Message ID | 20221002235214.344423-1-jassisinghbrar@gmail.com |
---|---|
State | Superseded |
Headers | show |
Series | FWU: Add support for mtd backed feature on DeveloperBox | expand |
Hi Jassi, On Sun, Oct 02, 2022 at 06:52:14PM -0500, jassisinghbrar@gmail.com wrote: > From: Masami Hiramatsu <masami.hiramatsu@linaro.org> > > Add code to support FWU_MULTI_BANK_UPDATE. > The platform does not have gpt-partition storage for > Banks and MetaData, rather it used SPI-NOR backed > mtd regions for the purpose. > > Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org> > Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org> > --- > board/socionext/developerbox/Makefile | 1 + > board/socionext/developerbox/developerbox.c | 8 ++ > board/socionext/developerbox/fwu_plat.c | 68 +++++++++++++++ > configs/synquacer_developerbox_defconfig | 13 ++- > doc/board/socionext/developerbox.rst | 96 +++++++++++++++++++++ > include/configs/synquacer.h | 10 +++ > 6 files changed, 194 insertions(+), 2 deletions(-) > create mode 100644 board/socionext/developerbox/fwu_plat.c > > diff --git a/board/socionext/developerbox/Makefile b/board/socionext/developerbox/Makefile > index 4a46de995a..9b80ee38e7 100644 > --- a/board/socionext/developerbox/Makefile > +++ b/board/socionext/developerbox/Makefile > @@ -7,3 +7,4 @@ > # > > obj-y := developerbox.o > +obj-$(CONFIG_FWU_MULTI_BANK_UPDATE) += fwu_plat.o > diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c > index f5a5fe0121..a0db26eaf3 100644 > --- a/board/socionext/developerbox/developerbox.c > +++ b/board/socionext/developerbox/developerbox.c > @@ -20,6 +20,13 @@ > > #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) > struct efi_fw_image fw_images[] = { > +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) > + { > + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, > + .fw_name = u"DEVELOPERBOX-FIP", > + .image_index = 1, > + }, > +#else From curiosity, why do you want to use different capsule formats for multi-bank update and normal case? -Takahiro Akashi > { > .image_type_id = DEVELOPERBOX_UBOOT_IMAGE_GUID, > .fw_name = u"DEVELOPERBOX-UBOOT", > @@ -35,6 +42,7 @@ struct efi_fw_image fw_images[] = { > .fw_name = u"DEVELOPERBOX-OPTEE", > .image_index = 3, > }, > +#endif > }; > > struct efi_capsule_update_info update_info = { > diff --git a/board/socionext/developerbox/fwu_plat.c b/board/socionext/developerbox/fwu_plat.c > new file mode 100644 > index 0000000000..f333cd4027 > --- /dev/null > +++ b/board/socionext/developerbox/fwu_plat.c > @@ -0,0 +1,68 @@ > +// SPDX-License-Identifier: GPL-2.0-or-later > +/* > + * Copyright (c) 2022, Linaro Limited > + */ > + > +#include <dfu.h> > +#include <efi_loader.h> > +#include <flash.h> > +#include <fwu.h> > +#include <fwu_mdata.h> > +#include <malloc.h> > +#include <memalign.h> > +#include <mtd.h> > +#include <spi.h> > +#include <spi_flash.h> > +#include <uuid.h> > + > +#include <linux/errno.h> > +#include <linux/types.h> > +#include <u-boot/crc.h> > + > +#define DFU_ALT_BUF_LEN 256 > +#define DFU_ALT_NUM_MAX (CONFIG_FWU_NUM_IMAGES_PER_BANK * CONFIG_FWU_NUM_BANKS) > + > +/* Generate dfu_alt_info from partitions */ > +void set_dfu_alt_info(char *interface, char *devstr) > +{ > + int ret; > + struct mtd_info *mtd; > + > + ALLOC_CACHE_ALIGN_BUFFER(char, buf, DFU_ALT_BUF_LEN); > + memset(buf, 0, sizeof(buf)); > + > + mtd_probe_devices(); > + > + mtd = get_mtd_device_nm("nor1"); > + if (IS_ERR_OR_NULL(mtd)) > + return; > + > + ret = fwu_gen_alt_info_from_mtd(buf, DFU_ALT_BUF_LEN, mtd); > + if (ret < 0) { > + log_err("Error: Failed to generate dfu_alt_info. (%d)\n", ret); > + return; > + } > + log_debug("Make dfu_alt_info: '%s'\n", buf); > + > + env_set("dfu_alt_info", buf); > +} > + > +int fwu_plat_get_alt_num(struct udevice __always_unused *dev, > + efi_guid_t *image_id, u8 *alt_num) > +{ > + return fwu_mtd_get_alt_num(image_id, alt_num, "nor1"); > +} > + > +void fwu_plat_get_bootidx(uint *boot_idx) > +{ > + int ret; > + u32 active_idx; > + u32 *bootidx = boot_idx; > + > + ret = fwu_get_active_index(&active_idx); > + > + if (ret < 0) > + *bootidx = -1; > + > + *bootidx = active_idx; > +} > diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig > index c0b784b072..b1085a388e 100644 > --- a/configs/synquacer_developerbox_defconfig > +++ b/configs/synquacer_developerbox_defconfig > @@ -1,10 +1,11 @@ > CONFIG_ARM=y > CONFIG_ARCH_SYNQUACER=y > -CONFIG_SYS_TEXT_BASE=0x08200000 > +CONFIG_POSITION_INDEPENDENT=y > +CONFIG_SYS_TEXT_BASE=0 > CONFIG_SYS_MALLOC_LEN=0x1000000 > CONFIG_SYS_MALLOC_F_LEN=0x400 > CONFIG_ENV_SIZE=0x30000 > -CONFIG_ENV_OFFSET=0x300000 > +CONFIG_ENV_OFFSET=0x580000 > CONFIG_ENV_SECT_SIZE=0x10000 > CONFIG_DM_GPIO=y > CONFIG_DEFAULT_DEVICE_TREE="synquacer-sc2a11-developerbox" > @@ -96,3 +97,11 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y > CONFIG_EFI_CAPSULE_ON_DISK=y > CONFIG_EFI_IGNORE_OSINDICATIONS=y > CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y > +CONFIG_EFI_SECURE_BOOT=y > +CONFIG_FWU_MULTI_BANK_UPDATE=y > +CONFIG_FWU_MDATA=y > +CONFIG_FWU_MDATA_MTD=y > +CONFIG_FWU_NUM_BANKS=2 > +CONFIG_FWU_NUM_IMAGES_PER_BANK=1 > +CONFIG_CMD_FWU_METADATA=y > +CONFIG_TOOLS_MKFWUMDATA=y > diff --git a/doc/board/socionext/developerbox.rst b/doc/board/socionext/developerbox.rst > index 2d943c23be..be872aa79d 100644 > --- a/doc/board/socionext/developerbox.rst > +++ b/doc/board/socionext/developerbox.rst > @@ -85,3 +85,99 @@ Once the flasher tool is running we are ready flash the UEFI image:: > > After transferring the SPI_NOR_UBOOT.fd, turn off the DSW2-7 and reset the board. > > + > +Enable FWU Multi Bank Update > +============================ > + > +DeveloperBox supports the FWU Multi Bank Update. You *MUST* update both *SCP firmware* and *TF-A* for this feature. This will change the layout and the boot process but you can switch back to the normal one by changing the DSW 1-4 off. > + > +Configure U-Boot > +---------------- > + > +To enable the FWU Multi Bank Update on the DeveloperBox, you need to add following configurations to configs/synquacer_developerbox_defconfig :: > + > + CONFIG_FWU_MULTI_BANK_UPDATE=y > + CONFIG_FWU_MDATA=y > + CONFIG_FWU_MDATA_MTD=y > + CONFIG_FWU_NUM_BANKS=2 > + CONFIG_FWU_NUM_IMAGES_PER_BANK=1 > + CONFIG_CMD_FWU_METADATA=y > + > +And build it:: > + > + cd u-boot/ > + export ARCH=arm64 > + export CROSS_COMPILE=aarch64-linux-gnu- > + make synqucer_developerbox_defconfig > + make -j `noproc` > + cd ../ > + > +By default, the CONFIG_FWU_NUM_BANKS and COFNIG_FWU_NUM_IMAGES_PER_BANKS are set to 2 and 1 respectively. This uses FIP (Firmware Image Package) type image which contains TF-A, U-Boot and OP-TEE (the OP-TEE is optional.) > +You can use fiptool to compose the FIP image from those firmware images. > + > +Rebuild SCP firmware > +-------------------- > + > +Rebuild SCP firmware which supports FWU Multi Bank Update as below:: > + > + cd SCP-firmware/ > + OUT=./build/product/synquacer > + ROMFW_FILE=$OUT/scp_romfw/$SCP_BUILD_MODE/bin/scp_romfw.bin > + RAMFW_FILE=$OUT/scp_ramfw/$SCP_BUILD_MODE/bin/scp_ramfw.bin > + ROMRAMFW_FILE=scp_romramfw_release.bin > + > + make CC=$ARM_EMB_GCC PRODUCT=synquacer MODE=release > + tr "\000" "\377" < /dev/zero | dd of=${ROMRAMFW_FILE} bs=1 count=196608 > + dd if=${ROMFW_FILE} of=${ROMRAMFW_FILE} bs=1 conv=notrunc seek=0 > + dd if=${RAMFW_FILE} of=${ROMRAMFW_FILE} bs=1 seek=65536 > + cd ../ > + > +And you can get the `scp_romramfw_release.bin` file > + > +Rebuild TF-A and FIP > +-------------------- > + > +Rebuild TF-A which supports FWU Multi Bank Update as below:: > + > + cd arm-trusted-firmware/ > + make CROSS_COMPILE=aarch64-linux-gnu- -j`nproc` PLAT=synquacer \ > + SPD=opteed SQ_RESET_TO_BL2=1 GENERATE_COT=1 MBEDTLS_DIR=../mbedtls \ > + BL33=../u-boot/u-boot.bin all fip fiptool > + > +And make a FIP image.:: > + > + cp build/synquacer/release/fip.bin SPI_NOR_NEWFIP.fd > + tools/fiptool/fiptool update --tb-fw build/synquacer/release/bl2.bin SPI_NOR_NEWFIP.fd > + > + > +UUIDs for the FWU Multi Bank Update > +----------------------------------- > + > +FWU multi-bank update requires some UUIDs. The DeveloperBox platform uses following UUIDs. > + > + - Location UUID for the FIP image: 17e86d77-41f9-4fd7-87ec-a55df9842de5 > + - Image type UUID for the FIP image: 10c36d7d-ca52-b843-b7b9-f9d6c501d108 > + - Image UUID for Bank0 : 5a66a702-99fd-4fef-a392-c26e261a2828 > + - Image UUID for Bank1 : a8f868a1-6e5c-4757-878d-ce63375ef2c0 > + > +These UUIDs are used for making a FWU metadata image. > + > +Install via flash writer > +------------------------ > + > +As explained in above section, the new FIP image and the FWU metadata image can be installed via NOR flash writer. Note that the installation offsets for the FWU multi bank update supported firmware. > + > +Once the flasher tool is running we are ready flash the images.:: > +Write the FIP image to the 0x600000 offset.:: > + > + flash rawwrite 600000 180000 > + >> Send SPI_NOR_NEWFIP.fd via XMODEM (Control-A S in minicom) << > + > +And write the new SCP firmware.:: > + > + flash write cm3 > + >> Send scp_romramfw_release.bin via XMODEM (Control-A S in minicom) << > + > +At last, turn on the DSW 3-4 on the board, and reboot. > +Note that if DSW 3-4 is turned off, the DeveloperBox will boot from > +the original EDK2 firmware (or non-FWU U-Boot if you already installed.) > diff --git a/include/configs/synquacer.h b/include/configs/synquacer.h > index 63d897d090..c798a23bed 100644 > --- a/include/configs/synquacer.h > +++ b/include/configs/synquacer.h > @@ -41,19 +41,29 @@ > > /* Since U-Boot 64bit PCIe support is limited, disable 64bit MMIO support */ > > +#ifdef CONFIG_FWU_MULTI_BANK_UPDATE > +#define DEFAULT_DFU_ALT_INFO > +#else > #define DEFAULT_DFU_ALT_INFO "dfu_alt_info=" \ > "mtd nor1=u-boot.bin raw 200000 100000;" \ > "fip.bin raw 180000 78000;" \ > "optee.bin raw 500000 100000\0" > +#endif > > /* GUIDs for capsule updatable firmware images */ > #define DEVELOPERBOX_UBOOT_IMAGE_GUID \ > EFI_GUID(0x53a92e83, 0x4ef4, 0x473a, 0x8b, 0x0d, \ > 0xb5, 0xd8, 0xc7, 0xb2, 0xd6, 0x00) > > +#ifdef CONFIG_FWU_MULTI_BANK_UPDATE > +#define DEVELOPERBOX_FIP_IMAGE_GUID \ > + EFI_GUID(0x7d6dc310, 0x52ca, 0x43b8, 0xb7, 0xb9, \ > + 0xf9, 0xd6, 0xc5, 0x01, 0xd1, 0x08) > +#else > #define DEVELOPERBOX_FIP_IMAGE_GUID \ > EFI_GUID(0x880866e9, 0x84ba, 0x4793, 0xa9, 0x08, \ > 0x33, 0xe0, 0xb9, 0x16, 0xf3, 0x98) > +#endif > > #define DEVELOPERBOX_OPTEE_IMAGE_GUID \ > EFI_GUID(0xc1b629f1, 0xce0e, 0x4894, 0x82, 0xbf, \ > -- > 2.25.1 >
On Mon, Oct 3, 2022 at 6:04 AM AKASHI Takahiro <takahiro.akashi@linaro.org> wrote: > > diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c > > index f5a5fe0121..a0db26eaf3 100644 > > --- a/board/socionext/developerbox/developerbox.c > > +++ b/board/socionext/developerbox/developerbox.c > > @@ -20,6 +20,13 @@ > > > > #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) > > struct efi_fw_image fw_images[] = { > > +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) > > + { > > + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, > > + .fw_name = u"DEVELOPERBOX-FIP", > > + .image_index = 1, > > + }, > > +#else > > From curiosity, why do you want to use different capsule formats > for multi-bank update and normal case? > normal/legacy layout has one image for each component - uboot, tfa and optee, whereas the new layout contains everything in one fip image. So I thought it would be better to make the image_index consistent by making the fip's as 1. cheers.
Hi Jassi, On Mon, 3 Oct 2022 at 16:40, Jassi Brar <jassisinghbrar@gmail.com> wrote: > > On Mon, Oct 3, 2022 at 6:04 AM AKASHI Takahiro > <takahiro.akashi@linaro.org> wrote: > > > > diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c > > > index f5a5fe0121..a0db26eaf3 100644 > > > --- a/board/socionext/developerbox/developerbox.c > > > +++ b/board/socionext/developerbox/developerbox.c > > > @@ -20,6 +20,13 @@ > > > > > > #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) > > > struct efi_fw_image fw_images[] = { > > > +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) > > > + { > > > + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, > > > + .fw_name = u"DEVELOPERBOX-FIP", > > > + .image_index = 1, > > > + }, > > > +#else > > > > From curiosity, why do you want to use different capsule formats > > for multi-bank update and normal case? > > > normal/legacy layout has one image for each component - uboot, tfa and > optee, whereas the new layout contains everything in one fip image. > So I thought it would be better to make the image_index consistent by > making the fip's as 1. FWIW this does make a lot of sense. Since the SCP firmware is not included in the capsule and that SCP firmware is needed to transition from old -> new layout, I think we are better off having those in different GUIDs. On top of that those GUIDs can be used in LVFS if we ever decide to upload firmwares there. Not having discrete GUIDs means there's a chance to brick the board on old -> new update, unless the SCP is explicitly updated. Cheers /Ilias > > cheers.
On Mon, Oct 03, 2022 at 04:51:32PM +0300, Ilias Apalodimas wrote: > Hi Jassi, > > On Mon, 3 Oct 2022 at 16:40, Jassi Brar <jassisinghbrar@gmail.com> wrote: > > > > On Mon, Oct 3, 2022 at 6:04 AM AKASHI Takahiro > > <takahiro.akashi@linaro.org> wrote: > > > > > > diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c > > > > index f5a5fe0121..a0db26eaf3 100644 > > > > --- a/board/socionext/developerbox/developerbox.c > > > > +++ b/board/socionext/developerbox/developerbox.c > > > > @@ -20,6 +20,13 @@ > > > > > > > > #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) > > > > struct efi_fw_image fw_images[] = { > > > > +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) > > > > + { > > > > + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, > > > > + .fw_name = u"DEVELOPERBOX-FIP", > > > > + .image_index = 1, > > > > + }, > > > > +#else > > > > > > From curiosity, why do you want to use different capsule formats > > > for multi-bank update and normal case? > > > > > normal/legacy layout has one image for each component - uboot, tfa and > > optee, whereas the new layout contains everything in one fip image. Yes, that is exactly what I understand here. > > So I thought it would be better to make the image_index consistent by > > making the fip's as 1. > > FWIW this does make a lot of sense. Since the SCP firmware is not > included in the capsule and that SCP firmware is needed to transition > from old -> new layout, I think we are better off having those in > different GUIDs. On top of that those GUIDs can be used in LVFS if we > ever decide to upload firmwares there. > > Not having discrete GUIDs means there's a chance to brick the board on > old -> new update, unless the SCP is explicitly updated. SCP? I don't care. My question is why you use a single capsule (FIP) in A/B update while you use three separate capsule files in normal case. -Takahiro Akashi > Cheers > /Ilias > > > > cheers.
On Mon, Oct 3, 2022 at 8:06 PM AKASHI Takahiro <takahiro.akashi@linaro.org> wrote: > > On Mon, Oct 03, 2022 at 04:51:32PM +0300, Ilias Apalodimas wrote: > > Hi Jassi, > > > > On Mon, 3 Oct 2022 at 16:40, Jassi Brar <jassisinghbrar@gmail.com> wrote: > > > > > > On Mon, Oct 3, 2022 at 6:04 AM AKASHI Takahiro > > > <takahiro.akashi@linaro.org> wrote: > > > > > > > > diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c > > > > > index f5a5fe0121..a0db26eaf3 100644 > > > > > --- a/board/socionext/developerbox/developerbox.c > > > > > +++ b/board/socionext/developerbox/developerbox.c > > > > > @@ -20,6 +20,13 @@ > > > > > > > > > > #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) > > > > > struct efi_fw_image fw_images[] = { > > > > > +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) > > > > > + { > > > > > + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, > > > > > + .fw_name = u"DEVELOPERBOX-FIP", > > > > > + .image_index = 1, > > > > > + }, > > > > > +#else > > > > > > > > From curiosity, why do you want to use different capsule formats > > > > for multi-bank update and normal case? > > > > > > > normal/legacy layout has one image for each component - uboot, tfa and > > > optee, whereas the new layout contains everything in one fip image. > > Yes, that is exactly what I understand here. > > > > So I thought it would be better to make the image_index consistent by > > > making the fip's as 1. > > > > FWIW this does make a lot of sense. Since the SCP firmware is not > > included in the capsule and that SCP firmware is needed to transition > > from old -> new layout, I think we are better off having those in > > different GUIDs. On top of that those GUIDs can be used in LVFS if we > > ever decide to upload firmwares there. > > > > Not having discrete GUIDs means there's a chance to brick the board on > > old -> new update, unless the SCP is explicitly updated. > > SCP? I don't care. > My question is why you use a single capsule (FIP) in A/B update while you use > three separate capsule files in normal case. > We think it is cleaner to not tie up boot binaries at fixed offsets in storage, so all CA53 boot assets are now in one parseable FIP image. Secondly, and personally, I think there is no real usecase of more than one image per bank - that will be too fragile and complicated to manage. cheers.
On Mon, Oct 03, 2022 at 09:00:35PM -0500, Jassi Brar wrote: > On Mon, Oct 3, 2022 at 8:06 PM AKASHI Takahiro > <takahiro.akashi@linaro.org> wrote: > > > > On Mon, Oct 03, 2022 at 04:51:32PM +0300, Ilias Apalodimas wrote: > > > Hi Jassi, > > > > > > On Mon, 3 Oct 2022 at 16:40, Jassi Brar <jassisinghbrar@gmail.com> wrote: > > > > > > > > On Mon, Oct 3, 2022 at 6:04 AM AKASHI Takahiro > > > > <takahiro.akashi@linaro.org> wrote: > > > > > > > > > > diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c > > > > > > index f5a5fe0121..a0db26eaf3 100644 > > > > > > --- a/board/socionext/developerbox/developerbox.c > > > > > > +++ b/board/socionext/developerbox/developerbox.c > > > > > > @@ -20,6 +20,13 @@ > > > > > > > > > > > > #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) > > > > > > struct efi_fw_image fw_images[] = { > > > > > > +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) > > > > > > + { > > > > > > + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, > > > > > > + .fw_name = u"DEVELOPERBOX-FIP", > > > > > > + .image_index = 1, > > > > > > + }, > > > > > > +#else > > > > > > > > > > From curiosity, why do you want to use different capsule formats > > > > > for multi-bank update and normal case? > > > > > > > > > normal/legacy layout has one image for each component - uboot, tfa and > > > > optee, whereas the new layout contains everything in one fip image. > > > > Yes, that is exactly what I understand here. > > > > > > So I thought it would be better to make the image_index consistent by > > > > making the fip's as 1. > > > > > > FWIW this does make a lot of sense. Since the SCP firmware is not > > > included in the capsule and that SCP firmware is needed to transition > > > from old -> new layout, I think we are better off having those in > > > different GUIDs. On top of that those GUIDs can be used in LVFS if we > > > ever decide to upload firmwares there. > > > > > > Not having discrete GUIDs means there's a chance to brick the board on > > > old -> new update, unless the SCP is explicitly updated. > > > > SCP? I don't care. > > My question is why you use a single capsule (FIP) in A/B update while you use > > three separate capsule files in normal case. > > > We think it is cleaner to not tie up boot binaries at fixed offsets in > storage, so all CA53 boot assets are now in one parseable FIP image. > Secondly, and personally, I think there is no real usecase of more > than one image per bank - that will be too fragile and complicated to > manage. If so, my point is why not use a single capsule in normal case (a single bank in another word) as well? -Takahiro Akashi > cheers.
On Mon, Oct 3, 2022 at 9:44 PM AKASHI Takahiro <takahiro.akashi@linaro.org> wrote: > On Mon, Oct 03, 2022 at 09:00:35PM -0500, Jassi Brar wrote: > > > My question is why you use a single capsule (FIP) in A/B update while you use > > > three separate capsule files in normal case. > > > > > We think it is cleaner to not tie up boot binaries at fixed offsets in > > storage, so all CA53 boot assets are now in one parseable FIP image. > > Secondly, and personally, I think there is no real usecase of more > > than one image per bank - that will be too fragile and complicated to > > manage. > > If so, my point is why not use a single capsule in normal case (a single bank > in another word) as well? > for historical/legacy reasons.
diff --git a/board/socionext/developerbox/Makefile b/board/socionext/developerbox/Makefile index 4a46de995a..9b80ee38e7 100644 --- a/board/socionext/developerbox/Makefile +++ b/board/socionext/developerbox/Makefile @@ -7,3 +7,4 @@ # obj-y := developerbox.o +obj-$(CONFIG_FWU_MULTI_BANK_UPDATE) += fwu_plat.o diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c index f5a5fe0121..a0db26eaf3 100644 --- a/board/socionext/developerbox/developerbox.c +++ b/board/socionext/developerbox/developerbox.c @@ -20,6 +20,13 @@ #if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) struct efi_fw_image fw_images[] = { +#if defined(CONFIG_FWU_MULTI_BANK_UPDATE) + { + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-FIP", + .image_index = 1, + }, +#else { .image_type_id = DEVELOPERBOX_UBOOT_IMAGE_GUID, .fw_name = u"DEVELOPERBOX-UBOOT", @@ -35,6 +42,7 @@ struct efi_fw_image fw_images[] = { .fw_name = u"DEVELOPERBOX-OPTEE", .image_index = 3, }, +#endif }; struct efi_capsule_update_info update_info = { diff --git a/board/socionext/developerbox/fwu_plat.c b/board/socionext/developerbox/fwu_plat.c new file mode 100644 index 0000000000..f333cd4027 --- /dev/null +++ b/board/socionext/developerbox/fwu_plat.c @@ -0,0 +1,68 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (c) 2022, Linaro Limited + */ + +#include <dfu.h> +#include <efi_loader.h> +#include <flash.h> +#include <fwu.h> +#include <fwu_mdata.h> +#include <malloc.h> +#include <memalign.h> +#include <mtd.h> +#include <spi.h> +#include <spi_flash.h> +#include <uuid.h> + +#include <linux/errno.h> +#include <linux/types.h> +#include <u-boot/crc.h> + +#define DFU_ALT_BUF_LEN 256 +#define DFU_ALT_NUM_MAX (CONFIG_FWU_NUM_IMAGES_PER_BANK * CONFIG_FWU_NUM_BANKS) + +/* Generate dfu_alt_info from partitions */ +void set_dfu_alt_info(char *interface, char *devstr) +{ + int ret; + struct mtd_info *mtd; + + ALLOC_CACHE_ALIGN_BUFFER(char, buf, DFU_ALT_BUF_LEN); + memset(buf, 0, sizeof(buf)); + + mtd_probe_devices(); + + mtd = get_mtd_device_nm("nor1"); + if (IS_ERR_OR_NULL(mtd)) + return; + + ret = fwu_gen_alt_info_from_mtd(buf, DFU_ALT_BUF_LEN, mtd); + if (ret < 0) { + log_err("Error: Failed to generate dfu_alt_info. (%d)\n", ret); + return; + } + log_debug("Make dfu_alt_info: '%s'\n", buf); + + env_set("dfu_alt_info", buf); +} + +int fwu_plat_get_alt_num(struct udevice __always_unused *dev, + efi_guid_t *image_id, u8 *alt_num) +{ + return fwu_mtd_get_alt_num(image_id, alt_num, "nor1"); +} + +void fwu_plat_get_bootidx(uint *boot_idx) +{ + int ret; + u32 active_idx; + u32 *bootidx = boot_idx; + + ret = fwu_get_active_index(&active_idx); + + if (ret < 0) + *bootidx = -1; + + *bootidx = active_idx; +} diff --git a/configs/synquacer_developerbox_defconfig b/configs/synquacer_developerbox_defconfig index c0b784b072..b1085a388e 100644 --- a/configs/synquacer_developerbox_defconfig +++ b/configs/synquacer_developerbox_defconfig @@ -1,10 +1,11 @@ CONFIG_ARM=y CONFIG_ARCH_SYNQUACER=y -CONFIG_SYS_TEXT_BASE=0x08200000 +CONFIG_POSITION_INDEPENDENT=y +CONFIG_SYS_TEXT_BASE=0 CONFIG_SYS_MALLOC_LEN=0x1000000 CONFIG_SYS_MALLOC_F_LEN=0x400 CONFIG_ENV_SIZE=0x30000 -CONFIG_ENV_OFFSET=0x300000 +CONFIG_ENV_OFFSET=0x580000 CONFIG_ENV_SECT_SIZE=0x10000 CONFIG_DM_GPIO=y CONFIG_DEFAULT_DEVICE_TREE="synquacer-sc2a11-developerbox" @@ -96,3 +97,11 @@ CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_IGNORE_OSINDICATIONS=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y +CONFIG_EFI_SECURE_BOOT=y +CONFIG_FWU_MULTI_BANK_UPDATE=y +CONFIG_FWU_MDATA=y +CONFIG_FWU_MDATA_MTD=y +CONFIG_FWU_NUM_BANKS=2 +CONFIG_FWU_NUM_IMAGES_PER_BANK=1 +CONFIG_CMD_FWU_METADATA=y +CONFIG_TOOLS_MKFWUMDATA=y diff --git a/doc/board/socionext/developerbox.rst b/doc/board/socionext/developerbox.rst index 2d943c23be..be872aa79d 100644 --- a/doc/board/socionext/developerbox.rst +++ b/doc/board/socionext/developerbox.rst @@ -85,3 +85,99 @@ Once the flasher tool is running we are ready flash the UEFI image:: After transferring the SPI_NOR_UBOOT.fd, turn off the DSW2-7 and reset the board. + +Enable FWU Multi Bank Update +============================ + +DeveloperBox supports the FWU Multi Bank Update. You *MUST* update both *SCP firmware* and *TF-A* for this feature. This will change the layout and the boot process but you can switch back to the normal one by changing the DSW 1-4 off. + +Configure U-Boot +---------------- + +To enable the FWU Multi Bank Update on the DeveloperBox, you need to add following configurations to configs/synquacer_developerbox_defconfig :: + + CONFIG_FWU_MULTI_BANK_UPDATE=y + CONFIG_FWU_MDATA=y + CONFIG_FWU_MDATA_MTD=y + CONFIG_FWU_NUM_BANKS=2 + CONFIG_FWU_NUM_IMAGES_PER_BANK=1 + CONFIG_CMD_FWU_METADATA=y + +And build it:: + + cd u-boot/ + export ARCH=arm64 + export CROSS_COMPILE=aarch64-linux-gnu- + make synqucer_developerbox_defconfig + make -j `noproc` + cd ../ + +By default, the CONFIG_FWU_NUM_BANKS and COFNIG_FWU_NUM_IMAGES_PER_BANKS are set to 2 and 1 respectively. This uses FIP (Firmware Image Package) type image which contains TF-A, U-Boot and OP-TEE (the OP-TEE is optional.) +You can use fiptool to compose the FIP image from those firmware images. + +Rebuild SCP firmware +-------------------- + +Rebuild SCP firmware which supports FWU Multi Bank Update as below:: + + cd SCP-firmware/ + OUT=./build/product/synquacer + ROMFW_FILE=$OUT/scp_romfw/$SCP_BUILD_MODE/bin/scp_romfw.bin + RAMFW_FILE=$OUT/scp_ramfw/$SCP_BUILD_MODE/bin/scp_ramfw.bin + ROMRAMFW_FILE=scp_romramfw_release.bin + + make CC=$ARM_EMB_GCC PRODUCT=synquacer MODE=release + tr "\000" "\377" < /dev/zero | dd of=${ROMRAMFW_FILE} bs=1 count=196608 + dd if=${ROMFW_FILE} of=${ROMRAMFW_FILE} bs=1 conv=notrunc seek=0 + dd if=${RAMFW_FILE} of=${ROMRAMFW_FILE} bs=1 seek=65536 + cd ../ + +And you can get the `scp_romramfw_release.bin` file + +Rebuild TF-A and FIP +-------------------- + +Rebuild TF-A which supports FWU Multi Bank Update as below:: + + cd arm-trusted-firmware/ + make CROSS_COMPILE=aarch64-linux-gnu- -j`nproc` PLAT=synquacer \ + SPD=opteed SQ_RESET_TO_BL2=1 GENERATE_COT=1 MBEDTLS_DIR=../mbedtls \ + BL33=../u-boot/u-boot.bin all fip fiptool + +And make a FIP image.:: + + cp build/synquacer/release/fip.bin SPI_NOR_NEWFIP.fd + tools/fiptool/fiptool update --tb-fw build/synquacer/release/bl2.bin SPI_NOR_NEWFIP.fd + + +UUIDs for the FWU Multi Bank Update +----------------------------------- + +FWU multi-bank update requires some UUIDs. The DeveloperBox platform uses following UUIDs. + + - Location UUID for the FIP image: 17e86d77-41f9-4fd7-87ec-a55df9842de5 + - Image type UUID for the FIP image: 10c36d7d-ca52-b843-b7b9-f9d6c501d108 + - Image UUID for Bank0 : 5a66a702-99fd-4fef-a392-c26e261a2828 + - Image UUID for Bank1 : a8f868a1-6e5c-4757-878d-ce63375ef2c0 + +These UUIDs are used for making a FWU metadata image. + +Install via flash writer +------------------------ + +As explained in above section, the new FIP image and the FWU metadata image can be installed via NOR flash writer. Note that the installation offsets for the FWU multi bank update supported firmware. + +Once the flasher tool is running we are ready flash the images.:: +Write the FIP image to the 0x600000 offset.:: + + flash rawwrite 600000 180000 + >> Send SPI_NOR_NEWFIP.fd via XMODEM (Control-A S in minicom) << + +And write the new SCP firmware.:: + + flash write cm3 + >> Send scp_romramfw_release.bin via XMODEM (Control-A S in minicom) << + +At last, turn on the DSW 3-4 on the board, and reboot. +Note that if DSW 3-4 is turned off, the DeveloperBox will boot from +the original EDK2 firmware (or non-FWU U-Boot if you already installed.) diff --git a/include/configs/synquacer.h b/include/configs/synquacer.h index 63d897d090..c798a23bed 100644 --- a/include/configs/synquacer.h +++ b/include/configs/synquacer.h @@ -41,19 +41,29 @@ /* Since U-Boot 64bit PCIe support is limited, disable 64bit MMIO support */ +#ifdef CONFIG_FWU_MULTI_BANK_UPDATE +#define DEFAULT_DFU_ALT_INFO +#else #define DEFAULT_DFU_ALT_INFO "dfu_alt_info=" \ "mtd nor1=u-boot.bin raw 200000 100000;" \ "fip.bin raw 180000 78000;" \ "optee.bin raw 500000 100000\0" +#endif /* GUIDs for capsule updatable firmware images */ #define DEVELOPERBOX_UBOOT_IMAGE_GUID \ EFI_GUID(0x53a92e83, 0x4ef4, 0x473a, 0x8b, 0x0d, \ 0xb5, 0xd8, 0xc7, 0xb2, 0xd6, 0x00) +#ifdef CONFIG_FWU_MULTI_BANK_UPDATE +#define DEVELOPERBOX_FIP_IMAGE_GUID \ + EFI_GUID(0x7d6dc310, 0x52ca, 0x43b8, 0xb7, 0xb9, \ + 0xf9, 0xd6, 0xc5, 0x01, 0xd1, 0x08) +#else #define DEVELOPERBOX_FIP_IMAGE_GUID \ EFI_GUID(0x880866e9, 0x84ba, 0x4793, 0xa9, 0x08, \ 0x33, 0xe0, 0xb9, 0x16, 0xf3, 0x98) +#endif #define DEVELOPERBOX_OPTEE_IMAGE_GUID \ EFI_GUID(0xc1b629f1, 0xce0e, 0x4894, 0x82, 0xbf, \