From patchwork Wed Sep 28 09:29:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 610068 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp139402pvb; Wed, 28 Sep 2022 02:30:35 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4t8UCdbc152EbzlAdtfS+cCrSvM15/JZpvtOrspERikSzYfZGa0mjZ6dTPm9sX/q8vk27l X-Received: by 2002:a17:907:1691:b0:781:ebe3:9dd with SMTP id hc17-20020a170907169100b00781ebe309ddmr26412772ejc.350.1664357434887; Wed, 28 Sep 2022 02:30:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664357434; cv=none; d=google.com; s=arc-20160816; b=iMPuM7agyPl/rfHilDmDHezRI2JZ3pRKIqmkyzv+bfZuZhhKXTEIJMBTXMBtZ80JB2 7CThjr4m3zFfJkFG/Dw7qunQqaU0d5xfHUBXhsAjFtTowYyfjREQybjJkajcxLse0i99 R9FTE4Pm/LznKeCZrt5UJcfG3Im6YUVMsI9oDInpMHx0ElrPZkWQJ/T0su9ODucb7jH8 4yooFCs61S905D1a7kEiAt6yQCUDe+2NDTnKNBsb1k0wYzcxwIvuUAV1PfsYBoYFdblN QxpfXrj/MkXBUz/c5ChB89DF1uHEQ4roFhCej+dXPVqlvwqvE6dMG6bg7va/G3EbLqwE KkUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from; bh=IzRBbCAYR0bqdihZUg6uz1p1yb38JEIzzScWjrBWVRk=; b=0cE7+sd4fv81itQfdj+v3Yd30hpZMerxZ0v2xmJ/SVsTS8oLHqqDpsbpU9tme/JEYy utQNYJsGqR/oZzB13r+/M6q0ZyfX6H0/n70lCxdPoLhPFo9xy9K2DtDVM12jGJd2y7jY 6gqJKzsOE0bmwdLQQ05fx3IyHO9AJgZ7mrY3KuD9dnfR2OJ6NvuXxwXUIuiArrrVuMKx kxX+on9sV+1yXVXT2iiUco9YJxxEflu5zhQUqSmIRcVFvIFM8OkaeCDS89HC3vne9Bde Y28xV471nnIq0iNmqtRcXjUIRTeqskVI9N++vg8XiStOLWDyAvz7j6qnBnWwU25zA6GG zyBQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id cr10-20020a056402222a00b004570efdae48si3629060edb.340.2022.09.28.02.30.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Sep 2022 02:30:34 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 12A5E82A33; Wed, 28 Sep 2022 11:30:31 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id F318884601; Wed, 28 Sep 2022 11:30:28 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id EB57284B8C for ; Wed, 28 Sep 2022 11:30:23 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E9C0320E3; Wed, 28 Sep 2022 02:30:29 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 0322C3F792; Wed, 28 Sep 2022 02:30:19 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Patrick Delaunay , Patrice Chotard , Simon Glass , Bin Meng , Tom Rini , Etienne Carriere , Michal Simek , Jassi Brar Subject: [PATCH v11 00/15] FWU: Add FWU Multi Bank Update feature support Date: Wed, 28 Sep 2022 14:59:41 +0530 Message-Id: <20220928092956.2535777-1-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean The patchset adds support for the FWU Multi Bank Update[1] feature. Certain aspects of the Dependable Boot[2] specification have also been implemented. The FWU multi bank update feature is used for supporting multiple sets(also called banks) of firmware image(s), allowing the platform to boot from a different bank, in case it fails to boot from the active bank. This functionality is supported by keeping the relevant information in a structure called metadata, which provides information on the images. Among other parameters, the metadata structure contains information on the currect active bank that is being used to boot image(s). Functionality is being added to work with the UEFI capsule driver in u-boot. The metadata is read to gather information on the update bank, which is the bank to which the firmware images would be flashed to. On a successful completion of the update of all components, the active bank field in the metadata is updated, to reflect the bank from which the platform will boot on the subsequent boots. Currently, the feature is being enabled on the STM32MP157C-DK2 and Synquacer boards. The DK2 board boots a FIP image from a uSD card partitioned with the GPT partioning scheme, while the Synquacer board boots a FIP image from a MTD partitioned SPI NOR flash device. This feature also requires changes in a previous stage of bootloader, which parses the metadata and selects the bank to boot the image(s) from. Support has being added in tf-a(BL2 stage) for the STM32MP157C-DK2 board to boot the active bank images. These changes have been merged to the upstream tf-a repository. The patch for adding a python test for the feature has been developed, and was sent in the version 5 of the patches[3]. However, the test script depends on adding support for the feature on MTD SPI NOR devices, and that is being done as part of the Synquacer patches. Hence these set of patches do not have the test script for the feature. That will be added through the patches for adding support for the feauture on Synquacer platform. [1] - https://developer.arm.com/documentation/den0118/a [2] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf [3] - https://lists.denx.de/pipermail/u-boot/2022-June/485992.html Changes since V10: * s/fwu_update_active_index/fwu_set_active_index as per comment from Jassi * Change the argument type of fwu_set_active_index() to uint from u32 as per comment from Jassi * s/mdata_check/check_mdata as per comment from Jassi * Fix the typo in the function comment of fwu_mdata_check() * Use array for storing the metadata partition numbers as suggested by Ilias * Skip a couple of goto's in gpt_check_mdata_validity() as suggested by Ilias * Have the FWU_MDATA_GPT_BLK config symbol depend on FWU_MDATA and BLK * Remove the comment in fwu_gpt_mdata_check() as it is already mentioned in the corresponding API comment * Remove the casting of boot_idx to a u32 as suggested by Etienne * Remove the spurious newline addition in efi_setup.c * Move the assignment of trial_state outside the if() as suggested by Jassi * Move the computation of the image index to the FMP set_image function as suggested by Takahiro * Use true and false booleans for fw_accept_os as suggested by Jassi * Simplify the logic in efi_capsule_update_firmware() to check for the empty capsules before checking for fwu_update_checks_pass() as suggested by Jassi * Address a couple of nits from Jassi * Fix review comments suggested by Etienne * Add a paragraph in the capsule update section to highlight the difference in ImageIndex correlation with DFU alt num with FWU feature enabled Sughosh Ganu (15): dt/bindings: Add bindings for GPT based FWU Metadata storage device FWU: Add FWU metadata structure and driver for accessing metadata FWU: Add FWU metadata access driver for GPT partitioned block devices stm32mp1: dk2: Add a node for the FWU metadata device stm32mp1: dk2: Add image information for capsule updates FWU: Add helper functions for accessing FWU metadata FWU: STM32MP1: Add support to read boot index from backup register event: Add an event for main_loop FWU: Add boot time checks as highlighted by the FWU specification FWU: Add support for the FWU Multi Bank Update feature FWU: cmd: Add a command to read FWU metadata test: dm: Add test cases for FWU Metadata uclass mkeficapsule: Add support for generating empty capsules mkeficapsule: Add support for setting OEM flags in capsule header FWU: doc: Add documentation for the FWU feature arch/arm/dts/stm32mp157c-dk2-u-boot.dtsi | 7 + arch/arm/mach-stm32mp/include/mach/stm32.h | 5 + arch/sandbox/Kconfig | 6 + arch/sandbox/dts/test.dts | 7 +- board/sandbox/sandbox.c | 8 + board/st/stm32mp1/stm32mp1.c | 39 ++ cmd/Kconfig | 6 + cmd/Makefile | 1 + cmd/fwu_mdata.c | 79 +++ common/board_r.c | 3 + common/event.c | 3 + configs/sandbox64_defconfig | 5 +- doc/develop/uefi/fwu_updates.rst | 173 +++++ doc/develop/uefi/index.rst | 1 + doc/develop/uefi/uefi.rst | 10 + .../firmware/fwu-mdata-gpt.yaml | 32 + doc/mkeficapsule.1 | 33 +- doc/usage/cmd/fwu_mdata.rst | 43 ++ doc/usage/index.rst | 1 + drivers/Kconfig | 2 + drivers/Makefile | 1 + drivers/fwu-mdata/Kconfig | 16 + drivers/fwu-mdata/Makefile | 8 + drivers/fwu-mdata/fwu-mdata-uclass.c | 107 +++ drivers/fwu-mdata/gpt_blk.c | 356 ++++++++++ include/configs/stm32mp15_common.h | 4 + include/dm/uclass-id.h | 1 + include/event.h | 3 + include/fwu.h | 299 +++++++++ include/fwu_mdata.h | 67 ++ lib/Kconfig | 6 + lib/Makefile | 1 + lib/efi_loader/efi_capsule.c | 207 +++++- lib/efi_loader/efi_firmware.c | 14 + lib/fwu_updates/Kconfig | 33 + lib/fwu_updates/Makefile | 7 + lib/fwu_updates/fwu.c | 608 ++++++++++++++++++ lib/fwu_updates/fwu_gpt.c | 114 ++++ test/dm/Makefile | 1 + test/dm/fwu_mdata.c | 149 +++++ test/dm/fwu_mdata_disk_image.h | 112 ++++ .../test_capsule_firmware_fit.py | 1 - .../test_capsule_firmware_signed_fit.py | 1 - tools/Makefile | 2 +- tools/eficapsule.h | 8 + tools/mkeficapsule.c | 109 +++- 46 files changed, 2677 insertions(+), 22 deletions(-) create mode 100644 cmd/fwu_mdata.c create mode 100644 doc/develop/uefi/fwu_updates.rst create mode 100644 doc/device-tree-bindings/firmware/fwu-mdata-gpt.yaml create mode 100644 doc/usage/cmd/fwu_mdata.rst create mode 100644 drivers/fwu-mdata/Kconfig create mode 100644 drivers/fwu-mdata/Makefile create mode 100644 drivers/fwu-mdata/fwu-mdata-uclass.c create mode 100644 drivers/fwu-mdata/gpt_blk.c create mode 100644 include/fwu.h create mode 100644 include/fwu_mdata.h create mode 100644 lib/fwu_updates/Kconfig create mode 100644 lib/fwu_updates/Makefile create mode 100644 lib/fwu_updates/fwu.c create mode 100644 lib/fwu_updates/fwu_gpt.c create mode 100644 test/dm/fwu_mdata.c create mode 100644 test/dm/fwu_mdata_disk_image.h