Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
On Mon, Aug 09, 2021 at 12:01:20PM -0400, Tom Rini wrote: > On Thu, Aug 05, 2021 at 09:46:07AM -0600, Simon Glass wrote: > > > Hi Heinrich, > > > > On Thu, 5 Aug 2021 at 09:29, Heinrich Schuchardt wrote: > > > > > > > > > > > > On 02.08.21 16:44, Simon Glass wrote: > > > > The changes to move from devicetree to rodata take things in the wrong > > > > direction for various reasons: > > > > > > > > - devicetree is where config should be stored > > > > > > We are not talking about configuration here at all. > > > > I thought we were talking about the public key. That is run-time > > config in my book, just like the devicetree itself, which controls all > > the devices. > > > > > > > > > - it provides no memory production in any case, particularly when U-Boot > > > > > > No clue what you mean by "memory production". > > > > memory protection. But it turns out this is pointless anyway. We > > discussed it at length in the contributor call. We came down to one > > issue with the way the firmware is packaged by users (with U-Boot > > coming from one place and TF-A another). I think Ilias is going to > > write something up to help get to the bottom of it. > > > > > > > > >is relocated > > > > - testing becomes harder, with the suggestion of adding an entire new > > > >sandbox build just for this > > > > > > Having an extra config is not required when putting the certificate into > > > .rodata. > > > > The certificate should not go in rodata, period. Please just fix it. > > It use to be fine a few weeks ago so it should not be hard. > > Where are we at here, Heinrich? Thanks. Heinrich? -- Tom signature.asc Description: PGP signature
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
On Thu, Aug 05, 2021 at 09:46:07AM -0600, Simon Glass wrote: > Hi Heinrich, > > On Thu, 5 Aug 2021 at 09:29, Heinrich Schuchardt wrote: > > > > > > > > On 02.08.21 16:44, Simon Glass wrote: > > > The changes to move from devicetree to rodata take things in the wrong > > > direction for various reasons: > > > > > > - devicetree is where config should be stored > > > > We are not talking about configuration here at all. > > I thought we were talking about the public key. That is run-time > config in my book, just like the devicetree itself, which controls all > the devices. > > > > > > - it provides no memory production in any case, particularly when U-Boot > > > > No clue what you mean by "memory production". > > memory protection. But it turns out this is pointless anyway. We > discussed it at length in the contributor call. We came down to one > issue with the way the firmware is packaged by users (with U-Boot > coming from one place and TF-A another). I think Ilias is going to > write something up to help get to the bottom of it. > > > > > >is relocated > > > - testing becomes harder, with the suggestion of adding an entire new > > >sandbox build just for this > > > > Having an extra config is not required when putting the certificate into > > .rodata. > > The certificate should not go in rodata, period. Please just fix it. > It use to be fine a few weeks ago so it should not be hard. Where are we at here, Heinrich? Thanks. -- Tom signature.asc Description: PGP signature
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
Hi Takahiro, On Thu, 5 Aug 2021 at 18:13, KASHI Takahiro wrote: > > On Thu, Aug 05, 2021 at 09:46:07AM -0600, Simon Glass wrote: > > Hi Heinrich, > > > > On Thu, 5 Aug 2021 at 09:29, Heinrich Schuchardt wrote: > > > > > > > > > > > > On 02.08.21 16:44, Simon Glass wrote: > > > > The changes to move from devicetree to rodata take things in the wrong > > > > direction for various reasons: > > > > > > > > - devicetree is where config should be stored > > > > > > We are not talking about configuration here at all. > > > > I thought we were talking about the public key. That is run-time > > config in my book, just like the devicetree itself, which controls all > > the devices. > > > > > > > > > - it provides no memory production in any case, particularly when U-Boot > > > > > > No clue what you mean by "memory production". > > > > memory protection. But it turns out this is pointless anyway. We > > discussed it at length in the contributor call. We came down to one > > What was clarified and decided in that meeting? > I know you have a meeting note, but it was not very clear for me > which direction the discussion is heading now. https://bit.ly/3bFvwA1 I don't think anything was decided, despite the time taken, but we did talk through a lot of the issues. > > # Yes, I should have been there, but ... > # Simon, if possible, please announce the agenda a bit earlier > # so that I can notice that. I'm usually in the bed at that time :) The agenda in this case was added some days in advance but as one participant was a bit late we moved to the 'last-minute' topic of this thread. Also note that I don't set the agenda, although I might add a topic if there is nothing there. If you are in Asia, we used to have an Asia call but it was not well attended so we dropped it. > > I don't think that memory protection is really a matter if there is > no assumption that the storage where the firmware resides are > securely protected. OK. If it does matter, we can solve it. Regards, SImon > > -Takahiro Akashi > > > issue with the way the firmware is packaged by users (with U-Boot > > coming from one place and TF-A another). I think Ilias is going to > > write something up to help get to the bottom of it. > > > > > > > > >is relocated > > > > - testing becomes harder, with the suggestion of adding an entire new > > > >sandbox build just for this > > > > > > Having an extra config is not required when putting the certificate into > > > .rodata. > > > > The certificate should not go in rodata, period. Please just fix it. > > It use to be fine a few weeks ago so it should not be hard. > > > > Regards, > > Simon > > > > > > > > Best regards > > > > > > Heinrich > > > > > > > > > > > Revert this until a new direction can be established. > > > > > > > > Changes in v2: > > > > - Also revert two other patches, based on comment from Takahiro > > > > > > > > Simon Glass (3): > > > >Revert "doc: Update CapsuleUpdate READMEs" > > > >Revert "mkeficapsule: Remove dtb related options" > > > >Revert "efi_capsule: Move signature from DTB to .rodata" > > > > > > > > board/emulation/common/Makefile | 1 + > > > > board/emulation/common/qemu_capsule.c | 43 > > > > doc/board/emulation/qemu_capsule_update.rst | 203 + > > > > doc/develop/uefi/uefi.rst | 125 --- > > > > include/asm-generic/sections.h | 2 - > > > > lib/efi_loader/Kconfig | 7 - > > > > lib/efi_loader/Makefile | 8 - > > > > lib/efi_loader/efi_capsule.c| 18 +- > > > > lib/efi_loader/efi_capsule_key.S| 17 -- > > > > tools/mkeficapsule.c| 229 +++- > > > > 10 files changed, 472 insertions(+), 181 deletions(-) > > > > create mode 100644 board/emulation/common/qemu_capsule.c > > > > create mode 100644 doc/board/emulation/qemu_capsule_update.rst > > > > delete mode 100644 lib/efi_loader/efi_capsule_key.S > > > >
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
On Thu, Aug 05, 2021 at 09:46:07AM -0600, Simon Glass wrote: > Hi Heinrich, > > On Thu, 5 Aug 2021 at 09:29, Heinrich Schuchardt wrote: > > > > > > > > On 02.08.21 16:44, Simon Glass wrote: > > > The changes to move from devicetree to rodata take things in the wrong > > > direction for various reasons: > > > > > > - devicetree is where config should be stored > > > > We are not talking about configuration here at all. > > I thought we were talking about the public key. That is run-time > config in my book, just like the devicetree itself, which controls all > the devices. > > > > > > - it provides no memory production in any case, particularly when U-Boot > > > > No clue what you mean by "memory production". > > memory protection. But it turns out this is pointless anyway. We > discussed it at length in the contributor call. We came down to one What was clarified and decided in that meeting? I know you have a meeting note, but it was not very clear for me which direction the discussion is heading now. # Yes, I should have been there, but ... # Simon, if possible, please announce the agenda a bit earlier # so that I can notice that. I'm usually in the bed at that time :) I don't think that memory protection is really a matter if there is no assumption that the storage where the firmware resides are securely protected. -Takahiro Akashi > issue with the way the firmware is packaged by users (with U-Boot > coming from one place and TF-A another). I think Ilias is going to > write something up to help get to the bottom of it. > > > > > >is relocated > > > - testing becomes harder, with the suggestion of adding an entire new > > >sandbox build just for this > > > > Having an extra config is not required when putting the certificate into > > .rodata. > > The certificate should not go in rodata, period. Please just fix it. > It use to be fine a few weeks ago so it should not be hard. > > Regards, > Simon > > > > > Best regards > > > > Heinrich > > > > > > > > Revert this until a new direction can be established. > > > > > > Changes in v2: > > > - Also revert two other patches, based on comment from Takahiro > > > > > > Simon Glass (3): > > >Revert "doc: Update CapsuleUpdate READMEs" > > >Revert "mkeficapsule: Remove dtb related options" > > >Revert "efi_capsule: Move signature from DTB to .rodata" > > > > > > board/emulation/common/Makefile | 1 + > > > board/emulation/common/qemu_capsule.c | 43 > > > doc/board/emulation/qemu_capsule_update.rst | 203 + > > > doc/develop/uefi/uefi.rst | 125 --- > > > include/asm-generic/sections.h | 2 - > > > lib/efi_loader/Kconfig | 7 - > > > lib/efi_loader/Makefile | 8 - > > > lib/efi_loader/efi_capsule.c| 18 +- > > > lib/efi_loader/efi_capsule_key.S| 17 -- > > > tools/mkeficapsule.c| 229 +++- > > > 10 files changed, 472 insertions(+), 181 deletions(-) > > > create mode 100644 board/emulation/common/qemu_capsule.c > > > create mode 100644 doc/board/emulation/qemu_capsule_update.rst > > > delete mode 100644 lib/efi_loader/efi_capsule_key.S > > >
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
Hi Heinrich, On Thu, 5 Aug 2021 at 09:29, Heinrich Schuchardt wrote: > > > > On 02.08.21 16:44, Simon Glass wrote: > > The changes to move from devicetree to rodata take things in the wrong > > direction for various reasons: > > > > - devicetree is where config should be stored > > We are not talking about configuration here at all. I thought we were talking about the public key. That is run-time config in my book, just like the devicetree itself, which controls all the devices. > > > - it provides no memory production in any case, particularly when U-Boot > > No clue what you mean by "memory production". memory protection. But it turns out this is pointless anyway. We discussed it at length in the contributor call. We came down to one issue with the way the firmware is packaged by users (with U-Boot coming from one place and TF-A another). I think Ilias is going to write something up to help get to the bottom of it. > > >is relocated > > - testing becomes harder, with the suggestion of adding an entire new > >sandbox build just for this > > Having an extra config is not required when putting the certificate into > .rodata. The certificate should not go in rodata, period. Please just fix it. It use to be fine a few weeks ago so it should not be hard. Regards, Simon > > Best regards > > Heinrich > > > > > Revert this until a new direction can be established. > > > > Changes in v2: > > - Also revert two other patches, based on comment from Takahiro > > > > Simon Glass (3): > >Revert "doc: Update CapsuleUpdate READMEs" > >Revert "mkeficapsule: Remove dtb related options" > >Revert "efi_capsule: Move signature from DTB to .rodata" > > > > board/emulation/common/Makefile | 1 + > > board/emulation/common/qemu_capsule.c | 43 > > doc/board/emulation/qemu_capsule_update.rst | 203 + > > doc/develop/uefi/uefi.rst | 125 --- > > include/asm-generic/sections.h | 2 - > > lib/efi_loader/Kconfig | 7 - > > lib/efi_loader/Makefile | 8 - > > lib/efi_loader/efi_capsule.c| 18 +- > > lib/efi_loader/efi_capsule_key.S| 17 -- > > tools/mkeficapsule.c| 229 +++- > > 10 files changed, 472 insertions(+), 181 deletions(-) > > create mode 100644 board/emulation/common/qemu_capsule.c > > create mode 100644 doc/board/emulation/qemu_capsule_update.rst > > delete mode 100644 lib/efi_loader/efi_capsule_key.S > >
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
On 02.08.21 16:44, Simon Glass wrote: The changes to move from devicetree to rodata take things in the wrong direction for various reasons: - devicetree is where config should be stored We are not talking about configuration here at all. - it provides no memory production in any case, particularly when U-Boot No clue what you mean by "memory production". is relocated - testing becomes harder, with the suggestion of adding an entire new sandbox build just for this Having an extra config is not required when putting the certificate into .rodata. Best regards Heinrich Revert this until a new direction can be established. Changes in v2: - Also revert two other patches, based on comment from Takahiro Simon Glass (3): Revert "doc: Update CapsuleUpdate READMEs" Revert "mkeficapsule: Remove dtb related options" Revert "efi_capsule: Move signature from DTB to .rodata" board/emulation/common/Makefile | 1 + board/emulation/common/qemu_capsule.c | 43 doc/board/emulation/qemu_capsule_update.rst | 203 + doc/develop/uefi/uefi.rst | 125 --- include/asm-generic/sections.h | 2 - lib/efi_loader/Kconfig | 7 - lib/efi_loader/Makefile | 8 - lib/efi_loader/efi_capsule.c| 18 +- lib/efi_loader/efi_capsule_key.S| 17 -- tools/mkeficapsule.c| 229 +++- 10 files changed, 472 insertions(+), 181 deletions(-) create mode 100644 board/emulation/common/qemu_capsule.c create mode 100644 doc/board/emulation/qemu_capsule_update.rst delete mode 100644 lib/efi_loader/efi_capsule_key.S
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
HI Ilias, On Mon, 2 Aug 2021 at 23:43, Ilias Apalodimas wrote: > > On Mon, Aug 02, 2021 at 02:02:56PM -0600, Simon Glass wrote: > > Hi Ilias, > > > > On Mon, 2 Aug 2021 at 09:37, Ilias Apalodimas > > wrote: > > > > > > Hi Simon, > > > > > > On Mon, Aug 02, 2021 at 08:44:28AM -0600, Simon Glass wrote: > > > > The changes to move from devicetree to rodata take things in the wrong > > > > direction for various reasons: > > > > > > > > > > As I said on the previous thread, I think this should remain as is for a > > > number of reasons (and mainly because it only works with 1/3 valid > > > CONFIG_OF_XXX U-Boot provides), but I'll let Heinrich decide. > > > > Do you mean OF_EMBED and OF_HOSTFILE? > > > > We happily use OF_HOSTFILE in the sandbox vboot tests. I don't see any > > issue there. > > > > OF_EMBED should not be used in production code. It is for debugging only. > > No I mean CONFIG_OF_SEPARATE and CONFIG_OF_PRIOR_STAGE (apart from > CONFIG_OF_BOARD) Well OF_SEPARATE works fine. OF_PRIOR_STAGE is no different, as I understand it. I just means that the prior stage (whatever that is) needs to have the public key. Regards, Simon
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change\
Hi Ilias, On Mon, 2 Aug 2021 at 23:46, Ilias Apalodimas wrote: > > On Mon, Aug 02, 2021 at 01:22:18PM -0600, Simon Glass wrote: > > Hi Heinrich, > > > > On Mon, 2 Aug 2021 at 11:35, Heinrich Schuchardt wrote: > > > > > > > > > > > > On 8/2/21 4:44 PM, Simon Glass wrote: > > > > The changes to move from devicetree to rodata take things in the wrong > > > > direction for various reasons: > > > > > > > > - devicetree is where config should be stored > > > > > > We are not talking about configuration here but about bundling a file. > > > > > > > - it provides no memory production in any case, particularly when U-Boot > > > > > > What do you mean by "production"? > > > > > > Should you mean memory protection: I cannot see that the memory pages > > > containing the devicetree are set to readonly. Furthermore setenv can > > > > Did you read the discussion? Neither can rodata, so this is a pointless > > change. > > > > It's far from pointless imho. In that same discussion I pointed out that the > DTB might need to remain r/w for it's entire lifetime, while .rodata is > just a matter of missing code to switch pages to RO-. We don't support a r/w control DTB in U-Boot. At present any attempt to update the DTB will cause devices to fail to probe since the offsets they point to will be incorrect. If r/w is desired, I think OF_LIVE is the only reasonable option. So I think that point is moot also. [..] Regards, SImon
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change\
On Mon, Aug 02, 2021 at 01:22:18PM -0600, Simon Glass wrote: > Hi Heinrich, > > On Mon, 2 Aug 2021 at 11:35, Heinrich Schuchardt wrote: > > > > > > > > On 8/2/21 4:44 PM, Simon Glass wrote: > > > The changes to move from devicetree to rodata take things in the wrong > > > direction for various reasons: > > > > > > - devicetree is where config should be stored > > > > We are not talking about configuration here but about bundling a file. > > > > > - it provides no memory production in any case, particularly when U-Boot > > > > What do you mean by "production"? > > > > Should you mean memory protection: I cannot see that the memory pages > > containing the devicetree are set to readonly. Furthermore setenv can > > Did you read the discussion? Neither can rodata, so this is a pointless > change. > It's far from pointless imho. In that same discussion I pointed out that the DTB might need to remain r/w for it's entire lifetime, while .rodata is just a matter of missing code to switch pages to RO-. Thanks /Ilias > > completely replace the devicetree. > > Yes and 'mw' can overwrite memory...so...? > > > > > >is relocated > > > - testing becomes harder, with the suggestion of adding an entire new > > >sandbox build just for this > > > > > > Revert this until a new direction can be established. > > > > We can change the current solution *after* anything better has been > > designed. > > The original solution was fine IMO and the new one is much worse. Now > I see a patch to create a new sandbox build. All of this is yet > another parallel implementation within U-Boot for EFI. I have yet to > see any effort to address the parallel driver model. > > We should just use devicetree for run-time configuration. > > Regards, > SImon
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
On Mon, Aug 02, 2021 at 02:02:56PM -0600, Simon Glass wrote: > Hi Ilias, > > On Mon, 2 Aug 2021 at 09:37, Ilias Apalodimas > wrote: > > > > Hi Simon, > > > > On Mon, Aug 02, 2021 at 08:44:28AM -0600, Simon Glass wrote: > > > The changes to move from devicetree to rodata take things in the wrong > > > direction for various reasons: > > > > > > > As I said on the previous thread, I think this should remain as is for a > > number of reasons (and mainly because it only works with 1/3 valid > > CONFIG_OF_XXX U-Boot provides), but I'll let Heinrich decide. > > Do you mean OF_EMBED and OF_HOSTFILE? > > We happily use OF_HOSTFILE in the sandbox vboot tests. I don't see any > issue there. > > OF_EMBED should not be used in production code. It is for debugging only. No I mean CONFIG_OF_SEPARATE and CONFIG_OF_PRIOR_STAGE (apart from CONFIG_OF_BOARD) Thanks /Ilias > > > > > > > - devicetree is where config should be stored > > > - it provides no memory production in any case, particularly when U-Boot > > > is relocated > > > - testing becomes harder, with the suggestion of adding an entire new > > > sandbox build just for this > > > > > > Revert this until a new direction can be established. > > > > > > > Regards > > /Ilias > > > Changes in v2: > > > - Also revert two other patches, based on comment from Takahiro > > > > > > Simon Glass (3): > > > Revert "doc: Update CapsuleUpdate READMEs" > > > Revert "mkeficapsule: Remove dtb related options" > > > Revert "efi_capsule: Move signature from DTB to .rodata" > > > > > > board/emulation/common/Makefile | 1 + > > > board/emulation/common/qemu_capsule.c | 43 > > > doc/board/emulation/qemu_capsule_update.rst | 203 + > > > doc/develop/uefi/uefi.rst | 125 --- > > > include/asm-generic/sections.h | 2 - > > > lib/efi_loader/Kconfig | 7 - > > > lib/efi_loader/Makefile | 8 - > > > lib/efi_loader/efi_capsule.c| 18 +- > > > lib/efi_loader/efi_capsule_key.S| 17 -- > > > tools/mkeficapsule.c| 229 +++- > > > 10 files changed, 472 insertions(+), 181 deletions(-) > > > create mode 100644 board/emulation/common/qemu_capsule.c > > > create mode 100644 doc/board/emulation/qemu_capsule_update.rst > > > delete mode 100644 lib/efi_loader/efi_capsule_key.S > > > > > > -- > > > 2.32.0.554.ge1b32706d8-goog > > >
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
Hi Ilias, On Mon, 2 Aug 2021 at 09:37, Ilias Apalodimas wrote: > > Hi Simon, > > On Mon, Aug 02, 2021 at 08:44:28AM -0600, Simon Glass wrote: > > The changes to move from devicetree to rodata take things in the wrong > > direction for various reasons: > > > > As I said on the previous thread, I think this should remain as is for a > number of reasons (and mainly because it only works with 1/3 valid > CONFIG_OF_XXX U-Boot provides), but I'll let Heinrich decide. Do you mean OF_EMBED and OF_HOSTFILE? We happily use OF_HOSTFILE in the sandbox vboot tests. I don't see any issue there. OF_EMBED should not be used in production code. It is for debugging only. > > > - devicetree is where config should be stored > > - it provides no memory production in any case, particularly when U-Boot > > is relocated > > - testing becomes harder, with the suggestion of adding an entire new > > sandbox build just for this > > > > Revert this until a new direction can be established. > > > > Regards > /Ilias > > Changes in v2: > > - Also revert two other patches, based on comment from Takahiro > > > > Simon Glass (3): > > Revert "doc: Update CapsuleUpdate READMEs" > > Revert "mkeficapsule: Remove dtb related options" > > Revert "efi_capsule: Move signature from DTB to .rodata" > > > > board/emulation/common/Makefile | 1 + > > board/emulation/common/qemu_capsule.c | 43 > > doc/board/emulation/qemu_capsule_update.rst | 203 + > > doc/develop/uefi/uefi.rst | 125 --- > > include/asm-generic/sections.h | 2 - > > lib/efi_loader/Kconfig | 7 - > > lib/efi_loader/Makefile | 8 - > > lib/efi_loader/efi_capsule.c| 18 +- > > lib/efi_loader/efi_capsule_key.S| 17 -- > > tools/mkeficapsule.c| 229 +++- > > 10 files changed, 472 insertions(+), 181 deletions(-) > > create mode 100644 board/emulation/common/qemu_capsule.c > > create mode 100644 doc/board/emulation/qemu_capsule_update.rst > > delete mode 100644 lib/efi_loader/efi_capsule_key.S > > > > -- > > 2.32.0.554.ge1b32706d8-goog > >
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
Hi Heinrich, On Mon, 2 Aug 2021 at 11:35, Heinrich Schuchardt wrote: > > > > On 8/2/21 4:44 PM, Simon Glass wrote: > > The changes to move from devicetree to rodata take things in the wrong > > direction for various reasons: > > > > - devicetree is where config should be stored > > We are not talking about configuration here but about bundling a file. > > > - it provides no memory production in any case, particularly when U-Boot > > What do you mean by "production"? > > Should you mean memory protection: I cannot see that the memory pages > containing the devicetree are set to readonly. Furthermore setenv can Did you read the discussion? Neither can rodata, so this is a pointless change. > completely replace the devicetree. Yes and 'mw' can overwrite memory...so...? > > >is relocated > > - testing becomes harder, with the suggestion of adding an entire new > >sandbox build just for this > > > > Revert this until a new direction can be established. > > We can change the current solution *after* anything better has been > designed. The original solution was fine IMO and the new one is much worse. Now I see a patch to create a new sandbox build. All of this is yet another parallel implementation within U-Boot for EFI. I have yet to see any effort to address the parallel driver model. We should just use devicetree for run-time configuration. Regards, SImon
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
On 8/2/21 4:44 PM, Simon Glass wrote: The changes to move from devicetree to rodata take things in the wrong direction for various reasons: - devicetree is where config should be stored We are not talking about configuration here but about bundling a file. - it provides no memory production in any case, particularly when U-Boot What do you mean by "production"? Should you mean memory protection: I cannot see that the memory pages containing the devicetree are set to readonly. Furthermore setenv can completely replace the devicetree. is relocated - testing becomes harder, with the suggestion of adding an entire new sandbox build just for this Revert this until a new direction can be established. We can change the current solution *after* anything better has been designed. Best regards Heinrich Changes in v2: - Also revert two other patches, based on comment from Takahiro Simon Glass (3): Revert "doc: Update CapsuleUpdate READMEs" Revert "mkeficapsule: Remove dtb related options" Revert "efi_capsule: Move signature from DTB to .rodata" board/emulation/common/Makefile | 1 + board/emulation/common/qemu_capsule.c | 43 doc/board/emulation/qemu_capsule_update.rst | 203 + doc/develop/uefi/uefi.rst | 125 --- include/asm-generic/sections.h | 2 - lib/efi_loader/Kconfig | 7 - lib/efi_loader/Makefile | 8 - lib/efi_loader/efi_capsule.c| 18 +- lib/efi_loader/efi_capsule_key.S| 17 -- tools/mkeficapsule.c| 229 +++- 10 files changed, 472 insertions(+), 181 deletions(-) create mode 100644 board/emulation/common/qemu_capsule.c create mode 100644 doc/board/emulation/qemu_capsule_update.rst delete mode 100644 lib/efi_loader/efi_capsule_key.S
Re: [PATCH v2 0/3] efi: Minimal revert to rodata change
Hi Simon, On Mon, Aug 02, 2021 at 08:44:28AM -0600, Simon Glass wrote: > The changes to move from devicetree to rodata take things in the wrong > direction for various reasons: > As I said on the previous thread, I think this should remain as is for a number of reasons (and mainly because it only works with 1/3 valid CONFIG_OF_XXX U-Boot provides), but I'll let Heinrich decide. > - devicetree is where config should be stored > - it provides no memory production in any case, particularly when U-Boot > is relocated > - testing becomes harder, with the suggestion of adding an entire new > sandbox build just for this > > Revert this until a new direction can be established. > Regards /Ilias > Changes in v2: > - Also revert two other patches, based on comment from Takahiro > > Simon Glass (3): > Revert "doc: Update CapsuleUpdate READMEs" > Revert "mkeficapsule: Remove dtb related options" > Revert "efi_capsule: Move signature from DTB to .rodata" > > board/emulation/common/Makefile | 1 + > board/emulation/common/qemu_capsule.c | 43 > doc/board/emulation/qemu_capsule_update.rst | 203 + > doc/develop/uefi/uefi.rst | 125 --- > include/asm-generic/sections.h | 2 - > lib/efi_loader/Kconfig | 7 - > lib/efi_loader/Makefile | 8 - > lib/efi_loader/efi_capsule.c| 18 +- > lib/efi_loader/efi_capsule_key.S| 17 -- > tools/mkeficapsule.c| 229 +++- > 10 files changed, 472 insertions(+), 181 deletions(-) > create mode 100644 board/emulation/common/qemu_capsule.c > create mode 100644 doc/board/emulation/qemu_capsule_update.rst > delete mode 100644 lib/efi_loader/efi_capsule_key.S > > -- > 2.32.0.554.ge1b32706d8-goog >
[PATCH v2 0/3] efi: Minimal revert to rodata change
The changes to move from devicetree to rodata take things in the wrong direction for various reasons: - devicetree is where config should be stored - it provides no memory production in any case, particularly when U-Boot is relocated - testing becomes harder, with the suggestion of adding an entire new sandbox build just for this Revert this until a new direction can be established. Changes in v2: - Also revert two other patches, based on comment from Takahiro Simon Glass (3): Revert "doc: Update CapsuleUpdate READMEs" Revert "mkeficapsule: Remove dtb related options" Revert "efi_capsule: Move signature from DTB to .rodata" board/emulation/common/Makefile | 1 + board/emulation/common/qemu_capsule.c | 43 doc/board/emulation/qemu_capsule_update.rst | 203 + doc/develop/uefi/uefi.rst | 125 --- include/asm-generic/sections.h | 2 - lib/efi_loader/Kconfig | 7 - lib/efi_loader/Makefile | 8 - lib/efi_loader/efi_capsule.c| 18 +- lib/efi_loader/efi_capsule_key.S| 17 -- tools/mkeficapsule.c| 229 +++- 10 files changed, 472 insertions(+), 181 deletions(-) create mode 100644 board/emulation/common/qemu_capsule.c create mode 100644 doc/board/emulation/qemu_capsule_update.rst delete mode 100644 lib/efi_loader/efi_capsule_key.S -- 2.32.0.554.ge1b32706d8-goog
