From patchwork Fri Apr 1 19:17:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 555584 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1248:0:0:0:0 with SMTP id z8csp1820407mag; Fri, 1 Apr 2022 12:18:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwCGRBJNQhBkkQ4bXsSAms7ANMCnvaX2a25EOMA+Xz8LDlcE9LYxkcbr++WN4AA5Mn6VX7f X-Received: by 2002:a05:6402:430d:b0:419:45cd:7ab1 with SMTP id m13-20020a056402430d00b0041945cd7ab1mr22017990edc.367.1648840716395; Fri, 01 Apr 2022 12:18:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648840716; cv=none; d=google.com; s=arc-20160816; b=S8V6f7ss5D1gBXS/hbotg1gjKApPSpHKnczb0I7OhF0vNzA7uOH9ofwVGIKDEgtbZT umfqWuutCGDoCb1nMBAj1ft6t0hKV055xhGD/Y36Rp/Rem+SBFc4YjzW33xe9Ooe+xjq rzsLyt6H0byKqKVmbtbHZIJ+lkAVseZgMS3OF9OAzf9o1oMqCSzgms6h0pmCALmjOOC4 7al0vEJOEwr2AeDOOwf+o+WXbytc9Ck7MX3z4C3LBXcXwj8/DZJOlaZSRiL8gN1Pr+Gx gqwlpxjItywFocOi9vIX8yjLNsYrGG2Tme54QUr0bIEjugxTqPLlsKJ8vfU/45dJyqtA f/Mg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from; bh=ji9exmAijWY/qYJ498GRKBQKgeCf/nLJNSh6kpInqQE=; b=QX7h4aHO5Pdi/VIwEtr4FpEzZQnlEfMaRWYWm9oxfFZF8Bf3jWZ7Zghr5dk93v2qjB LHqF9/TB5SnAgOcdtyLkWXjlkK+xvOQzZxE1oa21LNAdMoe+GoTKpyuqTC0QvWjgoX9c jCoRtPzM2bX+8LHrdQ7cQyDYSvVS3yh1xUGpU1/4/NkFn3JzWOVypE2tQdBu3iiRD0MJ C4UPUgmYte5JdSRjR97v1rTMKZEVXzUAbB2UHhzInqznGpnV42JVE+DKulHgoHJgHomV zr2QFNUUylHxf5gIhY9M6C1WmfjbPLCgayAMfElWjXTkzmPIEhN5ZPDwjyUg3mef2dXE tkXg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id b10-20020a056402350a00b00418c2b5bd3fsi2692606edd.33.2022.04.01.12.18.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Apr 2022 12:18:36 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 374CD84319; Fri, 1 Apr 2022 21:18:29 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 7BBFB8431E; Fri, 1 Apr 2022 21:18:27 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 8780E84305 for ; Fri, 1 Apr 2022 21:18:22 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C23D611FB; Fri, 1 Apr 2022 12:18:21 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 044EB3F73B; Fri, 1 Apr 2022 12:18:17 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , AKASHI Takahiro , Ying-Chun Liu , Tuomas Tynkkynen , Heiko Thiery , Frieder Schrempf , Michael Walle , Masami Hiramatsu , Jassi Brar , Michal Simek , Michal Simek Subject: [PATCH v5 0/8] efi: capsule: Capsule Update fixes and enhancements Date: Sat, 2 Apr 2022 00:47:51 +0530 Message-Id: <20220401191759.1670812-1-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean This series is cleaning up the usage of the image GUIDs that are used in capsule update and the EFI System Resource Table(ESRT). There are some other enhancements being made to the capsule update code to make it more robust. Firstly, an overview of the fixes being made. Currently, there are two instances of the Firmware Management Protocol(FMP), one defined for updating the FIT images, and the other for updating raw images. The FMP code defines two GUID values, one for all FIT images, and one for raw images. Depending on the FMP instance used on a platform, the platform needs to use the corresponding image GUID value for all images on the platform, and also across platforms. A few issues are being fixed through the patch series. One, that an image for a different platform can be flashed on another platform if both the platforms are using the same FMP instance. So, for e.g. a capsule generated for the Socionext DeveloperBox platform can be flashed on the ZynqMP platform, since both the platforms use the CONFIG_EFI_CAPSULE_FIRMWARE_RAW instance of the FMP. This can be corrected if each firmware image that can be updated through the capsule update mechanism has it's own unique image GUID. The second issue that this patch series fixes is the value of FwClass in the ESRT. With the current logic, all firmware image entries in the ESRT display the same GUID value -- either the FIT GUID or the raw GUID. This is not in compliance with the UEFI specification, as the specification requires all entries to have unique GUID values. The third issue being fixed is the population of the EFI_FIRMWARE_IMAGE_DESCRIPTOR array. The current code uses the dfu framework for populating the image descriptor array. However, there might be other images that are not to be updated through the capsule update mechanism also registered with the dfu framework. As a result of this, the ESRT will show up entries of images that are not to be targeted by the capsule update mechanism. These issues are being fixed by defining a structure, efi_fw_images. A platform can then define image related information like the image GUID and image name. Every platform that uses capsule update mechanism needs to define fw_images array. This array will then be used to populate the image descriptor array, and also in determining if a particular capsule's payload can be used for updating an image on the platform. The other part of the patches are some enhancements being made to the capsule update code to make it more robust. The first enhancement being made is to have a check for the image index being passed through the capsule header. The capsule update code uses the image index value as the dfu alt number, which points to the partition to which the update must be made. The platform is supposed to define the image index value for the updatable firmare images as part of the fw_images array. This value must correspond to the dfu alt num for the corresponding image, and can be obtained by checking the output of the 'dfu list' u-boot command. At the time of update, the image index being passed through the capsule is checked against the image index value obtained from the platform. The second enhancement made is the retrieval of the dfu_alt_info variable from the set_dfu_alt_info function instead of using the value defined in the environment. The dfu framework checks for the existence of this function, and if the function is not defined, gets the value from the environment. This can cause in an incorrect update if the environment variable value is incorrect. A weak function is defined for populating dfu_alt_info from the information obtained from the platform. This function gets invoked on all platforms which enabled capsule update feature. The first patch adds the structure efi_capsule_update_info and initialises the structure on all platforms which enable capsule update feature The second patch populates the image descriptor array in the GetImageInfo function with the values from the fw_images array defined in the board file The third patch adds a check for the image index value from the capsule header against the value obtained from the fw_images array for the corresponding image The fourth patch defines a weak function set_dfu_alt_info which is used to populate dfu_alt_info to be used for capsule updates. The fifth patch splits the capsule update test script into two, one for FMP for raw images, and one for FMP for FIT images. The test for FIT images is being enabled on the sandbox_flattree variant. The sixth patch removes the now unused FIT and raw image GUID values from the FMP module. The seventh patch removes the --raw and --fit command line parameters in the mkeficapsule utility. The eighth patch makes corresponding changes in the capsule update related documentation. Changes since V4: ----------------- * Define a structure efi_capsule_update_info which includes the string for populating dfu_alt_info * Initialise the string for dfu_alt_info in the board file * Drop the image_count variable as was suggested by Ilias * Drop another unused variable names_len * Define a weak function set_dfu_alt_info for setting the variable in a non board specific file as suggested by Ilias * Drop the definitions of set_dfu_alt_info that were being added in the board files * Change the description of the platform data based on the changes made in earlier patches Changes since V3: ----------------- * Do not remove the existing dfu_alt_info definitions made by platforms in the config files, as discussed with Masami. * Squash the selection of the SET_DFU_ALT_INFO config symbol for capsule update feature as part of this patch. * Rephrase the commit message to indicate that the doc changes are not just limited to adding the GUID values, but other info as well. * Elaborate with an example on the relation between the dfu alt number and the image index Changes since V2: ----------------- * Add a new member image_index to the struct efi_fw_images to allow the platforms to define the values for images. * Address review comments from Michal Simek for the xilinx boards. * Fix double inclusion of efi_loader.h as was pointed out by Heiko Thiery. * Use the image index values defined in the platform's fw_images array for the image descriptors * Add a description for adding image index value and definition of set_dfu_alt_info function for the capsule updates. Changes since V1: ----------------- * Make changes for the xilinx boards as suggested by Michal Simek. * Add a GUID for the sandbox FIT image. * Split the capsule update test cases into two scripts, one for raw images and one for FIT images. * Add the capsule update test case for FIT images on sandbox64 and sandbox_flattree variants. * Add capsule update support on sandbox_flattree variant for enabling FIT capsule update testing as part of the python tests Sughosh Ganu (8): capsule: board: Add information needed for capsule updates capsule: FMP: Populate the image descriptor array from platform data capsule: Put a check for image index before the update efi: Define set_dfu_alt_info() for boards with UEFI capsule update enabled test: capsule: Modify the capsule tests to use GUID values for sandbox FMP: Remove GUIDs for FIT and raw images mkeficapsule: Remove raw and FIT GUID types doc: uefi: Update the capsule update related documentation .../imx8mp_rsb3720a1/imx8mp_rsb3720a1.c | 25 +++ .../imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c | 24 +++ board/emulation/qemu-arm/qemu-arm.c | 24 +++ board/kontron/pitx_imx8m/pitx_imx8m.c | 21 +- board/kontron/sl-mx8mm/sl-mx8mm.c | 20 ++ board/kontron/sl28/sl28.c | 21 ++ board/sandbox/sandbox.c | 34 ++++ board/socionext/developerbox/developerbox.c | 33 ++++ board/xilinx/common/board.c | 28 +++ configs/sandbox64_defconfig | 1 - configs/sandbox_defconfig | 1 - configs/sandbox_flattree_defconfig | 5 + doc/develop/uefi/uefi.rst | 51 ++++- include/configs/imx8mm-cl-iot-gate.h | 10 + include/configs/imx8mp_rsb3720.h | 10 + include/configs/kontron-sl-mx8mm.h | 6 + include/configs/kontron_pitx_imx8m.h | 6 + include/configs/kontron_sl28.h | 6 + include/configs/qemu-arm.h | 10 + include/configs/sandbox.h | 14 ++ include/configs/synquacer.h | 14 ++ include/configs/xilinx_versal.h | 6 + include/configs/xilinx_zynqmp.h | 10 + include/configs/zynq-common.h | 10 + include/efi_api.h | 8 - include/efi_loader.h | 36 ++++ lib/efi_loader/Kconfig | 2 + lib/efi_loader/efi_capsule.c | 8 +- lib/efi_loader/efi_firmware.c | 122 +++++------- test/py/tests/test_efi_capsule/conftest.py | 21 +- .../test_capsule_firmware_fit.py | 186 ++++++++++++++++++ ...rmware.py => test_capsule_firmware_raw.py} | 159 +++++---------- tools/eficapsule.h | 8 - tools/mkeficapsule.c | 26 +-- 34 files changed, 733 insertions(+), 233 deletions(-) create mode 100644 test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py rename test/py/tests/test_efi_capsule/{test_capsule_firmware.py => test_capsule_firmware_raw.py} (75%)