Unnamed repository; edit this file 'description' to name the repository. http://cgit.235523.xyz/u-boot.git/atom/lib/efi_loader/Kconfig?h=v2024.04 2024-01-17T07:40:25Z 2024-01-17T07:40:25Z AKASHI Takahiro takahiro.akashi@linaro.org 2024-01-17T04:39:42Z urn:sha1:279b03d979154cf6d4cd086f21daf478bd3d986c At this point, EFI boot manager interfaces is fully independent from bootefi command. So just rename the configuration parameter. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> 2024-01-17T07:40:25Z AKASHI Takahiro takahiro.akashi@linaro.org 2024-01-17T04:39:41Z urn:sha1:6422820ac3e59fd92dc7fc5c9dcd5c6101065f19 Some code moved from cmd/bootefi.c is actually necessary only for "bootefi <addr>" command (starting an image manually loaded by a user using U-Boot load commands or other methods (like JTAG debugger). The code will never been opted out as unused code by a compiler which doesn't know how EFI boot manager is implemented. So introduce a new configuration, CONFIG_EFI_BINARY_EXEC, to enforce them opted out explicitly. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 2023-11-30T14:33:31Z Tom Rini trini@konsulko.com 2023-11-30T14:33:31Z urn:sha1:4a363dd516856344558034027e40d903868f67b4 Device tree improvents for Paz00 and DM PMIC convertion of recently merged Tegra boards. 2023-11-20T18:06:22Z Ilias Apalodimas ilias.apalodimas@linaro.org 2023-11-06T15:47:53Z urn:sha1:a8062549d6ba81e41596adab83f80e8f819f491d In commit 9fd3f881c6ed ("efi_loader: Increase default variable store size to 64KiB") Alper has a detailed explanation of why the size needs to be bumped to at least 64K. However enabling Secure boot, writing db, KEK, PK etc keys will further increase the size so bump it to 128K. It's worth noting that when U-Boot stores the EFI variables in an RPMB the available storage is defined statically in StandAloneMM at build time. The U-Boot code is detecting the available true size on the fly during writes. When StandAloneMM is present this size defines the reserved memory U-Boot can use to copy any runtime variables, before booting an OS. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 2023-11-18T08:08:09Z Masahisa Kojima masahisa.kojima@linaro.org 2023-11-10T04:25:40Z urn:sha1:d7d07a8b508bb8af564f6de1ea763be0f67f2456 This supports to boot from the URI device path. When user selects the URI device path, bootmgr downloads the file using wget into the address specified by loadaddr env variable. If the file is .iso or .img file, mount the image with blkmap then try to boot with the default file(e.g. EFI/BOOT/BOOTAA64.EFI). Since boot option indicating the default file is automatically created when new disk is detected, system can boot by selecting the automatically created blkmap boot option. If the file is PE-COFF file, load and start the downloaded file. The buffer used to download the ISO image file must be reserved to avoid the unintended access to the image and expose the ramdisk to the OS. For PE-COFF file case, this memory reservation is done in LoadImage Boot Service. [Ilias fix a few memory leaks by replacing returns with gotos] Lore: https://lore.kernel.org/u-boot/20231110042542.3797301-1-masahisa.kojima@linaro.org/T/#mbac31da301ff465b60894b38f3a587b2868cf817 Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 2023-11-07T19:48:51Z Simon Glass sjg@chromium.org 2023-10-26T18:31:20Z urn:sha1:422822cfc02d0215205dc499be55f8feb69c3d06 The command should not be used to enable library functionality. Add a new BOOTEFI_BOOTMGR Kconfig for that. Adjust the conditions so that the same code is built. Signed-off-by: Simon Glass <sjg@chromium.org> Suggested-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 2023-10-27T10:08:25Z Eddie James eajames@linux.ibm.com 2023-10-24T15:43:48Z urn:sha1:54b96e8b2bae9b61e9e178f9f10cf1b81bcda9ad The driver needs to support getting the PCRs in the capabilities command. Fix various other things and support the max number of PCRs for TPM2. Remove the !SANDBOX dependency for EFI TCG2 as well. Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 2023-08-29T17:38:55Z Sughosh Ganu sughosh.ganu@linaro.org 2023-08-22T17:40:05Z urn:sha1:c7d4dfcd142d624ed43ac590c6ef5eca24233e30 The EFI capsule authentication logic in u-boot expects the public key in the form of an EFI Signature List(ESL) to be provided as part of the platform's dtb. Currently, the embedding of the ESL file into the dtb needs to be done manually. Add a target for generating a dtsi file which contains the signature node with the ESL file included as a property under the signature node. Include the dtsi file in the dtb. This brings the embedding of the ESL in the dtb into the U-Boot build flow. The path to the ESL file is specified through the CONFIG_EFI_CAPSULE_ESL_FILE symbol. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 2023-08-08T14:22:03Z Abdellatif El Khlifi abdellatif.elkhlifi@arm.com 2023-08-04T13:33:44Z urn:sha1:218b062e8f20233181ecbcca1d627f5d44c4617d Add MM communication support using FF-A transport This feature allows accessing MM partitions services through EFI MM communication protocol. MM partitions such as StandAlonneMM or smm-gateway secure partitions which reside in secure world. An MM shared buffer and a door bell event are used to exchange the data. The data is used by EFI services such as GetVariable()/SetVariable() and copied from the communication buffer to the MM shared buffer. The secure partition is notified about availability of data in the MM shared buffer by an FF-A message (door bell). On such event, MM SP can read the data and updates the MM shared buffer with the response data. The response data is copied back to the communication buffer and consumed by the EFI subsystem. MM communication protocol supports FF-A 64-bit direct messaging. We tested the FF-A MM communication on the Corstone-1000 platform. We ran the UEFI SCT test suite containing EFI setVariable, getVariable and getNextVariable tests which involve FF-A MM communication and all tests are passing with the current changes. We made the SCT test reports (part of the ACS results) public following the latest Corstone-1000 platform software release. Please find the test reports at [1]. [1]: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000/CORSTONE1000-2023.06/acs_results_fpga.zip Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Tested-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com> Reviewed-by: Simon Glass <sjg@chromium.org> Cc: Tom Rini <trini@konsulko.com> Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org> Cc: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Tom Rini <trini@konsulko.com> 2023-07-24T23:51:05Z Tom Rini trini@konsulko.com 2023-07-24T23:51:05Z urn:sha1:94e7cb181ad6bd25d36a11c58e0df64e9f815888 This reverts commit d927d1a80843e1c3e2a3f0b8f6150790bef83da1, reversing changes made to c07ad9520c6190070513016fdb495d4703a4a853. These changes do not pass CI currently. Signed-off-by: Tom Rini <trini@konsulko.com>