| Age | Commit message (Collapse) | Author |
|---|
|
This includes information about sandbox which is not relevant for most
boards. Drop it.
Also add the address to help figure out the problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
In the function rsa_verify_hash, if the "main" key doesn't
work, u-boot try others keys. But it searches those keys
in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
The field Media.LastBlock of the EFI_BLOCK_IO_PROTOCOL.Media was filled
incorrectly both for block devices as well as for partitions.
The field must be filled with the index of the last logical block (LBA):
* block devices: device size minus 1
* partitions: partition size minus 1
Reported-by: Alexander von Gluck IV <kallisti5@unixzen.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
The UEFI specification requires event notification levels to be
> TPL_APPLICATION and <= TPL_HIGH_LEVEL.
With the patch the CreateEvent() and CreatedEventEx() services are changed
to check that the notification level is not TPL_APPLICATION.
Reference:
UEFI Specification 2.8 Errata B, table 27 "TPL Restrictions",
"Event Notification Levels"
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
CID 316361 says:
> Passing argument "count * 8UL /* sizeof (*files) */" to
> function "dlmalloc" and then casting the return value to "u16 **" is
> suspicious. In this particular case "sizeof (u16 **)" happens to be equal
> to "sizeof (u16 *)", but this is not a portable assumption.
> > 767 tmp_files = malloc(count * sizeof(*files));
The change in this patch fixes the ambiguity.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: CID 316361
For readability use *tmp_files instead of tmp_files[0]
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Use the correct GUID when closing the file load protocol.
Remove an unnecessary check (Coverity CID 316363).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2021-04-rc1-2
* Provide a test tool for initial RAM disk provided via load file2 protocol.
* Make more items configurable to reduce code size:
* Boot manager
* EFI_DT_FIXUP_PROTOCOL
* EFI_DEVICE_PATH_UTILITIES_PROTOCOL
* Bug fixes
* avoid EFI runtime symbols in global symbol table
|
|
Atish reports that on RISC-V, accessing the EFI variables causes
a kernel panic. An objdump of the file verifies that, since the
global pointer for efi_var_buf ends up in .GOT section which is
not mapped in virtual address space for Linux.
<snip of efi_var_mem_find>
0000000000000084 <efi_var_mem_find>:
84: 715d addi sp,sp,-80
* objdump -dr
0000000000000086 <.LCFI2>:
86: e0a2 sd s0,64(sp)
88: fc26 sd s1,56(sp)
8a: e486 sd ra,72(sp)
8c: f84a sd s2,48(sp)
8e: f44e sd s3,40(sp)
90: f052 sd s4,32(sp)
92: ec56 sd s5,24(sp)
94: 00000497 auipc s1,0x0
94: R_RISCV_GOT_HI20 efi_var_buf
98: 0004b483 ld s1,0(s1) # 94 <.LCFI2+0xe>
98: R_RISCV_PCREL_LO12_I .L0
98: R_RISCV_RELAX *ABS*
* objdump -t
0000000000000084 g F .text.efi_runtime 00000000000000b8 efi_var_mem_find
With the patch applied:
* objdump -dr
0000000000000086 <.LCFI2>:
86: e0a2 sd s0,64(sp)
88: fc26 sd s1,56(sp)
8a: e486 sd ra,72(sp)
8c: f84a sd s2,48(sp)
8e: f44e sd s3,40(sp)
90: f052 sd s4,32(sp)
92: ec56 sd s5,24(sp)
94: 00000497 auipc s1,0x0
94: R_RISCV_PCREL_HI20 .LANCHOR0
94: R_RISCV_RELAX *ABS*
98: 00048493 mv s1,s1
98: R_RISCV_PCREL_LO12_I .L0
98: R_RISCV_RELAX *ABS*
* objdump -t
0000000000000008 l O .data.efi_runtime 0000000000000008 efi_var_buf
On arm64 this works, because there's no .GOT entries for this
and everything is converted to relative references.
* objdump -dr (identical pre-post patch, only the new function shows up)
00000000000000b4 <efi_var_mem_find>:
b4: aa0003ee mov x14, x0
b8: 9000000a adrp x10, 0 <efi_var_mem_compare>
b8: R_AARCH64_ADR_PREL_PG_HI21 .data.efi_runtime
bc: 91000140 add x0, x10, #0x0
bc: R_AARCH64_ADD_ABS_LO12_NC .data.efi_runtime
c0: aa0103ed mov x13, x1
c4: 79400021 ldrh w1, [x1]
c8: aa0203eb mov x11, x2
cc: f9400400 ldr x0, [x0, #8]
d0: b940100c ldr w12, [x0, #16]
d4: 8b0c000c add x12, x0, x12
So let's switch efi_var_buf to static and create a helper function for
anyone that needs to update it.
Fixes: e01aed47d6a0 ("efi_loader: Enable run-time variable support for tee based variables")
Reported-by: Atish Patra <atishp@atishpatra.org>
Tested-by: Atish Patra <atish.patra@wdc.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
EFI applications must use CR LF as line endings.
Provide a print() function to reduce code size.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Provide an UEFI application to save the initial RAM disk provided by U-Boot
via the Load File2 protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
If we are using ACPI tables instead of a device tree, we don't need the
dtbdump.efi test tool.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Before overwriting an existing file ask the user.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
In EFI 1.10 a version of the Unicode collation protocol using ISO 639-2
language codes existed. This protocol is not part of the UEFI specification
any longer. It was however required to run the UEFI Self Certification Test
(SCT) II, version 2.6, 2017. So we implemented it for the sole purpose of
running the SCT.
As the SCT does not need the protocol anymore it is time for removal.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Allow the EFI_DEVICE_PATH_UTILITIES_PROTOCOL to be disabled via
configuration.
On systems that are very tight on U-Boot image size we may want to disable
the protocol. As it is required to run the UEFI Shell enable it by default.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Allow EFI_DT_FIXUP_PROTOCOL to be disabled via configuration.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Avoid a forward declaration.
Add a missing function description.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Some boards are very tight on the binary size. Booting via UEFI is possible
without using the boot manager.
Provide a configuration option to make the boot manager available.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Move all load options related functions to a new module. So that they can
be compiled independently.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
When calculating a random UUID we use a weak seed.
Use a RNG device if present to increase entropy.
Signed-off-by: Matthias Brugger <mbrugger@suse.com>
Reviewed-by: Torsten Duwe <duwe@suse.de>
|
|
- Update qemu-riscv.rst build instructions.
- Add support for SPI on Kendryte K210.
- Add Microchip PolarFire SoC Icicle Kit support.
- Add support for an early timer.
- Select TIMER_EARLY to avoid infinite recursion for Trace.
|
|
When tracing functions is enabled this adds calls to
__cyg_profile_func_enter() and __cyg_profile_func_exit() to the traced
functions.
__cyg_profile_func_enter() and __cyg_profile_func_exit() invoke
timer_get_us() to record the entry and exit time.
initr_dm() will make gd->dm_root = NULL and gd->timer = NULL, so
timer_get_us() -> get_ticks() -> dm_timer_init() will lead to an
indefinite recursion.
So select TIMER_EARLY when tracing got enabled.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Rick Chen <rick@andestech.com>
|
|
Change 2 typo error in CONFIG_LIB_ELF description:
- Supoort => Support
- fir => for
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
In contrast to the C99 standard [1] our putc() takes only one argument.
[1] ISO/IEC 9899:1999
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Our ctype.h is in include/linux/
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Building fails with DEBUG=1:
lib/aes.c: In function ‘debug_print_vector’:
lib/aes.c:622:45: error:
cast from pointer to integer of different size
[-Werror=pointer-to-int-cast]
622 | printf("%s [%d] @0x%08x", name, num_bytes, (u32)data);
Pointers can only be cast to (uintptr_t). But anyway we have
%p for printing pointers.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
A common use of memmove() can be handled by memcpy(). Also memcpy()
includes an optimization for large sizes: it copies a word at a time. So
we can get a speed-up by calling memcpy() to handle our move in this case.
Update memmove() to call also memcpy() if the source don't overlap
the destination (src + count <= dest).
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
|
|
When setting aside a GPT partition for holding the U-Boot environment,
having a partition type GUID [1] indicating "Linux filesystem" (as
most tools default to) is somewhat misleading - and there's no other
well-known type GUID that is better suited. So to have a canonical
value to put into the type field, define
3de21764-95bd-54bd-a5c3-4abe786f38a8
to mean a partition holding a U-Boot environment.
This is a v5 namespace-name GUID [2], generated [3] from a namespace
of "25cbcde0-8642-47c6-a298-1a3a57cd256b" and name "U-Boot
environment".
Should future type GUIDs be defined in the context of U-Boot, it's
sensible to use that same namespace GUID.
[1] https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_type_GUIDs
[2] https://en.wikipedia.org/wiki/Universally_unique_identifier#Versions_3_and_5_(namespace_name-based)
[3] https://www.uuidtools.com/v5
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
|
|
There's no reason to require an appropriately sized output parameter
for the string, that's error-prone should the table ever grow an
element with a longer string. We can just return the const char*
pointer directly.
Update the only caller accordingly, and get rid of pointless ifdeffery
in the header so that the compiler always sees a declaration and can
thus do type-checking, whether or not PARTITION_TYPE_GUID is enabled
or not.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
|
|
The dtbdump.efi binary can already be used to dump the configuration table
with the device-tree to a file.
With this patch a device-tree file can be loaded. The EFI_DT_FIXUP_PROTOCOL
is called to
* apply U-Boot's fix-ups
* let U-Boot make memory reservations as required by the device-tree
* install the new device-tree as configuration table
In a next step this configuration table can be dumped.
A dtbdump.efi session would look like:
DTB Dump
========
=> load test.dtb
device-tree installed
=> save fixed-up.dtb
fixed-up.dtb written
=> exit
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
A boot manager like GRUB can use the protocol to
* apply U-Boot's fix-ups to the a device-tree
* let U-Boot make memory reservations according to the device-tree
* install the device-tree as a configuration table
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
In efi_mem_sort() adjacent memory regions of same type are coalesced.
Remove the remark "Merging of adjacent free regions is missing".
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
We do not want to use typedefs in U-Boot.
Do not use efi_string_t in the EFI_TEXT_OUTPUT_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Carve out a function to check that a buffer contains a PE-COFF image.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Let helloworld.efi print the device path of the boot device and the file
path as provided by the loaded image protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Implement services OpenEx(), ReadEx(), WriteEx(), FlushEx() of the
EFI_FILE_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Driver model: make some udevice fields private
Driver model: Rename U_BOOT_DEVICE et al.
dtoc: Tidy up and add more tests
ns16550 code clean-up
x86 and sandbox minor fixes for of-platdata
dtoc prepration for adding build-time instantiation
|
|
Prepare v2021.01-rc5
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
This error should not happen in normal use. Reduce the length of it to
save space in the image.
Add an empty spl.h file to sh since it appears to lack this.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Most drivers use these access methods but a few do not. Update them.
In some cases the access is not permitted, so mark those with a FIXME tag
for the maintainer to check.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Acked-by: Pratyush Yadav <p.yadav@ti.com>
|
|
Typedefs should not be used in U-Boot and structs should be lower case.
Update the code to use struct ns16550 consistently.
Put a header guard on the file while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
|
|
Add support for enabling uefi capsule authentication. This feature is
enabled by setting the environment variable
"capsule_authentication_enabled".
The following configs are needed for enabling uefi capsule update and
capsule authentication features on the platform.
CONFIG_EFI_HAVE_CAPSULE_SUPPORT=y
CONFIG_EFI_CAPSULE_ON_DISK=y
CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT=y
CONFIG_EFI_CAPSULE_FIRMWARE=y
CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_EFI_CAPSULE_AUTHENTICATE=y
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
Add support for authenticating uefi capsules. Most of the signature
verification functionality is shared with the uefi secure boot
feature.
The root certificate containing the public key used for the signature
verification is stored as part of the device tree blob. The root
certificate is stored as an efi signature list(esl) file -- this file
contains the x509 certificate which is the root certificate.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
The efi_sigstore_parse_sigdb function reads the uefi authenticated
variable, stored in the signature database format and builds the
signature store structure. Factor out the code for building
the signature store. This can then be used by the capsule
authentication routine to build the signature store even when the
signature database is not stored as an uefi authenticated variable
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
The pkcs7 header parsing functionality is pretty generic, and can be
used by other features like capsule authentication. Make the function
an extern, also changing it's name to efi_parse_pkcs7_header
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
When building the capsule using scripts in edk2, a fmp header is
added on top of the binary payload. Add logic to detect presence of
the header. When present, the pointer to the image needs to be
adjusted as per the size of the header to point to the actual binary
payload.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
RFC 2315 Section 9.3 describes the message digesting process. The
digest calculated depends on whether the authenticated attributes are
present. In case of a scenario where the authenticated attributes are
present, the message digest that gets signed and is part of the pkcs7
message is computed from the auth attributes rather than the contents
field.
Check if the auth attributes are present, and if set, use the auth
attributes to compute the hash that would be compared with the
encrypted hash on the pkcs7 message.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
When a new event is queued we have to process the event queue by calling
efi_process_event_queue(). But there is not reason to call the function
when the event is not queueable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Although the function description states the caller must provide a
sufficient buffer, it's better to have in function checks that the
destination buffer can hold the intended value.
So let's add an extra argument with the buffer size and check that
before doing any copying.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Up to now we install the EFI_LOAD_FILE2_PROTOCOL to load an initrd
unconditionally. Although we correctly return various EFI exit codes
depending on the file status (i.e EFI_NO_MEDIA, EFI_NOT_FOUND etc), the
kernel loader only falls back to the cmdline interpreted initrd if the
protocol is not installed.
This creates a problem for EFI installers, since they won't be able to
load their own initrd and start the installation.
A following patch introduces a different logic where we search for an
initrd path defined in an EFI variable named 'Initrd####'.
If the bootmgr is used to launch the EFI payload, we'll will try to match
the BootCurrent value and find the corresponding initrd
(i.e Boot0000 -> Initrd0000 etc). If the file is found, we'll install
the required protocol which the kernel's efi-stub can use and load our
initrd.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
dm.h and env.h serve no purpose here. Remove them and sort the
remaining in alphabetical order.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
