[RFC PATCH 13/14] FWU: synquacer: Initialize broken metadata

[Masami Hiramatsu <masami.hiramatsu@linaro.org>]

Since the FWU metadata is not initialized at the installation,
if it is broken, it should be initialized. Usually, the FWU
metadata is not covered by capsule update, so it is safe to
initialize the metadata portion if it seems broken.

But for the production device, usually firmware will be installed
with initialized metadata, and the broken metadata means the
device can be compromized. In that case, build U-Boot without
this option.

Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
---
 board/socionext/developerbox/Kconfig    |   12 ++++++
 board/socionext/developerbox/fwu_plat.c |   59 +++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+)

diff --git a/board/socionext/developerbox/Kconfig b/board/socionext/developerbox/Kconfig
index 4e2c341aad..1b36e10f3b 100644
--- a/board/socionext/developerbox/Kconfig
+++ b/board/socionext/developerbox/Kconfig
@@ -51,4 +51,16 @@ config FWU_SF_PRIMARY_MDATA_OFFSET
 config FWU_SF_SECONDARY_MDATA_OFFSET
 	default 0x520000
 
+config FWU_INIT_BROKEN_METADATA
+	bool "Initialize FWU metadata if broken"
+	select BOARD_LATE_INIT
+	default n
+	help
+	  Initialize FWU metadata if the metadata is broken.
+	  This option is only for the development environment, since if the
+	  metadata is broken, it means someone may compromize it. In that case
+	  the production device must be bricked.
+	  But for the development environment, or initial installation of the
+	  FWU multi-bank update firmware, this will be useful.
+
 endif
diff --git a/board/socionext/developerbox/fwu_plat.c b/board/socionext/developerbox/fwu_plat.c
index dbb814f1fd..2982e47a16 100644
--- a/board/socionext/developerbox/fwu_plat.c
+++ b/board/socionext/developerbox/fwu_plat.c
@@ -156,3 +156,62 @@ struct fwu_mdata_ops *get_plat_fwu_mdata_ops(void)
 	return fwu_sf_get_fwu_mdata_ops();
 }
 
+#ifdef CONFIG_FWU_INIT_BROKEN_METADATA
+
+static void devbox_init_fwu_mdata(void)
+{
+	const efi_guid_t null_guid = NULL_GUID;
+	struct fwu_image_bank_info *bank;
+	struct fwu_mdata *metadata;
+	int i, j, ret;
+
+	metadata = memalign(ARCH_DMA_MINALIGN, sizeof(*metadata));
+	if (!metadata) {
+		log_err("Failed to allocate initial metadata.\n");
+		return;
+	}
+
+	metadata->version = 1;
+	metadata->active_index = 0;
+	metadata->previous_active_index = 0;
+
+	/*
+	 * Since the DeveloperBox doesn't use GPT, both of
+	 * fwu_image_entry::location_uuid and
+	 * fwu_img_bank_info::image_uuid are null GUID.
+	 */
+	for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
+		guidcpy(&metadata->img_entry[i].image_type_uuid,
+			&devbox_fip_image_type_guid);
+		guidcpy(&metadata->img_entry[i].location_uuid,
+			&null_guid);
+		bank = metadata->img_entry[i].img_bank_info;
+
+		for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) {
+			guidcpy(&bank[j].image_uuid, &null_guid);
+			bank[j].accepted = (j == 0) ? 1 : 0;
+			bank[j].reserved = 0;
+		}
+	}
+
+	ret = fwu_update_mdata(metadata);
+	if (ret < 0)
+		log_err("Failed to initialize FWU metadata\n");
+	else
+		log_err("Initialized FWU metadata\n");
+	free(metadata);
+}
+
+int board_late_init(void)
+{
+	struct fwu_mdata *metadata;
+
+	if (fwu_get_mdata(&metadata) < 0) {
+		// Initialize FWU metadata if broken
+		log_err("Unable to get a valid metadata. Initialize it.\n");
+		devbox_init_fwu_mdata();
+	}
+	return 0;
+}
+
+#endif