[RFC PATCH v2 7/8] FWU: synquacer: Initialize broken metadata
Masami Hiramatsu
masami.hiramatsu at linaro.org
Mon Feb 21 08:04:59 CET 2022
Hi,
I decided to add tools/mkfwumdata tool to make a raw image of
fwu_mdata for initialization. So this patch will be dropped from next
version.
Thank you,
2022年2月18日(金) 0:12 Masami Hiramatsu <masami.hiramatsu at linaro.org>:
>
> Since the FWU metadata is not initialized at the installation,
> if it is broken, it should be initialized. Usually, the FWU
> metadata is not covered by capsule update, so it is safe to
> initialize the metadata portion if it seems broken.
>
> But for the production device, usually firmware will be installed
> with initialized metadata, and the broken metadata means the
> device can be compromized. In that case, build U-Boot without
> this option.
>
> Signed-off-by: Masami Hiramatsu <masami.hiramatsu at linaro.org>
> ---
> board/socionext/developerbox/Kconfig | 12 ++++++
> board/socionext/developerbox/fwu_plat.c | 60 +++++++++++++++++++++++++++++++
> 2 files changed, 72 insertions(+)
>
> diff --git a/board/socionext/developerbox/Kconfig b/board/socionext/developerbox/Kconfig
> index 4120098cab..9fbe8d1e74 100644
> --- a/board/socionext/developerbox/Kconfig
> +++ b/board/socionext/developerbox/Kconfig
> @@ -44,4 +44,16 @@ config FWU_NUM_BANKS
> config FWU_NUM_IMAGES_PER_BANK
> default 1
>
> +config FWU_INIT_BROKEN_METADATA
> + bool "Initialize FWU metadata if broken"
> + select BOARD_LATE_INIT
> + default n
> + help
> + Initialize FWU metadata if the metadata is broken.
> + This option is only for the development environment, since if the
> + metadata is broken, it means someone may compromize it. In that case
> + the production device must be bricked.
> + But for the development environment, or initial installation of the
> + FWU multi-bank update firmware, this will be useful.
> +
> endif
> diff --git a/board/socionext/developerbox/fwu_plat.c b/board/socionext/developerbox/fwu_plat.c
> index cbbbd58bc0..1892f79660 100644
> --- a/board/socionext/developerbox/fwu_plat.c
> +++ b/board/socionext/developerbox/fwu_plat.c
> @@ -176,3 +176,63 @@ void fwu_plat_get_bootidx(void *boot_idx)
> else
> *bootidx = devbox_plat_metadata->boot_index;
> }
> +
> +#ifdef CONFIG_FWU_INIT_BROKEN_METADATA
> +
> +static void devbox_init_fwu_mdata(void)
> +{
> + const efi_guid_t null_guid = NULL_GUID;
> + struct fwu_image_bank_info *bank;
> + struct fwu_mdata *metadata;
> + int i, j, ret;
> +
> + metadata = memalign(ARCH_DMA_MINALIGN, sizeof(*metadata));
> + if (!metadata) {
> + log_err("Failed to allocate initial metadata.\n");
> + return;
> + }
> +
> + metadata->version = 1;
> + metadata->active_index = 0;
> + metadata->previous_active_index = 0;
> +
> + /*
> + * Since the DeveloperBox doesn't use GPT, both of
> + * fwu_image_entry::location_uuid and
> + * fwu_img_bank_info::image_uuid are null GUID.
> + */
> + for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) {
> + guidcpy(&metadata->img_entry[i].image_type_uuid,
> + &devbox_fip_image_type_guid);
> + guidcpy(&metadata->img_entry[i].location_uuid,
> + &null_guid);
> + bank = metadata->img_entry[i].img_bank_info;
> +
> + for (j = 0; j < CONFIG_FWU_NUM_BANKS; j++) {
> + guidcpy(&bank[j].image_uuid, &null_guid);
> + bank[j].accepted = (j == 0) ? 1 : 0;
> + bank[j].reserved = 0;
> + }
> + }
> +
> + ret = fwu_update_mdata(metadata);
> + if (ret < 0)
> + log_err("Failed to initialize FWU metadata\n");
> + else
> + log_err("Initialized FWU metadata\n");
> + free(metadata);
> +}
> +
> +int board_late_init(void)
> +{
> + struct fwu_mdata *metadata;
> +
> + if (fwu_get_mdata(&metadata) < 0) {
> + // Initialize FWU metadata if broken
> + log_err("Unable to get a valid metadata. Initialize it.\n");
> + devbox_init_fwu_mdata();
> + }
> + return 0;
> +}
> +
> +#endif
>
--
Masami Hiramatsu
More information about the U-Boot
mailing list