[PATCH v6 0/7] fwu: gpt: implement read_mdata and write_mdata callbacks
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v5: * Fix SANDBOX tests * Removed '@' from dt nodes * misc cosmetic changes suggested by Etienne
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Changes since v3: * Fix error log wording * call fwu_write_mdata() with part & PRIMARY_PART ? true: false
Changes since v2: * Drop whitespace changes * Fix missing mdata copy before return
Changes since v1: * Fix typos and misc cosmetic changes * Catch error returns
Jassi Brar (7): dt/bindings: fwu-mdata-mtd: drop changes outside FWU fwu: gpt: use cached meta-data partition numbers fwu: move meta-data management in core fwu: gpt: implement read_mdata and write_mdata callbacks fwu: meta-data: switch to management by common code fwu: rename fwu_get_verified_mdata to fwu_get_mdata test: dm: fwu: fix for the updated api
cmd/fwu_mdata.c | 17 +- .../firmware/fwu-mdata-mtd.yaml | 105 ++++++- drivers/fwu-mdata/fwu-mdata-uclass.c | 151 +-------- drivers/fwu-mdata/gpt_blk.c | 175 +++-------- include/fwu.h | 198 ++---------- lib/fwu_updates/fwu.c | 296 ++++++++---------- test/dm/fwu_mdata.c | 22 +- 7 files changed, 299 insertions(+), 665 deletions(-)
From: Jassi Brar jaswinder.singh@linaro.org
Any requirement of FWU should not require changes to bindings of other subsystems. For example, for mtd-backed storage we can do without requiring 'fixed-partitions' children to also carry 'uuid', a property which is non-standard and not in the bindings.
There exists no code yet, so we can change the fwu-mtd bindings to contain all properties within the fwu-mdata node.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- .../firmware/fwu-mdata-mtd.yaml | 105 +++++++++++++++--- 1 file changed, 91 insertions(+), 14 deletions(-)
diff --git a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml index 4f5404f999..6a22aeea30 100644 --- a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml +++ b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml @@ -1,13 +1,13 @@ # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) %YAML 1.2 --- -$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-sf.yaml# -$schema: http://devicetree.org/meta-schemas/core.yaml# +$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-mtd.yaml# +$schema: http://devicetree.org/meta-schemas/base.yaml#
title: FWU metadata on MTD device without GPT
maintainers: - - Masami Hiramatsu masami.hiramatsu@linaro.org + - Jassi Brar jaswinder.singh@linaro.org
properties: compatible: @@ -15,24 +15,101 @@ properties: - const: u-boot,fwu-mdata-mtd
fwu-mdata-store: - maxItems: 1 - description: Phandle of the MTD device which contains the FWU medatata. + $ref: /schemas/types.yaml#/definitions/phandle + description: Phandle of the MTD device which contains the FWU MetaData and Banks.
- mdata-offsets: + mdata-parts: + $ref: /schemas/types.yaml#/definitions/non-unique-string-array minItems: 2 - description: Offsets of the primary and secondary FWU metadata in the NOR flash. + maxItems: 2 + description: labels of the primary and secondary FWU metadata partitions in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node. + + patternProperties: + "fwu-bank[0-9]": + type: object + description: List of FWU mtd-backed banks. Typically two banks. + + properties: + id: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Index of the bank. + + label: + $ref: /schemas/types.yaml#/definitions/non-unique-string-array + minItems: 1 + maxItems: 1 + description: label of the partition, in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node, that holds this bank. + + patternProperties: + "fwu-image[0-9]": + type: object + description: List of images in the FWU mtd-backed bank. + + properties: + id: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Index of the bank. + + offset: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Offset, from start of the bank, where the image is located. + + size: + $ref: /schemas/types.yaml#/definitions/uint32 + description: Size reserved for the image. + + uuid: + $ref: /schemas/types.yaml#/definitions/non-unique-string-array + minItems: 1 + maxItems: 1 + description: UUID of the image. + + required: + - id + - offset + - size + - uuid + additionalProperties: false + + required: + - id + - label + - fwu-images + additionalProperties: false
required: - compatible - fwu-mdata-store - - mdata-offsets - + - mdata-parts + - fwu-banks additionalProperties: false
examples: - | - fwu-mdata { - compatible = "u-boot,fwu-mdata-mtd"; - fwu-mdata-store = <&spi-flash>; - mdata-offsets = <0x500000 0x530000>; - }; + fwu-mdata { + compatible = "u-boot,fwu-mdata-mtd"; + fwu-mdata-store = <&flash0>; + mdata-parts = "MDATA-Pri", "MDATA-Sec"; + + fwu-bank0 { + id = <0>; + label = "FIP-Bank0"; + fwu-image0 { + id = <0>; + offset = <0x0>; + size = <0x400000>; + uuid = "5a66a702-99fd-4fef-a392-c26e261a2828"; + }; + }; + fwu-bank1 { + id = <1>; + label = "FIP-Bank1"; + fwu-image0 { + id = <0>; + offset = <0x0>; + size = <0x400000>; + uuid = "a8f868a1-6e5c-4757-878d-ce63375ef2c0"; + }; + }; + }; +...
On Mon, Mar 06, 2023 at 05:18:14PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Any requirement of FWU should not require changes to bindings of other subsystems. For example, for mtd-backed storage we can do without requiring 'fixed-partitions' children to also carry 'uuid', a property which is non-standard and not in the bindings.
The existing bindings were constructed like that in case we wanted to upstream the dt-bindings. But I think we are fine keeping it as an internal ABI for now. Note here that we will need to strip this eventually before we hand over the dtb into linux, but that's a different story. In any case as long as the DT comes from u-boot I don't think we will have a risk of introducing compatibility issues if we ever upstream this and go back to the old format.
Acked-by: Ilias Apalodimas ilias.apalodimas@linaro.org
There exists no code yet, so we can change the fwu-mtd bindings to contain all properties within the fwu-mdata node.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org
.../firmware/fwu-mdata-mtd.yaml | 105 +++++++++++++++--- 1 file changed, 91 insertions(+), 14 deletions(-)
diff --git a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml index 4f5404f999..6a22aeea30 100644 --- a/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml +++ b/doc/device-tree-bindings/firmware/fwu-mdata-mtd.yaml @@ -1,13 +1,13 @@ # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) %YAML 1.2
-$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-sf.yaml# -$schema: http://devicetree.org/meta-schemas/core.yaml# +$id: http://devicetree.org/schemas/firmware/u-boot,fwu-mdata-mtd.yaml# +$schema: http://devicetree.org/meta-schemas/base.yaml#
title: FWU metadata on MTD device without GPT
maintainers:
- Masami Hiramatsu masami.hiramatsu@linaro.org
- Jassi Brar jaswinder.singh@linaro.org
properties: compatible: @@ -15,24 +15,101 @@ properties: - const: u-boot,fwu-mdata-mtd
fwu-mdata-store:
- maxItems: 1
- description: Phandle of the MTD device which contains the FWU medatata.
- $ref: /schemas/types.yaml#/definitions/phandle
- description: Phandle of the MTD device which contains the FWU MetaData and Banks.
- mdata-offsets:
- mdata-parts:
- $ref: /schemas/types.yaml#/definitions/non-unique-string-array minItems: 2
- description: Offsets of the primary and secondary FWU metadata in the NOR flash.
- maxItems: 2
- description: labels of the primary and secondary FWU metadata partitions in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node.
- patternProperties:
- "fwu-bank[0-9]":
- type: object
- description: List of FWU mtd-backed banks. Typically two banks.
- properties:
id:$ref: /schemas/types.yaml#/definitions/uint32description: Index of the bank.label:$ref: /schemas/types.yaml#/definitions/non-unique-string-arrayminItems: 1maxItems: 1description: label of the partition, in the 'fixed-partitions' subnode of the 'jedec,spi-nor' flash device node, that holds this bank.patternProperties:"fwu-image[0-9]":type: objectdescription: List of images in the FWU mtd-backed bank.properties:id:$ref: /schemas/types.yaml#/definitions/uint32description: Index of the bank.offset:$ref: /schemas/types.yaml#/definitions/uint32description: Offset, from start of the bank, where the image is located.size:$ref: /schemas/types.yaml#/definitions/uint32description: Size reserved for the image.uuid:$ref: /schemas/types.yaml#/definitions/non-unique-string-arrayminItems: 1maxItems: 1description: UUID of the image.required:- id- offset- size- uuidadditionalProperties: false- required:
- id- label- fwu-images- additionalProperties: false
required:
- compatible
- fwu-mdata-store
- mdata-offsets
- mdata-parts
- fwu-banks
additionalProperties: false
examples:
- |
- fwu-mdata {
compatible = "u-boot,fwu-mdata-mtd";fwu-mdata-store = <&spi-flash>;mdata-offsets = <0x500000 0x530000>;- };
- fwu-mdata {
compatible = "u-boot,fwu-mdata-mtd";fwu-mdata-store = <&flash0>;mdata-parts = "MDATA-Pri", "MDATA-Sec";fwu-bank0 {id = <0>;label = "FIP-Bank0";fwu-image0 {id = <0>;offset = <0x0>;size = <0x400000>;uuid = "5a66a702-99fd-4fef-a392-c26e261a2828";};};fwu-bank1 {id = <1>;label = "FIP-Bank1";fwu-image0 {id = <0>;offset = <0x0>;size = <0x400000>;uuid = "a8f868a1-6e5c-4757-878d-ce63375ef2c0";};};- };
+...
2.34.1
From: Jassi Brar jaswinder.singh@linaro.org
Use cached values and avoid parsing and scanning through partitions everytime for meta-data partitions because they can't change after bootup.
Acked-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- drivers/fwu-mdata/gpt_blk.c | 43 +++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 19 deletions(-)
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index d35ce49c5c..28f5d23e1e 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -24,8 +24,9 @@ enum { MDATA_WRITE, };
-static int gpt_get_mdata_partitions(struct blk_desc *desc, - uint mdata_parts[2]) +static uint g_mdata_part[2]; /* = {0, 0} to check against uninit parts */ + +static int gpt_get_mdata_partitions(struct blk_desc *desc) { int i, ret; u32 nparts; @@ -33,18 +34,19 @@ static int gpt_get_mdata_partitions(struct blk_desc *desc, struct disk_partition info; const efi_guid_t fwu_mdata_guid = FWU_MDATA_GUID;
+ /* if primary and secondary partitions already found */ + if (g_mdata_part[0] && g_mdata_part[1]) + return 0; + nparts = 0; - for (i = 1; i < MAX_SEARCH_PARTITIONS; i++) { + for (i = 1; i < MAX_SEARCH_PARTITIONS && nparts < 2; i++) { if (part_get_info(desc, i, &info)) continue; uuid_str_to_bin(info.type_guid, part_type_guid.b, UUID_STR_FORMAT_GUID);
- if (!guidcmp(&fwu_mdata_guid, &part_type_guid)) { - if (nparts < 2) - mdata_parts[nparts] = i; - ++nparts; - } + if (!guidcmp(&fwu_mdata_guid, &part_type_guid)) + g_mdata_part[nparts++] = i; }
if (nparts != 2) { @@ -127,26 +129,25 @@ static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) { int ret; struct blk_desc *desc; - uint mdata_parts[2]; struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
desc = dev_get_uclass_plat(priv->blk_dev);
- ret = gpt_get_mdata_partitions(desc, mdata_parts); + ret = gpt_get_mdata_partitions(desc); if (ret < 0) { log_debug("Error getting the FWU metadata partitions\n"); return -ENOENT; }
/* First write the primary partition */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, mdata_parts[0]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[0]); if (ret < 0) { log_debug("Updating primary FWU metadata partition failed\n"); return ret; }
/* And now the replica */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, mdata_parts[1]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[1]); if (ret < 0) { log_debug("Updating secondary FWU metadata partition failed\n"); return ret; @@ -158,16 +159,14 @@ static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) { int ret; - uint mdata_parts[2]; - - ret = gpt_get_mdata_partitions(desc, mdata_parts);
+ ret = gpt_get_mdata_partitions(desc); if (ret < 0) { log_debug("Error getting the FWU metadata partitions\n"); return -ENOENT; }
- ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, mdata_parts[0]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[0]); if (ret < 0) { log_debug("Failed to read the FWU metadata from the device\n"); return -EIO; @@ -182,7 +181,7 @@ static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) * Try to read the replica. */ memset(mdata, '\0', sizeof(struct fwu_mdata)); - ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, mdata_parts[1]); + ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[1]); if (ret < 0) { log_debug("Failed to read the FWU metadata from the device\n"); return -EIO; @@ -206,9 +205,15 @@ static int fwu_gpt_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) static int fwu_gpt_get_mdata_partitions(struct udevice *dev, uint *mdata_parts) { struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); + int err; + + err = gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev)); + if (!err) { + mdata_parts[0] = g_mdata_part[0]; + mdata_parts[1] = g_mdata_part[1]; + }
- return gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev), - mdata_parts); + return err; }
static int fwu_gpt_read_mdata_partition(struct udevice *dev,
From: Jassi Brar jaswinder.singh@linaro.org
Instead of each i/f having to implement their own meta-data verification and storage, move the logic in common code. This simplifies the i/f code much simpler and compact.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- drivers/fwu-mdata/fwu-mdata-uclass.c | 34 +++++++ include/fwu.h | 41 +++++++++ lib/fwu_updates/fwu.c | 131 ++++++++++++++++++++++++++- 3 files changed, 201 insertions(+), 5 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index b477e9603f..e03773c584 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -16,6 +16,40 @@ #include <linux/types.h> #include <u-boot/crc.h>
+/** + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() + * + * Return: 0 if OK, -ve on error + */ +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{ + const struct fwu_mdata_ops *ops = device_get_ops(dev); + + if (!ops->read_mdata) { + log_debug("read_mdata() method not defined\n"); + return -ENOSYS; + } + + return ops->read_mdata(dev, mdata, primary); +} + +/** + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata() + * + * Return: 0 if OK, -ve on error + */ +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{ + const struct fwu_mdata_ops *ops = device_get_ops(dev); + + if (!ops->write_mdata) { + log_debug("write_mdata() method not defined\n"); + return -ENOSYS; + } + + return ops->write_mdata(dev, mdata, primary); +} + /** * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers * @dev: FWU metadata device diff --git a/include/fwu.h b/include/fwu.h index 0919ced812..13f8fdeb28 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv { * @update_mdata() - Update the FWU metadata copy */ struct fwu_mdata_ops { + /** + * read_mdata() - Populate the asked FWU metadata copy + * @dev: FWU metadata device + * @mdata: Output FWU mdata read + * @primary: If primary or secondary copy of metadata is to be read + * + * Return: 0 if OK, -ve on error + */ + int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + + /** + * write_mdata() - Write the given FWU metadata copy + * @dev: FWU metadata device + * @mdata: Copy of the FWU metadata to write + * @primary: If primary or secondary copy of metadata is to be written + * + * Return: 0 if OK, -ve on error + */ + int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + /** * check_mdata() - Check if the FWU metadata is valid * @dev: FWU device @@ -126,6 +146,27 @@ struct fwu_mdata_ops { EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \ 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
+/** + * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() + */ +int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + +/** + * fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata() + */ +int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); + +/** + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * + * Read both the metadata copies from the storage media, verify their checksum, + * and ascertain that both copies match. If one of the copies has gone bad, + * restore it from the good copy. + * + * Return: 0 if OK, -ve on error +*/ +int fwu_get_verified_mdata(struct fwu_mdata *mdata); + /** * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies * diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 5313d07302..8f1c05ad1c 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -15,13 +15,13 @@ #include <linux/errno.h> #include <linux/types.h>
+#include <u-boot/crc.h> + +static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */ +static struct udevice *g_dev; static u8 in_trial; static u8 boottime_check;
-#include <linux/errno.h> -#include <linux/types.h> -#include <u-boot/crc.h> - enum { IMAGE_ACCEPT_SET = 1, IMAGE_ACCEPT_CLEAR, @@ -161,6 +161,127 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id) return -ENOENT; }
+/** + * fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided + * @mdata: FWU metadata structure + * @part: Bitmask of FWU metadata partitions to be written to + * + * Return: 0 if OK, -ve on error + */ +static int fwu_sync_mdata(struct fwu_mdata *mdata, int part) +{ + void *buf = &mdata->version; + int err; + + if (part == BOTH_PARTS) { + err = fwu_sync_mdata(mdata, SECONDARY_PART); + if (err) + return err; + part = PRIMARY_PART; + } + + /* + * Calculate the crc32 for the updated FWU metadata + * and put the updated value in the FWU metadata crc32 + * field + */ + mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); + + err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART); + if (err) { + log_err("Unable to write %s mdata\n", + part == PRIMARY_PART ? "primary": "secondary"); + return err; + } + + /* update the cached copy of meta-data */ + memcpy(&g_mdata, mdata, sizeof(struct fwu_mdata)); + + return 0; +} + +static inline int mdata_crc_check(struct fwu_mdata *mdata) +{ + void *buf = &mdata->version; + u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); + + return calc_crc32 == mdata->crc32 ? 0 : -EINVAL; +} + +/** + * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * @mdata: Output FWU metadata read or NULL + * + * Read both the metadata copies from the storage media, verify their checksum, + * and ascertain that both copies match. If one of the copies has gone bad, + * restore it from the good copy. + * + * Return: 0 if OK, -ve on error + */ +int fwu_get_verified_mdata(struct fwu_mdata *mdata) +{ + int err; + bool parts_ok[2] = { false }; + struct fwu_mdata s, *parts_mdata[2]; + + parts_mdata[0] = &g_mdata; + parts_mdata[1] = &s; + + /* if mdata already read and ready */ + err = mdata_crc_check(parts_mdata[0]); + if (!err) + goto ret_mdata; + /* else read, verify and, if needed, fix mdata */ + + for (int i = 0; i < 2; i++) { + parts_ok[i] = false; + err = fwu_read_mdata(g_dev, parts_mdata[i], !i); + if (!err) { + err = mdata_crc_check(parts_mdata[i]); + if (!err) + parts_ok[i] = true; + else + log_debug("mdata : %s crc32 failed\n", i ? "secondary": "primary"); + } + } + + if (parts_ok[0] && parts_ok[1]) { + /* + * Before returning, check that both the + * FWU metadata copies are the same. + */ + err = memcmp(parts_mdata[0], parts_mdata[1], sizeof(struct fwu_mdata)); + if (!err) + goto ret_mdata; + + /* + * If not, populate the secondary partition from the + * primary partition copy. + */ + log_info("Both FWU metadata copies are valid but do not match."); + log_info(" Restoring the secondary partition from the primary\n"); + parts_ok[1] = false; + } + + for (int i = 0; i < 2; i++) { + if (parts_ok[i]) + continue; + + memcpy(parts_mdata[i], parts_mdata[1-i], sizeof(struct fwu_mdata)); + err = fwu_sync_mdata(parts_mdata[i], i ? SECONDARY_PART : PRIMARY_PART); + if (err) { + log_debug("mdata : %s write failed\n", i ? "secondary": "primary"); + return err; + } + } + +ret_mdata: + if (!err && mdata) + memcpy(mdata, parts_mdata[0], sizeof(struct fwu_mdata)); + + return err; +} + /** * fwu_verify_mdata() - Verify the FWU metadata * @mdata: FWU metadata structure @@ -436,7 +557,7 @@ int fwu_get_image_index(u8 *image_index) } }
- log_debug("Partition with the image type %pUs not found\n", + log_err("Partition with the image type %pUs not found\n", &image_type_id);
out:
On Mon, Mar 06, 2023 at 05:18:28PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
Instead of each i/f having to implement their own meta-data verification and storage, move the logic in common code. This simplifies the i/f code much simpler and compact.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org
drivers/fwu-mdata/fwu-mdata-uclass.c | 34 +++++++ include/fwu.h | 41 +++++++++ lib/fwu_updates/fwu.c | 131 ++++++++++++++++++++++++++- 3 files changed, 201 insertions(+), 5 deletions(-)
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index b477e9603f..e03773c584 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -16,6 +16,40 @@ #include <linux/types.h> #include <u-boot/crc.h>
+/**
- fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
- Return: 0 if OK, -ve on error
- */
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->read_mdata) {
log_debug("read_mdata() method not defined\n");return -ENOSYS;- }
- return ops->read_mdata(dev, mdata, primary);
+}
+/**
- fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
- Return: 0 if OK, -ve on error
- */
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) +{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->write_mdata) {
log_debug("write_mdata() method not defined\n");return -ENOSYS;- }
- return ops->write_mdata(dev, mdata, primary);
+}
/**
- fwu_get_mdata_part_num() - Get the FWU metadata partition numbers
- @dev: FWU metadata device
diff --git a/include/fwu.h b/include/fwu.h index 0919ced812..13f8fdeb28 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -24,6 +24,26 @@ struct fwu_mdata_gpt_blk_priv {
- @update_mdata() - Update the FWU metadata copy
*/ struct fwu_mdata_ops {
- /**
* read_mdata() - Populate the asked FWU metadata copy* @dev: FWU metadata device* @mdata: Output FWU mdata read* @primary: If primary or secondary copy of metadata is to be read** Return: 0 if OK, -ve on error*/- int (*read_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
- /**
* write_mdata() - Write the given FWU metadata copy* @dev: FWU metadata device* @mdata: Copy of the FWU metadata to write* @primary: If primary or secondary copy of metadata is to be written** Return: 0 if OK, -ve on error*/- int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
- /**
- check_mdata() - Check if the FWU metadata is valid
- @dev: FWU device
@@ -126,6 +146,27 @@ struct fwu_mdata_ops { EFI_GUID(0x0c996046, 0xbcc0, 0x4d04, 0x85, 0xec, \ 0xe1, 0xfc, 0xed, 0xf1, 0xc6, 0xf8)
+/**
- fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
- */
+int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
+/**
- fwu_write_mdata() - Wrapper around fwu_mdata_ops.write_mdata()
- */
+int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
+/**
- fwu_get_verified_mdata() - Read, verify and return the FWU metadata
- Read both the metadata copies from the storage media, verify their checksum,
- and ascertain that both copies match. If one of the copies has gone bad,
- restore it from the good copy.
- Return: 0 if OK, -ve on error
+*/ +int fwu_get_verified_mdata(struct fwu_mdata *mdata);
/**
- fwu_check_mdata_validity() - Check for validity of the FWU metadata copies
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 5313d07302..8f1c05ad1c 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -15,13 +15,13 @@ #include <linux/errno.h> #include <linux/types.h>
+#include <u-boot/crc.h>
+static struct fwu_mdata g_mdata; /* = {0} makes uninit crc32 always invalid */ +static struct udevice *g_dev; static u8 in_trial; static u8 boottime_check;
-#include <linux/errno.h> -#include <linux/types.h> -#include <u-boot/crc.h>
enum { IMAGE_ACCEPT_SET = 1, IMAGE_ACCEPT_CLEAR, @@ -161,6 +161,127 @@ static int fwu_get_image_type_id(u8 *image_index, efi_guid_t *image_type_id) return -ENOENT; }
+/**
- fwu_sync_mdata() - Update given meta-data partition(s) with the copy provided
- @mdata: FWU metadata structure
- @part: Bitmask of FWU metadata partitions to be written to
- Return: 0 if OK, -ve on error
- */
+static int fwu_sync_mdata(struct fwu_mdata *mdata, int part) +{
- void *buf = &mdata->version;
- int err;
- if (part == BOTH_PARTS) {
err = fwu_sync_mdata(mdata, SECONDARY_PART);if (err)return err;part = PRIMARY_PART;- }
- /*
* Calculate the crc32 for the updated FWU metadata* and put the updated value in the FWU metadata crc32* field*/- mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
- err = fwu_write_mdata(g_dev, mdata, part == PRIMARY_PART);
- if (err) {
log_err("Unable to write %s mdata\n",part == PRIMARY_PART ? "primary": "secondary");return err;- }
- /* update the cached copy of meta-data */
- memcpy(&g_mdata, mdata, sizeof(struct fwu_mdata));
- return 0;
+}
+static inline int mdata_crc_check(struct fwu_mdata *mdata) +{
- void *buf = &mdata->version;
- u32 calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
- return calc_crc32 == mdata->crc32 ? 0 : -EINVAL;
+}
+/**
- fwu_get_verified_mdata() - Read, verify and return the FWU metadata
- @mdata: Output FWU metadata read or NULL
- Read both the metadata copies from the storage media, verify their checksum,
- and ascertain that both copies match. If one of the copies has gone bad,
- restore it from the good copy.
- Return: 0 if OK, -ve on error
- */
+int fwu_get_verified_mdata(struct fwu_mdata *mdata) +{
- int err;
- bool parts_ok[2] = { false };
- struct fwu_mdata s, *parts_mdata[2];
- parts_mdata[0] = &g_mdata;
- parts_mdata[1] = &s;
- /* if mdata already read and ready */
- err = mdata_crc_check(parts_mdata[0]);
- if (!err)
goto ret_mdata;- /* else read, verify and, if needed, fix mdata */
- for (int i = 0; i < 2; i++) {
parts_ok[i] = false;err = fwu_read_mdata(g_dev, parts_mdata[i], !i);if (!err) {err = mdata_crc_check(parts_mdata[i]);if (!err)parts_ok[i] = true;elselog_debug("mdata : %s crc32 failed\n", i ? "secondary": "primary");}- }
- if (parts_ok[0] && parts_ok[1]) {
/** Before returning, check that both the* FWU metadata copies are the same.*/err = memcmp(parts_mdata[0], parts_mdata[1], sizeof(struct fwu_mdata));if (!err)goto ret_mdata;/** If not, populate the secondary partition from the* primary partition copy.*/log_info("Both FWU metadata copies are valid but do not match.");log_info(" Restoring the secondary partition from the primary\n");parts_ok[1] = false;- }
- for (int i = 0; i < 2; i++) {
if (parts_ok[i])continue;memcpy(parts_mdata[i], parts_mdata[1-i], sizeof(struct fwu_mdata));err = fwu_sync_mdata(parts_mdata[i], i ? SECONDARY_PART : PRIMARY_PART);if (err) {log_debug("mdata : %s write failed\n", i ? "secondary": "primary");return err;}- }
+ret_mdata:
- if (!err && mdata)
memcpy(mdata, parts_mdata[0], sizeof(struct fwu_mdata));- return err;
+}
/**
- fwu_verify_mdata() - Verify the FWU metadata
- @mdata: FWU metadata structure
@@ -436,7 +557,7 @@ int fwu_get_image_index(u8 *image_index) } }
- log_debug("Partition with the image type %pUs not found\n",
- log_err("Partition with the image type %pUs not found\n", &image_type_id);
out:
2.34.1
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
From: Jassi Brar jaswinder.singh@linaro.org
Moving towards using common code for meta-data management, implement the read/write mdata hooks.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org --- drivers/fwu-mdata/gpt_blk.c | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+)
diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index 28f5d23e1e..be1a6b03a1 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -272,7 +272,43 @@ static int fwu_mdata_gpt_blk_probe(struct udevice *dev) return 0; }
+static int fwu_gpt_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, + bool primary) +{ + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); + struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev); + int ret; + + ret = gpt_get_mdata_partitions(desc); + if (ret < 0) { + log_debug("Error getting the FWU metadata partitions\n"); + return -ENOENT; + } + + return gpt_read_write_mdata(desc, mdata, MDATA_READ, + primary ? g_mdata_part[0] : g_mdata_part[1]); +} + +static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, + bool primary) +{ + struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); + struct blk_desc *desc = dev_get_uclass_plat(priv->blk_dev); + int ret; + + ret = gpt_get_mdata_partitions(desc); + if (ret < 0) { + log_debug("Error getting the FWU metadata partitions\n"); + return -ENOENT; + } + + return gpt_read_write_mdata(desc, mdata, MDATA_WRITE, + primary ? g_mdata_part[0] : g_mdata_part[1]); +} + static const struct fwu_mdata_ops fwu_gpt_blk_ops = { + .read_mdata = fwu_gpt_read_mdata, + .write_mdata = fwu_gpt_write_mdata, .get_mdata = fwu_gpt_get_mdata, .update_mdata = fwu_gpt_update_mdata, .get_mdata_part_num = fwu_gpt_get_mdata_partitions,
From: Jassi Brar jaswinder.singh@linaro.org
The common code can now read, verify and fix meta-data copies while exposing one consistent structure to users. Only the .read_mdata() and .write_mdata() callbacks of fwu_mdata_ops are needed. Get rid of .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() and .write_mdata_partition() and also the corresponding wrapper functions.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org --- cmd/fwu_mdata.c | 17 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 165 ------------------- drivers/fwu-mdata/gpt_blk.c | 124 +------------- include/fwu.h | 199 ----------------------- lib/fwu_updates/fwu.c | 235 ++++----------------------- 5 files changed, 38 insertions(+), 702 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c index f04af27de6..9b70340368 100644 --- a/cmd/fwu_mdata.c +++ b/cmd/fwu_mdata.c @@ -43,23 +43,10 @@ static void print_mdata(struct fwu_mdata *mdata) int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]) { - struct udevice *dev; int ret = CMD_RET_SUCCESS, res; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata mdata;
- if (uclass_get_device(UCLASS_FWU_MDATA, 0, &dev) || !dev) { - log_err("Unable to get FWU metadata device\n"); - return CMD_RET_FAILURE; - } - - res = fwu_check_mdata_validity(); - if (res < 0) { - log_err("FWU Metadata check failed\n"); - ret = CMD_RET_FAILURE; - goto out; - } - - res = fwu_get_mdata(dev, &mdata); + res = fwu_get_verified_mdata(&mdata); if (res < 0) { log_err("Unable to get valid FWU metadata\n"); ret = CMD_RET_FAILURE; diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index e03773c584..0a8edaaa41 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -14,7 +14,6 @@
#include <linux/errno.h> #include <linux/types.h> -#include <u-boot/crc.h>
/** * fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata() @@ -50,170 +49,6 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) return ops->write_mdata(dev, mdata, primary); }
-/** - * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers - * @dev: FWU metadata device - * @mdata_parts: array for storing the metadata partition numbers - * - * Get the partition numbers on the storage device on which the - * FWU metadata is stored. Two partition numbers will be returned. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata_part_num(struct udevice *dev, uint *mdata_parts) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->get_mdata_part_num) { - log_debug("get_mdata_part_num() method not defined\n"); - return -ENOSYS; - } - - return ops->get_mdata_part_num(dev, mdata_parts); -} - -/** - * fwu_read_mdata_partition() - Read the FWU metadata from a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number from which FWU metadata is to be read - * - * Read the FWU metadata from the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_read_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->read_mdata_partition) { - log_debug("read_mdata_partition() method not defined\n"); - return -ENOSYS; - } - - return ops->read_mdata_partition(dev, mdata, part_num); -} - -/** - * fwu_write_mdata_partition() - Write the FWU metadata to a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number to which FWU metadata is to be written - * - * Write the FWU metadata to the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_write_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->write_mdata_partition) { - log_debug("write_mdata_partition() method not defined\n"); - return -ENOSYS; - } - - return ops->write_mdata_partition(dev, mdata, part_num); -} - -/** - * fwu_mdata_check() - Check if the FWU metadata is valid - * @dev: FWU metadata device - * - * Validate both copies of the FWU metadata. If one of the copies - * has gone bad, restore it from the other copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_mdata_check(struct udevice *dev) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->check_mdata) { - log_debug("check_mdata() method not defined\n"); - return -ENOSYS; - } - - return ops->check_mdata(dev); -} - -/** - * fwu_get_mdata() - Get a FWU metadata copy - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Get a valid copy of the FWU metadata. - * - * Note: This function is to be called first when modifying any fields - * in the metadata. The sequence of calls to modify any field in the - * metadata would be 1) fwu_get_mdata 2) Modify metadata, followed by - * 3) fwu_update_mdata - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->get_mdata) { - log_debug("get_mdata() method not defined\n"); - return -ENOSYS; - } - - return ops->get_mdata(dev, mdata); -} - -/** - * fwu_update_mdata() - Update the FWU metadata - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Update the FWU metadata structure by writing to the - * FWU metadata partitions. - * - * Note: This function is not to be called directly to update the - * metadata fields. The sequence of function calls should be - * 1) fwu_get_mdata() 2) Modify the medata fields 3) fwu_update_mdata() - * - * The sequence of updating the partitions should be, update the - * primary metadata partition (first partition encountered), followed - * by updating the secondary partition. With this update sequence, in - * the rare scenario that the two metadata partitions are valid but do - * not match, maybe due to power outage at the time of updating the - * metadata copies, the secondary partition can be updated from the - * primary. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - void *buf; - const struct fwu_mdata_ops *ops = device_get_ops(dev); - - if (!ops->update_mdata) { - log_debug("get_mdata() method not defined\n"); - return -ENOSYS; - } - - /* - * Calculate the crc32 for the updated FWU metadata - * and put the updated value in the FWU metadata crc32 - * field - */ - buf = &mdata->version; - mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); - - return ops->update_mdata(dev, mdata); -} - UCLASS_DRIVER(fwu_mdata) = { .id = UCLASS_FWU_MDATA, .name = "fwu-mdata", diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index be1a6b03a1..c8a046c105 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -28,7 +28,7 @@ static uint g_mdata_part[2]; /* = {0, 0} to check against uninit parts */
static int gpt_get_mdata_partitions(struct blk_desc *desc) { - int i, ret; + int i; u32 nparts; efi_guid_t part_type_guid; struct disk_partition info; @@ -52,12 +52,12 @@ static int gpt_get_mdata_partitions(struct blk_desc *desc) if (nparts != 2) { log_debug("Expect two copies of the FWU metadata instead of %d\n", nparts); - ret = -EINVAL; - } else { - ret = 0; + g_mdata_part[0] = 0; + g_mdata_part[1] = 0; + return -EINVAL; }
- return ret; + return 0; }
static int gpt_get_mdata_disk_part(struct blk_desc *desc, @@ -125,115 +125,6 @@ static int gpt_read_write_mdata(struct blk_desc *desc, return 0; }
-static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - int ret; - struct blk_desc *desc; - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - desc = dev_get_uclass_plat(priv->blk_dev); - - ret = gpt_get_mdata_partitions(desc); - if (ret < 0) { - log_debug("Error getting the FWU metadata partitions\n"); - return -ENOENT; - } - - /* First write the primary partition */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[0]); - if (ret < 0) { - log_debug("Updating primary FWU metadata partition failed\n"); - return ret; - } - - /* And now the replica */ - ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[1]); - if (ret < 0) { - log_debug("Updating secondary FWU metadata partition failed\n"); - return ret; - } - - return 0; -} - -static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) -{ - int ret; - - ret = gpt_get_mdata_partitions(desc); - if (ret < 0) { - log_debug("Error getting the FWU metadata partitions\n"); - return -ENOENT; - } - - ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[0]); - if (ret < 0) { - log_debug("Failed to read the FWU metadata from the device\n"); - return -EIO; - } - - ret = fwu_verify_mdata(mdata, 1); - if (!ret) - return 0; - - /* - * Verification of the primary FWU metadata copy failed. - * Try to read the replica. - */ - memset(mdata, '\0', sizeof(struct fwu_mdata)); - ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[1]); - if (ret < 0) { - log_debug("Failed to read the FWU metadata from the device\n"); - return -EIO; - } - - ret = fwu_verify_mdata(mdata, 0); - if (!ret) - return 0; - - /* Both the FWU metadata copies are corrupted. */ - return -EIO; -} - -static int fwu_gpt_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - return gpt_get_mdata(dev_get_uclass_plat(priv->blk_dev), mdata); -} - -static int fwu_gpt_get_mdata_partitions(struct udevice *dev, uint *mdata_parts) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - int err; - - err = gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev)); - if (!err) { - mdata_parts[0] = g_mdata_part[0]; - mdata_parts[1] = g_mdata_part[1]; - } - - return err; -} - -static int fwu_gpt_read_mdata_partition(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev), - mdata, MDATA_READ, part_num); -} - -static int fwu_gpt_write_mdata_partition(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num) -{ - struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev); - - return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev), - mdata, MDATA_WRITE, part_num); -} - static int fwu_get_mdata_device(struct udevice *dev, struct udevice **mdata_dev) { u32 phandle; @@ -309,11 +200,6 @@ static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, static const struct fwu_mdata_ops fwu_gpt_blk_ops = { .read_mdata = fwu_gpt_read_mdata, .write_mdata = fwu_gpt_write_mdata, - .get_mdata = fwu_gpt_get_mdata, - .update_mdata = fwu_gpt_update_mdata, - .get_mdata_part_num = fwu_gpt_get_mdata_partitions, - .read_mdata_partition = fwu_gpt_read_mdata_partition, - .write_mdata_partition = fwu_gpt_write_mdata_partition, };
static const struct udevice_id fwu_mdata_ids[] = { diff --git a/include/fwu.h b/include/fwu.h index 13f8fdeb28..314aadea59 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -18,11 +18,6 @@ struct fwu_mdata_gpt_blk_priv { struct udevice *blk_dev; };
-/** - * @mdata_check: check the validity of the FWU metadata partitions - * @get_mdata() - Get a FWU metadata copy - * @update_mdata() - Update the FWU metadata copy - */ struct fwu_mdata_ops { /** * read_mdata() - Populate the asked FWU metadata copy @@ -43,78 +38,6 @@ struct fwu_mdata_ops { * Return: 0 if OK, -ve on error */ int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary); - - /** - * check_mdata() - Check if the FWU metadata is valid - * @dev: FWU device - * - * Validate both copies of the FWU metadata. If one of the copies - * has gone bad, restore it from the other copy. - * - * Return: 0 if OK, -ve on error - */ - int (*check_mdata)(struct udevice *dev); - - /** - * get_mdata() - Get a FWU metadata copy - * @dev: FWU device - * @mdata: Pointer to FWU metadata - * - * Get a valid copy of the FWU metadata. - * - * Return: 0 if OK, -ve on error - */ - int (*get_mdata)(struct udevice *dev, struct fwu_mdata *mdata); - - /** - * update_mdata() - Update the FWU metadata - * @dev: FWU device - * @mdata: Copy of the FWU metadata - * - * Update the FWU metadata structure by writing to the - * FWU metadata partitions. - * - * Return: 0 if OK, -ve on error - */ - int (*update_mdata)(struct udevice *dev, struct fwu_mdata *mdata); - - /** - * get_mdata_part_num() - Get the FWU metadata partition numbers - * @dev: FWU metadata device - * @mdata_parts: array for storing the metadata partition numbers - * - * Get the partition numbers on the storage device on which the - * FWU metadata is stored. Two partition numbers will be returned. - * - * Return: 0 if OK, -ve on error - */ - int (*get_mdata_part_num)(struct udevice *dev, uint *mdata_parts); - - /** - * read_mdata_partition() - Read the FWU metadata from a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number from which FWU metadata is to be read - * - * Read the FWU metadata from the specified partition number - * - * Return: 0 if OK, -ve on error - */ - int (*read_mdata_partition)(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num); - - /** - * write_mdata_partition() - Write the FWU metadata to a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number to which FWU metadata is to be written - * - * Write the FWU metadata to the specified partition number - * - * Return: 0 if OK, -ve on error - */ - int (*write_mdata_partition)(struct udevice *dev, - struct fwu_mdata *mdata, uint part_num); };
#define FWU_MDATA_VERSION 0x1 @@ -167,102 +90,6 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); */ int fwu_get_verified_mdata(struct fwu_mdata *mdata);
-/** - * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies - * - * Read both the metadata copies from the storage media, verify their - * checksum, and ascertain that both copies match. If one of the copies - * has gone bad, restore it from the good copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_check_mdata_validity(void); - -/** - * fwu_get_mdata_part_num() - Get the FWU metadata partition numbers - * @dev: FWU metadata device - * @mdata_parts: array for storing the metadata partition numbers - * - * Get the partition numbers on the storage device on which the - * FWU metadata is stored. Two partition numbers will be returned - * through the array. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata_part_num(struct udevice *dev, uint *mdata_parts); - -/** - * fwu_read_mdata_partition() - Read the FWU metadata from a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number from which FWU metadata is to be read - * - * Read the FWU metadata from the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_read_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num); - -/** - * fwu_write_mdata_partition() - Write the FWU metadata to a partition - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * @part_num: Partition number to which FWU metadata is to be written - * - * Write the FWU metadata to the specified partition number - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_write_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata, - uint part_num); - -/** - * fwu_get_mdata() - Get a FWU metadata copy - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Get a valid copy of the FWU metadata. - * - * Note: This function is to be called first when modifying any fields - * in the metadata. The sequence of calls to modify any field in the - * metadata would be 1) fwu_get_mdata 2) Modify metadata, followed by - * 3) fwu_update_mdata - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_get_mdata(struct udevice *dev, struct fwu_mdata *mdata); - -/** - * fwu_update_mdata() - Update the FWU metadata - * @dev: FWU metadata device - * @mdata: Copy of the FWU metadata - * - * Update the FWU metadata structure by writing to the - * FWU metadata partitions. - * - * Note: This function is not to be called directly to update the - * metadata fields. The sequence of function calls should be - * 1) fwu_get_mdata() 2) Modify the medata fields 3) fwu_update_mdata() - * - * The sequence of updating the partitions should be, update the - * primary metadata partition (first partition encountered), followed - * by updating the secondary partition. With this update sequence, in - * the rare scenario that the two metadata partitions are valid but do - * not match, maybe due to power outage at the time of updating the - * metadata copies, the secondary partition can be updated from the - * primary. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_update_mdata(struct udevice *dev, struct fwu_mdata *mdata); - /** * fwu_get_active_index() - Get active_index from the FWU metadata * @active_idxp: active_index value to be read @@ -303,18 +130,6 @@ int fwu_set_active_index(uint active_idx); */ int fwu_get_image_index(u8 *image_index);
-/** - * fwu_mdata_check() - Check if the FWU metadata is valid - * @dev: FWU metadata device - * - * Validate both copies of the FWU metadata. If one of the copies - * has gone bad, restore it from the other copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_mdata_check(struct udevice *dev); - /** * fwu_revert_boot_index() - Revert the active index in the FWU metadata * @@ -327,20 +142,6 @@ int fwu_mdata_check(struct udevice *dev); */ int fwu_revert_boot_index(void);
-/** - * fwu_verify_mdata() - Verify the FWU metadata - * @mdata: FWU metadata structure - * @pri_part: FWU metadata partition is primary or secondary - * - * Verify the FWU metadata by computing the CRC32 for the metadata - * structure and comparing it against the CRC32 value stored as part - * of the structure. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_verify_mdata(struct fwu_mdata *mdata, bool pri_part); - /** * fwu_accept_image() - Set the Acceptance bit for the image * @img_type_id: GUID of the image type for which the accepted bit is to be diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 8f1c05ad1c..49c9316c70 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -33,26 +33,6 @@ enum { BOTH_PARTS, };
-static int fwu_get_dev_mdata(struct udevice **dev, struct fwu_mdata *mdata) -{ - int ret; - - ret = uclass_first_device_err(UCLASS_FWU_MDATA, dev); - if (ret) { - log_debug("Cannot find fwu device\n"); - return ret; - } - - if (!mdata) - return 0; - - ret = fwu_get_mdata(*dev, mdata); - if (ret < 0) - log_debug("Unable to get valid FWU metadata\n"); - - return ret; -} - static int trial_counter_update(u16 *trial_state_ctr) { bool delete; @@ -282,136 +262,6 @@ ret_mdata: return err; }
-/** - * fwu_verify_mdata() - Verify the FWU metadata - * @mdata: FWU metadata structure - * @pri_part: FWU metadata partition is primary or secondary - * - * Verify the FWU metadata by computing the CRC32 for the metadata - * structure and comparing it against the CRC32 value stored as part - * of the structure. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_verify_mdata(struct fwu_mdata *mdata, bool pri_part) -{ - u32 calc_crc32; - void *buf; - - buf = &mdata->version; - calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32)); - - if (calc_crc32 != mdata->crc32) { - log_debug("crc32 check failed for %s FWU metadata partition\n", - pri_part ? "primary" : "secondary"); - return -EINVAL; - } - - return 0; -} - -/** - * fwu_check_mdata_validity() - Check for validity of the FWU metadata copies - * - * Read both the metadata copies from the storage media, verify their checksum, - * and ascertain that both copies match. If one of the copies has gone bad, - * restore it from the good copy. - * - * Return: 0 if OK, -ve on error - * - */ -int fwu_check_mdata_validity(void) -{ - int ret; - struct udevice *dev; - struct fwu_mdata pri_mdata; - struct fwu_mdata secondary_mdata; - uint mdata_parts[2]; - uint valid_partitions, invalid_partitions; - - ret = fwu_get_dev_mdata(&dev, NULL); - if (ret) - return ret; - - /* - * Check if the platform has defined its own - * function to check the metadata partitions' - * validity. If so, that takes precedence. - */ - ret = fwu_mdata_check(dev); - if (!ret || ret != -ENOSYS) - return ret; - - /* - * Two FWU metadata partitions are expected. - * If we don't have two, user needs to create - * them first - */ - valid_partitions = 0; - ret = fwu_get_mdata_part_num(dev, mdata_parts); - if (ret < 0) { - log_debug("Error getting the FWU metadata partitions\n"); - return -ENOENT; - } - - ret = fwu_read_mdata_partition(dev, &pri_mdata, mdata_parts[0]); - if (!ret) { - ret = fwu_verify_mdata(&pri_mdata, 1); - if (!ret) - valid_partitions |= PRIMARY_PART; - } - - ret = fwu_read_mdata_partition(dev, &secondary_mdata, mdata_parts[1]); - if (!ret) { - ret = fwu_verify_mdata(&secondary_mdata, 0); - if (!ret) - valid_partitions |= SECONDARY_PART; - } - - if (valid_partitions == (PRIMARY_PART | SECONDARY_PART)) { - /* - * Before returning, check that both the - * FWU metadata copies are the same. If not, - * populate the secondary partition from the - * primary partition copy. - */ - if (!memcmp(&pri_mdata, &secondary_mdata, - sizeof(struct fwu_mdata))) { - ret = 0; - } else { - log_info("Both FWU metadata copies are valid but do not match."); - log_info(" Restoring the secondary partition from the primary\n"); - ret = fwu_write_mdata_partition(dev, &pri_mdata, - mdata_parts[1]); - if (ret) - log_debug("Restoring secondary FWU metadata partition failed\n"); - } - goto out; - } - - if (!(valid_partitions & BOTH_PARTS)) { - log_info("Both FWU metadata partitions invalid\n"); - ret = -EBADMSG; - goto out; - } - - invalid_partitions = valid_partitions ^ BOTH_PARTS; - ret = fwu_write_mdata_partition(dev, - (invalid_partitions == PRIMARY_PART) ? - &secondary_mdata : &pri_mdata, - (invalid_partitions == PRIMARY_PART) ? - mdata_parts[0] : mdata_parts[1]); - - if (ret) - log_debug("Restoring %s FWU metadata partition failed\n", - (invalid_partitions == PRIMARY_PART) ? - "primary" : "secondary"); - -out: - return ret; -} - /** * fwu_get_active_index() - Get active_index from the FWU metadata * @active_idx: active_index value to be read @@ -424,19 +274,14 @@ out: */ int fwu_get_active_index(uint *active_idx) { - int ret; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; - - ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; + int ret = 0; + struct fwu_mdata *mdata = &g_mdata;
/* * Found the FWU metadata partition, now read the active_index * value */ - *active_idx = mdata.active_index; + *active_idx = mdata->active_index; if (*active_idx >= CONFIG_FWU_NUM_BANKS) { log_debug("Active index value read is incorrect\n"); ret = -EINVAL; @@ -457,30 +302,25 @@ int fwu_get_active_index(uint *active_idx) int fwu_set_active_index(uint active_idx) { int ret; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata *mdata = &g_mdata;
if (active_idx >= CONFIG_FWU_NUM_BANKS) { log_debug("Invalid active index value\n"); return -EINVAL; }
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - /* * Update the active index and previous_active_index fields * in the FWU metadata */ - mdata.previous_active_index = mdata.active_index; - mdata.active_index = active_idx; + mdata->previous_active_index = mdata->active_index; + mdata->active_index = active_idx;
/* * Now write this updated FWU metadata to both the * FWU metadata partitions */ - ret = fwu_update_mdata(dev, &mdata); + ret = fwu_sync_mdata(mdata, BOTH_PARTS); if (ret) { log_debug("Failed to update FWU metadata partitions\n"); ret = -EIO; @@ -510,15 +350,10 @@ int fwu_get_image_index(u8 *image_index) u8 alt_num; uint update_bank; efi_guid_t *image_guid, image_type_id; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata *mdata = &g_mdata; struct fwu_image_entry *img_entry; struct fwu_image_bank_info *img_bank_info;
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - ret = fwu_plat_get_update_index(&update_bank); if (ret) { log_debug("Failed to get the FWU update bank\n"); @@ -539,11 +374,11 @@ int fwu_get_image_index(u8 *image_index) */ for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { if (!guidcmp(&image_type_id, - &mdata.img_entry[i].image_type_uuid)) { - img_entry = &mdata.img_entry[i]; + &mdata->img_entry[i].image_type_uuid)) { + img_entry = &mdata->img_entry[i]; img_bank_info = &img_entry->img_bank_info[update_bank]; image_guid = &img_bank_info->image_uuid; - ret = fwu_plat_get_alt_num(dev, image_guid, &alt_num); + ret = fwu_plat_get_alt_num(g_dev, image_guid, &alt_num); if (ret) { log_debug("alt_num not found for partition with GUID %pUs\n", image_guid); @@ -578,26 +413,21 @@ int fwu_revert_boot_index(void) { int ret; u32 cur_active_index; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; - - ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; + struct fwu_mdata *mdata = &g_mdata;
/* * Swap the active index and previous_active_index fields * in the FWU metadata */ - cur_active_index = mdata.active_index; - mdata.active_index = mdata.previous_active_index; - mdata.previous_active_index = cur_active_index; + cur_active_index = mdata->active_index; + mdata->active_index = mdata->previous_active_index; + mdata->previous_active_index = cur_active_index;
/* * Now write this updated FWU metadata to both the * FWU metadata partitions */ - ret = fwu_update_mdata(dev, &mdata); + ret = fwu_sync_mdata(mdata, BOTH_PARTS); if (ret) { log_debug("Failed to update FWU metadata partitions\n"); ret = -EIO; @@ -624,16 +454,11 @@ int fwu_revert_boot_index(void) static int fwu_clrset_image_accept(efi_guid_t *img_type_id, u32 bank, u8 action) { int ret, i; - struct udevice *dev; - struct fwu_mdata mdata = { 0 }; + struct fwu_mdata *mdata = &g_mdata; struct fwu_image_entry *img_entry; struct fwu_image_bank_info *img_bank_info;
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - - img_entry = &mdata.img_entry[0]; + img_entry = &mdata->img_entry[0]; for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { if (!guidcmp(&img_entry[i].image_type_uuid, img_type_id)) { img_bank_info = &img_entry[i].img_bank_info[bank]; @@ -642,7 +467,7 @@ static int fwu_clrset_image_accept(efi_guid_t *img_type_id, u32 bank, u8 action) else img_bank_info->accepted = 0;
- ret = fwu_update_mdata(dev, &mdata); + ret = fwu_sync_mdata(mdata, BOTH_PARTS); goto out; } } @@ -777,8 +602,6 @@ static int fwu_boottime_checks(void *ctx, struct event *event) { int ret; u32 boot_idx, active_idx; - struct udevice *dev; - struct fwu_mdata mdata = { 0 };
/* Don't have boot time checks on sandbox */ if (IS_ENABLED(CONFIG_SANDBOX)) { @@ -786,9 +609,17 @@ static int fwu_boottime_checks(void *ctx, struct event *event) return 0; }
- ret = fwu_check_mdata_validity(); - if (ret) - return 0; + ret = uclass_first_device_err(UCLASS_FWU_MDATA, &g_dev); + if (ret) { + log_debug("Cannot find fwu device\n"); + return ret; + } + + ret = fwu_get_verified_mdata(NULL); + if (ret) { + log_debug("Unable to read meta-data\n"); + return ret; + }
/* * Get the Boot Index, i.e. the bank from @@ -824,11 +655,7 @@ static int fwu_boottime_checks(void *ctx, struct event *event) if (efi_init_obj_list() != EFI_SUCCESS) return 0;
- ret = fwu_get_dev_mdata(&dev, &mdata); - if (ret) - return ret; - - in_trial = in_trial_state(&mdata); + in_trial = in_trial_state(&g_mdata); if (!in_trial || (ret = fwu_trial_count_update()) > 0) ret = trial_counter_update(NULL);
On Mon, Mar 06, 2023 at 05:18:41PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The common code can now read, verify and fix meta-data copies while exposing one consistent structure to users. Only the .read_mdata() and .write_mdata() callbacks of fwu_mdata_ops are needed. Get rid of .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() and .write_mdata_partition() and also the corresponding wrapper functions.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org
cmd/fwu_mdata.c | 17 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 165 ------------------- drivers/fwu-mdata/gpt_blk.c | 124 +------------- include/fwu.h | 199 ----------------------- lib/fwu_updates/fwu.c | 235 ++++----------------------- 5 files changed, 38 insertions(+), 702 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c index f04af27de6..9b70340368 100644 --- a/cmd/fwu_mdata.c +++ b/cmd/fwu_mdata.c @@ -43,23 +43,10 @@ static void print_mdata(struct fwu_mdata *mdata) int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]) {
- struct udevice *dev; int ret = CMD_RET_SUCCESS, res;
- struct fwu_mdata mdata = { 0 };
- struct fwu_mdata mdata;
- if (uclass_get_device(UCLASS_FWU_MDATA, 0, &dev) || !dev) {
log_err("Unable to get FWU metadata device\n");return CMD_RET_FAILURE;- }
- res = fwu_check_mdata_validity();
- if (res < 0) {
log_err("FWU Metadata check failed\n");ret = CMD_RET_FAILURE;goto out;- }
- res = fwu_get_mdata(dev, &mdata);
- res = fwu_get_verified_mdata(&mdata); if (res < 0) { log_err("Unable to get valid FWU metadata\n"); ret = CMD_RET_FAILURE;
diff --git a/drivers/fwu-mdata/fwu-mdata-uclass.c b/drivers/fwu-mdata/fwu-mdata-uclass.c index e03773c584..0a8edaaa41 100644 --- a/drivers/fwu-mdata/fwu-mdata-uclass.c +++ b/drivers/fwu-mdata/fwu-mdata-uclass.c @@ -14,7 +14,6 @@
#include <linux/errno.h> #include <linux/types.h> -#include <u-boot/crc.h>
/**
- fwu_read_mdata() - Wrapper around fwu_mdata_ops.read_mdata()
@@ -50,170 +49,6 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary) return ops->write_mdata(dev, mdata, primary); }
-/**
- fwu_get_mdata_part_num() - Get the FWU metadata partition numbers
- @dev: FWU metadata device
- @mdata_parts: array for storing the metadata partition numbers
- Get the partition numbers on the storage device on which the
- FWU metadata is stored. Two partition numbers will be returned.
- Return: 0 if OK, -ve on error
- */
-int fwu_get_mdata_part_num(struct udevice *dev, uint *mdata_parts) -{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->get_mdata_part_num) {
log_debug("get_mdata_part_num() method not defined\n");return -ENOSYS;- }
- return ops->get_mdata_part_num(dev, mdata_parts);
-}
-/**
- fwu_read_mdata_partition() - Read the FWU metadata from a partition
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- @part_num: Partition number from which FWU metadata is to be read
- Read the FWU metadata from the specified partition number
- Return: 0 if OK, -ve on error
- */
-int fwu_read_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata,
uint part_num)-{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->read_mdata_partition) {
log_debug("read_mdata_partition() method not defined\n");return -ENOSYS;- }
- return ops->read_mdata_partition(dev, mdata, part_num);
-}
-/**
- fwu_write_mdata_partition() - Write the FWU metadata to a partition
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- @part_num: Partition number to which FWU metadata is to be written
- Write the FWU metadata to the specified partition number
- Return: 0 if OK, -ve on error
- */
-int fwu_write_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata,
uint part_num)-{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->write_mdata_partition) {
log_debug("write_mdata_partition() method not defined\n");return -ENOSYS;- }
- return ops->write_mdata_partition(dev, mdata, part_num);
-}
-/**
- fwu_mdata_check() - Check if the FWU metadata is valid
- @dev: FWU metadata device
- Validate both copies of the FWU metadata. If one of the copies
- has gone bad, restore it from the other copy.
- Return: 0 if OK, -ve on error
- */
-int fwu_mdata_check(struct udevice *dev) -{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->check_mdata) {
log_debug("check_mdata() method not defined\n");return -ENOSYS;- }
- return ops->check_mdata(dev);
-}
-/**
- fwu_get_mdata() - Get a FWU metadata copy
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- Get a valid copy of the FWU metadata.
- Note: This function is to be called first when modifying any fields
- in the metadata. The sequence of calls to modify any field in the
- metadata would be 1) fwu_get_mdata 2) Modify metadata, followed by
- fwu_update_mdata
- Return: 0 if OK, -ve on error
- */
-int fwu_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->get_mdata) {
log_debug("get_mdata() method not defined\n");return -ENOSYS;- }
- return ops->get_mdata(dev, mdata);
-}
-/**
- fwu_update_mdata() - Update the FWU metadata
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- Update the FWU metadata structure by writing to the
- FWU metadata partitions.
- Note: This function is not to be called directly to update the
- metadata fields. The sequence of function calls should be
- fwu_get_mdata() 2) Modify the medata fields 3) fwu_update_mdata()
- The sequence of updating the partitions should be, update the
- primary metadata partition (first partition encountered), followed
- by updating the secondary partition. With this update sequence, in
- the rare scenario that the two metadata partitions are valid but do
- not match, maybe due to power outage at the time of updating the
- metadata copies, the secondary partition can be updated from the
- primary.
- Return: 0 if OK, -ve on error
- */
-int fwu_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{
- void *buf;
- const struct fwu_mdata_ops *ops = device_get_ops(dev);
- if (!ops->update_mdata) {
log_debug("get_mdata() method not defined\n");return -ENOSYS;- }
- /*
* Calculate the crc32 for the updated FWU metadata* and put the updated value in the FWU metadata crc32* field*/- buf = &mdata->version;
- mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
- return ops->update_mdata(dev, mdata);
-}
UCLASS_DRIVER(fwu_mdata) = { .id = UCLASS_FWU_MDATA, .name = "fwu-mdata", diff --git a/drivers/fwu-mdata/gpt_blk.c b/drivers/fwu-mdata/gpt_blk.c index be1a6b03a1..c8a046c105 100644 --- a/drivers/fwu-mdata/gpt_blk.c +++ b/drivers/fwu-mdata/gpt_blk.c @@ -28,7 +28,7 @@ static uint g_mdata_part[2]; /* = {0, 0} to check against uninit parts */
static int gpt_get_mdata_partitions(struct blk_desc *desc) {
- int i, ret;
- int i; u32 nparts; efi_guid_t part_type_guid; struct disk_partition info;
@@ -52,12 +52,12 @@ static int gpt_get_mdata_partitions(struct blk_desc *desc) if (nparts != 2) { log_debug("Expect two copies of the FWU metadata instead of %d\n", nparts);
ret = -EINVAL;- } else {
ret = 0;
g_mdata_part[0] = 0;g_mdata_part[1] = 0;return -EINVAL;
- return ret;
- return 0;
}
static int gpt_get_mdata_disk_part(struct blk_desc *desc, @@ -125,115 +125,6 @@ static int gpt_read_write_mdata(struct blk_desc *desc, return 0; }
-static int fwu_gpt_update_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{
- int ret;
- struct blk_desc *desc;
- struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
- desc = dev_get_uclass_plat(priv->blk_dev);
- ret = gpt_get_mdata_partitions(desc);
- if (ret < 0) {
log_debug("Error getting the FWU metadata partitions\n");return -ENOENT;- }
- /* First write the primary partition */
- ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[0]);
- if (ret < 0) {
log_debug("Updating primary FWU metadata partition failed\n");return ret;- }
- /* And now the replica */
- ret = gpt_read_write_mdata(desc, mdata, MDATA_WRITE, g_mdata_part[1]);
- if (ret < 0) {
log_debug("Updating secondary FWU metadata partition failed\n");return ret;- }
- return 0;
-}
-static int gpt_get_mdata(struct blk_desc *desc, struct fwu_mdata *mdata) -{
- int ret;
- ret = gpt_get_mdata_partitions(desc);
- if (ret < 0) {
log_debug("Error getting the FWU metadata partitions\n");return -ENOENT;- }
- ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[0]);
- if (ret < 0) {
log_debug("Failed to read the FWU metadata from the device\n");return -EIO;- }
- ret = fwu_verify_mdata(mdata, 1);
- if (!ret)
return 0;- /*
* Verification of the primary FWU metadata copy failed.* Try to read the replica.*/- memset(mdata, '\0', sizeof(struct fwu_mdata));
- ret = gpt_read_write_mdata(desc, mdata, MDATA_READ, g_mdata_part[1]);
- if (ret < 0) {
log_debug("Failed to read the FWU metadata from the device\n");return -EIO;- }
- ret = fwu_verify_mdata(mdata, 0);
- if (!ret)
return 0;- /* Both the FWU metadata copies are corrupted. */
- return -EIO;
-}
-static int fwu_gpt_get_mdata(struct udevice *dev, struct fwu_mdata *mdata) -{
- struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
- return gpt_get_mdata(dev_get_uclass_plat(priv->blk_dev), mdata);
-}
-static int fwu_gpt_get_mdata_partitions(struct udevice *dev, uint *mdata_parts) -{
- struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
- int err;
- err = gpt_get_mdata_partitions(dev_get_uclass_plat(priv->blk_dev));
- if (!err) {
mdata_parts[0] = g_mdata_part[0];mdata_parts[1] = g_mdata_part[1];- }
- return err;
-}
-static int fwu_gpt_read_mdata_partition(struct udevice *dev,
struct fwu_mdata *mdata, uint part_num)-{
- struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
- return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev),
mdata, MDATA_READ, part_num);-}
-static int fwu_gpt_write_mdata_partition(struct udevice *dev,
struct fwu_mdata *mdata, uint part_num)-{
- struct fwu_mdata_gpt_blk_priv *priv = dev_get_priv(dev);
- return gpt_read_write_mdata(dev_get_uclass_plat(priv->blk_dev),
mdata, MDATA_WRITE, part_num);-}
static int fwu_get_mdata_device(struct udevice *dev, struct udevice **mdata_dev) { u32 phandle; @@ -309,11 +200,6 @@ static int fwu_gpt_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, static const struct fwu_mdata_ops fwu_gpt_blk_ops = { .read_mdata = fwu_gpt_read_mdata, .write_mdata = fwu_gpt_write_mdata,
- .get_mdata = fwu_gpt_get_mdata,
- .update_mdata = fwu_gpt_update_mdata,
- .get_mdata_part_num = fwu_gpt_get_mdata_partitions,
- .read_mdata_partition = fwu_gpt_read_mdata_partition,
- .write_mdata_partition = fwu_gpt_write_mdata_partition,
};
static const struct udevice_id fwu_mdata_ids[] = { diff --git a/include/fwu.h b/include/fwu.h index 13f8fdeb28..314aadea59 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -18,11 +18,6 @@ struct fwu_mdata_gpt_blk_priv { struct udevice *blk_dev; };
-/**
- @mdata_check: check the validity of the FWU metadata partitions
- @get_mdata() - Get a FWU metadata copy
- @update_mdata() - Update the FWU metadata copy
- */
struct fwu_mdata_ops { /** * read_mdata() - Populate the asked FWU metadata copy @@ -43,78 +38,6 @@ struct fwu_mdata_ops { * Return: 0 if OK, -ve on error */ int (*write_mdata)(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
- /**
* check_mdata() - Check if the FWU metadata is valid* @dev: FWU device** Validate both copies of the FWU metadata. If one of the copies* has gone bad, restore it from the other copy.** Return: 0 if OK, -ve on error*/- int (*check_mdata)(struct udevice *dev);
- /**
* get_mdata() - Get a FWU metadata copy* @dev: FWU device* @mdata: Pointer to FWU metadata** Get a valid copy of the FWU metadata.** Return: 0 if OK, -ve on error*/- int (*get_mdata)(struct udevice *dev, struct fwu_mdata *mdata);
- /**
* update_mdata() - Update the FWU metadata* @dev: FWU device* @mdata: Copy of the FWU metadata** Update the FWU metadata structure by writing to the* FWU metadata partitions.** Return: 0 if OK, -ve on error*/- int (*update_mdata)(struct udevice *dev, struct fwu_mdata *mdata);
- /**
* get_mdata_part_num() - Get the FWU metadata partition numbers* @dev: FWU metadata device* @mdata_parts: array for storing the metadata partition numbers** Get the partition numbers on the storage device on which the* FWU metadata is stored. Two partition numbers will be returned.** Return: 0 if OK, -ve on error*/- int (*get_mdata_part_num)(struct udevice *dev, uint *mdata_parts);
- /**
* read_mdata_partition() - Read the FWU metadata from a partition* @dev: FWU metadata device* @mdata: Copy of the FWU metadata* @part_num: Partition number from which FWU metadata is to be read** Read the FWU metadata from the specified partition number** Return: 0 if OK, -ve on error*/- int (*read_mdata_partition)(struct udevice *dev,
struct fwu_mdata *mdata, uint part_num);- /**
* write_mdata_partition() - Write the FWU metadata to a partition* @dev: FWU metadata device* @mdata: Copy of the FWU metadata* @part_num: Partition number to which FWU metadata is to be written** Write the FWU metadata to the specified partition number** Return: 0 if OK, -ve on error*/- int (*write_mdata_partition)(struct udevice *dev,
struct fwu_mdata *mdata, uint part_num);};
#define FWU_MDATA_VERSION 0x1 @@ -167,102 +90,6 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); */ int fwu_get_verified_mdata(struct fwu_mdata *mdata);
-/**
- fwu_check_mdata_validity() - Check for validity of the FWU metadata copies
- Read both the metadata copies from the storage media, verify their
- checksum, and ascertain that both copies match. If one of the copies
- has gone bad, restore it from the good copy.
- Return: 0 if OK, -ve on error
- */
-int fwu_check_mdata_validity(void);
-/**
- fwu_get_mdata_part_num() - Get the FWU metadata partition numbers
- @dev: FWU metadata device
- @mdata_parts: array for storing the metadata partition numbers
- Get the partition numbers on the storage device on which the
- FWU metadata is stored. Two partition numbers will be returned
- through the array.
- Return: 0 if OK, -ve on error
- */
-int fwu_get_mdata_part_num(struct udevice *dev, uint *mdata_parts);
-/**
- fwu_read_mdata_partition() - Read the FWU metadata from a partition
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- @part_num: Partition number from which FWU metadata is to be read
- Read the FWU metadata from the specified partition number
- Return: 0 if OK, -ve on error
- */
-int fwu_read_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata,
uint part_num);-/**
- fwu_write_mdata_partition() - Write the FWU metadata to a partition
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- @part_num: Partition number to which FWU metadata is to be written
- Write the FWU metadata to the specified partition number
- Return: 0 if OK, -ve on error
- */
-int fwu_write_mdata_partition(struct udevice *dev, struct fwu_mdata *mdata,
uint part_num);-/**
- fwu_get_mdata() - Get a FWU metadata copy
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- Get a valid copy of the FWU metadata.
- Note: This function is to be called first when modifying any fields
- in the metadata. The sequence of calls to modify any field in the
- metadata would be 1) fwu_get_mdata 2) Modify metadata, followed by
- fwu_update_mdata
- Return: 0 if OK, -ve on error
- */
-int fwu_get_mdata(struct udevice *dev, struct fwu_mdata *mdata);
-/**
- fwu_update_mdata() - Update the FWU metadata
- @dev: FWU metadata device
- @mdata: Copy of the FWU metadata
- Update the FWU metadata structure by writing to the
- FWU metadata partitions.
- Note: This function is not to be called directly to update the
- metadata fields. The sequence of function calls should be
- fwu_get_mdata() 2) Modify the medata fields 3) fwu_update_mdata()
- The sequence of updating the partitions should be, update the
- primary metadata partition (first partition encountered), followed
- by updating the secondary partition. With this update sequence, in
- the rare scenario that the two metadata partitions are valid but do
- not match, maybe due to power outage at the time of updating the
- metadata copies, the secondary partition can be updated from the
- primary.
- Return: 0 if OK, -ve on error
- */
-int fwu_update_mdata(struct udevice *dev, struct fwu_mdata *mdata);
/**
- fwu_get_active_index() - Get active_index from the FWU metadata
- @active_idxp: active_index value to be read
@@ -303,18 +130,6 @@ int fwu_set_active_index(uint active_idx); */ int fwu_get_image_index(u8 *image_index);
-/**
- fwu_mdata_check() - Check if the FWU metadata is valid
- @dev: FWU metadata device
- Validate both copies of the FWU metadata. If one of the copies
- has gone bad, restore it from the other copy.
- Return: 0 if OK, -ve on error
- */
-int fwu_mdata_check(struct udevice *dev);
/**
- fwu_revert_boot_index() - Revert the active index in the FWU metadata
@@ -327,20 +142,6 @@ int fwu_mdata_check(struct udevice *dev); */ int fwu_revert_boot_index(void);
-/**
- fwu_verify_mdata() - Verify the FWU metadata
- @mdata: FWU metadata structure
- @pri_part: FWU metadata partition is primary or secondary
- Verify the FWU metadata by computing the CRC32 for the metadata
- structure and comparing it against the CRC32 value stored as part
- of the structure.
- Return: 0 if OK, -ve on error
- */
-int fwu_verify_mdata(struct fwu_mdata *mdata, bool pri_part);
/**
- fwu_accept_image() - Set the Acceptance bit for the image
- @img_type_id: GUID of the image type for which the accepted bit is to be
diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 8f1c05ad1c..49c9316c70 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -33,26 +33,6 @@ enum { BOTH_PARTS, };
-static int fwu_get_dev_mdata(struct udevice **dev, struct fwu_mdata *mdata) -{
- int ret;
- ret = uclass_first_device_err(UCLASS_FWU_MDATA, dev);
- if (ret) {
log_debug("Cannot find fwu device\n");return ret;- }
- if (!mdata)
return 0;- ret = fwu_get_mdata(*dev, mdata);
- if (ret < 0)
log_debug("Unable to get valid FWU metadata\n");- return ret;
-}
static int trial_counter_update(u16 *trial_state_ctr) { bool delete; @@ -282,136 +262,6 @@ ret_mdata: return err; }
-/**
- fwu_verify_mdata() - Verify the FWU metadata
- @mdata: FWU metadata structure
- @pri_part: FWU metadata partition is primary or secondary
- Verify the FWU metadata by computing the CRC32 for the metadata
- structure and comparing it against the CRC32 value stored as part
- of the structure.
- Return: 0 if OK, -ve on error
- */
-int fwu_verify_mdata(struct fwu_mdata *mdata, bool pri_part) -{
- u32 calc_crc32;
- void *buf;
- buf = &mdata->version;
- calc_crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));
- if (calc_crc32 != mdata->crc32) {
log_debug("crc32 check failed for %s FWU metadata partition\n",pri_part ? "primary" : "secondary");return -EINVAL;- }
- return 0;
-}
-/**
- fwu_check_mdata_validity() - Check for validity of the FWU metadata copies
- Read both the metadata copies from the storage media, verify their checksum,
- and ascertain that both copies match. If one of the copies has gone bad,
- restore it from the good copy.
- Return: 0 if OK, -ve on error
- */
-int fwu_check_mdata_validity(void) -{
- int ret;
- struct udevice *dev;
- struct fwu_mdata pri_mdata;
- struct fwu_mdata secondary_mdata;
- uint mdata_parts[2];
- uint valid_partitions, invalid_partitions;
- ret = fwu_get_dev_mdata(&dev, NULL);
- if (ret)
return ret;- /*
* Check if the platform has defined its own* function to check the metadata partitions'* validity. If so, that takes precedence.*/- ret = fwu_mdata_check(dev);
- if (!ret || ret != -ENOSYS)
return ret;- /*
* Two FWU metadata partitions are expected.* If we don't have two, user needs to create* them first*/- valid_partitions = 0;
- ret = fwu_get_mdata_part_num(dev, mdata_parts);
- if (ret < 0) {
log_debug("Error getting the FWU metadata partitions\n");return -ENOENT;- }
- ret = fwu_read_mdata_partition(dev, &pri_mdata, mdata_parts[0]);
- if (!ret) {
ret = fwu_verify_mdata(&pri_mdata, 1);if (!ret)valid_partitions |= PRIMARY_PART;- }
- ret = fwu_read_mdata_partition(dev, &secondary_mdata, mdata_parts[1]);
- if (!ret) {
ret = fwu_verify_mdata(&secondary_mdata, 0);if (!ret)valid_partitions |= SECONDARY_PART;- }
- if (valid_partitions == (PRIMARY_PART | SECONDARY_PART)) {
/** Before returning, check that both the* FWU metadata copies are the same. If not,* populate the secondary partition from the* primary partition copy.*/if (!memcmp(&pri_mdata, &secondary_mdata,sizeof(struct fwu_mdata))) {ret = 0;} else {log_info("Both FWU metadata copies are valid but do not match.");log_info(" Restoring the secondary partition from the primary\n");ret = fwu_write_mdata_partition(dev, &pri_mdata,mdata_parts[1]);if (ret)log_debug("Restoring secondary FWU metadata partition failed\n");}goto out;- }
- if (!(valid_partitions & BOTH_PARTS)) {
log_info("Both FWU metadata partitions invalid\n");ret = -EBADMSG;goto out;- }
- invalid_partitions = valid_partitions ^ BOTH_PARTS;
- ret = fwu_write_mdata_partition(dev,
(invalid_partitions == PRIMARY_PART) ?&secondary_mdata : &pri_mdata,(invalid_partitions == PRIMARY_PART) ?mdata_parts[0] : mdata_parts[1]);- if (ret)
log_debug("Restoring %s FWU metadata partition failed\n",(invalid_partitions == PRIMARY_PART) ?"primary" : "secondary");-out:
- return ret;
-}
/**
- fwu_get_active_index() - Get active_index from the FWU metadata
- @active_idx: active_index value to be read
@@ -424,19 +274,14 @@ out: */ int fwu_get_active_index(uint *active_idx) {
- int ret;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
- ret = fwu_get_dev_mdata(&dev, &mdata);
- if (ret)
return ret;
int ret = 0;
struct fwu_mdata *mdata = &g_mdata;
/*
- Found the FWU metadata partition, now read the active_index
- value
*/
- *active_idx = mdata.active_index;
- *active_idx = mdata->active_index; if (*active_idx >= CONFIG_FWU_NUM_BANKS) { log_debug("Active index value read is incorrect\n"); ret = -EINVAL;
@@ -457,30 +302,25 @@ int fwu_get_active_index(uint *active_idx) int fwu_set_active_index(uint active_idx) { int ret;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
struct fwu_mdata *mdata = &g_mdata;
if (active_idx >= CONFIG_FWU_NUM_BANKS) { log_debug("Invalid active index value\n"); return -EINVAL; }
- ret = fwu_get_dev_mdata(&dev, &mdata);
- if (ret)
return ret;- /*
*/
- Update the active index and previous_active_index fields
- in the FWU metadata
- mdata.previous_active_index = mdata.active_index;
- mdata.active_index = active_idx;
mdata->previous_active_index = mdata->active_index;
mdata->active_index = active_idx;
/*
- Now write this updated FWU metadata to both the
- FWU metadata partitions
*/
- ret = fwu_update_mdata(dev, &mdata);
- ret = fwu_sync_mdata(mdata, BOTH_PARTS); if (ret) { log_debug("Failed to update FWU metadata partitions\n"); ret = -EIO;
@@ -510,15 +350,10 @@ int fwu_get_image_index(u8 *image_index) u8 alt_num; uint update_bank; efi_guid_t *image_guid, image_type_id;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
- struct fwu_mdata *mdata = &g_mdata; struct fwu_image_entry *img_entry; struct fwu_image_bank_info *img_bank_info;
- ret = fwu_get_dev_mdata(&dev, &mdata);
- if (ret)
return ret;- ret = fwu_plat_get_update_index(&update_bank); if (ret) { log_debug("Failed to get the FWU update bank\n");
@@ -539,11 +374,11 @@ int fwu_get_image_index(u8 *image_index) */ for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { if (!guidcmp(&image_type_id,
&mdata.img_entry[i].image_type_uuid)) {img_entry = &mdata.img_entry[i];
&mdata->img_entry[i].image_type_uuid)) {img_entry = &mdata->img_entry[i]; img_bank_info = &img_entry->img_bank_info[update_bank]; image_guid = &img_bank_info->image_uuid;
ret = fwu_plat_get_alt_num(dev, image_guid, &alt_num);
ret = fwu_plat_get_alt_num(g_dev, image_guid, &alt_num); if (ret) { log_debug("alt_num not found for partition with GUID %pUs\n", image_guid);@@ -578,26 +413,21 @@ int fwu_revert_boot_index(void) { int ret; u32 cur_active_index;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
- ret = fwu_get_dev_mdata(&dev, &mdata);
- if (ret)
return ret;
struct fwu_mdata *mdata = &g_mdata;
/*
- Swap the active index and previous_active_index fields
- in the FWU metadata
*/
- cur_active_index = mdata.active_index;
- mdata.active_index = mdata.previous_active_index;
- mdata.previous_active_index = cur_active_index;
cur_active_index = mdata->active_index;
mdata->active_index = mdata->previous_active_index;
mdata->previous_active_index = cur_active_index;
/*
- Now write this updated FWU metadata to both the
- FWU metadata partitions
*/
- ret = fwu_update_mdata(dev, &mdata);
- ret = fwu_sync_mdata(mdata, BOTH_PARTS); if (ret) { log_debug("Failed to update FWU metadata partitions\n"); ret = -EIO;
@@ -624,16 +454,11 @@ int fwu_revert_boot_index(void) static int fwu_clrset_image_accept(efi_guid_t *img_type_id, u32 bank, u8 action) { int ret, i;
- struct udevice *dev;
- struct fwu_mdata mdata = { 0 };
- struct fwu_mdata *mdata = &g_mdata; struct fwu_image_entry *img_entry; struct fwu_image_bank_info *img_bank_info;
- ret = fwu_get_dev_mdata(&dev, &mdata);
- if (ret)
return ret;- img_entry = &mdata.img_entry[0];
- img_entry = &mdata->img_entry[0]; for (i = 0; i < CONFIG_FWU_NUM_IMAGES_PER_BANK; i++) { if (!guidcmp(&img_entry[i].image_type_uuid, img_type_id)) { img_bank_info = &img_entry[i].img_bank_info[bank];
@@ -642,7 +467,7 @@ static int fwu_clrset_image_accept(efi_guid_t *img_type_id, u32 bank, u8 action) else img_bank_info->accepted = 0;
ret = fwu_update_mdata(dev, &mdata);
ret = fwu_sync_mdata(mdata, BOTH_PARTS); goto out;@@ -777,8 +602,6 @@ static int fwu_boottime_checks(void *ctx, struct event *event) { int ret; u32 boot_idx, active_idx;
struct udevice *dev;
struct fwu_mdata mdata = { 0 };
/* Don't have boot time checks on sandbox */ if (IS_ENABLED(CONFIG_SANDBOX)) {
@@ -786,9 +609,17 @@ static int fwu_boottime_checks(void *ctx, struct event *event) return 0; }
- ret = fwu_check_mdata_validity();
- if (ret)
return 0;
ret = uclass_first_device_err(UCLASS_FWU_MDATA, &g_dev);
if (ret) {
log_debug("Cannot find fwu device\n");return ret;}
ret = fwu_get_verified_mdata(NULL);
if (ret) {
log_debug("Unable to read meta-data\n");return ret;}
/*
- Get the Boot Index, i.e. the bank from
@@ -824,11 +655,7 @@ static int fwu_boottime_checks(void *ctx, struct event *event) if (efi_init_obj_list() != EFI_SUCCESS) return 0;
- ret = fwu_get_dev_mdata(&dev, &mdata);
- if (ret)
return ret;- in_trial = in_trial_state(&mdata);
- in_trial = in_trial_state(&g_mdata); if (!in_trial || (ret = fwu_trial_count_update()) > 0) ret = trial_counter_update(NULL);
-- 2.34.1
Etienne, Sughosh, this looks correct, but can someone verify it doesn't break the ST board?
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
On Thu, 16 Mar 2023 at 13:56, Ilias Apalodimas ilias.apalodimas@linaro.org wrote:
On Mon, Mar 06, 2023 at 05:18:41PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The common code can now read, verify and fix meta-data copies while exposing one consistent structure to users. Only the .read_mdata() and .write_mdata() callbacks of fwu_mdata_ops are needed. Get rid of .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() and .write_mdata_partition() and also the corresponding wrapper functions.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org
cmd/fwu_mdata.c | 17 +- drivers/fwu-mdata/fwu-mdata-uclass.c | 165 ------------------- drivers/fwu-mdata/gpt_blk.c | 124 +------------- include/fwu.h | 199 ----------------------- lib/fwu_updates/fwu.c | 235 ++++----------------------- 5 files changed, 38 insertions(+), 702 deletions(-)
<snip>
Etienne, Sughosh, this looks correct, but can someone verify it doesn't break the ST board?
I will check on the ST board by tomorrow and get back.
-sughosh
From: Jassi Brar jaswinder.singh@linaro.org
fwu_get_mdata() sounds more appropriate than fwu_get_verified_mdata()
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org Reviewed-by: Etienne Carriere etienne.carriere@linaro.org Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org --- cmd/fwu_mdata.c | 2 +- include/fwu.h | 4 ++-- lib/fwu_updates/fwu.c | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/cmd/fwu_mdata.c b/cmd/fwu_mdata.c index 9b70340368..5ecda455df 100644 --- a/cmd/fwu_mdata.c +++ b/cmd/fwu_mdata.c @@ -46,7 +46,7 @@ int do_fwu_mdata_read(struct cmd_tbl *cmdtp, int flag, int ret = CMD_RET_SUCCESS, res; struct fwu_mdata mdata;
- res = fwu_get_verified_mdata(&mdata); + res = fwu_get_mdata(&mdata); if (res < 0) { log_err("Unable to get valid FWU metadata\n"); ret = CMD_RET_FAILURE; diff --git a/include/fwu.h b/include/fwu.h index 314aadea59..33b4d0b3db 100644 --- a/include/fwu.h +++ b/include/fwu.h @@ -80,7 +80,7 @@ int fwu_read_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary);
/** - * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * fwu_get_mdata() - Read, verify and return the FWU metadata * * Read both the metadata copies from the storage media, verify their checksum, * and ascertain that both copies match. If one of the copies has gone bad, @@ -88,7 +88,7 @@ int fwu_write_mdata(struct udevice *dev, struct fwu_mdata *mdata, bool primary); * * Return: 0 if OK, -ve on error */ -int fwu_get_verified_mdata(struct fwu_mdata *mdata); +int fwu_get_mdata(struct fwu_mdata *mdata);
/** * fwu_get_active_index() - Get active_index from the FWU metadata diff --git a/lib/fwu_updates/fwu.c b/lib/fwu_updates/fwu.c index 49c9316c70..a24ccf567a 100644 --- a/lib/fwu_updates/fwu.c +++ b/lib/fwu_updates/fwu.c @@ -189,7 +189,7 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata) }
/** - * fwu_get_verified_mdata() - Read, verify and return the FWU metadata + * fwu_get_mdata() - Read, verify and return the FWU metadata * @mdata: Output FWU metadata read or NULL * * Read both the metadata copies from the storage media, verify their checksum, @@ -198,7 +198,7 @@ static inline int mdata_crc_check(struct fwu_mdata *mdata) * * Return: 0 if OK, -ve on error */ -int fwu_get_verified_mdata(struct fwu_mdata *mdata) +int fwu_get_mdata(struct fwu_mdata *mdata) { int err; bool parts_ok[2] = { false }; @@ -615,7 +615,7 @@ static int fwu_boottime_checks(void *ctx, struct event *event) return ret; }
- ret = fwu_get_verified_mdata(NULL); + ret = fwu_get_mdata(NULL); if (ret) { log_debug("Unable to read meta-data\n"); return ret;
From: Jassi Brar jaswinder.singh@linaro.org
fwu_get_mdata() no more requires 'dev' argument and fwu_check_mdata_validity() has been rendered useless and dropped. Fix the test cases to work with aforementioned changes.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org --- test/dm/fwu_mdata.c | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-)
diff --git a/test/dm/fwu_mdata.c b/test/dm/fwu_mdata.c index b179a65c15..8b5c83ef4e 100644 --- a/test/dm/fwu_mdata.c +++ b/test/dm/fwu_mdata.c @@ -98,7 +98,7 @@ static int dm_test_fwu_mdata_read(struct unit_test_state *uts) ut_assertok(populate_mmc_disk_image(uts)); ut_assertok(write_mmc_blk_device(uts));
- ut_assertok(fwu_get_mdata(dev, &mdata)); + ut_assertok(fwu_get_mdata(&mdata));
ut_asserteq(mdata.version, 0x1);
@@ -118,30 +118,14 @@ static int dm_test_fwu_mdata_write(struct unit_test_state *uts)
ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, &dev));
- ut_assertok(fwu_get_mdata(dev, &mdata)); + ut_assertok(fwu_get_mdata(&mdata));
active_idx = (mdata.active_index + 1) % CONFIG_FWU_NUM_BANKS; ut_assertok(fwu_set_active_index(active_idx));
- ut_assertok(fwu_get_mdata(dev, &mdata)); + ut_assertok(fwu_get_mdata(&mdata)); ut_asserteq(mdata.active_index, active_idx);
return 0; } DM_TEST(dm_test_fwu_mdata_write, UT_TESTF_SCAN_FDT); - -static int dm_test_fwu_mdata_check(struct unit_test_state *uts) -{ - struct udevice *dev; - - ut_assertok(setup_blk_device(uts)); - ut_assertok(populate_mmc_disk_image(uts)); - ut_assertok(write_mmc_blk_device(uts)); - - ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, &dev)); - - ut_assertok(fwu_check_mdata_validity()); - - return 0; -} -DM_TEST(dm_test_fwu_mdata_check, UT_TESTF_SCAN_FDT);
On Mon, Mar 06, 2023 at 05:18:58PM -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
fwu_get_mdata() no more requires 'dev' argument and fwu_check_mdata_validity() has been rendered useless and dropped. Fix the test cases to work with aforementioned changes.
Signed-off-by: Jassi Brar jaswinder.singh@linaro.org
test/dm/fwu_mdata.c | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-)
diff --git a/test/dm/fwu_mdata.c b/test/dm/fwu_mdata.c index b179a65c15..8b5c83ef4e 100644 --- a/test/dm/fwu_mdata.c +++ b/test/dm/fwu_mdata.c @@ -98,7 +98,7 @@ static int dm_test_fwu_mdata_read(struct unit_test_state *uts) ut_assertok(populate_mmc_disk_image(uts)); ut_assertok(write_mmc_blk_device(uts));
- ut_assertok(fwu_get_mdata(dev, &mdata));
ut_assertok(fwu_get_mdata(&mdata));
ut_asserteq(mdata.version, 0x1);
@@ -118,30 +118,14 @@ static int dm_test_fwu_mdata_write(struct unit_test_state *uts)
ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, &dev));
- ut_assertok(fwu_get_mdata(dev, &mdata));
ut_assertok(fwu_get_mdata(&mdata));
active_idx = (mdata.active_index + 1) % CONFIG_FWU_NUM_BANKS; ut_assertok(fwu_set_active_index(active_idx));
- ut_assertok(fwu_get_mdata(dev, &mdata));
ut_assertok(fwu_get_mdata(&mdata)); ut_asserteq(mdata.active_index, active_idx);
return 0;
} DM_TEST(dm_test_fwu_mdata_write, UT_TESTF_SCAN_FDT);
-static int dm_test_fwu_mdata_check(struct unit_test_state *uts) -{
- struct udevice *dev;
- ut_assertok(setup_blk_device(uts));
- ut_assertok(populate_mmc_disk_image(uts));
- ut_assertok(write_mmc_blk_device(uts));
- ut_assertok(uclass_first_device_err(UCLASS_FWU_MDATA, &dev));
- ut_assertok(fwu_check_mdata_validity());
- return 0;
-}
-DM_TEST(dm_test_fwu_mdata_check, UT_TESTF_SCAN_FDT);
2.34.1
Acked-by: Ilias Apalodimas ilias.apalodimas@linaro.org
On Tue, 7 Mar 2023 at 04:48, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
Basic idea: Introduce .read_mdata() and .write_mdata() in fwu_mdata_ops that simply read/write meta-data copy. The core code takes care of integrity and redundancy of the meta-data, as a result we can get rid of every other callback .get_mdata() .update_mdata() .get_mdata_part_num() .read_mdata_partition() .write_mdata_partition() and the corresponding wrapper functions thereby making the code 100s of LOC smaller.
Get rid of fwu_check_mdata_validity() and fwu_mdata_check() which expected underlying layer to manage and verify mdata copies. Implement fwu_get_verified_mdata(struct fwu_mdata *mdata) public function that reads, verifies and, if needed, fixes the meta-data copies.
Verified copy of meta-data is now cached as 'g_mdata' in fwu.c, which avoids multiple low-level expensive read and parse calls. gpt meta-data partition numbers are now cached in gpt_blk.c, so that we don't have to do expensive part_get_info() and uid ops.
Changes since v5: * Fix SANDBOX tests * Removed '@' from dt nodes * misc cosmetic changes suggested by Etienne
Changes since v4: * Change fwu-mdata-mtd bindings to not require external changes * Handle 'part == BOTH_PARTS' in fwu_sync_mdata * use parts_ok[] and parts_mdata[] instead of pri/sec_ok and p/s_mdata
Changes since v3: * Fix error log wording * call fwu_write_mdata() with part & PRIMARY_PART ? true: false
Changes since v2: * Drop whitespace changes * Fix missing mdata copy before return
Changes since v1: * Fix typos and misc cosmetic changes * Catch error returns
Jassi Brar (7): dt/bindings: fwu-mdata-mtd: drop changes outside FWU fwu: gpt: use cached meta-data partition numbers fwu: move meta-data management in core fwu: gpt: implement read_mdata and write_mdata callbacks fwu: meta-data: switch to management by common code fwu: rename fwu_get_verified_mdata to fwu_get_mdata test: dm: fwu: fix for the updated api
cmd/fwu_mdata.c | 17 +- .../firmware/fwu-mdata-mtd.yaml | 105 ++++++- drivers/fwu-mdata/fwu-mdata-uclass.c | 151 +-------- drivers/fwu-mdata/gpt_blk.c | 175 +++-------- include/fwu.h | 198 ++---------- lib/fwu_updates/fwu.c | 296 ++++++++---------- test/dm/fwu_mdata.c | 22 +- 7 files changed, 299 insertions(+), 665 deletions(-)
Tested the changes on the STM32MP1 DK2 board.
Tested-by: Sughosh Ganu sughosh.ganu@linaro.org
-sughosh
On Mon, 06 Mar 2023 17:17:47 -0600, jassisinghbrar@gmail.com wrote:
From: Jassi Brar jaswinder.singh@linaro.org
The patchset reduces ~400 lines of code, while keeping the functionality same and making meta-data operations much faster (by using cached structures).
Issue: meta-data copies (primary and secondary) are being handled by the backend/storage layer instead of the common core in fwu.c (as also noted by Ilias) that is, gpt_blk.c manages meta-data and similarly raw_mtd.c will have to do the same when it arrives. The code could by make smaller, cleaner and optimised.
[...]
Applied to u-boot/next, thanks!
participants (4)
-
Ilias Apalodimas -
jassisinghbrar@gmail.com -
Sughosh Ganu -
Tom Rini