u-boot.git/lib/efi_loader/efi_boottime.c, branch v2020.10 Unnamed repository; edit this file 'description' to name the repository. efi_loader: save global data pointer on RISC-V 2020-09-14T21:28:52+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-09-10T10:22:54+00:00 d68d7f47a9f1942ee64e0b119f0e1e2ebf660ed1 On RISC-V the global data pointer is stored in register gp. When a UEFI binary calls the EFI API we have to restore it. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
On RISC-V the global data pointer is stored in register gp. When a UEFI
binary calls the EFI API we have to restore it.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: remove duplicate image size check 2020-09-06T19:21:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-27T15:54:53+00:00 578d7cc8fa11f938a110bfea769c1dd311af0d75 The image size is checked in efi_load_pe(). Avoid checking it twice. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The image size is checked in efi_load_pe(). Avoid checking it twice.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: document efi_save_gd(), efi_restore_gd() 2020-07-22T10:32:42+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-18T07:53:01+00:00 e7d64065cb4b74357e50b54e54adc780e2f44db1 Provide function descriptions for efi_save_gd() and efi_restore_gd(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Provide function descriptions for efi_save_gd() and efi_restore_gd().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: fix efi_get_child_controllers() 2020-07-11T21:14:16+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-07T02:21:26+00:00 1047c6e23c9bf7e2e0b0c0539b6d7289627c9f71 Don't call calloc(0, ..). Consider return value of efi_get_child_controllers(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Don't call calloc(0, ..).
Consider return value of efi_get_child_controllers().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: allow compiling with clang 2020-06-03T15:19:17+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-05-26T23:58:30+00:00 4f7dc5f608c07f5bc169217bedac6883b0d998df On ARM systems gd is stored in register r9 or x18. When compiling with clang gd is defined as a macro calling function gd_ptr(). So we can not make assignments to gd. In the UEFI sub-system we need to save gd when leaving to UEFI binaries and have to restore gd when reentering U-Boot. Define a new function set_gd() for setting gd and use it in the UEFI sub-system. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Tested-by: Tom Rini <trini@konsulko.com> 
On ARM systems gd is stored in register r9 or x18. When compiling with
clang gd is defined as a macro calling function gd_ptr(). So we can not
make assignments to gd.

In the UEFI sub-system we need to save gd when leaving to UEFI binaries and
have to restore gd when reentering U-Boot.

Define a new function set_gd() for setting gd and use it in the UEFI
sub-system.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Tom Rini <trini@konsulko.com>
common: Drop log.h from common header 2020-05-19T01:19:18+00:00 Simon Glass sjg@chromium.org 2020-05-10T17:40:05+00:00 f7ae49fc4f363a803dab3be078e93ead8e75a8e9 Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org> 
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
efi_loader: image_loader: support image authentication 2020-04-16T06:12:46+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2020-04-14T02:51:44+00:00 4540dabdcacaea50bf874115f28adc103966d25a With this commit, image validation can be enforced, as UEFI specification section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled. Currently we support * authentication based on db and dbx, so dbx-validated image will always be rejected. * following signature types: EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images) EFI_CERT_X509_GUID (x509 certificate for signed images) Timestamp-based certificate revocation is not supported here. Internally, authentication data is stored in one of certificates tables of PE image (See efi_image_parse()) and will be verified by efi_image_authenticate() before loading a given image. It seems that UEFI specification defines the verification process in a bit ambiguous way. I tried to implement it as closely to as EDK2 does. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
With this commit, image validation can be enforced, as UEFI specification
section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled.

Currently we support
* authentication based on db and dbx,
  so dbx-validated image will always be rejected.
* following signature types:
    EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images)
    EFI_CERT_X509_GUID (x509 certificate for signed images)
Timestamp-based certificate revocation is not supported here.

Internally, authentication data is stored in one of certificates tables
of PE image (See efi_image_parse()) and will be verified by
efi_image_authenticate() before loading a given image.

It seems that UEFI specification defines the verification process
in a bit ambiguous way. I tried to implement it as closely to as
EDK2 does.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_loader: export a couple of protocol related functions 2020-03-17T07:29:52+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2020-03-17T02:12:36+00:00 b51ec639788bdf8220de458f49498d9f19f65b2b This is a preparatory patch. Those functions will be used in an implementation of UEFI firmware management protocol as part of my capsule update patch. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
This is a preparatory patch.
Those functions will be used in an implementation of UEFI firmware
management protocol as part of my capsule update patch.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_loader: unnecessary assignment in efi_queue_event 2020-03-11T07:23:05+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-03-06T20:56:10+00:00 2b8568f461188e8bd14ebe9b6968c56baca7b142 The assigned value NULL is never used. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The assigned value NULL is never used.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: describe returning of control 2020-01-14T23:51:51+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-01-10T21:06:54+00:00 55111c5052b3a6b6d26daacc1950e30a2c3aa55f Provide a sober description of how control can be returned by a UEFI binary. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Provide a sober description of how control can be returned by a UEFI
binary.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>