From patchwork Wed Feb 22 10:40:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 655684 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp621307wrb; Wed, 22 Feb 2023 02:39:40 -0800 (PST) X-Google-Smtp-Source: AK7set9eckMmHk7bsbv96hHAVfhNVawz0oPOzkSbhi8wXPes0SuVIJeMw5ZTZkFdBEoI3X8xfMJ1 X-Received: by 2002:aca:2216:0:b0:37f:43c5:6494 with SMTP id b22-20020aca2216000000b0037f43c56494mr114928oic.31.1677062380530; Wed, 22 Feb 2023 02:39:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677062380; cv=none; d=google.com; s=arc-20160816; b=wlQ1O/un88PzuFZfn63ruZWSsV3/md0WuG5uLes3xumtDwfiFdj+/Niub4bqdOoxxs gVr1hSv+TXbCmOMQC/BoCDdxVqvrFRVbCdwhdRzq7qBcN1yHer7v+Uw002GJMEuHBcYY vc4XR9uGp9L3mEzm2upInb3yjCqNbrc+edDHIoU8mF8DqBx0rieviQrmQp9DO1TIv9hF e/Yx+DQf35dftb4O+OUw4veUUJqJCi2Xbi7egTPDAgBlwppXOKrSxOj9cqIRdwLBTlbA 7wrkDNUy7Nj1ciiQb9zMvj6poozUWWBu7lmHA6GxLEDQ9O9Edppad4WaH5fN2heyKWbj zJgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=OZq6ruMoIfSXf0b/y4G4WVEWEJrQFUU/HCClrJJcVXU=; b=SQsMp1fdJN8G7fenpZi2e7VkS+9nHPccEwu3m2TwK0Xd7VYvy0haoVffYv07raXtb9 ocgc883QIw3kBKhnOuGSW1JaTp2R+M1Jzfqlg3KIKj7QV5upUIBFUJv+0T8lyOgIl5ab ncsKSIpKXwTT2gVl10+HQsX7b5pt9q5Y1Uu2txIS50TVXAUe5vJChFJFqnUhGRNlV0Wg zeNOJ+pqtK7jHCAmhsdoFYyeX9Od5HDXM8JOdnN6M3GBK9XO8wXIwgF/zHXGEzw/XaQM VLKrCKD9XpeKO/GaeshW2WJP7C8VA14avk1UmowD8j8nUBAZUU/srmxP2UV7oIcSjr6v 5scQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WGd9iI0y; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id p7-20020acabf07000000b0037b385bc95csi18969917oif.66.2023.02.22.02.39.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Feb 2023 02:39:40 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WGd9iI0y; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 0714985A8F; Wed, 22 Feb 2023 11:39:26 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="WGd9iI0y"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 567B8858C8; Wed, 22 Feb 2023 11:39:20 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 93E9885A85 for ; Wed, 22 Feb 2023 11:39:10 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x1033.google.com with SMTP id co23-20020a17090afe9700b002341fadc370so8204967pjb.1 for ; Wed, 22 Feb 2023 02:39:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=OZq6ruMoIfSXf0b/y4G4WVEWEJrQFUU/HCClrJJcVXU=; b=WGd9iI0yTwJPXcq/HpTH+FykAdfOinBJH8VG0k+Yux8edRuMC2Kmr9fhJbzU4/6nbz XdKNZjbtKTjfu0yTsNqcsX7Lkh9yPUEj0mDHmCIbFmK7/cKwAlKUjvQ0A9Jadi8dWLUW JQ1uSE+tEoHTfnbD05OMKNX3C9f7mcidAIwWM5pLQ5wWBzyFBcMLSXjMYPZkbe1w2dWl /IhOzhUAEFDGyOD/sFAzvfmMbTqfb5dp4mLwYjR496oNdPMPwCrTBouqEUxviiUPobrT Bxh00uIVZuqGvxg46zxEmcZJUprmImU7HpF2u+llTIAfPVkrBhCdena7PgOuWiI7k9Xc M7Fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=OZq6ruMoIfSXf0b/y4G4WVEWEJrQFUU/HCClrJJcVXU=; b=LAqQo9j6xUYZemnO4651Q4uAplAmsdqpibUN1KnsPSiOzaMdh51EIxSSve6j2ks+e1 1IUb0SpmMWK44bzLL+a4o1d7GKTGxKpKoGQ/HUjrgfoA3mA9TYhaInOIBTNzsuvf3PED GOFJDZCUKb44Zhfu+8X1YuEMcVN5SaTmZYWYW1+W/dtGypT6RrwBCXXqWqBPl8mscqko mBqSDhM7u68w0UrYP+Oc9fn5nYxRqLey62GeFHIoDNKl3/5hv2cfxJq0pGQa6BQ7R3x+ inq3zyDqtxlQkCDrRh0ZCH9pwmgwVjRHGk7OmTdc0wclkfaan+i8U+wJzF5cNHEzICnZ wazw== X-Gm-Message-State: AO0yUKVvrB150PtVsuuq0NRxcaJthe5ytW/GLgFoN6b5c0/ddiJmkjTB 70XKQgumVMmdTeOystngmBowPTGxjjISpnxDLx8= X-Received: by 2002:a17:903:2305:b0:19a:a4fc:7f80 with SMTP id d5-20020a170903230500b0019aa4fc7f80mr11991535plh.26.1677062348322; Wed, 22 Feb 2023 02:39:08 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id ja17-20020a170902efd100b0019acd3151d0sm6201029plb.114.2023.02.22.02.39.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Feb 2023 02:39:07 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH RFC 1/3] efi_loader: store firmware version into FmpState variable Date: Wed, 22 Feb 2023 19:40:34 +0900 Message-Id: <20230222104036.14262-2-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230222104036.14262-1-masahisa.kojima@linaro.org> References: <20230222104036.14262-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Firmware version management is not implemented in the current FMP protocol. EDK2 reference implementation capsule generation script inserts the FMP Payload Header right before the payload, it contains the firmware version and lowest supported version. This commit utilizes the FMP Payload Header, read the header and stores the firmware version, lowest supported version, last attempt version and last attempt status into "FmpStateXXXX" EFI non-volatile variable. XXXX indicates the image index, since FMP protocol handles multiple image indexes. Signed-off-by: Masahisa Kojima --- lib/efi_loader/efi_firmware.c | 198 ++++++++++++++++++++++++++++++---- 1 file changed, 175 insertions(+), 23 deletions(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index 93e2b01c07..72343e2616 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -18,6 +19,12 @@ #define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1') +#define EFI_FMP_STATE_GUID \ + EFI_GUID(0x84bed885, 0x193a, 0x403f, 0xa2, 0x78, \ + 0xe8, 0x9e, 0x23, 0x8a, 0xd6, 0xe1) + +static const efi_guid_t efi_guid_fmp_state = EFI_FMP_STATE_GUID; + /** * struct fmp_payload_header - EDK2 header for the FMP payload * @@ -36,6 +43,24 @@ struct fmp_payload_header { u32 lowest_supported_version; }; +/** + * struct fmp_state - fmp firmware update state + * + * This structure describes the state of the firmware update + * through FMP protocol. + * + * @fw_version: Firmware versions used + * @lowest_supported_version: Lowest supported version + * @last_attempt_version: Last attempt version + * @last_attempt_status: Last attempt status + */ +struct fmp_state { + u32 fw_version; + u32 lowest_supported_version; + u32 last_attempt_version; + u32 last_attempt_status; +}; + __weak void set_dfu_alt_info(char *interface, char *devstr) { env_set("dfu_alt_info", update_info.dfu_string); @@ -182,6 +207,7 @@ static efi_status_t efi_fill_image_desc_array( * efi_firmware_capsule_authenticate - authenticate the capsule if enabled * @p_image: Pointer to new image * @p_image_size: Pointer to size of new image + * @state Pointer to fmp state * * Authenticate the capsule if authentication is enabled. * The image pointer and the image size are updated in case of success. @@ -190,12 +216,11 @@ static efi_status_t efi_fill_image_desc_array( */ static efi_status_t efi_firmware_capsule_authenticate(const void **p_image, - efi_uintn_t *p_image_size) + efi_uintn_t *p_image_size, + struct fmp_state *state) { const void *image = *p_image; efi_uintn_t image_size = *p_image_size; - u32 fmp_hdr_signature; - struct fmp_payload_header *header; void *capsule_payload; efi_status_t status; efi_uintn_t capsule_payload_size; @@ -209,8 +234,12 @@ efi_status_t efi_firmware_capsule_authenticate(const void **p_image, if (status == EFI_SECURITY_VIOLATION) { printf("Capsule authentication check failed. Aborting update\n"); + state->last_attempt_status = + LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR; return status; } else if (status != EFI_SUCCESS) { + state->last_attempt_status = + LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; return status; } @@ -222,24 +251,124 @@ efi_status_t efi_firmware_capsule_authenticate(const void **p_image, debug("Updating capsule without authenticating.\n"); } - fmp_hdr_signature = FMP_PAYLOAD_HDR_SIGNATURE; - header = (void *)image; + *p_image = image; + *p_image_size = image_size; + + return EFI_SUCCESS; +} + +/** + * efi_firmware_set_fmp_state_var - set FmpStateXXXX variable + * @state: Pointer to fmp state + * @image_index: image index + * @updated: flag to indicate firmware update is successful + * + * Update the FmpStateXXXX variable with the firmware update state. + * + * Return: status code + */ +static +efi_status_t efi_firmware_set_fmp_state_var(struct fmp_state *state, u8 image_index, + bool updated) +{ + u16 varname[13]; /* u"FmpStateXXXX" */ + efi_status_t ret; + efi_uintn_t size; + struct fmp_state var_state = { 0 }; + + efi_create_indexed_name(varname, sizeof(varname), "FmpState", + image_index); + size = sizeof(var_state); + ret = efi_get_variable_int(varname, &efi_guid_fmp_state, NULL, &size, + &var_state, NULL); + if (ret != EFI_SUCCESS && ret != EFI_NOT_FOUND) + return ret; + + /* + * When the capsule update is successful, FmpStateXXXX variable is set + * according to the fmp payload header information. If there is no fmp payload + * header in the capsule file, all values are set to 0. + * When the capsule update fails, only last attempt information of FmpStateXXXX + * variable is updated, fw_version and lowest_supported_version keep original + * value or 0(in case no FmpStateXXXX variable found). + */ + if (updated) { + var_state.fw_version = state->fw_version; + var_state.lowest_supported_version = state->lowest_supported_version; + var_state.last_attempt_version = state->last_attempt_version; + var_state.last_attempt_status = state->last_attempt_status; + } else { + var_state.last_attempt_version = state->last_attempt_version; + var_state.last_attempt_status = state->last_attempt_status; + } + + ret = efi_set_variable_int(varname, &efi_guid_fmp_state, + EFI_VARIABLE_NON_VOLATILE | + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS, + sizeof(var_state), &var_state, false); + + return ret; +} +/** + * efi_firmware_parse_payload_header - parse FMP payload header + * @p_image: Pointer to new image + * @p_image_size: Pointer to size of new image + * @state Pointer to fmp state + * + * Parse the FMP payload header and fill the fmp_state structure. + * If no FMP payload header is found, fmp_state structure is not updated. + * + */ +static +void efi_firmware_parse_payload_header(const void **p_image, + efi_uintn_t *p_image_size, + struct fmp_state *state) +{ + const void *image = *p_image; + efi_uintn_t image_size = *p_image_size; + const struct fmp_payload_header *header; + u32 fmp_hdr_signature = FMP_PAYLOAD_HDR_SIGNATURE; + + header = image; if (!memcmp(&header->signature, &fmp_hdr_signature, sizeof(fmp_hdr_signature))) { - /* - * When building the capsule with the scripts in - * edk2, a FMP header is inserted above the capsule - * payload. Compensate for this header to get the - * actual payload that is to be updated. - */ + /* FMP header is inserted above the capsule payload */ + state->fw_version = header->fw_version; + state->lowest_supported_version = header->lowest_supported_version; + state->last_attempt_version = header->fw_version; image += header->header_size; image_size -= header->header_size; } *p_image = image; *p_image_size = image_size; - return EFI_SUCCESS; +} + +/** + * efi_firmware_verify_image - verify image + * @p_image: Pointer to new image + * @p_image_size: Pointer to size of new image + * @image_index Image index + * @state Pointer to fmp state + * + * Verify the capsule file + * + * Return: status code + */ +static +efi_status_t efi_firmware_verify_image(const void **p_image, + efi_uintn_t *p_image_size, + u8 image_index, + struct fmp_state *state) +{ + efi_status_t ret; + + ret = efi_firmware_capsule_authenticate(p_image, p_image_size, state); + efi_firmware_parse_payload_header(p_image, p_image_size, state); + + return ret; } /** @@ -330,7 +459,9 @@ efi_status_t EFIAPI efi_firmware_fit_set_image( efi_status_t (*progress)(efi_uintn_t completion), u16 **abort_reason) { + bool updated; efi_status_t status; + struct fmp_state state = { 0 }; EFI_ENTRY("%p %d %p %zu %p %p %p\n", this, image_index, image, image_size, vendor_code, progress, abort_reason); @@ -338,14 +469,22 @@ efi_status_t EFIAPI efi_firmware_fit_set_image( if (!image || image_index != 1) return EFI_EXIT(EFI_INVALID_PARAMETER); - status = efi_firmware_capsule_authenticate(&image, &image_size); + status = efi_firmware_verify_image(&image, &image_size, image_index, + &state); if (status != EFI_SUCCESS) - return EFI_EXIT(status); + goto err; - if (fit_update(image)) - return EFI_EXIT(EFI_DEVICE_ERROR); + if (fit_update(image)) { + status = EFI_DEVICE_ERROR; + goto err; + } - return EFI_EXIT(EFI_SUCCESS); + state.last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; +err: + updated = (status == EFI_SUCCESS) ? true : false; + efi_firmware_set_fmp_state_var(&state, image_index, updated); + + return EFI_EXIT(status); } const struct efi_firmware_management_protocol efi_fmp_fit = { @@ -391,7 +530,9 @@ efi_status_t EFIAPI efi_firmware_raw_set_image( u16 **abort_reason) { int ret; + bool updated; efi_status_t status; + struct fmp_state state = { 0 }; EFI_ENTRY("%p %d %p %zu %p %p %p\n", this, image_index, image, image_size, vendor_code, progress, abort_reason); @@ -399,9 +540,10 @@ efi_status_t EFIAPI efi_firmware_raw_set_image( if (!image) return EFI_EXIT(EFI_INVALID_PARAMETER); - status = efi_firmware_capsule_authenticate(&image, &image_size); + status = efi_firmware_verify_image(&image, &image_size, image_index, + &state); if (status != EFI_SUCCESS) - return EFI_EXIT(status); + goto err; if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) { /* @@ -410,16 +552,26 @@ efi_status_t EFIAPI efi_firmware_raw_set_image( */ ret = fwu_get_image_index(&image_index); if (ret) { + state.last_attempt_status = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; log_debug("Unable to get FWU image_index\n"); - return EFI_EXIT(EFI_DEVICE_ERROR); + status = EFI_DEVICE_ERROR; + goto err; } } if (dfu_write_by_alt(image_index - 1, (void *)image, image_size, - NULL, NULL)) - return EFI_EXIT(EFI_DEVICE_ERROR); + NULL, NULL)) { + status = EFI_DEVICE_ERROR; + state.last_attempt_status = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; + goto err; + } + + state.last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; +err: + updated = (status == EFI_SUCCESS) ? true : false; + efi_firmware_set_fmp_state_var(&state, image_index, updated); - return EFI_EXIT(EFI_SUCCESS); + return EFI_EXIT(status); } const struct efi_firmware_management_protocol efi_fmp_raw = { From patchwork Wed Feb 22 10:40:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 655685 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp621376wrb; Wed, 22 Feb 2023 02:39:52 -0800 (PST) X-Google-Smtp-Source: AK7set+F2jw2gamd4w4H3ZG9gWnU3tW2i5zt47L8fl8Y3Qs8JExZHlxTjwO71MAwO7LjvQoaOQ/L X-Received: by 2002:a9d:6c9:0:b0:68d:72c8:10a9 with SMTP id 67-20020a9d06c9000000b0068d72c810a9mr3060464otx.9.1677062392017; Wed, 22 Feb 2023 02:39:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677062391; cv=none; d=google.com; s=arc-20160816; b=pzGEmwDbB0FuT6gYRdPJsmWdKhQPTv2UDbUuVHHRnof1Jk2+Q3zbXnqNs0nIAkyHTw zvWpxonJAzcUhddXTTRsC2TiCbD8WZ/Io9YaWTdcB1lD7Y0chOEh1SQF1ywzkmZ2Yyli KiGvsL8FQvlhpgPP46KZdeqUY4VU8fFcnjGKxgbjuGdCrIxMSiZhfEdy+If5n2lB5liG XLXeIUTqVbE63QAzL/f7ICsiWR1Oqevv3pdx3NN38zDwY/Z4Kseo4WeLnmMgN4hvGusd QKMsvXBS+AOwuof9rCrnh597o2VMuLk5aRDShG3y7I6jNCCkwVnD/XDneo2dEact7j7x qKpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=7F/xYo75zDgMVvX20AIT64XcI5lt+sOU5sOkoZasTe0=; b=JfQlZdKOO1NnMbNhfFX80W9yCPrEOyDc9PvT0tr3Sviyk4oTt8YWFzqRhUjnT8AzWh cZl1xM+hhMwM1UejNPK9OhI5XrDN4m79+gbAv9iYNzuDUKn3o6eGpKqEusdNLmrY4fSf TUj97MyR9pAIZosXosKitDd3NqpCCBu2tjsD7dzxxb4N+im6cTNwSpwtXGCfLOmBG5NG BuaIhn46wl83HwojSjWr4dD8VR5I8VTdPwwBvxmn2JyzG/FCJnOqwrue+4o4iMDRvyWX 24Ik18bR2h7poRyiiwTexV206upsnSWAn07zeQ08QhMYbHyzQQDo2jj1go0FQMvl/AaX ZcPg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=rUkP7utC; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id q20-20020a9d6554000000b0068bd5de3604si2996361otl.29.2023.02.22.02.39.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Feb 2023 02:39:51 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=rUkP7utC; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 7888885A9F; Wed, 22 Feb 2023 11:39:38 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="rUkP7utC"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 0327D85A85; Wed, 22 Feb 2023 11:39:22 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8A14985A86 for ; Wed, 22 Feb 2023 11:39:12 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x102b.google.com with SMTP id z20-20020a17090a8b9400b002372d7f823eso4268914pjn.4 for ; Wed, 22 Feb 2023 02:39:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=7F/xYo75zDgMVvX20AIT64XcI5lt+sOU5sOkoZasTe0=; b=rUkP7utC0zpL8d8Poit9fvphd3HVBDbJKPphs00V4gOP/BvUmSuAV9OXSldaPBxQIw 10jZ1vmRFiL7Del+tlmiXP4qErdcul4QBqGeyvql+w+dMj78JGGWI3EBFjHSOke2Yodm pPKpMUkpsrYAQ/pD591Bs2bWvyihBmj9HpCNJ36g+E3i0wPcNbAgw1P/nGxAveNH9++Q trFcFc6sfpCrWH6dvOtJ8xK0gfbJsp2currZ0FX/3bYaOPR/J03Vx1ZTyHG3tv90lrS8 e9nmkmRpUgcq2auMAJwL1yrqx9qYMtxqH5G3PHb9KPP8IVk2f/ULQ1qvBKreCYD04ANm 4DaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=7F/xYo75zDgMVvX20AIT64XcI5lt+sOU5sOkoZasTe0=; b=KlE2j0kcSekNkevavVt19s5C3eRuORwkv/8l5/Na1Mm9ox8zw2uOuScps24tvMtjMN KiGCNpHtpcGGXxuKzi3g3iTQlcP8EitjlUH5/VbPBubhyi2DKHQ1dECobsgceZK+kVOn WilZ2fj6pxiHN95nhIX2XiHEUyKjbNXioGiXRPVSUofU2BcJWR1FYE1djXGHoiN/8Crv 86gZYNDuRNfK/IBR2TPaFn4AknL+CsBZ8PP7gSchlXIOpHuYFBSm42hkIFzCKFFvTGdQ wvBJaic1mIiGbr0UvranO+N5VEDUJXCWJSFMG+O+TlHqe4WySg/IAfszeeReZ61WFtbj z7Lg== X-Gm-Message-State: AO0yUKWB2G+QSszly3EMCldnjO0rMuwQqk+RIc1P5l2DMIlS7W1PLrUW qTT2AP0wXntqGNYC5Id/U0R/Wdcn3cRr+j614Oc= X-Received: by 2002:a17:902:ec86:b0:19a:a9dd:ed3f with SMTP id x6-20020a170902ec8600b0019aa9dded3fmr9007664plg.49.1677062350606; Wed, 22 Feb 2023 02:39:10 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id ja17-20020a170902efd100b0019acd3151d0sm6201029plb.114.2023.02.22.02.39.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Feb 2023 02:39:10 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH RFC 2/3] efi_loader: versioning support in GetImageInfo Date: Wed, 22 Feb 2023 19:40:35 +0900 Message-Id: <20230222104036.14262-3-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230222104036.14262-1-masahisa.kojima@linaro.org> References: <20230222104036.14262-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Current FMP->GetImageInfo() always return 0 for the firmware version, user can not identify which firmware version is currently running through the EFI interface. This commit reads the "FmpStateXXXX" EFI variable, then fills the firmware version, lowest supported version, last attempt version and last attempt status in FMP->GetImageInfo(). Now FMP->GetImageInfo() and ESRT have the meaningful version number. Signed-off-by: Masahisa Kojima --- lib/efi_loader/efi_firmware.c | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index 72343e2616..1d63804717 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -173,13 +173,38 @@ static efi_status_t efi_fill_image_desc_array( *package_version_name = NULL; /* not supported */ for (i = 0; i < num_image_type_guids; i++) { + u16 varname[13]; /* u"FmpStateXXXX" */ + efi_status_t ret; + efi_uintn_t size; + struct fmp_state var_state = { 0 }; + image_info[i].image_index = fw_array[i].image_index; image_info[i].image_type_id = fw_array[i].image_type_id; image_info[i].image_id = fw_array[i].image_index; image_info[i].image_id_name = fw_array[i].fw_name; - image_info[i].version = 0; /* not supported */ + efi_create_indexed_name(varname, sizeof(varname), "FmpState", + fw_array[i].image_index); + size = sizeof(var_state); + ret = efi_get_variable_int(varname, &efi_guid_fmp_state, NULL, + &size, &var_state, NULL); + if (ret == EFI_SUCCESS) { + image_info[i].version = var_state.fw_version; + image_info[i].lowest_supported_image_version = + var_state.lowest_supported_version; + image_info[i].last_attempt_version = + var_state.last_attempt_version; + image_info[i].last_attempt_status = + var_state.last_attempt_status; + } else { + image_info[i].version = 0; + image_info[i].lowest_supported_image_version = 0; + image_info[i].last_attempt_version = 0; + image_info[i].last_attempt_status = + LAST_ATTEMPT_STATUS_SUCCESS; + } + image_info[i].version_name = NULL; /* not supported */ image_info[i].size = 0; image_info[i].attributes_supported = @@ -193,9 +218,6 @@ static efi_status_t efi_fill_image_desc_array( image_info[0].attributes_setting |= IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED; - image_info[i].lowest_supported_image_version = 0; - image_info[i].last_attempt_version = 0; - image_info[i].last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; image_info[i].hardware_instance = 1; image_info[i].dependencies = NULL; } From patchwork Wed Feb 22 10:40:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 655686 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp621426wrb; Wed, 22 Feb 2023 02:40:04 -0800 (PST) X-Google-Smtp-Source: AK7set/GNtOA7zfzLxWuzw5PSn18aSNrIr1svt4YSRi1dXzRgJvF1JOv7dPfeXBmkb2mI+pOSke/ X-Received: by 2002:a05:6870:eca0:b0:16d:c848:30e2 with SMTP id eo32-20020a056870eca000b0016dc84830e2mr8706974oab.44.1677062404486; Wed, 22 Feb 2023 02:40:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677062404; cv=none; d=google.com; s=arc-20160816; b=bejI1YdOpsXRQPnwi6vcH8qFl+UmffHmAkYaPpwqgfImmHmDNOC/W8KkfK0idVAEv7 GeVI0UqffNpgt+gqgqo7vUjfqS7FNDgcpmmfaqmnVMESeW5+vyVWmrbYlyjAAkPQ0T/e iTmdeZt7D+ETqzC/c8xDR+C2JHSl5t7VjpkUfJ4VgJwnxIxhYK6kihaw5oWB9K0HRvBX 0naKQZ5+b7sTXdpNae0UV3qkuhhCSxM/crgzqHkMsFjoU/lnB6t4ZHBwxvo442bhHwWK aWoecTttJHf5ED11wZfi5sYjxTk6x1KjQ3I+hly5c+BKSG8Dg6d1/l1GkGnpF86Zgz+O ehIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=DW/AvdWSNwqm0QbWNS2q10yo2kQQ7nMsbIT7S5po7hY=; b=WEQwAwlQT4CJIYU2eCFtgv6ShUwEYcOvpXQpcWVFf4JRa2ELprLM+LiRNt1K6LiH26 1T16lidwoYIkgKc+puSKDhv+xtR8T3evp/qFq4kSCBhrBiwUDb2UIcCoNSWK2oSfX3UB Fxr+ucNz4VKLuAaYQ+A5unaLeMfoYbcRZaXkRdhTJMcEICHusVcjN08J0GtNUjRIdOIM sCT0Ikw4+8B0ViF4Bds4UgHVCWia4ZbNihWyTDn/UsiobqRREFk7UkVwiXQFStho776E i75eyGzYN3+BgQrWWnXBzVNpfjxDdwtnuD8eer8DG3qHfipznK4MNHtpETdfc26HP6+V gJ2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=FOfb6KMn; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id yf2-20020a05687c000200b0015bae89ef4csi19947226oab.252.2023.02.22.02.40.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Feb 2023 02:40:04 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=FOfb6KMn; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 0013785A9C; Wed, 22 Feb 2023 11:39:40 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="FOfb6KMn"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 67CEA85A86; Wed, 22 Feb 2023 11:39:23 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 3308785A8F for ; Wed, 22 Feb 2023 11:39:16 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x1033.google.com with SMTP id q31-20020a17090a17a200b0023750b69614so98474pja.5 for ; Wed, 22 Feb 2023 02:39:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=DW/AvdWSNwqm0QbWNS2q10yo2kQQ7nMsbIT7S5po7hY=; b=FOfb6KMn7ray6z4FfJfRcWt89hPmMUegq9cHkpfCtXNJlEzgnSMhUoU+/hktk2MlQO PNbDg0b4h+4VPlTP2wZH7ObLtRHdwkn62nmAyiMdMONHHX84RjZB6WT3MOCD+aC+F+Gt mYLtoZH8v7PAnRapC5+Ox+RG+XzlC05B96xbB2VASh4Ft2zFi0my0pnHU+f700ewOT4l X5Isogh1URtQYBe+e9pYZBeIYphHsnQIpaY7rDW1nimDkquDuJ6JEeh07d8aMxBwMFXR j6IJHB0Dqg5hdjp2IRPjybHJktd9bdmEK12vTZJNx4xPR3d8FdoghqBFE66lmDnscGeM Q/TQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=DW/AvdWSNwqm0QbWNS2q10yo2kQQ7nMsbIT7S5po7hY=; b=240XNvgSjPbXnGtChMP8kWLvyM3d6iQMFGUdzdA9M+Pz5X/zkZgI4DeiKjQMhkMKbO /WiC5tOUW8jsCmaUv5n4g3EBV+ks2tDHyqJqBtq6eKm5aZ/addgQm/rcrl0fImgOg5w+ xqILKytKL4SE0myyxqFwnHRD5wXuX/tTAraJVKiVwxLjPLEge1TdtixpTjzuAsshgNut Y92mhr86LNDgjbM1SK5Z1t8Pv/pYZLG2o7svw28E1jN3OGMHa4k6yRv4J52xMQ9m4BVW cMK0BcwG/EdkKXUfx9eWO14sMvx2Fz7ajNxscIUrp5J0btfdAWf63ptb+Tq6BJGZ4Wt2 PoYg== X-Gm-Message-State: AO0yUKV5QhV+w3KekkfJI6pfrdbsKIADyPcj6mFbXCkIZZBkd8xwrYrM 7Nwjx/OGW2iszhz81SG2SrCcn5E8s7YInOxGJdI= X-Received: by 2002:a17:903:28c6:b0:19a:a43c:41b7 with SMTP id kv6-20020a17090328c600b0019aa43c41b7mr7029927plb.21.1677062352787; Wed, 22 Feb 2023 02:39:12 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id ja17-20020a170902efd100b0019acd3151d0sm6201029plb.114.2023.02.22.02.39.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Feb 2023 02:39:12 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH RFC 3/3] efi_loader: check lowest supported version in capsule update Date: Wed, 22 Feb 2023 19:40:36 +0900 Message-Id: <20230222104036.14262-4-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230222104036.14262-1-masahisa.kojima@linaro.org> References: <20230222104036.14262-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean The FMP Payload Header which EDK2 capsule generation scripts insert contains lowest supported version. This commit reads the lowest supported version stored in the "FmpStateXXXX" EFI non-volatile variable, then check if the firmware version of ongoing capsule is equal or greater than the lowest supported version. Signed-off-by: Masahisa Kojima --- lib/efi_loader/efi_firmware.c | 43 ++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index 1d63804717..8bbbb3f081 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -368,6 +368,34 @@ void efi_firmware_parse_payload_header(const void **p_image, *p_image_size = image_size; } +/** + * efi_firmware_get_lowest_supported_version - get the lowest supported version + * @image_index: image_index + * + * Get the lowest supported version from FmpStateXXXX variable. + * + * Return: lowest supported version, return 0 if reading FmpStateXXXX + * variable failed + */ +static +u32 efi_firmware_get_lowest_supported_version(u8 image_index) +{ + u16 varname[13]; /* u"FmpStateXXXX" */ + efi_status_t ret; + efi_uintn_t size; + struct fmp_state var_state = { 0 }; + + efi_create_indexed_name(varname, sizeof(varname), "FmpState", + image_index); + size = sizeof(var_state); + ret = efi_get_variable_int(varname, &efi_guid_fmp_state, NULL, &size, + &var_state, NULL); + if (ret != EFI_SUCCESS) + return 0; + + return var_state.lowest_supported_version; +} + /** * efi_firmware_verify_image - verify image * @p_image: Pointer to new image @@ -375,7 +403,8 @@ void efi_firmware_parse_payload_header(const void **p_image, * @image_index Image index * @state Pointer to fmp state * - * Verify the capsule file + * Verify the capsule authentication and check if the fw_version + * is equal or greater than the lowest supported version. * * Return: status code */ @@ -386,10 +415,22 @@ efi_status_t efi_firmware_verify_image(const void **p_image, struct fmp_state *state) { efi_status_t ret; + u32 lowest_supported_version; ret = efi_firmware_capsule_authenticate(p_image, p_image_size, state); efi_firmware_parse_payload_header(p_image, p_image_size, state); + /* check lowest_supported_version if capsule authentication passes */ + if (ret == EFI_SUCCESS) { + lowest_supported_version = + efi_firmware_get_lowest_supported_version(image_index); + if (lowest_supported_version > state->fw_version) { + state->last_attempt_status = + LAST_ATTEMPT_STATUS_ERROR_INCORRECT_VERSION; + ret = EFI_INVALID_PARAMETER; + } + } + return ret; }