[PATCH] Proposed changes to dynamic UUIDs v3
Caleb Connolly
caleb.connolly at linaro.org
Tue Jul 2 15:49:00 CEST 2024
Hi Vincent,
On 27/06/2024 11:55, Vincent Stehlé wrote:
> Here are the changes that I would like to suggest for the "efi:
> CapsuleUpdate: support for dynamic UUIDs" v3 patch series:
>
> - Convert from big-endian UUID to little-endian GUID in
> efi_capsule_update_info_gen_ids().
>
> - Fix tmp size and masking in gen_uuid_v5().
>
> - Use UUID_STR_FORMAT_STD in all places where we are dealing with a
> big-endian UUID.
>
> - Update all GUIDs constants in the code and in the tests accordingly. This
> gets rid of the following broken UUIDs:
>
> 5af91295-5a99-f62b-80d7-e9574de87170
> 8ee418dc-7e00-e156-80a7-274fbbc05ba8
> 935fe837-fac8-4394-c008-737d8852c60d
> fd5db83c-12f3-a46b-80a9-e3007c7ff56e
> ffd97379-0956-fa94-c003-8bfcf5cc097b
>
> - Also, a few minor modifications here and there.
Thanks, this was really helpful for prepping v4. I decided to go with a
slightly different approach and just make the the v5 generator produce a
little endian GUID rather than a BE UUID.
V4 is here:
https://lore.kernel.org/u-boot/20240702-b4-dynamic-uuid-v4-0-a00c82d1f504@linaro.org
Kind regards,
>
> Signed-off-by: Vincent Stehlé <vincent.stehle at arm.com>
> Cc: Caleb Connolly <caleb.connolly at linaro.org>
> Cc: Tom Rini <trini at konsulko.com>
> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de>
> Cc: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> Cc: Simon Glass <sjg at chromium.org>
> Cc: Mario Six <mario.six at gdsys.cc>
> Cc: Alper Nebi Yasak <alpernebiyasak at gmail.com>
> Cc: Abdellatif El Khlifi <abdellatif.elkhlifi at arm.com>
> Cc: Richard Hughes <hughsient at gmail.com>
> ---
> include/sandbox_efi_capsule.h | 6 +++---
> lib/efi_loader/efi_firmware.c | 14 +++++++++++---
> lib/uuid.c | 8 ++++----
> test/lib/uuid.c | 12 ++++++------
> .../test_efi_capsule/test_capsule_firmware_fit.py | 4 ++--
> .../test_efi_capsule/test_capsule_firmware_raw.py | 8 ++++----
> .../test_capsule_firmware_signed_fit.py | 2 +-
> .../test_capsule_firmware_signed_raw.py | 4 ++--
> test/py/tests/test_efi_capsule/version.dts | 6 +++---
> tools/.gitignore | 1 +
> tools/binman/etype/efi_capsule.py | 2 +-
> tools/binman/ftest.py | 2 +-
> tools/genguid.c | 7 +++----
> 13 files changed, 42 insertions(+), 34 deletions(-)
>
> diff --git a/include/sandbox_efi_capsule.h b/include/sandbox_efi_capsule.h
> index 25ac496ea24..6f0de5a1e25 100644
> --- a/include/sandbox_efi_capsule.h
> +++ b/include/sandbox_efi_capsule.h
> @@ -6,9 +6,9 @@
> #if !defined(_SANDBOX_EFI_CAPSULE_H_)
> #define _SANDBOX_EFI_CAPSULE_H_
>
> -#define SANDBOX_UBOOT_IMAGE_GUID "fd5db83c-12f3-a46b-80a9-e3007c7ff56e"
> -#define SANDBOX_UBOOT_ENV_IMAGE_GUID "935fe837-fac8-4394-c008-737d8852c60d"
> -#define SANDBOX_FIT_IMAGE_GUID "ffd97379-0956-fa94-c003-8bfcf5cc097b"
> +#define SANDBOX_UBOOT_IMAGE_GUID "50980990-5af9-5522-86e2-8f05f4d7313c"
> +#define SANDBOX_UBOOT_ENV_IMAGE_GUID "3554b655-b9f0-5240-ace2-6f34c2f7fcca"
> +#define SANDBOX_FIT_IMAGE_GUID "8b38adc7-df0c-5769-8b89-c090ca3d07a7"
> #define SANDBOX_INCORRECT_GUID "058b7d83-50d5-4c47-a195-60d86ad341c4"
>
> #define UBOOT_FIT_IMAGE "u-boot_bin_env.itb"
> diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
> index a8dafe4f01a..f0d0c3fa972 100644
> --- a/lib/efi_loader/efi_firmware.c
> +++ b/lib/efi_loader/efi_firmware.c
> @@ -258,7 +258,7 @@ void efi_firmware_fill_version_info(struct efi_firmware_image_descriptor *image_
> static efi_status_t efi_capsule_update_info_gen_ids(void)
> {
> int ret, i;
> - struct uuid namespace;
> + struct uuid namespace, type;
> const char *compatible; /* Full array including null bytes */
> struct efi_fw_image *fw_array;
>
> @@ -269,7 +269,7 @@ static efi_status_t efi_capsule_update_info_gen_ids(void)
> return EFI_SUCCESS;
>
> ret = uuid_str_to_bin(CONFIG_EFI_CAPSULE_NAMESPACE_UUID,
> - (unsigned char *)&namespace, UUID_STR_FORMAT_GUID);
> + (unsigned char *)&namespace, UUID_STR_FORMAT_STD);
> if (ret) {
> log_debug("%s: CONFIG_EFI_CAPSULE_NAMESPACE_UUID is invalid: %d\n", __func__, ret);
> return EFI_UNSUPPORTED;
> @@ -289,12 +289,20 @@ static efi_status_t efi_capsule_update_info_gen_ids(void)
>
> for (i = 0; i < update_info.num_images; i++) {
> gen_uuid_v5(&namespace,
> - (struct uuid *)&fw_array[i].image_type_id,
> + &type,
> compatible, strlen(compatible),
> fw_array[i].fw_name, u16_strsize(fw_array[i].fw_name)
> - sizeof(uint16_t),
> NULL);
>
> + /* Convert to little-endian GUID. */
> + fw_array[i].image_type_id = (efi_guid_t)EFI_GUID(
> + be32_to_cpu(type.time_low), be16_to_cpu(type.time_mid),
> + be16_to_cpu(type.time_hi_and_version),
> + type.clock_seq_hi_and_reserved, type.clock_seq_low,
> + type.node[0], type.node[1], type.node[2], type.node[3],
> + type.node[4], type.node[5]);
> +
> log_debug("Image %ls UUID %pUs\n", fw_array[i].fw_name,
> &fw_array[i].image_type_id);
> }
> diff --git a/lib/uuid.c b/lib/uuid.c
> index 89911b06ccc..a8c3a504090 100644
> --- a/lib/uuid.c
> +++ b/lib/uuid.c
> @@ -391,7 +391,7 @@ void gen_uuid_v5(const struct uuid *namespace, struct uuid *uuid, ...)
> va_list args;
> const uint8_t *data;
> uint8_t hash[SHA1_SUM_LEN];
> - uint32_t tmp;
> + uint16_t tmp;
>
> sha1_starts(&ctx);
> /* Hash the namespace UUID as salt */
> @@ -411,11 +411,11 @@ void gen_uuid_v5(const struct uuid *namespace, struct uuid *uuid, ...)
> memcpy(uuid, hash, sizeof(*uuid));
>
> /* Configure variant/version bits */
> - tmp = be32_to_cpu(uuid->time_hi_and_version);
> + tmp = be16_to_cpu(uuid->time_hi_and_version);
> tmp = (tmp & ~UUID_VERSION_MASK) | (5 << UUID_VERSION_SHIFT);
> - uuid->time_hi_and_version = cpu_to_be32(tmp);
> + uuid->time_hi_and_version = cpu_to_be16(tmp);
>
> - uuid->clock_seq_hi_and_reserved &= UUID_VARIANT_MASK;
> + uuid->clock_seq_hi_and_reserved &= ~UUID_VARIANT_MASK;
> uuid->clock_seq_hi_and_reserved |= UUID_VARIANT << UUID_VARIANT_SHIFT;
> }
> #endif
> diff --git a/test/lib/uuid.c b/test/lib/uuid.c
> index 0bcb332e534..b5940fa855c 100644
> --- a/test/lib/uuid.c
> +++ b/test/lib/uuid.c
> @@ -60,7 +60,7 @@ static int lib_test_dynamic_uuid_case(struct unit_test_state *uts,
> int j;
>
> ut_assertok(uuid_str_to_bin(data->namespace, (unsigned char *)&namespace,
> - UUID_STR_FORMAT_GUID));
> + UUID_STR_FORMAT_STD));
>
> for (j = 0; data->images[j]; j++) {
> const char *expected_uuid = data->expected_uuids[j];
> @@ -72,7 +72,7 @@ static int lib_test_dynamic_uuid_case(struct unit_test_state *uts,
> data->compatible, strlen(data->compatible),
> image, u16_strsize(image) - sizeof(uint16_t),
> NULL);
> - uuid_bin_to_str((unsigned char *)&uuid, uuid_str, UUID_STR_FORMAT_GUID);
> + uuid_bin_to_str((unsigned char *)&uuid, uuid_str, UUID_STR_FORMAT_STD);
>
> ut_asserteq_str(expected_uuid, uuid_str);
> }
> @@ -94,9 +94,9 @@ static int lib_test_dynamic_uuid(struct unit_test_state *uts)
> NULL,
> },
> .expected_uuids = {
> - "fd5db83c-12f3-a46b-80a9-e3007c7ff56e",
> - "935fe837-fac8-4394-c008-737d8852c60d",
> - "ffd97379-0956-fa94-c003-8bfcf5cc097b",
> + "50980990-5af9-5522-86e2-8f05f4d7313c",
> + "3554b655-b9f0-5240-ace2-6f34c2f7fcca",
> + "8b38adc7-df0c-5769-8b89-c090ca3d07a7",
> NULL,
> }
> },
> @@ -108,7 +108,7 @@ static int lib_test_dynamic_uuid(struct unit_test_state *uts)
> NULL,
> },
> .expected_uuids = {
> - "8ee418dc-7e00-e156-80a7-274fbbc05ba8",
> + "14c399c8-4e16-5ba4-b720-44426d3a0bb9",
> NULL,
> }
> },
> diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py b/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py
> index 746da460208..9701acebbe3 100644
> --- a/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py
> +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware_fit.py
> @@ -146,8 +146,8 @@ class TestEfiCapsuleFirmwareFit():
> verify_content(u_boot_console, '100000', 'u-boot:Old')
> verify_content(u_boot_console, '150000', 'u-boot-env:Old')
> else:
> - # ensure that SANDBOX_UBOOT_IMAGE_GUID is in the ESRT.
> - assert '5AF91295-5A99-F62B-80D7-E9574DE87170' in ''.join(output)
> + # ensure that SANDBOX_FIT_IMAGE_GUID is in the ESRT.
> + assert '8B38ADC7-DF0C-5769-8B89-C090CA3D07A7' in ''.join(output)
> assert 'ESRT: fw_version=5' in ''.join(output)
> assert 'ESRT: lowest_supported_fw_version=3' in ''.join(output)
>
> diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware_raw.py b/test/py/tests/test_efi_capsule/test_capsule_firmware_raw.py
> index 1866b808657..cedb3a43591 100644
> --- a/test/py/tests/test_efi_capsule/test_capsule_firmware_raw.py
> +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware_raw.py
> @@ -134,10 +134,10 @@ class TestEfiCapsuleFirmwareRaw:
> 'efidebug capsule esrt'])
>
> # ensure that SANDBOX_UBOOT_ENV_IMAGE_GUID is in the ESRT.
> - assert '935FE837-FAC8-4394-C008-737D8852C60D' in ''.join(output)
> + assert '3554B655-B9F0-5240-ACE2-6F34C2F7FCCA' in ''.join(output)
>
> # ensure that SANDBOX_UBOOT_IMAGE_GUID is in the ESRT.
> - assert 'FD5DB83C-12F3-A46B-80A9-E3007C7FF56E' in ''.join(output)
> + assert '50980990-5AF9-5522-86E2-8F05F4D7313C' in ''.join(output)
>
> check_file_removed(u_boot_console, disk_img, capsule_files)
>
> @@ -188,12 +188,12 @@ class TestEfiCapsuleFirmwareRaw:
> verify_content(u_boot_console, '150000', 'u-boot-env:Old')
> else:
> # ensure that SANDBOX_UBOOT_IMAGE_GUID is in the ESRT.
> - assert 'FD5DB83C-12F3-A46B-80A9-E3007C7FF56E' in ''.join(output)
> + assert '50980990-5AF9-5522-86E2-8F05F4D7313C' in ''.join(output)
> assert 'ESRT: fw_version=5' in ''.join(output)
> assert 'ESRT: lowest_supported_fw_version=3' in ''.join(output)
>
> # ensure that SANDBOX_UBOOT_ENV_IMAGE_GUID is in the ESRT.
> - assert '935FE837-FAC8-4394-C008-737D8852C60D' in ''.join(output)
> + assert '3554B655-B9F0-5240-ACE2-6F34C2F7FCCA' in ''.join(output)
> assert 'ESRT: fw_version=10' in ''.join(output)
> assert 'ESRT: lowest_supported_fw_version=7' in ''.join(output)
>
> diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_fit.py b/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_fit.py
> index a4e0a3bc73f..10eb8281457 100644
> --- a/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_fit.py
> +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_fit.py
> @@ -157,7 +157,7 @@ class TestEfiCapsuleFirmwareSignedFit():
> 'efidebug capsule esrt'])
>
> # ensure that SANDBOX_UBOOT_IMAGE_GUID is in the ESRT.
> - assert 'FD5DB83C-12F3-A46B-80A9-E3007C7FF56E' in ''.join(output)
> + assert '8B38ADC7-DF0C-5769-8B89-C090CA3D07A7' in ''.join(output)
> assert 'ESRT: fw_version=5' in ''.join(output)
> assert 'ESRT: lowest_supported_fw_version=3' in ''.join(output)
>
> diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_raw.py b/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_raw.py
> index 260c7186063..01e5f3b3405 100644
> --- a/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_raw.py
> +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware_signed_raw.py
> @@ -151,12 +151,12 @@ class TestEfiCapsuleFirmwareSignedRaw():
> 'efidebug capsule esrt'])
>
> # ensure that SANDBOX_UBOOT_IMAGE_GUID is in the ESRT.
> - assert 'FD5DB83C-12F3-A46B-80A9-E3007C7FF56E' in ''.join(output)
> + assert '50980990-5AF9-5522-86E2-8F05F4D7313C' in ''.join(output)
> assert 'ESRT: fw_version=5' in ''.join(output)
> assert 'ESRT: lowest_supported_fw_version=3' in ''.join(output)
>
> # ensure that SANDBOX_UBOOT_ENV_IMAGE_GUID is in the ESRT.
> - assert '935FE837-FAC8-4394-C008-737D8852C60D' in ''.join(output)
> + assert '3554B655-B9F0-5240-ACE2-6F34C2F7FCCA' in ''.join(output)
> assert 'ESRT: fw_version=10' in ''.join(output)
> assert 'ESRT: lowest_supported_fw_version=7' in ''.join(output)
>
> diff --git a/test/py/tests/test_efi_capsule/version.dts b/test/py/tests/test_efi_capsule/version.dts
> index 3f0698bf728..c447a3d8199 100644
> --- a/test/py/tests/test_efi_capsule/version.dts
> +++ b/test/py/tests/test_efi_capsule/version.dts
> @@ -8,17 +8,17 @@
> image1 {
> lowest-supported-version = <3>;
> image-index = <1>;
> - image-type-id = "FD5DB83C-12F3-A46B-80A9-E3007C7FF56E";
> + image-type-id = "50980990-5AF9-5522-86E2-8F05F4D7313C";
> };
> image2 {
> lowest-supported-version = <7>;
> image-index = <2>;
> - image-type-id = "935FE837-FAC8-4394-C008-737D8852C60D";
> + image-type-id = "3554B655-B9F0-5240-ACE2-6F34C2F7FCCA";
> };
> image3 {
> lowest-supported-version = <3>;
> image-index = <1>;
> - image-type-id = "FFD97379-0956-FA94-C003-8BFCF5CC097B";
> + image-type-id = "8B38ADC7-DF0C-5769-8B89-C090CA3D07A7";
> };
> };
> };
> diff --git a/tools/.gitignore b/tools/.gitignore
> index 0108c567309..6b7d7b89c39 100644
> --- a/tools/.gitignore
> +++ b/tools/.gitignore
> @@ -15,6 +15,7 @@
> /gdb/gdbsend
> /gen_eth_addr
> /gen_ethaddr_crc
> +/genguid
> /ifdtool
> /ifwitool
> /img2srec
> diff --git a/tools/binman/etype/efi_capsule.py b/tools/binman/etype/efi_capsule.py
> index da1f9b0a381..f9f4fda5f71 100644
> --- a/tools/binman/etype/efi_capsule.py
> +++ b/tools/binman/etype/efi_capsule.py
> @@ -24,7 +24,7 @@ def get_binman_test_guid(type_str):
> The actual GUID value (str)
> """
> TYPE_TO_GUID = {
> - 'binman-test' : 'fd5db83c-12f3-a46b-80a9-e3007c7ff56e'
> + 'binman-test' : '50980990-5af9-5522-86e2-8f05f4d7313c'
> }
>
> return TYPE_TO_GUID[type_str]
> diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py
> index dc602b95ecd..5610afc26de 100644
> --- a/tools/binman/ftest.py
> +++ b/tools/binman/ftest.py
> @@ -124,7 +124,7 @@ TEE_ADDR = 0x5678
> # Firmware Management Protocol(FMP) GUID
> FW_MGMT_GUID = '6dcbd5ed-e82d-4c44-bda1-7194199ad92a'
> # Image GUID specified in the DTS
> -CAPSULE_IMAGE_GUID = 'fd5db83c-12f3-a46b-80a9-e3007c7ff56e'
> +CAPSULE_IMAGE_GUID = '50980990-5af9-5522-86e2-8f05f4d7313c'
> # Windows cert GUID
> WIN_CERT_TYPE_EFI_GUID = '4aafd29d-68df-49ee-8aa9-347d375665a7'
> # Empty capsule GUIDs
> diff --git a/tools/genguid.c b/tools/genguid.c
> index e71bc1d48f9..1e365399721 100644
> --- a/tools/genguid.c
> +++ b/tools/genguid.c
> @@ -15,7 +15,6 @@
> #include <uuid.h>
>
> static struct option options[] = {
> - {"dtb", required_argument, NULL, 'd'},
> {"compat", required_argument, NULL, 'c'},
> {"help", no_argument, NULL, 'h'},
> {"verbose", no_argument, NULL, 'v'},
> @@ -99,7 +98,7 @@ int main(int argc, char **argv)
> return 1;
> }
>
> - if (uuid_str_to_bin(namespace_str, (unsigned char *)&namespace, UUID_STR_FORMAT_GUID)) {
> + if (uuid_str_to_bin(namespace_str, (unsigned char *)&namespace, UUID_STR_FORMAT_STD)) {
> fprintf(stderr, "ERROR: Check that your UUID is formatted correctly.\n");
> exit(EXIT_FAILURE);
> }
> @@ -116,7 +115,7 @@ int main(int argc, char **argv)
>
> if (debug) {
> fprintf(stderr, "GUID: ");
> - uuid_bin_to_str((uint8_t *)&namespace, uuid_str, UUID_STR_FORMAT_GUID);
> + uuid_bin_to_str((uint8_t *)&namespace, uuid_str, UUID_STR_FORMAT_STD);
> fprintf(stderr, "%s\n", uuid_str);
> fprintf(stderr, "Compatible: \"%s\"\n", compatible);
> fprintf(stderr, "Images: ");
> @@ -134,7 +133,7 @@ int main(int argc, char **argv)
> images_u16[i], u16_strsize(images_u16[i]) - sizeof(uint16_t),
> NULL);
>
> - uuid_bin_to_str((uint8_t *)&image_type_id, uuid_str, UUID_STR_FORMAT_GUID);
> + uuid_bin_to_str((uint8_t *)&image_type_id, uuid_str, UUID_STR_FORMAT_STD);
> image_uuids[i] = strdup(uuid_str);
> }
>
--
// Caleb (they/them)
More information about the U-Boot
mailing list