Device Firmware Update
If the device firmware is updatable, the update must be verified.
The verifier is determined by the entity with write access to the device firmware location. The entity performing verification must be the same entity performing the update.
For example, if the device firmware is in the device internal location, which is not accessible by the host firmware, such as TPM, then the device must do the verification and update. If the device firmware is in the device internal location, but it is accessible by the host firmware, such as EC, then the host firmware may do the verification and update. If device firmware is on the external storage and loaded by system firmware, then the system firmware must do the verification and update.
Table 4-2: Device Firmware Update Verification
| Item | Entity | Provider | Location |
|---|---|---|---|
| TP | Firmware Update Verification | OEM or IHV | Depends |
| CDI | Firmware Update TCB Code | OEM or IHV | Depends |
| Firmware Update Signature Database (Policy) | OEM or IHV | Depends | |
| UDI | Device Firmware Update Package | IHV | Originally on external storage (e.g. Hard drive, USB, Memory, or Read-Write Flash), loaded into device firmware unlockable environment. |