We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Previous implementation of the rsa signature was using
the openssl API EVP_Sign*, but the new openssl API
EVP_DigestSign* is more flexible. So we move to this
new API.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In this patch, helper functions for an load option variable (BootXXXX)
are added:
* efi_deserialize_load_option(): parse a string into load_option data
(renamed from parse_load_option and exported)
* efi_serialize_load_option(): convert load_option data into a string
Those functions will be used to implement efishell command.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This is a preparatory patch for use in efi_serialize_load_option()
as a load option's file_path should have both a device path and
a file path.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec mandates that runtime sections are 64kb aligned to enable
support for 64kb page size OSs.
This patch ensures that we extend the runtime section to 64kb to be spec
compliant.
Signed-off-by: Alexander Graf <agraf@suse.de>
The variable name setup_ok might suggest a boolean with true indicating
OK. Let's avoid the misleading name.
%s/setup_ok/setup_status/g
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not call eth_rx() before the network interface is initialized.
The services of the simple network protocol should check the state of
the network adapter.
Add and correct comments.
Without this patch i.mx6 system Wandboard Quad rev B1 fails to execute
bootefi selftest.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Calling net_send_packet() requires that the buffer is aligned to a multiple
of PKTALIGN (= ARCH_DMA_MINALIGN). The UEFI spec does not require
efi_net_transmit() to be called with a buffer with any special alignment.
So we have to copy to an aligned buffer. The current coding copies to an
aligned buffer only if CONFIG_EFI_LOADER_BOUNCE_BUFFER=y. Many boards
like the Odroid C2 do not use a bounce buffer.
With the patch we copy to a correctly aligned buffer in all cases.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
To use the simple network protocol we have to call the start service first
and the initialize service second.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check that the memory area containing the device tree is marked as runtime
data.
Update the Python test to pass ${fdtcontroladdr} to bootefi.
Update the description of the Python test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The sandbox uses a virtual address space that is neither the physical nor
the virtual address space of the operating system. All address used on the
command line live in this address space. So also the environment variable
${fdtcontroladdr} has to be in this address space.
Commands like bootefi and booti receive the fdt address as parameter.
Without the patch ${fdtcontroladdr} cannot be used as parameter value on
the sandbox.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When allocating EFI memory pages the size in bytes has to be converted to
pages.
Provide a macro efi_size_in_pages() for this conversion.
Use it in the EFI subsystem and correct related comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Enable building the sandbox with CONFIG_EFI_SELFTEST.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This unit test checks the following runtime services:
AllocatePages, FreePages, GetMemoryMap
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not use the sandbox's virtual address space for the internal structures
of the memory map. This way we can eliminate a whole lot of unnecessary
conversions.
The only conversion remaining is the one when adding known memory.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
On some systems, not all RAM may be usable within U-Boot. Maybe the
memory maps are incomplete, maybe it's used as workaround for broken
DMA. But whatever the reason may be, a platform can say that it does
not wish to have its RAM accessed above a certain address by defining
board_get_usable_ram_top().
In the efi_loader world, we ignored that hint, mostly because very few
boards actually have real restrictions around this.
So let's honor the board's wish to not access high addresses during
boot time. The best way to do so is by indicating the respective pages
as "allocated by firmware". That way, Operating Systems will still
use the pages after boot, but before boot no allocation will use them.
Reported-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Baruch Siach <baruch@tkos.co.il>
We should use a logical or when combining logical values.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present this code casts addresses to pointers so cannot be used with
sandbox. Update it to use mapmem instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit 3170db63c4.
It reportedly breaks OpenBSD/armv7 booting and I've already received
complaints from people that it breaks some Linux armv7 systems as well.
We'll have to give this whole caching story a good bit more thought.
Reported-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should be consistent in the types that we use to store Unicode strings.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If a memory bank is not EFI_PAGE_SIZE aligned efi_add_known_memory() the
number of memory pages may be incorrectly calculated.
We have to round up the start address and to round down the end address
to determine which complete pages are provided by the memory bank.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Using %zu for efi_intn_t (ssize_t) creates a build warning. Anyway %zu is
not supported by efi_st_error(). So let's convert to int.
Our implementation of StriColl() only returns -1, 0, or 1.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the max_addr parameter of efi_find_free_memory() is within bounds
of an existing map and fits the reservation, we just return that address
as allocation value.
That breaks however if max_addr is not page aligned. So ensure that it
always comes to us page aligned, simplifying the allocation logic.
Without this, I've seen breakage where we were allocating pages at -1U
(32bit) which fits into a region that spans beyond 0x100000000. In that
case, we would return 0xffffffff as a valid memory allocation, although
we usually do guarantee they are all page aligned.
Fix this by aligning the max address argument always.
Signed-off-by: Alexander Graf <agraf@suse.de>
With RELA absolute relocations, the relocation target contains our link
offset which we need to remove from the equation again. We did this
properly in the relative relocation path, but not in the absolute one.
So let's do this for the absolute one as well. That way, u-boot can have
a TEXT_OFFSET of != 0 and still relocate itself properly.
This fixes a bug where efi_loader did not work on the RISC-V QEMU port.
With this patch, I can successfully run UEFI applications on the RISC-V
QEMU port.
Reported-by: Auer, Lukas <lukas.auer@aisec.fraunhofer.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Linker generated arrays may be stored in code sections of memory that are
not writable. So let's allocate setup_ok as an array at runtime.
This avoids an illegal memory access observed in the sandbox.
Reported-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Factor out efi_set_bootdev() and extract efi_dp_from_name().
This function will be used to set a boot device in efishell command.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
If UninstallMultipleProtocolInterfaces fails, we sometimes return the wrong
status code. The UEFI spec mandates to always return EFI_INVALID_PARAMETER.
Update unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec defines that a line feed moves the cursor to the next line
and (only) a carriage return moves the cursor to the beginning of the line.
So we should issue CR LF when we want to get to the start of the next line.
Add some comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Rename the component parent of some EFI objects to header. This avoids
misunderstandings.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
A pointer to a struct efi_object is a handle. We do not need any handle
member in this structure. Let's eliminate it.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
All our handles point to a struct efi_object. So let's define the
efi_handle_t accordingly. This helps us to discover coding errors much
more easily. This becomes evident by the corrections to the usage of
handles in this patch.
Rename variable image_handle to image_obj where applicable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
fix typos
correct the header comment of efi_selftest_variables.c
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the last protocol interface has been uninstalled remove the handle.
Adjust ReinstallProtocol so that it does not remove the handle.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow an EFI application to shut down the system.
If EFI_RESET_SHUTDOWN is issued call do_poweroff().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Test the handling of execptions by trying to execute an undefined
instruction. For 32bit ARM we expect \selftest to be listed as loaded
image.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not make anything in lib/efi_selftest if
CONFIG_CMD_BOOTEFI_SELFTEST is not defined.
We can make that test in lib/Makefile
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present many TPM calls assume there is only one TPM in the system and
look up this TPM themselves. This is inconsistent with driver model, which
expects all driver methods to have a device parameter. Update the code to
correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present these functions are not accessible outside the TPM library, but
in some cases we need to call them. Export them in the header file and add
a define for the SHA1 digest size.
Also adjust tpm_open() to call tpm_close() first so that the TPM is in a
known state before opening (e.g. by a previous phase of U-Boot).
Signed-off-by: Simon Glass <sjg@chromium.org>
In some cases U-Boot is compressed and it is useful to be able to
decompress it in SPL. Add a Kconfig and Makefile change to allow this.
Note that this does not actually implement decompression.
Signed-off-by: Simon Glass <sjg@chromium.org>
When U-Boot proper is compiled with CONFIG_MULTI_DTB_FIT and tries
to call uncompress_blob(), it fails with -ENOTSUPP. This is because
the full implementation of this function which includes compression
is available only in SPL. In U-Boot proper or if the compression is
not enabled, the blob is not compressed and thus can be passed to
locate_dtb_in_fit() in fdtdec_setup() without any changes. Pass the
blob without any changes if compression is not enabled instead of
failing.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Michal Simek <michal.simek@xilinx.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
A specially crafted FIT image makes it possible to overflow the stack
with controlled values when using the verified boot feature. Depending
on the memory layout, this could be used to overwrite configuration
variables on the heap and setting them to 0, e.g. disable signature
verification, thus bypassing it.
This change fixes a bug in fdt_find_regions where the fdt structure is
parsed. A lower value than -1 of depth can lead to a buffer underflow
write on the stack.
Signed-off-by: Konrad Beckmann <konrad.beckmann@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When a driver declares DM_FLAG_PRE_RELOC flag, it wishes to be
bound before relocation. However due to a bug in the DM core,
the flag only takes effect when devices are statically declared
via U_BOOT_DEVICE(). This bug has been fixed recently by commit
"dm: core: Respect drivers with the DM_FLAG_PRE_RELOC flag in
lists_bind_fdt()", but with the fix, it has a side effect that
all existing drivers that declared DM_FLAG_PRE_RELOC flag will
be bound before relocation now. This may expose potential boot
failure on some boards due to insufficient memory during the
pre-relocation stage.
To mitigate this potential impact, the following changes are
implemented:
- Remove DM_FLAG_PRE_RELOC flag in the driver, if the driver
only supports configuration from device tree (OF_CONTROL)
- Keep DM_FLAG_PRE_RELOC flag in the driver only if the device
is statically declared via U_BOOT_DEVICE()
- Surround DM_FLAG_PRE_RELOC flag with OF_CONTROL check, for
drivers that support both statically declared devices and
configuration from device tree
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Introduce a new Kconfig option for architecture codes to control
whether it provides io{read,write}{8,16,32} I/O accessor functions.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
part_init() is currently called in every DM BLK driver, either
in its bind() or probe() method. However we can use the BLK
uclass driver's post_probe() method to do it automatically.
Update all DM BLK drivers to adopt this change.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently the efi block driver uses priv_auto_alloc_size for the
driver data, however that's only available after the device probe
phase. In order to make it accessible in an earlier phase, switch
to use platdata_auto_alloc_size instead.
This patch is the prerequisite for the follow up patch of DM BLK
driver changes to work with EFI loader.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We may have, the not yet considered, scenario where OPTEE is loaded before
u-boot and *not* by u-boot, e.g, the boot flow using the ARM Trusted
Firmware (ATF), where in the 32bit flow is:
BootRom->ATF(BL2)->Optee(BL32)->u-boot(BL33)
In this case we need still to reserve the memory used by optee, to avoid
for example to realocate ourself to the same address at the end of DRAM.
So, we change here the dependencies on the OPTEE lib and we set the default
size and base of TZRAM to zero.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Cc: Ryan Harkin <ryan.harkin@linaro.org>
Cc: u-boot@lists.denx.de
Remove a superfluous statement in efi_dp_get_next_instance().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the last protocol interface is uninstalled the handle is deleted but
this does not set the value of the handle to NULL.
To create a new handle with OpenProtocolInterface the value of the handle
must be NULL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
As observed with clang:
lib/efi_loader/efi_boottime.c:1624:7: warning: variable 'info'
is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
if (ret != EFI_SUCCESS)
^~~~~~~~~~~~~~~~~~
lib/efi_loader/efi_boottime.c:1653:7: note: uninitialized use
occurs here
free(info);
^~~~
lib/efi_loader/efi_boottime.c:1624:3: note: remove the 'if' if
its condition is always false
if (ret != EFI_SUCCESS)
^~~~~~~~~~~~~~~~~~~~~~~
lib/efi_loader/efi_boottime.c:1602:31: note: initialize the
variable 'info' to silence this warning
struct efi_loaded_image *info;
^
= NULL
Rather than change how we unwind the function it makes the most sense to
initialize info to NULL so that we can continue to pass it to free().
Fixes: c982874e93 ("efi_loader: refactor efi_setup_loaded_image()")
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not leak native_name if out of memory.
This addresses CoverityScan CID 184095.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When is_dir() is called we have already execute set_blk_dev(fh).
So don't call it again.
This fixes CoverityScan CID 184093.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use a return type that can encompass the return value.
This fixes CoverityScan CID 184090.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
getc() might return an error code. Avoid an incorrect converison to
Unicode.
This addresses CoverityScan CID 184087.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The first parameter of efi_allocate_pool is a memory type. It cannot be
EFI_ALLOCATE_ANY_PAGES. Use EFI_BOOT_SERVICES_DATA instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec requires that file positions are passed as u64 in
GetPosition() and SetPosition().
Check if the file handle points to a directory in GetPosition().
Provide a unit test for GetPosition() and SetPosition().
Fix Coverity warning CID 184079 (CONSTANT_EXPRESSION_RESULT).
Add comments.
Fixes: b6dd577737 ("efi_loader: use correct types in EFI_FILE_PROTOCOL")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently the relocation of the EFI runtime on x86_64 fails. This renders
the EFI subsystem unusable. The ELF relocation records for x86_64 contain
an addend field.
Always write the function name into error messages related to the EFI
runtime relocation.
Break an excessively long line.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit c35a7d375e.
This commit is breaking SPL on zc706.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Patrice Chotard <patrice.chotard@st.com> [on STM32F746-disco]
These are needed for the 2018 version of Chromium OS vboot. Add an
implementation for TPM v1, with v2 to come later.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this file uses logging but it should use the new macros. Update
it and add a log message for an error.
Signed-off-by: Simon Glass <sjg@chromium.org>
In some cases (e.g. sandbox with verified boot) it is useful to support
libfdt in TPL. Update the Kconfig to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this option applies to SPL, but it should be available in TPL
also, and separately. Change to using CONFIG_IS_ENABLED(), add a new
Kconfig option and fix up hang().
Signed-off-by: Simon Glass <sjg@chromium.org>
This is the PR for SPI-NAND changes along with few spi changes.
[trini: Re-sync changes for ls1012afrwy_qspi*_defconfig]
Signed-off-by: Tom Rini <trini@konsulko.com>
Converts fdtdec_setup_memory_banksize() to use ofnode functions instead.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Create the handle of loaded images and the EFI_LOADED_IMAGE_PROTOCOL
inside efi_setup_loaded_image(). Do not use local variables.
Currently we expect the loaded image handle to point to the loaded image
protocol. Additionally we have appended private fields to the protocol.
With the patch the handle points to a loaded image object and the private
fields are added here. This matches how we handle the net and the gop
object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI selftest does not succeed on Sandbox yet. The network support
seems to need some love to actually make our current tests succeed.
So let's disable running the selftest on sandbox for now until "make
tests" just works. Then we can have more amazing CI than ever.
Signed-off-by: Alexander Graf <agraf@suse.de>
Since GRUB patch d0c070179d4d ("arm/efi: Switch to arm64 linux loader",
2018-07-09) we do not need a workaround for GRUB on 32bit ARM anymore.
So let's eliminate function efi_exit_caches().
This will require Linux distributions to update grub-efi-arm to the GRUB
git HEAD (a tag containing the aforementioned GRUB patch is not available
yet).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
ascii2unicode() always ends the u16 string with '\0'.
Remove redundant assignment.
Add description for efi_str_to_u16() and ascii2unicode().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently we assign a lot of protocols to loaded images though
these protocols are not related to them. Instead they should be
installed on a separate handle. Via the device path it is the
parent to the devices like the network adapter.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In efi_get_variable() a string is longer than the allocated space which
results in overwriting the linked list of malloc().
The prefixes used for variables are 41 characters long, e.g.
efi_67029eb5-0af2-f6b1-da53-fcb566dd1ce6_
Change PREFIX_LEN to 41.
Fixes: faff21556748 ("efi_loader: remove limit on variable length")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Convert the function descriptions to Sphinx style.
efi_driver_init() is cCalled by efi_init_obj_list().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Not all terminals understand CSI [18t for querying the console size.
We should adhere to escape sequences documented in the console_codes
manpage and the ECMA-48 standard.
So here we follow a different approach. We position the cursor to the
bottom right and query its position. Before leaving the function we
restore the original cursor position.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently do not combine memory entries that are adjacent and have
the same attributes. The problem with that is that our memory map can
easily grow multiple hundreds of entries in a simple UEFI Shell
environment.
So let's make sure we always combine all entries to make the memory
map as small as possible. That way every other piece of code that
loops through it should also gain some nice speed ups.
Signed-off-by: Alexander Graf <agraf@suse.de>
gcc 4.8.4 wants to see all levels of braces when initializing a
structure to zeros.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not check parameter file twice.
We should check parameter new_handle.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For the VT102 and the Linux console the left upper corner is [1, 1].
EFI uses [0, 0] as left upper corner.
Check parameters of the SetCursorPosition() service.
Use CSI H like EDK2 for positioning.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_file_getinfo() is called with a GUID. In EFI_ENTRY use %pUl as
format type. This way the GUID is printed in debug mode.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not directly cast between pointers and addresses since it breaks
sandbox. Fix this and simplify the code in file_read().
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This allows this feature to build within sandbox. This is useful for
testing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec requires that attributes are only set for when
EFI_FILE_MODE_CREATE is set in open_mode.
The SCT tries to read a directory with EFI_FILE_DIRECTORY.
As EDK2 allows this we should not be more strict.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use a key notification function to leave the
EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement registering and unregistreing key notify functions in the
EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for the EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Support modifiers for F1 - F4.
Add support for letters with ALT key.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch implements the EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
The implementation of notification functions is postponed to a later
patch.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should test the WaitForKey event.
Testing for EFI_NOT_READY can be done after resetting the console.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Preread the next key in the console timer event.
The EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL requires to trigger registered key
notification functions based on the prefetched key.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Move reusable utility functions to efi_selftest_util.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Up to now the EFI_TEXT_INPUT_PROTOCOL only supported ASCII characters.
With the patch it can consume UTF-8 from the console.
Currently only the serial console and the console can deliver UTF-8.
Local consoles are restricted to ASCII.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
'Delete' will be implemented here by calling fs_unlink() which relies on
underlying file system's implementation.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
In efi world, there is no obvious "mkdir" interface, instead, Open()
with EFI_FILE_MODE_CREATE in mode parameter and EFI_FILE_DIRECTORY
in attributes parameter creates a directory.
In this patch, efi_file_open() is extended so as to accept such
a combination of parameters and call u-boot's mkdir interface for
expected action.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
%s/efi_simple_input_interface/efi_simple_text_input_protocol/
We should be consistent in the naming of the EFI protocol interface
structures. The protocol is called EFI_SIMPLE_TEXT_INPUT_PROTOCOL.
%s/ExtendedVerification/extended_verification/
Use consistent naming of function parameters. Do not use CamelCase.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for the EFI_UNICODE_COLLATION_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The patch implements the EFI_UNICODE_COLLATION_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide functions for upper and lower case conversion.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We register the console in/out protocol on the loaded image handle, but
never tell anyone about it in the systab.
Because of this Shell.efi can not find the input protocol. So let's add
a proper reference.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We have moved generating html documentation with Sphinx.
%s/Return Value/Return/g
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit ccfc78b820.
Now that the underlying issue is fixed, we can revert the revert and hence
restore the original EFI code.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The length of a string printed to the console by the
EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL is not limited by the UEFI spec.
Hence should not allocate a buffer for it on the stack.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI spec does not provide a length limit for variables.
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The width and precision of the printf() function refer to the number of
characters not to the number of bytes printed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
utf8_get() - get next UTF-8 code point from buffer
utf8_put() - write UTF-8 code point to buffer
utf8_utf16_strnlen() - length of a utf-8 string after conversion to utf-16
utf8_utf16_strncpy() - copy a utf-8 string to utf-16
utf16_get() - get next UTF-16 code point from buffer
utf16_put() - write UTF-16 code point to buffer
utf16_strnlen() - number of codes points in a utf-16 string
utf16_utf8_strnlen() - length of a utf-16 string after conversion to utf-8
utf16_utf8_strncpy() - copy a utf-16 string to utf-8
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function names utf16_strlen() and utf16_strnlen() are misnomers.
The functions do not count utf-16 characters but non-zero words.
So let's rename them to u16_strlen and u16_strnlen().
In utf16_dup() avoid assignment in if clause.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Using CONFIG_IS_ENABLED(EFI_LOADER) allows to simply the #if statements.
Suggested-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The fs_read() function wants to get an address rather than the
pointer to a buffer.
So let's convert the passed buffer from pointer back a the address
to make efi_loader on sandbox happier.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Verify that the loaded image protocol is installed on the image handle.
Verify that the loaded image protocol points to the system table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The system table must be passed as a pointer in the loaded image
protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove memory leak in efi_selftest_manageprotocols.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
While 1kB or 1kiB will be parsed correctly, 1k will return the right
amount, but the metric suffix will not be escaped once the char
pointer updated. Fix this situation by simplifying the move of the
endp pointer.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Both ustrtoul and ustrtoull interpret 1k but not 1m or 1g. Even if the
SI symbols for Mega and Giga are 'M' and 'G', certain entries of
eg. mtdparts also use (wrongly) the metric prefix 'm' and 'g'.
I do not see how parsing lowercase prefixes could break anything, so
parse them like their uppercase counterpart.
Also, even though kiB is not equal to kB in general, lets not change
U-Boot behavior and always use kiB and kB (same applies for MiB vs. MB
and GiB vs. GB) as a representation for 1024 instead of 1000.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Stefan Roese <sr@denx.de>
In int-ll64.h, we always use the following typedefs:
typedef unsigned int u32;
typedef unsigned long uintptr_t;
typedef unsigned long long u64;
This does not need to match to the compiler's <inttypes.h>.
Do not include it.
The use of PRI* makes the code super-ugly. You can simply use
"l" for printing uintptr_t, "ll" for u64, and no modifier for u32.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The get_next_memory_node() always sets mem to -1 , which is incorrect,
because then every iteration of memory bank parsing will start from the
first memory bank instead of the previous one.
On systems with 1 memory bank defined in DT and CONFIG_NR_DRAM_BANKS=4 ,
like ie. r8a77965-salvator-x , this will result in U-Boot incorrectly
reporting four identical memory banks with the same memory configuration.
Fix this by setting mem to startoffset value, which restores the behavior
before the fixed patch was applied.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Fixes: 452bc12102 ("fdt: fix fdtdec_setup_memory_banksize()")
Tested-by: Michal Simek <michal.simek@xilinx.com> [on ZynqMP}
In Linux, the memory returned by kmalloc() is DMA-capable.
However, it is not true in U-Boot.
At a glance, kmalloc() in U-Boot returns address aligned with
ARCH_DMA_MINALIGN. However, it never pads the allocated memory.
This half-way house is completely useless because calling kmalloc()
and malloc() in this order causes a cache sharing problem.
Change the implementation to call malloc_cache_aligned(), which
allocates really DMA-capable memory.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This updates the EFI stub codes to pass UEFI BIOS's system table
address to U-Boot payload so that U-Boot can utilize it.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Exit with AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_ARGUMENT
when hashtree_error_mode value passed to avb_append_options()
is unknown (not from AvbHashtreeErrorMode enum).
Otherwise, default value is not handled in the
switch(hashtree_error_mode), which causes below compile warning:
lib/libavb/avb_cmdline.c: In function ‘avb_append_options’:
lib/libavb/avb_cmdline.c:354:13: warning: ‘dm_verity_mode’ may be used uninitialized in this function [-Wmaybe-uninitialized]
new_ret = avb_replace(
~~~~~~~~^~~~~~~~~~~~~~
slot_data->cmdline, "$(ANDROID_VERITY_MODE)", dm_verity_mode);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/libavb/avb_cmdline.c:363:8: warning: ‘verity_mode’ may be used uninitialized in this function [-Wmaybe-uninitialized]
if (!cmdline_append_option(
^~~~~~~~~~~~~~~~~~~~~~
slot_data, "androidboot.veritymode", verity_mode)) {
Signed-off-by: Ievgen Maliarenko <ievgen.maliarenko@globallogic.com>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Starting with commit 867a6ac86d ("efi: Add start-up library code"),
sparse constantly complains about truncated constant value in efi.h:
include/efi.h:176:35: warning: cast truncates bits from constant value (8000000000000000 becomes 0)
This can get quite noisy, preventing real issues to be noticed:
$ make defconfig
*** Default configuration is based on 'sandbox_defconfig'
$ make C=2 -j12 2>&1 | grep truncates | wc -l
441
After the patch is applied:
$ make C=2 -j12 2>&1 | grep truncates | wc -l
0
$ sparse --version
v0.5.2
Following the suggestion of Heinrich Schuchardt, instead of only
fixing the root-cause, I replaced the whole enum of _SHIFT values
by ULL defines. This matches both the UEFI 2.7 spec and the Linux
kernel implementation.
Some ELF size comparison before and after the patch (gcc 7.3.0):
efi-x86_payload64_defconfig:
text data bss dec hex filename
407174 29432 278676 715282 aea12 u-boot.old
407152 29464 278676 715292 aea1c u-boot.new
-22 +32 0 +10
efi-x86_payload32_defconfig:
text data bss dec hex filename
447075 30308 280076 757459 b8ed3 u-boot.old
447053 30340 280076 757469 b8edd u-boot.new
-22 +32 0 +10
Fixes: 867a6ac86d ("efi: Add start-up library code")
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the reset service of the EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL.
This should resolve the error reported by the SCT in
Protocol/SimpleTextOut/BlackBoxTest/SimpleTextOutBBTestFunction_uefi.c:639
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI specification mandates that the create flag is only used in
conjunction with both the read and the write flag.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The crc32 of the runtime services table must be updated after detaching.
efi_update_table_header_crc32() must be __efi_runtime. So move it to
efi_runtime.c
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function crc32() is needed by the EFI subsystem at runtime. So it has
to be linked into the runtime section together with all dependencies.
Eliminate empty defines local and ZEXPORT.
Mark variables as static which are not exported.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should only dereference parameter memory_map_size after checking that
it is valid.
Fixes: 8e835554b3 ("efi_loader: check parameters of GetMemoryMap")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The commit 21b3edfc96 ("efi_loader: check parameters of CreateEvent")
enforces a strict parameter check at CreateEvent(). On the other hand,
UEFI specification version 2.7, section 7.1, says:
The EVT_NOTIFY_WAIT and EVT_NOTIFY_SIGNAL flags are exclusive. If
neither flag is specified, the caller does not require any notification
concerning the event and the NotifyTpl, NotifyFunction, and
NotifyContext parameters are ignored.
So the check should be mitigated so as to comply with the specification.
Without this patch, EDK2's Shell.efi won't be started.
Fixes: 21b3edfc96 ("efi_loader: check parameters of CreateEvent")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When applying a virtual memory map we have to update the pointer to the
list of configuration tables.
Fixes: 4182a129ef ("efi_loader: allocate configuration table array")
Reported-by: Mark Kettenis <mark.kettenis@xs4all.nl>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit aa909462d0. This change
caused "dhcp filename" to crash the system on p2371-2180 (Jetson TX1), for
example when running test/py.
Reverting this change isn't optimal, but at least restores TX1 to a working
state. In the future, we should:
a) Fix whatever problem causes the crash with this patch applied. This
needs further discussion, so isn't something we can immediately do.
b) Undo the revert; re-apply the original patch to efi_allocate_pages.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Fixes the following checkstyle warning:
WARNING: Missing a blank line after declarations
+ int tmp = smbios_write_funcs[i]((ulong *)&addr, handle++);
+ max_struct_size = max(max_struct_size, tmp);
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fixes the following chechpatch -f error:
ERROR: "(foo*)" should be "(foo *)"
+ strncpy((char*)t->uuid, serial_str, sizeof(t->uuid));
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Highlights this time:
- Many small fixes to improve spec compatibility (found by SCT)
- Almost enough to run with sandbox target
- GetTime() improvements
- Enable EFI_LOADER and HYP entry on ARMv7 with NONSEC=y
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJbWHUwAAoJECszeR4D/txgKlUP/3Lu6pxScwzL7TsSD6OFZQ6M
qQq2FH89XOA6/3r04RXrJZoHwOKIH5uj7ea6FlitpS1sQ4UOCQhp/lJJuJennHHj
+veeuzI1sKTCX8Kd9ptrZDEF3G8lbF/zSyCFa1MOd1ONDVsTgSO9fOGmiqcC9FBF
UrUH7dzXlE2CWs/mv/UikCBI7rYF+NOFJNuwHVXfsW4PyQ/7uaNsa7Rl3mXYb/Lr
gjdcJkeHZAmFv/r84tGS9AFv+m0So9AGEYD7MeQDt02hSOuH9/nu4HgPmiwln3Fn
3sFA3+daMrlFNi6kFw10S0sjKz94nN+Arm6cIXlvGaoc/wnPM2wEcKOSiXhzVM8d
CoP/26N/ETRoI9P01C2WyTrKjo0O0aFwp3ubfmmbdcaKr/pyjAJgb3BnqXBfAr7T
OjsE086jtHzdyKYKXDIz8+ZxSo4VsiDjBzDK7LVA0L5KtqAFFa+OYjlgEMJnQCk3
YJfj+rhxfpjzFI7x5BAgq0q3XQRvAJS8QcUq+V2todQ3JkUlCIaVUNQLWAfNJN0q
ze/WR8l4nwj5YFo8XiEbFHpQi/1bkR6cSzyjlBKUqrtHUUEu32vWlzZpNi6HzPMq
cP7gehboFlcCSr8T2UMjBTE1LWI35eWNQQoiNRrS2UVcTH9h1vXMFV9PT+I82BBl
ivJ+YwF9nU1JdS8CG3n7
=ePTT
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot
Patch queue for efi - 2018-07-25
Highlights this time:
- Many small fixes to improve spec compatibility (found by SCT)
- Almost enough to run with sandbox target
- GetTime() improvements
- Enable EFI_LOADER and HYP entry on ARMv7 with NONSEC=y
fdt_fixup_mtdparts() calls mtdparts_init() and device_find(),
which are defined in cmd/mtdparts.c
The combination of FDT_FIXUP_PARTITIONS=y and CMD_MTDPARTS=n
emits the following link error:
common/fdt_support.c:903: undefined reference to `mtdparts_init'
common/fdt_support.c:914: undefined reference to `device_find'
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Prior to this patch is fdtdec_setup_memory_banksize() incorrectly
ignoring the "status" field. This patch fixes that by testing the status
with fdtdec_get_is_enabled() before using a memory node.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
if_type is not correctly initialized
Failure to initialize if_type means that grub2/efinet sends
a bogus arp request. It therefore gets no response. On Raspberry Pi 3B+
this leads to a pause at:
lan78xx_eth Waiting for PHY auto negotiation to complete....... done
lan78xx_eth Waiting for PHY auto negotiation to complete....... done
Signed-off-by: Andrew Thomas <andrew.thomas@oracle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Provide a unit test for the GetTime() runtime service.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow specifying the precision when printing integers, e.g.
efi_st_printf("%.4u-%.2u-%.2u\n", year, month, day);
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the missing parts of the GetTime() runtime service.
Fill seconds.
Fill daylight saving time flag correctly.
Provide dummy values for capabilities.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove unused function efi_get_time_init().
Initialization of the RTC has to be done in board bring up not in the EFI
subsystem.
There is no RTC device in the UEFI spec. The RTC is only accessed through
the runtime services.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This unit test checks the CalculateCrc32 bootservice and checks the
headers of the system table, the boot services tablle, and the runtime
services table before and after ExitBootServices().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
InstallConfigurationTable() may change the number of installed
configuration tables.
Check the crc32 of the system table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If the number of installed tables is changed in
InstallConfigurationTable() update the crc32 of the system table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use const for the buffer. We are not changing the buffer.
Use efi_uintn_t where prescribed by the UEFI spec.
Prefer u32 over uint32_t.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for InstallConfigurationTable().
A table is installed, updated, removed. The table entry and the
triggering of events is checked.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The system table contains a link to the list of configurations tables.
These include the device tree, SMBIOS table, and the ACPI table.
This array is currently statically linked. With the patch it is allocated
as EFI_RUNTIME_SERVICES_DATA. Due to the structure of the system table we
cannot work with a linked list here.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
For the boot and runtime services tables and for the system table the
crc32 has to be set in the header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a firmware revision in the system table using the Makefile
variables VERSION and PATCHLEVEL, e.g. 0x20180700 for v2018.07.
Correct the type of the firmware vendor. It is a u16* pointer.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The headersize field has to be set to the size of the whole table
including the header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Both in the boot and the runtime services tables we have to specify the
UEFI spec revision. The same value is already used for the system
table. So let's use a common constant.
In the boot services table we have to provide the header signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
After clearing the screen the cursor position is row 0, column 0.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the reset service of the EFI_SIMPLE_TEXT_INPUT_PROTOCOL.
This should resolve the error reported by the SCT in
Protocol/SimpleTextIn/BlackBoxTest/SimpleTextInBBTestFunction.c:193
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The revision number has to be set in the loaded image protocol.
The problem was detected by running the SCT in
Protocol/LoadedImage/BlackBoxTest/LoadedImageBBTestMain.c:890
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Set the DM_FLAG_NAME_ALLOCED flag to avoid a memory leak when the block
device is removed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for writing to a FAT file system.
Add some additional comments in block device unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec requires that the memory map key is checked in
ExitBootServices().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check the parameters of boottime service GetMemoryMap().
Return EFI_INVALID_PARAMETER where required by the UEFI spec.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Rigorously check the TPL level and the event type.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Fix the 'amp' typo, expand on what 'steps' is and fix a few other minor
things.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present a NULL pointer passed to printf for a %pU argument will cause
U-Boot to access memory at 0. Fix this by adding a check, and print
"(null)" instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
[agraf: s/(null)/<NULL>/]
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently expose host addresses in the EFI memory map. That can be
bad if we ever want to use sandbox to boot strap a real kernel, because
then the kernel would fetch its memory table from our host virtual address
map. But to make that use case work, we would need to have full control
over the address space the EFI application sees.
So let's expose only U-Boot addresses to the guest until we get to the
point of allocation. EFI's allocation functions are fun - they can take
U-Boot addresses as input values for hints and return host addresses as
allocation results through the same uint64_t * parameter. So we need to
be extra careful on what to pass in when.
With this patch I am successfully able to run the efi selftest suite as
well as grub.efi on aarch64.
Signed-off-by: Alexander Graf <agraf@suse.de>
With sandbox the U-Boot code is not mapped into the sandbox memory range
so does not need to be excluded when allocating EFI memory. Update the EFI
memory init code to take account of that.
Signed-off-by: Simon Glass <sjg@chromium.org>
[agraf: Remove map_sysmem() call and header reference]
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that elf.h contains relocation defines for all architectures
we care about, let's just include it unconditionally and refer to
the defines.
Signed-off-by: Alexander Graf <agraf@suse.de>
Thanks to CONFIG_SANDBOX, we can not rely on config options to tell us
what CPU architecture we're running on.
The compiler however does know that, so let's just move the ifdefs over
to compiler based defines rather than kconfig based options.
Signed-off-by: Alexander Graf <agraf@suse.de>
Varargs differ between sysv and ms abi. On x86_64 we have to follow the ms
abi though, so we also need to make sure we use x86_64 varargs helpers.
This patch introduces generic efi vararg helpers that adhere to the
respective EFI ABI. That way we can deal with them properly from efi
loader code and properly interpret variable arguments.
This fixes the InstallMultipleProtocolInterfaces tests in the efi selftests
on x86_64 for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
In the sandbox environment we can not easily build efi stub binaries
right now, so let's disable the respective test cases for the efi
selftest suite.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
When running on the sandbox the stack is not necessarily at a higher memory
address than the highest free memory.
There is no reason why the checking of the highest memory address should be
more restrictive for EFI_ALLOCATE_ANY_PAGES than for
EFI_ALLOCATE_MAX_ADDRESS.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: use -1ULL instead]
Signed-off-by: Alexander Graf <agraf@suse.de>
We try hard to make sure that SMBIOS tables live in the lower 32bit.
However, when we can not find any space at all there, we should not
error out but instead just fall back to map them in the full address
space instead.
This can for example happen on systems that do not have any RAM mapped
in the lower 32bits of address space. In that case having any SMBIOS
tables at all is better than having none.
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI image loader tries to determine which target architecture we're
working with to only load PE binaries that match.
So far this has worked based on CONFIG defines, because the target CPU
was always indicated by a config define. With sandbox however, this is
not longer true as all sandbox targets only encompass a single CONFIG
option and so we need to use compiler defines to determine the CPU
architecture.
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit c524997acb.
Booting ARMv7 in non-secure mode using bootefi works now.
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The following generated files should be ignored by git:
efi_miniapp_file_image_exit.h
efi_miniapp_file_image_return.h
*.so files are normally deleted during the build but should be
ignored too.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The length returned by hexport_r has a few redundant characters.
This appears as NULL characters at the end so seems harmless.
Remove the surplus counts in two places
totlen += strlen(ep->key) + 2;
I'm guessing the +2 here is for = and sep char. But there is another
totlen += 2; line that does that.
size = totletn + 1;
Doesn't make sense and isn't justified with any comment.
Signed-off-by: Zubair Lutfullah Kakakhel <zubair@resin.io>
The Linux kernel moved to sphinx-based documentation and got rid of the
DocBook based documentation quite a while ago. Hence, the DocBook
documentation for U-Boot should be converted as well.
To achieve this, import the necessary files from Linux v4.17, and
convert the current DocBook documentation (three files altogether) to
sphinx/reStructuredText.
For now, all old DocBook documentation was merged into a single
handbook, tentatively named "U-Boot Hacker Manual".
For some source files, the documentation style was changed to comply
with kernel-doc; no functional changes were applied.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
When vars are passed to the himport_r function with H_NOCLEAR flag,
those vars will be overridden in the current environment and if one of
those vars is not in the imported environment, it'll be deleted in the
current environment whatever the flag passed to himport_r.
The H_NOCLEAR flag is used to clear the whole environment whether vars
are passed to the function or not.
This leads to incoherent behaviour. If one passes vars to himport_r
with the H_NOCLEAR flag, if a var in vars is not in the imported env,
that var will be removed from the current env.
If one passes vars to himport_r without the H_NOCLEAR flag, the whole
environment will be removed and vars will be imported from the
environment in RAM.
It makes more sense to keep the variable that is in the current
environment but not in the imported environment if the H_NOCLEAR flag is
set and remove only that variable if the H_NOCLEAR flag is not set.
Let's clear the whole environment only if H_NOCLEAR and vars are not
passed to himport_r.
Let's remove variables that are in the current environment but not in
the imported env only if the H_NOCLEAR flag is not passed.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Quentin Schulz <quentin.schulz@bootlin.com>
This patch renames the routine fdtdec_setup_memory_size()
to fdtdec_setup_mem_size_base() as it now fills the
mem base as well along with size.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This patch updates the ram_base to store the start address of
the first bank DRAM and the use this ram_base to calculate ram_top
properly. This patch fixes the erroneous calculation of ram_top
incase of non zero ram start address.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This patch basically adds two new commands for loadig secure
images.
1. zynq rsa adds support to load secure image which can be both
authenticated or encrypted or both authenticated and encrypted
image in xilinx bootimage(BOOT.bin) format.
2. zynq aes command adds support to decrypt and load encrypted
image back to DDR as per destination address. The image has
to be encrypted using xilinx bootgen tool and to get only the
encrypted image from tool use -split option while invoking
bootgen.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Add support for loading U-Boot on the Broadcom 7445 SoC. This port
assumes Broadcom's BOLT bootloader is acting as the second stage
bootloader, and U-Boot is acting as the third stage bootloader, loaded
as an ELF program by BOLT.
Signed-off-by: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Cc: Stefan Roese <sr@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Support a default memory bank, specified in reg, as well as
board-specific memory banks in subtree board-id nodes.
This allows memory information to be provided in the device tree,
rather than hard-coded in, which will make it simpler to handle
similar devices with different memory banks, as the board-id values
or masks can be used to match devices.
Signed-off-by: Michael Pratt <mpratt@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
ACPI tables can be passed via EFI configuration table to an EFI
application. This is only supported on x86 so far.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present the number of configuration tables is set to 2. By
looking at which tables the Linux EFI stub or iPXE can process,
it looks 16 is a reasonable number.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The use_uart assignment should follow immediately after the call to
exit_boot_services(), in case we want some debug output after that.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently efi.h determines a few bits of its environment according to
config options. This falls apart with the efi stub support which may
result in efi.h getting pulled into the stub as well as real U-Boot
code. In that case, one may be 32bit while the other one is 64bit.
This patch changes the conditionals to use compiler provided defines
instead. That way we always adhere to the build environment we're in
and the definitions adjust automatically.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
[bmeng: added some comments to describe the __x86_64__ check]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We store pixels as BGRA in memory, as can be seen from struct efi_gop_pixel.
So we need to expose the same format to UEFI payloads to actually have them
use the correct colors.
Reported-by: Fabian Vogt <fvogt@suse.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add libavb lib (3rd party library from AOSP), that implements support of
AVB 2.0. This library is used for integrity checking of Android partitions
on eMMC.
libavb was added as it is and minimal changes were introduced to reduce
maintenance cost, because it will be deviated from AOSP upstream in the future.
Changes:
- license headers changed to conform SPDX-style
- avb_crc32.c dropped
- updates in avb_sysdeps_posix.c/avb_sysdeps.h
For additional details check [1] AVB 2.0 README.
[1] https://android.googlesource.com/platform/external/avb/+/master/README.md
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
If UEFI BIOS has the graphics output protocol (GOP), let's pass its
information to U-Boot payload so that U-Boot can utilize it (eg:
an EFI framebuffer driver).
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
UEFI specifies the calling convention used in Microsoft compilers;
first arguments of a function are passed in (%rcx, %rdx, %r8, %r9).
All other compilers use System V ABI by default, passing first integer
arguments of a function in (%rdi, %rsi, %rdx, %rcx, %r8, %r9).
These ABI also specify different sets of registers that must be preserved
across function calls (callee-saved).
GCC allows using the Microsoft calling convention by adding the ms_abi
attribute to a function declaration.
Current EFI implementation in U-Boot specifies EFIAPI for efi_main()
in the test apps but uses default calling convention in lib/efi.
Save efi_main() arguments in the startup code on x86_64;
use EFI calling convention for _relocate() on x86_64;
consistently use EFI calling convention for efi_main() everywhere.
Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
A few minor fixes for the release:
- Compile fixes
- HI20 relocations for RISC-V
- Fix bootefi without load path
- Fix Runtime Services with certain compilers
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJbIp83AAoJECszeR4D/txg98QQAKjmnamRAJDWg5L2ZW9O8F6X
wtpVu5O9A6C8mVnt1RICPX2zgeeZ/Hx+2NIkvzj9rOon6CNt9ofNgefKJs9i7lI2
JOCZM9In66lGJUtNvMhbmFfWboa4DZN3bhbzU0h+clErMlcXaaatEOewUHfYTSzj
MxwQGktESvGOvZVcKPUXnFqd4dNFnBUF7yC9R903L3LXfAtSZZwmyhoEpNeUY6PK
1KMsycOmb5alZ90QzxAsWNTMDysnwmMXZmFTyFms3uy/NlMion+p2Wx6PQJK8woT
ImMhAF7B4c/C+Qa2n2oGrFIjSJi/8oDupKT2tLMcFEZWkyXoHbDLm2vAADBLVWIB
9IoxOt+N+ZVI+RSUbG0MI3aNzOcbIhXb3XwSbBnvsSabT9Uv1GMCRZfAKyROJCVR
jZx2xvOEsJZrgbPe3fM7UUlwYvOOvc+dKGYj+PjnoS8egq676GguMgGgI9PLsJOx
S0350+lhyVkKaSJOsTaeIFoExMrvSOmFSRl2KI1eDASwYIBI/afMIK3pgIcI4W4B
rRYGpF7jIcQzw11mEpu4DnC/yqJFmF60EywTY+pbvPKsW0GUSJ2Lt7h7f4eL1cgo
/za3FK1mzONKQqT6imvy3E/qWam7E58jG+W0TuQsOBH7L/1YerFmtHNnwysPUOCm
qGHYKbPExzeLtPsVsWol
=/PaA
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot
Patch queue for efi - 2018-06-14
A few minor fixes for the release:
- Compile fixes
- HI20 relocations for RISC-V
- Fix bootefi without load path
- Fix Runtime Services with certain compilers
These constants are defined in arch-specific code but redefined here. Add
a TODO to clean this up.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The PE standard allows for HI20/LOW12 relocations. Within the efi_loader
target we always know that our relocation target is 4k aligned, so we
don't need to worry about the LOW12 part.
This patch adds support for the respective relocations. With this and a
few grub patches I have cooking in parallel I'm able to run grub on RISC-V.
Signed-off-by: Alexander Graf <agraf@suse.de>
If GetMemoryMap() fails, we really want to know EFI_BITS_PER_LONG
instead of BITS_PER_LONG. A space and LF are added in places where
error message is output to improve readability.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Attempting to use a toolchain that is preconfigured to generate code
for the 32-bit architecture (i386), for example, the i386-linux-gcc
toolchain on kernel.org, to compile the 64-bit EFI payload does not
build. This updates the makefile fragments to ensure '-m64' is passed
to toolchain when building the 64-bit EFI payload stub codes.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The code to determine rows / cols on the screen could potentially run
into a case where it doesn't know how big the screen is. In that case,
assume 80x25.
Signed-off-by: Alexander Graf <agraf@suse.de>
Handles are not used at runtime. They are freed by the firmware when the
last protocol interface is uninstalled. So there is no reason to use EFI
memory when creating handles.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_mem_carve_out() is used to remove memory pages from a mapping.
As the number of pages to be removed is a 64bit type the return type
should be 64bit too.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not use anonymous constants when calling efi_allocage_pages.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allocate a buffer on the stack instead of an array of uninitialized
pointers; check if GetVariable writes past the end of the buffer.
Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_selftest_block_device accesses a FAT file system.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
With 'make htmldocs' we can generate a documentation if the function
comments follow the DocBook conventions.
This patch adjusts the comments for EFI boot services and provides the
DocBook template for the EFI subsystem.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Clarify the operation of this code with some additional comments.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
According to the UEFI spec unaligned memory access should be enabled on
CPUs supporting it.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add a test for ReinstallProtocolInterface to the controller selftest.
As ReinstallProtocolInterface has to connect controllers to the new
interface is does not fit to the manage protocols selftest.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The ReinstallProtocolInterface boot time service is implemented.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The interface has to be checked in UninstallProtocolInterface.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Pass the correct interface when uninstalling a protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_get_variable() always stores an extra zero byte after the output data.
When the returned data size matches the output buffer size, the extra zero
byte is stored past the end of the output buffer.
Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If a request for the console size would be answered with a response
with less then three values, uninitialized stack memory would be
copied to the number of rows and columns of the terminal.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The definitons of the variable services are adjusted:
- use efi_uintn_t instead of unsigned long
- use u16 * instead of s16 * for Unicode strings
- correct definition of QueryVariableInfo
- rename efi_get_next_variable to efi_get_next_variable_name
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If we cannot determine the size of the serial terminal we still have
to check the parameters of efi_cout_query_mode().
Querying the size of the serial terminal drains the keyboard buffer.
So make sure we do this during the initialization and not in the midst
of an EFI application.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The test case for text output is updated to check correct updating
of the cursor position.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The current coding advances the column by the number of UTF-8 bytes.
The column should be increased by one per unicode character.
The UEFI spec provides advance rules for U+0000, U+0008, U+000A,
and U000D. All other characters, including control characters
U+0007 (bel) and U+0009 (tab), have to increase the column by one.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
asm/global_data.h is already included via common.h.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
EFI applications like GRUB issue ANSI sequences for setting colors
and for positioning. So if the EFI subsystem is enabled, we should
also enable ANSI control sequences by default.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Instead of difference between preferred and actual image base, the
actual base is added to the fields specified in the .reloc section.
Use ImageBase from PE optional header to compute the delta,
exit early if the image is loaded at the preferred address.
Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This adds the following commits from upstream:
aadd0b65c987 checks: centralize printing of property names in failure messages
88960e398907 checks: centralize printing of node path in check_msg
f1879e1a50eb Add limited read-only support for older (V2 and V3) device tree to libfdt.
37dea76e9700 srcpos: drop special handling of tab
65893da4aee0 libfdt: overlay: Add missing license
962a45ca034d Avoid installing pylibfdt when dependencies are missing
cd6ea1b2bea6 Makefile: Split INSTALL out into INSTALL_{PROGRAM,LIB,DATA,SCRIPT}
51b3a16338df Makefile.tests: Add LIBDL make(1) variable for portability sake
333d533a8f4d Attempt to auto-detect stat(1) being used if not given proper invocation
e54388015af1 dtc: Bump version to v1.4.6
a1fe86f380cb fdtoverlay: Switch from using alloca to malloc
c8d5472de3ff tests: Improve compatibility with other platforms
c81d389a10cc checks: add chosen node checks
e671852042a7 checks: add aliases node checks
d0c44ebe3f42 checks: check for #{size,address}-cells without child nodes
18a3d84bb802 checks: add string list check for *-names properties
8fe94fd6f19f checks: add string list check
6c5730819604 checks: add a string check for 'label' property
a384191eba09 checks: fix sound-dai phandle with arg property check
b260c4f610c0 Fix ambiguous grammar for devicetree rule
fe667e382bac tests: Add some basic tests for the pci_bridge checks
7975f6422260 Fix widespread incorrect use of strneq(), replace with new strprefixeq()
fca296445eab Add strstarts() helper function
cc392f089007 tests: Check non-matching cases for fdt_node_check_compatible()
bba26a5291c8 livetree: avoid assertion of orphan phandles with overlays
c8f8194d76cc implement strnlen for systems that need it
c8b38f65fdec libfdt: Remove leading underscores from identifiers
3b62fdaebfe5 Remove leading underscores from identifiers
2d45d1c5c65e Replace FDT_VERSION() with stringify()
2e6fe5a107b5 Fix some errors in comments
b0ae9e4b0ceb tests: Correct warning in sw_tree1.c
Commit c8b38f65fdec upstream ("libfdt: Remove leading underscores from
identifiers") changed the multiple inclusion define protection, so the
kernel's libfdt_env.h needs the corresponding update.
Signed-off-by: Rob Herring <robh@kernel.org>
[ Linux commit: 9130ba884640328bb78aaa4840e5ddf06ccafb1c ]
[erosca: - Fixup conflicts in include/linux/libfdt_env.h caused by v2018.03-rc4
commit b08c8c4870 ("libfdt: move headers to <linux/libfdt.h>
and <linux/libfdt_env.h>")
- Fix build errors in lib/libfdt/fdt_ro.c, tools/libfdt/fdt_rw.c by:
- s/_fdt_mem_rsv/fdt_mem_rsv_/
- s/_fdt_offset_ptr/fdt_offset_ptr_/
- s/_fdt_check_node_offset/fdt_check_node_offset_/
- s/_fdt_check_prop_offset/fdt_check_prop_offset_/
- s/_fdt_find_add_string/fdt_find_add_string_/]
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Introduce CONFIG_IMAGE_SPARSE and CONFIG_CMD_MMC_SWRITE so the "mmc
swrite" command is separated from the fastboot code.
Move image-sparse from common to lib so it's clear it's library code.
Rename CONFIG_FASTBOOT_FLASH_FILLBUF_SIZE to CONFIG_IMAGE_SPARSE_FILLBUF_SIZE
and migrate it to Kconfig.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Acked-by: Jassi Brar <jaswinder.singh@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
We have almost all pieces needed to support RISC-V UEFI binaries in place already.
The only missing piece are ELF relocations for runtime code and
data.
This patch adds respective support in the linker script and the runtime
relocation code. It also allows users to enable the EFI_LOADER configuration
switch on RISC-V platforms.
Signed-off-by: Alexander Graf <agraf@suse.de>
We were using our EFI_CACHELINE_SIZE define only in the runtime service
code, but left the image loader to use plain CONFIG_SYS_CACHELINE_SIZE.
This patch moves EFI_CACHELINE_SIZE into efi_loader.h and converts
the image loader to use it.
Signed-off-by: Alexander Graf <agraf@suse.de>
Add support for the TPM2_PCR_SetAuthPolicy and
TPM2_PCR_SetAuthValue commands.
Change the command file and the help accordingly.
Note: These commands could not be tested because the TPMs available
do not support them, however they could be useful for someone else.
The user is warned by the command help.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_HierarchyChangeAuth command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_DictionaryAttackParameters and
TPM2_DictionaryAttackLockReset commands.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_GetCapability command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_PCR_Read command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_PCR_Extend command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_Clear command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_Selftest command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add support for the TPM2_Startup command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Instead of returning a generic 'library' error, report back the actual
error code so it can be displayed to the user by the regular error path.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
When debugging, it is welcome to get more information about what the TPM
returns. Add the possibility to print the packets received to show their
exact content.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
TPM commands are much easier to read/write with these macros that will
transform words or integers into byte strings. This way, there is no
need to call pack_byte_string() while all variable length in a command
are known (and at must 4 bytes, which is a lot of them).
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Choice between v1 and v2 compliant functions is done with the
configuration.
Create the various files that will receive TPMv2-only code on the same
scheme as for the TPMv1 code.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There are no changes in this commit but a new organization of the code
as follow.
* cmd/ directory:
> move existing code from cmd/tpm.c in cmd/tpm-common.c
> move specific code in cmd/tpm-v1.c
> create a specific header file with generic definitions for
commands only called cmd/tpm-user-utils.h
* lib/ directory:
> move existing code from lib/tpm.c in lib/tpm-common.c
> move specific code in lib/tpm-v1.c
> create a specific header file with generic definitions for
the library itself called lib/tpm-utils.h
* include/ directory:
> move existing code from include/tpm.h in include/tpm-common.h
> move specific code in include/tpm-v1.h
Code designated as 'common' is compiled if TPM are used. Code designated
as 'specific' is compiled only if the right specification has been
selected.
All files include tpm-common.h.
Files in cmd/ include tpm-user-utils.h.
Files in lib/ include tpm-utils.h.
Depending on the specification, files may include either (not both)
tpm-v1.h or tpm-v2.h.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic]
Signed-off-by: Tom Rini <trini@konsulko.com>
Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a
command or a library function that it is supported by the right
revision.
Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
files by "tpm2_" to make the distinction without moving everything.
The Kconfig menu about TPM drivers is now divided into two sections, one
for each specification. Compliant drivers with one specification will
only show up if this specification _only_ has been selected, otherwise a
comment is displayed.
Once a driver is selected by the user, it selects automatically a
boolean value, that is needed in order to activate the TPM commands.
Selecting the TPM commands will automatically select the right
command/library files.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Rework deps as TPM_V1 and TPM_V2 depend on TPM,
drop TPM_DRIVER_SELECTED]
Signed-off-by: Tom Rini <trini@konsulko.com>
Fix following checkpatch.pl issue in TPM-related code:
WARNING: Missing a blank line after declarations
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix following checkpatch.pl issues in TPM-related code:
CHECK: '<x>' may be misspelled - perhaps '<y>'?
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix following checkpatch.pl issue in TPM-related code:
CHECK: Alignment should match open parenthesis
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix following checkpatch.pl issues in TPM-related code:
CHECK: Prefer kernel type 'u8' over 'uint8_t'
CHECK: Prefer kernel type 'u16' over 'uint16_t'
CHECK: Prefer kernel type 'u32' over 'uint32_t'
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix following checkpatch.pl issue in TPM-related code:
WARNING: space prohibited between function name and open
parenthesis '('
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The DT bindings for the Arria10 clock init have changed, add another
compatible to make them work with U-Boot until a proper clock driver
gets written.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Chin Liang See <chin.liang.see@intel.com>
Cc: Dinh Nguyen <dinguyen@kernel.org>
As part of the main conversion a few files were missed. These files had
additional whitespace after the '*' and before the SPDX tag and my
previous regex was too strict. This time I did a grep for all SPDX tags
and then filtered out anything that matched the correct styles.
Fixes: 83d290c56f ("SPDX: Convert all of our single license tags to Linux Kernel style")
Reported-by: Heinrich Schuchardt <xypron.debian@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Enable the FDT library overlay support for all TI SOC family.
Without this option, when Loading fdt from FIT image, the
following warning is seen.
"config with overlays but CONFIG_OF_LIBFDT_OVERLAY not set".
Signed-off-by: Praneeth Bajjuri <praneeth@ti.com>
Suggested-by: Andrew F.Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have multiple licenses (in
these cases, dual license) declared in the SPDX-License-Identifier tag.
In this case we change from listing "LICENSE-A LICENSE-B" or "LICENSE-A
or LICENSE-B" or "(LICENSE-A OR LICENSE-B)" to "LICENSE-A OR LICENSE-B"
as per the Linux Kernel style document. Note that parenthesis are
allowed so when they were used before we continue to use them.
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
When SPL serial is disabled, callers who need sprintf or strtoul fail
because their inclusion is guarded by CONFIG_SPL_SERIAL_SUPPORT/
CONFIG_TPL_SERIAL_SUPPORT.
Split printf, sprintf and strto into their own entries and then select
all of them if SERIAL_SUPPORT is enabled to match the current behaviour.
Include panic.o unconditionally as it can be called from anywhere which
uses BUG_ON().
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
RSA_SOFTWARE_EXP and RSA_FREESCALE_EXP are wrapped inside:
if RSA
...
endif
So, remove the redundant "depends on RSA" from their depends expression.
In addition, move SPL_RSA into the same "if RSA ... endif" block, since
its only direct dependeny is CONFIG_RSA. This tidies up and simplifies
reading of lib/rsa/Kconfig.
No functional change intended.
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We have a large number of places where while we historically referenced
gd in the code we no longer do, as well as cases where the code added
that line "just in case" during development and never dropped it.
Signed-off-by: Tom Rini <trini@konsulko.com>
Provide unit tests for the EFI_DEVICE_PATH_UTILITIES_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The missing services of the EFI_DEVICE_PATH_UTILITIES_PROTOCOL are
implemented.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Device paths may consist of multiple instances. Up to now we have only
considered the size of the first instance. For the services of the
EFI_DEVICE_PATH_UTILITIES_PROTOCOL in most cases the total length of the
device path is relevant.
So let's rename efi_dp_size() to efi_dp_instance_size() and create a new
function efi_dp_size() that calculates the total device path length.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_dp_size() is meant to return the device path length without the end
node.
The length of a device path containing only an end node was incorrectly
reported as 4.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The logic of the AppendDevicePath service of the
EFI_DEVICE_PATH_UTILITIES_PROTOCOL is incorrectly implemented:
* if both paths are NULL an end node has to be returned
* if both paths are not NULL the end node of the second device path has to
be kept
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the CreateDeviceNode service of the device path utility protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Executing a test after failed setup may lead to unexpected behavior like
an illegal memory access. So after a setup failure we should skip to
teardown.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We do not support bootefi booting ARMv7 in non-secure mode.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts the parts of commit 3b3ea2c56e
where it changed the EFI dependency on NET.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Duncan Hare <dh@synoia.com>
Highlights this time around:
- Lots of minor spec compliance fixes
- Support full range of GOP BLT commands
- More fine grained error checking
- Network fixes (init, DP)
- Lots of other bug fixes...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJay2U6AAoJECszeR4D/txgE8UP/A5xHq707fv4CcQez/cZj/KE
Twv4HoSY28by71VWS+SjXXTKkx+XGM/2tLzl6dQCB9V1aFUwtB12zu4mXpplfT8R
K+dJU9PgkPKJzWRvn08JgeuXs1RQnfSgXz5J2pvSnJ4mySMlZKuVRGwHxw7DLFPf
EZOqkd2+NI90fogGFoZ2l/aAzbDssBI45jDmH0KcPO49/+7XRVYJqpg0s7TQYmhY
BeoJ0mAp12Ybpb4E7XDIGKKgCTjOGnftoRmzZyPZPfHPrmVWo2srmtycDbz0f/N0
tEiXIOAo72DzmhL6aPPNJtt1mjXTGU2iavkV74JVqXODCd3bRJxz7TF6R30Nmvfz
WMaKM+69Ahior9YJnGv2GUe8ebThxivWUUCB6HmfRh07sGCes6eV3HfklY5Fnglu
Gw5pRl9+YBOywuUuyMg/yBPpPyA7b1HaTjwhsYWAB+q7htB6JkPhQruMxdiMaQnC
gvOEoguW1XZo4MSudfC/SUOdayGp+KsQiEivi8gUh11uBPA2nj1Bh028Pj7tTET3
J4C527uF/ivKwhx2hUHq2YkkgxHWz0Z98LFG3Xkj3q3fZFRwSEzugik1TswT8z3l
qPxWgwX7Q9dxNYLW4ogvnlXU/09APRg9fVeaXxOfqJTHCCn9PHehbKKpkJ9g3cOt
lPr1Q/4C5daK8dnxDzYo
=fzbe
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot
Patch queue for efi - 2018-04-09
Highlights this time around:
- Lots of minor spec compliance fixes
- Support full range of GOP BLT commands
- More fine grained error checking
- Network fixes (init, DP)
- Lots of other bug fixes...
Check FileHeader.Machine to make sure the EFI executable image is built
for the same architecture. For example, 32-bit U-Boot on x86 will print
an error message instead of loading an x86_64 image and crashing.
Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add missing network initialization code.
Before the patch the network was only usable if a network command like
dhcp or tftp had beed executed.
This was visible when interrupting the console countdown and executing
bootefi selftest for vexpress_ca15_tc2_defconfig.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Introduce functions to print information about loaded images.
If we want to analyze an exception in an EFI image we need the offset
between the PC and the start of the loaded image.
With efi_print_image_info() we can print the necessary information for a
single image, e.g.
UEFI image [0xbffe6000:0xbffe631f] pc=0x138 '/\snp.efi'
efi_print_image_infos() provides output for all loaded images.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check that the getinfo() service of the file protocol correctly
returns the partion label.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_selftest_disk_image.h contains a disk image. We use it to test the
EFI_FILE_PROTOCOL. The patch sets the partition label to 'U-BOOT TEST'.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the information type EFI_FILE_SYSTEM_INFO in the service
GetInfo() of the EFI_FILE_PROTOCOL.
The volume label is not available in U-Boot. As a work-around use the
partition name instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In the EFI_FILE_PROTOCOL buffer sizes and positions are passed as UINTN and
not as u64.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
According to the Portable Executable and Common Object File Format
Specification the image size must be a multiple of the alignment
of sections.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For analyzing crash output the relocation address and size are needed.
Save them in the loaded image info.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We generally use efi_uintn_t where the UEFI spec uses UINTN.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Since the backing memory for a new device path can contain stale
data we have to make sure that we zero the buffer. Otherwise some
code paths that don't set all fields in a structure backed by this
device path might contain unwanted stale data.
Signed-off-by: Patrick Wildt <patrick@blueri.se>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When CONFIG_DM_ETH is set, we assemble the device path properly with a
full device hierarchy. Our helper function dp_fill() even put the MAC
node itself in it for us.
However, for non-DM compatibility we also have code in that added the
MAC node manually. That code now runs on top of the existing MAC node:
Handle 0x3db2f6b0
/HardwareVendor(e61d73b9-a384-4acc-aeab-82e828f3628b)[0: ]
/USBClass(0,0,9,0,0)/USBClass(424,9514,9,0,2)/MacAddr(b8:27:eb:e1:81:47,1)
/MacAddr(b8:27:eb:e1:81:47,57)/EndEntire
We obviously don't need the additional node and in fact, grub chokes on
it and fails to match the DP against the ethernet device node. So this
patch moves the additional MAC node into the non-DM code path:
Handle 0x3db3fde0
/HardwareVendor(e61d73b9-a384-4acc-aeab-82e828f3628b)[0: ]
/USBClass(0,0,9,0,0)/USBClass(424,9514,9,0,2)/MacAddr(b8:27:eb:e1:81:47,1)
/EndEntire
While at it, we also mark the non-DM MAC node as ethernet.
Fixes: b66c60dde9 ("efi_loader: add device-path utils")
Signed-off-by: Alexander Graf <agraf@suse.de>
The efi_add_runtime_mmio function incorrectly returned the added
address as return value rather than EFI_SUCCESS. Fix it by checking
the return value of efi_add_memory_map properly.
Fixes: f057cfef5dc ("efi_loader: exit status for efi_reset_system_init")
Signed-off-by: Alexander Graf <agraf@suse.de>
The GOP path was optimized, but still not as fast as it should be. Let's
push it even further by trimming the hot path into simple 32bit load/store
operations for buf->vid 32bpp operations.
Signed-off-by: Alexander Graf <agraf@suse.de>
We usually try to compile for size, not for speed. Unfortunately with the
more powerful GOP infrastructure to handle all sorts of GOP operations, we
end up slowing down our copying hot path quite a lot.
So this patch moves the 4 possible GOP operation modes into separate
functions which call a common function again. The end result of that is
more optimized code that can properly do constant propagation throughout
its switch() statements and thus removes compares in the hot path.
Signed-off-by: Alexander Graf <agraf@suse.de>
We optimize for size using -Os so gcc might ignore 'inline'.
Pixel conversions are called so often that we always want to inline them.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the TPL is lowered queued events may become eligible for execution.
iPXE uses the following pattern to request event execution:
bs->RestoreTPL ( TPL_APPLICATION );
bs->RaiseTPL ( TPL_CALLBACK );
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We use a timer to poll the network.
iPXE is used for booting from iSCSI drives. It has been changed to run at
TPL_CALLBACK most of the time (which is not what the UEFI spec
recommends).
By changing our timer to TPL_NOTIFY we can ensure that it is nevertheless
executed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In the Blt service of the EFI_GRAPHICS_OUTPUT_PROTOCOL the parameter delta
is measured in bytes and not in pixels.
The coding only supports delta being a multiple of four. The UEFI
specification does not explicitly require this but as pixels have a size of
four bytes we should be able to assume four byte alignment.
The corresponding unit test is corrected, too. It can be launched with
setenv efi_selftest block image transfer
bootefi selftest
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Supply a unit test for event groups.
Create multiple events in an event group. Signal each event once and check
that all events are notified once in each round.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Include libfdt.h was moved by commit b08c8c4870 ("libfdt: move headers to
<linux/libfdt.h> and <linux/libfdt_env.h>")
Fixes: e236200c7fa6 ("efi_selftest: check installation of the
device tree")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The headers are not in the correct order. Fix this. Also drop libfdt_env.h
since it is not needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rebased
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Using the existing predefined constants is less error prone and
makes the code easier to read.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for the EFI_SIMPLE_TEXT_INPUT_PROTOCOL.
The unicode character and the scan code are printed for text
input.
To run the test:
setenv efi_selftest text input
bootefi selftest
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
EFI_RESET_PLATFORM_SPECIFIC is one of the values that can be used for the
EFI service ResetSystem. The missing definition is added. The value has to
handled in efi_reset_system().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The test checks all block image transfer operations of the graphical output
protocol. An animated submarine is shown.
To run the test:
setenv efi_selftest bock image transfer
bootefi selftest
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
With the patch all block image transfer operations of the
EFI_GRAPHICS_OUTPUT_PROTOCOL are supported.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If an event of a group event is signaled all other events of the same
group are signaled too.
Function efi_signal_event is renamed to efi_queue_event.
A new function efi_signal_event is introduced that checks if an event
belongs to a group and than signals all events of the group.
Event group notifciation is implemented for ExitBootServices,
InstallConfigurationTable, and ResetSystem.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Event groups are used to signal multiple events at the same time.
They are identified by GUIDs. This patch provided the predefined
GUIDs of UEFI specification 2.7.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Lift the limit on the number of events by using a linked list.
This also allows to have events with type == 0.
This patch is based on Rob's patch
efi_loader: fix events
https://lists.denx.de/pipermail/u-boot/2017-October/309348.html
Suggested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Fix formatting errors in efi_boottime.c indicated by
scripts/checkpatch.py.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check that parameter guid is not NULL. This avoids a possible NULL
pointer exception.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Don't set unicode_char if scan_code is set.
Add support for page up, page down, and insert.
Correct input of function keys.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The unit test checks if a device tree is installed. It requires that the
'compatible' property of the root node exists. If available it prints the
'serial-number' property.
The serial-number property is derived from the environment variable
'serial#'. This can be used to check if the image_setup_libfdt() function
is executed.
A Python test is supplied. It sets a value for serial# and checks that the
selftest shows this as serial-number.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The second argument of the bootefi command should always be usable to
specify a device tree. This was missing for bootefi selftest and
bootefi hello.
Proper error handling is added.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
All EFI initialization functions should return a status code.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_reset_system_init provides the architecture or board specific
initialization of the EFI subsystem. Errors should be caught and
signalled by a return code.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_watchdog_register() should always return a status code and not
a boolean value.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Consistently return status codes form efi_net_register().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
All initialization routines should return a status code instead of
a boolean.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: Convert warnings to debug() prints]
Signed-off-by: Alexander Graf <agraf@suse.de>
Errors may occur inside efi_smbios_register().
- Return a status code.
- Remove unused variables.
- Use constants where applicable.
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Not complete, but enough for Shell.efi and SCT.efi. We'll implement the
rest as needed or once we have SCT running properly so there is a way to
validate the interface against the conformance test suite.
Initial skeleton written by Leif, and then implementation by Rob.
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
[Fill initial skeleton]
Signed-off-by: Rob Clark <robdclark@gmail.com>
[Rebase on v2018.03-rc1]
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add parameter checks in efi_load_image().
Check memory allocation is successful in efi_load_image().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In January some commits were introduced to mitigate the U-Boot image
size issues we encountered on sunxi builds.
Now with the MMC environment removed we can bring them back, as we
practically don't have a size limit anymore.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Maxime Ripard <maxime.ripard@bootlin.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
fdt_region.c does not depend on anything in libfdt_internal.h
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The get_codeseg32() wants to know if a passed in descriptor has
flag GDT_NOTSYS set (desc & GDT_NOTSYS), not whether desc and
GDT_NOTSYS are not != 0 (desk && GDT_NOTSYS).
This is an obvious typo. Fix it up.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This patch makes it possible to verify the contents and location of an
OPTEE image in DRAM prior to handing off control to that image. If image
verification fails we won't try to boot any further.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Suggested-by: Andrew F. Davis <afd@ti.com>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
When encountering an error in OPTEE verification print out various details
of the OPTEE header to aid in further debugging of encountered errors.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Tested-by: Peng Fan <peng.fan@nxp.com>
This patch adds optee_verify_bootm_image() which will be subsequently used
to verify the parameters encoded in the OPTEE header match the memory
allocated to the OPTEE region, OPTEE header magic and version prior to
handing off control to the OPTEE image.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
CONFIG_OPTEE_LOAD_ADDR is used to tell u-boot where to load the OPTEE
binary into memory prior to handing off control to OPTEE.
We need to pull this value out of u-boot in order to produce an IMX IVT/CSF
signed pair for the purposes of secure boot. The best way to do that is to
have CONFIG_OPTEE_LOAD_ADDR appear in u-boot.cfg.
Adding new CONFIG entires to u-boot should be kconfig driven so this patch
does just that.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: Ryan Harkin <ryan.harkin@linaro.org>
OPTEE is currently linked to a specific area of memory called the TrustZone
DRAM. This patch adds a CONFIG entry for the default address of TrustZone
DRAM that a board-port can over-ride. The region that U-Boot sets aside for
the OPTEE run-time should be verified before attempting to hand off to the
OPTEE run-time. Each board-port should carefully ensure that the TZDRAM
address specified in the OPTEE build and the TZDRAM address specified in
U-Boot match-up.
Further patches will use TZDRAM address with other defines and variables to
carry out a degree of automated verification in U-Boot prior to trying to
boot an OPTEE image.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
OPTEE is currently linked to a specific area of memory called the TrustZone
DRAM. This patch adds a CONFIG entry for the default size of TrustZone DRAM
that a board-port can over-ride. The region that U-Boot sets aside for the
OPTEE run-time should be verified before attempting to hand off to the
OPTEE run-time. Each board-port should carefully ensure that the TZDRAM
size specified in the OPTEE build and the TZDRAM size specified in U-Boot
match-up.
Further patches will use TZDRAM size with other defines and variables to
carry out a degree of automated verification in U-Boot prior to trying to
boot an OPTEE image.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Tested-by: Peng Fan <peng.fan@nxp.com>
This patch adds code to lib to enable sharing of useful OPTEE code between
board-ports and architectures. The code on lib/optee/optee.c comes from the
TI omap2 port. Eventually the OMAP2 code will be patched to include the
shared code. The intention here is to add more useful OPTEE specific code
as more functionality gets added.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Tested-by: Peng Fan <peng.fan@nxp.com>
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.
This commit moves the header code:
include/libfdt.h -> include/linux/libfdt.h
include/libfdt_env.h -> include/linux/libfdt_env.h
and replaces include directives:
#include <libfdt.h> -> #include <linux/libfdt.h>
#include <libfdt_env.h> -> #include <linux/libfdt_env.h>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Enable networking command only when NET is enabled.
And remove selecting NET for CMD_NET
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
efi_disk_register should return as status code (efi_status_t).
Disks with zero blocks should be reported as 'not ready' without throwing
an error.
This patch solves a problem running OpenBSD on system configured with
CONFIG_BLK=n (e.g. i.MX6).
Reported-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add stubs for UpdateCapsule, QueryCapsuleCapabilities, and
QueryVariableInfo.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Change the return type of efi_driver_init() to efi_status_t.
efi_driver_init() calls efi_add_driver() which returns an efi_status_t
value. efi_driver_init() should not subject this value to a conversion to
int losing high bits on 64bit systems.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently the UEFI revision number in the system table header is set to
2.0.5. This version number does not refer to any existing version of the
UEFI standard.
Set the revision number to 2.7.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently we set the function pointer for the CreateEventEx boot service
to NULL. When called this would lead to an immediate failure.
A function stub is provided which handles the case that the boot service
is called without an event group and returns EFI_UNSUPPORTED otherwise.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For EFI binaries we need special CFLAGS.
They were specified for an object file that since has been replaced.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Before the patch an undefined constant EFI_SUBSYSTEM was used in the
crt0 code. The current version of binutils does not swallow the error.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888403
The necessary constant IMAGE_SUBSYSTEM_EFI_APPLICATION is already
defined in pe.h. So let's factor out asm-generic/pe.h for the
image subsystem constants and use it in our assembler code.
IMAGE_SUBSYSTEM_SAL_RUNTIME_DRIVER does not exist in the specification
let's use IMAGE_SUBSYSTEM_EFI_ROM instead.
The include pe.h is only used in code maintained by Alex so let him be the
maintainer here too.
Reported-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Vagrant Cascadian <vagrant@debian.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
config_fallbacks.h has some logic that sets HAVE_BLOCK_DEVICE
based on a list of enabled options. Moving HAVE_BLOCK_DEVICE to
Kconfig allows us to drastically shrink the logic in
config_fallbacks.h
Signed-off-by: Adam Ford <aford173@gmail.com>
[trini: Rename HAVE_BLOCK_DEVICE to CONFIG_BLOCK_DEVICE]
Signed-off-by: Tom Rini <trini@konsulko.com>
config_fallback.h has some logic that checks a variety of options
and selects LIB_UUID if it hasn't already been selected. This
will all LIB_UUID in Kconfig and select this option for the list
of options to allow us to remove the logic from fallbacks
Signed-off-by: Adam Ford <aford173@gmail.com>
config_fallbacks.h had some logic to automatically select
LIB_RAND if RANDOM_UUID or CMD_UUID were set if LIB_HW_RAND wasn't
already selected. By migrating LIB_HW_RAND to Kconfig, we can
remove this check from config_fallbacks.h and put it into Kconfig
Signed-off-by: Adam Ford <aford173@gmail.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
[trini: Turn into a choice, add NET_RANDOM_ETHADDR]
Signed-off-by: Tom Rini <trini@konsulko.com>
AES encryption in CBC mode, in most cases, must be used with random
initialization vector. Using the same key and initialization vector several
times is weak and must be avoided.
Added iv parameter to the aes_cbc_encrypt_blocks and aes_cbc_decrypt_blocks
functions for passing initialization vector.
Command 'aes' now also require the initialization vector parameter.
Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
Now that we have %pD support in vsprintf we should avoid separate
logic for printing device paths in other places.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In an image is loaded from memory we do not have a device path.
Do not install NULL as device path in this case.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When printing '%pD' with a value of NULL we want to output
'<NULL>'. But this requires copying to buf. Leave this
to string16.
A unit test is supplied which relies on EFI support in the sandbox.
The development for EFI support in the sandbox is currently in branch
u-boot-dm/efi-working. The branch lacks commit 6ea8b580f0 ("efi_loader:
correct DeviceNodeToText for media types"). Ater rebasing the aforementioned
branch on U-Boot v2018.01 and adding 256060e425 and this patch the test
is executed successfully.
Fixes: 256060e425 (vsprintf.c: add EFI device path printing)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When a UEFI payload just returns instead of calling the Exit() callback,
we handle that in efi_do_enter() and call Exit on its behalf, so that
the loaded_image->exit_status value is correct.
We were missing that logic in StartImage(). Call it there too.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a better description for indent_string.
Fix a typo.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
EFI calls are usually defined as asmlinkage. That means we pass all parameters
to functions via the stack x86_32.
On x86_64 however, we need to also stick to the MS ABI calling conventions,
which the EFIAPI define conveniently handles for us. Most EFI functions were
also marked with EFIAPI, except for the entry call.
So this patch adjusts all entry calls to use EFIAPI instead of the manual
asmlinkage attribute.
While at it, we also change the prototype of the entry point to return
efi_status_t instead of ulong, as this is the correct prototype definition.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Use efi_status_t in all occurences
We have 2 users of the EFI headers: efi_loader and the EFI stub. Efi_loader
always expects that the bitness of the definitions it uses is identical to
the execution.
The EFI stub however allows to run x86_64 U-Boot on 32bit EFI and the other
way around, so it allows for different bitness of EFI definitions and U-Boot
environment.
This patch explicitly requests via Kconfig that efi_loader can only be enabled
if the bitness is identical. Because we can run efi_loader on x86_64 without
EFI stub enabled, it also ensures that this case propagates the correct ABI
constraints.
Signed-off-by: Alexander Graf <agraf@suse.de>
There is tons of code duplication between lib/libfdt/libfdt.h and
scripts/dtc/libfdt/libfdt.h. Evacuate the U-Boot own code to
include/libfdt.h and remove lib/libfdt/libfdt.h.
For host tools, <libfdt.h> should include scripts/dtc/libfdt/libfdt.h,
which is already suitable for user-space.
For compiling U-Boot, <linux/libfdt.h> should be included because we
need a different libfdt_env.h .
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The only difference between scripts/dtc/libfdt/fdt_rw.c and
lib/libfdt/fdt_rw.c is fdt_remove_unused_strings().
It is only used by fdtgrep, so we do not need to compile it for U-Boot
image. Move it to tools/libfdt/fdw_rw.c so that lib/libfdt/fdt_rw.c
can be a wrapper of scripts/dtc/libfdt/fdt_rw.c.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The sunXi arm64 build has overflown, leading to the main U-boot binary
overwriting the environment when flashing the new image, or even worse,
overwriting itself when we're calling saveenv.
Disable this option that is not critical until we can adress the issue
properly.
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
Some messages are only useful if an error occurs.
Fix a use after free.
Add a missing free.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Create device path nodes for UCLASS_ETH udevices.
Create device path nodes of block device children of UCLASS_MMC udevices.
Consistently use debug for unsupported nodes.
Set the log level to error.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: Fix build failure by adding #ifdef CONFIG_DM_ETH]
Signed-off-by: Alexander Graf <agraf@suse.de>
This test checks the driver for block IO devices.
A disk image is created in memory.
A handle is created for the new block IO device.
The block I/O protocol is installed on the handle.
ConnectController is used to setup partitions and to install the simple
file protocol.
A known file is read from the file system and verified.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch provides
* a uclass for EFI drivers
* a EFI driver for block devices
For each EFI driver the uclass
* creates a handle
* adds the driver binding protocol
The uclass provides the bind, start, and stop entry points for the driver
binding protocol.
In bind() and stop() it checks if the controller implements the protocol
supported by the EFI driver. In the start() function it calls the bind()
function of the EFI driver. In the stop() function it destroys the child
controllers.
The EFI block driver binds to controllers implementing the block io
protocol.
When the bind function of the EFI block driver is called it creates a
new U-Boot block device. It installs child handles for all partitions and
installs the simple file protocol on these.
The read and write functions of the EFI block driver delegate calls to the
controller that it is bound to.
A usage example is as following:
U-Boot loads the iPXE snp.efi executable. iPXE connects an iSCSI drive and
exposes a handle with the block IO protocol. It calls ConnectController.
Now the EFI block driver installs the partitions with the simple file
protocol.
iPXE uses the simple file protocol to load Grub or the Linux Kernel.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: add comment on calloc len]
Signed-off-by: Alexander Graf <agraf@suse.de>
This pair of tests checks the StartImage boot service.
Each test loads an EFI application into memory and starts it.
One returns by calling the Exit boot service. The other returns directly.
The tests are not built on x86_64 because the relocation code for the efi
binary cannot be created.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch lets the implementation of ExitBootServices conform to
the UEFI standard.
The timer events must be disabled before calling the notification
functions of the exit boot services events.
The boot services must be disabled in the system table.
The handles in the system table should be defined as efi_handle_t.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In ExitBootServices we need to signal events irrespective of the current
TPL level. A new parameter check_tpl is added to efi_signal_event().
Function efi_console_timer_notify() gets some comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
On a block device and its partitions the same protocols can be
installed. To tell the apart we can use the type of the last
node of the device path which is not the end node.
The patch provides a utility function to find this last node.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add the revision constants.
Depending on the revision additional fields are needed in the
media descriptor.
Use efi_uintn_t for number of bytes to read or write.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Up to now we have been using efi_disk_create_partitions() to create
partitions for block devices that existed before starting an EFI
application.
We need to call it for block devices created by EFI
applications at run time. The EFI application will define the
handle for the block device and install a device path protocol
on it. We have to use this device path as stem for the partition
device paths.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide new function efi_dp_part_node() to create a device
node for a partition.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The GUID of the EFI_BLOCK_IO_PROTOCOL is needed in different code
parts. To avoid duplication make efi_block_io_guid a global symbol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The interface type name can be used to look up the interface type.
Don't confound it with the driver name which may be different.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The calling convention for the entry point of an EFI image
is always 'asmlinkage'.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check if the device tree and the SMBIOS table are available.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The category of memory allocated for an EFI image should depend on
its type (application, bootime service driver, runtime service driver).
Our helloworld.efi built on arm64 has an illegal image type. Treat it
like an EFI application.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use %pD to print the device path instead of its address when
entering efi_load_image.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In contrast to the description the code did not split the device
path into device part and file part.
The code should use the installed protocol and not refer to the
internal structure of the the disk object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When installing the the simple file system protocol we have to path
the address of the structure and not the address of a pointer to the
structure.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For the construction of device paths we need to call the
AllocatePool service. We should not ignore if it fails due to an
out of memory situation.
This patch changes the device path functions to return NULL if
the memory allocation fails.
Additional patches will be needed to fix the callers.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should consistently use the efi_handle_t typedef when
referring to handles.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This unit test checks the following protocol services:
ConnectController, DisconnectController,
InstallProtocol, UninstallProtocol,
OpenProtocol, CloseProtcol, OpenProtocolInformation
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>