diff options
| author | Tom Rini <trini@konsulko.com> | 2022-04-15 14:29:52 -0400 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2022-04-15 14:29:52 -0400 |
| commit | 9859465bfe838bc8264d45e1a1bed847bba74bad (patch) | |
| tree | e29b11e0d87344cca7cd88ab17bc2104e0d691cc | |
| parent | 7f418ea59852945eeb9e5d2555d306f09643d555 (diff) | |
| parent | 8bf5f9af3b4bafbcb2f515cecc1b71c466aff0fa (diff) | |
| download | u-boot-WIP/15Apr2022.zip u-boot-WIP/15Apr2022.tar.gz u-boot-WIP/15Apr2022.tar.bz2 | |
Merge tag 'efi-2022-07-rc1-2' of https://source.denx.de/u-boot/custodians/u-boot-efiWIP/15Apr2022
Pull request for efi-2022-07-rc1-2
Documentation:
* Describe env command
UEFI
* simplify Unicode string functions
* clean up the usage of GUIDs for capsule updates
47 files changed, 1188 insertions, 279 deletions
diff --git a/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c b/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c index 1656609..782025d 100644 --- a/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c +++ b/board/advantech/imx8mp_rsb3720a1/imx8mp_rsb3720a1.c @@ -6,6 +6,8 @@ #include <common.h> #include <dwc3-uboot.h> +#include <efi.h> +#include <efi_loader.h> #include <errno.h> #include <miiphy.h> #include <netdev.h> @@ -21,6 +23,7 @@ #include <asm/arch/clock.h> #include <asm/mach-imx/dma.h> #include <linux/delay.h> +#include <linux/kernel.h> #include <power/pmic.h> DECLARE_GLOBAL_DATA_PTR; @@ -44,6 +47,32 @@ static void setup_gpmi_nand(void) } #endif +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { +#if defined(CONFIG_TARGET_IMX8MP_RSB3720A1_4G) + { + .image_type_id = IMX8MP_RSB3720A1_4G_FIT_IMAGE_GUID, + .fw_name = u"IMX8MP-RSB3720-FIT", + .image_index = 1, + }, +#elif defined(CONFIG_TARGET_IMX8MP_RSB3720A1_6G) + { + .image_type_id = IMX8MP_RSB3720A1_6G_FIT_IMAGE_GUID, + .fw_name = u"IMX8MP-RSB3720-FIT", + .image_index = 1, + }, +#endif +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "mmc 2=flash-bin raw 0 0x1B00 mmcpart 1", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + + int board_early_init_f(void) { struct wdog_regs *wdog = (struct wdog_regs *)WDOG1_BASE_ADDR; diff --git a/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c b/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c index 27200f7..e6021a4 100644 --- a/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c +++ b/board/compulab/imx8mm-cl-iot-gate/imx8mm-cl-iot-gate.c @@ -5,6 +5,8 @@ */ #include <common.h> +#include <efi.h> +#include <efi_loader.h> #include <env.h> #include <extension_board.h> #include <hang.h> @@ -23,11 +25,37 @@ #include <asm/mach-imx/gpio.h> #include <asm/mach-imx/mxc_i2c.h> #include <asm/sections.h> +#include <linux/kernel.h> #include "ddr/ddr.h" DECLARE_GLOBAL_DATA_PTR; +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { +#if defined(CONFIG_TARGET_IMX8MM_CL_IOT_GATE) + { + .image_type_id = IMX8MM_CL_IOT_GATE_FIT_IMAGE_GUID, + .fw_name = u"IMX8MM-CL-IOT-GATE-FIT", + .image_index = 1, + }, +#elif defined(CONFIG_TARGET_IMX8MM_CL_IOT_GATE_OPTEE) + { + .image_type_id = IMX8MM_CL_IOT_GATE_OPTEE_FIT_IMAGE_GUID, + .fw_name = u"IMX8MM-CL-IOT-GATE-FIT", + .image_index = 1, + }, +#endif +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "mmc 2=flash-bin raw 0x42 0x1D00 mmcpart 1", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + int board_phys_sdram_size(phys_size_t *size) { struct lpddr4_tcm_desc *lpddr4_tcm_desc = diff --git a/board/emulation/common/qemu_dfu.c b/board/emulation/common/qemu_dfu.c index 62234a7..c1aeaf1 100644 --- a/board/emulation/common/qemu_dfu.c +++ b/board/emulation/common/qemu_dfu.c @@ -44,7 +44,8 @@ void set_dfu_alt_info(char *interface, char *devstr) ALLOC_CACHE_ALIGN_BUFFER(char, buf, DFU_ALT_BUF_LEN); - if (env_get("dfu_alt_info")) + if (!CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) && + env_get("dfu_alt_info")) return; memset(buf, 0, sizeof(buf)); diff --git a/board/emulation/qemu-arm/qemu-arm.c b/board/emulation/qemu-arm/qemu-arm.c index c9e886e..16237e2 100644 --- a/board/emulation/qemu-arm/qemu-arm.c +++ b/board/emulation/qemu-arm/qemu-arm.c @@ -6,15 +6,43 @@ #include <common.h> #include <cpu_func.h> #include <dm.h> +#include <efi.h> +#include <efi_loader.h> #include <fdtdec.h> #include <init.h> #include <log.h> #include <virtio_types.h> #include <virtio.h> +#include <linux/kernel.h> + #ifdef CONFIG_ARM64 #include <asm/armv8/mmu.h> +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { +#if defined(CONFIG_TARGET_QEMU_ARM_32BIT) + { + .image_type_id = QEMU_ARM_UBOOT_IMAGE_GUID, + .fw_name = u"Qemu-Arm-UBOOT", + .image_index = 1, + }, +#elif defined(CONFIG_TARGET_QEMU_ARM_64BIT) + { + .image_type_id = QEMU_ARM64_UBOOT_IMAGE_GUID, + .fw_name = u"Qemu-Arm-UBOOT", + .image_index = 1, + }, +#endif +}; + +struct efi_capsule_update_info update_info = { + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + static struct mm_region qemu_arm64_mem_map[] = { { /* Flash */ diff --git a/board/kontron/pitx_imx8m/pitx_imx8m.c b/board/kontron/pitx_imx8m/pitx_imx8m.c index d655fe0..d974af8 100644 --- a/board/kontron/pitx_imx8m/pitx_imx8m.c +++ b/board/kontron/pitx_imx8m/pitx_imx8m.c @@ -2,6 +2,8 @@ #include "pitx_misc.h" #include <common.h> +#include <efi.h> +#include <efi_loader.h> #include <init.h> #include <mmc.h> #include <miiphy.h> @@ -12,7 +14,7 @@ #include <asm/mach-imx/gpio.h> #include <asm/mach-imx/iomux-v3.h> #include <linux/delay.h> - +#include <linux/kernel.h> DECLARE_GLOBAL_DATA_PTR; @@ -30,6 +32,23 @@ static iomux_v3_cfg_t const uart_pads[] = { IMX8MQ_PAD_ECSPI1_MISO__UART3_CTS_B | MUX_PAD_CTRL(UART_PAD_CTRL), }; +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { + { + .image_type_id = KONTRON_PITX_IMX8M_FIT_IMAGE_GUID, + .fw_name = u"KONTRON-PITX-IMX8M-UBOOT", + .image_index = 1, + }, +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "mmc 0=flash-bin raw 0x42 0x1000 mmcpart 1", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + int board_early_init_f(void) { struct wdog_regs *wdog = (struct wdog_regs *)WDOG1_BASE_ADDR; diff --git a/board/kontron/sl-mx8mm/sl-mx8mm.c b/board/kontron/sl-mx8mm/sl-mx8mm.c index 48376cb..fea9327 100644 --- a/board/kontron/sl-mx8mm/sl-mx8mm.c +++ b/board/kontron/sl-mx8mm/sl-mx8mm.c @@ -6,12 +6,32 @@ #include <asm/arch/imx-regs.h> #include <asm/global_data.h> #include <asm/io.h> +#include <efi.h> +#include <efi_loader.h> #include <fdt_support.h> #include <linux/errno.h> +#include <linux/kernel.h> #include <net.h> DECLARE_GLOBAL_DATA_PTR; +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { + { + .image_type_id = KONTRON_SL_MX8MM_FIT_IMAGE_GUID, + .fw_name = u"KONTROL-SL-MX8MM-UBOOT", + .image_index = 1, + }, +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "sf 0:0=flash-bin raw 0x400 0x1f0000", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + int board_phys_sdram_size(phys_size_t *size) { u32 ddr_size = readl(M4_BOOTROM_BASE_ADDR); diff --git a/board/kontron/sl28/sl28.c b/board/kontron/sl28/sl28.c index 17bb457..32e9694 100644 --- a/board/kontron/sl28/sl28.c +++ b/board/kontron/sl28/sl28.c @@ -3,11 +3,14 @@ #include <common.h> #include <dm.h> #include <malloc.h> +#include <efi.h> +#include <efi_loader.h> #include <errno.h> #include <fsl_ddr.h> #include <fdt_support.h> #include <asm/global_data.h> #include <linux/libfdt.h> +#include <linux/kernel.h> #include <env_internal.h> #include <asm/arch-fsl-layerscape/soc.h> #include <asm/arch-fsl-layerscape/fsl_icid.h> @@ -23,6 +26,24 @@ DECLARE_GLOBAL_DATA_PTR; +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { + { + .image_type_id = KONTRON_SL28_FIT_IMAGE_GUID, + .fw_name = u"KONTRON-SL28-FIT", + .image_index = 1, + }, +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "sf 0:0=u-boot-bin raw 0x210000 0x1d0000;" + "u-boot-env raw 0x3e0000 0x20000", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + int board_early_init_f(void) { fsl_lsch3_early_init_f(); diff --git a/board/sandbox/sandbox.c b/board/sandbox/sandbox.c index 5d9a945..28ad6ef 100644 --- a/board/sandbox/sandbox.c +++ b/board/sandbox/sandbox.c @@ -7,6 +7,8 @@ #include <cpu_func.h> #include <cros_ec.h> #include <dm.h> +#include <efi.h> +#include <efi_loader.h> #include <env_internal.h> #include <init.h> #include <led.h> @@ -14,6 +16,7 @@ #include <asm/global_data.h> #include <asm/test.h> #include <asm/u-boot-sandbox.h> +#include <linux/kernel.h> #include <malloc.h> #include <extension_board.h> @@ -25,6 +28,37 @@ */ gd_t *gd; +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { +#if defined(CONFIG_EFI_CAPSULE_FIRMWARE_RAW) + { + .image_type_id = SANDBOX_UBOOT_IMAGE_GUID, + .fw_name = u"SANDBOX-UBOOT", + .image_index = 1, + }, + { + .image_type_id = SANDBOX_UBOOT_ENV_IMAGE_GUID, + .fw_name = u"SANDBOX-UBOOT-ENV", + .image_index = 2, + }, +#elif defined(CONFIG_EFI_CAPSULE_FIRMWARE_FIT) + { + .image_type_id = SANDBOX_FIT_IMAGE_GUID, + .fw_name = u"SANDBOX-FIT", + .image_index = 1, + }, +#endif +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "sf 0:0=u-boot-bin raw 0x100000 0x50000;" + "u-boot-env raw 0x150000 0x200000", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + #if !CONFIG_IS_ENABLED(OF_PLATDATA) /* * Add a simple GPIO device (don't use with of-platdata as it interferes with diff --git a/board/socionext/developerbox/developerbox.c b/board/socionext/developerbox/developerbox.c index 9552bfc..f5a5fe0 100644 --- a/board/socionext/developerbox/developerbox.c +++ b/board/socionext/developerbox/developerbox.c @@ -10,10 +10,43 @@ #include <asm/global_data.h> #include <asm/io.h> #include <common.h> +#include <efi.h> +#include <efi_loader.h> #include <env_internal.h> #include <fdt_support.h> #include <log.h> +#include <linux/kernel.h> + +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { + { + .image_type_id = DEVELOPERBOX_UBOOT_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-UBOOT", + .image_index = 1, + }, + { + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-FIP", + .image_index = 2, + }, + { + .image_type_id = DEVELOPERBOX_OPTEE_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-OPTEE", + .image_index = 3, + }, +}; + +struct efi_capsule_update_info update_info = { + .dfu_string = "mtd nor1=u-boot.bin raw 200000 100000;" + "fip.bin raw 180000 78000;" + "optee.bin raw 500000 100000", + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + static struct mm_region sc2a11_mem_map[] = { { .virt = 0x0UL, diff --git a/board/xilinx/common/board.c b/board/xilinx/common/board.c index 0769189..5be3090 100644 --- a/board/xilinx/common/board.c +++ b/board/xilinx/common/board.c @@ -5,6 +5,8 @@ */ #include <common.h> +#include <efi.h> +#include <efi_loader.h> #include <env.h> #include <log.h> #include <asm/global_data.h> @@ -20,9 +22,35 @@ #include <generated/dt.h> #include <soc.h> #include <linux/ctype.h> +#include <linux/kernel.h> #include "fru.h" +#if CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) +struct efi_fw_image fw_images[] = { +#if defined(XILINX_BOOT_IMAGE_GUID) + { + .image_type_id = XILINX_BOOT_IMAGE_GUID, + .fw_name = u"XILINX-BOOT", + .image_index = 1, + }, +#endif +#if defined(XILINX_UBOOT_IMAGE_GUID) + { + .image_type_id = XILINX_UBOOT_IMAGE_GUID, + .fw_name = u"XILINX-UBOOT", + .image_index = 2, + }, +#endif +}; + +struct efi_capsule_update_info update_info = { + .images = fw_images, +}; + +u8 num_image_type_guids = ARRAY_SIZE(fw_images); +#endif /* EFI_HAVE_CAPSULE_SUPPORT */ + #if defined(CONFIG_ZYNQ_GEM_I2C_MAC_OFFSET) int zynq_board_read_rom_ethaddr(unsigned char *ethaddr) { diff --git a/board/xilinx/zynq/board.c b/board/xilinx/zynq/board.c index 26ef048..63aff04 100644 --- a/board/xilinx/zynq/board.c +++ b/board/xilinx/zynq/board.c @@ -168,7 +168,8 @@ void set_dfu_alt_info(char *interface, char *devstr) { ALLOC_CACHE_ALIGN_BUFFER(char, buf, DFU_ALT_BUF_LEN); - if (env_get("dfu_alt_info")) + if (!CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) && + env_get("dfu_alt_info")) return; memset(buf, 0, sizeof(buf)); diff --git a/board/xilinx/zynqmp/zynqmp.c b/board/xilinx/zynqmp/zynqmp.c index e7e8e91..41ecc95 100644 --- a/board/xilinx/zynqmp/zynqmp.c +++ b/board/xilinx/zynqmp/zynqmp.c @@ -889,7 +889,8 @@ void set_dfu_alt_info(char *interface, char *devstr) ALLOC_CACHE_ALIGN_BUFFER(char, buf, DFU_ALT_BUF_LEN); - if (env_get("dfu_alt_info")) + if (!CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT) && + env_get("dfu_alt_info")) return; memset(buf, 0, sizeof(buf)); diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index a13fa2e..d7f22b3 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -245,7 +245,6 @@ CONFIG_ERRNO_STR=y CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y CONFIG_UNIT_TEST=y diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index 4d3e4f3..06dbf38 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -318,7 +318,6 @@ CONFIG_SHA384=y CONFIG_ERRNO_STR=y CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y diff --git a/configs/sandbox_flattree_defconfig b/configs/sandbox_flattree_defconfig index d799f7d..2e530ac 100644 --- a/configs/sandbox_flattree_defconfig +++ b/configs/sandbox_flattree_defconfig @@ -27,6 +27,7 @@ CONFIG_CMD_BOOTEFI_HELLO=y CONFIG_CMD_ASKENV=y CONFIG_CMD_GREPENV=y CONFIG_CMD_ERASEENV=y +CONFIG_CMD_NVEDIT_EFI=y CONFIG_CMD_NVEDIT_INFO=y CONFIG_CMD_NVEDIT_LOAD=y CONFIG_CMD_NVEDIT_SELECT=y @@ -208,3 +209,7 @@ CONFIG_HEXDUMP=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y +CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y +CONFIG_EFI_CAPSULE_ON_DISK=y +CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y +CONFIG_DFU_SF=y diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index fe337c8..753a4e5 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -312,8 +312,8 @@ Run the following command .. code-block:: console $ mkeficapsule \ - --index 1 --instance 0 \ - [--fit <FIT image> | --raw <raw image>] \ + --index <index> --instance 0 \ + --guid <image GUID> \ <capsule_file_name> Performing the update @@ -333,8 +333,104 @@ won't be taken over across the reboot. If this is the case, you can skip this feature check with the Kconfig option (CONFIG_EFI_IGNORE_OSINDICATIONS) set. +A few values need to be defined in the board file for performing the +capsule update. These values are defined in the board file by +initialisation of a structure which provides information needed for +capsule updates. The following structures have been defined for +containing the image related information + +.. code-block:: c + + struct efi_fw_image { + efi_guid_t image_type_id; + u16 *fw_name; + u8 image_index; + }; + + struct efi_capsule_update_info { + const char *dfu_string; + struct efi_fw_image *images; + }; + + +A string is defined which is to be used for populating the +dfu_alt_info variable. This string is used by the function +set_dfu_alt_info. Instead of taking the variable from the environment, +the capsule update feature requires that the variable be set through +the function, since that is more robust. Allowing the user to change +the location of the firmware updates is not a very secure +practice. Getting this information from the firmware itself is more +secure, assuming the firmware has been verified by a previous stage +boot loader. + +The firmware images structure defines the GUID values, image index +values and the name of the images that are to be updated through +the capsule update feature. These values are to be defined as part of +an array. These GUID values would be used by the Firmware Management +Protocol(FMP) to populate the image descriptor array and also +displayed as part of the ESRT table. The image index values defined in +the array should be one greater than the dfu alt number that +corresponds to the firmware image. So, if the dfu alt number for an +image is 2, the value of image index in the fw_images array for that +image should be 3. The dfu alt number can be obtained by running the +following command:: + + dfu list + +When using the FMP for FIT images, the image index value needs to be +set to 1. + Finally, the capsule update can be initiated by rebooting the board. +An example of setting the values in the struct efi_fw_image and +struct efi_capsule_update_info is shown below + +.. code-block:: c + + struct efi_fw_image fw_images[] = { + { + .image_type_id = DEVELOPERBOX_UBOOT_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-UBOOT", + .image_index = 1, + }, + { + .image_type_id = DEVELOPERBOX_FIP_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-FIP", + .image_index = 2, + }, + { + .image_type_id = DEVELOPERBOX_OPTEE_IMAGE_GUID, + .fw_name = u"DEVELOPERBOX-OPTEE", + .image_index = 3, + }, + }; + + struct efi_capsule_update_info update_info = { + .dfu_string = "mtd nor1=u-boot.bin raw 200000 100000;" + "fip.bin raw 180000 78000;" + "optee.bin raw 500000 100000", + .images = fw_images, + }; + +Platforms must declare a variable update_info of type struct +efi_capsule_update_info as shown in the example above. The platform +will also define a fw_images array which contains information of all +the firmware images that are to be updated through capsule update +mechanism. The dfu_string is the string that is to be set as +dfu_alt_info. In the example above, the image index to be set for +u-boot.bin binary is 0x1, for fip.bin is 0x2 and for optee.bin is 0x3. + +As an example, for generating the capsule for the optee.bin image, the +following command can be issued + +.. code-block:: bash + + $ ./tools/mkeficapsule \ + --index 0x3 --instance 0 \ + --guid c1b629f1-ce0e-4894-82bf-f0a38387e630 \ + optee.bin optee.capsule + + Enabling Capsule Authentication ******************************* diff --git a/doc/mkeficapsule.1 b/doc/mkeficapsule.1 index 8babb27..09bdc24 100644 --- a/doc/mkeficapsule.1 +++ b/doc/mkeficapsule.1 @@ -41,18 +41,6 @@ If you want to use other types than above two, you should explicitly specify a guid for the FMP driver. .SH "OPTIONS" -One of -.BR --fit ", " --raw " or " --guid -option must be specified. - -.TP -.BR -f ", " --fit -Indicate that the blob is a FIT image file - -.TP -.BR -r ", " --raw -Indicate that the blob is a raw image file - .TP .BI "-g\fR,\fB --guid " guid-string Specify guid for image blob type. The format is: diff --git a/doc/usage/cmd/askenv.rst b/doc/usage/cmd/askenv.rst index 5c4ca35..347bd59 100644 --- a/doc/usage/cmd/askenv.rst +++ b/doc/usage/cmd/askenv.rst @@ -16,6 +16,8 @@ Description Display message and get environment variable name of max size characters from stdin. +See also *env ask* in :doc:`env`. + name name of the environment variable diff --git a/doc/usage/cmd/env.rst b/doc/usage/cmd/env.rst new file mode 100644 index 0000000..1bebfa4 --- /dev/null +++ b/doc/usage/cmd/env.rst @@ -0,0 +1,381 @@ +.. SPDX-License-Identifier: GPL-2.0-or-later: + +env command +=========== + +Synopsis +-------- + +:: + + env ask name [message] [size] + env callbacks + env default [-f] (-a | var [...]) + env delete [-f] var [...] + env edit name + env exists name + env export [-t | -b | -c] [-s size] addr [var ...] + env flags + env grep [-e] [-n | -v | -b] string [...] + env import [-d] [-t [-r] | -b | -c] addr [size] [var ...] + env info [-d] [-p] [-q] + env print [-a | name ...] + env print -e [-guid guid] [-n] [name ...] + env run var [...] + env save + env erase + env load + env select [target] + env set [-f] name [value] + env set -e [-nv][-bs][-rt][-at][-a][-i addr:size][-v] name [value] + +Description +----------- + +The *env* commands is used to handle the U-Boot (:doc:`../environment`) or +the UEFI variables. + +The next commands are kept as alias and for compatibility: + ++ *editenv* = *env edit* ++ *grepenv* = *env grep* ++ *setenv* = *env set* ++ *askenv* = *env ask* ++ *run* = *env run* + +Ask +~~~ + +The *env ask* command asks for the new value of an environment variable +(alias :doc:`askenv`). + + name + name of the environment variable. + + message + message to be displayed while the command waits for the value to be + entered from stdin. If no message is specified, a default message + "Please enter name:" will be displayed. + + size + maximum number of characters that will be stored in the environment + variable name. This is in decimal number format (unlike in + other commands where size values are hexa-decimal). The default + value of size is 1023 (CONFIG_SYS_CBSIZE - 1). + +Callbacks +~~~~~~~~~ + +The *env callbacks* command prints callbacks and their associated variables. + +Default +~~~~~~~ + +The *env default* command resets the selected variables in the U-Boot +environment to their default values. + + var + list of variable name. + \-a + all U-Boot environment. + \-f + forcibly, overwrite read-only/write-once variables. + +Delete +~~~~~~ + +The *env delete* command deletes the selected variables from the U-Boot +environment. + + var + name of the variable to delete. + \-f + forcibly, overwrite read-only/write-once variables. + +Edit +~~~~ + +The *env edit* command edits an environment variable. + + name + name of the variable. + +Exists +~~~~~~ + +The *env exists* command tests for existence of variable. + + name + name of the variable. + +Export +~~~~~~ + +The *env export* command exports the U-Boot environment in memory; on success, +the variable $filesize will be set. + + addr + memory address where environment gets stored. + var + list of variable names that get included into the export. + Without arguments, the whole environment gets exported. + \-b + export as binary format (name=value pairs separated by + list end marked by double "\0\0"). + \-t + export as text format; if size is given, data will be + padded with '\0' bytes; if not, one terminating '\0' + will be added. + \-c + Export as checksum protected environment format as used by + 'env save' command. + \-s size + size of output buffer. + +Flags +~~~~~ + +The *env flags* command prints variables that have non-default flags. + +Grep +~~~~ + +The *env grep* command searches environment, list environment name=value pairs +matching the requested 'string'. + + string + string to search in U-Boot environment. + \-e + enable regular expressions. + \-n + search string in variable names. + \-v + search string in vairable values. + \-b + search both names and values (default). + +Import +~~~~~~ + +The *env import* command imports environment from memory. + + addr + memory address to read from. + size + length of input data; if missing, proper '\0' termination is mandatory + if var is set and size should be missing (i.e. '\0' termination), + set size to '-'. + var + List of the names of the only variables that get imported from + the environment at address 'addr'. Without arguments, the whole + environment gets imported. + \-d + delete existing environment before importing if no var is passed; + if vars are passed, if one var is in the current environment but not + in the environment at addr, delete var from current environment; + otherwise overwrite / append to existing definitions. + \-t + assume text format; either "size" must be given or the text data must + be '\0' terminated. + \-r + handle CRLF like LF, that means exported variables with a content which + ends with \r won't get imported. Used to import text files created with + editors which are using CRLF for line endings. + Only effective in addition to -t. + \-b + assume binary format ('\0' separated, "\0\0" terminated). + \-c + assume checksum protected environment format. + +Info +~~~~ + +The *env info* command displays (without argument) or evaluates the U-Boot +environment information. + + \-d + evaluate if the default environment is used. + \-p + evaluate if environment can be persisted. + \-q + quiet output, use only for command result, by example with + 'test' command. + +Print +~~~~~ + +The *env print* command prints the selected variables in U-Boot environment or +in UEFI variables. + + name + list of variable name. + \-a + all U-Boot environment, when 'name' is absent. + \-e + print UEFI variables, all by default when 'name'. + \-guid guid + print only the UEFI variables matching this GUID (any by default) + with guid format = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx". + \-n + suppress dumping variable's value for UEFI. + +Run +~~~ + +The *env run* command runs commands in an environment variable. + + var + name of the variable. + +Save +~~~~ + +The *env save* command saves the U-Boot environment in persistent storage. + +Erase +~~~~~ + +The *env erase* command erases the U-Boot environment. + +Load +~~~~ + +The *env load* command loads the U-Boot environment from persistent storage. + +Select +~~~~~~ + +The *env select* command selects an U-Boot environment target, it is useful to +overid the default location when several U-Boot environment backend are +availables. + + target + name of the U-Boot environment backend to select: EEPROM, EXT4, FAT, + Flash, MMC, NAND, nowhere, NVRAM, OneNAND, Remote, SATA, SPIFlash, UBI. + + +Set +~~~ + +The *env set* command sets or delete (when 'value' or '-i' are absent) +U-Boot variable in environment or UEFI variables (when -e is specified). + + name + variable name to modify. + value + when present, set the environment variable 'name' to 'value' + when absent, delete the environment variable 'name'. + \-f + forcibly, overwrite read-only/write-once U-Boot variables. + \-e + update UEFI variables. + \-nv + set non-volatile attribute (UEFI). + \-bs + set boot-service attribute (UEFI). + \-rt + set runtime attribute (UEFI). + \-at + set time-based authentication attribute (UEFI). + \-a + append-write (UEFI). + \-i addr:size + use <addr,size> as variable's value (UEFI). + \-v + verbose message (UEFI). + +Example +------- + +Print the U-Boot environment variables:: + + => env print -a + => env print bootcmd stdout + +Update environment variable in memory:: + + => env set bootcmd "run distro_bootcmd" + => env set stdout "serial,vidconsole" + +Delete environment variable in memory:: + + => env delete bootcmd + => env set bootcmd + +Reset environment variable to default value, in memory:: + + => env default bootcmd + => env default -a + +Save current environment in persistent storage:: + + => env save + +Restore the default environment in persistent storage:: + + => env erase + +Create a text snapshot/backup of the current settings in RAM +(${filesize} can be use to save the snapshot in file):: + + => env export -t ${backup_addr} + +Re-import this snapshot, deleting all other settings:: + + => env import -d -t ${backup_addr} + +Save environment if default enviromnent is used and persistent storage is +selected:: + + => if env info -p -d -q; then env save; fi + +Configuration +------------- + +The env command is always available but some sub-commands depend on +configuration options: + +ask + CONFIG_CMD_ASKENV + +callback + CONFIG_CMD_ENV_CALLBACK + +edit + CONFIG_CMD_EDITENV + +exists + CONFIG_CMD_ENV_EXISTS + +flsgs + CONFIG_CMD_ENV_FLAGS + +erase + CONFIG_CMD_ERASEENV + +export + CONFIG_CMD_EXPORTENV + +grep + CONFIG_CMD_GREPENV, CONFIG_REGEX for '-e' option + +import + CONFIG_CMD_IMPORTENV + +info + CONFIG_CMD_NVEDIT_INFO + +load + CONFIG_CMD_NVEDIT_LOAD + +run + CONFIG_CMD_RUN + +save + CONFIG_CMD_SAVEENV + +select + CONFIG_CMD_NVEDIT_SELECT + +set, print + CONFIG_CMD_NVEDIT_EFI for '-e' option diff --git a/doc/usage/cmdline.rst b/doc/usage/cmdline.rst index 88f18c9..58240c5 100644 --- a/doc/usage/cmdline.rst +++ b/doc/usage/cmdline.rst @@ -14,7 +14,7 @@ Simple command-line parser This takes very little code space and offers only basic features: -- supports environment variables (through setenv / saveenv commands) +- supports environment variables (through :doc:`cmd/env`) - several commands on one line, separated by ';' - variable substitution using "... ${name} ..." syntax - special characters ('$', ';') can be escaped by prefixing with '\', diff --git a/doc/usage/environment.rst b/doc/usage/environment.rst index 80550fc..dc61703 100644 --- a/doc/usage/environment.rst +++ b/doc/usage/environment.rst @@ -15,6 +15,8 @@ environment. As long as you don't save the environment, you are working with an in-memory copy. In case the Flash area containing the environment is erased by accident, a default environment is provided. +See :doc:`cmd/env` for details. + Some configuration is controlled by Environment Variables, so that setting the variable can adjust the behaviour of U-Boot (e.g. autoboot delay, autoloading from tftp). diff --git a/doc/usage/index.rst b/doc/usage/index.rst index f457bff..f343e4e 100644 --- a/doc/usage/index.rst +++ b/doc/usage/index.rst @@ -30,6 +30,7 @@ Shell commands cmd/cbsysinfo cmd/conitrace cmd/echo + cmd/env cmd/event cmd/exception cmd/extension diff --git a/include/charset.h b/include/charset.h index b93d023..38908e0 100644 --- a/include/charset.h +++ b/include/charset.h @@ -201,18 +201,6 @@ int u16_strncmp(const u16 *s1, const u16 *s2, size_t n); #define u16_strcmp(s1, s2) u16_strncmp((s1), (s2), SIZE_MAX) /** - * u16_strlen - count non-zero words - * - * This function matches wsclen() if the -fshort-wchar compiler flag is set. - * In the EFI context we explicitly need a function handling u16 strings. - * - * @in: null terminated u16 string - * Return: number of non-zero words. - * This is not the number of utf-16 letters! - */ -size_t u16_strlen(const void *in); - -/** * u16_strsize() - count size of u16 string in bytes including the null * character * @@ -237,6 +225,20 @@ size_t u16_strsize(const void *in); size_t u16_strnlen(const u16 *in, size_t count); /** + * u16_strlen - count non-zero words + * + * This function matches wsclen() if the -fshort-wchar compiler flag is set. + * In the EFI context we explicitly need a function handling u16 strings. + * + * @in: null terminated u16 string + * Return: number of non-zero words. + * This is not the number of utf-16 letters! + */ +size_t u16_strlen(const void *in); + +#define u16_strlen(in) u16_strnlen(in, SIZE_MAX) + +/** * u16_strcpy() - copy u16 string * * Copy u16 string pointed to by src, including terminating null word, to diff --git a/include/configs/imx8mm-cl-iot-gate.h b/include/configs/imx8mm-cl-iot-gate.h index 14d3f3c..b2cde03 100644 --- a/include/configs/imx8mm-cl-iot-gate.h +++ b/include/configs/imx8mm-cl-iot-gate.h @@ -31,6 +31,15 @@ #endif +/* GUIDs for capsule updatable firmware images */ +#define IMX8MM_CL_IOT_GATE_FIT_IMAGE_GUID \ + EFI_GUID(0x7a32a939, 0xab92, 0x467b, 0x91, 0x52, \ + 0x74, 0x77, 0x1b, 0x95, 0xe6, 0x46) + +#define IMX8MM_CL_IOT_GATE_OPTEE_FIT_IMAGE_GUID \ + EFI_GUID(0x0bf1165c, 0x1831, 0x4864, 0x94, 0x5e, \ + 0xac, 0x3d, 0x38, 0x48, 0xf4, 0x99) + #if CONFIG_IS_ENABLED(CMD_MMC) # define BOOT_TARGET_MMC(func) \ func(MMC, mmc, 2) \ diff --git a/include/configs/imx8mp_rsb3720.h b/include/configs/imx8mp_rsb3720.h index 62e06d2..2553f0d 100644 --- a/include/configs/imx8mp_rsb3720.h +++ b/include/configs/imx8mp_rsb3720.h @@ -18,6 +18,15 @@ #define CONFIG_SYS_MONITOR_LEN (512 * 1024) #define CONFIG_SYS_UBOOT_BASE (QSPI0_AMBA_BASE + CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR * 512) +/* GUIDs for capsule updatable firmware images */ +#define IMX8MP_RSB3720A1_4G_FIT_IMAGE_GUID \ + EFI_GUID(0xb1251e89, 0x384a, 0x4635, 0xa8, 0x06, \ + 0x3a, 0xa0, 0xb0, 0xe9, 0xf9, 0x65) + +#define IMX8MP_RSB3720A1_6G_FIT_IMAGE_GUID \ + EFI_GUID(0xb5fb6f08, 0xe142, 0x4db1, 0x97, 0xea, \ + 0x5f, 0xd3, 0x6b, 0x9b, 0xe5, 0xb9) + #ifdef CONFIG_SPL_BUILD #define CONFIG_SPL_STACK 0x960000 #define CONFIG_SPL_BSS_START_ADDR 0x0098FC00 diff --git a/include/configs/kontron-sl-mx8mm.h b/include/configs/kontron-sl-mx8mm.h index 788ae77..1b429f7 100644 --- a/include/configs/kontron-sl-mx8mm.h +++ b/include/configs/kontron-sl-mx8mm.h @@ -38,6 +38,11 @@ #define CONFIG_USB_MAX_CONTROLLER_COUNT 2 #endif +/* GUID for capsule updatable firmware image */ +#define KONTRON_SL_MX8MM_FIT_IMAGE_GUID \ + EFI_GUID(0xd488e45a, 0x4929, 0x4b55, 0x8c, 0x14, \ + 0x86, 0xce, 0xa2, 0xcd, 0x66, 0x29) + #ifndef CONFIG_SPL_BUILD #define BOOT_TARGET_DEVICES(func) \ func(MMC, mmc, 1) \ diff --git a/include/configs/kontron_pitx_imx8m.h b/include/configs/kontron_pitx_imx8m.h index f96240c..e8e9292 100644 --- a/include/configs/kontron_pitx_imx8m.h +++ b/include/configs/kontron_pitx_imx8m.h @@ -12,6 +12,11 @@ #define CONFIG_SPL_MAX_SIZE (124 * SZ_1K) #define CONFIG_SYS_MONITOR_LEN (512 * SZ_1K) +/* GUID for capsule updatable firmware image */ +#define KONTRON_PITX_IMX8M_FIT_IMAGE_GUID \ + EFI_GUID(0xc898e959, 0x5b1f, 0x4e6d, 0x88, 0xe0, \ + 0x40, 0xd4, 0x5c, 0xca, 0x13, 0x99) + #ifdef CONFIG_SPL_BUILD #define CONFIG_SPL_STACK 0x187FF0 #define CONFIG_SPL_BSS_START_ADDR 0x00180000 diff --git a/include/configs/kontron_sl28.h b/include/configs/kontron_sl28.h index 97286b6..c3ab049 100644 --- a/include/configs/kontron_sl28.h +++ b/include/configs/kontron_sl28.h @@ -52,6 +52,11 @@ #define CONFIG_SYS_SPL_MALLOC_START 0x80200000 #define CONFIG_SYS_MONITOR_LEN (1024 * 1024) +/* GUID for capsule updatable firmware image */ +#define KONTRON_SL28_FIT_IMAGE_GUID \ + EFI_GUID(0x86ebd44f, 0xfeb8, 0x466f, 0x8b, 0xb8, \ + 0x89, 0x06, 0x18, 0x45, 0x6d, 0x8b) + /* environment */ /* see include/configs/ti_armv7_common.h */ #define ENV_MEM_LAYOUT_SETTINGS \ diff --git a/include/configs/qemu-arm.h b/include/configs/qemu-arm.h index 3ad1cf3..550e26f 100644 --- a/include/configs/qemu-arm.h +++ b/include/configs/qemu-arm.h @@ -17,6 +17,15 @@ #define CONFIG_SYS_BOOTM_LEN SZ_64M +/* GUIDs for capsule updatable firmware images */ +#define QEMU_ARM_UBOOT_IMAGE_GUID \ + EFI_GUID(0xf885b085, 0x99f8, 0x45af, 0x84, 0x7d, \ + 0xd5, 0x14, 0x10, 0x7a, 0x4a, 0x2c) + +#define QEMU_ARM64_UBOOT_IMAGE_GUID \ + EFI_GUID(0x058b7d83, 0x50d5, 0x4c47, 0xa1, 0x95, \ + 0x60, 0xd8, 0x6a, 0xd3, 0x41, 0xc4) + /* For timer, QEMU emulates an ARMv7/ARMv8 architected timer */ /* Environment options */ diff --git a/include/configs/sandbox.h b/include/configs/sandbox.h index 71b4799..7b6db46 100644 --- a/include/configs/sandbox.h +++ b/include/configs/sandbox.h @@ -14,6 +14,19 @@ #define CONFIG_SYS_CBSIZE 1024 /* Console I/O Buffer Size */ +/* GUIDs for capsule updatable firmware images */ +#define SANDBOX_UBOOT_IMAGE_GUID \ + EFI_GUID(0x09d7cf52, 0x0720, 0x4710, 0x91, 0xd1, \ + 0x08, 0x46, 0x9b, 0x7f, 0xe9, 0xc8) + +#define SANDBOX_UBOOT_ENV_IMAGE_GUID \ + EFI_GUID(0x5a7021f5, 0xfef2, 0x48b4, 0xaa, 0xba, \ + 0x83, 0x2e, 0x77, 0x74, 0x18, 0xc0) + +#define SANDBOX_FIT_IMAGE_GUID \ + EFI_GUID(0x3673b45d, 0x6a7c, 0x46f3, 0x9e, 0x60, \ + 0xad, 0xab, 0xb0, 0x3f, 0x79, 0x37) + /* Size of our emulated memory */ #define SB_CONCAT(x, y) x ## y #define SB_TO_UL(s) SB_CONCAT(s, UL) diff --git a/include/configs/synquacer.h b/include/configs/synquacer.h index 8dd092f..5686a5b 100644 --- a/include/configs/synquacer.h +++ b/include/configs/synquacer.h @@ -51,6 +51,19 @@ "fip.bin raw 180000 78000;" \ "optee.bin raw 500000 100000\0" +/* GUIDs for capsule updatable firmware images */ +#define DEVELOPERBOX_UBOOT_IMAGE_GUID \ + EFI_GUID(0x53a92e83, 0x4ef4, 0x473a, 0x8b, 0x0d, \ + 0xb5, 0xd8, 0xc7, 0xb2, 0xd6, 0x00) + +#define DEVELOPERBOX_FIP_IMAGE_GUID \ + EFI_GUID(0x880866e9, 0x84ba, 0x4793, 0xa9, 0x08, \ + 0x33, 0xe0, 0xb9, 0x16, 0xf3, 0x98) + +#define DEVELOPERBOX_OPTEE_IMAGE_GUID \ + EFI_GUID(0xc1b629f1, 0xce0e, 0x4894, 0x82, 0xbf, \ + 0xf0, 0xa3, 0x83, 0x87, 0xe6, 0x30) + /* Distro boot settings */ #ifndef CONFIG_SPL_BUILD #ifdef CONFIG_CMD_USB diff --git a/include/configs/xilinx_versal.h b/include/configs/xilinx_versal.h index 80e9411..b025d26 100644 --- a/include/configs/xilinx_versal.h +++ b/include/configs/xilinx_versal.h @@ -25,6 +25,11 @@ #define CONFIG_SYS_BAUDRATE_TABLE \ { 4800, 9600, 19200, 38400, 57600, 115200 } +/* GUID for capsule updatable firmware image */ +#define XILINX_BOOT_IMAGE_GUID \ + EFI_GUID(0x20c5fba5, 0x0171, 0x457f, 0xb9, 0xcd, \ + 0xf5, 0x12, 0x9c, 0xd0, 0x72, 0x28) + /* Miscellaneous configurable options */ /* Monitor Command Prompt */ diff --git a/include/configs/xilinx_zynqmp.h b/include/configs/xilinx_zynqmp.h index 1985a09..e5e700d 100644 --- a/include/configs/xilinx_zynqmp.h +++ b/include/configs/xilinx_zynqmp.h @@ -25,6 +25,15 @@ #define CONFIG_SYS_BAUDRATE_TABLE \ { 4800, 9600, 19200, 38400, 57600, 115200 } +/* GUIDs for capsule updatable firmware images */ +#define XILINX_BOOT_IMAGE_GUID \ + EFI_GUID(0xde6066e8, 0x0256, 0x4fad, 0x82, 0x38, \ + 0xe4, 0x06, 0xe2, 0x74, 0xc4, 0xcf) + +#define XILINX_UBOOT_IMAGE_GUID \ + EFI_GUID(0xcf9ecfd4, 0x938b, 0x41c5, 0x85, 0x51, \ + 0x1f, 0x88, 0x3a, 0xb7, 0xdc, 0x18) + #ifdef CONFIG_NAND_ARASAN # define CONFIG_SYS_MAX_NAND_DEVICE 1 #endif diff --git a/include/configs/zynq-common.h b/include/configs/zynq-common.h index c92f796..bd88b59 100644 --- a/include/configs/zynq-common.h +++ b/include/configs/zynq-common.h @@ -20,6 +20,15 @@ #define CONFIG_SYS_TIMER_COUNTS_DOWN #define CONFIG_SYS_TIMER_COUNTER (CONFIG_SYS_TIMERBASE + 0x4) +/* GUIDs for capsule updatable firmware images */ +#define XILINX_BOOT_IMAGE_GUID \ + EFI_GUID(0x1ba29a15, 0x9969, 0x40aa, 0xb4, 0x24, \ + 0xe8, 0x61, 0x21, 0x61, 0x86, 0x64) + +#define XILINX_UBOOT_IMAGE_GUID \ + EFI_GUID(0x1a5178f0, 0x87d3, 0x4f36, 0xac, 0x63, \ + 0x3b, 0x31, 0xa2, 0x3b, 0xe3, 0x05) + /* Serial drivers */ /* The following table includes the supported baudrates */ #define CONFIG_SYS_BAUDRATE_TABLE \ diff --git a/include/efi_api.h b/include/efi_api.h index 982c200..c7f7873 100644 --- a/include/efi_api.h +++ b/include/efi_api.h @@ -1967,14 +1967,6 @@ struct efi_signature_list { EFI_GUID(0x86c77a67, 0x0b97, 0x4633, 0xa1, 0x87, \ 0x49, 0x10, 0x4d, 0x06, 0x85, 0xc7) -#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID \ - EFI_GUID(0xae13ff2d, 0x9ad4, 0x4e25, 0x9a, 0xc8, \ - 0x6d, 0x80, 0xb3, 0xb2, 0x21, 0x47) - -#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID \ - EFI_GUID(0xe2bb9c06, 0x70e9, 0x4b14, 0x97, 0xa3, \ - 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f) - #define IMAGE_ATTRIBUTE_IMAGE_UPDATABLE 0x0000000000000001 #define IMAGE_ATTRIBUTE_RESET_REQUIRED 0x0000000000000002 #define IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED 0x0000000000000004 diff --git a/include/efi_loader.h b/include/efi_loader.h index af36639..c52ea59 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -980,6 +980,42 @@ efi_status_t efi_capsule_authenticate(const void *capsule, #define EFI_CAPSULE_DIR u"\\EFI\\UpdateCapsule\\" /** + * struct efi_fw_image - Information on firmware images updatable through + * capsule update + * + * This structure gives information about the firmware images on the platform + * which can be updated through the capsule update mechanism + * + * @image_type_id: Image GUID. Same value is to be used in the capsule + * @fw_name: Name of the firmware image + * @image_index: Image Index, same as value passed to SetImage FMP + * function + */ +struct efi_fw_image { + efi_guid_t image_type_id; + u16 *fw_name; + u8 image_index; +}; + +/** + * struct efi_capsule_update_info - Information needed for capsule updates + * + * This structure provides information needed for performing firmware + * updates. The structure needs to be initialised per platform, for all + * platforms which enable capsule updates + * + * @dfu_string: String used to populate dfu_alt_info + * @images: Pointer to an array of updatable images + */ +struct efi_capsule_update_info { + const char *dfu_string; + struct efi_fw_image *images; +}; + +extern struct efi_capsule_update_info update_info; +extern u8 num_image_type_guids; + +/** * Install the ESRT system table. * * Return: status code diff --git a/lib/charset.c b/lib/charset.c index f44c58d..de201cf 100644 --- a/lib/charset.c +++ b/lib/charset.c @@ -375,18 +375,6 @@ int u16_strncmp(const u16 *s1, const u16 *s2, size_t n) return ret; } -size_t u16_strlen(const void *in) -{ - const char *pos = in; - size_t ret; - - for (; pos[0] || pos[1]; pos += 2) - ; - ret = pos - (char *)in; - ret >>= 1; - return ret; -} - size_t __efi_runtime u16_strnlen(const u16 *in, size_t count) { size_t i; @@ -419,7 +407,7 @@ u16 *u16_strdup(const void *src) if (!src) return NULL; - len = (u16_strlen(src) + 1) * sizeof(u16); + len = u16_strsize(src); new = malloc(len); if (!new) return NULL; diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index 559b95a..d50cd25 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -181,6 +181,7 @@ config EFI_CAPSULE_FIRMWARE_FIT depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT select UPDATE_FIT select DFU + select SET_DFU_ALT_INFO select EFI_CAPSULE_FIRMWARE help Select this option if you want to enable firmware management protocol @@ -192,6 +193,7 @@ config EFI_CAPSULE_FIRMWARE_RAW depends on SANDBOX || (!SANDBOX && !EFI_CAPSULE_FIRMWARE_FIT) select DFU_WRITE_ALT select DFU + select SET_DFU_ALT_INFO select EFI_CAPSULE_FIRMWARE help Select this option if you want to enable firmware management protocol diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index a107f28..c76a5f3 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -129,6 +129,7 @@ void set_capsule_result(int index, struct efi_capsule_header *capsule, /** * efi_fmp_find - search for Firmware Management Protocol drivers * @image_type: Image type guid + * @image_index: Image Index * @instance: Instance number * @handles: Handles of FMP drivers * @no_handles: Number of handles @@ -142,8 +143,8 @@ void set_capsule_result(int index, struct efi_capsule_header *capsule, * * NULL - on failure */ static struct efi_firmware_management_protocol * -efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles, - efi_uintn_t no_handles) +efi_fmp_find(efi_guid_t *image_type, u8 image_index, u64 instance, + efi_handle_t *handles, efi_uintn_t no_handles) { efi_handle_t *handle; struct efi_firmware_management_protocol *fmp; @@ -204,6 +205,7 @@ efi_fmp_find(efi_guid_t *image_type, u64 instance, efi_handle_t *handles, log_debug("+++ desc[%d] index: %d, name: %ls\n", j, desc->image_index, desc->image_id_name); if (!guidcmp(&desc->image_type_id, image_type) && + (desc->image_index == image_index) && (!instance || !desc->hardware_instance || desc->hardware_instance == instance)) @@ -450,8 +452,8 @@ static efi_status_t efi_capsule_update_firmware( } /* find a device for update firmware */ - /* TODO: should we pass index as well, or nothing but type? */ fmp = efi_fmp_find(&image->update_image_type_id, + image->update_image_index, image->update_hardware_instance, handles, no_handles); if (!fmp) { diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index a5ff32f..27953fe 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -35,6 +35,11 @@ struct fmp_payload_header { u32 lowest_supported_version; }; +__weak void set_dfu_alt_info(char *interface, char *devstr) +{ + env_set("dfu_alt_info", update_info.dfu_string); +} + /* Place holder; not supported */ static efi_status_t EFIAPI efi_firmware_get_image_unsupported( @@ -97,91 +102,57 @@ efi_status_t EFIAPI efi_firmware_set_package_info_unsupported( } /** - * efi_get_dfu_info - return information about the current firmware image - * @this: Protocol instance + * efi_fill_image_desc_array - populate image descriptor array * @image_info_size: Size of @image_info * @image_info: Image information * @descriptor_version: Pointer to version number - * @descriptor_count: Pointer to number of descriptors + * @descriptor_count: Image count * @descriptor_size: Pointer to descriptor size - * package_version: Package version - * package_version_name: Package version's name - * image_type: Image type GUID + * @package_version: Package version + * @package_version_name: Package version's name * - * Return information bout the current firmware image in @image_info. + * Return information about the current firmware image in @image_info. * @image_info will consist of a number of descriptors. - * Each descriptor will be created based on "dfu_alt_info" variable. + * Each descriptor will be created based on efi_fw_image array. * * Return status code */ -static efi_status_t efi_get_dfu_info( +static efi_status_t efi_fill_image_desc_array( efi_uintn_t *image_info_size, struct efi_firmware_image_descriptor *image_info, u32 *descriptor_version, u8 *descriptor_count, efi_uintn_t *descriptor_size, u32 *package_version, - u16 **package_version_name, - const efi_guid_t *image_type) + u16 **package_version_name) { - struct dfu_entity *dfu; - size_t names_len, total_size; - int dfu_num, i; - u16 *name, *next; - int ret; - - ret = dfu_init_env_entities(NULL, NULL); - if (ret) - return EFI_SUCCESS; - - names_len = 0; - dfu_num = 0; - list_for_each_entry(dfu, &dfu_list, list) { - names_len += (utf8_utf16_strlen(dfu->name) + 1) * 2; - dfu_num++; - } - if (!dfu_num) { - log_warning("No entities in dfu_alt_info\n"); - *image_info_size = 0; - dfu_free_entities(); + size_t total_size; + struct efi_fw_image *fw_array; + int i; - return EFI_SUCCESS; - } + fw_array = update_info.images; + *descriptor_count = num_image_type_guids; + + total_size = sizeof(*image_info) * num_image_type_guids; - total_size = sizeof(*image_info) * dfu_num + names_len; - /* - * we will assume that sizeof(*image_info) * dfu_name - * is, at least, a multiple of 2. So the start address for - * image_id_name would be aligned with 2 bytes. - */ if (*image_info_size < total_size) { *image_info_size = total_size; - dfu_free_entities(); return EFI_BUFFER_TOO_SMALL; } *image_info_size = total_size; *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION; - *descriptor_count = dfu_num; *descriptor_size = sizeof(*image_info); *package_version = 0xffffffff; /* not supported */ *package_version_name = NULL; /* not supported */ - /* DFU alt number should correspond to image_index */ - i = 0; - /* Name area starts just after descriptors */ - name = (u16 *)((u8 *)image_info + sizeof(*image_info) * dfu_num); - next = name; - list_for_each_entry(dfu, &dfu_list, list) { - image_info[i].image_index = dfu->alt + 1; - image_info[i].image_type_id = *image_type; - image_info[i].image_id = dfu->alt; - - /* copy the DFU entity name */ - utf8_utf16_strcpy(&next, dfu->name); - image_info[i].image_id_name = name; - name = ++next; + for (i = 0; i < num_image_type_guids; i++) { + image_info[i].image_index = fw_array[i].image_index; + image_info[i].image_type_id = fw_array[i].image_type_id; + image_info[i].image_id = fw_array[i].image_index; + + image_info[i].image_id_name = fw_array[i].fw_name; image_info[i].version = 0; /* not supported */ image_info[i].version_name = NULL; /* not supported */ @@ -202,12 +173,8 @@ static efi_status_t efi_get_dfu_info( image_info[i].last_attempt_status = LAST_ATTEMPT_STATUS_SUCCESS; image_info[i].hardware_instance = 1; image_info[i].dependencies = NULL; - - i++; } - dfu_free_entities(); - return EFI_SUCCESS; } @@ -220,8 +187,6 @@ static efi_status_t efi_get_dfu_info( * - versioning of firmware image * - package information */ -const efi_guid_t efi_firmware_image_type_uboot_fit = - EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID; /** * efi_firmware_fit_get_image_info - return information about the current @@ -267,11 +232,10 @@ efi_status_t EFIAPI efi_firmware_fit_get_image_info( !descriptor_size || !package_version || !package_version_name)) return EFI_EXIT(EFI_INVALID_PARAMETER); - ret = efi_get_dfu_info(image_info_size, image_info, - descriptor_version, descriptor_count, - descriptor_size, - package_version, package_version_name, - &efi_firmware_image_type_uboot_fit); + ret = efi_fill_image_desc_array(image_info_size, image_info, + descriptor_version, descriptor_count, + descriptor_size, package_version, + package_version_name); return EFI_EXIT(ret); } @@ -329,8 +293,6 @@ const struct efi_firmware_management_protocol efi_fmp_fit = { * This FIRMWARE_MANAGEMENT_PROTOCOL driver provides a firmware update * method with raw data. */ -const efi_guid_t efi_firmware_image_type_uboot_raw = - EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID; /** * efi_firmware_raw_get_image_info - return information about the current @@ -376,11 +338,10 @@ efi_status_t EFIAPI efi_firmware_raw_get_image_info( !descriptor_size || !package_version || !package_version_name)) return EFI_EXIT(EFI_INVALID_PARAMETER); - ret = efi_get_dfu_info(image_info_size, image_info, - descriptor_version, descriptor_count, - descriptor_size, - package_version, package_version_name, - &efi_firmware_image_type_uboot_raw); + ret = efi_fill_image_desc_array(image_info_size, image_info, + descriptor_version, descriptor_count, + descriptor_size, package_version, + package_version_name); return EFI_EXIT(ret); } diff --git a/lib/efi_loader/efi_hii.c b/lib/efi_loader/efi_hii.c index 9f87e95..75ff58a 100644 --- a/lib/efi_loader/efi_hii.c +++ b/lib/efi_loader/efi_hii.c @@ -900,7 +900,7 @@ get_string(const struct efi_hii_string_protocol *this, str = stbl->strings[string_id - 1].string; if (str) { - len = (u16_strlen(str) + 1) * sizeof(u16); + len = u16_strsize(str); if (*string_size < len) { *string_size = len; diff --git a/lib/efi_loader/efi_load_options.c b/lib/efi_loader/efi_load_options.c index 68cd85b..71454f0 100644 --- a/lib/efi_loader/efi_load_options.c +++ b/lib/efi_loader/efi_load_options.c @@ -113,7 +113,7 @@ unsigned long efi_serialize_load_option(struct efi_load_option *lo, u8 **data) unsigned long size; u8 *p; - label_len = (u16_strlen(lo->label) + 1) * sizeof(u16); + label_len = u16_strsize(lo->label); /* total size */ size = sizeof(lo->attributes); diff --git a/test/py/tests/test_efi_capsule/conftest.py b/test/py/tests/test_efi_capsule/conftest.py index 9076087..d757415 100644 --- a/test/py/tests/test_efi_capsule/conftest.py +++ b/test/py/tests/test_efi_capsule/conftest.py @@ -72,7 +72,7 @@ def efi_capsule_data(request, u_boot_config): # Create capsule files # two regions: one for u-boot.bin and the other for u-boot.env - check_call('cd %s; echo -n u-boot:Old > u-boot.bin.old; echo -n u-boot:New > u-boot.bin.new; echo -n u-boot-env:Old -> u-boot.env.old; echo -n u-boot-env:New > u-boot.env.new' % data_dir, + check_call('cd %s; echo -n u-boot:Old > u-boot.bin.old; echo -n u-boot:New > u-boot.bin.new; echo -n u-boot-env:Old > u-boot.env.old; echo -n u-boot-env:New > u-boot.env.new' % data_dir, shell=True) check_call('sed -e \"s?BINFILE1?u-boot.bin.new?\" -e \"s?BINFILE2?u-boot.env.new?\" %s/test/py/tests/test_efi_capsule/uboot_bin_env.its > %s/uboot_bin_env.its' % (u_boot_config.source_dir, data_dir), @@ -80,21 +80,29 @@ def efi_capsule_data(request, u_boot_config): check_call('cd %s; %s/tools/mkimage -f uboot_bin_env.its uboot_bin_env.itb' % (data_dir, u_boot_config.build_dir), shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --fit uboot_bin_env.itb Test01' % + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 u-boot.bin.new Test01' % (data_dir, u_boot_config.build_dir), shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --raw u-boot.bin.new Test02' % + check_call('cd %s; %s/tools/mkeficapsule --index 2 --guid 5A7021F5-FEF2-48B4-AABA-832E777418C0 u-boot.env.new Test02' % (data_dir, u_boot_config.build_dir), shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid E2BB9C06-70E9-4B14-97A3-5A7913176E3F u-boot.bin.new Test03' % + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 058B7D83-50D5-4C47-A195-60D86AD341C4 u-boot.bin.new Test03' % (data_dir, u_boot_config.build_dir), shell=True) + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 uboot_bin_env.itb Test04' % + (data_dir, u_boot_config.build_dir), + shell=True) + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 058B7D83-50D5-4C47-A195-60D86AD341C4 uboot_bin_env.itb Test05' % + (data_dir, u_boot_config.build_dir), + shell=True) + if capsule_auth_enabled: # firmware signed with proper key check_call('cd %s; ' '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' '--private-key SIGNER.key --certificate SIGNER.crt ' - '--raw u-boot.bin.new Test11' + '--guid 09D7DF52-0720-4710-91D1-08469B7FE9C8 ' + 'u-boot.bin.new Test11' % (data_dir, u_boot_config.build_dir), shell=True) # firmware signed with *mal* key @@ -102,7 +110,8 @@ def efi_capsule_data(request, u_boot_config): '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' '--private-key SIGNER2.key ' '--certificate SIGNER2.crt ' - '--raw u-boot.bin.new Test12' + '--guid 09D7DF52-0720-4710-91D1-08469B7FE9C8 ' + 'u-boot.bin.new Test12' % (data_dir, u_boot_config.build_dir), shell=True) diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py b/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py new file mode 100644 index 0000000..5bef849 --- /dev/null +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py @@ -0,0 +1,191 @@ +# SPDX-License-Identifier: GPL-2.0+ +# Copyright (c) 2020, Linaro Limited +# Author: AKASHI Takahiro <takahiro.akashi@linaro.org> +# +# U-Boot UEFI: Firmware Update Test + +""" +This test verifies capsule-on-disk firmware update for FIT images +""" + +from subprocess import check_call, check_output, CalledProcessError +import pytest +from capsule_defs import * + + +@pytest.mark.boardspec('sandbox64') +@pytest.mark.boardspec('sandbox_flattree') +@pytest.mark.buildconfigspec('efi_capsule_firmware_fit') +@pytest.mark.buildconfigspec('efi_capsule_on_disk') +@pytest.mark.buildconfigspec('dfu') +@pytest.mark.buildconfigspec('dfu_sf') +@pytest.mark.buildconfigspec('cmd_efidebug') +@pytest.mark.buildconfigspec('cmd_fat') +@pytest.mark.buildconfigspec('cmd_memory') +@pytest.mark.buildconfigspec('cmd_nvedit_efi') +@pytest.mark.buildconfigspec('cmd_sf') +@pytest.mark.slow +class TestEfiCapsuleFirmwareFit(object): + def test_efi_capsule_fw1( + self, u_boot_config, u_boot_console, efi_capsule_data): + """ + Test Case 1 - Update U-Boot and U-Boot environment on SPI Flash + but with an incorrect GUID value in the capsule + No update should happen + 0x100000-0x150000: U-Boot binary (but dummy) + 0x150000-0x200000: U-Boot environment (but dummy) + """ + # other tests might have run and the + # system might not be in a clean state. + # Restart before starting the tests. + u_boot_console.restart_uboot() + + disk_img = efi_capsule_data + with u_boot_console.log.section('Test Case 1-a, before reboot'): + output = u_boot_console.run_command_list([ + 'host bind 0 %s' % disk_img, + 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""', + 'efidebug boot order 1', + 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', + 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', + 'env save']) + + # initialize contents + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'fatload host 0:1 4000000 %s/u-boot.bin.old' % CAPSULE_DATA_DIR, + 'sf write 4000000 100000 10', + 'sf read 5000000 100000 10', + 'md.b 5000000 10']) + assert 'Old' in ''.join(output) + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'fatload host 0:1 4000000 %s/u-boot.env.old' % CAPSULE_DATA_DIR, + 'sf write 4000000 150000 10', + 'sf read 5000000 150000 10', + 'md.b 5000000 10']) + assert 'Old' in ''.join(output) + + # place a capsule file + output = u_boot_console.run_command_list([ + 'fatload host 0:1 4000000 %s/Test05' % CAPSULE_DATA_DIR, + 'fatwrite host 0:1 4000000 %s/Test05 $filesize' % CAPSULE_INSTALL_DIR, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test05' in ''.join(output) + + capsule_early = u_boot_config.buildconfig.get( + 'config_efi_capsule_on_disk_early') + capsule_auth = u_boot_config.buildconfig.get( + 'config_efi_capsule_authenticate') + + # reboot + u_boot_console.restart_uboot(expect_reset = capsule_early) + + with u_boot_console.log.section('Test Case 1-b, after reboot'): + if not capsule_early: + # make sure that dfu_alt_info exists even persistent variables + # are not available. + output = u_boot_console.run_command_list([ + 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', + 'host bind 0 %s' % disk_img, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test05' in ''.join(output) + + # need to run uefi command to initiate capsule handling + output = u_boot_console.run_command( + 'env print -e Capsule0000', wait_for_reboot = True) + + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'sf read 4000000 100000 10', + 'md.b 4000000 10']) + assert 'u-boot:Old' in ''.join(output) + + output = u_boot_console.run_command_list([ + 'sf read 4000000 150000 10', + 'md.b 4000000 10']) + assert 'u-boot-env:Old' in ''.join(output) + + def test_efi_capsule_fw2( + self, u_boot_config, u_boot_console, efi_capsule_data): + """ + Test Case 2 - Update U-Boot and U-Boot environment on SPI Flash + 0x100000-0x150000: U-Boot binary (but dummy) + 0x150000-0x200000: U-Boot environment (but dummy) + """ + disk_img = efi_capsule_data + with u_boot_console.log.section('Test Case 2-a, before reboot'): + output = u_boot_console.run_command_list([ + 'host bind 0 %s' % disk_img, + 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""', + 'efidebug boot order 1', + 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', + 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', + 'env save']) + + # initialize contents + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'fatload host 0:1 4000000 %s/u-boot.bin.old' % CAPSULE_DATA_DIR, + 'sf write 4000000 100000 10', + 'sf read 5000000 100000 10', + 'md.b 5000000 10']) + assert 'Old' in ''.join(output) + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'fatload host 0:1 4000000 %s/u-boot.env.old' % CAPSULE_DATA_DIR, + 'sf write 4000000 150000 10', + 'sf read 5000000 150000 10', + 'md.b 5000000 10']) + assert 'Old' in ''.join(output) + + # place a capsule file + output = u_boot_console.run_command_list([ + 'fatload host 0:1 4000000 %s/Test04' % CAPSULE_DATA_DIR, + 'fatwrite host 0:1 4000000 %s/Test04 $filesize' % CAPSULE_INSTALL_DIR, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test04' in ''.join(output) + + capsule_early = u_boot_config.buildconfig.get( + 'config_efi_capsule_on_disk_early') + capsule_auth = u_boot_config.buildconfig.get( + 'config_efi_capsule_authenticate') + + # reboot + u_boot_console.restart_uboot(expect_reset = capsule_early) + + with u_boot_console.log.section('Test Case 2-b, after reboot'): + if not capsule_early: + # make sure that dfu_alt_info exists even persistent variables + # are not available. + output = u_boot_console.run_command_list([ + 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', + 'host bind 0 %s' % disk_img, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test04' in ''.join(output) + + # need to run uefi command to initiate capsule handling + output = u_boot_console.run_command( + 'env print -e Capsule0000', wait_for_reboot = True) + + output = u_boot_console.run_command_list([ + 'host bind 0 %s' % disk_img, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test04' not in ''.join(output) + + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'sf read 4000000 100000 10', + 'md.b 4000000 10']) + if capsule_auth: + assert 'u-boot:Old' in ''.join(output) + else: + assert 'u-boot:New' in ''.join(output) + + output = u_boot_console.run_command_list([ + 'sf read 4000000 150000 10', + 'md.b 4000000 10']) + if capsule_auth: + assert 'u-boot-env:Old' in ''.join(output) + else: + assert 'u-boot-env:New' in ''.join(output) diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware.py b/test/py/tests/test_efi_capsule/test_capsule_firmware_raw.py index 1dcf1c7..ae99f08 100644 --- a/test/py/tests/test_efi_capsule/test_capsule_firmware.py +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware_raw.py @@ -5,7 +5,7 @@ # U-Boot UEFI: Firmware Update Test """ -This test verifies capsule-on-disk firmware update +This test verifies capsule-on-disk firmware update for raw images """ from subprocess import check_call, check_output, CalledProcessError @@ -14,7 +14,6 @@ from capsule_defs import * @pytest.mark.boardspec('sandbox') -@pytest.mark.buildconfigspec('efi_capsule_firmware_fit') @pytest.mark.buildconfigspec('efi_capsule_firmware_raw') @pytest.mark.buildconfigspec('efi_capsule_on_disk') @pytest.mark.buildconfigspec('dfu') @@ -25,23 +24,29 @@ from capsule_defs import * @pytest.mark.buildconfigspec('cmd_nvedit_efi') @pytest.mark.buildconfigspec('cmd_sf') @pytest.mark.slow -class TestEfiCapsuleFirmwareFit(object): +class TestEfiCapsuleFirmwareRaw(object): def test_efi_capsule_fw1( self, u_boot_config, u_boot_console, efi_capsule_data): """ Test Case 1 - Update U-Boot and U-Boot environment on SPI Flash - but with OsIndications unset + but with an incorrect GUID value in the capsule No update should happen 0x100000-0x150000: U-Boot binary (but dummy) 0x150000-0x200000: U-Boot environment (but dummy) """ + + # other tests might have run and the + # system might not be in a clean state. + # Restart before starting the tests. + u_boot_console.restart_uboot() + disk_img = efi_capsule_data with u_boot_console.log.section('Test Case 1-a, before reboot'): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""', 'efidebug boot order 1', - 'env set -e OsIndications', + 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'env save']) @@ -63,16 +68,17 @@ class TestEfiCapsuleFirmwareFit(object): # place a capsule file output = u_boot_console.run_command_list([ - 'fatload host 0:1 4000000 %s/Test01' % CAPSULE_DATA_DIR, - 'fatwrite host 0:1 4000000 %s/Test01 $filesize' % CAPSULE_INSTALL_DIR, + 'fatload host 0:1 4000000 %s/Test03' % CAPSULE_DATA_DIR, + 'fatwrite host 0:1 4000000 %s/Test03 $filesize' % CAPSULE_INSTALL_DIR, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test01' in ''.join(output) + assert 'Test03' in ''.join(output) # reboot u_boot_console.restart_uboot() capsule_early = u_boot_config.buildconfig.get( 'config_efi_capsule_on_disk_early') + with u_boot_console.log.section('Test Case 1-b, after reboot'): if not capsule_early: # make sure that dfu_alt_info exists even persistent variables @@ -81,16 +87,11 @@ class TestEfiCapsuleFirmwareFit(object): 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'host bind 0 %s' % disk_img, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test01' in ''.join(output) + assert 'Test03' in ''.join(output) # need to run uefi command to initiate capsule handling output = u_boot_console.run_command( - 'env print -e Capsule0000') - - output = u_boot_console.run_command_list([ - 'host bind 0 %s' % disk_img, - 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test01' in ''.join(output) + 'env print -e Capsule0000', wait_for_reboot = True) output = u_boot_console.run_command_list([ 'sf probe 0:0', @@ -107,6 +108,8 @@ class TestEfiCapsuleFirmwareFit(object): self, u_boot_config, u_boot_console, efi_capsule_data): """ Test Case 2 - Update U-Boot and U-Boot environment on SPI Flash + but with OsIndications unset + No update should happen 0x100000-0x150000: U-Boot binary (but dummy) 0x150000-0x200000: U-Boot environment (but dummy) """ @@ -116,7 +119,7 @@ class TestEfiCapsuleFirmwareFit(object): 'host bind 0 %s' % disk_img, 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""', 'efidebug boot order 1', - 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', + 'env set -e OsIndications', 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'env save']) @@ -136,21 +139,24 @@ class TestEfiCapsuleFirmwareFit(object): 'md.b 5000000 10']) assert 'Old' in ''.join(output) - # place a capsule file + # place the capsule files output = u_boot_console.run_command_list([ 'fatload host 0:1 4000000 %s/Test01' % CAPSULE_DATA_DIR, 'fatwrite host 0:1 4000000 %s/Test01 $filesize' % CAPSULE_INSTALL_DIR, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) assert 'Test01' in ''.join(output) - capsule_early = u_boot_config.buildconfig.get( - 'config_efi_capsule_on_disk_early') - capsule_auth = u_boot_config.buildconfig.get( - 'config_efi_capsule_authenticate') + output = u_boot_console.run_command_list([ + 'fatload host 0:1 4000000 %s/Test02' % CAPSULE_DATA_DIR, + 'fatwrite host 0:1 4000000 %s/Test02 $filesize' % CAPSULE_INSTALL_DIR, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test02' in ''.join(output) # reboot - u_boot_console.restart_uboot(expect_reset = capsule_early) + u_boot_console.restart_uboot() + capsule_early = u_boot_config.buildconfig.get( + 'config_efi_capsule_on_disk_early') with u_boot_console.log.section('Test Case 2-b, after reboot'): if not capsule_early: # make sure that dfu_alt_info exists even persistent variables @@ -160,32 +166,28 @@ class TestEfiCapsuleFirmwareFit(object): 'host bind 0 %s' % disk_img, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) assert 'Test01' in ''.join(output) + assert 'Test02' in ''.join(output) # need to run uefi command to initiate capsule handling output = u_boot_console.run_command( - 'env print -e Capsule0000', wait_for_reboot = True) + 'env print -e Capsule0000') output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test01' not in ''.join(output) + assert 'Test01' in ''.join(output) + assert 'Test02' in ''.join(output) output = u_boot_console.run_command_list([ 'sf probe 0:0', 'sf read 4000000 100000 10', 'md.b 4000000 10']) - if capsule_auth: - assert 'u-boot:Old' in ''.join(output) - else: - assert 'u-boot:New' in ''.join(output) + assert 'u-boot:Old' in ''.join(output) output = u_boot_console.run_command_list([ 'sf read 4000000 150000 10', 'md.b 4000000 10']) - if capsule_auth: - assert 'u-boot-env:Old' in ''.join(output) - else: - assert 'u-boot-env:New' in ''.join(output) + assert 'u-boot-env:Old' in ''.join(output) def test_efi_capsule_fw3( self, u_boot_config, u_boot_console, efi_capsule_data): @@ -203,7 +205,7 @@ class TestEfiCapsuleFirmwareFit(object): 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'env save']) - # initialize content + # initialize contents output = u_boot_console.run_command_list([ 'sf probe 0:0', 'fatload host 0:1 4000000 %s/u-boot.bin.old' % CAPSULE_DATA_DIR, @@ -212,7 +214,21 @@ class TestEfiCapsuleFirmwareFit(object): 'md.b 5000000 10']) assert 'Old' in ''.join(output) - # place a capsule file + output = u_boot_console.run_command_list([ + 'sf probe 0:0', + 'fatload host 0:1 4000000 %s/u-boot.env.old' % CAPSULE_DATA_DIR, + 'sf write 4000000 150000 10', + 'sf read 5000000 100000 10', + 'md.b 5000000 10']) + assert 'Old' in ''.join(output) + + # place the capsule files + output = u_boot_console.run_command_list([ + 'fatload host 0:1 4000000 %s/Test01' % CAPSULE_DATA_DIR, + 'fatwrite host 0:1 4000000 %s/Test01 $filesize' % CAPSULE_INSTALL_DIR, + 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test01' in ''.join(output) + output = u_boot_console.run_command_list([ 'fatload host 0:1 4000000 %s/Test02' % CAPSULE_DATA_DIR, 'fatwrite host 0:1 4000000 %s/Test02 $filesize' % CAPSULE_INSTALL_DIR, @@ -235,6 +251,7 @@ class TestEfiCapsuleFirmwareFit(object): 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'host bind 0 %s' % disk_img, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test01' in ''.join(output) assert 'Test02' in ''.join(output) # need to run uefi command to initiate capsule handling @@ -246,15 +263,16 @@ class TestEfiCapsuleFirmwareFit(object): 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'efidebug capsule esrt']) - # ensure that EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID is in the ESRT. - assert 'AE13FF2D-9AD4-4E25-9AC8-6D80B3B22147' in ''.join(output) + # ensure that SANDBOX_UBOOT_ENV_IMAGE_GUID is in the ESRT. + assert '5A7021F5-FEF2-48B4-AABA-832E777418C0' in ''.join(output) - # ensure that EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID is in the ESRT. - assert 'E2BB9C06-70E9-4B14-97A3-5A7913176E3F' in ''.join(output) + # ensure that SANDBOX_UBOOT_IMAGE_GUID is in the ESRT. + assert '09D7CF52-0720-4710-91D1-08469B7FE9C8' in ''.join(output) output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) + assert 'Test01' not in ''.join(output) assert 'Test02' not in ''.join(output) output = u_boot_console.run_command_list([ @@ -266,78 +284,11 @@ class TestEfiCapsuleFirmwareFit(object): else: assert 'u-boot:New' in ''.join(output) - def test_efi_capsule_fw4( - self, u_boot_config, u_boot_console, efi_capsule_data): - """ - Test Case 4 - Test "--guid" option of mkeficapsule - The test scenario is the same as Case 3. - """ - disk_img = efi_capsule_data - with u_boot_console.log.section('Test Case 4-a, before reboot'): - output = u_boot_console.run_command_list([ - 'host bind 0 %s' % disk_img, - 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""', - 'efidebug boot order 1', - 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', - 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', - 'env save']) - - # initialize content output = u_boot_console.run_command_list([ 'sf probe 0:0', - 'fatload host 0:1 4000000 %s/u-boot.bin.old' % CAPSULE_DATA_DIR, - 'sf write 4000000 100000 10', - 'sf read 5000000 100000 10', - 'md.b 5000000 10']) - assert 'Old' in ''.join(output) - - # place a capsule file - output = u_boot_console.run_command_list([ - 'fatload host 0:1 4000000 %s/Test03' % CAPSULE_DATA_DIR, - 'fatwrite host 0:1 4000000 %s/Test03 $filesize' % CAPSULE_INSTALL_DIR, - 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test03' in ''.join(output) - - capsule_early = u_boot_config.buildconfig.get( - 'config_efi_capsule_on_disk_early') - capsule_auth = u_boot_config.buildconfig.get( - 'config_efi_capsule_authenticate') - - # reboot - u_boot_console.restart_uboot(expect_reset = capsule_early) - - with u_boot_console.log.section('Test Case 4-b, after reboot'): - if not capsule_early: - # make sure that dfu_alt_info exists even persistent variables - # are not available. - output = u_boot_console.run_command_list([ - 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', - 'host bind 0 %s' % disk_img, - 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test03' in ''.join(output) - - # need to run uefi command to initiate capsule handling - output = u_boot_console.run_command( - 'env print -e Capsule0000', wait_for_reboot = True) - - # make sure the dfu_alt_info exists because it is required for making ESRT. - output = u_boot_console.run_command_list([ - 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', - 'efidebug capsule esrt']) - - # ensure that EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID is in the ESRT. - assert 'E2BB9C06-70E9-4B14-97A3-5A7913176E3F' in ''.join(output) - - output = u_boot_console.run_command_list([ - 'host bind 0 %s' % disk_img, - 'fatls host 0:1 %s' % CAPSULE_INSTALL_DIR]) - assert 'Test03' not in ''.join(output) - - output = u_boot_console.run_command_list([ - 'sf probe 0:0', - 'sf read 4000000 100000 10', + 'sf read 4000000 150000 10', 'md.b 4000000 10']) if capsule_auth: - assert 'u-boot:Old' in ''.join(output) + assert 'u-boot-env:Old' in ''.join(output) else: - assert 'u-boot:New' in ''.join(output) + assert 'u-boot-env:New' in ''.join(output) diff --git a/tools/eficapsule.h b/tools/eficapsule.h index 69c9c58..d63b831 100644 --- a/tools/eficapsule.h +++ b/tools/eficapsule.h @@ -37,14 +37,6 @@ typedef struct { EFI_GUID(0x6dcbd5ed, 0xe82d, 0x4c44, 0xbd, 0xa1, \ 0x71, 0x94, 0x19, 0x9a, 0xd9, 0x2a) -#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID \ - EFI_GUID(0xae13ff2d, 0x9ad4, 0x4e25, 0x9a, 0xc8, \ - 0x6d, 0x80, 0xb3, 0xb2, 0x21, 0x47) - -#define EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID \ - EFI_GUID(0xe2bb9c06, 0x70e9, 0x4b14, 0x97, 0xa3, \ - 0x5a, 0x79, 0x13, 0x17, 0x6e, 0x3f) - #define EFI_CERT_TYPE_PKCS7_GUID \ EFI_GUID(0x4aafd29d, 0x68df, 0x49ee, 0x8a, 0xa9, \ 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7) diff --git a/tools/mkeficapsule.c b/tools/mkeficapsule.c index c118335..5f74d23 100644 --- a/tools/mkeficapsule.c +++ b/tools/mkeficapsule.c @@ -27,17 +27,11 @@ static const char *tool_name = "mkeficapsule"; efi_guid_t efi_guid_fm_capsule = EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID; -efi_guid_t efi_guid_image_type_uboot_fit = - EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID; -efi_guid_t efi_guid_image_type_uboot_raw = - EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID; efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID; -static const char *opts_short = "frg:i:I:v:p:c:m:dh"; +static const char *opts_short = "g:i:I:v:p:c:m:dh"; static struct option options[] = { - {"fit", no_argument, NULL, 'f'}, - {"raw", no_argument, NULL, 'r'}, {"guid", required_argument, NULL, 'g'}, {"index", required_argument, NULL, 'i'}, {"instance", required_argument, NULL, 'I'}, @@ -54,8 +48,6 @@ static void print_usage(void) fprintf(stderr, "Usage: %s [options] <image blob> <output file>\n" "Options:\n" - "\t-f, --fit FIT image type\n" - "\t-r, --raw raw image type\n" "\t-g, --guid <guid string> guid for image blob type\n" "\t-i, --index <index> update image index\n" "\t-I, --instance <instance> update hardware instance\n" @@ -606,22 +598,6 @@ int main(int argc, char **argv) break; switch (c) { - case 'f': - if (guid) { - fprintf(stderr, - "Image type already specified\n"); - exit(EXIT_FAILURE); - } - guid = &efi_guid_image_type_uboot_fit; - break; - case 'r': - if (guid) { - fprintf(stderr, - "Image type already specified\n"); - exit(EXIT_FAILURE); - } - guid = &efi_guid_image_type_uboot_raw; - break; case 'g': if (guid) { fprintf(stderr, |