[PATCH v2 0/4] capsule: Generate capsules as part of sandbox build
As part of review of a patch series for generating capsules through a config file, I was asked to add support for generating capsules as part of the sandbox platform build. This would provide an illustrative example of generating capsules through binman. This patch series does that.
Currently, the capsules get generated, through binman, only when running the EFI Capsule Update test. With this series, a subset of these capsules, more precisely the raw(non FIT payload) capsules, are being generated as part of the sandbox platform build.
One of the patches in the series also performs a cleanup of the capsule configs from all the sandbox variants which do not run the capsule update tests. This restricts the generation of capsules only on the two variants which are used for testing the functionality.
Changes since V1: * Fix the typo in the commit message about raw capsules being generated as part of the build, and not signed capsules.
Sughosh Ganu (4): sandbox: capsule: remove capsule related configs sandbox: capsule: binman: generate some capsules as part of build capsule: add the generated capsules to gitignore capsule: Makefile: add the generated files to CLEAN_FILES list
.gitignore | 3 + Makefile | 3 +- arch/sandbox/dts/sandbox.dts | 4 + arch/sandbox/dts/sandbox_capsule.dtsi | 169 ++++++++++++++++++ arch/sandbox/dts/test.dts | 4 + configs/sandbox64_defconfig | 5 - configs/sandbox_noinst_defconfig | 2 - configs/sandbox_spl_defconfig | 2 - configs/sandbox_vpl_defconfig | 2 - .../test_efi_capsule/capsule_gen_binman.dts | 167 +---------------- test/py/tests/test_efi_capsule/conftest.py | 1 + 11 files changed, 190 insertions(+), 172 deletions(-) create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi
The capsule update testing is carried out only on the sandbox and sandbox_flattree variants. Remove the capsule update related configs from the other sandbox variants. This ensures that the capsule files are generated only on variants which are used for the feature's testing.
Signed-off-by: Sughosh Ganu sughosh.ganu@linaro.org ---
Changes since V1: None
configs/sandbox64_defconfig | 5 ----- configs/sandbox_noinst_defconfig | 2 -- configs/sandbox_spl_defconfig | 2 -- configs/sandbox_vpl_defconfig | 2 -- 4 files changed, 11 deletions(-)
diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 3be9a00a85..a67f9f0265 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -134,7 +134,6 @@ CONFIG_CPU=y CONFIG_DM_DEMO=y CONFIG_DM_DEMO_SIMPLE=y CONFIG_DM_DEMO_SHAPE=y -CONFIG_DFU_SF=y CONFIG_FASTBOOT_FLASH=y CONFIG_FASTBOOT_FLASH_MMC_DEV=0 CONFIG_ARM_FFA_TRANSPORT=y @@ -267,12 +266,8 @@ CONFIG_CMD_DHRYSTONE=y CONFIG_TPM=y CONFIG_ERRNO_STR=y CONFIG_GETOPT=y -CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/sandbox_noinst_defconfig b/configs/sandbox_noinst_defconfig index 137b3c6b82..f37230151a 100644 --- a/configs/sandbox_noinst_defconfig +++ b/configs/sandbox_noinst_defconfig @@ -281,8 +281,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig index d0cd91ef4f..f7b92dc844 100644 --- a/configs/sandbox_spl_defconfig +++ b/configs/sandbox_spl_defconfig @@ -249,8 +249,6 @@ CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y CONFIG_SPL_HEXDUMP=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_vpl_defconfig b/configs/sandbox_vpl_defconfig index b138b352de..72483d8ba1 100644 --- a/configs/sandbox_vpl_defconfig +++ b/configs/sandbox_vpl_defconfig @@ -252,8 +252,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y # CONFIG_VPL_LZMA is not set CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y
Currently, all the capsules for the sandbox platform are generated at the time of running the capsule tests. To showcase generation of capsules through binman, generate all raw(non FIT payload) capsules needed for the sandbox platform as part of the build. This acts as an illustrative example for generating capsules as part of a platform's build.
Make corresponding change in the capsule test's configuration to get these capsules from the build directory.
Signed-off-by: Sughosh Ganu sughosh.ganu@linaro.org ---
Changes since V1: * Fix the typo in the commit message about raw capsules being generated as part of the build, and not signed capsules.
arch/sandbox/dts/sandbox.dts | 4 + arch/sandbox/dts/sandbox_capsule.dtsi | 169 ++++++++++++++++++ arch/sandbox/dts/test.dts | 4 + .../test_efi_capsule/capsule_gen_binman.dts | 167 +---------------- test/py/tests/test_efi_capsule/conftest.py | 1 + 5 files changed, 185 insertions(+), 160 deletions(-) create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi
diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts index 12d3eff5fa..8392206eea 100644 --- a/arch/sandbox/dts/sandbox.dts +++ b/arch/sandbox/dts/sandbox.dts @@ -106,3 +106,7 @@ #if IS_ENABLED(CONFIG_SUPPORT_VPL) #include "sandbox_vpl.dtsi" #endif + +#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT) +#include "sandbox_capsule.dtsi" +#endif diff --git a/arch/sandbox/dts/sandbox_capsule.dtsi b/arch/sandbox/dts/sandbox_capsule.dtsi new file mode 100644 index 0000000000..34d29916b3 --- /dev/null +++ b/arch/sandbox/dts/sandbox_capsule.dtsi @@ -0,0 +1,169 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Devicetree file with binman nodes needed for generating EFI + * capsules. + * + */ + +#include <sandbox_efi_capsule.h> + +/ { + binman: binman { + multiple-images; + }; +}; + +&binman { + capsule1 { + filename = "Test01"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule2 { + filename = "Test02"; + efi-capsule { + image-index = <0x2>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule3 { + filename = "Test03"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_INCORRECT_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule4 { + filename = "Test101"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule5 { + filename = "Test102"; + efi-capsule { + image-index = <0x2>; + fw-version = <0xa>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule6 { + filename = "Test103"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule7 { + filename = "Test11"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule8 { + filename = "Test12"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_INVAL_KEY; + public-key-cert = CAPSULE_INVAL_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule9 { + filename = "Test111"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule10 { + filename = "Test112"; + efi-capsule { + image-index = <0x2>; + fw-version = <0xa>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule11 { + filename = "Test113"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; +}; diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts index e264b29554..a012f5c4c9 100644 --- a/arch/sandbox/dts/test.dts +++ b/arch/sandbox/dts/test.dts @@ -1990,4 +1990,8 @@ #include "sandbox_vpl.dtsi" #endif
+#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT) +#include "sandbox_capsule.dtsi" +#endif + #include "cedit.dtsi" diff --git a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts index e8a1858509..1a62c26047 100644 --- a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts +++ b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts @@ -55,42 +55,6 @@ };
capsule1 { - filename = "Test01"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule2 { - filename = "Test02"; - efi-capsule { - image-index = <0x2>; - image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; - - text { - text = "u-boot-env:New"; - }; - }; - }; - - capsule3 { - filename = "Test03"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_INCORRECT_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule4 { filename = "Test04"; efi-capsule { image-index = <0x1>; @@ -102,7 +66,7 @@ }; };
- capsule5 { + capsule2 { filename = "Test05"; efi-capsule { image-index = <0x1>; @@ -114,46 +78,7 @@ }; };
- capsule6 { - filename = "Test101"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x5>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule7 { - filename = "Test102"; - efi-capsule { - image-index = <0x2>; - fw-version = <0xa>; - image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; - - text { - text = "u-boot-env:New"; - }; - }; - }; - - capsule8 { - filename = "Test103"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x2>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule9 { + capsule3 { filename = "Test104"; efi-capsule { image-index = <0x1>; @@ -166,7 +91,7 @@ }; };
- capsule10 { + capsule4 { filename = "Test105"; efi-capsule { image-index = <0x1>; @@ -179,37 +104,7 @@ }; };
- capsule11 { - filename = "Test11"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule12 { - filename = "Test12"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_INVAL_KEY; - public-key-cert = CAPSULE_INVAL_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule13 { + capsule5 { filename = "Test13"; efi-capsule { image-index = <0x1>; @@ -224,7 +119,7 @@ }; };
- capsule14 { + capsule6 { filename = "Test14"; efi-capsule { image-index = <0x1>; @@ -239,55 +134,7 @@ }; };
- capsule15 { - filename = "Test111"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x5>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule16 { - filename = "Test112"; - efi-capsule { - image-index = <0x2>; - fw-version = <0xa>; - image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot-env:New"; - }; - }; - }; - - capsule17 { - filename = "Test113"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x2>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule18 { + capsule7 { filename = "Test114"; efi-capsule { image-index = <0x1>; @@ -303,7 +150,7 @@ }; };
- capsule19 { + capsule8 { filename = "Test115"; efi-capsule { image-index = <0x1>; diff --git a/test/py/tests/test_efi_capsule/conftest.py b/test/py/tests/test_efi_capsule/conftest.py index dd41da9284..80b12977d6 100644 --- a/test/py/tests/test_efi_capsule/conftest.py +++ b/test/py/tests/test_efi_capsule/conftest.py @@ -85,6 +85,7 @@ def efi_capsule_data(request, u_boot_config): check_call('cd %s; ' './tools/binman/binman --toolpath %s/tools build -u -d %s/capsule_binman.dtb -O %s -m --allow-missing -I %s -I ./board/sandbox -I ./arch/sandbox/dts' % (u_boot_config.source_dir, u_boot_config.build_dir, data_dir, data_dir, data_dir), shell=True) + check_call('cp %s/Test* %s' % (u_boot_config.build_dir, data_dir), shell=True) os.environ['PYTHONPATH'] = pythonpath
# Create a disk image with EFI system partition
The sandbox platform build now generates a set of capsules. Put the related files generated into gitignore.
Signed-off-by: Sughosh Ganu sughosh.ganu@linaro.org ---
Changes since V1: None
.gitignore | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/.gitignore b/.gitignore index 3301481192..94dbeb053c 100644 --- a/.gitignore +++ b/.gitignore @@ -63,6 +63,9 @@ fit-dtb.blob* /spl/ /tpl/ /defconfig +/Test* +/capsule.*.efi-capsule +/capsule*.map
# # Generated include files
A certain set of capsule files are now generated as part of the sandbox build. Add these files to the CLEAN_FILES list for deletion on invoking any of the cleanup targets.
Signed-off-by: Sughosh Ganu sughosh.ganu@linaro.org ---
Changes since V1: None
Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile index ff003a5ad8..1df2e81654 100644 --- a/Makefile +++ b/Makefile @@ -2166,7 +2166,8 @@ CLEAN_FILES += include/autoconf.mk* include/bmp_logo.h include/bmp_logo_data.h \ mkimage-out.spl.mkimage mkimage.spl.mkimage imx-boot.map \ itb.fit.fit itb.fit.itb itb.map spl.map mkimage-out.rom.mkimage \ mkimage.rom.mkimage mkimage-in-simple-bin* rom.map simple-bin* \ - idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb + idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb \ + Test* capsule.*.efi-capsule capsule*.map
# Directories & files removed with 'make mrproper' MRPROPER_DIRS += include/config include/generated spl tpl vpl \
participants (1)
-
Sughosh Ganu