u-boot.git/lib/efi_loader, branch v2020.10-rc1 Unnamed repository; edit this file 'description' to name the repository. efi_loader: use logging for block device messages 2020-07-22T10:32:42+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-17T18:33:05+00:00 af457cfca9ddabc9971a5fa4e748633be42c8a9d Use logging instead of printf() for messages occurring when scanning block devices during the initialization of the UEFI sub-system. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Use logging instead of printf() for messages occurring when scanning block
devices during the initialization of the UEFI sub-system.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: document efi_save_gd(), efi_restore_gd() 2020-07-22T10:32:42+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-18T07:53:01+00:00 e7d64065cb4b74357e50b54e54adc780e2f44db1 Provide function descriptions for efi_save_gd() and efi_restore_gd(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Provide function descriptions for efi_save_gd() and efi_restore_gd().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: loosen buffer parameter check in efi_file_read 2020-07-22T10:32:41+00:00 Stefan Sørensen stefan@astylos.dk 2020-07-22T07:43:31+00:00 1ef1cf1f93345cbeb5ff52cbf00c6ee6fee1a47b When reading a directory, EFI_BUFFER_TOO_SMALL should be returned when the supplied buffer is too small, so a use-case is to call efi_file_read with *buffer_size=0 and buffer=NULL to obtain the needed size before doing the actual read. So move the buffer!=NULL check to after the buffer size has been checked. This fix allows the Redhat shim fallback to run and e.g. Fedora 32 now boots out of the box. Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
When reading a directory, EFI_BUFFER_TOO_SMALL should be returned when
the supplied buffer is too small, so a use-case is to call
efi_file_read with *buffer_size=0 and buffer=NULL to obtain the needed
size before doing the actual read.

So move the buffer!=NULL check to after the buffer size has been checked.

This fix allows the Redhat shim fallback to run and e.g. Fedora 32 now
boots out of the box.

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: Check for the native OP-TEE result on mm_communicate calls 2020-07-22T10:32:41+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2020-07-22T07:32:22+00:00 9b87d4429c145ebb66895c7e053e8d53192180e2 Currently we only check for the return value of tee_invoke_func(). Although OP-TEE and StMM will correctly set param[1].u.value.a and we'll eventually return an error, the correct thing to do is check for the OP_TEE return code as well. So let's check for that and move tee_shm_free() and tee_close_session() before exiting with an error to make sure we always clear the registered memory. Fixes: f042e47e8fb43 ("efi_loader: Implement EFI variable handling via OP-TEE") Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Use EFI_DEVICE_ERROR for TEE communication problems. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Currently we only check for the return value of tee_invoke_func().
Although OP-TEE and StMM will correctly set param[1].u.value.a and we'll
eventually return an error, the correct thing to do is check for the
OP_TEE return code as well.
So let's check for that and move tee_shm_free() and tee_close_session()
before exiting with an error to make sure we always clear the registered
memory.

Fixes: f042e47e8fb43 ("efi_loader: Implement EFI variable handling via OP-TEE")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Use EFI_DEVICE_ERROR for TEE communication problems.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: Rename and correct values for ARM_SMC_MM_* 2020-07-22T10:32:41+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2020-07-17T04:55:03+00:00 5d1f79ba438dc372c9bddb729d630abbc6e1068b Instead of adding the definition for the specific MM SVC used in StandAloneMM we added the one used in the standard SMC calls. So change the value from -4 to -5 to match the correct one defined in EDK2 and rename them to avoid future confusion Fixes 23a397d2e2fb: ("efi_loader: Add headers for EDK2 StandAloneMM communication") Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Instead of adding the definition for the specific MM SVC used in
StandAloneMM we added the one used in the standard SMC calls.
So change the value from -4 to -5 to match the correct one defined in
EDK2 and rename them to avoid future confusion

Fixes 23a397d2e2fb: ("efi_loader: Add headers for EDK2 StandAloneMM communication")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: don't use memmove() in efi_var_mem_del() 2020-07-22T10:32:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-22T05:56:14+00:00 ebbad02c1b7140f7e9b479586d58aeca03f5350d efi_var_mem_del() is in __efi_runtime because it would be needed for a runtime implementation of SetVariable(). memmove() is not in __efi_runtime. So we should not use it in efi_var_mem_del(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
efi_var_mem_del() is in __efi_runtime because it would be needed for a
runtime implementation of SetVariable(). memmove() is not in __efi_runtime.
So we should not use it in efi_var_mem_del().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: efi_current_var after SetVirtualAddressMap 2020-07-22T10:32:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-22T04:29:38+00:00 01fa922bbbac378902ef85e522724dd7c7a10a8b Variable efi_current_var is a pointer to a physical memory address that becomes invalid after SetVirtualAddressMap(). Instead of converting it via ConvertPointer() simply set it to NULL. Fixes: b02a707152dc ("efi_loader: enable UEFI variables at runtime") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Variable efi_current_var is a pointer to a physical memory address that
becomes invalid after SetVirtualAddressMap(). Instead of converting it via
ConvertPointer() simply set it to NULL.

Fixes: b02a707152dc ("efi_loader: enable UEFI variables at runtime")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: pre-seed UEFI variables 2020-07-16T10:37:02+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-14T19:25:28+00:00 7dda16343d2577a52116148540ad7d17c6f19e55 Include a file with the initial values for non-volatile UEFI variables into the U-Boot binary. If this variable is set, changes to variable PK will not be allowed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Include a file with the initial values for non-volatile UEFI variables
into the U-Boot binary. If this variable is set, changes to variable PK
will not be allowed.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: identify PK, KEK, db, dbx correctly 2020-07-16T10:37:02+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-15T10:40:35+00:00 99bfab8b5832273d66d724f906be43fe5bd7c1ba To determine if a varible is on the of the authentication variables PK, KEK, db, dbx we have to check both the name and the GUID. Provide a function converting the variable-name/guid pair to an enum and use it consistently. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
To determine if a varible is on the of the authentication variables
PK, KEK, db, dbx we have to check both the name and the GUID.

Provide a function converting the variable-name/guid pair to an enum and
use it consistently.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: configuration of variables store 2020-07-16T10:37:02+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-07-14T17:18:33+00:00 be66b89da30670a6a90d07742305d89ed3ccd46e The file based and the OP-TEE based UEFI variable store are mutually exclusive. Define them as choice options in Kconfig. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The file based and the OP-TEE based UEFI variable store are mutually
exclusive. Define them as choice options in Kconfig.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>