u-boot.git/lib/efi_loader, branch v2023.10 Unnamed repository; edit this file 'description' to name the repository. efi_loader: delete handle from events when a protocol is uninstalled 2023-08-27T06:21:08+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2023-08-24T14:21:09+00:00 cc889bd0754e50a3cd50e8ed3094388480fbec86 When a notification event is registered for a protocol the handle of the protocol is added in our event notification list. When all the protocols of the handle are uninstalled we delete the handle but we do not remove it from the event notification list. Clean up the protocol removal functions and add a wrapper which - Removes the to-be deleted handle from any lists it participates - Remove the handle if no more protocols are present Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
When a notification event is registered for a protocol the handle of the
protocol is added in our event notification list.  When all the protocols
of the handle are uninstalled we delete the handle but we do not remove
it from the event notification list.

Clean up the protocol removal functions and add a wrapper which
- Removes the to-be deleted handle from any lists it participates
- Remove the handle if no more protocols are present

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: fix efi_add_known_memory() 2023-08-15T16:21:17+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-08-14T05:50:53+00:00 b571b3acdaa43b90de3bc7540f13c02b1ee86b8e In efi_add_known_memory() we currently call board_get_usable_ram_top() with an incorrect value 0 of parameter total_size. This leads to an incorrect value for ram_top depending on the code in board_get_usable_ram_top(). Use the value of gd->ram_top instead which is set before relocation by calling board_get_usable_ram_top(). Fixes: 7b78d6438a2b ("efi_loader: Reserve unaccessible memory") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
In efi_add_known_memory() we currently call board_get_usable_ram_top() with
an incorrect value 0 of parameter total_size. This leads to an incorrect
value for ram_top depending on the code in board_get_usable_ram_top().

Use the value of gd->ram_top instead which is set before relocation by
calling board_get_usable_ram_top().

Fixes: 7b78d6438a2b ("efi_loader: Reserve unaccessible memory")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
arm_ffa: efi: introduce FF-A MM communication 2023-08-08T14:22:03+00:00 Abdellatif El Khlifi abdellatif.elkhlifi@arm.com 2023-08-04T13:33:44+00:00 218b062e8f20233181ecbcca1d627f5d44c4617d Add MM communication support using FF-A transport This feature allows accessing MM partitions services through EFI MM communication protocol. MM partitions such as StandAlonneMM or smm-gateway secure partitions which reside in secure world. An MM shared buffer and a door bell event are used to exchange the data. The data is used by EFI services such as GetVariable()/SetVariable() and copied from the communication buffer to the MM shared buffer. The secure partition is notified about availability of data in the MM shared buffer by an FF-A message (door bell). On such event, MM SP can read the data and updates the MM shared buffer with the response data. The response data is copied back to the communication buffer and consumed by the EFI subsystem. MM communication protocol supports FF-A 64-bit direct messaging. We tested the FF-A MM communication on the Corstone-1000 platform. We ran the UEFI SCT test suite containing EFI setVariable, getVariable and getNextVariable tests which involve FF-A MM communication and all tests are passing with the current changes. We made the SCT test reports (part of the ACS results) public following the latest Corstone-1000 platform software release. Please find the test reports at [1]. [1]: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000/CORSTONE1000-2023.06/acs_results_fpga.zip Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> Tested-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com> Reviewed-by: Simon Glass <sjg@chromium.org> Cc: Tom Rini <trini@konsulko.com> Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org> Cc: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Tom Rini <trini@konsulko.com> 
Add MM communication support using FF-A transport

This feature allows accessing MM partitions services through
EFI MM communication protocol. MM partitions such as StandAlonneMM
or smm-gateway secure partitions which reside in secure world.

An MM shared buffer and a door bell event are used to exchange
the data.

The data is used by EFI services such as GetVariable()/SetVariable()
and copied from the communication buffer to the MM shared buffer.

The secure partition is notified about availability of data in the
MM shared buffer by an FF-A message (door bell).

On such event, MM SP can read the data and updates the MM shared
buffer with the response data.

The response data is copied back to the communication buffer and
consumed by the EFI subsystem.

MM communication protocol supports FF-A 64-bit direct messaging.

We tested the FF-A MM communication on the Corstone-1000 platform.

We ran the UEFI SCT test suite containing EFI setVariable, getVariable and
getNextVariable tests which involve FF-A MM communication and all tests
are passing with the current changes.

We made the SCT test reports (part of the ACS results) public following the
latest Corstone-1000 platform software release. Please find the test
reports at [1].

[1]: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000/CORSTONE1000-2023.06/acs_results_fpga.zip

Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Tested-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
efi_loader: check uuid_str_to_bin return value 2023-08-03T07:21:03+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2023-07-31T08:53:02+00:00 cd87d2c61ce8e8e963de514f2c8ab0f959d6b586 Check the uuid_str_to_bin return value, skip the node if the image-type-id property is wrong format. Addresses-Coverity-ID: 463145 ("Error handling issues") Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Check the uuid_str_to_bin return value, skip the node
if the image-type-id property is wrong format.

Addresses-Coverity-ID: 463145 ("Error handling issues")
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: catch out of memory in file_open 2023-08-03T07:21:03+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-07-30T12:06:06+00:00 405b736e817bbca360b2fd3329953d3980585df2 If calloc() return NULL, don't dereference it. Fixes: 2a92080d8c44 ("efi_loader: add file/filesys support") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
If calloc() return NULL, don't dereference it.

Fixes: 2a92080d8c44 ("efi_loader: add file/filesys support")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: error handling in efi_disk_add_dev 2023-08-03T07:21:03+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-07-30T12:03:53+00:00 cff7700170c2eb9d8059acbc2a5664ee9c8a8a9b * If an error occurs in efi_disk_add_dev(), don't leak resources. * If calloc() fails while creating the file system protocol interface, signal an error. * Rename efi_simple_file_system() to efi_create_simple_file_system(). * Drop a little helpful debug message. Fixes: 2a92080d8c44 ("efi_loader: add file/filesys support") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
* If an error occurs in efi_disk_add_dev(), don't leak resources.
* If calloc() fails while creating the file system protocol interface,
  signal an error.
* Rename efi_simple_file_system() to efi_create_simple_file_system().
* Drop a little helpful debug message.

Fixes: 2a92080d8c44 ("efi_loader: add file/filesys support")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: memory leak efi_add_memory_map_pg 2023-08-03T07:21:02+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-07-30T10:59:32+00:00 ecae4bbf35fac3cde0c41c012a05c8e5b4ade90f Don't leak newlist if we error out. Fixes: 74c16acce30b ("efi_loader: Don't allocate from memory holes") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Don't leak newlist if we error out.

Fixes: 74c16acce30b ("efi_loader: Don't allocate from memory holes")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: out of memory in efi_mem_carve_out 2023-08-03T07:21:02+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-07-30T10:27:03+00:00 257a498fbb146f866d729176a6fce5875323d4b9 Handle out of memory situation in efi_mem_carve_out(). Fixes: 5d00995c361c ("efi_loader: Implement memory allocation and map") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Handle out of memory situation in efi_mem_carve_out().

Fixes: 5d00995c361c ("efi_loader: Implement memory allocation and map")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: overflow in efi_allocate_pages 2023-08-03T07:21:02+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-07-30T09:31:08+00:00 48d183f2acb0157856254f52d2d856a07463acd4 On 32bit systems (pages << EFI_PAGE_SHIFT) may lead to an overflow which does not occur in 64bit arithmetics. An overflow of (pages << EFI_PAGE_SHIFT) on 64bit systems should be treated as an error. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
On 32bit systems (pages << EFI_PAGE_SHIFT) may lead to an overflow which
does not occur in 64bit arithmetics.

An overflow of (pages << EFI_PAGE_SHIFT) on 64bit systems should be treated
as an error.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: error handling in tcg2_hash_pe_image() 2023-08-03T07:21:02+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-07-31T12:11:34+00:00 d12c3efe53107e4ce4f22e146594437e1ae89cfc If the hard coded array hash_algo_list[] contains an entry for an unsupported algorithm, we should not leak resources new_efi and regs. We should still extend the log with the digests for the supported algorithms and not write any message. The same holds true of tcg2_create_digest(): just continue in case hash_algo_list[] contains an unsupported entry. Fixes: 163a0d7e2cbd ("efi_loader: add PE/COFF image measurement") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
If the hard coded array hash_algo_list[] contains an entry for an
unsupported algorithm, we should not leak resources new_efi and regs.

We should still extend the log with the digests for the supported
algorithms and not write any message.

The same holds true of tcg2_create_digest(): just continue in case
hash_algo_list[] contains an unsupported entry.

Fixes: 163a0d7e2cbd ("efi_loader: add PE/COFF image measurement")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>