u-boot.git/lib/efi_loader/efi_dt_fixup.c, branch master Unnamed repository; edit this file 'description' to name the repository. efi: Make FDT extra space configurable 2025-04-11T11:20:37+00:00 Pawel Kochanowski pkochanowski@sii.pl 2025-03-18T09:22:18+00:00 e8660b23f4929fc787e917f3b5f9cd1d09b93e84 U-Boot currently reserves only 0x3000 bytes when copying the FDT in copy_fdt(), which may not be sufficient if additional nodes (such as FMAN firmware) are added later. This patch uses the exisitng SYS_FDT_PAD to reserve space for FDT fixup instead of hardcoded value. This change prevents potential corruption when resizing FDT after EFI boot, especially when firmware like FMAN requires additional space. Signed-off-by: Gabriel Nesteruk <gnesteruk@sii.pl> Signed-off-by: Pawel Kochanowski <pkochanowski@sii.pl> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
U-Boot currently reserves only 0x3000 bytes when copying the FDT
in copy_fdt(), which may not be sufficient if additional nodes
(such as FMAN firmware) are added later.

This patch uses the exisitng SYS_FDT_PAD to reserve space for FDT fixup
instead of hardcoded value.

This change prevents potential corruption when resizing FDT after
EFI boot, especially when firmware like FMAN requires additional
space.

Signed-off-by: Gabriel Nesteruk <gnesteruk@sii.pl>
Signed-off-by: Pawel Kochanowski <pkochanowski@sii.pl>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: use LOGC_EFI consistently 2025-01-26T10:06:56+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2025-01-16T19:26:59+00:00 e9c34fab18a9a0022b36729afd8e262e062764e2 The log category should be LOGC_EFI all over the EFI sub-system. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The log category should be LOGC_EFI all over the EFI sub-system.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_leader: delete rng-seed if having EFI RNG protocol 2024-10-10T04:04:56+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2024-09-17T08:49:29+00:00 b03b2a45f9f07bdfb0074adf9c8b4339080a7def For measured be boot we must avoid any volatile values in the device-tree. We already delete /chosen/kaslr-seed if we provide and EFI RNG protocol. Additionally remove /chosen/rng-seed provided by QEMU or U-Boot. Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
For measured be boot we must avoid any volatile values in the device-tree.
We already delete /chosen/kaslr-seed if we provide and EFI RNG protocol.

Additionally remove /chosen/rng-seed provided by QEMU or U-Boot.

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
lmb: make LMB memory map persistent and global 2024-09-03T20:08:50+00:00 Sughosh Ganu sughosh.ganu@linaro.org 2024-08-26T11:59:18+00:00 ed17a33fed296a87219b0ff702045ce488bc3771 The current LMB API's for allocating and reserving memory use a per-caller based memory view. Memory allocated by a caller can then be overwritten by another caller. Make these allocations and reservations persistent using the alloced list data structure. Two alloced lists are declared -- one for the available(free) memory, and one for the used memory. Once full, the list can then be extended at runtime. [sjg: Use a stack to store pointer of lmb struct when running lmb tests] Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Signed-off-by: Simon Glass <sjg@chromium.org> [sjg: Optimise the logic to add a region in lmb_add_region_flags()] 
The current LMB API's for allocating and reserving memory use a
per-caller based memory view. Memory allocated by a caller can then be
overwritten by another caller. Make these allocations and reservations
persistent using the alloced list data structure.

Two alloced lists are declared -- one for the available(free) memory,
and one for the used memory. Once full, the list can then be extended
at runtime.

[sjg: Use a stack to store pointer of lmb struct when running lmb tests]

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
[sjg: Optimise the logic to add a region in lmb_add_region_flags()]
efi_loader: Remove <common.h> 2023-12-21T13:54:37+00:00 Tom Rini trini@konsulko.com 2023-12-14T18:16:55+00:00 c38cb227d39f8ce9983df8051f31dcc8466f311e We largely do not need <common.h> in these files, so drop it. The only exception here is that efi_freestanding.c needs <linux/types.h> and had been getting that via <common.h>. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> 
We largely do not need <common.h> in these files, so drop it. The only
exception here is that efi_freestanding.c needs <linux/types.h> and had
been getting that via <common.h>.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
boot: Drop size parameter from image_setup_libfdt() 2023-12-13T23:39:05+00:00 Simon Glass sjg@chromium.org 2023-11-12T15:27:44+00:00 1de1a0348755ad5e57790a39059eceeb8e8aba42 The of_size parameter is not used, so remove it. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com> 
The of_size parameter is not used, so remove it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
treewide: Drop bootm_headers_t typedef 2022-09-29T20:07:57+00:00 Simon Glass sjg@chromium.org 2022-09-07T02:26:50+00:00 d9d7c20b731788c5c8018ce8e5c6e86bb01413df This is not needed and we should avoid typedefs. Use the struct instead. Signed-off-by: Simon Glass <sjg@chromium.org> 
This is not needed and we should avoid typedefs. Use the struct instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
efi_loader: Get rid of kaslr-seed if EFI_RNG_PROTOCOL is installed 2022-01-15T09:57:22+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2022-01-03T12:07:37+00:00 a2f1482fc0e6c5dbdbafecd360d168f9c12fc529 U-Boot, in some occasions, injects a 'kaslr-seed' property on the /chosen node. That would be problematic in case we want to measure the DTB we install in the configuration table, since it would change across reboots. The Linux kernel EFI-stub completely ignores it and only relies on EFI_RNG_PROTOCOL for it's own randomness needs (i.e the randomization of the physical placement of the kernel). In fact it (blindly) overwrites the existing seed if the protocol is installed. However it still uses it for randomizing it's virtual placement. So let's get rid of it in the presence of the RNG protocol. It's worth noting that TPMs also provide an RNG. So if we tweak our EFI_RNG_PROTOCOL slightly and install the protocol when a TPM device is present the 'kaslr-seed' property will always be removed, allowing us to reliably measure our DTB. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Mark Kettenis <kettenis@openbsd.org> 
U-Boot, in some occasions, injects a 'kaslr-seed' property on the /chosen
node. That would be problematic in case we want to measure the DTB we
install in the configuration table, since it would change across reboots.

The Linux kernel EFI-stub completely ignores it and only relies on
EFI_RNG_PROTOCOL for it's own randomness needs (i.e the randomization
of the physical placement of the kernel). In fact it (blindly) overwrites
the existing seed if the protocol is installed. However it still uses it
for randomizing it's virtual placement.
So let's get rid of it in the presence of the RNG protocol.

It's worth noting that TPMs also provide an RNG.  So if we tweak our
EFI_RNG_PROTOCOL slightly and install the protocol when a TPM device
is present the 'kaslr-seed' property will always be removed, allowing
us to reliably measure our DTB.

Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
efi_loader: fix memory type for memory reservation block 2021-03-16T08:37:04+00:00 Mark Kettenis kettenis@openbsd.org 2021-03-14T19:04:24+00:00 9ff9f4b4268946f3b73d9759766ccfcc599da004 The (yet unreleased version of the) devicetree specification clearly states that: As with the /reserved-memory node, when booting via UEFI entries in the Memory Reservation Block must also be listed in the system memory map obtained via the GetMemoryMap() toi protect against allocations by UEFI applications. The memory reservation block entries should be listed with type EfiReservedMemoryType. This restores the behaviour that was changed by commit 4cbb2930bd8c ("efi_loader: consider no-map property of reserved memory"). Fixes: 4cbb2930bd8c ("efi_loader: consider no-map property of reserved memory") Signed-off-by: Mark Kettenis <kettenis@openbsd.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The (yet unreleased version of the) devicetree specification clearly
states that:

  As with the /reserved-memory node, when booting via UEFI
  entries in the Memory Reservation Block must also be listed
  in the system memory map obtained via the GetMemoryMap() toi
  protect against allocations by UEFI applications. The memory
  reservation block entries should be listed with type
  EfiReservedMemoryType.

This restores the behaviour that was changed by commit 4cbb2930bd8c
("efi_loader: consider no-map property of reserved memory").

Fixes: 4cbb2930bd8c ("efi_loader: consider no-map property of reserved memory")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Merge branch '2021-02-02-drop-asm_global_data-when-unused' 2021-02-15T15:16:45+00:00 Tom Rini trini@konsulko.com 2021-02-15T13:19:40+00:00 2ae80437fbe0181184ae4b188b89629b902702c6 - Merge the patch to take <asm/global_data.h> out of <common.h> 
- Merge the patch to take <asm/global_data.h> out of <common.h>