Hi Sughosh, On Fri, Jun 16, 2023 at 09:56:33AM +0530, Sughosh Ganu wrote: > On Thu, 15 Jun 2023 at 11:19, Takahiro Akashi > <takahiro.aka...@linaro.org> wrote: > > > > On Thu, Jun 15, 2023 at 10:09:06AM +0530, Sughosh Ganu wrote: > > > On Wed, 14 Jun 2023 at 11:23, Takahiro Akashi > > > <takahiro.aka...@linaro.org> wrote: > > > > > > > > On Wed, Jun 14, 2023 at 10:56:23AM +0530, Sughosh Ganu wrote: > > > > > hi Takahiro, > > > > > > > > > > On Wed, 14 Jun 2023 at 09:09, Takahiro Akashi > > > > > <takahiro.aka...@linaro.org> wrote: > > > > > > > > > > > > Hi Sughosh, > > > > > > > > > > > > I think this is a good extension to mkeficapsule, but > > > > > > > > > > > > On Tue, Jun 13, 2023 at 04:08:03PM +0530, Sughosh Ganu wrote: > > > > > > > Add support for specifying the parameters needed for capsule > > > > > > > generation through a config file, instead of passing them through > > > > > > > command-line. Parameters for more than a single capsule file can > > > > > > > be > > > > > > > specified, resulting in generation of multiple capsules through a > > > > > > > single invocation of the command. > > > > > > > > > > > > > > This path is to be used for generating capsules through a make > > > > > > > target, > > > > > > > with the parameters being parsed from the config file. > > > > > > > > > > > > > > Signed-off-by: Sughosh Ganu <sughosh.g...@linaro.org> > > > > > > > --- > > > > > > > tools/Kconfig | 9 + > > > > > > > tools/Makefile | 1 + > > > > > > > tools/eficapsule.h | 110 ++++++++++++ > > > > > > > tools/mkeficapsule.c | 106 +++++++----- > > > > > > > tools/mkeficapsule_parse.c | 345 > > > > > > > +++++++++++++++++++++++++++++++++++++ > > > > > > > 5 files changed, 531 insertions(+), 40 deletions(-) > > > > > > > create mode 100644 tools/mkeficapsule_parse.c > > > > > > > > > > > > > > diff --git a/tools/Kconfig b/tools/Kconfig > > > > > > > index 539708f277..95f27b7c45 100644 > > > > > > > --- a/tools/Kconfig > > > > > > > +++ b/tools/Kconfig > > > > > > > @@ -98,6 +98,15 @@ config TOOLS_MKEFICAPSULE > > > > > > > optionally sign that file. If you want to enable UEFI > > > > > > > capsule > > > > > > > update feature on your target, you certainly need this. > > > > > > > > > > > > > > +config EFI_CAPSULE_CFG_FILE > > > > > > > + string "Path to the EFI Capsule Config File" > > > > > > > + default "" > > > > > > > + help > > > > > > > + Path to the EFI capsule config file which provides the > > > > > > > + parameters needed to build capsule(s). Parameters can be > > > > > > > + provided for multiple payloads resulting in corresponding > > > > > > > + capsule images being generated. > > > > > > > + > > > > > > > menuconfig FSPI_CONF_HEADER > > > > > > > bool "FlexSPI Header Configuration" > > > > > > > help > > > > > > > diff --git a/tools/Makefile b/tools/Makefile > > > > > > > index d793cf3bec..ef366f3d61 100644 > > > > > > > --- a/tools/Makefile > > > > > > > +++ b/tools/Makefile > > > > > > > @@ -250,6 +250,7 @@ HOSTLDLIBS_mkeficapsule += \ > > > > > > > HOSTLDLIBS_mkeficapsule += \ > > > > > > > $(shell pkg-config --libs uuid 2> /dev/null || echo > > > > > > > "-luuid") > > > > > > > hostprogs-$(CONFIG_TOOLS_MKEFICAPSULE) += mkeficapsule > > > > > > > +mkeficapsule-objs := mkeficapsule.o mkeficapsule_parse.o > > > > > > > > > > > > > > # We build some files with extra pedantic flags to try to > > > > > > > minimize things > > > > > > > # that won't build on some weird host compiler -- though there > > > > > > > are lots of > > > > > > > diff --git a/tools/eficapsule.h b/tools/eficapsule.h > > > > > > > index 072a4b5598..42e66c6d6a 100644 > > > > > > > --- a/tools/eficapsule.h > > > > > > > +++ b/tools/eficapsule.h > > > > > > > @@ -52,6 +52,38 @@ typedef struct { > > > > > > > /* flags */ > > > > > > > #define CAPSULE_FLAGS_PERSIST_ACROSS_RESET 0x00010000 > > > > > > > > > > > > > > +enum capsule_type { > > > > > > > + CAPSULE_NORMAL_BLOB = 0, > > > > > > > + CAPSULE_ACCEPT, > > > > > > > + CAPSULE_REVERT, > > > > > > > +}; > > > > > > > + > > > > > > > +/** > > > > > > > + * struct efi_capsule_params - Capsule parameters > > > > > > > + * @image_guid: Guid value of the payload input image > > > > > > > + * @image_index: Image index value > > > > > > > + * @hardware_instance: Hardware instance to be used for the image > > > > > > > + * @monotonic_count: Monotonic count value to be used for signed > > > > > > > capsule > > > > > > > + * @privkey_file: Path to private key used in capsule signing > > > > > > > + * @cert_file: Path to public key certificate used in capsule > > > > > > > signing > > > > > > > + * @input_file: Path to payload input image > > > > > > > + * @capsule_file: Path to the output capsule file > > > > > > > + * @oemflags: Oemflags to be populated in the capsule header > > > > > > > + * @capsule: Capsule Type, normal or accept or revert > > > > > > > + */ > > > > > > > +struct efi_capsule_params { > > > > > > > + efi_guid_t *image_guid; > > > > > > > + unsigned long image_index; > > > > > > > + unsigned long hardware_instance; > > > > > > > + uint64_t monotonic_count; > > > > > > > + char *privkey_file; > > > > > > > + char *cert_file; > > > > > > > + char *input_file; > > > > > > > + char *capsule_file; > > > > > > > + unsigned long oemflags; > > > > > > > + enum capsule_type capsule; > > > > > > > +}; > > > > > > > + > > > > > > > struct efi_capsule_header { > > > > > > > efi_guid_t capsule_guid; > > > > > > > uint32_t header_size; > > > > > > > @@ -113,4 +145,82 @@ struct efi_firmware_image_authentication { > > > > > > > struct win_certificate_uefi_guid auth_info; > > > > > > > } __packed; > > > > > > > > > > > > > > +/** > > > > > > > + * capsule_with_cfg_file() - Generate capsule from config file > > > > > > > + * @cfg_file: Path to the config file > > > > > > > + * > > > > > > > + * Parse the capsule parameters from the config file and use the > > > > > > > + * parameters for generating one or more capsules. > > > > > > > + * > > > > > > > + * Return: None > > > > > > > + * > > > > > > > + */ > > > > > > > +void capsule_with_cfg_file(const char *cfg_file); > > > > > > > + > > > > > > > +/** > > > > > > > + * convert_uuid_to_guid() - convert UUID to GUID > > > > > > > + * @buf: UUID binary > > > > > > > + * > > > > > > > + * UUID and GUID have the same data structure, but their binary > > > > > > > + * formats are different due to the endianness. See lib/uuid.c. > > > > > > > + * Since uuid_parse() can handle only UUID, this function must > > > > > > > + * be called to get correct data for GUID when parsing a string. > > > > > > > + * > > > > > > > + * The correct data will be returned in @buf. > > > > > > > + */ > > > > > > > +void convert_uuid_to_guid(unsigned char *buf); > > > > > > > + > > > > > > > +/** > > > > > > > + * create_empty_capsule() - Generate an empty capsule > > > > > > > + * @path: Path to the empty capsule file to be generated > > > > > > > + * @guid: Guid value of the image for which empty capsule is > > > > > > > generated > > > > > > > + * @fw_accept: Flag to specify whether to generate accept or > > > > > > > revert capsule > > > > > > > + * > > > > > > > + * Generate an empty capsule, either an accept or a revert > > > > > > > capsule to be > > > > > > > + * used to flag acceptance or rejection of an earlier executed > > > > > > > firmware > > > > > > > + * update operation. Being used in the FWU Multi Bank firmware > > > > > > > update > > > > > > > + * feature. > > > > > > > + * > > > > > > > + * Return: 0 if OK, -ve on error > > > > > > > + * > > > > > > > + */ > > > > > > > +int create_empty_capsule(char *path, efi_guid_t *guid, bool > > > > > > > fw_accept); > > > > > > > + > > > > > > > +/** > > > > > > > + * create_fwbin - create an uefi capsule file > > > > > > > + * @path: Path to a created capsule file > > > > > > > + * @bin: Path to a firmware binary to encapsulate > > > > > > > + * @guid: GUID of related FMP driver > > > > > > > + * @index: Index number in capsule > > > > > > > + * @instance: Instance number in capsule > > > > > > > + * @mcount: Monotonic count in authentication information > > > > > > > + * @private_file: Path to a private key file > > > > > > > + * @cert_file: Path to a certificate file > > > > > > > + * @oemflags: Capsule OEM Flags, bits 0-15 > > > > > > > + * > > > > > > > + * This function actually does the job of creating an uefi > > > > > > > capsule file. > > > > > > > + * All the arguments must be supplied. > > > > > > > + * If either @private_file ror @cert_file is NULL, the capsule > > > > > > > file > > > > > > > + * won't be signed. > > > > > > > + * > > > > > > > + * Return: > > > > > > > + * * 0 - on success > > > > > > > + * * -1 - on failure > > > > > > > + */ > > > > > > > +int create_fwbin(char *path, char *bin, efi_guid_t *guid, > > > > > > > + unsigned long index, unsigned long instance, > > > > > > > + uint64_t mcount, char *privkey_file, char > > > > > > > *cert_file, > > > > > > > + uint16_t oemflags); > > > > > > > + > > > > > > > +/** > > > > > > > + * print_usage() - Print the command usage string > > > > > > > + * > > > > > > > + * Prints the standard command usage string. Called in the case > > > > > > > + * of incorrect parameters being passed to the tool. > > > > > > > + * > > > > > > > + * Return: None > > > > > > > + * > > > > > > > + */ > > > > > > > +void print_usage(void); > > > > > > > + > > > > > > > #endif /* _EFI_CAPSULE_H */ > > > > > > > diff --git a/tools/mkeficapsule.c b/tools/mkeficapsule.c > > > > > > > index b71537beee..711adf0439 100644 > > > > > > > --- a/tools/mkeficapsule.c > > > > > > > +++ b/tools/mkeficapsule.c > > > > > > > @@ -31,12 +31,6 @@ efi_guid_t efi_guid_cert_type_pkcs7 = > > > > > > > EFI_CERT_TYPE_PKCS7_GUID; > > > > > > > > > > > > > > static const char *opts_short = "g:i:I:v:p:c:m:o:dhAR"; > > > > > > > > > > > > > > -enum { > > > > > > > - CAPSULE_NORMAL_BLOB = 0, > > > > > > > - CAPSULE_ACCEPT, > > > > > > > - CAPSULE_REVERT, > > > > > > > -} capsule_type; > > > > > > > - > > > > > > > static struct option options[] = { > > > > > > > {"guid", required_argument, NULL, 'g'}, > > > > > > > {"index", required_argument, NULL, 'i'}, > > > > > > > @@ -52,7 +46,16 @@ static struct option options[] = { > > > > > > > {NULL, 0, NULL, 0}, > > > > > > > }; > > > > > > > > > > > > > > -static void print_usage(void) > > > > > > > +/** > > > > > > > + * print_usage() - Print the command usage string > > > > > > > + * > > > > > > > + * Prints the standard command usage string. Called in the case > > > > > > > + * of incorrect parameters being passed to the tool. > > > > > > > + * > > > > > > > + * Return: None > > > > > > > + * > > > > > > > + */ > > > > > > > +void print_usage(void) > > > > > > > { > > > > > > > fprintf(stderr, "Usage: %s [options] <image blob> <output > > > > > > > file>\n" > > > > > > > "Options:\n" > > > > > > > @@ -400,10 +403,10 @@ static void free_sig_data(struct > > > > > > > auth_context *ctx) > > > > > > > * * 0 - on success > > > > > > > * * -1 - on failure > > > > > > > */ > > > > > > > -static int create_fwbin(char *path, char *bin, efi_guid_t *guid, > > > > > > > - unsigned long index, unsigned long instance, > > > > > > > - uint64_t mcount, char *privkey_file, char > > > > > > > *cert_file, > > > > > > > - uint16_t oemflags) > > > > > > > +int create_fwbin(char *path, char *bin, efi_guid_t *guid, > > > > > > > + unsigned long index, unsigned long instance, > > > > > > > + uint64_t mcount, char *privkey_file, char > > > > > > > *cert_file, > > > > > > > + uint16_t oemflags) > > > > > > > { > > > > > > > struct efi_capsule_header header; > > > > > > > struct efi_firmware_management_capsule_header capsule; > > > > > > > @@ -580,7 +583,21 @@ void convert_uuid_to_guid(unsigned char *buf) > > > > > > > buf[7] = c; > > > > > > > } > > > > > > > > > > > > > > -static int create_empty_capsule(char *path, efi_guid_t *guid, > > > > > > > bool fw_accept) > > > > > > > +/** > > > > > > > + * create_empty_capsule() - Generate an empty capsule > > > > > > > + * @path: Path to the empty capsule file to be generated > > > > > > > + * @guid: Guid value of the image for which empty capsule is > > > > > > > generated > > > > > > > + * @fw_accept: Flag to specify whether to generate accept or > > > > > > > revert capsule > > > > > > > + * > > > > > > > + * Generate an empty capsule, either an accept or a revert > > > > > > > capsule to be > > > > > > > + * used to flag acceptance or rejection of an earlier executed > > > > > > > firmware > > > > > > > + * update operation. Being used in the FWU Multi Bank firmware > > > > > > > update > > > > > > > + * feature. > > > > > > > + * > > > > > > > + * Return: 0 if OK, -ve on error > > > > > > > + * > > > > > > > + */ > > > > > > > +int create_empty_capsule(char *path, efi_guid_t *guid, bool > > > > > > > fw_accept) > > > > > > > { > > > > > > > struct efi_capsule_header header = { 0 }; > > > > > > > FILE *f = NULL; > > > > > > > @@ -623,19 +640,7 @@ err: > > > > > > > return ret; > > > > > > > } > > > > > > > > > > > > > > -/** > > > > > > > - * main - main entry function of mkeficapsule > > > > > > > - * @argc: Number of arguments > > > > > > > - * @argv: Array of pointers to arguments > > > > > > > - * > > > > > > > - * Create an uefi capsule file, optionally signing it. > > > > > > > - * Parse all the arguments and pass them on to create_fwbin(). > > > > > > > - * > > > > > > > - * Return: > > > > > > > - * * 0 - on success > > > > > > > - * * -1 - on failure > > > > > > > - */ > > > > > > > -int main(int argc, char **argv) > > > > > > > +static void capsule_with_cmdline_params(int argc, char **argv) > > > > > > > { > > > > > > > efi_guid_t *guid; > > > > > > > unsigned char uuid_buf[16]; > > > > > > > @@ -643,6 +648,7 @@ int main(int argc, char **argv) > > > > > > > uint64_t mcount; > > > > > > > unsigned long oemflags; > > > > > > > char *privkey_file, *cert_file; > > > > > > > + enum capsule_type capsule; > > > > > > > int c, idx; > > > > > > > > > > > > > > guid = NULL; > > > > > > > @@ -652,7 +658,7 @@ int main(int argc, char **argv) > > > > > > > privkey_file = NULL; > > > > > > > cert_file = NULL; > > > > > > > dump_sig = 0; > > > > > > > - capsule_type = CAPSULE_NORMAL_BLOB; > > > > > > > + capsule = CAPSULE_NORMAL_BLOB; > > > > > > > oemflags = 0; > > > > > > > for (;;) { > > > > > > > c = getopt_long(argc, argv, opts_short, options, > > > > > > > &idx); > > > > > > > @@ -702,20 +708,20 @@ int main(int argc, char **argv) > > > > > > > dump_sig = 1; > > > > > > > break; > > > > > > > case 'A': > > > > > > > - if (capsule_type) { > > > > > > > + if (capsule) { > > > > > > > fprintf(stderr, > > > > > > > "Select either of Accept or > > > > > > > Revert capsule generation\n"); > > > > > > > exit(1); > > > > > > > } > > > > > > > - capsule_type = CAPSULE_ACCEPT; > > > > > > > + capsule = CAPSULE_ACCEPT; > > > > > > > break; > > > > > > > case 'R': > > > > > > > - if (capsule_type) { > > > > > > > + if (capsule) { > > > > > > > fprintf(stderr, > > > > > > > "Select either of Accept or > > > > > > > Revert capsule generation\n"); > > > > > > > exit(1); > > > > > > > } > > > > > > > - capsule_type = CAPSULE_REVERT; > > > > > > > + capsule = CAPSULE_REVERT; > > > > > > > break; > > > > > > > case 'o': > > > > > > > oemflags = strtoul(optarg, NULL, 0); > > > > > > > @@ -732,21 +738,21 @@ int main(int argc, char **argv) > > > > > > > } > > > > > > > > > > > > > > /* check necessary parameters */ > > > > > > > - if ((capsule_type == CAPSULE_NORMAL_BLOB && > > > > > > > - ((argc != optind + 2) || !guid || > > > > > > > - ((privkey_file && !cert_file) || > > > > > > > - (!privkey_file && cert_file)))) || > > > > > > > - (capsule_type != CAPSULE_NORMAL_BLOB && > > > > > > > - ((argc != optind + 1) || > > > > > > > - ((capsule_type == CAPSULE_ACCEPT) && !guid) || > > > > > > > - ((capsule_type == CAPSULE_REVERT) && guid)))) { > > > > > > > + if ((capsule == CAPSULE_NORMAL_BLOB && > > > > > > > + ((argc != optind + 2) || !guid || > > > > > > > + ((privkey_file && !cert_file) || > > > > > > > + (!privkey_file && cert_file)))) || > > > > > > > + (capsule != CAPSULE_NORMAL_BLOB && > > > > > > > + ((argc != optind + 1) || > > > > > > > + (capsule == CAPSULE_ACCEPT && !guid) || > > > > > > > + (capsule == CAPSULE_REVERT && guid)))) { > > > > > > > print_usage(); > > > > > > > exit(EXIT_FAILURE); > > > > > > > } > > > > > > > > > > > > > > - if (capsule_type != CAPSULE_NORMAL_BLOB) { > > > > > > > + if (capsule != CAPSULE_NORMAL_BLOB) { > > > > > > > if (create_empty_capsule(argv[argc - 1], guid, > > > > > > > - capsule_type == > > > > > > > CAPSULE_ACCEPT) < 0) { > > > > > > > + capsule == CAPSULE_ACCEPT) > > > > > > > < 0) { > > > > > > > fprintf(stderr, "Creating empty capsule > > > > > > > failed\n"); > > > > > > > exit(EXIT_FAILURE); > > > > > > > } > > > > > > > @@ -756,6 +762,26 @@ int main(int argc, char **argv) > > > > > > > fprintf(stderr, "Creating firmware capsule > > > > > > > failed\n"); > > > > > > > exit(EXIT_FAILURE); > > > > > > > } > > > > > > > +} > > > > > > > + > > > > > > > +/** > > > > > > > + * main - main entry function of mkeficapsule > > > > > > > + * @argc: Number of arguments > > > > > > > + * @argv: Array of pointers to arguments > > > > > > > + * > > > > > > > + * Create an uefi capsule file, optionally signing it. > > > > > > > + * Parse all the arguments and pass them on to create_fwbin(). > > > > > > > + * > > > > > > > + * Return: > > > > > > > + * * 0 - on success > > > > > > > + * * -1 - on failure > > > > > > > + */ > > > > > > > +int main(int argc, char **argv) > > > > > > > +{ > > > > > > > + if (!strcmp(CONFIG_EFI_CAPSULE_CFG_FILE, "")) > > > > > > > + capsule_with_cmdline_params(argc, argv); > > > > > > > + else > > > > > > > + capsule_with_cfg_file(CONFIG_EFI_CAPSULE_CFG_FILE); > > > > > > > > > > > > I don't know where the macro, CONFIG_EFI_CAPSULE_CFG_FILE, comes > > > > > > from. > > > > > > Anyhow, as a general rule, any host tool must be as generic as it > > > > > > should not > > > > > > depend on a target's config. > > > > > > (I was told so before.) > > > > > > > > > > > > So I would suggest that you add another command line, say > > > > > > "--config-file <file>", > > > > > > to make the command generic. > > > > > > > > > > Yes, that would be something followed by most of the tools. The reason > > > > > I did not add a command-line option for the confile file is because I > > > > > want the capsule generation added as a make target. With the path to > > > > > the config file specified through the Kconfig symbol, we can invoke > > > > > 'make capsule', and it would build the capsules by parsing the > > > > > parameters from the config file, taken from the Kconfig symbol. I know > > > > > there are ways of specifying options when using a make command, but I > > > > > don't think that is a clean way of doing things. > > > > > > > > Not sure, but in your [5/7], > > > > cmd_mkeficapsule = $(objtree)/tools/mkeficapsule --config-file > > > > $(CONFIG_EFI_CAPSULE_CFG_FILE) > > > > > > > > Doesn't this change work? > > > > > > So, I tried the above suggested change. But trying to run a make > > > 'target' does not work without the .config file being present. > > > > Not sure what you meant to say here. > > Why don't you have .config when building U-Boot (or rather 'target')? > > Maybe I misunderstood your earlier comment, but I thought you were > looking to build capsules without relying on a target config.
Not exactly. The basic requirement, I believe, is that the exact same binary (with the same set of functionalities) should be generated for any host tool whatever a target's config, including tools-only_defconfig, is. Is it clear now? -Takahiro Akashi > Which I > believe cannot be done for a make target. > > -sughosh > > > > > -Takahiro Akashi > > > > > FWIW, > > > the same is the case for building tools as well. I think that is the > > > reason for the tools-only_defconfig. > > > > > > -sughosh > > > > > > > > > > > -Takahiro Akashi > > > > > > > > > > > > > Given the use case of > > > > > a make target, I hope we can use the Kconfig symbol for specifying the > > > > > config file path. > > > > > > > > > > -sughosh > > > > > > > > > > > > > > > > > -Takahiro Akashi > > > > > > > > > > > > > > > > > > > > > > > > > > exit(EXIT_SUCCESS); > > > > > > > } > > > > > > > diff --git a/tools/mkeficapsule_parse.c > > > > > > > b/tools/mkeficapsule_parse.c > > > > > > > new file mode 100644 > > > > > > > index 0000000000..ef4f3f6705 > > > > > > > --- /dev/null > > > > > > > +++ b/tools/mkeficapsule_parse.c > > > > > > > @@ -0,0 +1,345 @@ > > > > > > > +// SPDX-License-Identifier: GPL-2.0 > > > > > > > +/* > > > > > > > + * Copyright 2023 Linaro Limited > > > > > > > + */ > > > > > > > + > > > > > > > +/* > > > > > > > + * The code in this file adds parsing ability to the mkeficapsule > > > > > > > + * tool. This allows specifying parameters needed to build the > > > > > > > capsule > > > > > > > + * through the config file instead of specifying them on the > > > > > > > command-line. > > > > > > > + * Parameters can be specified for more than one payload, > > > > > > > generating the > > > > > > > + * corresponding capsule files. > > > > > > > + * > > > > > > > + * The parameters are specified in a "key:value" pair. All the > > > > > > > parameters > > > > > > > + * that are currently supported by the mkeficapsule tool can be > > > > > > > specified > > > > > > > + * in the config file. > > > > > > > + * > > > > > > > + * The example below shows four payloads. The first payload is > > > > > > > an example > > > > > > > + * of generating a signed capsule. The second payload is an > > > > > > > example of > > > > > > > + * generating an unsigned capsule. The third payload is an > > > > > > > accept empty > > > > > > > + * capsule, while the fourth payload is the revert empty > > > > > > > capsule, used > > > > > > > + * for the multi-bank firmware update feature. > > > > > > > + * > > > > > > > + * This functionality can be easily extended to generate a > > > > > > > single capsule > > > > > > > + * comprising multiple payloads. > > > > > > > + > > > > > > > + { > > > > > > > + image-guid: 02f4d760-cfd5-43bd-8e2d-a42acb33c660 > > > > > > > + hardware-instance: 0 > > > > > > > + monotonic-count: 1 > > > > > > > + payload: u-boot.bin > > > > > > > + image-index: 1 > > > > > > > + private-key: /path/to/priv/key > > > > > > > + pub-key-cert: /path/to/pub/key > > > > > > > + capsule: u-boot.capsule > > > > > > > + } > > > > > > > + { > > > > > > > + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e > > > > > > > + hardware-instance: 0 > > > > > > > + payload: u-boot.itb > > > > > > > + image-index: 2 > > > > > > > + oemflags: 0x8000 > > > > > > > + capsule: fit.capsule > > > > > > > + } > > > > > > > + { > > > > > > > + capsule-type: accept > > > > > > > + image-guid: 4ce292da-1dd8-428d-a1c2-77743ef8b96e > > > > > > > + capsule: accept.capsule > > > > > > > + } > > > > > > > + { > > > > > > > + capsule-type: revert > > > > > > > + capsule: revert.capsule > > > > > > > + } > > > > > > > +*/ > > > > > > > + > > > > > > > +#include <ctype.h> > > > > > > > +#include <limits.h> > > > > > > > +#include <stdio.h> > > > > > > > +#include <stdlib.h> > > > > > > > +#include <string.h> > > > > > > > + > > > > > > > +#include <uuid/uuid.h> > > > > > > > + > > > > > > > +#include "eficapsule.h" > > > > > > > + > > > > > > > +#define PARAMS_START "{" > > > > > > > +#define PARAMS_END "}" > > > > > > > + > > > > > > > +#define PSTART 2 > > > > > > > +#define PEND 3 > > > > > > > + > > > > > > > +#define MALLOC_FAIL_STR "Unable to allocate > > > > > > > memory\n" > > > > > > > + > > > > > > > +#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) > > > > > > > + > > > > > > > +const char *capsule_params[] = { > > > > > > > + "image-guid", "image-index", "private-key", > > > > > > > + "pub-key-cert", "payload", "capsule", > > > > > > > + "hardware-instance", "monotonic-count", > > > > > > > + "capsule-type", "oemflags" }; > > > > > > > + > > > > > > > +static unsigned char params_start; > > > > > > > +static unsigned char params_end; > > > > > > > + > > > > > > > +static void print_and_exit(const char *str) > > > > > > > +{ > > > > > > > + fprintf(stderr, "%s", str); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > +} > > > > > > > + > > > > > > > +static int param_delim_checks(char *line, unsigned char *token) > > > > > > > +{ > > > > > > > + if (!strcmp(line, PARAMS_START)) { > > > > > > > + if (params_start || !params_end) { > > > > > > > + fprintf(stderr, "Earlier params processing > > > > > > > still in progress. "); > > > > > > > + fprintf(stderr, "Can't start processing a > > > > > > > new params.\n"); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } else { > > > > > > > + params_start = 1; > > > > > > > + params_end = 0; > > > > > > > + *token = PSTART; > > > > > > > + return 1; > > > > > > > + } > > > > > > > + } else if (!strcmp(line, PARAMS_END)) { > > > > > > > + if (!params_start) { > > > > > > > + fprintf(stderr, "Cannot put end braces > > > > > > > without start braces. "); > > > > > > > + fprintf(stderr, "Please check the > > > > > > > documentation for reference config file syntax\n"); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } else { > > > > > > > + params_start = 0; > > > > > > > + params_end = 1; > > > > > > > + *token = PEND; > > > > > > > + return 1; > > > > > > > + } > > > > > > > + } else if (!params_start) { > > > > > > > + fprintf(stderr, "Params should be passed within > > > > > > > braces. "); > > > > > > > + fprintf(stderr, "Please check the documentation for > > > > > > > reference config file syntax\n"); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } > > > > > > > + > > > > > > > + return 0; > > > > > > > +} > > > > > > > + > > > > > > > +static void add_guid(efi_guid_t **guid_param, char *guid) > > > > > > > +{ > > > > > > > + unsigned char uuid_buf[16]; > > > > > > > + > > > > > > > + *guid_param = malloc(sizeof(efi_guid_t)); > > > > > > > + if (!*guid_param) > > > > > > > + print_and_exit(MALLOC_FAIL_STR); > > > > > > > + > > > > > > > + if (uuid_parse(guid, uuid_buf)) > > > > > > > + print_and_exit("Wrong guid format\n"); > > > > > > > + > > > > > > > + convert_uuid_to_guid(uuid_buf); > > > > > > > + memcpy(*guid_param, uuid_buf, sizeof(efi_guid_t)); > > > > > > > +} > > > > > > > + > > > > > > > +static void add_string(char **dst, char *val) > > > > > > > +{ > > > > > > > + *dst = strdup(val); > > > > > > > + if (!*dst) > > > > > > > + print_and_exit(MALLOC_FAIL_STR); > > > > > > > +} > > > > > > > + > > > > > > > +static void match_and_populate_param(char *key, char *val, > > > > > > > + struct efi_capsule_params > > > > > > > *param) > > > > > > > +{ > > > > > > > + int i; > > > > > > > + > > > > > > > + for (i = 0; i < ARRAY_SIZE(capsule_params); i++) { > > > > > > > + if (!strcmp(key, capsule_params[i])) { > > > > > > > + switch (i) { > > > > > > > + case 0: > > > > > > > + add_guid(¶m->image_guid, val); > > > > > > > + return; > > > > > > > + case 1: > > > > > > > + param->image_index = strtoul(val, > > > > > > > NULL, 0); > > > > > > > + if (param->image_index == ULONG_MAX) > > > > > > > + print_and_exit("Enter a > > > > > > > valid value of index bewtween 1-255"); > > > > > > > + return; > > > > > > > + case 2: > > > > > > > + add_string(¶m->privkey_file, > > > > > > > val); > > > > > > > + return; > > > > > > > + case 3: > > > > > > > + add_string(¶m->cert_file, val); > > > > > > > + return; > > > > > > > + case 4: > > > > > > > + add_string(¶m->input_file, val); > > > > > > > + return; > > > > > > > + case 5: > > > > > > > + add_string(¶m->capsule_file, > > > > > > > val); > > > > > > > + return; > > > > > > > + case 6: > > > > > > > + param->hardware_instance = > > > > > > > strtoul(val, NULL, 0); > > > > > > > + if (param->hardware_instance == > > > > > > > ULONG_MAX) > > > > > > > + print_and_exit("Enter a > > > > > > > valid hardware instance value"); > > > > > > > + return; > > > > > > > + case 7: > > > > > > > + param->monotonic_count = > > > > > > > strtoull(val, NULL, 0); > > > > > > > + if (param->monotonic_count == > > > > > > > ULLONG_MAX) > > > > > > > + print_and_exit("Enter a > > > > > > > valid monotonic count value"); > > > > > > > + return; > > > > > > > + case 8: > > > > > > > + if (!strcmp(val, "normal")) > > > > > > > + param->capsule = > > > > > > > CAPSULE_NORMAL_BLOB; > > > > > > > + else if (!strcmp(val, "accept")) > > > > > > > + param->capsule = > > > > > > > CAPSULE_ACCEPT; > > > > > > > + else if (!strcmp(val, "revert")) > > > > > > > + param->capsule = > > > > > > > CAPSULE_REVERT; > > > > > > > + else > > > > > > > + print_and_exit("Invalid > > > > > > > type of capsule"); > > > > > > > + > > > > > > > + return; > > > > > > > + case 9: > > > > > > > + param->oemflags = strtoul(val, > > > > > > > NULL, 0); > > > > > > > + if (param->oemflags > 0xffff) > > > > > > > + print_and_exit("OemFlags > > > > > > > must be between 0x0 and 0xffff\n"); > > > > > > > + return; > > > > > > > + } > > > > > > > + } > > > > > > > + } > > > > > > > + > > > > > > > + fprintf(stderr, "Undefined param %s specified. ", key); > > > > > > > + fprintf(stderr, "Please check the documentation for > > > > > > > reference config file syntax\n"); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > +} > > > > > > > + > > > > > > > +static int get_capsule_params(char *line, struct > > > > > > > efi_capsule_params *params) > > > > > > > +{ > > > > > > > + char *key = NULL; > > > > > > > + char *val = NULL; > > > > > > > + unsigned char token; > > > > > > > + > > > > > > > + if (param_delim_checks(line, &token)) > > > > > > > + return token; > > > > > > > + > > > > > > > + key = strtok(line, ":"); > > > > > > > + if (key) > > > > > > > + val = strtok(NULL, "\0"); > > > > > > > + else > > > > > > > + print_and_exit("Expect the params in a key:value > > > > > > > pair\n"); > > > > > > > + > > > > > > > + match_and_populate_param(key, val, params); > > > > > > > + > > > > > > > + return 0; > > > > > > > +} > > > > > > > + > > > > > > > +static char *skip_whitespace(char *line) > > > > > > > +{ > > > > > > > + char *ptr, *newline; > > > > > > > + > > > > > > > + ptr = malloc(strlen(line) + 1); > > > > > > > + if (!ptr) > > > > > > > + print_and_exit(MALLOC_FAIL_STR); > > > > > > > + > > > > > > > + for (newline = ptr; *line; line++) > > > > > > > + if (!isblank(*line)) > > > > > > > + *ptr++ = *line; > > > > > > > + *ptr = '\0'; > > > > > > > + return newline; > > > > > > > +} > > > > > > > + > > > > > > > +static int parse_capsule_payload_params(FILE *fp, struct > > > > > > > efi_capsule_params *params) > > > > > > > +{ > > > > > > > + char *line = NULL; > > > > > > > + char *newline; > > > > > > > + size_t n = 0; > > > > > > > + ssize_t len; > > > > > > > + > > > > > > > + while ((len = getline(&line, &n, fp)) != -1) { > > > > > > > + if (len == 1 && line[len - 1] == '\n') > > > > > > > + continue; > > > > > > > + > > > > > > > + line[len - 1] = '\0'; > > > > > > > + > > > > > > > + newline = skip_whitespace(line); > > > > > > > + > > > > > > > + if (newline[0] == '#') > > > > > > > + continue; > > > > > > > + > > > > > > > + if (get_capsule_params(newline, params) == PEND) > > > > > > > + return 0; > > > > > > > + } > > > > > > > + > > > > > > > + if (errno == EINVAL || errno == ENOMEM) { > > > > > > > + fprintf(stderr, "getline() returned an error %s > > > > > > > reading the line\n", > > > > > > > + strerror(errno)); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } else if (params_start == 1 || params_end == 0) { > > > > > > > + fprintf(stderr, "Params should be passed within > > > > > > > braces. "); > > > > > > > + fprintf(stderr, "Please check the documentation for > > > > > > > reference config file syntax\n"); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } else { > > > > > > > + return -1; > > > > > > > + } > > > > > > > +} > > > > > > > + > > > > > > > +static void params_dependency_check(struct efi_capsule_params > > > > > > > *params) > > > > > > > +{ > > > > > > > + /* check necessary parameters */ > > > > > > > + if ((params->capsule == CAPSULE_NORMAL_BLOB && > > > > > > > + ((!params->input_file || !params->capsule_file || > > > > > > > + !params->image_guid) || > > > > > > > + ((params->privkey_file && !params->cert_file) || > > > > > > > + (!params->privkey_file && params->cert_file)))) || > > > > > > > + (params->capsule != CAPSULE_NORMAL_BLOB && > > > > > > > + (!params->capsule_file || > > > > > > > + (params->capsule == CAPSULE_ACCEPT && > > > > > > > !params->image_guid) || > > > > > > > + (params->capsule == CAPSULE_REVERT && > > > > > > > params->image_guid)))) { > > > > > > > + print_usage(); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } > > > > > > > +} > > > > > > > + > > > > > > > +static void generate_capsule(struct efi_capsule_params *params) > > > > > > > +{ > > > > > > > + if (params->capsule != CAPSULE_NORMAL_BLOB) { > > > > > > > + if (create_empty_capsule(params->capsule_file, > > > > > > > + params->image_guid, > > > > > > > + params->capsule == > > > > > > > + CAPSULE_ACCEPT) < 0) > > > > > > > + print_and_exit("Creating empty capsule > > > > > > > failed\n"); > > > > > > > + } else if (create_fwbin(params->capsule_file, > > > > > > > params->input_file, > > > > > > > + params->image_guid, > > > > > > > params->image_index, > > > > > > > + params->hardware_instance, > > > > > > > + params->monotonic_count, > > > > > > > + params->privkey_file, > > > > > > > + params->cert_file, > > > > > > > + (uint16_t)params->oemflags) < 0) { > > > > > > > + print_and_exit("Creating firmware capsule > > > > > > > failed\n"); > > > > > > > + } > > > > > > > +} > > > > > > > + > > > > > > > +/** > > > > > > > + * capsule_with_cfg_file() - Generate capsule from config file > > > > > > > + * @cfg_file: Path to the config file > > > > > > > + * > > > > > > > + * Parse the capsule parameters from the config file and use the > > > > > > > + * parameters for generating one or more capsules. > > > > > > > + * > > > > > > > + * Return: None > > > > > > > + * > > > > > > > + */ > > > > > > > +void capsule_with_cfg_file(const char *cfg_file) > > > > > > > +{ > > > > > > > + FILE *fp; > > > > > > > + struct efi_capsule_params params = { 0 }; > > > > > > > + > > > > > > > + fp = fopen(cfg_file, "r"); > > > > > > > + if (!fp) { > > > > > > > + fprintf(stderr, "Unable to open the capsule config > > > > > > > file %s\n", > > > > > > > + cfg_file); > > > > > > > + exit(EXIT_FAILURE); > > > > > > > + } > > > > > > > + > > > > > > > + params_start = 0; > > > > > > > + params_end = 1; > > > > > > > + > > > > > > > + while (parse_capsule_payload_params(fp, ¶ms) != -1) { > > > > > > > + params_dependency_check(¶ms); > > > > > > > + generate_capsule(¶ms); > > > > > > > + > > > > > > > + memset(¶ms, 0, sizeof(struct > > > > > > > efi_capsule_params)); > > > > > > > + } > > > > > > > +} > > > > > > > -- > > > > > > > 2.34.1 > > > > > > >