u-boot.git/lib, branch v2022.01-rc3 Unnamed repository; edit this file 'description' to name the repository. efi_selftest: simplify endian conversion for FDT test 2021-11-26T20:30:59+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-11-25T17:55:09+00:00 9abd2ca96ea0e8e68a9ffb5b41d1107ea73ddc0f UEFI code is always little-endian. Remove a superfluous test. Remove a superfluous type conversion. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
UEFI code is always little-endian. Remove a superfluous test.

Remove a superfluous type conversion.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: segfault in efi_clear_os_indications() 2021-11-26T20:30:59+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-11-20T10:53:12+00:00 9d1564dabc5897ebaf2fad842d800473790479a2 If we call efi_clear_os_indications() before initializing the memory store for UEFI variables a NULL pointer dereference occurs. The error was observed on the sandbox with: usb start host bind 0 sandbox.img load host 0:1 $kernel_addr_r helloworld.efi bootefi $kernel_addr_r Here efi_resister_disk() failed due to an error in the BTRFS implementation. Move the logic to clear EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED to the rest of the capsule code. If CONFIG_EFI_IGNORE_OSINDICATIONS=y, we should still clear the flag. If OsIndications does not exist, we should not create it as it is owned by the operating system. Fixes: 149108a3eb59 ("efi_loader: clear OsIndications") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
If we call efi_clear_os_indications() before initializing the memory store
for UEFI variables a NULL pointer dereference occurs.

The error was observed on the sandbox with:

    usb start
    host bind 0 sandbox.img
    load host 0:1 $kernel_addr_r helloworld.efi
    bootefi $kernel_addr_r

Here efi_resister_disk() failed due to an error in the BTRFS implementation.

Move the logic to clear EFI_OS_INDICATIONS_FILE_CAPSULE_DELIVERY_SUPPORTED
to the rest of the capsule code.

If CONFIG_EFI_IGNORE_OSINDICATIONS=y, we should still clear the flag.
If OsIndications does not exist, we should not create it as it is owned by
the operating system.

Fixes: 149108a3eb59 ("efi_loader: clear OsIndications")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: efi_disk_register() should not fail 2021-11-26T20:30:59+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-11-20T12:56:02+00:00 cd9a26bfe56344822c75edbc771526099efe63e6 Our algorithm for creating USB device paths may lead to duplicate device paths which result in efi_disk_register() failing. Instead we should just skip devices that cannot be registered as EFI block devices. Fix a memory leak in efi_disk_add_dev() caused by the duplicate device path. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Our algorithm for creating USB device paths may lead to duplicate device
paths which result in efi_disk_register() failing. Instead we should just
skip devices that cannot be registered as EFI block devices.

Fix a memory leak in efi_disk_add_dev() caused by the duplicate device
path.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi: Call bootm_disable_interrupts earlier in efi_exit_boot_services 2021-11-26T20:30:59+00:00 Tom Rini trini@konsulko.com 2021-11-19T21:33:04+00:00 3f73e79de83ecc78b9a9c823b8118ab1fba63b0a If we look at the path that bootm/booti take when preparing to boot the OS, we see that as part of (or prior to calling do_bootm_states, explicitly) the process, bootm_disable_interrupts() is called prior to announce_and_cleanup() which is where udc_disconnect() / board_quiesce_devices() / dm_remove_devices_flags() are called from. In the EFI path, these are called afterwards. In efi_exit_boot_services() however we have been calling bootm_disable_interrupts() after the above functions, as part of ensuring that we disable interrupts as required by the spec. However, bootm_disable_interrupts() is also where we go and call usb_stop(). While this has been fine before, on the TI J721E platform this leads us to an exception. This exception seems likely to be the case that we're trying to stop devices that we have already disabled clocks for. The most direct way to handle this particular problem is to make EFI behave like the do_bootm_states() process and ensure we call bootm_disable_interrupts() prior to ending up in usb_stop(). Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Simon Glass <sjg@chromium.org> Suggested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
If we look at the path that bootm/booti take when preparing to boot the
OS, we see that as part of (or prior to calling do_bootm_states,
explicitly) the process, bootm_disable_interrupts() is called prior to
announce_and_cleanup() which is where udc_disconnect() /
board_quiesce_devices() / dm_remove_devices_flags() are called from.  In
the EFI path, these are called afterwards.  In efi_exit_boot_services()
however we have been calling bootm_disable_interrupts() after the above
functions, as part of ensuring that we disable interrupts as required
by the spec.  However, bootm_disable_interrupts() is also where we go
and call usb_stop().  While this has been fine before, on the TI J721E
platform this leads us to an exception.  This exception seems likely to
be the case that we're trying to stop devices that we have already
disabled clocks for.  The most direct way to handle this particular
problem is to make EFI behave like the do_bootm_states() process and
ensure we call bootm_disable_interrupts() prior to ending up in
usb_stop().

Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Simon Glass <sjg@chromium.org>
Suggested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: startup the tpm device when installing the protocol 2021-11-20T09:53:01+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2021-11-18T08:13:42+00:00 d6b55a420cfce660343cc1f60e68fcad0157925a Due to U-Boot's lazy binding mentality the TPM is probed but not properly initialized. The user can startup the device from the command line e.g 'tpm2 startup TPM2_SU_CLEAR'. However we can initialize the TPM during the TCG protocol installation, which is easier to use overall. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Due to U-Boot's lazy binding mentality the TPM is probed but not properly
initialized.  The user can startup the device from the command line
e.g 'tpm2 startup TPM2_SU_CLEAR'.  However we can initialize the TPM during
the TCG protocol installation,  which is easier to use overall.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: fix FinalEvents table if an EFI app invoked GetEventLog 2021-11-20T09:53:00+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2021-11-18T07:03:39+00:00 5ba0397049b4ad5e2e23e47a8ae412e2d9044c67 As described in the TCG spec [1] in sections 7.1.1 and 7.1.2 the FinalEvent table should include events after GetEventLog has been called. This currently works for us as long as the kernel is the only EFI application calling that. Specifically we only implement what's described in 7.1.1. So refactor the code a bit and support EFI application(s) calling GetEventLog. Events will now be logged in both the EventLog and FinalEvent table as long as ExitBootServices haven't been invoked. [1] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
As described in the TCG spec [1] in sections 7.1.1 and 7.1.2 the FinalEvent
table should include events after GetEventLog has been called.  This
currently works for us as long as the kernel is the only EFI application
calling that.  Specifically we only implement what's described in 7.1.1.

So refactor the code a bit and support EFI application(s) calling
GetEventLog.  Events will now be logged in both the EventLog and FinalEvent
table as long as ExitBootServices haven't been invoked.

[1] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_selftest: unit test for EFI_GROUP_BEFORE_EXIT_BOOT_SERVICE 2021-11-20T09:53:00+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-11-17T17:52:35+00:00 22ad3f5f7b31e2ff3e3415047c584dfdff388aea Add a test for the EFI_GROUP_BEFORE_EXIT_BOOT_SERVICE event group. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Add a test for the EFI_GROUP_BEFORE_EXIT_BOOT_SERVICE event group.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES 2021-11-20T09:53:00+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2021-11-16T17:46:27+00:00 43eaf5b13f31395afbef3ff89d99a4f6c1a2ba63 Implement the EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES event group handling. Add the definition of EFI_EVENT_GROUP_AFTER_READY_TO_BOOT. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Implement the EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES event group
handling.

Add the definition of EFI_EVENT_GROUP_AFTER_READY_TO_BOOT.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: capsule: Record capsule result only if capsule is read 2021-11-20T09:53:00+00:00 Masami Hiramatsu masami.hiramatsu@linaro.org 2021-11-12T13:05:15+00:00 5d49b32f0a34cc4c23da8060ac18345984c9b96c Record capsule update result only if the capsule file is successfully read, because the capsule GUID is not sure when the file can not be read or the file is not a capsule. Without this fix, if user puts a dummy (non-capsule) file under (ESP)EFI/UpdateCapsule, U-Boot causes a synchronous abort. This also fixes use-after-free bug of the 'capsule' variable. Fixes: c74cd8bd08d1 ("efi_loader: capsule: add capsule_on_disk support") Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Record capsule update result only if the capsule file is
successfully read, because the capsule GUID is not sure when
the file can not be read or the file is not a capsule.
Without this fix, if user puts a dummy (non-capsule) file
under (ESP)EFI/UpdateCapsule, U-Boot causes a synchronous
abort.

This also fixes use-after-free bug of the 'capsule' variable.

Fixes: c74cd8bd08d1 ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: Reduce efi_tcg2 logging statement 2021-11-20T09:53:00+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-11-09T11:35:53+00:00 3961bd9b552bfb3c08664fb09f18744c6f691456 log_info() is used for the debug level logging statement which should use log_debug() instead. Convert it to reduce the log output. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
log_info() is used for the debug level logging statement
which should use log_debug() instead. Convert it to reduce the
log output.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>