Re: [PATCH v4 1/8] capsule: Add Image GUIDs and image index for platforms using capsule updates
On Thu, Mar 31, 2022 at 06:57:43PM +0530, Sughosh Ganu wrote:
> Currently, all platforms that enable capsule updates do so using
> either EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID or
> EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID. This is based on the Firmware
> Management Protocol(FMP) instance used on the platform. However, this
> means that all platforms that enable a particular FMP instance have
> the same GUID value for all the updatable images, either the FIT image
> GUID or the raw image GUID, and that an image for some platform can be
> updated on any other platform which uses the same FMP instance. Another
> issue with this implementation is that the ESRT table shows the same
> GUID value for all images on the platform and also across platforms,
> which is not in compliance with the UEFI specification.
>
> Fix this by defining image GUID values and firmware names for
> individual images per platform. The GetImageInfo FMP hook would then
> populate these values in the image descriptor array.
>
> Also add the image index value associated with a particular
> image. This is the value that should match with the image_index value
> that is part of the capsule header. The capsule update code will check
> if the two values match, and the update will only proceed on a match.
>
> Signed-off-by: Sughosh Ganu
> Reviewed-by: Masami Hiramatsu
> Acked-by: Michal Simek
> ---
>
> Changes since V3: None
>
> .../imx8mp_rsb3720a1/imx8mp_rsb3720a1.c | 20 +
> .../imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c | 19 +
> board/emulation/qemu-arm/qemu-arm.c | 20 +
> board/kontron/pitx_imx8m/pitx_imx8m.c | 16 ++-
> board/kontron/sl-mx8mm/sl-mx8mm.c | 15 ++
> board/kontron/sl28/sl28.c | 15 ++
> board/sandbox/sandbox.c | 28 +++
> board/socionext/developerbox/developerbox.c | 26 +
> board/xilinx/common/board.c | 24
> include/configs/imx8mm-cl-iot-gate.h | 10 +++
> include/configs/imx8mp_rsb3720.h | 10 +++
> include/configs/kontron-sl-mx8mm.h| 6
> include/configs/kontron_pitx_imx8m.h | 6
> include/configs/kontron_sl28.h| 6
> include/configs/qemu-arm.h| 10 +++
> include/configs/sandbox.h | 14 ++
> include/configs/synquacer.h | 14 ++
> include/configs/xilinx_versal.h | 6
> include/configs/xilinx_zynqmp.h | 10 +++
> include/configs/zynq-common.h | 10 +++
> include/efi_loader.h | 18
> 21 files changed, 302 insertions(+), 1 deletion(-)
>
> diff --git a/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
> b/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
> index 16566092bd..1c953ba195 100644
> --- a/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
> +++ b/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
> @@ -6,6 +6,8 @@
>
> #include
> #include
> +#include
> +#include
> #include
> #include
> #include
> @@ -21,6 +23,7 @@
> #include
> #include
> #include
> +#include
> #include
>
> DECLARE_GLOBAL_DATA_PTR;
> @@ -44,6 +47,23 @@ static void setup_gpmi_nand(void)
> }
> #endif
>
> +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT)
> +struct efi_fw_images fw_images[] = {
> + {
> +#if defined(CONFIG_TARGET_IMX8MP_RSB3720A1_4G)
> + .image_type_id = IMX8MP_RSB3720A1_4G_FIT_IMAGE_GUID,
> +#elif defined(CONFIG_TARGET_IMX8MP_RSB3720A1_6G)
> + .image_type_id = IMX8MP_RSB3720A1_6G_FIT_IMAGE_GUID,
> +#endif
> + .fw_name = u"IMX8MP-RSB3720-FIT",
> + .image_index = 1
> + },
> +};
> +
> +u8 num_image_type_guids = ARRAY_SIZE(fw_images);
> +#endif /* EFI_HAVE_CAPSULE_SUPPORT */
> +
> +
> int board_early_init_f(void)
> {
> struct wdog_regs *wdog = (struct wdog_regs *)WDOG1_BASE_ADDR;
> diff --git a/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
> b/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
> index 7e2d88f449..f5b89a5ddc 100644
> --- a/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
> +++ b/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
> @@ -5,6 +5,8 @@
> */
>
> #include
> +#include
> +#include
> #include
> #include
> #include
> @@ -21,11 +23,28 @@
> #include
> #include
> #include
> +#include
>
> #include "ddr/ddr.h"
>
> DECLARE_GLOBAL_DATA_PTR;
>
> +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT)
> +struct efi_fw_images fw_images[] = {
> + {
> +#if defined(CONFIG_TARGET_IMX8MM_CL_IOT_GATE)
> + .image_type_id = IMX8MM_CL_IOT_GATE_FIT_IMAGE_GUID,
> +#elif defined(CONFIG_TARGET_IMX8MM_CL_IOT_GATE_OPTEE)
> + .image_type_id = IMX8MM_CL_IOT_GATE_OPTEE_FIT_IMAGE_GUID,
> +#endif
> +
[PATCH v4 1/8] capsule: Add Image GUIDs and image index for platforms using capsule updates
Currently, all platforms that enable capsule updates do so using
either EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID or
EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID. This is based on the Firmware
Management Protocol(FMP) instance used on the platform. However, this
means that all platforms that enable a particular FMP instance have
the same GUID value for all the updatable images, either the FIT image
GUID or the raw image GUID, and that an image for some platform can be
updated on any other platform which uses the same FMP instance. Another
issue with this implementation is that the ESRT table shows the same
GUID value for all images on the platform and also across platforms,
which is not in compliance with the UEFI specification.
Fix this by defining image GUID values and firmware names for
individual images per platform. The GetImageInfo FMP hook would then
populate these values in the image descriptor array.
Also add the image index value associated with a particular
image. This is the value that should match with the image_index value
that is part of the capsule header. The capsule update code will check
if the two values match, and the update will only proceed on a match.
Signed-off-by: Sughosh Ganu
Reviewed-by: Masami Hiramatsu
Acked-by: Michal Simek
---
Changes since V3: None
.../imx8mp_rsb3720a1/imx8mp_rsb3720a1.c | 20 +
.../imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c | 19 +
board/emulation/qemu-arm/qemu-arm.c | 20 +
board/kontron/pitx_imx8m/pitx_imx8m.c | 16 ++-
board/kontron/sl-mx8mm/sl-mx8mm.c | 15 ++
board/kontron/sl28/sl28.c | 15 ++
board/sandbox/sandbox.c | 28 +++
board/socionext/developerbox/developerbox.c | 26 +
board/xilinx/common/board.c | 24
include/configs/imx8mm-cl-iot-gate.h | 10 +++
include/configs/imx8mp_rsb3720.h | 10 +++
include/configs/kontron-sl-mx8mm.h| 6
include/configs/kontron_pitx_imx8m.h | 6
include/configs/kontron_sl28.h| 6
include/configs/qemu-arm.h| 10 +++
include/configs/sandbox.h | 14 ++
include/configs/synquacer.h | 14 ++
include/configs/xilinx_versal.h | 6
include/configs/xilinx_zynqmp.h | 10 +++
include/configs/zynq-common.h | 10 +++
include/efi_loader.h | 18
21 files changed, 302 insertions(+), 1 deletion(-)
diff --git a/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
b/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
index 16566092bd..1c953ba195 100644
--- a/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
+++ b/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c
@@ -6,6 +6,8 @@
#include
#include
+#include
+#include
#include
#include
#include
@@ -21,6 +23,7 @@
#include
#include
#include
+#include
#include
DECLARE_GLOBAL_DATA_PTR;
@@ -44,6 +47,23 @@ static void setup_gpmi_nand(void)
}
#endif
+#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT)
+struct efi_fw_images fw_images[] = {
+ {
+#if defined(CONFIG_TARGET_IMX8MP_RSB3720A1_4G)
+ .image_type_id = IMX8MP_RSB3720A1_4G_FIT_IMAGE_GUID,
+#elif defined(CONFIG_TARGET_IMX8MP_RSB3720A1_6G)
+ .image_type_id = IMX8MP_RSB3720A1_6G_FIT_IMAGE_GUID,
+#endif
+ .fw_name = u"IMX8MP-RSB3720-FIT",
+ .image_index = 1
+ },
+};
+
+u8 num_image_type_guids = ARRAY_SIZE(fw_images);
+#endif /* EFI_HAVE_CAPSULE_SUPPORT */
+
+
int board_early_init_f(void)
{
struct wdog_regs *wdog = (struct wdog_regs *)WDOG1_BASE_ADDR;
diff --git a/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
b/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
index 7e2d88f449..f5b89a5ddc 100644
--- a/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
+++ b/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c
@@ -5,6 +5,8 @@
*/
#include
+#include
+#include
#include
#include
#include
@@ -21,11 +23,28 @@
#include
#include
#include
+#include
#include "ddr/ddr.h"
DECLARE_GLOBAL_DATA_PTR;
+#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT)
+struct efi_fw_images fw_images[] = {
+ {
+#if defined(CONFIG_TARGET_IMX8MM_CL_IOT_GATE)
+ .image_type_id = IMX8MM_CL_IOT_GATE_FIT_IMAGE_GUID,
+#elif defined(CONFIG_TARGET_IMX8MM_CL_IOT_GATE_OPTEE)
+ .image_type_id = IMX8MM_CL_IOT_GATE_OPTEE_FIT_IMAGE_GUID,
+#endif
+ .fw_name = u"IMX8MM-CL-IOT-GATE-FIT",
+ .image_index = 1
+ },
+};
+
+u8 num_image_type_guids = ARRAY_SIZE(fw_images);
+#endif /* EFI_HAVE_CAPSULE_SUPPORT */
+
int board_phys_sdram_size(phys_size_t *size)
{
struct lpddr4_tcm_desc *lpddr4_tcm_desc =
diff --git
