From: Leif Lindholm <leif.lindholm@linaro.org>
To: Marcin Wojtas <mw@semihalf.com>
Cc: edk2-devel@lists.01.org, ard.biesheuvel@linaro.org,
jsd@semihalf.com, jinghua@marvell.com, jaz@semihalf.com,
davidsn@marvell.com
Subject: Re: [platforms PATCH v4 5/5] Marvell/Armada7k8k: Wire up capsule support
Date: Mon, 4 Jun 2018 18:46:11 +0100 [thread overview]
Message-ID: <20180604174611.tgoknqg3cozjwnx7@bivouac.eciton.net> (raw)
In-Reply-To: <1528132305-16614-1-git-send-email-mw@semihalf.com>
On Mon, Jun 04, 2018 at 07:11:45PM +0200, Marcin Wojtas wrote:
> All required components are in place, so we can now
> add all necessary dependencies to build and use capsule support
> for Armada7k8k platforms. It is conditionally enabled
> with '-D CAPSULE_ENABLE' flag added during build time.
>
> Because the capsule generation must be sequential,
> due to boot requirements and glueing all binaries
> (BLE, ARM-TF, BL33) externally, introduce additional
> .dsc and .fdf file solely for creating the capsule.
>
> In order to build the capsule following parameters
> must be passed to the build command of the common file
> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc:
>
> -D PLATFORM_NAME=<previously built platform name with capsule support>
> -D FIRMWARE_IMAGE_PATH=<path/to/flash-image.bin>
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
> Signed-off-by: David Sniatkiwicz <davidsn@marvell.com>
> ---
> Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++
> Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++
> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++
> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++
> 4 files changed, 223 insertions(+)
>
> diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> index bf04f4d..e5e5443 100644
> --- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> +++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> @@ -201,6 +201,15 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c
> INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
> INF MdeModulePkg/Application/UiApp/UiApp.inf
>
> +!if $(CAPSULE_ENABLE)
> + # Firmware update
> + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> + FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
> + SECTION UI = "Pkcs7TestRoot"
> + }
> +!endif
>
> # PEI phase firmware volume
> [FV.FVMAIN_COMPACT]
> @@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE
> INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
> INF ArmPkg/Drivers/CpuPei/CpuPei.inf
> INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
> +!if $(CAPSULE_ENABLE)
> + INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
> + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>
> FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
> @@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE
> }
> }
>
> +!if $(CAPSULE_ENABLE)
> +[FV.SystemFirmwareDescriptor]
> +FvAlignment = 8
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +
> +[FV.CapsuleDispatchFv]
> +FvAlignment = 8
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
> +
> +!endif
> +
> ################################################################################
> #
> # Rules are use with the [FV] section's module INF type to define
> @@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE
> UI STRING ="$(MODULE_NAME)" Optional
> PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> }
> +
> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
> + FILE PEIM = $(NAMED_GUID) {
> + RAW BIN |.acpi
> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> index 8fb912b..75fa3d4 100644
> --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> @@ -42,8 +42,23 @@
> DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
>
> +!if $(CAPSULE_ENABLE)
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
> + PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf
> +!endif
> +
> # Basic utility libraries
> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
> +!if $(CAPSULE_ENABLE)
> + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> +!endif
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
> PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> @@ -199,7 +214,11 @@
> [LibraryClasses.common.DXE_RUNTIME_DRIVER]
> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> +!if $(CAPSULE_ENABLE)
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> +!else
> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> +!endif
> !if $(TARGET) != RELEASE
> DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
> !endif
> @@ -376,6 +395,13 @@
> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000
> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000
>
> +!if $(CAPSULE_ENABLE)
> +[PcdsDynamicExDefault.common.DEFAULT]
> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, 0x9e, 0x06, 0xc7}
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, 0xf3, 0x09, 0x40}
> +!endif
> +
> ################################################################################
> #
> # Components Section - list of all EDK II Modules needed by this Platform
> @@ -394,6 +420,11 @@
> ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
> ArmPkg/Drivers/CpuPei/CpuPei.inf
> MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
> +!if $(CAPSULE_ENABLE)
> + MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
> + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
> <LibraryClasses>
> NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
> @@ -503,6 +534,16 @@
> NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
> }
>
> +!if $(CAPSULE_ENABLE)
> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
> + <LibraryClasses>
> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
> + }
> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> +!endif
> +
> #
> # Variable services
> #
> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
> new file mode 100644
> index 0000000..0498bce
> --- /dev/null
> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
> @@ -0,0 +1,46 @@
> +#Copyright (C) 2018 Marvell International Ltd.
> +#
> +#Marvell BSD License Option
> +#
> +#If you received this File from Marvell, you may opt to use, redistribute and/or
> +#modify this File under the following licensing terms.
> +#Redistribution and use in source and binary forms, with or without modification,
> +#are permitted provided that the following conditions are met:
> +#
> +# * Redistributions of source code must retain the above copyright notice,
> +# this list of conditions and the following disclaimer.
> +#
> +# * Redistributions in binary form must reproduce the above copyright
> +# notice, this list of conditions and the following disclaimer in the
> +# documentation and/or other materials provided with the distribution.
> +#
> +# * Neither the name of Marvell nor the names of its contributors may be
> +# used to endorse or promote products derived from this software without
> +# specific prior written permission.
> +#
> +#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
> +#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
> +#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
> +#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
> +#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
> +#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
> +#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
> +#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> +#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
> +#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> +#
> +################################################################################
> +#
> +# Defines Section - statements that will be processed to create a Makefile.
> +#
> +################################################################################
> +[Defines]
> + PLATFORM_NAME = ${PLATFORM_NAME}
> + PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3
> + PLATFORM_VERSION = 0.1
> + DSC_SPECIFICATION = 0x00010019
> + OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH)
> + SUPPORTED_ARCHITECTURES = AARCH64|ARM
> + BUILD_TARGETS = DEBUG|RELEASE
> + SKUID_IDENTIFIER = DEFAULT
> + FLASH_DEFINITION = Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> new file mode 100644
> index 0000000..3fe165f
> --- /dev/null
> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> @@ -0,0 +1,70 @@
> +#
> +# Copyright (C) Marvell International Ltd. and its affiliates
> +#
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD License
> +# which accompanies this distribution. The full text of the license may be found at
> +# http://opensource.org/licenses/bsd-license.php
> +#
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +
> +[FD.Armada_Capsule]
> +BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash.
> +Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device
> +ErasePolarity = 1
> +
> +0x00000000|0x00010000
> +FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv
> +
> +0x00100000|0x00300000
> +FILE = $(FIRMWARE_IMAGE_PATH)
OK, so using it not as a pointer to a directory, this doesn't lose any
flexibility compared to a PREFIX. But a _PATH variable is something I
expect to be pointing to a directory.
I'd be happy without the _PATH suffix - can we drop it?
/
Leif
> +
> +[FV.SystemFirmwareUpdateCargo]
> +FvAlignment = 8
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> + FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # PcdEdkiiSystemFirmwareFileGuid
> + FD = Armada_Capsule
> + }
> +
> + FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
> + $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv
> + }
> +
> + FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
> + }
> +
> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
> +IMAGE_HEADER_INIT_VERSION = 0x02
> +IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # PcdSystemFmpCapsuleImageTypeIdGuid
> +IMAGE_INDEX = 0x1
> +HARDWARE_INSTANCE = 0x0
> +MONOTONIC_COUNT = 0x1
> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
> +
> + FV = SystemFirmwareUpdateCargo
> +
> +[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7]
> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
> +CAPSULE_HEADER_SIZE = 0x20
> +CAPSULE_HEADER_INIT_VERSION = 0x1
> +
> + FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
> +
> --
> 2.7.4
>
next prev parent reply other threads:[~2018-06-04 17:46 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-04 17:11 [platforms PATCH v4 5/5] Marvell/Armada7k8k: Wire up capsule support Marcin Wojtas
2018-06-04 17:46 ` Leif Lindholm [this message]
2018-06-04 18:53 ` Marcin Wojtas
2018-06-04 19:08 ` Leif Lindholm
2018-06-04 19:13 ` Ard Biesheuvel
2018-06-05 11:59 ` Leif Lindholm
2018-06-05 12:13 ` Marcin Wojtas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180604174611.tgoknqg3cozjwnx7@bivouac.eciton.net \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox