From patchwork Sun Jul 9 13:33:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 700806 Delivered-To: patch@linaro.org Received: by 2002:adf:fcc5:0:0:0:0:0 with SMTP id f5csp4732570wrs; Sun, 9 Jul 2023 06:34:41 -0700 (PDT) X-Google-Smtp-Source: APBJJlFC1oxbOO4gUrZdudYk9FAPVtCtmTL/afGxT5atlIdoTTp2WkW+ICxFVsC4bEdnR0Q18jZV X-Received: by 2002:a92:c84b:0:b0:345:a454:113d with SMTP id b11-20020a92c84b000000b00345a454113dmr8746656ilq.24.1688909680927; Sun, 09 Jul 2023 06:34:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688909680; cv=none; d=google.com; s=arc-20160816; b=gYzjenOl2pZpWE3hY9N2lDhW/OxPHahmHZDq52qvGi4Vmnkcq3MLoYuwUTHLC9R+8E Gb4C8EYY6q1TuGd7dWs3YWAuOS7OD2Bp25CQ6d5gaGUzVqcPz2ps7Ti5YWJdr4+lRGll nWSKt0nUr/eEphrRVHK+CFmW99QxBcKFs5OEBfzmX0rfB6AAX4p4oX6y+cmZjtbzVaZP aHMLA4FBENIqPqHvHtvlpjnVP7nZWMqZzDcOjL0SZtSk2f3172tZCCVRk7/QC/LvvtVq tM+NLocrMO/iG/tTjncOwTNhxaLJwD4pfSdrqSNtbAvZzW0UiQPynentweayKd2oL55P 35uA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=zqm8b3h4qwIJSVxi+1pHd/Zhc0CqG6kg+zUUZXVWEPQ=; fh=5yufCDEpV5fWA8r3jJ0mHshq3zHArlCzbvaufLK2jtI=; b=NKUye0e+DO5lJjBA+xhM3NV7Mw0zKPa5j2GMIwxS473n0WBrfVwmAx6LFta0y3pZV4 pv9B+EI5+h5jcDj5mdPMsmUV0u30+XE1Hbldr5UdtaBp3tAGvjx3GrqbavdWpclnmCVp eSZPGdyJHgA42LLhFTTnKqpNXYKXWoddafDM65ncJhlixIxQyXUv2sD0EDVqnN3wpc2P NFZteFCJ9PnmLVdmIJ4Tf+htEZQD5+pEha5Qtk5ZEjSX7tgNtw7lPO58Fg3Sul+J2FcF cFnJJxrHcMfwUEtTt66DlT7cyu07/b2oJGGIxTGue4jzYZPVFpSrI4bhIqwQC7GwW32l +pFA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id p18-20020a6b6312000000b00786479530c8si3107489iog.6.2023.07.09.06.34.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 09 Jul 2023 06:34:40 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 69FA2865C0; Sun, 9 Jul 2023 15:34:04 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 8F465865B0; Sun, 9 Jul 2023 15:34:01 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id B694F865D3 for ; Sun, 9 Jul 2023 15:33:58 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5839F1FB; Sun, 9 Jul 2023 06:34:40 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id DB3F93F762; Sun, 9 Jul 2023 06:33:55 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Tom Rini , Sughosh Ganu Subject: [PATCH v3 05/11] doc: Add documentation to describe capsule config file format Date: Sun, 9 Jul 2023 19:03:20 +0530 Message-Id: <20230709133326.1015483-6-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230709133326.1015483-1-sughosh.ganu@linaro.org> References: <20230709133326.1015483-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean The UEFI capsule can be generated either through command-line parameters, or, by specifying those in a config file. Add documentation to describe the format of the config file. Signed-off-by: Sughosh Ganu --- Changes since V2: None doc/develop/uefi/uefi.rst | 64 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index c04e62f3a5..ddf8e20cb0 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -442,6 +442,70 @@ following command can be issued --guid c1b629f1-ce0e-4894-82bf-f0a38387e630 \ optee.bin optee.capsule +Or alternatively, the capsule can be generated through a make target + +.. code-block:: bash + + $ make capsule + +Issuing the above make command requires specifying the capsule +parameters through a config file instead. The Kconfig symbol +CONFIG_EFI_CAPSULE_CFG_FILE is to be used for specifying the path to +the config file. + +The config file describes the parameters that are used for generating +one or more capsules. The parameters for a given capsule file are +specified within curly braces, in the form of "key:value" pairs. All +the parameters that are currently supported by the mkeficapsule tool +can be specified through the config file. + +The following are some example payload parameters specified through +the config file. + +.. code-block:: none + + { + image-guid: 02f4d760-cfd5-43bd-8e2d-a42acb33c660 + hardware-instance: 0 + monotonic-count: 1 + payload: u-boot.bin + image-index: 1 + private-key: /path/to/priv/key + pub-key-cert: /path/to/pub/key + capsule: u-boot.capsule + } + { + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e + hardware-instance: 0 + payload: u-boot.itb + image-index: 2 + oemflags: 0x8000 + capsule: fit.capsule + } + { + capsule-type: accept + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e + capsule: accept.capsule + } + { + capsule-type: revert + capsule: revert.capsule + } + +The following are the keys that specify the capsule parameters + +..code-block:: none + + image-guid: Image GUID + image-index: Image index value + private-key: Path to the private key file used for capsule signing + pub-key-cert: Path to the public key crt file used for capsule signing + payload: Path to the capsule payload file + capsule: Path to the output capsule file that is generated + hardware-instance: Hardware Instance value + monotonic-count: Monotonic count value + capsule-type: Specifies capsule type. normal(default), accept or revert + oemflags: 16bit Oemflags value to be used(populated in capsule header) Enabling Capsule Authentication *******************************