From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4001:c0b::242; helo=mail-it0-x242.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-it0-x242.google.com (mail-it0-x242.google.com [IPv6:2607:f8b0:4001:c0b::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 994CA2007E7EA for ; Fri, 1 Jun 2018 02:59:49 -0700 (PDT) Received: by mail-it0-x242.google.com with SMTP id 76-v6so1126045itx.4 for ; Fri, 01 Jun 2018 02:59:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=prHw8B6VQzFXKNIHLBiaV/i8pe4hhASp8EPKvX1Ea1g=; b=OZWPzAZPGexR3iM/mW3HcAmE/4l5lsL91LMeFj6J3qscQkscaR/Euhl6zUqUqfUfUI SWEebUPrYr7khLphV6bQr/amoKUuAW6mIu5XDtJg19UIqg5pYFN4+DsIQNghyCtycVT+ 8pMrvfYFTLNKkA4eUgxiPCzItj53DU6LLD3H0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=prHw8B6VQzFXKNIHLBiaV/i8pe4hhASp8EPKvX1Ea1g=; b=HocntUsHVyo/LdFPXb5RYUS35/bS+yjpmZfL6uD4SDsrwTjoLYm120w48br3f0cAlP AcAeUgjhlJhwHOkZt5u9wf5QUM3Ot2csHQ6xfIY3YCCSMQ3b/2cEe//f3BLcKNhlsTIi v9ocmspa3bbhHUQ7mhrRFS0af+lUVL8N7EpAJ9hCTh+lyp9RpFODGvK7avB4iMvQjZQx SOVVTsuTpVCErYshtyPNZYWsmfg4TOqqGv53HSjUtR7Ea6ewvVOV3dvK09cktwgHZU8V 17QKypL8sfoimIsQXGO0guQGrFhlMqin9CRz7u+n+j+Jscxdu0y9ViLLbXJjXL+XoKP2 xTfg== X-Gm-Message-State: APt69E3GeVG6J21HV06w/x93s275JM7UEWW1mvLYMbraOFFyN395TDvv rzq9m45W+pzSqABd+Z59dxrsIQK4sryH4HweXrGEUQ== X-Google-Smtp-Source: ADUXVKKaE+Xl45kRIQfW542UKW+MJzQtNaQawRBnsU3p5FScDaAnklpYF2+pKTUzLFsY30KjIo0N8bCIIDfATmR2sCs= X-Received: by 2002:a24:f04e:: with SMTP id p14-v6mr3561631iti.106.1527847188273; Fri, 01 Jun 2018 02:59:48 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a6b:bb86:0:0:0:0:0 with HTTP; Fri, 1 Jun 2018 02:59:47 -0700 (PDT) In-Reply-To: <20180601095150.pfw65whgw7jwb3rd@bivouac.eciton.net> References: <20180316161322.6756-1-ard.biesheuvel@linaro.org> <20180601095150.pfw65whgw7jwb3rd@bivouac.eciton.net> From: Ard Biesheuvel Date: Fri, 1 Jun 2018 11:59:47 +0200 Message-ID: To: Leif Lindholm Cc: "edk2-devel@lists.01.org" Subject: Re: [RFC PATCH edk2-platforms 0/6] expand capsule to include SCP firmware X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jun 2018 09:59:49 -0000 Content-Type: text/plain; charset="UTF-8" On 1 June 2018 at 11:51, Leif Lindholm wrote: > On Fri, Mar 16, 2018 at 04:13:16PM +0000, Ard Biesheuvel wrote: >> Now that the NOR flash layout has been updated to split the actual SCP >> firmware from the startup code and the builtin flasher, we can add the >> SCP image to the capsule update to make it field upgradeable. >> >> This involves some rather nasty plumbing, since making changes to capsule >> update installable via capsule update requires some additional care. >> >> Patch #1 fixes a bug in the FVB handling code of the flash access library. >> >> Patch #2 addresses an issue where we accidentally started to dereference >> arbitrary data as an FV header by incorporating the secure firmware binary >> into the flash device. >> >> Patch #3 is an optimization that speeds up flashing of sparse capsules. >> >> Patch #4 adds a PCD that holds the minimum firmware version that is allowed >> by a platform. We will use this to ensure that systems using the new layout >> cannot be flashed using older capsules, which is unlikely to work in any >> case, but not guaranteed to fail in a harmless manner. >> >> Patch #5 is a temporary hack we will need to use to build capsules that >> allow upgrading from the old layout to the new layout >> >> Patch #6 implements the new layout, and adds support to set the minimum >> version on the build command line. >> >> Ard Biesheuvel (6): >> Silicon/SynQuacerPlatformFlashAccessLib: fix return value on no FVB >> found >> Silicon/SynQuacerPlatformFlashAccessLib: don't dereference FVB header >> fields >> Silicon/SynQuacerPlatformFlashAccessLib: skip empty blocks >> Silicon/SynQuacer: make lowest supported f/w version PCD configurable >> TEMPORARY >> Platform/Socionext/DeveloperBox: add SCP firmware image to capsule > > I have a few comments on the 5/6 layout thing, but apart from that I'm > happy with the series. I guess 4 doesn't make much sense before we're > ready to include the SCP firmware in the build. > But still - for 1-4/6: > Reviewed-by: Leif Lindholm > > Feel free to push as many or as few of those as you like. > Thanks #1 - #3 pushed as c9be7b11ea10..e45ae44ec07e #4 will be updated to use PcdLowestSupportedFirmwareVersion from SignedCapsulePkg, and that patch is still under review.