I am the engineer at System76 that has been working on the low-level firmware update procedure.
The only alternative is to reverse engineer the SPI flashing method. We have switched to using FPT, the Intel Flash Programming tool, on new models. This means that we need to reverse engineer the SPI update method, which is something the flashrom project has had success in doing for older Intel chipsets.
Can’t you add a bit of code to your firmware to accept a special EFI capsule that’s really just an EFI program (or a firmware volume containing an AFUEFI and the payload)? This wouldn’t work for UpdateCapsule, but it should work as a UEFI 2.4+ capsule-on-disk.
If fwupd won’t support a capsule-on-disk, I personally volunteer to nudge them. But I bet they already support it or would be very willing to add support.
SPI is easy, and well understood. For firmware editing I often use an external flasher for updating the ROM, and use flashrom to do so. Accessing the SPI bus on the Intel chipset, from the computer itself, is undocumented and usually requires reverse engineering.
OK, neat, it looks like they haven't changed it in eons. It's PCI device 00:1f.5 and is documented in all of the PCH docs (so Vol 1 for overview, Vol 2 for registers). Sometimes it's disabled by firmware as a sort of 'security' mechanism.
Yeah, there's not a whole lot there in the docs, but it's PIO SPI that handles most of the flash addressing for you, so it's not the most complex thing in the world to begin with. More "fill the buffer and go" sort of deal.
Based on there comments in the article, I'd say that was their conclusion:
There is no other way to interpret this email other than LVFS won’t work well for us. UpdateCapsule is not supported by over a decade of machines in the field and could not be added without a firmware update.
The only alternative is to reverse engineer the SPI flashing method. We have switched to using FPT, the Intel Flash Programming tool, on new models. This means that we need to reverse engineer the SPI update method, which is something the flashrom project has had success in doing for older Intel chipsets.