On Mon, Jun 04, 2018 at 06:58:25PM +0200, Marcin Wojtas wrote: > Ard, > > 2018-06-04 18:47 GMT+02:00 Ard Biesheuvel <[email protected]>: > > On 4 June 2018 at 18:41, Marcin Wojtas <[email protected]> wrote: > >> All required components are in place, so we can now > >> add all necessary dependencies to build and use capsule support > >> for Armada7k8k platforms. It is conditionally enabled > >> with '-D CAPSULE_ENABLE' flag added during build time. > >> > >> Because the capsule generation must be sequential, > >> due to boot requirements and glueing all binaries > >> (BLE, ARM-TF, BL33) externally, introduce additional > >> .dsc and .fdf file solely for creating the capsule. > >> > >> In order to build the capsule following parameters > >> must be passed to the build command of the common file > >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc: > >> > >> -D PLATFORM_NAME=<previously built platform name with capsule support> > >> -D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin> > >> > > > > I think there was some miscommunication here: > > > > - PREFIX is not a full path, it is a prefix. So in this case, the > > 'flash-image.bin' part should still be hardcoded, but the DEFINE > > allows you to specify its location in the directory tree. > > - apologies for bikeshedding/disagreeing with what Leif said > > previously, but ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX is not appropriate > > here, given that flash-image.bin is the entire firmware image, so > > ARM-TF, UEFI, and other bits and pieces that make up the full image. I > > understand that Leif wants a generic prefix, but using it in > > completely different ways (ARM-TF fip vs the entire firmware image) > > defeats the purpose of that.
Oh, I agree with all of the above and was fully hoping someone could come up with something better :) > So is passing a full path a valid way for you? > > If yes, how a about following parameter name: 'FIRMWARE_IMAGE_PATH' ? I generally prefer a PREFIX over a path, since this does not mandate a directory name, but could also contain a file prefix. While not strictly speaking relevant to the internals of edk2-platforms, could you explain to me where the "firmware-image.bin" images end up being generated in the first place? I.e., their complete path in ARM Trusted Firmware build output, with build targets and all? Best Regards, Leif > Best regards, > Marcin > > > > > > >> Contributed-under: TianoCore Contribution Agreement 1.1 > >> Signed-off-by: Marcin Wojtas <[email protected]> > >> Signed-off-by: David Sniatkiwicz <[email protected]> > >> --- > >> Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++ > >> Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++ > >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++ > >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++ > >> 4 files changed, 223 insertions(+) > >> > >> diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf > >> b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf > >> index bf04f4d..e5e5443 100644 > >> --- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf > >> +++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf > >> @@ -201,6 +201,15 @@ FvNameGuid = > >> 5eda4200-2c5f-43cb-9da3-0baf74b1b30c > >> INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf > >> INF MdeModulePkg/Application/UiApp/UiApp.inf > >> > >> +!if $(CAPSULE_ENABLE) > >> + # Firmware update > >> + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf > >> + INF > >> SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf > >> + FILE FREEFORM = > >> PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) > >> { > >> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer > >> + SECTION UI = "Pkcs7TestRoot" > >> + } > >> +!endif > >> > >> # PEI phase firmware volume > >> [FV.FVMAIN_COMPACT] > >> @@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE > >> INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf > >> INF ArmPkg/Drivers/CpuPei/CpuPei.inf > >> INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf > >> +!if $(CAPSULE_ENABLE) > >> + INF > >> MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf > >> + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf > >> + INF RuleOverride = FMP_IMAGE_DESC > >> Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf > >> +!endif > >> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > >> > >> FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { > >> @@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE > >> } > >> } > >> > >> +!if $(CAPSULE_ENABLE) > >> +[FV.SystemFirmwareDescriptor] > >> +FvAlignment = 8 > >> +ERASE_POLARITY = 1 > >> +MEMORY_MAPPED = TRUE > >> +STICKY_WRITE = TRUE > >> +LOCK_CAP = TRUE > >> +LOCK_STATUS = TRUE > >> +WRITE_DISABLED_CAP = TRUE > >> +WRITE_ENABLED_CAP = TRUE > >> +WRITE_STATUS = TRUE > >> +WRITE_LOCK_CAP = TRUE > >> +WRITE_LOCK_STATUS = TRUE > >> +READ_DISABLED_CAP = TRUE > >> +READ_ENABLED_CAP = TRUE > >> +READ_STATUS = TRUE > >> +READ_LOCK_CAP = TRUE > >> +READ_LOCK_STATUS = TRUE > >> + > >> + INF RuleOverride = FMP_IMAGE_DESC > >> Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf > >> + > >> +[FV.CapsuleDispatchFv] > >> +FvAlignment = 8 > >> +ERASE_POLARITY = 1 > >> +MEMORY_MAPPED = TRUE > >> +STICKY_WRITE = TRUE > >> +LOCK_CAP = TRUE > >> +LOCK_STATUS = TRUE > >> +WRITE_DISABLED_CAP = TRUE > >> +WRITE_ENABLED_CAP = TRUE > >> +WRITE_STATUS = TRUE > >> +WRITE_LOCK_CAP = TRUE > >> +WRITE_LOCK_STATUS = TRUE > >> +READ_DISABLED_CAP = TRUE > >> +READ_ENABLED_CAP = TRUE > >> +READ_STATUS = TRUE > >> +READ_LOCK_CAP = TRUE > >> +READ_LOCK_STATUS = TRUE > >> + > >> + INF > >> SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf > >> + > >> +!endif > >> + > >> > >> ################################################################################ > >> # > >> # Rules are use with the [FV] section's module INF type to define > >> @@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE > >> UI STRING ="$(MODULE_NAME)" Optional > >> PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi > >> } > >> + > >> +[Rule.Common.PEIM.FMP_IMAGE_DESC] > >> + FILE PEIM = $(NAMED_GUID) { > >> + RAW BIN |.acpi > >> + PEI_DEPEX PEI_DEPEX Optional > >> $(INF_OUTPUT)/$(MODULE_NAME).depex > >> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi > >> + UI STRING="$(MODULE_NAME)" Optional > >> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER) > >> + } > >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > >> b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > >> index 8fb912b..75fa3d4 100644 > >> --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > >> @@ -42,8 +42,23 @@ > >> > >> DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf > >> > >> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf > >> > >> +!if $(CAPSULE_ENABLE) > >> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > >> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > >> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > >> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf > >> + > >> EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf > >> + > >> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf > >> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf > >> + > >> PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf > >> +!endif > >> + > >> # Basic utility libraries > >> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf > >> +!if $(CAPSULE_ENABLE) > >> + > >> BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf > >> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf > >> +!endif > >> > >> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf > >> > >> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf > >> PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf > >> @@ -199,7 +214,11 @@ > >> [LibraryClasses.common.DXE_RUNTIME_DRIVER] > >> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf > >> > >> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf > >> +!if $(CAPSULE_ENABLE) > >> + > >> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf > >> +!else > >> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf > >> +!endif > >> !if $(TARGET) != RELEASE > >> > >> DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf > >> !endif > >> @@ -376,6 +395,13 @@ > >> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000 > >> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000 > >> > >> +!if $(CAPSULE_ENABLE) > >> +[PcdsDynamicExDefault.common.DEFAULT] > >> + > >> gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100 > >> + > >> gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, > >> 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, > >> 0x9e, 0x06, 0xc7} > >> + > >> gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, > >> 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, > >> 0xf3, 0x09, 0x40} > >> +!endif > >> + > >> > >> ################################################################################ > >> # > >> # Components Section - list of all EDK II Modules needed by this Platform > >> @@ -394,6 +420,11 @@ > >> ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf > >> ArmPkg/Drivers/CpuPei/CpuPei.inf > >> MdeModulePkg/Universal/Variable/Pei/VariablePei.inf > >> +!if $(CAPSULE_ENABLE) > >> + MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf > >> + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf > >> + > >> Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf > >> +!endif > >> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf { > >> <LibraryClasses> > >> > >> NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf > >> @@ -503,6 +534,16 @@ > >> > >> NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf > >> } > >> > >> +!if $(CAPSULE_ENABLE) > >> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf > >> + > >> SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf > >> + > >> SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf > >> { > >> + <LibraryClasses> > >> + > >> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf > >> + } > >> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf > >> +!endif > >> + > >> # > >> # Variable services > >> # > >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc > >> b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc > >> new file mode 100644 > >> index 0000000..0498bce > >> --- /dev/null > >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc > >> @@ -0,0 +1,46 @@ > >> +#Copyright (C) 2018 Marvell International Ltd. > >> +# > >> +#Marvell BSD License Option > >> +# > >> +#If you received this File from Marvell, you may opt to use, redistribute > >> and/or > >> +#modify this File under the following licensing terms. > >> +#Redistribution and use in source and binary forms, with or without > >> modification, > >> +#are permitted provided that the following conditions are met: > >> +# > >> +# * Redistributions of source code must retain the above copyright notice, > >> +# this list of conditions and the following disclaimer. > >> +# > >> +# * Redistributions in binary form must reproduce the above copyright > >> +# notice, this list of conditions and the following disclaimer in the > >> +# documentation and/or other materials provided with the distribution. > >> +# > >> +# * Neither the name of Marvell nor the names of its contributors may be > >> +# used to endorse or promote products derived from this software without > >> +# specific prior written permission. > >> +# > >> +#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS > >> IS" AND > >> +#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > >> IMPLIED > >> +#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE > >> +#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE > >> LIABLE FOR > >> +#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > >> DAMAGES > >> +#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > >> SERVICES; > >> +#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED > >> AND ON > >> +#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT > >> +#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF > >> THIS > >> +#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > >> +# > >> +################################################################################ > >> +# > >> +# Defines Section - statements that will be processed to create a > >> Makefile. > >> +# > >> +################################################################################ > >> +[Defines] > >> + PLATFORM_NAME = ${PLATFORM_NAME} > >> + PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3 > >> + PLATFORM_VERSION = 0.1 > >> + DSC_SPECIFICATION = 0x00010019 > >> + OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH) > >> + SUPPORTED_ARCHITECTURES = AARCH64|ARM > >> + BUILD_TARGETS = DEBUG|RELEASE > >> + SKUID_IDENTIFIER = DEFAULT > >> + FLASH_DEFINITION = > >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf > >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf > >> b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf > >> new file mode 100644 > >> index 0000000..c57f7dd > >> --- /dev/null > >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf > >> @@ -0,0 +1,70 @@ > >> +# > >> +# Copyright (C) Marvell International Ltd. and its affiliates > >> +# > >> +# This program and the accompanying materials > >> +# are licensed and made available under the terms and conditions of the > >> BSD License > >> +# which accompanies this distribution. The full text of the license may > >> be found at > >> +# http://opensource.org/licenses/bsd-license.php > >> +# > >> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > >> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR > >> IMPLIED. > >> +# > >> + > >> +[FD.Armada_Capsule] > >> +BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The > >> base address of the Firmware in NOR Flash. > >> +Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The > >> size in bytes of the FLASH Device > >> +ErasePolarity = 1 > >> + > >> +0x00000000|0x00010000 > >> +FILE = > >> $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv > >> + > >> +0x00100000|0x00300000 > >> +FILE = $(ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX) > >> + > >> +[FV.SystemFirmwareUpdateCargo] > >> +FvAlignment = 8 > >> +ERASE_POLARITY = 1 > >> +MEMORY_MAPPED = TRUE > >> +STICKY_WRITE = TRUE > >> +LOCK_CAP = TRUE > >> +LOCK_STATUS = TRUE > >> +WRITE_DISABLED_CAP = TRUE > >> +WRITE_ENABLED_CAP = TRUE > >> +WRITE_STATUS = TRUE > >> +WRITE_LOCK_CAP = TRUE > >> +WRITE_LOCK_STATUS = TRUE > >> +READ_DISABLED_CAP = TRUE > >> +READ_ENABLED_CAP = TRUE > >> +READ_STATUS = TRUE > >> +READ_LOCK_CAP = TRUE > >> +READ_LOCK_STATUS = TRUE > >> + > >> + FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # > >> PcdEdkiiSystemFirmwareFileGuid > >> + FD = Armada_Capsule > >> + } > >> + > >> + FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # > >> gEdkiiSystemFmpCapsuleDriverFvFileGuid > >> + > >> $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv > >> + } > >> + > >> + FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # > >> gEdkiiSystemFmpCapsuleConfigFileGuid > >> + > >> Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini > >> + } > >> + > >> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7] > >> +IMAGE_HEADER_INIT_VERSION = 0x02 > >> +IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # > >> PcdSystemFmpCapsuleImageTypeIdGuid > >> +IMAGE_INDEX = 0x1 > >> +HARDWARE_INSTANCE = 0x0 > >> +MONOTONIC_COUNT = 0x1 > >> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 > >> + > >> + FV = SystemFirmwareUpdateCargo > >> + > >> +[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7] > >> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # > >> gEfiFmpCapsuleGuid > >> +CAPSULE_HEADER_SIZE = 0x20 > >> +CAPSULE_HEADER_INIT_VERSION = 0x1 > >> + > >> + FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7 > >> + > >> -- > >> 2.7.4 > >> _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
