From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C4590C4332F for ; Tue, 18 Oct 2022 15:08:24 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id D813884F62; Tue, 18 Oct 2022 17:08:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="jiQevM5F"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 174ED84F63; Tue, 18 Oct 2022 17:08:20 +0200 (CEST) Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 4FEBA84EAF for ; Tue, 18 Oct 2022 17:08:16 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wr1-x431.google.com with SMTP id bp11so23995836wrb.9 for ; Tue, 18 Oct 2022 08:08:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=DB3ouG3/Ct0FEWSNAYzVT0FuUAx6cEnRLe6K07bZ1k0=; b=jiQevM5FNrh9q0ucCzptcNEJkHPpQZsEP8SmxzWy7FtVaSoTnb2wdAkwfy1MrMf/D/ JNqgu5dDeAoxgJSlM9igCofYtcrsU/m1za6IndR3Xdc9P0Y7BmChrgNhr2bfchQGk/3e EK93/EwadV8W8pq0KK2loSuZ2XIIRWtG+k4XG2kExfoV5HFELDckyPokt1URal4j2QHT XZqHY5nMjw1AGpdUkVbAW9MCwYXQBdc5xf5FgYHdYt0vPh97VJAzrLFmfTynlkEQhhiN Nd5luwNNR04qADOBtZMB6f5UcjGmt/m7Z2vQyKHZNDG8gAVOmf2nCDAnLfgZXAsiJRBg Ss+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=DB3ouG3/Ct0FEWSNAYzVT0FuUAx6cEnRLe6K07bZ1k0=; b=4B7/pA6wVM7i1Qr+pquBJTrlMzKrRvJujV3lBzI7V69qKvkpwcN+inB6vRELK3a2YE wFYBrkLem7jEzD7nUwtOlt5DoLND7f+VbH+YJIYkWPYD73C7YEuNhFHxmhkNdJSGtjiC 3/DOTjC9Mx5UG0ToF88ntQ5gebuPIL1FdH2XNeIgit7RLJCwPt7f0xvpBlXooQXNK+YW Ijd8mCj/uqAqyJdyab99fEuIb6EqU2bkXwocwjtH68jCPIooXur4fCPnojnjINCxxiOp ozMeizA4I+mLsk6OrxtagKAKLU1yxIi7T0KT7AwdCTqvJeobmeeGNMKjD3AEdIz/JFfN a7TA== X-Gm-Message-State: ACrzQf1jEbF/xExXjlwA6YqOh4CWrIWH9OZcRDq6BOdyP6AtcBVn5bGt xP2OVmh/lRmRZXKA6vJbJj1HfA== X-Google-Smtp-Source: AMsMyM4zuc5tT7bPfyCKYQcxNLn6TNd4Tcr+ukuK1CMkbckzXKxOlNLL/3kbjcoyvgh2g1DfrrMN2Q== X-Received: by 2002:a5d:688d:0:b0:22e:5fe2:35da with SMTP id h13-20020a5d688d000000b0022e5fe235damr2125687wru.660.1666105695776; Tue, 18 Oct 2022 08:08:15 -0700 (PDT) Received: from hera (ppp046103015185.access.hol.gr. [46.103.15.185]) by smtp.gmail.com with ESMTPSA id r18-20020a05600c35d200b003b3307fb98fsm11104084wmq.24.2022.10.18.08.08.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Oct 2022 08:08:15 -0700 (PDT) Date: Tue, 18 Oct 2022 18:08:12 +0300 From: Ilias Apalodimas To: Sughosh Ganu Cc: u-boot@lists.denx.de, Heinrich Schuchardt , Takahiro Akashi , Patrick Delaunay , Patrice Chotard , Simon Glass , Bin Meng , Tom Rini , Etienne Carriere , Michal Simek , Jassi Brar Subject: Re: [PATCH v14 03/15] FWU: Add FWU metadata access driver for GPT partitioned block devices Message-ID: References: <20221018114337.439816-1-sughosh.ganu@linaro.org> <20221018114337.439816-4-sughosh.ganu@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221018114337.439816-4-sughosh.ganu@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Hi Sughosh, [...] > +}; > + > +static int gpt_get_mdata_partitions(struct blk_desc *desc, > + uint mdata_parts[2]) > +{ > + int i, ret; > + u32 nparts; > + efi_guid_t part_type_guid; > + struct disk_partition info; > + const efi_guid_t fwu_mdata_guid = FWU_MDATA_GUID; > + > + nparts = 0; > + for (i = 1; i < MAX_SEARCH_PARTITIONS && nparts < 2; i++) { The 'nparts < 2' might hide an actual problem. Can we get rid of it and only rely on the test at the end? > + if (part_get_info(desc, i, &info)) > + continue; > + uuid_str_to_bin(info.type_guid, part_type_guid.b, > + UUID_STR_FORMAT_GUID); > + > + if (!guidcmp(&fwu_mdata_guid, &part_type_guid)) { > + mdata_parts[nparts] = i; > + ++nparts; > + } > + } > + > + if (nparts != 2) { > + log_debug("Expect two copies of the FWU metadata instead of %d\n", > + nparts); > + ret = -EINVAL; > + } else { > + ret = 0; > + } > + > + return ret; > +} > + > +static int gpt_get_mdata_disk_part(struct blk_desc *desc, > + struct disk_partition *info, > + u32 part_num) > +{ > + int ret; > + char *mdata_guid_str = "8a7a84a0-8387-40f6-ab41-a8b9a5a60d23"; > + > + ret = part_get_info(desc, part_num, info); > + if (ret < 0) { > + log_debug("Unable to get the partition info for the FWU metadata part %d\n", > + part_num); > + return -ENOENT; > + } > + > + /* Check that it is indeed the FWU metadata partition */ > + if (!strncmp(info->type_guid, mdata_guid_str, UUID_STR_LEN)) { > + /* Found the FWU metadata partition */ > + return 0; > + } Drop the comment and {} > + > + return -ENOENT; > +} > + > +static int gpt_read_write_mdata(struct blk_desc *desc, > + struct fwu_mdata *mdata, > + u8 access, u32 part_num) > +{ > + int ret; > + u32 len, blk_start, blkcnt; > + struct disk_partition info; > + > + ALLOC_CACHE_ALIGN_BUFFER_PAD(struct fwu_mdata, mdata_aligned, 1, > + desc->blksz); > + > + ret = gpt_get_mdata_disk_part(desc, &info, part_num); > + if (ret < 0) { > + printf("Unable to get the FWU metadata partition\n"); > + return -ENOENT; > + } > + > + len = sizeof(*mdata); > + blkcnt = BLOCK_CNT(len, desc); > + if (blkcnt > info.size) { > + log_debug("Block count exceeds FWU metadata partition size\n"); > + return -ERANGE; > + } > + > + blk_start = info.start; > + if (access == MDATA_READ) { > + if (blk_dread(desc, blk_start, blkcnt, mdata_aligned) != blkcnt) { > + log_debug("Error reading FWU metadata from the device\n"); > + return -EIO; > + } > + memcpy(mdata, mdata_aligned, sizeof(struct fwu_mdata)); I know we are using mdata in a 'controlled' way but I think it's better if we have a check against NULL in the top of the function > + } else { > + if (blk_dwrite(desc, blk_start, blkcnt, mdata) != blkcnt) { > + log_debug("Error writing FWU metadata to the device\n"); > + return -EIO; > + } > + } > + > + return 0; > +} > + > +static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) > +{ > + int ret; > + struct blk_desc *desc; > + uint mdata_parts[2]; > + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); > + > + desc = dev_get_uclass_plat(priv->blk_dev); > + > + ret = gpt_get_mdata_partitions(desc, mdata_parts); > + if (ret < 0) { > + log_debug("Error getting the FWU metadata partitions\n"); > + return -ENOENT; > + } > + > + /* First write the primary partition */ > + ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, mdata_parts[0]); > + if (ret < 0) { > + log_debug("Updating primary FWU metadata partition failed\n"); > + return ret; > + } > + > + /* And now the replica */ > + ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, mdata_parts[1]); > + if (ret < 0) { > + log_debug("Updating secondary FWU metadata partition failed\n"); > + return ret; > + } > + > + return 0; > +} > + > +static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) > +{ > + int ret; > + uint mdata_parts[2]; > + > + ret = gpt_get_mdata_partitions(desc, mdata_parts); > + > + if (ret < 0) { > + log_debug("Error getting the FWU metadata partitions\n"); > + return -ENOENT; > + } > + > + ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, mdata_parts[0]); > + if (ret < 0) { > + log_debug("Failed to read the FWU metadata from the device\n"); > + return -EIO; > + } > + > + ret = fwu_verify_mdata(mdata, 1); > + if (!ret) > + return 0; > + > + /* > + * Verification of the primary FWU metadata copy failed. > + * Try to read the replica. > + */ > + memset(mdata, '\0', sizeof(struct fwu_mdata)); > + ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, mdata_parts[1]); > + if (ret < 0) { > + log_debug("Failed to read the FWU metadata from the device\n"); > + return -EIO; > + } > + > + ret = fwu_verify_mdata(mdata, 0); > + if (!ret) > + return 0; Can we move this before writing potentially bogus data to part 1 and just fail early? > + > + /* Both the FWU metadata copies are corrupted. */ > + return -EIO; > +} > + > +static int fwu_gpt_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) > +{ > + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); > + > + return gpt_get_mdata(dev_get_uclass_plat(priv->blk_dev), mdata); > +} > + > +static int fwu_gpt_get_mdata_partitions(struct udevice *dev, uint *mdata_parts) > +{ > + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); > + > + return gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev), > + mdata_parts); > +} > + > +static int fwu_gpt_read_mdata_partition(struct udevice *dev, > + struct fwu_mdata *mdata, uint part_num) > +{ > + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); > + > + return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev), > + mdata, MDATA_READ, part_num); > +} > + > +static int fwu_gpt_write_mdata_partition(struct udevice *dev, > + struct fwu_mdata *mdata, uint part_num) > +{ > + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); > + > + return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev), > + mdata, MDATA_WRITE, part_num); > +} > + > +static int fwu_get_mdata_device(struct udevice *dev, struct udevice **mdata_dev) > +{ > + u32 phandle; > + int ret, size; > + struct udevice *parent; > + const fdt32_t *phandle_p = NULL; > + > + phandle_p = dev_read_prop(dev, "fwu-mdata-store", &size); > + if (!phandle_p) { > + log_debug("fwu-mdata-store property not found\n"); > + return -ENOENT; > + } > + > + phandle = fdt32_to_cpu(*phandle_p); > + > + ret = device_get_global_by_ofnode(ofnode_get_by_phandle(phandle), > + &parent); > + if (ret) > + return ret; > + > + return blk_get_from_parent(parent, mdata_dev); > +} > + > +static int fwu_mdata_gpt_blk_probe(struct udevice *dev) > +{ > + int ret; > + struct udevice *mdata_dev = NULL; > + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); > + > + ret = fwu_get_mdata_device(dev, &mdata_dev); > + if (ret) > + return ret; > + > + priv->blk_dev = mdata_dev; > + > + return 0; > +} > + > +static const struct fwu_mdata_ops fwu_gpt_blk_ops = { > + .get_mdata = fwu_gpt_get_mdata, > + .update_mdata = fwu_gpt_update_mdata, > + .get_mdata_part_num = fwu_gpt_get_mdata_partitions, > + .read_mdata_partition = fwu_gpt_read_mdata_partition, > + .write_mdata_partition = fwu_gpt_write_mdata_partition, > +}; > + > +static const struct udevice_id fwu_mdata_ids[] = { > + { .compatible = "u-boot,fwu-mdata-gpt" }, > + { } > +}; > + > +U_BOOT_DRIVER(fwu_mdata_gpt_blk) = { > + .name = "fwu-mdata-gpt-blk", > + .id = UCLASS_FWU_MDATA, > + .of_match = fwu_mdata_ids, > + .ops = &fwu_gpt_blk_ops, > + .probe = fwu_mdata_gpt_blk_probe, > + .priv_auto = sizeof(struct fwu_mdata_gpt_blk_priv), > +}; > diff --git a/include/fwu.h b/include/fwu.h > index 84c4ffacee..eb4ce19262 100644 > --- a/include/fwu.h > +++ b/include/fwu.h > @@ -14,6 +14,10 @@ > struct fwu_mdata; > struct udevice; > > +struct fwu_mdata_gpt_blk_priv { > + struct udevice *blk_dev; > +}; > + > /** > * @mdata_check: check the validity of the FWU metadata partitions > * @get_mdata() - Get a FWU metadata copy > -- > 2.34.1 > Thanks /Ilias