On Wed, 2 Feb 2022 at 05:17, AKASHI Takahiro <takahiro.aka...@linaro.org> wrote:
>
> On Tue, Feb 01, 2022 at 10:33:20PM +0530, Sughosh Ganu wrote:
> > On Tue, 1 Feb 2022 at 22:14, Heinrich Schuchardt <xypron.g...@gmx.de> wrote:
> > >
> > >
> > >
> > > Am 1. Februar 2022 16:42:43 MEZ schrieb Sughosh Ganu
> > > <sughosh.g...@linaro.org>:
> > > >hi Masami,
> > > >
> > > >On Tue, 1 Feb 2022 at 14:03, Masami Hiramatsu
> > > ><masami.hirama...@linaro.org> wrote:
> > > >>
> > > >> The efi_update_capsule() may have to handle the capsule flags as an
> > > >> UEFI
> > > >> runtime and boottime service, but the capsule-on-disk process doesn't.
> > > >> Thus, the capsule-on-disk should use the efi_capsule_update_firmware()
> > > >> directly instead of efi_update_capsule().
> > > >>
> > > >> Suggested-by: AKASHI Takahiro <takahiro.aka...@linaro.org>
> > > >> Signed-off-by: Masami Hiramatsu <masami.hirama...@linaro.org>
> > > >> ---
> > > >> Changes in v2:
> > > >> - Fix to pass correct pointer to efi_capsule_update_firmware
> > > >> - Remove ESRT generation, because this part anyway will be removed
> > > >> next patch.
> > > >> ---
> > > >> lib/efi_loader/efi_capsule.c | 2 +-
> > > >> 1 file changed, 1 insertion(+), 1 deletion(-)
> > > >>
> > > >> diff --git a/lib/efi_loader/efi_capsule.c
> > > >> b/lib/efi_loader/efi_capsule.c
> > > >> index 4463ae00fd..1ec7ea29ff 100644
> > > >> --- a/lib/efi_loader/efi_capsule.c
> > > >> +++ b/lib/efi_loader/efi_capsule.c
> > > >> @@ -1118,7 +1118,7 @@ efi_status_t efi_launch_capsules(void)
> > > >> index = 0;
> > > >> ret = efi_capsule_read_file(files[i], &capsule);
> > > >> if (ret == EFI_SUCCESS) {
> > > >> - ret = EFI_CALL(efi_update_capsule(&capsule, 1,
> > > >> 0));
> > > >> + ret = efi_capsule_update_firmware(capsule);
> > > >
> > > >I believe this is not fixing any issue as such. If so, I would vote
> > > >for keeping the call to efi_update_capsule.
> > >
> > > No, this is just about reducing code size by avoiding the EFI_CALL(). It
> > > should not change behaviour.
> >
> > Okay, in that case, I will put a check for the FWU Multi Banks feature
> > being enabled -- with the feature enabled, the call will be to
> > efi_update_capsule, and with the feature disabled, the call will be
> > made to efi_capsule_update_firmware.
>
> Please don't do that.
> Instead, you should carve out a *common* function for UpdateCapsule api
> and capsule-on-disk.
Can you also point out the issue you see with having the FWU checks in
the efi_update_capsule. As I have said, having the checks here caters
to both the scenarios -- capsule-on-disk update as well as secure
world update. I think with the FWU feature enabled for secure world,
the efi_update_capsule function will get called, before branching off
to a different FMP.
> Please note, as I repeatedly said, that I didn't intend to implement
> the API with my initial commits. I think I should not have added
> efi_update_capsule() function to avoid any confusion.
Maybe I missed this, but I don't know why you think the
efi_update_capsule is superfluous. Also, if it really is superfluous,
this commit from Masami should also be removing the function
definition rather than just not calling the function.
-sughosh
>
> -Takahiro Akashi
>
> > The compiler should compile out
> > the code whenever the FWU feature is disabled and that will not impact
> > the code size.
> >
> > -sughosh
> >
> > >
> > > Best regards
> > >
> > > Heinrich
> > >
> > > With the FWU Multi Bank
> > > >feature enabled, the checks for capsule acceptance and revert are
> > > >being done in this function. The reason I have put this code in the
> > > >function is that it caters to both scenarios of capsule-on-disk and
> > > >the runtime functionality. In addition, the FWU bootup checks are also
> > > >done in this function through a call to fwu_update_checks_pass. So if
> > > >this is not a fix, which I don't think it is, I would prefer this call
> > > >to remain.
> > > >
> > > >-sughosh
> > > >
> > > >> if (ret != EFI_SUCCESS)
> > > >> log_err("Applying capsule %ls
> > > >> failed\n",
> > > >> files[i]);
> > > >>
