From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 3099EC001DF
	for <u-boot@archiver.kernel.org>; Thu, 27 Jul 2023 00:46:48 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id C78D2865B0;
	Thu, 27 Jul 2023 02:46:45 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="sQ9fSL5c";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 4F7C9865B0; Thu, 27 Jul 2023 02:46:44 +0200 (CEST)
Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com
 [IPv6:2607:f8b0:4864:20::635])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 1D12686377
 for <u-boot@lists.denx.de>; Thu, 27 Jul 2023 02:46:41 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=takahiro.akashi@linaro.org
Received: by mail-pl1-x635.google.com with SMTP id
 d9443c01a7336-1bb91c20602so512725ad.0
 for <u-boot@lists.denx.de>; Wed, 26 Jul 2023 17:46:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1690418799; x=1691023599;
 h=in-reply-to:content-disposition:mime-version:references
 :mail-followup-to:message-id:subject:cc:to:from:date:from:to:cc
 :subject:date:message-id:reply-to;
 bh=KsAb50GdVNoGoP5778tAlxezWJQl8jA0zeKshdeVyUE=;
 b=sQ9fSL5clw3UkvWIR/QkCBiM2eSEpEx174LQlzMCQ1Ralivt58Jn4HhTgb8shDZfdK
 MWu44SGlRzxiwxI9rj+l+7/0bufpam/N7/cxlqu/ApIg6+gHEFUDp+zAiMHx1gL4OM1q
 nQZA8S44o5QVAd+sCmGBDBHTmTSH2d0RCU8TYtHpympn/Ti/N29avYps/P28baESr+7k
 9AI9jR/OSggTgDiymP5P5szQLHTCwg7zEPr+VFpfn6NBJ+ud2+/UayElMRyviz6Ksx5Z
 FhvUEfucapdfz3jZJJjo4dptaFl8MK9PSLtHQy5Wp8r73LaRxE6/WjJe5pW1tbg/QNLD
 CpRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1690418799; x=1691023599;
 h=in-reply-to:content-disposition:mime-version:references
 :mail-followup-to:message-id:subject:cc:to:from:date
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=KsAb50GdVNoGoP5778tAlxezWJQl8jA0zeKshdeVyUE=;
 b=dxBrYrPgU6bjj2GxvyFbECepgpmC0v9dSBLKx08f6DUZQgHOzAA5YCUwTa/KQWnROM
 sHYM+sgQaev5UQJSGGkpAQ5c+I9uGE2INEY2aOohdZpCSUUvzpY4S2FIP11lKaYc4UP7
 3tW9B2xaZdLq1/tEaBzVXH7aVuJL+YKdD8NKTXw0ocFtDiS/eIvjqG2EsUfmj0IMkCrX
 D3zBnCXKaM+bxmasFIof5FFDF20kXxnnOm/ahAu8sbaqS+cdE/5To3JHYG0+5yBAFuWg
 37u01NzLQwUH8NCaoaDN5tIs/0KpjIKaFC5Zi4aDnV8lK3u79qMNLyQ141MyhjC6bcli
 9wcg==
X-Gm-Message-State: ABy/qLbbAmuPkFcdWc8+Xjo7MBQOygCUAsuiqsFLIJht0B8zou5gJUpT
 eJobu3mMHWUvY7/XnXf+ERfVWw==
X-Google-Smtp-Source: APBJJlFX90TPpnyN/L3xnyW5Cc7QZKsVsmHqJG2nRfRQQt+ysPHXIKRwFqUe7gHYyRaO753zgr5wfQ==
X-Received: by 2002:a17:902:ced0:b0:1b8:17e8:547e with SMTP id
 d16-20020a170902ced000b001b817e8547emr4513908plg.1.1690418799157; 
 Wed, 26 Jul 2023 17:46:39 -0700 (PDT)
Received: from laputa ([2400:4050:c3e1:100:2103:cbda:74f4:860a])
 by smtp.gmail.com with ESMTPSA id
 je20-20020a170903265400b001bb9f104333sm178191plb.12.2023.07.26.17.46.36
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 26 Jul 2023 17:46:38 -0700 (PDT)
Date: Thu, 27 Jul 2023 09:46:35 +0900
From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: Michal Simek <michal.simek@amd.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Sughosh Ganu <sughosh.ganu@linaro.org>, u-boot@lists.denx.de,
 git@xilinx.com
Subject: Re: [PATCH] efi_loader: Allow also empty capsule to be process
Message-ID: <ZMG-a0Y9x7LuCe4B@laputa>
Mail-Followup-To: AKASHI Takahiro <takahiro.akashi@linaro.org>,
 Michal Simek <michal.simek@amd.com>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Sughosh Ganu <sughosh.ganu@linaro.org>, u-boot@lists.denx.de,
 git@xilinx.com
References: <7e87e112-1668-83c7-6faf-b2c4dca24b56@amd.com>
 <CADg8p95vhowxdAdU-ik66GCGAQ37Mgi1req=DY3eUX1WvJFETA@mail.gmail.com>
 <b9e7fe14-170a-caea-d960-b52b3f78f744@amd.com>
 <CADg8p95sr0-yVW79VzFU3jwQU5HVgao5Neq2KahyecJGG7nerA@mail.gmail.com>
 <2b980833-f401-5f68-683f-b81d7469dcfe@amd.com>
 <CADg8p94y8qQAXrMd_vmpj9yf2ugzfXotfn6mZ7qddWVcSS8qZw@mail.gmail.com>
 <72032712-63e9-fc79-245b-a67383962e54@gmx.de>
 <ZLoOJN-5EKvcDLuv@laputa>
 <CAC_iWjKeahLgoBdsWJKh5_OYiCsaPp2ROtLLFPMKpob73nUHVg@mail.gmail.com>
 <085a575a-f1f8-b2b9-762a-e9a25246b557@amd.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <085a575a-f1f8-b2b9-762a-e9a25246b557@amd.com>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de
X-Virus-Status: Clean

Hi Michal, Sughosh,

On Wed, Jul 26, 2023 at 06:36:56PM +0200, Michal Simek wrote:
> 
> 
> On 7/26/23 15:07, Ilias Apalodimas wrote:
> > Hi all
> > 
> > [...]
> > 
> > > > > 
> > > > 
> > > > Hello Sugosh,
> > > > 
> > > > fwu_empty_capsule() detects an empty capsule as one with a GUID
> > > > fwu_guid_os_request_fw_revert or fwu_guid_os_request_fw_accept.
> > > > 
> > > > I am not aware of a requirement in the UEFI specification to treat
> > > > capsules read from file in a different way than capsules passed via
> > > > UpdateCapsule(). Is there any reason why UpdateCapsule() should not
> > > > process an empty capsule when called from a boot-time EFI application?
> > > 
> > > Here is a story behind efi_update_capsule():
> > > ===
> > > commit a6aafce494ab
> > > Author: Masami Hiramatsu <masami.hiramatsu@linaro.org>
> > > Date:   Wed Feb 16 15:15:42 2022 +0900
> > > 
> > >      efi_loader: use efi_update_capsule_firmware() for capsule on disk
> > > ===
> > > 
> > > I still believe that this is a valid change, but we should have
> > > moved 'capsule->capsule_guid' check into efi_update_capsule_firmware()
> > > at the same time.
> > 
> > I agree with Akashi-san here.  I am also fine with this patchset since
> > running the A/B update from an EFI app should work. But can we do a v2
> > with 2 patches?
> > #1 move the capsule check along with the empty capsule checks in
> > efi_update_capsule_firmware()
> > #2 fix the a/b updates via the runtime calls and adjust the commit
> > message accordingly, explaining why this change is needed?
> 
> Can someone from Linaro create v2 on this?
> I just wanted to pointed to it.

Yes, I posted "efi_loader: capsule: enforce guid check in api and
capsule_on_disk".
Since I didn't run any test against A/B update, can you please
confirm that this patch works in your environment?

Unlike Ilias suggested, I made a single patch because an empty
capsule will be handled any way at the beginning of
efi_capsule_update_firmware() and we process only normal capsules
after that.

-Takahiro Akashi

> Thanks,
> Michal