Hi, I decided to add tools/mkfwumdata tool to make a raw image of fwu_mdata for initialization. So this patch will be dropped from next version.
Thank you, 2022年2月18日(金) 0:12 Masami Hiramatsu <[email protected]>: > > Since the FWU metadata is not initialized at the installation, > if it is broken, it should be initialized. Usually, the FWU > metadata is not covered by capsule update, so it is safe to > initialize the metadata portion if it seems broken. > > But for the production device, usually firmware will be installed > with initialized metadata, and the broken metadata means the > device can be compromized. In that case, build U-Boot without > this option. > > Signed-off-by: Masami Hiramatsu <[email protected]> > --- > board/socionext/developerbox/Kconfig | 12 ++++++ > board/socionext/developerbox/fwu_plat.c | 60 > +++++++++++++++++++++++++++++++ > 2 files changed, 72 insertions(+) > > diff --git a/board/socionext/developerbox/Kconfig > b/board/socionext/developerbox/Kconfig > index 4120098cab..9fbe8d1e74 100644 > --- a/board/socionext/developerbox/Kconfig > +++ b/board/socionext/developerbox/Kconfig > @@ -44,4 +44,16 @@ config FWU_NUM_BANKS > config FWU_NUM_IMAGES_PER_BANK > default 1 > > +config FWU_INIT_BROKEN_METADATA > + bool "Initialize FWU metadata if broken" > + select BOARD_LATE_INIT > + default n > + help > + Initialize FWU metadata if the metadata is broken. > + This option is only for the development environment, since if the > + metadata is broken, it means someone may compromize it. In that case > + the production device must be bricked. > + But for the development environment, or initial installation of the > + FWU multi-bank update firmware, this will be useful. > + > endif > diff --git a/board/socionext/developerbox/fwu_plat.c > b/board/socionext/developerbox/fwu_plat.c > index cbbbd58bc0..1892f79660 100644 > --- a/board/socionext/developerbox/fwu_plat.c > +++ b/board/socionext/developerbox/fwu_plat.c > @@ -176,3 +176,63 @@ void fwu_plat_get_bootidx(void *boot_idx) > else > *bootidx = devbox_plat_metadata->boot_index; > } > + > +#ifdef CONFIG_FWU_INIT_BROKEN_METADATA > + > +static void devbox_init_fwu_mdata(void) > +{ > + const efi_guid_t null_guid = NULL_GUID; > + struct fwu_image_bank_info *bank; > + struct fwu_mdata *metadata; > + int i, j, ret; > + > + metadata = memalign(ARCH_DMA_MINALIGN, sizeof(*metadata)); > + if (!metadata) { > + log_err("Failed to allocate initial metadata.\n"); > + return; > + } > + > + metadata->version = 1; > + metadata->active_index = 0; > + metadata->previous_active_index = 0; > + > + /* > + * Since the DeveloperBox doesn't use GPT, both of > + * fwu_image_entry::location_uuid and > + * fwu_img_bank_info::image_uuid are null GUID. > + */ > + for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { > + guidcpy(&metadata->img_entry[i].image_type_uuid, > + &devbox_fip_image_type_guid); > + guidcpy(&metadata->img_entry[i].location_uuid, > + &null_guid); > + bank = metadata->img_entry[i].img_bank_info; > + > + for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) { > + guidcpy(&bank[j].image_uuid, &null_guid); > + bank[j].accepted = (j == 0) ? 1 : 0; > + bank[j].reserved = 0; > + } > + } > + > + ret = fwu_update_mdata(metadata); > + if (ret < 0) > + log_err("Failed to initialize FWU metadata\n"); > + else > + log_err("Initialized FWU metadata\n"); > + free(metadata); > +} > + > +int board_late_init(void) > +{ > + struct fwu_mdata *metadata; > + > + if (fwu_get_mdata(&metadata) < 0) { > + // Initialize FWU metadata if broken > + log_err("Unable to get a valid metadata. Initialize it.\n"); > + devbox_init_fwu_mdata(); > + } > + return 0; > +} > + > +#endif > -- Masami Hiramatsu
