From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Sughosh Ganu <sughosh.ganu@linaro.org>
Cc: u-boot@lists.denx.de, Heinrich Schuchardt <xypron.glpk@gmx.de>,
Takahiro Akashi <takahiro.akashi@linaro.org>,
Patrick Delaunay <patrick.delaunay@foss.st.com>,
Patrice Chotard <patrice.chotard@foss.st.com>,
Simon Glass <sjg@chromium.org>, Bin Meng <bmeng.cn@gmail.com>,
Tom Rini <trini@konsulko.com>,
Etienne Carriere <etienne.carriere@linaro.org>,
Michal Simek <monstr@monstr.eu>,
Jassi Brar <jaswinder.singh@linaro.org>
Subject: Re: [PATCH v9 13/15] mkeficapsule: Add support for generating empty capsules
Date: Thu, 22 Sep 2022 16:26:37 +0300 [thread overview]
Message-ID: <YyxijWbDxV2Zn5Hy@hades> (raw)
In-Reply-To: <20220826095716.1676150-14-sughosh.ganu@linaro.org>
On Fri, Aug 26, 2022 at 03:27:14PM +0530, Sughosh Ganu wrote:
> The Dependable Boot specification[1] describes the structure of the
> firmware accept and revert capsules. These are empty capsules which
> are used for signalling the acceptance or rejection of the updated
> firmware by the OS. Add support for generating these empty capsules.
>
> [1] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
>
> Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
> ---
> Changes since V8: None
>
> doc/mkeficapsule.1 | 29 +++++++++----
> tools/eficapsule.h | 8 ++++
> tools/mkeficapsule.c | 96 ++++++++++++++++++++++++++++++++++++++++----
> 3 files changed, 119 insertions(+), 14 deletions(-)
>
> diff --git a/doc/mkeficapsule.1 b/doc/mkeficapsule.1
> index 09bdc24295..77ca061efd 100644
> --- a/doc/mkeficapsule.1
> +++ b/doc/mkeficapsule.1
> @@ -8,7 +8,7 @@ mkeficapsule \- Generate EFI capsule file for U-Boot
>
> .SH SYNOPSIS
> .B mkeficapsule
> -.RI [ options "] " image-blob " " capsule-file
> +.RI [ options ] " " [ image-blob ] " " capsule-file
>
> .SH "DESCRIPTION"
> .B mkeficapsule
> @@ -23,8 +23,13 @@ Optionally, a capsule file can be signed with a given private key.
> In this case, the update will be authenticated by verifying the signature
> before applying.
>
> +Additionally, an empty capsule file can be generated for acceptance or
> +rejection of firmware images by a governing component like an Operating
> +System. The empty capsules do not require an image-blob input file.
> +
> +
> .B mkeficapsule
> -takes any type of image files, including:
> +takes any type of image files when generating non empty capsules, including:
> .TP
> .I raw image
> format is a single binary blob of any type of firmware.
> @@ -36,18 +41,16 @@ multiple binary blobs in a single capsule file.
> This type of image file can be generated by
> .BR mkimage .
>
> -.PP
> -If you want to use other types than above two, you should explicitly
> -specify a guid for the FMP driver.
> -
> .SH "OPTIONS"
> +
> .TP
> .BI "-g\fR,\fB --guid " guid-string
> Specify guid for image blob type. The format is:
> xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
>
> The first three elements are in little endian, while the rest
> -is in big endian.
> +is in big endian. The option must be specified for all non empty and
> +image acceptance capsules
>
> .TP
> .BI "-i\fR,\fB --index " index
> @@ -57,6 +60,18 @@ Specify an image index
> .BI "-I\fR,\fB --instance " instance
> Specify a hardware instance
>
> +.PP
> +For generation of firmware accept empty capsule
> +.BR --guid
> +is mandatory
> +.TP
> +.BI "-A\fR,\fB --fw-accept "
> +Generate a firmware acceptance empty capsule
> +
> +.TP
> +.BI "-R\fR,\fB --fw-revert "
> +Generate a firmware revert empty capsule
> +
> .TP
> .BR -h ", " --help
> Print a help message
> diff --git a/tools/eficapsule.h b/tools/eficapsule.h
> index d63b831443..072a4b5598 100644
> --- a/tools/eficapsule.h
> +++ b/tools/eficapsule.h
> @@ -41,6 +41,14 @@ typedef struct {
> EFI_GUID(0x4aafd29d, 0x68df, 0x49ee, 0x8a, 0xa9, \
> 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7)
>
> +#define FW_ACCEPT_OS_GUID \
> + EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \
> + 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
> +
> +#define FW_REVERT_OS_GUID \
> + EFI_GUID(0xacd58b4b, 0xc0e8, 0x475f, 0x99, 0xb5, \
> + 0x6b, 0x3f, 0x7e, 0x07, 0xaa, 0xf0)
> +
> /* flags */
> #define CAPSULE_FLAGS_PERSIST_ACROSS_RESET 0x00010000
>
> diff --git a/tools/mkeficapsule.c b/tools/mkeficapsule.c
> index 5f74d23b9e..25bfb39e5b 100644
> --- a/tools/mkeficapsule.c
> +++ b/tools/mkeficapsule.c
> @@ -29,7 +29,13 @@ static const char *tool_name = "mkeficapsule";
> efi_guid_t efi_guid_fm_capsule = EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
> efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
>
> -static const char *opts_short = "g:i:I:v:p:c:m:dh";
> +static const char *opts_short = "g:i:I:v:p:c:m:dhAR";
> +
> +enum {
> + CAPSULE_NORMAL_BLOB = 0,
> + CAPSULE_ACCEPT,
> + CAPSULE_REVERT,
> +} capsule_type;
>
> static struct option options[] = {
> {"guid", required_argument, NULL, 'g'},
> @@ -39,6 +45,8 @@ static struct option options[] = {
> {"certificate", required_argument, NULL, 'c'},
> {"monotonic-count", required_argument, NULL, 'm'},
> {"dump-sig", no_argument, NULL, 'd'},
> + {"fw-accept", no_argument, NULL, 'A'},
> + {"fw-revert", no_argument, NULL, 'R'},
> {"help", no_argument, NULL, 'h'},
> {NULL, 0, NULL, 0},
> };
> @@ -55,6 +63,8 @@ static void print_usage(void)
> "\t-c, --certificate <cert file> signer's certificate file\n"
> "\t-m, --monotonic-count <count> monotonic count\n"
> "\t-d, --dump_sig dump signature (*.p7)\n"
> + "\t-A, --fw-accept firmware accept capsule, requires GUID, no image blob\n"
> + "\t-R, --fw-revert firmware revert capsule, takes no GUID, no image blob\n"
> "\t-h, --help print a help message\n",
> tool_name);
> }
> @@ -564,6 +574,49 @@ void convert_uuid_to_guid(unsigned char *buf)
> buf[7] = c;
> }
>
> +static int create_empty_capsule(char *path, efi_guid_t *guid, bool fw_accept)
> +{
> + struct efi_capsule_header header = { 0 };
> + FILE *f = NULL;
> + int ret = -1;
> + efi_guid_t fw_accept_guid = FW_ACCEPT_OS_GUID;
> + efi_guid_t fw_revert_guid = FW_REVERT_OS_GUID;
> + efi_guid_t capsule_guid;
> +
> + f = fopen(path, "w");
> + if (!f) {
> + fprintf(stderr, "cannot open %s\n", path);
> + goto err;
> + }
> +
> + capsule_guid = fw_accept ? fw_accept_guid : fw_revert_guid;
> +
> + memcpy(&header.capsule_guid, &capsule_guid, sizeof(efi_guid_t));
> + header.header_size = sizeof(header);
> + header.flags = 0;
> +
> + header.capsule_image_size = fw_accept ?
> + sizeof(header) + sizeof(efi_guid_t) : sizeof(header);
> +
> + if (write_capsule_file(f, &header, sizeof(header),
> + "Capsule header"))
> + goto err;
> +
> + if (fw_accept) {
> + if (write_capsule_file(f, guid, sizeof(*guid),
> + "FW Accept Capsule Payload"))
> + goto err;
> + }
> +
> + ret = 0;
> +
> +err:
> + if (f)
> + fclose(f);
> +
> + return ret;
> +}
> +
> /**
> * main - main entry function of mkeficapsule
> * @argc: Number of arguments
> @@ -592,6 +645,7 @@ int main(int argc, char **argv)
> privkey_file = NULL;
> cert_file = NULL;
> dump_sig = 0;
> + capsule_type = CAPSULE_NORMAL_BLOB;
> for (;;) {
> c = getopt_long(argc, argv, opts_short, options, &idx);
> if (c == -1)
> @@ -639,22 +693,50 @@ int main(int argc, char **argv)
> case 'd':
> dump_sig = 1;
> break;
> - case 'h':
> + case 'A':
> + if (capsule_type) {
> + fprintf(stderr,
> + "Select either of Accept or Revert capsule generation\n");
> + exit(1);
> + }
> + capsule_type = CAPSULE_ACCEPT;
> + break;
> + case 'R':
> + if (capsule_type) {
> + fprintf(stderr,
> + "Select either of Accept or Revert capsule generation\n");
> + exit(1);
> + }
> + capsule_type = CAPSULE_REVERT;
> + break;
> + default:
> print_usage();
> exit(EXIT_SUCCESS);
> }
> }
>
> /* check necessary parameters */
> - if ((argc != optind + 2) || !guid ||
> - ((privkey_file && !cert_file) ||
> - (!privkey_file && cert_file))) {
> + if ((capsule_type == CAPSULE_NORMAL_BLOB &&
> + ((argc != optind + 2) || !guid ||
> + ((privkey_file && !cert_file) ||
> + (!privkey_file && cert_file)))) ||
> + (capsule_type != CAPSULE_NORMAL_BLOB &&
> + ((argc != optind + 1) ||
> + ((capsule_type == CAPSULE_ACCEPT) && !guid) ||
> + ((capsule_type == CAPSULE_REVERT) && guid)))) {
> print_usage();
> exit(EXIT_FAILURE);
> }
>
> - if (create_fwbin(argv[argc - 1], argv[argc - 2], guid, index, instance,
> - mcount, privkey_file, cert_file) < 0) {
> + if (capsule_type != CAPSULE_NORMAL_BLOB) {
> + if (create_empty_capsule(argv[argc - 1], guid,
> + capsule_type == CAPSULE_ACCEPT) < 0) {
> + fprintf(stderr, "Creating empty capsule failed\n");
> + exit(EXIT_FAILURE);
> + }
> + } else if (create_fwbin(argv[argc - 1], argv[argc - 2], guid,
> + index, instance, mcount, privkey_file,
> + cert_file) < 0) {
> fprintf(stderr, "Creating firmware capsule failed\n");
> exit(EXIT_FAILURE);
> }
> --
> 2.34.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
next prev parent reply other threads:[~2022-09-22 13:26 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-26 9:57 [PATCH v9 00/15] FWU: Add FWU Multi Bank Update feature support Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 01/15] dt/bindings: Add bindings for GPT based FWU Metadata storage device Sughosh Ganu
2022-09-04 7:09 ` Ilias Apalodimas
2022-09-06 7:35 ` Etienne Carriere
2022-08-26 9:57 ` [PATCH v9 02/15] FWU: Add FWU metadata structure and driver for accessing metadata Sughosh Ganu
2022-09-06 7:36 ` Etienne Carriere
2022-09-07 6:45 ` Ilias Apalodimas
2022-09-07 11:02 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 03/15] FWU: Add FWU metadata access driver for GPT partitioned block devices Sughosh Ganu
2022-09-06 7:01 ` Etienne Carriere
2022-09-06 7:12 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 04/15] stm32mp1: dk2: Add a node for the FWU metadata device Sughosh Ganu
2022-09-06 7:37 ` Etienne Carriere
2022-08-26 9:57 ` [PATCH v9 05/15] stm32mp1: dk2: Add image information for capsule updates Sughosh Ganu
2022-09-04 7:11 ` Ilias Apalodimas
2022-09-05 19:18 ` Etienne Carriere
2022-09-06 7:08 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 06/15] FWU: Add helper functions for accessing FWU metadata Sughosh Ganu
2022-09-06 7:39 ` Etienne Carriere
2022-09-07 5:59 ` Ilias Apalodimas
2022-09-07 11:05 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 07/15] FWU: STM32MP1: Add support to read boot index from backup register Sughosh Ganu
2022-09-06 7:27 ` Etienne Carriere
2022-09-06 7:37 ` Sughosh Ganu
2022-09-06 7:44 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 08/15] event: Add an event for main_loop Sughosh Ganu
2022-08-27 0:20 ` Simon Glass
2022-08-26 9:57 ` [PATCH v9 09/15] FWU: Add boot time checks as highlighted by the FWU specification Sughosh Ganu
2022-09-06 6:58 ` Etienne Carriere
2022-09-06 7:01 ` Etienne Carriere
2022-09-06 7:11 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 10/15] FWU: Add support for the FWU Multi Bank Update feature Sughosh Ganu
2022-09-07 13:34 ` Ilias Apalodimas
2022-09-08 2:15 ` Takahiro Akashi
2022-09-08 6:34 ` Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 11/15] FWU: cmd: Add a command to read FWU metadata Sughosh Ganu
2022-09-06 7:59 ` Etienne Carriere
2022-08-26 9:57 ` [PATCH v9 12/15] test: dm: Add test cases for FWU Metadata uclass Sughosh Ganu
2022-09-04 7:10 ` Ilias Apalodimas
2022-08-26 9:57 ` [PATCH v9 13/15] mkeficapsule: Add support for generating empty capsules Sughosh Ganu
2022-09-22 13:26 ` Ilias Apalodimas [this message]
2022-08-26 9:57 ` [PATCH v9 14/15] mkeficapsule: Add support for setting OEM flags in capsule header Sughosh Ganu
2022-08-26 9:57 ` [PATCH v9 15/15] FWU: doc: Add documentation for the FWU feature Sughosh Ganu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YyxijWbDxV2Zn5Hy@hades \
--to=ilias.apalodimas@linaro.org \
--cc=bmeng.cn@gmail.com \
--cc=etienne.carriere@linaro.org \
--cc=jaswinder.singh@linaro.org \
--cc=monstr@monstr.eu \
--cc=patrice.chotard@foss.st.com \
--cc=patrick.delaunay@foss.st.com \
--cc=sjg@chromium.org \
--cc=sughosh.ganu@linaro.org \
--cc=takahiro.akashi@linaro.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).