Secure Firmware Update

Introduction

The Reference Software Stack implements Secure Firmware Update following the Platform Security Firmware Update Specification. The following firmware images are included:

  • RSE BL2 image

  • RSE Runtime image

  • SCP RAM Firmware (SCP RAMFW) image

  • Safety Island Cluster 0 (SI CL0) image

  • Safety Island Cluster 1 (SI CL1) image

  • Safety Island Cluster 2 (SI CL2) image

  • Primary Compute FIP (Firmware Image Package) image

The new images are accepted in the form of a UEFI capsule.

Authentication

An optional feature of the Platform Security Firmware Update Specification implemented in the Reference Software Stack is the authentication of UEFI update capsules. A capsule is prepended with a verification signature by the platform owner. The public key of the key pair used to generate the signature is stored as part of the X509 certificate. With this, unsigned or tampered-with capsules submitted for an update are rejected.

Architecture

As standardized in the Platform Security Firmware Update Specification, each one of the RSE flash and secure flash is divided into two banks, where one bank has the currently running images and the other bank is used for staging new images. The flash layouts are shown in the following figures.

RSE Flash Layout

  • MBR: Master Boot Record

  • GPT: GUUID Partition Table

  • FWU MetaData: Used for RSE BL1 to select the correct bank to load and boot the RSE BL2.

  • FWU Private MetaData: Used for the RSE BL2 to select the correct bank to load and boot the SCP, SI, and the Primary Compute BL2.

Primary Compute Secure Flash Layout

  • MetaData: Used for the Primary Compute BL2 to select the correct bank to load and boot the Primary Compute BL31, BL32, BL33 etc.

The following diagram illustrates the components and data flow that implement the Secure Firmware Update.

Secure Firmware Update Architecture

A typical Secure Firmware Update process can be described in the following steps:

  1. The capsule image is generated by U-Boot’s mkeficapsule tool and stored on the disk of the Primary Compute for the UEFI UpdateCapsule runtime service to access.

  2. The firmware upgrade process is initiated from the UEFI UpdateCapsule runtime service.

  3. U-Boot verifies the capsule’s signature against the stored public key. Once verified, the capsule image is read and copied from the Primary Compute disk to the Shared Memory between the Primary Compute and RSE.

  4. The Capsule Update service in SE Proxy SP handles the firmware update request. It then sends a request to the RSE Platform Runtime Service to handle the firmware update request.

  5. Once the RSE Platform service receives the firmware update request it validates the capsule’s header, the image version, and the image counters before copying the image from the Shared Memory to the RSE flash. Finally, it updates the image to Bank-0 or Bank-1 of the RSE flash and Primary Compute Secure Flash.

  6. The system will reset after a successful firmware update and boot from the bank with the new firmware images. If the firmware update fails, when the user restarts the system from the UEFI shell the system will boot from the bank with the original firmware images.