From patchwork Thu Mar 24 12:38:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 553904 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1248:0:0:0:0 with SMTP id z8csp4370427mag; Thu, 24 Mar 2022 05:39:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzn9xJON7P+/T2CG9fZ61AFtF89ZKI7mKo+OdSHSHR/fko/hWzNY3P7kl4I/t1R8UjN9l2E X-Received: by 2002:a17:907:3e03:b0:6da:8c5a:6d4a with SMTP id hp3-20020a1709073e0300b006da8c5a6d4amr5568823ejc.585.1648125579869; Thu, 24 Mar 2022 05:39:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648125579; cv=none; d=google.com; s=arc-20160816; b=PMV+BHFISeL/e3x6XV4IJ77KSD/0Lqx0M7TB5I7FoScn0Eca2rA4zRau0cpM5faX2u L+wXt/1b1QHt4rakvsIHIbTCev10x4UWOGONVSlfzUUzc965yzNk/CvaejHgqgk1oBZs 2QSlA/Dt6Cgrfj5+T+5goH3dnkmVg7KXYhyX4dJZPItezNCNsoJ1EDbmJA8kUI7r59AS A2c8OIwQoqfh/qR/RM5m5dx5G2p0IVDsij2oF04PWK0X1Cd9pkF+P34++nvTK0uJEnjL wYcATJkIx9vif8VlseIcEgABUJZiDisXe07K35U18r/g3ar439AETiRLz+cBqVgjlVRJ bX/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from; bh=r/HKZukeTNPWM1daRec1KZD92Tj9svdVf6wU2aibxHM=; b=XbrxCtFVZ8XPmJYVWxWvQcePb5NVJXeIdfbMpImz3VA8DtLySgKZiGGVCUo8pOJEkE OmnQq7T9STLvJOy/D8iga62bpK2quNHlWU7Fm07u+S+OcOm2UJdegGIGpf1vjdOdRKkL rS7GpY67O/XmdHnd08cZr8ftfrI/RODOnYnnK3eDBGBSSbr+IgxFXs95+B2TN1c/aXTh ZB7gE77X5TLUlSnsnNoyTep58FVc0fSjoO+N/850luksGpFDxDSp1bPusXSh6Sy+u3q9 pS4UhhJBvZ+HH2+tcVCr04YV7mYxNSOAoMZ9EaQn7KuHGbTXqkKR14XdbkBU3q6JxIHK /WZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id ho15-20020a1709070e8f00b006df76385e63si14556448ejc.771.2022.03.24.05.39.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Mar 2022 05:39:39 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id EAB1A84099; Thu, 24 Mar 2022 13:39:36 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 8EB578405B; Thu, 24 Mar 2022 13:39:34 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 97B9E84082 for ; Thu, 24 Mar 2022 13:39:31 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E6262D6E; Thu, 24 Mar 2022 05:39:30 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4CA863F73D; Thu, 24 Mar 2022 05:39:27 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , AKASHI Takahiro , Ying-Chun Liu , Tuomas Tynkkynen , Heiko Thiery , Frieder Schrempf , Michael Walle , Masami Hiramatsu , Jassi Brar , Michal Simek , Michal Simek Subject: [RFC PATCH 0/6] efi: capsule: Image GUID usage cleanup Date: Thu, 24 Mar 2022 18:08:55 +0530 Message-Id: <20220324123901.429472-1-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean This series is cleaning up the usage of the image GUIDs that are used in capsule update and the EFI System Resource Table(ESRT). Currently, there are two instances of the Firmware Management Protocol(FMP), one defined for updating the FIT images, and the other for updating raw images. The FMP code defines two GUID values, one for all FIT images, and one for raw images. Depending on the FMP instance used on a platform, the platform needs to use the corresponding image GUID value for all images on the platform, and also across platforms. A few issues are being fixed through the patch series. One, that an image for a different platform can be flashed on another platform if both the platforms are using the same FMP instance. So, for e.g. a capsule generated for the Socionext DeveloperBox platform can be flashed on the ZynqMP platform, since both the platforms use the CONFIG_EFI_CAPSULE_FIRMWARE_RAW instance of the FMP. This can be corrected if each firmware image that can be updated through the capsule update mechanism has it's own unique image GUID. The second issue that this patch series fixes is the value of FwClass in the ESRT. With the current logic, all firmware image entries in the ESRT display the same GUID value -- either the FIT GUID or the raw GUID. This is not in compliance with the UEFI specification, as the specification requires all entries to have unique GUID values. The third issue being fixed is the population of the EFI_FIRMWARE_IMAGE_DESCRIPTOR array. The current code uses the dfu framework for populating the image descriptor array. However, there might be other images that are not to be updated through the capsule update mechanism also registered with the dfu framework. As a result of this, the ESRT will show up entries of images that are not to be targeted by the capsule update mechanism. These issues are being fixed by defining a structure, efi_fw_images. A platform can then define image related information like the image GUID and image name. Every platform that uses capsule update mechanism needs to define fw_images array. This array will then be used to populate the image descriptor array, and also in determining if a particular capsule's payload can be used for updating an image on the platform. The first patch of this series adds the fw_images array in all platforms which are using UEFI capsule updates The second patch of the series changes the logic for populating the image descriptor array, using the information from the fw_images array defined by the platform. The third patch of the series removes the test cases using the --raw and --fit parameters, removes test case for FIT images, and adds a test case for checking that the update happens only with the correct image GUID value in the capsule. The fourth patch of the series makes corresponding changes in the capsule update related documentation. The fifth patch of the series removes the now unused FIT and raw image GUID values from the FMP module. The sixth patch of the series removes the --raw and --fit command line parameters in the mkeficapsule utility. Sughosh Ganu (6): capsule: Add Image GUIDs for platforms using capsule updates capsule: FMP: Populate the image descriptor array from platform data test: capsule: Modify the capsule tests to use GUID values for sandbox doc: uefi: Update the capsule update related documentation FMP: Remove GUIDs for FIT and raw images mkeficapsule: Remove raw and FIT GUID types .../imx8mp_rsb3720a1/imx8mp_rsb3720a1.c | 19 ++ .../imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c | 18 ++ board/emulation/qemu-arm/qemu-arm.c | 20 +++ board/kontron/pitx_imx8m/pitx_imx8m.c | 15 +- board/kontron/sl-mx8mm/sl-mx8mm.c | 14 ++ board/kontron/sl28/sl28.c | 14 ++ board/sandbox/sandbox.c | 17 ++ board/socionext/developerbox/developerbox.c | 23 +++ board/xilinx/common/board.h | 18 ++ board/xilinx/zynq/board.c | 18 ++ board/xilinx/zynqmp/zynqmp.c | 18 ++ configs/sandbox64_defconfig | 1 - configs/sandbox_defconfig | 1 - doc/develop/uefi/uefi.rst | 10 +- include/configs/imx8mm-cl-iot-gate.h | 10 ++ include/configs/imx8mp_rsb3720.h | 10 ++ include/configs/kontron-sl-mx8mm.h | 6 + include/configs/kontron_pitx_imx8m.h | 6 + include/configs/kontron_sl28.h | 6 + include/configs/qemu-arm.h | 10 ++ include/configs/sandbox.h | 10 ++ include/configs/synquacer.h | 14 ++ include/efi_api.h | 8 - include/efi_loader.h | 18 ++ lib/efi_loader/efi_firmware.c | 95 +++------- test/py/tests/test_efi_capsule/conftest.py | 20 +-- .../test_efi_capsule/test_capsule_firmware.py | 167 ++++++------------ tools/eficapsule.h | 8 - tools/mkeficapsule.c | 26 +-- 29 files changed, 384 insertions(+), 236 deletions(-)