From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Sughosh Ganu <sughosh.ganu@linaro.org>
Cc: u-boot@lists.denx.de, Heinrich Schuchardt <xypron.glpk@gmx.de>,
Takahiro Akashi <takahiro.akashi@linaro.org>,
Patrick Delaunay <patrick.delaunay@foss.st.com>,
Patrice Chotard <patrice.chotard@foss.st.com>,
Simon Glass <sjg@chromium.org>, Bin Meng <bmeng.cn@gmail.com>,
Tom Rini <trini@konsulko.com>,
Etienne Carriere <etienne.carriere@linaro.org>,
Michal Simek <monstr@monstr.eu>,
Jassi Brar <jaswinder.singh@linaro.org>
Subject: Re: [PATCH v9 13/15] mkeficapsule: Add support for generating empty capsules
Date: Thu, 22 Sep 2022 16:26:37 +0300 [thread overview]
Message-ID: <YyxijWbDxV2Zn5Hy@hades> (raw)
In-Reply-To: <20220826095716.1676150-14-sughosh.ganu@linaro.org>
On Fri, Aug 26, 2022 at 03:27:14PM +0530, Sughosh Ganu wrote:
> The Dependable Boot specification[1] describes the structure of the
> firmware accept and revert capsules. These are empty capsules which
> are used for signalling the acceptance or rejection of the updated
> firmware by the OS. Add support for generating these empty capsules.
>
> [1] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
>
> Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
> ---
> Changes since V8: None
>
> doc/mkeficapsule.1 | 29 +++++++++----
> tools/eficapsule.h | 8 ++++
> tools/mkeficapsule.c | 96 ++++++++++++++++++++++++++++++++++++++++----
> 3 files changed, 119 insertions(+), 14 deletions(-)
>
> diff --git a/doc/mkeficapsule.1 b/doc/mkeficapsule.1
> index 09bdc24295..77ca061efd 100644
> --- a/doc/mkeficapsule.1
> +++ b/doc/mkeficapsule.1
> @@ -8,7 +8,7 @@ mkeficapsule \- Generate EFI capsule file for U-Boot
>
> .SH SYNOPSIS
> .B mkeficapsule
> -.RI [ options "] " image-blob " " capsule-file
> +.RI [ options ] " " [ image-blob ] " " capsule-file
>
> .SH "DESCRIPTION"
> .B mkeficapsule
> @@ -23,8 +23,13 @@ Optionally, a capsule file can be signed with a given private key.
> In this case, the update will be authenticated by verifying the signature
> before applying.
>
> +Additionally, an empty capsule file can be generated for acceptance or
> +rejection of firmware images by a governing component like an Operating
> +System. The empty capsules do not require an image-blob input file.
> +
> +
> .B mkeficapsule
> -takes any type of image files, including:
> +takes any type of image files when generating non empty capsules, including:
> .TP
> .I raw image
> format is a single binary blob of any type of firmware.
> @@ -36,18 +41,16 @@ multiple binary blobs in a single capsule file.
> This type of image file can be generated by
> .BR mkimage .
>
> -.PP
> -If you want to use other types than above two, you should explicitly
> -specify a guid for the FMP driver.
> -
> .SH "OPTIONS"
> +
> .TP
> .BI "-g\fR,\fB --guid " guid-string
> Specify guid for image blob type. The format is:
> xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
>
> The first three elements are in little endian, while the rest
> -is in big endian.
> +is in big endian. The option must be specified for all non empty and
> +image acceptance capsules
>
> .TP
> .BI "-i\fR,\fB --index " index
> @@ -57,6 +60,18 @@ Specify an image index
> .BI "-I\fR,\fB --instance " instance
> Specify a hardware instance
>
> +.PP
> +For generation of firmware accept empty capsule
> +.BR --guid
> +is mandatory
> +.TP
> +.BI "-A\fR,\fB --fw-accept "
> +Generate a firmware acceptance empty capsule
> +
> +.TP
> +.BI "-R\fR,\fB --fw-revert "
> +Generate a firmware revert empty capsule
> +
> .TP
> .BR -h ", " --help
> Print a help message
> diff --git a/tools/eficapsule.h b/tools/eficapsule.h
> index d63b831443..072a4b5598 100644
> --- a/tools/eficapsule.h
> +++ b/tools/eficapsule.h
> @@ -41,6 +41,14 @@ typedef struct {
> EFI_GUID(0x4aafd29d, 0x68df, 0x49ee, 0x8a, 0xa9, \
> 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7)
>
> +#define FW_ACCEPT_OS_GUID \
> + EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \
> + 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
> +
> +#define FW_REVERT_OS_GUID \
> + EFI_GUID(0xacd58b4b, 0xc0e8, 0x475f, 0x99, 0xb5, \
> + 0x6b, 0x3f, 0x7e, 0x07, 0xaa, 0xf0)
> +
> /* flags */
> #define CAPSULE_FLAGS_PERSIST_ACROSS_RESET 0x00010000
>
> diff --git a/tools/mkeficapsule.c b/tools/mkeficapsule.c
> index 5f74d23b9e..25bfb39e5b 100644
> --- a/tools/mkeficapsule.c
> +++ b/tools/mkeficapsule.c
> @@ -29,7 +29,13 @@ static const char *tool_name = "mkeficapsule";
> efi_guid_t efi_guid_fm_capsule = EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
> efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
>
> -static const char *opts_short = "g:i:I:v:p:c:m:dh";
> +static const char *opts_short = "g:i:I:v:p:c:m:dhAR";
> +
> +enum {
> + CAPSULE_NORMAL_BLOB = 0,
> + CAPSULE_ACCEPT,
> + CAPSULE_REVERT,
> +} capsule_type;
>
> static struct option options[] = {
> {"guid", required_argument, NULL, 'g'},
> @@ -39,6 +45,8 @@ static struct option options[] = {
> {"certificate", required_argument, NULL, 'c'},
> {"monotonic-count", required_argument, NULL, 'm'},
> {"dump-sig", no_argument, NULL, 'd'},
> + {"fw-accept", no_argument, NULL, 'A'},
> + {"fw-revert", no_argument, NULL, 'R'},
> {"help", no_argument, NULL, 'h'},
> {NULL, 0, NULL, 0},
> };
> @@ -55,6 +63,8 @@ static void print_usage(void)
> "\t-c, --certificate <cert file> signer's certificate file\n"
> "\t-m, --monotonic-count <count> monotonic count\n"
> "\t-d, --dump_sig dump signature (*.p7)\n"
> + "\t-A, --fw-accept firmware accept capsule, requires GUID, no image blob\n"
> + "\t-R, --fw-revert firmware revert capsule, takes no GUID, no image blob\n"
> "\t-h, --help print a help message\n",
> tool_name);
> }
> @@ -564,6 +574,49 @@ void convert_uuid_to_guid(unsigned char *buf)
> buf[7] = c;
> }
>
> +static int create_empty_capsule(char *path, efi_guid_t *guid, bool fw_accept)
> +{
> + struct efi_capsule_header header = { 0 };
> + FILE *f = NULL;
> + int ret = -1;
> + efi_guid_t fw_accept_guid = FW_ACCEPT_OS_GUID;
> + efi_guid_t fw_revert_guid = FW_REVERT_OS_GUID;
> + efi_guid_t capsule_guid;
> +
> + f = fopen(path, "w");
> + if (!f) {
> + fprintf(stderr, "cannot open %s\n", path);
> + goto err;
> + }
> +
> + capsule_guid = fw_accept ? fw_accept_guid : fw_revert_guid;
> +
> + memcpy(&header.capsule_guid, &capsule_guid, sizeof(efi_guid_t));
> + header.header_size = sizeof(header);
> + header.flags = 0;
> +
> + header.capsule_image_size = fw_accept ?
> + sizeof(header) + sizeof(efi_guid_t) : sizeof(header);
> +
> + if (write_capsule_file(f, &header, sizeof(header),
> + "Capsule header"))
> + goto err;
> +
> + if (fw_accept) {
> + if (write_capsule_file(f, guid, sizeof(*guid),
> + "FW Accept Capsule Payload"))
> + goto err;
> + }
> +
> + ret = 0;
> +
> +err:
> + if (f)
> + fclose(f);
> +
> + return ret;
> +}
> +
> /**
> * main - main entry function of mkeficapsule
> * @argc: Number of arguments
> @@ -592,6 +645,7 @@ int main(int argc, char **argv)
> privkey_file = NULL;
> cert_file = NULL;
> dump_sig = 0;
> + capsule_type = CAPSULE_NORMAL_BLOB;
> for (;;) {
> c = getopt_long(argc, argv, opts_short, options, &idx);
> if (c == -1)
> @@ -639,22 +693,50 @@ int main(int argc, char **argv)
> case 'd':
> dump_sig = 1;
> break;
> - case 'h':
> + case 'A':
> + if (capsule_type) {
> + fprintf(stderr,
> + "Select either of Accept or Revert capsule generation\n");
> + exit(1);
> + }
> + capsule_type = CAPSULE_ACCEPT;
> + break;
> + case 'R':
> + if (capsule_type) {
> + fprintf(stderr,
> + "Select either of Accept or Revert capsule generation\n");
> + exit(1);
> + }
> + capsule_type = CAPSULE_REVERT;
> + break;
> + default:
> print_usage();
> exit(EXIT_SUCCESS);
> }
> }
>
> /* check necessary parameters */
> - if ((argc != optind + 2) || !guid ||
> - ((privkey_file && !cert_file) ||
> - (!privkey_file && cert_file))) {
> + if ((capsule_type == CAPSULE_NORMAL_BLOB &&
> + ((argc != optind + 2) || !guid ||
> + ((privkey_file && !cert_file) ||
> + (!privkey_file && cert_file)))) ||
> + (capsule_type != CAPSULE_NORMAL_BLOB &&
> + ((argc != optind + 1) ||
> + ((capsule_type == CAPSULE_ACCEPT) && !guid) ||
> + ((capsule_type == CAPSULE_REVERT) && guid)))) {
> print_usage();
> exit(EXIT_FAILURE);
> }
>
> - if (create_fwbin(argv[argc - 1], argv[argc - 2], guid, index, instance,
> - mcount, privkey_file, cert_file) < 0) {
> + if (capsule_type != CAPSULE_NORMAL_BLOB) {
> + if (create_empty_capsule(argv[argc - 1], guid,
> + capsule_type == CAPSULE_ACCEPT) < 0) {
> + fprintf(stderr, "Creating empty capsule failed\n");
> + exit(EXIT_FAILURE);
> + }
> + } else if (create_fwbin(argv[argc - 1], argv[argc - 2], guid,
> + index, instance, mcount, privkey_file,
> + cert_file) < 0) {
> fprintf(stderr, "Creating firmware capsule failed\n");
> exit(EXIT_FAILURE);
> }
> --
> 2.34.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
next prev parent reply other threads:[~2022-09-22 13:26 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-26 9:57 [PATCH v9 00/15] FWU: Add FWU Multi Bank Update feature support Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 01/15] dt/bindings: Add bindings for GPT based FWU Metadata storage device Sughosh Ganu
2022-09-04 7:09 ` Ilias Apalodimas
2022-09-06 7:35 ` Etienne Carriere
2022-08-26 9:57 ` [PATCH v9 02/15] FWU: Add FWU metadata structure and driver for accessing metadata Sughosh Ganu
2022-09-06 7:36 ` Etienne Carriere
2022-09-07 6:45 ` Ilias Apalodimas
2022-09-07 11:02 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 03/15] FWU: Add FWU metadata access driver for GPT partitioned block devices Sughosh Ganu
2022-09-06 7:01 ` Etienne Carriere
2022-09-06 7:12 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 04/15] stm32mp1: dk2: Add a node for the FWU metadata device Sughosh Ganu
2022-09-06 7:37 ` Etienne Carriere
2022-08-26 9:57 ` [PATCH v9 05/15] stm32mp1: dk2: Add image information for capsule updates Sughosh Ganu
2022-09-04 7:11 ` Ilias Apalodimas
2022-09-05 19:18 ` Etienne Carriere
2022-09-06 7:08 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 06/15] FWU: Add helper functions for accessing FWU metadata Sughosh Ganu
2022-09-06 7:39 ` Etienne Carriere
2022-09-07 5:59 ` Ilias Apalodimas
2022-09-07 11:05 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 07/15] FWU: STM32MP1: Add support to read boot index from backup register Sughosh Ganu
2022-09-06 7:27 ` Etienne Carriere
2022-09-06 7:37 ` Sughosh Ganu
2022-09-06 7:44 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 08/15] event: Add an event for main_loop Sughosh Ganu
2022-08-27 0:20 ` Simon Glass
2022-08-26 9:57 ` [PATCH v9 09/15] FWU: Add boot time checks as highlighted by the FWU specification Sughosh Ganu
2022-09-06 6:58 ` Etienne Carriere
2022-09-06 7:01 ` Etienne Carriere
2022-09-06 7:11 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 10/15] FWU: Add support for the FWU Multi Bank Update feature Sughosh Ganu
2022-09-07 13:34 ` Ilias Apalodimas
2022-09-08 2:15 ` Takahiro Akashi
2022-09-08 6:34 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 11/15] FWU: cmd: Add a command to read FWU metadata Sughosh Ganu
2022-09-06 7:59 ` Etienne Carriere
2022-08-26 9:57 ` [PATCH v9 12/15] test: dm: Add test cases for FWU Metadata uclass Sughosh Ganu
2022-09-04 7:10 ` Ilias Apalodimas
2022-08-26 9:57 ` [PATCH v9 13/15] mkeficapsule: Add support for generating empty capsules Sughosh Ganu
2022-09-22 13:26 ` Ilias Apalodimas [this message]
2022-08-26 9:57 ` [PATCH v9 14/15] mkeficapsule: Add support for setting OEM flags in capsule header Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 15/15] FWU: doc: Add documentation for the FWU feature Sughosh Ganu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YyxijWbDxV2Zn5Hy@hades \
--to=ilias.apalodimas@linaro.org \
--cc=bmeng.cn@gmail.com \
--cc=etienne.carriere@linaro.org \
--cc=jaswinder.singh@linaro.org \
--cc=monstr@monstr.eu \
--cc=patrice.chotard@foss.st.com \
--cc=patrick.delaunay@foss.st.com \
--cc=sjg@chromium.org \
--cc=sughosh.ganu@linaro.org \
--cc=takahiro.akashi@linaro.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.