- 28 5月, 2022 1 次提交
-
-
由 AKASHI Takahiro 提交于
This helper function will be used to determine if the device is removable media, initially for handling a short-path loading. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
- 08 5月, 2022 1 次提交
-
-
由 Ilias Apalodimas 提交于
Currently we don't support sha384/512 for the X.509 certificate in dbx. Moreover if we come across such a hash we skip the check and approve the image, although the image might needs to be rejected. Rework the code a bit and fix it by adding an array of structs with the supported GUIDs, len and literal used in the U-Boot crypto APIs instead of hardcoding the GUID types. It's worth noting here that efi_hash_regions() can now be reused from efi_signature_lookup_digest() and add sha348/512 support there as well Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-
- 04 5月, 2022 1 次提交
-
-
由 AKASHI Takahiro 提交于
This function will be used in the next commit where some behavior of EFI boot manager will be expanded. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 24 4月, 2022 2 次提交
-
-
由 AKASHI Takahiro 提交于
Add efi_disk_probe() function. This function creates an efi_disk object for a raw disk device (UCLASS_BLK) and additional objects for related partitions (UCLASS_PARTITION). So this function is expected to be called through driver model's "probe" interface every time one raw disk device is detected and activated. We assume that partition devices (UCLASS_PARTITION) have been created when this function is invoked. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org>
-
由 AKASHI Takahiro 提交于
In the next commit, CONFIG_EFI_SETUP_EARLY will become mandated in order to support dynamic enumeration of efi_disk objects. This can, however, be problematic particularly in case of file-based variable storage (efi_variable.c, default). Non-volatile variables are to be restored from EFI system partition by efi_init_variables() in efi_init_obj_list(). When efi_init_obj_list() is called in board_init_r(), we don't know yet what disk devices we have since none of device probing commands (say, scsi rescan) has not been executed at that stage. So in this commit, a preparatory change is made; efi_init_obj_list() is broken into the two functions; * efi_init_early(), and * new efi_init_obj_list() Only efi_init_early() will be called in board_init_r(), which allows us to execute any of device probing commands, either though "preboot" variable or normal command line, before calling efi_init_obj_list() which is to be invoked at the first execution of an efi-related command (or at efi_launch_capsules()) as used to be. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org>
-
- 15 4月, 2022 1 次提交
-
-
由 Sughosh Ganu 提交于
Add a structure which defines the information that is needed for executing capsule updates on a platform. Some information in the structure like the dfu string is used for making the update process more robust while some information like the per platform image GUIDs is used for fixing issues. Initialise this structure in the board file, and use the information for the capsule updates. Signed-off-by: NSughosh Ganu <sughosh.ganu@linaro.org>
-
- 20 3月, 2022 5 次提交
-
-
由 Heinrich Schuchardt 提交于
The block IO protocol may be installed on any handle. We should make no assumption about the structure the handle points to. efi_disk_is_system_part() makes an illegal widening cast from a handle to a struct efi_disk_obj. Remove the function. Fixes: Fixes: 41fd5068 ("efi_loader: disk: add efi_disk_is_system_part()") Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
由 Heinrich Schuchardt 提交于
The efi_system_partition_guid is needed in multiple places. Export it. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
由 Heinrich Schuchardt 提交于
Let function efi_dp_find_obj() additionally check if a given protocol is installed on the handle relating to the device-path. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
由 Heinrich Schuchardt 提交于
efi_dp_find_obj() should not return any handle with a partially matching device path but the handle with the maximum matching device path. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
由 Heinrich Schuchardt 提交于
Rename function shorten_path() to efi_dp_shorten() and export it. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 12 3月, 2022 1 次提交
-
-
由 Heinrich Schuchardt 提交于
InstallProtocolInterface() is called with a pointer to the protocol GUID. There is not guarantee that the memory used by the caller for the protocol GUID stays allocated. To play it safe the GUID should be copied to U-Boot's internal structures. Reported-by: NJoerie de Gram <j.de.gram@gmail.com> Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 06 2月, 2022 1 次提交
-
-
由 Heinrich Schuchardt 提交于
When loading an EFI binary via the UART we assign a UART device path to it. But we lack a handle with that device path. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 04 2月, 2022 1 次提交
-
-
由 Simon Glass 提交于
At present we use wide characters for unicode but this is not necessary. Change the code to use the 'u' literal instead. This helps to fix build warnings for sandbox on rpi. Signed-off-by: NSimon Glass <sjg@chromium.org> Suggested-by: NHeinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
- 29 1月, 2022 2 次提交
-
-
由 Ilias Apalodimas 提交于
A mix of signatures and hashes in db doesn't always work as intended. Currently if the digest algorithm is not explicitly set to sha256 we stop walking the security database and reject the image. That's problematic in case we find and try to check a signature before inspecting the sha256 hash. If the image is unsigned we will reject it even if the digest matches. Since we no longer reject the image on unknown algorithms add an explicit check and reject the image if any other hash algorithm apart from sha256 is detected on dbx. Suggested-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com> Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
由 Sunil V L 提交于
This adds support for new RISCV_EFI_BOOT_PROTOCOL to communicate the boot hart ID to bootloader/kernel on RISC-V UEFI platforms. The specification of the protocol is hosted at: https://github.com/riscv-non-isa/riscv-uefiSigned-off-by: NSunil V L <sunilvl@ventanamicro.com> Reviewed-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 20 1月, 2022 1 次提交
-
-
由 Heinrich Schuchardt 提交于
Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 15 1月, 2022 1 次提交
-
-
由 Ilias Apalodimas 提交于
U-Boot, in some occasions, injects a 'kaslr-seed' property on the /chosen node. That would be problematic in case we want to measure the DTB we install in the configuration table, since it would change across reboots. The Linux kernel EFI-stub completely ignores it and only relies on EFI_RNG_PROTOCOL for it's own randomness needs (i.e the randomization of the physical placement of the kernel). In fact it (blindly) overwrites the existing seed if the protocol is installed. However it still uses it for randomizing it's virtual placement. So let's get rid of it in the presence of the RNG protocol. It's worth noting that TPMs also provide an RNG. So if we tweak our EFI_RNG_PROTOCOL slightly and install the protocol when a TPM device is present the 'kaslr-seed' property will always be removed, allowing us to reliably measure our DTB. Acked-by: NArd Biesheuvel <ardb@kernel.org> Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: NMark Kettenis <kettenis@openbsd.org>
-
- 10 12月, 2021 1 次提交
-
-
由 Masahisa Kojima 提交于
This commit modify efi_tcg2_register() to return the appropriate error. With this fix, sandbox will not boot because efi_tcg2_register() fails due to some missing feature in GetCapabilities. So disable sandbox if EFI_TCG2_PROTOCOL is enabled. UEFI secure boot variable measurement is not directly related to TCG2 protocol installation, tcg2_measure_secure_boot_variable() is moved to the separate function. Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-
- 30 11月, 2021 1 次提交
-
-
由 Ruchika Gupta 提交于
Platforms may have support to measure their initial firmware components and pass the event log to u-boot. The event log address can be passed in property tpm_event_log_addr and tpm_event_log_size of the tpm node. Platforms may choose their own specific mechanism to do so. A weak function is added to check if even log has been passed to u-boot from earlier firmware components. If available, the eventlog is parsed to check for its correctness and further event logs are appended to the passed log. Signed-off-by: NRuchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-
- 27 10月, 2021 1 次提交
-
-
由 Masahisa Kojima 提交于
This commit adds the UEFI GPT disk partition topology measurement required in TCG PC Client Platform Firmware Profile Specification Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org>
-
- 26 10月, 2021 2 次提交
-
-
由 Masahisa Kojima 提交于
TCG PC Client Platform Firmware Profile Specification requires to measure the SMBIOS table that contains static configuration information (e.g. Platform Manufacturer Enterprise Number assigned by IANA, platform model number, Vendor and Device IDs for each SMBIOS table). The device- and environment-dependent information such as serial number is cleared to zero or space character for the measurement. Existing smbios_string() function returns pointer to the string with const qualifier, but exisintg use case is updating version string and const qualifier must be removed. This commit removes const qualifier from smbios_string() return value and reuses to clear the strings for the measurement. This commit also fixes the following compiler warning: lib/smbios-parser.c:59:39: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] const struct smbios_header *header = (struct smbios_header *)entry->struct_table_address; Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org>
-
由 Heinrich Schuchardt 提交于
UEFI variable names are typically constants and hence should be defined as const. Unfortunately some of our API functions do not define the parameters for UEFI variable names as const. This requires unnecessary conversions. Adjust parameters of several internal functions to tre UEFI variable names as const. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-
- 21 10月, 2021 3 次提交
-
-
由 Heinrich Schuchardt 提交于
Parameter size is never used in function efi_dp_from_lo(). Remove it. Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-
由 Heinrich Schuchardt 提交于
Instead of copying a GUID and then using a pointer to the copy for calling guidcmp(), just pass the pointer to the orginal GUID. Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
由 Ilias Apalodimas 提交于
We are ignoring the alignment communicated via the PE/COFF header. Starting 5.10 the Linux kernel will loudly complain about it. For more details look at [1] (in linux kernel). So add a function that can allocate aligned EFI memory and use it for our relocated loaded image. [1] c32ac11da3f83 ("efi/libstub: arm64: Double check image alignment at entry") Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: NVincent Stehlé <vincent.stehle@arm.com> Acked-by: NArd Biesheuvel <ardb@kernel.org> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
- 17 8月, 2021 1 次提交
-
-
由 Heinrich Schuchardt 提交于
Use enum efi_memory_type and enum_allocate_type in the definitions of the efi_allocate_pages(), efi_allocate_pool(). In the external UEFI API leave the type as int as the UEFI specification explicitely requires that enums use a 32bit type. Signed-off-by: NHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
- 15 8月, 2021 2 次提交
-
-
由 Masahisa Kojima 提交于
TCG PC Client PFP spec requires to measure "Exit Boot Services Invocation" if ExitBootServices() is invoked. Depending upon the return code from the ExitBootServices() call, "Exit Boot Services Returned with Success" or "Exit Boot Services Returned with Failure" is also measured. Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org> Swap two ifs in efi_exit_boot_services(). efi_tcg2_notify_exit_boot_services must have EFIAPI signature. Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
由 Masahisa Kojima 提交于
TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org>
-
- 29 7月, 2021 1 次提交
-
-
由 Simon Glass 提交于
It is bad practice to put function declarations behind an #ifdef since it makes it impossible to use IS_ENABLED() in the C code. The main reason for doing this is when an empty static inline function is desired when the feature is disabled. To this end, this header provides two different versions of various functions and macros. Collect them together in one place for clarity. Allow all the rest of the header to be included, regardless of the setting of EFI_LOADER. With the inclusion of blk.h the 'struct blk_desc' declaration is unnecessary. Drop it while we are here. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
- 24 7月, 2021 1 次提交
-
-
由 AKASHI Takahiro 提交于
In the commit c982874e ("efi_loader: refactor efi_setup_loaded_image()"), setjmp-related definitions were moved to efi_loaded_image_obj in efi_loader.h. So setjmp.h is no longer refererenced in efi_api.h. This also fixes some error when efi_api.h will be included in mkeficapsule.c. Fixes: c982874e ("efi_loader: refactor efi_setup_loaded_image()") Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
- 02 7月, 2021 1 次提交
-
-
由 Ilias Apalodimas 提交于
We only install FMPs if a CapsuleUpdate is requested. Since we now have an ESRT table which relies on FMPs to build the required information, it makes more sense to unconditionally install them. This will allow userspace applications (e.g fwupd) to make use of the ERST and provide us with files we can use to run CapsuleUpdate on-disk Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
- 28 5月, 2021 1 次提交
-
-
由 Masahisa Kojima 提交于
"TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-
- 25 5月, 2021 4 次提交
-
-
由 Marek Behún 提交于
Add macro __efi_runtime_rodata, for const variables with similar purpose as those using __efi_runtime_data. Signed-off-by: NMarek Behún <marek.behun@nic.cz> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
由 Marek Behún 提交于
Document the macros __efi_runtime and __efi_runtime_data in Sphinx style. Signed-off-by: NMarek Behún <marek.behun@nic.cz> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
由 Marek Behún 提交于
When linking with LTO, the compiler complains about type mismatch of variables `__efi_runtime_start`, `__efi_runtime_stop`, `__efi_runtime_rel_start` and `__efi_runtime_rel_stop`: include/efi_loader.h:218:21: warning: type of ‘__efi_runtime_start’ does not match original declaration [-Wlto-type-mismatch] 218 | extern unsigned int __efi_runtime_start, __efi_runtime_stop; | ^ arch/sandbox/lib/sections.c:7:6: note: ‘__efi_runtime_start’ was previously declared here 7 | char __efi_runtime_start[0] __attribute__((section(".__efi_run | ^ Change the type to char[] in include/efi_loader.h. Signed-off-by: NMarek Behún <marek.behun@nic.cz> Reviewed-by: NBin Meng <bmeng.cn@gmail.com>
-
由 Marek Behún 提交于
This commit does the same thing as Linux commit 33def8498fdd. Use a more generic form for __section that requires quotes to avoid complications with clang and gcc differences. Remove the quote operator # from compiler_attributes.h __section macro. Convert all unquoted __section(foo) uses to quoted __section("foo"). Also convert __attribute__((section("foo"))) uses to __section("foo") even if the __attribute__ has multiple list entry forms. Signed-off-by: NMarek Behún <marek.behun@nic.cz> Reviewed-by: NBin Meng <bmeng.cn@gmail.com> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
- 26 3月, 2021 3 次提交
-
-
由 Jose Marinho 提交于
The ESRT is initialised during efi_init_objlist after efi_initialize_system_table(). The ESRT is recreated from scratch at the following events: - successful UpdateCapsule; - FMP instance install. The code ensures that every ESRT entry has a unique fw_class value. Limitations: - The ESRT is not updated if an FMP instance is uninstalled; - the fields image_type and flags are in the current implementation left undefined. Setting these values will require a per-platform function that returns the image_type/flags as a function of the image fw_class. CC: Heinrich Schuchardt <xypron.glpk@gmx.de> CC: Sughosh Ganu <sughosh.ganu@linaro.org> CC: AKASHI Takahiro <takahiro.akashi@linaro.org> CC: Ilias Apalodimas <ilias.apalodimas@linaro.org> CC: Andre Przywara <andre.przywara@arm.com> CC: Alexander Graf <agraf@csgraf.de> CC: nd@arm.com Signed-off-by: NJose Marinho <jose.marinho@arm.com> Remove two EFI_CALL() indirections. Move ESRT GUID in efidebug's list of GUIDs. Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
由 Ilias Apalodimas 提交于
Up to now we install EFI_LOAD_FILE2_PROTOCOL to load an initrd unconditionally. Although we correctly return various EFI exit codes depending on the file status (i.e EFI_NO_MEDIA, EFI_NOT_FOUND etc), the kernel loader, only falls back to the cmdline interpreted initrd if the protocol is not installed. This creates a problem for EFI installers, since they won't be able to load their own initrd and continue the installation. It also makes the feature hard to use, since we can either have a single initrd or we have to recompile u-boot if the filename changes. So let's introduce a different logic that will decouple the initrd path from the config option we currently have. When defining a UEFI BootXXXX we can use the filepathlist and store a file path pointing to our initrd. Specifically the EFI spec describes: "The first element of the array is a device path that describes the device and location of the Image for this load option. Other device paths may optionally exist in the FilePathList, but their usage is OSV specific" When the EFI application is launched through the bootmgr, we'll try to interpret the extra device path. If that points to a file that exists on our disk, we'll now install the load_file2 and the efi-stub will be able to use it. This opens up another path using U-Boot and defines a new boot flow. A user will be able to control the kernel/initrd pairs without explicit cmdline args or GRUB. Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
由 Ilias Apalodimas 提交于
A following patch introduces a different logic for loading initrd's based on the EFI_LOAD_FILE2_PROTOCOL. Since similar logic can be applied in the future for other system files (i.e DTBs), let's add some helper functions which will retrieve and parse file paths stored in EFI variables. Signed-off-by: NIlias Apalodimas <ilias.apalodimas@linaro.org>
-