| Message ID | 20220207182001.31270-1-sughosh.ganu@linaro.org |
|---|---|
| Headers | show |
| Series | FWU: Add support for FWU Multi Bank Update feature | expand |
po 7. 2. 2022 v 19:21 odesÃlatel Sughosh Ganu <sughosh.ganu@linaro.org> napsal: > > > > The patchset adds support for the FWU Multi Bank Update[1] > feature. Certain aspects of the Dependable Boot[2] specification have > also been implemented. > > The FWU multi bank update feature is used for supporting multiple > sets(also called banks) of firmware image(s), allowing the platform to > boot from a different bank, in case it fails to boot from the active > bank. This functionality is supported by keeping the relevant > information in a structure called metadata, which provides information > on the images. Among other parameters, the metadata structure contains > information on the currect active bank that is being used to boot > image(s). > > Functionality is being added to work with the UEFI capsule driver in > u-boot. The metadata is read to gather information on the update bank, > which is the bank to which the firmware images would be flashed to. On > a successful completion of the update of all components, the active > bank field in the metadata is updated, to reflect the bank from which > the platform will boot on the subsequent boots. > > Currently, the feature is being enabled on the STM32MP157C-DK2 > board which boots a FIP image from a uSD card partitioned with the GPT > partioning scheme. This also requires changes in the previous stage of > bootloader, which parses the metadata and selects the bank to boot the > image(s) from. Support is being added in tf-a(BL2 stage) for the > STM32MP157C-DK2 board to boot the active bank images. These changes > have been merged to the upstream tf-a's integration branch[3]. > > These patches are based on top of the series from Takahiro to add > Authentication support to mkeficapsule utility[4] and a couple of > other patches[5][6] > > TODO's > ------ > * Add a unit test case for the newly added FWU_MDATA uclass. Some > involved effort is needed on this since the host device interface on > sandbox cannot be used with the UT framework. > * Add test case for the feature with the python test suite, along the > lines of capsule update testing. > > [1] - https://developer.arm.com/documentation/den0118/a > [2] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf > [3] - https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/log/?h=integration > [4] - https://patchwork.ozlabs.org/project/uboot/list/?series=281549 > [5] - https://patchwork.ozlabs.org/project/uboot/patch/164388019634.446835.18271480521485569016.stgit@localhost/ > [6] - https://patchwork.ozlabs.org/project/uboot/patch/20220129192108.6618-1-sughosh.ganu@linaro.org/ > > > Changes since V3: > * Move the FWU metadata access to driver model > * Get the storage device containing the metadata from a device tree > property instead of a platform helper function > * Move the metadata access driver for GPT partitioned block devices > under drivers/fwu-mdata/ directory, complying with driver model. > * Move functionality to get the active index under the common function > instead of the GPT block device specific driver. > * Remove function for getting the storage device containing the > metadata as the information is now obtained from the device tree. > * Define a weak function fill_image_type_guid_array for populating the > image descriptor array with u-boot's raw and fit image GUIDs > * Define the function fill_image_type_guid_array for the ST DK2 board > for GPT partitioned devices. > * Change the TrialStateCtr efi variable attribute to remove the > runtime attribute > * Rebase the change on top of the patch from Masami to call > efi_capsule_update_firmware directly. > * Put the FWU related checks which were earlier in efi_update_capsule > function to separate functions fwu_empty_capsule and > fwu_empty_capsule_process. > * Use the device model api uclass_get_device to probe and get the FWU > Metadata device. > * Add related documentation for empty capsules in the mkeficapsule man > page. > * Add separate usage for empty capsules, with corresponding valid > options. > * Use ternary operators where possible. > * Put a exclusivity check for the empty capsule options. > > > Sughosh Ganu (11): > FWU: Add FWU metadata structure and driver for accessing metadata > FWU: Add FWU metadata access driver for GPT partitioned block devices > FWU: stm32mp1: Add helper functions for accessing FWU metadata > FWU: STM32MP1: Add support to read boot index from backup register > EFI: FMP: Add provision to update image's ImageTypeId in image > descriptor > stm32mp1: Populate ImageTypeId values in EFI_FIRMWARE_IMAGE_DESCRIPTOR > array > FWU: Add boot time checks as highlighted by the FWU specification > FWU: Add support for FWU Multi Bank Update feature > FWU: cmd: Add a command to read FWU metadata > mkeficapsule: Add support for generating empty capsules > FWU: doc: Add documentation for the FWU feature > > arch/arm/dts/stm32mp157c-dk2-u-boot.dtsi | 7 + > board/st/stm32mp1/stm32mp1.c | 178 +++++++ > cmd/Kconfig | 7 + > cmd/Makefile | 1 + > cmd/fwu_mdata.c | 74 +++ > common/board_r.c | 6 + > doc/develop/uefi/fwu_updates.rst | 142 +++++ > doc/develop/uefi/index.rst | 1 + > doc/develop/uefi/uefi.rst | 2 + > .../firmware/fwu-mdata.txt | 18 + > doc/mkeficapsule.1 | 23 +- > drivers/Kconfig | 2 + > drivers/Makefile | 1 + > drivers/fwu-mdata/Kconfig | 16 + > drivers/fwu-mdata/Makefile | 7 + > drivers/fwu-mdata/fwu-mdata-uclass.c | 434 +++++++++++++++ > drivers/fwu-mdata/fwu_mdata_gpt_blk.c | 501 ++++++++++++++++++ > include/dm/uclass-id.h | 1 + > include/efi_loader.h | 2 + > include/fwu.h | 70 +++ > include/fwu_mdata.h | 67 +++ > lib/Kconfig | 6 + > lib/Makefile | 1 + > lib/efi_loader/efi_capsule.c | 221 +++++++- > lib/efi_loader/efi_firmware.c | 71 ++- > lib/efi_loader/efi_setup.c | 3 +- > lib/fwu_updates/Kconfig | 31 ++ > lib/fwu_updates/Makefile | 6 + > lib/fwu_updates/fwu.c | 204 +++++++ > tools/eficapsule.h | 8 + > tools/mkeficapsule.c | 131 ++++- > 31 files changed, 2208 insertions(+), 34 deletions(-) > create mode 100644 cmd/fwu_mdata.c > create mode 100644 doc/develop/uefi/fwu_updates.rst > create mode 100644 doc/device-tree-bindings/firmware/fwu-mdata.txt > create mode 100644 drivers/fwu-mdata/Kconfig > create mode 100644 drivers/fwu-mdata/Makefile > create mode 100644 drivers/fwu-mdata/fwu-mdata-uclass.c > create mode 100644 drivers/fwu-mdata/fwu_mdata_gpt_blk.c > create mode 100644 include/fwu.h > create mode 100644 include/fwu_mdata.h > create mode 100644 lib/fwu_updates/Kconfig > create mode 100644 lib/fwu_updates/Makefile > create mode 100644 lib/fwu_updates/fwu.c > > -- > 2.17.1 > > What's the git base you use for this series? Thanks, Michal
On Tue, 8 Feb 2022 at 16:36, Michal Simek <monstr@monstr.eu> wrote: > > po 7. 2. 2022 v 19:21 odesÃlatel Sughosh Ganu <sughosh.ganu@linaro.org> napsal: > > > > > > > > The patchset adds support for the FWU Multi Bank Update[1] > > feature. Certain aspects of the Dependable Boot[2] specification have > > also been implemented. > > > > The FWU multi bank update feature is used for supporting multiple > > sets(also called banks) of firmware image(s), allowing the platform to > > boot from a different bank, in case it fails to boot from the active > > bank. This functionality is supported by keeping the relevant > > information in a structure called metadata, which provides information > > on the images. Among other parameters, the metadata structure contains > > information on the currect active bank that is being used to boot > > image(s). > > > > Functionality is being added to work with the UEFI capsule driver in > > u-boot. The metadata is read to gather information on the update bank, > > which is the bank to which the firmware images would be flashed to. On > > a successful completion of the update of all components, the active > > bank field in the metadata is updated, to reflect the bank from which > > the platform will boot on the subsequent boots. > > > > Currently, the feature is being enabled on the STM32MP157C-DK2 > > board which boots a FIP image from a uSD card partitioned with the GPT > > partioning scheme. This also requires changes in the previous stage of > > bootloader, which parses the metadata and selects the bank to boot the > > image(s) from. Support is being added in tf-a(BL2 stage) for the > > STM32MP157C-DK2 board to boot the active bank images. These changes > > have been merged to the upstream tf-a's integration branch[3]. > > > > These patches are based on top of the series from Takahiro to add > > Authentication support to mkeficapsule utility[4] and a couple of > > other patches[5][6] > > > > TODO's > > ------ > > * Add a unit test case for the newly added FWU_MDATA uclass. Some > > involved effort is needed on this since the host device interface on > > sandbox cannot be used with the UT framework. > > * Add test case for the feature with the python test suite, along the > > lines of capsule update testing. > > > > [1] - https://developer.arm.com/documentation/den0118/a > > [2] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf > > [3] - https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/log/?h=integration > > [4] - https://patchwork.ozlabs.org/project/uboot/list/?series=281549 > > [5] - https://patchwork.ozlabs.org/project/uboot/patch/164388019634.446835.18271480521485569016.stgit@localhost/ > > [6] - https://patchwork.ozlabs.org/project/uboot/patch/20220129192108.6618-1-sughosh.ganu@linaro.org/ > > > > > > Changes since V3: > > * Move the FWU metadata access to driver model > > * Get the storage device containing the metadata from a device tree > > property instead of a platform helper function > > * Move the metadata access driver for GPT partitioned block devices > > under drivers/fwu-mdata/ directory, complying with driver model. > > * Move functionality to get the active index under the common function > > instead of the GPT block device specific driver. > > * Remove function for getting the storage device containing the > > metadata as the information is now obtained from the device tree. > > * Define a weak function fill_image_type_guid_array for populating the > > image descriptor array with u-boot's raw and fit image GUIDs > > * Define the function fill_image_type_guid_array for the ST DK2 board > > for GPT partitioned devices. > > * Change the TrialStateCtr efi variable attribute to remove the > > runtime attribute > > * Rebase the change on top of the patch from Masami to call > > efi_capsule_update_firmware directly. > > * Put the FWU related checks which were earlier in efi_update_capsule > > function to separate functions fwu_empty_capsule and > > fwu_empty_capsule_process. > > * Use the device model api uclass_get_device to probe and get the FWU > > Metadata device. > > * Add related documentation for empty capsules in the mkeficapsule man > > page. > > * Add separate usage for empty capsules, with corresponding valid > > options. > > * Use ternary operators where possible. > > * Put a exclusivity check for the empty capsule options. > > > > > > Sughosh Ganu (11): > > FWU: Add FWU metadata structure and driver for accessing metadata > > FWU: Add FWU metadata access driver for GPT partitioned block devices > > FWU: stm32mp1: Add helper functions for accessing FWU metadata > > FWU: STM32MP1: Add support to read boot index from backup register > > EFI: FMP: Add provision to update image's ImageTypeId in image > > descriptor > > stm32mp1: Populate ImageTypeId values in EFI_FIRMWARE_IMAGE_DESCRIPTOR > > array > > FWU: Add boot time checks as highlighted by the FWU specification > > FWU: Add support for FWU Multi Bank Update feature > > FWU: cmd: Add a command to read FWU metadata > > mkeficapsule: Add support for generating empty capsules > > FWU: doc: Add documentation for the FWU feature > > > > arch/arm/dts/stm32mp157c-dk2-u-boot.dtsi | 7 + > > board/st/stm32mp1/stm32mp1.c | 178 +++++++ > > cmd/Kconfig | 7 + > > cmd/Makefile | 1 + > > cmd/fwu_mdata.c | 74 +++ > > common/board_r.c | 6 + > > doc/develop/uefi/fwu_updates.rst | 142 +++++ > > doc/develop/uefi/index.rst | 1 + > > doc/develop/uefi/uefi.rst | 2 + > > .../firmware/fwu-mdata.txt | 18 + > > doc/mkeficapsule.1 | 23 +- > > drivers/Kconfig | 2 + > > drivers/Makefile | 1 + > > drivers/fwu-mdata/Kconfig | 16 + > > drivers/fwu-mdata/Makefile | 7 + > > drivers/fwu-mdata/fwu-mdata-uclass.c | 434 +++++++++++++++ > > drivers/fwu-mdata/fwu_mdata_gpt_blk.c | 501 ++++++++++++++++++ > > include/dm/uclass-id.h | 1 + > > include/efi_loader.h | 2 + > > include/fwu.h | 70 +++ > > include/fwu_mdata.h | 67 +++ > > lib/Kconfig | 6 + > > lib/Makefile | 1 + > > lib/efi_loader/efi_capsule.c | 221 +++++++- > > lib/efi_loader/efi_firmware.c | 71 ++- > > lib/efi_loader/efi_setup.c | 3 +- > > lib/fwu_updates/Kconfig | 31 ++ > > lib/fwu_updates/Makefile | 6 + > > lib/fwu_updates/fwu.c | 204 +++++++ > > tools/eficapsule.h | 8 + > > tools/mkeficapsule.c | 131 ++++- > > 31 files changed, 2208 insertions(+), 34 deletions(-) > > create mode 100644 cmd/fwu_mdata.c > > create mode 100644 doc/develop/uefi/fwu_updates.rst > > create mode 100644 doc/device-tree-bindings/firmware/fwu-mdata.txt > > create mode 100644 drivers/fwu-mdata/Kconfig > > create mode 100644 drivers/fwu-mdata/Makefile > > create mode 100644 drivers/fwu-mdata/fwu-mdata-uclass.c > > create mode 100644 drivers/fwu-mdata/fwu_mdata_gpt_blk.c > > create mode 100644 include/fwu.h > > create mode 100644 include/fwu_mdata.h > > create mode 100644 lib/fwu_updates/Kconfig > > create mode 100644 lib/fwu_updates/Makefile > > create mode 100644 lib/fwu_updates/fwu.c > > > > -- > > 2.17.1 > > > > > > What's the git base you use for this series? You can clone my linaro git repo branch[1] to get the entire series. -sughosh [1] - https://git.linaro.org/people/sughosh.ganu/u-boot.git/log/?h=non_rfc_v1_mdata_dm > > Thanks, > Michal > > -- > Michal Simek, Ing. (M.Eng), OpenPGP -> KeyID: FE3D1F91 > w: www.monstr.eu p: +42-0-721842854 > Maintainer of Linux kernel - Xilinx Microblaze > Maintainer of Linux kernel - Xilinx Zynq ARM and ZynqMP ARM64 SoCs > U-Boot custodian - Xilinx Microblaze/Zynq/ZynqMP/Versal SoCs
The patchset adds support for the FWU Multi Bank Update[1] feature. Certain aspects of the Dependable Boot[2] specification have also been implemented. The FWU multi bank update feature is used for supporting multiple sets(also called banks) of firmware image(s), allowing the platform to boot from a different bank, in case it fails to boot from the active bank. This functionality is supported by keeping the relevant information in a structure called metadata, which provides information on the images. Among other parameters, the metadata structure contains information on the currect active bank that is being used to boot image(s). Functionality is being added to work with the UEFI capsule driver in u-boot. The metadata is read to gather information on the update bank, which is the bank to which the firmware images would be flashed to. On a successful completion of the update of all components, the active bank field in the metadata is updated, to reflect the bank from which the platform will boot on the subsequent boots. Currently, the feature is being enabled on the STM32MP157C-DK2 board which boots a FIP image from a uSD card partitioned with the GPT partioning scheme. This also requires changes in the previous stage of bootloader, which parses the metadata and selects the bank to boot the image(s) from. Support is being added in tf-a(BL2 stage) for the STM32MP157C-DK2 board to boot the active bank images. These changes have been merged to the upstream tf-a's integration branch[3]. These patches are based on top of the series from Takahiro to add Authentication support to mkeficapsule utility[4] and a couple of other patches[5][6] TODO's ------ * Add a unit test case for the newly added FWU_MDATA uclass. Some involved effort is needed on this since the host device interface on sandbox cannot be used with the UT framework. * Add test case for the feature with the python test suite, along the lines of capsule update testing. [1] - https://developer.arm.com/documentation/den0118/a [2] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf [3] - https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/log/?h=integration [4] - https://patchwork.ozlabs.org/project/uboot/list/?series=281549 [5] - https://patchwork.ozlabs.org/project/uboot/patch/164388019634.446835.18271480521485569016.stgit@localhost/ [6] - https://patchwork.ozlabs.org/project/uboot/patch/20220129192108.6618-1-sughosh.ganu@linaro.org/ Changes since V3: * Move the FWU metadata access to driver model * Get the storage device containing the metadata from a device tree property instead of a platform helper function * Move the metadata access driver for GPT partitioned block devices under drivers/fwu-mdata/ directory, complying with driver model. * Move functionality to get the active index under the common function instead of the GPT block device specific driver. * Remove function for getting the storage device containing the metadata as the information is now obtained from the device tree. * Define a weak function fill_image_type_guid_array for populating the image descriptor array with u-boot's raw and fit image GUIDs * Define the function fill_image_type_guid_array for the ST DK2 board for GPT partitioned devices. * Change the TrialStateCtr efi variable attribute to remove the runtime attribute * Rebase the change on top of the patch from Masami to call efi_capsule_update_firmware directly. * Put the FWU related checks which were earlier in efi_update_capsule function to separate functions fwu_empty_capsule and fwu_empty_capsule_process. * Use the device model api uclass_get_device to probe and get the FWU Metadata device. * Add related documentation for empty capsules in the mkeficapsule man page. * Add separate usage for empty capsules, with corresponding valid options. * Use ternary operators where possible. * Put a exclusivity check for the empty capsule options. Sughosh Ganu (11): FWU: Add FWU metadata structure and driver for accessing metadata FWU: Add FWU metadata access driver for GPT partitioned block devices FWU: stm32mp1: Add helper functions for accessing FWU metadata FWU: STM32MP1: Add support to read boot index from backup register EFI: FMP: Add provision to update image's ImageTypeId in image descriptor stm32mp1: Populate ImageTypeId values in EFI_FIRMWARE_IMAGE_DESCRIPTOR array FWU: Add boot time checks as highlighted by the FWU specification FWU: Add support for FWU Multi Bank Update feature FWU: cmd: Add a command to read FWU metadata mkeficapsule: Add support for generating empty capsules FWU: doc: Add documentation for the FWU feature arch/arm/dts/stm32mp157c-dk2-u-boot.dtsi | 7 + board/st/stm32mp1/stm32mp1.c | 178 +++++++ cmd/Kconfig | 7 + cmd/Makefile | 1 + cmd/fwu_mdata.c | 74 +++ common/board_r.c | 6 + doc/develop/uefi/fwu_updates.rst | 142 +++++ doc/develop/uefi/index.rst | 1 + doc/develop/uefi/uefi.rst | 2 + .../firmware/fwu-mdata.txt | 18 + doc/mkeficapsule.1 | 23 +- drivers/Kconfig | 2 + drivers/Makefile | 1 + drivers/fwu-mdata/Kconfig | 16 + drivers/fwu-mdata/Makefile | 7 + drivers/fwu-mdata/fwu-mdata-uclass.c | 434 +++++++++++++++ drivers/fwu-mdata/fwu_mdata_gpt_blk.c | 501 ++++++++++++++++++ include/dm/uclass-id.h | 1 + include/efi_loader.h | 2 + include/fwu.h | 70 +++ include/fwu_mdata.h | 67 +++ lib/Kconfig | 6 + lib/Makefile | 1 + lib/efi_loader/efi_capsule.c | 221 +++++++- lib/efi_loader/efi_firmware.c | 71 ++- lib/efi_loader/efi_setup.c | 3 +- lib/fwu_updates/Kconfig | 31 ++ lib/fwu_updates/Makefile | 6 + lib/fwu_updates/fwu.c | 204 +++++++ tools/eficapsule.h | 8 + tools/mkeficapsule.c | 131 ++++- 31 files changed, 2208 insertions(+), 34 deletions(-) create mode 100644 cmd/fwu_mdata.c create mode 100644 doc/develop/uefi/fwu_updates.rst create mode 100644 doc/device-tree-bindings/firmware/fwu-mdata.txt create mode 100644 drivers/fwu-mdata/Kconfig create mode 100644 drivers/fwu-mdata/Makefile create mode 100644 drivers/fwu-mdata/fwu-mdata-uclass.c create mode 100644 drivers/fwu-mdata/fwu_mdata_gpt_blk.c create mode 100644 include/fwu.h create mode 100644 include/fwu_mdata.h create mode 100644 lib/fwu_updates/Kconfig create mode 100644 lib/fwu_updates/Makefile create mode 100644 lib/fwu_updates/fwu.c