From patchwork Mon Oct  2 10:43:19 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emekcan Aras <emekcan.aras@arm.com>
X-Patchwork-Id: 31560
Return-Path: <emekcan.aras@arm.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4DC1FE7849A
	for <webhook@archiver.kernel.org>; Mon,  2 Oct 2023 10:43:40 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web11.78557.1696243410474379452
 for <meta-arm@lists.yoctoproject.org>;
 Mon, 02 Oct 2023 03:43:30 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: arm.com, ip: 217.140.110.172,
 mailfrom: emekcan.aras@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 871A2C15;
	Mon,  2 Oct 2023 03:44:08 -0700 (PDT)
Received: from cassini-003.cambridge.arm.com (cassini-003.cambridge.arm.com
 [10.1.198.36])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 4EE273F762;
	Mon,  2 Oct 2023 03:43:29 -0700 (PDT)
From: emekcan.aras@arm.com
To: meta-arm@lists.yoctoproject.org,
	Ross.Burton@arm.com,
	Jon.Mason@arm.com
Cc: nd@arm.com,
	Emekcan Aras <emekcan.aras@arm.com>
Subject: [PATCH 1/5] CI: Add meta-secure-core
Date: Mon,  2 Oct 2023 11:43:19 +0100
Message-Id: <20231002104323.1967358-2-emekcan.aras@arm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231002104323.1967358-1-emekcan.aras@arm.com>
References: <20231002104323.1967358-1-emekcan.aras@arm.com>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Mon, 02 Oct 2023 10:43:40 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5097

From: Emekcan Aras <emekcan.aras@arm.com>

Meta-secure-core is used to create signed capsule (firmware update
images). This adds meta-secure-core.yml file and since it depends on meta-perl
from oe-core, it adds that layer to meta-openembedded.yml

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 ci/meta-openembedded.yml |  1 +
 ci/meta-secure-core.yml  | 11 +++++++++++
 2 files changed, 12 insertions(+)
 create mode 100644 ci/meta-secure-core.yml

diff --git a/ci/meta-openembedded.yml b/ci/meta-openembedded.yml
index e1e16c8f..743fdde5 100644
--- a/ci/meta-openembedded.yml
+++ b/ci/meta-openembedded.yml
@@ -9,3 +9,4 @@ repos:
       meta-networking:
       meta-oe:
       meta-python:
+      meta-perl:
diff --git a/ci/meta-secure-core.yml b/ci/meta-secure-core.yml
new file mode 100644
index 00000000..94b11a7c
--- /dev/null
+++ b/ci/meta-secure-core.yml
@@ -0,0 +1,11 @@
+header:
+  version: 14
+
+repos:
+  meta-secure-core:
+    url: https://github.com/Wind-River/meta-secure-core.git
+    layers:
+      meta:
+      meta-signing-key:
+      meta-efi-secure-boot:
+      

From patchwork Mon Oct  2 10:43:20 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emekcan Aras <emekcan.aras@arm.com>
X-Patchwork-Id: 31557
Return-Path: <emekcan.aras@arm.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 47EB2E784AF
	for <webhook@archiver.kernel.org>; Mon,  2 Oct 2023 10:43:40 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web11.78558.1696243411375565120
 for <meta-arm@lists.yoctoproject.org>;
 Mon, 02 Oct 2023 03:43:31 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: arm.com, ip: 217.140.110.172,
 mailfrom: emekcan.aras@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8436ADA7;
	Mon,  2 Oct 2023 03:44:09 -0700 (PDT)
Received: from cassini-003.cambridge.arm.com (cassini-003.cambridge.arm.com
 [10.1.198.36])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 4C05E3F762;
	Mon,  2 Oct 2023 03:43:30 -0700 (PDT)
From: emekcan.aras@arm.com
To: meta-arm@lists.yoctoproject.org,
	Ross.Burton@arm.com,
	Jon.Mason@arm.com
Cc: nd@arm.com,
	Emekcan Aras <emekcan.aras@arm.com>
Subject: [PATCH 2/5] CI: Include meta-secure-core in corstone1000
Date: Mon,  2 Oct 2023 11:43:20 +0100
Message-Id: <20231002104323.1967358-3-emekcan.aras@arm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231002104323.1967358-1-emekcan.aras@arm.com>
References: <20231002104323.1967358-1-emekcan.aras@arm.com>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Mon, 02 Oct 2023 10:43:40 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5098

From: Emekcan Aras <emekcan.aras@arm.com>

Adds meta-secure-core to corstone1000.yml to enable signed capsule
update feature.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 ci/corstone1000-common.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ci/corstone1000-common.yml b/ci/corstone1000-common.yml
index a4c9ca3f..09472285 100644
--- a/ci/corstone1000-common.yml
+++ b/ci/corstone1000-common.yml
@@ -4,6 +4,7 @@ header:
     - ci/base.yml
     - ci/meta-openembedded.yml
     - ci/poky-tiny.yml
+    - ci/meta-secure-core.yml
 
 local_conf_header:
     extrapackages: |

From patchwork Mon Oct  2 10:43:21 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emekcan Aras <emekcan.aras@arm.com>
X-Patchwork-Id: 31556
Return-Path: <emekcan.aras@arm.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 56AE1E784B0
	for <webhook@archiver.kernel.org>; Mon,  2 Oct 2023 10:43:40 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web11.78559.1696243412428224829
 for <meta-arm@lists.yoctoproject.org>;
 Mon, 02 Oct 2023 03:43:32 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: arm.com, ip: 217.140.110.172,
 mailfrom: emekcan.aras@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 81598C15;
	Mon,  2 Oct 2023 03:44:10 -0700 (PDT)
Received: from cassini-003.cambridge.arm.com (cassini-003.cambridge.arm.com
 [10.1.198.36])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 490FA3F762;
	Mon,  2 Oct 2023 03:43:31 -0700 (PDT)
From: emekcan.aras@arm.com
To: meta-arm@lists.yoctoproject.org,
	Ross.Burton@arm.com,
	Jon.Mason@arm.com
Cc: nd@arm.com,
	Emekcan Aras <emekcan.aras@arm.com>
Subject: [PATCH 3/5] kas: corstone1000: add meta-secure-core
Date: Mon,  2 Oct 2023 11:43:21 +0100
Message-Id: <20231002104323.1967358-4-emekcan.aras@arm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231002104323.1967358-1-emekcan.aras@arm.com>
References: <20231002104323.1967358-1-emekcan.aras@arm.com>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Mon, 02 Oct 2023 10:43:40 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5099

From: Emekcan Aras <emekcan.aras@arm.com>

Adds meta-secure-core to enable capsule update feature.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 kas/corstone1000-base.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/kas/corstone1000-base.yml b/kas/corstone1000-base.yml
index 161312fb..5e4ae7e4 100644
--- a/kas/corstone1000-base.yml
+++ b/kas/corstone1000-base.yml
@@ -32,6 +32,13 @@ repos:
       meta-oe:
       meta-python:
 
+  meta-secure-core:
+    url: https://github.com/wind-river/meta-secure-core.git
+    layers:
+      meta:
+      meta-signing-key:
+      meta-efi-secure-boot:
+
 local_conf_header:
   base: |
     CONF_VERSION = "2"

From patchwork Mon Oct  2 10:43:22 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emekcan Aras <emekcan.aras@arm.com>
X-Patchwork-Id: 31559
Return-Path: <emekcan.aras@arm.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5C30FE784B3
	for <webhook@archiver.kernel.org>; Mon,  2 Oct 2023 10:43:40 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.78656.1696243413295751088
 for <meta-arm@lists.yoctoproject.org>;
 Mon, 02 Oct 2023 03:43:33 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: arm.com, ip: 217.140.110.172,
 mailfrom: emekcan.aras@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 75D08DA7;
	Mon,  2 Oct 2023 03:44:11 -0700 (PDT)
Received: from cassini-003.cambridge.arm.com (cassini-003.cambridge.arm.com
 [10.1.198.36])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 469FA3F762;
	Mon,  2 Oct 2023 03:43:32 -0700 (PDT)
From: emekcan.aras@arm.com
To: meta-arm@lists.yoctoproject.org,
	Ross.Burton@arm.com,
	Jon.Mason@arm.com
Cc: nd@arm.com,
	Emekcan Aras <emekcan.aras@arm.com>
Subject: [PATCH 4/5] arm-bsp/u-boot: corstone1000: introduce authenticated
 capsule update
Date: Mon,  2 Oct 2023 11:43:22 +0100
Message-Id: <20231002104323.1967358-5-emekcan.aras@arm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231002104323.1967358-1-emekcan.aras@arm.com>
References: <20231002104323.1967358-1-emekcan.aras@arm.com>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Mon, 02 Oct 2023 10:43:40 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5100

From: Emekcan Aras <emekcan.aras@arm.com>

Adds signature to device-tree overlay and enables authenticated capsule
update in u-boot for corstone1000.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 ...00-add-signature-device-tree-overlay.patch | 31 ++++++++
 ...-enable-authenticated-capsule-config.patch | 28 +++++++
 ...roduce-EFI-authenticated-capsule-upd.patch | 76 +++++++++++++++++++
 .../recipes-bsp/u-boot/u-boot_%.bbappend      | 15 +++-
 4 files changed, 149 insertions(+), 1 deletion(-)
 create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-add-signature-device-tree-overlay.patch
 create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-corstone1000-enable-authenticated-capsule-config.patch
 create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch

diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-add-signature-device-tree-overlay.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-add-signature-device-tree-overlay.patch
new file mode 100644
index 00000000..9d8c6a9e
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0038-corstone1000-add-signature-device-tree-overlay.patch
@@ -0,0 +1,31 @@
+From 88cb6f5a91178903d4e306d8653b941f9727987b Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Wed, 13 Sep 2023 13:20:15 +0100
+Subject: [PATCH] corstone1000: add signature device tree overlay
+
+Adds signature device tree overlay.
+
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ arch/arm/dts/corstone1000.dtsi | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/arch/arm/dts/corstone1000.dtsi b/arch/arm/dts/corstone1000.dtsi
+index 25a032b6b3..1c3ab2c315 100644
+--- a/arch/arm/dts/corstone1000.dtsi
++++ b/arch/arm/dts/corstone1000.dtsi
+@@ -111,6 +111,10 @@
+ 		fwu-mdata-store = <&nvmxip>;
+ 	};
+ 
++	signature {
++		capsule-key = /incbin/("../../../CRT.esl");
++	};
++
+ 	soc {
+ 		compatible = "simple-bus";
+ 		#address-cells = <1>;
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-corstone1000-enable-authenticated-capsule-config.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-corstone1000-enable-authenticated-capsule-config.patch
new file mode 100644
index 00000000..761234e6
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0039-corstone1000-enable-authenticated-capsule-config.patch
@@ -0,0 +1,28 @@
+From 9b884d4f483474b99fcb4850197a1c8dde34147d Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Wed, 13 Sep 2023 13:52:02 +0100
+Subject: [PATCH] corstone1000: enable authenticated capsule config
+
+Enables authenticated capsule update config for corstone1000.
+
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ configs/corstone1000_defconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
+index 5b0b2ac3bf..2de3f5d7b3 100644
+--- a/configs/corstone1000_defconfig
++++ b/configs/corstone1000_defconfig
+@@ -70,6 +70,7 @@ CONFIG_FWU_MDATA=y
+ CONFIG_FWU_MDATA_GPT_BLK=y
+ CONFIG_SYSRESET=y
+ CONFIG_EFI_CAPSULE_ON_DISK=y
++CONFIG_EFI_CAPSULE_AUTHENTICATE=y
+ CONFIG_EFI_IGNORE_OSINDICATIONS=y
+ CONFIG_FWU_MULTI_BANK_UPDATE=y
+ # CONFIG_TOOLS_MKEFICAPSULE is not set
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch
new file mode 100644
index 00000000..f47dd8c1
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch
@@ -0,0 +1,76 @@
+From b99a39c662b9be5f940b895efa8016f5567e1c1f Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Wed, 13 Sep 2023 13:55:08 +0100
+Subject: [PATCH] corstone1000: introduce EFI authenticated capsule update
+
+Introduces EFI authenticated capsule update for corstone1000. Corstone1000
+implements platform-specific capsule update mechanism in u-bootdue to the SoC
+design. This patch add authenticated capsule update mechanism to the
+platform-specific firmware-update routine.
+
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Upstream-Status: Inappropriate [Redesign of Capsule update interface is required]
+---
+ lib/efi_loader/efi_capsule.c | 39 ++++++++++++++++++++++++++++++++++++
+ 1 file changed, 39 insertions(+)
+
+diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
+index 6a06605ad9..30fb7d1dd5 100644
+--- a/lib/efi_loader/efi_capsule.c
++++ b/lib/efi_loader/efi_capsule.c
+@@ -820,6 +820,12 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
+ 		u64 scatter_gather_list)
+ {
+ 	struct efi_capsule_header *capsule;
++	struct efi_firmware_management_capsule_header *capsule_header;
++	struct efi_firmware_management_capsule_image_header *image;
++	size_t image_binary_size;
++	size_t tmp_capsule_payload_size=0;
++	void *tmp_capsule_payload=NULL;
++	void *image_binary;
+ 	unsigned int i;
+ 	efi_status_t ret;
+ 
+@@ -859,6 +865,39 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule(
+ 			goto out;
+ 		}
+ 
++		capsule_header = (void *)capsule + capsule->header_size;
++		image = (void *)capsule_header + capsule_header->item_offset_list[0];
++		if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) &&
++			!(image->image_capsule_support &
++			CAPSULE_SUPPORT_AUTHENTICATION)) {
++			/* no signature */
++			log_err("Corstone1000: Capsule authentication flag check failed. Aborting update\n");
++			ret = EFI_SECURITY_VIOLATION;
++			goto out;
++		}
++
++		image_binary = (void *)image + sizeof(*image);
++		image_binary_size = image->update_image_size;
++		if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) &&
++		    (image->image_capsule_support &
++			CAPSULE_SUPPORT_AUTHENTICATION)){
++			ret = efi_capsule_authenticate(image_binary, image_binary_size,
++						  &tmp_capsule_payload,
++						  &tmp_capsule_payload_size);
++
++			if (ret == EFI_SECURITY_VIOLATION) {
++				log_err("Corstone1000: Capsule authentication check failed. Aborting update\n");
++				goto out;
++			} else if (ret != EFI_SUCCESS) {
++				goto out;
++			}
++
++			log_debug("Corstone1000: Capsule authentication successful\n");
++		} else {
++			log_debug("Corstone1000: Capsule authentication disabled. ");
++			log_debug("Corstone1000: Updating capsule without authenticating.\n");
++		}
++
+ 		/* copy the data to the contiguous buffer */
+ 		efi_memcpy_runtime(corstone1000_capsule_buf, capsule, capsule->capsule_image_size);
+ 
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend b/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend
index 6747c956..cd281e8d 100644
--- a/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot_%.bbappend
@@ -3,7 +3,7 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 #
 # Corstone1000 64-bit machines
 #
-DEPENDS:append:corstone1000 = " gnutls-native"
+DEPENDS:append:corstone1000 = " gnutls-native openssl-native efitools-native"
 CORSTONE1000_DEVICE_TREE:corstone1000-mps3 = "corstone1000-mps3"
 CORSTONE1000_DEVICE_TREE:corstone1000-fvp = "corstone1000-fvp"
 EXTRA_OEMAKE:append:corstone1000 = ' DEVICE_TREE=${CORSTONE1000_DEVICE_TREE}'
@@ -48,8 +48,21 @@ SRC_URI:append:corstone1000 = " \
 	file://0035-dt-Provide-a-way-to-remove-non-compliant-nodes-and-p.patch \
 	file://0036-bootefi-Call-the-EVT_FT_FIXUP-event-handler.patch \
 	file://0037-corstone1000-purge-U-Boot-specific-DT-nodes.patch \
+	file://0038-corstone1000-add-signature-device-tree-overlay.patch	  \
+	file://0039-corstone1000-enable-authenticated-capsule-config.patch	  \
+	file://0040-corstone1000-introduce-EFI-authenticated-capsule-upd.patch	  \
         "
 
+do_configure:append:corstone1000(){
+    openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=CRT/ -keyout ${B}/CRT.key -out ${B}/CRT.crt -nodes -days 365
+    cert-to-efi-sig-list ${B}/CRT.crt ${B}/corstone1000_defconfig/CRT.esl
+}
+
+do_install:append:corstone1000() {
+   install -D -p -m 0644 ${B}/CRT.crt ${DEPLOY_DIR_IMAGE}/corstone1000_capsule_cert.crt
+   install -D -p -m 0644 ${B}/CRT.key ${DEPLOY_DIR_IMAGE}/corstone1000_capsule_key.key
+}
+
 #
 # FVP BASE
 #

From patchwork Mon Oct  2 10:43:23 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emekcan Aras <emekcan.aras@arm.com>
X-Patchwork-Id: 31558
Return-Path: <emekcan.aras@arm.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6601DE784B2
	for <webhook@archiver.kernel.org>; Mon,  2 Oct 2023 10:43:40 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.78657.1696243414498905140
 for <meta-arm@lists.yoctoproject.org>;
 Mon, 02 Oct 2023 03:43:34 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: arm.com, ip: 217.140.110.172,
 mailfrom: emekcan.aras@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 6A0E2C15;
	Mon,  2 Oct 2023 03:44:12 -0700 (PDT)
Received: from cassini-003.cambridge.arm.com (cassini-003.cambridge.arm.com
 [10.1.198.36])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 3AECA3F762;
	Mon,  2 Oct 2023 03:43:33 -0700 (PDT)
From: emekcan.aras@arm.com
To: meta-arm@lists.yoctoproject.org,
	Ross.Burton@arm.com,
	Jon.Mason@arm.com
Cc: nd@arm.com,
	Emekcan Aras <emekcan.aras@arm.com>
Subject: [PATCH 5/5] arm-bsp/trusted-firmware-m: Enable authenticated capsule
 update
Date: Mon,  2 Oct 2023 11:43:23 +0100
Message-Id: <20231002104323.1967358-6-emekcan.aras@arm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231002104323.1967358-1-emekcan.aras@arm.com>
References: <20231002104323.1967358-1-emekcan.aras@arm.com>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Mon, 02 Oct 2023 10:43:40 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5101

From: Emekcan Aras <emekcan.aras@arm.com>

Enables authenticated capsule update and makes necessary changes to
align with new capsule generation tool (mkeficapsule in u-boot).

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 ...m-Corstone1000-Enable-Signed-Capsule.patch | 102 ++++++++++++++++++
 .../trusted-firmware-m-corstone1000.inc       |   1 +
 2 files changed, 103 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch

diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch
new file mode 100644
index 00000000..49c336de
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0006-Platform-Corstone1000-Enable-Signed-Capsule.patch
@@ -0,0 +1,102 @@
+From fa0988fd876400dc1bb451fffc4b167265b40d25 Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Thu, 14 Sep 2023 12:14:28 +0100
+Subject: [PATCH] Platform: Corstone1000: Enable Signed Capsule
+
+Enables signed capsule update and adjusts the necessary structs (fmp_payload_header
+, image_auth, etc.) to comply with the new capsule generation tool (mkeficapsule).
+
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ .../fw_update_agent/uefi_capsule_parser.c     | 25 +++++++++++--------
+ .../fw_update_agent/uefi_capsule_parser.h     |  2 ++
+ 2 files changed, 17 insertions(+), 10 deletions(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
+index b72ff1eb91..c706c040ac 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.c
+@@ -102,11 +102,9 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
+     }
+ 
+     capsule_header = (efi_capsule_header_t*)ptr;
+-    ptr += sizeof(efi_capsule_header_t) + sizeof(uint32_t);
++    ptr += sizeof(efi_capsule_header_t);
+     fmp_capsule_header = (efi_firmware_management_capsule_header_t*)ptr;
+ 
+-    fmp_payload_header = fmp_capsule_header + sizeof(*fmp_capsule_header);
+-
+     total_size = capsule_header->capsule_image_size;
+     image_count = fmp_capsule_header->payload_item_count;
+     images_info->nr_image = image_count;
+@@ -119,22 +117,20 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
+     }
+ 
+     for (int i = 0; i < image_count; i++) {
+-
+         image_header = (efi_firmware_management_capsule_image_header_t*)(ptr +
+                                 fmp_capsule_header->item_offset_list[i]);
+ 
+         images_info->size[i] = image_header->update_image_size;
+-        images_info->version[i] = fmp_payload_header->fw_version;
+-        FWU_LOG_MSG("%s: image %i version = %u\n\r", __func__, i,
+-                                images_info->version[i]);
++
+ #ifdef AUTHENTICATED_CAPSULE
+         image_auth = (efi_firmware_image_authentication_t*)(
+                         (char*)image_header +
+                         sizeof (efi_firmware_management_capsule_image_header_t)
+                      );
+         auth_size = sizeof(uint64_t) /* monotonic_count */  +
+-                    image_auth->auth_info.hdr.dwLength /* WIN_CERTIFICATE + cert_data */ +
+-                    sizeof(struct efi_guid) /* cert_type */;
++                    image_auth->auth_info.hdr.dwLength/* WIN_CERTIFICATE + cert_data + cert_type */;
++
++        fmp_payload_header = (fmp_payload_header_t*)((char*)image_auth + auth_size);
+ 
+         FWU_LOG_MSG("%s: auth size = %u\n\r", __func__, auth_size);
+ 
+@@ -143,16 +139,25 @@ enum uefi_capsule_error_t uefi_capsule_retrieve_images(void* capsule_ptr,
+         images_info->image[i] = (
+                 (char*)image_header +
+                 sizeof(efi_firmware_management_capsule_image_header_t) +
+-                auth_size);
++                auth_size +
++                sizeof(*fmp_payload_header));
+ #else
+         images_info->image[i] = (
+                 (char*)image_header +
+                 sizeof(efi_firmware_management_capsule_image_header_t) +
+                 sizeof(*fmp_payload_header));
++
++        fmp_payload_header = (fmp_payload_header_t*)((char*)image_header +
++                sizeof(efi_firmware_management_capsule_image_header_t));
++
+ #endif
+         memcpy(&images_info->guid[i], &(image_header->update_image_type_id),
+                                                         sizeof(struct efi_guid));
+ 
++        images_info->version[i] = fmp_payload_header->fw_version;
++        FWU_LOG_MSG("%s: image %i version = %d\n\r", __func__, i,
++                                images_info->version[i]);
++
+         FWU_LOG_MSG("%s: image %d at %p, size=%u\n\r", __func__, i,
+                         images_info->image[i], images_info->size[i]);
+ 
+diff --git a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
+index a890a709e9..a31cd8a3a0 100644
+--- a/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
++++ b/platform/ext/target/arm/corstone1000/fw_update_agent/uefi_capsule_parser.h
+@@ -12,6 +12,8 @@
+ #include "fip_parser/external/uuid.h"
+ #include "flash_layout.h"
+ 
++#define AUTHENTICATED_CAPSULE 1
++
+ enum uefi_capsule_error_t {
+     UEFI_CAPSULE_PARSER_SUCCESS = 0,
+     UEFI_CAPSULE_PARSER_ERROR = (-1)
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
index a259390a..601d1652 100644
--- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
@@ -33,6 +33,7 @@ SRC_URI:append:corstone1000 = " \
     file://0003-Platform-Corstone1000-Calculate-the-new-CRC32-value-.patch \
     file://0004-arm-trusted-firmware-m-disable-fatal-warnings.patch \
     file://0005-Platform-corstone1000-add-unique-firmware-GUID.patch \
+    file://0006-Platform-Corstone1000-Enable-Signed-Capsule.patch \
     "
 
 # TF-M ships patches for external dependencies that needs to be applied