Merge tag 'efi-2020-10-rc1-5' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi

Pull request for UEFI sub-system for efi-2020-10-rc1 (5)

The series provides bug fixes for:

* crash in OS when accessing UEFI variables
* returning from UEFI fit images to U-Boot
* error handling for variable services provided by OP-TEE
* error handling in EFI_FILE_PROTOCOL.Read()
* missing function documentation

The first patches needed to use intermediate certificates for
secure boot are added. (The rest of the series requires
updating sbsigntool in our CI systems.)

Logging is enabled in the bootefi command.

6 files changed, 47 insertions, 23 deletions

diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 0b16554ba23..d49145fc76b 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -104,7 +104,15 @@ int __efi_exit_check(void)
 	return ret;
 }
 
-/* Called from do_bootefi_exec() */
+/**
+ * efi_save_gd() - save global data register
+ *
+ * On the ARM architecture gd is mapped to a fixed register (r9 or x18).
+ * As this register may be overwritten by an EFI payload we save it here
+ * and restore it on every callback entered.
+ *
+ * This function is called after relocation from initr_reloc_global_data().
+ */
 void efi_save_gd(void)
 {
 #ifdef CONFIG_ARM
@@ -112,10 +120,12 @@ void efi_save_gd(void)
 #endif
 }
 
-/*
- * Special case handler for error/abort that just forces things back to u-boot
- * world so we can dump out an abort message, without any care about returning
- * back to UEFI world.
+/**
+ * efi_restore_gd() - restore global data register
+ *
+ * On the ARM architecture gd is mapped to a fixed register (r9 or x18).
+ * Restore it after returning from the UEFI world to the value saved via
+ * efi_save_gd().
  */
 void efi_restore_gd(void)
 {
diff --git a/lib/efi_loader/efi_disk.c b/lib/efi_loader/efi_disk.c
index 670bf2b8ef0..7bd1ccec450 100644
--- a/lib/efi_loader/efi_disk.c
+++ b/lib/efi_loader/efi_disk.c
@@ -5,11 +5,14 @@
  *  Copyright (c) 2016 Alexander Graf
  */
 
+#define LOG_CATEGORY LOGC_EFI
+
 #include <common.h>
 #include <blk.h>
 #include <dm.h>
 #include <efi_loader.h>
 #include <fs.h>
+#include <log.h>
 #include <part.h>
 #include <malloc.h>
 
@@ -490,7 +493,7 @@ int efi_disk_create_partitions(efi_handle_t parent, struct blk_desc *desc,
 		ret = efi_disk_add_dev(parent, dp, if_typename, desc, diskid,
 				       info.start, part, NULL);
 		if (ret != EFI_SUCCESS) {
-			printf("Adding partition %s failed\n", pdevname);
+			log_err("Adding partition %s failed\n", pdevname);
 			continue;
 		}
 		disks++;
@@ -528,16 +531,16 @@ efi_status_t efi_disk_register(void)
 		const char *if_typename = blk_get_if_type_name(desc->if_type);
 
 		/* Add block device for the full device */
-		printf("Scanning disk %s...\n", dev->name);
+		log_info("Scanning disk %s...\n", dev->name);
 		ret = efi_disk_add_dev(NULL, NULL, if_typename,
 					desc, desc->devnum, 0, 0, &disk);
 		if (ret == EFI_NOT_READY) {
-			printf("Disk %s not ready\n", dev->name);
+			log_notice("Disk %s not ready\n", dev->name);
 			continue;
 		}
 		if (ret) {
-			printf("ERROR: failure to add disk device %s, r = %lu\n",
-			       dev->name, ret & ~EFI_ERROR_MASK);
+			log_err("ERROR: failure to add disk device %s, r = %lu\n",
+				dev->name, ret & ~EFI_ERROR_MASK);
 			return ret;
 		}
 		disks++;
@@ -560,7 +563,7 @@ efi_status_t efi_disk_register(void)
 			continue;
 
 		if_typename = cur_drvr->if_typename;
-		printf("Scanning disks on %s...\n", if_typename);
+		log_info("Scanning disks on %s...\n", if_typename);
 		for (i = 0; i < 4; i++) {
 			struct blk_desc *desc;
 			char devname[32] = { 0 }; /* dp->str is u16[32] long */
@@ -578,12 +581,12 @@ efi_status_t efi_disk_register(void)
 			ret = efi_disk_add_dev(NULL, NULL, if_typename, desc,
 					       i, 0, 0, &disk);
 			if (ret == EFI_NOT_READY) {
-				printf("Disk %s not ready\n", devname);
+				log_notice("Disk %s not ready\n", devname);
 				continue;
 			}
 			if (ret) {
-				printf("ERROR: failure to add disk device %s, r = %lu\n",
-				       devname, ret & ~EFI_ERROR_MASK);
+				log_err("ERROR: failure to add disk device %s, r = %lu\n",
+					devname, ret & ~EFI_ERROR_MASK);
 				return ret;
 			}
 			disks++;
@@ -595,7 +598,7 @@ efi_status_t efi_disk_register(void)
 		}
 	}
 #endif
-	printf("Found %d disks\n", disks);
+	log_info("Found %d disks\n", disks);
 
 	return EFI_SUCCESS;
 }
diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index 19afa69f530..44fafae0586 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -349,6 +349,11 @@ static efi_status_t file_read(struct file_handle *fh, u64 *buffer_size,
 	efi_status_t ret;
 	loff_t file_size;
 
+	if (!buffer) {
+		ret = EFI_INVALID_PARAMETER;
+		return ret;
+	}
+
 	ret = efi_get_file_size(fh, &file_size);
 	if (ret != EFI_SUCCESS)
 		return ret;
@@ -414,6 +419,8 @@ static efi_status_t dir_read(struct file_handle *fh, u64 *buffer_size,
 		fh->dent = dent;
 		return EFI_BUFFER_TOO_SMALL;
 	}
+	if (!buffer)
+		return EFI_INVALID_PARAMETER;
 	fh->dent = NULL;
 
 	*buffer_size = required_size;
@@ -443,7 +450,7 @@ static efi_status_t EFIAPI efi_file_read(struct efi_file_handle *file,
 
 	EFI_ENTRY("%p, %p, %p", file, buffer_size, buffer);
 
-	if (!buffer_size || !buffer) {
+	if (!buffer_size) {
 		ret = EFI_INVALID_PARAMETER;
 		goto error;
 	}
diff --git a/lib/efi_loader/efi_runtime.c b/lib/efi_loader/efi_runtime.c
index 91a45514488..78fd8014d90 100644
--- a/lib/efi_loader/efi_runtime.c
+++ b/lib/efi_loader/efi_runtime.c
@@ -144,6 +144,8 @@ efi_status_t efi_init_runtime_supported(void)
  *
  * At runtime memcpy() is not available.
  *
+ * Overlapping memory areas can be copied safely if src >= dest.
+ *
  * @dest:	destination buffer
  * @src:	source buffer
  * @n:		number of bytes to copy
diff --git a/lib/efi_loader/efi_var_mem.c b/lib/efi_loader/efi_var_mem.c
index 7a2dba7dc26..bfa8a56a8f6 100644
--- a/lib/efi_loader/efi_var_mem.c
+++ b/lib/efi_loader/efi_var_mem.c
@@ -120,7 +120,8 @@ void __efi_runtime efi_var_mem_del(struct efi_var_entry *var)
 	       ALIGN((uintptr_t)data + var->length, 8);
 	efi_var_buf->length -= (uintptr_t)next - (uintptr_t)var;
 
-	memmove(var, next, (uintptr_t)last - (uintptr_t)next);
+	/* efi_memcpy_runtime() can be used because next >= var. */
+	efi_memcpy_runtime(var, next, (uintptr_t)last - (uintptr_t)next);
 	efi_var_buf->crc32 = crc32(0, (u8 *)efi_var_buf->var,
 				   efi_var_buf->length -
 				   sizeof(struct efi_var_file));
@@ -231,6 +232,7 @@ static void EFIAPI __efi_runtime
 efi_var_mem_notify_virtual_address_map(struct efi_event *event, void *context)
 {
 	efi_convert_pointer(0, (void **)&efi_var_buf);
+	efi_current_var = NULL;
 }
 
 efi_status_t efi_var_mem_init(void)
diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
index c0423489388..94c4de87034 100644
--- a/lib/efi_loader/efi_variable_tee.c
+++ b/lib/efi_loader/efi_variable_tee.c
@@ -100,25 +100,25 @@ static efi_status_t optee_mm_communicate(void *comm_buf, ulong dsize)
 	param[1].attr = TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT;
 
 	rc = tee_invoke_func(conn.tee, &arg, 2, param);
-	if (rc)
-		return EFI_INVALID_PARAMETER;
 	tee_shm_free(shm);
 	tee_close_session(conn.tee, conn.session);
+	if (rc || arg.ret != TEE_SUCCESS)
+		return EFI_DEVICE_ERROR;
 
 	switch (param[1].u.value.a) {
-	case ARM_SMC_MM_RET_SUCCESS:
+	case ARM_SVC_SPM_RET_SUCCESS:
 		ret = EFI_SUCCESS;
 		break;
 
-	case ARM_SMC_MM_RET_INVALID_PARAMS:
+	case ARM_SVC_SPM_RET_INVALID_PARAMS:
 		ret = EFI_INVALID_PARAMETER;
 		break;
 
-	case ARM_SMC_MM_RET_DENIED:
+	case ARM_SVC_SPM_RET_DENIED:
 		ret = EFI_ACCESS_DENIED;
 		break;
 
-	case ARM_SMC_MM_RET_NO_MEMORY:
+	case ARM_SVC_SPM_RET_NO_MEMORY:
 		ret = EFI_OUT_OF_RESOURCES;
 		break;