Free resources upon failure.
Correct the function description.
As there is no need for any special address in the dummy memory device
path passed via the EFI_LOADED_IMAGE_PROTOCOL simply use 0 as address.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
`bootefi selftest` fails on qemu-x86_defconfig if efi_selftest() is not
invoked using EFI_CALL().
Likewise we call the entry point of EFI payloads with
EFI_CALL(efi_start_image()).
entry_count indicates if we are in U-Boot (1) or in EFI payload code (0).
As we start in U-Boot code the initial value has to be 1.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Remove the duplicate code in efi_do_enter() and use efi_start_image() to
start the image invoked by the bootefi command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Up to now efi_load_pe() returns the entry point or NULL in case of an
error. This does not allow to return correct error codes from LoadImage().
Let efi_load_pe() return a status code and fill in the entry point in the
corresponding field of the image object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Refactor the switch from supervisor to hypervisor to a new function called
at the beginning of do_bootefi().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function, efi_init_obj_list(), can be shared in different pseudo efi
applications, like bootefi/bootmgr as well as my efishell. Moreover, it
will be utilized to extend efi initialization, for example, my "removable
disk support" patch and "capsule-on-disk support" patch in the future.
So with this patch, it will be moved to a new file, efi_setup.c, under
lib/efi_loader and exported, making no changes in functionality.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Remove lines deactivated by #if 1 #else
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
debug() support supports %p to print pointers.
The debug message is unique. So there is not need to write a possibly
distracting line number.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When calling efi_dp_from_mem() use a named constant for the memory type.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When copying the device we must ensure that the copy does not fall into a
memory area reserved by the same.
So let's change the sequence: first create memory reservations and then
copy the device tree.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The sandbox is using a virtual address space which is neither the physical
address space of the operating system nor the virtual address space in
which Linux aplications live. The addresses used insided the flattened
device tree use this sandbox virtual address space. The EFI subsystem uses
the virtual address space of the operating system and this is where the fdt
is stored.
Fix all incorrect addresses for the fdt in cmd/bootefi.cmd.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When allocating EFI memory pages the size in bytes has to be converted to
pages.
Provide a macro efi_size_in_pages() for this conversion.
Use it in the EFI subsystem and correct related comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This function can be used from do_bootefi_exec() so that we use mostly the
same code for a normal EFI application and an EFI test.
Rename the function and use it in both places.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
There is still duplicated code in efi_loader for tests and normal
operation.
Add a new bootefi_run_prepare() function which holds common code used to
set up U-Boot to run EFI code. Make use of this from the existing
bootefi_test_prepare() function, as well as do_bootefi_exec().
Also shorten a few variable names.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The functions in bootefi are very long because they mix high-level code
and control with the low-level implementation. To help with this, create
functions which handle preparing for running the test and cleaning up
afterwards.
Also shorten the awfully long variable names here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present a few error conditions are not checked. Before refactoring
this code, add some basic checks. Note that this code still leaks memory
in the event of error. This will be tackled after the refactor.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The "Devicetree Specification 0.2" does not prescribe that memory
reservations must be EFI page aligned. So let's not make such an
assumption in our code.
Do not carve out the pages for the device tree. This memory area is
already marked as EFI_RUNTIME_SERVICES_DATA.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In copy_fdt() we allocate EFI pages for the fdt plus extra 12 KiB as
EFI_RUNTIME_SERVICES_DATA. Afterwards in efi_install_fdt() we overwrite
part of this memory allocation by marking it as EFI_BOOT_SERVICES_DATA.
Remove the code marking the fdt as EFI_BOOT_SERVICES_DATA.
Cf. commit 17ff6f02f5 ("efi_loader: store DT in EFI_RUNTIME_SERVICES_DATA
memory")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Factor out efi_set_bootdev() and extract efi_dp_from_name().
This function will be used to set a boot device in efishell command.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Rename the component parent of some EFI objects to header. This avoids
misunderstandings.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
All our handles point to a struct efi_object. So let's define the
efi_handle_t accordingly. This helps us to discover coding errors much
more easily. This becomes evident by the corrections to the usage of
handles in this patch.
Rename variable image_handle to image_obj where applicable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If DEBUG is defined we may be calling EFI_CALL already during the
initialization of the EFI subsystem. We must make sure efi_save_gd() has
already been called at that moment.
Anyway it is better to have this call in one location instead of three.
This fixes an illegal memory access occurring since 4e6b5d6503
("efi_loader: create root node") with DEBUG = 1.
Fixes: 4e6b5d6503 ("efi_loader: create root node")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Create the handle of loaded images and the EFI_LOADED_IMAGE_PROTOCOL
inside efi_setup_loaded_image(). Do not use local variables.
Currently we expect the loaded image handle to point to the loaded image
protocol. Additionally we have appended private fields to the protocol.
With the patch the handle points to a loaded image object and the private
fields are added here. This matches how we handle the net and the gop
object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When running in EL3 mode on AArch64, we have to first drop to EL2
to execute a UEFI payload. When dropping down, the arguments to
the entry point have to stay identical to the ones for normal entry
though.
In commit ea54ad5928 ("efi_loader: pass handle of loaded image")
we incorrectly changed that logic and had the el3 entry path diverge.
Fix it up by syncing it back to what it's supposed to be.
Fixes: ea54ad5928 ("efi_loader: pass handle of loaded image")
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Currently we assign a lot of protocols to loaded images though
these protocols are not related to them. Instead they should be
installed on a separate handle. Via the device path it is the
parent to the devices like the network adapter.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_set_bootdev() may be called repeatedly.
Free the memory allocated for device paths in previous calls.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not use a local variable for the handle backing the memory device path.
Adjust relate comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The number of bytes in an utf-8 string is an upper limit for the number of
words in the equivalent utf-16 string. In so far the inumbant coding works
correctly. For non-ASCII characters the utf-16 string is shorter. With the
patch only the necessary buffer size is allocated for the load options.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present this function takes a pointer as its argument, then passes this
to efi_allocate_pages(), which actually takes an address. It uses casts,
which are not supported on sandbox.
Also the function calculates the FDT size rounded up to the neared EFI
page size, then its caller recalculates the size and adds a bit more to
it.
This function is much better written as something that works with
addresses only, and returns both the address and the size of the relocated
FDT.
Also, copy_fdt() returns NULL on error, but really should propagate the
error from efi_allocate_pages(). To do this it needs to return an
efi_status_t, not a void *.
Update the code in this way, so that it is easier to follow, and also
supports sandbox.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Sandbox only has 128MB of memory so we cannot relocate the device tree up
to start at 128MB. Use 127MB instead, which should be safe.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove unused function efi_get_time_init().
Initialization of the RTC has to be done in board bring up not in the EFI
subsystem.
There is no RTC device in the UEFI spec. The RTC is only accessed through
the runtime services.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For the boot and runtime services tables and for the system table the
crc32 has to be set in the header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This function currently returns an error code, but never uses it. There is
no function comment so it is not obvious why. Presuambly the error is not
important.
Update the function to explain its purpose and why it ignores the error.
Drop the useful error return value.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This is a bit confusing at present since it adds 4KB to the pointer, then
rounds it up. It looks like a bug, but is not.
Move the 4KB addition into a separate statement and expand the comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The bootefi command gets a few addresses as values passed in. In sandbox,
these values are in U-Boot address space, so we need to make sure we
explicitly call map_sysmem() on them to be able to access them.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Multiple EFI binaries may be executed in sequence. So if we already
are in non-secure mode after running the first one we should skip
the switching code since it no longer works once we're non-secure.
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
If desired (and possible) switch into HYP mode or non-secure SVC mode
before calling the entry point of an EFI application. This allows
U-Boot to provide a usable PSCI implementation and makes it possible
to boot kernels into hypervisor mode using an EFI bootloader.
Based on diffs from Heinrich Schuchardt and Alexander Graf.
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
[agraf: Fix indentation]
Signed-off-by: Alexander Graf <agraf@suse.de>
ACPI tables can be passed via EFI configuration table to an EFI
application. This is only supported on x86 so far.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When we boot using memdp (bootefi on an address without previous
load that populates the device path) then the memory device path
we pass in is not backed by any handle.
That can result in weird effects. For example grub gets very grumpy
about this inside the efi_net module and just loops endlessly.
So let's expose a simple handle that the memory device path is backed
on. That way any code that looks for the device the dp is on, finds
one.
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not use anonymous constants when calling efi_allocage_pages.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec mandates that unaligned memory access should be enabled if
supported by the CPU architecture.
This patch adds an empty weak function unaligned_access() that can be
overridden by an architecture specific routine.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove a superfluous call to efi_init_obj_list() invoked by
'bootefi selftest'.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
As part of the main conversion a few files were missed. These files had
additional whitespace after the '*' and before the SPDX tag and my
previous regex was too strict. This time I did a grep for all SPDX tags
and then filtered out anything that matched the correct styles.
Fixes: 83d290c56f ("SPDX: Convert all of our single license tags to Linux Kernel style")
Reported-by: Heinrich Schuchardt <xypron.debian@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
This reverts the parts of commit 3b3ea2c56e
where it changed the EFI dependency on NET.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Duncan Hare <dh@synoia.com>
With legacy boot (booti, bootz), people can declare memory regions as
reserved using device tree memory reservations. This feature is some
times used to indicate memory regions that should not be touched.
Since in a UEFI world, the DT memory reservations do not get honored,
let's copy them into the UEFI memory map so everyone has a coherent
view of the world and we give people the chance to add reservations
on demand.
Signed-off-by: Alexander Graf <agraf@suse.de>
The device path of the loaded image should be set to the partition
from which the image was loaded. This requires using the same logic as
the load command.
Without the patch the device path pointed to the whole disk after executing
load mmc 0: 0x43000000 FILE
and not to the boot partition from which the file was actually loaded.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The second argument of the bootefi command should always be usable to
specify a device tree. This was missing for bootefi selftest and
bootefi hello.
Proper error handling is added.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Up to now errors in the initialization of the EFI subsystems was not
checked.
If any initialization fails, leave the bootefi command.
We do not retry initialization because this would require to undo all prior
initalization steps.
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The return type of do_bootefi_exec() is efi_status_t. So in case
of an error we should always return an EFI status code.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_init_obj_list() should be executed only once.
Rather than having the caller check this variable and the callee set it,
move all access to the variable inside the function. This reduces the
logic needed to call efi_init_obj_list().
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
