From patchwork Wed May 31 03:35:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 687224 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp1054754wru; Tue, 30 May 2023 20:37:07 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7XqOtulVHI6ADe0OPPY77cP3cFCKVn6f6Ugee7qxwg7orGoS5+t3G2v0tgJmLn5zYbeWBG X-Received: by 2002:a05:6a00:188e:b0:645:b13e:e674 with SMTP id x14-20020a056a00188e00b00645b13ee674mr5633891pfh.26.1685504226846; Tue, 30 May 2023 20:37:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685504226; cv=none; d=google.com; s=arc-20160816; b=JHqfmrpw6WiWtxTwSwX7Q7qsFcPWyEba7ybmWA8UimjM2VqYcjBpRmCAyRDMehdqWP CQtO4EbAMSvGuYEZQ8DthxlhenjQtNhy28Ob3olcp01JhmwSx5cjcjABN1fikRAbom+x LGw7Xx+ozMRIsOkgLxxvqTx9nG5Yor+F7p5O15bsUKBG+Ige+DIv1magtVBY11k+LPq0 PLTJ3/QYn0I1D4xoaNaSxgIq5iwWDGj18vNZXPaRc5V36f4EK0tQzJRto902epX1Mree W8OOeKXB2Ugde6chA92qqEyhOGCnFCT4ERSbma8cEEClA3y2XbJ6K+XVbF6ED1mxk+CA C8fA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=LTBwBw26Zc8XKTPuHb10kzdVUi18Wuz4bZhDQZtyXSY=; b=e7BXnabHKkI85qLmwZIGiMaoL2w1CK8vm8Ytiwa65Max8IEZ2smGHiQLWKk5UuCylX XZDPivc8USyWzpsUV0GxsHRkG2TKu5VSJerUo5lJpR20D9OAAbRDEYYQn10Xc47nxMQM VanH+QFImDi2xHMkR8NDFhxEQZnmXKrU1eRM2eyk1gPudGXH/n4zNNz7RiWHWInXW5O1 wfdOChIAGZ3QsIbCi7rHnHdEtAihC6Z8/GTc64TrKSaB77iY3tFTwEP5GoiGV8moMvFV 796dABZuVIVUIf0vInn0Hi9+P+A+zUC7ybeAw7MyTeccelEUbg9LYnHGy2YrEMXX2njr BHxA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LjV0XP8o; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id g12-20020aa79f0c000000b0064a35829154si2830670pfr.343.2023.05.30.20.37.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 May 2023 20:37:06 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LjV0XP8o; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id A9B95861AC; Wed, 31 May 2023 05:36:13 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="LjV0XP8o"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8A4C486183; Wed, 31 May 2023 05:36:07 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 176EF861A3 for ; Wed, 31 May 2023 05:36:04 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pl1-x62e.google.com with SMTP id d9443c01a7336-1b04706c974so23746785ad.2 for ; Tue, 30 May 2023 20:36:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685504161; x=1688096161; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=LTBwBw26Zc8XKTPuHb10kzdVUi18Wuz4bZhDQZtyXSY=; b=LjV0XP8oEGw7W8tp7N3u3ctuy8bhPiKe7aLElUOWl8yw21DIrA7fWQsc5cL1t/BnNk eT4g/ro8jgYpOAQLXkBxrvb393vvOltMV0z5lZAzudHz3mtCxsEnnEuVALa5kr1rvj4z 7CCbhKn+hyox7Fch0yTJ8wXNZb9Uz/htQr9zOw0kuyOkfO6tsVc+XW/OfS2piXg9R44Z mUSTSpRZHoNa3VrNvjGbZ3XvF74amHyTaq1oCjunmlablqVJVJw9X8E0EkUfSlKhLWz/ O3oJxzwY5tdx58lcpjezimr9/cDkdV0IvHGAo9D51kO8h9fhmhHwIyfWIHbopmbn/er2 F0vQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685504161; x=1688096161; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LTBwBw26Zc8XKTPuHb10kzdVUi18Wuz4bZhDQZtyXSY=; b=jLOAvOnvINY66C+PhzBl3VeLawkY59GGlk4cw7AzfWcy1GxKmQk5RGg57W62ZTi6Pl wZEl670u20MhwoIDpKJA/elswK5dealn+TtMgoDD2kZk2Z3pNk0GBsWwhdgZwA9VuNfV cr+1f+EVNjLqkusq4+wPzyq3RWNWczFmETuxvZLbQxmspsfAWAai1TgRuP3bUDxcNBbR QQ/Ioptys+py61GznbrrDgLhnNSrRMqkLNlpFMLUGwh4coVfNtXLcfNzffwjQskI2PV4 oxIQvMKYb/XTeLnMj8CKVvdkOAj+ywCAu7+XOLXP6IaDYdL4kByFvcmtLZBufTs+G2Cw zmaA== X-Gm-Message-State: AC+VfDzylzn27B858WOAFWB4NJ1MTUfP1Ab2M9nSRJAqZ9Pm03F7MnxR OhGo3X89MmdyoQ594D+FXuh4Pi96n8/pC5kI5rQ= X-Received: by 2002:a17:902:ced1:b0:1b0:6038:2982 with SMTP id d17-20020a170902ced100b001b060382982mr4545852plg.41.1685504161125; Tue, 30 May 2023 20:36:01 -0700 (PDT) Received: from ubuntu-SVE15129CJS.. ([240d:1a:cf7:5800:b037:3ab0:51c1:7dff]) by smtp.gmail.com with ESMTPSA id b4-20020a170902d30400b001b0395c3ffasm85709plc.180.2023.05.30.20.35.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 May 2023 20:36:00 -0700 (PDT) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v7 05/10] efi_loader: check lowest supported version Date: Wed, 31 May 2023 12:35:18 +0900 Message-Id: <20230531033523.1581973-6-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230531033523.1581973-1-masahisa.kojima@linaro.org> References: <20230531033523.1581973-1-masahisa.kojima@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean The FMP Payload Header which EDK II capsule generation scripts insert has a firmware version. This commit reads the lowest supported version stored in the device tree, then check if the firmware version in FMP payload header of the ongoing capsule is equal or greater than the lowest supported version. If the firmware version is lower than lowest supported version, capsule update will not be performed. Signed-off-by: Masahisa Kojima --- Changes in v7: - return immediately if efi_firmware_capsule_authenticate() fails Changes in v6: - get aligned to the latest implementation Changes in v5: - newly implement the device tree based versioning Changes in v4: - use log_err() instead of printf() Changes in v2: - add error message when the firmware version is lower than lowest supported version lib/efi_loader/efi_firmware.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index ae631f49f7..b557738370 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -419,7 +419,8 @@ static void efi_firmware_get_fw_version(const void **p_image, * @image_index: Image index * @state: Pointer to fmp state * - * Verify the capsule file + * Verify the capsule authentication and check if the fw_version + * is equal or greater than the lowest supported version. * * Return: status code */ @@ -429,11 +430,27 @@ efi_status_t efi_firmware_verify_image(const void **p_image, u8 image_index, struct fmp_state *state) { + u32 lsv; efi_status_t ret; + efi_guid_t *image_type_id; ret = efi_firmware_capsule_authenticate(p_image, p_image_size); + if (ret != EFI_SUCCESS) + return ret; + efi_firmware_get_fw_version(p_image, p_image_size, state); + image_type_id = efi_firmware_get_image_type_id(image_index); + if (!image_type_id) + return EFI_INVALID_PARAMETER; + + efi_firmware_get_lsv_from_dtb(image_index, image_type_id, &lsv); + if (state->fw_version < lsv) { + log_err("Firmware version %u too low. Expecting >= %u. Aborting update\n", + state->fw_version, lsv); + return EFI_INVALID_PARAMETER; + } + return ret; }