u-boot.git/lib/efi_loader, branch v2020.10-rc5 Unnamed repository; edit this file 'description' to name the repository. efi_memory: refine overlap_only_ram description 2020-09-18T20:23:58+00:00 Maxim Uvarov maxim.uvarov@linaro.org 2020-08-28T19:47:41+00:00 ffbeafe7e29fe179e2168b82f9c19b8e57293040 Refine text for overlap_only_ram description to match to what exactly flag does and aling description with other functions. Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Refine text for overlap_only_ram description to
match to what exactly flag does and aling description
with other functions.

Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: save global data pointer on RISC-V 2020-09-14T21:28:52+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-09-10T10:22:54+00:00 d68d7f47a9f1942ee64e0b119f0e1e2ebf660ed1 On RISC-V the global data pointer is stored in register gp. When a UEFI binary calls the EFI API we have to restore it. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
On RISC-V the global data pointer is stored in register gp. When a UEFI
binary calls the EFI API we have to restore it.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: efi_var_mem_notify_exit_boot_services 2020-09-14T21:28:52+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-09-08T10:51:27+00:00 e5a31376acdd3f07a08be4433d9113ba61319204 efi_var_mem_notify_exit_boot_services() is invoked when ExitBootServices() is called by the UEFI payload. efi_var_mem_notify_exit_boot_services() should not be defined as __efi_runtime as it is invoking EFI_ENTRY() and EFI_EXIT() which themselves are not __efi_runtime. Fixes: f1f990a8c958 ("efi_loader: memory buffer for variables") Fixes: e01aed47d6a0 ("efi_loader: Enable run-time variable support for tee based variables") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
efi_var_mem_notify_exit_boot_services() is invoked when ExitBootServices()
is called by the UEFI payload.

efi_var_mem_notify_exit_boot_services() should not be defined as
__efi_runtime as it is invoking EFI_ENTRY() and EFI_EXIT() which themselves
are not __efi_runtime.

Fixes: f1f990a8c958 ("efi_loader: memory buffer for variables")
Fixes: e01aed47d6a0 ("efi_loader: Enable run-time variable support for tee based variables")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: remove duplicate image size check 2020-09-06T19:21:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-27T15:54:53+00:00 578d7cc8fa11f938a110bfea769c1dd311af0d75 The image size is checked in efi_load_pe(). Avoid checking it twice. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The image size is checked in efi_load_pe(). Avoid checking it twice.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: error message if image not authenticated 2020-09-06T19:21:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-27T15:51:32+00:00 0f7878b853bdc363a930381c42b709b7d24066b5 Currently if the bootefi command fails due to missing authentication, the user gets no feedback. Write a log message 'Image not authenticated' if LoadImage() fails due to missing authentication. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Currently if the bootefi command fails due to missing authentication, the
user gets no feedback.

Write a log message 'Image not authenticated' if LoadImage() fails due to
missing authentication.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: log function in image loader 2020-09-06T19:21:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-25T17:51:20+00:00 24586059d3818d812300c77257c5134ddd7e2935 Use log_err() for error messages. Replace debug() by EFI_PRINT(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Use log_err() for error messages.
Replace debug() by EFI_PRINT().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: validate device path length in boot manager 2020-08-24T14:37:53+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-23T08:59:17+00:00 15d8f008dc577bbef6ad98494c28553558941420 Bootxxxx variables are provided by the user and therefore cannot be trusted. We have to validate them before usage. A device path provided by a Bootxxxx variable must have an end node within the indicated device path length. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Bootxxxx variables are provided by the user and therefore cannot be
trusted. We have to validate them before usage.

A device path provided by a Bootxxxx variable must have an end node within
the indicated device path length.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: efi_dp_check_length() 2020-08-24T14:37:53+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-23T08:49:46+00:00 5cad4a30932a31f1646510d35af7e9e36f71708a We need to check that device paths provided via UEFI variables are not malformed. Provide function efi_dp_check_length() to check if a device path has an end node within a given number of bytes. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
We need to check that device paths provided via UEFI variables are not
malformed.

Provide function efi_dp_check_length() to check if a device path has an
end node within a given number of bytes.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: ResetSystem() should not hang 2020-08-24T14:37:53+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2020-08-22T06:29:53+00:00 f03a879d67261b587a88e8e475596c1bbe7e6111 If ResetSystem() is not implemented at runtime, it should return instead of hanging in an endless loop. This allows the operating system to reset the system by other means as Linux does. It also matches what EDK II suggests in comments for functions ResetShutdown() and ResetWarm() in OvmfPkg/Library/ResetSystemLib/ResetSystemLib.c. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
If ResetSystem() is not implemented at runtime, it should return instead
of hanging in an endless loop. This allows the operating system to reset
the system by other means as Linux does. It also matches what EDK II
suggests in comments for functions ResetShutdown() and ResetWarm() in
OvmfPkg/Library/ResetSystemLib/ResetSystemLib.c.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: signature: correct a behavior against multiple signatures 2020-08-14T10:28:25+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2020-08-14T05:39:23+00:00 52956e535e65c852b1f95d2ca5044cb7c4fc6bbe Under the current implementation, all the signatures, if any, in a signed image must be verified before loading it. Meanwhile, UEFI specification v2.8b section 32.5.3.3 says, Multiple signatures are allowed to exist in the binary’s certificate table (as per PE/COFF Section “Attribute Certificate Table”). Only one hash or signature is required to be present in db in order to pass validation, so long as neither the SHA-256 hash of the binary nor any present signature is reflected in dbx. This patch makes the semantics of signature verification compliant with the specification mentioned above. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
Under the current implementation, all the signatures, if any, in
a signed image must be verified before loading it.

Meanwhile, UEFI specification v2.8b section 32.5.3.3 says,
    Multiple signatures are allowed to exist in the binary’s certificate
    table (as per PE/COFF Section “Attribute Certificate Table”). Only
    one hash or signature is required to be present in db in order to pass
    validation, so long as neither the SHA-256 hash of the binary nor any
    present signature is reflected in dbx.

This patch makes the semantics of signature verification compliant with
the specification mentioned above.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>