From patchwork Wed Jun 13 08:08:57 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
X-Patchwork-Id: 138423
Delivered-To: patch@linaro.org
Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp401530lji;
 Wed, 13 Jun 2018 01:09:08 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKIzliLTZYqXh5fV2c1ZfPObAjvjAVg0fdJo+5qy2HXPob6rGf9rEd/wGTz0Tu3+G3EmDOB9
X-Received: by 2002:a17:902:d697:: with SMTP id
 v23-v6mr4019496ply.193.1528877348227; 
 Wed, 13 Jun 2018 01:09:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528877348; cv=none;
 d=google.com; s=arc-20160816;
 b=FCK3Aah4x4iJHWZkVRFVaRZOcRabuIc+VliIxXhVSLR4QOTJJFZ7KRTbROQO1sIy/K
 JABIR5/KWdyq4FueNlZBdAXE/uHYLr6jCB6EvnjRZG2aDKUGjpPRq7APuoRDjDTE2Faf
 t7HisDPiLBQ2z63ecYae7qGcLek/g7yZ+af9lSq6+M41iP0FkWGxjKhTemQ4joMTnbVr
 n6uhTLFMnsgwTa0oFc4t937qKyMpwGPP8tTF/F65/5aRSXJTN+6lfhWe73d5QyuV/uvO
 4MxIh6P67iLR6w7pPhxmv4cCvGmfwe1tr0jT+1R7yM38z4Xh3VDrcjAVABMaH4eisizB
 yJ/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:content-transfer-encoding:mime-version:cc
 :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
 :list-id:precedence:subject:message-id:date:to:from:dkim-signature
 :delivered-to:arc-authentication-results;
 bh=UvOIyF8YQxSHSxkocynPtx4c6+alAo5gd+iChNEOqWE=;
 b=ib+mSAKylXuONAHQ5Ww2HnI8XyjYLe3hqO7TsIUJYg6Iu0SV6T7i6H2nAjZiH60dM7
 43mz+z6dIaUEG411cN0rSfl6XinRVRRJ2yM+jYHaS8KQShqtRiQ3bHTDiiFazdCHc72D
 KpJcMYXMtXVD0q+o5E+mvDAGHeGEFy1q+M5j/m4sJsBG2/9L0zUg3WqobGCBKrcSaa6p
 hshu1dfKSS3/4bBrcGtmWg3jwws8fD2revpairOP12HSyO/kHRkYOdTuDYy/VW4Ssix7
 tlqkE9qUnEaFkSTUOs90QSfivGDPazfdg9WAnsY7y8SZ7IXdV1vvTN7+8loX+KlYlsYt
 pi1g==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@linaro.org
 header.s=google header.b=j5bD8YM6; 
 spf=pass (google.com: best guess record for domain of
 edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1
 as permitted sender)
 smtp.mailfrom=edk2-devel-bounces@lists.01.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <edk2-devel-bounces@lists.01.org>
Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1])
 by mx.google.com with ESMTPS id
 v16-v6si2289431plo.186.2018.06.13.01.09.07
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 13 Jun 2018 01:09:08 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1
 as permitted sender) client-ip=2001:19d0:306:5::1; 
Authentication-Results: mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@linaro.org
 header.s=google header.b=j5bD8YM6; 
 spf=pass (google.com: best guess record for domain of
 edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1
 as permitted sender)
 smtp.mailfrom=edk2-devel-bounces@lists.01.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from [127.0.0.1] (localhost [IPv6:::1])
 by ml01.01.org (Postfix) with ESMTP id 80D6D212655BE;
 Wed, 13 Jun 2018 01:09:07 -0700 (PDT)
X-Original-To: edk2-devel@lists.01.org
Delivered-To: edk2-devel@lists.01.org
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2a00:1450:400c:c09::244; helo=mail-wm0-x244.google.com;
 envelope-from=ard.biesheuvel@linaro.org;
 receiver=edk2-devel@lists.01.org 
Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com
 [IPv6:2a00:1450:400c:c09::244])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
 bits)) (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id DE8FA211EFEFD
 for <edk2-devel@lists.01.org>; Wed, 13 Jun 2018 01:09:06 -0700 (PDT)
Received: by mail-wm0-x244.google.com with SMTP id 69-v6so3507989wmf.3
 for <edk2-devel@lists.01.org>; Wed, 13 Jun 2018 01:09:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id;
 bh=+w9OMCl3AGNZfeZrCaLnuX+WK4o5O/Mu2TZwLo/KKTk=;
 b=j5bD8YM621ZV/SwbyvxfuHqOkrf7dSaXg4oIE/HvYTIrsrFpxzKT2L1ysMr1YzfPTb
 cg53afldxF6Ta3zDoWo+GyZRrHo2hsEeU8EYpebyK2AxvvMFnpK04pqeGwf+CQ/In/sD
 s/IXxOcpYnokUS7zDEfYUETQIU6SoZoThkAJ8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=+w9OMCl3AGNZfeZrCaLnuX+WK4o5O/Mu2TZwLo/KKTk=;
 b=GCqKQ9kloK/BZGugScDIC4CgQGyOOizvjz01l+ca4yDM1IiI1DkrZdYaXg/jWpk0CY
 zkfs9ppN9lmFDdYVkms1ahZXzIK0poFDXn4OrpBOc4++FT/IqIudoJw1EdipJTVpw7vm
 THz1xt6tasK9XuY7yxUjoPrZkdqRu1OUPZh5mMOIEALgKIKL0gGcw/3w1+qTg2RYDeZV
 1CB0ou5r8gFJ8H0xKqQuIxSvvO7/+mCiFHnoRBLB98Wv3c+sP1evw9JQqKwQbNAbgSoo
 mPwKTm3QWIFnfKrXrsf0+I6dexufowp1FiF9+8thtHveP93rvcwol8akW7UJymsJLbvi
 bp6Q==
X-Gm-Message-State: APt69E2RpMMhsUNzJMarxHwSiHmr71FlGJWx/q97Mz6fJprdzbNE4gZ4
 DpE/sOVdEXDUGDUR3P2f493fePvHIeM=
X-Received: by 2002:a1c:7401:: with SMTP id
 p1-v6mr2695237wmc.14.1528877344730; 
 Wed, 13 Jun 2018 01:09:04 -0700 (PDT)
Received: from dogfood.home ([2a01:cb1d:112:6f00:6dfc:b76c:4240:35ff])
 by smtp.gmail.com with ESMTPSA id
 v31-v6sm4974772wrc.80.2018.06.13.01.09.03
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 13 Jun 2018 01:09:03 -0700 (PDT)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: edk2-devel@lists.01.org
Date: Wed, 13 Jun 2018 10:08:57 +0200
Message-Id: <20180613080901.7156-1-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.17.1
Subject: [edk2] [PATCH v4 0/4] MdeModulePkg ArmPkg: support for persistent
 capsules and progress reporting
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
Cc: michael.d.kinney@intel.com, jiewen.yao@intel.com, star.zeng@intel.com,
 leif.lindholm@linaro.org, Ard Biesheuvel <ard.biesheuvel@linaro.org>
MIME-Version: 1.0
Errors-To: edk2-devel-bounces@lists.01.org
Sender: "edk2-devel" <edk2-devel-bounces@lists.01.org>

This is the delta of code required to implement PersistAcrossReset on ARM
systems, and to wire up the capsule handling routines in a way that makes
the new progress reporting code do something meaningful on such platforms.

Changes since v3:
- let both UpdateCapsule() and QueryCapsuleCapabilities() return EFI_UNSUPPORTED
  when called at OS runtime on an ARM system
- reset the system unconditionally after having processed any capsules (#3)
- re-add Leif's ack (#3)

Changes since v2:
- move cache handling from CapsulePei to CapsuleRuntimeDxe, and make it ARM only
- drop patch to change ProcessCapsules() logic in DxeCapsuleLibFmp; instead,
  the platform BDS code is modified to perform the ProcessCapsuleImage()
  call directly

Changes since v1:
- incorporate Star's feedback (#1, #2)
- add Leif's ack (#4)

Patch #1 ensures that the capsule data which is preserved in DRAM across
a reboot is written back to main memory before attempting to access it
with the caches off.

Patch #2 updates DxeCapsuleLibFmp so it does not pass down the progress
indication callback if its own attempt to invoke it has already failed.

Patch #3 updates ArmPkg's generic PlatformBootManagerLib implementation
to only call ProcessCapsules() after the [potentially non-trusted]
console is up and running, to ensure that firmware update progress can
be reported to the user.

Patch #4 modifies ArmSmcPsciResetSystemLib to emulate a proper warm reboot
by reentering PEI with interrupts, MMU and caches enabled. This works
around the lack of an architected warm reboot in most current implementations.
(The PSCI spec does cover warm reboot, but it was added recently and most
secure firmware implementations haven't caught up yet)

Ard Biesheuvel (4):
  MdeModulePkg/CapsuleRuntimeDxe: clean the capsule payload to DRAM
  MdeModulePkg/DxeCapsuleLibFmp: pass progress callback only if it works
  ArmPkg/PlatformBootManagerLib: call ProcessCapsules() only once
  ArmPkg/ArmSmcPsciResetSystemLib: implement fallback for warm reboot

 ArmPkg/ArmPkg.dec                             |  4 +
 .../ArmSmcPsciResetSystemLib.c                | 21 ++++-
 .../ArmSmcPsciResetSystemLib.inf              |  9 ++
 .../PlatformBootManagerLib/PlatformBm.c       | 86 +++++++++++++------
 .../PlatformBootManagerLib.inf                |  1 +
 .../Library/DxeCapsuleLibFmp/DxeCapsuleLib.c  | 13 ++-
 .../CapsuleRuntimeDxe/Arm/CapsuleReset.c      | 77 +++++++++++++++++
 .../CapsuleRuntimeDxe/CapsuleReset.c          | 51 +++++++++++
 .../CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf   | 14 ++-
 .../CapsuleRuntimeDxe/CapsuleService.c        | 33 ++-----
 .../CapsuleRuntimeDxe/CapsuleService.h        | 73 ++++++++++++++++
 11 files changed, 321 insertions(+), 61 deletions(-)
 create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/Arm/CapsuleReset.c
 create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleReset.c
 create mode 100644 MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleService.h

-- 
2.17.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel