Re: [PATCH v2 2/4] doc: Document capsule generation through a config file
hi Heinrich,
On Fri, 19 Apr 2024 at 13:01, Heinrich Schuchardt wrote:
>
> On 19.04.24 08:55, Sughosh Ganu wrote:
> > The UEFI capsule can now be generated by specifying the capsule
> > parameters through a config file. Highlight these changes in the
> > documentation.
> >
> > Signed-off-by: Sughosh Ganu
> > ---
> > doc/develop/uefi/uefi.rst | 70 +++
> > 1 file changed, 70 insertions(+)
> >
> > diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst
> > index 0389b269c0..8586127a83 100644
> > --- a/doc/develop/uefi/uefi.rst
> > +++ b/doc/develop/uefi/uefi.rst
> > @@ -318,6 +318,76 @@ Run the following command
> > --guid \
> >
>
> The users deserve a man-page mkeficapsule.1 that can be installed by
> distros as /usr/share/doc/man/man1/mkeficapsule.1.
>
> Do not expect the user to look up the information online.
Will add a man-page.
>
> >
> > +Alternatively, the capsules can be generated through a config
> > +file. When generating the capsules through a config file, the Kconfig
> > +symbol CONFIG_EFI_CAPSULE_CFG_FILE is to be used for specifying the
> > +path to the config file.
>
> Why do we need CONFIG_EFI_CAPSULE_CFG_FILE? You could use a fixed path
> or an environment parameter.
Will remove the config flags.
>
> > +
> > +The config file describes the parameters that are used for generating
> > +one or more capsules. The parameters for a given capsule file are
> > +specified within curly braces, in the form of "key:value" pairs. All
> > +the parameters that are currently supported by the mkeficapsule tool
> > +can be specified through the config file.
> > +
> > +The following are some example payload parameters specified through
> > +the config file.
> > +
> > +.. code-block:: none
> > +
> > + {
> > + image-guid: 02f4d760-cfd5-43bd-8e2d-a42acb33c660
> > + hardware-instance: 0
> > + monotonic-count: 1
> > + payload: u-boot.bin
> > + image-index: 1
> > + fw-version: 2
> > + private-key: /path/to/priv/key
> > + pub-key-cert: /path/to/pub/key
> > + capsule: u-boot.capsule
> > + }
> > + {
> > + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e
> > + hardware-instance: 0
> > + payload: u-boot.itb
> > + image-index: 2
> > + fw-version: 7
> > + oemflags: 0x8000
> > + capsule: fit.capsule
> > + }
> > + {
> > + capsule-type: accept
> > + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e
> > + capsule: accept.capsule
> > + }
> > + {
> > + capsule-type: revert
> > + capsule: revert.capsule
> > + }
>
> Is this one file? Are these multiple files? If these are multiple files,
> please, put them in different code blocks.
These are multiple files. But eventually, we will be using this
feature to generate a multi-payload capsule. Again, this is on similar
lines to how this is done with the EDKII script.
>
> What are the curly braces good for? Please, use an established file
> format like YAML or JSON.
As discussed over IRC, I will check if I can use the YAML format and
keep the format similar to the one used above -- in key:value pairs. I
would prefer keeping the format similar to what is used in the EDKII
capsule generation tool. But if I can use the mapping node type in
YAML for providing this information, I will explore using YAML with
the libcyaml library for parsing the configs.
>
> > +
> > +The following are the keys that specify the capsule parameters
> > +
> > +..code-block:: none
> > +
> > +image-guid: Image GUID
>
> Please use the following formatting:
>
> image-guid
> Image GUID
>
> fw-version
> Image version
I have kept the format similar to what is used in EDKII.
>
> > +image-index: Image index value
> > +fw-version: Image version
> > +private-key: Path to the private key file used for capsule signing
> > +pub-key-cert: Path to the public key crt file used for capsule signing
> > +payload: Path to the capsule payload file
> > +capsule: Path to the output capsule file that is generated
> > +hardware-instance: Hardware Instance value
>
> Please, explain what a hardware instance is.
Okay
>
> > +monotonic-count: Monotonic count value
>
> Please, explain what it is used for.
Okay
>
> > +capsule-type: Specifies capsule type. normal(default), accept or revert
>
> ditto
>
> > +oemflags: 16bit Oemflags value to be used(populated in capsule header)
>
> ditto
>
> > +
> > +When generating capsules through a config file, the command would look
> > +like
> > +
> > +.. code-block:: console
> > +
> > +$ mkeficapsule --cfg-file
>
> All available command line parameters of mkeficapsule should be
> described in one place.
Will fix
-sughosh
>
> Best regards
>
> Heinrich
>
> > +
> > +
> > Capsule with firmware version
> > *
> >
>
Re: [PATCH v2 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Heinrich,
On Fri, 19 Apr 2024 at 12:44, Heinrich Schuchardt wrote:
>
> On 19.04.24 08:55, Sughosh Ganu wrote:
> > Add support for specifying the parameters needed for capsule
> > generation through a config file, instead of passing them through
> > command-line. Parameters for more than a single capsule file can be
> > specified, resulting in generation of multiple capsules through a
> > single invocation of the command.
> >
> > The config file can be passed to the mkeficapsule tool in such manner
> >
> > $ ./tools/mkeficapsule -f
>
> Please, mention the long option.
Okay
>
> >
> > Signed-off-by: Sughosh Ganu
> > ---
> > tools/Kconfig | 15 ++
> > tools/Makefile | 1 +
> > tools/eficapsule.h | 114
> > tools/mkeficapsule.c | 87 +
> > tools/mkeficapsule_parse.c | 352 +
> > 5 files changed, 538 insertions(+), 31 deletions(-)
> > create mode 100644 tools/mkeficapsule_parse.c
> >
> > diff --git a/tools/Kconfig b/tools/Kconfig
> > index 667807b331..0362ca8e45 100644
> > --- a/tools/Kconfig
> > +++ b/tools/Kconfig
> > @@ -104,6 +104,21 @@ config TOOLS_MKEFICAPSULE
> > optionally sign that file. If you want to enable UEFI capsule
> > update feature on your target, you certainly need this.
> >
> > +config EFI_CAPSULE_CFG_FILE
> > + string "Path to the EFI Capsule Config File"
> > + help
> > + Path to the EFI capsule config file which provides the
> > + parameters needed to build capsule(s). Parameters can be
> > + provided for multiple payloads resulting in corresponding
> > + capsule images being generated.
>
> This help test does not explain if this is a parameter for binman or
> something built into mkeficapsule.
>
> We should not hard code any path inside mkeficapsule.
>
> I can't see the new CONFIG parameters used within the code changes of
> this patch. Please, add them into the patches where they are needed.
As discussed over IRC, I need these config options only for the CI
testing. I will replace these with hard-coded paths for the tests.
>
> > +
> > +config EFI_USE_CAPSULE_CFG_FILE
> > + bool "Use the config file for generating capsules"
> > + help
> > + Boolean option used to specify if the EFI capsules are to
> > + be generated through parameters specified via the config
> > + file or through command line.
>
> Given this help text I would not know if this option changes how
> mkeficapsule is built or how binman invokes it.
>
> I would expect that mkeficapsule is always built in a way that a
> configuration file can be passed.
>
> Furthermore I would expect binman to invoke mkeficapsule with the
> appropriate command line parameters if you have enabled building capsules.
>
> Why do we need this configuration parameter? Just always build
> mkeficapsule with support for the -f parameter.
Will remove these config flags.
-sughosh
>
> Best regards
>
> Heinrich
>
> > +
> > menuconfig FSPI_CONF_HEADER
> > bool "FlexSPI Header Configuration"
> > help
> > diff --git a/tools/Makefile b/tools/Makefile
> > index 6a4280e366..4311f5914f 100644
> > --- a/tools/Makefile
> > +++ b/tools/Makefile
> > @@ -253,6 +253,7 @@ HOSTLDLIBS_mkeficapsule += \
> > HOSTLDLIBS_mkeficapsule += \
> > $(shell pkg-config --libs uuid 2> /dev/null || echo "-luuid")
> > hostprogs-$(CONFIG_TOOLS_MKEFICAPSULE) += mkeficapsule
> > +mkeficapsule-objs := mkeficapsule.o mkeficapsule_parse.o
> >
> > mkfwumdata-objs := mkfwumdata.o generated/lib/crc32.o
> > HOSTLDLIBS_mkfwumdata += -luuid
> > diff --git a/tools/eficapsule.h b/tools/eficapsule.h
> > index 6efd07d2eb..71a08b62e6 100644
> > --- a/tools/eficapsule.h
> > +++ b/tools/eficapsule.h
> > @@ -54,6 +54,12 @@ typedef struct {
> > /* flags */
> > #define CAPSULE_FLAGS_PERSIST_ACROSS_RESET 0x0001
> >
> > +enum capsule_type {
> > + CAPSULE_NORMAL_BLOB = 0,
> > + CAPSULE_ACCEPT,
> > + CAPSULE_REVERT,
> > +};
> > +
> > struct efi_capsule_header {
> > efi_guid_t capsule_guid;
> > uint32_t header_size;
> > @@ -145,4 +151,112 @@ struct fmp_payload_header_params {
> > uint32_t fw_version;
> > };
> >
> > +/**
> > + * struct efi_capsule_params - Capsule parameters
> > + * @image_guid: Guid value of the payload
Re: [PATCH 01/10] board: ti: am62x: Init DRAM size in R5/A53 SPL
On Fri, 19 Apr 2024 at 17:23, Chintan Vankar wrote: > > > > On 19/04/24 17:04, Sughosh Ganu wrote: > > On Fri, 19 Apr 2024 at 16:04, Chintan Vankar wrote: > >> > >> > >> > >> On 18/04/24 17:30, Sughosh Ganu wrote: > >>> On Thu, 18 Apr 2024 at 16:08, Chintan Vankar wrote: > >>>> > >>>> > >>>> > >>>> On 17/04/24 21:34, Tom Rini wrote: > >>>>> On Wed, Apr 17, 2024 at 05:48:31PM +0530, Sughosh Ganu wrote: > >>>>>> hi Chintan, > >>>>>> > >>>>>> On Wed, 17 Apr 2024 at 13:21, Chintan Vankar wrote: > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> On 16/04/24 22:30, Tom Rini wrote: > >>>>>>>> On Tue, Apr 16, 2024 at 05:52:58PM +0530, Chintan Vankar wrote: > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> On 12/04/24 03:37, Tom Rini wrote: > >>>>>>>>>> On Wed, Apr 03, 2024 at 06:18:01PM +0530, Chintan Vankar wrote: > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> On 22/01/24 10:11, Siddharth Vadapalli wrote: > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> On 20/01/24 22:11, Tom Rini wrote: > >>>>>>>>>>>>> On Mon, Jan 15, 2024 at 01:42:51PM +0530, Siddharth Vadapalli > >>>>>>>>>>>>> wrote: > >>>>>>>>>>>>>> Hello Tom, > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> On 12/01/24 18:56, Tom Rini wrote: > >>>>>>>>>>>> > >>>>>>>>>>>> ... > >>>>>>>>>>>> > >>>>>>>>>>>>>>> The list of conditionals in common/spl/spl.c::board_init_r() > >>>>>>>>>>>>>>> should be > >>>>>>>>>>>>>>> updated and probably use SPL_NET as the option to check for. > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> Thank you for reviewing the patch and pointing this out. I > >>>>>>>>>>>>>> wasn't aware of it. I > >>>>>>>>>>>>>> assume that you are referring to the following change: > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> if (IS_ENABLED(CONFIG_SPL_OS_BOOT) || > >>>>>>>>>>>>>> CONFIG_IS_ENABLED(HANDOFF) || > >>>>>>>>>>>>>> - IS_ENABLED(CONFIG_SPL_ATF)) > >>>>>>>>>>>>>> + IS_ENABLED(CONFIG_SPL_ATF) || > >>>>>>>>>>>>>> IS_ENABLED(CONFIG_SPL_NET)) > >>>>>>>>>>>>>> dram_init_banksize(); > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> I shall replace the current patch with the above change in the > >>>>>>>>>>>>>> v2 series. Since > >>>>>>>>>>>>>> this is in the common section, is there a generic reason I > >>>>>>>>>>>>>> could provide in the > >>>>>>>>>>>>>> commit message rather than the existing commit message which > >>>>>>>>>>>>>> seems to be board > >>>>>>>>>>>>>> specific? Also, I hope that the above change will not cause > >>>>>>>>>>>>>> regressions for > >>>>>>>>>>>>>> other non-TI devices. Please let me know. > >>>>>>>>>>>>> > >>>>>>>>>>>>> Yes, that's the area, and just note that networking also > >>>>>>>>>>>>> requires the > >>>>>>>>>>>>> DDR to be initialized. > >>>>>>>>>>>>> > >>&
Re: [PATCH 01/10] board: ti: am62x: Init DRAM size in R5/A53 SPL
On Fri, 19 Apr 2024 at 16:04, Chintan Vankar wrote: > > > > On 18/04/24 17:30, Sughosh Ganu wrote: > > On Thu, 18 Apr 2024 at 16:08, Chintan Vankar wrote: > >> > >> > >> > >> On 17/04/24 21:34, Tom Rini wrote: > >>> On Wed, Apr 17, 2024 at 05:48:31PM +0530, Sughosh Ganu wrote: > >>>> hi Chintan, > >>>> > >>>> On Wed, 17 Apr 2024 at 13:21, Chintan Vankar wrote: > >>>>> > >>>>> > >>>>> > >>>>> On 16/04/24 22:30, Tom Rini wrote: > >>>>>> On Tue, Apr 16, 2024 at 05:52:58PM +0530, Chintan Vankar wrote: > >>>>>>> > >>>>>>> > >>>>>>> On 12/04/24 03:37, Tom Rini wrote: > >>>>>>>> On Wed, Apr 03, 2024 at 06:18:01PM +0530, Chintan Vankar wrote: > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> On 22/01/24 10:11, Siddharth Vadapalli wrote: > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> On 20/01/24 22:11, Tom Rini wrote: > >>>>>>>>>>> On Mon, Jan 15, 2024 at 01:42:51PM +0530, Siddharth Vadapalli > >>>>>>>>>>> wrote: > >>>>>>>>>>>> Hello Tom, > >>>>>>>>>>>> > >>>>>>>>>>>> On 12/01/24 18:56, Tom Rini wrote: > >>>>>>>>>> > >>>>>>>>>> ... > >>>>>>>>>> > >>>>>>>>>>>>> The list of conditionals in common/spl/spl.c::board_init_r() > >>>>>>>>>>>>> should be > >>>>>>>>>>>>> updated and probably use SPL_NET as the option to check for. > >>>>>>>>>>>> > >>>>>>>>>>>> Thank you for reviewing the patch and pointing this out. I > >>>>>>>>>>>> wasn't aware of it. I > >>>>>>>>>>>> assume that you are referring to the following change: > >>>>>>>>>>>> > >>>>>>>>>>>> if (IS_ENABLED(CONFIG_SPL_OS_BOOT) || > >>>>>>>>>>>> CONFIG_IS_ENABLED(HANDOFF) || > >>>>>>>>>>>> - IS_ENABLED(CONFIG_SPL_ATF)) > >>>>>>>>>>>> + IS_ENABLED(CONFIG_SPL_ATF) || > >>>>>>>>>>>> IS_ENABLED(CONFIG_SPL_NET)) > >>>>>>>>>>>> dram_init_banksize(); > >>>>>>>>>>>> > >>>>>>>>>>>> I shall replace the current patch with the above change in the > >>>>>>>>>>>> v2 series. Since > >>>>>>>>>>>> this is in the common section, is there a generic reason I could > >>>>>>>>>>>> provide in the > >>>>>>>>>>>> commit message rather than the existing commit message which > >>>>>>>>>>>> seems to be board > >>>>>>>>>>>> specific? Also, I hope that the above change will not cause > >>>>>>>>>>>> regressions for > >>>>>>>>>>>> other non-TI devices. Please let me know. > >>>>>>>>>>> > >>>>>>>>>>> Yes, that's the area, and just note that networking also requires > >>>>>>>>>>> the > >>>>>>>>>>> DDR to be initialized. > >>>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> Thank you for confirming and providing your suggestion for the > >>>>>>>>>> contents of the > >>>>>>>>>> commit message. > >>>>>>>>>> > >>>>>>>>> Following Tom's Suggestion of adding CONFIG_SPL_NET in > >>>>>>>>> common/spl/spl.c > >>>>>>>>> "dram_init_banksize()", the issue of fetching a file at SPL stage > >>>>>>>>> seemed >
[PATCH v2 4/4] test: capsule: Generate capsules through config file
Add logic to generate capsules through a config file while testing the
EFI capsule update functionality. Capsule generation through config
file is enabled on the sandbox variant.
Signed-off-by: Sughosh Ganu
---
test/py/tests/test_efi_capsule/capsule_gen_binman.dts | 2 ++
test/py/tests/test_efi_capsule/conftest.py| 7 +++
2 files changed, 9 insertions(+)
diff --git a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
index 1a62c26047..d1c0067064 100644
--- a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
+++ b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
@@ -54,6 +54,7 @@
};
};
+#if !defined(CONFIG_EFI_USE_CAPSULE_CFG_FILE)
capsule1 {
filename = "Test04";
efi-capsule {
@@ -165,4 +166,5 @@
};
};
};
+#endif /* CONFIG_EFI_USE_CAPSULE_CFG_FILE */
};
diff --git a/test/py/tests/test_efi_capsule/conftest.py
b/test/py/tests/test_efi_capsule/conftest.py
index 80b12977d6..b5abd7ab45 100644
--- a/test/py/tests/test_efi_capsule/conftest.py
+++ b/test/py/tests/test_efi_capsule/conftest.py
@@ -88,6 +88,13 @@ def efi_capsule_data(request, u_boot_config):
check_call('cp %s/Test* %s' % (u_boot_config.build_dir, data_dir),
shell=True)
os.environ['PYTHONPATH'] = pythonpath
+capsule_cfg_file_gen =
u_boot_config.buildconfig.get('config_efi_use_capsule_cfg_file')
+if capsule_cfg_file_gen:
+cfg_file = u_boot_config.source_dir + '/' +
u_boot_config.buildconfig.get('config_efi_capsule_cfg_file')[1:-1]
+check_call('cd %s; '
+ '%s/tools/mkeficapsule -f %s'
+ % (data_dir, u_boot_config.build_dir, cfg_file),
shell=True)
+
# Create a disk image with EFI system partition
check_call('virt-make-fs --partition=gpt --size=+1M --type=vfat %s %s'
%
(mnt_point, image_path), shell=True)
--
2.34.1
[PATCH v2 3/4] sandbox: capsule: Add a config file for generating capsules
Support has been added to the mkeficapsule tool to generate capsules
by parsing the capsule parameters through a config file. Add a config
file for generating capsules. These capsules will be used for testing
the capsule update feature on sandbox platform.
Enable generation of capsules through the config file on the sandbox
variant.
Signed-off-by: Sughosh Ganu
---
configs/sandbox_defconfig | 2 +
.../test_efi_capsule/sandbox_capsule_cfg.txt | 73 +++
2 files changed, 75 insertions(+)
create mode 100644 test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index 93b52f2de5..b30cd394a1 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -353,6 +353,8 @@ CONFIG_EFI_CAPSULE_ON_DISK=y
CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_EFI_CAPSULE_AUTHENTICATE=y
CONFIG_EFI_CAPSULE_ESL_FILE="board/sandbox/capsule_pub_esl_good.esl"
+CONFIG_EFI_CAPSULE_CFG_FILE="test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt"
+CONFIG_EFI_USE_CAPSULE_CFG_FILE=y
CONFIG_EFI_SECURE_BOOT=y
CONFIG_TEST_FDTDEC=y
CONFIG_UNIT_TEST=y
diff --git a/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
b/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
new file mode 100644
index 00..01040eb6b3
--- /dev/null
+++ b/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
@@ -0,0 +1,73 @@
+{
+ image-index: 1
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test04
+
+}
+{
+ image-index: 1
+ image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4
+ payload: u-boot_bin_env.itb
+ capsule: Test05
+
+}
+{
+ image-index: 1
+ image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4
+ payload: u-boot_bin_env.itb
+ capsule: Test05
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test13
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ private-key: SIGNER2.key
+ pub-key-cert: SIGNER2.crt
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test14
+}
+{
+ image-index: 1
+ fw-version: 5
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test104
+}
+{
+ image-index: 1
+ fw-version: 2
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test105
+
+}
+{
+ image-index: 1
+ fw-version: 5
+ monotonic-count: 1
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test114
+}
+{
+ image-index: 1
+ fw-version: 2
+ monotonic-count: 1
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test115
+}
--
2.34.1
[PATCH v2 2/4] doc: Document capsule generation through a config file
The UEFI capsule can now be generated by specifying the capsule
parameters through a config file. Highlight these changes in the
documentation.
Signed-off-by: Sughosh Ganu
---
doc/develop/uefi/uefi.rst | 70 +++
1 file changed, 70 insertions(+)
diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst
index 0389b269c0..8586127a83 100644
--- a/doc/develop/uefi/uefi.rst
+++ b/doc/develop/uefi/uefi.rst
@@ -318,6 +318,76 @@ Run the following command
--guid \
+Alternatively, the capsules can be generated through a config
+file. When generating the capsules through a config file, the Kconfig
+symbol CONFIG_EFI_CAPSULE_CFG_FILE is to be used for specifying the
+path to the config file.
+
+The config file describes the parameters that are used for generating
+one or more capsules. The parameters for a given capsule file are
+specified within curly braces, in the form of "key:value" pairs. All
+the parameters that are currently supported by the mkeficapsule tool
+can be specified through the config file.
+
+The following are some example payload parameters specified through
+the config file.
+
+.. code-block:: none
+
+ {
+ image-guid: 02f4d760-cfd5-43bd-8e2d-a42acb33c660
+ hardware-instance: 0
+ monotonic-count: 1
+ payload: u-boot.bin
+ image-index: 1
+ fw-version: 2
+ private-key: /path/to/priv/key
+ pub-key-cert: /path/to/pub/key
+ capsule: u-boot.capsule
+ }
+ {
+ image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e
+ hardware-instance: 0
+ payload: u-boot.itb
+ image-index: 2
+ fw-version: 7
+ oemflags: 0x8000
+ capsule: fit.capsule
+ }
+ {
+ capsule-type: accept
+ image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e
+ capsule: accept.capsule
+ }
+ {
+ capsule-type: revert
+ capsule: revert.capsule
+ }
+
+The following are the keys that specify the capsule parameters
+
+..code-block:: none
+
+image-guid: Image GUID
+image-index: Image index value
+fw-version: Image version
+private-key: Path to the private key file used for capsule signing
+pub-key-cert: Path to the public key crt file used for capsule signing
+payload: Path to the capsule payload file
+capsule: Path to the output capsule file that is generated
+hardware-instance: Hardware Instance value
+monotonic-count: Monotonic count value
+capsule-type: Specifies capsule type. normal(default), accept or revert
+oemflags: 16bit Oemflags value to be used(populated in capsule header)
+
+When generating capsules through a config file, the command would look
+like
+
+.. code-block:: console
+
+$ mkeficapsule --cfg-file
+
+
Capsule with firmware version
*
--
2.34.1
[PATCH v2 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
Add support for specifying the parameters needed for capsule
generation through a config file, instead of passing them through
command-line. Parameters for more than a single capsule file can be
specified, resulting in generation of multiple capsules through a
single invocation of the command.
The config file can be passed to the mkeficapsule tool in such manner
$ ./tools/mkeficapsule -f
Signed-off-by: Sughosh Ganu
---
tools/Kconfig | 15 ++
tools/Makefile | 1 +
tools/eficapsule.h | 114
tools/mkeficapsule.c | 87 +
tools/mkeficapsule_parse.c | 352 +
5 files changed, 538 insertions(+), 31 deletions(-)
create mode 100644 tools/mkeficapsule_parse.c
diff --git a/tools/Kconfig b/tools/Kconfig
index 667807b331..0362ca8e45 100644
--- a/tools/Kconfig
+++ b/tools/Kconfig
@@ -104,6 +104,21 @@ config TOOLS_MKEFICAPSULE
optionally sign that file. If you want to enable UEFI capsule
update feature on your target, you certainly need this.
+config EFI_CAPSULE_CFG_FILE
+ string "Path to the EFI Capsule Config File"
+ help
+ Path to the EFI capsule config file which provides the
+ parameters needed to build capsule(s). Parameters can be
+ provided for multiple payloads resulting in corresponding
+ capsule images being generated.
+
+config EFI_USE_CAPSULE_CFG_FILE
+ bool "Use the config file for generating capsules"
+ help
+ Boolean option used to specify if the EFI capsules are to
+ be generated through parameters specified via the config
+ file or through command line.
+
menuconfig FSPI_CONF_HEADER
bool "FlexSPI Header Configuration"
help
diff --git a/tools/Makefile b/tools/Makefile
index 6a4280e366..4311f5914f 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -253,6 +253,7 @@ HOSTLDLIBS_mkeficapsule += \
HOSTLDLIBS_mkeficapsule += \
$(shell pkg-config --libs uuid 2> /dev/null || echo "-luuid")
hostprogs-$(CONFIG_TOOLS_MKEFICAPSULE) += mkeficapsule
+mkeficapsule-objs := mkeficapsule.o mkeficapsule_parse.o
mkfwumdata-objs := mkfwumdata.o generated/lib/crc32.o
HOSTLDLIBS_mkfwumdata += -luuid
diff --git a/tools/eficapsule.h b/tools/eficapsule.h
index 6efd07d2eb..71a08b62e6 100644
--- a/tools/eficapsule.h
+++ b/tools/eficapsule.h
@@ -54,6 +54,12 @@ typedef struct {
/* flags */
#define CAPSULE_FLAGS_PERSIST_ACROSS_RESET 0x0001
+enum capsule_type {
+ CAPSULE_NORMAL_BLOB = 0,
+ CAPSULE_ACCEPT,
+ CAPSULE_REVERT,
+};
+
struct efi_capsule_header {
efi_guid_t capsule_guid;
uint32_t header_size;
@@ -145,4 +151,112 @@ struct fmp_payload_header_params {
uint32_t fw_version;
};
+/**
+ * struct efi_capsule_params - Capsule parameters
+ * @image_guid: Guid value of the payload input image
+ * @image_index: Image index value
+ * @hardware_instance: Hardware instance to be used for the image
+ * @fmp: FMP payload header used for storing firmware version
+ * @monotonic_count: Monotonic count value to be used for signed capsule
+ * @privkey_file: Path to private key used in capsule signing
+ * @cert_file: Path to public key certificate used in capsule signing
+ * @input_file: Path to payload input image
+ * @capsule_file: Path to the output capsule file
+ * @oemflags: Oemflags to be populated in the capsule header
+ * @capsule: Capsule Type, normal or accept or revert
+ */
+struct efi_capsule_params {
+ efi_guid_t *image_guid;
+ unsigned long image_index;
+ unsigned long hardware_instance;
+ struct fmp_payload_header_params fmp;
+ uint64_t monotonic_count;
+ char *privkey_file;
+ char *cert_file;
+ char *input_file;
+ char *capsule_file;
+ unsigned long oemflags;
+ enum capsule_type capsule;
+};
+
+/**
+ * capsule_with_cfg_file() - Generate capsule from config file
+ * @cfg_file: Path to the config file
+ *
+ * Parse the capsule parameters from the config file and use the
+ * parameters for generating one or more capsules.
+ *
+ * Return: None
+ *
+ */
+void capsule_with_cfg_file(const char *cfg_file);
+
+/**
+ * convert_uuid_to_guid() - convert UUID to GUID
+ * @buf: UUID binary
+ *
+ * UUID and GUID have the same data structure, but their binary
+ * formats are different due to the endianness. See lib/uuid.c.
+ * Since uuid_parse() can handle only UUID, this function must
+ * be called to get correct data for GUID when parsing a string.
+ *
+ * The correct data will be returned in @buf.
+ */
+void convert_uuid_to_guid(unsigned char *buf);
+
+/**
+ * create_empty_capsule() - Generate an empty capsule
+ * @path: Path to the empty capsule file to be generated
+ * @guid: Guid value of the image for which empty capsule is generated
+ * @fw_accept: Flag to specify whether to generate accept or revert capsule
+ *
+ * Generate an
[PATCH v2 0/4] Generate capsules from config files
Add support for generating capsules through a config file. Multiple capsules can be generated through a single invocation of the mkeficapsule tool, where the capsule parameters are fetched from the config file. The format of the config file pretty similar to the one used by the capsule generation tool in EDKII. The functionality is enabled on the sandbox variant and the EFI capsule update test is now configured to generate the capsules through a config file. The sandbox_flattree variant generates capsules through binman, thus covering both the paths. This is a rebased version of the earlier patch series that was sent to the mailing list [1]. That series was not getting merged as Simon had asked for generation of capsules as part of the sandbox platform build. Those patches have since been merged. Moreover, there has been adoption of the capsule generation logic by TI platforms as well, so that should address the concern which Tom had about it's usage. These patches are more of a step in the direction of adding support for generation of a multi-payload capsule. There has been a request for it's support for a platform [2]. [1] - https://lists.denx.de/pipermail/u-boot/2023-November/538223.html [2] - https://lists.denx.de/pipermail/u-boot/2024-March/548126.html Sughosh Ganu (4): tools: mkeficapsule: Add support for parsing capsule params from config file doc: Document capsule generation through a config file sandbox: capsule: Add a config file for generating capsules test: capsule: Generate capsules through config file configs/sandbox_defconfig | 2 + doc/develop/uefi/uefi.rst | 70 .../test_efi_capsule/capsule_gen_binman.dts | 2 + test/py/tests/test_efi_capsule/conftest.py| 7 + .../test_efi_capsule/sandbox_capsule_cfg.txt | 73 tools/Kconfig | 15 + tools/Makefile| 1 + tools/eficapsule.h| 114 ++ tools/mkeficapsule.c | 87 +++-- tools/mkeficapsule_parse.c| 352 ++ 10 files changed, 692 insertions(+), 31 deletions(-) create mode 100644 test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt create mode 100644 tools/mkeficapsule_parse.c -- 2.34.1
Re: [PATCH 01/10] board: ti: am62x: Init DRAM size in R5/A53 SPL
On Thu, 18 Apr 2024 at 16:08, Chintan Vankar wrote: > > > > On 17/04/24 21:34, Tom Rini wrote: > > On Wed, Apr 17, 2024 at 05:48:31PM +0530, Sughosh Ganu wrote: > >> hi Chintan, > >> > >> On Wed, 17 Apr 2024 at 13:21, Chintan Vankar wrote: > >>> > >>> > >>> > >>> On 16/04/24 22:30, Tom Rini wrote: > >>>> On Tue, Apr 16, 2024 at 05:52:58PM +0530, Chintan Vankar wrote: > >>>>> > >>>>> > >>>>> On 12/04/24 03:37, Tom Rini wrote: > >>>>>> On Wed, Apr 03, 2024 at 06:18:01PM +0530, Chintan Vankar wrote: > >>>>>>> > >>>>>>> > >>>>>>> On 22/01/24 10:11, Siddharth Vadapalli wrote: > >>>>>>>> > >>>>>>>> > >>>>>>>> On 20/01/24 22:11, Tom Rini wrote: > >>>>>>>>> On Mon, Jan 15, 2024 at 01:42:51PM +0530, Siddharth Vadapalli wrote: > >>>>>>>>>> Hello Tom, > >>>>>>>>>> > >>>>>>>>>> On 12/01/24 18:56, Tom Rini wrote: > >>>>>>>> > >>>>>>>> ... > >>>>>>>> > >>>>>>>>>>> The list of conditionals in common/spl/spl.c::board_init_r() > >>>>>>>>>>> should be > >>>>>>>>>>> updated and probably use SPL_NET as the option to check for. > >>>>>>>>>> > >>>>>>>>>> Thank you for reviewing the patch and pointing this out. I wasn't > >>>>>>>>>> aware of it. I > >>>>>>>>>> assume that you are referring to the following change: > >>>>>>>>>> > >>>>>>>>>> if (IS_ENABLED(CONFIG_SPL_OS_BOOT) || > >>>>>>>>>> CONFIG_IS_ENABLED(HANDOFF) || > >>>>>>>>>> - IS_ENABLED(CONFIG_SPL_ATF)) > >>>>>>>>>> + IS_ENABLED(CONFIG_SPL_ATF) || > >>>>>>>>>> IS_ENABLED(CONFIG_SPL_NET)) > >>>>>>>>>> dram_init_banksize(); > >>>>>>>>>> > >>>>>>>>>> I shall replace the current patch with the above change in the v2 > >>>>>>>>>> series. Since > >>>>>>>>>> this is in the common section, is there a generic reason I could > >>>>>>>>>> provide in the > >>>>>>>>>> commit message rather than the existing commit message which seems > >>>>>>>>>> to be board > >>>>>>>>>> specific? Also, I hope that the above change will not cause > >>>>>>>>>> regressions for > >>>>>>>>>> other non-TI devices. Please let me know. > >>>>>>>>> > >>>>>>>>> Yes, that's the area, and just note that networking also requires > >>>>>>>>> the > >>>>>>>>> DDR to be initialized. > >>>>>>>>> > >>>>>>>> > >>>>>>>> Thank you for confirming and providing your suggestion for the > >>>>>>>> contents of the > >>>>>>>> commit message. > >>>>>>>> > >>>>>>> Following Tom's Suggestion of adding CONFIG_SPL_NET in > >>>>>>> common/spl/spl.c > >>>>>>> "dram_init_banksize()", the issue of fetching a file at SPL stage > >>>>>>> seemed > >>>>>>> to be fixed. However the commit "ba20b2443c29", which sets gd->ram_top > >>>>>>> for the very first time in "spl_enable_cache()" results in > >>>>>>> "arch_lmb_reserve()" function reserving memory region from Stack > >>>>>>> pointer > >>>>>>> at "0x81FFB820" to gd->ram_top pointing to "0x1". Previously > >>>>>>> when gd->ram_top was zero "arch_lmb_reserve()" was noop. Now using > >>>>>>> TFTP > >>>>>>> to fetch U-Boot image at SPL stage results in
Re: [PATCH 01/10] board: ti: am62x: Init DRAM size in R5/A53 SPL
hi Chintan, On Wed, 17 Apr 2024 at 13:21, Chintan Vankar wrote: > > > > On 16/04/24 22:30, Tom Rini wrote: > > On Tue, Apr 16, 2024 at 05:52:58PM +0530, Chintan Vankar wrote: > >> > >> > >> On 12/04/24 03:37, Tom Rini wrote: > >>> On Wed, Apr 03, 2024 at 06:18:01PM +0530, Chintan Vankar wrote: > > > On 22/01/24 10:11, Siddharth Vadapalli wrote: > > > > > > On 20/01/24 22:11, Tom Rini wrote: > >> On Mon, Jan 15, 2024 at 01:42:51PM +0530, Siddharth Vadapalli wrote: > >>> Hello Tom, > >>> > >>> On 12/01/24 18:56, Tom Rini wrote: > > > > ... > > > The list of conditionals in common/spl/spl.c::board_init_r() should > be > updated and probably use SPL_NET as the option to check for. > >>> > >>> Thank you for reviewing the patch and pointing this out. I wasn't > >>> aware of it. I > >>> assume that you are referring to the following change: > >>> > >>>if (IS_ENABLED(CONFIG_SPL_OS_BOOT) || > >>> CONFIG_IS_ENABLED(HANDOFF) || > >>> - IS_ENABLED(CONFIG_SPL_ATF)) > >>> + IS_ENABLED(CONFIG_SPL_ATF) || IS_ENABLED(CONFIG_SPL_NET)) > >>>dram_init_banksize(); > >>> > >>> I shall replace the current patch with the above change in the v2 > >>> series. Since > >>> this is in the common section, is there a generic reason I could > >>> provide in the > >>> commit message rather than the existing commit message which seems to > >>> be board > >>> specific? Also, I hope that the above change will not cause > >>> regressions for > >>> other non-TI devices. Please let me know. > >> > >> Yes, that's the area, and just note that networking also requires the > >> DDR to be initialized. > >> > > > > Thank you for confirming and providing your suggestion for the contents > > of the > > commit message. > > > Following Tom's Suggestion of adding CONFIG_SPL_NET in common/spl/spl.c > "dram_init_banksize()", the issue of fetching a file at SPL stage seemed > to be fixed. However the commit "ba20b2443c29", which sets gd->ram_top > for the very first time in "spl_enable_cache()" results in > "arch_lmb_reserve()" function reserving memory region from Stack pointer > at "0x81FFB820" to gd->ram_top pointing to "0x1". Previously > when gd->ram_top was zero "arch_lmb_reserve()" was noop. Now using TFTP > to fetch U-Boot image at SPL stage results in "tftp_init_load_addr()" > function call that invokes "arch_lmb_reserve()" function, which reserves > entire memory starting from Stack Pointer to gd->ram_top leaving no > space to load U-Boot image via TFTP since TFTP loads files at pre > configured memory address at "0x8200". > > As a workaround for this issue, one solution we can propose is to > disable the checks "lmb_get_free_size()" at SPL and U-Boot stage. For > that we can define a new config option for LMB reserve checks as > "SPL_LMB". This config will be enable by default for the backword > compatibility and disable for our use case at SPL and U-Boot stage. > >>> > >>> The problem here is that we need LMB for booting an OS, which is > >>> something we'll want in SPL in non-cortex-R cases too, which means this > >>> platform, so that's a no-go. I think you need to dig harder and see if > >>> you can correct the logic somewhere so that we don't over reserve? > >>> > >> Since this issue is due to function call "lmb_init_and_reserve()" > >> function invoked from "tftp_init_load_addr()" function. This function > >> is defined by Simon in commit "a156c47e39ad", which fixes > >> "CVE-2018-18439" to prevent overwriting reserved memory. Simon, can you > >> explain why do we need to call "lmb_init_and_reserve()" function here ? > > > > This is indeed a tricky area which is why Sughosh is looking in to > > trying to re-work the LMB mechanic and we've had a few long threads > > about it as well. > > > > I've honestly forgotten the use case you have here, can you please > > remind us? > > > We are trying to boot AM62x using Ethernet for which we need to load > binary files at SPL and U-Boot stage using TFTP. To store the file we > need a free memory in RAM, specifically we are storing these files at > 0x8200. But we are facing an issue while loading the file since > the memory area having an address 0x8200 is reserved due to > "lmb_init_and_reserve()" function call. This function is called in > "tftp_init_load_addr()" function which is getting called exactly before > we are trying to get the free memory area by calling > "lmb_get_free_size()". I have no idea about your platform but I was wondering if there is any particular importance of the load address of 0x8200? It looks as though the current location of the SP when arch_lmb_reserve() gets called means that the load address is
Re: [RFC] Makefile.lib: find capsule ESL dtsi file when CONFIG_OF_UPSTREAM=y
On Fri, 29 Mar 2024 at 14:04, Jon Humphreys wrote:
>
> Sughosh Ganu writes:
>
> > On Thu, 28 Mar 2024 at 09:34, Jon Humphreys wrote:
> >>
> >> Sughosh Ganu writes:
> >>
> >> > hi Jonathan,
> >> >
> >> > On Wed, 27 Mar 2024 at 08:05, Jonathan Humphreys
> >> > wrote:
> >> >>
> >> >> When CONFIG_OF_UPSTREAM is enabled, DTS files are in SOC subdirectories
> >> >> (vs the
> >> >> top level dts directory), but when CONFIG_EFI_CAPSULE_AUTHENTICATE is
> >> >> enabled,
> >> >> the dynamically created dtsi file containing the capsule ESL DT node is
> >> >> in the
> >> >> parent directory. This results in a build failure because the #include
> >> >> inserted
> >> >> in the DTS file is local to the current directory. Update Makefile to
> >> >> have the
> >> >> DT preprocessing of #includes search in the parent (dts top level)
> >> >> directory
> >> >> too.
> >> >>
> >> >> I'm not sure if this is the best solution.
> >> >>
> >> >> I was also tempted to just manually include the capsule-key property in
> >> >> the
> >> >> board dts, and avoid the Makefile implicit inclusion trickery. I would
> >> >> actually
> >> >> prefer this approach as everything is more explicit. But this isn't an
> >> >> option
> >> >> because if CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, the implicit
> >> >> inclusion of
> >> >> the dtsi file happens. It would be better, IMO, if we only included the
> >> >> generated dtsi file if CONFIG_EFI_CAPSULE_ESL_FILE is defined. Was only
> >> >> supporting the implicit inclusiong approach an intentional design
> >> >> choice?
> >> >
> >> > I was not sure if users would want to manually insert the contents of
> >> > the ESL file, which is a binary file(a few hundred bytes at least)
> >> > into the DTS. If you prefer having such an option, we can change the
> >> > logic to what you propose. Thanks.
> >>
> >> What I was thinking is that one would explictly add the capsule-key
> >> property to the board dts but do it just as the generated dtsi does
> >> where it references the .esl file.
> >
> > Okay. In any case, that can be done by having the addition of the
> > capsule_esl_dtsi to the dtsi_include_list under the
> > CONFIG_EFI_CAPSULE_ESL_FILE conditional, isn't it? That way, we have
> > both solutions. Users can then define the config flag to automate the
> > inclusion of the capsule-key. Those who prefer to explicitly include
> > the node to the board dts can do so on similar lines to how it is
> > defined in the lib/efi_loader/capsule_esl.dtsi.in file.
> >
>
> exactly!
Ah okay. Then I guess we are on the same page. But you might want to
figure out how you are going to provide the path to the ESL file.
IIRC, providing the path relative to the u-boot tree does not work
with out of tree builds. And I was told that the paths used in u-boot
need to be relative to the U-Boot top-of-tree.
-sughosh
>
> Jon
>
> > -sughosh
> >
> >>
> >>
> >> Jon
> >>
> >> >
> >> > -sughosh
> >> >
> >> >>
> >> >> Thanks
> >> >> Jon
> >> >>
> >> >> Signed-off-by: Jonathan Humphreys
> >> >> ---
> >> >> scripts/Makefile.lib | 2 +-
> >> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >> >>
> >> >> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
> >> >> index 12857316c58..62f87517c09 100644
> >> >> --- a/scripts/Makefile.lib
> >> >> +++ b/scripts/Makefile.lib
> >> >> @@ -334,7 +334,7 @@ cmd_dtc = mkdir -p $(dir ${dtc-tmp}) ; \
> >> >> (cat $< > $(pre-tmp)); \
> >> >> $(foreach f,$(subst $(quote),,$(dtsi_include_list)), \
> >> >> echo '$(pound)include "$(f)"' >> $(pre-tmp);) \
> >> >> - $(HOSTCC) -E $(dtc_cpp_flags) -x assembler-with-cpp -o
> >> >> $(dtc-tmp) $(pre-tmp) ; \
> >> >> + $(HOSTCC) -E $(dtc_cpp_flags) -I$(obj) -x assembler-with-cpp -o
> >> >> $(dtc-tmp) $(pre-tmp) ; \
> >> >> $(DTC) -O dtb -o $@ -b 0 \
> >> >> -i $(dir $<) -i $(u_boot_dtsi_loc) $(DTC_FLAGS) \
> >> >> -d $(depfile).dtc.tmp $(dtc-tmp) || \
> >> >> --
> >> >> 2.34.1
> >> >>
Re: [RFC] Makefile.lib: find capsule ESL dtsi file when CONFIG_OF_UPSTREAM=y
On Thu, 28 Mar 2024 at 09:34, Jon Humphreys wrote:
>
> Sughosh Ganu writes:
>
> > hi Jonathan,
> >
> > On Wed, 27 Mar 2024 at 08:05, Jonathan Humphreys wrote:
> >>
> >> When CONFIG_OF_UPSTREAM is enabled, DTS files are in SOC subdirectories
> >> (vs the
> >> top level dts directory), but when CONFIG_EFI_CAPSULE_AUTHENTICATE is
> >> enabled,
> >> the dynamically created dtsi file containing the capsule ESL DT node is in
> >> the
> >> parent directory. This results in a build failure because the #include
> >> inserted
> >> in the DTS file is local to the current directory. Update Makefile to
> >> have the
> >> DT preprocessing of #includes search in the parent (dts top level)
> >> directory
> >> too.
> >>
> >> I'm not sure if this is the best solution.
> >>
> >> I was also tempted to just manually include the capsule-key property in the
> >> board dts, and avoid the Makefile implicit inclusion trickery. I would
> >> actually
> >> prefer this approach as everything is more explicit. But this isn't an
> >> option
> >> because if CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, the implicit
> >> inclusion of
> >> the dtsi file happens. It would be better, IMO, if we only included the
> >> generated dtsi file if CONFIG_EFI_CAPSULE_ESL_FILE is defined. Was only
> >> supporting the implicit inclusiong approach an intentional design choice?
> >
> > I was not sure if users would want to manually insert the contents of
> > the ESL file, which is a binary file(a few hundred bytes at least)
> > into the DTS. If you prefer having such an option, we can change the
> > logic to what you propose. Thanks.
>
> What I was thinking is that one would explictly add the capsule-key
> property to the board dts but do it just as the generated dtsi does
> where it references the .esl file.
Okay. In any case, that can be done by having the addition of the
capsule_esl_dtsi to the dtsi_include_list under the
CONFIG_EFI_CAPSULE_ESL_FILE conditional, isn't it? That way, we have
both solutions. Users can then define the config flag to automate the
inclusion of the capsule-key. Those who prefer to explicitly include
the node to the board dts can do so on similar lines to how it is
defined in the lib/efi_loader/capsule_esl.dtsi.in file.
-sughosh
>
>
> Jon
>
> >
> > -sughosh
> >
> >>
> >> Thanks
> >> Jon
> >>
> >> Signed-off-by: Jonathan Humphreys
> >> ---
> >> scripts/Makefile.lib | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
> >> index 12857316c58..62f87517c09 100644
> >> --- a/scripts/Makefile.lib
> >> +++ b/scripts/Makefile.lib
> >> @@ -334,7 +334,7 @@ cmd_dtc = mkdir -p $(dir ${dtc-tmp}) ; \
> >> (cat $< > $(pre-tmp)); \
> >> $(foreach f,$(subst $(quote),,$(dtsi_include_list)), \
> >> echo '$(pound)include "$(f)"' >> $(pre-tmp);) \
> >> - $(HOSTCC) -E $(dtc_cpp_flags) -x assembler-with-cpp -o $(dtc-tmp)
> >> $(pre-tmp) ; \
> >> + $(HOSTCC) -E $(dtc_cpp_flags) -I$(obj) -x assembler-with-cpp -o
> >> $(dtc-tmp) $(pre-tmp) ; \
> >> $(DTC) -O dtb -o $@ -b 0 \
> >> -i $(dir $<) -i $(u_boot_dtsi_loc) $(DTC_FLAGS) \
> >> -d $(depfile).dtc.tmp $(dtc-tmp) || \
> >> --
> >> 2.34.1
> >>
[PATCH v2 4/4] capsule: Makefile: add the generated files to CLEAN_FILES list
A certain set of capsule files are now generated as part of the sandbox build. Add these files to the CLEAN_FILES list for deletion on invoking any of the cleanup targets. Signed-off-by: Sughosh Ganu --- Changes since V1: None Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ff003a5ad8..1df2e81654 100644 --- a/Makefile +++ b/Makefile @@ -2166,7 +2166,8 @@ CLEAN_FILES += include/autoconf.mk* include/bmp_logo.h include/bmp_logo_data.h \ mkimage-out.spl.mkimage mkimage.spl.mkimage imx-boot.map \ itb.fit.fit itb.fit.itb itb.map spl.map mkimage-out.rom.mkimage \ mkimage.rom.mkimage mkimage-in-simple-bin* rom.map simple-bin* \ - idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb + idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb \ + Test* capsule.*.efi-capsule capsule*.map # Directories & files removed with 'make mrproper' MRPROPER_DIRS += include/config include/generated spl tpl vpl \ -- 2.34.1
[PATCH v2 3/4] capsule: add the generated capsules to gitignore
The sandbox platform build now generates a set of capsules. Put the related files generated into gitignore. Signed-off-by: Sughosh Ganu --- Changes since V1: None .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 3301481192..94dbeb053c 100644 --- a/.gitignore +++ b/.gitignore @@ -63,6 +63,9 @@ fit-dtb.blob* /spl/ /tpl/ /defconfig +/Test* +/capsule.*.efi-capsule +/capsule*.map # # Generated include files -- 2.34.1
[PATCH v2 2/4] sandbox: capsule: binman: generate some capsules as part of build
Currently, all the capsules for the sandbox platform are generated at
the time of running the capsule tests. To showcase generation of
capsules through binman, generate all raw(non FIT payload) capsules
needed for the sandbox platform as part of the build. This acts as an
illustrative example for generating capsules as part of a platform's
build.
Make corresponding change in the capsule test's configuration to get
these capsules from the build directory.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Fix the typo in the commit message about raw capsules being
generated as part of the build, and not signed capsules.
arch/sandbox/dts/sandbox.dts | 4 +
arch/sandbox/dts/sandbox_capsule.dtsi | 169 ++
arch/sandbox/dts/test.dts | 4 +
.../test_efi_capsule/capsule_gen_binman.dts | 167 +
test/py/tests/test_efi_capsule/conftest.py| 1 +
5 files changed, 185 insertions(+), 160 deletions(-)
create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi
diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts
index 12d3eff5fa..8392206eea 100644
--- a/arch/sandbox/dts/sandbox.dts
+++ b/arch/sandbox/dts/sandbox.dts
@@ -106,3 +106,7 @@
#if IS_ENABLED(CONFIG_SUPPORT_VPL)
#include "sandbox_vpl.dtsi"
#endif
+
+#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)
+#include "sandbox_capsule.dtsi"
+#endif
diff --git a/arch/sandbox/dts/sandbox_capsule.dtsi
b/arch/sandbox/dts/sandbox_capsule.dtsi
new file mode 100644
index 00..34d29916b3
--- /dev/null
+++ b/arch/sandbox/dts/sandbox_capsule.dtsi
@@ -0,0 +1,169 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Devicetree file with binman nodes needed for generating EFI
+ * capsules.
+ *
+ */
+
+#include
+
+/ {
+ binman: binman {
+ multiple-images;
+ };
+};
+
+ {
+ capsule1 {
+ filename = "Test01";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule2 {
+ filename = "Test02";
+ efi-capsule {
+ image-index = <0x2>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule3 {
+ filename = "Test03";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_INCORRECT_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule4 {
+ filename = "Test101";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x5>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule5 {
+ filename = "Test102";
+ efi-capsule {
+ image-index = <0x2>;
+ fw-version = <0xa>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule6 {
+ filename = "Test103";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x2>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule7 {
+ filename = "Test11";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_PRIV_KEY;
+ public-key-cert = CAPSULE_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule8 {
+ filename = "Test12";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
[PATCH v2 1/4] sandbox: capsule: remove capsule related configs
The capsule update testing is carried out only on the sandbox and sandbox_flattree variants. Remove the capsule update related configs from the other sandbox variants. This ensures that the capsule files are generated only on variants which are used for the feature's testing. Signed-off-by: Sughosh Ganu --- Changes since V1: None configs/sandbox64_defconfig | 5 - configs/sandbox_noinst_defconfig | 2 -- configs/sandbox_spl_defconfig| 2 -- configs/sandbox_vpl_defconfig| 2 -- 4 files changed, 11 deletions(-) diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 3be9a00a85..a67f9f0265 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -134,7 +134,6 @@ CONFIG_CPU=y CONFIG_DM_DEMO=y CONFIG_DM_DEMO_SIMPLE=y CONFIG_DM_DEMO_SHAPE=y -CONFIG_DFU_SF=y CONFIG_FASTBOOT_FLASH=y CONFIG_FASTBOOT_FLASH_MMC_DEV=0 CONFIG_ARM_FFA_TRANSPORT=y @@ -267,12 +266,8 @@ CONFIG_CMD_DHRYSTONE=y CONFIG_TPM=y CONFIG_ERRNO_STR=y CONFIG_GETOPT=y -CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/sandbox_noinst_defconfig b/configs/sandbox_noinst_defconfig index 137b3c6b82..f37230151a 100644 --- a/configs/sandbox_noinst_defconfig +++ b/configs/sandbox_noinst_defconfig @@ -281,8 +281,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig index d0cd91ef4f..f7b92dc844 100644 --- a/configs/sandbox_spl_defconfig +++ b/configs/sandbox_spl_defconfig @@ -249,8 +249,6 @@ CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y CONFIG_SPL_HEXDUMP=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_vpl_defconfig b/configs/sandbox_vpl_defconfig index b138b352de..72483d8ba1 100644 --- a/configs/sandbox_vpl_defconfig +++ b/configs/sandbox_vpl_defconfig @@ -252,8 +252,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y # CONFIG_VPL_LZMA is not set CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y -- 2.34.1
[PATCH v2 0/4] capsule: Generate capsules as part of sandbox build
As part of review of a patch series for generating capsules through a config file, I was asked to add support for generating capsules as part of the sandbox platform build. This would provide an illustrative example of generating capsules through binman. This patch series does that. Currently, the capsules get generated, through binman, only when running the EFI Capsule Update test. With this series, a subset of these capsules, more precisely the raw(non FIT payload) capsules, are being generated as part of the sandbox platform build. One of the patches in the series also performs a cleanup of the capsule configs from all the sandbox variants which do not run the capsule update tests. This restricts the generation of capsules only on the two variants which are used for testing the functionality. Changes since V1: * Fix the typo in the commit message about raw capsules being generated as part of the build, and not signed capsules. Sughosh Ganu (4): sandbox: capsule: remove capsule related configs sandbox: capsule: binman: generate some capsules as part of build capsule: add the generated capsules to gitignore capsule: Makefile: add the generated files to CLEAN_FILES list .gitignore| 3 + Makefile | 3 +- arch/sandbox/dts/sandbox.dts | 4 + arch/sandbox/dts/sandbox_capsule.dtsi | 169 ++ arch/sandbox/dts/test.dts | 4 + configs/sandbox64_defconfig | 5 - configs/sandbox_noinst_defconfig | 2 - configs/sandbox_spl_defconfig | 2 - configs/sandbox_vpl_defconfig | 2 - .../test_efi_capsule/capsule_gen_binman.dts | 167 + test/py/tests/test_efi_capsule/conftest.py| 1 + 11 files changed, 190 insertions(+), 172 deletions(-) create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi -- 2.34.1
Re: [RFC] Makefile.lib: find capsule ESL dtsi file when CONFIG_OF_UPSTREAM=y
hi Jonathan,
On Wed, 27 Mar 2024 at 08:05, Jonathan Humphreys wrote:
>
> When CONFIG_OF_UPSTREAM is enabled, DTS files are in SOC subdirectories (vs
> the
> top level dts directory), but when CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled,
> the dynamically created dtsi file containing the capsule ESL DT node is in the
> parent directory. This results in a build failure because the #include
> inserted
> in the DTS file is local to the current directory. Update Makefile to have
> the
> DT preprocessing of #includes search in the parent (dts top level) directory
> too.
>
> I'm not sure if this is the best solution.
>
> I was also tempted to just manually include the capsule-key property in the
> board dts, and avoid the Makefile implicit inclusion trickery. I would
> actually
> prefer this approach as everything is more explicit. But this isn't an option
> because if CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, the implicit inclusion
> of
> the dtsi file happens. It would be better, IMO, if we only included the
> generated dtsi file if CONFIG_EFI_CAPSULE_ESL_FILE is defined. Was only
> supporting the implicit inclusiong approach an intentional design choice?
I was not sure if users would want to manually insert the contents of
the ESL file, which is a binary file(a few hundred bytes at least)
into the DTS. If you prefer having such an option, we can change the
logic to what you propose. Thanks.
-sughosh
>
> Thanks
> Jon
>
> Signed-off-by: Jonathan Humphreys
> ---
> scripts/Makefile.lib | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
> index 12857316c58..62f87517c09 100644
> --- a/scripts/Makefile.lib
> +++ b/scripts/Makefile.lib
> @@ -334,7 +334,7 @@ cmd_dtc = mkdir -p $(dir ${dtc-tmp}) ; \
> (cat $< > $(pre-tmp)); \
> $(foreach f,$(subst $(quote),,$(dtsi_include_list)), \
> echo '$(pound)include "$(f)"' >> $(pre-tmp);) \
> - $(HOSTCC) -E $(dtc_cpp_flags) -x assembler-with-cpp -o $(dtc-tmp)
> $(pre-tmp) ; \
> + $(HOSTCC) -E $(dtc_cpp_flags) -I$(obj) -x assembler-with-cpp -o
> $(dtc-tmp) $(pre-tmp) ; \
> $(DTC) -O dtb -o $@ -b 0 \
> -i $(dir $<) -i $(u_boot_dtsi_loc) $(DTC_FLAGS) \
> -d $(depfile).dtc.tmp $(dtc-tmp) || \
> --
> 2.34.1
>
[PATCH 4/4] capsule: Makefile: add the generated files to CLEAN_FILES list
A certain set of capsule files are now generated as part of the sandbox build. Add these files to the CLEAN_FILES list for deletion on invoking any of the cleanup targets. Signed-off-by: Sughosh Ganu --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ff003a5ad8..1df2e81654 100644 --- a/Makefile +++ b/Makefile @@ -2166,7 +2166,8 @@ CLEAN_FILES += include/autoconf.mk* include/bmp_logo.h include/bmp_logo_data.h \ mkimage-out.spl.mkimage mkimage.spl.mkimage imx-boot.map \ itb.fit.fit itb.fit.itb itb.map spl.map mkimage-out.rom.mkimage \ mkimage.rom.mkimage mkimage-in-simple-bin* rom.map simple-bin* \ - idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb + idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb \ + Test* capsule.*.efi-capsule capsule*.map # Directories & files removed with 'make mrproper' MRPROPER_DIRS += include/config include/generated spl tpl vpl \ -- 2.34.1
[PATCH 3/4] capsule: add the generated capsules to gitignore
The sandbox platform build now generates a set of capsules. Put the related files generated into gitignore. Signed-off-by: Sughosh Ganu --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 3301481192..94dbeb053c 100644 --- a/.gitignore +++ b/.gitignore @@ -63,6 +63,9 @@ fit-dtb.blob* /spl/ /tpl/ /defconfig +/Test* +/capsule.*.efi-capsule +/capsule*.map # # Generated include files -- 2.34.1
[PATCH 2/4] sandbox: capsule: binman: generate some capsules as part of build
Currently, all the capsules for the sandbox platform are generated at
the time of running the capsule tests. To showcase generation of
capsules through binman, generate all signed capsules needed for the
sandbox platform as part of the build. This acts as an illustrative
example for generating capsules as part of a platform's build.
Make corresponding change in the capsule test's configuration to get
these signed capsules from the build directory.
Signed-off-by: Sughosh Ganu
---
arch/sandbox/dts/sandbox.dts | 4 +
arch/sandbox/dts/sandbox_capsule.dtsi | 169 ++
arch/sandbox/dts/test.dts | 4 +
.../test_efi_capsule/capsule_gen_binman.dts | 167 +
test/py/tests/test_efi_capsule/conftest.py| 1 +
5 files changed, 185 insertions(+), 160 deletions(-)
create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi
diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts
index 12d3eff5fa..8392206eea 100644
--- a/arch/sandbox/dts/sandbox.dts
+++ b/arch/sandbox/dts/sandbox.dts
@@ -106,3 +106,7 @@
#if IS_ENABLED(CONFIG_SUPPORT_VPL)
#include "sandbox_vpl.dtsi"
#endif
+
+#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)
+#include "sandbox_capsule.dtsi"
+#endif
diff --git a/arch/sandbox/dts/sandbox_capsule.dtsi
b/arch/sandbox/dts/sandbox_capsule.dtsi
new file mode 100644
index 00..34d29916b3
--- /dev/null
+++ b/arch/sandbox/dts/sandbox_capsule.dtsi
@@ -0,0 +1,169 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Devicetree file with binman nodes needed for generating EFI
+ * capsules.
+ *
+ */
+
+#include
+
+/ {
+ binman: binman {
+ multiple-images;
+ };
+};
+
+ {
+ capsule1 {
+ filename = "Test01";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule2 {
+ filename = "Test02";
+ efi-capsule {
+ image-index = <0x2>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule3 {
+ filename = "Test03";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_INCORRECT_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule4 {
+ filename = "Test101";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x5>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule5 {
+ filename = "Test102";
+ efi-capsule {
+ image-index = <0x2>;
+ fw-version = <0xa>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule6 {
+ filename = "Test103";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x2>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule7 {
+ filename = "Test11";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_PRIV_KEY;
+ public-key-cert = CAPSULE_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule8 {
+ filename = "Test12";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_INVAL_KEY;
+ public-key-cert = CAPSULE_INVAL_PUB_KEY;
+ monotonic-co
[PATCH 1/4] sandbox: capsule: remove capsule related configs
The capsule update testing is carried out only on the sandbox and sandbox_flattree variants. Remove the capsule update related configs from the other sandbox variants. This ensures that the capsule files are generated only on variants which are used for the feature's testing. Signed-off-by: Sughosh Ganu --- configs/sandbox64_defconfig | 5 - configs/sandbox_noinst_defconfig | 2 -- configs/sandbox_spl_defconfig| 2 -- configs/sandbox_vpl_defconfig| 2 -- 4 files changed, 11 deletions(-) diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 3be9a00a85..a67f9f0265 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -134,7 +134,6 @@ CONFIG_CPU=y CONFIG_DM_DEMO=y CONFIG_DM_DEMO_SIMPLE=y CONFIG_DM_DEMO_SHAPE=y -CONFIG_DFU_SF=y CONFIG_FASTBOOT_FLASH=y CONFIG_FASTBOOT_FLASH_MMC_DEV=0 CONFIG_ARM_FFA_TRANSPORT=y @@ -267,12 +266,8 @@ CONFIG_CMD_DHRYSTONE=y CONFIG_TPM=y CONFIG_ERRNO_STR=y CONFIG_GETOPT=y -CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/sandbox_noinst_defconfig b/configs/sandbox_noinst_defconfig index 137b3c6b82..f37230151a 100644 --- a/configs/sandbox_noinst_defconfig +++ b/configs/sandbox_noinst_defconfig @@ -281,8 +281,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig index d0cd91ef4f..f7b92dc844 100644 --- a/configs/sandbox_spl_defconfig +++ b/configs/sandbox_spl_defconfig @@ -249,8 +249,6 @@ CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y CONFIG_SPL_HEXDUMP=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_vpl_defconfig b/configs/sandbox_vpl_defconfig index b138b352de..72483d8ba1 100644 --- a/configs/sandbox_vpl_defconfig +++ b/configs/sandbox_vpl_defconfig @@ -252,8 +252,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y # CONFIG_VPL_LZMA is not set CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y -- 2.34.1
[PATCH 0/4] capsule: Generate capsules as part of sandbox build
As part of review of a patch series for generating capsules through a config file, I was asked to add support for generating capsules as part of the sandbox platform build. This would provide an illustrative example of generating capsules through binman. This patch series does that. Currently, the capsules get generated, through binman, only when running the EFI Capsule Update test. With this series, a subset of these capsules, more precisely the signed capsules, are being generated as part of the sandbox platform build. One of the patches in the series also performs a cleanup of the capsule configs from all the sandbox variants which do not run the capsule update tests. This restricts the generation of capsules only on the two variants which are used for testing the functionality. Sughosh Ganu (4): sandbox: capsule: remove capsule related configs sandbox: capsule: binman: generate some capsules as part of build capsule: add the generated capsules to gitignore capsule: Makefile: add the generated files to CLEAN_FILES list .gitignore| 3 + Makefile | 3 +- arch/sandbox/dts/sandbox.dts | 4 + arch/sandbox/dts/sandbox_capsule.dtsi | 169 ++ arch/sandbox/dts/test.dts | 4 + configs/sandbox64_defconfig | 5 - configs/sandbox_noinst_defconfig | 2 - configs/sandbox_spl_defconfig | 2 - configs/sandbox_vpl_defconfig | 2 - .../test_efi_capsule/capsule_gen_binman.dts | 167 + test/py/tests/test_efi_capsule/conftest.py| 1 + 11 files changed, 190 insertions(+), 172 deletions(-) create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi -- 2.34.1
[PATCH v3 20/20] configs: fwu: re-enable FWU configs
Now that support for FWU metadata version 2 has been added, the feature can be enabled on platforms which had enabled it. A new config symbol for selecting the metadata version for the platform is also being added. Signed-off-by: Sughosh Ganu --- Changes since V2: * Add config symbol for selecting either of the two metadata versions. configs/corstone1000_defconfig | 3 +++ configs/sandbox64_defconfig | 2 ++ configs/synquacer_developerbox_defconfig | 4 3 files changed, 9 insertions(+) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig index 29d7550afb..ab4e0fefc9 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig @@ -24,6 +24,7 @@ CONFIG_LOGLEVEL=7 CONFIG_BOARD_LATE_INIT=y CONFIG_SYS_PROMPT="corstone1000# " # CONFIG_CMD_CONSOLE is not set +CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_BOOTZ=y # CONFIG_CMD_XIMG is not set CONFIG_CMD_GPT=y @@ -66,3 +67,5 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 CONFIG_FFA_SHARED_MM_BUF_ADDR=0x0200 CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y +CONFIG_FWU_MULTI_BANK_UPDATE=y +CONFIG_FWU_MDATA_V1=y diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 7e8200e70c..7b316f0d80 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -272,6 +272,8 @@ CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y +CONFIG_FWU_MULTI_BANK_UPDATE=y +CONFIG_FWU_MDATA_V1=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index 616d410074..7e1aeac217 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -17,6 +17,7 @@ CONFIG_SYS_BOOTM_LEN=0x80 CONFIG_BOOTSTAGE_STASH_SIZE=4096 CONFIG_HUSH_PARSER=y CONFIG_SYS_MAXARGS=128 +CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_IMLS=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_NVEDIT_EFI=y @@ -51,6 +52,7 @@ CONFIG_DFU_TFTP=y CONFIG_DFU_MTD=y CONFIG_DFU_RAM=y CONFIG_DFU_SF=y +CONFIG_FWU_MDATA_MTD=y CONFIG_DM_I2C=y CONFIG_SYS_I2C_SYNQUACER=y CONFIG_MMC_SDHCI=y @@ -93,3 +95,5 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y +CONFIG_FWU_MULTI_BANK_UPDATE=y +CONFIG_FWU_MDATA_V2=y -- 2.34.1
[PATCH v3 19/20] MAINTAINERS: add entry for FWU multi bank update feature
Add an entry for the FWU Multi Bank Update feature. Signed-off-by: Sughosh Ganu --- Changes since V2: * New patch MAINTAINERS | 8 1 file changed, 8 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index cd9b2d42e8..5409b1d78a 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -1147,6 +1147,14 @@ T: git https://source.denx.de/u-boot/custodians/u-boot-fsl-qoriq.git F: drivers/watchdog/sp805_wdt.c F: drivers/watchdog/sbsa_gwdt.c +FWU Multi Bank Update +M: Sughosh Ganu +S: Maintained +T: git https://source.denx.de/u-boot/custodians/u-boot-efi.git +F: lib/fwu_updates/* +F: drivers/fwu-mdata/* +F: tools/mkfwumdata.c + GATEWORKS_SC M: Tim Harvey S: Maintained -- 2.34.1
[PATCH v3 18/20] doc: fwu: make changes to reflect support for FWU metadata v2
The FWU Update Agent in U-Boot supports both versions of the FWU metadata. Make changes in the documentation to reflect this. Signed-off-by: Sughosh Ganu --- Changes since V2: * Changes to indicate support for both v1 and v2 instead of only v2. doc/board/socionext/developerbox.rst | 7 +-- doc/develop/uefi/fwu_updates.rst | 20 +++- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/doc/board/socionext/developerbox.rst b/doc/board/socionext/developerbox.rst index 46712c379b..863761c6e2 100644 --- a/doc/board/socionext/developerbox.rst +++ b/doc/board/socionext/developerbox.rst @@ -116,6 +116,7 @@ configs/synquacer_developerbox_defconfig enables default FWU configuration :: CONFIG_FWU_NUM_BANKS=2 CONFIG_FWU_NUM_IMAGES_PER_BANK=1 CONFIG_CMD_FWU_METADATA=y + CONFIG_FWU_MDATA_V2=y And build it:: @@ -129,7 +130,9 @@ And build it:: By default, the CONFIG_FWU_NUM_BANKS and CONFIG_FWU_NUM_IMAGES_PER_BANKS are set to 2 and 1 respectively. This uses FIP (Firmware Image Package) type image which contains TF-A, U-Boot and OP-TEE (the OP-TEE is optional). -You can use fiptool to compose the FIP image from those firmware images. +You can use fiptool to compose the FIP image from those firmware +images. There are two versions of the FWU metadata, of which the +platform enables version 2 by default. Rebuild SCP firmware @@ -194,7 +197,7 @@ following UUIDs. These UUIDs are used for making a FWU metadata image. -u-boot$ ./tools/mkfwumdata -i 1 -b 2 \ +u-boot$ ./tools/mkfwumdata -v 2 -i 1 -b 2 \ 17e86d77-41f9-4fd7-87ec-a55df9842de5,10c36d7d-ca52-b843-b7b9-f9d6c501d108,5a66a702-99fd-4fef-a392-c26e261a2828,a8f868a1-6e5c-4757-878d-ce63375ef2c0 \ ../devbox-fwu-mdata.img diff --git a/doc/develop/uefi/fwu_updates.rst b/doc/develop/uefi/fwu_updates.rst index e4709d82b4..51e8a28efe 100644 --- a/doc/develop/uefi/fwu_updates.rst +++ b/doc/develop/uefi/fwu_updates.rst @@ -46,6 +46,8 @@ The feature can be enabled by specifying the following configs:: CONFIG_FWU_NUM_BANKS= CONFIG_FWU_NUM_IMAGES_PER_BANK= +CONFIG_FWU_MDATA_V1=y or CONFIG_FWU_MDATA_V2=y + in the .config file By enabling the CONFIG_CMD_FWU_METADATA config option, the @@ -58,6 +60,14 @@ enable the FWU Multi Bank Update functionality. Please refer to the section :ref:`uefi_capsule_update_ref` for more details on generation of the UEFI capsule. +FWU Metadata + + +U-Boot supports both versions(1 and 2) of the FWU metadata defined in +the two revisions of the specification. Support can be enabled for +either of the two versions through a config flag. The mkfwumdata tool +can generate metadata for both the supported versions. + Setting up the device for GPT partitioned storage - @@ -94,12 +104,12 @@ of. Each GPT partition entry in the GPT header has two GUIDs:: * UniquePartitionGUID The PartitionTypeGUID value should correspond to the -``image_type_uuid`` field of the FWU metadata. This field is used to +``image_type_guid`` field of the FWU metadata. This field is used to identify a given type of updatable firmware image, e.g. U-Boot, OP-TEE, FIP etc. This GUID should also be used for specifying the `--guid` parameter when generating the capsule. -The UniquePartitionGUID value should correspond to the ``image_uuid`` +The UniquePartitionGUID value should correspond to the ``image_guid`` field in the FWU metadata. This GUID is used to identify images of a given image type in different banks. @@ -108,8 +118,8 @@ metadata partitions. This would be the PartitionTypeGUID for the metadata partitions. Similarly, the UEFI specification defines the ESP GUID to be be used. -When generating the metadata, the ``image_type_uuid`` and the -``image_uuid`` values should match the *PartitionTypeGUID* and the +When generating the metadata, the ``image_type_guid`` and the +``image_guid`` values should match the *PartitionTypeGUID* and the *UniquePartitionGUID* values respectively. Performing the Update @@ -181,5 +191,5 @@ empty capsule would be:: Links - -* [1] https://developer.arm.com/documentation/den0118/a/ - FWU Specification +* [1] https://developer.arm.com/documentation/den0118/ - FWU Specification * [2] https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf - Dependable Boot Specification -- 2.34.1
[PATCH v3 16/20] tools: mkfwumdata: add logic to append vendor data to the FWU metadata
The version 2 of the FWU metadata allows for appending opaque vendor
specific data to the metadata structure. Add support for appending
this data to the metadata. The vendor specific data needs to be
provided through a file, passed through a command-line parameter. Make
corresponding changes to the tool's manpage.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* Added documentation changes.
doc/mkfwumdata.1 | 7
tools/mkfwumdata.c | 99 +++---
2 files changed, 91 insertions(+), 15 deletions(-)
diff --git a/doc/mkfwumdata.1 b/doc/mkfwumdata.1
index 5e61c615ea..2ed0fb100b 100644
--- a/doc/mkfwumdata.1
+++ b/doc/mkfwumdata.1
@@ -10,6 +10,7 @@ mkfwumdata \- create FWU metadata image
.OP \-a activeidx
.OP \-p previousidx
.OP \-g
+.OP \-V vendor-file
.BI \-i\~ imagecount
.BI \-b\~ bankcount
.I UUIDs
@@ -57,6 +58,12 @@ Convert the
as GUIDs before use.
.
.TP
+.B \-V
+Pass
+.IR vendor-file
+for appending vendor data to the metadata. Supported only with version 2.
+.
+.TP
.B \-i
Specify there are
.IR imagecount
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index 634453d421..fbc2067bc1 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -12,6 +12,8 @@
#include
#include
#include
+#include
+#include
#include
#include
@@ -36,9 +38,7 @@ typedef uint64_t u64;
#include
-/* TODO: Endianness conversion may be required for some arch. */
-
-static const char *opts_short = "b:i:a:p:v:gh";
+static const char *opts_short = "b:i:a:p:v:V:gh";
static struct option options[] = {
{"banks", required_argument, NULL, 'b'},
@@ -47,6 +47,7 @@ static struct option options[] = {
{"active-bank", required_argument, NULL, 'a'},
{"previous-bank", required_argument, NULL, 'p'},
{"version", required_argument, NULL, 'v'},
+ {"vendor-file", required_argument, NULL, 'V'},
{"help", no_argument, NULL, 'h'},
{NULL, 0, NULL, 0},
};
@@ -61,6 +62,7 @@ static void print_usage(void)
"\t-a, --active-bank Active bank (default=0)\n"
"\t-p, --previous-bankPrevious active bank
(default=active_bank - 1)\n"
"\t-g, --guid Use GUID instead of UUID\n"
+ "\t-V, --vendor-file Vendor data file to append to
the metadata\n"
"\t-h, --help print a help message\n"
);
fprintf(stderr, " UUIDs list syntax:\n"
@@ -80,6 +82,8 @@ struct fwu_mdata_object {
size_t banks;
size_t size;
u8 version;
+ size_t vsize;
+ void *vbuf;
struct fwu_mdata *mdata;
};
@@ -98,7 +102,7 @@ static bool supported_mdata_version(unsigned long version)
}
static struct fwu_mdata_object *fwu_alloc_mdata(size_t images, size_t banks,
- u8 version)
+ u8 version, size_t vendor_size)
{
struct fwu_mdata_object *mobj;
@@ -115,6 +119,9 @@ static struct fwu_mdata_object *fwu_alloc_mdata(size_t
images, size_t banks,
sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * banks) * images;
+
+ mobj->size += vendor_size;
+ mobj->vsize = vendor_size;
}
mobj->images = images;
@@ -122,12 +129,21 @@ static struct fwu_mdata_object *fwu_alloc_mdata(size_t
images, size_t banks,
mobj->version = version;
mobj->mdata = calloc(1, mobj->size);
- if (!mobj->mdata) {
- free(mobj);
- return NULL;
+ if (!mobj->mdata)
+ goto alloc_err;
+
+ if (vendor_size) {
+ mobj->vbuf = calloc(1, mobj->vsize);
+ if (!mobj->vbuf)
+ goto alloc_err;
}
return mobj;
+
+alloc_err:
+ free(mobj->mdata);
+ free(mobj);
+ return NULL;
}
static struct fwu_image_entry *
@@ -297,6 +313,7 @@ static void fwu_fill_version_specific_mdata(struct
fwu_mdata_object *mobj)
static int fwu_parse_fill_uuids(struct fwu_mdata_object *mobj, char *uuids[])
{
struct fwu_mdata *mdata = mobj->mdata;
+ char *vdata;
int i, ret;
mdata->version = mobj->version;
@@ -311,24 +328,65 @@ static int fwu_parse_fill_uuids(struct fwu_mdata_object
*mobj, char *uuids[])
return ret;
}
+ if (mobj->vsize) {
+ vdata = (char *)mobj->mdata + (mobj->size - mobj->vsize);
+ memcpy(vdata, mobj->vbuf, mobj->vsize);
+ }
+
mdata->crc32 = crc32(0, (const unsigned char *)>version,
[PATCH v3 17/20] test: fwu: make changes to the FWU metadata access test
Make changes to the FWU metadata access tests corresponding to the
changes in the FWU metadata access code.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* Make changes to have the test work with v1 metadata.
* Make changes to have the test work with updated logic in fwu code.
test/dm/fwu_mdata.c | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/test/dm/fwu_mdata.c b/test/dm/fwu_mdata.c
index 52018f610f..621ba647d9 100644
--- a/test/dm/fwu_mdata.c
+++ b/test/dm/fwu_mdata.c
@@ -93,6 +93,10 @@ static int dm_test_fwu_mdata_read(struct unit_test_state
*uts)
struct udevice *dev;
struct fwu_mdata mdata = { 0 };
+ ut_assertok(setup_blk_device(uts));
+ ut_assertok(populate_mmc_disk_image(uts));
+ ut_assertok(write_mmc_blk_device(uts));
+
/*
* Trigger lib/fwu_updates/fwu.c fwu_boottime_checks()
* to populate g_dev global pointer in that library.
@@ -100,9 +104,7 @@ static int dm_test_fwu_mdata_read(struct unit_test_state
*uts)
event_notify_null(EVT_MAIN_LOOP);
ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, ));
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
+ ut_assertok(fwu_init());
ut_assertok(fwu_get_mdata());
@@ -118,18 +120,20 @@ static int dm_test_fwu_mdata_write(struct unit_test_state
*uts)
struct udevice *dev;
struct fwu_mdata mdata = { 0 };
+ ut_assertok(setup_blk_device(uts));
+ ut_assertok(populate_mmc_disk_image(uts));
+ ut_assertok(write_mmc_blk_device(uts));
+
/*
* Trigger lib/fwu_updates/fwu.c fwu_boottime_checks()
* to populate g_dev global pointer in that library.
*/
event_notify_null(EVT_MAIN_LOOP);
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, ));
+ ut_assertok(fwu_init());
ut_assertok(fwu_get_mdata());
active_idx = (mdata.active_index + 1) % CONFIG_FWU_NUM_BANKS;
--
2.34.1
[PATCH v3 15/20] tools: mkfwumdata: add support for metadata version 2
Add support for generating the FWU metadata version 2. The tool now
requires the version to be provided as a command-line option. Make
corresponding changes to the tool's manpage.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* Support both metadata versions instead of only v2.
doc/mkfwumdata.1 | 9 ++-
tools/mkfwumdata.c | 148 -
2 files changed, 127 insertions(+), 30 deletions(-)
diff --git a/doc/mkfwumdata.1 b/doc/mkfwumdata.1
index 7dd718b26e..5e61c615ea 100644
--- a/doc/mkfwumdata.1
+++ b/doc/mkfwumdata.1
@@ -6,6 +6,7 @@ mkfwumdata \- create FWU metadata image
.
.SH SYNOPSIS
.SY mkfwumdata
+.OP \-v version
.OP \-a activeidx
.OP \-p previousidx
.OP \-g
@@ -28,6 +29,12 @@ creates metadata info to be used with FWU.
Print usage information and exit.
.
.TP
+.B \-v
+Set
+.IR version
+as the metadata version to generate. Valid values 1 or 2.
+.
+.TP
.B \-a
Set
.IR activeidx
@@ -81,7 +88,7 @@ Create a metadata image with 2 banks and 1 image/bank,
BankAct=0, BankPrev=1:
.EX
.in +4
$ \c
-.B mkfwumdata \-a 0 \-p 1 \-b 2 \-i 1 \&
+.B mkfwumdata \-v 2 \-a 0 \-p 1 \-b 2 \-i 1 \&
.in +6
.B 17e86d77-41f9-4fd7-87ec-a55df9842de5,\&
.B 10c36d7d-ca52-b843-b7b9-f9d6c501d108,\&
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index b2d90ca7c9..634453d421 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -10,28 +10,35 @@
#include
#include
#include
-#include
#include
+#include
+#include
#include
-/* This will dynamically allocate the fwu_mdata */
-#define CONFIG_FWU_NUM_BANKS 0
-#define CONFIG_FWU_NUM_IMAGES_PER_BANK 0
-
-/* Since we can not include fwu.h, redefine version here. */
-#define FWU_MDATA_VERSION 1
-
typedef uint8_t u8;
typedef int16_t s16;
typedef uint16_t u16;
typedef uint32_t u32;
typedef uint64_t u64;
+#undef CONFIG_FWU_NUM_BANKS
+#undef CONFIG_FWU_NUM_IMAGES_PER_BANK
+
+/* This will dynamically allocate the fwu_mdata */
+#define CONFIG_FWU_NUM_BANKS 0
+#define CONFIG_FWU_NUM_IMAGES_PER_BANK 0
+
+/* version 2 supports maximum of 4 banks */
+#define MAX_BANKS_V2 4
+
+#define BANK_INVALID (u8)0xFF
+#define BANK_ACCEPTED (u8)0xFC
+
#include
/* TODO: Endianness conversion may be required for some arch. */
-static const char *opts_short = "b:i:a:p:gh";
+static const char *opts_short = "b:i:a:p:v:gh";
static struct option options[] = {
{"banks", required_argument, NULL, 'b'},
@@ -39,6 +46,7 @@ static struct option options[] = {
{"guid", required_argument, NULL, 'g'},
{"active-bank", required_argument, NULL, 'a'},
{"previous-bank", required_argument, NULL, 'p'},
+ {"version", required_argument, NULL, 'v'},
{"help", no_argument, NULL, 'h'},
{NULL, 0, NULL, 0},
};
@@ -49,6 +57,7 @@ static void print_usage(void)
fprintf(stderr, "Options:\n"
"\t-i, --images Number of images (mandatory)\n"
"\t-b, --banksNumber of banks (mandatory)\n"
+ "\t-v, --version Metadata version (mandatory)\n"
"\t-a, --active-bank Active bank (default=0)\n"
"\t-p, --previous-bankPrevious active bank
(default=active_bank - 1)\n"
"\t-g, --guid Use GUID instead of UUID\n"
@@ -70,13 +79,26 @@ struct fwu_mdata_object {
size_t images;
size_t banks;
size_t size;
+ u8 version;
struct fwu_mdata *mdata;
};
static int previous_bank, active_bank;
static bool __use_guid;
-static struct fwu_mdata_object *fwu_alloc_mdata(size_t images, size_t banks)
+static bool supported_mdata_version(unsigned long version)
+{
+ switch (version) {
+ case 1:
+ case 2:
+ return true;
+ default:
+ return false;
+ }
+}
+
+static struct fwu_mdata_object *fwu_alloc_mdata(size_t images, size_t banks,
+ u8 version)
{
struct fwu_mdata_object *mobj;
@@ -84,11 +106,20 @@ static struct fwu_mdata_object *fwu_alloc_mdata(size_t
images, size_t banks)
if (!mobj)
return NULL;
- mobj->size = sizeof(struct fwu_mdata) +
- (sizeof(struct fwu_image_entry) +
-sizeof(struct fwu_image_bank_info) * banks) * images;
+ if (version == 1) {
+ mobj->size = sizeof(struct fwu_mdata) +
+ (sizeof(struct fwu_image_entry) +
+sizeof(struct fwu_image_bank_info) * banks) * images;
+ } else {
+ mobj->size = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
+
[PATCH v3 14/20] cmd: fwu: make changes for supporting FWU metadata version 2
Add support for displaying data specific to FWU metadata version
2. Because the size of the v2 metadata structure is read from the
structure itself, allocate memory for the metadata structure by first
getting the size of the structure.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* Earlier patch was migrating to v2 only support. These changes
support both versions.
cmd/fwu_mdata.c | 39 ++-
1 file changed, 18 insertions(+), 21 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c
index 5ecda455df..3c8be576ac 100644
--- a/cmd/fwu_mdata.c
+++ b/cmd/fwu_mdata.c
@@ -13,27 +13,33 @@
#include
-static void print_mdata(struct fwu_mdata *mdata)
+static void print_mdata(struct fwu_data *data)
{
int i, j;
struct fwu_image_entry *img_entry;
struct fwu_image_bank_info *img_info;
printf("\tFWU Metadata\n");
- printf("crc32: %#x\n", mdata->crc32);
- printf("version: %#x\n", mdata->version);
- printf("active_index: %#x\n", mdata->active_index);
- printf("previous_active_index: %#x\n", mdata->previous_active_index);
+ printf("crc32: %#x\n", data->crc32);
+ printf("version: %#x\n", data->version);
+ printf("active_index: %#x\n", data->active_index);
+ printf("previous_active_index: %#x\n", data->previous_active_index);
+
+ if (data->version == 2) {
+ for (i = 0; i < 4; i++)
+ printf("bank_state[%d]: %#x\n",
+ i, data->bank_state[i]);
+ }
printf("\tImage Info\n");
for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- img_entry = >img_entry[i];
+ img_entry = >fwu_images[i];
printf("\nImage Type Guid: %pUL\n",
- _entry->image_type_uuid);
- printf("Location Guid: %pUL\n", _entry->location_uuid);
+ _entry->image_type_guid);
+ printf("Location Guid: %pUL\n", _entry->location_guid);
for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) {
img_info = _entry->img_bank_info[j];
- printf("Image Guid: %pUL\n", _info->image_uuid);
+ printf("Image Guid: %pUL\n", _info->image_guid);
printf("Image Acceptance: %s\n",
img_info->accepted == 0x1 ? "yes" : "no");
}
@@ -43,20 +49,11 @@ static void print_mdata(struct fwu_mdata *mdata)
int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag,
int argc, char * const argv[])
{
- int ret = CMD_RET_SUCCESS, res;
- struct fwu_mdata mdata;
-
- res = fwu_get_mdata();
- if (res < 0) {
- log_err("Unable to get valid FWU metadata\n");
- ret = CMD_RET_FAILURE;
- goto out;
- }
+ struct fwu_data *data = fwu_get_data();
- print_mdata();
+ print_mdata(data);
-out:
- return ret;
+ return CMD_RET_SUCCESS;
}
U_BOOT_CMD(
--
2.34.1
[PATCH v3 13/20] fwu: mtd: obtain image information from version agnostic structure
Make changes to the functions used for generating the DFU's alt
variable so that the FWU image information is obtained from the common
version agnostic structure instead of reading the metadata.
While here, also update the name of the field used for storing the
image GUID in the FWU metadata.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch
lib/fwu_updates/fwu_mtd.c | 14 +-
1 file changed, 5 insertions(+), 9 deletions(-)
diff --git a/lib/fwu_updates/fwu_mtd.c b/lib/fwu_updates/fwu_mtd.c
index f4e0e3107b..e8211dd5ba 100644
--- a/lib/fwu_updates/fwu_mtd.c
+++ b/lib/fwu_updates/fwu_mtd.c
@@ -136,7 +136,7 @@ static int gen_image_alt_info(char *buf, size_t len,
/* Query a partition by image UUID */
bank = >img_bank_info[i];
- uuid_bin_to_str(bank->image_uuid.b, uuidbuf,
UUID_STR_FORMAT_STD);
+ uuid_bin_to_str(bank->image_guid.b, uuidbuf,
UUID_STR_FORMAT_STD);
mtd_img_info = mtd_img_by_uuid(uuidbuf);
if (!mtd_img_info) {
@@ -163,17 +163,13 @@ static int gen_image_alt_info(char *buf, size_t len,
int fwu_gen_alt_info_from_mtd(char *buf, size_t len, struct mtd_info *mtd)
{
- struct fwu_mdata mdata;
int i, l, ret;
-
- ret = fwu_get_mdata();
- if (ret < 0) {
- log_err("Failed to get the FWU mdata.\n");
- return ret;
- }
+ struct fwu_data *data = fwu_get_data();
+ struct fwu_image_entry *img_entry;
for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- ret = gen_image_alt_info(buf, len, _entry[i], mtd);
+ img_entry = >fwu_images[i];
+ ret = gen_image_alt_info(buf, len, img_entry, mtd);
if (ret)
break;
--
2.34.1
[PATCH v3 12/20] fwu: mtd: get MTD partition specific info from driver
Information about FWU images on MTD partitions is now stored with the
corresponding driver instead of a global variable. Get this
information from the driver.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch
lib/fwu_updates/fwu_mtd.c | 17 +++--
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/lib/fwu_updates/fwu_mtd.c b/lib/fwu_updates/fwu_mtd.c
index d48de19009..f4e0e3107b 100644
--- a/lib/fwu_updates/fwu_mtd.c
+++ b/lib/fwu_updates/fwu_mtd.c
@@ -15,16 +15,21 @@
#include
-struct fwu_mtd_image_info
-fwu_mtd_images[CONFIG_FWU_NUM_BANKS * CONFIG_FWU_NUM_IMAGES_PER_BANK];
-
static struct fwu_mtd_image_info *mtd_img_by_uuid(const char *uuidbuf)
{
- int num_images = ARRAY_SIZE(fwu_mtd_images);
+ int num_images;
+ struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(fwu_get_dev());
+ struct fwu_mtd_image_info *image_info = mtd_priv->fwu_mtd_images;
+
+ if (!image_info)
+ return NULL;
+
+ num_images = CONFIG_FWU_NUM_BANKS *
+ CONFIG_FWU_NUM_IMAGES_PER_BANK;
for (int i = 0; i < num_images; i++)
- if (!strcmp(uuidbuf, fwu_mtd_images[i].uuidbuf))
- return _mtd_images[i];
+ if (!strcmp(uuidbuf, image_info[i].uuidbuf))
+ return _info[i];
return NULL;
}
--
2.34.1
[PATCH v3 11/20] fwu: mtd: remove unused argument from function call
The third argument passed to the function gen_image_alt_info() is not
used and is superfluous. Remove this unused argument from the function
call.
Fixes: 4898679e190 (FWU: Add FWU metadata access driver for MTD storage regions)
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch
lib/fwu_updates/fwu_mtd.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/lib/fwu_updates/fwu_mtd.c b/lib/fwu_updates/fwu_mtd.c
index 69cd3d7001..d48de19009 100644
--- a/lib/fwu_updates/fwu_mtd.c
+++ b/lib/fwu_updates/fwu_mtd.c
@@ -107,7 +107,7 @@ __weak int fwu_plat_get_alt_num(struct udevice *dev,
efi_guid_t *image_id,
return fwu_mtd_get_alt_num(image_id, alt_num, "nor1");
}
-static int gen_image_alt_info(char *buf, size_t len, int sidx,
+static int gen_image_alt_info(char *buf, size_t len,
struct fwu_image_entry *img, struct mtd_info *mtd)
{
char *p = buf, *end = buf + len;
@@ -168,8 +168,7 @@ int fwu_gen_alt_info_from_mtd(char *buf, size_t len, struct
mtd_info *mtd)
}
for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- ret = gen_image_alt_info(buf, len, i * CONFIG_FWU_NUM_BANKS,
-_entry[i], mtd);
+ ret = gen_image_alt_info(buf, len, _entry[i], mtd);
if (ret)
break;
--
2.34.1
[PATCH v3 10/20] fwu: add config symbols for enabling FWU metadata versions
Support has been added for version 2 of the FWU metadata structure. Add config symbols to enable either of the two versions. Signed-off-by: Sughosh Ganu --- Changes since V2: * New patch lib/fwu_updates/Kconfig | 14 ++ lib/fwu_updates/Makefile | 2 ++ 2 files changed, 16 insertions(+) diff --git a/lib/fwu_updates/Kconfig b/lib/fwu_updates/Kconfig index d35247d0e5..51b7fbbefd 100644 --- a/lib/fwu_updates/Kconfig +++ b/lib/fwu_updates/Kconfig @@ -31,4 +31,18 @@ config FWU_TRIAL_STATE_CNT the platform is allowed to boot in Trial State after an update. +config FWU_MDATA_V1 + bool "Enable support FWU Metadata version 1" + help + The FWU specification supports two versions of the + metadata structure. This option enables support for FWU + Metadata version 1 access. + +config FWU_MDATA_V2 + bool "Enable support FWU Metadata version 2" + help + The FWU specification supports two versions of the + metadata structure. This option enables support for FWU + Metadata version 2 access. + endif diff --git a/lib/fwu_updates/Makefile b/lib/fwu_updates/Makefile index c9e3c06b48..3681bef46c 100644 --- a/lib/fwu_updates/Makefile +++ b/lib/fwu_updates/Makefile @@ -6,3 +6,5 @@ obj-$(CONFIG_FWU_MULTI_BANK_UPDATE) += fwu.o obj-$(CONFIG_FWU_MDATA_GPT_BLK) += fwu_gpt.o obj-$(CONFIG_FWU_MDATA_MTD) += fwu_mtd.o +obj-$(CONFIG_FWU_MDATA_V1) += fwu_v1.o +obj-$(CONFIG_FWU_MDATA_V2) += fwu_v2.o -- 2.34.1
[PATCH v3 09/20] capsule: fwu: transition the platform state on a successful update
Transition the platform to either Trial State or Regular State on a
successful update. Do this by calling the fwu_state_machine_updates()
API function.
For version 1 of the FWU metadata, the transition to Trial State is
done by starting the Trial State counter, while for version 2, in
addition to the counter, the bank_state field of the FWU metadata is
also updated to Valid.
For transitioning the platform to Regular State, no action is needed
with version 1 of the FWU metadata structure, while for version 2, the
bank_state field is set to Accepted.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* Earlier patch was catering to v2 only support. These changes support
both versions of metadata.
lib/efi_loader/efi_capsule.c | 14 +-
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index de0d49ebeb..0937800e58 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -480,6 +480,11 @@ static __maybe_unused efi_status_t
fwu_empty_capsule_process(
if (ret != EFI_SUCCESS)
log_err("Unable to set the Accept bit for the image
%pUs\n",
image_guid);
+
+ status = fwu_state_machine_updates(0, active_idx);
+ if (status < 0)
+ ret = EFI_DEVICE_ERROR;
+
}
return ret;
@@ -521,11 +526,10 @@ static __maybe_unused efi_status_t
fwu_post_update_process(bool fw_accept_os)
log_err("Failed to update FWU metadata index values\n");
} else {
log_debug("Successfully updated the active_index\n");
- if (fw_accept_os) {
- status = fwu_trial_state_ctr_start();
- if (status < 0)
- ret = EFI_DEVICE_ERROR;
- }
+ status = fwu_state_machine_updates(fw_accept_os ? 1 : 0,
+ update_index);
+ if (status < 0)
+ ret = EFI_DEVICE_ERROR;
}
return ret;
--
2.34.1
[PATCH v3 08/20] fwu: make changes to access version agnostic structure fields
With addition of support for version 2 of the FWU metadata structure,
the metadata information is collected into a version agnostic
structure. Make changes to the FWU functions so that the information
that was earlier obtained by reading the metadata structure is now
obtained through this version agnostic structure.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch
include/fwu.h | 49 +-
lib/fwu_updates/fwu.c | 204 --
2 files changed, 186 insertions(+), 67 deletions(-)
diff --git a/include/fwu.h b/include/fwu.h
index 082b5481d1..77ec65e618 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -79,9 +79,18 @@ struct fwu_mdata_ops {
bool primary, uint32_t size);
};
-#define FWU_MDATA_VERSION 0x1
#define FWU_IMAGE_ACCEPTED 0x1
+#define FWU_BANK_INVALID (uint8_t)0xFF
+#define FWU_BANK_VALID (uint8_t)0xFE
+#define FWU_BANK_ACCEPTED (uint8_t)0xFC
+
+enum {
+ PRIMARY_PART = 1,
+ SECONDARY_PART,
+ BOTH_PARTS,
+};
+
/*
* GUID value defined in the FWU specification for identification
* of the FWU metadata partition.
@@ -313,6 +322,44 @@ int fwu_gen_alt_info_from_mtd(char *buf, size_t len,
struct mtd_info *mtd);
*/
int fwu_mtd_get_alt_num(efi_guid_t *image_guid, u8 *alt_num, const char
*mtd_dev);
+/**
+ * fwu_mdata_copies_allocate() - Allocate memory for metadata
+ * @mdata_size: Size of the metadata structure
+ *
+ * Allocate memory for storing both the copies of the FWU metadata. The
+ * copies are then used as a cache for storing FWU metadata contents.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_mdata_copies_allocate(u32 mdata_size);
+
+/**
+ * fwu_get_dev() - Return the FWU metadata device
+ *
+ * Return the pointer to the FWU metadata device.
+ *
+ * Return: Pointer to the FWU metadata dev
+ */
+struct udevice *fwu_get_dev(void);
+
+/**
+ * fwu_get_data() - Return the version agnostic FWU structure
+ *
+ * Return the pointer to the version agnostic FWU structure.
+ *
+ * Return: Pointer to the FWU data structure
+ */
+struct fwu_data *fwu_get_data(void);
+
+/**
+ * fwu_sync_mdata() - Update given meta-data partition(s) with the copy
provided
+ * @data: FWU Data structure
+ * @part: Bitmask of FWU metadata partitions to be written to
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_sync_mdata(struct fwu_mdata *mdata, int part);
+
/**
* fwu_populate_mdata_image_info() - Populate the image information
* of the metadata
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 86518108c2..5dfea2a4d8 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -10,6 +10,7 @@
#include
#include
#include
+#include
#include
#include
@@ -17,7 +18,7 @@
#include
-static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */
+struct fwu_data g_fwu_data;
static struct udevice *g_dev;
static u8 in_trial;
static u8 boottime_check;
@@ -27,12 +28,6 @@ enum {
IMAGE_ACCEPT_CLEAR,
};
-enum {
- PRIMARY_PART = 1,
- SECONDARY_PART,
- BOTH_PARTS,
-};
-
static int trial_counter_update(u16 *trial_state_ctr)
{
bool delete;
@@ -106,23 +101,9 @@ out:
return ret;
}
-static int in_trial_state(struct fwu_mdata *mdata)
+static u32 in_trial_state(void)
{
- u32 i, active_bank;
- struct fwu_image_entry *img_entry;
- struct fwu_image_bank_info *img_bank_info;
-
- active_bank = mdata->active_index;
- img_entry = >img_entry[0];
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- img_bank_info = _entry[i].img_bank_info[active_bank];
- if (!img_bank_info->accepted) {
- log_info("System booting in Trial State\n");
- return 1;
- }
- }
-
- return 0;
+ return g_fwu_data.trial_state;
}
static int fwu_get_image_type_id(u8 image_index, efi_guid_t *image_type_id)
@@ -141,17 +122,70 @@ static int fwu_get_image_type_id(u8 image_index,
efi_guid_t *image_type_id)
return -ENOENT;
}
+static int mdata_crc_check(struct fwu_mdata *mdata)
+{
+ int ret;
+ u32 calc_crc32;
+ uint32_t mdata_size;
+ void *buf = >version;
+
+ ret = fwu_get_mdata_size(_size);
+ if (ret)
+ return ret;
+
+ calc_crc32 = crc32(0, buf, mdata_size - sizeof(u32));
+ return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
+}
+
+static void fwu_data_crc_update(uint32_t crc32)
+{
+ g_fwu_data.crc32 = crc32;
+}
+
+/**
+ * fwu_get_data() - Return the version agnostic FWU structure
+ *
+ * Return the pointer to the version agnostic FWU structure.
+ *
+ * Return: Pointer to the FWU data structure
+ */
+struct fwu_data *fwu_get_data(void)
+{
+ return _fwu_data;
+}
+
+static void fwu_populate_mdata_bank_index(struct fwu_data *fwu_data)
+{
+ struct fwu_mdata *mdata = fwu_data
[PATCH v3 07/20] fwu: metadata: add functions for handling version specific metadata fields
Support is being added in U-Boot for version 2 of the FWU
metadata. Support for this version is to co-exist with version 1
support. To achieve this, a common, version agnostic structure has
been added to keep information provided by the FWU metadata
structure.
Add API's to handle the version specific FWU metadata fields. The
version agnostic structure gets initialized at boot by reading the FWU
metadata. Updates to the FWU metadata result in the API's getting
called to populate the version specific fields of the strucure, before
the metadata gets written to the storage media.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch
include/fwu.h| 57 +
lib/fwu_updates/fwu_v1.c | 167 +
lib/fwu_updates/fwu_v2.c | 260 +++
3 files changed, 484 insertions(+)
create mode 100644 lib/fwu_updates/fwu_v1.c
create mode 100644 lib/fwu_updates/fwu_v2.c
diff --git a/include/fwu.h b/include/fwu.h
index e681e91027..082b5481d1 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -313,4 +313,61 @@ int fwu_gen_alt_info_from_mtd(char *buf, size_t len,
struct mtd_info *mtd);
*/
int fwu_mtd_get_alt_num(efi_guid_t *image_guid, u8 *alt_num, const char
*mtd_dev);
+/**
+ * fwu_populate_mdata_image_info() - Populate the image information
+ * of the metadata
+ * @data: Version agnostic FWU metadata information
+ *
+ * Populate the image information in the FWU metadata by copying it
+ * from the version agnostic structure. This is done before the
+ * metadata gets written to the storage media.
+ *
+ * Return: None
+ */
+void fwu_populate_mdata_image_info(struct fwu_data *data);
+
+/**
+ * fwu_get_mdata_size() - Get the FWU metadata size
+ * @mdata_size: Size of the metadata structure
+ *
+ * Get the size of the FWU metadata from the structure. This is later used
+ * to allocate memory for the structure.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_get_mdata_size(uint32_t *mdata_size);
+
+/**
+ * fwu_state_machine_updates() - Update FWU state of the platform
+ * @trial_state: Is platform transitioning into Trial State
+ * @update_index: Bank number to which images have been updated
+ *
+ * On successful completion of updates, transition the platform to
+ * either Trial State or Regular State.
+ *
+ * To transition the platform to Trial State, start the
+ * TrialStateCtr counter, followed by setting the value of bank_state
+ * field of the metadata to Valid state(applicable only in version 2
+ * of metadata).
+ *
+ * In case, the platform is to transition directly to Regular State,
+ * update the bank_state field of the metadata to Accepted
+ * state(applicable only in version 2 of metadata).
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_state_machine_updates(bool trial_state, uint32_t update_index);
+
+/**
+ * fwu_init() - FWU specific initialisations
+ *
+ * Carry out some FWU specific initialisations including allocation
+ * of memory for the metadata copies, and reading the FWU metadata
+ * copies into the allocated memory. The metadata fields are then
+ * copied into a version agnostic structure.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_init(void);
+
#endif /* _FWU_H_ */
diff --git a/lib/fwu_updates/fwu_v1.c b/lib/fwu_updates/fwu_v1.c
new file mode 100644
index 00..efb8d51500
--- /dev/null
+++ b/lib/fwu_updates/fwu_v1.c
@@ -0,0 +1,167 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (c) 2024, Linaro Limited
+ */
+
+#include
+#include
+
+#include
+
+#define FWU_MDATA_VERSION 0x1U
+
+static uint32_t fwu_check_trial_state(struct fwu_mdata *mdata, uint32_t bank)
+{
+ u32 i;
+ struct fwu_image_entry *img_entry;
+ struct fwu_image_bank_info *img_bank_info;
+
+ img_entry = >img_entry[0];
+ for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
+ img_bank_info = _entry[i].img_bank_info[bank];
+ if (!img_bank_info->accepted) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+static void fwu_data_init(void)
+{
+ size_t image_info_size;
+ void *dst_img_info, *src_img_info;
+ struct fwu_data *data = fwu_get_data();
+ struct fwu_mdata *mdata = data->fwu_mdata;
+
+ data->crc32 = mdata->crc32;
+ data->version = mdata->version;
+ data->active_index = mdata->active_index;
+ data->previous_active_index = mdata->previous_active_index;
+
+ data->metadata_size = sizeof(struct fwu_mdata);
+ data->num_banks = CONFIG_FWU_NUM_BANKS;
+ data->num_images = CONFIG_FWU_NUM_IMAGES_PER_BANK;
+ fwu_plat_get_bootidx(>boot_index);
+ data->trial_state = fwu_check_trial_state(mdata, data->boot_index);
+
+ src_img_info = >img_entry[0];
+ dst_img_info = >fwu_images[0];
+ image_info_size = sizeof(data->fwu_images);
+
+ memcpy(dst_img_info, src_img_info,
[PATCH v3 06/20] fwu: metadata: add a version agnostic structure
The FWU specification now has two versions of the FWU metadata
structure, and both are to be supported. Introduce a version agnostic
structure for storing information about the FWU updatable images. This
allows for a split of common version agnostic FWU code and version
specific code.
The version specific code is then responsible for arranging the data
as per the corresponding metadata structure before it gets written to
the metadata partitions.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch
include/fwu.h | 18 ++
1 file changed, 18 insertions(+)
diff --git a/include/fwu.h b/include/fwu.h
index 6c4d218e13..e681e91027 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -8,6 +8,7 @@
#include
#include
+#include
#include
#include
@@ -35,6 +36,23 @@ struct fwu_mdata_mtd_priv {
struct fwu_mtd_image_info *fwu_mtd_images;
};
+struct fwu_data {
+ uint32_t crc32;
+ uint32_t version;
+ uint32_t active_index;
+ uint32_t previous_active_index;
+ uint32_t metadata_size;
+ uint32_t boot_index;
+ uint32_t num_banks;
+ uint32_t num_images;
+ uint8_t bank_state[4];
+ bool trial_state;
+
+ struct fwu_mdata *fwu_mdata;
+
+ struct fwu_image_entry fwu_images[CONFIG_FWU_NUM_IMAGES_PER_BANK];
+};
+
struct fwu_mdata_ops {
/**
* read_mdata() - Populate the asked FWU metadata copy
--
2.34.1
[PATCH v3 05/20] fwu: metadata: add support for version 2 of the structure
Add support for version 2 of the FWU metadata structure. The top level
structure is kept separate through a config symbol. Most of the
fields, primarily used for providing information on updatable images
are common across the two versions.
Also change a few existing structure members used for image
identification to reflect the fact that these are GUIDs, and not
UUIDs.
Signed-off-by: Sughosh Ganu
---
Changes since V2:
* New patch which retains support for V1 of metadata
include/fwu_mdata.h | 71 +
1 file changed, 65 insertions(+), 6 deletions(-)
diff --git a/include/fwu_mdata.h b/include/fwu_mdata.h
index 56189e2f40..d2521f39b4 100644
--- a/include/fwu_mdata.h
+++ b/include/fwu_mdata.h
@@ -11,7 +11,7 @@
/**
* struct fwu_image_bank_info - firmware image information
- * @image_uuid: Guid value of the image in this bank
+ * @image_guid: Guid value of the image in this bank
* @accepted: Acceptance status of the image
* @reserved: Reserved
*
@@ -20,15 +20,15 @@
* acceptance status
*/
struct fwu_image_bank_info {
- efi_guid_t image_uuid;
+ efi_guid_t image_guid;
uint32_t accepted;
uint32_t reserved;
} __packed;
/**
* struct fwu_image_entry - information for a particular type of image
- * @image_type_uuid: Guid value for identifying the image type
- * @location_uuid: Guid of the storage volume where the image is located
+ * @image_type_guid: Guid value for identifying the image type
+ * @location_guid: Guid of the storage volume where the image is located
* @img_bank_info: Array containing properties of images
*
* This structure contains information on various types of updatable
@@ -36,11 +36,35 @@ struct fwu_image_bank_info {
* information per bank.
*/
struct fwu_image_entry {
- efi_guid_t image_type_uuid;
- efi_guid_t location_uuid;
+ efi_guid_t image_type_guid;
+ efi_guid_t location_guid;
struct fwu_image_bank_info img_bank_info[CONFIG_FWU_NUM_BANKS];
} __packed;
+/**
+ * struct fwu_fw_store_desc - FWU updatable image information
+ * @num_banks: Number of firmware banks
+ * @num_images: Number of images per bank
+ * @img_entry_size: The size of the img_entry array
+ * @bank_info_entry_size: The size of the img_bank_info array
+ * @img_entry: Array of image entries each giving information on a image
+ *
+ * This image descriptor structure contains information on the number of
+ * updatable banks and images per bank. It also gives the total sizes of
+ * the fwu_image_entry and fwu_image_bank_info arrays. This structure is
+ * only present in version 2 of the metadata structure.
+ */
+struct fwu_fw_store_desc {
+ uint8_t num_banks;
+ uint8_t reserved;
+ uint16_t num_images;
+ uint16_t img_entry_size;
+ uint16_t bank_info_entry_size;
+
+ struct fwu_image_entry img_entry[CONFIG_FWU_NUM_IMAGES_PER_BANK];
+} __packed;
+
+#if defined(CONFIG_FWU_MDATA_V1)
/**
* struct fwu_mdata - FWU metadata structure for multi-bank updates
* @crc32: crc32 value for the FWU metadata
@@ -65,4 +89,39 @@ struct fwu_mdata {
struct fwu_image_entry img_entry[CONFIG_FWU_NUM_IMAGES_PER_BANK];
} __packed;
+#else /* CONFIG_FWU_MDATA_V1 */
+/**
+ * struct fwu_mdata - FWU metadata structure for multi-bank updates
+ * @crc32: crc32 value for the FWU metadata
+ * @version: FWU metadata version
+ * @active_index: Index of the bank currently used for booting images
+ * @previous_active_inde: Index of the bank used before the current bank
+ *being used for booting
+ * @metadata_size: Size of the entire metadata structure, including the
+ * image descriptors
+ * @desc_offset: The offset from the start of this structure where the
+ * image descriptor structure starts. 0 if absent
+ * @bank_state: State of each bank, valid, invalid or accepted
+ * @fw_desc: The structure describing the FWU updatable images
+ *
+ * This is the top level structure used to store all information for performing
+ * multi bank updates on the platform. This contains info on the bank being
+ * used to boot along with the information on state of individual banks.
+ */
+struct fwu_mdata {
+ uint32_t crc32;
+ uint32_t version;
+ uint32_t active_index;
+ uint32_t previous_active_index;
+ uint32_t metadata_size;
+ uint16_t desc_offset;
+ uint16_t reserved1;
+ uint8_t bank_state[4];
+ uint32_t reserved2;
+
+ // struct fwu_fw_store_desc fw_desc;
+} __packed;
+
+#endif /* CONFIG_FWU_MDATA_V1 */
+
#endif /* _FWU_MDATA_H_ */
--
2.34.1
[PATCH v3 04/20] drivers: fwu: mtd: allocate buffer for image info dynamically
The FWU metadata access driver for MTD partitioned devices currently
uses a statically allocated array for storing the updatable image
information. This array depends on the number of banks and images per
bank. With migration of the FWU metadata to version 2, these
parameters are now obtained at runtime from the metadata.
Make changes to the FWU metadata access driver for MTD devices to
allocate memory for the image information dynamically in the driver's
probe function, after having obtained the number of banks and images
per bank by reading the metadata. Move the image information as part
of the driver's private structure, instead of using a global variable.
Signed-off-by: Sughosh Ganu
---
Changes since V2: None
drivers/fwu-mdata/raw_mtd.c | 68 +++--
include/fwu.h | 9 +
2 files changed, 52 insertions(+), 25 deletions(-)
diff --git a/drivers/fwu-mdata/raw_mtd.c b/drivers/fwu-mdata/raw_mtd.c
index 9f3f1dc213..78a709f766 100644
--- a/drivers/fwu-mdata/raw_mtd.c
+++ b/drivers/fwu-mdata/raw_mtd.c
@@ -12,22 +12,11 @@
#include
#include
-/* Internal helper structure to move data around */
-struct fwu_mdata_mtd_priv {
- struct mtd_info *mtd;
- char pri_label[50];
- char sec_label[50];
- u32 pri_offset;
- u32 sec_offset;
-};
-
enum fwu_mtd_op {
FWU_MTD_READ,
FWU_MTD_WRITE,
};
-extern struct fwu_mtd_image_info fwu_mtd_images[];
-
static bool mtd_is_aligned_with_block_size(struct mtd_info *mtd, u64 size)
{
return !do_div(size, mtd->erasesize);
@@ -134,7 +123,7 @@ static int flash_partition_offset(struct udevice *dev,
const char *part_name, fd
return (int)size;
}
-static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
+static int get_fwu_mdata_dev(struct udevice *dev)
{
struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(dev);
const fdt32_t *phandle_p = NULL;
@@ -144,8 +133,6 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
fdt_addr_t offset;
int ret, size;
u32 phandle;
- ofnode bank;
- int off_img;
/* Find the FWU mdata storage device */
phandle_p = ofnode_get_property(dev_ofnode(dev),
@@ -199,8 +186,28 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
return ret;
mtd_priv->sec_offset = offset;
- off_img = 0;
+ return 0;
+}
+
+static int fwu_mtd_image_info_populate(struct udevice *dev, u8 nbanks,
+ u16 nimages)
+{
+ struct fwu_mtd_image_info *mtd_images;
+ struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(dev);
+ struct udevice *mtd_dev = mtd_priv->mtd->dev;
+ fdt_addr_t offset;
+ ofnode bank;
+ int off_img;
+ u32 total_images;
+ total_images = nbanks * nimages;
+ mtd_priv->fwu_mtd_images = malloc(sizeof(struct fwu_mtd_image_info) *
+ total_images);
+ if (!mtd_priv->fwu_mtd_images)
+ return -ENOMEM;
+
+ off_img = 0;
+ mtd_images = mtd_priv->fwu_mtd_images;
ofnode_for_each_subnode(bank, dev_ofnode(dev)) {
int bank_num, bank_offset, bank_size;
const char *bank_name;
@@ -219,8 +226,7 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
int image_num, image_offset, image_size;
const char *uuid;
- if (off_img == CONFIG_FWU_NUM_BANKS *
- CONFIG_FWU_NUM_IMAGES_PER_BANK)
{
+ if (off_img == total_images) {
log_err("DT provides more images than
configured!\n");
break;
}
@@ -230,11 +236,11 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
ofnode_read_u32(image, "offset", _offset);
ofnode_read_u32(image, "size", _size);
- fwu_mtd_images[off_img].start = bank_offset +
image_offset;
- fwu_mtd_images[off_img].size = image_size;
- fwu_mtd_images[off_img].bank_num = bank_num;
- fwu_mtd_images[off_img].image_num = image_num;
- strcpy(fwu_mtd_images[off_img].uuidbuf, uuid);
+ mtd_images[off_img].start = bank_offset + image_offset;
+ mtd_images[off_img].size = image_size;
+ mtd_images[off_img].bank_num = bank_num;
+ mtd_images[off_img].image_num = image_num;
+ strcpy(mtd_images[off_img].uuidbuf, uuid);
log_debug("\tImage%d: %s @0x%x\n\n",
image_num, uuid, bank_offset + image_offset);
off_img++;
@@ -246,8 +252,21 @@ stati
[PATCH v3 03/20] drivers: fwu: add the size parameter to the metadata access API's
In version 2 of the metadata structure, the size of the structure
cannot be determined statically at build time. The structure is now
broken into the top level structure which contains a field indicating
the total size of the structure.
Add a size parameter to the metadata access API functions to indicate
the number of bytes to be accessed. This is then used to either read
the entire structure, or only the top level structure.
Signed-off-by: Sughosh Ganu
---
Changes since V2: None
drivers/fwu-mdata/fwu-mdata-uclass.c | 10 ++
drivers/fwu-mdata/gpt_blk.c | 23 +--
drivers/fwu-mdata/raw_mtd.c | 10 ++
include/fwu.h| 14 ++
4 files changed, 35 insertions(+), 22 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c
b/drivers/fwu-mdata/fwu-mdata-uclass.c
index 0a8edaaa41..145479bab0 100644
--- a/drivers/fwu-mdata/fwu-mdata-uclass.c
+++ b/drivers/fwu-mdata/fwu-mdata-uclass.c
@@ -20,7 +20,8 @@
*
* Return: 0 if OK, -ve on error
*/
-int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary,
+ uint32_t size)
{
const struct fwu_mdata_ops *ops = device_get_ops(dev);
@@ -29,7 +30,7 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
return -ENOSYS;
}
- return ops->read_mdata(dev, mdata, primary);
+ return ops->read_mdata(dev, mdata, primary, size);
}
/**
@@ -37,7 +38,8 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
*
* Return: 0 if OK, -ve on error
*/
-int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary,
+ uint32_t size)
{
const struct fwu_mdata_ops *ops = device_get_ops(dev);
@@ -46,7 +48,7 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
return -ENOSYS;
}
- return ops->write_mdata(dev, mdata, primary);
+ return ops->write_mdata(dev, mdata, primary, size);
}
UCLASS_DRIVER(fwu_mdata) = {
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c
index c7284916c4..97eac3611f 100644
--- a/drivers/fwu-mdata/gpt_blk.c
+++ b/drivers/fwu-mdata/gpt_blk.c
@@ -81,15 +81,14 @@ static int gpt_get_mdata_disk_part(struct blk_desc *desc,
return -ENOENT;
}
-static int gpt_read_write_mdata(struct blk_desc *desc,
- struct fwu_mdata *mdata,
- u8 access, u32 part_num)
+static int gpt_read_write_mdata(struct blk_desc *desc, struct fwu_mdata *mdata,
+ u8 access, u32 part_num, u32 size)
{
int ret;
u32 len, blk_start, blkcnt;
struct disk_partition info;
- ALLOC_CACHE_ALIGN_BUFFER_PAD(struct fwu_mdata, mdata_aligned, 1,
+ ALLOC_CACHE_ALIGN_BUFFER_PAD(u8, mdata_aligned, size,
desc->blksz);
if (!mdata)
@@ -101,7 +100,7 @@ static int gpt_read_write_mdata(struct blk_desc *desc,
return -ENOENT;
}
- len = sizeof(*mdata);
+ len = size;
blkcnt = BLOCK_CNT(len, desc);
if (blkcnt > info.size) {
log_debug("Block count exceeds FWU metadata partition size\n");
@@ -114,7 +113,7 @@ static int gpt_read_write_mdata(struct blk_desc *desc,
log_debug("Error reading FWU metadata from the
device\n");
return -EIO;
}
- memcpy(mdata, mdata_aligned, sizeof(struct fwu_mdata));
+ memcpy(mdata, mdata_aligned, size);
} else {
if (blk_dwrite(desc, blk_start, blkcnt, mdata) != blkcnt) {
log_debug("Error writing FWU metadata to the device\n");
@@ -164,7 +163,7 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev)
}
static int fwu_gpt_read_mdata(struct udevice *dev, struct fwu_mdata *mdata,
- bool primary)
+ bool primary, u32 size)
{
struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev);
@@ -177,11 +176,13 @@ static int fwu_gpt_read_mdata(struct udevice *dev, struct
fwu_mdata *mdata,
}
return gpt_read_write_mdata(desc, mdata, MDATA_READ,
- primary ? g_mdata_part[0] :
g_mdata_part[1]);
+ primary ?
+ g_mdata_part[0] : g_mdata_part[1],
+ size);
}
static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata,
- bool primary)
+
[PATCH v3 02/20] tools: mkfwumdata: fix the size parameter to the fwrite call
The fwrite call returns the number of bytes transferred as part of the
write only when the size parameter is 1. Pass the size parameter to
the library call as 1 so that the correct number of bytes transferred
are returned.
Fixes: fdd56bfd3ad ("tools: Add mkfwumdata tool for FWU metadata image")
Signed-off-by: Sughosh Ganu
---
Changes since V2: None
tools/mkfwumdata.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index 9732a8ddc5..b2d90ca7c9 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -259,7 +259,7 @@ fwu_make_mdata(size_t images, size_t banks, char *uuids[],
char *output)
goto done_make;
}
- ret = fwrite(mobj->mdata, mobj->size, 1, file);
+ ret = fwrite(mobj->mdata, 1, mobj->size, file);
if (ret != mobj->size)
ret = -errno;
else
--
2.34.1
[PATCH v3 01/20] configs: fwu: remove FWU configs for metadata V2 support
Support is to be added in the following commits for the FWU metadata version 2. Disable the FWU feature on platforms that enable it for the V2 addition work. Signed-off-by: Sughosh Ganu --- Changes since V2: None configs/corstone1000_defconfig | 2 -- configs/sandbox64_defconfig | 1 - configs/synquacer_developerbox_defconfig | 4 3 files changed, 7 deletions(-) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig index 8b2f77f648..29d7550afb 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig @@ -24,7 +24,6 @@ CONFIG_LOGLEVEL=7 CONFIG_BOARD_LATE_INIT=y CONFIG_SYS_PROMPT="corstone1000# " # CONFIG_CMD_CONSOLE is not set -CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_BOOTZ=y # CONFIG_CMD_XIMG is not set CONFIG_CMD_GPT=y @@ -67,4 +66,3 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 CONFIG_FFA_SHARED_MM_BUF_ADDR=0x0200 CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y -CONFIG_FWU_MULTI_BANK_UPDATE=y diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 3be9a00a85..7e8200e70c 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -272,7 +272,6 @@ CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index 2a0407de40..616d410074 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -11,14 +11,12 @@ CONFIG_DM_GPIO=y CONFIG_DEFAULT_DEVICE_TREE="synquacer-sc2a11-developerbox" CONFIG_SYS_LOAD_ADDR=0x8000 CONFIG_TARGET_DEVELOPERBOX=y -CONFIG_FWU_NUM_IMAGES_PER_BANK=1 CONFIG_AHCI=y CONFIG_FIT=y CONFIG_SYS_BOOTM_LEN=0x80 CONFIG_BOOTSTAGE_STASH_SIZE=4096 CONFIG_HUSH_PARSER=y CONFIG_SYS_MAXARGS=128 -CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_IMLS=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_NVEDIT_EFI=y @@ -53,7 +51,6 @@ CONFIG_DFU_TFTP=y CONFIG_DFU_MTD=y CONFIG_DFU_RAM=y CONFIG_DFU_SF=y -CONFIG_FWU_MDATA_MTD=y CONFIG_DM_I2C=y CONFIG_SYS_I2C_SYNQUACER=y CONFIG_MMC_SDHCI=y @@ -96,4 +93,3 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y -CONFIG_FWU_MULTI_BANK_UPDATE=y -- 2.34.1
[PATCH v3 00/20] FWU: Add support for FWU metadata version 2
The following patch series adds support for version 2 of the FWU metadata. The version 2 metadata structure is defined in the latest revision of the FWU specification [1]. The earlier versions of these patches were migrating to a version 2 only support in U-Boot, similar to TF-A. However, based on feedback from ST [2], this series has been updated to support both versions. A platform would still be needed to enable one of the two versions of metadata through a config symbol. TF-A has code which reads the FWU metadata and boots the platform from the active partition. TF-A has decided to migrate the FWU code to a version 2 only support. These changes have been merged in upstream TF-A. These changes have been tested on the ST DK2 board, which uses the GPT based partitioning scheme. Both V1 and V2 metadata versions have been tested on the DK2 board. These changes need to be tested on platforms with MTD partitioned storage devices. @Michal and @Kojima-san, please help in this testing. Note: The CI is breaking on some sandbox py tests, but the errors look unrelated. I will look into those issues, but the code review can proceed. [1] - https://developer.arm.com/documentation/den0118/latest/ [2] - https://lists.denx.de/pipermail/u-boot/2024-February/546277.html Changes since V2: * New patch which retains support for V1 of metadata * Earlier patch was catering to v2 only support. These changes support both versions of metadata. * Earlier patch was migrating to v2 only support. These changes support both versions. * Support both metadata versions instead of only v2. * Added documentation changes. * Make changes to have the test work with v1 metadata. * Make changes to have the test work with updated logic in fwu code. * Changes to indicate support for both v1 and v2 instead of only v2. * Add config symbol for selecting either of the two metadata versions. Sughosh Ganu (20): configs: fwu: remove FWU configs for metadata V2 support tools: mkfwumdata: fix the size parameter to the fwrite call drivers: fwu: add the size parameter to the metadata access API's drivers: fwu: mtd: allocate buffer for image info dynamically fwu: metadata: add support for version 2 of the structure fwu: metadata: add a version agnostic structure fwu: metadata: add functions for handling version specific metadata fields fwu: make changes to access version agnostic structure fields capsule: fwu: transition the platform state on a successful update fwu: add config symbols for enabling FWU metadata versions fwu: mtd: remove unused argument from function call fwu: mtd: get MTD partition specific info from driver fwu: mtd: obtain image information from version agnostic structure cmd: fwu: make changes for supporting FWU metadata version 2 tools: mkfwumdata: add support for metadata version 2 tools: mkfwumdata: add logic to append vendor data to the FWU metadata test: fwu: make changes to the FWU metadata access test doc: fwu: make changes to reflect support for FWU metadata v2 MAINTAINERS: add entry for FWU multi bank update feature configs: fwu: re-enable FWU configs MAINTAINERS | 8 + cmd/fwu_mdata.c | 39 ++-- configs/corstone1000_defconfig | 1 + configs/sandbox64_defconfig | 1 + configs/synquacer_developerbox_defconfig | 2 +- doc/board/socionext/developerbox.rst | 7 +- doc/develop/uefi/fwu_updates.rst | 20 +- doc/mkfwumdata.1 | 16 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 10 +- drivers/fwu-mdata/gpt_blk.c | 23 +- drivers/fwu-mdata/raw_mtd.c | 78 --- include/fwu.h| 147 - include/fwu_mdata.h | 71 ++- lib/efi_loader/efi_capsule.c | 14 +- lib/fwu_updates/Kconfig | 14 ++ lib/fwu_updates/Makefile | 2 + lib/fwu_updates/fwu.c| 204 -- lib/fwu_updates/fwu_mtd.c| 34 +-- lib/fwu_updates/fwu_v1.c | 167 +++ lib/fwu_updates/fwu_v2.c | 260 +++ test/dm/fwu_mdata.c | 16 +- tools/mkfwumdata.c | 235 22 files changed, 1153 insertions(+), 216 deletions(-) create mode 100644 lib/fwu_updates/fwu_v1.c create mode 100644 lib/fwu_updates/fwu_v2.c -- 2.34.1
Re: [PATCH 0/4] Generate capsules from config files
hi Bence, On Tue, 12 Mar 2024 at 20:28, Bence Balogh wrote: > > Hello Sughosh, > > We are planning to use these changes in the Corstone-1000 platform. > Do you have a timeline when these are going to get merged? I will prioritize this task since you want to use these changes. I need to send some changes which Simon has asked for. Once those changes go through, these patches also should be merged. Will work on this task. Thanks for letting me know. -sughosh > > Thanks, > Bence > > On Tue, Nov 21, 2023 at 12:30:24PM +0530, Sughosh Ganu wrote: > > > > Add support for generating capsules through a config file. Multiple > > capsules can be generated through a single invocation of the > > mkeficapsule tool, where the capsule parameters are fetched from the > > config file. > > > > The format of the config file pretty similar to the one used by the > > capsule generation tool in EDKII. > > > > The functionality is enabled on the sandbox variant and the EFI > > capsule update test is now configured to generate the capsules through > > a config file. The sandbox_flattree variant generates capsules through > > binman, thus covering both the paths. > > > > Sughosh Ganu (4): > > tools: mkeficapsule: Add support for parsing capsule params from > > config file > > doc: Document capsule generation through a config file > > sandbox: capsule: Add a config file for generating capsules > > test: capsule: Generate capsules through config file > > > > configs/sandbox_defconfig | 2 + > > doc/develop/uefi/uefi.rst | 70 > > .../test_efi_capsule/capsule_gen_binman.dts | 2 + > > test/py/tests/test_efi_capsule/conftest.py| 7 + > > .../test_efi_capsule/sandbox_capsule_cfg.txt | 162 > > tools/Kconfig | 15 + > > tools/Makefile| 1 + > > tools/eficapsule.h| 114 ++ > > tools/mkeficapsule.c | 87 +++-- > > tools/mkeficapsule_parse.c| 352 ++ > > 10 files changed, 781 insertions(+), 31 deletions(-) > > create mode 100644 test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt > > create mode 100644 tools/mkeficapsule_parse.c > > > > -- > > 2.34.1 > > > >
Re: [PATCH v2 00/21] FWU: Migrate FWU metadata to version 2
hi Etienne, On Tue, 20 Feb 2024 at 15:14, Etienne CARRIERE - foss wrote: > > Hello Sughosh, > > Sorry for this very late reply especially since I have a quite negative > feedback on the proposed changes. > > I don't think FWU metadata version 1 should be removed from U-Boot support. > There are existing immutable boot agent relying on format v1, starting from > the Synquacer boards based on SCP-firmware v2.11 [1] onward (at least up to > latest v2.13 tag) and the stm32mp1 platforms based on TF-A v2.7 [2] onward > (at least up to latest tag v2.10). These platforms should be able to update > there EFI firmware hence needing the update agent (U-Boot) to support format > v1. Currently, we have two platforms which are using the feature with the Update Agent in U-Boot, one being the ST boards, and the Synquacer platform from Socionext. Support is going to be added to the Xilinx boards, but they are interested in v2 only. Before I started working on this migration, I had written to the stakeholders in early December about their thoughts on this change. I had also written to you about this, but since you did not respond, I took it as an implicit acceptance for the change. Socionext had responded saying that they are fine with the migration to v2 only support in U-Boot. You are also aware that I am making changes in TF-A to migrate support to v2 only, and that includes the ST boards as well. So, will it not be better to migrate both TF-A and U-Boot to v2 only support? Since you are proposing supporting both the versions in U-Boot, I want to check with you if there are ST platforms in the field which have version 1 support? If not, I think it will be cleaner to support only v2, and use that version in both TF-A and U-Boot henceforth. I had checked with Jose, who is the author of the spec and he had mentioned that he does not foresee any major change in the metadata structure henceforth. Which is another reason why it was deemed suitable to migrate to v2 instead of supporting both versions. > > With the proposed series, the new format v2 contains the same information the > previous mdata v1 based implementation did (apart that some info where > built-in whereas v2 describe them from the mdata storage area). > Could it be possible the implementation support both, using for example a > internal structure fed from either format v1 or v2 content read from the > storage, and used to update the mdata v1 or v2 format storage layout? This is software, so we can definitely support it. But the question is whether we really need to support v1 as well? If the feature has not been deployed in the field yet, I would say a clean migration is better. -sughosh > > [1] > https://gitlab.arm.com/firmware/SCP-firmware/-/blob/v2.11.0/product/synquacer/include/fwu_mdata.h > [2] > https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.7/include/drivers/fwu/fwu_metadata.h > > Best regards, > Etienne > > > From: Sughosh Ganu > > > > The following patches migrate the FWU metadata access code to version > > 2 of the structure. This is based on the structure definition as > > defined in the latest rev of the FWU Multi Bank Update specification > > [1]. > > > > Since the version 1 of the structure has currently been adopted on a > > couple of platforms, it was decided to have a clean migration of the > > metadata to version 2 only, instead of supporting both the versions of > > the structure. Also, based on consultations with the main author of > > the specification, it is expected that any further changes in the > > structure would be minor tweaks, and not be significant. Hence a > > migration to version 2. > > > > Similar migration is also being done in TF-A, including migrating the > > ST platform port to support version 2 of the metadata structure [2]. > > > > @Michal, I tested the metadata for the two image per bank case, and it > > works fine on the ST board. Kindly test this on your board as well. > > > > @Kojima-san, Please help in testing the version 2 on your > > board. Thanks. > > > > > > [1] - https://developer.arm.com/documentation/den0118/latest/ > > [2] - > > https://review.trustedfirmware.org/q/topic:%22topics/fwu_metadata_v2_migration%22 > > > > Changes since V1: > > > > * Do not define flexible array members inside the structures. > > * Access the image information related fields in the metadata using > > the helper functions defined in an earlier patch. > > * Access fwu_fw_store_desc structure using pointer arithmetic. > > > > (snip)
Re: [PATCH v2 17/21] tools: mkfwumdata: migrate to metadata version 2
hi Michal, On Thu, 15 Feb 2024 at 20:01, Michal Simek wrote: > > Hi, > > On 2/12/24 08:47, Sughosh Ganu wrote: > > Migrate the metadata generation tool to generate the version 2 > > metadata. > > > > Signed-off-by: Sughosh Ganu > > --- > > > > Changes since V1: > > * Compute location of struct fwu_fw_store_desc using pointer > >arithmetic. > > > > tools/mkfwumdata.c | 45 ++--- > > 1 file changed, 34 insertions(+), 11 deletions(-) > > > > diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c > > index 9732a8ddc5..fb847e3a78 100644 > > --- a/tools/mkfwumdata.c > > +++ b/tools/mkfwumdata.c > > @@ -14,12 +14,13 @@ > > #include > > #include > > > > -/* This will dynamically allocate the fwu_mdata */ > > -#define CONFIG_FWU_NUM_BANKS 0 > > -#define CONFIG_FWU_NUM_IMAGES_PER_BANK 0 > > - > > /* Since we can not include fwu.h, redefine version here. */ > > -#define FWU_MDATA_VERSION1 > > +#define FWU_MDATA_VERSION2 > > + > > +#define MAX_BANKS4 > > + > > +#define BANK_INVALID 0xFF > > +#define BANK_ACCEPTED0xFC > > I think in previous version only active bank was accepted not others. > I don't think it is wrong behavior but please consider to select it too. > I was just surprised to see both banks in that state. In the current version as well, we do accept all the images, for all banks. This is happening in the fwu_parse_fill_image_uuid() function, where on line 207 we are setting the accepted field to 1 for all banks for a given image. -sughosh
[PATCH v2 21/21] doc: fwu: make changes for supporting FWU Metadata version 2
Make changes to the FWU documentation to reflect the changes made with migration of the FWU metadata to version 2. Signed-off-by: Sughosh Ganu --- Changes since V1: None doc/board/socionext/developerbox.rst | 9 +++-- doc/develop/uefi/fwu_updates.rst | 12 +--- doc/usage/cmd/fwu_mdata.rst | 12 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/doc/board/socionext/developerbox.rst b/doc/board/socionext/developerbox.rst index 46712c379b..d8c1bb4986 100644 --- a/doc/board/socionext/developerbox.rst +++ b/doc/board/socionext/developerbox.rst @@ -113,8 +113,6 @@ configs/synquacer_developerbox_defconfig enables default FWU configuration :: CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_FWU_MDATA=y CONFIG_FWU_MDATA_MTD=y - CONFIG_FWU_NUM_BANKS=2 - CONFIG_FWU_NUM_IMAGES_PER_BANK=1 CONFIG_CMD_FWU_METADATA=y And build it:: @@ -126,10 +124,9 @@ And build it:: make -j `noproc` cd ../ -By default, the CONFIG_FWU_NUM_BANKS and CONFIG_FWU_NUM_IMAGES_PER_BANKS are -set to 2 and 1 respectively. This uses FIP (Firmware Image Package) type image -which contains TF-A, U-Boot and OP-TEE (the OP-TEE is optional). -You can use fiptool to compose the FIP image from those firmware images. +This uses FIP (Firmware Image Package) type image which contains TF-A, +U-Boot and OP-TEE (the OP-TEE is optional). You can use fiptool to +compose the FIP image from those firmware images. Rebuild SCP firmware diff --git a/doc/develop/uefi/fwu_updates.rst b/doc/develop/uefi/fwu_updates.rst index e4709d82b4..7911c954d9 100644 --- a/doc/develop/uefi/fwu_updates.rst +++ b/doc/develop/uefi/fwu_updates.rst @@ -43,8 +43,6 @@ The feature can be enabled by specifying the following configs:: CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_FWU_MDATA=y CONFIG_FWU_MDATA_GPT_BLK=y -CONFIG_FWU_NUM_BANKS= -CONFIG_FWU_NUM_IMAGES_PER_BANK= in the .config file @@ -94,12 +92,12 @@ of. Each GPT partition entry in the GPT header has two GUIDs:: * UniquePartitionGUID The PartitionTypeGUID value should correspond to the -``image_type_uuid`` field of the FWU metadata. This field is used to +``image_type_guid`` field of the FWU metadata. This field is used to identify a given type of updatable firmware image, e.g. U-Boot, OP-TEE, FIP etc. This GUID should also be used for specifying the `--guid` parameter when generating the capsule. -The UniquePartitionGUID value should correspond to the ``image_uuid`` +The UniquePartitionGUID value should correspond to the ``image_guid`` field in the FWU metadata. This GUID is used to identify images of a given image type in different banks. @@ -108,8 +106,8 @@ metadata partitions. This would be the PartitionTypeGUID for the metadata partitions. Similarly, the UEFI specification defines the ESP GUID to be be used. -When generating the metadata, the ``image_type_uuid`` and the -``image_uuid`` values should match the *PartitionTypeGUID* and the +When generating the metadata, the ``image_type_guid`` and the +``image_guid`` values should match the *PartitionTypeGUID* and the *UniquePartitionGUID* values respectively. Performing the Update @@ -181,5 +179,5 @@ empty capsule would be:: Links - -* [1] https://developer.arm.com/documentation/den0118/a/ - FWU Specification +* [1] https://developer.arm.com/documentation/den0118/ - FWU Specification * [2] https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf - Dependable Boot Specification diff --git a/doc/usage/cmd/fwu_mdata.rst b/doc/usage/cmd/fwu_mdata.rst index f1bf08fde1..1804422b33 100644 --- a/doc/usage/cmd/fwu_mdata.rst +++ b/doc/usage/cmd/fwu_mdata.rst @@ -26,10 +26,14 @@ The output may look like: => fwu_mdata_read FWU Metadata -crc32: 0xec4fb997 -version: 0x1 -active_index: 0x0 -previous_active_index: 0x1 +crc32: 0x13c330 +version: 0x2 +active_index: 0x1 +previous_active_index: 0x0 +bank_state[0]: 0xfc +bank_state[1]: 0xfc +bank_state[2]: 0xff +bank_state[3]: 0xff Image Info Image Type Guid: 19D5DF83-11B0-457B-BE2C-7559C13142A5 -- 2.34.1
[PATCH v2 20/21] configs: fwu: re-enable FWU configs
Now that the migration to the FWU metadata version 2 is complete, the feature can be re-enabled on platforms which had it enabled. Signed-off-by: Sughosh Ganu --- Changes since V1: None configs/corstone1000_defconfig | 2 ++ configs/sandbox64_defconfig | 1 + configs/synquacer_developerbox_defconfig | 3 +++ 3 files changed, 6 insertions(+) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig index c26a621175..a86ac12732 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig @@ -25,6 +25,7 @@ CONFIG_BOARD_LATE_INIT=y CONFIG_SYS_PROMPT="corstone1000# " CONFIG_SYS_MAXARGS=64 # CONFIG_CMD_CONSOLE is not set +CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_BOOTZ=y # CONFIG_CMD_XIMG is not set CONFIG_CMD_GPT=y @@ -67,3 +68,4 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 CONFIG_FFA_SHARED_MM_BUF_ADDR=0x0200 CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y +CONFIG_FWU_MULTI_BANK_UPDATE=y diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 2863f9b189..d101cca6a7 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -273,6 +273,7 @@ CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y +CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index 616d410074..1bb55be0a7 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -17,6 +17,7 @@ CONFIG_SYS_BOOTM_LEN=0x80 CONFIG_BOOTSTAGE_STASH_SIZE=4096 CONFIG_HUSH_PARSER=y CONFIG_SYS_MAXARGS=128 +CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_IMLS=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_NVEDIT_EFI=y @@ -51,6 +52,7 @@ CONFIG_DFU_TFTP=y CONFIG_DFU_MTD=y CONFIG_DFU_RAM=y CONFIG_DFU_SF=y +CONFIG_FWU_MDATA_MTD=y CONFIG_DM_I2C=y CONFIG_SYS_I2C_SYNQUACER=y CONFIG_MMC_SDHCI=y @@ -93,3 +95,4 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y +CONFIG_FWU_MULTI_BANK_UPDATE=y -- 2.34.1
[PATCH v2 19/21] tools: mkfwumdata: fix the size parameter to the fwrite call
The fwrite call returns the number of bytes transferred as part of the
write only when the size parameter is 1. Pass the size parameter to
the library call as 1 so that the correct number of bytes transferred
are returned.
Fixes: fdd56bfd3ad ("tools: Add mkfwumdata tool for FWU metadata image")
Signed-off-by: Sughosh Ganu
---
Changes since V1: New patch
tools/mkfwumdata.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index ab07623e25..426d221ac7 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -338,7 +338,7 @@ fwu_make_mdata(size_t images, size_t banks, const char
*vendor_file,
goto done_make;
}
- ret = fwrite(mobj->mdata, mobj->size, 1, file);
+ ret = fwrite(mobj->mdata, 1, mobj->size, file);
if (ret != mobj->size)
ret = -errno;
else
--
2.34.1
[PATCH v2 18/21] tools: mkfwumdata: add logic to append vendor data to the FWU metadata
The version 2 of the FWU metadata allows for appending opaque vendor
specific data to the metadata structure. Add support for appending
this data to the metadata. The vendor specific data needs to be
provided through a file, passed through a command-line parameter.
Signed-off-by: Sughosh Ganu
---
Changes since V1: New patch
tools/mkfwumdata.c | 85 +-
1 file changed, 77 insertions(+), 8 deletions(-)
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index fb847e3a78..ab07623e25 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -12,6 +12,8 @@
#include
#include
#include
+#include
+#include
#include
/* Since we can not include fwu.h, redefine version here. */
@@ -30,7 +32,7 @@ typedef uint64_t u64;
#include
-static const char *opts_short = "b:i:a:p:gh";
+static const char *opts_short = "b:i:a:p:v:gh";
static struct option options[] = {
{"banks", required_argument, NULL, 'b'},
@@ -38,6 +40,7 @@ static struct option options[] = {
{"guid", required_argument, NULL, 'g'},
{"active-bank", required_argument, NULL, 'a'},
{"previous-bank", required_argument, NULL, 'p'},
+ {"vendor-file", required_argument, NULL, 'v'},
{"help", no_argument, NULL, 'h'},
{NULL, 0, NULL, 0},
};
@@ -51,6 +54,7 @@ static void print_usage(void)
"\t-a, --active-bank Active bank (default=0)\n"
"\t-p, --previous-bankPrevious active bank
(default=active_bank - 1)\n"
"\t-g, --guid Use GUID instead of UUID\n"
+ "\t-v, --vendor-file Vendor data file to append to
the metadata\n"
"\t-h, --help print a help message\n"
);
fprintf(stderr, " UUIDs list syntax:\n"
@@ -69,13 +73,16 @@ struct fwu_mdata_object {
size_t images;
size_t banks;
size_t size;
+ size_t vsize;
+ void *vbuf;
struct fwu_mdata *mdata;
};
static int previous_bank, active_bank;
static bool __use_guid;
-static struct fwu_mdata_object *fwu_alloc_mdata(size_t images, size_t banks)
+static struct fwu_mdata_object *fwu_alloc_mdata(size_t images, size_t banks,
+ size_t vendor_size)
{
struct fwu_mdata_object *mobj;
@@ -87,16 +94,28 @@ static struct fwu_mdata_object *fwu_alloc_mdata(size_t
images, size_t banks)
sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * banks) * images;
+
+ mobj->size += vendor_size;
+ mobj->vsize = vendor_size;
mobj->images = images;
mobj->banks = banks;
mobj->mdata = calloc(1, mobj->size);
- if (!mobj->mdata) {
- free(mobj);
- return NULL;
+ if (!mobj->mdata)
+ goto alloc_err;
+
+ if (vendor_size) {
+ mobj->vbuf = calloc(1, mobj->vsize);
+ if (!mobj->vbuf)
+ goto alloc_err;
}
return mobj;
+
+alloc_err:
+ free(mobj->mdata);
+ free(mobj);
+ return NULL;
}
static struct fwu_image_entry *
@@ -223,6 +242,7 @@ static int fwu_parse_fill_uuids(struct fwu_mdata_object
*mobj, char *uuids[])
{
struct fwu_mdata *mdata = mobj->mdata;
struct fwu_fw_store_desc *fw_desc;
+ char *vdata;
int i, ret;
mdata->version = FWU_MDATA_VERSION;
@@ -249,23 +269,65 @@ static int fwu_parse_fill_uuids(struct fwu_mdata_object
*mobj, char *uuids[])
return ret;
}
+ if (mobj->vsize) {
+ vdata = (char *)mobj->mdata + (mobj->size - mobj->vsize);
+ memcpy(vdata, mobj->vbuf, mobj->vsize);
+ }
+
mdata->crc32 = crc32(0, (const unsigned char *)>version,
mobj->size - sizeof(uint32_t));
return 0;
}
+static int fwu_read_vendor_data(struct fwu_mdata_object *mobj,
+ const char *vendor_file)
+{
+ int ret = 0;
+ FILE *vfile = NULL;
+
+ vfile = fopen(vendor_file, "r");
+ if (!vfile) {
+ ret = -1;
+ goto out;
+ }
+
+ if (fread(mobj->vbuf, 1, mobj->vsize, vfile) != mobj->vsize)
+ ret = -1;
+
+out:
+ fclose(vfile);
+ return ret;
+}
+
static int
-fwu_make_mdata(size_t images, size_t banks, char *uuids[], char *output)
+fwu_make_mdata(size_t images, size_t banks, const char *vendor_file,
+ char *uuids[], char *output)
{
struct fwu_mdata_object *mobj;
FILE *file;
+ struct stat sbuf;
+
[PATCH v2 17/21] tools: mkfwumdata: migrate to metadata version 2
Migrate the metadata generation tool to generate the version 2
metadata.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Compute location of struct fwu_fw_store_desc using pointer
arithmetic.
tools/mkfwumdata.c | 45 ++---
1 file changed, 34 insertions(+), 11 deletions(-)
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index 9732a8ddc5..fb847e3a78 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -14,12 +14,13 @@
#include
#include
-/* This will dynamically allocate the fwu_mdata */
-#define CONFIG_FWU_NUM_BANKS 0
-#define CONFIG_FWU_NUM_IMAGES_PER_BANK 0
-
/* Since we can not include fwu.h, redefine version here. */
-#define FWU_MDATA_VERSION 1
+#define FWU_MDATA_VERSION 2
+
+#define MAX_BANKS 4
+
+#define BANK_INVALID 0xFF
+#define BANK_ACCEPTED 0xFC
typedef uint8_t u8;
typedef int16_t s16;
@@ -29,8 +30,6 @@ typedef uint64_t u64;
#include
-/* TODO: Endianness conversion may be required for some arch. */
-
static const char *opts_short = "b:i:a:p:gh";
static struct option options[] = {
@@ -48,7 +47,7 @@ static void print_usage(void)
fprintf(stderr, "Usage: mkfwumdata [options] \n");
fprintf(stderr, "Options:\n"
"\t-i, --images Number of images (mandatory)\n"
- "\t-b, --banksNumber of banks (mandatory)\n"
+ "\t-b, --banksNumber of banks(1-4)
(mandatory)\n"
"\t-a, --active-bank Active bank (default=0)\n"
"\t-p, --previous-bankPrevious active bank
(default=active_bank - 1)\n"
"\t-g, --guid Use GUID instead of UUID\n"
@@ -85,6 +84,7 @@ static struct fwu_mdata_object *fwu_alloc_mdata(size_t
images, size_t banks)
return NULL;
mobj->size = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * banks) * images;
mobj->images = images;
@@ -105,6 +105,7 @@ fwu_get_image(struct fwu_mdata_object *mobj, size_t idx)
size_t offset;
offset = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * mobj->banks) * idx;
@@ -117,6 +118,7 @@ fwu_get_bank(struct fwu_mdata_object *mobj, size_t img_idx,
size_t bnk_idx)
size_t offset;
offset = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * mobj->banks) * img_idx +
sizeof(struct fwu_image_entry) +
@@ -188,7 +190,7 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
return -EINVAL;
if (strcmp(uuid, "0") &&
- uuid_guid_parse(uuid, (unsigned char *)>location_uuid) < 0)
+ uuid_guid_parse(uuid, (unsigned char *)>location_guid) < 0)
return -EINVAL;
/* Image type UUID */
@@ -196,7 +198,7 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
if (!uuid)
return -EINVAL;
- if (uuid_guid_parse(uuid, (unsigned char *)>image_type_uuid) < 0)
+ if (uuid_guid_parse(uuid, (unsigned char *)>image_type_guid) < 0)
return -EINVAL;
/* Fill bank image-UUID */
@@ -210,7 +212,7 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
return -EINVAL;
if (strcmp(uuid, "0") &&
- uuid_guid_parse(uuid, (unsigned char *)>image_uuid) <
0)
+ uuid_guid_parse(uuid, (unsigned char *)>image_guid) <
0)
return -EINVAL;
}
return 0;
@@ -220,11 +222,26 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
static int fwu_parse_fill_uuids(struct fwu_mdata_object *mobj, char *uuids[])
{
struct fwu_mdata *mdata = mobj->mdata;
+ struct fwu_fw_store_desc *fw_desc;
int i, ret;
mdata->version = FWU_MDATA_VERSION;
mdata->active_index = active_bank;
mdata->previous_active_index = previous_bank;
+ mdata->metadata_size = mobj->size;
+ mdata->desc_offset = sizeof(struct fwu_mdata);
+
+ for (i = 0; i < MAX_BANKS; i++)
+ mdata->bank_state[i] = i < mobj->banks ?
+ BANK_ACCEPTED : BANK_INVALID;
+
+ fw_desc = (struct fwu_fw_store_desc *)((u8 *)mdata + sizeof(*mdata));
+ fw_desc->num_banks = mobj->banks;
+ fw_desc->num_imag
[PATCH v2 16/21] fwu: remove the config symbols for number of banks and images
With the migration to the FWU metadata version 2 structure, the values
of number of banks and number of images per bank are now obtained from
the metadata at runtime. Remove the now superfluous config symbols.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
arch/sandbox/Kconfig | 6 --
board/armltd/corstone1000/corstone1000.c | 2 +-
lib/fwu_updates/Kconfig | 11 ---
3 files changed, 1 insertion(+), 18 deletions(-)
diff --git a/arch/sandbox/Kconfig b/arch/sandbox/Kconfig
index 0ce77de2fc..29013a5673 100644
--- a/arch/sandbox/Kconfig
+++ b/arch/sandbox/Kconfig
@@ -79,9 +79,3 @@ config SYS_FDT_LOAD_ADDR
See `doc/arch/sandbox.rst` for more information.
endmenu
-
-config FWU_NUM_BANKS
- default 2
-
-config FWU_NUM_IMAGES_PER_BANK
- default 2
diff --git a/board/armltd/corstone1000/corstone1000.c
b/board/armltd/corstone1000/corstone1000.c
index 01c80aaf9d..15de738154 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -109,7 +109,7 @@ void fwu_plat_get_bootidx(uint *boot_idx)
*/
ret = fwu_get_active_index(boot_idx);
if (ret < 0) {
- *boot_idx = CONFIG_FWU_NUM_BANKS;
+ *boot_idx = 0;
log_err("corstone1000: failed to read active index\n");
}
}
diff --git a/lib/fwu_updates/Kconfig b/lib/fwu_updates/Kconfig
index d35247d0e5..6bb94f88d3 100644
--- a/lib/fwu_updates/Kconfig
+++ b/lib/fwu_updates/Kconfig
@@ -12,17 +12,6 @@ menuconfig FWU_MULTI_BANK_UPDATE
if FWU_MULTI_BANK_UPDATE
-config FWU_NUM_BANKS
- int "Number of Banks defined by the platform"
- help
- Define the number of banks of firmware images on a platform
-
-config FWU_NUM_IMAGES_PER_BANK
- int "Number of firmware images per bank"
- help
- Define the number of firmware images per bank. This value
- should be the same for all the banks.
-
config FWU_TRIAL_STATE_CNT
int "Number of times system boots in Trial State"
default 3
--
2.34.1
[PATCH v2 15/21] test: fwu: align the FWU metadata access test with version 2
With the FWU metadata support having been migrated to version 2, make
corresponding changes to the test for accessing the FWU metadata.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Use the helper functions from the previous patch to access the
image information in the metadata.
test/dm/fwu_mdata.c| 56 ---
test/dm/fwu_mdata_disk_image.h | 124 ++---
2 files changed, 83 insertions(+), 97 deletions(-)
diff --git a/test/dm/fwu_mdata.c b/test/dm/fwu_mdata.c
index 52018f610f..cbeceaee93 100644
--- a/test/dm/fwu_mdata.c
+++ b/test/dm/fwu_mdata.c
@@ -88,10 +88,15 @@ static int write_mmc_blk_device(struct unit_test_state *uts)
return 0;
}
-static int dm_test_fwu_mdata_read(struct unit_test_state *uts)
+static int fwu_mdata_access_setup(struct unit_test_state *uts,
+ struct fwu_mdata **mdata)
{
+ u32 mdata_size;
struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
+
+ ut_assertok(setup_blk_device(uts));
+ ut_assertok(populate_mmc_disk_image(uts));
+ ut_assertok(write_mmc_blk_device(uts));
/*
* Trigger lib/fwu_updates/fwu.c fwu_boottime_checks()
@@ -100,13 +105,24 @@ static int dm_test_fwu_mdata_read(struct unit_test_state
*uts)
event_notify_null(EVT_MAIN_LOOP);
ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, ));
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
- ut_assertok(fwu_get_mdata());
+ ut_assertok(fwu_get_mdata_size(_size));
- ut_asserteq(mdata.version, 0x1);
+ *mdata = malloc(mdata_size);
+ ut_assertnonnull(*mdata);
+
+ return 0;
+}
+
+static int dm_test_fwu_mdata_read(struct unit_test_state *uts)
+{
+ struct fwu_mdata *mdata = NULL;
+
+ fwu_mdata_access_setup(uts, );
+
+ ut_assertok(fwu_get_mdata(mdata));
+
+ ut_asserteq(mdata->version, 0x2);
return 0;
}
@@ -114,29 +130,21 @@ DM_TEST(dm_test_fwu_mdata_read, UT_TESTF_SCAN_FDT);
static int dm_test_fwu_mdata_write(struct unit_test_state *uts)
{
+ u8 num_banks;
u32 active_idx;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
-
- /*
-* Trigger lib/fwu_updates/fwu.c fwu_boottime_checks()
-* to populate g_dev global pointer in that library.
-*/
- event_notify_null(EVT_MAIN_LOOP);
+ struct fwu_mdata *mdata = NULL;
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
-
- ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, ));
+ fwu_mdata_access_setup(uts, );
- ut_assertok(fwu_get_mdata());
+ ut_assertok(fwu_get_mdata(mdata));
+ num_banks = fwu_get_fw_desc(mdata)->num_banks;
+ ut_asserteq(2, num_banks);
- active_idx = (mdata.active_index + 1) % CONFIG_FWU_NUM_BANKS;
+ active_idx = (mdata->active_index + 1) % num_banks;
ut_assertok(fwu_set_active_index(active_idx));
- ut_assertok(fwu_get_mdata());
- ut_asserteq(mdata.active_index, active_idx);
+ ut_assertok(fwu_get_mdata(mdata));
+ ut_asserteq(mdata->active_index, active_idx);
return 0;
}
diff --git a/test/dm/fwu_mdata_disk_image.h b/test/dm/fwu_mdata_disk_image.h
index b9803417c8..b15b06b9de 100644
--- a/test/dm/fwu_mdata_disk_image.h
+++ b/test/dm/fwu_mdata_disk_image.h
@@ -6,107 +6,85 @@
*/
#define FWU_MDATA_DISK_IMG { 0x0001, { \
- {0x01c0, "\x02\x00\xee\x02\x02\x00\x01\x00"}, /* */ \
+ {0x01c0, "\x02\x00\xee\xff\xff\xff\x01\x00"}, /* */ \
{0x01c8, "\x00\x00\x7f\x00\x00\x00\x00\x00"}, /* */ \
{0x01f8, "\x00\x00\x00\x00\x00\x00\x55\xaa"}, /* ..U. */ \
{0x0200, "\x45\x46\x49\x20\x50\x41\x52\x54"}, /* EFI PART */ \
{0x0208, "\x00\x00\x01\x00\x5c\x00\x00\x00"}, /* \... */ \
- {0x0210, "\xa6\xf6\x92\x20\x00\x00\x00\x00"}, /* ... */ \
+ {0x0210, "\x52\x5f\x3a\xa1\x00\x00\x00\x00"}, /* R_:. */ \
{0x0218, "\x01\x00\x00\x00\x00\x00\x00\x00"}, /* */ \
{0x0220, "\x7f\x00\x00\x00\x00\x00\x00\x00"}, /* */ \
{0x0228, "\x22\x00\x00\x00\x00\x00\x00\x00"}, /* "... */ \
{0x0230, "\x5e\x00\x00\x00\x00\x00\x00\x00"}, /* ^... */ \
- {0x0238, "\xde\x99\xa2\x7e\x46\x34\xeb\x47"}, /* ...~F4.G */ \
- {0x0240, "\x87\xf6\x4f\x75\xe8\xd5\x7d\xc7"}, /* ..Ou..}. */ \
+ {0x0238, "\xf5\xf3\x9d\xb9\x92\xdd\x48\x60"}, /* ..H` */ \
+ {0x0240, "\x9a\x04\xe5\x2b\x11\xcb\x42\x61"}, /* ...+..
[PATCH v2 14/21] cmd: fwu: align the command with metadata version 2
Make changes to the fwu_mdata_read command to have it align with the
metadata version 2.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Use the helper functions from the previous patch to access the
image information in the metadata.
cmd/fwu_mdata.c | 45 +++--
1 file changed, 35 insertions(+), 10 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c
index 5ecda455df..6d5ed7a187 100644
--- a/cmd/fwu_mdata.c
+++ b/cmd/fwu_mdata.c
@@ -16,6 +16,8 @@
static void print_mdata(struct fwu_mdata *mdata)
{
int i, j;
+ uint8_t num_banks;
+ uint16_t num_images;
struct fwu_image_entry *img_entry;
struct fwu_image_bank_info *img_info;
@@ -25,15 +27,22 @@ static void print_mdata(struct fwu_mdata *mdata)
printf("active_index: %#x\n", mdata->active_index);
printf("previous_active_index: %#x\n", mdata->previous_active_index);
+ num_banks = fwu_get_fw_desc(mdata)->num_banks;
+ num_images = fwu_get_fw_desc(mdata)->num_images;
+
+ for (i = 0; i < 4; i++)
+ printf("bank_state[%d]: %#x\n", i, mdata->bank_state[i]);
+
printf("\tImage Info\n");
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- img_entry = >img_entry[i];
+
+ for (i = 0; i < num_images; i++) {
+ img_entry = fwu_img_entry_offset(mdata, i);
printf("\nImage Type Guid: %pUL\n",
- _entry->image_type_uuid);
- printf("Location Guid: %pUL\n", _entry->location_uuid);
- for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) {
- img_info = _entry->img_bank_info[j];
- printf("Image Guid: %pUL\n", _info->image_uuid);
+ _entry->image_type_guid);
+ printf("Location Guid: %pUL\n", _entry->location_guid);
+ for (j = 0; j < num_banks; j++) {
+ img_info = fwu_img_bank_info_offset(mdata, i, j);
+ printf("Image Guid: %pUL\n", _info->image_guid);
printf("Image Acceptance: %s\n",
img_info->accepted == 0x1 ? "yes" : "no");
}
@@ -43,19 +52,35 @@ static void print_mdata(struct fwu_mdata *mdata)
int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag,
int argc, char * const argv[])
{
+ uint32_t mdata_size;
+ struct fwu_mdata *mdata = NULL;
int ret = CMD_RET_SUCCESS, res;
- struct fwu_mdata mdata;
- res = fwu_get_mdata();
+ res = fwu_get_mdata_size(_size);
+ if (res) {
+ log_err("Unable to get FWU metadata size\n");
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ mdata = malloc(mdata_size);
+ if (!mdata) {
+ log_err("Unable to allocate memory for FWU metadata\n");
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ res = fwu_get_mdata(mdata);
if (res < 0) {
log_err("Unable to get valid FWU metadata\n");
ret = CMD_RET_FAILURE;
goto out;
}
- print_mdata();
+ print_mdata(mdata);
out:
+ free(mdata);
return ret;
}
--
2.34.1
[PATCH v2 13/21] efi_firmware: fwu: get the number of FWU banks at runtime
With the migration of the FWU metadata to version 2, the number of
banks are now obtained at runtime, instead of the config symbols. Make
use of the API to get the number of banks in the versioning
functions.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
lib/efi_loader/efi_firmware.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index c742e23268..26d2916ee1 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -207,7 +207,8 @@ void efi_firmware_fill_version_info(struct
efi_firmware_image_descriptor *image_
u16 varname[13]; /* u"FmpState" */
efi_status_t ret;
efi_uintn_t size, expected_size;
- uint num_banks = 1;
+ u8 num_banks = 1;
+ u16 __maybe_unused num_images;
uint active_index = 0;
struct fmp_state *var_state;
@@ -229,7 +230,9 @@ void efi_firmware_fill_version_info(struct
efi_firmware_image_descriptor *image_
if (ret)
return;
- num_banks = CONFIG_FWU_NUM_BANKS;
+ ret = fwu_get_banks_images(_banks, _images);
+ if (ret)
+ return;
}
size = num_banks * sizeof(*var_state);
@@ -379,7 +382,8 @@ efi_status_t efi_firmware_set_fmp_state_var(struct
fmp_state *state, u8 image_in
{
u16 varname[13]; /* u"FmpState" */
efi_status_t ret;
- uint num_banks = 1;
+ u8 num_banks = 1;
+ u16 __maybe_unused num_images;
uint update_bank = 0;
efi_uintn_t size;
efi_guid_t *image_type_id;
@@ -398,7 +402,9 @@ efi_status_t efi_firmware_set_fmp_state_var(struct
fmp_state *state, u8 image_in
if (ret)
return EFI_INVALID_PARAMETER;
- num_banks = CONFIG_FWU_NUM_BANKS;
+ ret = fwu_get_banks_images(_banks, _images);
+ if (ret)
+ return EFI_INVALID_PARAMETER;
}
size = num_banks * sizeof(*var_state);
--
2.34.1
[PATCH v2 12/21] efi_firmware: fwu: do not read FWU metadata on sandbox
The FWU metadata is being read for populating the firmware image's
version information. The sandbox platform does not have the FWU
metadata on any of it's storage devices. Skip attempting to read the
FWU metadata on the sandbox platform.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
lib/efi_loader/efi_firmware.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index ba5aba098c..c742e23268 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -223,7 +223,8 @@ void efi_firmware_fill_version_info(struct
efi_firmware_image_descriptor *image_
/* get the fw_version */
efi_create_indexed_name(varname, sizeof(varname), "FmpState",
fw_array->image_index);
- if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
+ if (!IS_ENABLED(CONFIG_SANDBOX) &&
+ IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
ret = fwu_get_active_index(_index);
if (ret)
return;
@@ -391,7 +392,8 @@ efi_status_t efi_firmware_set_fmp_state_var(struct
fmp_state *state, u8 image_in
efi_create_indexed_name(varname, sizeof(varname), "FmpState",
image_index);
- if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
+ if (!IS_ENABLED(CONFIG_SANDBOX) &&
+ IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
ret = fwu_plat_get_update_index(_bank);
if (ret)
return EFI_INVALID_PARAMETER;
--
2.34.1
[PATCH v2 11/21] fwu: mtd: modify the DFU API's to align with metadata version 2
Make changes to the functions used for generating the DFU's alt
variable so that they are aligned with changes to the metadata version
2.
These changes include getting the number of banks and images per bank
at runtime from the metadata, as well as accessing the updatable image
information from the FWU MTD driver's private structure.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Use the helper functions from the previous patch to access the
image information in the metadata.
lib/fwu_updates/fwu_mtd.c | 81 +--
1 file changed, 61 insertions(+), 20 deletions(-)
diff --git a/lib/fwu_updates/fwu_mtd.c b/lib/fwu_updates/fwu_mtd.c
index 69cd3d7001..50ff0d692d 100644
--- a/lib/fwu_updates/fwu_mtd.c
+++ b/lib/fwu_updates/fwu_mtd.c
@@ -15,16 +15,51 @@
#include
-struct fwu_mtd_image_info
-fwu_mtd_images[CONFIG_FWU_NUM_BANKS * CONFIG_FWU_NUM_IMAGES_PER_BANK];
+static struct fwu_mdata *mdata;
+
+static int read_mdata(void)
+{
+ int ret = 0;
+ u32 mdata_size;
+
+ ret = fwu_get_mdata_size(_size);
+ if (ret)
+ return ret;
+
+ mdata = malloc(mdata_size);
+ if (!mdata)
+ return -ENOMEM;
+
+ ret = fwu_get_mdata(mdata);
+ if (ret < 0) {
+ log_err("Failed to get the FWU mdata\n");
+ free(mdata);
+ mdata = NULL;
+ }
+
+ return ret;
+}
static struct fwu_mtd_image_info *mtd_img_by_uuid(const char *uuidbuf)
{
- int num_images = ARRAY_SIZE(fwu_mtd_images);
+ u8 nbanks;
+ u16 nimages;
+ int num_images, ret;
+ struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(fwu_get_dev());
+ struct fwu_mtd_image_info *image_info = mtd_priv->fwu_mtd_images;
+
+ if (!image_info)
+ return NULL;
+
+ ret = fwu_get_banks_images(, );
+ if (ret)
+ return NULL;
+
+ num_images = nbanks * nimages;
for (int i = 0; i < num_images; i++)
- if (!strcmp(uuidbuf, fwu_mtd_images[i].uuidbuf))
- return _mtd_images[i];
+ if (!strcmp(uuidbuf, image_info[i].uuidbuf))
+ return _info[i];
return NULL;
}
@@ -107,8 +142,9 @@ __weak int fwu_plat_get_alt_num(struct udevice *dev,
efi_guid_t *image_id,
return fwu_mtd_get_alt_num(image_id, alt_num, "nor1");
}
-static int gen_image_alt_info(char *buf, size_t len, int sidx,
- struct fwu_image_entry *img, struct mtd_info *mtd)
+static int gen_image_alt_info(char *buf, size_t len, int idx,
+ struct fwu_image_entry *img,
+ struct mtd_info *mtd, uint8_t num_banks)
{
char *p = buf, *end = buf + len;
int i;
@@ -123,15 +159,15 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
* List the image banks in the FWU mdata and search the corresponding
* partition based on partition's uuid.
*/
- for (i = 0; i < CONFIG_FWU_NUM_BANKS; i++) {
+ for (i = 0; i < num_banks; i++) {
struct fwu_mtd_image_info *mtd_img_info;
struct fwu_image_bank_info *bank;
char uuidbuf[UUID_STR_LEN + 1];
u32 offset, size;
/* Query a partition by image UUID */
- bank = >img_bank_info[i];
- uuid_bin_to_str(bank->image_uuid.b, uuidbuf,
UUID_STR_FORMAT_STD);
+ bank = fwu_img_bank_info_offset(mdata, idx, i);
+ uuid_bin_to_str(bank->image_guid.b, uuidbuf,
UUID_STR_FORMAT_STD);
mtd_img_info = mtd_img_by_uuid(uuidbuf);
if (!mtd_img_info) {
@@ -150,7 +186,7 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
}
}
- if (i == CONFIG_FWU_NUM_BANKS)
+ if (i == num_banks)
return 0;
return -ENOENT;
@@ -158,24 +194,29 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
int fwu_gen_alt_info_from_mtd(char *buf, size_t len, struct mtd_info *mtd)
{
- struct fwu_mdata mdata;
+ u8 num_banks;
+ u16 num_images;
int i, l, ret;
+ struct fwu_image_entry *img_entry;
- ret = fwu_get_mdata();
- if (ret < 0) {
- log_err("Failed to get the FWU mdata.\n");
- return ret;
+ if (!mdata) {
+ ret = read_mdata();
+ if (ret)
+ return ret;
}
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- ret = gen_image_alt_info(buf, len, i * CONFIG_FWU_NUM_BANKS,
-_entry[i], mtd);
+ num_banks = fwu_get_fw_desc(mdata)->num_banks;
+ num_images = fwu_get_fw_desc(mdata)->num_images;
+ for (i = 0; i < num_images; i++) {
+
[PATCH v2 10/21] capsule: accept a bank on a successful update
The version 2 of the FWU metadata maintains a bank_state field per
bank, which keeps an aggregate status of the bank. A bank can either
be in a valid, invalid, or accepted state.
Update the bank_state field of the metadata once the update has gone
through successfully(when skipping Trial State), or once the images in
the bank have been accepted.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
lib/efi_loader/efi_capsule.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 0e6a38b441..422bb11162 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -480,6 +480,12 @@ static __maybe_unused efi_status_t
fwu_empty_capsule_process(
if (ret != EFI_SUCCESS)
log_err("Unable to set the Accept bit for the image
%pUs\n",
image_guid);
+
+ status = fwu_bank_state_update(active_idx);
+ ret = fwu_to_efi_error(status);
+ if (ret != EFI_SUCCESS)
+ log_err("Unable to update the bank_state for bank %u\n",
+ active_idx);
}
return ret;
@@ -525,6 +531,10 @@ static __maybe_unused efi_status_t
fwu_post_update_process(bool fw_accept_os)
status = fwu_trial_state_start(update_index);
if (status < 0)
ret = EFI_DEVICE_ERROR;
+ } else {
+ status = fwu_bank_state_update(update_index);
+ if (status < 0)
+ ret = EFI_DEVICE_ERROR;
}
}
--
2.34.1
[PATCH v2 09/21] fwu: add a function to put a bank in Trial State
The version 2 of the FWU metadata has a field in the top level
structure, called bank_state. This is used to keep the state a given
bank is in, either of valid(for trial state), invalid, or accepted.
Update this field when putting the platform in Trial State, in
addition to starting the TrialStateCtr variable by calling the
fwu_trial_state_start() function.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
include/fwu.h| 12 +---
lib/efi_loader/efi_capsule.c | 2 +-
lib/fwu_updates/fwu.c| 54 ++--
3 files changed, 54 insertions(+), 14 deletions(-)
diff --git a/include/fwu.h b/include/fwu.h
index 109ceb2610..1c6a5fcda9 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -342,15 +342,19 @@ u8 fwu_update_checks_pass(void);
u8 fwu_empty_capsule_checks_pass(void);
/**
- * fwu_trial_state_ctr_start() - Start the Trial State counter
+ * fwu_trial_state_start() - Put the platform in Trial State
+ * @update_index: Bank number to which images have been updated
*
- * Start the counter to identify the platform booting in the
- * Trial State. The counter is implemented as an EFI variable.
+ * Put the platform in Trial State by starting the counter to
+ * identify the platform booting in the Trial State. The
+ * counter is implemented as an EFI variable. Secondly, set
+ * the bank_state in the metadata for the updated bank to Valid
+ * state.
*
* Return: 0 if OK, -ve on error
*
*/
-int fwu_trial_state_ctr_start(void);
+int fwu_trial_state_start(uint update_index);
/**
* fwu_gen_alt_info_from_mtd() - Parse dfu_alt_info from metadata in mtd
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index de0d49ebeb..0e6a38b441 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -522,7 +522,7 @@ static __maybe_unused efi_status_t
fwu_post_update_process(bool fw_accept_os)
} else {
log_debug("Successfully updated the active_index\n");
if (fw_accept_os) {
- status = fwu_trial_state_ctr_start();
+ status = fwu_trial_state_start(update_index);
if (status < 0)
ret = EFI_DEVICE_ERROR;
}
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 587ca779d3..a58c42bee2 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -672,6 +672,36 @@ out:
return ret;
}
+static int fwu_trial_state_ctr_start(void)
+{
+ int ret;
+ u16 trial_state_ctr;
+
+ printf("%s: starting the TrialStateCtr\n", __func__);
+ trial_state_ctr = 0;
+ ret = trial_counter_update(_state_ctr);
+ if (ret)
+ log_err("Unable to initialise TrialStateCtr\n");
+
+ return ret;
+}
+
+static int fwu_set_bank_state_trial(uint update_index)
+{
+ int ret;
+ struct fwu_mdata *mdata = g_mdata;
+
+ mdata->bank_state[update_index] = FWU_BANK_VALID;
+
+ ret = fwu_sync_mdata(mdata, BOTH_PARTS);
+ if (ret) {
+ log_err("Unable to set bank_state for %d bank\n", update_index);
+ return ret;
+ }
+
+ return 0;
+}
+
/**
* fwu_bank_state_update() - Check and update the bank_state of the metadata
* @update_index: Bank for which the bank_state needs to be updated
@@ -830,25 +860,31 @@ u8 fwu_empty_capsule_checks_pass(void)
}
/**
- * fwu_trial_state_ctr_start() - Start the Trial State counter
+ * fwu_trial_state_start() - Put the platform in Trial State
+ * @update_index: Bank number to which images have been updated
*
- * Start the counter to identify the platform booting in the
- * Trial State. The counter is implemented as an EFI variable.
+ * Put the platform in Trial State by starting the counter to
+ * identify the platform booting in the Trial State. The
+ * counter is implemented as an EFI variable. Secondly, set
+ * the bank_state in the metadata for the updated bank to Valid
+ * state.
*
* Return: 0 if OK, -ve on error
*
*/
-int fwu_trial_state_ctr_start(void)
+int fwu_trial_state_start(uint update_index)
{
int ret;
- u16 trial_state_ctr;
- trial_state_ctr = 0;
- ret = trial_counter_update(_state_ctr);
+ ret = fwu_trial_state_ctr_start();
if (ret)
- log_err("Unable to initialise TrialStateCtr\n");
+ return ret;
- return ret;
+ ret = fwu_set_bank_state_trial(update_index);
+ if (ret)
+ return ret;
+
+ return 0;
}
static int fwu_boottime_checks(void)
--
2.34.1
[PATCH v2 08/21] drivers: fwu: allocate memory for metadata copies
With migration of the FWU metadata access code to version 2, the size of the metadata is obtained at runtime. Allocate memory for both the metadata copies from the driver's probe function. Signed-off-by: Sughosh Ganu --- Changes since V1: None drivers/fwu-mdata/gpt_blk.c | 4 drivers/fwu-mdata/raw_mtd.c | 4 2 files changed, 8 insertions(+) diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index 97eac3611f..c2cb7ef7c3 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -159,6 +159,10 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev) priv->blk_dev = mdata_dev; + ret = fwu_mdata_copies_allocate(); + if (ret) + return ret; + return 0; } diff --git a/drivers/fwu-mdata/raw_mtd.c b/drivers/fwu-mdata/raw_mtd.c index da36094644..d91518bf0a 100644 --- a/drivers/fwu-mdata/raw_mtd.c +++ b/drivers/fwu-mdata/raw_mtd.c @@ -260,6 +260,10 @@ static int fwu_mdata_mtd_probe(struct udevice *dev) if (ret) return ret; + ret = fwu_mdata_copies_allocate(); + if (ret) + return ret; + /* Read the metadata to get number of banks and images */ ret = fwu_get_banks_images(, ); if (ret) -- 2.34.1
[PATCH v2 07/21] drivers: fwu: mtd: allocate buffer for image info dynamically
The FWU metadata access driver for MTD partitioned devices currently
uses a statically allocated array for storing the updatable image
information. This array depends on the number of banks and images per
bank. With migration of the FWU metadata to version 2, these
parameters are now obtained at runtime from the metadata.
Make changes to the FWU metadata access driver for MTD devices to
allocate memory for the image information dynamically in the driver's
probe function, after having obtained the number of banks and images
per bank by reading the metadata. Move the image information as part
of the driver's private structure, instead of using a global variable.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
drivers/fwu-mdata/raw_mtd.c | 71 -
include/fwu.h | 9 +
2 files changed, 55 insertions(+), 25 deletions(-)
diff --git a/drivers/fwu-mdata/raw_mtd.c b/drivers/fwu-mdata/raw_mtd.c
index 9f3f1dc213..da36094644 100644
--- a/drivers/fwu-mdata/raw_mtd.c
+++ b/drivers/fwu-mdata/raw_mtd.c
@@ -12,22 +12,11 @@
#include
#include
-/* Internal helper structure to move data around */
-struct fwu_mdata_mtd_priv {
- struct mtd_info *mtd;
- char pri_label[50];
- char sec_label[50];
- u32 pri_offset;
- u32 sec_offset;
-};
-
enum fwu_mtd_op {
FWU_MTD_READ,
FWU_MTD_WRITE,
};
-extern struct fwu_mtd_image_info fwu_mtd_images[];
-
static bool mtd_is_aligned_with_block_size(struct mtd_info *mtd, u64 size)
{
return !do_div(size, mtd->erasesize);
@@ -134,7 +123,7 @@ static int flash_partition_offset(struct udevice *dev,
const char *part_name, fd
return (int)size;
}
-static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
+static int get_fwu_mdata_dev(struct udevice *dev)
{
struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(dev);
const fdt32_t *phandle_p = NULL;
@@ -144,8 +133,6 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
fdt_addr_t offset;
int ret, size;
u32 phandle;
- ofnode bank;
- int off_img;
/* Find the FWU mdata storage device */
phandle_p = ofnode_get_property(dev_ofnode(dev),
@@ -199,8 +186,28 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
return ret;
mtd_priv->sec_offset = offset;
- off_img = 0;
+ return 0;
+}
+
+static int fwu_mtd_image_info_populate(struct udevice *dev, u8 nbanks,
+ u16 nimages)
+{
+ struct fwu_mtd_image_info *mtd_images;
+ struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(dev);
+ struct udevice *mtd_dev = mtd_priv->mtd->dev;
+ fdt_addr_t offset;
+ ofnode bank;
+ int off_img;
+ u32 total_images;
+ total_images = nbanks * nimages;
+ mtd_priv->fwu_mtd_images = malloc(sizeof(struct fwu_mtd_image_info) *
+ total_images);
+ if (!mtd_priv->fwu_mtd_images)
+ return -ENOMEM;
+
+ off_img = 0;
+ mtd_images = mtd_priv->fwu_mtd_images;
ofnode_for_each_subnode(bank, dev_ofnode(dev)) {
int bank_num, bank_offset, bank_size;
const char *bank_name;
@@ -219,8 +226,7 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
int image_num, image_offset, image_size;
const char *uuid;
- if (off_img == CONFIG_FWU_NUM_BANKS *
- CONFIG_FWU_NUM_IMAGES_PER_BANK)
{
+ if (off_img == total_images) {
log_err("DT provides more images than
configured!\n");
break;
}
@@ -230,11 +236,11 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
ofnode_read_u32(image, "offset", _offset);
ofnode_read_u32(image, "size", _size);
- fwu_mtd_images[off_img].start = bank_offset +
image_offset;
- fwu_mtd_images[off_img].size = image_size;
- fwu_mtd_images[off_img].bank_num = bank_num;
- fwu_mtd_images[off_img].image_num = image_num;
- strcpy(fwu_mtd_images[off_img].uuidbuf, uuid);
+ mtd_images[off_img].start = bank_offset + image_offset;
+ mtd_images[off_img].size = image_size;
+ mtd_images[off_img].bank_num = bank_num;
+ mtd_images[off_img].image_num = image_num;
+ strcpy(mtd_images[off_img].uuidbuf, uuid);
log_debug("\tImage%d: %s @0x%x\n\n",
image_num, uuid, bank_offset + image_offset);
off_img++;
@@ -246,8 +252,24 @@ stati
[PATCH v2 06/21] fwu: add some API's for metadata version 2 access
There are certain fields added in version 2 of the FWU metadata
structure. Also, information like number of banks and number of images
per bank are also part of the metadata structure. Add functions to
access fields of the version 2 of the metadata structure.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Use the helper functions from the previous patch to access the
image information in the metadata.
include/fwu.h | 53
lib/fwu_updates/fwu.c | 144 ++
2 files changed, 197 insertions(+)
diff --git a/include/fwu.h b/include/fwu.h
index 8f2492bb7e..ce8c98921a 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -153,6 +153,26 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata
*mdata,
*/
int fwu_get_mdata(struct fwu_mdata *mdata);
+/**
+ * fwu_mdata_copies_allocate() - Allocate memory for metadata
+ *
+ * Allocate memory for storing both the copies of the FWU metadata. The
+ * copies are then used as a cache for storing FWU metadata contents.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_mdata_copies_allocate(void);
+
+/**
+ * fwu_get_mdata_size() - Get the FWU metadata size
+ *
+ * Get the size of the FWU metadata from the structure. This is later used
+ * to allocate memory for the structure.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_get_mdata_size(uint32_t *mdata_size);
+
/**
* fwu_get_active_index() - Get active_index from the FWU metadata
* @active_idxp: active_index value to be read
@@ -202,6 +222,18 @@ int fwu_get_dfu_alt_num(u8 image_index, u8 *alt_num);
*/
int fwu_revert_boot_index(void);
+/**
+ * fwu_bank_state_update() - Check and update the bank_state of the metadata
+ * @update_index: Bank for which the bank_state needs to be updated
+ *
+ * Check that all the images for the given bank have been accepted, and if
+ * they are, set the status of the bank to Accepted in the bank_state field
+ * of the metadata.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_bank_state_update(uint update_index);
+
/**
* fwu_accept_image() - Set the Acceptance bit for the image
* @img_type_id: GUID of the image type for which the accepted bit is to be
@@ -335,4 +367,25 @@ int fwu_gen_alt_info_from_mtd(char *buf, size_t len,
struct mtd_info *mtd);
*/
int fwu_mtd_get_alt_num(efi_guid_t *image_guid, u8 *alt_num, const char
*mtd_dev);
+/**
+ * fwu_get_banks_images() - Get the number of banks and images from the
metadata
+ * @nbanks: Number of banks
+ * @nimages: Number of images per bank
+ *
+ * Get the values of number of banks and number of images per bank from the
+ * metadata.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_get_banks_images(u8 *nbanks, u16 *nimages);
+
+/**
+ * fwu_get_dev() - Return the FWU metadata device
+ *
+ * Return the pointer to the FWU metadata device.
+ *
+ * Return: Pointer to the FWU metadata dev
+ */
+__maybe_unused struct udevice *fwu_get_dev(void);
+
#endif /* _FWU_H_ */
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 2da19c9003..587ca779d3 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -240,6 +240,114 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata)
return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
}
+/**
+ * fwu_mdata_copies_allocate() - Allocate memory for metadata
+ *
+ * Allocate memory for storing both the copies of the FWU metadata. The
+ * copies are then used as a cache for storing FWU metadata contents.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_mdata_copies_allocate(void)
+{
+ int err;
+ uint32_t mdata_size;
+
+ if (g_mdata)
+ return 0;
+
+ err = fwu_get_mdata_size(_size);
+ if (err)
+ return err;
+
+ /*
+* Now allocate the total memory that would be needed for both
+* the copies.
+*/
+ g_mdata = calloc(2, mdata_size);
+ if (!g_mdata) {
+ log_err("Unable to allocate space for FWU metadata\n");
+ return -ENOMEM;
+ }
+
+ return 0;
+}
+
+/**
+ * fwu_get_mdata_size() - Get the FWU metadata size
+ *
+ * Get the size of the FWU metadata from the structure. This is later used
+ * to allocate memory for the structure.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_get_mdata_size(uint32_t *mdata_size)
+{
+ int err = 0;
+ struct fwu_mdata mdata = { 0 };
+
+ if (g_mdata && !mdata_crc_check(g_mdata)) {
+ *mdata_size = g_mdata->metadata_size;
+ return 0;
+ }
+
+ err = fwu_read_mdata(g_dev, , 1, sizeof(struct fwu_mdata));
+ if (err) {
+ log_err("FWU metadata read failed\n");
+ return err;
+ }
+
+ if (mdata.version != 0x2) {
+ log_err("FWU metadata version %u. Expected value of 2\n",
+ mdata.version);
+ return -EINVAL;
+ }
[PATCH v2 05/21] fwu: make changes to support version 2 of FWU metadata
Make changes to the FWU library functions which are used to access the
metadata structure to support version 2 of the metadata.
At a broad level, the following are the changes made
- Use a pointer g_mdata instead of a variable, and allocate space for
it at runtime.
- Obtain the number of banks and number of images per bank from the
metadata at runtime, instead of using config values.
- Obtain the pointers to the fwu_image_entry and fwu_image_bank_info
structures at runtime by pointer arithmetic using the helper
functions.
- Get the size of the metadata from the metadata structure, instead
of using build-time value.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Use the helper functions from the previous patch to access the
image information in the metadata.
include/fwu.h | 6 +-
lib/fwu_updates/fwu.c | 145 +++---
2 files changed, 98 insertions(+), 53 deletions(-)
diff --git a/include/fwu.h b/include/fwu.h
index 7de462548c..8f2492bb7e 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -53,9 +53,13 @@ struct fwu_mdata_ops {
bool primary, uint32_t size);
};
-#define FWU_MDATA_VERSION 0x1
+#define FWU_MDATA_VERSION 0x2
#define FWU_IMAGE_ACCEPTED 0x1
+#define FWU_BANK_INVALID 0xFF
+#define FWU_BANK_VALID 0xFE
+#define FWU_BANK_ACCEPTED 0xFC
+
/*
* GUID value defined in the FWU specification for identification
* of the FWU metadata partition.
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 5f1182a764..2da19c9003 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -17,7 +17,7 @@
#include
-static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */
+static struct fwu_mdata *g_mdata;
static struct udevice *g_dev;
static u8 in_trial;
static u8 boottime_check;
@@ -108,21 +108,9 @@ out:
static int in_trial_state(struct fwu_mdata *mdata)
{
- u32 i, active_bank;
- struct fwu_image_entry *img_entry;
- struct fwu_image_bank_info *img_bank_info;
-
- active_bank = mdata->active_index;
- img_entry = >img_entry[0];
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- img_bank_info = _entry[i].img_bank_info[active_bank];
- if (!img_bank_info->accepted) {
- log_info("System booting in Trial State\n");
- return 1;
- }
- }
+ u32 active_bank = mdata->active_index;
- return 0;
+ return mdata->bank_state[active_bank] == FWU_BANK_VALID ? 1 : 0;
}
static int fwu_get_image_type_id(u8 image_index, efi_guid_t *image_type_id)
@@ -208,8 +196,9 @@ struct fwu_image_bank_info *fwu_img_bank_info_offset(struct
fwu_mdata *mdata,
*/
static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
{
- void *buf = >version;
int err;
+ uint32_t mdata_size;
+ void *buf = >version;
if (part == BOTH_PARTS) {
err = fwu_sync_mdata(mdata, SECONDARY_PART);
@@ -223,9 +212,10 @@ static int fwu_sync_mdata(struct fwu_mdata *mdata, int
part)
* and put the updated value in the FWU metadata crc32
* field
*/
- mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
+ mdata_size = mdata->metadata_size;
+ mdata->crc32 = crc32(0, buf, mdata_size - sizeof(u32));
- err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART);
+ err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART, mdata_size);
if (err) {
log_err("Unable to write %s mdata\n",
part == PRIMARY_PART ? "primary" : "secondary");
@@ -233,7 +223,7 @@ static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
}
/* update the cached copy of meta-data */
- memcpy(_mdata, mdata, sizeof(struct fwu_mdata));
+ memcpy(g_mdata, mdata, mdata_size);
return 0;
}
@@ -241,8 +231,12 @@ static int fwu_sync_mdata(struct fwu_mdata *mdata, int
part)
static inline int mdata_crc_check(struct fwu_mdata *mdata)
{
void *buf = >version;
- u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
+ u32 calc_crc32;
+ if (!mdata->metadata_size)
+ return -EINVAL;
+
+ calc_crc32 = crc32(0, buf, mdata->metadata_size - sizeof(u32));
return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
}
@@ -259,27 +253,32 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata)
int fwu_get_mdata(struct fwu_mdata *mdata)
{
int err;
+ uint32_t mdata_size;
bool parts_ok[2] = { false };
- struct fwu_mdata s, *parts_mdata[2];
+ struct fwu_mdata *parts_mdata[2];
+
+ err = fwu_get_mdata_size(_size);
+ if (err)
+ return err;
- parts_mdata[0] = _mdata;
- parts_mdata[1] =
[PATCH v2 04/21] fwu: add helper functions for getting image description offsets
With migration of the FWU metadata structure to version 2, the size of
the structure is not determined at build time, but at run time.
This means, that the offsets for the structures describing firmware
images which are part of the FWU metadata(struct fwu_fw_store_desc,
struct fwu_image_entry and struct fwu_image_bank_info) need to be
computed at runtime. Add helper functions to get addresses of these
structures.
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* New patch needed based on comments from Ilias on the earlier
version.
include/fwu.h | 45 +
lib/fwu_updates/fwu.c | 58 +++
2 files changed, 103 insertions(+)
diff --git a/include/fwu.h b/include/fwu.h
index 1815bd0064..7de462548c 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -8,6 +8,7 @@
#include
#include
+#include
#include
#include
@@ -81,6 +82,50 @@ struct fwu_mdata_ops {
EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \
0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
+
+/**
+ * fwu_get_fw_desc() - Return pointer to firmware descriptor store struct
+ * @mdata: Pointer to the FWU metadata
+ *
+ * Returns pointer to the firmware store descriptor of the FWU metadata
+ * containing information on updatable images.
+ *
+ * Return: Pointer to the struct fwu_fw_store_desc
+ */
+static inline struct fwu_fw_store_desc *fwu_get_fw_desc(struct fwu_mdata
*mdata)
+{
+ return (struct fwu_fw_store_desc *)((u8 *)mdata + sizeof(*mdata));
+}
+
+/**
+ * fwu_img_entry_offset() - Get pointer to struct fwu_image_entry
+ * @mdata: Pointer to the FWU metadata
+ * @idx: Image index for which pointer is to be returned
+ *
+ * Fetches pointer to am array element of type struct fwu_image_entry.
+ * This returns back a pointer to a structure which is providing
+ * information on a updatable image.
+ *
+ * Return: Pointer to an array element of type struct fwu_image_entry
+ *
+ */
+struct fwu_image_entry *fwu_img_entry_offset(struct fwu_mdata *mdata, u16 idx);
+
+/**
+ * fwu_img_bank_info_offset() - Get pointer to struct fwu_image_bank_info
+ * @mdata: Pointer to the FWU metadata
+ * @idx: Image index for which information is needed
+ * @bank: Bank for which pointer is to be returned
+ *
+ * Fetches pointer to an array element of type struct fwu_image_bank_info
+ * for a given image. This returns back a pointer to a structure which
+ * is providing information for a given bank for a particular image.
+ *
+ * Return: Pointer to an array element of type fwu_image_bank_info
+ *
+ */
+struct fwu_image_bank_info *fwu_img_bank_info_offset(struct fwu_mdata *mdata,
+u16 idx, u8 bank);
/**
* fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
*/
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 86518108c2..5f1182a764 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -141,6 +141,64 @@ static int fwu_get_image_type_id(u8 image_index,
efi_guid_t *image_type_id)
return -ENOENT;
}
+/**
+ * fwu_img_entry_offset() - Get pointer to struct fwu_image_entry
+ * @mdata: Pointer to the FWU metadata
+ * @idx: Image index for which pointer is to be returned
+ *
+ * Fetches pointer to am array element of type struct fwu_image_entry.
+ * This returns back a pointer to a structure which is providing
+ * information on a updatable image.
+ *
+ * Return: Pointer to an array element of type struct fwu_image_entry
+ *
+ */
+struct fwu_image_entry *fwu_img_entry_offset(struct fwu_mdata *mdata, u16 idx)
+{
+ u8 num_banks;
+ size_t offset;
+
+ num_banks = fwu_get_fw_desc(mdata)->num_banks;
+
+ offset = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
+ (sizeof(struct fwu_image_entry) +
+sizeof(struct fwu_image_bank_info) * num_banks) * idx;
+
+ return (struct fwu_image_entry *)((char *)mdata + offset);
+}
+
+/**
+ * fwu_img_bank_info_offset() - Get pointer to struct fwu_image_bank_info
+ * @mdata: Pointer to the FWU metadata
+ * @idx: Image index for which information is needed
+ * @bank: Bank for which pointer is to be returned
+ *
+ * Fetches pointer to an array element of type struct fwu_image_bank_info
+ * for a given image. This returns back a pointer to a structure which
+ * is providing information for a given bank for a particular image.
+ *
+ * Return: Pointer to an array element of type fwu_image_bank_info
+ *
+ */
+struct fwu_image_bank_info *fwu_img_bank_info_offset(struct fwu_mdata *mdata,
+u16 idx, u8 bank)
+{
+ u8 num_banks;
+ size_t offset;
+
+ num_banks = fwu_get_fw_desc(mdata)->num_banks;
+
+ offset = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
+ (sizeof(struct fwu_image_entry) +
+sizeof(struct fwu_image_bank_info) * num
[PATCH v2 03/21] drivers: fwu: add the size parameter to the metadata access API's
In version 2 of the metadata structure, the size of the structure
cannot be determined statically at build time. The structure is now
broken into the top level structure which contains a field indicating
the total size of the structure.
Add a size parameter to the metadata access API functions to indicate
the number of bytes to be accessed. This is then used to either read
the entire structure, or only the top level structure.
Signed-off-by: Sughosh Ganu
---
Changes since V1: None
drivers/fwu-mdata/fwu-mdata-uclass.c | 10 ++
drivers/fwu-mdata/gpt_blk.c | 23 +--
drivers/fwu-mdata/raw_mtd.c | 10 ++
include/fwu.h| 14 ++
4 files changed, 35 insertions(+), 22 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c
b/drivers/fwu-mdata/fwu-mdata-uclass.c
index 0a8edaaa41..145479bab0 100644
--- a/drivers/fwu-mdata/fwu-mdata-uclass.c
+++ b/drivers/fwu-mdata/fwu-mdata-uclass.c
@@ -20,7 +20,8 @@
*
* Return: 0 if OK, -ve on error
*/
-int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary,
+ uint32_t size)
{
const struct fwu_mdata_ops *ops = device_get_ops(dev);
@@ -29,7 +30,7 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
return -ENOSYS;
}
- return ops->read_mdata(dev, mdata, primary);
+ return ops->read_mdata(dev, mdata, primary, size);
}
/**
@@ -37,7 +38,8 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
*
* Return: 0 if OK, -ve on error
*/
-int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary,
+ uint32_t size)
{
const struct fwu_mdata_ops *ops = device_get_ops(dev);
@@ -46,7 +48,7 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
return -ENOSYS;
}
- return ops->write_mdata(dev, mdata, primary);
+ return ops->write_mdata(dev, mdata, primary, size);
}
UCLASS_DRIVER(fwu_mdata) = {
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c
index c7284916c4..97eac3611f 100644
--- a/drivers/fwu-mdata/gpt_blk.c
+++ b/drivers/fwu-mdata/gpt_blk.c
@@ -81,15 +81,14 @@ static int gpt_get_mdata_disk_part(struct blk_desc *desc,
return -ENOENT;
}
-static int gpt_read_write_mdata(struct blk_desc *desc,
- struct fwu_mdata *mdata,
- u8 access, u32 part_num)
+static int gpt_read_write_mdata(struct blk_desc *desc, struct fwu_mdata *mdata,
+ u8 access, u32 part_num, u32 size)
{
int ret;
u32 len, blk_start, blkcnt;
struct disk_partition info;
- ALLOC_CACHE_ALIGN_BUFFER_PAD(struct fwu_mdata, mdata_aligned, 1,
+ ALLOC_CACHE_ALIGN_BUFFER_PAD(u8, mdata_aligned, size,
desc->blksz);
if (!mdata)
@@ -101,7 +100,7 @@ static int gpt_read_write_mdata(struct blk_desc *desc,
return -ENOENT;
}
- len = sizeof(*mdata);
+ len = size;
blkcnt = BLOCK_CNT(len, desc);
if (blkcnt > info.size) {
log_debug("Block count exceeds FWU metadata partition size\n");
@@ -114,7 +113,7 @@ static int gpt_read_write_mdata(struct blk_desc *desc,
log_debug("Error reading FWU metadata from the
device\n");
return -EIO;
}
- memcpy(mdata, mdata_aligned, sizeof(struct fwu_mdata));
+ memcpy(mdata, mdata_aligned, size);
} else {
if (blk_dwrite(desc, blk_start, blkcnt, mdata) != blkcnt) {
log_debug("Error writing FWU metadata to the device\n");
@@ -164,7 +163,7 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev)
}
static int fwu_gpt_read_mdata(struct udevice *dev, struct fwu_mdata *mdata,
- bool primary)
+ bool primary, u32 size)
{
struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev);
@@ -177,11 +176,13 @@ static int fwu_gpt_read_mdata(struct udevice *dev, struct
fwu_mdata *mdata,
}
return gpt_read_write_mdata(desc, mdata, MDATA_READ,
- primary ? g_mdata_part[0] :
g_mdata_part[1]);
+ primary ?
+ g_mdata_part[0] : g_mdata_part[1],
+ size);
}
static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata,
- bool primary)
+
[PATCH v2 02/21] fwu: metadata: migrate to version 2 of the structure
The latest version of the FWU specification [1] has changes to the
metadata structure. This is version 2 of the structure.
Primary changes include
- bank_state field in the top level structure
- Total metadata size in the top level structure
- Image description structures now optional
- Number of banks and images per bank values part of the structure
Migrate to the version 2 of the metadata structure.
[1] - https://developer.arm.com/documentation/den0118/latest/
Signed-off-by: Sughosh Ganu
---
Changes since V1:
* Do not define flexible array members inside the structures.
include/fwu_mdata.h | 56 +
1 file changed, 42 insertions(+), 14 deletions(-)
diff --git a/include/fwu_mdata.h b/include/fwu_mdata.h
index 56189e2f40..9008bbc93f 100644
--- a/include/fwu_mdata.h
+++ b/include/fwu_mdata.h
@@ -11,7 +11,7 @@
/**
* struct fwu_image_bank_info - firmware image information
- * @image_uuid: Guid value of the image in this bank
+ * @image_guid: Guid value of the image in this bank
* @accepted: Acceptance status of the image
* @reserved: Reserved
*
@@ -20,15 +20,15 @@
* acceptance status
*/
struct fwu_image_bank_info {
- efi_guid_t image_uuid;
+ efi_guid_t image_guid;
uint32_t accepted;
uint32_t reserved;
} __packed;
/**
* struct fwu_image_entry - information for a particular type of image
- * @image_type_uuid: Guid value for identifying the image type
- * @location_uuid: Guid of the storage volume where the image is located
+ * @image_type_guid: Guid value for identifying the image type
+ * @location_guid: Guid of the storage volume where the image is located
* @img_bank_info: Array containing properties of images
*
* This structure contains information on various types of updatable
@@ -36,9 +36,30 @@ struct fwu_image_bank_info {
* information per bank.
*/
struct fwu_image_entry {
- efi_guid_t image_type_uuid;
- efi_guid_t location_uuid;
- struct fwu_image_bank_info img_bank_info[CONFIG_FWU_NUM_BANKS];
+ efi_guid_t image_type_guid;
+ efi_guid_t location_guid;
+ // struct fwu_image_bank_info img_bank_info[];
+} __packed;
+
+/**
+ * struct fwu_fw_desc_store - FWU updatable image information
+ * @num_banks: Number of firmware banks
+ * num_images: Number of images per bank
+ * @img_entry_size: The size of the img_entry array
+ * @bank_info_entry_size: The size of the img_bank_info array
+ * @img_entry: Array of image entries each giving information on a image
+ *
+ * This image descriptor structure contains information on the number of
+ * updatable banks and images per bank. It also gives the total sizes of
+ * the fwu_image_entry and fwu_image_bank_info arrays.
+ */
+struct fwu_fw_store_desc {
+ uint8_t num_banks;
+ uint8_t reserved;
+ uint16_t num_images;
+ uint16_t img_entry_size;
+ uint16_t bank_info_entry_size;
+ // struct fwu_image_entry img_entry[];
} __packed;
/**
@@ -48,21 +69,28 @@ struct fwu_image_entry {
* @active_index: Index of the bank currently used for booting images
* @previous_active_inde: Index of the bank used before the current bank
*being used for booting
- * @img_entry: Array of information on various firmware images that can
- * be updated
+ * @metadata_size: Size of the entire metadata structure, including the
+ * image descriptors
+ * @desc_offset: The offset from the start of this structure where the
+ * image descriptor structure starts. 0 if absent
+ * @bank_state: State of each bank, valid, invalid or accepted
+ * @fw_desc: The structure describing the FWU updatable images
*
- * This structure is used to store all the needed information for performing
+ * This is the top level structure used to store all information for performing
* multi bank updates on the platform. This contains info on the bank being
- * used to boot along with the information needed for identification of
- * individual images
+ * used to boot along with the information on state of individual banks.
*/
struct fwu_mdata {
uint32_t crc32;
uint32_t version;
uint32_t active_index;
uint32_t previous_active_index;
-
- struct fwu_image_entry img_entry[CONFIG_FWU_NUM_IMAGES_PER_BANK];
+ uint32_t metadata_size;
+ uint16_t desc_offset;
+ uint16_t reserved1;
+ uint8_t bank_state[4];
+ uint32_t reserved2;
+ // struct fwu_fw_store_desc fw_desc[];
} __packed;
#endif /* _FWU_MDATA_H_ */
--
2.34.1
[PATCH v2 01/21] configs: fwu: remove FWU configs for metadata V2 migration
The FWU metadata is to be migrated to version 2. Disable the FWU feature on platforms that enable it for the migration. Signed-off-by: Sughosh Ganu Reviewed-by: Ilias Apalodimas --- Changes since V1: None configs/corstone1000_defconfig | 2 -- configs/sandbox64_defconfig | 1 - configs/synquacer_developerbox_defconfig | 4 3 files changed, 7 deletions(-) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig index a86ac12732..c26a621175 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig @@ -25,7 +25,6 @@ CONFIG_BOARD_LATE_INIT=y CONFIG_SYS_PROMPT="corstone1000# " CONFIG_SYS_MAXARGS=64 # CONFIG_CMD_CONSOLE is not set -CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_BOOTZ=y # CONFIG_CMD_XIMG is not set CONFIG_CMD_GPT=y @@ -68,4 +67,3 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 CONFIG_FFA_SHARED_MM_BUF_ADDR=0x0200 CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y -CONFIG_FWU_MULTI_BANK_UPDATE=y diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index d101cca6a7..2863f9b189 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -273,7 +273,6 @@ CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index 2a0407de40..616d410074 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -11,14 +11,12 @@ CONFIG_DM_GPIO=y CONFIG_DEFAULT_DEVICE_TREE="synquacer-sc2a11-developerbox" CONFIG_SYS_LOAD_ADDR=0x8000 CONFIG_TARGET_DEVELOPERBOX=y -CONFIG_FWU_NUM_IMAGES_PER_BANK=1 CONFIG_AHCI=y CONFIG_FIT=y CONFIG_SYS_BOOTM_LEN=0x80 CONFIG_BOOTSTAGE_STASH_SIZE=4096 CONFIG_HUSH_PARSER=y CONFIG_SYS_MAXARGS=128 -CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_IMLS=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_NVEDIT_EFI=y @@ -53,7 +51,6 @@ CONFIG_DFU_TFTP=y CONFIG_DFU_MTD=y CONFIG_DFU_RAM=y CONFIG_DFU_SF=y -CONFIG_FWU_MDATA_MTD=y CONFIG_DM_I2C=y CONFIG_SYS_I2C_SYNQUACER=y CONFIG_MMC_SDHCI=y @@ -96,4 +93,3 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y -CONFIG_FWU_MULTI_BANK_UPDATE=y -- 2.34.1
[PATCH v2 00/21] FWU: Migrate FWU metadata to version 2
The following patches migrate the FWU metadata access code to version 2 of the structure. This is based on the structure definition as defined in the latest rev of the FWU Multi Bank Update specification [1]. Since the version 1 of the structure has currently been adopted on a couple of platforms, it was decided to have a clean migration of the metadata to version 2 only, instead of supporting both the versions of the structure. Also, based on consultations with the main author of the specification, it is expected that any further changes in the structure would be minor tweaks, and not be significant. Hence a migration to version 2. Similar migration is also being done in TF-A, including migrating the ST platform port to support version 2 of the metadata structure [2]. @Michal, I tested the metadata for the two image per bank case, and it works fine on the ST board. Kindly test this on your board as well. @Kojima-san, Please help in testing the version 2 on your board. Thanks. [1] - https://developer.arm.com/documentation/den0118/latest/ [2] - https://review.trustedfirmware.org/q/topic:%22topics/fwu_metadata_v2_migration%22 Changes since V1: * Do not define flexible array members inside the structures. * Access the image information related fields in the metadata using the helper functions defined in an earlier patch. * Access fwu_fw_store_desc structure using pointer arithmetic. Sughosh Ganu (21): configs: fwu: remove FWU configs for metadata V2 migration fwu: metadata: migrate to version 2 of the structure drivers: fwu: add the size parameter to the metadata access API's fwu: add helper functions for getting image description offsets fwu: make changes to support version 2 of FWU metadata fwu: add some API's for metadata version 2 access drivers: fwu: mtd: allocate buffer for image info dynamically drivers: fwu: allocate memory for metadata copies fwu: add a function to put a bank in Trial State capsule: accept a bank on a successful update fwu: mtd: modify the DFU API's to align with metadata version 2 efi_firmware: fwu: do not read FWU metadata on sandbox efi_firmware: fwu: get the number of FWU banks at runtime cmd: fwu: align the command with metadata version 2 test: fwu: align the FWU metadata access test with version 2 fwu: remove the config symbols for number of banks and images tools: mkfwumdata: migrate to metadata version 2 tools: mkfwumdata: add logic to append vendor data to the FWU metadata tools: mkfwumdata: fix the size parameter to the fwrite call configs: fwu: re-enable FWU configs doc: fwu: make changes for supporting FWU Metadata version 2 arch/sandbox/Kconfig | 6 - board/armltd/corstone1000/corstone1000.c | 2 +- cmd/fwu_mdata.c | 45 ++- configs/synquacer_developerbox_defconfig | 1 - doc/board/socionext/developerbox.rst | 9 +- doc/develop/uefi/fwu_updates.rst | 12 +- doc/usage/cmd/fwu_mdata.rst | 12 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 10 +- drivers/fwu-mdata/gpt_blk.c | 27 +- drivers/fwu-mdata/raw_mtd.c | 85 +++-- include/fwu.h| 139 +++- include/fwu_mdata.h | 56 +++- lib/efi_loader/efi_capsule.c | 12 +- lib/efi_loader/efi_firmware.c| 20 +- lib/fwu_updates/Kconfig | 11 - lib/fwu_updates/fwu.c| 401 +++ lib/fwu_updates/fwu_mtd.c| 81 +++-- test/dm/fwu_mdata.c | 56 ++-- test/dm/fwu_mdata_disk_image.h | 124 +++ tools/mkfwumdata.c | 132 ++-- 20 files changed, 924 insertions(+), 317 deletions(-) -- 2.34.1
Re: [PATCH 00/18] FWU: Migrate FWU metadata to version 2
hi Michal, On Fri, 26 Jan 2024 at 20:40, Michal Simek wrote: > > Hi Sughosh, > > po 22. 1. 2024 v 12:55 odesílatel Sughosh Ganu > napsal: > > > > > > The following patches migrate the FWU metadata access code to version > > 2 of the structure. This is based on the structure definition as > > defined in the latest rev of the FWU Multi Bank Update specification > > [1]. > > > > Since the version 1 of the structure has currently been adopted on a > > couple of platforms, it was decided to have a clean migration of the > > metadata to version 2 only, instead of supporting both the versions of > > the structure. Also, based on consultations with the main author of > > the specification, it is expected that any further changes in the > > structure would be minor tweaks, and not be significant. Hence a > > migration to version 2. > > > > Similar migration is also being done in TF-A, including migrating the > > ST platform port to support version 2 of the metadata structure [2]. > > > > The patches have been tested on STM32MP1 DK2 board and the Synquacer > > board from Socionext. This covers testing both the GPT and the MTD > > partitioned storage devices for the metadata access. > > > > [1] - https://developer.arm.com/documentation/den0118/latest/ > > [2] - > > https://review.trustedfirmware.org/q/topic:%22topics/fwu_metadata_v2_migration%22 > > > > Sughosh Ganu (18): > > configs: fwu: Remove FWU configs for metadata V2 migration > > fwu: metadata: Migrate to version 2 of the structure > > drivers: fwu: Add the size parameter to the metadata access API's > > fwu: Add some API's for metadata version 2 access > > lib: fwu: Make changes to support version 2 of FWU metadata > > drivers: fwu: mtd: Allocate buffer for image info dynamically > > drivers: fwu: Allocate memory for metadata copies > > fwu: Add a function to put a bank in Trial State > > capsule: Accept a bank on a successful update > > fwu: mtd: Modify the DFU API's to align with metadata version 2 > > efi_firmware: fwu: Do not read FWU metadata on sandbox > > efi_firmware: fwu: Get the number of FWU banks at runtime > > cmd: fwu: Align the command with metadata version 2 > > test: fwu: Align the FWU metadata access test with version 2 > > fwu: Remove the config symbols for number of banks and images > > tools: mkfwumdata: Migrate to metadata version 2 > > configs: fwu: Re-enable FWU configs > > doc: fwu: Make changes for supporting FWU Metadata version 2 > > > > arch/sandbox/Kconfig | 6 - > > board/armltd/corstone1000/corstone1000.c | 2 +- > > cmd/fwu_mdata.c | 43 +++- > > configs/synquacer_developerbox_defconfig | 1 - > > doc/board/socionext/developerbox.rst | 9 +- > > doc/develop/uefi/fwu_updates.rst | 12 +- > > doc/usage/cmd/fwu_mdata.rst | 12 +- > > drivers/fwu-mdata/fwu-mdata-uclass.c | 10 +- > > drivers/fwu-mdata/gpt_blk.c | 27 +- > > drivers/fwu-mdata/raw_mtd.c | 85 --- > > include/fwu.h| 94 ++- > > include/fwu_mdata.h | 56 +++-- > > lib/efi_loader/efi_capsule.c | 12 +- > > lib/efi_loader/efi_firmware.c| 20 +- > > lib/fwu_updates/Kconfig | 11 - > > lib/fwu_updates/fwu.c| 308 ++- > > lib/fwu_updates/fwu_mtd.c| 76 -- > > test/dm/fwu_mdata.c | 56 +++-- > > test/dm/fwu_mdata_disk_image.h | 124 - > > tools/mkfwumdata.c | 43 +++- > > 20 files changed, 705 insertions(+), 302 deletions(-) > > > Thanks for this work. I have tested it on kv260 and I see an issue > with 2 image per location configuration. > When I build mdata v2 with: > ./tools/mkfwumdata -a 0 -i 2 -b 2 > 588aced7-2cce-ed11-81cd-d324e93ac223,e86660de-5602-ad4f-8238-e406e274c4cf,48054af6-ce2c-11ed-8f66-7bc4531cfe6b,4b819c3e-ce2c-11ed-bec8-23de4c6d2cf2 > 588aced7-2cce-ed11-81cd-d324e93ac223,d4cf9ecf-8b93-c541-8551-1f883ab7dc18,fb04da52-0e9d-11ee-a57f-637805837c3f,07609246-0e9e-11ee-a23a-a38980b779a1 > mdata.bin > > fwu command is showing up configuration for the second image > > Image Type Guid: DE6066E8-0256-4FAD-8238-E406E274C4CF > Location Guid: D7CE8A58-CE2C-11ED-81CD-D324E93AC223 > Image Guid: F64A0548-2CCE-ED11-8F66-7BC4531CFE6B > Image Acceptance: yes > Image Guid: 3E9C814B-2CCE-ED11-BEC8-23DE4C6D2CF2 > Image Acceptance: y
Re: [PATCH 2/4] doc: Document capsule generation through a config file
hi Ilias,
On Tue, 23 Jan 2024 at 21:53, Ilias Apalodimas
wrote:
>
> Hi Sughosh,
>
> On Tue, Nov 21, 2023 at 12:30:26PM +0530, Sughosh Ganu wrote:
> > The UEFI capsule can now be generate by specifying the capsule
> > parameters through a config file. Additionally, the capsules can be
> > generated as part of u-boot build, through binman. Highlight these
> > changes in the documentation.
> >
> > Signed-off-by: Sughosh Ganu
> > ---
> > doc/develop/uefi/uefi.rst | 70 +++
> > 1 file changed, 70 insertions(+)
> >
> > diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst
> > index fb16ac743a..b9a9ed5491 100644
> > --- a/doc/develop/uefi/uefi.rst
> > +++ b/doc/develop/uefi/uefi.rst
> > @@ -318,6 +318,76 @@ Run the following command
> >--guid \
> >
> >
> > +Alternatively, the capsules can be generated through a config
> > +file. When generating the capsules through a config file, the Kconfig
> > +symbol CONFIG_EFI_CAPSULE_CFG_FILE is to be used for specifying the
> > +path to the config file.
>
> This sounds a bit weird. The tool is compiled and used by distros. How are
> they supposed to use the config file?
>
> Briefly looking at the patches, we use those config options on testing.
> Can't we add a flag in the tool itself that can be used for normal use
> cases and limit those Kconfig flags in our testing only? Or alternatively
> the paths for the config files can be hardcoded for sandbox and we get rid
> of the config options entirely?
It is correct that the Kconfig symbol is used primarily for testing.
We can indeed use a fixed path for the sandbox based testing. That is
the approach that was taken for the public keys used for capsule
authentication. Will make changes to the patches accordingly. Thanks.
-sughosh
>
> Thanks
> /Ilias
> > +
> > +The config file describes the parameters that are used for generating
> > +one or more capsules. The parameters for a given capsule file are
> > +specified within curly braces, in the form of "key:value" pairs. All
> > +the parameters that are currently supported by the mkeficapsule tool
> > +can be specified through the config file.
> > +
> > +The following are some example payload parameters specified through
> > +the config file.
> > +
> > +.. code-block:: none
> > +
> > + {
> > + image-guid: 02f4d760-cfd5-43bd-8e2d-a42acb33c660
> > + hardware-instance: 0
> > + monotonic-count: 1
> > + payload: u-boot.bin
> > + image-index: 1
> > + fw-version: 2
> > + private-key: /path/to/priv/key
> > + pub-key-cert: /path/to/pub/key
> > + capsule: u-boot.capsule
> > + }
> > + {
> > + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e
> > + hardware-instance: 0
> > + payload: u-boot.itb
> > + image-index: 2
> > + fw-version: 7
> > + oemflags: 0x8000
> > + capsule: fit.capsule
> > + }
> > + {
> > + capsule-type: accept
> > + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e
> > + capsule: accept.capsule
> > + }
> > + {
> > + capsule-type: revert
> > + capsule: revert.capsule
> > + }
> > +
> > +The following are the keys that specify the capsule parameters
> > +
> > +..code-block:: none
> > +
> > +image-guid: Image GUID
> > +image-index: Image index value
> > +fw-version: Image version
> > +private-key: Path to the private key file used for capsule signing
> > +pub-key-cert: Path to the public key crt file used for capsule signing
> > +payload: Path to the capsule payload file
> > +capsule: Path to the output capsule file that is generated
> > +hardware-instance: Hardware Instance value
> > +monotonic-count: Monotonic count value
> > +capsule-type: Specifies capsule type. normal(default), accept or revert
> > +oemflags: 16bit Oemflags value to be used(populated in capsule header)
> > +
> > +When generating capsules through a config file, the command would look
> > +like
> > +
> > +.. code-block:: console
> > +
> > +$ mkeficapsule --cfg-file
> > +
> > +
> > Capsule with firmware version
> > *
> >
> > --
> > 2.34.1
> >
[PATCH 18/18] doc: fwu: Make changes for supporting FWU Metadata version 2
Make changes to the FWU documentation to reflect the changes made with migration of the FWU metadata to version 2. Signed-off-by: Sughosh Ganu --- doc/board/socionext/developerbox.rst | 9 +++-- doc/develop/uefi/fwu_updates.rst | 12 +--- doc/usage/cmd/fwu_mdata.rst | 12 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/doc/board/socionext/developerbox.rst b/doc/board/socionext/developerbox.rst index 46712c379b..d8c1bb4986 100644 --- a/doc/board/socionext/developerbox.rst +++ b/doc/board/socionext/developerbox.rst @@ -113,8 +113,6 @@ configs/synquacer_developerbox_defconfig enables default FWU configuration :: CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_FWU_MDATA=y CONFIG_FWU_MDATA_MTD=y - CONFIG_FWU_NUM_BANKS=2 - CONFIG_FWU_NUM_IMAGES_PER_BANK=1 CONFIG_CMD_FWU_METADATA=y And build it:: @@ -126,10 +124,9 @@ And build it:: make -j `noproc` cd ../ -By default, the CONFIG_FWU_NUM_BANKS and CONFIG_FWU_NUM_IMAGES_PER_BANKS are -set to 2 and 1 respectively. This uses FIP (Firmware Image Package) type image -which contains TF-A, U-Boot and OP-TEE (the OP-TEE is optional). -You can use fiptool to compose the FIP image from those firmware images. +This uses FIP (Firmware Image Package) type image which contains TF-A, +U-Boot and OP-TEE (the OP-TEE is optional). You can use fiptool to +compose the FIP image from those firmware images. Rebuild SCP firmware diff --git a/doc/develop/uefi/fwu_updates.rst b/doc/develop/uefi/fwu_updates.rst index e4709d82b4..7911c954d9 100644 --- a/doc/develop/uefi/fwu_updates.rst +++ b/doc/develop/uefi/fwu_updates.rst @@ -43,8 +43,6 @@ The feature can be enabled by specifying the following configs:: CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_FWU_MDATA=y CONFIG_FWU_MDATA_GPT_BLK=y -CONFIG_FWU_NUM_BANKS= -CONFIG_FWU_NUM_IMAGES_PER_BANK= in the .config file @@ -94,12 +92,12 @@ of. Each GPT partition entry in the GPT header has two GUIDs:: * UniquePartitionGUID The PartitionTypeGUID value should correspond to the -``image_type_uuid`` field of the FWU metadata. This field is used to +``image_type_guid`` field of the FWU metadata. This field is used to identify a given type of updatable firmware image, e.g. U-Boot, OP-TEE, FIP etc. This GUID should also be used for specifying the `--guid` parameter when generating the capsule. -The UniquePartitionGUID value should correspond to the ``image_uuid`` +The UniquePartitionGUID value should correspond to the ``image_guid`` field in the FWU metadata. This GUID is used to identify images of a given image type in different banks. @@ -108,8 +106,8 @@ metadata partitions. This would be the PartitionTypeGUID for the metadata partitions. Similarly, the UEFI specification defines the ESP GUID to be be used. -When generating the metadata, the ``image_type_uuid`` and the -``image_uuid`` values should match the *PartitionTypeGUID* and the +When generating the metadata, the ``image_type_guid`` and the +``image_guid`` values should match the *PartitionTypeGUID* and the *UniquePartitionGUID* values respectively. Performing the Update @@ -181,5 +179,5 @@ empty capsule would be:: Links - -* [1] https://developer.arm.com/documentation/den0118/a/ - FWU Specification +* [1] https://developer.arm.com/documentation/den0118/ - FWU Specification * [2] https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf - Dependable Boot Specification diff --git a/doc/usage/cmd/fwu_mdata.rst b/doc/usage/cmd/fwu_mdata.rst index f1bf08fde1..1804422b33 100644 --- a/doc/usage/cmd/fwu_mdata.rst +++ b/doc/usage/cmd/fwu_mdata.rst @@ -26,10 +26,14 @@ The output may look like: => fwu_mdata_read FWU Metadata -crc32: 0xec4fb997 -version: 0x1 -active_index: 0x0 -previous_active_index: 0x1 +crc32: 0x13c330 +version: 0x2 +active_index: 0x1 +previous_active_index: 0x0 +bank_state[0]: 0xfc +bank_state[1]: 0xfc +bank_state[2]: 0xff +bank_state[3]: 0xff Image Info Image Type Guid: 19D5DF83-11B0-457B-BE2C-7559C13142A5 -- 2.34.1
[PATCH 17/18] configs: fwu: Re-enable FWU configs
Now that the migration to the FWU metadata version 2 is complete, the feature can be re-enabled on platforms which had it enabled. Signed-off-by: Sughosh Ganu --- configs/corstone1000_defconfig | 2 ++ configs/sandbox64_defconfig | 1 + configs/synquacer_developerbox_defconfig | 3 +++ 3 files changed, 6 insertions(+) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig index 24b7984959..e45415b90c 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig @@ -25,6 +25,7 @@ CONFIG_BOARD_LATE_INIT=y CONFIG_SYS_PROMPT="corstone1000# " CONFIG_SYS_MAXARGS=64 # CONFIG_CMD_CONSOLE is not set +CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_BOOTZ=y # CONFIG_CMD_XIMG is not set CONFIG_CMD_GPT=y @@ -66,3 +67,4 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 CONFIG_FFA_SHARED_MM_BUF_ADDR=0x0200 CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y +CONFIG_FWU_MULTI_BANK_UPDATE=y diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 7b5888af38..996bb7aa4f 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -274,6 +274,7 @@ CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y +CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index 616d410074..1bb55be0a7 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -17,6 +17,7 @@ CONFIG_SYS_BOOTM_LEN=0x80 CONFIG_BOOTSTAGE_STASH_SIZE=4096 CONFIG_HUSH_PARSER=y CONFIG_SYS_MAXARGS=128 +CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_IMLS=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_NVEDIT_EFI=y @@ -51,6 +52,7 @@ CONFIG_DFU_TFTP=y CONFIG_DFU_MTD=y CONFIG_DFU_RAM=y CONFIG_DFU_SF=y +CONFIG_FWU_MDATA_MTD=y CONFIG_DM_I2C=y CONFIG_SYS_I2C_SYNQUACER=y CONFIG_MMC_SDHCI=y @@ -93,3 +95,4 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y +CONFIG_FWU_MULTI_BANK_UPDATE=y -- 2.34.1
[PATCH 16/18] tools: mkfwumdata: Migrate to metadata version 2
Migrate the metadata generation tool to generate the version 2
metadata.
Signed-off-by: Sughosh Ganu
---
tools/mkfwumdata.c | 43 ---
1 file changed, 32 insertions(+), 11 deletions(-)
diff --git a/tools/mkfwumdata.c b/tools/mkfwumdata.c
index 9732a8ddc5..b43cf38457 100644
--- a/tools/mkfwumdata.c
+++ b/tools/mkfwumdata.c
@@ -14,12 +14,13 @@
#include
#include
-/* This will dynamically allocate the fwu_mdata */
-#define CONFIG_FWU_NUM_BANKS 0
-#define CONFIG_FWU_NUM_IMAGES_PER_BANK 0
-
/* Since we can not include fwu.h, redefine version here. */
-#define FWU_MDATA_VERSION 1
+#define FWU_MDATA_VERSION 2
+
+#define MAX_BANKS 4
+
+#define BANK_INVALID 0xFF
+#define BANK_ACCEPTED 0xFC
typedef uint8_t u8;
typedef int16_t s16;
@@ -29,8 +30,6 @@ typedef uint64_t u64;
#include
-/* TODO: Endianness conversion may be required for some arch. */
-
static const char *opts_short = "b:i:a:p:gh";
static struct option options[] = {
@@ -48,7 +47,7 @@ static void print_usage(void)
fprintf(stderr, "Usage: mkfwumdata [options] \n");
fprintf(stderr, "Options:\n"
"\t-i, --images Number of images (mandatory)\n"
- "\t-b, --banksNumber of banks (mandatory)\n"
+ "\t-b, --banksNumber of banks(1-4)
(mandatory)\n"
"\t-a, --active-bank Active bank (default=0)\n"
"\t-p, --previous-bankPrevious active bank
(default=active_bank - 1)\n"
"\t-g, --guid Use GUID instead of UUID\n"
@@ -85,6 +84,7 @@ static struct fwu_mdata_object *fwu_alloc_mdata(size_t
images, size_t banks)
return NULL;
mobj->size = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * banks) * images;
mobj->images = images;
@@ -105,6 +105,7 @@ fwu_get_image(struct fwu_mdata_object *mobj, size_t idx)
size_t offset;
offset = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * mobj->banks) * idx;
@@ -117,6 +118,7 @@ fwu_get_bank(struct fwu_mdata_object *mobj, size_t img_idx,
size_t bnk_idx)
size_t offset;
offset = sizeof(struct fwu_mdata) +
+ sizeof(struct fwu_fw_store_desc) +
(sizeof(struct fwu_image_entry) +
sizeof(struct fwu_image_bank_info) * mobj->banks) * img_idx +
sizeof(struct fwu_image_entry) +
@@ -188,7 +190,7 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
return -EINVAL;
if (strcmp(uuid, "0") &&
- uuid_guid_parse(uuid, (unsigned char *)>location_uuid) < 0)
+ uuid_guid_parse(uuid, (unsigned char *)>location_guid) < 0)
return -EINVAL;
/* Image type UUID */
@@ -196,7 +198,7 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
if (!uuid)
return -EINVAL;
- if (uuid_guid_parse(uuid, (unsigned char *)>image_type_uuid) < 0)
+ if (uuid_guid_parse(uuid, (unsigned char *)>image_type_guid) < 0)
return -EINVAL;
/* Fill bank image-UUID */
@@ -210,7 +212,7 @@ fwu_parse_fill_image_uuid(struct fwu_mdata_object *mobj,
return -EINVAL;
if (strcmp(uuid, "0") &&
- uuid_guid_parse(uuid, (unsigned char *)>image_uuid) <
0)
+ uuid_guid_parse(uuid, (unsigned char *)>image_guid) <
0)
return -EINVAL;
}
return 0;
@@ -225,6 +227,19 @@ static int fwu_parse_fill_uuids(struct fwu_mdata_object
*mobj, char *uuids[])
mdata->version = FWU_MDATA_VERSION;
mdata->active_index = active_bank;
mdata->previous_active_index = previous_bank;
+ mdata->metadata_size = mobj->size;
+ mdata->desc_offset = sizeof(struct fwu_mdata);
+
+ for (i = 0; i < MAX_BANKS; i++)
+ mdata->bank_state[i] = i < mobj->banks ?
+ BANK_ACCEPTED : BANK_INVALID;
+
+ mdata->fw_desc[0].num_banks = mobj->banks;
+ mdata->fw_desc[0].num_images = mobj->images;
+ mdata->fw_desc[0].img_entry_size = sizeof(struct fwu_image_entry) +
+ (sizeof(struct fwu_image_bank_info) * mobj->banks);
+ mdata->fw_desc[0].bank_info_entry_size =
+ sizeof(struct fwu_image_bank_info);
for (i = 0; i < mobj->images; i++) {
[PATCH 15/18] fwu: Remove the config symbols for number of banks and images
With the migration to the FWU metadata version 2 structure, the values
of number of banks and number of images per bank are now obtained from
the metadata at runtime. Remove the now superfluous config symbols.
Signed-off-by: Sughosh Ganu
---
arch/sandbox/Kconfig | 6 --
board/armltd/corstone1000/corstone1000.c | 2 +-
lib/fwu_updates/Kconfig | 11 ---
3 files changed, 1 insertion(+), 18 deletions(-)
diff --git a/arch/sandbox/Kconfig b/arch/sandbox/Kconfig
index 0ce77de2fc..29013a5673 100644
--- a/arch/sandbox/Kconfig
+++ b/arch/sandbox/Kconfig
@@ -79,9 +79,3 @@ config SYS_FDT_LOAD_ADDR
See `doc/arch/sandbox.rst` for more information.
endmenu
-
-config FWU_NUM_BANKS
- default 2
-
-config FWU_NUM_IMAGES_PER_BANK
- default 2
diff --git a/board/armltd/corstone1000/corstone1000.c
b/board/armltd/corstone1000/corstone1000.c
index 01c80aaf9d..15de738154 100644
--- a/board/armltd/corstone1000/corstone1000.c
+++ b/board/armltd/corstone1000/corstone1000.c
@@ -109,7 +109,7 @@ void fwu_plat_get_bootidx(uint *boot_idx)
*/
ret = fwu_get_active_index(boot_idx);
if (ret < 0) {
- *boot_idx = CONFIG_FWU_NUM_BANKS;
+ *boot_idx = 0;
log_err("corstone1000: failed to read active index\n");
}
}
diff --git a/lib/fwu_updates/Kconfig b/lib/fwu_updates/Kconfig
index d35247d0e5..6bb94f88d3 100644
--- a/lib/fwu_updates/Kconfig
+++ b/lib/fwu_updates/Kconfig
@@ -12,17 +12,6 @@ menuconfig FWU_MULTI_BANK_UPDATE
if FWU_MULTI_BANK_UPDATE
-config FWU_NUM_BANKS
- int "Number of Banks defined by the platform"
- help
- Define the number of banks of firmware images on a platform
-
-config FWU_NUM_IMAGES_PER_BANK
- int "Number of firmware images per bank"
- help
- Define the number of firmware images per bank. This value
- should be the same for all the banks.
-
config FWU_TRIAL_STATE_CNT
int "Number of times system boots in Trial State"
default 3
--
2.34.1
[PATCH 14/18] test: fwu: Align the FWU metadata access test with version 2
With the FWU metadata support having been migrated to version 2, make
corresponding changes to the test for accessing the FWU metadata.
Signed-off-by: Sughosh Ganu
---
test/dm/fwu_mdata.c| 56 ---
test/dm/fwu_mdata_disk_image.h | 124 ++---
2 files changed, 83 insertions(+), 97 deletions(-)
diff --git a/test/dm/fwu_mdata.c b/test/dm/fwu_mdata.c
index 52018f610f..73b3382917 100644
--- a/test/dm/fwu_mdata.c
+++ b/test/dm/fwu_mdata.c
@@ -88,10 +88,15 @@ static int write_mmc_blk_device(struct unit_test_state *uts)
return 0;
}
-static int dm_test_fwu_mdata_read(struct unit_test_state *uts)
+static int fwu_mdata_access_setup(struct unit_test_state *uts,
+ struct fwu_mdata **mdata)
{
+ u32 mdata_size;
struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
+
+ ut_assertok(setup_blk_device(uts));
+ ut_assertok(populate_mmc_disk_image(uts));
+ ut_assertok(write_mmc_blk_device(uts));
/*
* Trigger lib/fwu_updates/fwu.c fwu_boottime_checks()
@@ -100,13 +105,24 @@ static int dm_test_fwu_mdata_read(struct unit_test_state
*uts)
event_notify_null(EVT_MAIN_LOOP);
ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, ));
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
- ut_assertok(fwu_get_mdata());
+ ut_assertok(fwu_get_mdata_size(_size));
- ut_asserteq(mdata.version, 0x1);
+ *mdata = malloc(mdata_size);
+ ut_assertnonnull(*mdata);
+
+ return 0;
+}
+
+static int dm_test_fwu_mdata_read(struct unit_test_state *uts)
+{
+ struct fwu_mdata *mdata = NULL;
+
+ fwu_mdata_access_setup(uts, );
+
+ ut_assertok(fwu_get_mdata(mdata));
+
+ ut_asserteq(mdata->version, 0x2);
return 0;
}
@@ -114,29 +130,21 @@ DM_TEST(dm_test_fwu_mdata_read, UT_TESTF_SCAN_FDT);
static int dm_test_fwu_mdata_write(struct unit_test_state *uts)
{
+ u8 num_banks;
u32 active_idx;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
-
- /*
-* Trigger lib/fwu_updates/fwu.c fwu_boottime_checks()
-* to populate g_dev global pointer in that library.
-*/
- event_notify_null(EVT_MAIN_LOOP);
+ struct fwu_mdata *mdata = NULL;
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
-
- ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, ));
+ fwu_mdata_access_setup(uts, );
- ut_assertok(fwu_get_mdata());
+ ut_assertok(fwu_get_mdata(mdata));
+ num_banks = mdata->fw_desc[0].num_banks;
+ ut_asserteq(2, num_banks);
- active_idx = (mdata.active_index + 1) % CONFIG_FWU_NUM_BANKS;
+ active_idx = (mdata->active_index + 1) % num_banks;
ut_assertok(fwu_set_active_index(active_idx));
- ut_assertok(fwu_get_mdata());
- ut_asserteq(mdata.active_index, active_idx);
+ ut_assertok(fwu_get_mdata(mdata));
+ ut_asserteq(mdata->active_index, active_idx);
return 0;
}
diff --git a/test/dm/fwu_mdata_disk_image.h b/test/dm/fwu_mdata_disk_image.h
index b9803417c8..b15b06b9de 100644
--- a/test/dm/fwu_mdata_disk_image.h
+++ b/test/dm/fwu_mdata_disk_image.h
@@ -6,107 +6,85 @@
*/
#define FWU_MDATA_DISK_IMG { 0x0001, { \
- {0x01c0, "\x02\x00\xee\x02\x02\x00\x01\x00"}, /* */ \
+ {0x01c0, "\x02\x00\xee\xff\xff\xff\x01\x00"}, /* */ \
{0x01c8, "\x00\x00\x7f\x00\x00\x00\x00\x00"}, /* */ \
{0x01f8, "\x00\x00\x00\x00\x00\x00\x55\xaa"}, /* ..U. */ \
{0x0200, "\x45\x46\x49\x20\x50\x41\x52\x54"}, /* EFI PART */ \
{0x0208, "\x00\x00\x01\x00\x5c\x00\x00\x00"}, /* \... */ \
- {0x0210, "\xa6\xf6\x92\x20\x00\x00\x00\x00"}, /* ... */ \
+ {0x0210, "\x52\x5f\x3a\xa1\x00\x00\x00\x00"}, /* R_:. */ \
{0x0218, "\x01\x00\x00\x00\x00\x00\x00\x00"}, /* */ \
{0x0220, "\x7f\x00\x00\x00\x00\x00\x00\x00"}, /* */ \
{0x0228, "\x22\x00\x00\x00\x00\x00\x00\x00"}, /* "... */ \
{0x0230, "\x5e\x00\x00\x00\x00\x00\x00\x00"}, /* ^... */ \
- {0x0238, "\xde\x99\xa2\x7e\x46\x34\xeb\x47"}, /* ...~F4.G */ \
- {0x0240, "\x87\xf6\x4f\x75\xe8\xd5\x7d\xc7"}, /* ..Ou..}. */ \
+ {0x0238, "\xf5\xf3\x9d\xb9\x92\xdd\x48\x60"}, /* ..H` */ \
+ {0x0240, "\x9a\x04\xe5\x2b\x11\xcb\x42\x61"}, /* ...+..Ba */ \
{0x0248, "\x02\x00\x00\x00\x00\x00\x00\x00"}, /* */ \
{0x0250, "
[PATCH 13/18] cmd: fwu: Align the command with metadata version 2
Make changes to the fwu_mdata_read command to have it align with the
metadata version 2.
Signed-off-by: Sughosh Ganu
---
cmd/fwu_mdata.c | 43 ++-
1 file changed, 34 insertions(+), 9 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c
index 5ecda455df..7d99b8287f 100644
--- a/cmd/fwu_mdata.c
+++ b/cmd/fwu_mdata.c
@@ -16,6 +16,8 @@
static void print_mdata(struct fwu_mdata *mdata)
{
int i, j;
+ uint8_t num_banks;
+ uint16_t num_images;
struct fwu_image_entry *img_entry;
struct fwu_image_bank_info *img_info;
@@ -25,15 +27,22 @@ static void print_mdata(struct fwu_mdata *mdata)
printf("active_index: %#x\n", mdata->active_index);
printf("previous_active_index: %#x\n", mdata->previous_active_index);
+ num_banks = mdata->fw_desc[0].num_banks;
+ num_images = mdata->fw_desc[0].num_images;
+
+ for (i = 0; i < 4; i++)
+ printf("bank_state[%d]: %#x\n", i, mdata->bank_state[i]);
+
printf("\tImage Info\n");
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- img_entry = >img_entry[i];
+
+ for (i = 0; i < num_images; i++) {
+ img_entry = >fw_desc[0].img_entry[i];
printf("\nImage Type Guid: %pUL\n",
- _entry->image_type_uuid);
- printf("Location Guid: %pUL\n", _entry->location_uuid);
- for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) {
+ _entry->image_type_guid);
+ printf("Location Guid: %pUL\n", _entry->location_guid);
+ for (j = 0; j < num_banks; j++) {
img_info = _entry->img_bank_info[j];
- printf("Image Guid: %pUL\n", _info->image_uuid);
+ printf("Image Guid: %pUL\n", _info->image_guid);
printf("Image Acceptance: %s\n",
img_info->accepted == 0x1 ? "yes" : "no");
}
@@ -43,19 +52,35 @@ static void print_mdata(struct fwu_mdata *mdata)
int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag,
int argc, char * const argv[])
{
+ uint32_t mdata_size;
+ struct fwu_mdata *mdata = NULL;
int ret = CMD_RET_SUCCESS, res;
- struct fwu_mdata mdata;
- res = fwu_get_mdata();
+ res = fwu_get_mdata_size(_size);
+ if (res) {
+ log_err("Unable to get FWU metadata size\n");
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ mdata = malloc(mdata_size);
+ if (!mdata) {
+ log_err("Unable to allocate memory for FWU metadata\n");
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ res = fwu_get_mdata(mdata);
if (res < 0) {
log_err("Unable to get valid FWU metadata\n");
ret = CMD_RET_FAILURE;
goto out;
}
- print_mdata();
+ print_mdata(mdata);
out:
+ free(mdata);
return ret;
}
--
2.34.1
[PATCH 12/18] efi_firmware: fwu: Get the number of FWU banks at runtime
With the migration of the FWU metadata to version 2, the number of
banks are now obtained at runtime, instead of the config symbols. Make
use of the API to get the number of banks in the versioning
functions.
Signed-off-by: Sughosh Ganu
---
lib/efi_loader/efi_firmware.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 51797a169f..74f241015d 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -207,7 +207,8 @@ void efi_firmware_fill_version_info(struct
efi_firmware_image_descriptor *image_
u16 varname[13]; /* u"FmpState" */
efi_status_t ret;
efi_uintn_t size, expected_size;
- uint num_banks = 1;
+ u8 num_banks = 1;
+ u16 __maybe_unused num_images;
uint active_index = 0;
struct fmp_state *var_state;
@@ -229,7 +230,9 @@ void efi_firmware_fill_version_info(struct
efi_firmware_image_descriptor *image_
if (ret)
return;
- num_banks = CONFIG_FWU_NUM_BANKS;
+ ret = fwu_get_banks_images(_banks, _images);
+ if (ret)
+ return;
}
size = num_banks * sizeof(*var_state);
@@ -379,7 +382,8 @@ efi_status_t efi_firmware_set_fmp_state_var(struct
fmp_state *state, u8 image_in
{
u16 varname[13]; /* u"FmpState" */
efi_status_t ret;
- uint num_banks = 1;
+ u8 num_banks = 1;
+ u16 __maybe_unused num_images;
uint update_bank = 0;
efi_uintn_t size;
efi_guid_t *image_type_id;
@@ -398,7 +402,9 @@ efi_status_t efi_firmware_set_fmp_state_var(struct
fmp_state *state, u8 image_in
if (ret)
return EFI_INVALID_PARAMETER;
- num_banks = CONFIG_FWU_NUM_BANKS;
+ ret = fwu_get_banks_images(_banks, _images);
+ if (ret)
+ return EFI_INVALID_PARAMETER;
}
size = num_banks * sizeof(*var_state);
--
2.34.1
[PATCH 11/18] efi_firmware: fwu: Do not read FWU metadata on sandbox
The FWU metadata is being read for populating the firmware image's
version information. The sandbox platform does not have the FWU
metadata on any of it's storage devices. Skip attempting to read the
FWU metadata on the sandbox platform.
Signed-off-by: Sughosh Ganu
---
lib/efi_loader/efi_firmware.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 9fd13297a6..51797a169f 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -223,7 +223,8 @@ void efi_firmware_fill_version_info(struct
efi_firmware_image_descriptor *image_
/* get the fw_version */
efi_create_indexed_name(varname, sizeof(varname), "FmpState",
fw_array->image_index);
- if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
+ if (!IS_ENABLED(CONFIG_SANDBOX) &&
+ IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
ret = fwu_get_active_index(_index);
if (ret)
return;
@@ -391,7 +392,8 @@ efi_status_t efi_firmware_set_fmp_state_var(struct
fmp_state *state, u8 image_in
efi_create_indexed_name(varname, sizeof(varname), "FmpState",
image_index);
- if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
+ if (!IS_ENABLED(CONFIG_SANDBOX) &&
+ IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) {
ret = fwu_plat_get_update_index(_bank);
if (ret)
return EFI_INVALID_PARAMETER;
--
2.34.1
[PATCH 10/18] fwu: mtd: Modify the DFU API's to align with metadata version 2
Make changes to the functions used for generating the DFU's alt
variable so that they are aligned with changes to the metadata version
2.
These changes include getting the number of banks and images per bank
at runtime from the metadata, as well as accessing the updatable image
information from the FWU MTD driver's private structure.
Signed-off-by: Sughosh Ganu
---
lib/fwu_updates/fwu_mtd.c | 76 +--
1 file changed, 58 insertions(+), 18 deletions(-)
diff --git a/lib/fwu_updates/fwu_mtd.c b/lib/fwu_updates/fwu_mtd.c
index 69cd3d7001..a82133de2e 100644
--- a/lib/fwu_updates/fwu_mtd.c
+++ b/lib/fwu_updates/fwu_mtd.c
@@ -15,16 +15,51 @@
#include
-struct fwu_mtd_image_info
-fwu_mtd_images[CONFIG_FWU_NUM_BANKS * CONFIG_FWU_NUM_IMAGES_PER_BANK];
+static struct fwu_mdata *mdata;
+
+static int read_mdata(void)
+{
+ int ret = 0;
+ u32 mdata_size;
+
+ ret = fwu_get_mdata_size(_size);
+ if (ret)
+ return ret;
+
+ mdata = malloc(mdata_size);
+ if (!mdata)
+ return -ENOMEM;
+
+ ret = fwu_get_mdata(mdata);
+ if (ret < 0) {
+ log_err("Failed to get the FWU mdata\n");
+ free(mdata);
+ mdata = NULL;
+ }
+
+ return ret;
+}
static struct fwu_mtd_image_info *mtd_img_by_uuid(const char *uuidbuf)
{
- int num_images = ARRAY_SIZE(fwu_mtd_images);
+ u8 nbanks;
+ u16 nimages;
+ int num_images, ret;
+ struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(fwu_get_dev());
+ struct fwu_mtd_image_info *image_info = mtd_priv->fwu_mtd_images;
+
+ if (!image_info)
+ return NULL;
+
+ ret = fwu_get_banks_images(, );
+ if (ret)
+ return NULL;
+
+ num_images = nbanks * nimages;
for (int i = 0; i < num_images; i++)
- if (!strcmp(uuidbuf, fwu_mtd_images[i].uuidbuf))
- return _mtd_images[i];
+ if (!strcmp(uuidbuf, image_info[i].uuidbuf))
+ return _info[i];
return NULL;
}
@@ -108,7 +143,8 @@ __weak int fwu_plat_get_alt_num(struct udevice *dev,
efi_guid_t *image_id,
}
static int gen_image_alt_info(char *buf, size_t len, int sidx,
- struct fwu_image_entry *img, struct mtd_info *mtd)
+ struct fwu_image_entry *img,
+ struct mtd_info *mtd, uint8_t num_banks)
{
char *p = buf, *end = buf + len;
int i;
@@ -123,7 +159,7 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
* List the image banks in the FWU mdata and search the corresponding
* partition based on partition's uuid.
*/
- for (i = 0; i < CONFIG_FWU_NUM_BANKS; i++) {
+ for (i = 0; i < num_banks; i++) {
struct fwu_mtd_image_info *mtd_img_info;
struct fwu_image_bank_info *bank;
char uuidbuf[UUID_STR_LEN + 1];
@@ -131,7 +167,7 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
/* Query a partition by image UUID */
bank = >img_bank_info[i];
- uuid_bin_to_str(bank->image_uuid.b, uuidbuf,
UUID_STR_FORMAT_STD);
+ uuid_bin_to_str(bank->image_guid.b, uuidbuf,
UUID_STR_FORMAT_STD);
mtd_img_info = mtd_img_by_uuid(uuidbuf);
if (!mtd_img_info) {
@@ -150,7 +186,7 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
}
}
- if (i == CONFIG_FWU_NUM_BANKS)
+ if (i == num_banks)
return 0;
return -ENOENT;
@@ -158,24 +194,28 @@ static int gen_image_alt_info(char *buf, size_t len, int
sidx,
int fwu_gen_alt_info_from_mtd(char *buf, size_t len, struct mtd_info *mtd)
{
- struct fwu_mdata mdata;
+ u8 num_banks;
+ u16 num_images;
int i, l, ret;
- ret = fwu_get_mdata();
- if (ret < 0) {
- log_err("Failed to get the FWU mdata.\n");
- return ret;
+ if (!mdata) {
+ ret = read_mdata();
+ if (ret)
+ return ret;
}
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- ret = gen_image_alt_info(buf, len, i * CONFIG_FWU_NUM_BANKS,
-_entry[i], mtd);
+ num_banks = mdata->fw_desc[0].num_banks;
+ num_images = mdata->fw_desc[0].num_images;
+ for (i = 0; i < num_images; i++) {
+ ret = gen_image_alt_info(buf, len, i * num_banks,
+>fw_desc[0].img_entry[i],
+mtd, num_banks);
if (ret)
break;
l = strlen(buf);
/* Replace the last ';
[PATCH 09/18] capsule: Accept a bank on a successful update
The version 2 of the FWU metadata maintains a bank_state field per
bank, which keeps an aggregate status of the bank. A bank can either
be in a valid, invalid, or accepted state.
Update the bank_state field of the metadata once the update has gone
through successfully(when skipping Trial State), or once the images in
the bank have been accepted.
Signed-off-by: Sughosh Ganu
---
lib/efi_loader/efi_capsule.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 0e6a38b441..422bb11162 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -480,6 +480,12 @@ static __maybe_unused efi_status_t
fwu_empty_capsule_process(
if (ret != EFI_SUCCESS)
log_err("Unable to set the Accept bit for the image
%pUs\n",
image_guid);
+
+ status = fwu_bank_state_update(active_idx);
+ ret = fwu_to_efi_error(status);
+ if (ret != EFI_SUCCESS)
+ log_err("Unable to update the bank_state for bank %u\n",
+ active_idx);
}
return ret;
@@ -525,6 +531,10 @@ static __maybe_unused efi_status_t
fwu_post_update_process(bool fw_accept_os)
status = fwu_trial_state_start(update_index);
if (status < 0)
ret = EFI_DEVICE_ERROR;
+ } else {
+ status = fwu_bank_state_update(update_index);
+ if (status < 0)
+ ret = EFI_DEVICE_ERROR;
}
}
--
2.34.1
[PATCH 08/18] fwu: Add a function to put a bank in Trial State
The version 2 of the FWU metadata has a field in the top level
structure, called bank_state. This is used to keep the state a given
bank is in, either of valid(for trial state), invalid, or accepted.
Update this field when putting the platform in Trial State, in
addition to starting the TrialStateCtr variable by calling the
fwu_trial_state_start() function.
Signed-off-by: Sughosh Ganu
---
include/fwu.h| 12 +---
lib/efi_loader/efi_capsule.c | 2 +-
lib/fwu_updates/fwu.c| 54 ++--
3 files changed, 54 insertions(+), 14 deletions(-)
diff --git a/include/fwu.h b/include/fwu.h
index 3764336952..d0b4e12190 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -297,15 +297,19 @@ u8 fwu_update_checks_pass(void);
u8 fwu_empty_capsule_checks_pass(void);
/**
- * fwu_trial_state_ctr_start() - Start the Trial State counter
+ * fwu_trial_state_start() - Put the platform in Trial State
+ * @update_index: Bank number to which images have been updated
*
- * Start the counter to identify the platform booting in the
- * Trial State. The counter is implemented as an EFI variable.
+ * Put the platform in Trial State by starting the counter to
+ * identify the platform booting in the Trial State. The
+ * counter is implemented as an EFI variable. Secondly, set
+ * the bank_state in the metadata for the updated bank to Valid
+ * state.
*
* Return: 0 if OK, -ve on error
*
*/
-int fwu_trial_state_ctr_start(void);
+int fwu_trial_state_start(uint update_index);
/**
* fwu_gen_alt_info_from_mtd() - Parse dfu_alt_info from metadata in mtd
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index de0d49ebeb..0e6a38b441 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -522,7 +522,7 @@ static __maybe_unused efi_status_t
fwu_post_update_process(bool fw_accept_os)
} else {
log_debug("Successfully updated the active_index\n");
if (fw_accept_os) {
- status = fwu_trial_state_ctr_start();
+ status = fwu_trial_state_start(update_index);
if (status < 0)
ret = EFI_DEVICE_ERROR;
}
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 831ff6aa91..0f43cf63b2 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -590,6 +590,36 @@ out:
return ret;
}
+static int fwu_trial_state_ctr_start(void)
+{
+ int ret;
+ u16 trial_state_ctr;
+
+ printf("%s: starting the TrialStateCtr\n", __func__);
+ trial_state_ctr = 0;
+ ret = trial_counter_update(_state_ctr);
+ if (ret)
+ log_err("Unable to initialise TrialStateCtr\n");
+
+ return ret;
+}
+
+static int fwu_set_bank_state_trial(uint update_index)
+{
+ int ret;
+ struct fwu_mdata *mdata = g_mdata;
+
+ mdata->bank_state[update_index] = FWU_BANK_VALID;
+
+ ret = fwu_sync_mdata(mdata, BOTH_PARTS);
+ if (ret) {
+ log_err("Unable to set bank_state for %d bank\n", update_index);
+ return ret;
+ }
+
+ return 0;
+}
+
/**
* fwu_bank_state_update() - Check and update the bank_state of the metadata
* @update_index: Bank for which the bank_state needs to be updated
@@ -743,25 +773,31 @@ u8 fwu_empty_capsule_checks_pass(void)
}
/**
- * fwu_trial_state_ctr_start() - Start the Trial State counter
+ * fwu_trial_state_start() - Put the platform in Trial State
+ * @update_index: Bank number to which images have been updated
*
- * Start the counter to identify the platform booting in the
- * Trial State. The counter is implemented as an EFI variable.
+ * Put the platform in Trial State by starting the counter to
+ * identify the platform booting in the Trial State. The
+ * counter is implemented as an EFI variable. Secondly, set
+ * the bank_state in the metadata for the updated bank to Valid
+ * state.
*
* Return: 0 if OK, -ve on error
*
*/
-int fwu_trial_state_ctr_start(void)
+int fwu_trial_state_start(uint update_index)
{
int ret;
- u16 trial_state_ctr;
- trial_state_ctr = 0;
- ret = trial_counter_update(_state_ctr);
+ ret = fwu_trial_state_ctr_start();
if (ret)
- log_err("Unable to initialise TrialStateCtr\n");
+ return ret;
- return ret;
+ ret = fwu_set_bank_state_trial(update_index);
+ if (ret)
+ return ret;
+
+ return 0;
}
static int fwu_boottime_checks(void)
--
2.34.1
[PATCH 07/18] drivers: fwu: Allocate memory for metadata copies
With migration of the FWU metadata access code to version 2, the size of the metadata is obtained at runtime. Allocate memory for both the metadata copies from the driver's probe function. Signed-off-by: Sughosh Ganu --- drivers/fwu-mdata/gpt_blk.c | 4 drivers/fwu-mdata/raw_mtd.c | 4 2 files changed, 8 insertions(+) diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index 97eac3611f..c2cb7ef7c3 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -159,6 +159,10 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev) priv->blk_dev = mdata_dev; + ret = fwu_mdata_copies_allocate(); + if (ret) + return ret; + return 0; } diff --git a/drivers/fwu-mdata/raw_mtd.c b/drivers/fwu-mdata/raw_mtd.c index da36094644..d91518bf0a 100644 --- a/drivers/fwu-mdata/raw_mtd.c +++ b/drivers/fwu-mdata/raw_mtd.c @@ -260,6 +260,10 @@ static int fwu_mdata_mtd_probe(struct udevice *dev) if (ret) return ret; + ret = fwu_mdata_copies_allocate(); + if (ret) + return ret; + /* Read the metadata to get number of banks and images */ ret = fwu_get_banks_images(, ); if (ret) -- 2.34.1
[PATCH 06/18] drivers: fwu: mtd: Allocate buffer for image info dynamically
The FWU metadata access driver for MTD partitioned devices currently
uses a statically allocated array for storing the updatable image
information. This array depends on the number of banks and images per
bank. With migration of the FWU metadata to version 2, these
parameters are now obtained at runtime from the metadata.
Make changes to the FWU metadata access driver for MTD devices to
allocate memory for the image information dynamically in the driver's
probe function, after having obtained the number of banks and images
per bank by reading the metadata. Move the image information as part
of the driver's private structure, instead of using a global variable.
Signed-off-by: Sughosh Ganu
---
drivers/fwu-mdata/raw_mtd.c | 71 -
include/fwu.h | 9 +
2 files changed, 55 insertions(+), 25 deletions(-)
diff --git a/drivers/fwu-mdata/raw_mtd.c b/drivers/fwu-mdata/raw_mtd.c
index 9f3f1dc213..da36094644 100644
--- a/drivers/fwu-mdata/raw_mtd.c
+++ b/drivers/fwu-mdata/raw_mtd.c
@@ -12,22 +12,11 @@
#include
#include
-/* Internal helper structure to move data around */
-struct fwu_mdata_mtd_priv {
- struct mtd_info *mtd;
- char pri_label[50];
- char sec_label[50];
- u32 pri_offset;
- u32 sec_offset;
-};
-
enum fwu_mtd_op {
FWU_MTD_READ,
FWU_MTD_WRITE,
};
-extern struct fwu_mtd_image_info fwu_mtd_images[];
-
static bool mtd_is_aligned_with_block_size(struct mtd_info *mtd, u64 size)
{
return !do_div(size, mtd->erasesize);
@@ -134,7 +123,7 @@ static int flash_partition_offset(struct udevice *dev,
const char *part_name, fd
return (int)size;
}
-static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
+static int get_fwu_mdata_dev(struct udevice *dev)
{
struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(dev);
const fdt32_t *phandle_p = NULL;
@@ -144,8 +133,6 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
fdt_addr_t offset;
int ret, size;
u32 phandle;
- ofnode bank;
- int off_img;
/* Find the FWU mdata storage device */
phandle_p = ofnode_get_property(dev_ofnode(dev),
@@ -199,8 +186,28 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
return ret;
mtd_priv->sec_offset = offset;
- off_img = 0;
+ return 0;
+}
+
+static int fwu_mtd_image_info_populate(struct udevice *dev, u8 nbanks,
+ u16 nimages)
+{
+ struct fwu_mtd_image_info *mtd_images;
+ struct fwu_mdata_mtd_priv *mtd_priv = dev_get_priv(dev);
+ struct udevice *mtd_dev = mtd_priv->mtd->dev;
+ fdt_addr_t offset;
+ ofnode bank;
+ int off_img;
+ u32 total_images;
+ total_images = nbanks * nimages;
+ mtd_priv->fwu_mtd_images = malloc(sizeof(struct fwu_mtd_image_info) *
+ total_images);
+ if (!mtd_priv->fwu_mtd_images)
+ return -ENOMEM;
+
+ off_img = 0;
+ mtd_images = mtd_priv->fwu_mtd_images;
ofnode_for_each_subnode(bank, dev_ofnode(dev)) {
int bank_num, bank_offset, bank_size;
const char *bank_name;
@@ -219,8 +226,7 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
int image_num, image_offset, image_size;
const char *uuid;
- if (off_img == CONFIG_FWU_NUM_BANKS *
- CONFIG_FWU_NUM_IMAGES_PER_BANK)
{
+ if (off_img == total_images) {
log_err("DT provides more images than
configured!\n");
break;
}
@@ -230,11 +236,11 @@ static int fwu_mdata_mtd_of_to_plat(struct udevice *dev)
ofnode_read_u32(image, "offset", _offset);
ofnode_read_u32(image, "size", _size);
- fwu_mtd_images[off_img].start = bank_offset +
image_offset;
- fwu_mtd_images[off_img].size = image_size;
- fwu_mtd_images[off_img].bank_num = bank_num;
- fwu_mtd_images[off_img].image_num = image_num;
- strcpy(fwu_mtd_images[off_img].uuidbuf, uuid);
+ mtd_images[off_img].start = bank_offset + image_offset;
+ mtd_images[off_img].size = image_size;
+ mtd_images[off_img].bank_num = bank_num;
+ mtd_images[off_img].image_num = image_num;
+ strcpy(mtd_images[off_img].uuidbuf, uuid);
log_debug("\tImage%d: %s @0x%x\n\n",
image_num, uuid, bank_offset + image_offset);
off_img++;
@@ -246,8 +252,24 @@ static int fwu_mdata_mtd_of_t
[PATCH 05/18] lib: fwu: Make changes to support version 2 of FWU metadata
Make changes to the FWU library functions which are used to access the
metadata structure to support version 2 of the metadata.
At a broad level, the following are the changes made
- Use a pointer g_mdata instead of a variable, and allocate space for
it at runtime.
- Obtain the number of banks and number of images per bank from the
metadata at runtime, instead of using config values.
- Get the size of the metadata from the metadata structure, instead
of using build-time value.
Signed-off-by: Sughosh Ganu
---
include/fwu.h | 6 ++-
lib/fwu_updates/fwu.c | 112 --
2 files changed, 68 insertions(+), 50 deletions(-)
diff --git a/include/fwu.h b/include/fwu.h
index d3e97a5360..d21c8c6f93 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -52,9 +52,13 @@ struct fwu_mdata_ops {
bool primary, uint32_t size);
};
-#define FWU_MDATA_VERSION 0x1
+#define FWU_MDATA_VERSION 0x2
#define FWU_IMAGE_ACCEPTED 0x1
+#define FWU_BANK_INVALID 0xFF
+#define FWU_BANK_VALID 0xFE
+#define FWU_BANK_ACCEPTED 0xFC
+
/*
* GUID value defined in the FWU specification for identification
* of the FWU metadata partition.
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 5bfa24067b..831ff6aa91 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -17,7 +17,7 @@
#include
-static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */
+static struct fwu_mdata *g_mdata;
static struct udevice *g_dev;
static u8 in_trial;
static u8 boottime_check;
@@ -108,21 +108,9 @@ out:
static int in_trial_state(struct fwu_mdata *mdata)
{
- u32 i, active_bank;
- struct fwu_image_entry *img_entry;
- struct fwu_image_bank_info *img_bank_info;
-
- active_bank = mdata->active_index;
- img_entry = >img_entry[0];
- for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
- img_bank_info = _entry[i].img_bank_info[active_bank];
- if (!img_bank_info->accepted) {
- log_info("System booting in Trial State\n");
- return 1;
- }
- }
+ u32 active_bank = mdata->active_index;
- return 0;
+ return mdata->bank_state[active_bank] == FWU_BANK_VALID ? 1 : 0;
}
static int fwu_get_image_type_id(u8 image_index, efi_guid_t *image_type_id)
@@ -150,8 +138,9 @@ static int fwu_get_image_type_id(u8 image_index, efi_guid_t
*image_type_id)
*/
static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
{
- void *buf = >version;
int err;
+ uint32_t mdata_size;
+ void *buf = >version;
if (part == BOTH_PARTS) {
err = fwu_sync_mdata(mdata, SECONDARY_PART);
@@ -165,9 +154,10 @@ static int fwu_sync_mdata(struct fwu_mdata *mdata, int
part)
* and put the updated value in the FWU metadata crc32
* field
*/
- mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
+ mdata_size = mdata->metadata_size;
+ mdata->crc32 = crc32(0, buf, mdata_size - sizeof(u32));
- err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART);
+ err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART, mdata_size);
if (err) {
log_err("Unable to write %s mdata\n",
part == PRIMARY_PART ? "primary" : "secondary");
@@ -175,7 +165,7 @@ static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
}
/* update the cached copy of meta-data */
- memcpy(_mdata, mdata, sizeof(struct fwu_mdata));
+ memcpy(g_mdata, mdata, mdata_size);
return 0;
}
@@ -183,8 +173,12 @@ static int fwu_sync_mdata(struct fwu_mdata *mdata, int
part)
static inline int mdata_crc_check(struct fwu_mdata *mdata)
{
void *buf = >version;
- u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
+ u32 calc_crc32;
+
+ if (!mdata->metadata_size)
+ return -EINVAL;
+ calc_crc32 = crc32(0, buf, mdata->metadata_size - sizeof(u32));
return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
}
@@ -309,27 +303,32 @@ __maybe_unused int fwu_get_banks_images(u8 *nbanks, u16
*nimages)
int fwu_get_mdata(struct fwu_mdata *mdata)
{
int err;
+ uint32_t mdata_size;
bool parts_ok[2] = { false };
- struct fwu_mdata s, *parts_mdata[2];
+ struct fwu_mdata *parts_mdata[2];
+
+ err = fwu_get_mdata_size(_size);
+ if (err)
+ return err;
- parts_mdata[0] = _mdata;
- parts_mdata[1] =
+ parts_mdata[0] = g_mdata;
+ parts_mdata[1] = (struct fwu_mdata *)((char *)g_mdata + mdata_size);
/* if mdata already read and ready */
- err = mdata_crc_check(parts_mdata[0]);
- if (!err)
+ if (!mdata_crc_check(parts_mdata[
[PATCH 04/18] fwu: Add some API's for metadata version 2 access
There are certain fields added in version 2 of the FWU metadata
structure. Also, information like number of banks and number of images
per bank are also part of the metadata structure. Add functions to
access fields of the version 2 of the metadata structure.
Signed-off-by: Sughosh Ganu
---
include/fwu.h | 53
lib/fwu_updates/fwu.c | 142 ++
2 files changed, 195 insertions(+)
diff --git a/include/fwu.h b/include/fwu.h
index 1815bd0064..d3e97a5360 100644
--- a/include/fwu.h
+++ b/include/fwu.h
@@ -104,6 +104,26 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata
*mdata,
*/
int fwu_get_mdata(struct fwu_mdata *mdata);
+/**
+ * fwu_mdata_copies_allocate() - Allocate memory for metadata
+ *
+ * Allocate memory for storing both the copies of the FWU metadata. The
+ * copies are then used as a cache for storing FWU metadata contents.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_mdata_copies_allocate(void);
+
+/**
+ * fwu_get_mdata_size() - Get the FWU metadata size
+ *
+ * Get the size of the FWU metadata from the structure. This is later used
+ * to allocate memory for the structure.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_get_mdata_size(uint32_t *mdata_size);
+
/**
* fwu_get_active_index() - Get active_index from the FWU metadata
* @active_idxp: active_index value to be read
@@ -153,6 +173,18 @@ int fwu_get_dfu_alt_num(u8 image_index, u8 *alt_num);
*/
int fwu_revert_boot_index(void);
+/**
+ * fwu_bank_state_update() - Check and update the bank_state of the metadata
+ * @update_index: Bank for which the bank_state needs to be updated
+ *
+ * Check that all the images for the given bank have been accepted, and if
+ * they are, set the status of the bank to Accepted in the bank_state field
+ * of the metadata.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_bank_state_update(uint update_index);
+
/**
* fwu_accept_image() - Set the Acceptance bit for the image
* @img_type_id: GUID of the image type for which the accepted bit is to be
@@ -286,4 +318,25 @@ int fwu_gen_alt_info_from_mtd(char *buf, size_t len,
struct mtd_info *mtd);
*/
int fwu_mtd_get_alt_num(efi_guid_t *image_guid, u8 *alt_num, const char
*mtd_dev);
+/**
+ * fwu_get_banks_images() - Get the number of banks and images from the
metadata
+ * @nbanks: Number of banks
+ * @nimages: Number of images per bank
+ *
+ * Get the values of number of banks and number of images per bank from the
+ * metadata.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+__maybe_unused int fwu_get_banks_images(u8 *nbanks, u16 *nimages);
+
+/**
+ * fwu_get_dev() - Return the FWU metadata device
+ *
+ * Return the pointer to the FWU metadata device.
+ *
+ * Return: Pointer to the FWU metadata dev
+ */
+__maybe_unused struct udevice *fwu_get_dev(void);
+
#endif /* _FWU_H_ */
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
index 86518108c2..5bfa24067b 100644
--- a/lib/fwu_updates/fwu.c
+++ b/lib/fwu_updates/fwu.c
@@ -188,6 +188,114 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata)
return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
}
+/**
+ * fwu_mdata_copies_allocate() - Allocate memory for metadata
+ *
+ * Allocate memory for storing both the copies of the FWU metadata. The
+ * copies are then used as a cache for storing FWU metadata contents.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_mdata_copies_allocate(void)
+{
+ int err;
+ uint32_t mdata_size;
+
+ if (g_mdata)
+ return 0;
+
+ err = fwu_get_mdata_size(_size);
+ if (err)
+ return err;
+
+ /*
+* Now allocate the total memory that would be needed for both
+* the copies.
+*/
+ g_mdata = calloc(2, mdata_size);
+ if (!g_mdata) {
+ log_err("Unable to allocate space for FWU metadata\n");
+ return -ENOMEM;
+ }
+
+ return 0;
+}
+
+/**
+ * fwu_get_mdata_size() - Get the FWU metadata size
+ *
+ * Get the size of the FWU metadata from the structure. This is later used
+ * to allocate memory for the structure.
+ *
+ * Return: 0 if OK, -ve on error
+ */
+int fwu_get_mdata_size(uint32_t *mdata_size)
+{
+ int err = 0;
+ struct fwu_mdata mdata = { 0 };
+
+ if (g_mdata && !mdata_crc_check(g_mdata)) {
+ *mdata_size = g_mdata->metadata_size;
+ return 0;
+ }
+
+ err = fwu_read_mdata(g_dev, , 1, sizeof(struct fwu_mdata));
+ if (err) {
+ log_err("FWU metadata read failed\n");
+ return err;
+ }
+
+ if (mdata.version != 0x2) {
+ log_err("FWU metadata version %u. Expected value of 2\n",
+ mdata.version);
+ return -EINVAL;
+ }
+
+ *mdata_size = mdata.metadata_size;
+ if (!*mdata_size)
+ return -EINVAL;
+
+ return 0;
[PATCH 03/18] drivers: fwu: Add the size parameter to the metadata access API's
In version 2 of the metadata structure, the size of the structure
cannot be determined statically at build time. The structure is now
broken into the top level structure which contains a field indicating
the total size of the structure.
Add a size parameter to the metadata access API functions to indicate
the number of bytes to be accessed. This is then used to either read
the entire structure, or only the top level structure.
Signed-off-by: Sughosh Ganu
---
drivers/fwu-mdata/fwu-mdata-uclass.c | 10 ++
drivers/fwu-mdata/gpt_blk.c | 23 +--
drivers/fwu-mdata/raw_mtd.c | 10 ++
include/fwu.h| 14 ++
4 files changed, 35 insertions(+), 22 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c
b/drivers/fwu-mdata/fwu-mdata-uclass.c
index 0a8edaaa41..145479bab0 100644
--- a/drivers/fwu-mdata/fwu-mdata-uclass.c
+++ b/drivers/fwu-mdata/fwu-mdata-uclass.c
@@ -20,7 +20,8 @@
*
* Return: 0 if OK, -ve on error
*/
-int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary,
+ uint32_t size)
{
const struct fwu_mdata_ops *ops = device_get_ops(dev);
@@ -29,7 +30,7 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
return -ENOSYS;
}
- return ops->read_mdata(dev, mdata, primary);
+ return ops->read_mdata(dev, mdata, primary, size);
}
/**
@@ -37,7 +38,8 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
*
* Return: 0 if OK, -ve on error
*/
-int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary,
+ uint32_t size)
{
const struct fwu_mdata_ops *ops = device_get_ops(dev);
@@ -46,7 +48,7 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata
*mdata, bool primary)
return -ENOSYS;
}
- return ops->write_mdata(dev, mdata, primary);
+ return ops->write_mdata(dev, mdata, primary, size);
}
UCLASS_DRIVER(fwu_mdata) = {
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c
index c7284916c4..97eac3611f 100644
--- a/drivers/fwu-mdata/gpt_blk.c
+++ b/drivers/fwu-mdata/gpt_blk.c
@@ -81,15 +81,14 @@ static int gpt_get_mdata_disk_part(struct blk_desc *desc,
return -ENOENT;
}
-static int gpt_read_write_mdata(struct blk_desc *desc,
- struct fwu_mdata *mdata,
- u8 access, u32 part_num)
+static int gpt_read_write_mdata(struct blk_desc *desc, struct fwu_mdata *mdata,
+ u8 access, u32 part_num, u32 size)
{
int ret;
u32 len, blk_start, blkcnt;
struct disk_partition info;
- ALLOC_CACHE_ALIGN_BUFFER_PAD(struct fwu_mdata, mdata_aligned, 1,
+ ALLOC_CACHE_ALIGN_BUFFER_PAD(u8, mdata_aligned, size,
desc->blksz);
if (!mdata)
@@ -101,7 +100,7 @@ static int gpt_read_write_mdata(struct blk_desc *desc,
return -ENOENT;
}
- len = sizeof(*mdata);
+ len = size;
blkcnt = BLOCK_CNT(len, desc);
if (blkcnt > info.size) {
log_debug("Block count exceeds FWU metadata partition size\n");
@@ -114,7 +113,7 @@ static int gpt_read_write_mdata(struct blk_desc *desc,
log_debug("Error reading FWU metadata from the
device\n");
return -EIO;
}
- memcpy(mdata, mdata_aligned, sizeof(struct fwu_mdata));
+ memcpy(mdata, mdata_aligned, size);
} else {
if (blk_dwrite(desc, blk_start, blkcnt, mdata) != blkcnt) {
log_debug("Error writing FWU metadata to the device\n");
@@ -164,7 +163,7 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev)
}
static int fwu_gpt_read_mdata(struct udevice *dev, struct fwu_mdata *mdata,
- bool primary)
+ bool primary, u32 size)
{
struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev);
@@ -177,11 +176,13 @@ static int fwu_gpt_read_mdata(struct udevice *dev, struct
fwu_mdata *mdata,
}
return gpt_read_write_mdata(desc, mdata, MDATA_READ,
- primary ? g_mdata_part[0] :
g_mdata_part[1]);
+ primary ?
+ g_mdata_part[0] : g_mdata_part[1],
+ size);
}
static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata,
- bool primary)
+
[PATCH 02/18] fwu: metadata: Migrate to version 2 of the structure
The latest version of the FWU specification [1] has changes to the
metadata structure. This is version 2 of the structure.
Primary changes include
- bank_state field in the top level structure
- Total metadata size in the top level structure
- Image description structures now optional
- Number of banks and images per bank values part of the structure
Migrate to the version 2 of the metadata structure.
[1] - https://developer.arm.com/documentation/den0118/latest/
Signed-off-by: Sughosh Ganu
---
include/fwu_mdata.h | 56 +
1 file changed, 42 insertions(+), 14 deletions(-)
diff --git a/include/fwu_mdata.h b/include/fwu_mdata.h
index 56189e2f40..050ee969e3 100644
--- a/include/fwu_mdata.h
+++ b/include/fwu_mdata.h
@@ -11,7 +11,7 @@
/**
* struct fwu_image_bank_info - firmware image information
- * @image_uuid: Guid value of the image in this bank
+ * @image_guid: Guid value of the image in this bank
* @accepted: Acceptance status of the image
* @reserved: Reserved
*
@@ -20,15 +20,15 @@
* acceptance status
*/
struct fwu_image_bank_info {
- efi_guid_t image_uuid;
+ efi_guid_t image_guid;
uint32_t accepted;
uint32_t reserved;
} __packed;
/**
* struct fwu_image_entry - information for a particular type of image
- * @image_type_uuid: Guid value for identifying the image type
- * @location_uuid: Guid of the storage volume where the image is located
+ * @image_type_guid: Guid value for identifying the image type
+ * @location_guid: Guid of the storage volume where the image is located
* @img_bank_info: Array containing properties of images
*
* This structure contains information on various types of updatable
@@ -36,9 +36,30 @@ struct fwu_image_bank_info {
* information per bank.
*/
struct fwu_image_entry {
- efi_guid_t image_type_uuid;
- efi_guid_t location_uuid;
- struct fwu_image_bank_info img_bank_info[CONFIG_FWU_NUM_BANKS];
+ efi_guid_t image_type_guid;
+ efi_guid_t location_guid;
+ struct fwu_image_bank_info img_bank_info[];
+} __packed;
+
+/**
+ * struct fwu_fw_desc_store - FWU updatable image information
+ * @num_banks: Number of firmware banks
+ * num_images: Number of images per bank
+ * @img_entry_size: The size of the img_entry array
+ * @bank_info_entry_size: The size of the img_bank_info array
+ * @img_entry: Array of image entries each giving information on a image
+ *
+ * This image descriptor structure contains information on the number of
+ * updatable banks and images per bank. It also gives the total sizes of
+ * the fwu_image_entry and fwu_image_bank_info arrays.
+ */
+struct fwu_fw_store_desc {
+ uint8_t num_banks;
+ uint8_t reserved;
+ uint16_t num_images;
+ uint16_t img_entry_size;
+ uint16_t bank_info_entry_size;
+ struct fwu_image_entry img_entry[];
} __packed;
/**
@@ -48,21 +69,28 @@ struct fwu_image_entry {
* @active_index: Index of the bank currently used for booting images
* @previous_active_inde: Index of the bank used before the current bank
*being used for booting
- * @img_entry: Array of information on various firmware images that can
- * be updated
+ * @metadata_size: Size of the entire metadata structure, including the
+ * image descriptors
+ * @desc_offset: The offset from the start of this structure where the
+ * image descriptor structure starts. 0 if absent
+ * @bank_state: State of each bank, valid, invalid or accepted
+ * @fw_desc: The structure describing the FWU updatable images
*
- * This structure is used to store all the needed information for performing
+ * This is the top level structure used to store all information for performing
* multi bank updates on the platform. This contains info on the bank being
- * used to boot along with the information needed for identification of
- * individual images
+ * used to boot along with the information on state of individual banks.
*/
struct fwu_mdata {
uint32_t crc32;
uint32_t version;
uint32_t active_index;
uint32_t previous_active_index;
-
- struct fwu_image_entry img_entry[CONFIG_FWU_NUM_IMAGES_PER_BANK];
+ uint32_t metadata_size;
+ uint16_t desc_offset;
+ uint16_t reserved1;
+ uint8_t bank_state[4];
+ uint32_t reserved2;
+ struct fwu_fw_store_desc fw_desc[];
} __packed;
#endif /* _FWU_MDATA_H_ */
--
2.34.1
[PATCH 01/18] configs: fwu: Remove FWU configs for metadata V2 migration
The FWU metadata is to be migrated to version 2. Disable the FWU feature on platforms that enable it for the migration. Signed-off-by: Sughosh Ganu --- configs/corstone1000_defconfig | 2 -- configs/sandbox64_defconfig | 1 - configs/synquacer_developerbox_defconfig | 4 3 files changed, 7 deletions(-) diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig index e45415b90c..24b7984959 100644 --- a/configs/corstone1000_defconfig +++ b/configs/corstone1000_defconfig @@ -25,7 +25,6 @@ CONFIG_BOARD_LATE_INIT=y CONFIG_SYS_PROMPT="corstone1000# " CONFIG_SYS_MAXARGS=64 # CONFIG_CMD_CONSOLE is not set -CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_BOOTZ=y # CONFIG_CMD_XIMG is not set CONFIG_CMD_GPT=y @@ -67,4 +66,3 @@ CONFIG_FFA_SHARED_MM_BUF_OFFSET=0 CONFIG_FFA_SHARED_MM_BUF_ADDR=0x0200 CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y -CONFIG_FWU_MULTI_BANK_UPDATE=y diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 996bb7aa4f..7b5888af38 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -274,7 +274,6 @@ CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index 2a0407de40..616d410074 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -11,14 +11,12 @@ CONFIG_DM_GPIO=y CONFIG_DEFAULT_DEVICE_TREE="synquacer-sc2a11-developerbox" CONFIG_SYS_LOAD_ADDR=0x8000 CONFIG_TARGET_DEVELOPERBOX=y -CONFIG_FWU_NUM_IMAGES_PER_BANK=1 CONFIG_AHCI=y CONFIG_FIT=y CONFIG_SYS_BOOTM_LEN=0x80 CONFIG_BOOTSTAGE_STASH_SIZE=4096 CONFIG_HUSH_PARSER=y CONFIG_SYS_MAXARGS=128 -CONFIG_CMD_FWU_METADATA=y CONFIG_CMD_IMLS=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_NVEDIT_EFI=y @@ -53,7 +51,6 @@ CONFIG_DFU_TFTP=y CONFIG_DFU_MTD=y CONFIG_DFU_RAM=y CONFIG_DFU_SF=y -CONFIG_FWU_MDATA_MTD=y CONFIG_DM_I2C=y CONFIG_SYS_I2C_SYNQUACER=y CONFIG_MMC_SDHCI=y @@ -96,4 +93,3 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y -CONFIG_FWU_MULTI_BANK_UPDATE=y -- 2.34.1
[PATCH 00/18] FWU: Migrate FWU metadata to version 2
The following patches migrate the FWU metadata access code to version 2 of the structure. This is based on the structure definition as defined in the latest rev of the FWU Multi Bank Update specification [1]. Since the version 1 of the structure has currently been adopted on a couple of platforms, it was decided to have a clean migration of the metadata to version 2 only, instead of supporting both the versions of the structure. Also, based on consultations with the main author of the specification, it is expected that any further changes in the structure would be minor tweaks, and not be significant. Hence a migration to version 2. Similar migration is also being done in TF-A, including migrating the ST platform port to support version 2 of the metadata structure [2]. The patches have been tested on STM32MP1 DK2 board and the Synquacer board from Socionext. This covers testing both the GPT and the MTD partitioned storage devices for the metadata access. [1] - https://developer.arm.com/documentation/den0118/latest/ [2] - https://review.trustedfirmware.org/q/topic:%22topics/fwu_metadata_v2_migration%22 Sughosh Ganu (18): configs: fwu: Remove FWU configs for metadata V2 migration fwu: metadata: Migrate to version 2 of the structure drivers: fwu: Add the size parameter to the metadata access API's fwu: Add some API's for metadata version 2 access lib: fwu: Make changes to support version 2 of FWU metadata drivers: fwu: mtd: Allocate buffer for image info dynamically drivers: fwu: Allocate memory for metadata copies fwu: Add a function to put a bank in Trial State capsule: Accept a bank on a successful update fwu: mtd: Modify the DFU API's to align with metadata version 2 efi_firmware: fwu: Do not read FWU metadata on sandbox efi_firmware: fwu: Get the number of FWU banks at runtime cmd: fwu: Align the command with metadata version 2 test: fwu: Align the FWU metadata access test with version 2 fwu: Remove the config symbols for number of banks and images tools: mkfwumdata: Migrate to metadata version 2 configs: fwu: Re-enable FWU configs doc: fwu: Make changes for supporting FWU Metadata version 2 arch/sandbox/Kconfig | 6 - board/armltd/corstone1000/corstone1000.c | 2 +- cmd/fwu_mdata.c | 43 +++- configs/synquacer_developerbox_defconfig | 1 - doc/board/socionext/developerbox.rst | 9 +- doc/develop/uefi/fwu_updates.rst | 12 +- doc/usage/cmd/fwu_mdata.rst | 12 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 10 +- drivers/fwu-mdata/gpt_blk.c | 27 +- drivers/fwu-mdata/raw_mtd.c | 85 --- include/fwu.h| 94 ++- include/fwu_mdata.h | 56 +++-- lib/efi_loader/efi_capsule.c | 12 +- lib/efi_loader/efi_firmware.c| 20 +- lib/fwu_updates/Kconfig | 11 - lib/fwu_updates/fwu.c| 308 ++- lib/fwu_updates/fwu_mtd.c| 76 -- test/dm/fwu_mdata.c | 56 +++-- test/dm/fwu_mdata_disk_image.h | 124 - tools/mkfwumdata.c | 43 +++- 20 files changed, 705 insertions(+), 302 deletions(-) -- 2.34.1
Re: [PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Simon, On Wed, 27 Dec 2023 at 23:19, Simon Glass wrote: > > Hi Sughosh, > > On Mon, Dec 4, 2023 at 7:15 AM Sughosh Ganu wrote: > > > > hi Simon, > > > > On Sat, 2 Dec 2023 at 00:02, Simon Glass wrote: > > > > > > Hi Sughosh, > > > > > > On Thu, 30 Nov 2023 at 23:39, Sughosh Ganu > > > wrote: > > > > > > > > hi Simon, > > > > > > > > On Thu, 30 Nov 2023 at 08:16, Simon Glass wrote: > > > > > > > > > > Hi Sughosh, > > > > > > > > > > On Wed, 22 Nov 2023 at 00:40, Sughosh Ganu > > > > > wrote: > > > > > > > > > > > > hi Ilias, > > > > > > > > > > > > On Wed, 22 Nov 2023 at 13:06, Ilias Apalodimas > > > > > > wrote: > > > > > > > > > > > > > > Hi all, > > > > > > > > > > > > > > On Wed, 22 Nov 2023 at 07:23, Sughosh Ganu > > > > > > > wrote: > > > > > > > > > > > > > > > > hi Simon, > > > > > > > > > > > > > > > > On Wed, 22 Nov 2023 at 03:42, Simon Glass > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > Hi Sughosh, > > > > > > > > > > > > > > > > > > On Tue, 21 Nov 2023 at 00:02, Sughosh Ganu > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > Add support for specifying the parameters needed for capsule > > > > > > > > > > generation through a config file, instead of passing them > > > > > > > > > > through > > > > > > > > > > command-line. Parameters for more than a single capsule > > > > > > > > > > file can be > > > > > > > > > > specified, resulting in generation of multiple capsules > > > > > > > > > > through a > > > > > > > > > > single invocation of the command. > > > > > > > > > > > > > > > > > > > > The config file can then be passed to the mkeficapsule tool > > > > > > > > > > in such > > > > > > > > > > manner > > > > > > > > > > > > > > > > > > > > $ ./tools/mkeficapsule -f > > > > > > > > > > > > > > > > > > > > Signed-off-by: Sughosh Ganu > > > > > > > > > > --- > > > > > > > > > > tools/Kconfig | 15 ++ > > > > > > > > > > tools/Makefile | 1 + > > > > > > > > > > tools/eficapsule.h | 114 > > > > > > > > > > tools/mkeficapsule.c | 87 + > > > > > > > > > > tools/mkeficapsule_parse.c | 352 > > > > > > > > > > + > > > > > > > > > > 5 files changed, 538 insertions(+), 31 deletions(-) > > > > > > > > > > create mode 100644 tools/mkeficapsule_parse.c > > > > > > > > > > > > > > > > > > This patch keeps coming back :-) > > > > > > > > > > > > > > > > > > Can we not add multiple capsules in the binman description? > > > > > > > > > Why do we > > > > > > > > > need a new file format? How can binman decode images produced > > > > > > > > > in this > > > > > > > > > way? > > > > > > > > > > > > > > > > So as Tom mentions, this brings parity with respect to the other > > > > > > > > capsule generation tool in EDKII that generates capsules. IIRC, > > > > > > > > this > > > > > > > > is something which even Xilix was interested in, and Michal had > > > > > > > > kind > > > > > > > > of gone through these patches earlier. Lastly, it would be good > > > > > > > > to > > > > > > > > have support in U-Boot's mkeficapsul
Re: [PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Simon, On Sat, 2 Dec 2023 at 00:02, Simon Glass wrote: > > Hi Sughosh, > > On Thu, 30 Nov 2023 at 23:39, Sughosh Ganu wrote: > > > > hi Simon, > > > > On Thu, 30 Nov 2023 at 08:16, Simon Glass wrote: > > > > > > Hi Sughosh, > > > > > > On Wed, 22 Nov 2023 at 00:40, Sughosh Ganu > > > wrote: > > > > > > > > hi Ilias, > > > > > > > > On Wed, 22 Nov 2023 at 13:06, Ilias Apalodimas > > > > wrote: > > > > > > > > > > Hi all, > > > > > > > > > > On Wed, 22 Nov 2023 at 07:23, Sughosh Ganu > > > > > wrote: > > > > > > > > > > > > hi Simon, > > > > > > > > > > > > On Wed, 22 Nov 2023 at 03:42, Simon Glass wrote: > > > > > > > > > > > > > > Hi Sughosh, > > > > > > > > > > > > > > On Tue, 21 Nov 2023 at 00:02, Sughosh Ganu > > > > > > > wrote: > > > > > > > > > > > > > > > > Add support for specifying the parameters needed for capsule > > > > > > > > generation through a config file, instead of passing them > > > > > > > > through > > > > > > > > command-line. Parameters for more than a single capsule file > > > > > > > > can be > > > > > > > > specified, resulting in generation of multiple capsules through > > > > > > > > a > > > > > > > > single invocation of the command. > > > > > > > > > > > > > > > > The config file can then be passed to the mkeficapsule tool in > > > > > > > > such > > > > > > > > manner > > > > > > > > > > > > > > > > $ ./tools/mkeficapsule -f > > > > > > > > > > > > > > > > Signed-off-by: Sughosh Ganu > > > > > > > > --- > > > > > > > > tools/Kconfig | 15 ++ > > > > > > > > tools/Makefile | 1 + > > > > > > > > tools/eficapsule.h | 114 > > > > > > > > tools/mkeficapsule.c | 87 + > > > > > > > > tools/mkeficapsule_parse.c | 352 > > > > > > > > + > > > > > > > > 5 files changed, 538 insertions(+), 31 deletions(-) > > > > > > > > create mode 100644 tools/mkeficapsule_parse.c > > > > > > > > > > > > > > This patch keeps coming back :-) > > > > > > > > > > > > > > Can we not add multiple capsules in the binman description? Why > > > > > > > do we > > > > > > > need a new file format? How can binman decode images produced in > > > > > > > this > > > > > > > way? > > > > > > > > > > > > So as Tom mentions, this brings parity with respect to the other > > > > > > capsule generation tool in EDKII that generates capsules. IIRC, this > > > > > > is something which even Xilix was interested in, and Michal had kind > > > > > > of gone through these patches earlier. Lastly, it would be good to > > > > > > have support in U-Boot's mkeficapsule tool for generating a single > > > > > > capsule file with multiple payloads, and having support for this > > > > > > functionality helps in that goal. > > > > > > > > > > > > Also, you might have noticed that, since your objection to the last > > > > > > series, I have removed putting this in binman. So now, this aspect > > > > > > of > > > > > > the capsule generation would only be supported through the > > > > > > command-line invocation of the tool. > > > > > > > > > > I think that overall the approach is sane. mkeficapsule is currently > > > > > supported and compiled for distros, so the multiple payload support is > > > > > useful. If we want to add support to binman, instead of rewriting this > > > > > in python, we could just call that tool for parsing and creating > > > > > capsules > > > > > > > >
Re: [PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Simon, On Thu, 30 Nov 2023 at 08:16, Simon Glass wrote: > > Hi Sughosh, > > On Wed, 22 Nov 2023 at 00:40, Sughosh Ganu wrote: > > > > hi Ilias, > > > > On Wed, 22 Nov 2023 at 13:06, Ilias Apalodimas > > wrote: > > > > > > Hi all, > > > > > > On Wed, 22 Nov 2023 at 07:23, Sughosh Ganu > > > wrote: > > > > > > > > hi Simon, > > > > > > > > On Wed, 22 Nov 2023 at 03:42, Simon Glass wrote: > > > > > > > > > > Hi Sughosh, > > > > > > > > > > On Tue, 21 Nov 2023 at 00:02, Sughosh Ganu > > > > > wrote: > > > > > > > > > > > > Add support for specifying the parameters needed for capsule > > > > > > generation through a config file, instead of passing them through > > > > > > command-line. Parameters for more than a single capsule file can be > > > > > > specified, resulting in generation of multiple capsules through a > > > > > > single invocation of the command. > > > > > > > > > > > > The config file can then be passed to the mkeficapsule tool in such > > > > > > manner > > > > > > > > > > > > $ ./tools/mkeficapsule -f > > > > > > > > > > > > Signed-off-by: Sughosh Ganu > > > > > > --- > > > > > > tools/Kconfig | 15 ++ > > > > > > tools/Makefile | 1 + > > > > > > tools/eficapsule.h | 114 > > > > > > tools/mkeficapsule.c | 87 + > > > > > > tools/mkeficapsule_parse.c | 352 > > > > > > + > > > > > > 5 files changed, 538 insertions(+), 31 deletions(-) > > > > > > create mode 100644 tools/mkeficapsule_parse.c > > > > > > > > > > This patch keeps coming back :-) > > > > > > > > > > Can we not add multiple capsules in the binman description? Why do we > > > > > need a new file format? How can binman decode images produced in this > > > > > way? > > > > > > > > So as Tom mentions, this brings parity with respect to the other > > > > capsule generation tool in EDKII that generates capsules. IIRC, this > > > > is something which even Xilix was interested in, and Michal had kind > > > > of gone through these patches earlier. Lastly, it would be good to > > > > have support in U-Boot's mkeficapsule tool for generating a single > > > > capsule file with multiple payloads, and having support for this > > > > functionality helps in that goal. > > > > > > > > Also, you might have noticed that, since your objection to the last > > > > series, I have removed putting this in binman. So now, this aspect of > > > > the capsule generation would only be supported through the > > > > command-line invocation of the tool. > > > > > > I think that overall the approach is sane. mkeficapsule is currently > > > supported and compiled for distros, so the multiple payload support is > > > useful. If we want to add support to binman, instead of rewriting this > > > in python, we could just call that tool for parsing and creating > > > capsules > > > > Given the amount of time these patches have been under review(also > > number of iterations), I would request that this series be reviewed > > and merged first. I think there is general consensus that there is > > value to have this functionality in the mkeficapsule tool. If it is > > deemed fit to support this through binman as well, that task can be > > taken up separately. Thanks. > > The point you are missing is that it is the entire goal of 'skirting > around' binman which is suspect. > > If there is a need to generate an output file from the build, we > should support it in binman. If people start creating configuration > files all over the place, then they are not using binman, right? > > I understand that there are pre-existing vendor-specific config files, > etc. that the EFI thing is a grey area, but I cannot imagine that this > patch would lead to a good outcome. > > The goal of binman is to bring order to the chaos of firmware > packaging...we cannot do that if it is not actually used. > > So let's figure out what is missing from binman's capsule generation > (multiple capsules? ac
Re: [PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Ilias, On Wed, 22 Nov 2023 at 13:06, Ilias Apalodimas wrote: > > Hi all, > > On Wed, 22 Nov 2023 at 07:23, Sughosh Ganu wrote: > > > > hi Simon, > > > > On Wed, 22 Nov 2023 at 03:42, Simon Glass wrote: > > > > > > Hi Sughosh, > > > > > > On Tue, 21 Nov 2023 at 00:02, Sughosh Ganu > > > wrote: > > > > > > > > Add support for specifying the parameters needed for capsule > > > > generation through a config file, instead of passing them through > > > > command-line. Parameters for more than a single capsule file can be > > > > specified, resulting in generation of multiple capsules through a > > > > single invocation of the command. > > > > > > > > The config file can then be passed to the mkeficapsule tool in such > > > > manner > > > > > > > > $ ./tools/mkeficapsule -f > > > > > > > > Signed-off-by: Sughosh Ganu > > > > --- > > > > tools/Kconfig | 15 ++ > > > > tools/Makefile | 1 + > > > > tools/eficapsule.h | 114 > > > > tools/mkeficapsule.c | 87 + > > > > tools/mkeficapsule_parse.c | 352 + > > > > 5 files changed, 538 insertions(+), 31 deletions(-) > > > > create mode 100644 tools/mkeficapsule_parse.c > > > > > > This patch keeps coming back :-) > > > > > > Can we not add multiple capsules in the binman description? Why do we > > > need a new file format? How can binman decode images produced in this > > > way? > > > > So as Tom mentions, this brings parity with respect to the other > > capsule generation tool in EDKII that generates capsules. IIRC, this > > is something which even Xilix was interested in, and Michal had kind > > of gone through these patches earlier. Lastly, it would be good to > > have support in U-Boot's mkeficapsule tool for generating a single > > capsule file with multiple payloads, and having support for this > > functionality helps in that goal. > > > > Also, you might have noticed that, since your objection to the last > > series, I have removed putting this in binman. So now, this aspect of > > the capsule generation would only be supported through the > > command-line invocation of the tool. > > I think that overall the approach is sane. mkeficapsule is currently > supported and compiled for distros, so the multiple payload support is > useful. If we want to add support to binman, instead of rewriting this > in python, we could just call that tool for parsing and creating > capsules Given the amount of time these patches have been under review(also number of iterations), I would request that this series be reviewed and merged first. I think there is general consensus that there is value to have this functionality in the mkeficapsule tool. If it is deemed fit to support this through binman as well, that task can be taken up separately. Thanks. -sughosh > > Thanks > /Ilias > > > > > > > > Also, could we get sandbox to produce one EFI capsule as part of the > > > normal build? I think that discussion trailed off. > > > > Yes, apologies for missing out on this. Slipped my mind. Would you > > want, say, all the non-signed capsules to be generated as part of the > > sandbox build? > > > > -sughosh
Re: [PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Tom, On Wed, 22 Nov 2023 at 03:54, Tom Rini wrote: > > On Tue, Nov 21, 2023 at 03:11:50PM -0700, Simon Glass wrote: > > Hi Sughosh, > > > > On Tue, 21 Nov 2023 at 00:02, Sughosh Ganu wrote: > > > > > > Add support for specifying the parameters needed for capsule > > > generation through a config file, instead of passing them through > > > command-line. Parameters for more than a single capsule file can be > > > specified, resulting in generation of multiple capsules through a > > > single invocation of the command. > > > > > > The config file can then be passed to the mkeficapsule tool in such > > > manner > > > > > > $ ./tools/mkeficapsule -f > > > > > > Signed-off-by: Sughosh Ganu > > > --- > > > tools/Kconfig | 15 ++ > > > tools/Makefile | 1 + > > > tools/eficapsule.h | 114 > > > tools/mkeficapsule.c | 87 + > > > tools/mkeficapsule_parse.c | 352 + > > > 5 files changed, 538 insertions(+), 31 deletions(-) > > > create mode 100644 tools/mkeficapsule_parse.c > > > > This patch keeps coming back :-) > > > > Can we not add multiple capsules in the binman description? Why do we > > need a new file format? How can binman decode images produced in this > > way? > > > > Also, could we get sandbox to produce one EFI capsule as part of the > > normal build? I think that discussion trailed off. > > I believe part of the answer here is to support the config file format > that other capsule generators use. Do I recall this all right, Sughosh? Yes, that is correct. There are some other reasons as well, which I have mentioned in the reply to Simon's email. -sughosh
Re: [PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
hi Simon, On Wed, 22 Nov 2023 at 03:42, Simon Glass wrote: > > Hi Sughosh, > > On Tue, 21 Nov 2023 at 00:02, Sughosh Ganu wrote: > > > > Add support for specifying the parameters needed for capsule > > generation through a config file, instead of passing them through > > command-line. Parameters for more than a single capsule file can be > > specified, resulting in generation of multiple capsules through a > > single invocation of the command. > > > > The config file can then be passed to the mkeficapsule tool in such > > manner > > > > $ ./tools/mkeficapsule -f > > > > Signed-off-by: Sughosh Ganu > > --- > > tools/Kconfig | 15 ++ > > tools/Makefile | 1 + > > tools/eficapsule.h | 114 > > tools/mkeficapsule.c | 87 + > > tools/mkeficapsule_parse.c | 352 + > > 5 files changed, 538 insertions(+), 31 deletions(-) > > create mode 100644 tools/mkeficapsule_parse.c > > This patch keeps coming back :-) > > Can we not add multiple capsules in the binman description? Why do we > need a new file format? How can binman decode images produced in this > way? So as Tom mentions, this brings parity with respect to the other capsule generation tool in EDKII that generates capsules. IIRC, this is something which even Xilix was interested in, and Michal had kind of gone through these patches earlier. Lastly, it would be good to have support in U-Boot's mkeficapsule tool for generating a single capsule file with multiple payloads, and having support for this functionality helps in that goal. Also, you might have noticed that, since your objection to the last series, I have removed putting this in binman. So now, this aspect of the capsule generation would only be supported through the command-line invocation of the tool. > > Also, could we get sandbox to produce one EFI capsule as part of the > normal build? I think that discussion trailed off. Yes, apologies for missing out on this. Slipped my mind. Would you want, say, all the non-signed capsules to be generated as part of the sandbox build? -sughosh
[PATCH 1/4] tools: mkeficapsule: Add support for parsing capsule params from config file
Add support for specifying the parameters needed for capsule
generation through a config file, instead of passing them through
command-line. Parameters for more than a single capsule file can be
specified, resulting in generation of multiple capsules through a
single invocation of the command.
The config file can then be passed to the mkeficapsule tool in such
manner
$ ./tools/mkeficapsule -f
Signed-off-by: Sughosh Ganu
---
tools/Kconfig | 15 ++
tools/Makefile | 1 +
tools/eficapsule.h | 114
tools/mkeficapsule.c | 87 +
tools/mkeficapsule_parse.c | 352 +
5 files changed, 538 insertions(+), 31 deletions(-)
create mode 100644 tools/mkeficapsule_parse.c
diff --git a/tools/Kconfig b/tools/Kconfig
index 6e23f44d55..9408b60fac 100644
--- a/tools/Kconfig
+++ b/tools/Kconfig
@@ -98,6 +98,21 @@ config TOOLS_MKEFICAPSULE
optionally sign that file. If you want to enable UEFI capsule
update feature on your target, you certainly need this.
+config EFI_CAPSULE_CFG_FILE
+ string "Path to the EFI Capsule Config File"
+ help
+ Path to the EFI capsule config file which provides the
+ parameters needed to build capsule(s). Parameters can be
+ provided for multiple payloads resulting in corresponding
+ capsule images being generated.
+
+config EFI_USE_CAPSULE_CFG_FILE
+ bool "Use the config file for generating capsules"
+ help
+ Boolean option used to specify if the EFI capsules are to
+ be generated through parameters specified via the config
+ file or through command line.
+
menuconfig FSPI_CONF_HEADER
bool "FlexSPI Header Configuration"
help
diff --git a/tools/Makefile b/tools/Makefile
index 1aa1e36137..ce7217e623 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -251,6 +251,7 @@ HOSTLDLIBS_mkeficapsule += \
HOSTLDLIBS_mkeficapsule += \
$(shell pkg-config --libs uuid 2> /dev/null || echo "-luuid")
hostprogs-$(CONFIG_TOOLS_MKEFICAPSULE) += mkeficapsule
+mkeficapsule-objs := mkeficapsule.o mkeficapsule_parse.o
mkfwumdata-objs := mkfwumdata.o generated/lib/crc32.o
HOSTLDLIBS_mkfwumdata += -luuid
diff --git a/tools/eficapsule.h b/tools/eficapsule.h
index 6efd07d2eb..71a08b62e6 100644
--- a/tools/eficapsule.h
+++ b/tools/eficapsule.h
@@ -54,6 +54,12 @@ typedef struct {
/* flags */
#define CAPSULE_FLAGS_PERSIST_ACROSS_RESET 0x0001
+enum capsule_type {
+ CAPSULE_NORMAL_BLOB = 0,
+ CAPSULE_ACCEPT,
+ CAPSULE_REVERT,
+};
+
struct efi_capsule_header {
efi_guid_t capsule_guid;
uint32_t header_size;
@@ -145,4 +151,112 @@ struct fmp_payload_header_params {
uint32_t fw_version;
};
+/**
+ * struct efi_capsule_params - Capsule parameters
+ * @image_guid: Guid value of the payload input image
+ * @image_index: Image index value
+ * @hardware_instance: Hardware instance to be used for the image
+ * @fmp: FMP payload header used for storing firmware version
+ * @monotonic_count: Monotonic count value to be used for signed capsule
+ * @privkey_file: Path to private key used in capsule signing
+ * @cert_file: Path to public key certificate used in capsule signing
+ * @input_file: Path to payload input image
+ * @capsule_file: Path to the output capsule file
+ * @oemflags: Oemflags to be populated in the capsule header
+ * @capsule: Capsule Type, normal or accept or revert
+ */
+struct efi_capsule_params {
+ efi_guid_t *image_guid;
+ unsigned long image_index;
+ unsigned long hardware_instance;
+ struct fmp_payload_header_params fmp;
+ uint64_t monotonic_count;
+ char *privkey_file;
+ char *cert_file;
+ char *input_file;
+ char *capsule_file;
+ unsigned long oemflags;
+ enum capsule_type capsule;
+};
+
+/**
+ * capsule_with_cfg_file() - Generate capsule from config file
+ * @cfg_file: Path to the config file
+ *
+ * Parse the capsule parameters from the config file and use the
+ * parameters for generating one or more capsules.
+ *
+ * Return: None
+ *
+ */
+void capsule_with_cfg_file(const char *cfg_file);
+
+/**
+ * convert_uuid_to_guid() - convert UUID to GUID
+ * @buf: UUID binary
+ *
+ * UUID and GUID have the same data structure, but their binary
+ * formats are different due to the endianness. See lib/uuid.c.
+ * Since uuid_parse() can handle only UUID, this function must
+ * be called to get correct data for GUID when parsing a string.
+ *
+ * The correct data will be returned in @buf.
+ */
+void convert_uuid_to_guid(unsigned char *buf);
+
+/**
+ * create_empty_capsule() - Generate an empty capsule
+ * @path: Path to the empty capsule file to be generated
+ * @guid: Guid value of the image for which empty capsule is generated
+ * @fw_accept: Flag to specify whether to generate accept or revert capsule
+ *
+ * Generate an
[PATCH 4/4] test: capsule: Generate capsules through config file
Add logic to generate capsules through a config file while testing the
EFI capsule update functionality. Capsule generation through config
file is enabled on the sandbox variant.
Signed-off-by: Sughosh Ganu
---
test/py/tests/test_efi_capsule/capsule_gen_binman.dts | 2 ++
test/py/tests/test_efi_capsule/conftest.py| 7 +++
2 files changed, 9 insertions(+)
diff --git a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
index e8a1858509..c4e9ebac46 100644
--- a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
+++ b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
@@ -54,6 +54,7 @@
};
};
+#if !defined(CONFIG_EFI_USE_CAPSULE_CFG_FILE)
capsule1 {
filename = "Test01";
efi-capsule {
@@ -319,3 +320,4 @@
};
};
};
+#endif /* CONFIG_EFI_USE_CAPSULE_CFG_FILE */
diff --git a/test/py/tests/test_efi_capsule/conftest.py
b/test/py/tests/test_efi_capsule/conftest.py
index dd41da9284..d3702180ef 100644
--- a/test/py/tests/test_efi_capsule/conftest.py
+++ b/test/py/tests/test_efi_capsule/conftest.py
@@ -87,6 +87,13 @@ def efi_capsule_data(request, u_boot_config):
% (u_boot_config.source_dir, u_boot_config.build_dir,
data_dir, data_dir, data_dir), shell=True)
os.environ['PYTHONPATH'] = pythonpath
+capsule_cfg_file_gen =
u_boot_config.buildconfig.get('config_efi_use_capsule_cfg_file')
+if capsule_cfg_file_gen:
+cfg_file = u_boot_config.source_dir + '/' +
u_boot_config.buildconfig.get('config_efi_capsule_cfg_file')[1:-1]
+check_call('cd %s; '
+ '%s/tools/mkeficapsule -f %s'
+ % (data_dir, u_boot_config.build_dir, cfg_file),
shell=True)
+
# Create a disk image with EFI system partition
check_call('virt-make-fs --partition=gpt --size=+1M --type=vfat %s %s'
%
(mnt_point, image_path), shell=True)
--
2.34.1
[PATCH 3/4] sandbox: capsule: Add a config file for generating capsules
Support has been added to the mkeficapsule tool to generate capsules
by parsing the capsule parameters through a config file. Add a config
file for generating capsules. These capsules will be used for testing
the capsule update feature on sandbox platform.
Enable generation of capsules through the config file on the sandbox
variant.
Signed-off-by: Sughosh Ganu
---
configs/sandbox_defconfig | 2 +
.../test_efi_capsule/sandbox_capsule_cfg.txt | 162 ++
2 files changed, 164 insertions(+)
create mode 100644 test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index bc5bcb2a62..f42e01e100 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -344,6 +344,8 @@ CONFIG_EFI_CAPSULE_ON_DISK=y
CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_EFI_CAPSULE_AUTHENTICATE=y
CONFIG_EFI_CAPSULE_ESL_FILE="board/sandbox/capsule_pub_esl_good.esl"
+CONFIG_EFI_CAPSULE_CFG_FILE="test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt"
+CONFIG_EFI_USE_CAPSULE_CFG_FILE=y
CONFIG_EFI_SECURE_BOOT=y
CONFIG_TEST_FDTDEC=y
CONFIG_UNIT_TEST=y
diff --git a/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
b/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
new file mode 100644
index 00..2897c1904e
--- /dev/null
+++ b/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt
@@ -0,0 +1,162 @@
+{
+ image-index: 1
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test01
+}
+{
+ image-index: 2
+ image-guid: 5A7021F5-FEF2-48B4-AABA-832E777418C0
+ payload: u-boot.env.new
+ capsule: Test02
+}
+{
+ image-index: 1
+ image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4
+ payload: u-boot.bin.new
+ capsule: Test03
+
+}
+{
+ image-index: 1
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test04
+
+}
+{
+ image-index: 1
+ image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4
+ payload: u-boot_bin_env.itb
+ capsule: Test05
+
+}
+{
+ image-index: 1
+ image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4
+ payload: u-boot_bin_env.itb
+ capsule: Test05
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test11
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ private-key: SIGNER2.key
+ pub-key-cert: SIGNER2.crt
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test12
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test13
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ private-key: SIGNER2.key
+ pub-key-cert: SIGNER2.crt
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test14
+}
+{
+ image-index: 1
+ fw-version: 5
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test101
+}
+{
+ image-index: 2
+ fw-version: 10
+ image-guid: 5A7021F5-FEF2-48B4-AABA-832E777418C0
+ payload: u-boot.env.new
+ capsule: Test102
+}
+{
+ image-index: 1
+ fw-version: 2
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test103
+
+}
+{
+ image-index: 1
+ fw-version: 5
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test104
+}
+{
+ image-index: 1
+ fw-version: 2
+ image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937
+ payload: u-boot_bin_env.itb
+ capsule: Test105
+
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ fw-version: 5
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test111
+}
+{
+ image-index: 2
+ monotonic-count: 1
+ fw-version: 10
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 5A7021F5-FEF2-48B4-AABA-832E777418C0
+ payload: u-boot.env.new
+ capsule: Test112
+}
+{
+ image-index: 1
+ monotonic-count: 1
+ fw-version: 2
+ private-key: SIGNER.key
+ pub-key-cert: SIGNER.crt
+ image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8
+ payload: u-boot.bin.new
+ capsule: Test113
+}
+{
+ image-index: 1
+ fw-version: 5
+ monotonic-count: 1
+ private-key: SIGNER.key
+ pub-
