From patchwork Fri Jun 16 11:34:25 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Herbrechtsmeier
 <stefan.herbrechtsmeier-oss@weidmueller.com>
X-Patchwork-Id: 1795867
X-Patchwork-Delegate: xypron.glpk@gmx.de
Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de
 (client-ip=85.214.62.61; helo=phobos.denx.de;
 envelope-from=u-boot-bounces@lists.denx.de; receiver=<UNKNOWN>)
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (1024-bit key;
 unprotected) header.d=weidmueller.onmicrosoft.com
 header.i=@weidmueller.onmicrosoft.com
 header.a=rsa-sha256 header.s=selector1-weidmueller-onmicrosoft-com
 header.b=FwB6tJIh;
	dkim-atps=neutral
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4QjHCT2NWPz20X8
	for <incoming@patchwork.ozlabs.org>; Fri, 16 Jun 2023 21:35:33 +1000 (AEST)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 562AA86265;
	Fri, 16 Jun 2023 13:34:52 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=fail (p=none dis=none) header.from=weidmueller.com
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (1024-bit key;
 unprotected) header.d=weidmueller.onmicrosoft.com
 header.i=@weidmueller.onmicrosoft.com
 header.b="FwB6tJIh";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 53C118623E; Fri, 16 Jun 2023 13:34:45 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,FORGED_SPF_HELO,SPF_HELO_PASS,T_SCC_BODY_TEXT_LINE,
 T_SPF_PERMERROR autolearn=no autolearn_force=no version=3.4.2
Received: from EUR05-VI1-obe.outbound.protection.outlook.com
 (mail-vi1eur05on2061c.outbound.protection.outlook.com
 [IPv6:2a01:111:f400:7d00::61c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 728128624E
 for <u-boot@lists.denx.de>; Fri, 16 Jun 2023 13:34:42 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none)
 header.from=weidmueller.com
Authentication-Results: phobos.denx.de; spf=pass
 smtp.mailfrom=stefan.herbrechtsmeier-oss@weidmueller.com
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=O8GFet8ZqfS8huLJv5ahksamZGkBaWhPmudPSVI8fnvP/Jk6DB6eugnnz3heoLErlXFhwJi+H+DKhJ8CClxW5V8KcQVj4O4LjSQ5PB9EwfIPfvUV5Y0Pf5ZKK1HBUnHAw6NrdhcM6y3iq635jMOl6t99xPxz6FVtkikgISR9ny/coMppbasPR/5kNhLOXcclWYPfmOu5muZuMT/2WT+DJuQxiNi30JxrmW2LX2nLNDH8F0nalW5D1XODqQC94ptY3q7tXvfB/YqD07h8v7w22bX4A4WW3hXYMnQ4EBoumRMLovd5Y49RqKNMnYAxaJNVWUh7h7iBUzjo1ohHfd9i3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=8yJiPoCijgMpMMyAma+QyflWRpfLFmxAi70gaobcYX0=;
 b=L47r9Kn2GlPjoqXchxO2aB/0InMZQt7h8/ceJJdpY+1GeIDsosUSlg+whTVJWe9Afhm4lIGl8k+ZrKV0urwO+vyXmI+jlGrUQHyknL0l5kQiJ5EtbHqnnFtPtt5pqQC6kZY+aYI7NmmC8pC6yN5OzHAhA7/t4W6Iu5nSv2zT21HVNVPVUnYh7PidgyBs0gAO9WSe/NLzjj0r9Ria7bLonuh8UzeZnyoYobCYuzHUy9qgwevguUacPxMmLE6QbrPDX+tpbZoI83WX7h4GJ7eFyxad15wzJOIpbcBmZrOUQEyXozU0Ew8gwpd4ASR6e+P31bRw8EoaGE6znoU4gFRCqQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=weidmueller.com; dmarc=pass action=none
 header.from=weidmueller.com; dkim=pass header.d=weidmueller.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=weidmueller.onmicrosoft.com; s=selector1-weidmueller-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=8yJiPoCijgMpMMyAma+QyflWRpfLFmxAi70gaobcYX0=;
 b=FwB6tJIhKjEwkzt06gRbXAkcwN2IdyOejL1I+LYXgXYujXWLTwskRtRRox7ywmHtwgg/DJ9eUwgsvqZf8cxmgIGME7BwtlRdTZu0sCAoPxCgCh0wZ8enrWtHJAfD2tek3ROW3DXBfk50BiR4H7SC/eIsozaSfJQUP6MWpqLsMzY=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=weidmueller.com;
Received: from PAXPR08MB6969.eurprd08.prod.outlook.com (2603:10a6:102:1d8::23)
 by DB9PR08MB6444.eurprd08.prod.outlook.com (2603:10a6:10:23c::11)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.29; Fri, 16 Jun
 2023 11:34:41 +0000
Received: from PAXPR08MB6969.eurprd08.prod.outlook.com
 ([fe80::7501:6f07:8ffe:f389]) by PAXPR08MB6969.eurprd08.prod.outlook.com
 ([fe80::7501:6f07:8ffe:f389%4]) with mapi id 15.20.6500.025; Fri, 16 Jun 2023
 11:34:41 +0000
From: Stefan Herbrechtsmeier <stefan.herbrechtsmeier-oss@weidmueller.com>
To: u-boot@lists.denx.de
Cc: Malte Schmidt <malte.schmidt-oss@weidmueller.com>,
 Sughosh Ganu <sughosh.ganu@linaro.org>,
 Malte Schmidt <malte.schmidt@weidmueller.com>,
 Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>,
 Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>
Subject: [PATCH 4/5] doc: uefi: update mkeficapsule documentation
Date: Fri, 16 Jun 2023 13:34:25 +0200
Message-Id: 
 <20230616113426.13976-5-stefan.herbrechtsmeier-oss@weidmueller.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: 
 <20230616113426.13976-1-stefan.herbrechtsmeier-oss@weidmueller.com>
References: 
 <20230616113426.13976-1-stefan.herbrechtsmeier-oss@weidmueller.com>
X-ClientProxiedBy: FR2P281CA0174.DEUP281.PROD.OUTLOOK.COM
 (2603:10a6:d10:9f::11) To PAXPR08MB6969.eurprd08.prod.outlook.com
 (2603:10a6:102:1d8::23)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: PAXPR08MB6969:EE_|DB9PR08MB6444:EE_
X-MS-Office365-Filtering-Correlation-Id: 692b95ad-ff13-4dc9-6f80-08db6e5dac9b
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 dNp83pf9L9Zrq0m8MGAlrhIArZ+8IYinL/qsKu5XXa37H7rBgHo/VRMmE/6VOPAYKB9DIeLGi3Qm1Mvj+O/QnRFZz0LyqfHAzLTzvHyQ8PQ6qFUBm34yguUAhkfvVfvmKzxCLS+UxbpMurhQOfkoeRZqHcwhTGI9d0ljFoX9EOmN2EKarHD0ns0xK5Mllv11jVbFBvwvHk/6/bfvN+c/W6wazxYBia8GWm0VSbacx5re2hNG1OQfQ9xKRFE2z6kiBGjW5JD9G7QoB8wXKyaPJjqW4hC0YGIIrWAb4G7TjACZeJrnRMGdL7ZRCcWDnKd+MSDnlBfJYlsUyUgEXVNntgNiWZhVBhWjrgeSctuwkayzSMAkj6B1pkrbqxzvwpMUofx8c+LfXX3nUYwHh9ylpBQ/rFnHl70nD7lVYdMhiIKefm6NJ5RO2CIKjAJKapt8D4u+GBbFMmtH9JNYnDJpF1DIDVpopw1SDSyz2RypNqM7y4tzThRjCOBwX/v6mpHPmCcIS3lZCPYZ1rcVFQr8HEm06enHWGMyQrXwiN+qZXd2Gpr9BdjD4RaWDdIKgRKuTZ3AHSjyeJLc/mLs0/uAzm/r5KNg8REvmjVPgKKut5E=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:PAXPR08MB6969.eurprd08.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(13230028)(4636009)(136003)(346002)(366004)(39860400002)(376002)(396003)(451199021)(5660300002)(54906003)(41300700001)(6486002)(8676002)(8936002)(316002)(6666004)(52116002)(186003)(6506007)(26005)(6512007)(15650500001)(478600001)(4326008)(6916009)(66556008)(66476007)(66946007)(86362001)(1076003)(38100700002)(38350700002)(2616005)(83380400001)(36756003)(2906002);
 DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 MTm0KqZP3oUUmU3fapO2rjBlhsvwcRsVRbwY3DzrOsG0arR6JCy9xpv6rvOFkWohQs/b/xNAJm/SJifQZQPPAIyaq71eBc0gZ+OkK9tEkDzOG0o3RD6TS3o2890+i4Q+9bXFV/xqRR7HoeaNgyTCVWSkgfpmVA1uKNYvYM7ReXhXGphAGf7UB9WwFKLKu0qzY1lMTwHGtmvf8OiQ8Vdeinay17EUBOd+inED8PUbeotBnjuOfT0VnKz8QQD1rD5ApWQlX25tLdP+gVvcWMkcVxuHr+6B/hF0wTjkQehVNRxGXDtN8RVnBCKgpU1etNBAnsw+tJDlzaMMTz0EOIOm8+Bg6N0hCmzjsQFKMJSUxHPv9n7uKg0Em/xcsNyWdQGfCixMfdaKLX6x3p2BSdmJt5dcKOagOjn4jlnikbTRMOY17tRV/v+W1b9MaNvCxFUZTymDDkQscte2KpLlZf9a5tUbVo7bmtb5MV9wuI9kvdubiPVrG6qeOqLUifBfUAfKHuRay4BcwGUYJ+talZddrmmLqxYqFph18bwJ2KwBRqiwJchDgvYRXHXkrXFx3UHdEpWGCSPR4xMw912O4PnGpw0XZm16OymyhZgg9AerFr/+EgXC2jYJU3qKVrhiyORNj/mUN/uPI2gig3nKCidDASGA/SsfvMlgALfBLVQyec819Obc1eOg4eoXcoy598NxRDJ9cTJChWPC3igs8jHQq+P7KqugTsAyB9rVBdibjMxuZEoAOuetUd432RgTiI9nJyhUhEm6R7ojZzNQ1mr3kQbNvx4Mwwu+iMGXoIIXi0vgWj5WQxEPstTDto8StvjF2D0LzTXFN7+C/gq0oruSDTRSXvTnantopwx+PkrDBF0s5CUjIdIL7UJqvCPBqcqszA3tULqqjb3jjjEbQzNukCUmAedIQ/81JJD38PfeIjXGjS9ZYbuAntY+p9cDpIa08AZuvxARz775PWIv9K0wHiFiOglDEnl/r5AwSDXi+MYQyyHwy7UFJbL/A2qZybhDGf/MkD6VlE/0nr678JGfbchRftO6coLCyphLF0qOkgl/bHQGbctUmNQLAv2Lfhzp01sHA9WneqYolryrJ2cccuz3TPvka2XKrFtKP94SaInIjx6+F8XjdiniDgUHl4yWru8Wh6T2iY8UBmYhhgk8kTuz2Mp6JVMBLNe6xdt286oyxw1RhfsrPV/3VyuKA1/lf6uh+76g5jTHRqspOH1uRtVu2MxQDZ+apS1OZv7jbP7zXRvmSD41bJksyz7Qp0VsLBV+ahNFZr61yRBzsNlMQ5CbmjGyjKaHWeacCgMWzypLxcoSVo0kPwf0tpN0tjZ+6XRCquByUgXcVufjkVXUjc3xopGN1MLa+B9edFwmwNKLqDWqwRBJpDer0DFywktHCp3vuhVadpLih+nj9xm7q3tH/6Up7bthUZNRAuShwHocTcwKLmpWdwkzZXDhoTDRpNVjefsbrpu5pkaXD0eD2HCIgF1U+meJ4p1ywJHcmP+plkTc28oPY1VAOQ8HhQ0qis9wOpOZBu4SBr2nNmwHU7ihDH553Q9OlaSbx1TJhp+H6cdMXtCellBnQ5yf47rEYZRQS361hf0B4exzJQfurA==
X-OriginatorOrg: weidmueller.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 692b95ad-ff13-4dc9-6f80-08db6e5dac9b
X-MS-Exchange-CrossTenant-AuthSource: PAXPR08MB6969.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jun 2023 11:34:41.3581 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: e4289438-1c5f-4c95-a51a-ee553b8b18ec
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 Kc8V+95qDKzCsd+H0rwl6iQX+l4dVp7CBaqaVFcJqb+TEdrgYdR7D9PEJhtVtPImgTp2dMoNHcNkc67cN1OfJw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR08MB6444
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de
X-Virus-Status: Clean

From: Malte Schmidt <malte.schmidt@weidmueller.com>

mkeficapsule now supports multiple blobs. Update the documentation
accordingly. Although the image blob can still be specified as
positional parameter for backwards compatibility, remove it from
the documentation to discourage its usage.

Signed-off-by: Malte Schmidt <malte.schmidt@weidmueller.com>
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
---

 doc/develop/uefi/uefi.rst | 31 +++++++++++++++++++++----------
 1 file changed, 21 insertions(+), 10 deletions(-)

diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst
index 6626ceec52..b513934d31 100644
--- a/doc/develop/uefi/uefi.rst
+++ b/doc/develop/uefi/uefi.rst
@@ -304,6 +304,7 @@ Creating a capsule file
 ***********************
 
 A capsule file can be created by using tools/mkeficapsule.
+A capsule file can contain multiple images to update.
 To build this tool, enable::
 
     CONFIG_TOOLS_MKEFICAPSULE=y
@@ -314,10 +315,14 @@ Run the following command
 .. code-block:: console
 
     $ mkeficapsule \
-      --index <index> --instance 0 \
-      --guid <image GUID> \
+      --index <index list> \
+      --instance <instance list> \
+      --guid <image GUID list> \
+      --image_blob <image_blob list> \
       <capsule_file_name>
 
+The list entries must be comma-separated.
+
 The UEFI specification does not define the firmware versioning mechanism.
 EDK II reference implementation inserts the FMP Payload Header right before
 the payload. It coutains the fw_version and lowest supported version,
@@ -337,14 +342,16 @@ add --fw-version option in mkeficapsule tool.
 .. code-block:: console
 
     $ mkeficapsule \
-      --index <index> --instance 0 \
-      --guid <image GUID> \
-      --fw-version 5 \
+      --index <index list> \
+      --instance <instance list> \
+      --guid <image GUID list> \
+      --fw-version <version list> \
       <capsule_file_name>
 
 If the --fw-version option is not set, FMP Payload Header is not inserted
 and fw_version is set as 0.
 
+
 Performing the update
 *********************
 
@@ -465,9 +472,11 @@ following command can be issued
 .. code-block:: bash
 
     $ ./tools/mkeficapsule \
-      --index 0x3 --instance 0 \
+      --index 0x3 \
+      --instance 0 \
       --guid c1b629f1-ce0e-4894-82bf-f0a38387e630 \
-      optee.bin optee.capsule
+      --image_blob optee.bin \
+      optee.capsule
 
 
 Enabling Capsule Authentication
@@ -509,9 +518,11 @@ and used by the steps highlighted below.
     $ mkeficapsule --monotonic-count 1 \
       --private-key CRT.key \
       --certificate CRT.crt \
-      --index 1 --instance 0 \
-      [--fit | --raw | --guid <guid-string] \
-      <image_blob> <capsule_file_name>
+      --index 1 \
+      --instance 0 \
+      [--fit | --raw | --guid <guid-string>] \
+      --image_blob <image_blob> \
+      <capsule_file_name>
 
 4. Insert the signature list into a device tree in the following format::