From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8220CC4708D for ; Mon, 2 Jan 2023 18:26:52 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 8BB8F8551B; Mon, 2 Jan 2023 19:26:50 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="NuIIOH12"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 3068485521; Mon, 2 Jan 2023 19:26:49 +0100 (CET) Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2AC578533F for ; Mon, 2 Jan 2023 19:26:46 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=jassisinghbrar@gmail.com Received: by mail-il1-x12d.google.com with SMTP id c20so13060808ilj.10 for ; Mon, 02 Jan 2023 10:26:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0LKMUfr/i3qfi9TBhajPxC6GYt3klbg+iA1JR+CJGnM=; b=NuIIOH123YXBkeF2DPJUmC3OIZnPSZXfwOAUMguD/lnnJsylo9KHgEfuOc85tDHYTb 81ufLiUQHbZ9Z1iZN8tTMAVEPAa2vS1Y8rxT/4CYopfAy0o1nu6ATdqhtW2xAECoIRAO cme6/GXdeYF5XjvIyX3g21zquuGoWoYm2F2wLan8rN5rd0ppdJSunST6zucFCbLNNCrb 91O+WYysYUe4jkgVHRyXvUYth5Ow2ywWO9b0iAITA0/O3EO7FUSTElvqifSHle+7+75n 8i1gIdhIClc0Ym0VOZj5SokhZKf8svPVydjEf+3BC1hIVgf3Vf+Us3MITNq0Pw2bVBCE nR8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0LKMUfr/i3qfi9TBhajPxC6GYt3klbg+iA1JR+CJGnM=; b=mBRLTFanMk4HdnUlzBTM7mEav35e9WQFUdUjymUp4N/90IgEDYF9ma6VfWE9mXP8Pk F6F3BuYwvU10IqLDe6mPEgL5TT1cc2IWrPAm0+VI2n4PPjHm4qbxXdTW0alliuv0Far1 OstTLltPLLi3e4iu7g6pjtv3wp6L7T9q1jQ6FnPLJB3OyUgu3E8R5TpqYpQcOpYswCwa oxtPe9Ci8ox69+4waxPVq4Hx0UjJEtAqf4dkXdgJN265I1XoLC31U1hZCuM7R8Xeez7j W0qZMjT5YRXaJY2vj4K/bxN0bArpL32l2p6ckRp/9UV1AJ0LGYzd4yDcmZYZjtfsmkmj rn+w== X-Gm-Message-State: AFqh2kqMlGJa917+mOH2VgFRtQSng/hGk1i7fq/ErIzUDG/6hblDtQe+ aG1o1zMAw/7lWuDp+Tl66ZMtuqU92Bk= X-Google-Smtp-Source: AMrXdXuZNLEgyKKmhyIVR4TO4TsjfEDq04hES0VOQCVfDTYhGWG//bLgXTRZ4PGGozJj8OAkgycZvQ== X-Received: by 2002:a92:6b03:0:b0:303:8cff:983b with SMTP id g3-20020a926b03000000b003038cff983bmr27846658ilc.14.1672684004440; Mon, 02 Jan 2023 10:26:44 -0800 (PST) Received: from jassi-Alienware-x17-R2.. (wnpgmb0311w-ds01-45-179-115.dynamic.bellmts.net. [206.45.179.115]) by smtp.gmail.com with ESMTPSA id q17-20020a02b051000000b00389dbc74fc5sm9170654jah.78.2023.01.02.10.26.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 02 Jan 2023 10:26:44 -0800 (PST) From: Jassi Brar X-Google-Original-From: Jassi Brar To: u-boot@lists.denx.de Cc: ilias.apalodimas@linaro.org, etienne.carriere@linaro.org, trini@konsulko.com, sjg@chromium.org, sughosh.ganu@linaro.org, xypron.glpk@gmx.de, patrick.delaunay@foss.st.com, patrice.chotard@foss.st.com, Jassi Brar Subject: [PATCHv3 2/5] fwu: move meta-data management in core Date: Mon, 2 Jan 2023 12:26:40 -0600 Message-Id: <20230102182640.2411224-1-jaswinder.singh@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230102182532.2411125-1-jaswinder.singh@linaro.org> References: <20230102182532.2411125-1-jaswinder.singh@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Instead of each i/f having to implement their own meta-data verification and storage, move the logic in common code. This simplifies the i/f code much simpler and compact. Signed-off-by: Jassi Brar --- drivers/fwu-mdata/fwu-mdata-uclass.c | 34 +++++++ include/fwu.h | 41 ++++++++ lib/fwu_updates/fwu.c | 142 ++++++++++++++++++++++++++- 3 files changed, 213 insertions(+), 4 deletions(-) diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index b477e9603f..e03773c584 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -16,6 +16,40 @@ #include #include +/** + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() + * + * Return: 0 if OK, -ve on error + */ +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{ + const struct fwu_mdata_ops *ops = device_get_ops(dev); + + if (!ops->read_mdata) { + log_debug("read_mdata() method not defined\n"); + return -ENOSYS; + } + + return ops->read_mdata(dev, mdata, primary); +} + +/** + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata() + * + * Return: 0 if OK, -ve on error + */ +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{ + const struct fwu_mdata_ops *ops = device_get_ops(dev); + + if (!ops->write_mdata) { + log_debug("write_mdata() method not defined\n"); + return -ENOSYS; + } + + return ops->write_mdata(dev, mdata, primary); +} + /** * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers * @dev: FWU metadata device diff --git a/include/fwu.h b/include/fwu.h index 0919ced812..1a700c9e6a 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv { * @update_mdata() - Update the FWU metadata copy */ struct fwu_mdata_ops { + /** + * read_mdata() - Populate the asked FWU metadata copy + * @dev: FWU metadata device + * @mdata: Copy of the FWU metadata + * @primary: If primary or secondary copy of meta-data is to be read + * + * Return: 0 if OK, -ve on error + */ + int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + + /** + * write_mdata() - Write the given FWU metadata copy + * @dev: FWU metadata device + * @mdata: Copy of the FWU metadata + * @primary: If primary or secondary copy of meta-data is to be written + * + * Return: 0 if OK, -ve on error + */ + int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + /** * check_mdata() - Check if the FWU metadata is valid * @dev: FWU device @@ -126,6 +146,27 @@ struct fwu_mdata_ops { EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \ 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8) +/** + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() + */ +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + +/** + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata() + */ +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + +/** + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * + * Read both the metadata copies from the storage media, verify their checksum, + * and ascertain that both copies match. If one of the copies has gone bad, + * restore it from the good copy. + * + * Return: 0 if OK, -ve on error +*/ +int fwu_get_verified_mdata(struct fwu_mdata *mdata); + /** * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies * diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 5313d07302..4554654727 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -15,13 +15,13 @@ #include #include +#include + +static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */ +static struct udevice *g_dev; static u8 in_trial; static u8 boottime_check; -#include -#include -#include - enum { IMAGE_ACCEPT_SET = 1, IMAGE_ACCEPT_CLEAR, @@ -161,6 +161,140 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id) return -ENOENT; } +/** + * fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided + * @mdata: FWU metadata structure + * @part: Bitmask of FWU metadata partitions to be written to + * + * Return: 0 if OK, -ve on error + */ +static int fwu_sync_mdata(struct fwu_mdata *mdata, int part) +{ + void *buf = &mdata->version; + int err = 0; + + /* + * Calculate the crc32 for the updated FWU metadata + * and put the updated value in the FWU metadata crc32 + * field + */ + mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); + + if (part & PRIMARY_PART) + err = fwu_write_mdata(g_dev, mdata, true); + + if (err) { + log_err("Unable to write primary mdata\n"); + return err; + } + + if (part & SECONDARY_PART) + err = fwu_write_mdata(g_dev, mdata, false); + + if (err) { + log_err("Unable to write secondary mdata\n"); + return err; + } + + /* update the cached copy of meta-data */ + memcpy(&g_mdata, mdata, sizeof(struct fwu_mdata)); + + return 0; +} + +static inline int mdata_crc_check(struct fwu_mdata *mdata) +{ + void *buf = &mdata->version; + u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); + + return calc_crc32 == mdata->crc32 ? 0 : -EINVAL; +} + +/** + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * + * Read both the metadata copies from the storage media, verify their checksum, + * and ascertain that both copies match. If one of the copies has gone bad, + * restore it from the good copy. + * + * Return: 0 if OK, -ve on error + */ +int fwu_get_verified_mdata(struct fwu_mdata *mdata) +{ + int err; + bool pri_ok, sec_ok; + struct fwu_mdata s, *p_mdata, *s_mdata; + + p_mdata = &g_mdata; + s_mdata = &s; + + /* if mdata already read and ready */ + err = mdata_crc_check(p_mdata); + if (!err) + goto ret_mdata; + /* else read, verify and, if needed, fix mdata */ + + pri_ok = false; + err = fwu_read_mdata(g_dev, p_mdata, true); + if (!err) { + err = mdata_crc_check(p_mdata); + if (!err) + pri_ok = true; + else + log_debug("primary mdata: crc32 failed\n"); + } + + sec_ok = false; + err = fwu_read_mdata(g_dev, s_mdata, false); + if (!err) { + err = mdata_crc_check(s_mdata); + if (!err) + sec_ok = true; + else + log_debug("secondary mdata: crc32 failed\n"); + } + + if (pri_ok && sec_ok) { + /* + * Before returning, check that both the + * FWU metadata copies are the same. + */ + err = memcmp(p_mdata, s_mdata, sizeof(struct fwu_mdata)); + if (!err) + goto ret_mdata; + + /* + * If not, populate the secondary partition from the + * primary partition copy. + */ + log_info("Both FWU metadata copies are valid but do not match."); + log_info(" Restoring the secondary partition from the primary\n"); + sec_ok = false; + } + + if (!pri_ok) { + memcpy(p_mdata, s_mdata, sizeof(struct fwu_mdata)); + err = fwu_sync_mdata(p_mdata, PRIMARY_PART); + if (err) + goto ret_mdata; + } + + if (!sec_ok) { + memcpy(s_mdata, p_mdata, sizeof(struct fwu_mdata)); + err = fwu_sync_mdata(s_mdata, SECONDARY_PART); + if (err) + goto ret_mdata; + } + +ret_mdata: + if (err) + log_debug("mdata : crc32 failed\n"); + else if (mdata) + memcpy(mdata, p_mdata, sizeof(struct fwu_mdata)); + + return err; +} + /** * fwu_verify_mdata() - Verify the FWU metadata * @mdata: FWU metadata structure -- 2.34.1