mbox series

[edk2,v4,0/4] MdeModulePkg ArmPkg: support for persistent capsules and progress reporting

Message ID 20180613080901.7156-1-ard.biesheuvel@linaro.org
Headers show
Series MdeModulePkg ArmPkg: support for persistent capsules and progress reporting | expand

Message

Ard Biesheuvel June 13, 2018, 8:08 a.m. UTC
This is the delta of code required to implement PersistAcrossReset on ARM
systems, and to wire up the capsule handling routines in a way that makes
the new progress reporting code do something meaningful on such platforms.

Changes since v3:
- let both UpdateCapsule() and QueryCapsuleCapabilities() return EFI_UNSUPPORTED
  when called at OS runtime on an ARM system
- reset the system unconditionally after having processed any capsules (#3)
- re-add Leif's ack (#3)

Changes since v2:
- move cache handling from CapsulePei to CapsuleRuntimeDxe, and make it ARM only
- drop patch to change ProcessCapsules() logic in DxeCapsuleLibFmp; instead,
  the platform BDS code is modified to perform the ProcessCapsuleImage()
  call directly

Changes since v1:
- incorporate Star's feedback (#1, #2)
- add Leif's ack (#4)

Patch #1 ensures that the capsule data which is preserved in DRAM across
a reboot is written back to main memory before attempting to access it
with the caches off.

Patch #2 updates DxeCapsuleLibFmp so it does not pass down the progress
indication callback if its own attempt to invoke it has already failed.

Patch #3 updates ArmPkg's generic PlatformBootManagerLib implementation
to only call ProcessCapsules() after the [potentially non-trusted]
console is up and running, to ensure that firmware update progress can
be reported to the user.

Patch #4 modifies ArmSmcPsciResetSystemLib to emulate a proper warm reboot
by reentering PEI with interrupts, MMU and caches enabled. This works
around the lack of an architected warm reboot in most current implementations.
(The PSCI spec does cover warm reboot, but it was added recently and most
secure firmware implementations haven't caught up yet)

Ard Biesheuvel (4):
  MdeModulePkg/CapsuleRuntimeDxe: clean the capsule payload to DRAM
  MdeModulePkg/DxeCapsuleLibFmp: pass progress callback only if it works
  ArmPkg/PlatformBootManagerLib: call ProcessCapsules() only once
  ArmPkg/ArmSmcPsciResetSystemLib: implement fallback for warm reboot

 ArmPkg/ArmPkg.dec                             |  4 +
 .../ArmSmcPsciResetSystemLib.c                | 21 ++++-
 .../ArmSmcPsciResetSystemLib.inf              |  9 ++
 .../PlatformBootManagerLib/PlatformBm.c       | 86 +++++++++++++------
 .../PlatformBootManagerLib.inf                |  1 +
 .../Library/DxeCapsuleLibFmp/DxeCapsuleLib.c  | 13 ++-
 .../CapsuleRuntimeDxe/Arm/CapsuleReset.c      | 77 +++++++++++++++++
 .../CapsuleRuntimeDxe/CapsuleReset.c          | 51 +++++++++++
 .../CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf   | 14 ++-
 .../CapsuleRuntimeDxe/CapsuleService.c        | 33 ++-----
 .../CapsuleRuntimeDxe/CapsuleService.h        | 73 ++++++++++++++++
 11 files changed, 321 insertions(+), 61 deletions(-)
 create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/Arm/CapsuleReset.c
 create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleReset.c
 create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.h

-- 
2.17.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Comments

Ard Biesheuvel June 15, 2018, 4:19 p.m. UTC | #1
On 13 June 2018 at 10:08, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> This is the delta of code required to implement PersistAcrossReset on ARM

> systems, and to wire up the capsule handling routines in a way that makes

> the new progress reporting code do something meaningful on such platforms.

>

> Changes since v3:

> - let both UpdateCapsule() and QueryCapsuleCapabilities() return EFI_UNSUPPORTED

>   when called at OS runtime on an ARM system

> - reset the system unconditionally after having processed any capsules (#3)

> - re-add Leif's ack (#3)

>

> Changes since v2:

> - move cache handling from CapsulePei to CapsuleRuntimeDxe, and make it ARM only

> - drop patch to change ProcessCapsules() logic in DxeCapsuleLibFmp; instead,

>   the platform BDS code is modified to perform the ProcessCapsuleImage()

>   call directly

>

> Changes since v1:

> - incorporate Star's feedback (#1, #2)

> - add Leif's ack (#4)

>

> Patch #1 ensures that the capsule data which is preserved in DRAM across

> a reboot is written back to main memory before attempting to access it

> with the caches off.

>

> Patch #2 updates DxeCapsuleLibFmp so it does not pass down the progress

> indication callback if its own attempt to invoke it has already failed.

>

> Patch #3 updates ArmPkg's generic PlatformBootManagerLib implementation

> to only call ProcessCapsules() after the [potentially non-trusted]

> console is up and running, to ensure that firmware update progress can

> be reported to the user.

>

> Patch #4 modifies ArmSmcPsciResetSystemLib to emulate a proper warm reboot

> by reentering PEI with interrupts, MMU and caches enabled. This works

> around the lack of an architected warm reboot in most current implementations.

> (The PSCI spec does cover warm reboot, but it was added recently and most

> secure firmware implementations haven't caught up yet)

>

> Ard Biesheuvel (4):

>   MdeModulePkg/CapsuleRuntimeDxe: clean the capsule payload to DRAM

>   MdeModulePkg/DxeCapsuleLibFmp: pass progress callback only if it works

>   ArmPkg/PlatformBootManagerLib: call ProcessCapsules() only once

>   ArmPkg/ArmSmcPsciResetSystemLib: implement fallback for warm reboot

>


Pushed as 488aab257f70..dde2dd64f070

Thanks all

>  ArmPkg/ArmPkg.dec                             |  4 +

>  .../ArmSmcPsciResetSystemLib.c                | 21 ++++-

>  .../ArmSmcPsciResetSystemLib.inf              |  9 ++

>  .../PlatformBootManagerLib/PlatformBm.c       | 86 +++++++++++++------

>  .../PlatformBootManagerLib.inf                |  1 +

>  .../Library/DxeCapsuleLibFmp/DxeCapsuleLib.c  | 13 ++-

>  .../CapsuleRuntimeDxe/Arm/CapsuleReset.c      | 77 +++++++++++++++++

>  .../CapsuleRuntimeDxe/CapsuleReset.c          | 51 +++++++++++

>  .../CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf   | 14 ++-

>  .../CapsuleRuntimeDxe/CapsuleService.c        | 33 ++-----

>  .../CapsuleRuntimeDxe/CapsuleService.h        | 73 ++++++++++++++++

>  11 files changed, 321 insertions(+), 61 deletions(-)

>  create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/Arm/CapsuleReset.c

>  create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleReset.c

>  create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.h

>

> --

> 2.17.1

>

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel