| From b99a39c662b9be5f940b895efa8016f5567e1c1f Mon Sep 17 00:00:00 2001 |
| From: Emekcan Aras <emekcan.aras@arm.com> |
| Date: Wed, 13 Sep 2023 13:55:08 +0100 |
| Subject: [PATCH] corstone1000: introduce EFI authenticated capsule update |
| |
| Introduces EFI authenticated capsule update for corstone1000. Corstone1000 |
| implements platform-specific capsule update mechanism in u-bootdue to the SoC |
| design. This patch add authenticated capsule update mechanism to the |
| platform-specific firmware-update routine. |
| |
| Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> |
| Upstream-Status: Inappropriate [Redesign of Capsule update interface is required] |
| --- |
| lib/efi_loader/efi_capsule.c | 39 ++++++++++++++++++++++++++++++++++++ |
| 1 file changed, 39 insertions(+) |
| |
| diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c |
| index 6a06605ad9..30fb7d1dd5 100644 |
| --- a/lib/efi_loader/efi_capsule.c |
| +++ b/lib/efi_loader/efi_capsule.c |
| @@ -820,6 +820,12 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule( |
| u64 scatter_gather_list) |
| { |
| struct efi_capsule_header *capsule; |
| + struct efi_firmware_management_capsule_header *capsule_header; |
| + struct efi_firmware_management_capsule_image_header *image; |
| + size_t image_binary_size; |
| + size_t tmp_capsule_payload_size=0; |
| + void *tmp_capsule_payload=NULL; |
| + void *image_binary; |
| unsigned int i; |
| efi_status_t ret; |
| |
| @@ -859,6 +865,39 @@ efi_status_t __efi_runtime EFIAPI efi_update_capsule( |
| goto out; |
| } |
| |
| + capsule_header = (void *)capsule + capsule->header_size; |
| + image = (void *)capsule_header + capsule_header->item_offset_list[0]; |
| + if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) && |
| + !(image->image_capsule_support & |
| + CAPSULE_SUPPORT_AUTHENTICATION)) { |
| + /* no signature */ |
| + log_err("Corstone1000: Capsule authentication flag check failed. Aborting update\n"); |
| + ret = EFI_SECURITY_VIOLATION; |
| + goto out; |
| + } |
| + |
| + image_binary = (void *)image + sizeof(*image); |
| + image_binary_size = image->update_image_size; |
| + if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) && |
| + (image->image_capsule_support & |
| + CAPSULE_SUPPORT_AUTHENTICATION)){ |
| + ret = efi_capsule_authenticate(image_binary, image_binary_size, |
| + &tmp_capsule_payload, |
| + &tmp_capsule_payload_size); |
| + |
| + if (ret == EFI_SECURITY_VIOLATION) { |
| + log_err("Corstone1000: Capsule authentication check failed. Aborting update\n"); |
| + goto out; |
| + } else if (ret != EFI_SUCCESS) { |
| + goto out; |
| + } |
| + |
| + log_debug("Corstone1000: Capsule authentication successful\n"); |
| + } else { |
| + log_debug("Corstone1000: Capsule authentication disabled. "); |
| + log_debug("Corstone1000: Updating capsule without authenticating.\n"); |
| + } |
| + |
| /* copy the data to the contiguous buffer */ |
| efi_memcpy_runtime(corstone1000_capsule_buf, capsule, capsule->capsule_image_size); |
| |
| -- |
| 2.17.1 |
| |