[PATCHv4 2/5] fwu: move meta-data management in core
Jassi Brar
jassisinghbrar at gmail.com
Mon Feb 27 17:46:08 CET 2023
On Mon, Feb 27, 2023 at 10:30 AM Etienne Carriere
<etienne.carriere at linaro.org> wrote:
>
> Hello Jassi,
>
> On Sun, 5 Feb 2023 at 04:01, <jassisinghbrar at gmail.com> wrote:
> >
> > From: Jassi Brar <jaswinder.singh at linaro.org>
> >
> > Instead of each i/f having to implement their own meta-data verification
> > and storage, move the logic in common code. This simplifies the i/f code
> > much simpler and compact.
> >
> > Signed-off-by: Jassi Brar <jaswinder.singh at linaro.org>
> > ---
> > drivers/fwu-mdata/fwu-mdata-uclass.c | 34 +++++++
> > include/fwu.h | 41 ++++++++
> > lib/fwu_updates/fwu.c | 135 ++++++++++++++++++++++++++-
> > 3 files changed, 206 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c
> > index b477e9603f..e03773c584 100644
> > --- a/drivers/fwu-mdata/fwu-mdata-uclass.c
> > +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c
> > @@ -16,6 +16,40 @@
> > #include <linux/types.h>
> > #include <u-boot/crc.h>
> >
> > +/**
> > + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
> > + *
> > + * Return: 0 if OK, -ve on error
> > + */
> > +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
> > +{
> > + const struct fwu_mdata_ops *ops = device_get_ops(dev);
> > +
> > + if (!ops->read_mdata) {
> > + log_debug("read_mdata() method not defined\n");
> > + return -ENOSYS;
> > + }
> > +
> > + return ops->read_mdata(dev, mdata, primary);
> > +}
> > +
> > +/**
> > + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
> > + *
> > + * Return: 0 if OK, -ve on error
> > + */
> > +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary)
> > +{
> > + const struct fwu_mdata_ops *ops = device_get_ops(dev);
> > +
> > + if (!ops->write_mdata) {
> > + log_debug("write_mdata() method not defined\n");
> > + return -ENOSYS;
> > + }
> > +
> > + return ops->write_mdata(dev, mdata, primary);
> > +}
> > +
> > /**
> > * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers
> > * @dev: FWU metadata device
> > diff --git a/include/fwu.h b/include/fwu.h
> > index 0919ced812..1a700c9e6a 100644
> > --- a/include/fwu.h
> > +++ b/include/fwu.h
> > @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv {
> > * @update_mdata() - Update the FWU metadata copy
> > */
> > struct fwu_mdata_ops {
> > + /**
> > + * read_mdata() - Populate the asked FWU metadata copy
> > + * @dev: FWU metadata device
> > + * @mdata: Copy of the FWU metadata
> > + * @primary: If primary or secondary copy of meta-data is to be read
> > + *
> > + * Return: 0 if OK, -ve on error
> > + */
> > + int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> > +
> > + /**
> > + * write_mdata() - Write the given FWU metadata copy
> > + * @dev: FWU metadata device
> > + * @mdata: Copy of the FWU metadata
> > + * @primary: If primary or secondary copy of meta-data is to be written
> > + *
> > + * Return: 0 if OK, -ve on error
> > + */
> > + int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> > +
> > /**
> > * check_mdata() - Check if the FWU metadata is valid
> > * @dev: FWU device
> > @@ -126,6 +146,27 @@ struct fwu_mdata_ops {
> > EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \
> > 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
> >
> > +/**
> > + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
> > + */
> > +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> > +
> > +/**
> > + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
> > + */
> > +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
> > +
> > +/**
> > + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata
> > + *
> > + * Read both the metadata copies from the storage media, verify their checksum,
> > + * and ascertain that both copies match. If one of the copies has gone bad,
> > + * restore it from the good copy.
> > + *
> > + * Return: 0 if OK, -ve on error
> > +*/
> > +int fwu_get_verified_mdata(struct fwu_mdata *mdata);
> > +
> > /**
> > * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies
> > *
> > diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c
> > index 5313d07302..56299f1b2f 100644
> > --- a/lib/fwu_updates/fwu.c
> > +++ b/lib/fwu_updates/fwu.c
> > @@ -15,13 +15,13 @@
> > #include <linux/errno.h>
> > #include <linux/types.h>
> >
> > +#include <u-boot/crc.h>
> > +
> > +static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */
> > +static struct udevice *g_dev;
> > static u8 in_trial;
> > static u8 boottime_check;
> >
> > -#include <linux/errno.h>
> > -#include <linux/types.h>
> > -#include <u-boot/crc.h>
> > -
> > enum {
> > IMAGE_ACCEPT_SET = 1,
> > IMAGE_ACCEPT_CLEAR,
> > @@ -161,6 +161,133 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id)
> > return -ENOENT;
> > }
> >
> > +/**
> > + * fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided
> > + * @mdata: FWU metadata structure
> > + * @part: Bitmask of FWU metadata partitions to be written to
> > + *
> > + * Return: 0 if OK, -ve on error
> > + */
> > +static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
> > +{
> > + void *buf = &mdata->version;
> > + int err = 0;
> > +
> > + /*
> > + * Calculate the crc32 for the updated FWU metadata
> > + * and put the updated value in the FWU metadata crc32
> > + * field
> > + */
> > + mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
> > +
> > + err = fwu_write_mdata(g_dev, mdata, part & PRIMARY_PART ? true : false);
>
> There is an issue here as arg @part can have 3 values: PRIMARY_PART,
> SECONDARY_PART or BOTH_PARTS.
> The implementation here does not consider the later case BOTH_PATHS.
> I think something like the below code snippet should do the work:
>
> switch (part) {
> case PRIMARY_PART:
> case SECONDARY_PART:
> err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART);
> break;
> default: /* assuming BOTH_PARTS, or maybe we need sanitization of
> invalid part values? */
> err = fwu_write_mdata(g_dev, mdata, true);
> if (!err)
> err = fwu_write_mdata(g_dev, mdata, false);
> break;
> }
> and adaptation for the error message below.
>
> Or maybe fwu_write_mdata() should not have its 3rd argument and
> backend handler should directly handle mdata replication update (if
> needed) on any mdata update requests.
>
Good catch. Thanks.
Even simpler fix is ...
static int fwu_sync_mdata(struct fwu_mdata *mdata, int part)
{
if (part == BOTH_PARTS) {
fwu_sync_mdata(mdata, PRIMARY_PART);
part = SECONDARY_PART;
}
.....
}
Thanks.
More information about the U-Boot
mailing list