Re: [PATCH v7 4/8] efi: Define set_dfu_alt_info() for boards with UEFI capsule update enabled

2022-04-14 Thread Masami Hiramatsu 
2022年4月14日(木) 19:55 Sughosh Ganu :
>
> Currently, there are a bunch of boards which enable the UEFI capsule
> update feature. The actual update of the firmware images is done
> through the dfu framework which uses the dfu_alt_info environment
> variable for getting information on the update, like device, partition
> number/address etc. The dfu framework allows the variable to be set
> through the set_dfu_alt_info function defined by the platform, or if
> the function is not defined, it gets the variable from the
> environment. Using the value set in the environment is not very
> robust, since the variable can be modified from the u-boot command
> line and this can cause an incorrect update.
>
> To prevent this from happening, define the set_dfu_alt_info function
> when the capsule update feature is enabled. A weak function is defined
> which sets the dfu_alt_info environment variable by getting the string
> for the variable from the platform.

This sounds reasonable.

Reviewed-by: Masami Hiramatsu 

Thank you,

>
> Signed-off-by: Sughosh Ganu 
> ---
>
> Changes since V6: None
>
>  lib/efi_loader/Kconfig| 2 ++
>  lib/efi_loader/efi_firmware.c | 5 +
>  2 files changed, 7 insertions(+)
>
> diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> index 559b95a599..d50cd2563d 100644
> --- a/lib/efi_loader/Kconfig
> +++ b/lib/efi_loader/Kconfig
> @@ -181,6 +181,7 @@ config EFI_CAPSULE_FIRMWARE_FIT
> depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT
> select UPDATE_FIT
> select DFU
> +   select SET_DFU_ALT_INFO
> select EFI_CAPSULE_FIRMWARE
> help
>   Select this option if you want to enable firmware management 
> protocol
> @@ -192,6 +193,7 @@ config EFI_CAPSULE_FIRMWARE_RAW
> depends on SANDBOX || (!SANDBOX && !EFI_CAPSULE_FIRMWARE_FIT)
> select DFU_WRITE_ALT
> select DFU
> +   select SET_DFU_ALT_INFO
> select EFI_CAPSULE_FIRMWARE
> help
>   Select this option if you want to enable firmware management 
> protocol
> diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
> index 46aa7a001a..aff5519e54 100644
> --- a/lib/efi_loader/efi_firmware.c
> +++ b/lib/efi_loader/efi_firmware.c
> @@ -35,6 +35,11 @@ struct fmp_payload_header {
> u32 lowest_supported_version;
>  };
>
> +__weak void set_dfu_alt_info(char *interface, char *devstr)
> +{
> +   env_set("dfu_alt_info", update_info.dfu_string);
> +}
> +
>  /* Place holder; not supported */
>  static
>  efi_status_t EFIAPI efi_firmware_get_image_unsupported(
> --
> 2.25.1
>


-- 
Masami Hiramatsu

[PATCH v7 4/8] efi: Define set_dfu_alt_info() for boards with UEFI capsule update enabled

2022-04-14 Thread Sughosh Ganu 
Currently, there are a bunch of boards which enable the UEFI capsule
update feature. The actual update of the firmware images is done
through the dfu framework which uses the dfu_alt_info environment
variable for getting information on the update, like device, partition
number/address etc. The dfu framework allows the variable to be set
through the set_dfu_alt_info function defined by the platform, or if
the function is not defined, it gets the variable from the
environment. Using the value set in the environment is not very
robust, since the variable can be modified from the u-boot command
line and this can cause an incorrect update.

To prevent this from happening, define the set_dfu_alt_info function
when the capsule update feature is enabled. A weak function is defined
which sets the dfu_alt_info environment variable by getting the string
for the variable from the platform.

Signed-off-by: Sughosh Ganu 
---

Changes since V6: None

 lib/efi_loader/Kconfig| 2 ++
 lib/efi_loader/efi_firmware.c | 5 +
 2 files changed, 7 insertions(+)

diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index 559b95a599..d50cd2563d 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -181,6 +181,7 @@ config EFI_CAPSULE_FIRMWARE_FIT
depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT
select UPDATE_FIT
select DFU
+   select SET_DFU_ALT_INFO
select EFI_CAPSULE_FIRMWARE
help
  Select this option if you want to enable firmware management protocol
@@ -192,6 +193,7 @@ config EFI_CAPSULE_FIRMWARE_RAW
depends on SANDBOX || (!SANDBOX && !EFI_CAPSULE_FIRMWARE_FIT)
select DFU_WRITE_ALT
select DFU
+   select SET_DFU_ALT_INFO
select EFI_CAPSULE_FIRMWARE
help
  Select this option if you want to enable firmware management protocol
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 46aa7a001a..aff5519e54 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -35,6 +35,11 @@ struct fmp_payload_header {
u32 lowest_supported_version;
 };
 
+__weak void set_dfu_alt_info(char *interface, char *devstr)
+{
+   env_set("dfu_alt_info", update_info.dfu_string);
+}
+
 /* Place holder; not supported */
 static
 efi_status_t EFIAPI efi_firmware_get_image_unsupported(
-- 
2.25.1