Re: [PATCHv4 2/5] fwu: move meta-data management in core

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: jassisinghbrar@gmail.com
Cc: u-boot@lists.denx.de, etienne.carriere@linaro.org,
	trini@konsulko.com, sjg@chromium.org, sughosh.ganu@linaro.org,
	xypron.glpk@gmx.de, patrick.delaunay@foss.st.com,
	patrice.chotard@foss.st.com,
	Jassi Brar <jaswinder.singh@linaro.org>
Subject: Re: [PATCHv4 2/5] fwu: move meta-data management in core
Date: Thu, 23 Feb 2023 10:35:58 +0200	[thread overview]
Message-ID: <Y/clbrxovaLjvdAh@hera> (raw)
In-Reply-To: <20230205030146.61432-1-jassisinghbrar@gmail.com>

Hi Jassi,

Apologies for the delay

On Sat, Feb 04, 2023 at 09:01:46PM -0600, jassisinghbrar@gmail.com wrote:
> From: Jassi Brar <jaswinder.singh@linaro.org>
>
> Instead of each i/f having to implement their own meta-data verification
> and storage, move the logic in common code. This simplifies the i/f code
> much simpler and compact.
>
> Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
> ---
>  drivers/fwu-mdata/fwu-mdata-uclass.c |  34 +++++++
>  include/fwu.h                        |  41 ++++++++
>  lib/fwu_updates/fwu.c                | 135 ++++++++++++++++++++++++++-
>  3 files changed, 206 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c
> index b477e9603f..e03773c584 100644
> --- a/drivers/fwu-mdata/fwu-mdata-uclass.c
> +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c
> @@ -16,6 +16,40 @@
>  #include <linux/types.h>
>  #include <u-boot/crc.h>
>
> +/**
> + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
> + *
> + * Return: 0 if OK, -ve on error
> + */
> +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
> +{
> +	const struct fwu_mdata_ops *ops = device_get_ops(dev);
> +
> +	if (!ops->read_mdata) {
> +		log_debug("read_mdata() method not defined\n");
> +		return -ENOSYS;
> +	}
> +
> +	return ops->read_mdata(dev, mdata, primary);
> +}
> +
> +/**
> + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
> + *
> + * Return: 0 if OK, -ve on error
> + */
> +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
> +{
> +	const struct fwu_mdata_ops *ops = device_get_ops(dev);
> +
> +	if (!ops->write_mdata) {
> +		log_debug("write_mdata() method not defined\n");
> +		return -ENOSYS;
> +	}
> +
> +	return ops->write_mdata(dev, mdata, primary);
> +}
> +
>  /**
>   * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers
>   * @dev: FWU metadata device
> diff --git a/include/fwu.h b/include/fwu.h
> index 0919ced812..1a700c9e6a 100644
> --- a/include/fwu.h
> +++ b/include/fwu.h
> @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv {
>   * @update_mdata() - Update the FWU metadata copy
>   */
>  struct fwu_mdata_ops {
> +	/**
> +	 * read_mdata() - Populate the asked FWU metadata copy
> +	 * @dev: FWU metadata device
> +	 * @mdata: Copy of the FWU metadata
> +	 * @primary: If primary or secondary copy of meta-data is to be read
> +	 *
> +	 * Return: 0 if OK, -ve on error
> +	 */
> +	int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> +
> +	/**
> +	 * write_mdata() - Write the given FWU metadata copy
> +	 * @dev: FWU metadata device
> +	 * @mdata: Copy of the FWU metadata
> +	 * @primary: If primary or secondary copy of meta-data is to be written
> +	 *
> +	 * Return: 0 if OK, -ve on error
> +	 */
> +	int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> +
>  	/**
>  	 * check_mdata() - Check if the FWU metadata is valid
>  	 * @dev:	FWU device
> @@ -126,6 +146,27 @@ struct fwu_mdata_ops {
>  	EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \
>  		 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
>
> +/**
> + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
> + */
> +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> +
> +/**
> + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
> + */
> +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> +
> +/**
> + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata
> + *
> + * Read both the metadata copies from the storage media, verify their checksum,
> + * and ascertain that both copies match. If one of the copies has gone bad,
> + * restore it from the good copy.
> + *
> + * Return: 0 if OK, -ve on error
> +*/
> +int fwu_get_verified_mdata(struct fwu_mdata *mdata);
> +
>  /**
>   * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies
>   *
> diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
> index 5313d07302..56299f1b2f 100644
> --- a/lib/fwu_updates/fwu.c
> +++ b/lib/fwu_updates/fwu.c
> @@ -15,13 +15,13 @@
>  #include <linux/errno.h>
>  #include <linux/types.h>
>
> +#include <u-boot/crc.h>
> +
> +static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */
> +static struct udevice *g_dev;
>  static u8 in_trial;
>  static u8 boottime_check;
>
> -#include <linux/errno.h>
> -#include <linux/types.h>
> -#include <u-boot/crc.h>
> -
>  enum {
>  	IMAGE_ACCEPT_SET = 1,
>  	IMAGE_ACCEPT_CLEAR,
> @@ -161,6 +161,133 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id)
>  	return -ENOENT;
>  }
>
> +/**
> + * fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided
> + * @mdata: FWU metadata structure
> + * @part: Bitmask of FWU metadata partitions to be written to
> + *
> + * Return: 0 if OK, -ve on error
> + */
> +static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
> +{
> +	void *buf = &mdata->version;
> +	int err = 0;
> +
> +	/*
> +	 * Calculate the crc32 for the updated FWU metadata
> +	 * and put the updated value in the FWU metadata crc32
> +	 * field
> +	 */
> +	mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
> +
> +	err = fwu_write_mdata(g_dev, mdata, part & PRIMARY_PART ? true : false);
> +	if (err) {
> +		log_err("Unable to write %s mdata\n",
> +				part & PRIMARY_PART ?  "primary": "secondary");
> +		return err;
> +	}
> +
> +	/* update the cached copy of meta-data */
> +	memcpy(&g_mdata, mdata, sizeof(struct fwu_mdata));
> +
> +	return 0;
> +}
> +
> +static inline int mdata_crc_check(struct fwu_mdata *mdata)
> +{
> +	void *buf = &mdata->version;
> +	u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
> +
> +	return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
> +}
> +
> +/**
> + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata
> + *
> + * Read both the metadata copies from the storage media, verify their checksum,
> + * and ascertain that both copies match. If one of the copies has gone bad,
> + * restore it from the good copy.
> + *
> + * Return: 0 if OK, -ve on error
> + */
> +int fwu_get_verified_mdata(struct fwu_mdata *mdata)
> +{
> +	int err;
> +	bool pri_ok, sec_ok;
> +	struct fwu_mdata s, *p_mdata, *s_mdata;
> +
> +	p_mdata = &g_mdata;
> +	s_mdata = &s;
> +
> +	/* if mdata already read and ready */
> +	err = mdata_crc_check(p_mdata);
> +	if (!err)
> +		goto ret_mdata;
> +	/* else read, verify and, if needed, fix mdata */
> +
> +	pri_ok = false;
> +	err = fwu_read_mdata(g_dev, p_mdata, true);
> +	if (!err) {
> +		err = mdata_crc_check(p_mdata);
> +		if (!err)
> +			pri_ok = true;
> +		else
> +			log_debug("primary mdata: crc32 failed\n");
> +	}
> +
> +	sec_ok = false;
> +	err = fwu_read_mdata(g_dev, s_mdata, false);
> +	if (!err) {
> +		err = mdata_crc_check(s_mdata);
> +		if (!err)
> +			sec_ok = true;
> +		else
> +			log_debug("secondary mdata: crc32 failed\n");
> +	}

Isn't it better to define pri_ok, sec_ok and their equivalent mdata as
arrays ? IOW something along the lines of

bool parts_ok[2] = { false };
struct fwu_mdata parts_mdata[2];

parts_mdata[0] = &g_mdata;
parts_mdata[1] = .....
for (i = 0; i < 2; i++) {
    err = fwu_read_mdata(g_dev, parts_mdata[i], !(i % 2) ? true : false);
    if (!err)
	err = mdata_crc_check(parts_mdata[i]);
	etc....
}

> +
> +	if (pri_ok && sec_ok) {

And then also adjust this part?

> +		/*
> +		 * Before returning, check that both the
> +		 * FWU metadata copies are the same.
> +		 */
> +		err = memcmp(p_mdata, s_mdata, sizeof(struct fwu_mdata));
> +		if (!err)
> +			goto ret_mdata;
> +
> +		/*
> +		 * If not, populate the secondary partition from the
> +		 * primary partition copy.
> +		 */
> +		log_info("Both FWU metadata copies are valid but do not match.");
> +		log_info(" Restoring the secondary partition from the primary\n");
> +		sec_ok = false;
> +	}
> +
> +	if (!pri_ok) {
> +		memcpy(p_mdata, s_mdata, sizeof(struct fwu_mdata));
> +		err = fwu_sync_mdata(p_mdata, PRIMARY_PART);
> +		if (err) {
> +			log_debug("mdata : primary write failed\n");
> +			return err;
> +		}
> +	}
> +
> +	if (!sec_ok) {
> +		memcpy(s_mdata, p_mdata, sizeof(struct fwu_mdata));
> +		err = fwu_sync_mdata(s_mdata, SECONDARY_PART);
> +		if (err) {
> +			log_debug("mdata : secondary write failed\n");
> +			return err;
> +		}
> +	}

And this could also be folded into a for loop

> +
> +ret_mdata:
> +	if (!err && mdata)
> +		memcpy(mdata, p_mdata, sizeof(struct fwu_mdata));
> +
> +	return err;
> +}
> +
>  /**
>   * fwu_verify_mdata() - Verify the FWU metadata
>   * @mdata: FWU metadata structure
> --
> 2.34.1
>

Thanks
/Ilias

next prev parent reply	other threads:[~2023-02-23  8:36 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-02-05  3:00 [PATCHv4 0/5] FWU: Handle meta-data in common code jassisinghbrar
2023-02-05  3:01 ` [PATCHv4 1/5] fwu: gpt: use cached meta-data partition numbers jassisinghbrar
2023-02-05  3:01 ` [PATCHv4 2/5] fwu: move meta-data management in core jassisinghbrar
2023-02-23  8:35   ` Ilias Apalodimas [this message]
2023-02-28  1:52     ` Jassi Brar
2023-02-27 16:30   ` Etienne Carriere
2023-02-27 16:46     ` Jassi Brar
2023-02-27 23:15       ` Etienne Carriere
2023-02-05  3:01 ` [PATCHv4 3/5] fwu: gpt: implement read_mdata and write_mdata callbacks jassisinghbrar
2023-02-05  3:02 ` [PATCHv4 4/5] fwu: meta-data: switch to management by common code jassisinghbrar
2023-02-21 18:23   ` Tom Rini
2023-02-23  8:37   ` Ilias Apalodimas
2023-02-05  3:02 ` [PATCHv4 5/5] fwu: rename fwu_get_verified_mdata to fwu_get_mdata jassisinghbrar
2023-02-06 22:00 ` [PATCHv4 0/5] FWU: Handle meta-data in common code Simon Glass
2023-02-21 20:08 ` Tom Rini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y/clbrxovaLjvdAh@hera \
    --to=ilias.apalodimas@linaro.org \
    --cc=etienne.carriere@linaro.org \
    --cc=jassisinghbrar@gmail.com \
    --cc=jaswinder.singh@linaro.org \
    --cc=patrice.chotard@foss.st.com \
    --cc=patrick.delaunay@foss.st.com \
    --cc=sjg@chromium.org \
    --cc=sughosh.ganu@linaro.org \
    --cc=trini@konsulko.com \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox