From patchwork Fri Apr 26 14:19:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Caleb Connolly X-Patchwork-Id: 1928219 X-Patchwork-Delegate: apalos@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=bOaXzmwa; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VQvxq24YCz23hv for ; Sat, 27 Apr 2024 00:19:59 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id B859C89172; Fri, 26 Apr 2024 16:19:49 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="bOaXzmwa"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5738989175; Fri, 26 Apr 2024 16:19:46 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 634318916C for ; Fri, 26 Apr 2024 16:19:44 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=caleb.connolly@linaro.org Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-56e69a51a33so2289467a12.1 for ; Fri, 26 Apr 2024 07:19:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714141184; x=1714745984; darn=lists.denx.de; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=+ScOBSUPYQXRqu9uQCWgEfTwcS0jSDSxjEPh1D2tP14=; b=bOaXzmwaA6Tn2tUCGxFLrE9LwxzLE9N6x2f0L8nOaO+JJoAyw0BY5r3D+feUuBGmsh 1xdVeEtfE4iYplLtLOdC6fgSLsXg6t9SSoGwPd70P5qYl9xGoKFx5aURZ9qw5tRWsnuP lUFBs7bFuholotCVjT3U3o0BgKL8PHY2i67qw6/Dp7AAH3z1zSNRHmXNq5YbSI9eho0n FW0rdFNFnZWcQVl1+v0HhlZ3dp+XlpAPV2RXzWy6VHKnHUOFS9DcsKCo1jeDmT/lWgx6 9Tn1Agc2p3eyd2sBR77H9zu3AmGpGoS93iqi+4eRQwePlnRY5rzKvCemeDWNXtXp85bX 1bbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714141184; x=1714745984; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+ScOBSUPYQXRqu9uQCWgEfTwcS0jSDSxjEPh1D2tP14=; b=pRX6+qm0fqC5UD3t+n+8P4FfRx+1Ie1D0HJlD7bFv4uJSA/cG2BAKG+reU8Df/Wltx h14iwUR3K61SPHcTHvnRTJupegCY/Mm5A8StCdzlOgEDKgB/uquAs5aumA05dzseju7/ EhuegEc2hXA5JfPIzXCPnU8QJg4nGwXhtgR+frCUa0njGA6FNSna2lp8pt5Jbhn8fKqf QJy43RFXVXs1xXvgpFNmUb9n29W8GrPMZdtYgE4kVob5+e80R+YthzCpPWAaQMgN5jDZ ImHextnpuY3rmQ2Xs82glUpAoak8iCo1JOfjyjPtNH/ObJer8e0Hxm04p+MlZAEHikQy t+1A== X-Gm-Message-State: AOJu0YyYQQ3Ct/r5325wwqXWvAJGo7eXT5Hv2xUOeeC2feQPyBU/05lJ LHxDEfiywdpG2/Pz+zgE457KCTCv7b+j7MY3MrWIdATUfheJ8+5J5fyO7txFg+k= X-Google-Smtp-Source: AGHT+IH6K9jn4J6xkGb4k5Mgmze1LwTsSPmoP8vs0zNgTyx2duoR+mAqSbKTS5gmYbTQnZVmCjIl2g== X-Received: by 2002:a50:a412:0:b0:56e:4676:aa3a with SMTP id u18-20020a50a412000000b0056e4676aa3amr1958720edb.16.1714141183721; Fri, 26 Apr 2024 07:19:43 -0700 (PDT) Received: from [192.168.0.113] ([2a02:8109:aa0d:be00::9b06]) by smtp.gmail.com with ESMTPSA id ds2-20020a0564021cc200b0057059d26756sm10041182edb.76.2024.04.26.07.19.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Apr 2024 07:19:43 -0700 (PDT) From: Caleb Connolly Date: Fri, 26 Apr 2024 16:19:35 +0200 Subject: [PATCH RFC 1/4] lib: uuid: add UUID v5 support MIME-Version: 1.0 Message-Id: <20240426-b4-dynamic-uuid-v1-1-e8154e00ec44@linaro.org> References: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> In-Reply-To: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> To: Tom Rini , Heinrich Schuchardt , Ilias Apalodimas , Richard Hughes Cc: u-boot@lists.denx.de, Caleb Connolly X-Mailer: b4 0.14-dev X-Developer-Signature: v=1; a=openpgp-sha256; l=3632; i=caleb.connolly@linaro.org; h=from:subject:message-id; bh=aV5bH35ybwlKtxSbQ79Rylaa2GjcuTfETF6uF8NdPD8=; b=owEBbQKS/ZANAwAIAQWDMSsZX2S2AcsmYgBmK7f95Pb4O+Gxi2/fjdzoBFfDtT0Psee7c5Op3 bVlu2DdawmJAjMEAAEIAB0WIQS2UaFGPGq+0GkMVc0FgzErGV9ktgUCZiu3/QAKCRAFgzErGV9k tieoD/9OGhKSb3Ap+olqSIJenxzlV3rRh41GtDPjmzlvgBMMJsC+NLSnmGCNJdym4fvBfebarkT /LjxQ8zAem5eSkEzDkB2eZtSJqt5Pg0z+eNsRkoj5kOurHTTofeATUC4otPjuVFnd+eRcHKn5+T dUOf1gpTB8R+fCPJO/whi7AQIdJ9NF7dlxh6eoWUe23BiGElXIII5/jR3sIb8TO2QJZWHLgtVcI G62u8VnI28lmR8lzz9vM1F/5oJaYKCmpmIErPYvHAr72/BDKf989L5/jqw/0rDMHMSqgLwPmbUZ FW9U4bgBsdho+jmB88Fqc6vH4Q5ly/TemdUCr8fBLulW0BBmctEztLyhRgUmqHyAO9V+1U6yXR1 MRpKpZlVUsJXJjZ5BgnTy0EYKomk2X+ZXZi7aZy3LaU0J2zl22ewqeldbUh/HJdYjZczEP09Md+ /OL/OttptCJiaMhd7kBsrI+zAfOvDT3Bt5QRBRvqZ8j1gqQCcQ8tnWHTlnDeb0IjKPQtiEQVeVZ UAVB4E31Y6hVN53KSCRUmUwUzJhLVL+9sHy8pC4dQ0qovKefJCdxpIoXY0LPaRPUIltH0gp5Ef1 dC6utDxdqysLqBCm0jH/DDc4xpxLJ7ZpnImXsZMWmdOiDC6Bup6Gu4EqpTs0rtH4wkM+BcIp46Z 2a/WIBWn45wE97Q== X-Developer-Key: i=caleb.connolly@linaro.org; a=openpgp; fpr=83B24DA7FE145076BC38BB250CD904EB673A7C47 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Add support for generate version 5 UUIDs, these are determistic and work by hashing a "namespace" UUID together with some unique data. One intended usecase is to allow for dynamically generate payload UUIDs for UEFI capsule updates, so that supported boards can have their own UUIDs without needing to hardcode them. Signed-off-by: Caleb Connolly --- include/uuid.h | 16 ++++++++++++++++ lib/Kconfig | 8 ++++++++ lib/uuid.c | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 57 insertions(+) diff --git a/include/uuid.h b/include/uuid.h index f5a941250f48..229b938d866a 100644 --- a/include/uuid.h +++ b/include/uuid.h @@ -142,8 +142,24 @@ void gen_rand_uuid(unsigned char *uuid_bin); * @param - uuid output type: UUID - 0, GUID - 1 */ void gen_rand_uuid_str(char *uuid_str, int str_format); +#if CONFIG_IS_ENABLED(UUID_GEN_V5) +/** + * gen_uuid_v5() - generate UUID v5 from namespace and other seed data. + * + * @namespace: pointer to UUID namespace salt + * @uuid: pointer to allocated UUID output + * @...: NULL terminated list of seed data as pairs of pointers + * to data and their lengths + */ +void gen_uuid_v5(struct uuid *namespace, struct uuid *uuid, ...); +#else +static inline void gen_uuid_v5(struct uuid *namespace, struct uuid *uuid, ...) +{ +} +#endif + /** * uuid_str_to_le_bin() - Convert string UUID to little endian binary data. * @uuid_str: pointer to UUID string * @uuid_bin: pointer to allocated array for little endian output [16B] diff --git a/lib/Kconfig b/lib/Kconfig index 189e6eb31aa1..2941532f25cf 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -80,8 +80,16 @@ config RANDOM_UUID help Enable the generation of partitions with random UUIDs if none are provided. +config UUID_GEN_V5 + bool "Enable UUID version 5 generation" + select LIB_UUID + depends on SHA1 + help + Enable the generation of version 5 UUIDs, these are determistic and + generated from a namespace UUID, and a string (such as a board name). + config SPL_LIB_UUID depends on SPL bool diff --git a/lib/uuid.c b/lib/uuid.c index 2d7d99535e72..e7fda8dc736d 100644 --- a/lib/uuid.c +++ b/lib/uuid.c @@ -21,8 +21,9 @@ #include #include #include #include +#include int uuid_str_valid(const char *uuid) { int i, valid; @@ -368,8 +369,40 @@ void uuid_bin_to_str(const unsigned char *uuid_bin, char *uuid_str, } } } +#if CONFIG_IS_ENABLED(UUID_GEN_V5) +void gen_uuid_v5(struct uuid *namespace, struct uuid *uuid, ...) +{ + sha1_context ctx; + va_list args; + const u8 *data; + u8 hash[SHA1_SUM_LEN]; + + sha1_starts(&ctx); + /* Hash the namespace UUID as salt */ + sha1_update(&ctx, (char *)namespace, UUID_BIN_LEN); + va_start(args, uuid); + + while ((data = va_arg(args, const u8 *))) + sha1_update(&ctx, (char *)data, va_arg(args, int)); + + va_end(args); + sha1_finish(&ctx, hash); + + /* Truncate the hash into output UUID and convert it to big endian */ + cpu_to_be32_array((u32 *)uuid, (u32 *)hash, 4); + + /* Configure variant/version bits */ + clrsetbits_be16(&uuid->time_hi_and_version, + UUID_VERSION_MASK, + 5 << UUID_VERSION_SHIFT); + clrsetbits_8(&uuid->clock_seq_hi_and_reserved, + UUID_VARIANT_MASK, + UUID_VARIANT << UUID_VARIANT_SHIFT); +} +#endif + #if defined(CONFIG_RANDOM_UUID) || defined(CONFIG_CMD_UUID) void gen_rand_uuid(unsigned char *uuid_bin) { u32 ptr[4]; From patchwork Fri Apr 26 14:19:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Caleb Connolly X-Patchwork-Id: 1928220 X-Patchwork-Delegate: apalos@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=um1UMJXD; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VQvy111dxz1yZx for ; Sat, 27 Apr 2024 00:20:09 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1E43F89175; Fri, 26 Apr 2024 16:19:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="um1UMJXD"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E0F908917E; Fri, 26 Apr 2024 16:19:47 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2A6D089173 for ; Fri, 26 Apr 2024 16:19:45 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=caleb.connolly@linaro.org Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-572347c2ba8so2545145a12.3 for ; Fri, 26 Apr 2024 07:19:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714141184; x=1714745984; darn=lists.denx.de; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=I96UQMKCMZVk9G/+8NZaXHuNSujSrUJjsebt41L2Rkc=; b=um1UMJXD6a8mDKXiWGZohOYvidhjdZdIY5uK9zK2/u8/bnTSHH82FN4twYnbe978vc YGrlo9ZCaKBh+V14Wr3ubWLLO9r4RRuURJ4tkff0yeSStyckMS2zMcAS36L9Q65BHfWn Lwi7hCwIVCMJF8clw/S+0Aug6A1iuI5PdWYn9WxN5oRC7j6C6sabmAY7fH7+U3ZKiedS CCiGmFXbFlJTXUz2JA/JJmsWMEcxPUGmoVIs7kYkbUqOVCoTeDrQs0T4xbw+THvpzx4t gCjhrpmIvuyrc+pWc3cxqieC6A2JqOlwbsL1Y5J0hAfitC+vkJ9+6FFdJyXxJ8ZjzCdj hnNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714141184; x=1714745984; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=I96UQMKCMZVk9G/+8NZaXHuNSujSrUJjsebt41L2Rkc=; b=EKvD1Zj7YamHFY0RPLJbcegpQhhcPLukDnd4XcRFXwgDU6pnVAx48/9WNOCrFLHUMM JXBW7q/V4G1huKkCohZiCYEdK//71+vKqlWTFoHTQQ2K2PiUq+Xs3L8rAkKS+yxSsHj0 u2E6bCqUTNQJyVt5sIelHkNehYDxdZ4k3L8aRUai3q2mYFyMOZDKLq+Y2YugfPlZPDoP 31IwIqyJipn9L5Nd5Bu/bP/lq5P/VKx17DHMjAMY43zs6zSuZ57WtI7YDOdYwf3NxATI UB95aeLvnRkLTVpJ5AeDs/mp94w8WNYfLDIytNdvEyRshy31Dg8erA9p7FDIXZLtKCDC /ZAw== X-Gm-Message-State: AOJu0YxE4TK2rUT9GX6yc+nHItdj8OkwPC9ai0fvFUB2oE7t23oGnvuR TR+3b4k8CodQkpZ3LCjY8X9U1tpd8GfnPAOZjvviqcKOpzPE7G3CBA+cs3KVW3QzNdIVNe8r84l UpZoQ5Q== X-Google-Smtp-Source: AGHT+IGWaGp/Ktf7UsRR2OjGsYW04Wll0cr+xl6DrU0PuDHXPqBreIYEtB+gXJGSMttDAqoqQXCjBQ== X-Received: by 2002:a50:c049:0:b0:571:b9ac:ff3d with SMTP id u9-20020a50c049000000b00571b9acff3dmr1903100edd.4.1714141184729; Fri, 26 Apr 2024 07:19:44 -0700 (PDT) Received: from [192.168.0.113] ([2a02:8109:aa0d:be00::9b06]) by smtp.gmail.com with ESMTPSA id ds2-20020a0564021cc200b0057059d26756sm10041182edb.76.2024.04.26.07.19.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Apr 2024 07:19:44 -0700 (PDT) From: Caleb Connolly Date: Fri, 26 Apr 2024 16:19:36 +0200 Subject: [PATCH RFC 2/4] efi: add a helper to generate dynamic UUIDs MIME-Version: 1.0 Message-Id: <20240426-b4-dynamic-uuid-v1-2-e8154e00ec44@linaro.org> References: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> In-Reply-To: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> To: Tom Rini , Heinrich Schuchardt , Ilias Apalodimas , Richard Hughes Cc: u-boot@lists.denx.de, Caleb Connolly X-Mailer: b4 0.14-dev X-Developer-Signature: v=1; a=openpgp-sha256; l=5086; i=caleb.connolly@linaro.org; h=from:subject:message-id; bh=BZqycRWqMsd1O7DfnNQx1DsKBKBx7coL3xHbhjoYLhQ=; b=owEBbQKS/ZANAwAIAQWDMSsZX2S2AcsmYgBmK7f9AIoUrzKS6tMKURnTGxWyl/MxAjvmMwmAb OZG5uGfdYmJAjMEAAEIAB0WIQS2UaFGPGq+0GkMVc0FgzErGV9ktgUCZiu3/QAKCRAFgzErGV9k tq88D/0QM7HGqxnyM6gZGqDaDvJ/qi1JH/inwxF/55FP3N67WJi23Hi4Ocq4BdvJXYUq75ZTE4K ph2ZggF35qAWawIIBgYSBoQuxHBQj05eqa2vfUYY1EQEkS6QLepTwqkln4gqcIpnhdx7eFCL822 YU8S0dqa3AJrb/PG1PnAqfnJI9AVIjZiQnJdSdP2ZJPVceAYnUKO0BVByFH3edFvAsFOd/Kh30f Ia1N4O+LAuWPjI+XE3LeTcOj4yskdwPATT3Ul3CTzqkSr3L3a2wPgjiD0HOP2dibcGpRkmMZ4sl tbLnkcgmay2wtgNEgbulLBo/xb8WPvGHVbWYHNFolz9AKOoPC3p4mktyGuWTx2FwCOn6ug1sZOM 3Sjdl9DEGcuxntqZBepVgjPsvIFOibrGfo/ARR43yrVM45LVuOf3SH7VB4SvNKoe9O5GBzzD4yE toE9EamE7bOfAmj9OCDGhux44DhKuaxzPEoa5UgOTGCfmmIaM8D0K6AZRnfgAKOL/p77D0lERIS yFxyTYMYFQ1nBKvTQ45wkjbjEo7gAG+udnau8w99rGjEr2hJVojE8iHnzJoEmadir+ENHA994qd 6FPQ+xK5hlc+ui24S94ZFeaLfaidFN+ayrvAfop3O92YmCsQDtGrHbq+hir6DPOmhIkoJCP9225 YH1/XtMGHjP5dPw== X-Developer-Key: i=caleb.connolly@linaro.org; a=openpgp; fpr=83B24DA7FE145076BC38BB250CD904EB673A7C47 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Introduce a new helper efi_capsule_update_info_gen_ids() which takes several strings to identify the currently running board as well as a platform specific salt UUID and uses this data to populate the capsule update fw images image_type_id field. This allows for determinstic UUIDs to be used that can scale to a large number of different boards and board variants without the need to maintain a big list. Generating capsule updates can be done using the same namespace, soc, model, compatible, and fw_image name strings. This is behind an additional config option as it depends on V5 UUIDs and the SHA1 implementation. Signed-off-by: Caleb Connolly --- include/efi_loader.h | 28 ++++++++++++++++++++++++++++ lib/efi_loader/Kconfig | 14 ++++++++++++++ lib/efi_loader/efi_capsule.c | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+) diff --git a/include/efi_loader.h b/include/efi_loader.h index 69442f4e58de..7d6b6ff83229 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -1125,8 +1125,36 @@ struct efi_capsule_update_info { }; extern struct efi_capsule_update_info update_info; +#if CONFIG_IS_ENABLED(EFI_CAPSULE_DYNAMIC_UUIDS) +/** + * efi_capsule_update_info_gen_ids - Generate image_type_id UUIDs + * for all firmware images based on a platform namespace UUID. + * + * @namespace: The arch/platform specific namespace salt. This should be + * hardcoded per platform and replaced by vendors. + * @soc: A string identifying the SoC used on this board. + * @model: The model string for the board. + * @compatible: The most specific (first) root compatible string. + * + * This can be called by board code to populate the image_type_id + * UUID fields deterministically based on the board's model. Allowing + * many boards to be supported without the need for a large hardcoded + * array of fw images. This works using v5 UUIDs. + */ +int efi_capsule_update_info_gen_ids(efi_guid_t *namespace, const char *soc, + const char *model, + const char *compatible); +#else +static inline int efi_capsule_update_info_gen_ids(efi_guid_t *namespace, const char *soc, + const char *model, + const char *compatible) +{ + return -ENOSYS; +} +#endif + /** * Install the ESRT system table. * * Return: status code diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index 430bb7f0f7dc..dd8fc1b08812 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -235,8 +235,22 @@ config EFI_CAPSULE_ON_DISK_EARLY If this option is enabled, capsules will be enforced to be executed as part of U-Boot initialisation so that they will surely take place whatever is set to distro_bootcmd. +config EFI_CAPSULE_DYNAMIC_UUIDS + bool "Dynamic UUIDs for capsules" + depends on EFI_HAVE_CAPSULE_SUPPORT + select UUID_GEN_V5 + help + Select this option if you want to use dynamically generated v5 + UUIDs for your board. To make use of this feature, your board + code should call efi_capsule_update_info_gen_ids() with a seed + UUID to generate the image_type_id field for each fw_image. + + The CapsuleUpdate payloads are expected to generate matching UUIDs + using the same scheme. + + config EFI_CAPSULE_FIRMWARE bool config EFI_CAPSULE_FIRMWARE_MANAGEMENT diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index de0d49ebebda..9ef67d1b4405 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -19,8 +19,9 @@ #include #include #include #include +#include #include #include #include @@ -403,8 +404,40 @@ out: return status; } #endif /* CONFIG_EFI_CAPSULE_AUTHENTICATE */ +#if CONFIG_IS_ENABLED(EFI_CAPSULE_DYNAMIC_UUIDS) +int efi_capsule_update_info_gen_ids(efi_guid_t *namespace, const char *soc, const char *model, const char *compatible) +{ + int i; + + if (!soc || !model || !compatible) { + log_err("%s: soc, model, or compatible not defined\n", __func__); + return -EINVAL; + } + + if (!update_info.num_images) { + log_err("%s: no fw_images, make sure update_info.num_images is set\n", __func__); + return -ENODATA; + } + + for (i = 0; i < update_info.num_images; i++) { + gen_uuid_v5((struct uuid*)namespace, + (struct uuid *)&update_info.images[i].image_type_id, + soc, strlen(soc), + model, strlen(model), + compatible, strlen(compatible), + update_info.images[i].fw_name, u16_strlen(update_info.images[i].fw_name), + NULL); + + log_debug("Image %ls generated UUID %pUs\n", update_info.images[i].fw_name, + &update_info.images[i].image_type_id); + } + + return 0; +} +#endif + static __maybe_unused bool fwu_empty_capsule(struct efi_capsule_header *capsule) { return !guidcmp(&capsule->capsule_guid, &fwu_guid_os_request_fw_revert) || From patchwork Fri Apr 26 14:19:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Caleb Connolly X-Patchwork-Id: 1928221 X-Patchwork-Delegate: apalos@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=jL+/Wlvi; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VQvyC2Hqpz1yZP for ; Sat, 27 Apr 2024 00:20:19 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 7B33289188; Fri, 26 Apr 2024 16:19:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="jL+/Wlvi"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id ED3EF89173; Fri, 26 Apr 2024 16:19:47 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id EDD7C87F4A for ; Fri, 26 Apr 2024 16:19:45 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=caleb.connolly@linaro.org Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-57225322312so3164316a12.1 for ; Fri, 26 Apr 2024 07:19:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714141185; x=1714745985; darn=lists.denx.de; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=CwTsInjpjudXn53fHxDK4wIbcKysXTmFLjOh/p+RuRs=; b=jL+/WlviIWlzcTVd0Cgh562J6dVidgRL1sSFkTVX1rIUIx1bo3K1/NU4JiOYK/oE3i ON+as+SF94jwnPGq3BBCXr/nLEo13GD6jbrTB7XdF7XQJW6/P+ilJuc3EpDRwBkclkFa a4Kzk+b+Th21uqyBSISxthG3D3KsfGqeYIomIPYFoDozYMHjHBgZ8l2lCSqn6QgGk2hK sfzV9sfpUpJhutI4U8zeYcYIMMD74G/En59BwRdCqEED0g3sErTL64fB/uI0890xnLHS +GfkJo2isRGk0p09KYdh4OcY+T6flAmoFSNA+v5vOdI2WcVfuoEVJlV37F2SN4FRHp44 paYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714141185; x=1714745985; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CwTsInjpjudXn53fHxDK4wIbcKysXTmFLjOh/p+RuRs=; b=CpOSaqr9NDN9HEUPTeHtF/IKfBdIfhdL5oniLoRSLTnLrlJgIVlOluCW65CBSHUAT4 LBCrOp0aV5mf5DbfMyNMwRQvsP4HFSFph7gZ7x7SL0X4zSCDEpbZR/UKO+ZNJRMiFHbZ +6kKFRsNd2EXDHPNVetfDHq8FDFGAxieIf4/Stl4mAqiWL/7ffEtavGy88r6+xEER8qz dZ2qQ5YbyNBFcWAM/KwnHdAd6iKE5bOUBwXlXkFBvDfkK//uAUjhgveFNIINnQxFPVl4 CmOTFzdqzw1JqTOwV6BHuFzs3+fSMWqQtTmsQYgBpAd8D1S1FXdg9LASCZaAhUHuVZ+s Rn9g== X-Gm-Message-State: AOJu0Yw05OuE33hn9J93HTwEbqA/ZfSBsnfA4j4nXvVwzcz1jZXRZXFf /aseNHneC3fC4nfDI7MY7GD+xx0L38B0VIO9MDx5u4i+V6ARnFw0BO9OwLk3eT4= X-Google-Smtp-Source: AGHT+IE3Lg+eTymjoBmP9edcoiUxdR6moVH3vO162hMJlev1ZUSZFc1Ok/cw9gFN7ccxnkxAd+Gn5Q== X-Received: by 2002:a50:cd54:0:b0:56d:e6f6:f73c with SMTP id d20-20020a50cd54000000b0056de6f6f73cmr1650219edj.42.1714141185591; Fri, 26 Apr 2024 07:19:45 -0700 (PDT) Received: from [192.168.0.113] ([2a02:8109:aa0d:be00::9b06]) by smtp.gmail.com with ESMTPSA id ds2-20020a0564021cc200b0057059d26756sm10041182edb.76.2024.04.26.07.19.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Apr 2024 07:19:45 -0700 (PDT) From: Caleb Connolly Date: Fri, 26 Apr 2024 16:19:37 +0200 Subject: [PATCH RFC 3/4] doc: uefi: document dynamic GUID generation MIME-Version: 1.0 Message-Id: <20240426-b4-dynamic-uuid-v1-3-e8154e00ec44@linaro.org> References: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> In-Reply-To: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> To: Tom Rini , Heinrich Schuchardt , Ilias Apalodimas , Richard Hughes Cc: u-boot@lists.denx.de, Caleb Connolly X-Mailer: b4 0.14-dev X-Developer-Signature: v=1; a=openpgp-sha256; l=2582; i=caleb.connolly@linaro.org; h=from:subject:message-id; bh=LpTzTY0m1P+CE2jca2MTSIniF4NLea/ir3Ovry4WRWk=; b=owEBbQKS/ZANAwAIAQWDMSsZX2S2AcsmYgBmK7f9MiwAwCGbX6eJYwWMR+rrF0dW0TgKFn7mv lPMPhjhgDSJAjMEAAEIAB0WIQS2UaFGPGq+0GkMVc0FgzErGV9ktgUCZiu3/QAKCRAFgzErGV9k tkxKD/4hiSFC3tQndAMvuplSrWO5N+u5e7AYG6vlBp/L71l//aGgwdAfS9ALvaA+/sR/y+Kdt5S dw1oTTrdEBIm8HnTKGN8b8sz5nX/mHUbDbiPuqO9+5gglDdp9p14ruGxu8EZkS6yqXrsheXd9Vf RvNYMg9FuxWB0q/Klbr++4FR7hUe8sqkXfJgUl233CJqJfv9Qdj044WC0MxHG3UCVUXWQJIsZVP 1tpnwp2149T5QeQT0RlmGPRLF+rLOsddjYxqmB3AFWcblzpNQVnihfye0bUkZYutHV1mTWCXrGm gUEdzMk7RK5TbtoVN+3+c8AXnx10LGsqgz14EC1qO+aVRqGrsyq3L9Dlnobbcsx1o3TEZTT6kBj DreuDummaO+jSs9OU8SGpIAngT9fCfN2+nbjRViL/eCzna79zi1cI4qG2+d21/I/fq0TjKnTw2l fmXVSaSUD1Quf4zT76ijWdyJRyhxjmOx7uDcPDmN6d9hAaAigZ/lQ4l4/TpfXbfSVGmQvZcQnBM VSzKe5ALr5K4L83S38pLwVyN6HBgMwNV/FLJeN8qVBasbts++uPEBnmkqO21alUPIiZrjEnUaDp rN7pSUj6r5KgiGQwX1QQB7vzREQ5RNc9S2zs6BxLOGEPsqmGjpbykL2yOj1c/Wk0ghEsKITTxQ6 e5E9A43KjfKRcYA== X-Developer-Key: i=caleb.connolly@linaro.org; a=openpgp; fpr=83B24DA7FE145076BC38BB250CD904EB673A7C47 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Document how platforms can generate GUIDs at runtime rather than maintaining a list of GUIDs per-board. Signed-off-by: Caleb Connolly Reviewed-by: Ilias Apalodimas --- doc/develop/uefi/uefi.rst | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index 0389b269c01b..52076fb4c106 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -448,8 +448,43 @@ the location of the firmware updates is not a very secure practice. Getting this information from the firmware itself is more secure, assuming the firmware has been verified by a previous stage boot loader. +The image_type_id contains a GUID value which is specific to the image +and board being updated, that is to say it should uniquely identify the +board model (and revision if relevant) and image pair. Traditionally, +these GUIDs are generated manually and hardcoded on a per-board basis, +however this scheme makes it difficult to scale up to support many +boards. + +To address this, v5 GUIDs can be used to generate board-specific GUIDs +at runtime, based on a set of persistent identifiable information: + +.. code-block:: c + + /** + * efi_capsule_update_info_gen_ids - Generate image_type_id UUIDs + * for all firmware images based on a platform namespace UUID. + * + * @namespace: The arch/platform specific namespace salt. This should be + * hardcoded per platform and replaced by vendors. + * @soc: A string identifying the SoC used on this board. + * @model: The model string for the board. + * @compatible: The most specific (first) root compatible string. + * + * This can be called by board code to populate the image_type_id + * UUID fields deterministically based on the board's model. Allowing + * many boards to be supported without the need for a large hardcoded + * array of fw images. This works using v5 UUIDs. + */ + int efi_capsule_update_info_gen_ids(efi_guid_t *namespace, const char *soc, + const char *model, + const char *compatible); + +These strings are combined with the fw_image name to generate GUIDs for +each image. This function should be called during board init, before the +EFI subsystem is initialised. + The firmware images structure defines the GUID values, image index values and the name of the images that are to be updated through the capsule update feature. These values are to be defined as part of an array. These GUID values would be used by the Firmware Management From patchwork Fri Apr 26 14:19:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Caleb Connolly X-Patchwork-Id: 1928222 X-Patchwork-Delegate: apalos@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=tHR2vagO; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VQvyQ3zQKz1yZP for ; Sat, 27 Apr 2024 00:20:30 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id DB44989191; Fri, 26 Apr 2024 16:19:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="tHR2vagO"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E14BD8915E; Fri, 26 Apr 2024 16:19:48 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id F06128916C for ; Fri, 26 Apr 2024 16:19:46 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=caleb.connolly@linaro.org Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-a51f9ad7684so148452766b.2 for ; Fri, 26 Apr 2024 07:19:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1714141186; x=1714745986; darn=lists.denx.de; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=3Y8/39cJ/XbEfKQUYQpKfPZueeODoQuUVuK6ghcCumU=; b=tHR2vagO2RiEqEKvabBsdDe5WhjFRONxfaDuszmaZWo4Fn0EBVBZ9Zay+DAKrsVE8n PTey7xalGKiz6oS4quyhlqs9nzgc3IxlCWm83k0fFNn0XJTPmKPqw9A5keWbXGH2W1Sv xHQxseJv7ZikRRJjeZoAO+UsFZpk2pDyhJaQkN3QeynlhqBUWTheqPWYWMUhskapKE+N yzyYfaPyjN4b+joQ1LXpNv7OXObobNWC4sPJAGEjPCckMcZcmPb+1zesRUA5Dj1Z3V/F fEjSbcXiOLa3VZxQnTr6/rPA+Ip6eSnw+qk/q1C1ltFLy3z0ry6c4ZuWhApmlzNqSO09 nwKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714141186; x=1714745986; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3Y8/39cJ/XbEfKQUYQpKfPZueeODoQuUVuK6ghcCumU=; b=nuJa4M778fQ8TTxC46F0rcWt7A3JTn1BMKgGdzU4mk1XtLNpEqHaPIiIlKXAECvgws 4iUjuEru6vqk9koxbUDIA63m/QxwiUn9AEN01jBpH8w/irxwVtA6TIJD1D80swe6HVBe Ybpymf9OsFpg7dBQuh45/yU98MD5iMRQhbM0b/He4isvSleK6ObQEoichCRj0efyfVpM QYRmQs3eW6E9uDp8/zWtKVXMu51+kO3cvhYlbn2gr/bZ/UKsUsRLJjqL7Zosn8UqwV4Y zrRDvrSOOROkmDbHWjKVZE4hu3urtW2DRLIikxnw/HwHjnCYXW/9597dgwYVJfLaB/kU H4jQ== X-Gm-Message-State: AOJu0YxLOsSFD8H7Wk8q8siauttBhyI6omdBxTai2hRUHmAXl5Oxq3iT dEzeT68ZMFQNcDuM72P6jWCx0iEz5ursw43MDkyIdH/5/afsN2OvkYI3LOpT0Dl9k6IYa7McRcb /VlRdJg== X-Google-Smtp-Source: AGHT+IFEIAky7p1NWqpzRK6Z9bty+lXmyCO8hT5F8vKosxkWw+PVLvOTiBACczfr9VJSncC5pqvkOQ== X-Received: by 2002:a50:ba88:0:b0:570:3bb:e099 with SMTP id x8-20020a50ba88000000b0057003bbe099mr2755189ede.1.1714141186485; Fri, 26 Apr 2024 07:19:46 -0700 (PDT) Received: from [192.168.0.113] ([2a02:8109:aa0d:be00::9b06]) by smtp.gmail.com with ESMTPSA id ds2-20020a0564021cc200b0057059d26756sm10041182edb.76.2024.04.26.07.19.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Apr 2024 07:19:46 -0700 (PDT) From: Caleb Connolly Date: Fri, 26 Apr 2024 16:19:38 +0200 Subject: [PATCH RFC 4/4] sandbox: switch to dynamic UUIDs MIME-Version: 1.0 Message-Id: <20240426-b4-dynamic-uuid-v1-4-e8154e00ec44@linaro.org> References: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> In-Reply-To: <20240426-b4-dynamic-uuid-v1-0-e8154e00ec44@linaro.org> To: Tom Rini , Heinrich Schuchardt , Ilias Apalodimas , Richard Hughes Cc: u-boot@lists.denx.de, Caleb Connolly X-Mailer: b4 0.14-dev X-Developer-Signature: v=1; a=openpgp-sha256; l=2566; i=caleb.connolly@linaro.org; h=from:subject:message-id; bh=E29aV3hWmEHhJMw6u12fMNE/7DMvKk2T1uEAZEN8hmQ=; b=owEBbQKS/ZANAwAIAQWDMSsZX2S2AcsmYgBmK7f9/WvzgTExC96OZ6YMZwevx7rRdWSIRFLbL nA/E6V4oHSJAjMEAAEIAB0WIQS2UaFGPGq+0GkMVc0FgzErGV9ktgUCZiu3/QAKCRAFgzErGV9k tm+vEAChI75+4mOd76OnwamKWAUljhRgq5sA8I720VtLs1Avsa7mEwwKVZXd1NUTH5FqyOKQfzi vb44NmYVJsV1SVH9dbqxknAIyJsRkj9Y8od7q9zK9Mj4fZwmV4LtZ4GI8CWufTu6NQAcB8KXkVU OUKg4eaR1HHWuxTsHr/6TocZnQd4dNI0aIYPjDMz9Zipo4N54DXjWTmgeqcLcyzfhY6DqTYaKoo E/y1q8qI8XVIQVglRyJWL8vovCCW21/cCHx0XfVQ5LMSVnJboxgJGUkfS7HXBbG6KzF09wqVpEq I3NWrjPc6I2Ud0PEJ8mfuWLRWMIUb9oFloIEXRuxUU71ySsOAgy1MyEplTyHzmGRkx8zE15JGkD qWh/XNqEqMPXmxLB297E2lYDQML4kO2CoysCl+plZqGXqB2ORIaWpEC2GocJdMi9plpXziMKuWK R/d5+gUnMCqk4nE1uHKpw0y5bKKzlQWSKvXRZsbnS2q7idFt8yOMlJxoZ74C3kS8ETEXlTyqj8Q ELfIscsvN8ctkTPLSF6JLkEDUXlsTNn04rLJCuRQy90LUhGW0yIEg8QHXEWXaaMSOImLiXGXS6f hFT4nCim1fbT+/MlqngkzTiCJu2RPweM0Oc8m7UUID/lHp/C4+wHNQNN8qXnRWOFaCpvg4JTnqC IHyajdku7/DVADQ== X-Developer-Key: i=caleb.connolly@linaro.org; a=openpgp; fpr=83B24DA7FE145076BC38BB250CD904EB673A7C47 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Migrate sandbox over to generating it's capsule update image GUIDs dynamically rather than using a set of hardcoded ones. Signed-off-by: Caleb Connolly Reviewed-by: Ilias Apalodimas --- arch/Kconfig | 1 + board/sandbox/sandbox.c | 28 +++++++++++++++------------- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/arch/Kconfig b/arch/Kconfig index abd406d48841..0558c90540b6 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -164,8 +164,9 @@ config SANDBOX select SYS_CACHE_SHIFT_4 select IRQ select SUPPORT_EXTENSION_SCAN if CMDLINE select SUPPORT_ACPI + select EFI_CAPSULE_DYNAMIC_UUIDS if EFI_HAVE_CAPSULE_SUPPORT imply BITREVERSE select BLOBLIST imply LTO imply CMD_DM diff --git a/board/sandbox/sandbox.c b/board/sandbox/sandbox.c index 802596569c64..68a99ce1fc07 100644 --- a/board/sandbox/sandbox.c +++ b/board/sandbox/sandbox.c @@ -31,36 +31,24 @@ */ gd_t *gd; #if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT) -/* GUIDs for capsule updatable firmware images */ -#define SANDBOX_UBOOT_IMAGE_GUID \ +#define SANDBOX_CAPSULE_UPDATE_SALT \ EFI_GUID(0x09d7cf52, 0x0720, 0x4710, 0x91, 0xd1, \ 0x08, 0x46, 0x9b, 0x7f, 0xe9, 0xc8) -#define SANDBOX_UBOOT_ENV_IMAGE_GUID \ - EFI_GUID(0x5a7021f5, 0xfef2, 0x48b4, 0xaa, 0xba, \ - 0x83, 0x2e, 0x77, 0x74, 0x18, 0xc0) - -#define SANDBOX_FIT_IMAGE_GUID \ - EFI_GUID(0x3673b45d, 0x6a7c, 0x46f3, 0x9e, 0x60, \ - 0xad, 0xab, 0xb0, 0x3f, 0x79, 0x37) - struct efi_fw_image fw_images[] = { #if defined(CONFIG_EFI_CAPSULE_FIRMWARE_RAW) { - .image_type_id = SANDBOX_UBOOT_IMAGE_GUID, .fw_name = u"SANDBOX-UBOOT", .image_index = 1, }, { - .image_type_id = SANDBOX_UBOOT_ENV_IMAGE_GUID, .fw_name = u"SANDBOX-UBOOT-ENV", .image_index = 2, }, #elif defined(CONFIG_EFI_CAPSULE_FIRMWARE_FIT) { - .image_type_id = SANDBOX_FIT_IMAGE_GUID, .fw_name = u"SANDBOX-FIT", .image_index = 1, }, #endif @@ -122,8 +110,22 @@ int dram_init(void) } int board_init(void) { + int ret; + + if (CONFIG_IS_ENABLED(EFI_HAVE_CAPSULE_SUPPORT)) { + efi_guid_t salt_guid = SANDBOX_CAPSULE_UPDATE_SALT; + + ret = efi_capsule_update_info_gen_ids(&salt_guid, + "sandbox", + ofnode_read_string(ofnode_root(), "model"), + ofnode_read_string(ofnode_root(), "compatible")); + if (ret) { + printf("Failed to generate GUIDs: %d\n", ret); + return ret; + } + } return 0; } int ft_board_setup(void *fdt, struct bd_info *bd)