From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=tW7D=LX=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1CA59C11F66
	for <u-boot@archiver.kernel.org>; Tue, 29 Jun 2021 12:45:40 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 7D7A261D97
	for <u-boot@archiver.kernel.org>; Tue, 29 Jun 2021 12:45:39 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7D7A261D97
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 2515583158;
	Tue, 29 Jun 2021 14:45:37 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="HkMAxa3I";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id F3C3983169; Tue, 29 Jun 2021 14:45:35 +0200 (CEST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com
 [IPv6:2a00:1450:4864:20::529])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id AD54B82D80
 for <u-boot@lists.denx.de>; Tue, 29 Jun 2021 14:45:32 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-ed1-x529.google.com with SMTP id j11so5611845edq.6
 for <u-boot@lists.denx.de>; Tue, 29 Jun 2021 05:45:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=date:from:to:subject:message-id:references:mime-version
 :content-disposition:in-reply-to;
 bh=G/1s8naZe9B0EidGl3dD4xOIelv+dsVeC55r4cpb60U=;
 b=HkMAxa3IkBLB4ghUkcwXW1Ao26Jg0L2BMe3OOLzO0l18Pzby0P270Xs0TS5PEuZS+a
 HrN+WFkXFYQrIq/8E3xEk18LRw46wOCad0WBPftt8w1622WCIukU7n4L6/6TKyArKXx6
 mDNM10EmH2FQIhXaNtzZajoYFwRLDWnup+xcfz5Xl2+qcDRgne5K5ToIhmw9vQ+Sc62Q
 8jUN+HNTcLRkmbpmO8CZKgdcumDdxffIDgievPAibyGEiiwgBPXbkm6Dzuly+QC91ssG
 TzTyiwf/IcpGHPUJfPIyp+CbpI8PnXy4suMvBouAIsVK2NYrXfQnbgB0O/jpGkpri7yt
 Y03g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:subject:message-id:references
 :mime-version:content-disposition:in-reply-to;
 bh=G/1s8naZe9B0EidGl3dD4xOIelv+dsVeC55r4cpb60U=;
 b=tkn5WIUpmUjGQqV3YKiwbTUdSwpi1/F/t59mEu8nlGDXzhUTTcm++QBtGDkYjDMDGI
 Edz1Ijnt4bEPmNayly2iLanygyWXjwQw9wVrxPI+RSGXYzYmvUBTjq2wHdzu27zu3Rzj
 9zJYh411HiZAVZ0AqDRxNPyLlvTxdBmUYqcQuHFUbIbWqUB0YQIg+uq14E/skhyJaSgW
 +GS6kVU731vl+ZpJEfW6NFdS3egn9gHgfFWEdMbCA67qawmPVekkgI/RivQwZhGMBOYR
 IzhwzF4EHKb5Mo6YKyPO4z2WJIJBvYmIDlK9L+96wuY/O+Cr7JRoW1iEpq/AacW9OqWx
 CtZw==
X-Gm-Message-State: AOAM530hOt3fN/7pkKX5wyPOFvPcBVtMPSXWPlEaRE++FNuJta/5uEEx
 4aRSPjDioh3zEczyDKH2Y/8mmg==
X-Google-Smtp-Source: ABdhPJy7xnVI6JJT1R0tl97WfORZm+ifiL1ZjK+dOapkp8619RWs+ym0DVhUTjjkCDjEMeFHrL6J7A==
X-Received: by 2002:aa7:c0da:: with SMTP id j26mr40279237edp.38.1624970732375; 
 Tue, 29 Jun 2021 05:45:32 -0700 (PDT)
Received: from enceladus (ppp-94-66-243-100.home.otenet.gr. [94.66.243.100])
 by smtp.gmail.com with ESMTPSA id p17sm11352321eds.92.2021.06.29.05.45.31
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 29 Jun 2021 05:45:32 -0700 (PDT)
Date: Tue, 29 Jun 2021 15:45:29 +0300
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: AKASHI Takahiro <takahiro.akashi@linaro.org>,
 Heinrich Schuchardt <xypron.glpk@gmx.de>,
 masami.hiramatsu@linaro.org, pbrobinson@redhat.com,
 richard@hughsie.com, Alexander Graf <agraf@csgraf.de>, u-boot@lists.denx.de
Subject: Re: [PATCH] efi_loader: Allow capsule update on-disk without
 checking OsIndications
Message-ID: <YNsV6R33NS1MD8kd@enceladus>
References: <20210629045552.22372-1-ilias.apalodimas@linaro.org>
 <bd5cf1e5-5334-d6e6-9693-d60b813a27f6@gmx.de>
 <20210629124128.GB47632@laputa>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20210629124128.GB47632@laputa>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

> > > 
[...]
> > > +config EFI_IGNORE_OSINDICATIONS
> > > +	bool "Ignore OsIndications for CapsuleUpdate on-disk"
> > > +	depends on EFI_CAPSULE_ON_DISK
> > > +	default n
> > > +	help
> > > +	  There are boards were we can't support SetVariable at runtime.
> > > +	  Select this option if you want to use capsule-on-disk feature,
> > > +	  without setting the OsIndications bit.
> 
> Obviously, this option breaks the conformance to UEFI specification
> and must be turned on carefully in the limited use cases.
> You should describe that here explicitly.

Fair enough, I'll send a v2

> 
> Additionally, you may add
>    depends on !EFI_MM_COMM_TEE (or better config?)

That's not the case (yet).  I do have a kernel branch were SetVariable at
runtime is supported, but that's not merged yet.  So until this gets accepted
*all* the boards that want to perform a capsuleupdate on-disk without setting
the variable need this. 

Cheers
/Ilias
> 
> -Takahiro Akashi
> 
> 
> > >   config EFI_CAPSULE_ON_DISK_EARLY
> > >   	bool "Initiate capsule-on-disk at U-Boot boottime"
> > >   	depends on EFI_CAPSULE_ON_DISK
> > > diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
> > > index d7136035d8f9..50bed32bfb3b 100644
> > > --- a/lib/efi_loader/efi_capsule.c
> > > +++ b/lib/efi_loader/efi_capsule.c
> > > @@ -948,6 +948,33 @@ efi_status_t __weak efi_load_capsule_drivers(void)
> > >   	return ret;
> > >   }
> > > 
> > > +/**
> > > + * check_run_capsules - Check whether capsule update should run
> > > + *
> > > + * The spec says OsIndications must be set in order to run the capsule update
> > > + * on-disk.  Since U-Boot doesn't support runtime SetVariable, allow capsules to
> > > + * run explicitly if CONFIG_EFI_IGNORE_OSINDICATIONS is selected
> > > + */
> > > +static bool check_run_capsules(void)
> > > +{
> > > +	u64 os_indications;
> > > +	efi_uintn_t size;
> > > +	efi_status_t ret;
> > > +
> > > +	if (IS_ENABLED(CONFIG_EFI_IGNORE_OSINDICATIONS))
> > > +		return true;
> > > +
> > > +	size = sizeof(os_indications);
> > > +	ret = efi_get_variable_int(L"OsIndications", &efi_global_variable_guid,
> > > +				   NULL, &size, &os_indications, NULL);
> > > +	if (ret == EFI_SUCCESS &&
> > > +	    (os_indications
> > > +	      & EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED))
> > 
> > The bit EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED must be
> > cleared in OsIndications after successfully applying the capsule. See
> > related patch
> > 
> > [PATCH 1/1] efi_loader: fix set_capsule_result()
> > https://lists.denx.de/pipermail/u-boot/2021-June/453111.html
> > 
> > Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
> > 
> > > +		return true;
> > > +
> > > +	return false;
> > > +}
> > > +
> > >   /**
> > >    * efi_launch_capsule - launch capsules
> > >    *
> > > @@ -958,20 +985,13 @@ efi_status_t __weak efi_load_capsule_drivers(void)
> > >    */
> > >   efi_status_t efi_launch_capsules(void)
> > >   {
> > > -	u64 os_indications;
> > > -	efi_uintn_t size;
> > >   	struct efi_capsule_header *capsule = NULL;
> > >   	u16 **files;
> > >   	unsigned int nfiles, index, i;
> > >   	u16 variable_name16[12];
> > >   	efi_status_t ret;
> > > 
> > > -	size = sizeof(os_indications);
> > > -	ret = efi_get_variable_int(L"OsIndications", &efi_global_variable_guid,
> > > -				   NULL, &size, &os_indications, NULL);
> > > -	if (ret != EFI_SUCCESS ||
> > > -	    !(os_indications
> > > -	      & EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED))
> > > +	if (!check_run_capsules())
> > >   		return EFI_SUCCESS;
> > > 
> > >   	index = get_last_capsule();
> > > 
> >