diff mbox series

[2/2] arm-bsp/u-boot: corstone1000: fix runtime capsule update flag checks

Message ID 20231026124303.2433202-3-emekcan.aras@arm.com
State New
Headers show
Series arm-bsp/u-boot: corstone1000: on-disk capsule update | expand

Commit Message

Emekcan Aras Oct. 26, 2023, 12:43 p.m. UTC 
From: Emekcan Aras <emekcan.aras@arm.com>

Platform-specific capsule-update feature in u-boot does not check the
capsule-update flags properly (as stated in UEFI specs). This patch fixes the
capsule flags checks in u-boot for corstone1000.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 .../u-boot/u-boot-corstone1000.inc            |  1 +
 ...-runtime-capsule-update-flags-checks.patch | 56 +++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch
diff mbox series

Patch

diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc
index 6c56c2fe..7a7b155c 100644
--- a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc
@@ -47,6 +47,7 @@  SRC_URI:append = " \
     file://0037-corstone1000-enable-authenticated-capsule-config.patch \
     file://0038-corstone1000-introduce-EFI-authenticated-capsule-upd.patch \
     file://0039-enables-ondisk-capsule-update-feature.patch		  \
+    file://0040-fix-runtime-capsule-update-flags-checks.patch		  \
     "
 
 do_configure:append(){
diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch
new file mode 100644
index 00000000..b1d400d7
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-fix-runtime-capsule-update-flags-checks.patch
@@ -0,0 +1,56 @@ 
+From a83aa9e1b8f6e312da82e54614fbca498493c34d Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Thu, 19 Oct 2023 14:56:55 +0100
+Subject: [PATCH] fix runtime capsule update flags checks for corstone1000
+
+Fixes capsule update flags checks in capsule update as these checks are missing
+in the platform-specific capsule-update implementation in corstone1000.
+
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Upstream-Status: Inappropriate [Redesign of Capsule update interface is required]
+---
+ lib/efi_loader/efi_capsule.c | 28 ++++++++++++++++++++++++++++
+ 1 file changed, 28 insertions(+)
+
+diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
+index 307bcfd73c..34507482b7 100644
+--- a/lib/efi_loader/efi_capsule.c
++++ b/lib/efi_loader/efi_capsule.c
+@@ -854,6 +854,34 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
+			continue;
+		}
+
++		/* According to UEFI specs when the flag is CAPSULE_FLAGS_PERSIST_ACROSS_RESET,
++		ScatterGatherList can't be NULL.*/
++		if ((capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET) &&
++		    scatter_gather_list == 0){
++			ret = EFI_INVALID_PARAMETER;
++			goto out;
++		}
++
++		/*According to UEFI specs a capsule which has the CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE
++		 * flag must have CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its
++		 * header as well.*/
++		if (capsule->flags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE){
++			if(!(capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)){
++				ret = EFI_INVALID_PARAMETER;
++				goto out;
++			}
++		}
++
++		/* According to UEFI specs, a capsule which has the CAPSULE_FLAGS_INITIATE_RESET
++		 * Flag must have  CAPSULE_FLAGS_PERSIST_ACROSS_RESET set in its
++		 * header as well.*/
++		if (capsule->flags & CAPSULE_FLAGS_INITIATE_RESET){
++			if(!(capsule->flags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET)){
++				ret = EFI_INVALID_PARAMETER;
++				goto out;
++			}
++		}
++
+		log_debug("Capsule[%d] (guid:%pUs)\n",
+			  i, &capsule->capsule_guid);
+
+--
+2.25.1
+