u-boot.git/lib/efi_loader/efi_setup.c, branch v2022.10 Unnamed repository; edit this file 'description' to name the repository. efi: Create ECPT table 2022-09-03T07:35:48+00:00 Jose Marinho jose.marinho@arm.com 2021-12-23T14:51:07+00:00 6b92c1735205eef308a9e33ec90330a3e6d27fc3 The ECPT table will be included in the UEFI specification 2.9+. The ECPT table was introduced in UEFI following the code-first path. The acceptance ticket can be viewed at: https://bugzilla.tianocore.org/show_bug.cgi?id=3591 The Conformance Profiles table is a UEFI configuration table that contains GUID of the UEFI profiles that the UEFI implementation conforms with. The ECPT table is created when CONFIG_EFI_ECPT=y. The config is set by default. Signed-off-by: Jose Marinho <jose.marinho@arm.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The ECPT table will be included in the UEFI specification 2.9+.
The ECPT table was introduced in UEFI following the code-first path. The
acceptance ticket can be viewed at:
	https://bugzilla.tianocore.org/show_bug.cgi?id=3591

The Conformance Profiles table is a UEFI configuration table that contains
GUID of the UEFI profiles that the UEFI implementation conforms with.

The ECPT table is created when CONFIG_EFI_ECPT=y.
The config is set by default.

Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: ensure all block devices are probed 2022-09-01T05:21:25+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-08-31T14:37:35+00:00 d5391bf02b9dc6a84fe33ba913caf70061909950 Only probed block devices are available in the UEFI sub-system. Multiple block devices may be involved in the boot process. So we have to make sure that all block devices are probed. Another reason is that we store UEFI variables on the ESP which may be on any block device. On the sandbox before the patch: => efidebug devices No EFI system partition Device Device Path ================ ==================== 000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b) 000055d078bc1ae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D) 000000001b22e0b0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1) After the patch: => efidebug devices No EFI system partition Device Device Path ================ ==================== 000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b) 000055bdac8ddae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D) 000000001b230920 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0) 000000001b233ac0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1) 000000001b233b80 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(1,GPT,d0a914ee-a71c-fc1e-73f0-7e302b0e6c20,0x30,0x1) 000000001b234110 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(2,GPT,9330a0ea-8aff-f67a-294c-fa05d60896c3,0x31,0x1) 000000001b22f0e0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(2) 000000001b238df0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1) Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Only probed block devices are available in the UEFI sub-system. Multiple
block devices may be involved in the boot process. So we have to make sure
that all block devices are probed. Another reason is that we store UEFI
variables on the ESP which may be on any block device.

On the sandbox before the patch:

=> efidebug devices
No EFI system partition
Device           Device Path
================ ====================
000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
000055d078bc1ae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D)
000000001b22e0b0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1)

After the patch:

=> efidebug devices
No EFI system partition
Device           Device Path
================ ====================
000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
000055bdac8ddae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D)
000000001b230920 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)
000000001b233ac0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)
000000001b233b80 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(1,GPT,d0a914ee-a71c-fc1e-73f0-7e302b0e6c20,0x30,0x1)
000000001b234110 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(2,GPT,9330a0ea-8aff-f67a-294c-fa05d60896c3,0x31,0x1)
000000001b22f0e0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(2)
000000001b238df0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1)

Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: initialize the RNG protocol after the TCC2 2022-08-02T20:50:02+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2022-07-22T16:02:03+00:00 5d98329196daaf624c39304aec1397d6363b3e72 Due to U-Boot's lazy binding the RNG presented by the TCG is not available until the EFI_TCG2 protocol has been initialized. Since the TPM has a built-in RNG device we can use for the OS randomization, move the RNG protocol installation after the TCG. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Due to U-Boot's lazy binding the RNG presented by the TCG is not available
until the EFI_TCG2 protocol has been initialized.  Since the TPM has a
built-in RNG device we can use for the OS randomization, move the RNG
protocol installation after the TCG.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: initialize console size late 2022-06-19T13:53:09+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2022-06-14T06:02:03+00:00 68edbed454b863dbcd197e19e1ab26a0a05c7d85 If CONFIG_VIDEO_DM=n we query the display size from the serial console. Especially when using a remote console the response can be so late that it interferes with autoboot. Only query the console size when running an EFI binary. Add debug output showing the determined console size. Reported-by: Fabio Estevam <festevam@gmail.com> Fixes: a57ad20d07e8 ("efi_loader: split efi_init_obj_list() into two stages") Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Tested-by: Fabio Estevam <festevam@denx.de> Tested-by: Heiko Thiery <heiko.thiery@gmail.com> 
If CONFIG_VIDEO_DM=n we query the display size from the serial console.
Especially when using a remote console the response can be so late that
it interferes with autoboot.

Only query the console size when running an EFI binary.

Add debug output showing the determined console size.

Reported-by: Fabio Estevam <festevam@gmail.com>
Fixes: a57ad20d07e8 ("efi_loader: split efi_init_obj_list() into two stages")
Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Fabio Estevam <festevam@denx.de>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
efi_loader: disk: a helper function to create efi_disk objects from udevice 2022-04-23T20:05:41+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-04-19T01:05:12+00:00 a9bf024b2933bba0e23038892970a18b72dfaeb4 Add efi_disk_probe() function. This function creates an efi_disk object for a raw disk device (UCLASS_BLK) and additional objects for related partitions (UCLASS_PARTITION). So this function is expected to be called through driver model's "probe" interface every time one raw disk device is detected and activated. We assume that partition devices (UCLASS_PARTITION) have been created when this function is invoked. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
Add efi_disk_probe() function.
This function creates an efi_disk object for a raw disk device (UCLASS_BLK)
and additional objects for related partitions (UCLASS_PARTITION).

So this function is expected to be called through driver model's "probe"
interface every time one raw disk device is detected and activated.
We assume that partition devices (UCLASS_PARTITION) have been created
when this function is invoked.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_loader: split efi_init_obj_list() into two stages 2022-04-23T20:05:41+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-04-19T01:05:11+00:00 a57ad20d07e82f9ddbbdf981c8f8dd5368b225e4 In the next commit, CONFIG_EFI_SETUP_EARLY will become mandated in order to support dynamic enumeration of efi_disk objects. This can, however, be problematic particularly in case of file-based variable storage (efi_variable.c, default). Non-volatile variables are to be restored from EFI system partition by efi_init_variables() in efi_init_obj_list(). When efi_init_obj_list() is called in board_init_r(), we don't know yet what disk devices we have since none of device probing commands (say, scsi rescan) has not been executed at that stage. So in this commit, a preparatory change is made; efi_init_obj_list() is broken into the two functions; * efi_init_early(), and * new efi_init_obj_list() Only efi_init_early() will be called in board_init_r(), which allows us to execute any of device probing commands, either though "preboot" variable or normal command line, before calling efi_init_obj_list() which is to be invoked at the first execution of an efi-related command (or at efi_launch_capsules()) as used to be. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
In the next commit, CONFIG_EFI_SETUP_EARLY will become mandated
in order to support dynamic enumeration of efi_disk objects.

This can, however, be problematic particularly in case of file-based
variable storage (efi_variable.c, default).
Non-volatile variables are to be restored from EFI system partition
by efi_init_variables() in efi_init_obj_list(). When efi_init_obj_list()
is called in board_init_r(), we don't know yet what disk devices
we have since none of device probing commands (say, scsi rescan) has not
been executed at that stage.

So in this commit, a preparatory change is made; efi_init_obj_list() is
broken into the two functions;
   * efi_init_early(), and
   * new efi_init_obj_list()

Only efi_init_early() will be called in board_init_r(), which allows
us to execute any of device probing commands, either though "preboot"
variable or normal command line, before calling efi_init_obj_list() which
is to be invoked at the first execution of an efi-related command
(or at efi_launch_capsules()) as used to be.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi: Use 16-bit unicode strings 2022-02-03T17:16:01+00:00 Simon Glass sjg@chromium.org 2022-01-23T19:55:12+00:00 156ccbc3c4581a1e6d29c51f4af4e120e30a2ef0 At present we use wide characters for unicode but this is not necessary. Change the code to use the 'u' literal instead. This helps to fix build warnings for sandbox on rpi. Signed-off-by: Simon Glass <sjg@chromium.org> Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
At present we use wide characters for unicode but this is not necessary.
Change the code to use the 'u' literal instead. This helps to fix build
warnings for sandbox on rpi.

Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: Enable RISCV_EFI_BOOT_PROTOCOL support 2022-01-29T09:23:40+00:00 Sunil V L sunilvl@ventanamicro.com 2022-01-28T15:18:44+00:00 1ccf87165e38cb32f2444d8fd4b3e4d8ea13928e This adds support for new RISCV_EFI_BOOT_PROTOCOL to communicate the boot hart ID to bootloader/kernel on RISC-V UEFI platforms. The specification of the protocol is hosted at: https://github.com/riscv-non-isa/riscv-uefi Signed-off-by: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
This adds support for new RISCV_EFI_BOOT_PROTOCOL to
communicate the boot hart ID to bootloader/kernel on RISC-V
UEFI platforms.

The specification of the protocol is hosted at:
https://github.com/riscv-non-isa/riscv-uefi

Signed-off-by: Sunil V L <sunilvl@ventanamicro.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: efi_tcg2_register returns appropriate error 2021-12-09T19:43:25+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-12-07T05:15:31+00:00 54bec17f6b0326bbc22f993d28170d4c4df4ceed This commit modify efi_tcg2_register() to return the appropriate error. With this fix, sandbox will not boot because efi_tcg2_register() fails due to some missing feature in GetCapabilities. So disable sandbox if EFI_TCG2_PROTOCOL is enabled. UEFI secure boot variable measurement is not directly related to TCG2 protocol installation, tcg2_measure_secure_boot_variable() is moved to the separate function. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
This commit modify efi_tcg2_register() to return the
appropriate error.
With this fix, sandbox will not boot because efi_tcg2_register()
fails due to some missing feature in GetCapabilities.
So disable sandbox if EFI_TCG2_PROTOCOL is enabled.

UEFI secure boot variable measurement is not directly related
to TCG2 protocol installation, tcg2_measure_secure_boot_variable()
is moved to the separate function.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: segfault in efi_clear_os_indications() 2021-11-26T20:30:59+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-11-20T10:53:12+00:00 9d1564dabc5897ebaf2fad842d800473790479a2 If we call efi_clear_os_indications() before initializing the memory store for UEFI variables a NULL pointer dereference occurs. The error was observed on the sandbox with: usb start host bind 0 sandbox.img load host 0:1 $kernel_addr_r helloworld.efi bootefi $kernel_addr_r Here efi_resister_disk() failed due to an error in the BTRFS implementation. Move the logic to clear EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED to the rest of the capsule code. If CONFIG_EFI_IGNORE_OSINDICATIONS=y, we should still clear the flag. If OsIndications does not exist, we should not create it as it is owned by the operating system. Fixes: 149108a3eb59 ("efi_loader: clear OsIndications") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
If we call efi_clear_os_indications() before initializing the memory store
for UEFI variables a NULL pointer dereference occurs.

The error was observed on the sandbox with:

    usb start
    host bind 0 sandbox.img
    load host 0:1 $kernel_addr_r helloworld.efi
    bootefi $kernel_addr_r

Here efi_resister_disk() failed due to an error in the BTRFS implementation.

Move the logic to clear EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED
to the rest of the capsule code.

If CONFIG_EFI_IGNORE_OSINDICATIONS=y, we should still clear the flag.
If OsIndications does not exist, we should not create it as it is owned by
the operating system.

Fixes: 149108a3eb59 ("efi_loader: clear OsIndications")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>