| Age | Commit message (Collapse) | Author |
|---|
|
Only short option has been present. Also rename dump_sig
to dump-sig to match with other parameter names.
Fixes: 16abff246b40 ("tools: mkeficapsule: add firmware image signing")
Signed-off-by: Wojciech Dubowik <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
With pkcs11 support it's now possible to specify keys
with URI format. To use this feature the filename must
begin "pkcs11:.." and have valid URI pointing to certificate
and private key in HSM.
The environment variable PKCS11_MODULE_PATH must point to the
right pkcs11 provider i.e. with softhsm:
export PKCS11_MODULE_PATH=<path>/libsofthsm2.so
Example command line:
tools/mkeficapsule --monotonic-count 1 \
--private-key "pkcs11:token=EX;object=capsule;type=private;pin-source=pin.txt" \
--certificate "pkcs11:token=EX;object=capsule;type=cert;pin-source=pin.txt" \
--index 1 \
--guid XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX \
"capsule-payload" \
"capsule.cap"
Signed-off-by: Wojciech Dubowik <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Free the allocated buffer in case of an error.
Fixes: 9e63786e2b4b ("tools: mkeficapsule: rework the code a little bit")
Addresses-Coverity-ID: 345917 Resource leak
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
For printing a ssize_t variable we must use %zd and not %ld to avoid
a -Wformat error on 32-bit systems.
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Add support for generating GUIDs that match those generated internally
by U-Boot for capsule update fw_images when using dynamic UUIDs.
Dynamic UUIDs in U-Boot work by taking a namespace UUID and hashing it
with the board compatible and fw_image name. This feature just provides
a way to determine the UUIDs for a particular board without having to
actually boot U-Boot on it.
Acked-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Caleb Connolly <[email protected]>
|
|
Replace the use of libuuid with U-Boot's own UUID library. This prepares
us to add support for generating v5 GUIDs.
Signed-off-by: Caleb Connolly <[email protected]>
|
|
uint64_t is defined as unsigned long long on 32-bit ARM.
Use PRIX64 for printing uint64_t.
This avoid a build failure on 32-bit systems:
tools/mkeficapsule.c: In function 'dump_capsule_auth_header':
tools/mkeficapsule.c:694:66: warning: format '%lX' expects argument of
type 'long unsigned int', but argument 2 has type 'uint64_t'
{aka 'long long unsigned int'} [-Wformat=]
694 | printf("EFI_FIRMWARE_IMAGE_AUTH.MONOTONIC_COUNT\t\t: %08lX\n",
| ~~~~^
| |
| long unsigned int
| %08llX
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Mark Kettenis <[email protected]>
|
|
The tool must return an error code when invalid arguments are provided,
otherwise binman has no way of knowing that anything went wrong.
Correct this.
Signed-off-by: Simon Glass <[email protected]>
Fixes: fab430be2f4 ("tools: add mkeficapsule command for UEFI...")
|
|
Tools should have an option to obtain the version, so add this to the
mkeficapsule tool.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
In general terms, we -include include/linux/kconfig.h and so normal
U-Boot code does not need to also #include it. However, for code which
is shared with userspace we may need to add it so that either our full
config is available or so that macros such as CONFIG_IS_ENABLED() can be
evaluated. In this case make sure that we guard these includes with a
test for USE_HOSTCC so that it clear as to why we're doing this.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
Add support to dump the contents of capsule headers. This is useful as
a debug feature for checking the contents of the capsule headers, and
can also be used in capsule verification.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
Current mkeficapsule tool does not provide firmware
version management. EDK II reference implementation inserts
the FMP Payload Header right before the payload.
It coutains the fw_version and lowest supported version.
This commit adds a new parameters required to generate
the FMP Payload Header for mkeficapsule tool.
'-v' indicates the firmware version.
When mkeficapsule tool is invoked without '-v' option,
FMP Payload Header is not inserted, the behavior is same as
current implementation.
The lowest supported version included in the FMP Payload Header
is not used, the value stored in the device tree is used instead.
Signed-off-by: Masahisa Kojima <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
|
|
Add support for setting OEM flags in the capsule header. As per the
UEFI specification, bits 0-15 of the flags member of the capsule
header can be defined per capsule GUID.
The oemflags will be used for the FWU Multi Bank update feature, as
specified by the Dependable Boot specification[1]. Bit
15 of the flags member will be used to determine if the
acceptance/rejection of the updated images is to be done by the
firmware or an external component like the OS.
[1] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Acked-by: Etienne Carriere <[email protected]>
|
|
The Dependable Boot specification[1] describes the structure of the
firmware accept and revert capsules. These are empty capsules which
are used for signalling the acceptance or rejection of the updated
firmware by the OS. Add support for generating these empty capsules.
[1] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
Signed-off-by: Sughosh Ganu <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
Acked-by: Etienne Carriere <[email protected]>
|
|
While building a capsule, the GUID value of that specific image is to
be passed through the --guid command option to the mkeficapsule
tool instead of using one of --raw or --fit options, where the GUID
value passed through the command line option is the image GUID.
This renders the EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID and
EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID values superfluous. Remove the
--raw and --fit command line options as well. Also modify the
mkeficapsule man page to reflect this change.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
That code is mistakenly duplicated due to copy-and-paste error.
Just remove it.
Fixes: CID 348360
Signed-off-by: AKASHI Takahiro <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.
To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
[--fit <image> | --raw <image>] <capsule file>
NEW:
[--fit | --raw | --guid <guid-string>] <image> <capsule file>
Signed-off-by: AKASHI Takahiro <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
With this enhancement, mkeficapsule will be able to sign a capsule
file when it is created. A signature added will be used later
in the verification at FMP's SetImage() call.
To do that, we need specify additional command parameters:
-monotonic-cout <count> : monotonic count
-private-key <private key file> : private key file
-certificate <certificate file> : certificate file
Only when all of those parameters are given, a signature will be added
to a capsule file.
Users are expected to maintain and increment the monotonic count at
every time of the update for each firmware image.
Signed-off-by: AKASHI Takahiro <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
|
|
malloc() functions are declared via stdlib.h. Including malloc.h can lead
to build errors e.g. on OS-X.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Abstract common routines to make the code easily understandable.
No functional change.
Signed-off-by: AKASHI Takahiro <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
All the error messages should be printed out to stderr.
Signed-off-by: AKASHI Takahiro <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
This reverts commit d428e81266a59974ade74c1ba019af39f23304ab.
We have agreed with removing dtb-related stuff from mkeficapsule
command even if the commit 47a25e81d35c ("Revert "efi_capsule: Move
signature from DTB to .rodata"") was applied.
Signed-off-by: AKASHI Takahiro <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
This reverts commit f86caab058ff062ce72b24cd1ab9ec1253cc1352.
Signed-off-by: Simon Glass <[email protected]>
|
|
commit 322c813f4bec ("mkeficapsule: Add support for embedding public key in a dtb")
added a bunch of options enabling the addition of the capsule public key
in a dtb. Since now we embedded the key in U-Boot's .rodata we don't this
this functionality anymore
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Show short arguments along with long arguments in online help:
$ tools/mkeficapsule -h
Usage: mkeficapsule [options] <output file>
Options:
-f, --fit <fit image> new FIT image file
-r, --raw <raw image> new raw image file
-i, --index <index> update image index
-I, --instance <instance> update hardware instance
-K, --public-key <key file> public key esl file
-D, --dtb <dtb file> dtb file
-O, --overlay the dtb file is an overlay
-h, --help print a help message
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Use %z when printing size_t values. This avoids errors on 32-bit
machines.
Signed-off-by: Simon Glass <[email protected]>
Use a conversion to size_t for printing stat.st_size.
Reviewed-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Fix a missing comma sign (,) from a printf(), that is only
reachable if DEBUG is defined, in which case the build fails with:
tools/mkeficapsule.c:266:36: error: expected β)β before βbinβ
266 | printf("\tbin: %s\n\ttype: %pUl\n" bin, guid);
| ^~~~
| )
Signed-off-by: Klaus Heinrich Kiwi <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
Miscellaneous fixes in the mkeficapsule utility -- these include a few
resource leak issues flagged by Coverity along with some additional
code improvements suggested by Heinrich during code review.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
Fill reserved members of efi_firmware_management_capsule_image_header
structure with zero's for safety.
Signed-off-by: AKASHI Takahiro <[email protected]>
Fixes: CID 316354
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
Add options for embedding the public key esl(efi signature list) file
to the platform's dtb. The esl file is then retrieved and used for
authenticating the capsule to be used for updating firmare components
on the platform.
The esl file can now be embedded in the dtb by invoking the following
command
mkeficapsule -K <pub_key.esl> -D <dtb>
In the scenario where the esl file is to be embedded in an overlay,
this can be done through the following command
mkeficapsule -O -K <pub_key.esl> -D <dtb>
This will create a node named 'signature' in the dtb, and the esl file
will be stored as 'capsule-key'
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
The test can run on sandbox build and it attempts to execute a firmware
update via a capsule-on-disk, using a FIT image capsule,
CONFIG_EFI_CAPSULE_FIT.
To run this test successfully, you need configure U-Boot specifically;
See test_capsule_firmware.py for requirements, and hence it won't run
on Travis CI, at least, for now.
Signed-off-by: AKASHI Takahiro <[email protected]>
|
|
This is a utility mainly for test purpose.
mkeficapsule -f: create a test capsule file for FIT image firmware
Having said that, you will be able to customize the code to fit
your specific requirements for your platform.
Signed-off-by: AKASHI Takahiro <[email protected]>
|
