u-boot.git/lib/efi_loader, branch v2021.07-rc4

efi_loader: add PE/COFF image measurement

2021-05-28T14:17:01Z

"TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas Tested-by: Ilias Apalodimas Signed-off-by: Masahisa Kojima Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt Reviewed-by: Ilias Apalodimas

efi_loader: Work-around build issue due to missing hash_calculate()

2021-05-28T14:17:01Z

The hash_calculate() symbol is provided by hash-checksum.c. It depends on hash_progressive_lookup_algo(), provided when CONFIG_HASH=y. The issue is that hash_calculate() is used by the efi_loader, irregardless of CONFIG_FIT_SIGNATURE. As pointed out in commit 87316da05f2f ("lib: introduce HASH_CALCULATE option"), enabling hash_calculate() based on CONFIG_FIT_SIGNATURE is incorrect. To resolve this, use CONFIG_HASH as the compile switch for hash-checksum.c. This ensures that all dependencies are compiled, and is the most natural Kconfig to use. There is the issue of having to 'select HASH' in a couple of places that already 'select SHA256'. This is a deeper problem with how hashes are organized, and fixing it is beyonf the scope of this change. Signed-off-by: Alexandru Gagniuc Acked-by: Masahisa Kojima

Revert "lib: introduce HASH_CALCULATE option"

2021-05-28T14:17:01Z

When we think of Kconfig, we usually think of features that we like to enable or not. Ideally, we wouldn't use Kconfig to fix a build issue, although sometimes it might make sense. With Kconfig it's hard to guarantee that the fix is universal. We can only say that it works for the set of tested configurations. In the majority of cases, it's preferable to let the linker figure things out for us. The reverted commit attempted to fix a build issue by adding an invisible Kconfig option. This is wrong in several ways: It invents a new Kconfig variable when CONFIG_HASH already exists for the same purpose. Second, hash-checksum.c makes use of the hash_progressive_lookup_algo() symbol, which is only provided with CONFIG_HASH, but this dependency was not expressed in the reverted patch. It feels like Kconfig is turning into a listing of all available source files, and a buffet to 'select' which ones to compile. The purpose of this revert is to enable the next change to make use of CONFIG_HASH instead of adding to Kconfig. This reverts commit 87316da05f2fd49d3709275e64ef0c5980366ade. Signed-off-by: Alexandru Gagniuc Acked-by: Masahisa Kojima

efi_loader: Fix coverity warnings for efi tcg2 protocol

2021-05-28T14:17:01Z

Coverity reported 3 warnings on the current code. CID 331856, 331855, 331854 on the latest scan. Fix the rest of the warnings by initializing the variables before passing them to tpm2_get_pcr_info(). In order to avoid future warnings and errors initialize them to 0 within the function as well, since the values are always OR'ed after querying the hardware. Signed-off-by: Ilias Apalodimas

efi_loader: Fix -Wextra warning for EFI TCG2

2021-05-25T12:33:22Z

Compiling with -Wextra produces a number of (harmless) warnings for the EFI TCG2 protocol. Let's fix those in case we ever enable the flag on the EFI subsystem Signed-off-by: Ilias Apalodimas

efi_loader: path length in efi_dp_from_name()

2021-05-25T11:06:57Z

Before this patch efi_dp_from_name() only accommodated a maximum file path length of 31 characters. This leads to boot failures due to file name truncation. Allow arbitrary path lengths. Signed-off-by: Heinrich Schuchardt

efi_loader: expose efi_image_parse() even if UEFI Secure Boot is disabled

2021-05-25T11:06:57Z

This is preparation for PE/COFF measurement support. PE/COFF image hash calculation is same in both UEFI Secure Boot image verification and measurement in measured boot. PE/COFF image parsing functions are gathered into efi_image_loader.c, and exposed even if UEFI Secure Boot is not enabled. This commit also adds the EFI_SIGNATURE_SUPPORT option to decide if efi_signature.c shall be compiled. Signed-off-by: Masahisa Kojima Signed-off-by: Heinrich Schuchardt

efi_loader: remove weak efi_get_public_key_data()

2021-05-25T11:06:57Z

Configuring a system with CONFIG_EFI_CAPSULE_AUTHENTICATE=y but without a method to retrieve the public key data is a misconfiguration. We should get a build failure for it. Therefore remove the weak efi_get_public_key_data() implementation. Signed-off-by: Heinrich Schuchardt

lib: introduce HASH_CALCULATE option

2021-05-18T10:36:13Z

Build error occurs when CONFIG_EFI_SECURE_BOOT or CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, because hash-checksum.c is not compiled. Since hash_calculate() implemented in hash-checksum.c can be commonly used aside from FIT image signature verification, this commit itroduces HASH_CALCULATE option to decide if hash-checksum.c shall be compiled. Signed-off-by: Masahisa Kojima Reviewed-by: Heinrich Schuchardt

efi_loader: Fix Kconfig for EFI_TCG2 protocol

2021-05-18T10:36:13Z

EFI_TCG2 depends not only on TPMv2 but also on the underlying algorithms. So select the missing SHA1, SHA256, SHA384 and SHA512 we currently support Reported-by: Michal Simek Signed-off-by: Ilias Apalodimas Add 'default y'. Reviewed-by: Heinrich Schuchardt