summaryrefslogtreecommitdiffstats
path: root/Documentation/devicetree/bindings/barebox/barebox,state.rst
blob: 2893937820d7d01c1ff70cc01d57aff590c466eb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
.. _barebox,state:

Barebox state
=============

A *state* variable set can be fully described as a devicetree based *state* node.
This *state* node could be part of the regular platform's devicetree blob or it
could be an extra devicetree solely for the *state*.

Devicetree *state* Node
-----------------------

A *state* node contains a description of a set of variables along with a
place where the variable set gets stored.

Required Properties
###################

* ``compatible``: should be ``barebox,state``
* ``magic``: a 32bit number
* ``backend``: phandle to persistent memory
* ``backend-type``: defines the *state* variable set storage format
* additionally a *state* node must have an alias in the ``/aliases`` node pointing
  to it.

.. _barebox,state_magic:

The ``magic`` property is a unique number which identifies the *state* variable
set's variable types and their layout. It should be kept stable as long as the
variable types and the layout are kept stable. It should also be kept stable
if new trailing variables are added to the existing layout to be backward
compatible. Only if the *state* variable set's variable types and/or their layout
change, the ``magic`` property's number must be changed to be unique again
with the new *state* variable set's content.

.. important:: You should not use the values 0x2354fdf3 and 0x14fa2d02 for your
   magic value. They're already reserved by the ``direct`` and ``circular``
   storage backends.

The ``backend`` property uses the *phandle* mechanism to link the *state* to
a real persistent memory. Refer :ref:`Backend <state_framework,backends>` for
supported persistent memories.

The ``backend-type`` should be ``raw`` or ``dtb``. Refer
:ref:`Backend Types <state_framework,backend_types>` for further details.

Optional Properties
###################

* ``backend-stridesize``: stride counted in bytes. See note below.
* ``backend-storage-type``: Defines the backend storage type to ``direct``,
  ``circular`` or ``noncircular``. If the backend memory needs to be erased
  prior a write it defaults to the ``circular`` storage backend type, for backend
  memories like RAMs or EEPROMs it defaults to the ``direct`` storage backend type.
* ``algo``: A HMAC algorithm used to detect manipulation of the data
  or header, sensible values follow this pattern ``hmac(<HASH>)``,
  e.g. ``hmac(sha256)``. Only available for the ``backend-type`` ``raw``.
* ``keep-previous-content``: Check if a the bucket meta magic field contains
  other data than the magic value. If so, the backend will not write the state
  to prevent unconditionally overwrites of existing data.

.. note:: For the ``backend-storage-type`` the keyword ``noncircular`` is still
   supported as a fall back to an old storage format. Recommendation is to not
   use this type anymore.

.. _barebox,state_backend_stridesize:

The ``backend-stridesize`` is still optional but required whenever the
underlying backend doesn't provide an information how to pad an instance of a
*state* variable set. This is valid for all underlying backends which support
writes on a byte-by-byte manner or don't have eraseblocks (EEPROM, SRAM and NOR
type flash backends).
The ``backend-stridesize`` value is used by the ``direct`` backend storage type
to place the redundant *state* variable set copies side by side in the backend.
And it's used by the ``circular`` backend storage type to place the *state*
variable set copies side by side into the eraseblock.
You should calculate the ``backend-stridesize`` value very carefully based on
the used ``backend-type``, the size of the used backend (e.g. partition size
for example) and its eraseblock size. Refer
:ref:`Backend Types <state_framework,backend_types>`.

.. note:: It might be useful to add some spare space to the
   ``backend-stridesize`` to ensure the ability to extend the *state* variable
   set later on.

.. _barebox,state_variable:

Variable Subnodes
-----------------

These are subnodes of a *state* node each describing a single
variable. The node name may end with ``@<ADDRESS>``, but the suffix is
stripped from the variable name.

State variables have a type. Currenty supported types are: ``uint8``,
``uint32``, ``enum32``, ``mac`` address or ``string`` (fixed length string).
Variable length strings are not planned.

Required Properties
###################

* ``reg``: Standard ``reg`` property with ``#address-cells = <1>`` and
  ``#size-cells = <1>``. Defines the ``offset`` and ``size`` of the
  variable in the ``raw`` backend. ``size`` **must fit** the node
  ``type``. Variables are not allowed to overlap.
* ``type``: Should be ``uint8``, ``uint32``, ``enum32``, ``mac``
  or ``string`` for the type of the variable
* ``names``: For ``enum32`` values only, this specifies the possible values for
  ``enum32``.

Optional Properties
###################

* ``default``: The default value if the variable's content cannot be read from
  the backend. For ``enum32`` values it is an integer representing an offset
  into the names array.

.. note:: Since the ``default`` property is optional, keep in mind you may need
   a valid default value if other instances (like the bootchooser for example)
   depends on it. Due to this, a ``default`` might be a required property instead.

Variable Examples
#################

``uint8``:

.. code-block:: text

   uint8_example@0 {
       reg = <0x0 0x1>;
       type = "uint8";
       default = <0x00>;
   };

``uint32``:

.. code-block:: text

   uint32_example@0 {
       reg = <0x0 0x4>;
       type = "uint32";
       default = <100>;
   };

``enum32``:

.. code-block:: text

   enum_example@0 {
       reg = <0x0 0x4>;
       type = "enum32";
       names = "value#1", "value#2";
       default = <1>; /* selects "value#2" as the default */
   };

``mac``:

.. code-block:: text

   mac_example@0 {
       reg = <0x0 0x6>;
       type = "mac";
   };

Since a 'MAC' is a unique system identifier it makes no sense for a default
value here. It must be set individually at run-time instead.

``string``:

.. code-block:: text

   name {
       reg = <0x0 0x10>;
       type = "string";
   };

In this example the length of the string is limited to 16 characters.

.. _barebox,state_hmac:

HMAC
----

With the optional property ``algo = "hmac(<HASH>)";`` an HMAC algorithm
can be defined to detect unauthorized modification of the state's variable set
header and/or data. For this to work the HMAC and the selected hash
algorithm have to be compiled into barebox.

The shared secret for the HMAC is requested via
``keystore_get_secret()``, using the state's name, from the barebox
simple keystore. It's up to the developer to populate the keystore via
``keystore_set_secret()`` in beforehand. Refer :ref:`command_keystore` for
further details.

.. _barebox,state_setup:

Configuring the *state* variable set
------------------------------------

Since the *state* variable set is intended to be shared between the bootloader
and the kernel, the view to the *state* variable set must be the same in both
worlds.

This can be achieved by defining all *state* variable set related definitions
inside the barebox's devicetree only. It's **not** required to keep and maintain
the same information inside the Linux kernel's devicetree again.

When barebox is instructed to load and forward a devicetree to a Linux kernel
to be started, it "silently" copies all *state* variable set related definitions
from its own devicetree into the Linux kernel devicetree. This way both worlds
behave the same when *state* variable sets should be read or modified.

In order to enable barebox to copy the required information to a dedicated
location inside the Linux kernel devicetree the name of the memory node to
store the *state* variable set must be the same in the barebox's devicetree
and the operating system's devicetree.

With this "interconnection" barebox extends the operating system's devicetree
with:

- the layout and variable definition of the *state* variable set (in case of
  the ``raw`` backend-type)
- the store definition (backend type, backend storage type and so on)
- partitioning information for the persistent memory in question (on demand)
- the connection between the backend and the memory (device, partition)

Example:

Lets assume the barebox's devicetree uses the name ``persistent_state_memory@01``
to define its own *state* variable set backend.

Barebox's devicetree defines:

.. code-block:: text

   persistent_state_memory@01 {
       compatible = "somevalue";
       reg = <1>;

       #address-cells = <1>;
       #size-cells = <1>;

       state: partition@0 {
            label = "state";
            reg = <0x0 0x100>;
       };
   };

The operating system's devicetree defines instead:

.. code-block:: text

   persistent_state_memory@01 {
       compatible = "somevalue";
       reg = <1>;
   };