From patchwork Thu Feb 17 15:12:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masami Hiramatsu X-Patchwork-Id: 543388 Delivered-To: patch@linaro.org Received: by 2002:ac0:e142:0:0:0:0:0 with SMTP id r2csp449000imn; Thu, 17 Feb 2022 07:13:06 -0800 (PST) X-Google-Smtp-Source: ABdhPJxR0r9fWa6mmPIZHtjAvhXX8vvYay7783TzbrVNqBSJouJaxGWC+08toJ01bh+oxY1swZEB X-Received: by 2002:a17:907:3347:b0:6ce:6bc4:d18a with SMTP id yr7-20020a170907334700b006ce6bc4d18amr2645077ejb.612.1645110786061; Thu, 17 Feb 2022 07:13:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645110786; cv=none; d=google.com; s=arc-20160816; b=R1GZXeqaOvWx6B0eaK+bl3OQJTldNBAnTxHz6g4FRV5kLA1oOLkJwtyJapB0pIcMIO 0EC3J3cA1FvfQmhfahIL/Wka611UgDreXV5qteDlzQM2/aNMoegAB/Mb1osRhQ/in4Fj mBMTJYjh+oIO/de61S7nI/MJnMnGADsv/9R3vPl8RXvh0FoUxyEmWZZcHp2bJFMhDQ/n 4jyGSt1AwIWbsKQdEr3NajXAqeOnt6AjATtF5u2mkqfEvlERoaOR5xMNe/jd7dyUFu6G svATKTgJZ0FP+ldQTO32g657XoNwco1Y5GkULEMiClZsTpr/vXbar1IG0dZnPJ0bkPww 4c/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:user-agent:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=NjVjHs2/ZHuB4PviHtTA7YkjGT8HM1yrLC0Bevw1Pfg=; b=HFmmTf/gD+ShTIACvkMAPUIDz1RpkEoue4ZYcehESFoVPiu0hkP0c9/KvVAcW2T4FX vFgt8OZl7IG/MkCqERkoxtDM0AX5TWaXN+WjAyC02dFo+otVrP6amUpZSOgux7muWcTt rmU+b8ARrY9M36Nb89w6hx2eVDrvMZUkMfYsakxHZy2tBESVX+qa85XAOLTKmpMSYI4U a2aNiMcil9tSTsq5x+siLZzMc0MC3Pt/qOnMC6uHH71278H2cc2poQ82kPuNJTrGelJU oHLCeOoX7+bDZfuktuhamDRvTFP1n5GG7oekshnGL4PK0w5hrBjYMqev3V5j1PSu+97E JjNw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=m47wxd8q; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id eg23si1862245edb.439.2022.02.17.07.13.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Feb 2022 07:13:06 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=m47wxd8q; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id AC32783BAB; Thu, 17 Feb 2022 16:12:57 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="m47wxd8q"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4752283BDF; Thu, 17 Feb 2022 16:12:42 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8401083BBE for ; Thu, 17 Feb 2022 16:12:33 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masami.hiramatsu@linaro.org Received: by mail-pg1-x536.google.com with SMTP id p23so5297522pgj.2 for ; Thu, 17 Feb 2022 07:12:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=NjVjHs2/ZHuB4PviHtTA7YkjGT8HM1yrLC0Bevw1Pfg=; b=m47wxd8qkY4NmydpUptmiwmkaTvnYhdXuLy52SuLGUA3FfsZaOzacv2N7jtoO1mrCd xDJFHRXJ6fel0lCNbJWHo700johx4VWpbXRPAhssJESeDGv3Y6iWlTC5nMlQ1X4lApcu 4IEecZJLlRjht6wG1o4VSrNyIIxWvOxjNxv4c7M24dK7RTZnlj+8fhVH2cI5e8qzu6wR DjggDs90n63AuUw5IxOxeZSkUb9S1/Mpg4o1HHeVWIKZgZ3aAm8vLXc8lkTg++dpVCdo WKy4Vueb4Cif6e4XSJch7WVDeVh8StqWqAJesdUnHoj6wm9mJg80ed9l9tQj4e05fmhW gMzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=NjVjHs2/ZHuB4PviHtTA7YkjGT8HM1yrLC0Bevw1Pfg=; b=fkDZ7euFyInaQ/dywCdE3O6CbK2rTP59OFIAs77lMFPrBwYbt3Lyf8U7xT3Spi+fTq qeMFR4VlLJuo/gkqDaVU3PsviZZGxPepsUg/3v4aKL3Uwu6yg8i8j58Yn7/KROOIbYrJ qoyoxThuy5ANMR54Evfxw7ddLOgv/FPeUL279lHmSIA97532IGNZP8g15LtAOjdI2Pqb 3j2dTvIrcztAjzHX8x7OnxqBZh4GS9xRIcv2BQc7bwTiJlJrFOJMCBKL83LvGccGuCdK LFVfk+vLFiiumAmj0/d4Bgk70G50BNWT09q4FIEAcZFB85EHibAVnj59VRvlQHmAWynJ o6Fw== X-Gm-Message-State: AOAM530w+Osdu17/8bknLZWklAyPDHeQc7K8lr0NBvWD6rC78rmPXpzz uwu20wula0p725pGhfcqDwz62qTvN6GAxQ== X-Received: by 2002:a05:6a00:10c5:b0:4e1:4b53:18fe with SMTP id d5-20020a056a0010c500b004e14b5318femr3337821pfu.84.1645110751506; Thu, 17 Feb 2022 07:12:31 -0800 (PST) Received: from localhost.localdomain (113x37x226x201.ap113.ftth.ucom.ne.jp. [113.37.226.201]) by smtp.gmail.com with ESMTPSA id l22sm50390311pfc.191.2022.02.17.07.12.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Feb 2022 07:12:31 -0800 (PST) From: Masami Hiramatsu To: u-boot@lists.denx.de Cc: Masami Hiramatsu , Patrick Delaunay , Patrice Chotard , Heinrich Schuchardt , Alexander Graf , AKASHI Takahiro , Simon Glass , Bin Meng , Ilias Apalodimas , Jose Marinho , Grant Likely , Tom Rini , Etienne Carriere , Sughosh Ganu , Paul Liu Subject: [RFC PATCH v2 7/8] FWU: synquacer: Initialize broken metadata Date: Fri, 18 Feb 2022 00:12:27 +0900 Message-Id: <164511074686.43219.11720107253974331269.stgit@localhost> X-Mailer: git-send-email 2.25.1 In-Reply-To: <164511067605.43219.15508992404634142079.stgit@localhost> References: <164511067605.43219.15508992404634142079.stgit@localhost> User-Agent: StGit/0.19 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean Since the FWU metadata is not initialized at the installation, if it is broken, it should be initialized. Usually, the FWU metadata is not covered by capsule update, so it is safe to initialize the metadata portion if it seems broken. But for the production device, usually firmware will be installed with initialized metadata, and the broken metadata means the device can be compromized. In that case, build U-Boot without this option. Signed-off-by: Masami Hiramatsu --- board/socionext/developerbox/Kconfig | 12 ++++++ board/socionext/developerbox/fwu_plat.c | 60 +++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/board/socionext/developerbox/Kconfig b/board/socionext/developerbox/Kconfig index 4120098cab..9fbe8d1e74 100644 --- a/board/socionext/developerbox/Kconfig +++ b/board/socionext/developerbox/Kconfig @@ -44,4 +44,16 @@ config FWU_NUM_BANKS config FWU_NUM_IMAGES_PER_BANK default 1 +config FWU_INIT_BROKEN_METADATA + bool "Initialize FWU metadata if broken" + select BOARD_LATE_INIT + default n + help + Initialize FWU metadata if the metadata is broken. + This option is only for the development environment, since if the + metadata is broken, it means someone may compromize it. In that case + the production device must be bricked. + But for the development environment, or initial installation of the + FWU multi-bank update firmware, this will be useful. + endif diff --git a/board/socionext/developerbox/fwu_plat.c b/board/socionext/developerbox/fwu_plat.c index cbbbd58bc0..1892f79660 100644 --- a/board/socionext/developerbox/fwu_plat.c +++ b/board/socionext/developerbox/fwu_plat.c @@ -176,3 +176,63 @@ void fwu_plat_get_bootidx(void *boot_idx) else *bootidx = devbox_plat_metadata->boot_index; } + +#ifdef CONFIG_FWU_INIT_BROKEN_METADATA + +static void devbox_init_fwu_mdata(void) +{ + const efi_guid_t null_guid = NULL_GUID; + struct fwu_image_bank_info *bank; + struct fwu_mdata *metadata; + int i, j, ret; + + metadata = memalign(ARCH_DMA_MINALIGN, sizeof(*metadata)); + if (!metadata) { + log_err("Failed to allocate initial metadata.\n"); + return; + } + + metadata->version = 1; + metadata->active_index = 0; + metadata->previous_active_index = 0; + + /* + * Since the DeveloperBox doesn't use GPT, both of + * fwu_image_entry::location_uuid and + * fwu_img_bank_info::image_uuid are null GUID. + */ + for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { + guidcpy(&metadata->img_entry[i].image_type_uuid, + &devbox_fip_image_type_guid); + guidcpy(&metadata->img_entry[i].location_uuid, + &null_guid); + bank = metadata->img_entry[i].img_bank_info; + + for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) { + guidcpy(&bank[j].image_uuid, &null_guid); + bank[j].accepted = (j == 0) ? 1 : 0; + bank[j].reserved = 0; + } + } + + ret = fwu_update_mdata(metadata); + if (ret < 0) + log_err("Failed to initialize FWU metadata\n"); + else + log_err("Initialized FWU metadata\n"); + free(metadata); +} + +int board_late_init(void) +{ + struct fwu_mdata *metadata; + + if (fwu_get_mdata(&metadata) < 0) { + // Initialize FWU metadata if broken + log_err("Unable to get a valid metadata. Initialize it.\n"); + devbox_init_fwu_mdata(); + } + return 0; +} + +#endif