From patchwork Fri May 19 10:32:11 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahisa Kojima <masahisa.kojima@linaro.org>
X-Patchwork-Id: 683901
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp853343wrt;
 Fri, 19 May 2023 03:34:00 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ5cpPFzc+GHuFqq6f+f2XvnDCbmaONBCVx3OhLPWjFS5gpW4MPB8En6+orb/zkAT+hX4nJv
X-Received: by 2002:a17:90b:4b01:b0:250:faff:e201 with SMTP id
 lx1-20020a17090b4b0100b00250faffe201mr1600968pjb.36.1684492439847;
 Fri, 19 May 2023 03:33:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1684492439; cv=none;
 d=google.com; s=arc-20160816;
 b=ySXgyVhRVxfSdj4nK/Dkp69sFpWzNgntC7GFuhhRrjP72tjpL/vQiMrwvl6Mp+0Qeu
 vL6V/6p3AW8UPcLQZPupOdXWfVW6lB2F6fCOtJRblB0jPemP5iv1MUJWZI6LWdJNhYiw
 MJBWTfTzuPrcnLmpMjiDqzGo1nUnNNKGX1DIQCUdM9NXeXLT5nUbvcQtsOyj3eirE+iN
 RXPMdv4vx267mh3rZQJv2jvvBK7QZ6WD3k8zIyL0D2UXPSI9UYiFHAgUr4zX5xvfMSQr
 fnEMBNrrOFXHtFmJX8qNKe1NHZ07VihRaa2lClm5FnPqjbU+ri+LjKGSPDe2EC9MHiTK
 NVhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature;
 bh=jytANE3A6ut77+YzD8arO4tXRo0D6bqyjXeRLGQGoBo=;
 b=g4diJo/5LPYv4a530VknCvNy5EvcLBwF5+t7nhBhoDvNJhQ4pl1TnMk1mwpsIT7Rzq
 7i1qKk/1S3zR73vAcefZihknz3+eDCCWGWxT4g7YtxhzxqKJ2QhVnFMl7mbus9xPawrp
 IxXnH+ffJiMCFFZHO3lFxEqTiyeF8OoUyVbqKOdwgIHe0OVLVM4dzbqp8l0BI79lu5X5
 q0p9+ilPjlttoMalGzkEk0stwBeTnek+fqXmpFStuhSm4bRwzHA/CT/x2uVqo1H3Oqxy
 rUPW/df3p9MuWSmIw6ccvSs4hAv5/c13wu8Ojbk/x3bswYc7nXwcian0Hd2PEfnqtYu7
 HoWA==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=hImligpo;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61])
 by mx.google.com with ESMTPS id
 7-20020a17090a08c700b002535adfa0e4si1551696pjn.65.2023.05.19.03.33.58
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 19 May 2023 03:33:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=hImligpo;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id A7A3C8629D;
 Fri, 19 May 2023 12:33:06 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org header.b="hImligpo";
 dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id D6AAF81DCF; Fri, 19 May 2023 12:33:01 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com
 [IPv6:2607:f8b0:4864:20::431])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 1F518862AD
 for <u-boot@lists.denx.de>; Fri, 19 May 2023 12:32:57 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=masahisa.kojima@linaro.org
Received: by mail-pf1-x431.google.com with SMTP id
 d2e1a72fcca58-64d2c865e4eso773792b3a.0
 for <u-boot@lists.denx.de>; Fri, 19 May 2023 03:32:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1684492375; x=1687084375;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=jytANE3A6ut77+YzD8arO4tXRo0D6bqyjXeRLGQGoBo=;
 b=hImligponpL3m9hrsY5vnEd1V6e0IVddqO6bvkwrMkql/fC0+T15VEI0l02B9Bw9xL
 4gb6dMuCQUDTjRieHQJBzyiKt+YErhH5rjxWaXSe0EkKZu23FOp5m0VJQldhEeGhiD4i
 6Vj3bAjLinFnEEz7MmsrQuVgMKRLuqj7q7DpUCLHsDd8DQ6gJtNXIia2BYjwhJSQmBqX
 oaDZpuaZ4zqzWdPhLJb5Pub999VtKczPOAlkt/dukdzTYbSuIGhKktJ62EtzRbQpyCM/
 n2X02RgLlt+i7buOW4+JOEB83MmfZSUNW175TUBae6S3uwum0xPlkbdGT4zYSSchEIv9
 llfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1684492375; x=1687084375;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=jytANE3A6ut77+YzD8arO4tXRo0D6bqyjXeRLGQGoBo=;
 b=azaSsBHwoP4qRfOm1syQBip6CMxK3CuDRK/gRiKm8l2+Fmu58fX6kyen6YBKA8pXH7
 OEc0S0rIn+pVEYNiNAsd63977WxiAJhAbTyZIvcIVSaGUV1lEZauC2rXdu7PLnE/6AMu
 RekKVkYcJ3LQG1GDc/6P9reZa8+SnO+XCGyX5kqceO6MzbsEkcTUPo1fT8PO3CoicjHq
 L78GfDzIHEjcpG6yWCjKAPpD/s//XuSG7tjAb4MAch8NiJc4Y9Ln+zX0/GgvzsBoYKbP
 G+M7nCJMRpz5CrOvzeVg35+WghmCOMXM2koAmifmIpsCfM35q7KUj5Xc/MnP1Fe0Iakm
 bD+w==
X-Gm-Message-State: AC+VfDyYy/JulPbCUogHESWFB0vpfnh8SxEqLEqd2WyIoQHcLZjUPfcx
 5lcczieUT+cy4hbFxVYpir/KmS96TWIjGsJHRco=
X-Received: by 2002:a05:6a21:6d88:b0:104:923b:4d00 with SMTP id
 wl8-20020a056a216d8800b00104923b4d00mr1695489pzb.36.1684492375310;
 Fri, 19 May 2023 03:32:55 -0700 (PDT)
Received: from ubuntu-SVE15129CJS.. ([240d:1a:cf7:5800:8e72:6c60:18e6:c4c4])
 by smtp.gmail.com with ESMTPSA id
 r13-20020a17090a940d00b0025352448ba9sm1195870pjo.0.2023.05.19.03.32.53
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 19 May 2023 03:32:54 -0700 (PDT)
From: Masahisa Kojima <masahisa.kojima@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Simon Glass <sjg@chromium.org>,
 Takahiro Akashi <takahiro.akashi@linaro.org>,
 Masahisa Kojima <masahisa.kojima@linaro.org>
Subject: [PATCH v6 5/8] efi_loader: check lowest supported version
Date: Fri, 19 May 2023 19:32:11 +0900
Message-Id: <20230519103214.1239656-6-masahisa.kojima@linaro.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230519103214.1239656-1-masahisa.kojima@linaro.org>
References: <20230519103214.1239656-1-masahisa.kojima@linaro.org>
MIME-Version: 1.0
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de
X-Virus-Status: Clean

The FMP Payload Header which EDK II capsule generation scripts
insert has a firmware version.
This commit reads the lowest supported version stored in the
device tree, then check if the firmware version in FMP payload header
of the ongoing capsule is equal or greater than the
lowest supported version. If the firmware version is lower than
lowest supported version, capsule update will not be performed.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
---
Changes in v6:
- get aligned to the latest implementation

Changes in v5:
- newly implement the device tree based versioning

Changes in v4:
- use log_err() instead of printf()

Changes in v2:
- add error message when the firmware version is lower than
  lowest supported version

 lib/efi_loader/efi_firmware.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 00cf9a088a..7cd0016765 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -424,7 +424,8 @@ static void efi_firmware_get_fw_version(const void **p_image,
  * @image_index		Image index
  * @state		Pointer to fmp state
  *
- * Verify the capsule file
+ * Verify the capsule authentication and check if the fw_version
+ * is equal or greater than the lowest supported version.
  *
  * Return:		status code
  */
@@ -434,11 +435,27 @@ efi_status_t efi_firmware_verify_image(const void **p_image,
 				       u8 image_index,
 				       struct fmp_state *state)
 {
+	u32 lsv;
 	efi_status_t ret;
+	efi_guid_t *image_type_id;
 
 	ret = efi_firmware_capsule_authenticate(p_image, p_image_size);
 	efi_firmware_get_fw_version(p_image, p_image_size, state);
 
+	/* check lowest_supported_version if capsule authentication passes */
+	if (ret == EFI_SUCCESS) {
+		image_type_id = efi_firmware_get_image_type_id(image_index);
+		if (!image_type_id)
+			return EFI_INVALID_PARAMETER;
+
+		efi_firmware_get_lsv_from_dtb(image_index, image_type_id, &lsv);
+		if (state->fw_version < lsv) {
+			log_err("Firmware version %u too low. Expecting >= %u. Aborting update\n",
+				state->fw_version, lsv);
+			return EFI_INVALID_PARAMETER;
+		}
+	}
+
 	return ret;
 }