| Message ID | 20220414105448.559043-1-sughosh.ganu@linaro.org |
|---|---|
| Headers | show
Delivered-To: patch@linaro.org
Received: by 2002:a05:7000:6886:0:0:0:0 with SMTP id m6csp896314map;
Thu, 14 Apr 2022 03:55:20 -0700 (PDT)
X-Google-Smtp-Source:
ABdhPJw7c3lHpZpbKlVRJY2I9OFnkxzALiQJ2ayEdciF6HyCyHjtWnXUshCWXy+vFy94pKSLTOMH
X-Received: by 2002:a17:906:a147:b0:6e8:46a4:25a9 with SMTP id
bu7-20020a170906a14700b006e846a425a9mr1686172ejb.213.1649933720262;
Thu, 14 Apr 2022 03:55:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1649933720; cv=none;
d=google.com; s=arc-20160816;
b=Oyaq5n/vT0UvkfjrYV6w7V4WlI4Y3y53BTjyDRkCLhiaZnRIViEf3t2Qv6gFYnwBH1
jqAinEecTTZKD1O998yaYxAF/f9p1Dc9YAtGyfod62Muf0YFrX0/eXm2tIkZioHKHUhZ
x5GX5E8GrfIcGXO9F6lSqoU1oLHPxIbOnT+WyxoVS64RwXqPD61gsbiaC5DrgVjjJTdq
OV3hFO5dOFsj+AuHibAJ6NrVQgCPot0ccIk3VK+xl7aejaCxwHGKAYCrq7H3KnJqk+4W
6HgWtgQllOUoFXV4N05Gg7e3wK/dJd/SP+Of4RNRLJhabtkoNN245qIoSR1XsEVGps66
Ws/w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
:list-unsubscribe:list-id:precedence:content-transfer-encoding
:mime-version:message-id:date:subject:cc:to:from;
bh=9IVmlBIfdaqqTT7MOjz1ja8hcT82aOuJR+6wK7Zcb2k=;
b=o9Zd4KSu3cS1lGTBVd49PkrgVOiJ+RXJ5nMEMkdzKxelhysUVsUECXWpKqi4JOeriB
9CqNm35amPb7QQtLWiywwMcXCGeiSwJdJWagyMiBUfdpDRz/sPAPDgnygPW2dQpLKYx8
bvC7SRxYIp6bplC2PmFWTkkdCm8OuQ/bJOoE2rPNgvQu7ZevlDFrJUkA/7YN9b+yiwJn
4If8f5xqtnyQwQVu2wM0awZw3BTPxJ7+8TVM9eXPBzPejHub+wzut66WYHFN+soT8epu
jB0GK/IqrWqdWcxKq8VQ0sKWj5CCr6Yx8UVTmCUcFqeqR9SQwj3XznX1HJ9tOvV6GJ9l
NVxw==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61])
by mx.google.com with ESMTPS id
e6-20020a170906c00600b006e8884f5773si1872746ejz.377.2022.04.14.03.55.19
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 14 Apr 2022 03:55:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
by phobos.denx.de (Postfix) with ESMTP id 7C82A83E5C;
Thu, 14 Apr 2022 12:55:16 +0200 (CEST)
Authentication-Results: phobos.denx.de;
dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: by phobos.denx.de (Postfix, from userid 109)
id E17EE83E5C; Thu, 14 Apr 2022 12:55:13 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level:
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
version=3.4.2
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
by phobos.denx.de (Postfix) with ESMTP id 2D98D83B44
for <u-boot@lists.denx.de>; Thu, 14 Apr 2022 12:55:09 +0200 (CEST)
Authentication-Results: phobos.denx.de;
dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
spf=fail smtp.mailfrom=sughosh.ganu@linaro.org
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1DED3139F;
Thu, 14 Apr 2022 03:55:08 -0700 (PDT)
Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44])
by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 338523F70D;
Thu, 14 Apr 2022 03:55:03 -0700 (PDT)
From: Sughosh Ganu <sughosh.ganu@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
AKASHI Takahiro <takahiro.akashi@linaro.org>,
Ying-Chun Liu <paul.liu@linaro.org>,
Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>,
Heiko Thiery <heiko.thiery@gmail.com>,
Frieder Schrempf <frieder.schrempf@kontron.de>,
Michael Walle <michael@walle.cc>,
Masami Hiramatsu <masami.hiramatsu@linaro.org>,
Jassi Brar <jaswinder.singh@linaro.org>, Michal Simek <monstr@monstr.eu>,
Michal Simek <michal.simek@xilinx.com>
Subject: [PATCH v7 0/8] efi: capsule: Capsule Update fixes and enhancements
Date: Thu, 14 Apr 2022 16:24:40 +0530
Message-Id: <20220414105448.559043-1-sughosh.ganu@linaro.org>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
<mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
<mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de
X-Virus-Status: Clean
|
| Series |
efi: capsule: Capsule Update fixes and enhancements
|
expand
|
This series is cleaning up the usage of the image GUIDs that are used in capsule update and the EFI System Resource Table(ESRT). There are some other enhancements being made to the capsule update code to make it more robust. Firstly, an overview of the fixes being made. Currently, there are two instances of the Firmware Management Protocol(FMP), one defined for updating the FIT images, and the other for updating raw images. The FMP code defines two GUID values, one for all FIT images, and one for raw images. Depending on the FMP instance used on a platform, the platform needs to use the corresponding image GUID value for all images on the platform, and also across platforms. A few issues are being fixed through the patch series. One, that an image for a different platform can be flashed on another platform if both the platforms are using the same FMP instance. So, for e.g. a capsule generated for the Socionext DeveloperBox platform can be flashed on the ZynqMP platform, since both the platforms use the CONFIG_EFI_CAPSULE_FIRMWARE_RAW instance of the FMP. This can be corrected if each firmware image that can be updated through the capsule update mechanism has it's own unique image GUID. The second issue that this patch series fixes is the value of FwClass in the ESRT. With the current logic, all firmware image entries in the ESRT display the same GUID value -- either the FIT GUID or the raw GUID. This is not in compliance with the UEFI specification, as the specification requires all entries to have unique GUID values. The third issue being fixed is the population of the EFI_FIRMWARE_IMAGE_DESCRIPTOR array. The current code uses the dfu framework for populating the image descriptor array. However, there might be other images that are not to be updated through the capsule update mechanism also registered with the dfu framework. As a result of this, the ESRT will show up entries of images that are not to be targeted by the capsule update mechanism. These issues are being fixed by defining a structure, efi_fw_images. A platform can then define image related information like the image GUID and image name. Every platform that uses capsule update mechanism needs to define fw_images array. This array will then be used to populate the image descriptor array, and also in determining if a particular capsule's payload can be used for updating an image on the platform. The other part of the patches are some enhancements being made to the capsule update code to make it more robust. The first enhancement being made is to have a check for the image index being passed through the capsule header. The capsule update code uses the image index value as the dfu alt number, which points to the partition to which the update must be made. The platform is supposed to define the image index value for the updatable firmare images as part of the fw_images array. This value must correspond to the dfu alt num for the corresponding image, and can be obtained by checking the output of the 'dfu list' u-boot command. At the time of update, the image index being passed through the capsule is checked against the image index value obtained from the platform. The second enhancement made is the retrieval of the dfu_alt_info variable from the set_dfu_alt_info function instead of using the value defined in the environment. The dfu framework checks for the existence of this function, and if the function is not defined, gets the value from the environment. This can cause in an incorrect update if the environment variable value is incorrect. A weak function is defined for populating dfu_alt_info from the information obtained from the platform. This function gets invoked on all platforms which enabled capsule update feature. The first patch adds the structure efi_capsule_update_info and initialises the structure on all platforms which enable capsule update feature The second patch populates the image descriptor array in the GetImageInfo function with the values from the fw_images array defined in the board file The third patch adds a check for the image index value from the capsule header against the value obtained from the fw_images array for the corresponding image The fourth patch defines a weak function set_dfu_alt_info which is used to populate dfu_alt_info to be used for capsule updates. The fifth patch splits the capsule update test script into two, one for FMP for raw images, and one for FMP for FIT images. The test for FIT images is being enabled on the sandbox_flattree variant. The sixth patch removes the now unused FIT and raw image GUID values from the FMP module. The seventh patch removes the --raw and --fit command line parameters in the mkeficapsule utility. The eighth patch makes corresponding changes in the capsule update related documentation. Changes since V6: ----------------- * Renamed struct efi_fw_images as struct efi_fw_image as suggested by Takahiro * Made corresponding change in all board files based on the rename done * Use renamed struct efi_fw_image instead of struct efi_fw_images * Reword the commit message to highlight the reason for removing --fit and --raw options as suggested by Takahiro * Remove the --fit and --raw description in the mkeficapsule man page * Add example for the struct efi_fw_image array and struct efi_capsule_update_info as suggested by Takahiro Changes since V5: ----------------- * Create a separate entry in fw_images array per config for boards with multiple configs as suggested by Heinrich. * Removed CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) check in the board config headers, as suggested by Heinrich. * Add a check in the set_dfu_alt_info functions for the xilinx and qemu platforms to get the board defined value of dfu_alt_info when capsule update feature is enabled. * Simplify the set_dfu_alt_info function definition to set the variable directly from dfu_string, as suggested by Heinrich. * Restart the platform before starting the tests. This is done to clear out any stale state from a previously run test. Changes since V4: ----------------- * Define a structure efi_capsule_update_info which includes the string for populating dfu_alt_info * Initialise the string for dfu_alt_info in the board file * Drop the image_count variable as was suggested by Ilias * Drop another unused variable names_len * Define a weak function set_dfu_alt_info for setting the variable in a non board specific file as suggested by Ilias * Drop the definitions of set_dfu_alt_info that were being added in the board files * Change the description of the platform data based on the changes made in earlier patches Changes since V3: ----------------- * Do not remove the existing dfu_alt_info definitions made by platforms in the config files, as discussed with Masami. * Squash the selection of the SET_DFU_ALT_INFO config symbol for capsule update feature as part of this patch. * Rephrase the commit message to indicate that the doc changes are not just limited to adding the GUID values, but other info as well. * Elaborate with an example on the relation between the dfu alt number and the image index Changes since V2: ----------------- * Add a new member image_index to the struct efi_fw_images to allow the platforms to define the values for images. * Address review comments from Michal Simek for the xilinx boards. * Fix double inclusion of efi_loader.h as was pointed out by Heiko Thiery. * Use the image index values defined in the platform's fw_images array for the image descriptors * Add a description for adding image index value and definition of set_dfu_alt_info function for the capsule updates. Changes since V1: ----------------- * Make changes for the xilinx boards as suggested by Michal Simek. * Add a GUID for the sandbox FIT image. * Split the capsule update test cases into two scripts, one for raw images and one for FIT images. * Add the capsule update test case for FIT images on sandbox64 and sandbox_flattree variants. * Add capsule update support on sandbox_flattree variant for enabling FIT capsule update testing as part of the python tests Sughosh Ganu (8): capsule: board: Add information needed for capsule updates capsule: FMP: Populate the image descriptor array from platform data capsule: Put a check for image index before the update efi: Define set_dfu_alt_info() for boards with UEFI capsule update enabled test: capsule: Modify the capsule tests to use GUID values for sandbox FMP: Remove GUIDs for FIT and raw images mkeficapsule: Remove raw and FIT GUID types doc: uefi: Update the capsule update related documentation .../imx8mp_rsb3720a1/imx8mp_rsb3720a1.c | 29 +++ .../imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c | 28 +++ board/emulation/common/qemu_dfu.c | 3 +- board/emulation/qemu-arm/qemu-arm.c | 28 +++ board/kontron/pitx_imx8m/pitx_imx8m.c | 21 +- board/kontron/sl-mx8mm/sl-mx8mm.c | 20 ++ board/kontron/sl28/sl28.c | 21 ++ board/sandbox/sandbox.c | 34 ++++ board/socionext/developerbox/developerbox.c | 33 +++ board/xilinx/common/board.c | 28 +++ board/xilinx/zynq/board.c | 3 +- board/xilinx/zynqmp/zynqmp.c | 3 +- configs/sandbox64_defconfig | 1 - configs/sandbox_defconfig | 1 - configs/sandbox_flattree_defconfig | 5 + doc/develop/uefi/uefi.rst | 98 ++++++++- doc/mkeficapsule.1 | 12 -- include/configs/imx8mm-cl-iot-gate.h | 9 + include/configs/imx8mp_rsb3720.h | 9 + include/configs/kontron-sl-mx8mm.h | 5 + include/configs/kontron_pitx_imx8m.h | 5 + include/configs/kontron_sl28.h | 5 + include/configs/qemu-arm.h | 9 + include/configs/sandbox.h | 13 ++ include/configs/synquacer.h | 13 ++ include/configs/xilinx_versal.h | 5 + include/configs/xilinx_zynqmp.h | 9 + include/configs/zynq-common.h | 9 + include/efi_api.h | 8 - include/efi_loader.h | 36 ++++ lib/efi_loader/Kconfig | 2 + lib/efi_loader/efi_capsule.c | 8 +- lib/efi_loader/efi_firmware.c | 104 +++------- test/py/tests/test_efi_capsule/conftest.py | 21 +- .../test_capsule_firmware_fit.py | 191 ++++++++++++++++++ ...rmware.py => test_capsule_firmware_raw.py} | 167 ++++++--------- tools/eficapsule.h | 8 - tools/mkeficapsule.c | 26 +-- 38 files changed, 781 insertions(+), 249 deletions(-) create mode 100644 test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py rename test/py/tests/test_efi_capsule/{test_capsule_firmware.py => test_capsule_firmware_raw.py} (75%)