From patchwork Wed Mar 1 09:15:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 657796 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp3386574wrb; Wed, 1 Mar 2023 01:16:39 -0800 (PST) X-Google-Smtp-Source: AK7set+33zhbC+FNskJqrEcd304UNQLgrd+znUH1Me8paQ1dndYkrlKBQl6FAbtSXXaNBEiFfnAK X-Received: by 2002:a05:6808:638c:b0:384:3f56:2df1 with SMTP id ec12-20020a056808638c00b003843f562df1mr3290258oib.45.1677662199137; Wed, 01 Mar 2023 01:16:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677662199; cv=none; d=google.com; s=arc-20160816; b=F4bYehTRvdnhSmDZzOOlViaXmS6IP6UrnHv98qFezezKFnOORiKuytwK6BEPr+GzvE KxFzyt0XqrmstOdMuEOJUh7z9wiYBNQRTXZbvPDiYvhf7ZKviNv8hEOzQGeYznqoCAYe teGsDONLPTs+RbEHxPIKMfJ9rh8Yc7XeX+mCaXRU8+kvfXqQnpeKA2p9AR1cSu+klcmH QCjMLgWUYDTijX/AjOc/sysQ2DDUuNGth8+rPyKLFcXrhalB1YtsgMK9sH7gcdApHLV5 gNv7fYLT+7GTnjJKxP37rNPZE0/kiYqdHqLLbmJshyWzbpfGkLVXVfgEOD+hFE5rXsac +9DQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=J+R9g/ZQCAG1vuCW0oEayXJlBZFMEjFTB6bNCpNn1AM=; b=pRGgYslAXQC7MCPhLwm/yzdV3PLNi8oJzZ2n7AdFUf6+op9ASBG/sLb2RBf1HrX4lc m26z347ev/ap8ZYb1F+GhoR36fEX4nQNBZbjC6aocDjTv+XSlUK41O+icnpjbm8brmVo ZXmH5Rg5qNC9O8owNTSbousLU+smoVrHU7lVmEx/noQ852NmG45fs1+x743kc3z/KEvO hQRjqvJpmhkXFi+VrKNGP51/t7zQMIPqWvZlL757QeeEnHVNWELw/tD1AlpPUIwXdLb7 g+aFRwl+WFMNINFWBF6h4UuBYJTWjc6FKM5GcLnMYVKnZ5FgEaQ+Hxd85X7XOgUkiDx5 St9w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UaFJTTb7; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id e26-20020aca231a000000b0037f84be7048si13136845oie.284.2023.03.01.01.16.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:16:39 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UaFJTTb7; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 37AC885C18; Wed, 1 Mar 2023 10:16:24 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="UaFJTTb7"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5317785C17; Wed, 1 Mar 2023 10:16:13 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 50D4285C06 for ; Wed, 1 Mar 2023 10:15:57 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x102e.google.com with SMTP id x20-20020a17090a8a9400b00233ba727724so620468pjn.1 for ; Wed, 01 Mar 2023 01:15:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1677662155; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=J+R9g/ZQCAG1vuCW0oEayXJlBZFMEjFTB6bNCpNn1AM=; b=UaFJTTb79+SM3+sKdQK6trKsMYv29tgflyEE52BzLGJBs3wk6EtTxoTAbcSmhiU2jU Ni6wIrsKC5GPZvuIvPI42oID05JX31hmzW6RLFqP8P8ZqpzltS1Db4cTMu1nUluTRznD K4+gfePbcLRC2VJl/rFsizSE8Jqd/uMlvgTD0pRSCcYFlg9SF2wGmASCYlcNCyiMcYwI IauRFU+xTjvN1LUJ4vZXfA2mm2NfhHiv7jY9SgK3LBMN53lFsJwyKv73zygaJiyPfxvI ucOI08ATIIJfwsq6somlbXtMiSVXV7lMVuUVziihVOpyKCoIRHWY1CgV9ATt+9992h2r miMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677662155; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=J+R9g/ZQCAG1vuCW0oEayXJlBZFMEjFTB6bNCpNn1AM=; b=wxte2k1AcmWAPd8+NssgLTDaTw7z99rBwmlFZtOh28c9zPAAUrIxnh0K99vbOhxbQ3 8pjikj+1F7GsQ5/o9g0WReS5NA2hbfI96cIuSAwY0eI9WF3YruFlCAjYLazCEMj7hvbG zgd5NOirpLT8p24IPOu1CP1+vFepamQcSoZAryrhtBDjgAQHJizQyVBa4jDyPzxAxi6Q 5pO5uKk1ZRF2d5ueD9pIVt+yqi9WDiP2cTMUhCKth5syJczGpRU88I3i3so7SNe/iWHj QbXBaXPPV5pC0RYkGCc1xXd6d6FUN/v9CiOHreT+EAyk9d9eZY6kZBGPDF4HHezd5+dw jB5g== X-Gm-Message-State: AO0yUKUYbeo+pn2gTz3D45sgPibzmk+j7k1WNDlm96SOrcQxTl1zhX2o m8KI2uPB8OyU9uPErOjuOV2t76EdQDU3BDJB X-Received: by 2002:a05:6a20:6a9e:b0:cb:867d:1594 with SMTP id bi30-20020a056a206a9e00b000cb867d1594mr5254710pzb.6.1677662155349; Wed, 01 Mar 2023 01:15:55 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id 13-20020aa7910d000000b005a8173829d5sm7466637pfh.66.2023.03.01.01.15.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:15:54 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v2 1/4] efi_loader: store firmware version into FmpState variable Date: Wed, 1 Mar 2023 18:15:19 +0900 Message-Id: <20230301091523.18384-2-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230301091523.18384-1-masahisa.kojima@linaro.org> References: <20230301091523.18384-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Firmware version management is not implemented in the current FMP protocol. EDK2 reference implementation capsule generation script inserts the FMP Payload Header right before the payload, it contains the firmware version and lowest supported version. This commit utilizes the FMP Payload Header, read the header and stores the firmware version, lowest supported version, last attempt version and last attempt status into "FmpStateXXXX" EFI non-volatile variable. XXXX indicates the image index, since FMP protocol handles multiple image indexes. This change is compatible with the existing FMP implementation. This change does not mandate the FMP Payload Header. If no FMP Payload Header is found in the capsule file, fw_version, lowest supported version, last attempt version and last attempt status is 0 and this is the same behavior as existing FMP implementation. Signed-off-by: Masahisa Kojima --- Changes in v2: - modify indent lib/efi_loader/efi_firmware.c | 198 ++++++++++++++++++++++++++++++---- 1 file changed, 175 insertions(+), 23 deletions(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index 93e2b01c07..d1afafb052 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -18,6 +19,12 @@ #define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1') +#define EFI_FMP_STATE_GUID \ + EFI_GUID(0x84bed885, 0x193a, 0x403f, 0xa2, 0x78, \ + 0xe8, 0x9e, 0x23, 0x8a, 0xd6, 0xe1) + +static const efi_guid_t efi_guid_fmp_state = EFI_FMP_STATE_GUID; + /** * struct fmp_payload_header - EDK2 header for the FMP payload * @@ -36,6 +43,24 @@ struct fmp_payload_header { u32 lowest_supported_version; }; +/** + * struct fmp_state - fmp firmware update state + * + * This structure describes the state of the firmware update + * through FMP protocol. + * + * @fw_version: Firmware versions used + * @lowest_supported_version: Lowest supported version + * @last_attempt_version: Last attempt version + * @last_attempt_status: Last attempt status + */ +struct fmp_state { + u32 fw_version; + u32 lowest_supported_version; + u32 last_attempt_version; + u32 last_attempt_status; +}; + __weak void set_dfu_alt_info(char *interface, char *devstr) { env_set("dfu_alt_info", update_info.dfu_string); @@ -182,6 +207,7 @@ static efi_status_t efi_fill_image_desc_array( * efi_firmware_capsule_authenticate - authenticate the capsule if enabled * @p_image: Pointer to new image * @p_image_size: Pointer to size of new image + * @state Pointer to fmp state * * Authenticate the capsule if authentication is enabled. * The image pointer and the image size are updated in case of success. @@ -190,12 +216,11 @@ static efi_status_t efi_fill_image_desc_array( */ static efi_status_t efi_firmware_capsule_authenticate(const void **p_image, - efi_uintn_t *p_image_size) + efi_uintn_t *p_image_size, + struct fmp_state *state) { const void *image = *p_image; efi_uintn_t image_size = *p_image_size; - u32 fmp_hdr_signature; - struct fmp_payload_header *header; void *capsule_payload; efi_status_t status; efi_uintn_t capsule_payload_size; @@ -209,8 +234,12 @@ efi_status_t efi_firmware_capsule_authenticate(const void **p_image, if (status == EFI_SECURITY_VIOLATION) { printf("Capsule authentication check failed. Aborting update\n"); + state->last_attempt_status = + LAST_ATTEMPT_STATUS_ERROR_AUTH_ERROR; return status; } else if (status != EFI_SUCCESS) { + state->last_attempt_status = + LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; return status; } @@ -222,24 +251,124 @@ efi_status_t efi_firmware_capsule_authenticate(const void **p_image, debug("Updating capsule without authenticating.\n"); } - fmp_hdr_signature = FMP_PAYLOAD_HDR_SIGNATURE; - header = (void *)image; + *p_image = image; + *p_image_size = image_size; + + return EFI_SUCCESS; +} + +/** + * efi_firmware_set_fmp_state_var - set FmpStateXXXX variable + * @state: Pointer to fmp state + * @image_index: image index + * @updated: flag to indicate firmware update is successful + * + * Update the FmpStateXXXX variable with the firmware update state. + * + * Return: status code + */ +static +efi_status_t efi_firmware_set_fmp_state_var(struct fmp_state *state, u8 image_index, + bool updated) +{ + u16 varname[13]; /* u"FmpStateXXXX" */ + efi_status_t ret; + efi_uintn_t size; + struct fmp_state var_state = { 0 }; + + efi_create_indexed_name(varname, sizeof(varname), "FmpState", + image_index); + size = sizeof(var_state); + ret = efi_get_variable_int(varname, &efi_guid_fmp_state, NULL, &size, + &var_state, NULL); + if (ret != EFI_SUCCESS && ret != EFI_NOT_FOUND) + return ret; + + /* + * When the capsule update is successful, FmpStateXXXX variable is set + * according to the fmp payload header information. If there is no fmp payload + * header in the capsule file, all values are set to 0. + * When the capsule update fails, only last attempt information of FmpStateXXXX + * variable is updated, fw_version and lowest_supported_version keep original + * value or 0(in case no FmpStateXXXX variable found). + */ + if (updated) { + var_state.fw_version = state->fw_version; + var_state.lowest_supported_version = state->lowest_supported_version; + var_state.last_attempt_version = state->last_attempt_version; + var_state.last_attempt_status = state->last_attempt_status; + } else { + var_state.last_attempt_version = state->last_attempt_version; + var_state.last_attempt_status = state->last_attempt_status; + } + + ret = efi_set_variable_int(varname, &efi_guid_fmp_state, + EFI_VARIABLE_NON_VOLATILE | + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS, + sizeof(var_state), &var_state, false); + + return ret; +} +/** + * efi_firmware_parse_payload_header - parse FMP payload header + * @p_image: Pointer to new image + * @p_image_size: Pointer to size of new image + * @state Pointer to fmp state + * + * Parse the FMP payload header and fill the fmp_state structure. + * If no FMP payload header is found, fmp_state structure is not updated. + * + */ +static +void efi_firmware_parse_payload_header(const void **p_image, + efi_uintn_t *p_image_size, + struct fmp_state *state) +{ + const void *image = *p_image; + efi_uintn_t image_size = *p_image_size; + const struct fmp_payload_header *header; + u32 fmp_hdr_signature = FMP_PAYLOAD_HDR_SIGNATURE; + + header = image; if (!memcmp(&header->signature, &fmp_hdr_signature, sizeof(fmp_hdr_signature))) { - /* - * When building the capsule with the scripts in - * edk2, a FMP header is inserted above the capsule - * payload. Compensate for this header to get the - * actual payload that is to be updated. - */ + /* FMP header is inserted above the capsule payload */ + state->fw_version = header->fw_version; + state->lowest_supported_version = header->lowest_supported_version; + state->last_attempt_version = header->fw_version; image += header->header_size; image_size -= header->header_size; } *p_image = image; *p_image_size = image_size; - return EFI_SUCCESS; +} + +/** + * efi_firmware_verify_image - verify image + * @p_image: Pointer to new image + * @p_image_size: Pointer to size of new image + * @image_index Image index + * @state Pointer to fmp state + * + * Verify the capsule file + * + * Return: status code + */ +static +efi_status_t efi_firmware_verify_image(const void **p_image, + efi_uintn_t *p_image_size, + u8 image_index, + struct fmp_state *state) +{ + efi_status_t ret; + + ret = efi_firmware_capsule_authenticate(p_image, p_image_size, state); + efi_firmware_parse_payload_header(p_image, p_image_size, state); + + return ret; } /** @@ -330,7 +459,9 @@ efi_status_t EFIAPI efi_firmware_fit_set_image( efi_status_t (*progress)(efi_uintn_t completion), u16 **abort_reason) { + bool updated; efi_status_t status; + struct fmp_state state = { 0 }; EFI_ENTRY("%p %d %p %zu %p %p %p\n", this, image_index, image, image_size, vendor_code, progress, abort_reason); @@ -338,14 +469,22 @@ efi_status_t EFIAPI efi_firmware_fit_set_image( if (!image || image_index != 1) return EFI_EXIT(EFI_INVALID_PARAMETER); - status = efi_firmware_capsule_authenticate(&image, &image_size); + status = efi_firmware_verify_image(&image, &image_size, image_index, + &state); if (status != EFI_SUCCESS) - return EFI_EXIT(status); + goto err; - if (fit_update(image)) - return EFI_EXIT(EFI_DEVICE_ERROR); + if (fit_update(image)) { + status = EFI_DEVICE_ERROR; + goto err; + } - return EFI_EXIT(EFI_SUCCESS); + state.last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; +err: + updated = (status == EFI_SUCCESS) ? true : false; + efi_firmware_set_fmp_state_var(&state, image_index, updated); + + return EFI_EXIT(status); } const struct efi_firmware_management_protocol efi_fmp_fit = { @@ -391,7 +530,9 @@ efi_status_t EFIAPI efi_firmware_raw_set_image( u16 **abort_reason) { int ret; + bool updated; efi_status_t status; + struct fmp_state state = { 0 }; EFI_ENTRY("%p %d %p %zu %p %p %p\n", this, image_index, image, image_size, vendor_code, progress, abort_reason); @@ -399,9 +540,10 @@ efi_status_t EFIAPI efi_firmware_raw_set_image( if (!image) return EFI_EXIT(EFI_INVALID_PARAMETER); - status = efi_firmware_capsule_authenticate(&image, &image_size); + status = efi_firmware_verify_image(&image, &image_size, image_index, + &state); if (status != EFI_SUCCESS) - return EFI_EXIT(status); + goto err; if (IS_ENABLED(CONFIG_FWU_MULTI_BANK_UPDATE)) { /* @@ -410,16 +552,26 @@ efi_status_t EFIAPI efi_firmware_raw_set_image( */ ret = fwu_get_image_index(&image_index); if (ret) { + state.last_attempt_status = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; log_debug("Unable to get FWU image_index\n"); - return EFI_EXIT(EFI_DEVICE_ERROR); + status = EFI_DEVICE_ERROR; + goto err; } } if (dfu_write_by_alt(image_index - 1, (void *)image, image_size, - NULL, NULL)) - return EFI_EXIT(EFI_DEVICE_ERROR); + NULL, NULL)) { + status = EFI_DEVICE_ERROR; + state.last_attempt_status = LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL; + goto err; + } + + state.last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; +err: + updated = (status == EFI_SUCCESS) ? true : false; + efi_firmware_set_fmp_state_var(&state, image_index, updated); - return EFI_EXIT(EFI_SUCCESS); + return EFI_EXIT(status); } const struct efi_firmware_management_protocol efi_fmp_raw = { From patchwork Wed Mar 1 09:15:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 657797 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp3386665wrb; Wed, 1 Mar 2023 01:16:55 -0800 (PST) X-Google-Smtp-Source: AK7set+H8L1WfTddr8m2c1awOh9D9lXlVPm8tI5BjdPSnCV+XPmhj7c+pE0k4gCkVwrwrjZk9Q1g X-Received: by 2002:a05:6808:54:b0:384:ea9:23ab with SMTP id v20-20020a056808005400b003840ea923abmr2669611oic.18.1677662215364; Wed, 01 Mar 2023 01:16:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677662215; cv=none; d=google.com; s=arc-20160816; b=dMczUMdazOiEPncpcEcMTxpKuPRBi10rbI6TaPg5K6bNeo1+Ti5bvXJlGUCyZJ/lMZ 1/Gm/9Yc+UO2ypd6LCGoADzsF/FCJ9FUnNu2WOHf+6W8EC9IMjtCDRhefn1p1BrxwzJk jh5+b9cXyFSTjvnaoJZTww1BxVpAWi729f02BgtjBmGEo0C++iyaXCo64IrLv7vaYL3h qpokEMngTBM/Po38b0mNoaMuWJmbSjZsDwnOSSvrUQH8K1FYG9mXcrWeO8lTmLg7XZlj SWCAdTXbBKBPFgTEoG8sA3DhzeXDeZCHHGuZqEJvGZQa2O4FOH3oJidbk66qr4tRObVv wFKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=KNtK2Kv9VKitVI2gSAeD17XqjZxXNzZl+xSvIQS063k=; b=DUf8RwgXhRECnjGboCfcPmxP85fQjDq2v7KJYZ2H41BeK7rgbQ0KbAe13Xl8WoTNeK F2grtVS2zqDCY6cpgqdnyrq780GceFEzRVkzt/pmBLupNtQ9P//QhRIYNwhI4QS/ZEEp U9BMtreQLvjhNMH4gIxZuWybmNMHgioHtCxyqcDrrPfs0tNkTU/LTgEecmhrlm3tXlPV hP33CIqZ+4UM8zB0xPkeGA148WCP1G2FVl5y+5oQup29WfawvGElvFjt9CCFZUBbL6vF fqTLagEM2UOCA8Sz2gvj0yVdqU9cXqxBCrAsHNtrHDK5kkA5h4JWab+WqN91iliOEseN 9N+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=vbKV4RTv; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id h23-20020a056808015700b0038423b74892si10347346oie.192.2023.03.01.01.16.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:16:55 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=vbKV4RTv; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 44C1F85C12; Wed, 1 Mar 2023 10:16:28 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="vbKV4RTv"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 373D185C04; Wed, 1 Mar 2023 10:16:23 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 26AEB85C12 for ; Wed, 1 Mar 2023 10:16:00 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pg1-x52f.google.com with SMTP id q23so7307383pgt.7 for ; Wed, 01 Mar 2023 01:15:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1677662158; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=KNtK2Kv9VKitVI2gSAeD17XqjZxXNzZl+xSvIQS063k=; b=vbKV4RTvL694IQjdFTQEM5/OJuWgmQV7rQ26p5VeRK+ZRLETi/bommy/4lbKptCTge 2YSB0d5VNIHiGE4CzXnbgYfGLfwCTTaLYWoPya2vE8fwr/opwaTxhlVemVdlsTO1Ywl3 C3Gcq6rBpNcyLcdFSsq8Ed4Dd+OTs2fXBTIqY14c4pVJGx64TQ7Da/MOiApWFbKJGZz2 dRaXG5XE7HR5kaJrT2pBXsAEiZG1dKbb+J5IPxpqcBnYVdRkbiFAJ7ohPA2B3ovIIN8c kz6uKZKh+TgbOaRwQ3HNNSVoPD+NmPWUgicO5Joggugdtc6ZQMLHHn0Cd3fmlqeVqPjE jW5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677662158; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KNtK2Kv9VKitVI2gSAeD17XqjZxXNzZl+xSvIQS063k=; b=YnH4wnJKvJ4x2U3JbJWgFj/tqCKvglhtD4R1yz95EzzCrc43s6hGIUFn6DhqIaQ4IC nXvOENcB/J5Xo7a1btrAd2wSfzJlSLu55xMGT6Svz5kMY+IE0s4lvve/q+G/F5CVN3ys X9VhfT+VncYBm2dmdoWNQzBmG4+YGD15eLOec/lCLeB74/4hE3PSD8Wg37DsxRQk0wf8 D0PHiBrEohBohaBBW0MkGZmGAOOGZ8dDLFC3p3d7HK1IQvzvz6OGXdLVctECoiJmlRQD vksXEg7HpA9v48sVcH4j2ohMVWH9qdDp+caNXbMhmd8HYu7rFouxpD75gYqGcTc8m4Ta WJqw== X-Gm-Message-State: AO0yUKUaWBAvTywnd+xCWKLoOSpdae2ZnN2M+djxQ/kH3Q/yqf4O6UkQ xzLZWZMcejPFmO4uTBp1DfDTdYYfRboyaNsp X-Received: by 2002:aa7:940b:0:b0:5dc:107f:2e19 with SMTP id x11-20020aa7940b000000b005dc107f2e19mr6155034pfo.9.1677662157712; Wed, 01 Mar 2023 01:15:57 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id 13-20020aa7910d000000b005a8173829d5sm7466637pfh.66.2023.03.01.01.15.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:15:57 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v2 2/4] efi_loader: versioning support in GetImageInfo Date: Wed, 1 Mar 2023 18:15:20 +0900 Message-Id: <20230301091523.18384-3-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230301091523.18384-1-masahisa.kojima@linaro.org> References: <20230301091523.18384-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Current FMP->GetImageInfo() always return 0 for the firmware version, user can not identify which firmware version is currently running through the EFI interface. This commit reads the "FmpStateXXXX" EFI variable, then fills the firmware version, lowest supported version, last attempt version and last attempt status in FMP->GetImageInfo(). Now FMP->GetImageInfo() and ESRT have the meaningful version number. Signed-off-by: Masahisa Kojima --- No update since v1 lib/efi_loader/efi_firmware.c | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index d1afafb052..ead20fa914 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -173,13 +173,38 @@ static efi_status_t efi_fill_image_desc_array( *package_version_name = NULL; /* not supported */ for (i = 0; i < num_image_type_guids; i++) { + u16 varname[13]; /* u"FmpStateXXXX" */ + efi_status_t ret; + efi_uintn_t size; + struct fmp_state var_state = { 0 }; + image_info[i].image_index = fw_array[i].image_index; image_info[i].image_type_id = fw_array[i].image_type_id; image_info[i].image_id = fw_array[i].image_index; image_info[i].image_id_name = fw_array[i].fw_name; - image_info[i].version = 0; /* not supported */ + efi_create_indexed_name(varname, sizeof(varname), "FmpState", + fw_array[i].image_index); + size = sizeof(var_state); + ret = efi_get_variable_int(varname, &efi_guid_fmp_state, NULL, + &size, &var_state, NULL); + if (ret == EFI_SUCCESS) { + image_info[i].version = var_state.fw_version; + image_info[i].lowest_supported_image_version = + var_state.lowest_supported_version; + image_info[i].last_attempt_version = + var_state.last_attempt_version; + image_info[i].last_attempt_status = + var_state.last_attempt_status; + } else { + image_info[i].version = 0; + image_info[i].lowest_supported_image_version = 0; + image_info[i].last_attempt_version = 0; + image_info[i].last_attempt_status = + LAST_ATTEMPT_STATUS_SUCCESS; + } + image_info[i].version_name = NULL; /* not supported */ image_info[i].size = 0; image_info[i].attributes_supported = @@ -193,9 +218,6 @@ static efi_status_t efi_fill_image_desc_array( image_info[0].attributes_setting |= IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED; - image_info[i].lowest_supported_image_version = 0; - image_info[i].last_attempt_version = 0; - image_info[i].last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; image_info[i].hardware_instance = 1; image_info[i].dependencies = NULL; } From patchwork Wed Mar 1 09:15:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 657798 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp3386760wrb; Wed, 1 Mar 2023 01:17:10 -0800 (PST) X-Google-Smtp-Source: AK7set8KwPn53ZhUVybTsZceNQ+k1A9OZ+ktnMsjYyb2Lxit5ndUksa+ghx32blpUKabs67MUzA0 X-Received: by 2002:a9d:4e5:0:b0:68d:c122:5a51 with SMTP id 92-20020a9d04e5000000b0068dc1225a51mr3085492otm.14.1677662229963; Wed, 01 Mar 2023 01:17:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677662229; cv=none; d=google.com; s=arc-20160816; b=Z3k/QReFyKVdkTciA7/+ZGQEpSSBnEiwbj5kXIR4EghmMw1sZD/67JOb9EPfPjywlt Fha/P8aSEAe4LR/DgHN43Z2E2nic7YX9/chw/3U1RxzV1RyjAcleGZDnNgPa9uPDuqTJ Zwct0H5UTuq5nMbjVdgQgz+xhZKuzm/9i21QOIDRNqralQZoCGFBKu4gfOdAuvkdYC33 9CNi+DQByyQ9w3y51d9b0i7zJFfRAnDvnL7FqK/avV9YuRGB9LOIThsSx6gpaGQdWwvN moMYHZKDvArwIRJqp1gzpv8OblBCABei+KeDSMoGumwL7pAxM62sydODUbif7oLPjFH9 Xf/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=s8+XMNzwQS4X33rmGS+Gr1gY1iTVDbpkTqXPcNm3xdI=; b=QAYYaJ8QEP1oF7MpSPhC+clUO3Nz9HxkrRfbvivPNYh0C8U3lOyEWeKCsz+B8ErLdi WCXkzJgaTaL4ZcDJ4VHmKB75+Oe8pCZEmolpYZ+1ZbT0ywO8IwW0nDRWHtVkROShy/Dt laZQOQ8YPbQFVqZT/a7dxOUQHiS8nqHqfPccF+czkPDRbNMni295BN49yOFgQPu5IPEQ WgCtH+eoAOvM0Pl+vnldMilwVatZaSLZ9RniurnI/P4oZVC40zSiDr/51vpNob6C5XQO CPyhp+vmPbcgS+7iSzdo1MhxgZ0d3eu6fB1BFKytibIw0iTBM2VPqq38jlf5ZdIjILm2 ffjw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="wrp8xs/4"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id w10-20020a9d638a000000b00690daa32382si4861393otk.181.2023.03.01.01.17.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:17:09 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="wrp8xs/4"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6DF7B85C31; Wed, 1 Mar 2023 10:16:32 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="wrp8xs/4"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8EBEA85C04; Wed, 1 Mar 2023 10:16:24 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id B17B885911 for ; Wed, 1 Mar 2023 10:16:03 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pg1-x531.google.com with SMTP id 16so7293316pge.11 for ; Wed, 01 Mar 2023 01:16:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1677662160; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=s8+XMNzwQS4X33rmGS+Gr1gY1iTVDbpkTqXPcNm3xdI=; b=wrp8xs/4tRietHp5HKXbA0r6ZSKkTbQTzdF5BTcyDU1u+RRDNwuI4hRSZU/+6UAGm9 8QMcftc0PLCyJeChwNlalpqRUHKdpOZgVOokG68f+qKkK9+v0q7MTjWVBpG2jTfpwdAg q19Tazl+D3wurMgQH+UBoUrO8ysEUDUdlQ63cZzllz+vBrFNEEC3/WKxSGrRLVzqfqYK GLLc6kaTv+fHQK+mgTWxSJftlov/0phuzA+E+3N0cuuHXGoXKFIi5O1jnrYzAno/xKdq 80Y0leOIEcnBrcFZ+BC3kk5x5LUiipgtsWTL4oZfgFa5YWWk8AI9LRbkKXdKinpW0NoH VYbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677662160; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=s8+XMNzwQS4X33rmGS+Gr1gY1iTVDbpkTqXPcNm3xdI=; b=PNZIhwRbf+EtXQ2nyPD8RgaYsZSAmUYxJCZOZtxtb40nTDIg6VGz0WTB+MiGPb55Gf umVBA2K4hdE5DgI8+Hl4WzcYl5orEARn6IhAyh9jc++Pqn1nnrSExkQneQswo9tn5OVY ySleiBmjNkxfHgwzlK9/XIgQYk4RgLVgNi/agwjFQtd6f+g9xJrkwt74ofWtEc68sXCz hlUFiCZXrMmruzuEMZv3yu3Gx7MQsaSf+R5a+LLWhLCadEcPk5+jy1ITS0aKLfs2agWz /aLwRINTKmEUTC8eZ2X1OpSLnoNXO8WBJwrCEIRvPLVjzi5s2SrRO6kFsk0lHmE97yMy Ak+w== X-Gm-Message-State: AO0yUKUtlEU/qzlrG92XlkPTlgllex3DPcHm6tde+77KlQCccxWXI8iO 1GOfJgguDxtQZOUE8pSeTODj23rrJnabfOnp X-Received: by 2002:aa7:9e8d:0:b0:5da:cbe6:a613 with SMTP id p13-20020aa79e8d000000b005dacbe6a613mr5784260pfq.22.1677662160124; Wed, 01 Mar 2023 01:16:00 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id 13-20020aa7910d000000b005a8173829d5sm7466637pfh.66.2023.03.01.01.15.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:15:59 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v2 3/4] efi_loader: check lowest supported version in capsule update Date: Wed, 1 Mar 2023 18:15:21 +0900 Message-Id: <20230301091523.18384-4-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230301091523.18384-1-masahisa.kojima@linaro.org> References: <20230301091523.18384-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean The FMP Payload Header which EDK2 capsule generation scripts insert contains lowest supported version. This commit reads the lowest supported version stored in the "FmpStateXXXX" EFI non-volatile variable, then check if the firmware version of ongoing capsule is equal or greater than the lowest supported version. Signed-off-by: Masahisa Kojima --- Changes in v2: - add error message when the firmware version is lower than lowest supported version lib/efi_loader/efi_firmware.c | 45 ++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index ead20fa914..fc6babfc34 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -368,6 +368,34 @@ void efi_firmware_parse_payload_header(const void **p_image, *p_image_size = image_size; } +/** + * efi_firmware_get_lowest_supported_version - get the lowest supported version + * @image_index: image_index + * + * Get the lowest supported version from FmpStateXXXX variable. + * + * Return: lowest supported version, return 0 if reading FmpStateXXXX + * variable failed + */ +static +u32 efi_firmware_get_lowest_supported_version(u8 image_index) +{ + u16 varname[13]; /* u"FmpStateXXXX" */ + efi_status_t ret; + efi_uintn_t size; + struct fmp_state var_state = { 0 }; + + efi_create_indexed_name(varname, sizeof(varname), "FmpState", + image_index); + size = sizeof(var_state); + ret = efi_get_variable_int(varname, &efi_guid_fmp_state, NULL, &size, + &var_state, NULL); + if (ret != EFI_SUCCESS) + return 0; + + return var_state.lowest_supported_version; +} + /** * efi_firmware_verify_image - verify image * @p_image: Pointer to new image @@ -375,7 +403,8 @@ void efi_firmware_parse_payload_header(const void **p_image, * @image_index Image index * @state Pointer to fmp state * - * Verify the capsule file + * Verify the capsule authentication and check if the fw_version + * is equal or greater than the lowest supported version. * * Return: status code */ @@ -386,10 +415,24 @@ efi_status_t efi_firmware_verify_image(const void **p_image, struct fmp_state *state) { efi_status_t ret; + u32 lowest_supported_version; ret = efi_firmware_capsule_authenticate(p_image, p_image_size, state); efi_firmware_parse_payload_header(p_image, p_image_size, state); + /* check lowest_supported_version if capsule authentication passes */ + if (ret == EFI_SUCCESS) { + lowest_supported_version = + efi_firmware_get_lowest_supported_version(image_index); + if (lowest_supported_version > state->fw_version) { + printf("fw_version(%u) is too low(expected >%u). Aborting update\n", + state->fw_version, lowest_supported_version); + state->last_attempt_status = + LAST_ATTEMPT_STATUS_ERROR_INCORRECT_VERSION; + ret = EFI_INVALID_PARAMETER; + } + } + return ret; } From patchwork Wed Mar 1 09:15:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 657799 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp3386832wrb; Wed, 1 Mar 2023 01:17:22 -0800 (PST) X-Google-Smtp-Source: AK7set+nMW4CJeKmWpb734E+EljSsp+WUJrI2yxDhu5ftUAhrjduYc/4sQGj/XBJRwTJhB5cdqxC X-Received: by 2002:a05:6870:831c:b0:16d:e12c:fa70 with SMTP id p28-20020a056870831c00b0016de12cfa70mr2727210oae.50.1677662241940; Wed, 01 Mar 2023 01:17:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677662241; cv=none; d=google.com; s=arc-20160816; b=saZlAmcqsYPlBdQfC/TvbQ6nRiJsxU+hTN58wkvachRkFfI/1jhrXR/31BowE9hWIw iPOjbigqfwvOr9QDa/PBJBx8e2MIxRVomYU77IG6tQ8mSZDVljRYdvvdp3DsDAkfnCdJ +YGJ63/3NSo443+deBkb3gciHaBsBSgBxdl8qXDpSnDSe2iLZsF7SHILZpcOYbtbGUrb zWhBn+suOCsdtt+lukl7x0WTfRQ9nZSnDNElWt9z2mBC0kPf9kZ8Tm7iH4QX6hMR1ojl xCMoCfYaBjiX5p8leCzySQWmcV2Yd/oahmK1xRfgc5NpMNUffVJ5RPKS3QAHA/upp5Ad G4kA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=7P/k4EFngYonz1GILTT5eHwxf0T5BpHfQ/KNBg2Thp0=; b=xpQmG7AFkLW8EUkIXoC9m1R2nV4rvoqAJbNUPMSAVAutX9fOGLFpcyU3CV7eaAxjvA 0/cDchSsVO7NzYbUj5nMsgLBHPKRo8+0XQCuo1EWYETONlNmE14qAqsPsLt2sC5JIuql 0W8MPYvCI+0pIOTk8KSYb7c7AI88VFJ0JIF3CuoPIo9iY97uV46LGIXNW3vMTCigFrcR lFpCVU8wTTCezeeD/f3gehG1Hc0odIrQMuVuS/AyXLZxEetQcAOM8zH08gwqET0haH+z Xfam5pdYosGkSHLZSzPRHEMjsRvH6Z/RpFkHp4FO1hYGZgBN+L3Gac1esmojmCBH+fem Xkqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XPMADcIY; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id ec21-20020a0568708c1500b001729856967fsi11990919oab.176.2023.03.01.01.17.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:17:21 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XPMADcIY; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id B0745857B3; Wed, 1 Mar 2023 10:16:35 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="XPMADcIY"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 3EA0F85C1A; Wed, 1 Mar 2023 10:16:27 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A80A585C06 for ; Wed, 1 Mar 2023 10:16:13 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pl1-x62d.google.com with SMTP id h8so10009138plf.10 for ; Wed, 01 Mar 2023 01:16:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1677662162; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=7P/k4EFngYonz1GILTT5eHwxf0T5BpHfQ/KNBg2Thp0=; b=XPMADcIYDUQ7R5e3FcmrlW4aZ6amzOurgQmw3sFSCAb+HAlwRR0Z10Nyv3gXkn6G1G P7OE9HWKxQQ0RiAI3UWztOBWC4nRKTrX9SQcKMXe9ckMQFJ7O89KOAqjTGL52ULV9y2P PnW+Y2OKUA08XnJpnSLDv+MxeJvWFpDmcBVJ7RqVRQoj/E6WLs4ghZgu5/LDFxWKBJtJ oKubSPgkAM3dgSHuF2OmFxOn/oaq2WUdpSXWyw1iEIl0/kdhEXBu9wABE9PSU/tnzyBT txMu9m6LIUxZkifprDCynatTyurdf22PZdS5w+2afJa6xDaXex2m59JhrnwXYJi/ps9D cztw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677662162; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=7P/k4EFngYonz1GILTT5eHwxf0T5BpHfQ/KNBg2Thp0=; b=tC9B3p07kSfrOz4Q2eLNodxIGh0d637hvAlHjr1vB3hojU3Yr8+Y92grDbIzmu7POQ +ir9XFE7BppK8fLnM1fOC71HICLGl98iclckq1QKHLOQZN4etXDtR8+6htjcu6efuckx cb11zixUDn+OyC6Ri+K+LYO+feMnmvzgK4chOkFVEyIzIq23zE+LbQRZCMsode97/fpJ 9yu/8fx4QhDr2Z1ohb3PDUjtnUQadX0qgJh/dOkX7PJe08lHhxmhWqzOYFyHgTq8vB4+ RSb/Wq+vIKUHHiW3Yj88gk5mE02GCuWS9hLCHhWzavYKUhXufms3kKeWtooUUoQoqqNQ 0/yA== X-Gm-Message-State: AO0yUKXo49wslVatcc0IKWTMxssWAYrXiNQqBojuEqukCQjwhn9eQ+SF f5lH7c2MFOBOk6hpNcPmIQa2ImeY8hj3peh7 X-Received: by 2002:a05:6a20:8f1f:b0:cd:f73a:55c with SMTP id b31-20020a056a208f1f00b000cdf73a055cmr4635542pzk.13.1677662162426; Wed, 01 Mar 2023 01:16:02 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id 13-20020aa7910d000000b005a8173829d5sm7466637pfh.66.2023.03.01.01.16.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Mar 2023 01:16:01 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v2 4/4] mkeficapsule: add FMP Payload Header Date: Wed, 1 Mar 2023 18:15:22 +0900 Message-Id: <20230301091523.18384-5-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230301091523.18384-1-masahisa.kojima@linaro.org> References: <20230301091523.18384-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Current mkeficapsule tool does not provide firmware version management. EDK2 reference implementation inserts the FMP Payload Header right before the payload. It coutains the fw_version and lowest supported version. This commit adds three new parameters required to generate the FMP Payload Header for mkeficapsule tool. '-f' indicates whether FMP Payload Header is inserted. '-v' indicates the firmware version. '-l' indicates the lowest supported version. When mkeficapsule tool is invoked without '-f' option, FMP Payload Header is not inserted, the behavior is same as current implementation. Signed-off-by: Masahisa Kojima --- Newly created in v2 tools/mkeficapsule.c | 81 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 75 insertions(+), 6 deletions(-) diff --git a/tools/mkeficapsule.c b/tools/mkeficapsule.c index b71537beee..e0a6948df8 100644 --- a/tools/mkeficapsule.c +++ b/tools/mkeficapsule.c @@ -29,7 +29,7 @@ static const char *tool_name = "mkeficapsule"; efi_guid_t efi_guid_fm_capsule = EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID; efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID; -static const char *opts_short = "g:i:I:v:p:c:m:o:dhAR"; +static const char *opts_short = "g:i:I:v:l:p:c:m:o:dfhAR"; enum { CAPSULE_NORMAL_BLOB = 0, @@ -41,6 +41,9 @@ static struct option options[] = { {"guid", required_argument, NULL, 'g'}, {"index", required_argument, NULL, 'i'}, {"instance", required_argument, NULL, 'I'}, + {"fmp-payload-header", no_argument, NULL, 'f'}, + {"fw-version", required_argument, NULL, 'v'}, + {"lsv", required_argument, NULL, 'l'}, {"private-key", required_argument, NULL, 'p'}, {"certificate", required_argument, NULL, 'c'}, {"monotonic-count", required_argument, NULL, 'm'}, @@ -60,6 +63,9 @@ static void print_usage(void) "\t-g, --guid guid for image blob type\n" "\t-i, --index update image index\n" "\t-I, --instance update hardware instance\n" + "\t-f, --fmp-payload-header insert fmp payload header\n" + "\t-v, --fw-version firmware version\n" + "\t-l, --lsv lowest supported version\n" "\t-p, --private-key private key file\n" "\t-c, --certificate signer's certificate file\n" "\t-m, --monotonic-count monotonic count\n" @@ -71,6 +77,30 @@ static void print_usage(void) tool_name); } +#define SIGNATURE_16(A, B) ((A) | ((B) << 8)) +#define SIGNATURE_32(A, B, C, D) \ + (SIGNATURE_16(A, B) | (SIGNATURE_16(C, D) << 16)) + +#define FMP_PAYLOAD_HDR_SIGNATURE SIGNATURE_32('M', 'S', 'S', '1') + +/** + * struct fmp_payload_header - EDK2 header for the FMP payload + * + * This structure describes the header which is preprended to the + * FMP payload by the edk2 capsule generation scripts. + * + * @signature: Header signature used to identify the header + * @header_size: Size of the structure + * @fw_version: Firmware versions used + * @lowest_supported_version: Lowest supported version + */ +struct fmp_payload_header { + uint32_t signature; + uint32_t header_size; + uint32_t fw_version; + uint32_t lowest_supported_version; +}; + /** * auth_context - authentication context * @key_file: Path to a private key file @@ -95,6 +125,12 @@ struct auth_context { size_t sig_size; }; +struct fmp_payload_header_params { + bool have_header; + uint32_t fw_version; + uint32_t lowest_supported_version; +}; + static int dump_sig; /** @@ -402,6 +438,7 @@ static void free_sig_data(struct auth_context *ctx) */ static int create_fwbin(char *path, char *bin, efi_guid_t *guid, unsigned long index, unsigned long instance, + struct fmp_payload_header_params *fmp_ph_params, uint64_t mcount, char *privkey_file, char *cert_file, uint16_t oemflags) { @@ -410,10 +447,11 @@ static int create_fwbin(char *path, char *bin, efi_guid_t *guid, struct efi_firmware_management_capsule_image_header image; struct auth_context auth_context; FILE *f; - uint8_t *data; + uint8_t *data, *new_data, *buf; off_t bin_size; uint64_t offset; int ret; + struct fmp_payload_header payload_header; #ifdef DEBUG fprintf(stderr, "For output: %s\n", path); @@ -423,6 +461,7 @@ static int create_fwbin(char *path, char *bin, efi_guid_t *guid, auth_context.sig_size = 0; f = NULL; data = NULL; + new_data = NULL; ret = -1; /* @@ -431,12 +470,31 @@ static int create_fwbin(char *path, char *bin, efi_guid_t *guid, if (read_bin_file(bin, &data, &bin_size)) goto err; + buf = data; + + /* insert fmp payload header right before the payload */ + if (fmp_ph_params->have_header) { + new_data = malloc(bin_size + sizeof(payload_header)); + if (!new_data) + goto err; + + payload_header.signature = FMP_PAYLOAD_HDR_SIGNATURE; + payload_header.header_size = sizeof(payload_header); + payload_header.fw_version = fmp_ph_params->fw_version; + payload_header.lowest_supported_version = + fmp_ph_params->lowest_supported_version; + memcpy(new_data, &payload_header, sizeof(payload_header)); + memcpy(new_data + sizeof(payload_header), data, bin_size); + buf = new_data; + bin_size += sizeof(payload_header); + } + /* first, calculate signature to determine its size */ if (privkey_file && cert_file) { auth_context.key_file = privkey_file; auth_context.cert_file = cert_file; auth_context.auth.monotonic_count = mcount; - auth_context.image_data = data; + auth_context.image_data = buf; auth_context.image_size = bin_size; if (create_auth_data(&auth_context)) { @@ -536,7 +594,7 @@ static int create_fwbin(char *path, char *bin, efi_guid_t *guid, /* * firmware binary */ - if (write_capsule_file(f, data, bin_size, "Firmware binary")) + if (write_capsule_file(f, buf, bin_size, "Firmware binary")) goto err; ret = 0; @@ -545,6 +603,7 @@ err: fclose(f); free_sig_data(&auth_context); free(data); + free(new_data); return ret; } @@ -644,6 +703,7 @@ int main(int argc, char **argv) unsigned long oemflags; char *privkey_file, *cert_file; int c, idx; + struct fmp_payload_header_params fmp_ph_params = { 0 }; guid = NULL; index = 0; @@ -679,6 +739,15 @@ int main(int argc, char **argv) case 'I': instance = strtoul(optarg, NULL, 0); break; + case 'f': + fmp_ph_params.have_header = true; + break; + case 'v': + fmp_ph_params.fw_version = strtoul(optarg, NULL, 0); + break; + case 'l': + fmp_ph_params.lowest_supported_version = strtoul(optarg, NULL, 0); + break; case 'p': if (privkey_file) { fprintf(stderr, @@ -747,11 +816,11 @@ int main(int argc, char **argv) if (capsule_type != CAPSULE_NORMAL_BLOB) { if (create_empty_capsule(argv[argc - 1], guid, capsule_type == CAPSULE_ACCEPT) < 0) { - fprintf(stderr, "Creating empty capsule failed\n"); + fprintf(stderr, "Creating empty capsulefailed\n"); exit(EXIT_FAILURE); } } else if (create_fwbin(argv[argc - 1], argv[argc - 2], guid, - index, instance, mcount, privkey_file, + index, instance, &fmp_ph_params, mcount, privkey_file, cert_file, (uint16_t)oemflags) < 0) { fprintf(stderr, "Creating firmware capsule failed\n"); exit(EXIT_FAILURE);