All required components are in place, so we can now
add all necessary dependencies to build and use capsule support
for Armada7k8k platforms. It is conditionally enabled
with '-D CAPSULE_ENABLE' flag added during build time.
Because the capsule generation must be sequential,
due to boot requirements and glueing all binaries
(BLE, ARM-TF, BL33) externally, introduce additional
.dsc and .fdf file solely for creating the capsule.
In order to build the capsule following parameters
must be passed to the build command of the common file
Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc:
-D PLATFORM_NAME=<previously built platform name with capsule support>
-D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marcin Wojtas <mw@semihalf.com>
Signed-off-by: David Sniatkiwicz <davidsn@marvell.com>
---
Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++
Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++
Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++
Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++
4 files changed, 223 insertions(+)
diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
index bf04f4d..e5e5443 100644
--- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
+++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
@@ -201,6 +201,15 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c
INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
INF MdeModulePkg/Application/UiApp/UiApp.inf
+!if $(CAPSULE_ENABLE)
+ # Firmware update
+ INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+ INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
+ FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
+ SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
+ SECTION UI = "Pkcs7TestRoot"
+ }
+!endif
# PEI phase firmware volume
[FV.FVMAIN_COMPACT]
@@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE
INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
INF ArmPkg/Drivers/CpuPei/CpuPei.inf
INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
+!if $(CAPSULE_ENABLE)
+ INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
+ INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
+ INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
+!endif
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
@@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE
}
}
+!if $(CAPSULE_ENABLE)
+[FV.SystemFirmwareDescriptor]
+FvAlignment = 8
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
+
+[FV.CapsuleDispatchFv]
+FvAlignment = 8
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
+
+!endif
+
################################################################################
#
# Rules are use with the [FV] section's module INF type to define
@@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE
UI STRING ="$(MODULE_NAME)" Optional
PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
}
+
+[Rule.Common.PEIM.FMP_IMAGE_DESC]
+ FILE PEIM = $(NAMED_GUID) {
+ RAW BIN |.acpi
+ PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
index 8fb912b..75fa3d4 100644
--- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
+++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
@@ -42,8 +42,23 @@
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
+!if $(CAPSULE_ENABLE)
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+ EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+ IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
+ PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf
+!endif
+
# Basic utility libraries
BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
+!if $(CAPSULE_ENABLE)
+ BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
+!endif
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
@@ -199,7 +214,11 @@
[LibraryClasses.common.DXE_RUNTIME_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+!if $(CAPSULE_ENABLE)
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
+!else
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
+!endif
!if $(TARGET) != RELEASE
DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
!endif
@@ -376,6 +395,13 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000
+!if $(CAPSULE_ENABLE)
+[PcdsDynamicExDefault.common.DEFAULT]
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, 0x9e, 0x06, 0xc7}
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, 0xf3, 0x09, 0x40}
+!endif
+
################################################################################
#
# Components Section - list of all EDK II Modules needed by this Platform
@@ -394,6 +420,11 @@
ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
ArmPkg/Drivers/CpuPei/CpuPei.inf
MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
+!if $(CAPSULE_ENABLE)
+ MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
+ MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
+ Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
+!endif
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
@@ -503,6 +534,16 @@
NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
}
+!if $(CAPSULE_ENABLE)
+ MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+ SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
+ SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
+ <LibraryClasses>
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+ }
+ MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
+!endif
+
#
# Variable services
#
diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
new file mode 100644
index 0000000..0498bce
--- /dev/null
+++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
@@ -0,0 +1,46 @@
+#Copyright (C) 2018 Marvell International Ltd.
+#
+#Marvell BSD License Option
+#
+#If you received this File from Marvell, you may opt to use, redistribute and/or
+#modify this File under the following licensing terms.
+#Redistribution and use in source and binary forms, with or without modification,
+#are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# * Neither the name of Marvell nor the names of its contributors may be
+# used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+################################################################################
+#
+# Defines Section - statements that will be processed to create a Makefile.
+#
+################################################################################
+[Defines]
+ PLATFORM_NAME = ${PLATFORM_NAME}
+ PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3
+ PLATFORM_VERSION = 0.1
+ DSC_SPECIFICATION = 0x00010019
+ OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH)
+ SUPPORTED_ARCHITECTURES = AARCH64|ARM
+ BUILD_TARGETS = DEBUG|RELEASE
+ SKUID_IDENTIFIER = DEFAULT
+ FLASH_DEFINITION = Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
new file mode 100644
index 0000000..c57f7dd
--- /dev/null
+++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
@@ -0,0 +1,70 @@
+#
+# Copyright (C) Marvell International Ltd. and its affiliates
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+
+[FD.Armada_Capsule]
+BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash.
+Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device
+ErasePolarity = 1
+
+0x00000000|0x00010000
+FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv
+
+0x00100000|0x00300000
+FILE = $(ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX)
+
+[FV.SystemFirmwareUpdateCargo]
+FvAlignment = 8
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # PcdEdkiiSystemFirmwareFileGuid
+ FD = Armada_Capsule
+ }
+
+ FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
+ $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv
+ }
+
+ FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
+ Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
+ }
+
+[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
+IMAGE_HEADER_INIT_VERSION = 0x02
+IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # PcdSystemFmpCapsuleImageTypeIdGuid
+IMAGE_INDEX = 0x1
+HARDWARE_INSTANCE = 0x0
+MONOTONIC_COUNT = 0x1
+CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
+
+ FV = SystemFirmwareUpdateCargo
+
+[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7]
+CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
+CAPSULE_HEADER_SIZE = 0x20
+CAPSULE_HEADER_INIT_VERSION = 0x1
+
+ FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
+
--
2.7.4
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
On 4 June 2018 at 18:41, Marcin Wojtas <mw@semihalf.com> wrote:
> All required components are in place, so we can now
> add all necessary dependencies to build and use capsule support
> for Armada7k8k platforms. It is conditionally enabled
> with '-D CAPSULE_ENABLE' flag added during build time.
>
> Because the capsule generation must be sequential,
> due to boot requirements and glueing all binaries
> (BLE, ARM-TF, BL33) externally, introduce additional
> .dsc and .fdf file solely for creating the capsule.
>
> In order to build the capsule following parameters
> must be passed to the build command of the common file
> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc:
>
> -D PLATFORM_NAME=<previously built platform name with capsule support>
> -D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin>
>
I think there was some miscommunication here:
- PREFIX is not a full path, it is a prefix. So in this case, the
'flash-image.bin' part should still be hardcoded, but the DEFINE
allows you to specify its location in the directory tree.
- apologies for bikeshedding/disagreeing with what Leif said
previously, but ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX is not appropriate
here, given that flash-image.bin is the entire firmware image, so
ARM-TF, UEFI, and other bits and pieces that make up the full image. I
understand that Leif wants a generic prefix, but using it in
completely different ways (ARM-TF fip vs the entire firmware image)
defeats the purpose of that.
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
> Signed-off-by: David Sniatkiwicz <davidsn@marvell.com>
> ---
> Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++
> Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++
> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++
> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++
> 4 files changed, 223 insertions(+)
>
> diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> index bf04f4d..e5e5443 100644
> --- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> +++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> @@ -201,6 +201,15 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c
> INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
> INF MdeModulePkg/Application/UiApp/UiApp.inf
>
> +!if $(CAPSULE_ENABLE)
> + # Firmware update
> + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> + FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
> + SECTION UI = "Pkcs7TestRoot"
> + }
> +!endif
>
> # PEI phase firmware volume
> [FV.FVMAIN_COMPACT]
> @@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE
> INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
> INF ArmPkg/Drivers/CpuPei/CpuPei.inf
> INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
> +!if $(CAPSULE_ENABLE)
> + INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
> + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>
> FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
> @@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE
> }
> }
>
> +!if $(CAPSULE_ENABLE)
> +[FV.SystemFirmwareDescriptor]
> +FvAlignment = 8
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +
> +[FV.CapsuleDispatchFv]
> +FvAlignment = 8
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
> +
> +!endif
> +
> ################################################################################
> #
> # Rules are use with the [FV] section's module INF type to define
> @@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE
> UI STRING ="$(MODULE_NAME)" Optional
> PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> }
> +
> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
> + FILE PEIM = $(NAMED_GUID) {
> + RAW BIN |.acpi
> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> index 8fb912b..75fa3d4 100644
> --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> @@ -42,8 +42,23 @@
> DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
>
> +!if $(CAPSULE_ENABLE)
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
> + PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf
> +!endif
> +
> # Basic utility libraries
> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
> +!if $(CAPSULE_ENABLE)
> + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> +!endif
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
> PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> @@ -199,7 +214,11 @@
> [LibraryClasses.common.DXE_RUNTIME_DRIVER]
> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> +!if $(CAPSULE_ENABLE)
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> +!else
> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> +!endif
> !if $(TARGET) != RELEASE
> DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
> !endif
> @@ -376,6 +395,13 @@
> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000
> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000
>
> +!if $(CAPSULE_ENABLE)
> +[PcdsDynamicExDefault.common.DEFAULT]
> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, 0x9e, 0x06, 0xc7}
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, 0xf3, 0x09, 0x40}
> +!endif
> +
> ################################################################################
> #
> # Components Section - list of all EDK II Modules needed by this Platform
> @@ -394,6 +420,11 @@
> ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
> ArmPkg/Drivers/CpuPei/CpuPei.inf
> MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
> +!if $(CAPSULE_ENABLE)
> + MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
> + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
> <LibraryClasses>
> NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
> @@ -503,6 +534,16 @@
> NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
> }
>
> +!if $(CAPSULE_ENABLE)
> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
> + <LibraryClasses>
> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
> + }
> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> +!endif
> +
> #
> # Variable services
> #
> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
> new file mode 100644
> index 0000000..0498bce
> --- /dev/null
> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
> @@ -0,0 +1,46 @@
> +#Copyright (C) 2018 Marvell International Ltd.
> +#
> +#Marvell BSD License Option
> +#
> +#If you received this File from Marvell, you may opt to use, redistribute and/or
> +#modify this File under the following licensing terms.
> +#Redistribution and use in source and binary forms, with or without modification,
> +#are permitted provided that the following conditions are met:
> +#
> +# * Redistributions of source code must retain the above copyright notice,
> +# this list of conditions and the following disclaimer.
> +#
> +# * Redistributions in binary form must reproduce the above copyright
> +# notice, this list of conditions and the following disclaimer in the
> +# documentation and/or other materials provided with the distribution.
> +#
> +# * Neither the name of Marvell nor the names of its contributors may be
> +# used to endorse or promote products derived from this software without
> +# specific prior written permission.
> +#
> +#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
> +#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
> +#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
> +#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
> +#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
> +#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
> +#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
> +#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> +#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
> +#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> +#
> +################################################################################
> +#
> +# Defines Section - statements that will be processed to create a Makefile.
> +#
> +################################################################################
> +[Defines]
> + PLATFORM_NAME = ${PLATFORM_NAME}
> + PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3
> + PLATFORM_VERSION = 0.1
> + DSC_SPECIFICATION = 0x00010019
> + OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH)
> + SUPPORTED_ARCHITECTURES = AARCH64|ARM
> + BUILD_TARGETS = DEBUG|RELEASE
> + SKUID_IDENTIFIER = DEFAULT
> + FLASH_DEFINITION = Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> new file mode 100644
> index 0000000..c57f7dd
> --- /dev/null
> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> @@ -0,0 +1,70 @@
> +#
> +# Copyright (C) Marvell International Ltd. and its affiliates
> +#
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD License
> +# which accompanies this distribution. The full text of the license may be found at
> +# http://opensource.org/licenses/bsd-license.php
> +#
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +
> +[FD.Armada_Capsule]
> +BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash.
> +Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device
> +ErasePolarity = 1
> +
> +0x00000000|0x00010000
> +FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv
> +
> +0x00100000|0x00300000
> +FILE = $(ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX)
> +
> +[FV.SystemFirmwareUpdateCargo]
> +FvAlignment = 8
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> + FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # PcdEdkiiSystemFirmwareFileGuid
> + FD = Armada_Capsule
> + }
> +
> + FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
> + $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv
> + }
> +
> + FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
> + }
> +
> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
> +IMAGE_HEADER_INIT_VERSION = 0x02
> +IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # PcdSystemFmpCapsuleImageTypeIdGuid
> +IMAGE_INDEX = 0x1
> +HARDWARE_INSTANCE = 0x0
> +MONOTONIC_COUNT = 0x1
> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
> +
> + FV = SystemFirmwareUpdateCargo
> +
> +[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7]
> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
> +CAPSULE_HEADER_SIZE = 0x20
> +CAPSULE_HEADER_INIT_VERSION = 0x1
> +
> + FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
> +
> --
> 2.7.4
>
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Ard,
2018-06-04 18:47 GMT+02:00 Ard Biesheuvel <ard.biesheuvel@linaro.org>:
> On 4 June 2018 at 18:41, Marcin Wojtas <mw@semihalf.com> wrote:
>> All required components are in place, so we can now
>> add all necessary dependencies to build and use capsule support
>> for Armada7k8k platforms. It is conditionally enabled
>> with '-D CAPSULE_ENABLE' flag added during build time.
>>
>> Because the capsule generation must be sequential,
>> due to boot requirements and glueing all binaries
>> (BLE, ARM-TF, BL33) externally, introduce additional
>> .dsc and .fdf file solely for creating the capsule.
>>
>> In order to build the capsule following parameters
>> must be passed to the build command of the common file
>> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc:
>>
>> -D PLATFORM_NAME=<previously built platform name with capsule support>
>> -D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin>
>>
>
> I think there was some miscommunication here:
>
> - PREFIX is not a full path, it is a prefix. So in this case, the
> 'flash-image.bin' part should still be hardcoded, but the DEFINE
> allows you to specify its location in the directory tree.
> - apologies for bikeshedding/disagreeing with what Leif said
> previously, but ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX is not appropriate
> here, given that flash-image.bin is the entire firmware image, so
> ARM-TF, UEFI, and other bits and pieces that make up the full image. I
> understand that Leif wants a generic prefix, but using it in
> completely different ways (ARM-TF fip vs the entire firmware image)
> defeats the purpose of that.
>
So is passing a full path a valid way for you?
If yes, how a about following parameter name: 'FIRMWARE_IMAGE_PATH' ?
Best regards,
Marcin
>
>
>> Contributed-under: TianoCore Contribution Agreement 1.1
>> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
>> Signed-off-by: David Sniatkiwicz <davidsn@marvell.com>
>> ---
>> Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++
>> Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++
>> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++
>> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++
>> 4 files changed, 223 insertions(+)
>>
>> diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
>> index bf04f4d..e5e5443 100644
>> --- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
>> +++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
>> @@ -201,6 +201,15 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c
>> INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
>> INF MdeModulePkg/Application/UiApp/UiApp.inf
>>
>> +!if $(CAPSULE_ENABLE)
>> + # Firmware update
>> + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
>> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
>> + FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
>> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
>> + SECTION UI = "Pkcs7TestRoot"
>> + }
>> +!endif
>>
>> # PEI phase firmware volume
>> [FV.FVMAIN_COMPACT]
>> @@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE
>> INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
>> INF ArmPkg/Drivers/CpuPei/CpuPei.inf
>> INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
>> +!if $(CAPSULE_ENABLE)
>> + INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
>> + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
>> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
>> +!endif
>> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>>
>> FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
>> @@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE
>> }
>> }
>>
>> +!if $(CAPSULE_ENABLE)
>> +[FV.SystemFirmwareDescriptor]
>> +FvAlignment = 8
>> +ERASE_POLARITY = 1
>> +MEMORY_MAPPED = TRUE
>> +STICKY_WRITE = TRUE
>> +LOCK_CAP = TRUE
>> +LOCK_STATUS = TRUE
>> +WRITE_DISABLED_CAP = TRUE
>> +WRITE_ENABLED_CAP = TRUE
>> +WRITE_STATUS = TRUE
>> +WRITE_LOCK_CAP = TRUE
>> +WRITE_LOCK_STATUS = TRUE
>> +READ_DISABLED_CAP = TRUE
>> +READ_ENABLED_CAP = TRUE
>> +READ_STATUS = TRUE
>> +READ_LOCK_CAP = TRUE
>> +READ_LOCK_STATUS = TRUE
>> +
>> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
>> +
>> +[FV.CapsuleDispatchFv]
>> +FvAlignment = 8
>> +ERASE_POLARITY = 1
>> +MEMORY_MAPPED = TRUE
>> +STICKY_WRITE = TRUE
>> +LOCK_CAP = TRUE
>> +LOCK_STATUS = TRUE
>> +WRITE_DISABLED_CAP = TRUE
>> +WRITE_ENABLED_CAP = TRUE
>> +WRITE_STATUS = TRUE
>> +WRITE_LOCK_CAP = TRUE
>> +WRITE_LOCK_STATUS = TRUE
>> +READ_DISABLED_CAP = TRUE
>> +READ_ENABLED_CAP = TRUE
>> +READ_STATUS = TRUE
>> +READ_LOCK_CAP = TRUE
>> +READ_LOCK_STATUS = TRUE
>> +
>> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
>> +
>> +!endif
>> +
>> ################################################################################
>> #
>> # Rules are use with the [FV] section's module INF type to define
>> @@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE
>> UI STRING ="$(MODULE_NAME)" Optional
>> PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
>> }
>> +
>> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
>> + FILE PEIM = $(NAMED_GUID) {
>> + RAW BIN |.acpi
>> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
>> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
>> + UI STRING="$(MODULE_NAME)" Optional
>> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
>> + }
>> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
>> index 8fb912b..75fa3d4 100644
>> --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
>> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
>> @@ -42,8 +42,23 @@
>> DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
>>
>> +!if $(CAPSULE_ENABLE)
>> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
>> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
>> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
>> + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
>> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
>> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
>> + PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf
>> +!endif
>> +
>> # Basic utility libraries
>> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
>> +!if $(CAPSULE_ENABLE)
>> + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
>> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
>> +!endif
>> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
>> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
>> PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
>> @@ -199,7 +214,11 @@
>> [LibraryClasses.common.DXE_RUNTIME_DRIVER]
>> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
>> +!if $(CAPSULE_ENABLE)
>> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
>> +!else
>> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
>> +!endif
>> !if $(TARGET) != RELEASE
>> DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
>> !endif
>> @@ -376,6 +395,13 @@
>> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000
>> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000
>>
>> +!if $(CAPSULE_ENABLE)
>> +[PcdsDynamicExDefault.common.DEFAULT]
>> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
>> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, 0x9e, 0x06, 0xc7}
>> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, 0xf3, 0x09, 0x40}
>> +!endif
>> +
>> ################################################################################
>> #
>> # Components Section - list of all EDK II Modules needed by this Platform
>> @@ -394,6 +420,11 @@
>> ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
>> ArmPkg/Drivers/CpuPei/CpuPei.inf
>> MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
>> +!if $(CAPSULE_ENABLE)
>> + MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
>> + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
>> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
>> +!endif
>> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
>> <LibraryClasses>
>> NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
>> @@ -503,6 +534,16 @@
>> NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
>> }
>>
>> +!if $(CAPSULE_ENABLE)
>> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
>> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
>> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
>> + <LibraryClasses>
>> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
>> + }
>> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
>> +!endif
>> +
>> #
>> # Variable services
>> #
>> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
>> new file mode 100644
>> index 0000000..0498bce
>> --- /dev/null
>> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
>> @@ -0,0 +1,46 @@
>> +#Copyright (C) 2018 Marvell International Ltd.
>> +#
>> +#Marvell BSD License Option
>> +#
>> +#If you received this File from Marvell, you may opt to use, redistribute and/or
>> +#modify this File under the following licensing terms.
>> +#Redistribution and use in source and binary forms, with or without modification,
>> +#are permitted provided that the following conditions are met:
>> +#
>> +# * Redistributions of source code must retain the above copyright notice,
>> +# this list of conditions and the following disclaimer.
>> +#
>> +# * Redistributions in binary form must reproduce the above copyright
>> +# notice, this list of conditions and the following disclaimer in the
>> +# documentation and/or other materials provided with the distribution.
>> +#
>> +# * Neither the name of Marvell nor the names of its contributors may be
>> +# used to endorse or promote products derived from this software without
>> +# specific prior written permission.
>> +#
>> +#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
>> +#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
>> +#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
>> +#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
>> +#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
>> +#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
>> +#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
>> +#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>> +#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
>> +#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>> +#
>> +################################################################################
>> +#
>> +# Defines Section - statements that will be processed to create a Makefile.
>> +#
>> +################################################################################
>> +[Defines]
>> + PLATFORM_NAME = ${PLATFORM_NAME}
>> + PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3
>> + PLATFORM_VERSION = 0.1
>> + DSC_SPECIFICATION = 0x00010019
>> + OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH)
>> + SUPPORTED_ARCHITECTURES = AARCH64|ARM
>> + BUILD_TARGETS = DEBUG|RELEASE
>> + SKUID_IDENTIFIER = DEFAULT
>> + FLASH_DEFINITION = Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
>> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
>> new file mode 100644
>> index 0000000..c57f7dd
>> --- /dev/null
>> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
>> @@ -0,0 +1,70 @@
>> +#
>> +# Copyright (C) Marvell International Ltd. and its affiliates
>> +#
>> +# This program and the accompanying materials
>> +# are licensed and made available under the terms and conditions of the BSD License
>> +# which accompanies this distribution. The full text of the license may be found at
>> +# http://opensource.org/licenses/bsd-license.php
>> +#
>> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>> +#
>> +
>> +[FD.Armada_Capsule]
>> +BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash.
>> +Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device
>> +ErasePolarity = 1
>> +
>> +0x00000000|0x00010000
>> +FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv
>> +
>> +0x00100000|0x00300000
>> +FILE = $(ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX)
>> +
>> +[FV.SystemFirmwareUpdateCargo]
>> +FvAlignment = 8
>> +ERASE_POLARITY = 1
>> +MEMORY_MAPPED = TRUE
>> +STICKY_WRITE = TRUE
>> +LOCK_CAP = TRUE
>> +LOCK_STATUS = TRUE
>> +WRITE_DISABLED_CAP = TRUE
>> +WRITE_ENABLED_CAP = TRUE
>> +WRITE_STATUS = TRUE
>> +WRITE_LOCK_CAP = TRUE
>> +WRITE_LOCK_STATUS = TRUE
>> +READ_DISABLED_CAP = TRUE
>> +READ_ENABLED_CAP = TRUE
>> +READ_STATUS = TRUE
>> +READ_LOCK_CAP = TRUE
>> +READ_LOCK_STATUS = TRUE
>> +
>> + FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # PcdEdkiiSystemFirmwareFileGuid
>> + FD = Armada_Capsule
>> + }
>> +
>> + FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
>> + $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv
>> + }
>> +
>> + FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
>> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
>> + }
>> +
>> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
>> +IMAGE_HEADER_INIT_VERSION = 0x02
>> +IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # PcdSystemFmpCapsuleImageTypeIdGuid
>> +IMAGE_INDEX = 0x1
>> +HARDWARE_INSTANCE = 0x0
>> +MONOTONIC_COUNT = 0x1
>> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
>> +
>> + FV = SystemFirmwareUpdateCargo
>> +
>> +[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7]
>> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
>> +CAPSULE_HEADER_SIZE = 0x20
>> +CAPSULE_HEADER_INIT_VERSION = 0x1
>> +
>> + FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
>> +
>> --
>> 2.7.4
>>
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
On 4 June 2018 at 18:58, Marcin Wojtas <mw@semihalf.com> wrote: > Ard, > > 2018-06-04 18:47 GMT+02:00 Ard Biesheuvel <ard.biesheuvel@linaro.org>: >> On 4 June 2018 at 18:41, Marcin Wojtas <mw@semihalf.com> wrote: >>> All required components are in place, so we can now >>> add all necessary dependencies to build and use capsule support >>> for Armada7k8k platforms. It is conditionally enabled >>> with '-D CAPSULE_ENABLE' flag added during build time. >>> >>> Because the capsule generation must be sequential, >>> due to boot requirements and glueing all binaries >>> (BLE, ARM-TF, BL33) externally, introduce additional >>> .dsc and .fdf file solely for creating the capsule. >>> >>> In order to build the capsule following parameters >>> must be passed to the build command of the common file >>> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc: >>> >>> -D PLATFORM_NAME=<previously built platform name with capsule support> >>> -D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin> >>> >> >> I think there was some miscommunication here: >> >> - PREFIX is not a full path, it is a prefix. So in this case, the >> 'flash-image.bin' part should still be hardcoded, but the DEFINE >> allows you to specify its location in the directory tree. >> - apologies for bikeshedding/disagreeing with what Leif said >> previously, but ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX is not appropriate >> here, given that flash-image.bin is the entire firmware image, so >> ARM-TF, UEFI, and other bits and pieces that make up the full image. I >> understand that Leif wants a generic prefix, but using it in >> completely different ways (ARM-TF fip vs the entire firmware image) >> defeats the purpose of that. >> > > So is passing a full path a valid way for you? > > If yes, how a about following parameter name: 'FIRMWARE_IMAGE_PATH' ? > That works for me _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
On Mon, Jun 04, 2018 at 06:58:25PM +0200, Marcin Wojtas wrote:
> Ard,
>
> 2018-06-04 18:47 GMT+02:00 Ard Biesheuvel <ard.biesheuvel@linaro.org>:
> > On 4 June 2018 at 18:41, Marcin Wojtas <mw@semihalf.com> wrote:
> >> All required components are in place, so we can now
> >> add all necessary dependencies to build and use capsule support
> >> for Armada7k8k platforms. It is conditionally enabled
> >> with '-D CAPSULE_ENABLE' flag added during build time.
> >>
> >> Because the capsule generation must be sequential,
> >> due to boot requirements and glueing all binaries
> >> (BLE, ARM-TF, BL33) externally, introduce additional
> >> .dsc and .fdf file solely for creating the capsule.
> >>
> >> In order to build the capsule following parameters
> >> must be passed to the build command of the common file
> >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc:
> >>
> >> -D PLATFORM_NAME=<previously built platform name with capsule support>
> >> -D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin>
> >>
> >
> > I think there was some miscommunication here:
> >
> > - PREFIX is not a full path, it is a prefix. So in this case, the
> > 'flash-image.bin' part should still be hardcoded, but the DEFINE
> > allows you to specify its location in the directory tree.
> > - apologies for bikeshedding/disagreeing with what Leif said
> > previously, but ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX is not appropriate
> > here, given that flash-image.bin is the entire firmware image, so
> > ARM-TF, UEFI, and other bits and pieces that make up the full image. I
> > understand that Leif wants a generic prefix, but using it in
> > completely different ways (ARM-TF fip vs the entire firmware image)
> > defeats the purpose of that.
Oh, I agree with all of the above and was fully hoping someone could
come up with something better :)
> So is passing a full path a valid way for you?
>
> If yes, how a about following parameter name: 'FIRMWARE_IMAGE_PATH' ?
I generally prefer a PREFIX over a path, since this does not mandate a
directory name, but could also contain a file prefix.
While not strictly speaking relevant to the internals of
edk2-platforms, could you explain to me where the "firmware-image.bin"
images end up being generated in the first place? I.e., their complete
path in ARM Trusted Firmware build output, with build targets and all?
Best Regards,
Leif
> Best regards,
> Marcin
>
> >
> >
> >> Contributed-under: TianoCore Contribution Agreement 1.1
> >> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
> >> Signed-off-by: David Sniatkiwicz <davidsn@marvell.com>
> >> ---
> >> Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++
> >> Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++
> >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++
> >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++
> >> 4 files changed, 223 insertions(+)
> >>
> >> diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> >> index bf04f4d..e5e5443 100644
> >> --- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> >> +++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
> >> @@ -201,6 +201,15 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c
> >> INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
> >> INF MdeModulePkg/Application/UiApp/UiApp.inf
> >>
> >> +!if $(CAPSULE_ENABLE)
> >> + # Firmware update
> >> + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> >> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> >> + FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
> >> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
> >> + SECTION UI = "Pkcs7TestRoot"
> >> + }
> >> +!endif
> >>
> >> # PEI phase firmware volume
> >> [FV.FVMAIN_COMPACT]
> >> @@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE
> >> INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
> >> INF ArmPkg/Drivers/CpuPei/CpuPei.inf
> >> INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
> >> +!if $(CAPSULE_ENABLE)
> >> + INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
> >> + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
> >> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> >> +!endif
> >> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> >>
> >> FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
> >> @@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE
> >> }
> >> }
> >>
> >> +!if $(CAPSULE_ENABLE)
> >> +[FV.SystemFirmwareDescriptor]
> >> +FvAlignment = 8
> >> +ERASE_POLARITY = 1
> >> +MEMORY_MAPPED = TRUE
> >> +STICKY_WRITE = TRUE
> >> +LOCK_CAP = TRUE
> >> +LOCK_STATUS = TRUE
> >> +WRITE_DISABLED_CAP = TRUE
> >> +WRITE_ENABLED_CAP = TRUE
> >> +WRITE_STATUS = TRUE
> >> +WRITE_LOCK_CAP = TRUE
> >> +WRITE_LOCK_STATUS = TRUE
> >> +READ_DISABLED_CAP = TRUE
> >> +READ_ENABLED_CAP = TRUE
> >> +READ_STATUS = TRUE
> >> +READ_LOCK_CAP = TRUE
> >> +READ_LOCK_STATUS = TRUE
> >> +
> >> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> >> +
> >> +[FV.CapsuleDispatchFv]
> >> +FvAlignment = 8
> >> +ERASE_POLARITY = 1
> >> +MEMORY_MAPPED = TRUE
> >> +STICKY_WRITE = TRUE
> >> +LOCK_CAP = TRUE
> >> +LOCK_STATUS = TRUE
> >> +WRITE_DISABLED_CAP = TRUE
> >> +WRITE_ENABLED_CAP = TRUE
> >> +WRITE_STATUS = TRUE
> >> +WRITE_LOCK_CAP = TRUE
> >> +WRITE_LOCK_STATUS = TRUE
> >> +READ_DISABLED_CAP = TRUE
> >> +READ_ENABLED_CAP = TRUE
> >> +READ_STATUS = TRUE
> >> +READ_LOCK_CAP = TRUE
> >> +READ_LOCK_STATUS = TRUE
> >> +
> >> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
> >> +
> >> +!endif
> >> +
> >> ################################################################################
> >> #
> >> # Rules are use with the [FV] section's module INF type to define
> >> @@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE
> >> UI STRING ="$(MODULE_NAME)" Optional
> >> PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> >> }
> >> +
> >> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
> >> + FILE PEIM = $(NAMED_GUID) {
> >> + RAW BIN |.acpi
> >> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> >> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
> >> + UI STRING="$(MODULE_NAME)" Optional
> >> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> >> + }
> >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> >> index 8fb912b..75fa3d4 100644
> >> --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> >> @@ -42,8 +42,23 @@
> >> DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> >> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
> >>
> >> +!if $(CAPSULE_ENABLE)
> >> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> >> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> >> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> >> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> >> + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
> >> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
> >> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
> >> + PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf
> >> +!endif
> >> +
> >> # Basic utility libraries
> >> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
> >> +!if $(CAPSULE_ENABLE)
> >> + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
> >> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> >> +!endif
> >> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
> >> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
> >> PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> >> @@ -199,7 +214,11 @@
> >> [LibraryClasses.common.DXE_RUNTIME_DRIVER]
> >> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> >> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> >> +!if $(CAPSULE_ENABLE)
> >> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> >> +!else
> >> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> >> +!endif
> >> !if $(TARGET) != RELEASE
> >> DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
> >> !endif
> >> @@ -376,6 +395,13 @@
> >> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000
> >> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000
> >>
> >> +!if $(CAPSULE_ENABLE)
> >> +[PcdsDynamicExDefault.common.DEFAULT]
> >> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
> >> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, 0x9e, 0x06, 0xc7}
> >> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, 0xf3, 0x09, 0x40}
> >> +!endif
> >> +
> >> ################################################################################
> >> #
> >> # Components Section - list of all EDK II Modules needed by this Platform
> >> @@ -394,6 +420,11 @@
> >> ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
> >> ArmPkg/Drivers/CpuPei/CpuPei.inf
> >> MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
> >> +!if $(CAPSULE_ENABLE)
> >> + MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
> >> + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
> >> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> >> +!endif
> >> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
> >> <LibraryClasses>
> >> NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
> >> @@ -503,6 +534,16 @@
> >> NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
> >> }
> >>
> >> +!if $(CAPSULE_ENABLE)
> >> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> >> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> >> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
> >> + <LibraryClasses>
> >> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
> >> + }
> >> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
> >> +!endif
> >> +
> >> #
> >> # Variable services
> >> #
> >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
> >> new file mode 100644
> >> index 0000000..0498bce
> >> --- /dev/null
> >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
> >> @@ -0,0 +1,46 @@
> >> +#Copyright (C) 2018 Marvell International Ltd.
> >> +#
> >> +#Marvell BSD License Option
> >> +#
> >> +#If you received this File from Marvell, you may opt to use, redistribute and/or
> >> +#modify this File under the following licensing terms.
> >> +#Redistribution and use in source and binary forms, with or without modification,
> >> +#are permitted provided that the following conditions are met:
> >> +#
> >> +# * Redistributions of source code must retain the above copyright notice,
> >> +# this list of conditions and the following disclaimer.
> >> +#
> >> +# * Redistributions in binary form must reproduce the above copyright
> >> +# notice, this list of conditions and the following disclaimer in the
> >> +# documentation and/or other materials provided with the distribution.
> >> +#
> >> +# * Neither the name of Marvell nor the names of its contributors may be
> >> +# used to endorse or promote products derived from this software without
> >> +# specific prior written permission.
> >> +#
> >> +#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
> >> +#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
> >> +#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
> >> +#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
> >> +#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
> >> +#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
> >> +#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
> >> +#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> >> +#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
> >> +#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> >> +#
> >> +################################################################################
> >> +#
> >> +# Defines Section - statements that will be processed to create a Makefile.
> >> +#
> >> +################################################################################
> >> +[Defines]
> >> + PLATFORM_NAME = ${PLATFORM_NAME}
> >> + PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3
> >> + PLATFORM_VERSION = 0.1
> >> + DSC_SPECIFICATION = 0x00010019
> >> + OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH)
> >> + SUPPORTED_ARCHITECTURES = AARCH64|ARM
> >> + BUILD_TARGETS = DEBUG|RELEASE
> >> + SKUID_IDENTIFIER = DEFAULT
> >> + FLASH_DEFINITION = Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> >> new file mode 100644
> >> index 0000000..c57f7dd
> >> --- /dev/null
> >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
> >> @@ -0,0 +1,70 @@
> >> +#
> >> +# Copyright (C) Marvell International Ltd. and its affiliates
> >> +#
> >> +# This program and the accompanying materials
> >> +# are licensed and made available under the terms and conditions of the BSD License
> >> +# which accompanies this distribution. The full text of the license may be found at
> >> +# http://opensource.org/licenses/bsd-license.php
> >> +#
> >> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> >> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> >> +#
> >> +
> >> +[FD.Armada_Capsule]
> >> +BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash.
> >> +Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device
> >> +ErasePolarity = 1
> >> +
> >> +0x00000000|0x00010000
> >> +FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv
> >> +
> >> +0x00100000|0x00300000
> >> +FILE = $(ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX)
> >> +
> >> +[FV.SystemFirmwareUpdateCargo]
> >> +FvAlignment = 8
> >> +ERASE_POLARITY = 1
> >> +MEMORY_MAPPED = TRUE
> >> +STICKY_WRITE = TRUE
> >> +LOCK_CAP = TRUE
> >> +LOCK_STATUS = TRUE
> >> +WRITE_DISABLED_CAP = TRUE
> >> +WRITE_ENABLED_CAP = TRUE
> >> +WRITE_STATUS = TRUE
> >> +WRITE_LOCK_CAP = TRUE
> >> +WRITE_LOCK_STATUS = TRUE
> >> +READ_DISABLED_CAP = TRUE
> >> +READ_ENABLED_CAP = TRUE
> >> +READ_STATUS = TRUE
> >> +READ_LOCK_CAP = TRUE
> >> +READ_LOCK_STATUS = TRUE
> >> +
> >> + FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # PcdEdkiiSystemFirmwareFileGuid
> >> + FD = Armada_Capsule
> >> + }
> >> +
> >> + FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
> >> + $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv
> >> + }
> >> +
> >> + FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
> >> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
> >> + }
> >> +
> >> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
> >> +IMAGE_HEADER_INIT_VERSION = 0x02
> >> +IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # PcdSystemFmpCapsuleImageTypeIdGuid
> >> +IMAGE_INDEX = 0x1
> >> +HARDWARE_INSTANCE = 0x0
> >> +MONOTONIC_COUNT = 0x1
> >> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
> >> +
> >> + FV = SystemFirmwareUpdateCargo
> >> +
> >> +[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7]
> >> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
> >> +CAPSULE_HEADER_SIZE = 0x20
> >> +CAPSULE_HEADER_INIT_VERSION = 0x1
> >> +
> >> + FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
> >> +
> >> --
> >> 2.7.4
> >>
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
2018-06-04 19:38 GMT+02:00 Leif Lindholm <leif.lindholm@linaro.org>:
> On Mon, Jun 04, 2018 at 06:58:25PM +0200, Marcin Wojtas wrote:
>> Ard,
>>
>> 2018-06-04 18:47 GMT+02:00 Ard Biesheuvel <ard.biesheuvel@linaro.org>:
>> > On 4 June 2018 at 18:41, Marcin Wojtas <mw@semihalf.com> wrote:
>> >> All required components are in place, so we can now
>> >> add all necessary dependencies to build and use capsule support
>> >> for Armada7k8k platforms. It is conditionally enabled
>> >> with '-D CAPSULE_ENABLE' flag added during build time.
>> >>
>> >> Because the capsule generation must be sequential,
>> >> due to boot requirements and glueing all binaries
>> >> (BLE, ARM-TF, BL33) externally, introduce additional
>> >> .dsc and .fdf file solely for creating the capsule.
>> >>
>> >> In order to build the capsule following parameters
>> >> must be passed to the build command of the common file
>> >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc:
>> >>
>> >> -D PLATFORM_NAME=<previously built platform name with capsule support>
>> >> -D ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX=<path/to/flash-image.bin>
>> >>
>> >
>> > I think there was some miscommunication here:
>> >
>> > - PREFIX is not a full path, it is a prefix. So in this case, the
>> > 'flash-image.bin' part should still be hardcoded, but the DEFINE
>> > allows you to specify its location in the directory tree.
>> > - apologies for bikeshedding/disagreeing with what Leif said
>> > previously, but ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX is not appropriate
>> > here, given that flash-image.bin is the entire firmware image, so
>> > ARM-TF, UEFI, and other bits and pieces that make up the full image. I
>> > understand that Leif wants a generic prefix, but using it in
>> > completely different ways (ARM-TF fip vs the entire firmware image)
>> > defeats the purpose of that.
>
> Oh, I agree with all of the above and was fully hoping someone could
> come up with something better :)
>
>> So is passing a full path a valid way for you?
>>
>> If yes, how a about following parameter name: 'FIRMWARE_IMAGE_PATH' ?
>
> I generally prefer a PREFIX over a path, since this does not mandate a
> directory name, but could also contain a file prefix.
>
> While not strictly speaking relevant to the internals of
> edk2-platforms, could you explain to me where the "firmware-image.bin"
> images end up being generated in the first place? I.e., their complete
> path in ARM Trusted Firmware build output, with build targets and all?
>
flash-image.bin is generated during ARM-TF build. It is normal fip
image (BL2, SCP_BL2, BL31, BL33), which is glued with
DRAM-configuration binary (called BLE). A dedicated tool wraps it with
a header comprising magic number, checksum and offsets of BLE and fip
within the flash-image.bin.
Best regards,
Marcin
>> >
>> >
>> >> Contributed-under: TianoCore Contribution Agreement 1.1
>> >> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
>> >> Signed-off-by: David Sniatkiwicz <davidsn@marvell.com>
>> >> ---
>> >> Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf | 66 ++++++++++++++++++
>> >> Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 41 ++++++++++++
>> >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc | 46 +++++++++++++
>> >> Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf | 70 ++++++++++++++++++++
>> >> 4 files changed, 223 insertions(+)
>> >>
>> >> diff --git a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
>> >> index bf04f4d..e5e5443 100644
>> >> --- a/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
>> >> +++ b/Platform/Marvell/Armada70x0Db/Armada70x0Db.fdf
>> >> @@ -201,6 +201,15 @@ FvNameGuid = 5eda4200-2c5f-43cb-9da3-0baf74b1b30c
>> >> INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
>> >> INF MdeModulePkg/Application/UiApp/UiApp.inf
>> >>
>> >> +!if $(CAPSULE_ENABLE)
>> >> + # Firmware update
>> >> + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
>> >> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
>> >> + FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
>> >> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
>> >> + SECTION UI = "Pkcs7TestRoot"
>> >> + }
>> >> +!endif
>> >>
>> >> # PEI phase firmware volume
>> >> [FV.FVMAIN_COMPACT]
>> >> @@ -228,6 +237,11 @@ READ_LOCK_STATUS = TRUE
>> >> INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
>> >> INF ArmPkg/Drivers/CpuPei/CpuPei.inf
>> >> INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
>> >> +!if $(CAPSULE_ENABLE)
>> >> + INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
>> >> + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
>> >> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
>> >> +!endif
>> >> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>> >>
>> >> FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
>> >> @@ -236,6 +250,49 @@ READ_LOCK_STATUS = TRUE
>> >> }
>> >> }
>> >>
>> >> +!if $(CAPSULE_ENABLE)
>> >> +[FV.SystemFirmwareDescriptor]
>> >> +FvAlignment = 8
>> >> +ERASE_POLARITY = 1
>> >> +MEMORY_MAPPED = TRUE
>> >> +STICKY_WRITE = TRUE
>> >> +LOCK_CAP = TRUE
>> >> +LOCK_STATUS = TRUE
>> >> +WRITE_DISABLED_CAP = TRUE
>> >> +WRITE_ENABLED_CAP = TRUE
>> >> +WRITE_STATUS = TRUE
>> >> +WRITE_LOCK_CAP = TRUE
>> >> +WRITE_LOCK_STATUS = TRUE
>> >> +READ_DISABLED_CAP = TRUE
>> >> +READ_ENABLED_CAP = TRUE
>> >> +READ_STATUS = TRUE
>> >> +READ_LOCK_CAP = TRUE
>> >> +READ_LOCK_STATUS = TRUE
>> >> +
>> >> + INF RuleOverride = FMP_IMAGE_DESC Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
>> >> +
>> >> +[FV.CapsuleDispatchFv]
>> >> +FvAlignment = 8
>> >> +ERASE_POLARITY = 1
>> >> +MEMORY_MAPPED = TRUE
>> >> +STICKY_WRITE = TRUE
>> >> +LOCK_CAP = TRUE
>> >> +LOCK_STATUS = TRUE
>> >> +WRITE_DISABLED_CAP = TRUE
>> >> +WRITE_ENABLED_CAP = TRUE
>> >> +WRITE_STATUS = TRUE
>> >> +WRITE_LOCK_CAP = TRUE
>> >> +WRITE_LOCK_STATUS = TRUE
>> >> +READ_DISABLED_CAP = TRUE
>> >> +READ_ENABLED_CAP = TRUE
>> >> +READ_STATUS = TRUE
>> >> +READ_LOCK_CAP = TRUE
>> >> +READ_LOCK_STATUS = TRUE
>> >> +
>> >> + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
>> >> +
>> >> +!endif
>> >> +
>> >> ################################################################################
>> >> #
>> >> # Rules are use with the [FV] section's module INF type to define
>> >> @@ -331,3 +388,12 @@ READ_LOCK_STATUS = TRUE
>> >> UI STRING ="$(MODULE_NAME)" Optional
>> >> PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
>> >> }
>> >> +
>> >> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
>> >> + FILE PEIM = $(NAMED_GUID) {
>> >> + RAW BIN |.acpi
>> >> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
>> >> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
>> >> + UI STRING="$(MODULE_NAME)" Optional
>> >> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
>> >> + }
>> >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
>> >> index 8fb912b..75fa3d4 100644
>> >> --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
>> >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
>> >> @@ -42,8 +42,23 @@
>> >> DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>> >> DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
>> >>
>> >> +!if $(CAPSULE_ENABLE)
>> >> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> >> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
>> >> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
>> >> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
>> >> + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
>> >> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
>> >> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
>> >> + PlatformFlashAccessLib|Silicon/Marvell/Armada7k8k/Feature/Capsule/PlatformFlashAccessLib/PlatformFlashAccessLib.inf
>> >> +!endif
>> >> +
>> >> # Basic utility libraries
>> >> BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
>> >> +!if $(CAPSULE_ENABLE)
>> >> + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
>> >> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
>> >> +!endif
>> >> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
>> >> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
>> >> PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
>> >> @@ -199,7 +214,11 @@
>> >> [LibraryClasses.common.DXE_RUNTIME_DRIVER]
>> >> HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>> >> MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
>> >> +!if $(CAPSULE_ENABLE)
>> >> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
>> >> +!else
>> >> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
>> >> +!endif
>> >> !if $(TARGET) != RELEASE
>> >> DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
>> >> !endif
>> >> @@ -376,6 +395,13 @@
>> >> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0xF93E0000
>> >> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00010000
>> >>
>> >> +!if $(CAPSULE_ENABLE)
>> >> +[PcdsDynamicExDefault.common.DEFAULT]
>> >> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
>> >> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x02, 0x0e, 0x89, 0xb3, 0x6b, 0xc4, 0x70, 0x49, 0x95, 0x36, 0x57, 0x78, 0x7a, 0x9e, 0x06, 0xc7}
>> >> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x75, 0xc4, 0x7f, 0x75, 0x22, 0x6b, 0x82, 0x44, 0x86, 0x8e, 0xde, 0xd2, 0x86, 0xf3, 0x09, 0x40}
>> >> +!endif
>> >> +
>> >> ################################################################################
>> >> #
>> >> # Components Section - list of all EDK II Modules needed by this Platform
>> >> @@ -394,6 +420,11 @@
>> >> ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
>> >> ArmPkg/Drivers/CpuPei/CpuPei.inf
>> >> MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
>> >> +!if $(CAPSULE_ENABLE)
>> >> + MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
>> >> + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
>> >> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
>> >> +!endif
>> >> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
>> >> <LibraryClasses>
>> >> NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
>> >> @@ -503,6 +534,16 @@
>> >> NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
>> >> }
>> >>
>> >> +!if $(CAPSULE_ENABLE)
>> >> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
>> >> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
>> >> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
>> >> + <LibraryClasses>
>> >> + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
>> >> + }
>> >> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf
>> >> +!endif
>> >> +
>> >> #
>> >> # Variable services
>> >> #
>> >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
>> >> new file mode 100644
>> >> index 0000000..0498bce
>> >> --- /dev/null
>> >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.dsc
>> >> @@ -0,0 +1,46 @@
>> >> +#Copyright (C) 2018 Marvell International Ltd.
>> >> +#
>> >> +#Marvell BSD License Option
>> >> +#
>> >> +#If you received this File from Marvell, you may opt to use, redistribute and/or
>> >> +#modify this File under the following licensing terms.
>> >> +#Redistribution and use in source and binary forms, with or without modification,
>> >> +#are permitted provided that the following conditions are met:
>> >> +#
>> >> +# * Redistributions of source code must retain the above copyright notice,
>> >> +# this list of conditions and the following disclaimer.
>> >> +#
>> >> +# * Redistributions in binary form must reproduce the above copyright
>> >> +# notice, this list of conditions and the following disclaimer in the
>> >> +# documentation and/or other materials provided with the distribution.
>> >> +#
>> >> +# * Neither the name of Marvell nor the names of its contributors may be
>> >> +# used to endorse or promote products derived from this software without
>> >> +# specific prior written permission.
>> >> +#
>> >> +#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
>> >> +#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
>> >> +#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
>> >> +#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
>> >> +#ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
>> >> +#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
>> >> +#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
>> >> +#ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>> >> +#(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
>> >> +#SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>> >> +#
>> >> +################################################################################
>> >> +#
>> >> +# Defines Section - statements that will be processed to create a Makefile.
>> >> +#
>> >> +################################################################################
>> >> +[Defines]
>> >> + PLATFORM_NAME = ${PLATFORM_NAME}
>> >> + PLATFORM_GUID = 982e2ab1-26ca-4617-92e6-061bd6ba9ae3
>> >> + PLATFORM_VERSION = 0.1
>> >> + DSC_SPECIFICATION = 0x00010019
>> >> + OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)-$(ARCH)
>> >> + SUPPORTED_ARCHITECTURES = AARCH64|ARM
>> >> + BUILD_TARGETS = DEBUG|RELEASE
>> >> + SKUID_IDENTIFIER = DEFAULT
>> >> + FLASH_DEFINITION = Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
>> >> diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
>> >> new file mode 100644
>> >> index 0000000..c57f7dd
>> >> --- /dev/null
>> >> +++ b/Silicon/Marvell/Armada7k8k/Armada7k8kCapsule.fdf
>> >> @@ -0,0 +1,70 @@
>> >> +#
>> >> +# Copyright (C) Marvell International Ltd. and its affiliates
>> >> +#
>> >> +# This program and the accompanying materials
>> >> +# are licensed and made available under the terms and conditions of the BSD License
>> >> +# which accompanies this distribution. The full text of the license may be found at
>> >> +# http://opensource.org/licenses/bsd-license.php
>> >> +#
>> >> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> >> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>> >> +#
>> >> +
>> >> +[FD.Armada_Capsule]
>> >> +BaseAddress = 0x00000000 #|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash.
>> >> +Size = 0x00400000 #|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device
>> >> +ErasePolarity = 1
>> >> +
>> >> +0x00000000|0x00010000
>> >> +FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv
>> >> +
>> >> +0x00100000|0x00300000
>> >> +FILE = $(ARM_TRUSTED_FIRMWARE_IMAGE_PREFIX)
>> >> +
>> >> +[FV.SystemFirmwareUpdateCargo]
>> >> +FvAlignment = 8
>> >> +ERASE_POLARITY = 1
>> >> +MEMORY_MAPPED = TRUE
>> >> +STICKY_WRITE = TRUE
>> >> +LOCK_CAP = TRUE
>> >> +LOCK_STATUS = TRUE
>> >> +WRITE_DISABLED_CAP = TRUE
>> >> +WRITE_ENABLED_CAP = TRUE
>> >> +WRITE_STATUS = TRUE
>> >> +WRITE_LOCK_CAP = TRUE
>> >> +WRITE_LOCK_STATUS = TRUE
>> >> +READ_DISABLED_CAP = TRUE
>> >> +READ_ENABLED_CAP = TRUE
>> >> +READ_STATUS = TRUE
>> >> +READ_LOCK_CAP = TRUE
>> >> +READ_LOCK_STATUS = TRUE
>> >> +
>> >> + FILE RAW = b3890e02-c46b-4970-9536-57787a9e06c7 { # PcdEdkiiSystemFirmwareFileGuid
>> >> + FD = Armada_Capsule
>> >> + }
>> >> +
>> >> + FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
>> >> + $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv
>> >> + }
>> >> +
>> >> + FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
>> >> + Silicon/Marvell/Armada7k8k/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
>> >> + }
>> >> +
>> >> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
>> >> +IMAGE_HEADER_INIT_VERSION = 0x02
>> >> +IMAGE_TYPE_ID = 757fc475-6b22-4482-868e-ded286f30940 # PcdSystemFmpCapsuleImageTypeIdGuid
>> >> +IMAGE_INDEX = 0x1
>> >> +HARDWARE_INSTANCE = 0x0
>> >> +MONOTONIC_COUNT = 0x1
>> >> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
>> >> +
>> >> + FV = SystemFirmwareUpdateCargo
>> >> +
>> >> +[Capsule.MvFirmwareUpdateCapsuleFmpPkcs7]
>> >> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
>> >> +CAPSULE_HEADER_SIZE = 0x20
>> >> +CAPSULE_HEADER_INIT_VERSION = 0x1
>> >> +
>> >> + FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
>> >> +
>> >> --
>> >> 2.7.4
>> >>
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2024 Red Hat, Inc.