Remove the duplicate code in efi_do_enter() and use efi_start_image() to
start the image invoked by the bootefi command.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>

Up to now efi_load_pe() returns the entry point or NULL in case of an
error. This does not allow to return correct error codes from LoadImage().

Let efi_load_pe() return a status code and fill in the entry point in the
corresponding field of the image object.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>

Refactor the switch from supervisor to hypervisor to a new function called
at the beginning of do_bootefi().
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The function, efi_init_obj_list(), can be shared in different pseudo efi
applications, like bootefi/bootmgr as well as my efishell. Moreover, it
will be utilized to extend efi initialization, for example, my "removable
disk support" patch and "capsule-on-disk support" patch in the future.

So with this patch, it will be moved to a new file, efi_setup.c, under
lib/efi_loader and exported, making no changes in functionality.
Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org>
Remove lines deactivated by #if 1 #else
Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

debug() support supports %p to print pointers.

The debug message is unique. So there is not need to write a possibly
distracting line number.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

When calling efi_dp_from_mem() use a named constant for the memory type.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

When copying the device we must ensure that the copy does not fall into a
memory area reserved by the same.

So let's change the sequence: first create memory reservations and then
copy the device tree.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The sandbox is using a virtual address space which is neither the physical
address space of the operating system nor the virtual address space in
which Linux aplications live. The addresses used insided the flattened
device tree use this sandbox virtual address space. The EFI subsystem uses
the virtual address space of the operating system and this is where the fdt
is stored.

Fix all incorrect addresses for the fdt in cmd/bootefi.cmd.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

When allocating EFI memory pages the size in bytes has to be converted to
pages.

Provide a macro efi_size_in_pages() for this conversion.
Use it in the EFI subsystem and correct related comments.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This function can be used from do_bootefi_exec() so that we use mostly the
same code for a normal EFI application and an EFI test.

Rename the function and use it in both places.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

There is still duplicated code in efi_loader for tests and normal
operation.

Add a new bootefi_run_prepare() function which holds common code used to
set up U-Boot to run EFI code. Make use of this from the existing
bootefi_test_prepare() function, as well as do_bootefi_exec().

Also shorten a few variable names.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The functions in bootefi are very long because they mix high-level code
and control with the low-level implementation. To help with this, create
functions which handle preparing for running the test and cleaning up
afterwards.

Also shorten the awfully long variable names here.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

At present a few error conditions are not checked. Before refactoring
this code, add some basic checks. Note that this code still leaks memory
in the event of error. This will be tackled after the refactor.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The "Devicetree Specification 0.2" does not prescribe that memory
reservations must be EFI page aligned. So let's not make such an
assumption in our code.

Do not carve out the pages for the device tree. This memory area is
already marked as EFI_RUNTIME_SERVICES_DATA.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

In copy_fdt() we allocate EFI pages for the fdt plus extra 12 KiB as
EFI_RUNTIME_SERVICES_DATA. Afterwards in efi_install_fdt() we overwrite
part of this memory allocation by marking it as EFI_BOOT_SERVICES_DATA.

Remove the code marking the fdt as EFI_BOOT_SERVICES_DATA.

Cf. commit 17ff6f02 ("efi_loader: store DT in EFI_RUNTIME_SERVICES_DATA
memory")
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Fix typos in EFI subsystem comments.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Factor out efi_set_bootdev() and extract efi_dp_from_name().
This function will be used to set a boot device in efishell command.
Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Rename the component parent of some EFI objects to header. This avoids
misunderstandings.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

All our handles point to a struct efi_object. So let's define the
efi_handle_t accordingly. This helps us to discover coding errors much
more easily. This becomes evident by the corrections to the usage of
handles in this patch.

Rename variable image_handle to image_obj where applicable.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

If DEBUG is defined we may be calling EFI_CALL already during the
initialization of the EFI subsystem. We must make sure efi_save_gd() has
already been called at that moment.

Anyway it is better to have this call in one location instead of three.

This fixes an illegal memory access occurring since 4e6b5d65
("efi_loader: create root node") with DEBUG = 1.

Fixes: 4e6b5d65 ("efi_loader: create root node")
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Create the handle of loaded images and the EFI_LOADED_IMAGE_PROTOCOL
inside efi_setup_loaded_image(). Do not use local variables.

Currently we expect the loaded image handle to point to the loaded image
protocol. Additionally we have appended private fields to the protocol.

With the patch the handle points to a loaded image object and the private
fields are added here. This matches how we handle the net and the gop
object.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

When running in EL3 mode on AArch64, we have to first drop to EL2
to execute a UEFI payload. When dropping down, the arguments to
the entry point have to stay identical to the ones for normal entry
though.

In commit ea54ad59 ("efi_loader: pass handle of loaded image")
we incorrectly changed that logic and had the el3 entry path diverge.
Fix it up by syncing it back to what it's supposed to be.

Fixes: ea54ad59 ("efi_loader: pass handle of loaded image")
Signed-off-by: NAlexander Graf <agraf@suse.de>
Reviewed-by: NMark Kettenis <kettenis@openbsd.org>

Currently we assign a lot of protocols to loaded images though
these protocols are not related to them. Instead they should be
installed on a separate handle. Via the device path it is the
parent to the devices like the network adapter.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

efi_set_bootdev() may be called repeatedly.
Free the memory allocated for device paths in previous calls.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Do not use a local variable for the handle backing the memory device path.
Adjust relate comments.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The number of bytes in an utf-8 string is an upper limit for the number of
words in the equivalent utf-16 string. In so far the inumbant coding works
correctly. For non-ASCII characters the utf-16 string is shorter. With the
patch only the necessary buffer size is allocated for the load options.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

At present this function takes a pointer as its argument, then passes this
to efi_allocate_pages(), which actually takes an address. It uses casts,
which are not supported on sandbox.

Also the function calculates the FDT size rounded up to the neared EFI
page size, then its caller recalculates the size and adds a bit more to
it.

This function is much better written as something that works with
addresses only, and returns both the address and the size of the relocated
FDT.

Also, copy_fdt() returns NULL on error, but really should propagate the
error from efi_allocate_pages(). To do this it needs to return an
efi_status_t, not a void *.

Update the code in this way, so that it is easier to follow, and also
supports sandbox.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Sandbox only has 128MB of memory so we cannot relocate the device tree up
to start at 128MB. Use 127MB instead, which should be safe.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Remove unused function efi_get_time_init().

Initialization of the RTC has to be done in board bring up not in the EFI
subsystem.

There is no RTC device in the UEFI spec. The RTC is only accessed through
the runtime services.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

For the boot and runtime services tables and for the system table the
crc32 has to be set in the header.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: NBin Meng <bmeng.cn@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This function currently returns an error code, but never uses it. There is
no function comment so it is not obvious why. Presuambly the error is not
important.

Update the function to explain its purpose and why it ignores the error.
Drop the useful error return value.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Reviewed-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This is a bit confusing at present since it adds 4KB to the pointer, then
rounds it up. It looks like a bug, but is not.

Move the 4KB addition into a separate statement and expand the comment.
Signed-off-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The bootefi command gets a few addresses as values passed in. In sandbox,
these values are in U-Boot address space, so we need to make sure we
explicitly call map_sysmem() on them to be able to access them.
Signed-off-by: NAlexander Graf <agraf@suse.de>
Reviewed-by: NSimon Glass <sjg@chromium.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Multiple EFI binaries may be executed in sequence.  So if we already
are in non-secure mode after running the first one we should skip
the switching code since it no longer works once we're non-secure.
Signed-off-by: NMark Kettenis <kettenis@openbsd.org>
Signed-off-by: NAlexander Graf <agraf@suse.de>

If desired (and possible) switch into HYP mode or non-secure SVC mode
before calling the entry point of an EFI application.  This allows
U-Boot to provide a usable PSCI implementation and makes it possible
to boot kernels into hypervisor mode using an EFI bootloader.

Based on diffs from Heinrich Schuchardt and Alexander Graf.
Signed-off-by: NMark Kettenis <kettenis@openbsd.org>
[agraf: Fix indentation]
Signed-off-by: NAlexander Graf <agraf@suse.de>

ACPI tables can be passed via EFI configuration table to an EFI
application. This is only supported on x86 so far.
Signed-off-by: NBin Meng <bmeng.cn@gmail.com>
Reviewed-by: NSimon Glass <sjg@chromium.org>

When we boot using memdp (bootefi on an address without previous
load that populates the device path) then the memory device path
we pass in is not backed by any handle.

That can result in weird effects. For example grub gets very grumpy
about this inside the efi_net module and just loops endlessly.

So let's expose a simple handle that the memory device path is backed
on. That way any code that looks for the device the dp is on, finds
one.
Signed-off-by: NAlexander Graf <agraf@suse.de>

Do not use anonymous constants when calling efi_allocage_pages.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The UEFI spec mandates that unaligned memory access should be enabled if
supported by the CPU architecture.

This patch adds an empty weak function unaligned_access() that can be
overridden by an architecture specific routine.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Remove a superfluous call to efi_init_obj_list() invoked by
'bootefi selftest'.
Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>