[PATCH v3 0/7] efi: CapsuleUpdate: support for dynamic UUIDs

Caleb Connolly caleb.connolly at linaro.org
Wed Jun 5 19:02:19 CEST 2024 


On 05/06/2024 07:59, Heinrich Schuchardt wrote:
> On 5/31/24 15:50, Caleb Connolly wrote:
>> As more boards adopt support for the EFI CapsuleUpdate mechanism, there
>> is a growing issue of being able to target updates to them properly. The
>> current mechanism of hardcoding UUIDs for each board at compile time is
>> unsustainable, and maintaining lists of GUIDs is similarly cumbersome.
>>
>> In this series, I propose that we adopt v5 GUIDs, these are generated
>> by using a well-known salt GUID as well as board specific information
>> (like the model/revision), these are hashed together and the result is
>> truncated to form a new UUID.
>>
>> The well-known salt GUID can be specific to the architecture (SoC
>> vendor), or OEM. It is defined in the board defconfig so that vendors
>> can easily bring their own.
>>
>> Specifically, the following fields are used to generate a GUID for a
>> particular fw_image:
>>
>> * namespace salt
>> * board compatible (usually the first entry in the dt root compatible
>>    array).
>> * fw_image name (the string identifying the specific image, especially
>>    relevant for board that can update multiple images).
>>
>> == Usage ==
>>
>> Boards can integrate dynamic UUID support as follows:
>>
>> 1. Adjust Kconfig to depend on EFI_CAPSULE_DYNAMIC_UUIDS if
>>     EFI_HAVE_CAPSULE_SUPPORT.
>> 2. Skip setting the fw_images image_type_id property.
>> 3. Generate a UUID and set CONFIG_EFI_CAPSULE_NAMESPACE_UUID in your
>>     defconfig.
> 
> Why should we have two alternatives?
> 
> If we have the dynamic UUIDs, please, get rid of static ones.

I don't think this is possible to do without the risk of breaking some 
boards. Can we assume that ALL existing capsule update image GUIDs are 
safe to just scrap?
> 
>>
>> == Limitations ==
>>
>> * Changing GUIDs
>>
>> The primary limitation with this approach is that if any of the source
>> fields change, so will the GUID for the board. It is therefore pretty
>> important to ensure that GUID changes are caught during development.
>>
>> * Supporting multiple boards with a single image
>>
>> This now requires having an entry with the GUID for every board which
>> might lead to larger UpdateCapsule images.
> 
> Do we have a test case were a capsule contains images that shall not be
> installed?
> 
>>
>> == Tooling ==
>>
>> This series introduces a new tool: genguid. This can be used to generate
>> the same GUIDs that the board would at runtime.
> 
>      the GUIDs that the board requires at runtime.
> 
> Best regards
> 
> Heinrich
> 
>>
>> This series follows a related discussion started by Ilias:
>> https://lore.kernel.org/u-boot/CAC_iWjJNHa4gMF897MqYZNdbgjFG8K4kwGsTXWuy72WkYLizrw@mail.gmail.com/
>>
>> ---
>> Changes in v3:
>> - Add manpage for genguid
>> - Add dedicated CONFIG_TOOLS_GENGUID option
>> - Minor code fixes addressing v2 feedback
>> - Link to v2: 
>> https://lore.kernel.org/r/20240529-b4-dynamic-uuid-v2-0-c26f31057bbe@linaro.org
>>
>> Changes in v2:
>> - Move namespace UUID to be defined in defconfig
>> - Add tests and tooling
>> - Only use the first board compatible to generate UUID.
>> - Link to v1: 
>> https://lore.kernel.org/r/20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org
>>
>> ---
>> Caleb Connolly (7):
>>        lib: uuid: add UUID v5 support
>>        efi: add a helper to generate dynamic UUIDs
>>        doc: uefi: document dynamic UUID generation
>>        sandbox: switch to dynamic UUIDs
>>        lib: uuid: supporting building as part of host tools
>>        tools: add genguid tool
>>        test: lib/uuid: add unit tests for dynamic UUIDs
>>
>>   arch/Kconfig                                       |   1 +
>>   board/sandbox/sandbox.c                            |  16 ---
>>   configs/sandbox_defconfig                          |   1 +
>>   configs/sandbox_flattree_defconfig                 |   1 +
>>   doc/develop/uefi/uefi.rst                          |  31 +++++
>>   doc/genguid.1                                      |  52 +++++++
>>   include/sandbox_efi_capsule.h                      |   6 +-
>>   include/uuid.h                                     |  21 ++-
>>   lib/Kconfig                                        |   8 ++
>>   lib/efi_loader/Kconfig                             |  23 +++
>>   lib/efi_loader/efi_capsule.c                       |   1 +
>>   lib/efi_loader/efi_firmware.c                      |  66 +++++++++
>>   lib/uuid.c                                         |  81 +++++++++--
>>   test/lib/uuid.c                                    |  88 ++++++++++++
>>   .../test_efi_capsule/test_capsule_firmware_fit.py  |   2 +-
>>   .../test_efi_capsule/test_capsule_firmware_raw.py  |   8 +-
>>   .../test_capsule_firmware_signed_fit.py            |   2 +-
>>   .../test_capsule_firmware_signed_raw.py            |   4 +-
>>   test/py/tests/test_efi_capsule/version.dts         |   6 +-
>>   tools/Kconfig                                      |   7 +
>>   tools/Makefile                                     |   3 +
>>   tools/binman/etype/efi_capsule.py                  |   2 +-
>>   tools/binman/ftest.py                              |   2 +-
>>   tools/genguid.c                                    | 154 
>> +++++++++++++++++++++
>>   24 files changed, 538 insertions(+), 48 deletions(-)
>> ---
>> change-id: 20240422-b4-dynamic-uuid-1a5ab1486c27
>> base-commit: 2e682a4a406fc81ef32e05c28542cc8067f1e15f
>>
>> // Caleb (they/them)
>>
> 

-- 
// Caleb (they/them)

More information about the U-Boot mailing list