From patchwork Thu Nov 25 07:13:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 519378 Delivered-To: patch@linaro.org Received: by 2002:ac0:c605:0:0:0:0:0 with SMTP id p5csp369393imj; Wed, 24 Nov 2021 23:15:18 -0800 (PST) X-Google-Smtp-Source: ABdhPJw9y21FfgwcfogxnabhKNditqWVH9jBydKLPMwURi3MtSQW741Q2F5xDJkaiPtgTc65gMGc X-Received: by 2002:a17:906:fb17:: with SMTP id lz23mr28397278ejb.149.1637824518788; Wed, 24 Nov 2021 23:15:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1637824518; cv=none; d=google.com; s=arc-20160816; b=fg8b4J+hXxxK5L+Zt158NIWjnfQFc4rCjQnOb2RocevUwUgKEr+C0fBXpzqldLYGB+ /CUa2JKDeNZTzpmhsXU/jI5+rhu3JFpr6ic/ZDY2jQ4/MECyordcJKhBk76jZGssBSXn s69szfiLxFU35qxsL+3c7vKW2LifWZmrhE/jxwOT0pc4iyqFetyAPpAWumxHUlSGDoKJ Ios0KW5YgHGMgGU183BaxbPDgAM0RLfR+evwHTdPmG78/FqesDoB6upuDWODPgogUMv6 AMRljcm2vlVLYWZ8Qiw7WQEYQ/fKrHcSphUHuXL8zfv3y7RxYAnkv9rpqa3XLAhXOIgb p0dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from; bh=swvIVnvNdBrih5Q6pN4DnU9FHMRBqy9fPLoQAt/aHYQ=; b=qAI+ESElSxood0VCp0BiGrklOlu/YJR8h1CG0u4JRZqIVmmicy7PzTqhIH356E5HtC qkwXU4sXZC7CUHxGkBE/UbLNP+TgT5nhnBTcO1Szn55gbT4JHcRT3vdImbVZHUtdlMlU HEYX8DFVBdQg7kz8zNsVrn5FgQbFHI9NlQzrzLEnujRK5H8ZPr+XYASdyWQqjJm4xA9p SPkP6ZPGnCUfWwID0uTlP5LGfHVhKrVeNygtsxYMn7UI/+1RDyZlxIcwnxbcidHhYyYy 2B0w4Qg4/f3lVb+3GO3gUQk1bPZUmMLwvl42VbHATWjx3YxK6JjbZLFwdQc6HVi7il9P NzgA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id js16si6858174ejc.242.2021.11.24.23.15.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 23:15:18 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 18923836DC; Thu, 25 Nov 2021 08:14:31 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 2D5A583773; Thu, 25 Nov 2021 08:14:10 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id BD6D88373E for ; Thu, 25 Nov 2021 08:14:02 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 161B21570; Wed, 24 Nov 2021 23:14:02 -0800 (PST) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4F3543F5A1; Wed, 24 Nov 2021 23:13:58 -0800 (PST) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Patrick Delaunay , Patrice Chotard , Heinrich Schuchardt , Alexander Graf , Simon Glass , Bin Meng , Peng Fan , AKASHI Takahiro , Ilias Apalodimas , Jose Marinho , Grant Likely , Jason Liu , Sughosh Ganu Subject: [RESEND RFC PATCH 08/10] FWU: Add boot time checks as highlighted by the FWU specification Date: Thu, 25 Nov 2021 12:43:00 +0530 Message-Id: <20211125071302.3644-9-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211125071302.3644-1-sughosh.ganu@linaro.org> References: <20211125071302.3644-1-sughosh.ganu@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.37 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean The FWU Multi Bank Update specification requires the Update Agent to carry out certain checks at the time of platform boot. The Update Agent is the component which is responsible for updating the firmware components and maintaining and keeping the metadata in sync. The spec requires that the Update Agent perform the following checks at the time of boot * Sanity check of both the metadata copies maintained by the platform. * Get the boot index passed to U-Boot by the prior stage bootloader and use this value for metadata bookkeeping. * Check if the system is booting in Trial State. If the system boots in the Trial State for more than a specified number of boot counts, change the Active Bank to be booting the platform from. Add these checks in the board initialisation sequence, invoked after relocation. Signed-off-by: Sughosh Ganu --- common/board_r.c | 6 ++ include/fwu_metadata.h | 1 + lib/fwu_updates/fwu.c | 143 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 150 insertions(+) create mode 100644 lib/fwu_updates/fwu.c diff --git a/common/board_r.c b/common/board_r.c index 31a59c585a..01ccce2cca 100644 --- a/common/board_r.c +++ b/common/board_r.c @@ -78,6 +78,9 @@ #ifdef CONFIG_EFI_SETUP_EARLY #include #endif +#ifdef CONFIG_FWU_MULTI_BANK_UPDATE +#include +#endif DECLARE_GLOBAL_DATA_PTR; @@ -805,6 +808,9 @@ static init_fnc_t init_sequence_r[] = { #endif #ifdef CONFIG_EFI_SETUP_EARLY (init_fnc_t)efi_init_obj_list, +#endif +#ifdef CONFIG_FWU_MULTI_BANK_UPDATE + fwu_boottime_checks, #endif run_main_loop, }; diff --git a/include/fwu_metadata.h b/include/fwu_metadata.h index 44f06f4c6a..02897f33a8 100644 --- a/include/fwu_metadata.h +++ b/include/fwu_metadata.h @@ -125,5 +125,6 @@ int fwu_get_metadata(struct fwu_metadata **metadata); int fwu_plat_get_update_index(u32 *update_idx); int fwu_plat_get_blk_desc(struct blk_desc **desc); void fwu_plat_get_bootidx(void *boot_idx); +int fwu_boottime_checks(void); #endif /* _FWU_METADATA_H_ */ diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c new file mode 100644 index 0000000000..2e1904b912 --- /dev/null +++ b/lib/fwu_updates/fwu.c @@ -0,0 +1,143 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2021, Linaro Limited + */ + +#include +#include +#include +#include +#include + +#include +#include + +static int fwu_trial_state_check(void) +{ + int ret, i; + u8 trial_state; + efi_status_t status; + efi_uintn_t var_size; + u16 trial_state_ctr; + u32 nimages, active_bank, var_attributes, active_idx; + struct fwu_metadata *metadata; + struct fwu_image_entry *img_entry; + struct fwu_image_bank_info *img_bank_info; + + ret = fwu_get_metadata(&metadata); + if (ret < 0) + return ret; + + trial_state = ret = 0; + nimages = CONFIG_FWU_NUM_IMAGES_PER_BANK; + active_bank = metadata->active_index; + img_entry = &metadata->img_entry[0]; + for (i = 0; i < nimages; i++) { + img_bank_info = &img_entry[i].img_bank_info[active_bank]; + if (!img_bank_info->accepted) { + trial_state = 1; + break; + } + } + + if (trial_state) { + var_size = (efi_uintn_t)sizeof(trial_state_ctr); + log_info("System booting in Trial State\n"); + var_attributes = EFI_VARIABLE_NON_VOLATILE | + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS, + status = efi_get_variable_int(L"TrialStateCtr", + &efi_global_variable_guid, + &var_attributes, + &var_size, &trial_state_ctr, + NULL); + if (status != EFI_SUCCESS) { + log_err("Unable to read TrialStateCtr variable\n"); + ret = -1; + goto out; + } + + ++trial_state_ctr; + if (trial_state_ctr > CONFIG_FWU_TRIAL_STATE_CNT) { + log_info("Trial State count exceeded. Revert back to previous_active_index\n"); + trial_state_ctr = 0; + status = efi_set_variable_int(L"TrialStateCtr", + &efi_global_variable_guid, + var_attributes, + var_size, + &trial_state_ctr, false); + if (status != EFI_SUCCESS) { + log_err("Unable to clear TrialStateCtr variable\n"); + ret = -1; + goto out; + } + + active_idx = metadata->active_index; + ret = fwu_revert_boot_index(&active_idx); + if (ret < 0) { + log_err("Unable to revert active_index\n"); + goto out; + } + } else { + status = efi_set_variable_int(L"TrialStateCtr", + &efi_global_variable_guid, + var_attributes, + var_size, + &trial_state_ctr, false); + if (status != EFI_SUCCESS) { + log_err("Unable to increment TrialStateCtr variable\n"); + ret = -1; + goto out; + } else { + ret = 0; + } + } + } + +out: + free(metadata); + return ret; +} + +int fwu_boottime_checks(void) +{ + int ret; + u32 boot_idx, active_idx; + + ret = fwu_metadata_check(); + if (ret < 0) + return ret; + + /* + * Get the Boot Index, i.e. the bank from + * which the platform has booted. This value + * gets passed from the ealier stage bootloader + * which booted u-boot, e.g. tf-a. If the + * boot index is not the same as the + * active_index read from the metadata, + * update the active_index. + */ + fwu_plat_get_bootidx(&boot_idx); + if (boot_idx >= CONFIG_FWU_NUM_BANKS) + return -EINVAL; + + ret = fwu_get_active_index(&active_idx); + if (ret < 0) + return ret; + + if (boot_idx != active_idx) { + log_info("Boot idx %u is not matching active idx %u, changing active_idx\n", + boot_idx, active_idx); + ret = fwu_update_active_index(boot_idx); + if (ret < 0) + return ret; + else + return 0; + } + + ret = fwu_trial_state_check(); + if (ret < 0) + return ret; + + return 0; +}