From patchwork Fri May 19 10:32:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 683896 Delivered-To: patch@linaro.org Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp852759wrt; Fri, 19 May 2023 03:32:50 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6Clt67lCEYpQp1sKFQ6Nq3KE2+EMkuEQ3J1MDHan0djlBjPTp5z8DhOiz5yCsyheUWjdWw X-Received: by 2002:a05:6a00:1a86:b0:648:cfbb:885c with SMTP id e6-20020a056a001a8600b00648cfbb885cmr2421750pfv.29.1684492370281; Fri, 19 May 2023 03:32:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684492370; cv=none; d=google.com; s=arc-20160816; b=I9remxEu1agzvHNqpgy6zwupt7IbCVEnIvH+1Drw5yupFi5i9ov9tBIoVsPHvFNtc8 kOxFYAYi4KpwvF3NXJJf9ek7O3kGgkTUMMwcKsdg9/DTtwRhY6ta0gTU/iFil1F/qq27 UNn+sVlrw2NEr71DidlcnhCCI829eglRUBrVplr1CSFTEBP4xVwNsMkG+KAv/RL4l8lz jTSJxqUVteCL9Lm9ZFCix8h8vr6J5aiQvMNCOPc41MsEyeD2Qg5mg41qjqpBbJ9vK2Ap cTOxap5yvSzJxE3BjIUuPsG4k0iU9pWURX4g5EoVV1RoG4RiFk55yB5hglP5wXiju15R dp1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=D1M0SHd/s3GRX5CepUjOz785eAFFknX+6U7zWX10c00=; b=ILAmKRwQbTfdLVRaayDnfnxHjcfk9vg+vRiaiSa+WNzEFb+Lb8HmZjz5m4wYRFVv3n ZCOdLhn0al324S3zjgFUC4J5FMiurGJHAsaMAchfBlBW9AKNytLp2j2pxO3FSYm3SmVs CVECtfuRDOYKGaf2oH7C60s7bN9cI44vCE5Uqr5PLko+deT+uzQY01pupbpTC9vyiuHX 9oamkFGAv2ZhoLdwWeS4aySfwNPkcO/SY+3y2iL+Lx/n+Bb0vcCOaXAfbK++FPW6MWVq XGtm6EbuES/l7LFzKguNh+CdCQC4Yz2r8mIkzLy24jye+znd3Abtp0I6winz07yBVbCB N3pA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gHFOqbha; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id u84-20020a627957000000b0063d23b80e00si3832095pfc.392.2023.05.19.03.32.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 May 2023 03:32:50 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gHFOqbha; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id B562984694; Fri, 19 May 2023 12:32:43 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="gHFOqbha"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 66E5A85EAD; Fri, 19 May 2023 12:32:42 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1031.google.com (mail-pj1-x1031.google.com [IPv6:2607:f8b0:4864:20::1031]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 3523D81DCF for ; Fri, 19 May 2023 12:32:39 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x1031.google.com with SMTP id 98e67ed59e1d1-2533d8f4a1eso2311936a91.1 for ; Fri, 19 May 2023 03:32:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1684492357; x=1687084357; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=D1M0SHd/s3GRX5CepUjOz785eAFFknX+6U7zWX10c00=; b=gHFOqbhaFYhRKesKg3SRQjTUlO1dGJkQprCB5IV8X57xFBMbABTzzwZexdSeIP+OJv fPZYrJ0FT20GgWnBblvjqy5MlnbxGYDSc/Y1EPNZLIuDSfaEO5tlkNKDoHzGcFInNMKd 5XO2COafr37xzWzPNN0HZebwdai7JQ1G28DYwetjDWrQ5DuNMC1ngm1MRwZg65R1rFHD 1N8/dyTgRUo66g6mwg48YZblNzWfvgPrc8hYlvTj41URQahK18/NLxAro4nEwb6uRI+6 BbrgTBkgad9OEu7XQfT6qRJu0RoQB10NklDiudWILDsX8KGE9b17snLNB6JxZg51AS4s fxNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684492357; x=1687084357; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=D1M0SHd/s3GRX5CepUjOz785eAFFknX+6U7zWX10c00=; b=IfB2Uf+fW4BEqBT7aj3+IjptBTEFWdxGiG4lDmR0W9Z6KhUj/qF8qLo38W1BEI/gDh pzAyDICk8wfNNMxuvwKyhkRCqkqHDRN//omirIGxsbQrGKiqsH3Y1Cok2gWPSoT6c8Vr cINluzhoCqmC5Qe1hGoFvJqKE+f6t0wDRwF8pDBv75UYZXf8MKO4IbLWribtpFoc1dnA nMsdDH2ofwFGw/R4lKv3p2G7hcgD8ZEkzaLuYR8V9nZ+SXjIBcmh3jMWiCv9aEdwmQ+u bAPbsJXlbwg3tebnyqa5sR4sM5Wv+5iVS67jAAMJjpxRuw5zqrVJz5kTqqLJlVtz3No/ mIwQ== X-Gm-Message-State: AC+VfDxa/pYo71KRHdZerkvmgOMa/NiCtVcFoGOSIKf3e5XnyV0PKg4R xBDlvzW2286OGz/7ZXDGEq+Z+6YtGbw1EqGXaY8= X-Received: by 2002:a17:90b:1a8e:b0:250:a4f5:fb34 with SMTP id ng14-20020a17090b1a8e00b00250a4f5fb34mr1795470pjb.2.1684492357311; Fri, 19 May 2023 03:32:37 -0700 (PDT) Received: from ubuntu-SVE15129CJS.. ([240d:1a:cf7:5800:8e72:6c60:18e6:c4c4]) by smtp.gmail.com with ESMTPSA id r13-20020a17090a940d00b0025352448ba9sm1195870pjo.0.2023.05.19.03.32.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 May 2023 03:32:36 -0700 (PDT) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v6 0/8] FMP versioning support Date: Fri, 19 May 2023 19:32:06 +0900 Message-Id: <20230519103214.1239656-1-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Firmware version management is not implemented in the current FMP implementation. This series aims to add the versioning support in FMP. Currently, there is no way to know the current running firmware version through the EFI interface. FMP->GetImageInfo() returns always 0 for the version number. So a user can not know that expected firmware is running after the capsule update. EDK II reference implementation utilizes the FMP Payload Header inserted right before the capsule payload. U-Boot also follows the EDK II implementation. With this series applied, version number can be specified in the capsule file generation with mkeficapsule tool, then user can know the running firmware version through FMP->GetImageInfo() and ESRT. There is a design consideration for lowest supported version. If the backing storage is a file we can't trust any of that information since anyone can tamper with the file, although the variables are defined as RO. With that, we store the lowest supported version in the device tree. We can trust the information from dtb as long as the former stage boot loader verifies the image containing the dtb. The firmware version can not be stored in device tree because not all the capsule files do not have a device tree. Note that this series does not mandate the FMP Payload Header, compatible with boards that are already using the existing U-Boot FMP implementation. If no FMP Payload Header is found in the capsule file, fw_version, lowest supported version, last attempt version and last attempt status is set to 0 and this is the same behavior as existing FMP implementation. Major Changes in v6: - change the location of fw_version and lowest supported version - fw_version is stored in FMP Payload Header in the capsule file - lowest_supported_version is stored in the device tree Major Changes in v5: - major design changes, versioning is implemented with device tree instead of EFI variable Major Changes in v4: - add python-based test Major Changes in v3: - exclude CONFIG_FWU_MULT Masahisa Kojima (8): efi_loader: add the number of image entries in efi_capsule_update_info efi_loader: store firmware version into FmpState variable efi_loader: versioning support in GetImageInfo efi_loader: get lowest supported version from device tree efi_loader: check lowest supported version mkeficapsule: add FMP Payload Header doc: uefi: add firmware versioning documentation doc: uefi: add anti-rollback documentation arch/arm/mach-rockchip/board.c | 4 +- .../imx8mp_rsb3720a1/imx8mp_rsb3720a1.c | 2 +- .../imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c | 2 +- board/emulation/qemu-arm/qemu-arm.c | 2 +- board/kontron/pitx_imx8m/pitx_imx8m.c | 2 +- board/kontron/sl-mx8mm/sl-mx8mm.c | 2 +- board/kontron/sl28/sl28.c | 2 +- board/rockchip/evb_rk3399/evb-rk3399.c | 2 +- board/sandbox/sandbox.c | 2 +- board/socionext/developerbox/developerbox.c | 2 +- board/st/stm32mp1/stm32mp1.c | 2 +- board/xilinx/common/board.c | 2 +- doc/develop/uefi/uefi.rst | 61 ++++ .../firmware/firmware-version.txt | 22 ++ doc/mkeficapsule.1 | 10 + include/efi_loader.h | 3 +- lib/efi_loader/efi_firmware.c | 273 ++++++++++++++++-- lib/fwu_updates/fwu.c | 2 +- tools/eficapsule.h | 30 ++ tools/mkeficapsule.c | 37 ++- 20 files changed, 421 insertions(+), 43 deletions(-) create mode 100644 doc/device-tree-bindings/firmware/firmware-version.txt