diff options
author | Tom Rini <trini@konsulko.com> | 2021-10-26 18:42:26 -0400 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2021-10-26 18:42:52 -0400 |
commit | 670d657dfb6ede2957043dd0ac868297ac093857 (patch) | |
tree | f7ea85030daf5ee969e143bcef63099b3eae758a /doc | |
parent | c9661d0fee0fa57b2ae2442829ed4e6b014c6296 (diff) | |
parent | 65aa259aa723793f394abf81b7b0d639826e35b7 (diff) | |
download | u-boot-670d657dfb6ede2957043dd0ac868297ac093857.zip u-boot-670d657dfb6ede2957043dd0ac868297ac093857.tar.gz u-boot-670d657dfb6ede2957043dd0ac868297ac093857.tar.bz2 |
Merge tag 'efi-2022-01-rc1-2' of https://source.denx.de/u-boot/custodians/u-boot-efiWIP/26Oct2021
Pull request for efi-2022-01-rc1-2
doc:
Remove obsolete PPC4XX references
UEFI:
Implement missing TCG2 measurements
Code clean up
# gpg: Signature made Tue 26 Oct 2021 05:56:47 PM EDT
# gpg: using RSA key 6DC4F9C71F29A6FA06B76D33C481DBBC2C051AC4
# gpg: Good signature from "Heinrich Schuchardt <xypron.glpk@gmx.de>" [unknown]
# gpg: aka "[jpeg image of size 1389]" [unknown]
# Primary key fingerprint: 6DC4 F9C7 1F29 A6FA 06B7 6D33 C481 DBBC 2C05 1AC4
Diffstat (limited to 'doc')
-rw-r--r-- | doc/README.bedbug | 22 | ||||
-rw-r--r-- | doc/README.mpc74xx | 22 | ||||
-rw-r--r-- | doc/develop/uefi/uefi.rst | 124 |
3 files changed, 124 insertions, 44 deletions
diff --git a/doc/README.bedbug b/doc/README.bedbug index 35e9d27..1a2acd0 100644 --- a/doc/README.bedbug +++ b/doc/README.bedbug @@ -2,8 +2,6 @@ BEDBUG Support for U-Boot -------------------------- These changes implement the bedbug (emBEDded deBUGger) debugger in U-Boot. -A specific implementation is made for the AMCC 405 processor but other flavors -can be easily implemented. ##################### ### Modifications ### @@ -12,25 +10,9 @@ can be easily implemented. ./common/Makefile Included cmd_bedbug.c and bedbug.c in the Makefile. -./common/command.c - Added bedbug commands to command table. - ./common/board.c Added call to initialize debugger on startup. -./arch/powerpc/cpu/ppc4xx/Makefile - Added bedbug_405.c to the Makefile. - -./arch/powerpc/cpu/ppc4xx/start.S - Added code to handle the debug exception (0x2000) on the 405. - Also added code to handle critical exceptions since the debug - is treated as critical on the 405. - -./arch/powerpc/cpu/ppc4xx/traps.c - Added more detailed output for the program exception to tell - if it is an illegal instruction, privileged instruction or - a trap. Also added debug trap handler. - ./include/ppc_asm.tmpl Added code to handle critical exceptions @@ -51,10 +33,6 @@ can be easily implemented. hardware breakpoints and stepping through code. These routines are common to all PowerPC processors. -./arch/powerpc/cpu/ppc4xx/bedbug_405.c - AMCC PPC405 specific debugger routines. - - Bedbug support for the MPC860 ----------------------------- diff --git a/doc/README.mpc74xx b/doc/README.mpc74xx deleted file mode 100644 index f81f1c2..0000000 --- a/doc/README.mpc74xx +++ /dev/null @@ -1,22 +0,0 @@ -This file contains status information for the port of U-Boot to the -Motorola mpc74xx series of CPUs. - -Author: Josh Huber <huber@mclx.com> - Mission Critical Linux, Inc. - -Currently the support for these CPUs is pretty minimal, but enough to -get things going. (much like the support for the Galileo Eval Board) - -There is a framework in place to enable the L2 cache, and to program -the BATs. Currently, there are still problems with the code which -sets up the L2 cache, so it's not enabled. (IMHO, it shouldn't be -anyway). Additionally, there is support for enabling the MMU, which -we also don't do. The BATs are programmed just for the benefit of -jumping into Linux in a sane configuration. - -Most of the code was based on other cpus supported by U-Boot. - -If you find any errors in the CPU setup code, please send us a note. - -Thanks, -Josh diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index 4f2b8b0..f17138f 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -277,6 +277,130 @@ Enable ``CONFIG_OPTEE``, ``CONFIG_CMD_OPTEE_RPMB`` and ``CONFIG_EFI_MM_COMM_TEE` [1] https://optee.readthedocs.io/en/latest/building/efi_vars/stmm.html +Enabling UEFI Capsule Update feature +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Support has been added for the UEFI capsule update feature which +enables updating the U-Boot image using the UEFI firmware management +protocol (FMP). The capsules are not passed to the firmware through +the UpdateCapsule runtime service. Instead, capsule-on-disk +functionality is used for fetching the capsule from the EFI System +Partition (ESP) by placing the capsule file under the +\EFI\UpdateCapsule directory. + +The directory \EFI\UpdateCapsule is checked for capsules only within the +EFI system partition on the device specified in the active boot option +determined by reference to BootNext variable or BootOrder variable processing. +The active Boot Variable is the variable with highest priority BootNext or +within BootOrder that refers to a device found to be present. Boot variables +in BootOrder but referring to devices not present are ignored when determining +active boot variable. +Before starting a capsule update make sure your capsules are installed in the +correct ESP partition or set BootNext. + +Performing the update +********************* + +Since U-boot doesn't currently support SetVariable at runtime there's a Kconfig +option (CONFIG_EFI_IGNORE_OSINDICATIONS) to disable the OsIndications variable +check. If that option is enabled just copy your capsule to \EFI\UpdateCapsule. + +If that option is disabled, you'll need to set the OsIndications variable with:: + + => setenv -e -nv -bs -rt -v OsIndications =0x04 + +Finally, the capsule update can be initiated either by rebooting the board, +which is the preferred method, or by issuing the following command:: + + => efidebug capsule disk-update + +**The efidebug command is should only be used during debugging/development.** + +Enabling Capsule Authentication +******************************* + +The UEFI specification defines a way of authenticating the capsule to +be updated by verifying the capsule signature. The capsule signature +is computed and prepended to the capsule payload at the time of +capsule generation. This signature is then verified by using the +public key stored as part of the X509 certificate. This certificate is +in the form of an efi signature list (esl) file, which is embedded as +part of U-Boot. + +The capsule authentication feature can be enabled through the +following config, in addition to the configs listed above for capsule +update:: + + CONFIG_EFI_CAPSULE_AUTHENTICATE=y + CONFIG_EFI_CAPSULE_KEY_PATH=<path to .esl cert> + +The public and private keys used for the signing process are generated +and used by the steps highlighted below:: + + 1. Install utility commands on your host + * OPENSSL + * efitools + + 2. Create signing keys and certificate files on your host + + $ openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=CRT/ \ + -keyout CRT.key -out CRT.crt -nodes -days 365 + $ cert-to-efi-sig-list CRT.crt CRT.esl + + $ openssl x509 -in CRT.crt -out CRT.cer -outform DER + $ openssl x509 -inform DER -in CRT.cer -outform PEM -out CRT.pub.pem + + $ openssl pkcs12 -export -out CRT.pfx -inkey CRT.key -in CRT.crt + $ openssl pkcs12 -in CRT.pfx -nodes -out CRT.pem + +The capsule file can be generated by using the GenerateCapsule.py +script in EDKII:: + + $ ./BaseTools/BinWrappers/PosixLike/GenerateCapsule -e -o \ + <capsule_file_name> --monotonic-count <val> --fw-version \ + <val> --lsv <val> --guid \ + e2bb9c06-70e9-4b14-97a3-5a7913176e3f --verbose \ + --update-image-index <val> --signer-private-cert \ + /path/to/CRT.pem --trusted-public-cert \ + /path/to/CRT.pub.pem --other-public-cert /path/to/CRT.pub.pem \ + <u-boot.bin> + +Place the capsule generated in the above step on the EFI System +Partition under the EFI/UpdateCapsule directory + +Testing on QEMU +*************** + +Currently, support has been added on the QEMU ARM64 virt platform for +updating the U-Boot binary as a raw image when the platform is booted +in non-secure mode, i.e. with CONFIG_TFABOOT disabled. For this +configuration, the QEMU platform needs to be booted with +'secure=off'. The U-Boot binary placed on the first bank of the NOR +flash at offset 0x0. The U-Boot environment is placed on the second +NOR flash bank at offset 0x4000000. + +The capsule update feature is enabled with the following configuration +settings:: + + CONFIG_MTD=y + CONFIG_FLASH_CFI_MTD=y + CONFIG_CMD_MTDPARTS=y + CONFIG_CMD_DFU=y + CONFIG_DFU_MTD=y + CONFIG_PCI_INIT_R=y + CONFIG_EFI_CAPSULE_ON_DISK=y + CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT=y + CONFIG_EFI_CAPSULE_FIRMWARE=y + CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y + +In addition, the following config needs to be disabled(QEMU ARM specific):: + + CONFIG_TFABOOT + +The capsule file can be generated by using the tools/mkeficapsule:: + + $ mkeficapsule --raw <u-boot.bin> --index 1 <capsule_file_name> + Executing the boot manager ~~~~~~~~~~~~~~~~~~~~~~~~~~ |