| Age | Commit message (Collapse) | Author |
|---|
|
Prepare v2023.04-rc4
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Add a function description.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
UEFI specification v2.10 says that
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and
EFI_UNSUPPORTED should be returned in SetVariable variable service.
Current implementation returns EFI_INVALID_PARAMETER,
let's fix the return value.
Together with above change, this commit also updates the SetVariable
attribute check to be aligned with the EDK2 reference implementation.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
This is selected by PARTITION_UUIDS which has a separate option for SPL.
Add an SPL option for LIB_UUID also, so that we can keep them consistent.
Also add one for PARTITION_TYPE_GUID to avoid a build error in part_efi.c
which wants to call a uuid function in SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This should be checking for any SPL build. Drop the use of SPL_TPL_ since
it is not necessary and will not work with split config.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add these options so these algorithms can be used in VPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This is implicitly used in the source and seems useful, so add it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add an implementation of this, moving the common call to tpm_init() up
into the common API implementation.
Add a test.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
A previous commit is adding a new tpm startup functions which
initializes the TPMv2 and performs all the needed selftests.
Since the TPM selftests might be needed depending on the requested
algorithm or functional module use that instead.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
As described in [0] if a command requires use of an untested algorithm
or functional module, the TPM performs the test and then completes the
command actions.
Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of
the TPM in that case) and even if we would, it would complicate our TPM
code for no apparent reason, add a wrapper function that performs both
the selftest and the startup sequence of the TPM.
It's worth noting that this is implemented on TPMv2.0. The code for
1.2 would look similar, but I don't have a device available to test.
[0]
https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf
§12.3 Self-test modes
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Adds CONFIG_EFI_CAPSULE_MAX to configure the max index value used in
EFI capsule reports. Prior to this change is the hard coded value was
65535 which would exceed available storage for variables. Now the
default value is 15 which should work fine with most systems.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Measures the DTB passed to the EFI application upon new boolean config
switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the
content of the DTB passed to the OS can change across reboots, there is
not point measuring it hence the config switch to allow platform to not
embed this feature.
Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
QueryVariableInfo with EFI_VARIABLE_HARDWARE_ERROR_RECORD is
accepted, remove wrong attribute check.
Fixes: 454a9442fbce ("efi_loader: update attribute check for QueryVariableInfo()")
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
We should not scan beyond the end of string name.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
In various cases logical memory blocks are coalesced; As a result doing
a strict check whether memory blocks are the same doesn't necessarily
work as a previous addition of a given block might have been merged into
a bigger block.
Fix this by considering a block is already registered if it's a pure
subset of one of the existing blocks.
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
|
|
If something is wrong with a board's timer function such that it calls
functions not marked with notrace, U-Boot will hang.
Detect this, print a message and disable the trace.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
When the early trace buffer overflows it leaves a gap in the trace buffer
between where the actual data finished and where it would have finished if
there were enough buffer space. This results in corrupted output.
Adjust the logic to resolve this and add a message when the buffer
overflows.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a few more useful items into the output. Update the buffers to use hex
consistently.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The trace does not necessarily start at the top level, so we can see it
go negative. Track this so that we can show an accurate value for the
stack depth.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Given that the compiler adds two function calls into each function, the
current spacing is overkill. Drop it down to 16 bytes per function, which
is still plenty. This saves some space in the trace buffer.
Also move the calculation into a function, so it is common code. Add a
check for gd->mon_len being unset, which breaks tracing.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
It seems better to put the TEXT_BASE value in the file header rather than
in an entry record. While it is true that there is a separate base for
pre-relocation, this can be handled by using offsets in the file.
It is useful to have a version number in case we need to change the trace
format again.
Update the header to make these changes.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Update the code slightly so that abuf can be used in U-Boot tools. It will
soon be needed for proftool.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This is a silly value at present, since U-Boot's call depth never reaches
200. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Avoid using the preprocessor with TIMER_EARLY.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2023-04-rc2
Documentation:
* Provide page with links to talks on U-Boot
UEFI:
* Enable CTRL+S to save the boot order in eficonfig command
* Run attribute check for QueryVariableInfo() only for the file store
* Bug fixes
Others:
* Improve output formatting of the coninfo command
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 10 Feb 2023 12:15:45 PM EST
# gpg: using RSA key 6DC4F9C71F29A6FA06B76D33C481DBBC2C051AC4
# gpg: Good signature from "Heinrich Schuchardt <xypron.glpk@gmx.de>" [unknown]
# gpg: aka "[jpeg image of size 1389]" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6DC4 F9C7 1F29 A6FA 06B7 6D33 C481 DBBC 2C05 1AC4
|
|
This function is not used externally and hence should be static.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
This function is not used externally.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Add missing include.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Functions that are not used externally should be static.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Define function set_shift_mask() as static as it is not used externally.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Make functions that are no used externally static.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Make functions that are not used externally static.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
num_entries should be unsigned to avoid warnings. As the target field is
u16 we should use this type.
lib/efi_loader/efi_conformance.c: In function ‘efi_ecpt_register’:
lib/efi_loader/efi_conformance.c:30:33: warning:
conversion to ‘long unsigned int’ from ‘int’ may change
the sign of the result [-Wsign-conversion]
30 | ecpt_size = num_entries * sizeof(efi_guid_t)
| ^
lib/efi_loader/efi_conformance.c:46:36: warning:
conversion from ‘int’ to ‘u16’ {aka ‘short unsigned int’}
may change value [-Wconversion]
46 | ecpt->number_of_profiles = num_entries;
| ^~~~~~~~~~~
Fixes: 6b92c1735205 ("efi: Create ECPT table")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
In program initrddump.efi function get_load_options() can be static.
This avoids a warning when building with 'make W=1':
lib/efi_loader/initrddump.c:442:6: warning:
no previous prototype for ‘get_load_options’ [-Wmissing-prototypes]
442 | u16 *get_load_options(void)
| ^~~~~~~~~~~~~~~~
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Current U-Boot supports two EFI variable service, U-Boot own
implementation and op-tee based StMM variable service.
With ACS Security Interface Extension(SIE) v22.10_SIE_REL1.1.0,
there are several failure items of QueryVariableInfo().
Current attribute check for QueryVariableInfo() was implemented
based on the Self Certification Test (SCT) II Case Specification,
June 2017, chapter 4.1.4 QueryVariableInfo().
This test case specification is outdated and don't align at all
with the SCT test case code, and UEFI specification v2.10 does
not clearly define the priority of the attribute check.
For U-Boot standard case that EFI variables are stored in a file
in the ESP, this commit modifies the attribute check to get align
to the EDK2 implementation.
For latter case(op-tee based StMM variable service), parameter check
should be delegated to StMM.
Now all ACS SIE QueryVariableInfo() test cases passed both EFI variable
storage implementations.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_ENV_WRITEABLE_LIST defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_UNICODE_COLLATION_PROTOCOL2 defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_TCG2_PROTOCOL defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_LOADER_HII defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_DEVICE_PATH_UTIL defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_APP defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Since commit 06d514d77c37 ("lmb: consider EFI memory map") the EFI regions
are also pushed into the lmb if EFI_LOADER is enabled (which is by
default on most system). Which can cause the number of entries to go
over the maximum as it's default is only 8.
Specifically i ran into this case on an TI am62 which has an fdt with
4 reserved regions (in practice 3 lmb entries due to adjecent ranges).
As this is likely to impact more devices bump the default max
regions to 16 so there is a bit more slack.
Fixes: 06d514d77c ("lmb: consider EFI memory map")
Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1207562
Reviewed-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
[trini: collect tags from the other equivalent patch]
|
|
As explained by Philippe Schenker, I was misinterpreting what happened
in the case where we do not set LMB_USE_MAX_REGIONS and so had
re-introduced the problem I was attempting to more widely resolve.
This reverts commit 007ae5d108a37564905ea1588cb279f3a522cc3d.
Reported-by: Philippe Schenker <philippe.schenker@toradex.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
When adding reserved memory areas from the EFI memory map set the NOMAP
flag when applicable. When this isn't done adding "no-map" flagged entries
from the fdt after receiving the same from the EFI memory map fails due
to non-matching flags.
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
|
|
The LMB code allows for picking a hard limit on the number of regions it
can know of, or to dynamically allocate these regions. The reason for
this choice is to allow for the compiler to perform a size optimization
in the common case. This optimization however, is very small, ranging
from 196 bytes to 15 bytes saved, or in some cases, being larger. Now
that we also have more regions covered by LMB (in order to protect
various parts of our self at run time), the default of 8 is also much
easier to hit and leads to non-obvious error messages (which imply that
an area is protected, not that we're out of areas to add to the list).
Switch to the dynamic use as the default.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
HandleProtocol() is deprecrated. According to the UEFI specification it
should be implemented as a call to OpenProtocolInterface() with a hard
coded agent handle. This implies that we would have to call
CloseProtocolInterfaces() after usage with the same handle.
Getting rid of an EFI_CALL() is also appreciated.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
There is no variable num_pages in function efi_esrt_allocate_install().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
When this fails it can be time-consuming to debug. Add some debugging
to help with this. Also try to return error codes instead of just using
-1.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
It is often useful to show an error code to give the user a clue as to
what went wrong. When error strings are compiled into U-Boot it is
possible to show a message as well.
But at present it is not very convenient, since code must check if the
error strings are present, then obtain the error string and use it in
a printf() string.
Add a %dE option which shows an error code along with an error string,
if available. This makes it easy to show one or both.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Some environment variables provide a space-separated list of strings. It
is easier to process these when they are broken out into an array of
strings.
Add a utility function to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
