u-boot.git/include/efi_api.h, branch v2023.04-rc2 Unnamed repository; edit this file 'description' to name the repository. efi_loader: add definition for efi_main() 2023-02-10T12:05:40+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-02-10T07:23:24+00:00 60e3fedc64532c66f5bcd7c5c3d95e51ab2783e7 U-Boot provides multiple EFI applications. The entry point is called efi_main(). Provide a definition for this function. This avoids build warnings like lib/efi_loader/initrddump.c:468:21: warning: no previous prototype for ‘efi_main’ [-Wmissing-prototypes] 468 | efi_status_t EFIAPI efi_main(efi_handle_t image_handle, | ^~~~~~~~ Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
U-Boot provides multiple EFI applications. The entry point is called
efi_main(). Provide a definition for this function. This avoids
build warnings like

    lib/efi_loader/initrddump.c:468:21: warning:
    no previous prototype for ‘efi_main’ [-Wmissing-prototypes]
      468 | efi_status_t EFIAPI efi_main(efi_handle_t image_handle,
          |                     ^~~~~~~~

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: fix struct efi_input_key 2023-02-10T12:05:40+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-02-10T07:13:23+00:00 4db17a4b12524d0ec2dc30913dbbf44f968ce8e0 The UEFI specification defines filed UnicodeChar as CHAR16. We use u16 for CHAR16 throughout our code. The change fixes the following errors: lib/efi_loader/initrddump.c: In function ‘efi_input’: lib/efi_loader/initrddump.c:218:38: warning: comparison is always false due to limited range of data type [-Wtype-limits] 218 | if (key.unicode_char >= 0xD800 && key.unicode_char <= 0xDBFF) | ^~ lib/efi_loader/initrddump.c:218:68: warning: comparison is always true due to limited range of data type [-Wtype-limits] 218 | if (key.unicode_char >= 0xD800 && key.unicode_char <= 0xDBFF) | ^~ Fixes: 867a6ac86dd8 ("efi: Add start-up library code") Reported-by: Marek Vasut <marex@denx.de> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The UEFI specification defines filed UnicodeChar as CHAR16. We use
u16 for CHAR16 throughout our code. The change fixes the following errors:

    lib/efi_loader/initrddump.c: In function ‘efi_input’:
    lib/efi_loader/initrddump.c:218:38: warning:
    comparison is always false due to limited range of data type
    [-Wtype-limits]
      218 | if (key.unicode_char >= 0xD800 && key.unicode_char <= 0xDBFF)
          |                      ^~
    lib/efi_loader/initrddump.c:218:68: warning:
    comparison is always true due to limited range of data type
    [-Wtype-limits]
      218 | if (key.unicode_char >= 0xD800 && key.unicode_char <= 0xDBFF)
          |                                                    ^~

Fixes: 867a6ac86dd8 ("efi: Add start-up library code")
Reported-by: Marek Vasut <marex@denx.de>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: set UEFI specification version to 2.10 2022-12-29T09:51:50+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-12-23T01:26:52+00:00 eff6b7157c0094c02e790146c09a2f1b4bda410f Claim to implement UEFI 2.10 setting EFI_SPECIFICATION_VERSION accordingly. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Claim to implement UEFI 2.10 setting EFI_SPECIFICATION_VERSION accordingly.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi: adjust ebbr to v2.1 in conformance profile 2022-12-17T13:37:33+00:00 Vincent Stehlé vincent.stehle@arm.com 2022-12-16T16:55:04+00:00 63db1561f1db28c83dea1e219fe87e264a184eb4 The EFI Conformance Profile Table entry for EBBR appears in v2.1.0 of the EBBR specification[1]. Update naming accordingly. While at it, update the EBBR version referenced in the documentation. [1]: https://github.com/ARM-software/ebbr/releases/tag/v2.1.0 Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The EFI Conformance Profile Table entry for EBBR appears in v2.1.0 of the
EBBR specification[1]. Update naming accordingly.

While at it, update the EBBR version referenced in the documentation.

[1]: https://github.com/ARM-software/ebbr/releases/tag/v2.1.0

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi: ECPT add EBBRv2.0 conformance profile 2022-09-03T08:13:26+00:00 Jose Marinho jose.marinho@arm.com 2021-12-17T12:55:05+00:00 648a8dcb39306ebd32353d6c503ac3b69e064190 Display the EBBRv2.0 conformance in the ECPT table. The EBBRv2.0 conformance profile is set in the ECPT if CONFIG_EFI_EBBR_2_0_CONFORMANCE=y. Signed-off-by: Jose Marinho <jose.marinho@arm.com> Add dependencies for CONFIG_EFI_EBBR_2_0_CONFORMANCE. Enable the setting by default. Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Display the EBBRv2.0 conformance in the ECPT table.

The EBBRv2.0 conformance profile is set in the ECPT if
CONFIG_EFI_EBBR_2_0_CONFORMANCE=y.

Signed-off-by: Jose Marinho <jose.marinho@arm.com>

Add dependencies for CONFIG_EFI_EBBR_2_0_CONFORMANCE.
Enable the setting by default.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi: Create ECPT table 2022-09-03T07:35:48+00:00 Jose Marinho jose.marinho@arm.com 2021-12-23T14:51:07+00:00 6b92c1735205eef308a9e33ec90330a3e6d27fc3 The ECPT table will be included in the UEFI specification 2.9+. The ECPT table was introduced in UEFI following the code-first path. The acceptance ticket can be viewed at: https://bugzilla.tianocore.org/show_bug.cgi?id=3591 The Conformance Profiles table is a UEFI configuration table that contains GUID of the UEFI profiles that the UEFI implementation conforms with. The ECPT table is created when CONFIG_EFI_ECPT=y. The config is set by default. Signed-off-by: Jose Marinho <jose.marinho@arm.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The ECPT table will be included in the UEFI specification 2.9+.
The ECPT table was introduced in UEFI following the code-first path. The
acceptance ticket can be viewed at:
	https://bugzilla.tianocore.org/show_bug.cgi?id=3591

The Conformance Profiles table is a UEFI configuration table that contains
GUID of the UEFI profiles that the UEFI implementation conforms with.

The ECPT table is created when CONFIG_EFI_ECPT=y.
The config is set by default.

Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: add sha384/512 on certificate revocation 2022-05-07T21:17:26+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2022-05-06T12:36:00+00:00 b436cc6a57cae017343a549f4b701e748d7e6448 Currently we don't support sha384/512 for the X.509 certificate in dbx. Moreover if we come across such a hash we skip the check and approve the image, although the image might needs to be rejected. Rework the code a bit and fix it by adding an array of structs with the supported GUIDs, len and literal used in the U-Boot crypto APIs instead of hardcoding the GUID types. It's worth noting here that efi_hash_regions() can now be reused from efi_signature_lookup_digest() and add sha348/512 support there as well Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Currently we don't support sha384/512 for the X.509 certificate
in dbx.  Moreover if we come across such a hash we skip the check
and approve the image,  although the image might needs to be rejected.

Rework the code a bit and fix it by adding an array of structs with the
supported GUIDs, len and literal used in the U-Boot crypto APIs instead
of hardcoding the GUID types.

It's worth noting here that efi_hash_regions() can now be reused from
efi_signature_lookup_digest() and add sha348/512 support there as well

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
FMP: Remove GUIDs for FIT and raw images 2022-04-15T08:43:18+00:00 Sughosh Ganu sughosh.ganu@linaro.org 2022-04-15T05:59:39+00:00 9736287173cfdbe42f968314ab325169e1444fd6 The capsule update code has been modified for getting the image GUID values from the platform code. With this, each image now has a unique GUID value. With this change, there is no longer a need for defining GUIDs for FIT and raw images. Remove these GUID values. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> 
The capsule update code has been modified for getting the image GUID
values from the platform code. With this, each image now has a unique
GUID value. With this change, there is no longer a need for defining
GUIDs for FIT and raw images. Remove these GUID values.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
efi_loader: correctly handle mixed hashes and signatures in db 2022-01-29T09:23:40+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2022-01-28T22:20:31+00:00 4b634313232ed4a17bbf66d228764fef639e1f65 A mix of signatures and hashes in db doesn't always work as intended. Currently if the digest algorithm is not explicitly set to sha256 we stop walking the security database and reject the image. That's problematic in case we find and try to check a signature before inspecting the sha256 hash. If the image is unsigned we will reject it even if the digest matches. Since we no longer reject the image on unknown algorithms add an explicit check and reject the image if any other hash algorithm apart from sha256 is detected on dbx. Suggested-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
A mix of signatures and hashes in db doesn't always work as intended.
Currently if the digest algorithm is not explicitly set to sha256 we
stop walking the security database and reject the image.

That's problematic in case we find and try to check a signature before
inspecting the sha256 hash.  If the image is unsigned we will reject it
even if the digest matches.

Since we no longer reject the image on unknown algorithms add an explicit
check and reject the image if any other hash algorithm apart from sha256
is detected on dbx.

Suggested-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: Enable RISCV_EFI_BOOT_PROTOCOL support 2022-01-29T09:23:40+00:00 Sunil V L sunilvl@ventanamicro.com 2022-01-28T15:18:44+00:00 1ccf87165e38cb32f2444d8fd4b3e4d8ea13928e This adds support for new RISCV_EFI_BOOT_PROTOCOL to communicate the boot hart ID to bootloader/kernel on RISC-V UEFI platforms. The specification of the protocol is hosted at: https://github.com/riscv-non-isa/riscv-uefi Signed-off-by: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
This adds support for new RISCV_EFI_BOOT_PROTOCOL to
communicate the boot hart ID to bootloader/kernel on RISC-V
UEFI platforms.

The specification of the protocol is hosted at:
https://github.com/riscv-non-isa/riscv-uefi

Signed-off-by: Sunil V L <sunilvl@ventanamicro.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>