03.51.0014 SharkBay 03.73.06.1067 Bay Trail-T 05.03.47.0033 Bay Trail-M 05.03.47.0021 Kaveri 03.74.03.1015 Mullins 03.74.03.1009 Kabini 03.74.03.2047 Richland 03.74.03.1052 Version 1.00.27 ------------ 1. Supports feature: Add new section [AutoWakeup] with key that can enable auto power on via RTC. Version 1.00.26 ------------ 1. Supports feature: Add IHISI 1Fh to notice BIOS can enter/leave EC idle mode . 2. Supports feature: Add new key "Elapse" under [UI] which can enable to show Elapse time on screen. 3. fix update fail with message "Decompress failled" when enable secure boot. (#0029704) 4. fix cannot flash issue (with update BIOS failed message) on 32bit platform. (#29844, #29840) Version 1.00.25 ------------ 1. fix issue of update error if alp enabled. 2. apply new utility naming. Version 1.00.24 ------------ 1. fix to stop update if ATP Dtimer check (Ihisi 1Ch) fail. 2. fix issue of update ME region in secure update if [UpdateOEMME] enabled. Version 1.00.23 ------------ 1. supports multi NV Storage from Ihisi 1Eh. 2. supports multi region PEI from Ihisi 12h. 3. Update iEFIFlashSigner.exe to 1.1.2.8. 3-1. Boot Guard command supports to sign PFAT image with header. Version 1.00.22 ------------ 1.Use update progressive bar to show update percentage. Version 1.00.21 ------------ 1. fix display platform name error if Flag=2 in [Platform_Check]. Version 1.00.20 ------------ 1. Update EC flash behavior for Ihisi 21h fail. [For specific OEM/ODM] Version 1.00.19 ------------ 1. display EC update process. 2. update IHISI 21h behavior. 3. update behavior of flash EC with BIOS. [For specific OEM/ODM] 4. update behavior of AC/DC check. [For specific OEM/ODM] 5. Update iEFIFlashSigner.exe to 1.1.2.7 5-1. supports input -n2 command. [For specific OEM/ODM]. 5-2. fix signing PFAT error. Version 1.00.18 ------------ 1. Supports update OEM ME in OS flash before doing secure flash. Version 1.00.17 ------------ 1. Supports IHISI 16h after EC updating. 2. Update IHISI 10h behavior to call once. 3. Update IHISI 15h behavior when ME locked. 4. Remove delay for IHISI 15h. Version 1.00.16 ------------ 1. Support alp of [ForceFlash] in command filter feature for security flash. Version 1.00.15 ------------ 1. enable AC/DC check in security flash. 2. supports SecurityAcWarning of [AC_Adapter] for AC warning message. Version 1.00.14 ------------ 1. Passing flash status to BIOS when flash complete by IHISI 16h. 2. Notify BIOS the flash result by IHISI 1Ah. 3. Support 32bit BIOS. 4. Update iEFIFlashSigner.exe to 1.1.2.5. Version 1.00.13 ------------ 1. Support ME lock condition. Version 1.00.12 ------------ 1. Support the image with unsigned area run on SAP2 feature applied platform. (BIOS version required: 3.72.45) Version 1.00.11.01 ------------ 1. Update iEFIFlashSigner.exe to 1.1.2.3. 1-1. Support sign secure image for crisis. (BIOS version required: 3.72.36, 5.02.36) 1-2. Fix signed image can't run on SAP2 feature applied platform. 1-3. Add file checksum for PFAT image. 1-4. Support processing unsigned area. 1-5. Support sign shell flash efi file. Version 1.00.11.00 ------------ 1. Support ini override for secure capsule update. 2. Update iEFIFlashSigner.exe to 1.1.2.2. 2-1. Support sign PFAT image. Version 1.00.10 ------------ 1. Fix private map can't be protect issue when platform.ini [ForceFlash] all=1. 2. Flash settings will reference the settings return from IHISI 11h. Version 1.00.09 ------------ 1. Support common flash feature in security flash. 2. Support case insensitive in platform.ini. 3. Disable check in secure flash. 4. Support all settings in platform.ini [ForceFlash] section. Version 1.00.08 ------------ 1. Update common flash feature flash complete action override. Version 1.00.07 ------------ 1. Add force update variable area flag. 2. Update iEFIFlashSigner to v1.1.2.0. Not allow to sign a signed capsule. 3. Update FACTORY_COPY restore interface. (Need to update kernel code.) 4. Update NV storage protect method for secure boot support platform. (BIOS must implement IHISI 1Eh function. Kernel code supports in 03.72.20.) 5. Update QA certificate sample file from RSA 1024 bits to RSA 2048 bits. (Need to update kernel code.) Version 1.00.06 ------------ 1. Add FACTORY_COPY restore support. Version 1.00.05 ------------ 1. Add update EC support. Version 1.00.04 ------------ 1. Variable area will not update by flash utility to meet Windows logo requirement. 2. Support specified size of flash rom. Such as 5M(1M+4M), 6M(2M+4M) flash rom. Version 1.00.03 ------------ 1. Support 16M bios. 2. Support no CSM BIOS. 3. Using SHA256. Version 1.00.02 ------------ 1. Add secure BIOS identify information. Version 1.00.01 ------------ 1. Initial version.