Up to now the bootefi command used the last file loaded to determine the
boot partition. This has led to errors when the fdt had been loaded from
another partition after the EFI binary.
Before setting the boot device from a loaded file check if it is a PE-COFF
image or a FIT image.
For a PE-COFF image remember address and size, boot device and path.
For a FIT image remember boot device and path.
If the PE-COFF image is overwritten by loading another file, forget it.
Do not allow to start an image via bootefi which is not the last loaded
PE-COFF image.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
setenv -e -i <address>,<filesize> can be used to set a UEFI variable
from memory.
For separating an address and a size we use ':' in most commands.
Let's do the same for setenv -e -i.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
* UEFI variables can be persisted
* describe that the sequence of files loaded before bootefi matters
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Some distributions provide UEFI binaries like Shim that have been signed
using a Microsoft certificate. Provide the download paths for the public
keys.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If OP-TEE is compiled with an EDK2 application running in secure world
it can process and store UEFI variables in an RPMB.
Add documentation for the config options enabling this.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
A small text in docs/uefi/uefi.rst was added to explain how we can
configure and utilise UEFI secure boot feature on U-Boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The load file 2 protocol can be used by the Linux kernel to load the initial
RAM disk. U-Boot can be configured to provide an implementation.
Add a description to the UEFI overview and document the related functions
in the API section.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This patch adds a new section "Launching a UEFI binary from a FIT image"
documenting the usage of the CONFIG_BOOTM_EFI extension to bootm command
that offers a verified boot alternative for UEFI binaries such as GRUB2.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Change the UEFI documentation to Sphinx style and integrate it into the
rest of the Sphinx generated documentation.
Remove the inaccurate TODO list in doc/uefi/uefi.rst.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
