u-boot.git/include/efi_loader.h, branch v2020.04 Unnamed repository; edit this file 'description' to name the repository. efi_loader: definition of GetNextVariableName() 2020-03-22T17:38:02+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-03-22T17:28:20+00:00 7a4e717b9c0c255137a58f3ab90f002fc3aade2b 'vendor' is both an input and an output parameter. So it cannot be constant. Fixes: 0bda81bfdc5c ("efi_loader: use const efi_guid_t * for variable services") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
'vendor' is both an input and an output parameter. So it cannot be
constant.

Fixes: 0bda81bfdc5c ("efi_loader: use const efi_guid_t * for variable services")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: export a couple of protocol related functions 2020-03-17T07:29:52+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2020-03-17T02:12:36+00:00 b51ec639788bdf8220de458f49498d9f19f65b2b This is a preparatory patch. Those functions will be used in an implementation of UEFI firmware management protocol as part of my capsule update patch. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
This is a preparatory patch.
Those functions will be used in an implementation of UEFI firmware
management protocol as part of my capsule update patch.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_loader: Implement FileLoad2 for initramfs loading 2020-02-28T18:37:14+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2020-02-21T07:55:45+00:00 ec80b4735a593961fe701cc3a5d717d4739b0fd0 Following kernel's proposal for an arch-agnostic initrd loading mechanism [1] let's implement the U-boot counterpart. This new approach has a number of advantages compared to what we did up to now. The file is loaded into memory only when requested limiting the area of TOCTOU attacks. Users will be allowed to place the initramfs file on any u-boot accessible partition instead of just the ESP one. Finally this is an attempt of a generic interface across architectures in the linux kernel so it makes sense to support that. The file location is intentionally only supported as a config option argument(CONFIG_EFI_INITRD_FILESPEC), in an effort to enhance security. Although U-boot is not responsible for verifying the integrity of the initramfs, we can enhance the offered security by only accepting a built-in option, which will be naturally verified by UEFI Secure Boot. This can easily change in the future if needed and configure that via ENV or UEFI variable. [1] https://lore.kernel.org/linux-efi/20200207202637.GA3464906@rani.riverdale.lan/T/#m4a25eb33112fab7a22faa0fd65d4d663209af32f Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Following kernel's proposal for an arch-agnostic initrd loading
mechanism [1] let's implement the U-boot counterpart.
This new approach has a number of advantages compared to what we did up
to now. The file is loaded into memory only when requested limiting the
area of TOCTOU attacks. Users will be allowed to place the initramfs
file on any u-boot accessible partition instead of just the ESP one.
Finally this is an attempt of a generic interface across architectures
in the linux kernel so it makes sense to support that.

The file location is intentionally only supported as a config option
argument(CONFIG_EFI_INITRD_FILESPEC), in an effort to enhance security.
Although U-boot is not responsible for verifying the integrity of the
initramfs, we can enhance the offered security by only accepting a
built-in option, which will be naturally verified by UEFI Secure Boot.
This can easily change in the future if needed and configure that via ENV
or UEFI variable.

[1] https://lore.kernel.org/linux-efi/20200207202637.GA3464906@rani.riverdale.lan/T/#m4a25eb33112fab7a22faa0fd65d4d663209af32f

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_rng_protocol: Install the efi_rng_protocol on the root node 2020-01-07T17:08:22+00:00 Sughosh Ganu sughosh.ganu@linaro.org 2019-12-28T18:31:06+00:00 33c37d9784168ac75be91e890329712d9a849539 Install the EFI_RNG_PROTOCOL implementation for it's subsequent use by the kernel for features like kaslr. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Install the EFI_RNG_PROTOCOL implementation for it's subsequent use by
the kernel for features like kaslr.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: Add guidcpy function 2020-01-07T17:08:20+00:00 Sughosh Ganu sughosh.ganu@linaro.org 2019-12-28T18:31:04+00:00 61e42d9465ef36857693cc3db615438241a06bf6 Add guidcpy function to copy the source guid to the destination guid. Use this function instead of memcpy for copying to the destination guid. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Use void * instead of efi_guid_t * for arguments to allow copying unaligned GUIDs. The GUIDs of configuration tables are __packed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Add guidcpy function to copy the source guid to the destination
guid. Use this function instead of memcpy for copying to the
destination guid.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>

Use void * instead of efi_guid_t * for arguments to allow copying unaligned
GUIDs. The GUIDs of configuration tables are __packed.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: export efi_install_fdt() 2020-01-07T17:08:20+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2019-12-08T00:07:01+00:00 f64f223256f32e86d97ec32eea7dc36d5e9c5fd9 Use a pointer to addressable memory instead of a "physical" address in the virtual address space of the sandbox to efi_install_fdt(). Export the efi_install_fdt() function. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Use a pointer to addressable memory instead of a "physical" address in the
virtual address space of the sandbox to efi_install_fdt().

Export the efi_install_fdt() function.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: carve out efi_run_image() 2020-01-07T17:08:20+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2019-12-07T19:51:06+00:00 f9ceb6ac1443b824e94a9df9ec1dfb2bc742e451 Provide public function efi_run_imager() which can be used to run an UEFI image from memory. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Provide public function efi_run_imager() which can be used to run an UEFI
image from memory.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: pass address to efi_install_fdt() 2020-01-07T17:08:20+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2019-11-28T05:46:09+00:00 7a597259d26f84a63350b6a1af5b29445e9d451b As part of moving the parsing of command line arguments to do_bootefi() call efi_install_fdt() with the address of the device tree instead of a string. If the address is EFI_FDT_USE_INTERNAL (= 0), the internal device tree is used. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
As part of moving the parsing of command line arguments to do_bootefi()
call efi_install_fdt() with the address of the device tree instead of a
string.

If the address is EFI_FDT_USE_INTERNAL (= 0), the internal device tree
is used.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: remove unused function efi_dp_from_dev() 2019-11-19T11:10:22+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2019-11-10T01:16:33+00:00 246e60184604a59312a4f8d66d83e155ace847c2 Function efi_dp_from_dev() is not used anywhere. Remove it. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Function efi_dp_from_dev() is not used anywhere. Remove it.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi: Move inline functions to unconditional part of header 2019-10-08T05:54:12+00:00 Simon Glass sjg@chromium.org 2019-09-25T14:11:32+00:00 fdeb6f7dc6ed81ba50f1b56eb4bade9108f5f145 At present these two functions are defined in efi_loader.h but only if CONFIG_EFI_LOADER is enabled. But these are functions that are useful to other code, such as that which deals with Intel Handoff Blocks (HOBs). Move these to the top of the function. Possibly ascii2unicode() should not be an inline function, since this might impact code size. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> 
At present these two functions are defined in efi_loader.h but only if
CONFIG_EFI_LOADER is enabled. But these are functions that are useful to
other code, such as that which deals with Intel Handoff Blocks (HOBs).

Move these to the top of the function.

Possibly ascii2unicode() should not be an inline function, since this
might impact code size.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>