diff options
Diffstat (limited to 'doc/develop')
| -rw-r--r-- | doc/develop/release_cycle.rst | 2 | ||||
| -rw-r--r-- | doc/develop/uefi/uefi.rst | 66 |
2 files changed, 67 insertions, 1 deletions
diff --git a/doc/develop/release_cycle.rst b/doc/develop/release_cycle.rst index c00cfaa3315..2c82783a89e 100644 --- a/doc/develop/release_cycle.rst +++ b/doc/develop/release_cycle.rst @@ -70,7 +70,7 @@ For the next scheduled release, release candidates were made on:: * U-Boot v2023.07-rc3 was released on Mon 29 May 2023. -.. * U-Boot v2023.07-rc4 was released on Mon 05 June 2023. +* U-Boot v2023.07-rc4 was released on Mon 12 June 2023. .. * U-Boot v2023.07-rc5 was released on Mon 19 June 2023. diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index ef0987c355c..6626ceec52b 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -318,6 +318,33 @@ Run the following command --guid <image GUID> \ <capsule_file_name> +The UEFI specification does not define the firmware versioning mechanism. +EDK II reference implementation inserts the FMP Payload Header right before +the payload. It coutains the fw_version and lowest supported version, +EDK II reference implementation uses these information to implement the +firmware versioning and anti-rollback protection, the firmware version and +lowest supported version is stored into EFI non-volatile variable. + +In U-Boot, the firmware versioning is implemented utilizing +the FMP Payload Header same as EDK II reference implementation, +reads the FMP Payload Header and stores the firmware version into +"FmpStateXXXX" EFI non-volatile variable. XXXX indicates the image index, +since FMP protocol handles multiple image indexes. + +To add the fw_version into the FMP Payload Header, +add --fw-version option in mkeficapsule tool. + +.. code-block:: console + + $ mkeficapsule \ + --index <index> --instance 0 \ + --guid <image GUID> \ + --fw-version 5 \ + <capsule_file_name> + +If the --fw-version option is not set, FMP Payload Header is not inserted +and fw_version is set as 0. + Performing the update ********************* @@ -510,6 +537,45 @@ where signature.dts looks like:: }; }; +Anti-rollback Protection +************************ + +Anti-rollback prevents unintentional installation of outdated firmware. +To enable anti-rollback, you must add the lowest-supported-version property +to dtb and specify --fw-version when creating a capsule file with the +mkeficapsule tool. +When executing capsule update, U-Boot checks if fw_version is greater than +or equal to lowest-supported-version. If fw_version is less than +lowest-supported-version, the update will fail. +For example, if lowest-supported-version is set to 7 and you run capsule +update using a capsule file with --fw-version of 5, the update will fail. +When the --fw-version in the capsule file is updated, lowest-supported-version +in the dtb might be updated accordingly. + +To insert the lowest supported version into a dtb + +.. code-block:: console + + $ dtc -@ -I dts -O dtb -o version.dtbo version.dts + $ fdtoverlay -i orig.dtb -o new.dtb -v version.dtbo + +where version.dts looks like:: + + /dts-v1/; + /plugin/; + &{/} { + firmware-version { + image1 { + image-type-id = "09D7CF52-0720-4710-91D1-08469B7FE9C8"; + image-index = <1>; + lowest-supported-version = <3>; + }; + }; + }; + +The properties of image-type-id and image-index must match the value +defined in the efi_fw_image array as image_type_id and image_index. + Executing the boot manager ~~~~~~~~~~~~~~~~~~~~~~~~~~ |