1406 Commits

Author SHA1 Message Date
Ilias Apalodimas
05c4c9e21a efi_loader: define internal implementations of install/uninstallmultiple
A following patch is cleaning up the core EFI code trying to remove
sequences of efi_create_handle, efi_add_protocol.

Although this works fine there's a problem with the latter since it is
usually combined with efi_delete_handle() which blindly removes all
protocols on a handle and deletes the handle.  We should try to adhere to
the EFI spec which only deletes a handle if the last instance of a protocol
has been removed.  Another problem is that efi_delete_handle() never checks
for opened protocols,  but the EFI spec defines that the caller is
responsible for ensuring that there are no references to a protocol
interface that is going to be removed.

So let's fix this by replacing all callsites of
efi_create_handle(), efi_add_protocol() , efi_delete_handle() with
Install/UninstallMultipleProtocol.

In order to do that redefine functions that can be used by the U-Boot
proper internally and add '_ext' variants that will be used from the
EFI API

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2022-10-06 22:54:58 +02:00
Heinrich Schuchardt
f05911a126 efi_driver: move event registration to driver
Move the registration of events for the addition and removal of block
devices to the block device driver. Here we can add a reference to the
EFI Driver Binding protocol as context.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-10-06 22:54:58 +02:00
Heinrich Schuchardt
8f8fe1d458 efi_driver: add init function to EFI block driver
For handling added and removed block devices we need to register events
which has to be done when the driver is installed.

This patch only creates an empty init function that will be filled with
code later on. The function needs to be called before any EFI block devices
are used. Move the efi_driver_init() call to early init.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-10-06 22:54:58 +02:00
Heinrich Schuchardt
16b27b67c5 efi_loader: function to unlink udevice and handle
When deleting a device or a handle we must remove the link between the two
to avoid dangling references.

Provide function efi_unlink_dev() for this purpose.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-10-06 22:54:57 +02:00
Heinrich Schuchardt
01caf28778 efi_loader: efi_dp_part_node check dp_alloc return value
dp_alloc() may return NULL. This needs to be caught.

Fixes: 98d48bdf415e ("efi_loader: provide a function to create a partition node")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-10-06 22:54:57 +02:00
Paul Barker
39434a9b25 efi: Add string conversion helper
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2022-10-06 22:54:57 +02:00
Tom Rini
2d45913534 Merge branch 'next' 2022-10-03 15:39:46 -04:00
Heinrich Schuchardt
8d805929b1 efi_loader: fix efi_initrd_deregister()
Don't try to delete a non-existent handle.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-30 02:03:23 +02:00
Simon Glass
d9d7c20b73 treewide: Drop bootm_headers_t typedef
This is not needed and we should avoid typedefs. Use the struct instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Simon Glass
8149b1500d blk: Rename if_type to uclass_id
Use the word 'uclass' instead of 'if_type' to complete the conversion.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-25 08:30:05 -06:00
Tom Rini
e9a1ff9724 Merge branch 'master' into next
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-09-19 16:07:12 -04:00
Stefan Roese
29caf9305b cyclic: Use schedule() instead of WATCHDOG_RESET()
Globally replace all occurances of WATCHDOG_RESET() with schedule(),
which handles the HW_WATCHDOG functionality and the cyclic
infrastructure.

Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com> [am335x_evm, mx6cuboxi, rpi_3,dra7xx_evm, pine64_plus, am65x_evm, j721e_evm]
2022-09-18 10:26:33 +02:00
Simon Glass
e33a5c6be5 blk: Switch over to using uclass IDs
We currently have an if_type (interface type) and a uclass id. These are
closely related and we don't need to have both.

Drop the if_type values and use the uclass ones instead.

Maintain the existing, subtle, one-way conversion between UCLASS_USB and
UCLASS_MASS_STORAGE for now, and add a comment.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-16 11:05:16 -04:00
Simon Glass
adbfe8edc3 efi: Correct assumption about if_type
efi_set_blk_dev_to_system_partition() assumes that 0 is an invalid
if_type. This is true now but is about to be false. Fix this bug to avoid
a test failure.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-16 11:05:16 -04:00
Simon Glass
ca28baf17c blk: Select SPL_LEGACY_BLOCK automatically
Selecting this option can be handled in the Kconfig option itself, as it
is with BLK. Update this an drop the various 'select' clauses.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-16 11:05:16 -04:00
Simon Glass
7f8967c2b8 blk: Rename HAVE_BLOCK_DEVICE
This option is fact really related to SPL. For U-Boot proper we always use
driver model for block devices, so CONFIG_BLK is enabled if block devices
are in use.

It is only for SPL that we have two cases:

- SPL_BLK is enabled, in which case we use driver model and blk-uclass.c
- SPL_BLK is not enabled, in which case (if we need block devices) we must
  use blk_legacy.c

Rename the symbol to SPL_LEGACY_BLOCK to make this clear. This is
different enough from BLK and SPL_BLK that there should be no confusion.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-16 11:05:16 -04:00
Masahisa Kojima
c416f1c0bc bootmenu: add removable media entries
UEFI specification requires booting from removal media using
a architecture-specific default image name such as BOOTAA64.EFI.
This commit adds the removable media entries into bootmenu,
so that user can select the removable media and boot with
default image.

The bootmenu automatically enumerates the possible bootable
media devices supporting EFI_SIMPLE_FILE_SYSTEM_PROTOCOL,
add it as new UEFI boot option(BOOT####) and update BootOrder
variable. This automatically generated UEFI boot option
has the dedicated guid in the optional_data to distinguish it from
the UEFI boot option user adds manually. This optional_data is
removed when the efi bootmgr loads the selected UEFI boot option.

This commit also provides the BOOT#### variable maintenance feature.
Depending on the system hardware setup, some devices
may not exist at a later system boot, so bootmenu checks the
available device in each bootmenu invocation and automatically
removes the BOOT#### variable corrensponding to the non-existent
media device.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2022-09-14 08:43:32 +02:00
Masahisa Kojima
87d791423a eficonfig: menu-driven addition of UEFI boot option
This commit add the "eficonfig" command.
The "eficonfig" command implements the menu-driven UEFI boot option
maintenance feature. This commit implements the addition of
new boot option. User can select the block device volume having
efi_simple_file_system_protocol and select the file corresponding
to the Boot#### variable. User can also enter the description and
optional_data of the BOOT#### variable in utf8.

This commit adds "include/efi_config.h", it contains the common
definition to be used from other menus such as UEFI Secure Boot
key management.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2022-09-14 08:43:31 +02:00
Etienne Carriere
7932548939 lib: efi_loader: don't delete invalid handles
Change efi_delete_handle() to not free EFI handles twice.

This change tries to resolved an issue seen since U-Boot v2022.07
in which ExitBootService() attempts to release some EFI handles twice.

The issue was seen booting a EFI shell that invokes 'connect -r' and
then boots a Linux kernel. Execution of connect command makes EFI
subsystem to bind a block device for each root block devices EFI handles.
However these EFI device handles are already bound to a driver and we
can have 2 registered devices relating to the same EFI handler. On
ExitBootService(), the loop removing the devices makes these EFI handles
to be released twice which corrupts memory.

This patch prevents the memory release operation caused by the issue but
but does not resolve the underlying problem.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

Add log message.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-09-09 16:07:54 +02:00
Heinrich Schuchardt
fbc04c0dab efi_loader: fix display of NVMe EUI-64
UEFI specification 2.9A requires to display the EUI-64 "in hexadecimal
format with byte 7 first (i.e., on the left) and byte 0 last".

This is in contrast to what the NVMe specification wants.
But it is what EDK II has been implementing.

Here is an example with the patch applied:

    qemu-system-aarch64 -machine virt -cpu cortex-a72 -nographic \
    -bios denx/u-boot.bin \
    -device nvme,id=nvme1,serial=9ff81223 \
    -device nvme-ns,bus=nvme1,drive=nvme1n0,eui64=0x123456789ABCDEF0 \
    -drive file=arm64.img,if=none,format=raw,id=nvme1n0

    => nvme scan
    => efidebug devices
    Device Path
    ====================
    /VenHw(…)/NVMe(0x1,f0-de-bc-9a-78-56-34-12)

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-03 10:49:17 +02:00
Jose Marinho
648a8dcb39 efi: ECPT add EBBRv2.0 conformance profile
Display the EBBRv2.0 conformance in the ECPT table.

The EBBRv2.0 conformance profile is set in the ECPT if
CONFIG_EFI_EBBR_2_0_CONFORMANCE=y.

Signed-off-by: Jose Marinho <jose.marinho@arm.com>

Add dependencies for CONFIG_EFI_EBBR_2_0_CONFORMANCE.
Enable the setting by default.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-03 10:13:26 +02:00
Jose Marinho
6b92c17352 efi: Create ECPT table
The ECPT table will be included in the UEFI specification 2.9+.
The ECPT table was introduced in UEFI following the code-first path. The
acceptance ticket can be viewed at:
	https://bugzilla.tianocore.org/show_bug.cgi?id=3591

The Conformance Profiles table is a UEFI configuration table that contains
GUID of the UEFI profiles that the UEFI implementation conforms with.

The ECPT table is created when CONFIG_EFI_ECPT=y.
The config is set by default.

Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-03 09:35:48 +02:00
Heinrich Schuchardt
e053a144ca efi_loader: support CTRL+\ - CTRL+_
In the extended text input protocol support input of control letters
0x1c - 0x1f.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-09-03 08:16:09 +02:00
Heinrich Schuchardt
0b7b56d7d7 efi_loader: compliance Simple Text Input Ex Protocol
We cannot expect the buffers passed to the input protocols to be zero
filled. If only modifier keys are pressed, we have to return EFI_NOT_READY
but we still have to fill the key structure.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-09-03 08:16:09 +02:00
Heinrich Schuchardt
a641e36fdb efi_loader: printing UEFI revision in helloworld.efi
We need to support multiple digits in the parts of the UEFI verision
number. E.g.

    EFI_SPECIFICATION_VERSION = (123 << 16) | 456

must be printed as

    123.45.6

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-09-03 08:16:09 +02:00
Heinrich Schuchardt
d5391bf02b efi_loader: ensure all block devices are probed
Only probed block devices are available in the UEFI sub-system. Multiple
block devices may be involved in the boot process. So we have to make sure
that all block devices are probed. Another reason is that we store UEFI
variables on the ESP which may be on any block device.

On the sandbox before the patch:

=> efidebug devices
No EFI system partition
Device           Device Path
================ ====================
000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
000055d078bc1ae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D)
000000001b22e0b0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1)

After the patch:

=> efidebug devices
No EFI system partition
Device           Device Path
================ ====================
000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
000055bdac8ddae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D)
000000001b230920 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)
000000001b233ac0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)
000000001b233b80 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(1,GPT,d0a914ee-a71c-fc1e-73f0-7e302b0e6c20,0x30,0x1)
000000001b234110 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(2,GPT,9330a0ea-8aff-f67a-294c-fa05d60896c3,0x31,0x1)
000000001b22f0e0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(2)
000000001b238df0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1)

Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-01 07:21:25 +02:00
AKASHI Takahiro
ab31c8a158 efi_loader: disk: remove unused field
The field, ifname, in efi_disk_obj is set but never used anywhere.
Just remove it.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-08-20 08:38:12 +02:00
Masahisa Kojima
ee57666294 efi_loader: move udevice pointer into struct efi_object
This is a preparation patch to provide the unified method
to access udevice pointer associated with the EFI handle
by adding udevice pointer into struct efi_object.
The patch also introduces a helper function efi_link_dev()
to link the udevice and EFI handle.

The EFI handles of both EFI block io driver implemented in
lib/efi_loader/efi_disk.c and EFI block io driver implemented
as EFI payload can access the udevice pointer in the struct efi_object.
We can use this udevice pointer to get the U-Boot friendly
block device name(e.g. mmc 0:1, nvme 0:1) through EFI handle.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-08-13 11:09:49 +02:00
Heinrich Schuchardt
e7496e57a0 efi_loader: fix efi_convert_device_path_to_text()
Ensure that the string we convert to UTF-16 is NUL terminated even
if the device path only contains end nodes.

Fixes: bd3d75bb0c58 ("efi_loader: multi part device paths to text")
Addresses-Coverity: 350434 ("Uninitialized scalar variable")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-08-13 11:09:49 +02:00
Simon Glass
bc06aa035d bootstd: Allow bootmeths to be marked as global
The current way of handling things like EFI bootmgr is a bit odd, since
that bootmeth handles selection of the bootdev itself. VBE needs to work
the same way, so we should support it properly.

Add a flag that indicates that the bootmeth is global, rather than being
invoked on each bootdev. Provide a helper to read a bootflow from the
bootmeth.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:10 -04:00
Ilias Apalodimas
5d98329196 efi_loader: initialize the RNG protocol after the TCC2
Due to U-Boot's lazy binding the RNG presented by the TCG is not available
until the EFI_TCG2 protocol has been initialized.  Since the TPM has a
built-in RNG device we can use for the OS randomization, move the RNG
protocol installation after the TCG.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-08-02 23:50:02 +03:00
Heinrich Schuchardt
2eb328ea61 efi_loader: remove support for CONFIG_LCD
There is no board left using CONFIG_LCD without CONFIG_DM_VIDEO.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-07-18 17:21:49 +02:00
Masahisa Kojima
9897350c52 efi_loader: expose END device path node
This commit exposes the END device path node.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-07-13 20:07:07 +02:00
Tom Rini
36b661dc91 Merge branch 'next' 2022-07-11 14:58:57 -04:00
AKASHI Takahiro
634f6b2fb1 efi_loader: image_loader: add a missing digest verification for signed PE image
At the last step of PE image authentication, an image's hash value must be
compared with a message digest stored as the content (of SpcPeImageData type)
of pkcs7's contentInfo.

Fixes: commit 4540dabdcaca ("efi_loader: image_loader: support image authentication")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2022-07-05 14:37:16 +02:00
AKASHI Takahiro
b72d09fa7d efi_loader: image_loader: replace EFI_PRINT with log macros
Now We are migrating from EFI_PRINT() to log macro's.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2022-07-05 14:37:16 +02:00
AKASHI Takahiro
b330140659 efi_loader: signature: export efi_hash_regions()
This function is used to calculate a message digest as part of
authentication process in a later patch.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2022-07-05 14:37:16 +02:00
Paul Barbieri
7a85f32413 EFI: Fix ReadBlocks API reading incorrect sector for UCLASS_PARTITION devices
The requsted partition disk sector incorrectly has the parition start
sector added in twice for UCLASS_PARTITION devices. The efi_disk_rw_blocks()
routine adds the diskobj->offset to the requested lba. When the device
is a UCLASS_PARTITION, the dev_read() or dev_write() routine is called
which adds part-gpt_part_info.start. This causes I/O to the wrong sector.

Takahiro Akashi suggested removing the offset field from the efi_disk_obj
structure since disk-uclass.c handles the partition start biasing. Device
types other than UCLASS_PARTITION set the diskobj->offset field to zero
which makes the field unnecessary. This change removes the offset field
from the structure and removes all references from the code which is
isolated to the lib/efi_loader/efi_disk.c module.

This change also adds a test for the EFI ReadBlocks() API in the EFI
selftest code. There is already a test for reading a FAT file. The new
test uses ReadBlocks() to read the same "disk" block and compare it to
the data read from the file system API.

Signed-Off-by: Paul Barbieri <plb365@gmail.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-07-02 14:19:12 +02:00
Rui Miguel Silva
bfef72e4dd cmd: load: add load command for memory mapped
cp.b is used a lot as a way to load binaries to memory and execute
them, however we may need to integrate this with the efi subsystem to
set it up as a bootdev.

So, introduce a loadm command that will be consistent with the other
loadX commands and will call the efi API's.

ex: loadm $kernel_addr $kernel_addr_r $kernel_size

with this a kernel with CONFIG_EFI_STUB enabled will be loaded and
then subsequently booted with bootefi command.

Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2022-06-22 11:35:47 -04:00
Heinrich Schuchardt
68edbed454 efi_loader: initialize console size late
If CONFIG_VIDEO_DM=n we query the display size from the serial console.
Especially when using a remote console the response can be so late that
it interferes with autoboot.

Only query the console size when running an EFI binary.

Add debug output showing the determined console size.

Reported-by: Fabio Estevam <festevam@gmail.com>
Fixes: a57ad20d07e8 ("efi_loader: split efi_init_obj_list() into two stages")
Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Fabio Estevam <festevam@denx.de>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
2022-06-19 15:53:09 +02:00
Heinrich Schuchardt
72fa9cd59e efi_loader: create boot options without file path
Allow the efidebug command to create boot options without file path, e.g.

    efidebug boot add -b 0001 'short dev only' host 0:1 ''
    efidebug boot add -B 0002 'long dev only' host 0:1 ''

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2022-06-12 13:02:34 +02:00
Heinrich Schuchardt
178667b34b efi_loader: allow booting from short dev only DP
Allow booting from a short form device-path without file path, e.g.

    /HD(1,GPT,5ef79931-a1aa-4c70-9d67-611e8f69eafd,0x800,0x1000)

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2022-06-12 09:17:54 +02:00
Sughosh Ganu
556a12654a EFI: FMP: Use a common GetImageInfo function for FIT and raw images
The GetImageInfo function definitions for the FIT images and raw
images are the same. Use a common function for the both the Firmware
Management Protocol(FMP) instances for raw and FIT images.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-06-12 09:17:54 +02:00
Sughosh Ganu
119fafdefb EFI: Do not consider OsIndications variable if CONFIG_EFI_IGNORE_OSINDICATIONS is enabled
The EFI_IGNORE_OSINDICATIONS config symbol was introduced as a
mechanism to have capsule updates work even on platforms where the
SetVariable runtime service was not supported. The current logic
requires the OsIndications variable to have been set to a 64 bit value
even when the EFI_IGNORE_OSINDICATIONS config is enabled. Return an
error code on not being able to read the variable only when
EFI_IGNORE_OSINDICATIONS is not enabled.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-06-12 09:17:54 +02:00
Vincent Stehlé
8645aefc8b efi: test/py: authenticate fit capsules
Add support for the authentication of UEFI capsules containing FIT images.

The authentication code is moved out of the function handling raw images
into a new function efi_firmware_capsule_authenticate(). The special case
for the FMP header coming from edk2 tools is preserved. There is no
functional change for capsules containing raw images.

The python test for signed capsules with raw images is renamed with no
functional change and a new test is added for signed capsules containing
FIT images.

This can be tested with sandbox64_defconfig or sandbox_flattree_defconfig,
plus CONFIG_EFI_CAPSULE_AUTHENTICATE=y.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
2022-06-04 08:43:55 +02:00
Sughosh Ganu
6a463bc1c9 EFI: Populate descriptor_count value only when image_info_size is not zero
The GetImageInfo function of the Firmware Mangement Protocol(FMP) gets
called initially to query the size of the image descriptor array that
would have to be allocated. During this call, the rest of the function
arguments, specifically pointers might be passed as NULL. Do not
populate the descriptor_count value before it is known that the call
to GetImageInfo has been made with the allocated buffer for the image
descriptors.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-06-04 08:43:55 +02:00
Vincent Stehlé
7751d2ef86 efi: fix documentation warnings
This fixes the following warnings:

  ./lib/efi_loader/efi_firmware.c:283: warning: Function parameter or member 'package_version' not described in 'efi_firmware_fit_get_image_info'
  ./lib/efi_loader/efi_firmware.c:283: warning: Function parameter or member 'package_version_name' not described in 'efi_firmware_fit_get_image_info'
  ./lib/efi_loader/efi_firmware.c:369: warning: bad line: firmware image
  ./lib/efi_loader/efi_firmware.c:395: warning: Function parameter or member 'package_version' not described in 'efi_firmware_raw_get_image_info'
  ./lib/efi_loader/efi_firmware.c:395: warning: Function parameter or member 'package_version_name' not described in 'efi_firmware_raw_get_image_info'

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-28 10:59:27 +02:00
AKASHI Takahiro
57ad624103 efi_loader: bootmgr: fix a problem in loading an image from a short-path
Booting from a short-form device path which starts with the first element
being a File Path Media Device Path failed because it doesn't contain
any valid device with simple file system protocol and efi_dp_find_obj()
in efi_load_image_from_path() will return NULL.
For instance,
/VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Scsi(0,0)/\helloworld.efi
-> shortened version: /\helloworld.efi

With this patch applied, all the media devices with simple file system
protocol are enumerated and the boot manager attempts to boot temporarily
generated device paths one-by-one.

This new implementation is still a bit incompatible with the UEFI
specification in terms of:
* not creating real boot options
* not try
  "If a device does not support the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL, but
  supports the EFI_BLOCK_IO_PROTOCOL protocol, then the EFI Boot Service
  ConnectController must be called for this device with DriverImageHandle
  and RemainingDevicePath set to NULL and the Recursive flag is set to TRUE."
(See section 3.1.2 "Load Option Processing".)

But it still gives us a closer and better solution than the current.

Fixes: commit 9cdf470274ff ("efi_loader: support booting via short-form device-path")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-28 10:59:27 +02:00
AKASHI Takahiro
05f391e2fc efi_loader: disk: add efi_disk_is_removable()
This helper function will be used to determine if the device is
removable media, initially for handling a short-path loading.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2022-05-28 10:59:27 +02:00
Ilias Apalodimas
b436cc6a57 efi_loader: add sha384/512 on certificate revocation
Currently we don't support sha384/512 for the X.509 certificate
in dbx.  Moreover if we come across such a hash we skip the check
and approve the image,  although the image might needs to be rejected.

Rework the code a bit and fix it by adding an array of structs with the
supported GUIDs, len and literal used in the U-Boot crypto APIs instead
of hardcoding the GUID types.

It's worth noting here that efi_hash_regions() can now be reused from
efi_signature_lookup_digest() and add sha348/512 support there as well

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-05-07 23:17:26 +02:00