[PATCH v5 0/6] FWU: Handle meta-data in common code
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Changes since v3: * Fix error log wording * call fwu_write_mdata() with part & PRIMARY_PART ? true: false
Changes since v2: * Drop whitespace changes * Fix missing mdata copy before return
Changes since v1: * Fix typos and misc cosmetic changes * Catch error returns
Jassi Brar (6): dt/bindings: fwu-mdata-mtd: drop changes outside FWU fwu: gpt: use cached meta-data partition numbers fwu: move meta-data management in core fwu: gpt: implement read_mdata and write_mdata callbacks fwu: meta-data: switch to management by common code fwu: rename fwu_get_verified_mdata to fwu_get_mdata
cmd/fwu_mdata.c | 17 +- .../firmware/fwu-mdata-mtd.yaml | 105 ++++++- drivers/fwu-mdata/fwu-mdata-uclass.c | 151 +-------- drivers/fwu-mdata/gpt_blk.c | 175 +++-------- include/fwu.h | 198 ++---------- lib/fwu_updates/fwu.c | 295 +++++++----------- 6 files changed, 295 insertions(+), 646 deletions(-)
From: Jassi Brar jaswinder.singh@linaro.org
Any requirement of FWU should not require changes to bindings of other subsystems. For example, for mtd-backed storage we can do without requiring 'fixed-partitions' children to also carry 'uuid', a property which is non-standard and not in the bindings.
There exists no code yet, so we can change the fwu-mtd bindings to contain all properties within the fwu-mdata node.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- .../firmware/fwu-mdata-mtd.yaml | 105 +++++++++++++++--- 1 file changed, 91 insertions(+), 14 deletions(-)
diff --git a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml index 4f5404f999..4b87fb8624 100644 --- a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml +++ b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml @@ -1,13 +1,13 @@ # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) %YAML 1.2 --- -$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-sf.yaml# -$schema: http://devicetree.org/meta-schemas/core.yaml# +$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-mtd.yaml# +$schema: http://devicetree.org/meta-schemas/base.yaml#
title: FWU metadata on MTD device without GPT
maintainers: - - Masami Hiramatsu masami.hiramatsu@linaro.org + - Jassi Brar jaswinder.singh@linaro.org
properties: compatible: @@ -15,24 +15,101 @@ properties: - const: u-boot,fwu-mdata-mtd
fwu-mdata-store: - maxItems: 1 - description: Phandle of the MTD device which contains the FWU medatata. + $ref: /schemas/types.yaml#/definitions/phandle + description: Phandle of the MTD device which contains the FWU MetaData and Banks.
- mdata-offsets: + mdata-parts: + $ref: /schemas/types.yaml#/definitions/non-unique-string-array minItems: 2 - description: Offsets of the primary and secondary FWU metadata in the NOR flash. + maxItems: 2 + description: labels of the primary and secondary FWU metadata partitions in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node. + + patternProperties: + "fwu-bank@[0-9]": + type: object + description: List of FWU mtd-backed banks. Typically two banks. + + properties: + id: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Index of the bank. + + label: + $ref: /schemas/types.yaml#/definitions/non-unique-string-array + minItems: 1 + maxItems: 1 + description: label of the partition, in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node, that holds this bank. + + patternProperties: + "fwu-image@[0-9]": + type: object + description: List of images in the FWU mtd-backed bank. + + properties: + id: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Index of the bank. + + offset: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Offset, from start of the bank, where the image is located. + + size: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Size reserved for the image. + + uuid: + $ref: /schemas/types.yaml#/definitions/non-unique-string-array + minItems: 1 + maxItems: 1 + description: UUID of the image. + + required: + - id + - offset + - size + - uuid + additionalProperties: false + + required: + - id + - label + - fwu-images + additionalProperties: false
required: - compatible - fwu-mdata-store - - mdata-offsets - + - mdata-parts + - fwu-banks additionalProperties: false
examples: - | - fwu-mdata { - compatible = "u-boot,fwu-mdata-mtd"; - fwu-mdata-store = <&spi-flash>; - mdata-offsets = <0x500000 0x530000>; - }; + fwu-mdata { + compatible = "u-boot,fwu-mdata-mtd"; + fwu-mdata-store = <&flash0>; + mdata-parts = "MDATA-Pri", "MDATA-Sec"; + + fwu-bank@0 { + id = <0>; + label = "FIP-Bank0"; + fwu-image@0 { + id = <0>; + offset = <0x0>; + size = <0x400000>; + uuid = "5a66a702-99fd-4fef-a392-c26e261a2828"; + }; + }; + fwu-bank@1 { + id = <1>; + label = "FIP-Bank1"; + fwu-image@0 { + id = <0>; + offset = <0x0>; + size = <0x400000>; + uuid = "a8f868a1-6e5c-4757-878d-ce63375ef2c0"; + }; + }; + }; +...
On 2/28/23 01:52, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Any requirement of FWU should not require changes to bindings of other subsystems. For example, for mtd-backed storage we can do without requiring 'fixed-partitions' children to also carry 'uuid', a property which is non-standard and not in the bindings.
There exists no code yet, so we can change the fwu-mtd bindings to contain all properties within the fwu-mdata node.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org
.../firmware/fwu-mdata-mtd.yaml | 105 +++++++++++++++--- 1 file changed, 91 insertions(+), 14 deletions(-)
diff --git a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml index 4f5404f999..4b87fb8624 100644 --- a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml +++ b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml @@ -1,13 +1,13 @@ # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) %YAML 1.2
-$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-sf.yaml# -$schema: http://devicetree.org/meta-schemas/core.yaml# +$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-mtd.yaml# +$schema: http://devicetree.org/meta-schemas/base.yaml#
title: FWU metadata on MTD device without GPT
maintainers:
- Masami Hiramatsu masami.hiramatsu@linaro.org
- Jassi Brar jaswinder.singh@linaro.org
properties: compatible:
@@ -15,24 +15,101 @@ properties: - const: u-boot,fwu-mdata-mtd
fwu-mdata-store:
- maxItems: 1
- description: Phandle of the MTD device which contains the FWU medatata.
- $ref: /schemas/types.yaml#/definitions/phandle
- description: Phandle of the MTD device which contains the FWU MetaData and Banks.
- mdata-offsets:
- mdata-parts:
- $ref: /schemas/types.yaml#/definitions/non-unique-string-array minItems: 2
- description: Offsets of the primary and secondary FWU metadata in the NOR flash.
maxItems: 2
description: labels of the primary and secondary FWU metadata partitions in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node.
patternProperties:
"fwu-bank@[0-9]":
type: object
description: List of FWU mtd-backed banks. Typically two banks.
properties:
id:$ref: /schemas/types.yaml#/definitions/uint32description: Index of the bank.label:$ref: /schemas/types.yaml#/definitions/non-unique-string-arrayminItems: 1maxItems: 1description: label of the partition, in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node, that holds this bank.patternProperties:"fwu-image@[0-9]":type: objectdescription: List of images in the FWU mtd-backed bank.properties:id:$ref: /schemas/types.yaml#/definitions/uint32description: Index of the bank.offset:$ref: /schemas/types.yaml#/definitions/uint32description: Offset, from start of the bank, where the image is located.size:$ref: /schemas/types.yaml#/definitions/uint32description: Size reserved for the image.uuid:$ref: /schemas/types.yaml#/definitions/non-unique-string-arrayminItems: 1maxItems: 1description: UUID of the image.required:- id- offset- size- uuidadditionalProperties: falserequired:
- id- label- fwu-imagesadditionalProperties: false
required:
- compatible
- fwu-mdata-store
- mdata-offsets
- mdata-parts
- fwu-banks
additionalProperties: false
examples:
- |
- fwu-mdata {
compatible = "u-boot,fwu-mdata-mtd";fwu-mdata-store = <&spi-flash>;mdata-offsets = <0x500000 0x530000>;- };
- fwu-mdata {
compatible = "u-boot,fwu-mdata-mtd";fwu-mdata-store = <&flash0>;
This is primary saying that both copies are in flash0. Isn't it better to also via DT binding to support that it can be different physical devices?
mdata-parts = "MDATA-Pri", "MDATA-Sec";
This is not clear to me what this is used for. Can you please explain what you want to use this for?
fwu-bank@0 {id = <0>;
I though that @X is all the time associated with reg property. It means maybe you wanted to use fwu-bank0 instead or switch id to reg.
The same applies below to fwuimage.
label = "FIP-Bank0";fwu-image@0 {id = <0>;offset = <0x0>;size = <0x400000>;uuid = "5a66a702-99fd-4fef-a392-c26e261a2828";};};fwu-bank@1 {id = <1>;label = "FIP-Bank1";fwu-image@0 {id = <0>;offset = <0x0>;size = <0x400000>;uuid = "a8f868a1-6e5c-4757-878d-ce63375ef2c0";};};- };
+...
I think it will be good to get review from Krzysztof Kozlowski or Rob to make sure that it will never change.
Thanks, Michal
On Tue, Feb 28, 2023 at 4:50 AM Michal Simek michal.simek@amd.com wrote:
On 2/28/23 01:52, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Any requirement of FWU should not require changes to bindings of other subsystems. For example, for mtd-backed storage we can do without requiring 'fixed-partitions' children to also carry 'uuid', a property which is non-standard and not in the bindings.
There exists no code yet, so we can change the fwu-mtd bindings to contain all properties within the fwu-mdata node.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org
.../firmware/fwu-mdata-mtd.yaml | 105 +++++++++++++++--- 1 file changed, 91 insertions(+), 14 deletions(-)
diff --git a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml index 4f5404f999..4b87fb8624 100644 --- a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml +++ b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml @@ -1,13 +1,13 @@ # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) %YAML 1.2
-$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-sf.yaml# -$schema: http://devicetree.org/meta-schemas/core.yaml# +$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-mtd.yaml# +$schema: http://devicetree.org/meta-schemas/base.yaml#
title: FWU metadata on MTD device without GPT
maintainers:
- Masami Hiramatsu masami.hiramatsu@linaro.org
- Jassi Brar jaswinder.singh@linaro.org
properties: compatible:
@@ -15,24 +15,101 @@ properties: - const: u-boot,fwu-mdata-mtd
fwu-mdata-store:
- maxItems: 1
- description: Phandle of the MTD device which contains the FWU medatata.
- $ref: /schemas/types.yaml#/definitions/phandle
- description: Phandle of the MTD device which contains the FWU MetaData and Banks.
- mdata-offsets:
- mdata-parts:
- $ref: /schemas/types.yaml#/definitions/non-unique-string-array minItems: 2
- description: Offsets of the primary and secondary FWU metadata in the NOR flash.
maxItems: 2
description: labels of the primary and secondary FWU metadata partitions in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node.
patternProperties:
"fwu-bank@[0-9]":
type: object
description: List of FWU mtd-backed banks. Typically two banks.
properties:
id:$ref: /schemas/types.yaml#/definitions/uint32description: Index of the bank.label:$ref: /schemas/types.yaml#/definitions/non-unique-string-arrayminItems: 1maxItems: 1description: label of the partition, in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node, that holds this bank.patternProperties:"fwu-image@[0-9]":type: objectdescription: List of images in the FWU mtd-backed bank.properties:id:$ref: /schemas/types.yaml#/definitions/uint32description: Index of the bank.offset:$ref: /schemas/types.yaml#/definitions/uint32description: Offset, from start of the bank, where the image is located.size:$ref: /schemas/types.yaml#/definitions/uint32description: Size reserved for the image.uuid:$ref: /schemas/types.yaml#/definitions/non-unique-string-arrayminItems: 1maxItems: 1description: UUID of the image.required:- id- offset- size- uuidadditionalProperties: falserequired:
- id- label- fwu-imagesadditionalProperties: false
required:
- compatible
- fwu-mdata-store
- mdata-offsets
- mdata-parts
- fwu-banks
additionalProperties: false
examples:
- |
- fwu-mdata {
compatible = "u-boot,fwu-mdata-mtd";fwu-mdata-store = <&spi-flash>;mdata-offsets = <0x500000 0x530000>;- };
fwu-mdata {compatible = "u-boot,fwu-mdata-mtd";fwu-mdata-store = <&flash0>;This is primary saying that both copies are in flash0. Isn't it better to also via DT binding to support that it can be different physical devices?
That could be done, but currently the FWU code assumes all the artifacts are in the same storage. Same for GPT based layout, do we go change that as well? So I kept it simple for now.
mdata-parts = "MDATA-Pri", "MDATA-Sec";This is not clear to me what this is used for. Can you please explain what you want to use this for?
These are the two required meta-data partitions, primary and secondary (backup of primary). Meta-Data partitions store information about the current setup of banks/images.
fwu-bank@0 {id = <0>;I though that @X is all the time associated with reg property. It means maybe you wanted to use fwu-bank0 instead or switch id to reg.
The same applies below to fwuimage.
Yes, fwu-bank0 and fwu-image0 seems better.
label = "FIP-Bank0";fwu-image@0 {id = <0>;offset = <0x0>;size = <0x400000>;uuid = "5a66a702-99fd-4fef-a392-c26e261a2828";};};fwu-bank@1 {id = <1>;label = "FIP-Bank1";fwu-image@0 {id = <0>;offset = <0x0>;size = <0x400000>;uuid = "a8f868a1-6e5c-4757-878d-ce63375ef2c0";};};};+...
I think it will be good to get review from Krzysztof Kozlowski or Rob to make sure that it will never change.
I will CC them.
cheers.
From: Jassi Brar jaswinder.singh@linaro.org
Use cached values and avoid parsing and scanning through partitions everytime for meta-data partitions because they can't change after bootup.
Acked-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- drivers/fwu-mdata/gpt_blk.c | 43 +++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 19 deletions(-)
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index d35ce49c5c..28f5d23e1e 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -24,8 +24,9 @@ enum { MDATA_WRITE, };
-static int gpt_get_mdata_partitions(struct blk_desc *desc, - uint mdata_parts[2]) +static uint g_mdata_part[2]; /* = {0, 0} to check against uninit parts */ + +static int gpt_get_mdata_partitions(struct blk_desc *desc) { int i, ret; u32 nparts; @@ -33,18 +34,19 @@ static int gpt_get_mdata_partitions(struct blk_desc *desc, struct disk_partition info; const efi_guid_t fwu_mdata_guid = FWU_MDATA_GUID;
+ /* if primary and secondary partitions already found */ + if (g_mdata_part[0] && g_mdata_part[1]) + return 0; + nparts = 0; - for (i = 1; i < MAX_SEARCH_PARTITIONS; i++) { + for (i = 1; i < MAX_SEARCH_PARTITIONS && nparts < 2; i++) { if (part_get_info(desc, i, &info)) continue; uuid_str_to_bin(info.type_guid, part_type_guid.b, UUID_STR_FORMAT_GUID);
- if (!guidcmp(&fwu_mdata_guid, &part_type_guid)) { - if (nparts < 2) - mdata_parts[nparts] = i; - ++nparts; - } + if (!guidcmp(&fwu_mdata_guid, &part_type_guid)) + g_mdata_part[nparts++] = i; }
if (nparts != 2) { @@ -127,26 +129,25 @@ static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) { int ret; struct blk_desc *desc; - uint mdata_parts[2]; struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
desc = dev_get_uclass_plat(priv->blk_dev);
- ret = gpt_get_mdata_partitions(desc, mdata_parts); + ret = gpt_get_mdata_partitions(desc); if (ret < 0) { log_debug("Error getting the FWU metadata partitions\n"); return -ENOENT; }
/* First write the primary partition */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, mdata_parts[0]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[0]); if (ret < 0) { log_debug("Updating primary FWU metadata partition failed\n"); return ret; }
/* And now the replica */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, mdata_parts[1]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[1]); if (ret < 0) { log_debug("Updating secondary FWU metadata partition failed\n"); return ret; @@ -158,16 +159,14 @@ static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) { int ret; - uint mdata_parts[2]; - - ret = gpt_get_mdata_partitions(desc, mdata_parts);
+ ret = gpt_get_mdata_partitions(desc); if (ret < 0) { log_debug("Error getting the FWU metadata partitions\n"); return -ENOENT; }
- ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, mdata_parts[0]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[0]); if (ret < 0) { log_debug("Failed to read the FWU metadata from the device\n"); return -EIO; @@ -182,7 +181,7 @@ static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) * Try to read the replica. */ memset(mdata, '\0', sizeof(struct fwu_mdata)); - ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, mdata_parts[1]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[1]); if (ret < 0) { log_debug("Failed to read the FWU metadata from the device\n"); return -EIO; @@ -206,9 +205,15 @@ static int fwu_gpt_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) static int fwu_gpt_get_mdata_partitions(struct udevice *dev, uint *mdata_parts) { struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); + int err; + + err = gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev)); + if (!err) { + mdata_parts[0] = g_mdata_part[0]; + mdata_parts[1] = g_mdata_part[1]; + }
- return gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev), - mdata_parts); + return err; }
static int fwu_gpt_read_mdata_partition(struct udevice *dev,
From: Jassi Brar jaswinder.singh@linaro.org
Instead of each i/f having to implement their own meta-data verification and storage, move the logic in common code. This simplifies the i/f code much simpler and compact.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- drivers/fwu-mdata/fwu-mdata-uclass.c | 34 +++++++ include/fwu.h | 41 +++++++++ lib/fwu_updates/fwu.c | 130 +++++++++++++++++++++++++-- 3 files changed, 200 insertions(+), 5 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index b477e9603f..e03773c584 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -16,6 +16,40 @@ #include <linux/types.h> #include <u-boot/crc.h>
+/** + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() + * + * Return: 0 if OK, -ve on error + */ +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{ + const struct fwu_mdata_ops *ops = device_get_ops(dev); + + if (!ops->read_mdata) { + log_debug("read_mdata() method not defined\n"); + return -ENOSYS; + } + + return ops->read_mdata(dev, mdata, primary); +} + +/** + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata() + * + * Return: 0 if OK, -ve on error + */ +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{ + const struct fwu_mdata_ops *ops = device_get_ops(dev); + + if (!ops->write_mdata) { + log_debug("write_mdata() method not defined\n"); + return -ENOSYS; + } + + return ops->write_mdata(dev, mdata, primary); +} + /** * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers * @dev: FWU metadata device diff --git a/include/fwu.h b/include/fwu.h index 0919ced812..1a700c9e6a 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv { * @update_mdata() - Update the FWU metadata copy */ struct fwu_mdata_ops { + /** + * read_mdata() - Populate the asked FWU metadata copy + * @dev: FWU metadata device + * @mdata: Copy of the FWU metadata + * @primary: If primary or secondary copy of meta-data is to be read + * + * Return: 0 if OK, -ve on error + */ + int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + + /** + * write_mdata() - Write the given FWU metadata copy + * @dev: FWU metadata device + * @mdata: Copy of the FWU metadata + * @primary: If primary or secondary copy of meta-data is to be written + * + * Return: 0 if OK, -ve on error + */ + int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + /** * check_mdata() - Check if the FWU metadata is valid * @dev: FWU device @@ -126,6 +146,27 @@ struct fwu_mdata_ops { EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \ 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
+/** + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() + */ +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + +/** + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata() + */ +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + +/** + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * + * Read both the metadata copies from the storage media, verify their checksum, + * and ascertain that both copies match. If one of the copies has gone bad, + * restore it from the good copy. + * + * Return: 0 if OK, -ve on error +*/ +int fwu_get_verified_mdata(struct fwu_mdata *mdata); + /** * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies * diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 5313d07302..7d195964a2 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -15,13 +15,13 @@ #include <linux/errno.h> #include <linux/types.h>
+#include <u-boot/crc.h> + +static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */ +static struct udevice *g_dev; static u8 in_trial; static u8 boottime_check;
-#include <linux/errno.h> -#include <linux/types.h> -#include <u-boot/crc.h> - enum { IMAGE_ACCEPT_SET = 1, IMAGE_ACCEPT_CLEAR, @@ -161,6 +161,126 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id) return -ENOENT; }
+/** + * fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided + * @mdata: FWU metadata structure + * @part: Bitmask of FWU metadata partitions to be written to + * + * Return: 0 if OK, -ve on error + */ +static int fwu_sync_mdata(struct fwu_mdata *mdata, int part) +{ + void *buf = &mdata->version; + int err; + + if (part == BOTH_PARTS) { + err = fwu_sync_mdata(mdata, SECONDARY_PART); + if (err) + return err; + part = PRIMARY_PART; + } + + /* + * Calculate the crc32 for the updated FWU metadata + * and put the updated value in the FWU metadata crc32 + * field + */ + mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); + + err = fwu_write_mdata(g_dev, mdata, part & PRIMARY_PART ? true : false); + if (err) { + log_err("Unable to write %s mdata\n", + part & PRIMARY_PART ? "primary": "secondary"); + return err; + } + + /* update the cached copy of meta-data */ + memcpy(&g_mdata, mdata, sizeof(struct fwu_mdata)); + + return 0; +} + +static inline int mdata_crc_check(struct fwu_mdata *mdata) +{ + void *buf = &mdata->version; + u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); + + return calc_crc32 == mdata->crc32 ? 0 : -EINVAL; +} + +/** + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * + * Read both the metadata copies from the storage media, verify their checksum, + * and ascertain that both copies match. If one of the copies has gone bad, + * restore it from the good copy. + * + * Return: 0 if OK, -ve on error + */ +int fwu_get_verified_mdata(struct fwu_mdata *mdata) +{ + int err; + bool parts_ok[2] = { false }; + struct fwu_mdata s, *parts_mdata[2]; + + parts_mdata[0] = &g_mdata; + parts_mdata[1] = &s; + + /* if mdata already read and ready */ + err = mdata_crc_check(parts_mdata[0]); + if (!err) + goto ret_mdata; + /* else read, verify and, if needed, fix mdata */ + + for (int i = 0; i < 2; i++) { + parts_ok[i] = false; + err = fwu_read_mdata(g_dev, parts_mdata[i], !i); + if (!err) { + err = mdata_crc_check(parts_mdata[i]); + if (!err) + parts_ok[i] = true; + else + log_debug("mdata : %s crc32 failed\n", i ? "secondary": "primary"); + } + } + + if (parts_ok[0] && parts_ok[1]) { + /* + * Before returning, check that both the + * FWU metadata copies are the same. + */ + err = memcmp(parts_mdata[0], parts_mdata[1], sizeof(struct fwu_mdata)); + if (!err) + goto ret_mdata; + + /* + * If not, populate the secondary partition from the + * primary partition copy. + */ + log_info("Both FWU metadata copies are valid but do not match."); + log_info(" Restoring the secondary partition from the primary\n"); + parts_ok[1] = false; + } + + for (int i = 0; i < 2; i++) { + if (parts_ok[i]) + continue; + + memcpy(parts_mdata[i], parts_mdata[1-i], sizeof(struct fwu_mdata)); + err = fwu_sync_mdata(parts_mdata[i], i ? SECONDARY_PART : PRIMARY_PART); + if (err) { + log_debug("mdata : %s write failed\n", i ? "secondary": "primary"); + return err; + } + } + +ret_mdata: + if (!err && mdata) + memcpy(mdata, parts_mdata[0], sizeof(struct fwu_mdata)); + + return err; +} + /** * fwu_verify_mdata() - Verify the FWU metadata * @mdata: FWU metadata structure @@ -436,7 +556,7 @@ int fwu_get_image_index(u8 *image_index) } }
- log_debug("Partition with the image type %pUs not found\n", + log_err("Partition with the image type %pUs not found\n", &image_type_id);
out:
Hello Jassi,
On Tue, 28 Feb 2023 at 01:52, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Instead of each i/f having to implement their own meta-data verification and storage, move the logic in common code. This simplifies the i/f code much simpler and compact.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org
drivers/fwu-mdata/fwu-mdata-uclass.c | 34 +++++++ include/fwu.h | 41 +++++++++ lib/fwu_updates/fwu.c | 130 +++++++++++++++++++++++++-- 3 files changed, 200 insertions(+), 5 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index b477e9603f..e03773c584 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -16,6 +16,40 @@ #include <linux/types.h> #include <u-boot/crc.h>
+/**
- fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
- Return: 0 if OK, -ve on error
- */
Inline description only in header file, or duplicated in source and header files?
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{
const struct fwu_mdata_ops *ops = device_get_ops(dev);if (!ops->read_mdata) {log_debug("read_mdata() method not defined\n");return -ENOSYS;}return ops->read_mdata(dev, mdata, primary);+}
+/**
- fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
- Return: 0 if OK, -ve on error
- */
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{
const struct fwu_mdata_ops *ops = device_get_ops(dev);if (!ops->write_mdata) {log_debug("write_mdata() method not defined\n");return -ENOSYS;}return ops->write_mdata(dev, mdata, primary);+}
/**
- fwu_get_mdata_part_num() - Get the FWU metadata partition numbers
- @dev: FWU metadata device
diff --git a/include/fwu.h b/include/fwu.h index 0919ced812..1a700c9e6a 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv {
- @update_mdata() - Update the FWU metadata copy
*/ struct fwu_mdata_ops {
/*** read_mdata() - Populate the asked FWU metadata copy* @dev: FWU metadata device* @mdata: Copy of the FWU metadata
@mdata: Output FWU mdata read
* @primary: If primary or secondary copy of meta-data is to be read
s/meta-data/FWU metadata/ Ditto in .write_mdata description
** Return: 0 if OK, -ve on error*/int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);/*** write_mdata() - Write the given FWU metadata copy* @dev: FWU metadata device* @mdata: Copy of the FWU metadata* @primary: If primary or secondary copy of meta-data is to be written** Return: 0 if OK, -ve on error*/int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);/** * check_mdata() - Check if the FWU metadata is valid * @dev: FWU device@@ -126,6 +146,27 @@ struct fwu_mdata_ops { EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \ 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
+/**
- fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
- */
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
+/**
- fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
- */
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
+/**
- fwu_get_verified_mdata() - Read, verify and return the FWU metadata
- Read both the metadata copies from the storage media, verify their checksum,
- and ascertain that both copies match. If one of the copies has gone bad,
- restore it from the good copy.
@mdata: Output FWU metadata read or NULL
- Return: 0 if OK, -ve on error
+*/ +int fwu_get_verified_mdata(struct fwu_mdata *mdata);
/**
- fwu_check_mdata_validity() - Check for validity of the FWU metadata copies
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 5313d07302..7d195964a2 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -15,13 +15,13 @@ #include <linux/errno.h> #include <linux/types.h>
+#include <u-boot/crc.h>
+static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */ +static struct udevice *g_dev; static u8 in_trial; static u8 boottime_check;
-#include <linux/errno.h> -#include <linux/types.h> -#include <u-boot/crc.h>
enum { IMAGE_ACCEPT_SET = 1, IMAGE_ACCEPT_CLEAR, @@ -161,6 +161,126 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id) return -ENOENT; }
+/**
- fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided
- @mdata: FWU metadata structure
- @part: Bitmask of FWU metadata partitions to be written to
- Return: 0 if OK, -ve on error
- */
+static int fwu_sync_mdata(struct fwu_mdata *mdata, int part) +{
void *buf = &mdata->version;int err;if (part == BOTH_PARTS) {err = fwu_sync_mdata(mdata, SECONDARY_PART);if (err)return err;part = PRIMARY_PART;}/** Calculate the crc32 for the updated FWU metadata* and put the updated value in the FWU metadata crc32* field*/mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));err = fwu_write_mdata(g_dev, mdata, part & PRIMARY_PART ? true : false);
Since this expects part is either PRIMARY_PART or SECONDARY_PART, prefer: err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART);
And ditto below: part == PRIMARY_PART ? "primary": "secondary");
if (err) {log_err("Unable to write %s mdata\n",part & PRIMARY_PART ? "primary": "secondary");return err;}/* update the cached copy of meta-data */memcpy(&g_mdata, mdata, sizeof(struct fwu_mdata));return 0;+}
+static inline int mdata_crc_check(struct fwu_mdata *mdata) +{
void *buf = &mdata->version;u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;+}
+/**
- fwu_get_verified_mdata() - Read, verify and return the FWU metadata
- Read both the metadata copies from the storage media, verify their checksum,
- and ascertain that both copies match. If one of the copies has gone bad,
- restore it from the good copy.
- Return: 0 if OK, -ve on error
- */
+int fwu_get_verified_mdata(struct fwu_mdata *mdata) +{
int err;bool parts_ok[2] = { false };struct fwu_mdata s, *parts_mdata[2];parts_mdata[0] = &g_mdata;parts_mdata[1] = &s;/* if mdata already read and ready */err = mdata_crc_check(parts_mdata[0]);if (!err)goto ret_mdata;/* else read, verify and, if needed, fix mdata */for (int i = 0; i < 2; i++) {
Define "int i;" at function block entry?
parts_ok[i] = false;err = fwu_read_mdata(g_dev, parts_mdata[i], !i);if (!err) {err = mdata_crc_check(parts_mdata[i]);if (!err)parts_ok[i] = true;elselog_debug("mdata : %s crc32 failed\n", i ? "secondary": "primary");}}if (parts_ok[0] && parts_ok[1]) {/** Before returning, check that both the* FWU metadata copies are the same.*/err = memcmp(parts_mdata[0], parts_mdata[1], sizeof(struct fwu_mdata));if (!err)goto ret_mdata;/** If not, populate the secondary partition from the* primary partition copy.*/log_info("Both FWU metadata copies are valid but do not match.");log_info(" Restoring the secondary partition from the primary\n");parts_ok[1] = false;}for (int i = 0; i < 2; i++) {if (parts_ok[i])continue;memcpy(parts_mdata[i], parts_mdata[1-i], sizeof(struct fwu_mdata));err = fwu_sync_mdata(parts_mdata[i], i ? SECONDARY_PART : PRIMARY_PART);if (err) {log_debug("mdata : %s write failed\n", i ? "secondary": "primary");return err;}}+ret_mdata:
if (!err && mdata)memcpy(mdata, parts_mdata[0], sizeof(struct fwu_mdata));return err;+}
/**
- fwu_verify_mdata() - Verify the FWU metadata
- @mdata: FWU metadata structure
@@ -436,7 +556,7 @@ int fwu_get_image_index(u8 *image_index) } }
log_debug("Partition with the image type %pUs not found\n",
log_err("Partition with the image type %pUs not found\n", &image_type_id);out:
2.34.1
On Wed, Mar 1, 2023 at 5:16 AM Etienne Carriere etienne.carriere@linaro.org wrote:
On Tue, 28 Feb 2023 at 01:52, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Instead of each i/f having to implement their own meta-data verification and storage, move the logic in common code. This simplifies the i/f code much simpler and compact.
...
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index b477e9603f..e03773c584 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -16,6 +16,40 @@ #include <linux/types.h> #include <u-boot/crc.h>
+/**
- fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
- Return: 0 if OK, -ve on error
- */
Inline description only in header file, or duplicated in source and header files?
This is the original practice in FWU stack - to have the description in header as well as source code. I just didn't want to stick out.
diff --git a/include/fwu.h b/include/fwu.h index 0919ced812..1a700c9e6a 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv {
- @update_mdata() - Update the FWU metadata copy
*/ struct fwu_mdata_ops {
/*** read_mdata() - Populate the asked FWU metadata copy* @dev: FWU metadata device* @mdata: Copy of the FWU metadata@mdata: Output FWU mdata read
* @primary: If primary or secondary copy of meta-data is to be reads/meta-data/FWU metadata/ Ditto in .write_mdata description
ok
+/**
- fwu_get_verified_mdata() - Read, verify and return the FWU metadata
- Read both the metadata copies from the storage media, verify their checksum,
- and ascertain that both copies match. If one of the copies has gone bad,
- restore it from the good copy.
@mdata: Output FWU metadata read or NULL
ok
+static int fwu_sync_mdata(struct fwu_mdata *mdata, int part) +{
void *buf = &mdata->version;int err;if (part == BOTH_PARTS) {err = fwu_sync_mdata(mdata, SECONDARY_PART);if (err)return err;part = PRIMARY_PART;}/** Calculate the crc32 for the updated FWU metadata* and put the updated value in the FWU metadata crc32* field*/mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));err = fwu_write_mdata(g_dev, mdata, part & PRIMARY_PART ? true : false);Since this expects part is either PRIMARY_PART or SECONDARY_PART, prefer: err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART);
And ditto below: part == PRIMARY_PART ? "primary": "secondary");
yes, now that we handle out the BOTH_PARTS case already.
+int fwu_get_verified_mdata(struct fwu_mdata *mdata) +{
int err;bool parts_ok[2] = { false };struct fwu_mdata s, *parts_mdata[2];parts_mdata[0] = &g_mdata;parts_mdata[1] = &s;/* if mdata already read and ready */err = mdata_crc_check(parts_mdata[0]);if (!err)goto ret_mdata;/* else read, verify and, if needed, fix mdata */for (int i = 0; i < 2; i++) {Define "int i;" at function block entry?
Hmm... I prefer this way - limiting scope of the scratch variables.
thanks.
From: Jassi Brar jaswinder.singh@linaro.org
Moving towards using common code for meta-data management, implement the read/write mdata hooks.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org --- drivers/fwu-mdata/gpt_blk.c | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+)
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index 28f5d23e1e..bdaa10cd1d 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -272,7 +272,43 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev) return 0; }
+static int fwu_gpt_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, + bool primary) +{ + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); + struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev); + int ret; + + ret = gpt_get_mdata_partitions(desc); + if (ret < 0) { + log_debug("Error getting the FWU metadata partitions\n"); + return -ENOENT; + } + + return gpt_read_write_mdata(desc, mdata, MDATA_READ, + primary ? g_mdata_part[0] : g_mdata_part[1]); +} + +static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, + bool primary) +{ + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); + struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev); + int ret; + + ret = gpt_get_mdata_partitions(desc); + if (ret < 0) { + log_debug("Error getting the FWU metadata partitions\n"); + return -ENOENT; + } + + return gpt_read_write_mdata(desc, mdata, MDATA_WRITE, + primary ? g_mdata_part[0] : g_mdata_part[1]); +} + static const struct fwu_mdata_ops fwu_gpt_blk_ops = { + .read_mdata = fwu_gpt_read_mdata, + .write_mdata = fwu_gpt_write_mdata, .get_mdata = fwu_gpt_get_mdata, .update_mdata = fwu_gpt_update_mdata, .get_mdata_part_num = fwu_gpt_get_mdata_partitions,
On Tue, 28 Feb 2023 at 01:52, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Moving towards using common code for meta-data management, implement the read/write mdata hooks.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
drivers/fwu-mdata/gpt_blk.c | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+)
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index 28f5d23e1e..bdaa10cd1d 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -272,7 +272,43 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev) return 0; }
+static int fwu_gpt_read_mdata(struct udevice *dev, struct fwu_mdata *mdata,
bool primary)+{
struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev);int ret;ret = gpt_get_mdata_partitions(desc);if (ret < 0) {log_debug("Error getting the FWU metadata partitions\n");return -ENOENT;}return gpt_read_write_mdata(desc, mdata, MDATA_READ,primary ? g_mdata_part[0] : g_mdata_part[1]);
Indentation to fix.
+}
+static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata,
bool primary)+{
struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev);int ret;ret = gpt_get_mdata_partitions(desc);if (ret < 0) {log_debug("Error getting the FWU metadata partitions\n");return -ENOENT;}return gpt_read_write_mdata(desc, mdata, MDATA_WRITE,primary ? g_mdata_part[0] : g_mdata_part[1]);
Indentation to fix. With these 2 comments addressed, my R-B tag applies.
+}
static const struct fwu_mdata_ops fwu_gpt_blk_ops = {
.read_mdata = fwu_gpt_read_mdata,.write_mdata = fwu_gpt_write_mdata, .get_mdata = fwu_gpt_get_mdata, .update_mdata = fwu_gpt_update_mdata, .get_mdata_part_num = fwu_gpt_get_mdata_partitions,-- 2.34.1
From: Jassi Brar jaswinder.singh@linaro.org
The common code can now read, verify and fix meta-data copies while exposing one consistent structure to users. Only the .read_mdata() and .write_mdata() callbacks of fwu_mdata_ops are needed. Get rid of .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() and .write_mdata_partition() and also the corresponding wrapper functions.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org --- cmd/fwu_mdata.c | 17 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 165 ------------------- drivers/fwu-mdata/gpt_blk.c | 124 +------------- include/fwu.h | 199 ----------------------- lib/fwu_updates/fwu.c | 235 ++++----------------------- 5 files changed, 38 insertions(+), 702 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c index f04af27de6..9b70340368 100644 --- a/cmd/fwu_mdata.c +++ b/cmd/fwu_mdata.c @@ -43,23 +43,10 @@ static void print_mdata(struct fwu_mdata *mdata) int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]) { - struct udevice *dev; int ret = CMD_RET_SUCCESS, res; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata mdata;
- if (uclass_get_device(UCLASS_FWU_MDATA, 0, &dev) || !dev) { - log_err("Unable to get FWU metadata device\n"); - return CMD_RET_FAILURE; - } - - res = fwu_check_mdata_validity(); - if (res < 0) { - log_err("FWU Metadata check failed\n"); - ret = CMD_RET_FAILURE; - goto out; - } - - res = fwu_get_mdata(dev, &mdata); + res = fwu_get_verified_mdata(&mdata); if (res < 0) { log_err("Unable to get valid FWU metadata\n"); ret = CMD_RET_FAILURE; diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index e03773c584..0a8edaaa41 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -14,7 +14,6 @@
#include <linux/errno.h> #include <linux/types.h> -#include <u-boot/crc.h>
/** * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() @@ -50,170 +49,6 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) return ops->write_mdata(dev, mdata, primary); }
-/** - * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers - * @dev: FWU metadata device - * @mdata_parts: array for storing the metadata partition numbers - * - * Get the partition numbers on the storage device on which the - * FWU metadata is stored. Two partition numbers will be returned. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata_part_num(struct udevice *dev, uint *mdata_parts) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->get_mdata_part_num) { - log_debug("get_mdata_part_num() method not defined\n"); - return -ENOSYS; - } - - return ops->get_mdata_part_num(dev, mdata_parts); -} - -/** - * fwu_read_mdata_partition() - Read the FWU metadata from a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number from which FWU metadata is to be read - * - * Read the FWU metadata from the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_read_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->read_mdata_partition) { - log_debug("read_mdata_partition() method not defined\n"); - return -ENOSYS; - } - - return ops->read_mdata_partition(dev, mdata, part_num); -} - -/** - * fwu_write_mdata_partition() - Write the FWU metadata to a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number to which FWU metadata is to be written - * - * Write the FWU metadata to the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_write_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->write_mdata_partition) { - log_debug("write_mdata_partition() method not defined\n"); - return -ENOSYS; - } - - return ops->write_mdata_partition(dev, mdata, part_num); -} - -/** - * fwu_mdata_check() - Check if the FWU metadata is valid - * @dev: FWU metadata device - * - * Validate both copies of the FWU metadata. If one of the copies - * has gone bad, restore it from the other copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_mdata_check(struct udevice *dev) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->check_mdata) { - log_debug("check_mdata() method not defined\n"); - return -ENOSYS; - } - - return ops->check_mdata(dev); -} - -/** - * fwu_get_mdata() - Get a FWU metadata copy - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Get a valid copy of the FWU metadata. - * - * Note: This function is to be called first when modifying any fields - * in the metadata. The sequence of calls to modify any field in the - * metadata would be 1) fwu_get_mdata 2) Modify metadata, followed by - * 3) fwu_update_mdata - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->get_mdata) { - log_debug("get_mdata() method not defined\n"); - return -ENOSYS; - } - - return ops->get_mdata(dev, mdata); -} - -/** - * fwu_update_mdata() - Update the FWU metadata - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Update the FWU metadata structure by writing to the - * FWU metadata partitions. - * - * Note: This function is not to be called directly to update the - * metadata fields. The sequence of function calls should be - * 1) fwu_get_mdata() 2) Modify the medata fields 3) fwu_update_mdata() - * - * The sequence of updating the partitions should be, update the - * primary metadata partition (first partition encountered), followed - * by updating the secondary partition. With this update sequence, in - * the rare scenario that the two metadata partitions are valid but do - * not match, maybe due to power outage at the time of updating the - * metadata copies, the secondary partition can be updated from the - * primary. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - void *buf; - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->update_mdata) { - log_debug("get_mdata() method not defined\n"); - return -ENOSYS; - } - - /* - * Calculate the crc32 for the updated FWU metadata - * and put the updated value in the FWU metadata crc32 - * field - */ - buf = &mdata->version; - mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); - - return ops->update_mdata(dev, mdata); -} - UCLASS_DRIVER(fwu_mdata) = { .id = UCLASS_FWU_MDATA, .name = "fwu-mdata", diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index bdaa10cd1d..b3c6953a6e 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -28,7 +28,7 @@ static uint g_mdata_part[2]; /* = {0, 0} to check against uninit parts */
static int gpt_get_mdata_partitions(struct blk_desc *desc) { - int i, ret; + int i; u32 nparts; efi_guid_t part_type_guid; struct disk_partition info; @@ -52,12 +52,12 @@ static int gpt_get_mdata_partitions(struct blk_desc *desc) if (nparts != 2) { log_debug("Expect two copies of the FWU metadata instead of %d\n", nparts); - ret = -EINVAL; - } else { - ret = 0; + g_mdata_part[0] = 0; + g_mdata_part[1] = 0; + return -EINVAL; }
- return ret; + return 0; }
static int gpt_get_mdata_disk_part(struct blk_desc *desc, @@ -125,115 +125,6 @@ static int gpt_read_write_mdata(struct blk_desc *desc, return 0; }
-static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - int ret; - struct blk_desc *desc; - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - desc = dev_get_uclass_plat(priv->blk_dev); - - ret = gpt_get_mdata_partitions(desc); - if (ret < 0) { - log_debug("Error getting the FWU metadata partitions\n"); - return -ENOENT; - } - - /* First write the primary partition */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[0]); - if (ret < 0) { - log_debug("Updating primary FWU metadata partition failed\n"); - return ret; - } - - /* And now the replica */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[1]); - if (ret < 0) { - log_debug("Updating secondary FWU metadata partition failed\n"); - return ret; - } - - return 0; -} - -static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) -{ - int ret; - - ret = gpt_get_mdata_partitions(desc); - if (ret < 0) { - log_debug("Error getting the FWU metadata partitions\n"); - return -ENOENT; - } - - ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[0]); - if (ret < 0) { - log_debug("Failed to read the FWU metadata from the device\n"); - return -EIO; - } - - ret = fwu_verify_mdata(mdata, 1); - if (!ret) - return 0; - - /* - * Verification of the primary FWU metadata copy failed. - * Try to read the replica. - */ - memset(mdata, '\0', sizeof(struct fwu_mdata)); - ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[1]); - if (ret < 0) { - log_debug("Failed to read the FWU metadata from the device\n"); - return -EIO; - } - - ret = fwu_verify_mdata(mdata, 0); - if (!ret) - return 0; - - /* Both the FWU metadata copies are corrupted. */ - return -EIO; -} - -static int fwu_gpt_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - return gpt_get_mdata(dev_get_uclass_plat(priv->blk_dev), mdata); -} - -static int fwu_gpt_get_mdata_partitions(struct udevice *dev, uint *mdata_parts) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - int err; - - err = gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev)); - if (!err) { - mdata_parts[0] = g_mdata_part[0]; - mdata_parts[1] = g_mdata_part[1]; - } - - return err; -} - -static int fwu_gpt_read_mdata_partition(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev), - mdata, MDATA_READ, part_num); -} - -static int fwu_gpt_write_mdata_partition(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev), - mdata, MDATA_WRITE, part_num); -} - static int fwu_get_mdata_device(struct udevice *dev, struct udevice **mdata_dev) { u32 phandle; @@ -309,11 +200,6 @@ static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, static const struct fwu_mdata_ops fwu_gpt_blk_ops = { .read_mdata = fwu_gpt_read_mdata, .write_mdata = fwu_gpt_write_mdata, - .get_mdata = fwu_gpt_get_mdata, - .update_mdata = fwu_gpt_update_mdata, - .get_mdata_part_num = fwu_gpt_get_mdata_partitions, - .read_mdata_partition = fwu_gpt_read_mdata_partition, - .write_mdata_partition = fwu_gpt_write_mdata_partition, };
static const struct udevice_id fwu_mdata_ids[] = { diff --git a/include/fwu.h b/include/fwu.h index 1a700c9e6a..23bd97fe86 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -18,11 +18,6 @@ struct fwu_mdata_gpt_blk_priv { struct udevice *blk_dev; };
-/** - * @mdata_check: check the validity of the FWU metadata partitions - * @get_mdata() - Get a FWU metadata copy - * @update_mdata() - Update the FWU metadata copy - */ struct fwu_mdata_ops { /** * read_mdata() - Populate the asked FWU metadata copy @@ -43,78 +38,6 @@ struct fwu_mdata_ops { * Return: 0 if OK, -ve on error */ int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); - - /** - * check_mdata() - Check if the FWU metadata is valid - * @dev: FWU device - * - * Validate both copies of the FWU metadata. If one of the copies - * has gone bad, restore it from the other copy. - * - * Return: 0 if OK, -ve on error - */ - int (*check_mdata)(struct udevice *dev); - - /** - * get_mdata() - Get a FWU metadata copy - * @dev: FWU device - * @mdata: Pointer to FWU metadata - * - * Get a valid copy of the FWU metadata. - * - * Return: 0 if OK, -ve on error - */ - int (*get_mdata)(struct udevice *dev, struct fwu_mdata *mdata); - - /** - * update_mdata() - Update the FWU metadata - * @dev: FWU device - * @mdata: Copy of the FWU metadata - * - * Update the FWU metadata structure by writing to the - * FWU metadata partitions. - * - * Return: 0 if OK, -ve on error - */ - int (*update_mdata)(struct udevice *dev, struct fwu_mdata *mdata); - - /** - * get_mdata_part_num() - Get the FWU metadata partition numbers - * @dev: FWU metadata device - * @mdata_parts: array for storing the metadata partition numbers - * - * Get the partition numbers on the storage device on which the - * FWU metadata is stored. Two partition numbers will be returned. - * - * Return: 0 if OK, -ve on error - */ - int (*get_mdata_part_num)(struct udevice *dev, uint *mdata_parts); - - /** - * read_mdata_partition() - Read the FWU metadata from a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number from which FWU metadata is to be read - * - * Read the FWU metadata from the specified partition number - * - * Return: 0 if OK, -ve on error - */ - int (*read_mdata_partition)(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num); - - /** - * write_mdata_partition() - Write the FWU metadata to a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number to which FWU metadata is to be written - * - * Write the FWU metadata to the specified partition number - * - * Return: 0 if OK, -ve on error - */ - int (*write_mdata_partition)(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num); };
#define FWU_MDATA_VERSION 0x1 @@ -167,102 +90,6 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); */ int fwu_get_verified_mdata(struct fwu_mdata *mdata);
-/** - * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies - * - * Read both the metadata copies from the storage media, verify their - * checksum, and ascertain that both copies match. If one of the copies - * has gone bad, restore it from the good copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_check_mdata_validity(void); - -/** - * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers - * @dev: FWU metadata device - * @mdata_parts: array for storing the metadata partition numbers - * - * Get the partition numbers on the storage device on which the - * FWU metadata is stored. Two partition numbers will be returned - * through the array. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata_part_num(struct udevice *dev, uint *mdata_parts); - -/** - * fwu_read_mdata_partition() - Read the FWU metadata from a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number from which FWU metadata is to be read - * - * Read the FWU metadata from the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_read_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num); - -/** - * fwu_write_mdata_partition() - Write the FWU metadata to a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number to which FWU metadata is to be written - * - * Write the FWU metadata to the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_write_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num); - -/** - * fwu_get_mdata() - Get a FWU metadata copy - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Get a valid copy of the FWU metadata. - * - * Note: This function is to be called first when modifying any fields - * in the metadata. The sequence of calls to modify any field in the - * metadata would be 1) fwu_get_mdata 2) Modify metadata, followed by - * 3) fwu_update_mdata - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata(struct udevice *dev, struct fwu_mdata *mdata); - -/** - * fwu_update_mdata() - Update the FWU metadata - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Update the FWU metadata structure by writing to the - * FWU metadata partitions. - * - * Note: This function is not to be called directly to update the - * metadata fields. The sequence of function calls should be - * 1) fwu_get_mdata() 2) Modify the medata fields 3) fwu_update_mdata() - * - * The sequence of updating the partitions should be, update the - * primary metadata partition (first partition encountered), followed - * by updating the secondary partition. With this update sequence, in - * the rare scenario that the two metadata partitions are valid but do - * not match, maybe due to power outage at the time of updating the - * metadata copies, the secondary partition can be updated from the - * primary. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_update_mdata(struct udevice *dev, struct fwu_mdata *mdata); - /** * fwu_get_active_index() - Get active_index from the FWU metadata * @active_idxp: active_index value to be read @@ -303,18 +130,6 @@ int fwu_set_active_index(uint active_idx); */ int fwu_get_image_index(u8 *image_index);
-/** - * fwu_mdata_check() - Check if the FWU metadata is valid - * @dev: FWU metadata device - * - * Validate both copies of the FWU metadata. If one of the copies - * has gone bad, restore it from the other copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_mdata_check(struct udevice *dev); - /** * fwu_revert_boot_index() - Revert the active index in the FWU metadata * @@ -327,20 +142,6 @@ int fwu_mdata_check(struct udevice *dev); */ int fwu_revert_boot_index(void);
-/** - * fwu_verify_mdata() - Verify the FWU metadata - * @mdata: FWU metadata structure - * @pri_part: FWU metadata partition is primary or secondary - * - * Verify the FWU metadata by computing the CRC32 for the metadata - * structure and comparing it against the CRC32 value stored as part - * of the structure. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_verify_mdata(struct fwu_mdata *mdata, bool pri_part); - /** * fwu_accept_image() - Set the Acceptance bit for the image * @img_type_id: GUID of the image type for which the accepted bit is to be diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 7d195964a2..14a2af2c74 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -33,26 +33,6 @@ enum { BOTH_PARTS, };
-static int fwu_get_dev_mdata(struct udevice **dev, struct fwu_mdata *mdata) -{ - int ret; - - ret = uclass_first_device_err(UCLASS_FWU_MDATA, dev); - if (ret) { - log_debug("Cannot find fwu device\n"); - return ret; - } - - if (!mdata) - return 0; - - ret = fwu_get_mdata(*dev, mdata); - if (ret < 0) - log_debug("Unable to get valid FWU metadata\n"); - - return ret; -} - static int trial_counter_update(u16 *trial_state_ctr) { bool delete; @@ -281,136 +261,6 @@ ret_mdata: return err; }
-/** - * fwu_verify_mdata() - Verify the FWU metadata - * @mdata: FWU metadata structure - * @pri_part: FWU metadata partition is primary or secondary - * - * Verify the FWU metadata by computing the CRC32 for the metadata - * structure and comparing it against the CRC32 value stored as part - * of the structure. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_verify_mdata(struct fwu_mdata *mdata, bool pri_part) -{ - u32 calc_crc32; - void *buf; - - buf = &mdata->version; - calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); - - if (calc_crc32 != mdata->crc32) { - log_debug("crc32 check failed for %s FWU metadata partition\n", - pri_part ? "primary" : "secondary"); - return -EINVAL; - } - - return 0; -} - -/** - * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies - * - * Read both the metadata copies from the storage media, verify their checksum, - * and ascertain that both copies match. If one of the copies has gone bad, - * restore it from the good copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_check_mdata_validity(void) -{ - int ret; - struct udevice *dev; - struct fwu_mdata pri_mdata; - struct fwu_mdata secondary_mdata; - uint mdata_parts[2]; - uint valid_partitions, invalid_partitions; - - ret = fwu_get_dev_mdata(&dev, NULL); - if (ret) - return ret; - - /* - * Check if the platform has defined its own - * function to check the metadata partitions' - * validity. If so, that takes precedence. - */ - ret = fwu_mdata_check(dev); - if (!ret || ret != -ENOSYS) - return ret; - - /* - * Two FWU metadata partitions are expected. - * If we don't have two, user needs to create - * them first - */ - valid_partitions = 0; - ret = fwu_get_mdata_part_num(dev, mdata_parts); - if (ret < 0) { - log_debug("Error getting the FWU metadata partitions\n"); - return -ENOENT; - } - - ret = fwu_read_mdata_partition(dev, &pri_mdata, mdata_parts[0]); - if (!ret) { - ret = fwu_verify_mdata(&pri_mdata, 1); - if (!ret) - valid_partitions |= PRIMARY_PART; - } - - ret = fwu_read_mdata_partition(dev, &secondary_mdata, mdata_parts[1]); - if (!ret) { - ret = fwu_verify_mdata(&secondary_mdata, 0); - if (!ret) - valid_partitions |= SECONDARY_PART; - } - - if (valid_partitions == (PRIMARY_PART | SECONDARY_PART)) { - /* - * Before returning, check that both the - * FWU metadata copies are the same. If not, - * populate the secondary partition from the - * primary partition copy. - */ - if (!memcmp(&pri_mdata, &secondary_mdata, - sizeof(struct fwu_mdata))) { - ret = 0; - } else { - log_info("Both FWU metadata copies are valid but do not match."); - log_info(" Restoring the secondary partition from the primary\n"); - ret = fwu_write_mdata_partition(dev, &pri_mdata, - mdata_parts[1]); - if (ret) - log_debug("Restoring secondary FWU metadata partition failed\n"); - } - goto out; - } - - if (!(valid_partitions & BOTH_PARTS)) { - log_info("Both FWU metadata partitions invalid\n"); - ret = -EBADMSG; - goto out; - } - - invalid_partitions = valid_partitions ^ BOTH_PARTS; - ret = fwu_write_mdata_partition(dev, - (invalid_partitions == PRIMARY_PART) ? - &secondary_mdata : &pri_mdata, - (invalid_partitions == PRIMARY_PART) ? - mdata_parts[0] : mdata_parts[1]); - - if (ret) - log_debug("Restoring %s FWU metadata partition failed\n", - (invalid_partitions == PRIMARY_PART) ? - "primary" : "secondary"); - -out: - return ret; -} - /** * fwu_get_active_index() - Get active_index from the FWU metadata * @active_idx: active_index value to be read @@ -423,19 +273,14 @@ out: */ int fwu_get_active_index(uint *active_idx) { - int ret; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; - - ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; + int ret = 0; + struct fwu_mdata *mdata = &g_mdata;
/* * Found the FWU metadata partition, now read the active_index * value */ - *active_idx = mdata.active_index; + *active_idx = mdata->active_index; if (*active_idx >= CONFIG_FWU_NUM_BANKS) { log_debug("Active index value read is incorrect\n"); ret = -EINVAL; @@ -456,30 +301,25 @@ int fwu_get_active_index(uint *active_idx) int fwu_set_active_index(uint active_idx) { int ret; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata *mdata = &g_mdata;
if (active_idx >= CONFIG_FWU_NUM_BANKS) { log_debug("Invalid active index value\n"); return -EINVAL; }
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - /* * Update the active index and previous_active_index fields * in the FWU metadata */ - mdata.previous_active_index = mdata.active_index; - mdata.active_index = active_idx; + mdata->previous_active_index = mdata->active_index; + mdata->active_index = active_idx;
/* * Now write this updated FWU metadata to both the * FWU metadata partitions */ - ret = fwu_update_mdata(dev, &mdata); + ret = fwu_sync_mdata(mdata, BOTH_PARTS); if (ret) { log_debug("Failed to update FWU metadata partitions\n"); ret = -EIO; @@ -509,15 +349,10 @@ int fwu_get_image_index(u8 *image_index) u8 alt_num; uint update_bank; efi_guid_t *image_guid, image_type_id; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata *mdata = &g_mdata; struct fwu_image_entry *img_entry; struct fwu_image_bank_info *img_bank_info;
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - ret = fwu_plat_get_update_index(&update_bank); if (ret) { log_debug("Failed to get the FWU update bank\n"); @@ -538,11 +373,11 @@ int fwu_get_image_index(u8 *image_index) */ for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { if (!guidcmp(&image_type_id, - &mdata.img_entry[i].image_type_uuid)) { - img_entry = &mdata.img_entry[i]; + &mdata->img_entry[i].image_type_uuid)) { + img_entry = &mdata->img_entry[i]; img_bank_info = &img_entry->img_bank_info[update_bank]; image_guid = &img_bank_info->image_uuid; - ret = fwu_plat_get_alt_num(dev, image_guid, &alt_num); + ret = fwu_plat_get_alt_num(g_dev, image_guid, &alt_num); if (ret) { log_debug("alt_num not found for partition with GUID %pUs\n", image_guid); @@ -577,26 +412,21 @@ int fwu_revert_boot_index(void) { int ret; u32 cur_active_index; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; - - ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; + struct fwu_mdata *mdata = &g_mdata;
/* * Swap the active index and previous_active_index fields * in the FWU metadata */ - cur_active_index = mdata.active_index; - mdata.active_index = mdata.previous_active_index; - mdata.previous_active_index = cur_active_index; + cur_active_index = mdata->active_index; + mdata->active_index = mdata->previous_active_index; + mdata->previous_active_index = cur_active_index;
/* * Now write this updated FWU metadata to both the * FWU metadata partitions */ - ret = fwu_update_mdata(dev, &mdata); + ret = fwu_sync_mdata(mdata, BOTH_PARTS); if (ret) { log_debug("Failed to update FWU metadata partitions\n"); ret = -EIO; @@ -623,16 +453,11 @@ int fwu_revert_boot_index(void) static int fwu_clrset_image_accept(efi_guid_t *img_type_id, u32 bank, u8 action) { int ret, i; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata *mdata = &g_mdata; struct fwu_image_entry *img_entry; struct fwu_image_bank_info *img_bank_info;
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - - img_entry = &mdata.img_entry[0]; + img_entry = &mdata->img_entry[0]; for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { if (!guidcmp(&img_entry[i].image_type_uuid, img_type_id)) { img_bank_info = &img_entry[i].img_bank_info[bank]; @@ -641,7 +466,7 @@ static int fwu_clrset_image_accept(efi_guid_t *img_type_id, u32 bank, u8 action) else img_bank_info->accepted = 0;
- ret = fwu_update_mdata(dev, &mdata); + ret = fwu_sync_mdata(mdata, BOTH_PARTS); goto out; } } @@ -776,8 +601,6 @@ static int fwu_boottime_checks(void *ctx, struct event *event) { int ret; u32 boot_idx, active_idx; - struct udevice *dev; - struct fwu_mdata mdata = { 0 };
/* Don't have boot time checks on sandbox */ if (IS_ENABLED(CONFIG_SANDBOX)) { @@ -785,9 +608,17 @@ static int fwu_boottime_checks(void *ctx, struct event *event) return 0; }
- ret = fwu_check_mdata_validity(); - if (ret) - return 0; + ret = uclass_first_device_err(UCLASS_FWU_MDATA, &g_dev); + if (ret) { + log_debug("Cannot find fwu device\n"); + return ret; + } + + ret = fwu_get_verified_mdata(NULL); + if (ret) { + log_debug("Unable to read meta-data\n"); + return ret; + }
/* * Get the Boot Index, i.e. the bank from @@ -823,11 +654,7 @@ static int fwu_boottime_checks(void *ctx, struct event *event) if (efi_init_obj_list() != EFI_SUCCESS) return 0;
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - - in_trial = in_trial_state(&mdata); + in_trial = in_trial_state(&g_mdata); if (!in_trial || (ret = fwu_trial_count_update()) > 0) ret = trial_counter_update(NULL);
From: Jassi Brar jaswinder.singh@linaro.org
fwu_get_mdata() sounds more appropriate than fwu_get_verified_mdata()
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org --- cmd/fwu_mdata.c | 2 +- include/fwu.h | 4 ++-- lib/fwu_updates/fwu.c | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c index 9b70340368..5ecda455df 100644 --- a/cmd/fwu_mdata.c +++ b/cmd/fwu_mdata.c @@ -46,7 +46,7 @@ int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag, int ret = CMD_RET_SUCCESS, res; struct fwu_mdata mdata;
- res = fwu_get_verified_mdata(&mdata); + res = fwu_get_mdata(&mdata); if (res < 0) { log_err("Unable to get valid FWU metadata\n"); ret = CMD_RET_FAILURE; diff --git a/include/fwu.h b/include/fwu.h index 23bd97fe86..ea25aca2cd 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -80,7 +80,7 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
/** - * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * fwu_get_mdata() - Read, verify and return the FWU metadata * * Read both the metadata copies from the storage media, verify their checksum, * and ascertain that both copies match. If one of the copies has gone bad, @@ -88,7 +88,7 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); * * Return: 0 if OK, -ve on error */ -int fwu_get_verified_mdata(struct fwu_mdata *mdata); +int fwu_get_mdata(struct fwu_mdata *mdata);
/** * fwu_get_active_index() - Get active_index from the FWU metadata diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 14a2af2c74..562aa7df8c 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -189,7 +189,7 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata) }
/** - * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * fwu_get_mdata() - Read, verify and return the FWU metadata * * Read both the metadata copies from the storage media, verify their checksum, * and ascertain that both copies match. If one of the copies has gone bad, @@ -197,7 +197,7 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata) * * Return: 0 if OK, -ve on error */ -int fwu_get_verified_mdata(struct fwu_mdata *mdata) +int fwu_get_mdata(struct fwu_mdata *mdata) { int err; bool parts_ok[2] = { false }; @@ -614,7 +614,7 @@ static int fwu_boottime_checks(void *ctx, struct event *event) return ret; }
- ret = fwu_get_verified_mdata(NULL); + ret = fwu_get_mdata(NULL); if (ret) { log_debug("Unable to read meta-data\n"); return ret;
On Mon, Feb 27, 2023 at 06:51:35PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Did you run this through CI / build sandbox? This doesn't read like you fixed the problem I reported in CI, when I was trying to merge v4.
On Mon, 27 Feb 2023 at 18:58, Tom Rini trini@konsulko.com wrote:
On Mon, Feb 27, 2023 at 06:51:35PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Did you run this through CI / build sandbox? This doesn't read like you fixed the problem I reported in CI, when I was trying to merge v4.
I know that remains to be done. The dt-bindings for fwu-mdata is changed in this patchset and I thought any testcase may be impacted by it.
thanks.
On Mon, Feb 27, 2023 at 07:00:10PM -0600, Jassi Brar wrote:
On Mon, 27 Feb 2023 at 18:58, Tom Rini trini@konsulko.com wrote:
On Mon, Feb 27, 2023 at 06:51:35PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Did you run this through CI / build sandbox? This doesn't read like you fixed the problem I reported in CI, when I was trying to merge v4.
I know that remains to be done. The dt-bindings for fwu-mdata is changed in this patchset and I thought any testcase may be impacted by it.
So you're not expecting this iteration to be merged, as CI doesn't pass, and that's known? OK.
On Mon, Feb 27, 2023 at 7:28 PM Tom Rini trini@konsulko.com wrote:
On Mon, Feb 27, 2023 at 07:00:10PM -0600, Jassi Brar wrote:
On Mon, 27 Feb 2023 at 18:58, Tom Rini trini@konsulko.com wrote:
On Mon, Feb 27, 2023 at 06:51:35PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Did you run this through CI / build sandbox? This doesn't read like you fixed the problem I reported in CI, when I was trying to merge v4.
I know that remains to be done. The dt-bindings for fwu-mdata is changed in this patchset and I thought any testcase may be impacted by it.
So you're not expecting this iteration to be merged, as CI doesn't pass, and that's known? OK.
I am more concerned if the bindings displease someone and I have to drop any code. If I get acks on all patches, the next revision will only add the test cases.
thanks
On Mon, Feb 27, 2023 at 7:28 PM Tom Rini trini@konsulko.com wrote:
On Mon, Feb 27, 2023 at 07:00:10PM -0600, Jassi Brar wrote:
On Mon, 27 Feb 2023 at 18:58, Tom Rini trini@konsulko.com wrote:
On Mon, Feb 27, 2023 at 06:51:35PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Did you run this through CI / build sandbox? This doesn't read like you fixed the problem I reported in CI, when I was trying to merge v4.
I know that remains to be done. The dt-bindings for fwu-mdata is changed in this patchset and I thought any testcase may be impacted by it.
So you're not expecting this iteration to be merged, as CI doesn't pass, and that's known? OK.
Sorry I got confused. I thought new test cases are expected to be written, whereas you only wanted the sandbox compilation breakage fixed. My replies must have sounded so stupid :( I have a patch to fix sandbox compilation in the v6 revision.
thanks.
participants (6)
-
Etienne Carriere -
Jassi Brar -
Jassi Brar -
jassisinghbrar@gmail.com
-
Michal Simek -
Tom Rini