u-boot.git/lib/efi_loader/Makefile, branch v2022.07 Unnamed repository; edit this file 'description' to name the repository. efi_loader: disk: compile efi_disk when CONFIG_BLK 2022-04-23T20:05:34+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-04-19T01:01:57+00:00 38f255b96085d2e50558a16256c87ffd885f2f7e Now we can build efi_loader with block device support (CONFIG_BLK) and without CONFIG_PARTITIONS. So change Makefile. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
Now we can build efi_loader with block device support (CONFIG_BLK) and
without CONFIG_PARTITIONS.
So change Makefile.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_loader: initrddump: Actually use the custom CFLAGS 2022-03-31T17:06:17+00:00 Andy Shevchenko andriy.shevchenko@linux.intel.com 2022-03-30T09:14:43+00:00 b6370aca3709ef23a9e8fe556beaa2e4b4e089c3 It seems a copy'n'paste typo when tool had been introduced. It has never had the 'exit' suffix in the file name. Hence, the custom CFLAGS never been applied and, for example, BFD linker complains: LD lib/efi_loader/initrddump_efi.so ld.bfd: lib/efi_loader/initrddump.o: warning: relocation in read-only section `.text.efi_main' ld.bfd: warning: creating DT_TEXTREL in a shared object Remove wrong 'exit' suffix from the custom CFLAGS variable. Fixes: 65ab48d69ddb ("efi_selftest: provide initrddump test tool") Fixes: 9c045a49a9c9 ("efi_loader: move dtbdump.c, initrddump.c to lib/efi_loader") Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
It seems a copy'n'paste typo when tool had been introduced.
It has never had the 'exit' suffix in the file name. Hence,
the custom CFLAGS never been applied and, for example, BFD
linker complains:

  LD      lib/efi_loader/initrddump_efi.so
  ld.bfd: lib/efi_loader/initrddump.o: warning: relocation in read-only section `.text.efi_main'
  ld.bfd: warning: creating DT_TEXTREL in a shared object

Remove wrong 'exit' suffix from the custom CFLAGS variable.

Fixes: 65ab48d69ddb ("efi_selftest: provide initrddump test tool")
Fixes: 9c045a49a9c9 ("efi_loader: move dtbdump.c, initrddump.c to lib/efi_loader")
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: move dtbdump.c, initrddump.c to lib/efi_loader 2022-03-20T16:01:00+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-03-03T07:13:53+00:00 9c045a49a9c96ffb6e6b43f7e615fc2bd0e2077d The tools dtbdump.efi and initrddump.efi are useful for Python testing even if CONFIG_EFI_SELFTEST=n. Don't clear the screen as it is incompatible with Python testing. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The tools dtbdump.efi and initrddump.efi are useful for Python testing even
if CONFIG_EFI_SELFTEST=n.

Don't clear the screen as it is incompatible with Python testing.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: Enable RISCV_EFI_BOOT_PROTOCOL support 2022-01-29T09:23:40+00:00 Sunil V L sunilvl@ventanamicro.com 2022-01-28T15:18:44+00:00 1ccf87165e38cb32f2444d8fd4b3e4d8ea13928e This adds support for new RISCV_EFI_BOOT_PROTOCOL to communicate the boot hart ID to bootloader/kernel on RISC-V UEFI platforms. The specification of the protocol is hosted at: https://github.com/riscv-non-isa/riscv-uefi Signed-off-by: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
This adds support for new RISCV_EFI_BOOT_PROTOCOL to
communicate the boot hart ID to bootloader/kernel on RISC-V
UEFI platforms.

The specification of the protocol is hosted at:
https://github.com/riscv-non-isa/riscv-uefi

Signed-off-by: Sunil V L <sunilvl@ventanamicro.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Revert "efi_capsule: Move signature from DTB to .rodata" 2021-09-18T09:47:50+00:00 Simon Glass sjg@chromium.org 2021-08-02T14:44:31+00:00 47a25e81d35c8d801cae9089de90c9ffea083409 This was unfortunately applied despite much discussion about it beiong the wrong way to implement this feature. Revert it before too many other things are built on top of it. This reverts commit ddf67daac39de76d2697d587148f4c2cb768f492. Signed-off-by: Simon Glass <sjg@chromium.org> 
This was unfortunately applied despite much discussion about it beiong
the wrong way to implement this feature.

Revert it before too many other things are built on top of it.

This reverts commit ddf67daac39de76d2697d587148f4c2cb768f492.
Signed-off-by: Simon Glass <sjg@chromium.org>
efi_loader: typo cerificate 2021-08-02T06:21:12+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2021-08-02T06:21:12+00:00 78e6b871fdcf4bb86c6d7292a0e5d4a98e1435b6 %s/cerificate/certificate/ Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
%s/cerificate/certificate/

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_capsule: Move signature from DTB to .rodata 2021-07-18T12:43:56+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2021-07-17T14:26:44+00:00 ddf67daac39de76d2697d587148f4c2cb768f492 The capsule signature is now part of our DTB. This is problematic when a user is allowed to change/fixup that DTB from U-Boots command line since he can overwrite the signature as well. So Instead of adding the key on the DTB, embed it in the u-boot binary it self as part of it's .rodata. This assumes that the U-Boot binary we load is authenticated by a previous boot stage loader. Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org> Tested-by: Masami Hiramatsu <masami.hiramatsu@linaro.org> Tested-by: Sughosh Ganu <sughosh.ganu@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The capsule signature is now part of our DTB.  This is problematic when a
user is allowed to change/fixup that DTB from U-Boots command line since he
can overwrite the signature as well.
So Instead of adding the key on the DTB, embed it in the u-boot binary it
self as part of it's .rodata.  This assumes that the U-Boot binary we load
is authenticated by a previous boot stage loader.

Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: expose efi_image_parse() even if UEFI Secure Boot is disabled 2021-05-25T11:06:57+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-05-14T00:53:36+00:00 f6081a8a1e45e4864e36d83ccc236eef62478b1f This is preparation for PE/COFF measurement support. PE/COFF image hash calculation is same in both UEFI Secure Boot image verification and measurement in measured boot. PE/COFF image parsing functions are gathered into efi_image_loader.c, and exposed even if UEFI Secure Boot is not enabled. This commit also adds the EFI_SIGNATURE_SUPPORT option to decide if efi_signature.c shall be compiled. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
This is preparation for PE/COFF measurement support.
PE/COFF image hash calculation is same in both
UEFI Secure Boot image verification and measurement in
measured boot. PE/COFF image parsing functions are
gathered into efi_image_loader.c, and exposed even if
UEFI Secure Boot is not enabled.

This commit also adds the EFI_SIGNATURE_SUPPORT option
to decide if efi_signature.c shall be compiled.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi: Add ESRT to the EFI system table 2021-03-25T19:19:19+00:00 Jose Marinho jose.marinho@arm.com 2021-03-02T17:26:38+00:00 64a8aae15ce9cccdb907219a9fce9f5b17ae791a The ESRT is initialised during efi_init_objlist after efi_initialize_system_table(). The ESRT is recreated from scratch at the following events: - successful UpdateCapsule; - FMP instance install. The code ensures that every ESRT entry has a unique fw_class value. Limitations: - The ESRT is not updated if an FMP instance is uninstalled; - the fields image_type and flags are in the current implementation left undefined. Setting these values will require a per-platform function that returns the image_type/flags as a function of the image fw_class. CC: Heinrich Schuchardt <xypron.glpk@gmx.de> CC: Sughosh Ganu <sughosh.ganu@linaro.org> CC: AKASHI Takahiro <takahiro.akashi@linaro.org> CC: Ilias Apalodimas <ilias.apalodimas@linaro.org> CC: Andre Przywara <andre.przywara@arm.com> CC: Alexander Graf <agraf@csgraf.de> CC: nd@arm.com Signed-off-by: Jose Marinho <jose.marinho@arm.com> Remove two EFI_CALL() indirections. Move ESRT GUID in efidebug's list of GUIDs. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The ESRT is initialised during efi_init_objlist after
efi_initialize_system_table().

The ESRT is recreated from scratch at the following events:
- successful UpdateCapsule;
- FMP instance install.

The code ensures that every ESRT entry has a unique fw_class value.

Limitations:
- The ESRT is not updated if an FMP instance is uninstalled;
- the fields image_type and flags are in the current implementation left
undefined. Setting these values will require a per-platform function
that returns the image_type/flags as a function of the image fw_class.

CC: Heinrich Schuchardt	<xypron.glpk@gmx.de>
CC: Sughosh Ganu <sughosh.ganu@linaro.org>
CC: AKASHI Takahiro <takahiro.akashi@linaro.org>
CC: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CC: Andre Przywara <andre.przywara@arm.com>
CC: Alexander Graf <agraf@csgraf.de>
CC: nd@arm.com
Signed-off-by: Jose Marinho <jose.marinho@arm.com>

Remove two EFI_CALL() indirections.
Move ESRT GUID in efidebug's list of GUIDs.

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: Add helper functions for EFI 2021-03-25T19:14:25+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2021-03-17T19:54:59+00:00 37c3ca5c0b1a449356279efdcaca346b3eae84fd A following patch introduces a different logic for loading initrd's based on the EFI_LOAD_FILE2_PROTOCOL. Since similar logic can be applied in the future for other system files (i.e DTBs), let's add some helper functions which will retrieve and parse file paths stored in EFI variables. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
A following patch introduces a different logic for loading initrd's
based on the EFI_LOAD_FILE2_PROTOCOL.
Since similar logic can be applied in the future for other system files
(i.e DTBs), let's add some helper functions which will retrieve and
parse file paths stored in EFI variables.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>