Commit graph

2966 commits

Author SHA1 Message Date
Ilias Apalodimas
d6b55a420c efi_loader: startup the tpm device when installing the protocol
Due to U-Boot's lazy binding mentality the TPM is probed but not properly
initialized.  The user can startup the device from the command line
e.g 'tpm2 startup TPM2_SU_CLEAR'.  However we can initialize the TPM during
the TCG protocol installation,  which is easier to use overall.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-11-20 10:53:01 +01:00
Ilias Apalodimas
5ba0397049 efi_loader: fix FinalEvents table if an EFI app invoked GetEventLog
As described in the TCG spec [1] in sections 7.1.1 and 7.1.2 the FinalEvent
table should include events after GetEventLog has been called.  This
currently works for us as long as the kernel is the only EFI application
calling that.  Specifically we only implement what's described in 7.1.1.

So refactor the code a bit and support EFI application(s) calling
GetEventLog.  Events will now be logged in both the EventLog and FinalEvent
table as long as ExitBootServices haven't been invoked.

[1] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-20 10:53:00 +01:00
Heinrich Schuchardt
22ad3f5f7b efi_selftest: unit test for EFI_GROUP_BEFORE_EXIT_BOOT_SERVICE
Add a test for the EFI_GROUP_BEFORE_EXIT_BOOT_SERVICE event group.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-11-20 10:53:00 +01:00
Heinrich Schuchardt
43eaf5b13f efi_loader: EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES
Implement the EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES event group
handling.

Add the definition of EFI_EVENT_GROUP_AFTER_READY_TO_BOOT.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-11-20 10:53:00 +01:00
Masami Hiramatsu
5d49b32f0a efi_loader: capsule: Record capsule result only if capsule is read
Record capsule update result only if the capsule file is
successfully read, because the capsule GUID is not sure when
the file can not be read or the file is not a capsule.
Without this fix, if user puts a dummy (non-capsule) file
under (ESP)EFI/UpdateCapsule, U-Boot causes a synchronous
abort.

This also fixes use-after-free bug of the 'capsule' variable.

Fixes: c74cd8bd08 ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-20 10:53:00 +01:00
Masahisa Kojima
3961bd9b55 efi_loader: Reduce efi_tcg2 logging statement
log_info() is used for the debug level logging statement
which should use log_debug() instead. Convert it to reduce the
log output.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-20 10:53:00 +01:00
Heinrich Schuchardt
ac7606af7d lmb: fix typo 'commun'
%s/commun/common/

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-20 10:53:00 +01:00
Tom Rini
b5f2c68d5c TPM1.2 and Atmel fixes
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEgWII69YpahbL5iK5gS8AYozs+qIFAmGXVGcACgkQgS8AYozs
 +qLoVA/8CDEhyU20XorNzyk/+Dpy4+7s91wnRiNuQxDcwJke5dcgCtJ62cURsWI/
 69gnijt1Pif1ODPWECj9Fh8SYp0S8ZL/7YBS9JjpgHNCPvOuxoaSvO4Q0CejDBWO
 7Yj2UZwR2AvUO57bD3pOVQJns5PiCyF94zt/5LO9NCCnAoXxc2dH2M2Eelxac5wA
 zx4PksKeX72k1HkSywQgM4uWOweWs8OzgSE5mBiGQTP/9aYCeRtPv3i7JlClqw4R
 uNqSGJrDEKfJnV3kmZpKAACl91vS+4g7rfQbOyB7DOL1hNpJ7/7d2++/j8P8jB17
 zCXW+mK60+4/0pJ2Bk/6XddbTYvMskija+lQib1FHshAPbDrbXNbS8WrDInMFC3L
 RfCugrxG9fgtu3yWqy1+GyDEN3s5yATYBSo27xfOvW5919McMTEy1YGjA7R1K5l/
 WLFO9oBSLYolZPZgEqi0Z7sNr2BSVmodk0KCJkcXR8J5YIc8r4dtfSRhw0lcdcD8
 c/Wi5+i0PX4ZmuDrbjffjvUJ1Mz2n9igI3ADK2Xn/Lf7KVHW7oiPcQYeijqhTAVa
 zu9DXIw+E8o4Nq3/u4VDecTRZcGUVWR83DJYGn4U0NDMC9PCLj3TBG9KogKt/Ceo
 au1F50co7qxqehmtnm8Bej/He87fIJmZmbaqT388ZXNwMEVPTNo=
 =m8lp
 -----END PGP SIGNATURE-----

Merge tag 'tpm-19112021' of https://source.denx.de/u-boot/custodians/u-boot-tpm

TPM1.2 and Atmel fixes

# gpg verification failed.
2021-11-19 16:33:23 -05:00
Marek Vasut
b1f3f982fa arm64: Add missing GD_FLG_SKIP_RELOC handling
In case U-Boot enters relocation with GD_FLG_SKIP_RELOC, skip the
relocation. The code still has to set up new_gd pointer and new
stack pointer.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
2021-11-18 18:20:19 -05:00
Marek Vasut
bd994c007a lmb: Reserve U-Boot separately if relocation is disabled
In case U-Boot starts with GD_FLG_SKIP_RELOC, the U-Boot code is
not relocated, however the stack and heap is at the end of DRAM
after relocation. Reserve a LMB area for the non-relocated U-Boot
code so it won't be overwritten.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
2021-11-18 18:20:19 -05:00
Chia-Wei Wang
89c36cca0b crypto: aspeed: Add AST2600 ACRY support
ACRY is designed to accelerate ECC/RSA digital signature
generation and verification.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
2021-11-17 17:05:00 -05:00
Mathew McBride
e845dd7c8b cmd: tpm-v1: fix load_key_by_sha1 compile errors
This command is not compiled by default and has not been updated alongside
changes to the tpmv1 API, such as passing the TPM udevice to the relevant
functions.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-17 13:47:27 +02:00
Tom Rini
b8a156f54e Pull request for efi-2022-01-rc2-2
UEFI:
 * fix measurement of BootOrder variable for TCG2 protocol
 
 TPM:
 * TIS mmio driver. This driver supports QEMU's emulated TPM.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmGQD7kACgkQxIHbvCwF
 GsStWA/9HmYlBuc0ZNNVVvBtD9QKe1rliXnGubVA52ZhnZHlIijdbpXSZBbA2uQy
 auMox1eQ7isdQFgC8GGZF5O3VpwdT5E/mz1BYukkvHUFdYmwOSKfH++7Tt88P+Uc
 ZK/uIfhZApl9UiuzzLr6M/8T7K/NWg7BtsdNivSe6sBHPIBfAfl0K1CGxU9v1lm1
 0DvPDaby5J3SbZUiln6mzxZ9Yjmqz85s3W7IUvY7I7xWgApaP6IuvQa4pkrGzDeQ
 ofICVozr75yCk1kW+xB5lSQ/iI//ppOL4Ng7aL87eSoAzp1W+5TZrWA6pIYGfWVD
 bgmMI3OileCFrU3uNGKY7dbObP7FZz7lVykXoejMfHNG/Zfmo+f+2qS9PgT83Rnr
 KC4eMqS+0wYiO2Qru+ZJwija9JsS5SO9v7Vp2L0vT2u+CU35dDuy5epi1IHzfSL0
 bO1feAtUYwK/An2jwlSG7EO4AxJ7Yh+WlxL5TgsSqJGdyL/uI3pussuXRnHHshrS
 2xmV9M8dSFy2RQTNO958nloj01XNzPRmcBl5uVF5htye0PI5VFk7Lo8oUj6UzuXt
 14gNl1pumnihkEl4C+/TR7HL9/Q/tgm4EEYIU7+kbEyS0MFEzsjOt0y+Sm12qD7S
 wQ1jnLcstp88e7erMyursv/HUlD8Kn5HWckpGT+wnBKsN4xMSQk=
 =VSW9
 -----END PGP SIGNATURE-----

Merge tag 'efi-2022-01-rc2-2' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2022-01-rc2-2

UEFI:
* fix measurement of BootOrder variable for TCG2 protocol

TPM:
* TIS mmio driver. This driver supports QEMU's emulated TPM.
2021-11-13 18:13:35 -05:00
Simon Glass
4a255ea3b6 lib: Add a function to convert a string to a hex value
Add an xtoa() function, similar to itoa() but for hex instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
Tested-by: Artem Lapkin <email2tema@gmail.com>
2021-11-11 19:02:34 -05:00
Masahisa Kojima
c9c1cdbda3 efi_loader: fix BootOrder variable measurement handling
UEFI specification does not require that BootOrder is defined.
In current implementation, boot variable measurement fails and
returns EFI_NOT_FOUND if BootOrder is not defined.

This commit correcly handles this case, skip the boot variable
measurement if BootOrder is not defined.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-11-10 20:57:54 +01:00
Masahisa Kojima
aa1b504927 efi_selftest: add selftest for EFI_TCG2_PROTOCOL and Measured Boot
This commit adds the missing EFI_TCG2_PROTOCOL selftest
and Measured Boot selftest in lib/efi_selftest.

This selftest includes PE/COFF image measurement test, some PCR values are
different in each architecture. With that, this commit also adds pre-built
versions of lib/efi_selftest/efi_miniapp_file_image_exit.c for PE/COFF
image measurement test for 32-bit arm, arm64, ia32, x86_64, riscv32 and
riscv64. Prebuilding avoids the problem of reproducible builds.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

Make the test 'onrequest'.
Add code comments to the includes with the binaries.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Simon Glass
f844573762 efi: Add a way to obtain boot services in the app
Add a function to return this information along with a stub for the
efi_info_get() function, since calling it otherwise hangs U-Boot.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Simon Glass
9c297a3dab x86: Don't duplicate global_ptr in 64-bit EFI app
This variable is already defined by the EFI code. Drop the duplicate
definition when building a 64-bit EFI app.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Simon Glass
e16c47fa3d efi: Create a 64-bit app
Most modern platforms use 64-bit EFI so it is useful to have a U-Boot app
that runs under that. Add a (non-functional) build for this.

Note that --whole-archive causes the gcc 9.2 linker to crash, so disable
this for now. Once this is resolved, things should work.

For now, avoid mentioning the documentation for the 64-bit app, since it
does not work.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Simon Glass
f4d227c99f x86: Create a 32/64-bit selection for the app
Most EFI implementations use 64-bit but U-Boot only supports running as
a 32-bit app at present. While efi-x86_payload64 does boot from 64-bit
UEFI it immediately changes back to 32-bit before starting U-Boot.

In order to support a 64-bit U-Boot app, update the Kconfig to add an
option for 32/64 bit. Update the prompt for the existing option so it is
clear it relates to the stub. Move both up to just under the choice that
controls them, since this looks better and the menu.

Use CONFIG_EFI_APP in the Makefile instead of CONFIG_TARGET_EFI_APP,
since the latter is specific to a single target and we will have two.

Memory size is set to 32MB for now so that it can run on qemu without
increasing the default memory size. We may need to increase the default
later.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Masahisa Kojima
7fc93cae49 efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand
This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand
required in the TCG PC Client PFP spec.
SubmitCommand enables to send the raw command to the TPM device.

To implement this api, tpm2_submit_command() is added
into tpm-v2.c.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-11-07 18:36:55 +01:00
Masahisa Kojima
14cbb330fe efi_loader: use byteshift unaligned access helper
Calling unaligned/access-ok.h version of put_unaligned_le64()
causes data abort in arm 32-bit QEMU.

The similar issue also occurs in linux kernel,
unaligned/access-ok.h is no longer used in linux kernel[1].

This commit uses the unaligned/be_byteshift.h and
unaligned/le_byteshift.h helper instead of unaligned/access-ok.h.

[1]https://lore.kernel.org/all/20210507220813.365382-8-arnd@kernel.org/

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-11-07 18:36:55 +01:00
AKASHI Takahiro
50b05eb606 efi_loader: capsule: drop __weak from efi_get_public_key_data()
As we discussed in ML, currently a device tree is the only place
to store public keys for capsule authentication. So __weak is not
necessary for now.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-11-07 18:36:55 +01:00
Ilias Apalodimas
e7fb789612 sandbox: Remove OF_HOSTFILE
OF_HOSTFILE is used on sandbox configs only.  Although it's pretty
unique and not causing any confusions,  we are better of having simpler
config options for the DTB.

So let's replace that with the existing OF_BOARD.  U-Boot would then
have only three config options for the DTB origin.
- OF_SEPARATE, build separately from U-Boot
- OF_BOARD, board specific way of providing the DTB
- OF_EMBED embedded in the u-boot binary(should not be used in production

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-27 16:38:26 -04:00
Tom Rini
670d657dfb Pull request for efi-2022-01-rc1-2
doc:
 	Remove obsolete PPC4XX references
 
 UEFI:
 	Implement missing TCG2 measurements
 	Code clean up
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmF4eZ8ACgkQxIHbvCwF
 GsSDRxAAlujYTep5xp0/yzSvUvS5ocJBstgw0YuO4GY1RtXN9Zgdd1PeETdEh7HW
 HKNOrx3Bk1LlyLeObyKX6Dq3p4PkYX8q4ciaWkTqPoId2LKeXYJGxABled6EW8OJ
 68/smhQOoivQPuDTZsUCJXdsRnnoxAhO5S03JEgIZKeusOJjZQ5QVS0a91ovOllB
 sjMcpm4HDO0hkEo59ExP2unlRrBuB7L0VwA+SxvXB1e8vruWxye8i5Fw/hN9g73h
 Atrl9/Mbn1ppWqHgOMaMawxPhuceZjINpRJXIZ5H5m4bgwYrjk9HFJGV3C1eOo5a
 Vdc8/I1X5GXetn6kFae7vSJhU9QgHK1QsXjObs/ksOwS0+K4QRFc1X6aMkdO8QPI
 3EfVUaeedDdzrQdtATu9L9a6dVuE79abNNevUglmZrvKWqgMIl61M1Ffl7IWuCJo
 t6YyCZmBvt4rNh1/UEbkL9d7y5lkoCJafe9EMYwZk0zfPamw08bB8KWDIJrm0P0w
 fnSdEDQdnHvFfZ//th/u7Q6zpfN9waxZ93mMvfBkmjCi8aa0GLMIStcYcOoJm+Z6
 QdzaP5XPQ4gC2A7lqSOPwExUgvcfx0y6AuIoTdusqU7w5+obqnc+e4FN7UFxzr5K
 ZCf6+8JO3rbD9ptWpCEDFpFdMbq32MwGTKM2Jy7kL1nzGKcNdPE=
 =LkPN
 -----END PGP SIGNATURE-----

Merge tag 'efi-2022-01-rc1-2' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2022-01-rc1-2

doc:
	Remove obsolete PPC4XX references

UEFI:
	Implement missing TCG2 measurements
	Code clean up

# gpg: Signature made Tue 26 Oct 2021 05:56:47 PM EDT
# gpg:                using RSA key 6DC4F9C71F29A6FA06B76D33C481DBBC2C051AC4
# gpg: Good signature from "Heinrich Schuchardt <xypron.glpk@gmx.de>" [unknown]
# gpg:                 aka "[jpeg image of size 1389]" [unknown]
# Primary key fingerprint: 6DC4 F9C7 1F29 A6FA 06B7  6D33 C481 DBBC 2C05 1AC4
2021-10-26 18:42:52 -04:00
Masahisa Kojima
65aa259aa7 efi_loader: add DeployedMode and AuditMode variable measurement
This commit adds the DeployedMode and AuditMode variable
measurement required in TCG PC Client Platform Firmware
Profile Specification.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-10-26 21:33:19 +02:00
Masahisa Kojima
96485d2f3f efi_loader: simplify tcg2_measure_secure_boot_variable()
This commit simplifies tcg2_measure_secure_boot_variable()
using secure_variables table.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-10-26 21:33:19 +02:00
Masahisa Kojima
ce3dbc5d08 efi_loader: add UEFI GPT measurement
This commit adds the UEFI GPT disk partition topology
measurement required in TCG PC Client Platform Firmware
Profile Specification

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-10-26 21:32:46 +02:00
Patrick Delaunay
70a9f4d25b lib: uuid: fix the test on RNG device presence
Correct the test on RNG device presence,when ret is equal to 0,
before to call dm_rng_read function.

Without this patch the RNG device is not used when present (when ret == 0)
or a data abort occurs in dm_rng_read when CONFIG_DM_RNG is activated but
the RNG device is not present in device tree (ret != 0 and devp = NULL).

Fixes: 92fdad28cf ("lib: uuid: use RNG device if present")
CC: Matthias Brugger <mbrugger@suse.com>
CC: Torsten Duwe <duwe@suse.de>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-26 15:26:45 -04:00
Philippe Reynes
b560c704d6 lib: rsa: rsa-verify: also check that padding is not NULL
This commit adds a check on the padding in the function rsa_verify_key
to avoid using a NULL pointer.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-26 15:26:45 -04:00
Masahisa Kojima
3d49ee8510 efi_loader: add SMBIOS table measurement
TCG PC Client Platform Firmware Profile Specification
requires to measure the SMBIOS table that contains static
configuration information (e.g. Platform Manufacturer
Enterprise Number assigned by IANA, platform model number,
Vendor and Device IDs for each SMBIOS table).

The device- and environment-dependent information such as
serial number is cleared to zero or space character for
the measurement.

Existing smbios_string() function returns pointer to the string
with const qualifier, but exisintg use case is updating version
string and const qualifier must be removed.
This commit removes const qualifier from smbios_string()
return value and reuses to clear the strings for the measurement.

This commit also fixes the following compiler warning:

lib/smbios-parser.c:59:39: warning: cast to pointer from integer of
different size [-Wint-to-pointer-cast]
  const struct smbios_header *header = (struct smbios_header *)entry->struct_table_address;

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-10-26 17:58:14 +02:00
Heinrich Schuchardt
a45dac1785 efi_loader: simplify tcg2_measure_secure_boot_variable()
Don't duplicate GUIDs.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-25 21:13:07 +02:00
Heinrich Schuchardt
02fef8b101 efi_loader: simplify efi_sigstore_parse_sigdb()
Simplify efi_sigstore_parse_sigdb() by using existing functions.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-25 21:13:07 +02:00
Heinrich Schuchardt
e618d1d285 efi_loader: function to get GUID for variable name
In multiple places we need the default GUID matching a variable name.
The patch provides a library function. For secure boot related variables
like 'PK', 'KEK', 'db' a lookup table is used. For all other variable
names EFI_GLOBAL_VARIABLE is returned.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-25 21:13:06 +02:00
Heinrich Schuchardt
d47671c631 efi_loader: treat UEFI variable name as const
UEFI variable names are typically constants and hence should be defined as
const. Unfortunately some of our API functions do not define the parameters
for UEFI variable names as const. This requires unnecessary conversions.

Adjust parameters of several internal functions to tre UEFI variable names
as const.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-25 21:13:06 +02:00
AKASHI Takahiro
7a6fb28c8e efi_loader: capsule: add back efi_get_public_key_data()
The commit 47a25e81d3 ("Revert "efi_capsule: Move signature from DTB to
.rodata"") failed to revert the removal of efi_get_public_key_data().

Add back this function and move it under lib/efi_loader so that other
platforms can utilize it. It is now declared as a weak function so that
it can be replaced with a platform-specific implementation.

Fixes: 47a25e81d3 ("Revert "efi_capsule: Move signature from DTB to
	.rodata"")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-10-25 21:13:06 +02:00
Masahisa Kojima
f86352eb82 efi_loader: add missing const qualifier
This commit fixes the following compilation warning
of boottime->install_configuration_table() function.

lib/efi_selftest/efi_selftest_tcg2.c:475:46:
warning: passing argument 1 of ‘boottime->install_configuration_table’
discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
  ret = boottime->install_configuration_table(&smbios_guid, dmi);

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-10-25 21:13:06 +02:00
Tom Rini
f055f2e5a2 Pull request for efi-2022-01-rc1
Documentation:
 	Use Sphinx 3.43.
 	Move system reset documentation to HTML
 
 UEFI:
 	Fix linking EFI apps with LLVM
 	Fix alignment of loaded image
 	Correct simple network protocol test
 	Code cleanup
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEK7wKXt3/btL6/yA+hO4vgnE3U0sFAmFyqecACgkQhO4vgnE3
 U0vdwA//Vwg4q3fbMB/FeoI4cbdSJl1+IYnPdbZC1+TAnyv9kLuPlYON54GMwBo5
 K4qbvuzn8clAohJUPjUqPJumFLSzUqdVxCKqg4gFxfufTSH8T+LvmcooSbZW3y6d
 S4lgybbg5i5cwhi141sbL3wxQibNeFDhY3aIA6v8cKYtH+37MDFsTJ4rwq93r+bF
 cZlN6vHPZsklgTs66jJnlZs809ECH/3+BurM3+NQBz+AJFpKhxIpHkE/He16Yt/t
 6vLBfux4iRYF8OtEP1/7pPu4NKXfXOE3MkGTTzoYAiG7LM3kIuGn+De2dY/Z3CGE
 6WXTt7trzkwW1z1sXafMFFiV8n0Gj/ubDLTD3X9AVVWvp7LAIJmcU8dx79C0eKzJ
 HWHZqwAl4ZYlaxUbf7n/C6Mlhjnis0WUNiqc/OSgGhVmn4HeOOgrjVted3uvvm/9
 enR2HlSqibF8KOzcZec5fsPt9GxS/ZlGcUKMiYO1+wKbM+EQG0bz0v2uiers/U8o
 ixurj0Hj0tJEvaOEcHCQH99ug2PKpFDysOPc31lOrmg8jfD1Bxq728UWxfFYDSmI
 2cxv3G8K65imCrI7eTMTDG3AmdF142CET7MzNOMUlwcnqCskax2UhPVncXJdvFlT
 z00DdMF5Z6/gHfIYGu7KRt1MZ/yBWJOjt8J78ttIo40o1jJP4Rk=
 =EhtP
 -----END PGP SIGNATURE-----

Merge tag 'efi-2022-01-rc1' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2022-01-rc1

Documentation:
	Use Sphinx 3.43.
	Move system reset documentation to HTML

UEFI:
	Fix linking EFI apps with LLVM
	Fix alignment of loaded image
	Correct simple network protocol test
	Code cleanup
2021-10-22 12:43:30 -04:00
Heinrich Schuchardt
db61e70e0d efi_loader: efi_dp_from_lo() should skip VenMedia node
The 'efidebug boot dump' command should not display the VenMedia() device
path node preceding the device path of the initial ram disk.

By letting efi_dp_from_lo() skip the VenMedia() device path node we can
simplify the coding.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-21 03:46:04 +02:00
Heinrich Schuchardt
9ad37fe405 efi_loader: avoid multiple local copies of lf2_initrd_guid
Create the GUID as a global variable.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-21 03:46:04 +02:00
Heinrich Schuchardt
05345425ca efi_loader: efi_dp_from_lo() unused parameter size
Parameter size is never used in function efi_dp_from_lo(). Remove it.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-10-21 03:46:04 +02:00
Heinrich Schuchardt
0421735dd8 efi_loader: efi_dp_from_lo() don't copy GUID
Instead of copying a GUID and then using a pointer to the copy for calling
guidcmp(), just pass the pointer to the orginal GUID.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-21 03:46:04 +02:00
Ilias Apalodimas
ebdea88d57 efi_loader: Fix loaded image alignment
We are ignoring the alignment communicated via the PE/COFF header.
Starting 5.10 the Linux kernel will loudly complain about it. For more
details look at [1] (in linux kernel).

So add a function that can allocate aligned EFI memory and use it for our
relocated loaded image.

[1] c32ac11da3f83 ("efi/libstub: arm64: Double check image alignment at entry")

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Vincent Stehlé <vincent.stehle@arm.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-21 03:46:04 +02:00
Heinrich Schuchardt
fa00b6fc3f efi_loader: don't load Shim's MOK database from file
When using a file to store UEFI variables we must make sure that secure
boot related variables are not loaded from this file. With commit
9ef82e2947 ("efi_loader: don't load signature database from file")
this has already been implemented for variables defined in the UEFI
specification. As most Linux distributions use Shim we should do the same
for Shim's MOK database.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-10-21 03:46:04 +02:00
Simon Glass
c779e0d923 efi_loader: Drop code that doesn't work with driver model
This code should never have been added as it builds a new feature on top
of legacy code. This has already been improved with the dependency on BLK.

Add a dependency on DM_ETH also, to avoid needing to deal with this old
code.

Boards which want EFI_LOADER should migrate to driver model first.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-21 03:46:03 +02:00
Masami Hiramatsu
28fc87ee3a efi_selftest: Receive the packets until the receive buffer is empty
Repeatedly receive the packets until the receive buffer is empty.
If the buffer is empty, EFI_SIMPLE_NETWORK_PROTOCOL::Receive()
returns EFI_NOT_READY. We don't need to use the wait_for_event()
every time.

Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-21 03:46:03 +02:00
Masami Hiramatsu
9845b92436 efi_selftest: Do not check EFI_SIMPLE_NETWORK_RECEIVE_INTERRUPT
Do not check EFI_SIMPLE_NETWORK_RECEIVE_INTERRUPT in packet
receiving loop. This depends on the implementation and not
related to whether the packet can be received or not.

Whether the received packets are available or not is ensured
by wait_for_packet, and that is already done in the loop.

Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-21 03:46:03 +02:00
Masami Hiramatsu
39a37adf51 efi_selftest: Use EFI_SIMPLE_NETWORK_PROTOCOL::GetStatus() for media check
According to the UEF specification v2.9, the main purpose of the
EFI_SIMPLE_NETWORK_PROTOCOL::GetStatus() is for checking the link
status via EFI_SIMPLE_NETWORK_MODE::MediaPresent.
So this uses net->get_status() for checking the link status before
running network test.

Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-21 03:46:03 +02:00
Tom Rini
79b8849d4c u-boot-imx-20211020
-------------------
 
 First PR from u-boot-imx for 2022.01
 
 CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/9535
 
 - new board: kontron-sl-mx8mm
 - imx8m:
 	- fix secure boot
 - imx ESDHC: fixes
 - i.MX53: Support thum2, bmode and fixes for Menlo board
 	  usbarmory switch to Ethernet driver model
 - imx6 :
 	- DDR calibration for Toradex boards
 - imx7:
 	- Fixes
 - Updated gateworks boards (ventana / venice)
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQS2TmnA27QKhpKSZe309WXkmmjvpgUCYXAPLA8cc2JhYmljQGRl
 bnguZGUACgkQ9PVl5Jpo76ZZdwCfQBZyd9IWYk3vY0lYgCZsBYl8oXoAn0o9BjVu
 tMJRAcFOLxegM4CJAeqC
 =zg72
 -----END PGP SIGNATURE-----

Merge tag 'u-boot-imx-20211020' of https://source.denx.de/u-boot/custodians/u-boot-imx

u-boot-imx-20211020
-------------------

First PR from u-boot-imx for 2022.01

CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/9535

- new board: kontron-sl-mx8mm
- imx8m:
	- fix secure boot
- imx ESDHC: fixes
- i.MX53: Support thum2, bmode and fixes for Menlo board
	  usbarmory switch to Ethernet driver model
- imx6 :
	- DDR calibration for Toradex boards
- imx7:
	- Fixes
- Updated gateworks boards (ventana / venice)

# gpg verification failed.
2021-10-20 14:24:09 -04:00
Ilias Apalodimas
d6f8ab30a2 treewide: Remove OF_PRIOR_STAGE
The previous patches removed OF_PRIOR_STAGE from the last consumers of the
Kconfig option.  Cleanup any references to it in documentation,  code and
configuration options.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-18 13:19:50 -04:00
Thierry Reding
b9aad37591 fdtdec: Support reserved-memory flags
Reserved memory nodes can have additional flags. Support reading and
writing these flags to ensure that reserved memory nodes can be properly
parsed and emitted.

This converts support for the existing "no-map" flag to avoid extending
the argument list for fdtdec_add_reserved_memory() to excessive length.

Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
2021-10-13 14:18:30 -07:00
Thierry Reding
9019487608 fdtdec: Reorder fdtdec_set_carveout() parameters for consistency
The fdtdec_set_carveout() function's parameters are inconsistent with
the parameters passed to fdtdec_add_reserved_memory(). Fix up the order
to make it more consistent.

Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
2021-10-13 14:18:30 -07:00
Thierry Reding
46cb067803 fdtdec: Support compatible string list for reserved memory
Reserved memory nodes can have a compatible string list to identify the
type of reserved memory that they represent. Support specifying an
optional compatible string list when creating these nodes.

Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
2021-10-13 14:18:30 -07:00
Thierry Reding
4bf88ba76a fdtdec: Support retrieving the name of a carveout
When retrieving a given carveout for a device, allow callers to query
the name. This helps differentiating between carveouts when there are
more than one.

This is also useful when copying carveouts to help assign a meaningful
name that cannot always be guessed.

Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
2021-10-13 14:18:30 -07:00
Thierry Reding
d5598cfa9b fdtdec: Allow using fdtdec_get_carveout() in loops
In order make it possible to use fdtdec_get_carveout() in loops, return
FDT_ERR_NOTFOUND when the passed-in index exceeds the number of phandles
present in the given property.

Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
2021-10-13 14:18:30 -07:00
Tom Rini
f331497d3a - add 30bpp support (EFI, simplefb, vidconsole)
- fix video console name in CONSOLE_MUX Kconfig help
  - move mxsfb driver config option to Kconfig
  - remove unused mx3fb driver
 -----BEGIN PGP SIGNATURE-----
 
 iGwEABECACwWIQSC4hxrSoIUVfFO0kRM6ATMmsalXAUCYWHeIw4cYWd1c3RAZGVu
 eC5kZQAKCRBM6ATMmsalXPMXAJsEn/v2k7xaWSjP11DfkPdoj2rmGQCeIijNt60a
 4UNYJe3S4pPBiNMamJo=
 =spnC
 -----END PGP SIGNATURE-----

Merge tag 'video-20211009' of https://source.denx.de/u-boot/custodians/u-boot-video

 - add 30bpp support (EFI, simplefb, vidconsole)
 - fix video console name in CONSOLE_MUX Kconfig help
 - move mxsfb driver config option to Kconfig
 - remove unused mx3fb driver

# gpg verification failed.
2021-10-09 17:47:27 -04:00
Simon Glass
2a2d8e94dd lz4: Use a private header for U-Boot
At present U-Boot has a header file called lz4.h for its own use. If the
host has its own lz4 header file installed (e.g. from the 'liblz4-dev'
package) then host builds will use that instead.

Move the U-Boot file into its own directory, as is done with various
other headers with the same problem.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-09 13:09:56 -04:00
Mark Kettenis
79f9defeba efi_loader: GOP: Fix 30bpp block transfer support
Convert pixel values when necessary like we do for 16bpp
framebuffers.

Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-10-09 18:50:31 +02:00
Mark Kettenis
01fcf0eea6 efi_loader: GOP: Add 30bpp support
Provide correct framebuffer information for 30bpp modes.

Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
2021-10-09 18:46:13 +02:00
Simon Glass
13c133b995 image: Drop unnecessary #ifdefs from image.h
This file has a lot of conditional code and much of it is unnecessary.
Clean this up to reduce the number of build combinations.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:27 -04:00
Simon Glass
1eccbb16a2 efi: Correct dependency on FIT_SIGNATURE
At present EFI_SECURE BOOT selects RSA but does not necessarily enable
FIT_SIGNATURE. Mostly this is fine, but a few boards do not enable it,
so U-Boot tries to do RSA verification when loading FIT images, but it
is not enabled.

This worked because the condition for checking the RSA signature is
wrong in the fit_image_verify_with_data() function. In order to fix it
we need to fix this dependency. Make sure that FIT_SIGNATURE is enabled
so that RSA can be used.

It might be better to avoid using 'select' in this situation.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:27 -04:00
Simon Glass
e7d285b2f3 image: Use the correct checks for CRC32
Add a host Kconfig for CRC32. With this we can use CONFIG_IS_ENABLED(CRC32)
directly in the host build, so drop the unnecessary indirection.

Add a few more conditions to SPL_CRC32 to avoid build failures as well as
TPL_CRC32. Also update hash.c to make crc32 optional and to actually take
notice of SPL_CRC32.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-08 15:53:26 -04:00
Simon Glass
2bbed3ff8c image: Use Kconfig to enable FIT_RSASSA_PSS on host
Add a host Kconfig for FIT_RSASSA_PSS. With this we can use
CONFIG_IS_ENABLED(FIT_RSASSA_PSS) directly in the host build, so drop the
forcing of this in the image.h header.

Drop the #ifdef around padding_pss_verify() too since it is not needed.
Use the compiler to check the config where possible, instead of the
preprocessor.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-08 15:53:26 -04:00
Simon Glass
0c303f9a66 image: Drop IMAGE_ENABLE_OF_LIBFDT
Add a host Kconfig for OF_LIBFDT. With this we can use
CONFIG_IS_ENABLED(OF_LIBFDT) directly in the tools build, so drop the
unnecessary indirection.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-08 15:53:26 -04:00
Simon Glass
2c21256b27 hash: Use Kconfig to enable hashing in host tools and SPL
At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.

For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.

Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.

Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.

This allows us to drop the image.h code and the I_WANT_MD5 hack.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-08 15:53:26 -04:00
Simon Glass
603d15a572 spl: cypto: Bring back SPL_ versions of SHA
Unfortunately these were removed by mistake. This means that adding hash
support to SPL brings in all software algorithms, with a substantial
increase in code size.

The origin of the problem was renaming them to SPL_FIT_xxx and then these
were removed altogether in a later commit.

Add them back. This aligns with CONFIG_MD5, for example, which has an SPL
variant.

Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: f5bc9c25f3 ("image: Rename SPL_SHAxxx_SUPPORT to SPL_FIT_SHAxxx")
Fixes: eb5171ddec ("common: Remove unused CONFIG_FIT_SHAxxx selectors")
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-08 15:53:26 -04:00
Simon Glass
5a4f10d71b gzip: Avoid use of u64
The gzip API uses the u64 type in it, which is not available in the host
build. This makes it impossible to include the header file.

We could make this type available, but it seems unnecessary. Limiting the
compression size to that of the 'unsigned long' type seems good enough. On
32-bit machines the limit then becomes 4GB, which likely exceeds available
RAM anyway, therefore it should be sufficient. On 64-bit machines this is
effectively u64 anyway.

Update the header file and implementation to use 'ulong' instead of 'u64'.

Add a definition of u32 for the cases that seem to need exactly that
length. This should be safe enough.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:26 -04:00
Simon Glass
94d0a2efc0 zstd: Create a function for use from U-Boot
The existing zstd API requires the same sequence of calls to perform its
task. Create a helper for U-Boot, to avoid code duplication, as is done
with other compression algorithms. Make use of of this from the image
code.

Note that the zstd code lacks a test in test/compression.c and this should
be added by the maintainer.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:26 -04:00
Simon Glass
67bc59df05 Add support for an owned buffer
When passing a data buffer back from a function, it is not always clear
who owns the buffer, i.e. who is responsible for freeing the memory used.
An example of this is where multiple files are decompressed from the
firmware image, using a temporary buffer for reading (since the
compressed data has to live somewhere) and producing a temporary or
permanent buffer with the resuilts.

Where the firmware image can be memory-mapped, as on x86, the compressed
data does not need to be buffered, but the complexity of having a buffer
which is either allocated or not, makes the code hard to understand.

Introduce a new 'abuf' which supports simple buffer operations:

- encapsulating a buffer and its size
- either allocated with malloc() or not
- able to be reliably freed if necessary
- able to be converted to an allocated buffer if needed

This simple API makes it easier to deal with allocated and memory-mapped
buffers.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:26 -04:00
Simon Glass
930c887e0f lib: Add memdup()
Add a function to duplicate a memory region, a little like strdup().

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:26 -04:00
Ricardo Salveti
7ce83854f2 Kconfig: Don't use RSA_FREESCALE_EXP on MX7ULP
The CAAM on IMX7ULP doesn't support public key hardware acceleration
(PKHA), as in other NXP parts. Disable RSA_FREESCALE_EXP for IMX7ULP
too.

Fixed: f4e9ff7135 ("Kconfig: Don't use RSA_FREESCALE_EXP on IMX")
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
2021-10-07 16:53:50 +02:00
Oleksandr Suvorov
d4f05b3198 lib: rsa: fix dependency for SPL_RSA_VERIFY
SPL_RSA_VERIFY requires SPL_RSA to be enabled. Add correct
dependency.

Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
2021-10-06 09:15:14 -04:00
Pali Rohár
a3423b3f23 acpi: Use U-Boot version for OEM_REVISION
OEM_REVISION is 32-bit unsigned number. It should be increased only when
changing software version. Therefore it should not depend on build time.

Change calculation to use U-Boot version numbers and set this revision
to date number.

Prior this change OEM_REVISION was calculated from build date and stored in
the same format.

After this change macro U_BOOT_BUILD_DATE is not used in other files so
remove it from global autogenerated files and also from Makefile.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-06 09:15:14 -04:00
Alexandru Gagniuc
c5b68ef8af arm: imx: mx7: Move CONFIG_OPTEE_TZDRAM_SIZE from lib/optee
This config is only used by three boards with this SOC. Most other
platforms derive this information from devicetree, and are unlikely
to ever need this config.

Moreover, it is confusing when Kconfig asks for this value under
"Support OPTEE images", but does not do anything with the value.
Move it to imx7 for those boards who still make use of it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-05 08:50:14 -04:00
Alexandru Gagniuc
f6953047cb lib: optee: Remove CONFIG_OPTEE_LOAD_ADDR
This value is not used by u-boot, and it should not. The load address
of an OPTEE image is defined by said image. Either a uImage or a FIT
will have a defined load address and entry point. Those values are the
correct ones, not CONFIG_OPTEE_LOAD_ADDR.

Commit f25006b96e ("optee: Add CONFIG_OPTEE_LOAD_ADDR") justifies
this config by requiring its presence in u-boot's .config for other
images as part of a larger build, claiming it is "the best way".

This argument is not persuasive. U-boot's configuration is driven by
platform requirements, not the other way around. It seems more likely
that the argument is conflating tooling issues with Kconfig. Yocto and
buildroot have excellent mechanisms for defining values across the
board (pun intended). u-boot's Kconfig is the wrong place to do it.

Furthermore, it is not "best" for u-boot because it hardcodes a value
which is then not used. In fact the load address that u-boot uses is
the one derived from the OPTEE image.

Confused yet? I sure was. To prevent future confusion, remove
CONFIG_OPTEE_LOAD_ADDR.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-05 08:47:13 -04:00
Alexandru Gagniuc
1ab968b2fb lib: optee: Remove CONFIG_OPTEE_TZDRAM_BASE
It is no longer used in u-boot. Information about the TZDRAM location
is usually available in the devicetree as "/reserved-memory/" nodes.
Because this isn't used, remove it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-05 08:46:56 -04:00
Alexandru Gagniuc
26fc66709c lib: optee: Avoid CONFIG_TZDRAM_* in optee_verify_bootm_image()
The configs TZDRAM_BASE and TZDRAM_SIZE are expected to describe the
memory allocated to the OPTEE region. according to according to commit
c5a6e8bd00 ("optee: Add optee_verify_bootm_image()"). The TZDRAM is
with some limitations, described by "/reserved-memory" nodes in the
devicetree.

Consequently TZDRAM_BASE and TZDRAM_SIZE can point to imaginary
regions which have nothing to do with actual DRAM. They are not used
to configure the hardware or set up the Trust Zone Controller (TZC)
for OP-TEE -- the devicetree values are used instead.

When a valid OP-TEE image does not fall within the region described by
these configs, u-boot will refuse to load it. In fact, it mostly
serves to cause "bootm" to reject perfectly good OP-TEE images.

Ironically, someone has to correctly configure the devicetree for
TZDRAM, then go back and enter the same information in Kconfig for
"bootm". To remedy this, do not use TZDRAM_BASE and TZDRAM_SIZE in the
verification of OPTEE images.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-05 08:46:23 -04:00
Patrick Delaunay
51827f9a8b lib: optee: remove the duplicate CONFIG_OPTEE
The configuration CONFIG_OPTEE is defined 2 times:
1- in lib/optee/Kconfig for support of OPTEE images loaded by bootm command
2- in drivers/tee/optee/Kconfig for support of OP-TEE driver.

It is abnormal to have the same CONFIG define for 2 purpose;
and it is difficult to managed correctly their dependencies.

Moreover CONFIG_SPL_OPTEE is defined in common/spl/Kconfig
to manage OPTEE image load in SPL.

This definition causes an issue with the macro CONFIG_IS_ENABLED(OPTEE)
to test the availability of the OP-TEE driver.

This patch cleans the configuration dependency with:
- CONFIG_OPTEE_IMAGE (renamed) => support of OP-TEE image in U-Boot
- CONFIG_SPL_OPTEE_IMAGE (renamed) => support of OP-TEE image in SPL
- CONFIG_OPTEE (same) => support of OP-TEE driver in U-Boot
- CONFIG_OPTEE_LIB (new) => support of OP-TEE library

After this patch, the macro have the correct behavior:
- CONFIG_IS_ENABLED(OPTEE_IMAGE) => Load of OP-TEE image is supported
- CONFIG_IS_ENABLED(OPTEE) => OP-TEE driver is supported

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-10-05 08:44:48 -04:00
Tom Rini
1d1f98c8ee Various of-platdata improvements, including CONFIG_OF_REAL
-----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmFR2fMRHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreaAnAf/ZKPy3CRphbgAmbLhNQhQGpLosLcFp343
 cv53gfsv1DakLRrhqMSnOQSVoTg9P22uHbooDDR9WHfZyEL6tvGZ+dgN2/wlDhDj
 wbvvsM7FB+uvLVfMF3MURQBvy4dPO+FyCm/uHmry2V2uqWPw4ss+aVhxeQ5s4/oI
 LpS6yaiM8UAj2GTUZSqJ1+/W7YG9N6tL73n0PDyCvSrdCkyPWqpww1rtST88SfFI
 bBEWc6ksna/29haOwHQ2xopEbVxtHv2byULfqUtnsbtE4Ozw8o0fx66tdwPHTQlM
 7eSuRiEbqjlJuUZFIbMat7nb7inZkaWupZ/Sr1HUUiDdKMygrRsQhg==
 =x8Uf
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-next-27sep21' of https://source.denx.de/u-boot/custodians/u-boot-dm into next

Various of-platdata improvements, including CONFIG_OF_REAL
2021-09-27 11:09:23 -04:00
Tom Rini
e908d20fcb Prepare v2021.10-rc5
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmFRyIMACgkQFHw5/5Y0
 tyz1jgv/aTtHWVcGiw+nvvnnlgdrY4h9yVP5AfBLhOR7ogYOw2B9xHmdh+9oCas9
 Rt45AC4nFvUszxCPJqg36kjljTKRVapemHqhCbgGGeb9GYMkNb1zjk79WnuqgeJy
 ydBUCh1NQI5pOvrpDv7kWRx1IyDi/gUgQO3RBdufbunNmn4Zj4jlw5RmMTgDACRC
 cvTr39gVQq1LOzL2W7+XkSfiEejtGERNs32Nt+jzyAm5a2PkngULUnPW6WsHu+qy
 5YJTR50TK55QgPIdoiqY14BUDpqEbHlNKsE7p6hHkDf6XSS7gLHYW2tVVt2Z8ocg
 9cW35Qotov7MeiSClc3SIEPiIefwh2oTVf0uYoP+uvlRAComvcIzphq68NIQe6Av
 es+ZJI1Qx5ERvDQMMW3xOHTlcBGgpqA0Y/QVr62rE8bEzK/1gvTiP+hVVqzUrnHJ
 f3ZAVt16clIfXKAxGsW4Am05iMmT+rtcS5IrUMuEzmkb0KK58YXsOVmsKHLX9aI1
 T74ewXfu
 =y67Q
 -----END PGP SIGNATURE-----

Merge tag 'v2021.10-rc5' into next

Prepare v2021.10-rc5
2021-09-27 09:45:36 -04:00
Simon Glass
f99cbe4e86 fdt: Update Makefile rules with the new OF_REAL Kconfig
Simplify some of the Makefile rules using this Kconfig.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-25 09:46:15 -06:00
Simon Glass
7de8bd03c3 treewide: fdt: Move fdt_get_config_... to ofnode_conf_read...
The current API is outdated as it requires a devicetree pointer.

Move these functions to use the ofnode API and update this globally. Add
some tests while we are here.

Correct the call in exynos_dsim_config_parse_dt() which is obviously
wrong.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-25 09:46:15 -06:00
Ruchika Gupta
346cee3ac5 efi_loader: Fix spec ID event creation
TCG EFI Protocol Specification defines the number_of_algorithms
field in spec ID event to be equal to the number of active
algorithms supported by the TPM device. In current implementation,
this field is populated with the count of all algorithms supported
by the TPM which leads to incorrect spec ID event creation.

Similarly, the algorithm array in spec ID event should be a variable
length array with length being equal to the number_of_algorithms field.
In current implementation this is defined as a fixed length array
which has been fixed.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
CC: Masahisa Kojima <masahisa.kojima@linaro.org>
CC: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CC: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-09-25 12:31:08 +02:00
Marek Vasut
1274698d13 lmb: Add generic arch_lmb_reserve_generic()
The arc/arm/m68k/microblaze/mips/ppc arch_lmb_reserve() implementations
are all mostly the same, except for a couple of details. Implement a
generic arch_lmb_reserve_generic() function which can be parametrized
enough to cater for those differences between architectures. This can
also be parametrized enough so it can handle cases where U-Boot is not
relocated to the end of DRAM e.g. because there is some other reserved
memory past U-Boot (e.g. unmovable firmware for coprocessor), it is not
relocated at all, and other such use cases.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Alexey Brodkin <alexey.brodkin@synopsys.com>
Cc: Angelo Dureghello <angelo@sysam.it>
Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Cc: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Cc: Hai Pham <hai.pham.ud@renesas.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Wolfgang Denk <wd@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
2021-09-23 14:15:32 -04:00
Marek Vasut
270f8710f9 crc32: Add crc32 implementation using __builtin_aarch64_crc32b
ARMv8.0 has optional crc32 instruction for crc32 calculation. The
instruction is mandatory since ARMv8.1. The crc32 calculation is
faster using the dedicated instruction, e.g. 1.4 GHz iMX8MN gives:

  => time crc32 0x50000000 0x2000000
  time: 0.126 seconds # crc32 instruction
  time: 0.213 seconds # software crc32

Add implementation using the compiler builtin wrapper for the crc32
instruction and enable it by default, since we don't support any
platforms which do not implement this instruction.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Simon Glass <sjg@chromium.org>
[trini: Make crc32_table guarded by CONFIG_ARM64_CRC32]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-23 14:15:32 -04:00
Simon Glass
47a25e81d3 Revert "efi_capsule: Move signature from DTB to .rodata"
This was unfortunately applied despite much discussion about it beiong
the wrong way to implement this feature.

Revert it before too many other things are built on top of it.

This reverts commit ddf67daac3.
Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-18 03:47:50 -06:00
Pali Rohár
121a165c51 Remove including timestamp.h in version.h
Header file version.h does not use anything from timestamp.h. Including of
timestamp.h has side effect which cause recompiling object file at every
make run because timestamp.h changes at every run.

So remove timestamp.h from version.h and include timestamp.h in files
which needs it.

This change reduce recompilation time of final U-Boot binary when U-Boot
source files were not changed as less source files needs to be recompiled.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Add in lib/acpi/acpi_table.c and test/dm/acpi.c, rework a few others]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-17 12:10:44 -04:00
Pali Rohár
bdfb6d70bb version: Move version_string[] from version.h to version_string.h
More C files do not use compile time timestamp macros and do not have to be
recompiled every time when SOURCE_DATE_EPOCH changes.

This patch moves version_string[] from version.h to version_string.h and
updates other C files which only needs version_string[] string to include
version_string.h instead of version.h. After applying this patch these
files are not recompiled every time when SOURCE_DATE_EPOCH changes.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2021-09-17 12:10:44 -04:00
Pali Rohár
fa9c5da702 efi_loader: Use directly version_string variable
Macro U_BOOT_VERSION_STRING is already stored in variable version_string.
So use directly this variable instead of storing U_BOOT_VERSION_STRING into
temporary variable.

Signed-off-by: Pali Rohár <pali@kernel.org>
[trini: This area was reworked since posted, what is here is now really
        inspired by the previous version, so drop Ilias' Acked-by]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-17 12:10:44 -04:00
Tom Rini
6674edaabf Prepare v2021.10-rc4
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmFBKRgACgkQFHw5/5Y0
 tyw/PwwAtGB3rBeYW4rjWuMC5WP1UDTnvZIAok5ImWumWDahjDm8Yq2VCzAe9adw
 EYBjuNmaNl9aQvGVqlVJeIcLku5MLuLQu2za8vhc1R8X9VTPPY+LLTcdOokOmB8y
 8JiaE7fJsb1bZeV+diF9tss3B0IkUrwSJtW1d+qfdz/4UiRvwK5BhnZgzIobDldO
 g1Ldz/xiR2GOAXlUMwDrNAi6qNvmeAqRsQxySVrjltAV2ST7LJnOiHuWvJX6g6VS
 l796Hleh/kULfEW6n+1ZaTNqvVRcJ8xYSOG8w8y9u6HuPBA3JrYH1p1Eo5n7PPDv
 US71Iy/ncweTyfTMEBThWLqjHOQ05sVkWX/r4fj2iJRli+Og53lE1fVJ4ajIx7vz
 Tc76wI43i0I5lr2yTErjUG6EzDDoueqd+c8BwxihNLUK/+QG31xoCEMfC80C25ro
 QhYVFgiPWN0ySUD5M5tbGXODvfNNIDKXpY5oSOTVtemZtDEMpO2zBM1s/K3RV7Ud
 Je9Pj0Cu
 =Me42
 -----END PGP SIGNATURE-----

Merge tag 'v2021.10-rc4' into next

Prepare v2021.10-rc4

Signed-off-by: Tom Rini <trini@konsulko.com>

# gpg: Signature made Tue 14 Sep 2021 06:58:32 PM EDT
# gpg:                using RSA key 1A3C7F70E08FAB1707809BBF147C39FF9634B72C
# gpg: Good signature from "Thomas Rini <trini@konsulko.com>" [ultimate]

# Conflicts:
#	board/Arcturus/ucp1020/spl.c
#	cmd/mvebu/Kconfig
#	common/Kconfig.boot
#	common/image-fit.c
#	configs/UCP1020_defconfig
#	configs/sifive_unmatched_defconfig
#	drivers/pci/Kconfig
#	include/configs/UCP1020.h
#	include/configs/sifive-unmatched.h
#	lib/Makefile
#	scripts/config_whitelist.txt
2021-09-16 10:29:40 -04:00
Alexandru Gagniuc
de41f0ee0d image: rsa: Move padding_algos to linker lists
We are not guaranteed to have the padding_pkcs_15_verify symbol since
commit 92c960bc1d ("lib: rsa: Remove #ifdefs from rsa.h"), and
commit 61416fe9df ("Kconfig: FIT_SIGNATURE should not select RSA_VERIFY")

The padding_algos only make sense with RSA verification, which can now
be disabled in lieu of ECDSA. In fact this will lead to build failures
because of the missing symbol mentioned earlier.

To resolve this, move the padding_algos to a linker list, with
declarations moved to rsa_verify.c. This is consistent with commit
6909edb4ce ("image: rsa: Move verification algorithm to a linker list")

One could argue that the added #ifdef USE_HOSTCC is ugly, and should
be hidden within the U_BOOT_PADDING_ALGO() macro. However, this would
be inconsistent with the "cryptos" list. This logic for was not
previously explored:

Without knowledge of the U_BOOT_PADDING_ALGO() macro, its use is
similar to something being declared. However, should #ifndef
USE_HOSTCC be part of the macro, it would not be obvious that it
behaves differently on host code and target code. Having the #ifndef
outside the macro makes this obvious.

Also, the #ifdef is not always necessary. For example ecda-verify
makes use of U_BOOT_CRYPTO_ALGO() without any accompanying #ifdefs.
The fundamental issue is a lack of separation of host and target code
in rsa_verify. Therefore, the declaration of a padding algo with the
external #ifdef is more readable and consistent.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-09-14 11:46:48 -04:00
Oleksandr Suvorov
5145bc73bd lib: fix typos in Kconfig
There are trivial typos in the Kconfig file. Fixed them.
Also, fixed grammar in the descriptions with typos.

Fixes: d56b4b1974 ("configs: Migrate RBTREE, LZO, CMD_MTDPARTS, CMD_UBI and CMD_UBIFS")
Fixes: 7264f2928b ("spl: fit: Eanble GZIP support for image decompression")
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-09-14 09:07:18 -04:00
Heinrich Schuchardt
d607dfd878 lib/rsa: don't use NULL as key_id
If keydir is not provided but name is we want to use name as key_id.

But with the current coding name is only used on its own if it is NULL
and keydir is provided which never occurs.

Fixes: 824ee745fb ("lib/rsa: Use the 'keyfile' argument from mkimage")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-09-14 09:07:18 -04:00
Simon Glass
b717f2f2d1 pci: Drop DM_PCI check from fdtdec
We don't need this check anymore since when PCI is enabled, driver model
is always used.

Sadly this doesn't work with nds32 for some reason to do with the
toolchain. Add a work-around for that.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-13 18:23:13 -04:00
Tom Rini
56a85b831f Pull request for efi-2021-10-rc4-2
Documentation:
 
 * improve documentation of U-Boot for /config DT node
 * integrate bloblist documentation
 
 UEFI:
 
 * correct usage of EFI_CALL()
 * code tidy up
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmE8coEACgkQxIHbvCwF
 GsSB4Q//VpVKE5/xKiDFkdFjrjgXLWv1ORuQ1glBf5Br/0SnYjTI570RKWtJRfn4
 ugW/ytZpfudi60EMOwmPEAx2nd6ERJeFewUkcsJjvRC/2gX1u49XkSHxoolqQlji
 1DaeWz3CH6LLq8d09ha1AsYWL2aFqZd8YrpICq47BmKJNitGd1puI+co2w0HpAFj
 mn2+J9ctbn3Evl0ipSzLB2MMR65Q79qyM3eJXUqli2t1BkWMsyqHtVDNVCTUKj4I
 TKOU7DNkwNcalKayzplSrMzzucQnkaQQbErhd78aYRsC2sIY2HTkhi2J7iFhN6/I
 tCZ45AD6+8UpCs1jy5xCJAJJ0nW44xmW7Q+UM61P75DJMccaUb2cKMvZKidiSu9m
 8ck5IBU8fVN9khhMxoVR54aKLK9tmJRjVX1ugrVCXoh32Dzu+Ikf9n91ACHaduU8
 s92DIrH3f9tyBQIHNLL0LGgDLB6YYTzLrmlcPC/t7n5iJUoznDdQddrhS4/9qx+l
 fpyyGLo8Vk/krvyNrYpiamRi2kGKV0CAWvig1YGjeDT6baC4NsEYjgL6JKKN6QPi
 xeENZ+yJJMvY5DXdaoERRMJutfuep64XkLx8mqYSNCIcLIjOpGrV7rk0O6qU5Ww+
 +9kLQq1ygWeDR0t6BWHlX5nEImvqc1+vDPb8IMt9r6aIZ/ED9/U=
 =hPaX
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-10-rc4-2' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2021-10-rc4-2

Documentation:

* improve documentation of U-Boot for /config DT node
* integrate bloblist documentation

UEFI:

* correct usage of EFI_CALL()
* code tidy up
2021-09-12 20:33:21 -04:00
Heinrich Schuchardt
aec7c0925c efi_loader: simplify efi_watchdog_timer_notify()
We can call do_reset() directly without invoking the UEFI API.
This decreases the code size.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-11 11:02:02 +02:00
Ilias Apalodimas
0bf538ce0c efi_loader: Remove incorrect calls of EFI_CALL in TCG2
There is two unneeded EFI_CALL references in tcg2_measure_pe_image().
The first one in efi_search_protocol() and the second on in the device path
calculation.  The second isn't even a function we should be calling, but a
pointer assignment, which happens to work with the existing macro.

While at it switch the malloc call to a calloc, remove the unnecessary cast
and get rid of an unneeded if statement before copying the device path

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-11 11:02:02 +02:00
Heinrich Schuchardt
6919619f9c efi_loader: require CONFIG_BLK
The move to driver model should by now be completed. To be able to remove
pre-driver model code from our block IO code require CONFIG_BLK=y for UEFI
support.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-11 11:02:02 +02:00
Masahisa Kojima
bad49da2bc efi_loader: boot_service_capability_min should be capitalized
boot_service_capability_min is constant, it should be capitalized.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-11 11:02:02 +02:00
Tom Rini
465bff8b10 Kconfig: Drop duplicate 'select SHA512' instances
When dropping SHA512_ALGO in general, we didn't catch some cases where
an option was selecting  both SHA512 and SHA512_ALGO and caused them to
select SHA512 twice.  Kconfig doesn't complain, but this is still wrong
and should be corrected.

Fixes: e60e449931 ("lib: Drop SHA512_ALGO in lieu of SHA512")
Reported-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-09 11:11:33 -04:00
Alexandru Gagniuc
fe54aeaa4a common: Move MD5 hash to hash_algo[] array.
MD5 is being called directly in some places, but it is not available
via hash_lookup_algo("md5"). This is inconsistent with other hasing
routines. To resolve this, add an "md5" entry to hash_algos[].

The #ifdef clause looks funnier than those for other entries. This is
because both MD5 and SPL_MD5 configs exist, whereas the other hashes
do not have "SPL_" entries. The long term plan is to get rid of the
ifdefs, so those should not be expected to survive much longer.

The md5 entry does not have .hash_init/update/finish members. That's
okay because hash_progressive_lookup_algo() will catch that, and
return -EPROTONOSUPPORT, while hash_lookup_algo() will return the
correct pointer.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Use CONFIG_IS_ENABLED not IS_ENABLED for MD5 check]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-08 16:11:46 -04:00
Alexandru Gagniuc
0721209699 common/spl: Drop [ST]PL_HASH_SUPPORT in favor of [ST]PL_HASH
All of these configs exist. Stick to using CONFIG_[ST]PL_HASH, and drop all
references to CONFIG_[ST]PL_HASH_SUPPORT.  This means we need for
CHAIN_OF_TRUST to select SPL_HASH now.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add TPL case, fix CHAIN_OF_TRUST, other tweaks]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-08 16:11:46 -04:00
Alexandru Gagniuc
e60e449931 lib: Drop SHA512_ALGO in lieu of SHA512
SHA512_ALGO was used as a "either SHA512 or SHA384", although the
implementations of these two algorithms share a majority of code.

From a Kconfig interface perspective, it makes sense to present two
distinct options. This requires #ifdefing out the SHA512
implementation from sha512.c. The latter doesn't make any sense.

It's reasonable to say in Kconfig that SHA384 depends on SHA512, and
seems to be the more polite way to handle the selection.

Thus, automatically select SHA512 when SHA384 is enabled.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-09-08 16:11:46 -04:00
Simon Glass
5ed16a9511 net: Rename SPL_NET_SUPPORT to SPL_NET
Rename this option so that CONFIG_IS_ENABLED can be used with it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:48:53 -04:00
Simon Glass
2a73606668 serial: Rename SERIAL_SUPPORT to SERIAL
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:01 -04:00
Masahisa Kojima
538c0f2d37 efi_loader: fix efi_tcg2_hash_log_extend_event() parameter check
TCG EFI Protocol Specification defines that PCRIndex parameter
passed from caller must be 0 to 23.
TPM2_MAX_PCRS is currently used to check the range of PCRIndex,
but TPM2_MAX_PCRS is tpm2 device dependent and may have larger value.
This commit newly adds EFI_TCG2_MAX_PCR_INDEX macro, it is used to
check the range of PCRIndex parameter.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-09-04 12:03:57 +02:00
Masahisa Kojima
580d7242b1 efi_loader: add missing parameter check for EFI_TCG2_PROTOCOL api
TCG EFI Protocol Specification defines the required parameter
checking and return value for each API.
This commit adds the missing parameter check and
fixes the wrong return value to comply the specification.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
7219856dae efi_loader: correct determination of secure boot state
When U-Boot is started we have to use the existing variables to determine
in which secure boot state we are.

* If a platform key PK is present and DeployedMode=1, we are in deployed
  mode.
* If no platform key PK is present and AuditMode=1, we are in audit mode.
* Otherwise if a platform key is present, we are in user mode.
* Otherwise if no platform key is present, we are in setup mode.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
b191aa429e efi_loader: efi_auth_var_type for AuditMode, DeployedMode
Writing variables AuditMode and DeployedMode serves to switch between
Secure Boot modes. Provide a separate value for these in efi_auth_var_type.

With this patch the variables will not be read from from file even if they
are marked as non-volatile by mistake.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
9ef82e2947 efi_loader: don't load signature database from file
The UEFI specification requires that the signature database may only be
stored in tamper-resistant storage. So these variable may not be read
from an unsigned file.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
f3a343d733 efi_loader: rounding of image size
We should not first allocate memory and then report a rounded up value as
image size. Instead first round up according to section allocation and then
allocate the memory.

Fixes: 82786754b9 ("efi_loader: ImageSize must be multiple of SectionAlignment")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
1ea133acd6 efi_loader: sections with zero VirtualSize
In a section header VirtualSize may be zero. This is for instance seen in
the .sbat section of shim. In this case use SizeOfRawData as section size.

Fixes: 9d30a941cc ("efi_loader: don't load beyond VirtualSize")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Asherah Connor <ashe@kivikakk.ee>
2021-09-04 12:03:57 +02:00
Andreas Schwab
c8291f53b0 lib: add crc16.o if CONFIG_MMC_SPI_CRC_ON for SPL build
CONFIG_MMC_SPI_CRC_ON needs the crc16 functions, but it was not included
in an SPL build.  For non-SPL builds, crc16.o is already added
unconditionally.  This also removes CONFIG_SPL_YMODEM_SUPPORT from the
sifive board configs, which is only relevant for some ARM boards and was
only set for its side effect of adding crc16.o.
2021-09-02 10:17:45 -04:00
Heinrich Schuchardt
295ab733df lib: -Wformat-truncation in rsa_engine_get_priv_key
With glibc 2.33 (Ubuntu package glibc6 2.33-0ubuntu9) building
sifive_unmatched_defconfig results in:

In file included from /usr/include/stdio.h:866,
                  from ././include/compiler.h:26,
                  from <command-line>:
In function ‘snprintf’,
     inlined from ‘rsa_engine_get_priv_key’ at ./tools/../^:273:4:
/usr/include/riscv64-linux-gnu/bits/stdio2.h:71:10: warning:
‘%s’ directive argument is null [-Wformat-truncation=]
    71 |   return __builtin___snprintf_chk (__s, __n,
__USE_FORTIFY_LEVEL - 1,
       |
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    72 |        __glibc_objsize (__s), __fmt,
       |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    73 |        __va_arg_pack ());
       |        ~~~~~~~~~~~~~~~~~

Avoid passing a NULL string.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-09-01 19:25:37 -04:00
Chia-Wei Wang
74bda4fe3d lib/md5: Export progressive APIs
Export the MD5 hash init/update/finish progressive APIs
for better flexibility.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
2021-09-01 19:25:37 -04:00
Alexandru Gagniuc
fe68a67a5f lib/rsa: Remove support for OpenSSL < 1.1.0 and libressl < 2.7.0
Older OpenSSL and libressl versions have a slightly different API.
This require #ifdefs to support. However, we still can't support it
because the ECDSA path does not compile with these older versions.
These #ifdefs are truly a vestigial appendage.

Alternatively, the ECDSA path could be updated for older libraries,
but this requires significant extra code, and #ifdefs. Those libraries
are over three years old, and there concerns whether it makes sense to
build modern software for real world use against such old libraries.

Thusly, remove #ifdefs and code for old OpenSSL and LibreSSL support.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-09-01 19:25:37 -04:00
Michal Simek
b4c2c151b1 Kconfig: Remove all default n/no options
default n/no doesn't need to be specified. It is default option anyway.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
[trini: Rework FSP_USE_UPD portion]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-08-31 17:47:49 -04:00
Tom Rini
4865db0716 Pull request for efi-2021-10-rc3
Documentation:
 
 * Rename Freescale to NXP
 * Document structures used for the UEFI TCG2 protocol
 
 UEFI:
 
 * Device paths must use EfiBootServicesData
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEK7wKXt3/btL6/yA+hO4vgnE3U0sFAmEf+AgACgkQhO4vgnE3
 U0skxhAAjjv6yMYLYlj2YNTtYDS2zVsnsY8i/vmWNmGYvwfrlcUC/e3J00ftBIjI
 DEwImrzefvQwr4NOZgIlyxR81NwboWULxvHSF5avwctxQVoTElkSfE2Ji+nFYa23
 P/L7E/Zf+NwTHBlE1wfkNJPZ/zya73DTOe+MGWvLnvOX56JZqEJOgmTtcQntRUll
 9zkB76j6sCk8B3ydFZmzGqhB4aslJBypG+bQB72XXGVBZoHb9pEPv90hBl616AN/
 5H8WewxTE2s6z3IfexxPAc7ssMQuW3RWw0WsJvBVviw8tSPj4SZjg5HNHAM3mz/i
 EXHUqAEySP1oT6P4hVef7Xc9gC67N+dVZGAA1QcZBkAnH+BQQ2GmIWX5+3mZJflq
 3eHWhMUHWc4q76MbN9QqReAo3wJ3GsBqdA1oORR5FgIPwEVl0jwQMYv6frC/vB6/
 6VX8WcbAWsixjf8QeQlibfMqBO9xZI1Iue5rN6DcwMey6dZrDnXGMdk7Woj6F4ga
 tERYBt+UBawTf2ww24wMXc7Hw2dZ6kj44ls2doRFKqHOpaY9Mk2QPTaVPrFkj33J
 3xlH2BYdB3ALriS1jN6Qcq6xEwyaMdkj5MzVyitunaCLiAKKORwGf0chkqiRiA+k
 zEET0uDBtO7beraiUJU9jeMPcVj3mYpiFR/CZBD/HWOVB/KwhGU=
 =gMKg
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-10-rc3' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2021-10-rc3

Documentation:

* Rename Freescale to NXP
* Document structures used for the UEFI TCG2 protocol

UEFI:

* Device paths must use EfiBootServicesData
2021-08-23 12:44:12 -04:00
Matwey V. Kornilov
f52352f65e display_options: Do not use %llu in print_size
tiny-printf variant doesn't know how to handle %llu format string, but both
tiny-printf and print_size can meet in SPL when TFTP is used to obtain main
u-boot image. This is known to lead to critical boot issue at AM335x platform
when printf is catched in infinite loop.

To avoid such issues and make print_size function tiny-printf friendly, use %u
instead of %luu. Note, that the size value is guaranteed to be less than 1024
in this conditional branch, so the cast to unsigned int is safe.

Signed-off-by: Matwey V. Kornilov <matwey.kornilov@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-08-21 18:23:02 -04:00
Matwey V. Kornilov
c091f65234 tiny-printf: Handle %pM format when CONFIG_SPL_NET_SUPPORT is enabled
%pM format string is used to print MAC-address and this is required while SPL
network boot.

This patch fixes the SPL boot issues like the following:

    Trying to boot from USB eth
    ## Error: flags type check failure for "ethaddr" <= "40309614M" (type: m)
    ## Error inserting "ethaddr" variable, errno=1
    eth0: eth_cpsw## Error: flags type check failure for "eth1addr" <=
    "81f01114M" (type: m)
    ## Error inserting "eth1addr" variable, errno=1
    , eth1: usb_ether
    eth_cpsw Waiting for PHY auto negotiation to complete......... TIMEOUT !
    Problem booting with BOOTP
    SPL: failed to boot from all boot devices
    ### ERROR ### Please RESET the board ###

Signed-off-by: Matwey V. Kornilov <matwey.kornilov@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-08-21 18:23:02 -04:00
Heinrich Schuchardt
9a4b3c8e91 efi_loader: use EfiBootServicesData for DP to text
Memory allocated in the implementation of the
EFI_DEVICE_PATH_TO_TEXT_PROTOCOL must be of type EfiBootServicesData.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-08-17 17:24:08 +02:00
Heinrich Schuchardt
426a15893f efi_loader: use EfiBootServicesData for device path
dp_alloc() was using a constant from the wrong enum resulting in creating
device paths in EfiReservedMemory.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-08-17 17:24:08 +02:00
Heinrich Schuchardt
49d225e7bf efi_loader: use correct type for AllocatePages, AllocatePool
Use enum efi_memory_type and enum_allocate_type in the definitions of the
efi_allocate_pages(), efi_allocate_pool().

In the external UEFI API leave the type as int as the UEFI specification
explicitely requires that enums use a 32bit type.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-08-17 17:24:08 +02:00
Alexandru Gagniuc
928a8be794 lib: ecdsa: Implement UCLASS_ECDSA verification on target
Implement the crypto_algo .verify() function for ecdsa256. Because
it backends on UCLASS_ECDSA, this change is focused on parsing the
keys from devicetree and passing this information to the specific
UCLASS driver.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-08-16 10:49:35 +02:00
Masahisa Kojima
61ee780352 efi_loader: refactor efi_append_scrtm_version()
Refactor efi_append_scrtm_version() to use common
function for adding eventlog and extending PCR.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-08-14 20:54:41 +02:00
Masahisa Kojima
fdff03e5b3 efi_loader: add ExitBootServices() measurement
TCG PC Client PFP spec requires to measure
"Exit Boot Services Invocation" if ExitBootServices() is invoked.
Depending upon the return code from the ExitBootServices() call,
"Exit Boot Services Returned with Success" or "Exit Boot Services
Returned with Failure" is also measured.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

Swap two ifs in efi_exit_boot_services().
efi_tcg2_notify_exit_boot_services must have EFIAPI signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-08-14 20:54:41 +02:00
Masahisa Kojima
8fc4e0b427 efi_loader: add boot variable measurement
TCG PC Client PFP spec requires to measure "Boot####"
and "BootOrder" variables, EV_SEPARATOR event prior
to the Ready to Boot invocation.
Since u-boot does not implement Ready to Boot event,
these measurements are performed when efi_start_image() is called.

TCG spec also requires to measure "Calling EFI Application from
Boot Option" for each boot attempt, and "Returning from EFI
Application from Boot Option" if a boot device returns control
back to the Boot Manager.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-08-14 20:54:41 +02:00
Masahisa Kojima
cfbcf054a3 efi_loader: add secure boot variable measurement
TCG PC Client PFP spec requires to measure the secure
boot policy before validating the UEFI image.
This commit adds the secure boot variable measurement
of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr".

Note that this implementation assumes that secure boot
variables are pre-configured and not be set/updated in runtime.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-08-14 20:54:41 +02:00
Heinrich Schuchardt
148ce20520 efi_loader: Uri() device path node
iPXE used Uri() device path nodes. So we should support them in the
device path to text protocol.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-08-14 20:54:41 +02:00
Tom Rini
b91c704333 Merge https://source.denx.de/u-boot/custodians/u-boot-samsung 2021-08-03 09:07:01 -04:00
Simon Glass
e6951139c0 lib: Allow using 0x when a decimal value is requested
U-Boot mostly uses hex for value input, largely because addresses are much
easier to understand in hex.

But in some cases a decimal value is requested, such as where the value is
small or hex does not make sense in the context. In these cases it is
sometimes useful to be able to provide a hex value in any case, if only to
resolve any ambiguity.

Add this functionality, for increased flexibility.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Simon Glass
5a94546e1c lib: Move common digit-parsing code into a function
The code to convert a character into a digit is repeated twice in this
file. Factor it out into a separate function. This also makes the code a
little easier to read.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Simon Glass
96b23440c1 lib: Drop unnecessary check for hex digit
If we see 0x then we can assume this is the start of a hex value. It
does not seem necessary to check for a hex digit after that since it will
happen when parsing the value anyway.

Drop this check to simplify the code and reduce size. Add a few more test
cases for when a 0x prefix is used.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Simon Glass
0b1284eb52 global: Convert simple_strtoul() with decimal to dectoul()
It is a pain to have to specify the value 10 in each call. Add a new
dectoul() function and update the code to use it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Simon Glass
7e5f460ec4 global: Convert simple_strtoul() with hex to hextoul()
It is a pain to have to specify the value 16 in each call. Add a new
hextoul() function and update the code to use it.

Add a proper comment to simple_strtoul() while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-08-02 13:32:14 -04:00
Heinrich Schuchardt
78e6b871fd efi_loader: typo cerificate
%s/cerificate/certificate/

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-08-02 08:21:12 +02:00
Heinrich Schuchardt
fa3f1f1dbd lib: disable CONFIG_SPL_HEXDUMP by default
CONFIG_HEXDUMP is needed to display UEFI variables using 'printenv -e'.

Enabling CONFIG_SPL_HEXDUMP only makes sense for debugging purposes.
Hence CONFIG_SPL_HEXDUMP should not be enabled by default.

The following boards currently have CONFIG_SPL_HEXDUMP=y. This includes
boards that don't use SPL at all.

axm_defconfig
imx8mm-cl-iot-gate_defconfig
imx8mm_venice_defconfig
imxrt1020-evk_defconfig
imxrt1050-evk_defconfig
kontron_sl28_defconfig
kp_imx53_defconfig
lx2160ardb_tfa_stmm_defconfig
mt7622_rfb_defconfig
octeon_ebb7304_defconfig
octeon_nic23_defconfig
qemu_arm64_defconfig
qemu_arm_defconfig
qemu-riscv32_defconfig
qemu-riscv32_smode_defconfig
qemu-riscv64_defconfig
qemu-riscv64_smode_defconfig
qemu-x86_64_defconfig
qemu-x86_defconfig
sandbox64_defconfig
sandbox_defconfig
stm32mp15_basic_defconfig
stm32mp15_trusted_defconfig
synquacer_developerbox_defconfig
taurus_defconfig
xilinx_versal_virt_defconfig

The patch only keeps it enabled on

sandbox_spl_defconfig

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-08-01 15:45:11 +02:00
Marc Kleine-Budde
62b27a561c mkimage: use environment variable MKIMAGE_SIGN_PIN to set pin for OpenSSL Engine
This patch adds the possibility to pass the PIN the OpenSSL Engine
used during signing via the environment variable MKIMAGE_SIGN_PIN.
This follows the approach used during kernel module
signing ("KBUILD_SIGN_PIN") or UBIFS image
signing ("MKIMAGE_SIGN_PIN").

Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2021-07-28 20:46:34 -04:00
Chan, Donald
6d59ace988 lib: rsa: rsa-sign: Minor bug in debug message
*sig_size isn't set until later so use the correct variables.

Signed-off-by: Donald Chan <hoiho@lab126.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-28 20:46:34 -04:00
Thomas Perrot
0eadb2b2da lib: rsa: rsa-verify: Fix a typo in a debug message
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
2021-07-28 20:46:34 -04:00
Simon Glass
1a46cb6c7e lib: Create a new Kconfig option for charset conversion
Rather than looking at two KConfig options in the Makefile, create a new
Kconfig option for compiling lib/charset.c

Enable it for UFS also, which needs this support.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-28 14:27:54 -04:00
Roland Gaudig
0b016428a7 lib: strto: add simple_strtoll function
Add simple_strtoll function for converting a string containing digits
into a long long int value.

Signed-off-by: Roland Gaudig <roland.gaudig@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-27 14:50:47 -04:00
Simon Glass
5e19f4aa13 samsung: exynos: Convert SROMC interface to a driver
Add a bus driver for this and use it to configure the bus parameters for
the Ethernet interface. Drop the old pre-driver-model code.

Switch over to use driver model for Ethernet.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
2021-07-27 10:34:27 +09:00
AKASHI Takahiro
86a3d43bff efi_loader: remove asm/setjmp.h from efi_api.h
In the commit c982874e93 ("efi_loader: refactor
efi_setup_loaded_image()"), setjmp-related definitions were moved to
efi_loaded_image_obj in efi_loader.h. So setjmp.h is no longer
refererenced in efi_api.h.

This also fixes some error when efi_api.h will be included in
mkeficapsule.c.

Fixes: c982874e93 ("efi_loader: refactor efi_setup_loaded_image()")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-24 10:49:51 +02:00
AKASHI Takahiro
c2cc60c1f9 efi_loader: capsule: remove authentication data
If capsule authentication is disabled and yet a capsule file is signed,
its signature must be removed from image data to flush.
Otherwise, the firmware will be corrupted after update.

Fixes: 04be98bd6b ("efi: capsule: Add support for uefi capsule
	authentication")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2021-07-24 10:49:51 +02:00
AKASHI Takahiro
ef890f6331 efi_loader: capsule: remove unused guid
efi_guid_capsule_root_cert_guid is never used.
Just remove it.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-24 10:49:51 +02:00
Heinrich Schuchardt
c193d9bd28 smbios: error handling for invalid addresses
SMBIOS tables only support 32bit addresses. If we don't have memory here
handle the error gracefully:

* on x86_64 fail to start U-Boot
* during UEFI booting ignore the missing table

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-24 10:49:51 +02:00
Pali Rohár
11275e4f72 smbios: Fix calculating BIOS Release Date
BIOS Release Date must be in format mm/dd/yyyy and must be release date.
U-Boot currently sets BIOS Release Date from U_BOOT_DMI_DATE macro which is
generated from current build timestamp.

Fix this issue by setting U_BOOT_DMI_DATE macro to U-Boot version which is
better approximation of U-Boot release date than current build timestamp.
Current U-Boot versioning is in format yyyy.mm so as a day choose 01.

Some operating systems are using BIOS Release Date for detecting when was
SMBIOS table filled or if it could support some feature (e.g. BIOS from
1990 cannot support features invented in 2000). So this change also ensures
that recompiling U-Boot from same sources but in different year does not
change behavior of some operating systems.

Macro U_BOOT_DMI_DATE is not used in other file than lib/smbios.c
so remove it from global autogenerated files and also from Makefile.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-24 10:49:51 +02:00
Steffen Jaeckel
29bbe71ccf lib: wrap crypt API to hide errno usage
In order to prevent using the global errno, replace it with a static
version and create a wrapper function which returns the error value.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
2021-07-23 13:36:20 -04:00
Steffen Jaeckel
26dd993657 lib: add crypt subsystem
Add the basic functionality required to support the standard crypt
format.
The files crypt-sha256.c and crypt-sha512.c originate from libxcrypt and
their formatting is therefor retained.
The integration is done via a crypt_compare() function in crypt.c.

```
libxcrypt $ git describe --long --always --all
tags/v4.4.17-0-g6b110bc
```

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
2021-07-23 13:36:14 -04:00
Ilias Apalodimas
ddf67daac3 efi_capsule: Move signature from DTB to .rodata
The capsule signature is now part of our DTB.  This is problematic when a
user is allowed to change/fixup that DTB from U-Boots command line since he
can overwrite the signature as well.
So Instead of adding the key on the DTB, embed it in the u-boot binary it
self as part of it's .rodata.  This assumes that the U-Boot binary we load
is authenticated by a previous boot stage loader.

Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-07-18 14:43:56 +02:00
Masahisa Kojima
d934ed577e efi_loader: increase eventlog buffer size
TCG PC Client PFP spec says "The Log Area Minimum Length
for the TCG event log MUST be at least 64KB." in ACPI chapter.
This commit increase the buffer size to 64KB.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-18 14:43:56 +02:00
Masami Hiramatsu
484d7d80cb efi_loader: Use %pD to log device-path instead of local efi_dp_str()
Use %pD to log device-path instead of using efi_dp_str() and
efi_free_pool() locally in find_boot_device().
This is a cleanup patch, no feature update nor fix.

Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-18 14:43:56 +02:00
Alfonso Sánchez-Beato
17f8cda505 efi_loader: set partition GUID in device path for SIG_TYPE_GUID
Previously, the GPT device GUID was being used instead of the partition,
which was incorrect.

Signed-off-by: Alfonso Sánchez-Beato <alfonso.sanchez-beato@canonical.com>

Let EFI_LOADER select CONFIG_PARTITION_UUIDS.
Use log_warning() instead of printf() for warning.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-07-18 14:43:56 +02:00
Alexandru Gagniuc
6909edb4ce image: rsa: Move verification algorithm to a linker list
Move the RSA verification crytpo_algo structure out of the
crypto_algos array, and into a linker list.

Although it appears we are adding an #ifdef to rsa-verify.c, the gains
outweigh this small inconvenience. This is because rsa_verify() is
defined differently based on #ifdefs. This change allows us to have
a single definition of rsa_verify().

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-16 15:38:49 -04:00
Simon Glass
ad74aed11e image: Rename CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT
Drop the ENABLE and SUPPORT parts of this, which are redundant.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-07-16 12:58:55 -04:00
Rasmus Villemoes
23b542aa3f lib/vsprintf.c: remove unused ip6_addr_string()
There's currently no user of %p[iI]6, so including ip6_addr_string()
in the image is a waste of bytes. It's easy enough to have the
compiler elide it without removing the code completely.

The closest I can find to anybody "handling" ipv6 in U-Boot currently
is in efi_net.c which does

        if (ipv6) {
                ret = EFI_UNSUPPORTED;

As indicated in the comment, it can easily be put back, but preferably
under a config knob.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
2021-07-15 18:44:36 -04:00
Rasmus Villemoes
ce452157e6 lib/vsprintf.c: remove stale comment
U-Boot doesn't support %pS/%pF or any other kind of kallsyms-like
lookups. Remove the comment.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
2021-07-15 18:44:36 -04:00
Rasmus Villemoes
9758778646 lib/vsprintf.c: implement printf() in terms of vprintf()
This saves some code, both in terms of #LOC and .text size, and it is
also the normal convention that foo(...) is implemented in terms of
vfoo().

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
2021-07-15 18:44:36 -04:00
Simon Glass
fdfae3727c tpm: Check outgoing command size
In tpm_sendrecv_command() the command buffer is passed in. If a mistake is
somehow made in setting this up, the size could be out of range. Add a
sanity check for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 331152)
2021-07-15 18:42:05 -04:00
Heinrich Schuchardt
e94ef57952 lib: move rtc-lib.c to lib
Function rtc_to_tm() is needed for FAT file system support even if we don't
have a real time clock. So move it from drivers/ to lib/.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-07-14 16:57:35 -04:00
Masami Hiramatsu
b0b1449b3b efi_loader: Fix to set bootdev_root correctly if bootdev found
Fix find_boot_device() to set bootdev_root if it finds the
bootdev from BootNext. Currently it sets the bootdev_root only
when it finds bootdev from BootOrder.

Fixes: c74cd8bd08 ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Accked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:38:16 +02:00
Heinrich Schuchardt
70bad5462c efi_loader: set CapsuleLast after each capsule
If multiple capsules are applied, the FMP drivers for the individual
capsules can expect the value of CapsuleLast to be accurate. Hence
CapsuleLast must be updated after each capsule.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:30:48 +02:00
Heinrich Schuchardt
d7eedd9d50 efi_loader: missing EFI_CALL() in set_capsule_result
efi_set_variable() should be called with EFI_CALL(). Use
efi_set_variable_int() instead.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:30:48 +02:00
Heinrich Schuchardt
3e49119efb efi_loader: rework messages for capsule updates
* Use log category LOGC_EFI. This allows to remove 'EFI:' prefixes in
  messages.
* Rephrase some of the messages.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:30:48 +02:00
Heinrich Schuchardt
79a61ccb23 efi_loader: provide file attributes in EFI_FILE_PROTOCOL.Read()
When reading a directory using EFI_FILE_PROTOCOL.Read() provide file
attributes and timestamps.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:30:48 +02:00
Heinrich Schuchardt
cbe3ab986b lib: remove superfluous #ifdefs from date.c
We should avoid #ifdef in C modules. Unused functions are eliminated by the
linker.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:30:48 +02:00
Tom Rini
6194b45a83 Merge branch 'next' 2021-07-05 11:20:30 -04:00
Ilias Apalodimas
0fa5020c02 efi_loader: Allow capsule update on-disk without checking OsIndications
Although U-Boot supports capsule update on-disk, it's lack of support for
SetVariable at runtime prevents applications like fwupd from using it.

In order to perform the capsule update on-disk the spec says that the OS
must copy the capsule to the \EFI\UpdateCapsule directory and set a bit in
the OsIndications variable.  The firmware then checks for the
EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED bit in OsIndications
variable, which is set by the submitter to trigger processing of the
capsule on the next reboot.

Let's add a config option which ignores the bit and just relies on the
capsule being present. Since U-Boot deletes the capsule while processing
it, we won't end up applying it multiple times.

Note that this is allowed for all capsules. In the future, once
authenticated capsules are fully supported, we can limit the functionality
to those only.

Signed-off-by: apalos <ilias.apalodimas@linaro.org>

Reword Kconfig description.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 18:29:06 +02:00
Heinrich Schuchardt
149108a3eb efi_loader: clear OsIndications
After each reboot we must clear flag
EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED in variable
OsIndications.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 09:37:01 +02:00
Masami Hiramatsu
417a3c24c9 efi_loader: Improve the parameter check for QueryVariableInfo()
Improve efi_query_variable_info() to check the parameter settings and
return correct error code according to the UEFI Specification 2.9,
and the Self Certification Test (SCT) II Case Specification, June
2017, chapter 4.1.4 QueryVariableInfo().

Reported-by: Kazuhiko Sakamoto <sakamoto.kazuhiko@socionext.com>
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 09:37:01 +02:00
Heinrich Schuchardt
abd62e4d41 efi_loader: missing parentheses in query_console_size
After if we should use parentheses to keep the code readable.

Fixes: a95f4c8859 ("efi_loader: NULL dereference in EFI console")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 09:37:01 +02:00
Ilias Apalodimas
6e0184b86f efi_loader: Always install FMPs
We only install FMPs if a CapsuleUpdate is requested.  Since we now have an
ESRT table which relies on FMPs to build the required information, it
makes more sense to unconditionally install them. This will allow userspace
applications (e.g fwupd) to make use of the ERST and provide us with files
we can use to run CapsuleUpdate on-disk

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 09:37:01 +02:00
Ilias Apalodimas
b891ff18f8 efi_loader: Force a single FMP instance per hardware store
Chapter 23 of the EFI spec (rev 2.9) says:
"A specific updatable hardware firmware store must be represented by
exactly one FMP instance".
This is not the case for us, since both of our FMP protocols can be
installed at the same time because they are controlled by a single
'dfu_alt_info' env variable.
So make the config options depend on each other and allow the user to
install one of them at any given time.  If we fix the meta-data provided
by the 'dfu_alt_info' in the future,  to hint about the capsule type
(fit or raw) we can revise this and enable both FMPs to be installed, as
long as they target different firmware hardware stores

Note that we are not using a Kconfig 'choice' on purpose, since we
want to allow both of those to be installed and tested in sandbox

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 09:37:01 +02:00
Masami Hiramatsu
3ef772230d efi: Fix to use null handle to create new handle for efi_fmp_raw
When running the efidebug capsule disk-update command, the efi_fmp_raw
protocol installation fails with 2 (EFI_INVALID_PARAMETER) as below.
This is because the code passes efi_root instead of the handle local var.

=> efidebug capsule disk-update
EFI: Call: efi_install_multiple_protocol_interfaces( &handle, &efi_guid_firmware_management_protocol, &efi_fmp_fit, NULL)
  EFI: Entry efi_install_multiple_protocol_interfaces(00000000fbaf5988)
    EFI: Call: efi_install_protocol_interface( handle, protocol, EFI_NATIVE_INTERFACE, protocol_interface)
      EFI: Entry efi_install_protocol_interface(00000000fbaf5988, 86c77a67-0b97-4633-a187-49104d0685c7, 0, 00000000fbfa6ee8)
        EFI: new handle 00000000fbb37520
      EFI: Exit: efi_install_protocol_interface: 0
    EFI: 0 returned by efi_install_protocol_interface( handle, protocol, EFI_NATIVE_INTERFACE, protocol_interface)
  EFI: Exit: efi_install_multiple_protocol_interfaces: 0
EFI: 0 returned by efi_install_multiple_protocol_interfaces( &handle, &efi_guid_firmware_management_protocol, &efi_fmp_fit, NULL)
EFI: Call: efi_install_multiple_protocol_interfaces( &efi_root, &efi_guid_firmware_management_protocol, &efi_fmp_raw, NULL)
  EFI: Entry efi_install_multiple_protocol_interfaces(00000000fbfec648)
    EFI: Call: efi_install_protocol_interface( handle, protocol, EFI_NATIVE_INTERFACE, protocol_interface)
      EFI: Entry efi_install_protocol_interface(00000000fbfec648, 86c77a67-0b97-4633-a187-49104d0685c7, 0, 00000000fbfa6f18)
        EFI: handle 00000000fbaf8520
      EFI: Exit: efi_install_protocol_interface: 2
    EFI: 2 returned by efi_install_protocol_interface( handle, protocol, EFI_NATIVE_INTERFACE, protocol_interface)
  EFI: Exit: efi_install_multiple_protocol_interfaces: 2
EFI: 2 returned by efi_install_multiple_protocol_interfaces( &efi_root, &efi_guid_firmware_management_protocol, &efi_fmp_raw, NULL)
Command failed, result=1

To fix this issue, pass the handle local var which is set NULL right
before installing efi_fmp_raw as same as the installing efi_fmp_fit.
(In both cases, the local reference to the handle will be just discarded)

Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-02 09:37:01 +02:00
Tom Rini
605cbcb0a4 Pull request for efi-2021-07-rc5-2
Documentation:
 
 * man-page for askenv
 
 bug fixes
 
 * correct display of BootOrder in efidebug command
 * do not allow TPL_HIGH_LEVEL for CreateEvent(Ex)
 * correct handling of unknown properties in SMBIOS tables
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmDaDcEACgkQxIHbvCwF
 GsTjZQ//elKP0sKZYEMePzOZKZfzD0MnjnzTwsWALqA9h8kv1sAvQLtf5ZDXWIci
 bo4PNhgRD+FHQuprdoLUrQ2+fSNKTUZugmz8lW1Yudiyh+W4oyjYfINRx+gLTH8L
 h5W8w5QkV0R+3Ti8U42YYj+SqsUs0htGW5b2k55kZhH0uUFB63GG2ic0KkHr9cHl
 QQ3Y3tnW+PMxNaer5Q6q3DQjnPTnTO6vfwD9VAoesTd4aunlaPEvK7xAObJzxjpQ
 ySrj0+Yw4S+y0+02eZRnHXgAIZgI73aN2LiiSuT+FrgGN6JPmVlT6ey3LqLCxPDP
 VcEF8S25ULoIu7G7ZgIzzVgbvDjWU9WZNduPU3onVfqT2RaSsRPZoVdyGty+EKRi
 At40vUsAjC3TkttuhDZhfOOoM3ot9vEeeTIQ5Po7bnwwJyMT+PfUTi7PJT/vkfqy
 iN3KHCi0vuzxS/TbpV9ivrFnMdBP6g6v602VgeMeUTEvHFO9xAA3rHYqFQT7qNxH
 4IrRAma6t0R//oeQ5DKD3iqFdkoireHkobEJh0o3hRK7nDAenZiRmvec+o/iogKV
 YO+lZMboz5igAITBlJI5QoifGDs9B1DwoKxUe9dW61jA1CE7qqGg9Qvo251DZ8Ce
 6f8RLkglAkJUbgotyq/YGRRfad28KISEMewj8ATxbQWRCK2vSNQ=
 =ZMB2
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-07-rc5-2' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2021-07-rc5-2

Documentation:

* man-page for askenv

bug fixes

* correct display of BootOrder in efidebug command
* do not allow TPL_HIGH_LEVEL for CreateEvent(Ex)
* correct handling of unknown properties in SMBIOS tables
2021-06-29 11:25:39 -04:00
Tom Rini
6d0453d889 Prepare v2021.07-rc5
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmDaJXgACgkQFHw5/5Y0
 tyySmwwAkW7GVAv+bXSd+8u1IsScl0QrSCoBdfHpdMcAME3gZmXqxClxskfbYJR/
 3IByQFlsn7j8HruR/49+etk0i0Pc4HNfynTLuAy+77/lh+h3Pnru/VPBhQqR7KW0
 NN5STn91QWLl74vRmx5wmEfSMhg7LTE1US8Rh6UXAd2dAiPd+hUawIR9D0Pq5Gzm
 nn7HvamDYspFUgSYYl8h1RtRQ9VqAFpnnPphpLkvX6323uCQwccXu5pnj1fLfGfj
 iO2Q+bDcwpEdUosox/LM1BdMoaSA+opOjk/e72y9V84+Jk6D+Jn5zQEpF5TJnTyI
 Yi2+NuJWS5xFWk1dnJrbGt0HpWM2oO12dZZ7eYy/FdsPJiWAS0ppRuxHVb868vjD
 ulca7acFPUjGyo3vBw1S0iVmPCBFGHBoyg3QLrUHYbpISeBeoa2w2cDxQl90ahw/
 TgRx+yutKfwkBPfILwDylNOgCGRwvLfroRyMEMiQ3gTSOCBmBX/yMv1k8tb9ZvPZ
 /WVsK6dw
 =F7x1
 -----END PGP SIGNATURE-----

Merge tag 'v2021.07-rc5' into next

Prepare v2021.07-rc5

# gpg: Signature made Mon 28 Jun 2021 03:39:36 PM EDT
# gpg:                using RSA key 1A3C7F70E08FAB1707809BBF147C39FF9634B72C
# gpg: Good signature from "Thomas Rini <trini@konsulko.com>" [ultimate]

# Conflicts:
#	configs/am64x_evm_r5_defconfig
2021-06-28 16:22:13 -04:00
Kunihiko Hayashi
534f0fbd65 arm64: Fix relocation of env_addr if POSITION_INDEPENDENT=y
If both POSITION_INDEPENDENT and SYS_RELOC_GD_ENV_ADDR are enabled,
wherever original env is placed anywhere, it should be relocated to
the right address.

Relocation offset gd->reloc_off is calculated with SYS_TEXT_BASE in
setup_reloc() and env address gd->env_addr is relocated by the offset in
initr_reloc_global_data().

gd->env_addr
  = (orig env) + gd->reloc_off
  = (orig env) + (gd->relocaddr - SYS_TEXT_BASE)

However, SYS_TEXT_BASE isn't always runtime base address when
POSITION_INDEPENDENT is enabled. So the relocated env_addr might point to
wrong address. For example, if SYS_TEXT_BASE is zero, gd->env_addr is
out of memory location and memory exception will occur.

There is a difference between linked address such as SYS_TEXT_BASE and
runtime base address. In _main, the difference is calculated as
"run-vs-link" offset. The env_addr should also be added to the offset
to fix the address.

gd->env_addr
  = (orig env) + ("run-vs-link" offset)   + gd->reloc_off
  = (orig env) + (SYS_TEXT_BASE - _start) + (gd->relocaddr - SYS_TEXT_BASE)
  = (orig env) + (gd->relocaddr - _start)

Cc: Marek Vasut <marex@denx.de>
Signed-off-by: Kunihiko Hayashi <hayashi.kunihiko@socionext.com>
Acked-by: Marek Vasut <marex@denx.de>
Tested-by: Marek Vasut <marex@denx.de>
2021-06-28 14:47:10 -04:00
Ilias Apalodimas
70e80666f2 smbios: Fix SMBIOS tables
Commit e4f8e543f1a9("smbios: Drop the unused Kconfig options")
break SMBIOS tables.  The reason is that the patch drops the Kconfig
options *after* removing the code using them,  but that changes the semantics
of the code completely.  Prior to the change a non NULL value was used in
the 'product' and 'manufacturer ' fields.

Chapter 6.2 of the DMTF spec requires Manufacturer and Product Name to be
non-null on some of the tables. So let's add sane defaults for Type1/2/3.

* Before the patchset:

<snip>
Handle 0x0002, DMI type 2, 14 bytes
Base Board Information
        Manufacturer: Not Specified
        Product Name: Not Specified
        Version: Not Specified
        Serial Number: Not Specified
        Asset Tag: Not Specified
        Features:
                Board is a hosting board
        Location In Chassis: Not Specified
        Chassis Handle: 0x0000
        Type: Motherboard

Invalid entry length (0). DMI table is broken! Stop.

* After the patchset:

<snip>
Handle 0x0005, DMI type 32, 11 bytes
System Boot Information
        Status: No errors detected

Handle 0x0006, DMI type 127, 4 bytes
End Of Table

Fixes: e4f8e543f1 ("smbios: Drop the unused Kconfig options")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-06-28 19:57:13 +02:00
Ilias Apalodimas
ff192304b6 smbios: Fix BIOS Characteristics Extension Byte 2
We currently define the EFI support of an SMBIOS table as the third bit of
"BIOS Characteristics Extension Byte 1". The latest DMTF spec defines it
on "BIOS Characteristics Extension Byte 2".

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Remove superfluous assignment.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-06-28 19:57:13 +02:00
Heinrich Schuchardt
8c6532d7c4 smbios: convert function descriptions to Sphinx style
Use 'Return:' instead of '@return:'.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-06-28 19:57:13 +02:00
Heinrich Schuchardt
7891fe675d efi_loader: TPL_HIGH_LEVEL not allowed for CreateEvent
According to chapter 7.1 "Event, Timer, and Task Priority Services"
TPL_HIGH_LEVEL should not be exposed to applications and drivers.

According to the discussion with EDK II contributors this implies that
CreateEvent() shall not allow to create events with TPL_HIGH_LEVEL.

Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>
2021-06-28 19:57:13 +02:00
Tero Kristo
7d0f3fbb93 lib: rational: copy the rational fraction lib routines from Linux
Copy the best rational approximation calculation routines from Linux.
Typical usecase for these routines is to calculate the M/N divider
values for PLLs to reach a specific clock rate.

This is based on linux kernel commit:
"lib/math/rational.c: fix possible incorrect result from rational
fractions helper"
(sha1: 323dd2c3ed0641f49e89b4e420f9eef5d3d5a881)

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Tero Kristo <kristo@kernel.org>
2021-06-11 16:34:52 +05:30
Heinrich Schuchardt
b95e5edc42 efi_loader: fix Sphinx warning
Brackets '[' need to be escaped to avoid a build warning

    lib/efi_loader/efi_image_loader.c:223:
    WARNING: Inline strong start-string without end-string.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-06-09 12:35:01 +02:00
Heinrich Schuchardt
e27b0ff1b7 efi_loader: efi_capsule_delete_file() NULL dereference
If opening a file fails, the file handle pointer is not valid and must not
be dereferenced.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-06-09 00:16:39 +02:00
Heinrich Schuchardt
3dca77b1dc efi_loader: partition numbers are hexadecimal
If we want to address partition 15 of virtio block device 11, we have to
write:

	virtio b:f

When calling sprintf() we must use %x for the device and partition numbers.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-06-09 00:16:39 +02:00
Simon Glass
0cceb99ac5 display_options: Split print_buffer() into two functions
At present print_buffer() outputs a hex dump but it is not possible to
place this dump in a string. Refactor it into a top-level function which
does the printing and a utility function that dumps a line into a string.
This makes the code more generally useful.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-06-08 11:39:09 -04:00
Simon Glass
735dd6ef89 hexdump: Allow ctrl-c to interrupt output
If a long hexdump is initated the user may wish to interrupt it. Add
support for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-06-08 11:39:09 -04:00
Simon Glass
5d6d2b8838 hexdump: Support any rowsize
At present print_hex_dump() only supports either 16- or 32-byte lines.
With U-Boot we want to support any line length up to a maximum of 64.
Update the function to support this, with 0 defaulting to 16, as with
print_buffer().

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-06-08 11:39:09 -04:00
Simon Glass
19edf139e9 hexdump: Add support for sandbox
The current implementation outputs an address as a pointer. Update the
code to use an address instead, respecting the 32/64 nature of the CPU.

Add some initial tests copied from print_test_display_buffer(), just the
ones that can pass with the current implementation.

Note that for this case print_hex_dump() and print_bufffer() produce the
same result. For now the tests are duplicated sine we have separate
functions.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-06-08 11:39:09 -04:00
Simon Glass
2f410fe557 hexdump: Move API to header file
Move the comments to the header file so people can find the function info
without digging in the implementation. Fix up the code style and add an
enum for the first arg.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-06-08 11:39:09 -04:00
Simon Glass
c7b16d830e display_options: Drop two spaces before the ASCII column
At present with print_buffer() U-Boot shows four spaces between the hex
and ASCII data. Two seems enough and matches print_hex_dump(). Change it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-06-08 11:39:09 -04:00
Patrick Delaunay
358c7789af lmb: add lmb_dump_region() function
Add lmb_dump_region() function, to simplify lmb_dump_all_force().
This patch is based on Linux memblock dump function.

An example of bdinfo output is:

.....
fdt_size    = 0x000146a0
FB base     = 0xfdd00000
lmb_dump_all:
 memory.cnt  = 0x1
 memory[0]	[0xc0000000-0xffffffff], 0x40000000 bytes flags: 0
 reserved.cnt  = 0x6
 reserved[0]	[0x10000000-0x10045fff], 0x00046000 bytes flags: 4
 reserved[1]	[0x30000000-0x3003ffff], 0x00040000 bytes flags: 4
 reserved[2]	[0x38000000-0x3800ffff], 0x00010000 bytes flags: 4
 reserved[3]	[0xe8000000-0xefffffff], 0x08000000 bytes flags: 4
 reserved[4]	[0xfbaea344-0xfdffffff], 0x02515cbc bytes flags: 0
 reserved[5]	[0xfe000000-0xffffffff], 0x02000000 bytes flags: 4
arch_number = 0x00000000
TLB addr    = 0xfdff0000
....

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-06-07 10:48:40 -04:00
Patrick Delaunay
e359a4a5c1 lmb: add lmb_is_reserved_flags
Add a new function lmb_is_reserved_flags to check if
an address is reserved with a specific flags.

This function can be used to check if an address was
reserved with no-map flags with:

lmb_is_reserved_flags(lmb, addr, LMB_NOMAP);

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-06-07 10:48:40 -04:00
Patrick Delaunay
59c0ea5df3 lmb: Add support of flags for no-map properties
Add "flags" in lmb_property to save the "no-map" property of
reserved region and a new function lmb_reserve_flags() to check
this flag.

The default allocation use flags = LMB_NONE.

The adjacent reserved memory region are merged only when they have
the same flags value.

This patch is partially based on flags support done in Linux kernel
mm/memblock .c (previously lmb.c); it is why LMB_NOMAP = 0x4, it is
aligned with MEMBLOCK_NOMAP value.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-06-07 10:48:40 -04:00
Sean Anderson
89be8e31cc fastboot: Fix overflow when calculating chunk size
If a chunk was larger than 4GiB, then chunk_data_sz would overflow and
blkcnt would not be calculated correctly. Upgrade it to a u64 and cast
its multiplicands as well. Also fix bytes_written while we're at it.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
2021-06-01 16:48:54 -04:00
Masahisa Kojima
163a0d7e2c efi_loader: add PE/COFF image measurement
"TCG PC Client Platform Firmware Profile Specification"
requires to measure every attempt to load and execute
a OS Loader(a UEFI application) into PCR[4].
This commit adds the PE/COFF image measurement, extends PCR,
and appends measurement into Event Log.

Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Replace CONFIG_HASH_CALCULATE by CONFIG_HASH
Fix conversions between pointers and u64.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-05-28 16:17:01 +02:00
Alexandru Gagniuc
464010b0be efi_loader: Work-around build issue due to missing hash_calculate()
The hash_calculate() symbol is provided by hash-checksum.c. It depends
on hash_progressive_lookup_algo(), provided when CONFIG_HASH=y.

The issue is that hash_calculate() is used by the efi_loader,
irregardless of CONFIG_FIT_SIGNATURE. As pointed out in
commit 87316da05f ("lib: introduce HASH_CALCULATE option"),
enabling hash_calculate() based on CONFIG_FIT_SIGNATURE is incorrect.

To resolve this, use CONFIG_HASH as the compile switch for
hash-checksum.c. This ensures that all dependencies are compiled, and
is the most natural Kconfig to use.

There is the issue of having to 'select HASH' in a couple of places
that already 'select SHA256'. This is a deeper problem with how hashes
are organized, and fixing it is beyonf the scope of this change.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Acked-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-05-28 16:17:01 +02:00
Alexandru Gagniuc
ec0512b173 Revert "lib: introduce HASH_CALCULATE option"
When we think of Kconfig, we usually think of features that we like
to enable or not. Ideally, we wouldn't use Kconfig to fix a build
issue, although sometimes it might make sense. With Kconfig it's hard
to guarantee that the fix is universal. We can only say that it works
for the set of tested configurations. In the majority of cases, it's
preferable to let the linker figure things out for us.

The reverted commit attempted to fix a build issue by adding an
invisible Kconfig option. This is wrong in several ways:

It invents a new Kconfig variable when CONFIG_HASH already
exists for the same purpose.
Second, hash-checksum.c makes use of the hash_progressive_lookup_algo()
symbol, which is only provided with CONFIG_HASH, but this dependency
was not expressed in the reverted patch.

It feels like Kconfig is turning into a listing of all available
source files, and a buffet to 'select' which ones to compile. The
purpose of this revert is to enable the next change to make use of
CONFIG_HASH instead of adding to Kconfig.

This reverts commit 87316da05f.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Acked-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2021-05-28 16:17:01 +02:00
Ilias Apalodimas
38de680e58 efi_loader: Fix coverity warnings for efi tcg2 protocol
Coverity reported 3 warnings on the current code.
CID 331856, 331855, 331854 on the latest scan.

Fix the rest of the warnings by initializing the variables before
passing them to tpm2_get_pcr_info().
In order to avoid future warnings and errors initialize them to 0 within
the function as well, since the values are always OR'ed after querying the
hardware.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-05-28 16:17:01 +02:00
Ilias Apalodimas
1f6871df40 efi_loader: Fix -Wextra warning for EFI TCG2
Compiling with -Wextra produces a number of (harmless) warnings for the EFI
TCG2 protocol.  Let's fix those in case we ever enable the flag on the EFI
subsystem

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-05-25 14:33:22 +02:00
Heinrich Schuchardt
9a6b33bef2 efi_loader: path length in efi_dp_from_name()
Before this patch efi_dp_from_name() only accommodated a maximum file path
length of 31 characters. This leads to boot failures due to file name
truncation.

Allow arbitrary path lengths.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-25 13:06:57 +02:00
Masahisa Kojima
f6081a8a1e efi_loader: expose efi_image_parse() even if UEFI Secure Boot is disabled
This is preparation for PE/COFF measurement support.
PE/COFF image hash calculation is same in both
UEFI Secure Boot image verification and measurement in
measured boot. PE/COFF image parsing functions are
gathered into efi_image_loader.c, and exposed even if
UEFI Secure Boot is not enabled.

This commit also adds the EFI_SIGNATURE_SUPPORT option
to decide if efi_signature.c shall be compiled.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-25 13:06:57 +02:00
Heinrich Schuchardt
6754e24b54 efi_loader: remove weak efi_get_public_key_data()
Configuring a system with CONFIG_EFI_CAPSULE_AUTHENTICATE=y but without a
method to retrieve the public key data is a misconfiguration. We should get
a build failure for it. Therefore remove the weak efi_get_public_key_data()
implementation.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-25 13:06:57 +02:00
Marek Behún
be1e77f286 sandbox: errno: avoid conflict with libc's errno
When building with LTO, the system libc's `errno` variable used in
arch/sandbox/cpu/os.c conflicts with U-Boot's `errno` (defined in
lib/errno.c) with the following error:
 .../ld: errno@@GLIBC_PRIVATE: TLS definition in /lib64/libc.so.6
         section .tbss mismatches non-TLS reference in
	 /tmp/u-boot.EQlEXz.ltrans0.ltrans.o

To avoid this conflict use different asm label for this variable when
CONFIG_SANDBOX is enabled.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-24 14:21:30 -04:00
Marek Behún
98e55f97af lib: crc32: put the crc_table variable into efi_runtime_rodata section
When compiling with LTO, the compiler fails with an error saying that
`crc_table` causes a section type conflict with `efi_var_buf`.

This is because both are declared to be in the same section (via macro
`__efi_runtime_data`), but one is const while the other is not.

Put this variable into the section .rodata.efi_runtime, instead of
.data.efi_runtime, via macro __efi_runtime_rodata.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Marek Vasut <marex@denx.de>
Reviewed-by: Heinrich Schuchardt <xypron.gpk@gmx.de>
2021-05-24 14:21:30 -04:00
Marek Behún
ead698acbc efi_selftest: compiler flags for efi_selftest_miniapp_exception.o
Add $(CFLAGS_EFI) and remove $(CFLAGS_NON_EFI) for
efi_selftest_miniapp_exception.o.

The removal is needed when compiling with LTO - this object file needs
to be compiled without -flto.

The adding is for consistency with other miniapps.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-24 14:21:30 -04:00
Marek Behún
46c3e29219 string: make memcpy(), memset(), memcmp() and memmove() visible for LTO
It seems that sometimes (happening on ARM64, for example with
turris_mox_defconfig) GCC, when linking with LTO, changes the symbol
names of some functions, for example lib/string.c's memcpy() function to
memcpy.isra.0.

This is a problem however when GCC for a code such as this:
	struct some_struct *info = get_some_struct();
	struct some struct tmpinfo;
	tmpinfo = *info;
emits a call to memcpy() by builtin behaviour, to copy *info to tmpinfo.

This then results in the following linking error:
  .../lz4.c:93: undefined reference to `memcpy'
  .../uuid.c:206: more undefined references to `memcpy' follow

GCC's documentation says this about -nodefaultlibs option:
  The compiler may generate calls to "memcmp", "memset", "memcpy" and
  "memmove".  These entries are usually resolved by entries in libc.
  These entry points should be supplied through some other mechanism
  when this option is specified.

Make these functions visible by using the __used macro to avoid this
error.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-24 14:21:30 -04:00
Marek Behún
236f2ec432 treewide: Convert macro and uses of __section(foo) to __section("foo")
This commit does the same thing as Linux commit 33def8498fdd.

Use a more generic form for __section that requires quotes to avoid
complications with clang and gcc differences.

Remove the quote operator # from compiler_attributes.h __section macro.

Convert all unquoted __section(foo) uses to quoted __section("foo").
Also convert __attribute__((section("foo"))) uses to __section("foo")
even if the __attribute__ has multiple list entry forms.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-24 14:21:30 -04:00
Bin Meng
1621d3c434 lib: kconfig: Limit BINMAN_FDT for OF_SEPARATE or OF_EMBED
Generally speaking BINMAN_FDT makes sense for OF_SEPARATE or OF_EMBED.
For the other OF_CONTROL methods, it's quite possible binman node is
not available as binman is invoked during the build phase instead of
runtime. Let's only turn it on for OF_SEPARATE or OF_EMBED by default.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-19 17:01:50 +08:00
Masahisa Kojima
87316da05f lib: introduce HASH_CALCULATE option
Build error occurs when CONFIG_EFI_SECURE_BOOT or
CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled,
because hash-checksum.c is not compiled.

Since hash_calculate() implemented in hash-checksum.c can be
commonly used aside from FIT image signature verification,
this commit itroduces HASH_CALCULATE option to decide
if hash-checksum.c shall be compiled.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:13 +02:00
Ilias Apalodimas
48ee084602 efi_loader: Fix Kconfig for EFI_TCG2 protocol
EFI_TCG2 depends not only on TPMv2 but also on the underlying algorithms.
So select the missing SHA1, SHA256, SHA384 and SHA512 we currently support

Reported-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Add 'default y'.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:13 +02:00
Ilias Apalodimas
2052759a5e efi_loader: Don't stop EFI subsystem init if installing TCG2 fails
Up to now we are stopping the EFI subsystem if a TPMv2 exists but the
protocol fails to install.  Now that we've switched the config to 'default
y' the sandbox TPM fails, since it doesn't support all the required
capabilities of the protocol.

Not installing the protocol is not catastrophic.  If the protocol fails
to install the PCRs will never be extended to the expected values, so
some other entity later in the boot flow will eventually figure it out
and take the necessary actions.

While at it fix a corner case were the user can see an invalid error
message when the protocol failed to install.  We do have a tcg2_uninit()
which we call when the protocol installation fails.  There are cases though
that this might be called before the configuration table is installed (e.g
probing the TPM for capabilities failed).  In that case the user will see
"Failed to delete final events config table".  So stop printing it since it's
not an actual failure , simply because the config table was never installed
in the first place.

In order to stop printing it make efi_init_event_log() and create_final_event()
cleanup themselves and only call tcg2_uninit() when the protocol installation
fails.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:13 +02:00
Ilias Apalodimas
97f446a8ff efi_loader: Uninstall the TCG2 protocol if logging s-crtm fails
Instead of just failing, clean up the installed config table and
EventLog memory if logging an s-crtm event fails during the protocol
installation

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Eliminate label 'out:' by using return.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:13 +02:00
Ilias Apalodimas
b76edf6b07 efi_loader: Clean up tcg2 once in case of failure
efi_init_event_log() calls tcg2_uninit() in case of failure.
We can skip that since the function is called on efi_tcg2_register()
which also cleans up if an error occurs

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:12 +02:00
Peng Fan
bc3f465181 efi_loader: loosen buffer parameter check in efi_file_read_int
This is same issue as https://bugzilla.redhat.com/show_bug.cgi?id=1733817,
but that fix was wrongly partial reverted.

When reading a directory, EFI_BUFFER_TOO_SMALL should be returned when
the supplied buffer is too small, so a use-case is to call
EFI_FILE_PROTOCOL.Read() with *buffer_size=0 and buffer=NULL to
obtain the needed size before doing the actual read.

So remove the check only for directory reading, file reading already
do the check by itself.

Fixes: db12f518edb0("efi_loader: implement non-blocking file services")
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Stefan Sørensen <stefan.sorensen@spectralink.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:12 +02:00
Sughosh Ganu
6a2e26b95f efi_loader: capsule: Remove the check for capsule_authentication_enabled environment variable
The current capsule authentication code checks if the environment
variable capsule_authentication_enabled is set, for authenticating the
capsule. This is in addition to the check for the config symbol
CONFIG_EFI_CAPSULE_AUTHENTICATE. Remove the check for the environment
variable. The capsule will now be authenticated if the config symbol
is set.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviwed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-05-18 12:36:12 +02:00
Heinrich Schuchardt
e2ae483c3b hash: Kconfig option for SHA512 hardware acceleration
Commit a479f103dc ("hash: Allow for SHA512 hardware implementations")
defined function definitions for hardware accelerated SHA384 and SHA512.
If CONFIG_SHA_HW_ACCEL=y, these functions are used.

We already have boards using CONFIG_SHA_HW_ACCEL=y but none implements the
new functions hw_sha384() and hw_sha512().

For implementing the EFI TCG2 protocol we need SHA384 and SHA512. The
missing hardware acceleration functions lead to build errors on boards like
peach-pi_defconfig.

Introduce a new Kconfig symbol CONFIG_SHA512_HW_ACCEL to control if the
functions hw_sha384() and hw_sha512() shall be used to implement the SHA384
and SHA512 algorithms.

Fixes: a479f103dc ("hash: Allow for SHA512 hardware implementations")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-18 12:36:12 +02:00
Heinrich Schuchardt
700f68c354 efi_loader: build warning in efi_tcg2_hash_log_extend_event
Building 32bit boards with the TCG2 protocol enabled leads to a build
warning due to a missing conversion.

    lib/efi_loader/efi_tcg2.c:774:27:
    error: cast to pointer from integer of different size
    [-Werror=int-to-pointer-cast]
    774 |  ret = tcg2_create_digest((u8 *)data_to_hash, data_to_hash_len,
        |                           ^

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-05-18 12:36:12 +02:00
Patrick Delaunay
feb7ac457c dm: core: Add address translation in fdt_get_resource
Today of_address_to_resource() is called only in
ofnode_read_resource() for livetree support and
fdt_get_resource() is called when livetree is not supported.

The fdt_get_resource() doesn't do the address translation
so when it is required, but the address translation is done
by ofnode_read_resource() caller, for example in
drivers/firmware/scmi/smt.c::scmi_dt_get_smt_buffer() {
...
	ret = ofnode_read_resource(args.node, 0, &resource);
	if (ret)
		return ret;

	faddr = cpu_to_fdt32(resource.start);
	paddr = ofnode_translate_address(args.node, &faddr);
...

The both behavior should be aligned and the address translation
must be called in fdt_get_resource() and removed for each caller.

Fixes: a44810123f ("dm: core: Add dev_read_resource() to read device resources")
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
2021-04-29 03:23:39 -07:00
AKASHI Takahiro
2c1a684049 efi_loader: capsule: return a correct error code at find_boot_device()
In case of failure at efi_get_variable_int("BootOrder"), we should
skip examining boot option variables and return an appropriate error
code which is the one the function returned.

Fixes: CID 331153 Code maintainability issues  (UNUSED_VALUE)
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-24 06:53:40 +02:00
Jose Marinho
3627cf4bff efi: Fix ESRT refresh after Capsule update
Indicated by Coverity Scan CID 331147

The ESRT was being refreshed in situations where the UpdateCapsule
procedure failed. In that scenario:

1) the ESRT refresh was superfluous.
2) a failed ESRT refresh return code overwrites the UpdateCapsule error
return code.

This commit ensures that the ESRT is only refreshed when the
UpdateCapsule performs successfully.

CC: Heinrich Schuchardt <xypron.glpk@gmx.de>
CC: Sughosh Ganu <sughosh.ganu@linaro.org>
CC: AKASHI Takahiro <takahiro.akashi@linaro.org>
CC: Tom Rini <trini@konsulko.com>
CC: Andre Przywara <andre.przywara@arm.com>
CC: nd@arm.com

Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-24 06:53:40 +02:00
Ilias Apalodimas
6fe8b4a39d efi_loader: simplify tcg2_create_digest()
Bumping the digest list count, for all supported algorithms,  can be
calculated outside of the individual switch statements.  So let's do that
for every loop iteration instead and simplify the code a bit.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-24 06:53:40 +02:00
Heinrich Schuchardt
a07ee3c198 efi_loader: missing include in efi_string.c
To avoid diverging function definitions we need to include efi_loader.h.

Fixes: fe179d7fb5 ("efi_loader: Add size checks to efi_create_indexed_name()")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-24 06:53:40 +02:00
Patrick Delaunay
6d66502bc7 lmb: Add 2 config to define the max number of regions
Add 2 configs CONFIG_LMB_MEMORY_REGIONS and CONFIG_LMB_RESERVED_REGIONS
to change independently the max number of the regions in lmb
library.

When CONFIG_LMB_USE_MAX_REGIONS=y, move the lmb property arrays to
struct lmb and manage the array size with the element 'max' of struct
lmb_region; their are still allocated in stack.

When CONFIG_LMB_USE_MAX_REGIONS=n, keep the current location in
struct lmb_region to allow compiler optimization.

Increase CONFIG_LMB_RESERVED_REGIONS is useful to avoid lmb errors in
bootm when the number of reserved regions (not adjacent) is reached:
+ 1 region for relocated U-Boot
+ 1 region for initrd
+ 1 region for relocated linux device tree
+ reserved memory regions present in Linux device tree.

The current limit of 8 regions is reached with only 5 reserved regions
in DT.

see Linux kernel commit bf23c51f1f49 ("memblock: Move memblock arrays
to static storage in memblock.c and make their size a variable")

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-04-22 14:09:45 -04:00
Patrick Delaunay
4fa0150d6c lmb: move MAX_LMB_REGIONS value in Kconfig
Move MAX_LMB_REGIONS value in Kconfig, the max number of the regions
in lmb library.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-04-22 14:09:45 -04:00
Patrick Delaunay
00fd8dad4d lmb: add a max parameter in the struct lmb_region
Add a max parameter in lmb_region struct to handle test
in lmb_add_region without using the MAX_LMB_REGIONS
define.

This patch allows to modify these size independently for
memory of reserved regions in the next patches.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-04-22 14:09:45 -04:00
Patrick Delaunay
8f167da9c5 lmb: remove lmb_region.size
Remove the unused field size of struct lmb_region as it is initialized to 0
and never used after in lmb library.

See Linux kernel commit 4734b594c6ca ("memblock: Remove memblock_type.size
and add memblock.memory_size instead")

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-04-22 14:09:45 -04:00
Patrick Delaunay
77b8cfef53 lmb: move CONFIG_LMB in Kconfig
Migrate CONFIG_LMB in Kconfig.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-04-22 14:09:45 -04:00
Karl Beldan
227c53de87 lz4: Fix unaligned accesses
Signed-off-by: Karl Beldan <karl.beldan+oss@gmail.com>
2021-04-20 07:31:12 -04:00
Masahisa Kojima
b1a7a5e0b8 efi_loader: fix possible buffer overflow
Variable "final" will have SHA512 digest, but currently
the array size is not sufficient. Let's fix it.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-17 20:01:32 +02:00
Heinrich Schuchardt
e8287b0fb2 efi_loader: memory leak in efi_capsule_scan_dir()
If realloc() fails, we should free the old buffer.

Fixes: c74cd8bd08: ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-17 20:01:32 +02:00
Sughosh Ganu
7d823747c6 efi_loader: esrt: Remove incorrect invocations of EFI_CALL macro
Remove function invocations using the EFI_CALL macro for those
functions that do not have an EFI_ENTRY call in their definition. Such
functions can use u-boot api's which rely on u-boot global data(gd)
pointer. The Arm and RiscV architectures maintain a separate gd
pointer, one for u-boot, and a separate gd for the efi application.

Calling a function through the EFI_CALL macro changes the gd pointer
to that used for the efi application, with u-boot gd being
unavailable. Any function then trying to dereference u-boot's gd will
result in an abort.

Fix this issue by removing the EFI_CALL macro for all of such
functions which do not begin by an EFI_ENTRY function call.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-17 20:01:31 +02:00
Chan, Donald
fbc777429f lib/rsa: Use EVP_PKEY instead of RSA
Most modern OpenSSL engines have methods overridden at the EVP level rather
than at RSA level, to make these engines work properly with mkimage, the RSA
signing code needs to switch to using EVP_* APIs as much as possible.

Signed-off-by: Donald Chan <hoiho@lab126.com>
[trini: Rebase on top of keyfile changes]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-04-14 17:45:04 -04:00
Alexandru Gagniuc
eb22759e2b lib/ecdsa: Use the 'keydir' argument from mkimage if appropriate
Keys can be derived from keydir, and the "key-name-hint" property of
the FIT. They can also be specified ad-literam via 'keyfile'. Update
the ECDSA signing path to use the appropriate one.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:23:01 -04:00
Alexandru Gagniuc
824ee745fb lib/rsa: Use the 'keyfile' argument from mkimage
Keys can be derived from keydir, and the "key-name-hint" property of
the FIT. They can also be specified ad-literam via 'keyfile'. Update
the RSA signing path to use the appropriate one.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:23:01 -04:00
Alexandru Gagniuc
ed6c9e0b66 lib: Add support for ECDSA image signing
mkimage supports rsa2048, and rsa4096 signatures. With newer silicon
now supporting hardware-accelerated ECDSA, it makes sense to expand
signing support to elliptic curves.

Implement host-side ECDSA signing and verification with libcrypto.
Device-side implementation of signature verification is beyond the
scope of this patch.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Alexandru Gagniuc
4c17e5f691 lib/rsa: Make fdt_add_bignum() available outside of RSA code
fdt_add_bignum() is useful for algorithms other than just RSA. To
allow its use for ECDSA, move it to a common file under lib/.

The new file is suffixed with '-libcrypto' because it has a direct
dependency on openssl. This is due to the use of the "BIGNUM *" type.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Alexandru Gagniuc
0bcb28dfb9 lib: Rename rsa-checksum.c to hash-checksum.c
rsa-checksum.c sontains the hash_calculate() implementations. Despite
the "rsa-" file prefix, this function is useful for other algorithms.

To prevent confusion, move this file to lib/, and rename it to
hash-checksum.c, to give it a more "generic" feel.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Sean Anderson
9af869c414 lib: string: Implement strlcat
This introduces strlcat, which provides a safer interface than strncat. It
never copies more than its size bytes, including the terminating nul. In
addition, it never reads past dest[size - 1], even if dest is not
nul-terminated.

This also removes the stub for dwc3 now that we have a proper
implementation.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-12 17:44:55 -04:00
Sean Anderson
d3358ecc54 lib: string: Fix strlcpy return value
strlcpy should always return the number of bytes copied. We were
accidentally missing the nul-terminator. We also always used to return a
non-zero value, even if we did not actually copy anything.

Fixes: 23cd138503 ("Integrate USB gadget layer and USB CDC driver layer")

Signed-off-by: Sean Anderson <seanga2@gmail.com>
2021-04-12 17:44:55 -04:00
Joel Stanley
a479f103dc hash: Allow for SHA512 hardware implementations
Similar to support for SHA1 and SHA256, allow the use of hardware hashing
engine by enabling the algorithm and setting  CONFIG_SHA_HW_ACCEL /
CONFIG_SHA_PROG_HW_ACCEL.

Signed-off-by: Joel Stanley <joel@jms.id.au>
2021-04-12 17:17:11 -04:00
Patrick Delaunay
a2535243e0 lib: optee: migration optee_copy_fdt_nodes for OF_LIVE support
The optee_copy_fdt_nodes is only used to copy op-tee nodes
of U-Boot device tree (from gd->fdt_blob when OF_LIVE is not activated)
to external device tree but it is not compatible with OF_LIVE.

This patch migrates all used function fdt_ functions to read node on
old_blob to ofnode functions, compatible with OF_LIVE and remove this
parameter "old_blob".

The generated "device tree" is checked on stm32mp platform with OF_LIVE
activated.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-04-12 14:25:31 -04:00
Ilias Apalodimas
f8cd72d1ac efi_loader: Change ptr arithmetics tcg eventlog buffer
Although ptr arithmetics are allowed with extensions in gcc, they
are not allowed by the C spec. So switch to (void *)(uintptr_t) instead

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-04-10 12:00:24 +02:00
Heinrich Schuchardt
8c4488677f efi_loader: esrt: wrong type for LocateHandleBuffer()
efi_locate_handle_buffer() expects no_handles to be of type efi_uintn_t *.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Heinrich Schuchardt
7631c9d0a4 efi_loader: use correct printf codes
For printing u32 use %u not %d.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Sughosh Ganu
5c3de47caa efi_loader: efi_esrt: Fix the build warning for 32 bit systems
Fix the build warning when building for 32 bit systems by using the
length modifier for size_t.

lib/efi_loader/efi_esrt.c: In function ‘efi_esrt_populate’:
include/efi_loader.h:126:8: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 8 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=]

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Sughosh Ganu
dd40cf6f1f efi_loader: Kconfig: Select IMAGE_SIGN_INFO when capsule authentication is enabled
Enable building of the crypto helper functions used during capsule
authentication by selecting IMAGE_SIGN_INFO.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Ilias Apalodimas
f4dc1bc9f0 efi_loader: Cleanup get_var duplication
get_var() is defined statically in efi_bootmgr.c and doesn't properly
check a buffer allocation.  Remove it completely and use the exported
function from efi_var_common.c that does the same thing

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Tom Rini
90eba245a6 Merge branch 'next' 2021-04-05 11:29:57 -04:00
Heinrich Schuchardt
d084f20233 efi_loader: typo 'devide path'
Fix a typo in helloworld.efi.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-31 06:34:33 +00:00
Heinrich Schuchardt
0809cd5f93 efi_loader: Uart device path missing break
In the devicepath node to text conversion for Uart nodes a break statement
is missing.

Indicated by Coverity Scan CID 330038
Fixes: 62df6e9c99 ("efi_loader: Uart device path")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-31 06:22:22 +00:00
Simon Glass
f2c1442e96 bloblist: Make BLOBLIST_TABLES depend on BLOBLIST
Add an extra condition here since we cannot put x86 tables in a bloblist
when bloblists are not supported.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 15:04:31 +13:00
Simon Glass
dc2886b039 binman: Show a message when changing subnodes
This change seems important enough to warrant a visible message. Change
the log_debug() to log_info().

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 15:04:31 +13:00
Simon Glass
272e62cb83 smbios: Allow writing to the coreboot version string
When U-Boot is booted from coreboot the SMBIOS tables are written by
coreboot, not U-Boot. The existing method of updating the BIOS version
string does not work in that case, since gd->smbios_version is only set
when U-Boot writes the tables.

Add a new function which allows the version to be updated by parsing the
tables and writing the string in the correct place. Since coreboot
provides a pointer to the SMBIOS tables in its sysinfo structure, this
makes it easy to do the update.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 13:59:37 +13:00
Ilias Apalodimas
ac30aad210 efi_loader: Clean up file size calculations
We recently added a common function for calculating file size,
instead of copy pasting the code around.  Switch one of the
occurences over to the common function

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviwed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 21:03:51 +01:00
Heinrich Schuchardt
5e21958c02 efi_selfest: redefine enum efi_test_phase
Setup will always occur before ExitBootServices(). So eliminate
EFI_SETUP_AFTER_BOOTTIME_EXIT. Put the SetVirtualAddressMap() test into a
separate class so that we can execute it last.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:54:12 +01:00
Ilias Apalodimas
f69a2016b6 efi_loader: Add an S-CRTM even for firmware version
TCG PC Client Platform Firmware Profile Spec mandates that an S-CRTM
event for the version identifier using the event type EV_S_CRTM_VERSION
must be measured.

So since we are trying to add more conformance into U-Boot, let's add
the event using U_BOOT_VERSION_STRING, extend PCR[0] accordingly and log
it in the EventLog

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-25 20:45:44 +01:00
Ilias Apalodimas
d8cf113fe5 efi_loader: EFI TCG2 free efi memory on protocol failure
Current code doesn't free the efi allocated memory in case the protocol
failed to install

Fixes: c8d0fd5825 ("efi_loader: Introduce eventlog support for TCG2_PROTOCOL")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-25 20:45:41 +01:00
Jose Marinho
4ac6041c3c efi: ESRT creation tests
This commmit exercises the ESRT creation in a EFI selftest.

 A fake FMP, with TEST_ESRT_NUM_ENTRIES FW images, is installed in the
 system leading to the corresponding ESRT entries being populated.
 The ESRT entries are checked against the datastructure used to
 initialize the FMP.

Invocation from the sandbox platform:
add to sandbox_defconfig:
  +CONFIG_CMD_BOOTEFI_SELFTEST=y

 make sandbox_capsule_defconfig all
 ./u-boot -d arch/sandbox/dts/test.dtb
 bootefi selftest

CC: Heinrich Schuchardt	<xypron.glpk@gmx.de>
CC: Sughosh Ganu <sughosh.ganu@linaro.org>
CC: AKASHI Takahiro <takahiro.akashi@linaro.org>
CC: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CC: Andre Przywara <andre.przywara@arm.com>
CC: Alexander Graf <agraf@csgraf.de>
CC: nd@arm.com

Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:19:42 +01:00
Jose Marinho
64a8aae15c efi: Add ESRT to the EFI system table
The ESRT is initialised during efi_init_objlist after
efi_initialize_system_table().

The ESRT is recreated from scratch at the following events:
- successful UpdateCapsule;
- FMP instance install.

The code ensures that every ESRT entry has a unique fw_class value.

Limitations:
- The ESRT is not updated if an FMP instance is uninstalled;
- the fields image_type and flags are in the current implementation left
undefined. Setting these values will require a per-platform function
that returns the image_type/flags as a function of the image fw_class.

CC: Heinrich Schuchardt	<xypron.glpk@gmx.de>
CC: Sughosh Ganu <sughosh.ganu@linaro.org>
CC: AKASHI Takahiro <takahiro.akashi@linaro.org>
CC: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CC: Andre Przywara <andre.przywara@arm.com>
CC: Alexander Graf <agraf@csgraf.de>
CC: nd@arm.com
Signed-off-by: Jose Marinho <jose.marinho@arm.com>

Remove two EFI_CALL() indirections.
Move ESRT GUID in efidebug's list of GUIDs.

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:19:19 +01:00
Ilias Apalodimas
53f6a5aa86 efi_loader: Replace config option for initrd loading
Up to now we install EFI_LOAD_FILE2_PROTOCOL to load an initrd
unconditionally. Although we correctly return various EFI exit codes
depending on the file status (i.e EFI_NO_MEDIA, EFI_NOT_FOUND etc), the
kernel loader, only falls back to the cmdline interpreted initrd if the
protocol is not installed.

This creates a problem for EFI installers, since they won't be able to
load their own initrd and continue the installation. It also makes the
feature hard to use, since we can either have a single initrd or we have
to recompile u-boot if the filename changes.

So let's introduce a different logic that will decouple the initrd
path from the config option we currently have.
When defining a UEFI BootXXXX we can use the filepathlist and store
a file path pointing to our initrd. Specifically the EFI spec describes:

"The first element of the array is a device path that describes the device
and location of the Image for this load option. Other device paths may
optionally exist in the FilePathList, but their usage is OSV specific"

When the EFI application is launched through the bootmgr, we'll try to
interpret the extra device path. If that points to a file that exists on
our disk, we'll now install the load_file2 and the efi-stub will be able
to use it.

This opens up another path using U-Boot and defines a new boot flow.
A user will be able to control the kernel/initrd pairs without explicit
cmdline args or GRUB.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:14:26 +01:00
Ilias Apalodimas
37c3ca5c0b efi_loader: Add helper functions for EFI
A following patch introduces a different logic for loading initrd's
based on the EFI_LOAD_FILE2_PROTOCOL.
Since similar logic can be applied in the future for other system files
(i.e DTBs), let's add some helper functions which will retrieve and
parse file paths stored in EFI variables.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-25 20:14:25 +01:00
Ilias Apalodimas
76e8acce12 efi_loader: Add device path related functions for initrd via Boot####
On the following patches we allow for an initrd path to be stored in
Boot#### variables.  Specifically we encode in the FIlePathList[] of
the EFI_LOAD_OPTIONS for each Boot#### variable.

The FilePathList[] array looks like this:
kernel - 0xff - VenMedia(initrd GUID) - initrd1 - 0x01 initrd2 - 0xff
So let's add the relevant functions to concatenate and retrieve a device
path based on a Vendor GUID.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reformat function descriptions.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:14:25 +01:00
Heinrich Schuchardt
f027222ad8 efi_loader: Uart device path
When uploading an EFI binary via the UART we need to assign a device path.

* Provide devicepath node to text conversion for Uart() node.
* Provide function to create Uart() device path.
* Add UART support to efi_dp_from_name().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:09:17 +01:00
Heinrich Schuchardt
134d3387e1 efi_loader: NULL dereference in EFI console
Even if CONFIG_DM_VIDEO=y and stdout="vidconsole", a video device may not
be available. Check the return values of the relevant functions.

If no video output device is available, assume that the serial console is
in use.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:08:57 +01:00
Simon Glass
df7d89a6fc efi: Fix compiler warnings
This occur when building on Raspberry Pi 400 (32-bit ARM). Fix them.

Examples:

cmd/efidebug.c: In function ‘do_efi_capsule_update’:
cmd/efidebug.c:75:49: warning: cast from pointer to integer of different
	size [-Wpointer-to-int-cast]
  ret = EFI_CALL(RT->update_capsule(&capsule, 1, (u64)NULL));
                                                 ^
include/efi_loader.h:104:9: note: in definition of macro ‘EFI_CALL’
  typeof(exp) _r = exp; \
         ^~~
cmd/efidebug.c:75:49: warning: cast from pointer to integer of different
	size [-Wpointer-to-int-cast]
  ret = EFI_CALL(RT->update_capsule(&capsule, 1, (u64)NULL));
                                                 ^
include/efi_loader.h:104:19: note: in definition of macro ‘EFI_CALL’
  typeof(exp) _r = exp; \
                   ^~~

In file included from include/common.h:20,
                 from lib/efi_loader/efi_capsule.c:9:
lib/efi_loader/efi_capsule.c: In function ‘efi_update_capsule’:
include/efi_loader.h:83:8: warning: format ‘%lu’ expects argument of type
	‘long unsigned int’, but argument 10 has type ‘size_t’
	{aka ‘unsigned int’} [-Wformat=]
  debug("%sEFI: Entry %s(" format ")\n", __efi_nesting_inc(), \
        ^~~~~~~~~~~~~~~~~~
include/linux/printk.h:37:21: note: in definition of macro ‘pr_fmt’
 #define pr_fmt(fmt) fmt
                     ^~~
include/log.h:229:2: note: in expansion of macro ‘log’
  log(LOG_CATEGORY, LOGL_DEBUG, fmt, ##args); \
  ^~~
include/log.h:249:2: note: in expansion of macro ‘debug_cond’
  debug_cond(_DEBUG, fmt, ##args)
  ^~~~~~~~~~
include/efi_loader.h:83:2: note: in expansion of macro ‘debug’
  debug("%sEFI: Entry %s(" format ")\n", __efi_nesting_inc(), \
  ^~~~~
lib/efi_loader/efi_capsule.c:444:2: note: in expansion of macro ‘EFI_ENTRY’
  EFI_ENTRY("%p, %lu, %llu\n", capsule_header_array, capsule_count,
  ^~~~~~~~~
lib/efi_loader/efi_capsule.c:444:19: note: format string is defined here
  EFI_ENTRY("%p, %lu, %llu\n", capsule_header_array, capsule_count,
                 ~~^
                 %u

Signed-off-by: Simon Glass <sjg@chromium.org>
Replace (uintptr_t)NULL by 0.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:08:41 +01:00
Ilias Apalodimas
6f90899120 efi_selftest: Remove loadfile2 for initrd selftests
We are redefining how u-boot locates the initrd to load via the kernel
LoadFile2 protocol.  This selftest is not relevant any more, so remove
it. A new one will be added later

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:08:02 +01:00
Heinrich Schuchardt
a81978efe3 efi_selftest: illegal cast to pointer in initrddump
On 32bit systems u64 cannot directly be cast to void *.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:07:36 +01:00
Mark Kettenis
073e5db672 efi_loader: fix memory type for memory reservation block
The (yet unreleased version of the) devicetree specification clearly
states that:

  As with the /reserved-memory node, when booting via UEFI
  entries in the Memory Reservation Block must also be listed
  in the system memory map obtained via the GetMemoryMap() toi
  protect against allocations by UEFI applications. The memory
  reservation block entries should be listed with type
  EfiReservedMemoryType.

This restores the behaviour that was changed by commit 4cbb2930bd
("efi_loader: consider no-map property of reserved memory").

Fixes: 4cbb2930bd ("efi_loader: consider no-map property of reserved memory")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:07:18 +01:00
Heinrich Schuchardt
4bad14ae79 efi_loader: disable GRUB_ARM32_WORKAROUND on ARCH_SUNXI
GRUB_ARM32_WORKAROUND can be disabled on ARCH_SUNXI as the Allwinner SoCs
only have a level 2 cache controlled via CP15 and not an architecturally
defined cache. Having the cache available speeds up booting Linux.

On ARCH_BCM283X it is already disabled via rpi_2_defconfig. But let's move
this setting to Kconfig.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:07:01 +01:00
Heinrich Schuchardt
62df6e9c99 efi_loader: Uart device path
When uploading an EFI binary via the UART we need to assign a device path.

* Provide devicepath node to text conversion for Uart() node.
* Provide function to create Uart() device path.
* Add UART support to efi_dp_from_name().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-19 20:54:40 +01:00
Heinrich Schuchardt
a95f4c8859 efi_loader: NULL dereference in EFI console
Even if CONFIG_DM_VIDEO=y and stdout="vidconsole", a video device may not
be available. Check the return values of the relevant functions.

If no video output device is available, assume that the serial console is
in use.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-19 20:47:25 +01:00
Simon Glass
64d809b4cb efi: Fix compiler warnings
This occur when building on Raspberry Pi 400 (32-bit ARM). Fix them.

Examples:

cmd/efidebug.c: In function ‘do_efi_capsule_update’:
cmd/efidebug.c:75:49: warning: cast from pointer to integer of different
	size [-Wpointer-to-int-cast]
  ret = EFI_CALL(RT->update_capsule(&capsule, 1, (u64)NULL));
                                                 ^
include/efi_loader.h:104:9: note: in definition of macro ‘EFI_CALL’
  typeof(exp) _r = exp; \
         ^~~
cmd/efidebug.c:75:49: warning: cast from pointer to integer of different
	size [-Wpointer-to-int-cast]
  ret = EFI_CALL(RT->update_capsule(&capsule, 1, (u64)NULL));
                                                 ^
include/efi_loader.h:104:19: note: in definition of macro ‘EFI_CALL’
  typeof(exp) _r = exp; \
                   ^~~

In file included from include/common.h:20,
                 from lib/efi_loader/efi_capsule.c:9:
lib/efi_loader/efi_capsule.c: In function ‘efi_update_capsule’:
include/efi_loader.h:83:8: warning: format ‘%lu’ expects argument of type
	‘long unsigned int’, but argument 10 has type ‘size_t’
	{aka ‘unsigned int’} [-Wformat=]
  debug("%sEFI: Entry %s(" format ")\n", __efi_nesting_inc(), \
        ^~~~~~~~~~~~~~~~~~
include/linux/printk.h:37:21: note: in definition of macro ‘pr_fmt’
 #define pr_fmt(fmt) fmt
                     ^~~
include/log.h:229:2: note: in expansion of macro ‘log’
  log(LOG_CATEGORY, LOGL_DEBUG, fmt, ##args); \
  ^~~
include/log.h:249:2: note: in expansion of macro ‘debug_cond’
  debug_cond(_DEBUG, fmt, ##args)
  ^~~~~~~~~~
include/efi_loader.h:83:2: note: in expansion of macro ‘debug’
  debug("%sEFI: Entry %s(" format ")\n", __efi_nesting_inc(), \
  ^~~~~
lib/efi_loader/efi_capsule.c:444:2: note: in expansion of macro ‘EFI_ENTRY’
  EFI_ENTRY("%p, %lu, %llu\n", capsule_header_array, capsule_count,
  ^~~~~~~~~
lib/efi_loader/efi_capsule.c:444:19: note: format string is defined here
  EFI_ENTRY("%p, %lu, %llu\n", capsule_header_array, capsule_count,
                 ~~^
                 %u

Signed-off-by: Simon Glass <sjg@chromium.org>
Replace (uintptr_t)NULL by 0.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-16 09:37:04 +01:00
Ilias Apalodimas
d2ac8af95b efi_selftest: Remove loadfile2 for initrd selftests
We are redefining how u-boot locates the initrd to load via the kernel
LoadFile2 protocol.  This selftest is not relevant any more, so remove
it. A new one will be added later

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-16 09:37:04 +01:00
Heinrich Schuchardt
fbc6ceae6f efi_selftest: illegal cast to pointer in initrddump
On 32bit systems u64 cannot directly be cast to void *.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-16 09:37:04 +01:00
Mark Kettenis
9ff9f4b426 efi_loader: fix memory type for memory reservation block
The (yet unreleased version of the) devicetree specification clearly
states that:

  As with the /reserved-memory node, when booting via UEFI
  entries in the Memory Reservation Block must also be listed
  in the system memory map obtained via the GetMemoryMap() toi
  protect against allocations by UEFI applications. The memory
  reservation block entries should be listed with type
  EfiReservedMemoryType.

This restores the behaviour that was changed by commit 4cbb2930bd
("efi_loader: consider no-map property of reserved memory").

Fixes: 4cbb2930bd ("efi_loader: consider no-map property of reserved memory")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-16 09:37:04 +01:00
Heinrich Schuchardt
8b5dea3358 efi_loader: disable GRUB_ARM32_WORKAROUND on ARCH_SUNXI
GRUB_ARM32_WORKAROUND can be disabled on ARCH_SUNXI as the Allwinner SoCs
only have a level 2 cache controlled via CP15 and not an architecturally
defined cache. Having the cache available speeds up booting Linux.

On ARCH_BCM283X it is already disabled via rpi_2_defconfig. But let's move
this setting to Kconfig.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-16 09:37:04 +01:00
Tom Rini
22fc991daf Prepare v2021.04-rc4
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmBPhiUACgkQFHw5/5Y0
 tywChgv/RYpdSKrD5s4kCJnImfOwDznESj/CqAQK3Au5zviq7qXRrgxyTKv2e1wM
 W51vUBd0cE1YTACXqbr92wSSyqoTthLqd57KQgVele5uC2dvkqVTSvjPOUwtyIbQ
 BTPkoQnHPn30AILRdPjpEdBGfZhJDDtJFdQopn6h4GjEjPKVH8Wx1Dd+V6SD5f20
 WiksUjgdjMr1AmORY+LdwwJO8FZrGGPYgs8CDtiqxmCSwh3d7kUFFTT+G23BZdo7
 M+81+1uIUaW2Bolds7ZTPrrjr8bPwkWoTqNYhUB4bNPLp72gwnjM1rtU1X3hyiJM
 MdxSBimLHUOYPihfeSYCHSUrJaQFAAEFkuzWfZN1fgoswKEZQIVVVTzT/TomTyqf
 1DIXD+0HpXGKgVLW/Nkpl4D+UFjR865XI4kiuDxddjKI7bGbvDlbZ/k3PNelD7op
 umUswHnC3OTSw/g+A9VH/zf1rMFNLfu++vD7XJtdoWlcsl6x6/6Fh75tuC6K/X0K
 caPmehD3
 =ENym
 -----END PGP SIGNATURE-----

Merge tag 'v2021.04-rc4' into next

Prepare v2021.04-rc4
2021-03-15 12:15:38 -04:00
Heinrich Schuchardt
e91789e2f6 lib/charset: UTF-8 stream conversion
Provide functions to convert an UTF-8 stream to code page 437 or UTF-32.

Add unit tests.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-07 17:37:13 +01:00
Heinrich Schuchardt
ddbaff53da lib/charset: utf8_get() should return error
utf8_get() should return an error if hitting an illegal UTF-8 sequence and
not silently convert the input to a question mark.

Correct utf_8() and the its unit test.

console_read_unicode() now will ignore illegal UTF-8 sequences.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-07 17:37:13 +01:00
Heinrich Schuchardt
73bb90cabc efi_loader: carve out utf_to_cp()
Carve out a function to translate a Unicode code point to an 8bit codepage.

Provide a unit test for the new function.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-07 17:37:13 +01:00
Heinrich Schuchardt
70616a1ed8 efi_loader: move codepage 437 table
Move the Unicode to codepage 437 table to charset.c

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-07 17:37:12 +01:00
Heinrich Schuchardt
997b57fc1a efi_loader: console size of vidconsole
If stdout is 'vidconsole', we correctly set the console size.
If stdout is 'vidconsole,serial', the video console is ignored.

We should always evaluate the size of vidconsole if it is the primary
console.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-07 17:37:12 +01:00
Bin Meng
e010315899 lib: kconfig: Mention CONFIG_ADDR_MAP limitation in the help
Mention that CONFIG_ADDR_MAP only works in the post-relocation phase.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2021-03-05 10:25:43 +05:30
Bin Meng
b561563316 lib: addr_map: Move address_map[] type to the header file
At present address_map[] is static and its type is unknown to external
modules. In preparation to create a command to list its contents, this
patch moves its type definition and declaration to the header file.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2021-03-05 10:25:43 +05:30
Bin Meng
56e7257ca8 lib: Fix BINMAN_FDT dependency
lib/binman.c references the following 3 ofnode APIs:
ofnode_first_subnode(), ofnode_path() and ofnode_read_bool().

These APIs get built only when DM is on. Fix the dependency then.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-03-03 19:17:25 -07:00
Simon Glass
63af92e837 tpm: Allow disabling platform hierarchy with TPM2
With TPM2 we don't actually lock the TPM once verified boot is finished.
Instead we disable the platform hierarchy which serves the same purpose.
Add an implementation of this so we can safely boot into the kernel.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
7785bc1d5f tpm: Add TPM2 support for write_lock
Implement this API function for TPM2.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
6719cbe31a tpm: Add TPM2 support for read/write values
Implement this API function for TPM2.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
eadcbc7896 tpm: Add an implementation of define_space
Add support for this so that the TPM can be set up for use with
Chromium OS verified boot.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
1bea7cc430 tpm: Reduce duplication in a few functions
Update tpm2_clear() and tpm2_pcr_extend() so that the command size
is not repeated twice. Add a small comment to the latter.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
b8eb9210e7 tpm: Add a basic API implementation for TPMv2
Add support for TPMv2 versions of API functions. So far this is not
complete as the standard is quite large, but it implements everything
currently available for TPMv2 in U-Boot.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
d6a885f087 tpm: Switch TPMv1 over to use the new API
Take over the plain 'tpm_...' functions for use by the new TPM API. Rename
all the TPMv1 functions so they are called from the API.

Update the TPMv1 functions so that they are called from the API. Change
existing users to use the tpm1_ prefix so they don't need to go through
the API, which might introduce uncertainty.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
bfe8fa262c tpm: Add an API that can support v1.2 and v2
There are two different TPM standards. U-Boot supports both but each has
its own set of functions. We really need a single TPM API that can call
one or the other. This is not always possible as there are some
differences between the two standards, but it is mostly possible.

Add an API to handle this. So far it is not plumbed into the build and
only supports TPMv1.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-02 15:53:37 -05:00
Simon Glass
1a39ab87b7 tpm: Add debugging of request in tpm_sendrecv_command()
The response is shown but not the request. Update the code to show both
if debugging is enabled.

Use a 'uint' type for size so it matches the register-word size on both
32- and 64-bit machines.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-02 15:53:37 -05:00
Heinrich Schuchardt
9c081a7eab efi_loader: limit output length for VenHw, VenMedia
VenHw and VenMedia device path nodes may carry vendor defined data of
arbitrary length. When converting a device path node to text ensure that we
do not overrun our internal buffer.

In our implementation of
EFI_DEVICE_PATH_TO_TEXT_PROTOCOL.ConvertDevicePathToText() we could first
determine the output length and then allocate buffers but that would nearly
double the code size. Therefore keep the preallocated buffers and truncate
excessive device paths instead.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-26 16:17:43 +01:00
Heinrich Schuchardt
992b1731e6 efi_loader: ACPI tables must be in EfiACPIReclaimMemory
The UEFI spec does not allow ACPI tables to be in runtime services memory.
It recommends EfiACPIReclaimMemory.

Remove a superfluous check that the allocated pages are 16 byte aligned.
EFI pages are 4 KiB aligned.

Fixes: 86df34d42b ("efi_loader: Install ACPI configuration tables")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-26 16:17:43 +01:00
Siew Chin Lim
277b879906 lib: sha512: include "compiler.h"
Include "compiler.h" in sha512.c. This is needed by 'cpu_to_be64' macro
that used in 'sha512_base_do_finalize' function.

Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-02-24 16:51:49 -05:00
Sean Anderson
8f684bc120 lib: rsa: Add debug message on algo mismatch
Currently we fail silently if there is an algorithm mismatch. To help
distinguish this failure condition.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
2021-02-24 16:51:48 -05:00
Heinrich Schuchardt
bd3d75bb0c efi_loader: multi part device paths to text
Our current implementation of
EFI_DEVICE_PATH_TO_TEXT_PROTOCOL.ConvertDevicePathToText() truncates multi
part device paths after the first part. We should convert all parts.

Render device path instance ends as commas. This is not explicitly
described in the UEFI spec but mimics what EDK II does.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-02-21 09:21:35 +01:00
Heinrich Schuchardt
1edfc3fa9b efi_selftest: multi part device path to text
Test EFI_DEVICE_PATH_TO_TEXT_PROTOCOL.ConvertDevicePathToText() for a multi
part device path.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-02-21 09:21:35 +01:00
Heinrich Schuchardt
512f092da2 efi_selftest: compiler flags for dtbdump.o
Fix a typo. Apply the correct compiler flags to dtbdump.o.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-21 09:21:35 +01:00
Jesper Schmitz Mouridsen
e67beffee0 Allow last block to be read
The last block is of size media->block_size

Signed-off-by: Jesper Schmitz Mouridsen <jesper@schmitz.computer>

Simplify expression.
Apply same change to efi_disk_write_blocks().

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-21 09:21:35 +01:00
Tom Rini
2ae80437fb Merge branch '2021-02-02-drop-asm_global_data-when-unused'
- Merge the patch to take <asm/global_data.h> out of <common.h>
2021-02-15 10:16:45 -05:00
Tom Rini
e31350c3c4 Revert "fdtdec: Use CONFIG_IS_ENABLED in board_fdt_blob_setup()"
On Rockchip platforms we need this area of code in TPL, but there is no
TPL_SEPARATE_BSS symbol.

This reverts commit 0a2aaab0b6.

Reported-by: Markus Reichl <m.reichl@fivetechno.de>
Reported-by: Jesper Schmitz Mouridsen <jesper@schmitz.computer>
Reported-by: Peter Robinson <pbrobinson@gmail.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-02-15 10:06:23 -05:00
Heinrich Schuchardt
15bbcafab1 efi_loader: fix get_last_capsule()
fix get_last_capsule() leads to writes beyond the stack allocated buffer.
This was indicated when enabling the stack protector.

utf16_utf8_strcpy() only stops copying when reaching '\0'. The current
invocation always writes beyond the end of value[].

The output length of utf16_utf8_strcpy() may be longer than the number of
UTF-16 tokens. E.g has "CapsuleКиев" has 11 UTF-16 tokens but 15 UTF-8
tokens. Hence, using utf16_utf8_strcpy() without checking the input may
lead to further writes beyond value[].

The current invocation of strict_strtoul() reads beyond the end of value[].

A non-hexadecimal value after "Capsule" (e.g. "CapsuleZZZZ") must result in
an error. We cat catch this by checking the return value of strict_strtoul().

A value that is too short after "Capsule" (e.g. "Capsule0") must result in
an error. We must check the string length of value[].

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-14 10:34:15 +01:00
Heinrich Schuchardt
841f7a4ebb efi_loader: '.' and '..' are directories
'.' and '..' are directories. So when looking for capsule files it is
sufficient to check that the attribute EFI_FILE_DIRECTORY is not set. We
don't have to check for these special names.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-14 10:34:15 +01:00
Asherah Connor
9d30a941cc efi_loader: don't load beyond VirtualSize
PE section table entries' SizeOfRawData must be a multiple of
FileAlignment, and thus may be rounded up and larger than their
VirtualSize.

We should not load beyond the VirtualSize, which is "the total size of
the section when loaded into memory" -- we may clobber real data at the
target in some other section, since we load sections in reverse order
and sections are usually laid out sequentially.

Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-14 10:34:15 +01:00
Simon Glass
07c9e683a4 smbios: Allow a few values to come from sysinfo
While static configuration is useful it cannot cover every case. Sometimes
board revisions are encoded in resistor straps and must be read at
runtime.

The easiest way to provide this information is via sysinfo, since the
board can then provide a driver to read whatever is needed.

Add some standard sysinfo options for this, and use them to obtain the
required information.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:20:36 +08:00
Simon Glass
e9adaa75bb smbios: Add more options for the BIOS version string
At present the version string is obtained from PLAIN_VERSION. Some boards
may want to configure this using the device tree, since the build system
can more easily insert things there after U-Boot itself is built. Add this
option to the code.

Also in some cases the version needs to be generated programmatically,
such as when it is stored elsewhere in the ROM and must be read first.
To handle this, keep a pointer around so that it can be updated later.
This works by storing the last string in the context, since it is easier
than passing out a little-used extra parameter.

Provide a function to update the version string.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:20:27 +08:00
Simon Glass
fd3b826da8 smbios: Track the end of the string table
Add a new member to the context struct which tracks the end of the string
table. This allows us to avoid recalculating this at the end.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:20:23 +08:00
Simon Glass
0c95fff342 smbios: Drop the eos parameter
We can store this in the context and avoid passing it to each function.
This makes it easier to follow and will also allow keeping track of the
end of the string table (in future patches).

Add an 'eos' field to the context and create a function to set it up.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:18:41 +08:00
Simon Glass
1e8989ad8a smbios: Use a struct to keep track of context
At present we pass the ofnode to each function. We also pass the 'eos'
pointer for adding new strings. We don't track the current end of the
string table, so have smbios_string_table_len() to find that.

The code can be made more efficient if it keeps information in a
context struct. This also makes it easier to add more features.

As a first step, switch the ofnode parameter to be a context pointer.
Update smbios_add_prop() at the same time to avoid changing the same
lines of code in consecutive patches.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:18:41 +08:00
Simon Glass
7617f996e6 smbios: Set BIOS release version
We may as well include the U-Boot release information in the type-0 table
since it is designed for that purpose.

U-Boot uses release versions based on the year and month. The year cannot
fit in a byte, so drop the century.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:18:41 +08:00
Simon Glass
0e89b85906 smbios: Move smbios_write_type to the C file
This type is not used outside the smbios.c file so there is no need for it
to be in the header file. Move it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-06 19:18:41 +08:00
Tom Rini
55ffabec7f Pull request for UEFI sub-system for efi-2021-04-rc2
Bug fixes:
 
 * do not allow creating of files with filenames on FAT file system
 * install UEFI System Partition GUID on ESP handle
 * in dtbdump.efi test tool use GUID to find ESP handle
 
 Documentation:
 
 * man-page for load command
 * describe end of life of plat_auto
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmAcTmoACgkQxIHbvCwF
 GsT0ag/6AjtRtGd8ySYix9lytmDphyztvTTHrd/Bz+UWi64iEIOH6t/RIAPG0yb0
 WJBvTe9eGxbNx5VOx426YtPUGFfzAakMyRaAL5Y4wkQsKgseq3q2sE55wzG4nTiR
 nmweR7TPslSkGtqQQehGGtdMJn//M/alABtTQs5eyjOkJPEc4DzATeksfA64t2Dj
 ijaU4dWbKVHy8spz3xH9cIdF1fvCJGxvSvXCVculN5bfgCf/MJYq6gb2VgXyLL1w
 +6GNklzNKRY8Lk9C4hqq2ktK4dQ4R0qKgqxtihwuSdbZmhV6cScKvmNPCqdYx/1l
 p5ywE067KRm16Hl/41QhKPMVleqn33Td3U4I+CWvO9DPnsH7pY9iRymM6zfRm9+j
 nO4f8++OqG/YXL+oABLkSIZaoYWqGmZd5Nc1bq9sTXthUXHZeC6/V19n0TJYVIV5
 HtIPFJbqn4S4uKjTFxyvudE6OfeW4+HpsY7bQHDRXWY1Kma0fgMYbhFZdUeNyr+6
 N8EFXZ5nKVWqLH9zlAIPOn0AEXzOfvsWad+NU0bILY8f60SqW0AydjvzG8z9CU3e
 vqxx+NxcG26SYscIcANvMI7HxtB6mblBYF2vSqBAkSrQ23Om+dnKkLhHO8pkkNtn
 J4rLpAxEAA1yaqKK/1n67D6pSqvjdWQqOfgL/3E1sqgAGYYOBrc=
 =rQaL
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-04-rc2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi

Pull request for UEFI sub-system for efi-2021-04-rc2

Bug fixes:

* do not allow creating of files with filenames on FAT file system
* install UEFI System Partition GUID on ESP handle
* in dtbdump.efi test tool use GUID to find ESP handle

Documentation:

* man-page for load command
* describe end of life of plat_auto
2021-02-04 17:35:50 -05:00
Heinrich Schuchardt
02fc018a35 efi_loader: VenMedia device path node
The Load File2 protocol exposes a device path with a VenMedia() node. Hence
our implementation of the device path to text protocol should support this
node.

Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-04 20:12:41 +01:00
Heinrich Schuchardt
6bca36cee2 efi_selftest: use GUID to find ESP in dtbdump
If dtbdump.efi is loaded from memory when calling LoadImage the loaded
image protocol will not indicate the partition from where it was loaded.
In this case use the EFI system partition for the 'load' and 'save'
commands.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-04 20:09:03 +01:00
Heinrich Schuchardt
b9b0ea30c7 efi_loader: install UEFI System Partition GUID
On the handle for the UEFI System Partition we must install the System
Partition GUID (with a NULL interface).

Let the efidebug command display the GUID.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-04 20:09:02 +01:00
Heinrich Schuchardt
1bc9fc3483 efi_loader: only check size if EFI_DT_APPLY_FIXUPS
In the implementation of the EFI_DT_FIXUP_PROTOCOL:

* Only check the buffer size when EFI_DT_APPLY_FIXUPS is set.
* In this case the field totalsize of the device-tree may not exceed the
  buffer size.
* Install device-tree only if EFI_DT_INSTALL_TABLE is set.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-04 20:09:02 +01:00
Bin Meng
d17e9d2558 fdtdec: Cast prior_stage_fdt_address with uintptr_t
At present prior_stage_fdt_address is declared as phys_addr_t. On
a 32-bit platform where phys_addr_t can be 64-bit, assigning its
value to gd->fdt_blob which is a pointer, can cause warnings.

Cast it to uintptr_t before the assignment.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-02-03 03:38:41 -07:00
Simon Glass
401d1c4f5d common: Drop asm/global_data.h from common header
Move this out of the common header and include it only where needed.  In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly.   Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-02-02 15:33:42 -05:00
Tom Rini
242ef48ea7 tpm fixes for coral
binman fixes support for symbols in sub-sections
 support for additional cros_ec commands
 various minor fixes / tweaks
 -----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmAV6K8RHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreYERgf/QbwOL87yPbf9SyXBQ0EMTmn1ve9HCiv9
 yeXrijvA0/wtTVoM44d/z7THb+7Zqw6LbsVOXUSicdGqaogy10xIuz5we0CoGJm6
 iwYWV6kaAqjCxDTlSToGnR/TCjiOVgXC6u5QPCZC0LGbAmDbAl4jyCuQxxq2eXYD
 hrLSzZPHDe0s2BeWZKRQJ26qyPfWIribXNJXG78/FsvDrdWPPc5K+/ZEb2IWawWR
 nEZ8GTEYZpik/niEJ3gFozwCwpJQi3PyukjZvzTGn6tBqg12YXE4dbSzcj48Uj4o
 prwUFAGKRR97zFB6c4+NUvd3VBUgPtPdZrtzZ1nNCppiMq1E4BKiDg==
 =kijh
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-30jan21' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm

tpm fixes for coral
binman fixes support for symbols in sub-sections
support for additional cros_ec commands
various minor fixes / tweaks
2021-01-31 08:49:53 -05:00
Simon Glass
5e6c9029cd binman: Print a debug message when binman selects a node
Add some debugging to indicate which node the binman library is looking
at.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:42 -07:00
Heinrich Schuchardt
82d01f04fa efi_loader: switch to non-secure mode later
Some ARMv7 boards using PSCI require to be in secure-mode when booted via
'bootz' or 'bootm'. During distro-boot 'bootefi bootmgr' is called to check
if booting via UEFI is possible.

With the change we change the switch from secure mode to non-secure mode is
moved from the UEFI subsystem setup to just before calling StartImage().

Cc: Jernej Škrabec <jernej.skrabec@gmail.com>
Reported by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-29 20:22:40 +01:00
Heinrich Schuchardt
688e88256f efi_loader: correct block IO alignment check
If the field Media->IoAlign of the EFI block IO protocol is zero, no
alignment is required. Our code required 4 GiB alignment in this case.

Don't check buffer alignment if Media->IoAlign == 0.

Fixes: f59f0825e8 ("efi_loader: parameter checks BLOCK_IO_PROTOCOL")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-29 20:22:40 +01:00
Heinrich Schuchardt
74a614d70a efi_selftest: test EFI_BLOCK_IO_PROTOCOL.Media->LastBlock
The field Media->LastBlock of the EFI_BLOCK_IO_PROTOCOL must be filled
with the index of the last logical block (LBA) for the block device that
our test driver provides.

After calling ConnectController() U-Boot exposes the block IO protocol for
the partition check that the value of Media->LastBlock equals the partition
size minus one.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-29 20:22:40 +01:00
Simon Glass
1e35a4d228 binman: Allow reading entries from a subnode
Some images may have multiple copies of the same thing, e.g. two versions
of the read/write U-Boots. It is necessary to read data from one or other
of these under selection of the verified-boot logic. Add a function to
select the subnode to use.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
76b54d8ca1 binman: Move selection of the binman node into a function
Move this logic out of the main init function so it is available for
other purpose.

Use a different error when multiple-images is in use but no subnode is
available. This makes it easier to determine what is wrong.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
ec5f101a37 crc32: Exclude crc32 from TPL
Unfortunately the toolchain often brings in the crc32 table even if the
function is not actually used. For now, exclude it from the TPL build,
which is very sensitive to size.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
ac42fe539c display_options: Use USE_TINY_PRINTF for SPL check
At present this code uses a simple printf() format if running in SPL. But
SPL can use the full printf. Use USE_TINY_PRINTF instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
0a2aaab0b6 fdtdec: Use CONFIG_IS_ENABLED in board_fdt_blob_setup()
This setting may be different in SPL and TPL. Update the code to check
the correct setting.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
e1d23f569b fdtdec: Update the missing-devicetree message
This includes information about sandbox which is not relevant for most
boards. Drop it.

Also add the address to help figure out the problem.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Philippe Reynes
040fad3791 lib: rsa: rsa-verify: don't look for keys in the FIT image
In the function rsa_verify_hash, if the "main" key doesn't
work, u-boot try others keys. But it searches those keys
in the FIT image instead of the u-boot device tree.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Heinrich Schuchardt
8d0949b3ed efi_loader: correct EFI_BLOCK_IO_PROTOCOL.Media.LastBlock
The field Media.LastBlock of the EFI_BLOCK_IO_PROTOCOL.Media was filled
incorrectly both for block devices as well as for partitions.

The field must be filled with the index of the last logical block (LBA):

* block devices: device size minus 1
* partitions: partition size minus 1

Reported-by: Alexander von Gluck IV <kallisti5@unixzen.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-23 07:56:54 +01:00
Heinrich Schuchardt
2cfb68fd83 efi_loader: notification with TPL_APPLICATION not allowed
The UEFI specification requires event notification levels to be
> TPL_APPLICATION and <= TPL_HIGH_LEVEL.

With the patch the CreateEvent() and CreatedEventEx() services are changed
to check that the notification level is not TPL_APPLICATION.

Reference:
UEFI Specification 2.8 Errata B, table 27 "TPL Restrictions",
"Event Notification Levels"

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-23 07:56:54 +01:00
AKASHI Takahiro
8f1844c333 efi_loader: capsule: fix SIZEOF_MISMATCH warning
CID 316361 says:
> Passing argument "count * 8UL /* sizeof (*files) */" to
> function "dlmalloc" and then casting the return value to "u16 **" is
> suspicious. In this particular case "sizeof (u16 **)" happens to be equal
> to "sizeof (u16 *)", but this is not a portable assumption.
> > 767         tmp_files = malloc(count * sizeof(*files));

The change in this patch fixes the ambiguity.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: CID 316361
For readability use *tmp_files instead of tmp_files[0]
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-23 07:56:53 +01:00
Heinrich Schuchardt
6e8c28cf52 efi_loader: fix efi_load_image_from_path()
Use the correct GUID when closing the file load protocol.
Remove an unnecessary check (Coverity CID 316363).

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-23 07:56:53 +01:00
Tom Rini
404bbc809d Pull request for UEFI sub-system for efi-2021-04-rc1-2
* Provide a test tool for initial RAM disk provided via load file2 protocol.
 * Make more items configurable to reduce code size:
   * Boot manager
   * EFI_DT_FIXUP_PROTOCOL
   * EFI_DEVICE_PATH_UTILITIES_PROTOCOL
 * Bug fixes
   * avoid EFI runtime symbols in global symbol table
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmAIHfIACgkQxIHbvCwF
 GsSz8g/+No9xNYiAK1pY0Fjus6ZSfBhMCY9NGwkEkyzFwXZG+ckmlWwMd+auk8Oz
 noU5vVBkr4JdrdpACdgiCdCeAfsYwxPy7/GulgVMLpptMlrLfbOhA/n7uOzhAilV
 QDt3BouOuvW+sVlxoxD2FNkpw4vFS6CasFgBj1+tWunARoXqIRxD4MbFp1zwApHb
 qC67jomsDS6MvQtrebZ3Erqkp67W0RVtD6X4KGq8+6g+8akVAan5zl7/gPj9Z8h6
 M1AXG/pLqDMrG+3RFGMyqncPOlxPVL85BQAAJVB8/SQcAQ726R4z/ia+3VBFBWWf
 N9rmzNJ9KnbAr3OHZnfqYITe/E2xgiRVqTYl5IL8701E41qhEjRiBWFF+U+QG/8b
 3IByp4FZXVbVxjsjK8dIi5aTmBvznwb0HcrlcbwJRonTvBCBOZCVIoAn2PalZUFW
 4zc4hGaoWVTdwRXaiiQKQuAfA52B3tfPqfWyUsm1E+crf/JYngstQe4A88FDorV6
 ozISWNXb5RzYdNluewJl2c1rfWcUiWHbbnKMt+YbDvE4OTy6lbJC9oY0mNfPE7nK
 7cq/Tk8WNhrMIv95nqzDBCv78naa0iQF5P+tHk6/r3IJ/wFFyD6f4ZvGijvCK+9o
 vgnmK0kz9Qd53m+g4L54xpTsyoCXaU2N9zzD1QgwV3HjW2JyjxY=
 =yVF7
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-04-rc1-2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi

Pull request for UEFI sub-system for efi-2021-04-rc1-2

* Provide a test tool for initial RAM disk provided via load file2 protocol.
* Make more items configurable to reduce code size:
  * Boot manager
  * EFI_DT_FIXUP_PROTOCOL
  * EFI_DEVICE_PATH_UTILITIES_PROTOCOL
* Bug fixes
  * avoid EFI runtime symbols in global symbol table
2021-01-20 10:49:23 -05:00
Ilias Apalodimas
53e54bf50d efi_loader: Avoid emitting efi_var_buf to .GOT
Atish reports that on RISC-V, accessing the EFI variables causes
a kernel panic. An objdump of the file verifies that, since the
global pointer for efi_var_buf ends up in .GOT section which is
not mapped in virtual address space for Linux.

<snip of efi_var_mem_find>

0000000000000084 <efi_var_mem_find>:
  84:   715d                    addi    sp,sp,-80

* objdump -dr
0000000000000086 <.LCFI2>:
  86:   e0a2                    sd  s0,64(sp)
  88:   fc26                    sd  s1,56(sp)
  8a:   e486                    sd  ra,72(sp)
  8c:   f84a                    sd  s2,48(sp)
  8e:   f44e                    sd  s3,40(sp)
  90:   f052                    sd  s4,32(sp)
  92:   ec56                    sd  s5,24(sp)
  94:   00000497            auipc   s1,0x0
            94: R_RISCV_GOT_HI20    efi_var_buf
  98:   0004b483            ld  s1,0(s1) # 94 <.LCFI2+0xe>
            98: R_RISCV_PCREL_LO12_I    .L0
            98: R_RISCV_RELAX   *ABS*

* objdump -t
0000000000000084 g     F .text.efi_runtime  00000000000000b8 efi_var_mem_find

With the patch applied:

* objdump -dr
0000000000000086 <.LCFI2>:
  86:   e0a2                    sd  s0,64(sp)
  88:   fc26                    sd  s1,56(sp)
  8a:   e486                    sd  ra,72(sp)
  8c:   f84a                    sd  s2,48(sp)
  8e:   f44e                    sd  s3,40(sp)
  90:   f052                    sd  s4,32(sp)
  92:   ec56                    sd  s5,24(sp)
  94:   00000497            auipc   s1,0x0
            94: R_RISCV_PCREL_HI20  .LANCHOR0
            94: R_RISCV_RELAX   *ABS*
  98:   00048493            mv  s1,s1
            98: R_RISCV_PCREL_LO12_I    .L0
            98: R_RISCV_RELAX   *ABS*

* objdump -t
0000000000000008 l     O .data.efi_runtime  0000000000000008 efi_var_buf

On arm64 this works, because there's no .GOT entries for this
and everything is converted to relative references.

* objdump -dr (identical pre-post patch, only the new function shows up)
00000000000000b4 <efi_var_mem_find>:
  b4:   aa0003ee    mov x14, x0
  b8:   9000000a    adrp    x10, 0 <efi_var_mem_compare>
            b8: R_AARCH64_ADR_PREL_PG_HI21  .data.efi_runtime
  bc:   91000140    add x0, x10, #0x0
            bc: R_AARCH64_ADD_ABS_LO12_NC   .data.efi_runtime
  c0:   aa0103ed    mov x13, x1
  c4:   79400021    ldrh    w1, [x1]
  c8:   aa0203eb    mov x11, x2
  cc:   f9400400    ldr x0, [x0, #8]
  d0:   b940100c    ldr w12, [x0, #16]
  d4:   8b0c000c    add x12, x0, x12

So let's switch efi_var_buf to static and create a helper function for
anyone that needs to update it.

Fixes: e01aed47d6 ("efi_loader: Enable run-time variable support for tee based variables")
Reported-by: Atish Patra <atishp@atishpatra.org>
Tested-by: Atish Patra <atish.patra@wdc.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
d56013d37c efi_selftest: use CRLF as line endings in dtbdump
EFI applications must use CR LF as line endings.

Provide a print() function to reduce code size.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
65ab48d69d efi_selftest: provide initrddump test tool
Provide an UEFI application to save the initial RAM disk provided by U-Boot
via the Load File2 protocol.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
8644af7dc4 efi_selftest: don't compile dtbdump if GENERATE_ACPI_TABLE
If we are using ACPI tables instead of a device tree, we don't need the
dtbdump.efi test tool.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
b6f6080f56 efi_selftest: ask before overwriting in dtbdump.efi
Before overwriting an existing file ask the user.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
19ea5e66de efi_loader: remove EFI_UNICODE_COLLATION_PROTOCOL
In EFI 1.10 a version of the Unicode collation protocol using ISO 639-2
language codes existed. This protocol is not part of the UEFI specification
any longer. It was however required to run the UEFI Self Certification Test
(SCT) II, version 2.6, 2017. So we implemented it for the sole purpose of
running the SCT.

As the SCT does not need the protocol anymore it is time for removal.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
59593a52a3 efi_loader: EFI_DEVICE_PATH_UTILITIES_PROTOCOL configurable
Allow the EFI_DEVICE_PATH_UTILITIES_PROTOCOL to be disabled via
configuration.

On systems that are very tight on U-Boot image size we may want to disable
the protocol. As it is required to run the UEFI Shell enable it by default.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
4cb07d8d93 efi_loader: make EFI_DT_FIXUP_PROTOCOL configurable
Allow EFI_DT_FIXUP_PROTOCOL to be disabled via configuration.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
535c473e10 efi_loader: fixup protocol, avoid forward declaration
Avoid a forward declaration.

Add a missing function description.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:17:17 +01:00
Heinrich Schuchardt
ff2f532fad efi_loader: make the UEFI boot manager configurable
Some boards are very tight on the binary size. Booting via UEFI is possible
without using the boot manager.

Provide a configuration option to make the boot manager available.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-20 08:09:34 +01:00