[RFC PATCH v2 7/8] FWU: synquacer: Initialize broken metadata

[Masami Hiramatsu <masami.hiramatsu@linaro.org>]

Since the FWU metadata is not initialized at the installation,
if it is broken, it should be initialized. Usually, the FWU
metadata is not covered by capsule update, so it is safe to
initialize the metadata portion if it seems broken.

But for the production device, usually firmware will be installed
with initialized metadata, and the broken metadata means the
device can be compromized. In that case, build U-Boot without
this option.

Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
---
 board/socionext/developerbox/Kconfig    |   12 ++++++
 board/socionext/developerbox/fwu_plat.c |   60 +++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+)

diff --git a/board/socionext/developerbox/Kconfig b/board/socionext/developerbox/Kconfig
index 4120098cab..9fbe8d1e74 100644
--- a/board/socionext/developerbox/Kconfig
+++ b/board/socionext/developerbox/Kconfig
@@ -44,4 +44,16 @@ config FWU_NUM_BANKS
 config FWU_NUM_IMAGES_PER_BANK
 	default 1
 
+config FWU_INIT_BROKEN_METADATA
+	bool "Initialize FWU metadata if broken"
+	select BOARD_LATE_INIT
+	default n
+	help
+	  Initialize FWU metadata if the metadata is broken.
+	  This option is only for the development environment, since if the
+	  metadata is broken, it means someone may compromize it. In that case
+	  the production device must be bricked.
+	  But for the development environment, or initial installation of the
+	  FWU multi-bank update firmware, this will be useful.
+
 endif
diff --git a/board/socionext/developerbox/fwu_plat.c b/board/socionext/developerbox/fwu_plat.c
index cbbbd58bc0..1892f79660 100644
--- a/board/socionext/developerbox/fwu_plat.c
+++ b/board/socionext/developerbox/fwu_plat.c
@@ -176,3 +176,63 @@ void fwu_plat_get_bootidx(void *boot_idx)
 	else
 		*bootidx = devbox_plat_metadata->boot_index;
 }
+
+#ifdef CONFIG_FWU_INIT_BROKEN_METADATA
+
+static void devbox_init_fwu_mdata(void)
+{
+	const efi_guid_t null_guid = NULL_GUID;
+	struct fwu_image_bank_info *bank;
+	struct fwu_mdata *metadata;
+	int i, j, ret;
+
+	metadata = memalign(ARCH_DMA_MINALIGN, sizeof(*metadata));
+	if (!metadata) {
+		log_err("Failed to allocate initial metadata.\n");
+		return;
+	}
+
+	metadata->version = 1;
+	metadata->active_index = 0;
+	metadata->previous_active_index = 0;
+
+	/*
+	 * Since the DeveloperBox doesn't use GPT, both of
+	 * fwu_image_entry::location_uuid and
+	 * fwu_img_bank_info::image_uuid are null GUID.
+	 */
+	for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
+		guidcpy(&metadata->img_entry[i].image_type_uuid,
+			&devbox_fip_image_type_guid);
+		guidcpy(&metadata->img_entry[i].location_uuid,
+			&null_guid);
+		bank = metadata->img_entry[i].img_bank_info;
+
+		for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) {
+			guidcpy(&bank[j].image_uuid, &null_guid);
+			bank[j].accepted = (j == 0) ? 1 : 0;
+			bank[j].reserved = 0;
+		}
+	}
+
+	ret = fwu_update_mdata(metadata);
+	if (ret < 0)
+		log_err("Failed to initialize FWU metadata\n");
+	else
+		log_err("Initialized FWU metadata\n");
+	free(metadata);
+}
+
+int board_late_init(void)
+{
+	struct fwu_mdata *metadata;
+
+	if (fwu_get_mdata(&metadata) < 0) {
+		// Initialize FWU metadata if broken
+		log_err("Unable to get a valid metadata. Initialize it.\n");
+		devbox_init_fwu_mdata();
+	}
+	return 0;
+}
+
+#endif