| Age | Commit message (Collapse) | Author |
|---|
|
Every SetVariable() call triggers efi_var_mem_ins() followed by
efi_var_to_storage(), even when the variable value is not actually
changing. This is unfriendly to flash-backed stores that suffer
wear from unnecessary erase/write cycles.
Add a change-detection path to efi_var_mem_ins(): when size2 == 0
(i.e. not an append) and the caller passes a non-NULL changep flag,
look up the existing variable and compare attributes, length, time
and data byte-by-byte. If everything matches, set *changep = false
and return EFI_SUCCESS without touching the variable buffer.
Both efi_set_variable_int() and efi_set_variable_runtime() now
check the flag and skip efi_var_mem_del() / efi_var_to_storage()
when nothing changed.
Introduce efi_memcmp_runtime() - a runtime-safe byte-by-byte memory
comparison helper, following the same pattern as the existing
efi_memcpy_runtime(). The standard memcmp() is not available after
ExitBootServices() and calling it from Linux will crash.
Tested-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Michal Simek <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
The value of buf->length comes from outside U-Boot and may be incorrect.
We must avoid to overrun our internal buffer for excessive values.
If buf->length is shorter than the variable file header, the variable
file is invalid.
Reviewed-by: Ilias Apalodimas <[email protected]>
Tested-by: Michal Simek <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Currently efi_var_file.c has functions to store/read
EFI variables to/from memory buffer. These functions
can be used with other EFI variable stores so move
them out to efi_var_common.c
Signed-off-by: Shantur Rathore <[email protected]>
Signed-off-by: Michal Simek <[email protected]>
Tested-by: Neil Armstrong <[email protected]> # on AML-S905D3-CC
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
The log category should be LOGC_EFI all over the EFI sub-system.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Since commit c28d32f946f0 ("efi_loader: conditionally enable SetvariableRT")
we are enabling the last bits of missing runtime services.
Add support for QueryVariableInfo which we already support at boottime
and we just need to mark some fucntions available at runtime and move
some checks around.
It's worth noting that pointer checks for maxmimum and remaining
variable storage aren't when we store variables on the RPMB, since the
Secure World backend is already performing them.
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Previous patches enabled SetVariableRT using a RAM backend.
Although EBBR [0] defines a variable format we can teach userspace tools
and write the altered variables, it's better if we skip the ABI
requirements completely.
So let's add a new variable, in its own namespace called "VarToFile"
which contains a binary dump of the updated RT, BS and, NV variables
and will be updated when GetVariable is called.
Some adjustments are needed to do that.
Currently we discard BS-only variables in EBS(). We need to preserve
those on the RAM backend that exposes the variables. Since BS-only
variables can't appear at runtime we need to move the memory masking
checks from efi_var_collect() to efi_get_next_variable_name_mem()/
efi_get_variable_mem() and do the filtering at runtime.
We also need an efi_var_collect() variant available at runtime, in order
to construct the "VarToFile" buffer on the fly.
All users and applications (for linux) have to do when updating a variable
is dd that variable in the file described by "RTStorageVolatile".
Linux efivarfs uses a first 4 bytes of the output to represent attributes
in little-endian format. So, storing variables works like this:
$~ efibootmgr -n 0001
$~ dd if=/sys/firmware/efi/efivars/VarToFile-b2ac5fc9-92b7-4acd-aeac-11e818c3130c of=/boot/efi/ubootefi.var skip=4 bs=1
[0] https://arm-software.github.io/ebbr/index.html#document-chapter5-variable-storage
Suggested-by: Ard Biesheuvel <[email protected]> # dumping all variables to a variable
Co-developed-by: Heinrich Schuchardt <[email protected]> # contributed on efi_var_collect_mem()
Signed-off-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
%s/mstching/matching/
Reported-by: E Shattow <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
efi_var_collect() was initially placed in efi_var_file.c, since back
then we only supported efi variables stored in a file. Since then we
support variables stored in an RPMB as well and use that function to
collect variables that should be present at runtime.
So let's move it around in efi_var_common.c which makes more sense
Suggested-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
GetVariable() and SetVariable() use an uint32_t value for attributes.
The UEFI specification defines the related constants as 32bit.
Add the missing EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS constant.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
We largely do not need <common.h> in these files, so drop it. The only
exception here is that efi_freestanding.c needs <linux/types.h> and had
been getting that via <common.h>.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
Current U-Boot supports two EFI variable service, U-Boot own
implementation and op-tee based StMM variable service.
With ACS Security Interface Extension(SIE) v22.10_SIE_REL1.1.0,
there are several failure items of QueryVariableInfo().
Current attribute check for QueryVariableInfo() was implemented
based on the Self Certification Test (SCT) II Case Specification,
June 2017, chapter 4.1.4 QueryVariableInfo().
This test case specification is outdated and don't align at all
with the SCT test case code, and UEFI specification v2.10 does
not clearly define the priority of the attribute check.
For U-Boot standard case that EFI variables are stored in a file
in the ESP, this commit modifies the attribute check to get align
to the EDK2 implementation.
For latter case(op-tee based StMM variable service), parameter check
should be delegated to StMM.
Now all ACS SIE QueryVariableInfo() test cases passed both EFI variable
storage implementations.
Signed-off-by: Masahisa Kojima <[email protected]>
Acked-by: Heinrich Schuchardt <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
At present we use wide characters for unicode but this is not necessary.
Change the code to use the 'u' literal instead. This helps to fix build
warnings for sandbox on rpi.
Signed-off-by: Simon Glass <[email protected]>
Suggested-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
For printing GUIDs with macro EFI_ENTRY use %pUs instead of %pUl to provide
readable debug output.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
In multiple places we need the default GUID matching a variable name.
The patch provides a library function. For secure boot related variables
like 'PK', 'KEK', 'db' a lookup table is used. For all other variable
names EFI_GLOBAL_VARIABLE is returned.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
UEFI variable names are typically constants and hence should be defined as
const. Unfortunately some of our API functions do not define the parameters
for UEFI variable names as const. This requires unnecessary conversions.
Adjust parameters of several internal functions to tre UEFI variable names
as const.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
When U-Boot is started we have to use the existing variables to determine
in which secure boot state we are.
* If a platform key PK is present and DeployedMode=1, we are in deployed
mode.
* If no platform key PK is present and AuditMode=1, we are in audit mode.
* Otherwise if a platform key is present, we are in user mode.
* Otherwise if no platform key is present, we are in setup mode.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Writing variables AuditMode and DeployedMode serves to switch between
Secure Boot modes. Provide a separate value for these in efi_auth_var_type.
With this patch the variables will not be read from from file even if they
are marked as non-volatile by mistake.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The UEFI specification requires that the signature database may only be
stored in tamper-resistant storage. So these variable may not be read
from an unsigned file.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Improve efi_query_variable_info() to check the parameter settings and
return correct error code according to the UEFI Specification 2.9,
and the Self Certification Test (SCT) II Case Specification, June
2017, chapter 4.1.4 QueryVariableInfo().
Reported-by: Kazuhiko Sakamoto <[email protected]>
Signed-off-by: Masami Hiramatsu <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
This is preparation for PE/COFF measurement support.
PE/COFF image hash calculation is same in both
UEFI Secure Boot image verification and measurement in
measured boot. PE/COFF image parsing functions are
gathered into efi_image_loader.c, and exposed even if
UEFI Secure Boot is not enabled.
This commit also adds the EFI_SIGNATURE_SUPPORT option
to decide if efi_signature.c shall be compiled.
Signed-off-by: Masahisa Kojima <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
A following patch introduces a different logic for loading initrd's
based on the EFI_LOAD_FILE2_PROTOCOL.
Since similar logic can be applied in the future for other system files
(i.e DTBs), let's add some helper functions which will retrieve and
parse file paths stored in EFI variables.
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Some amount of code was moved/derived from efi_variable.c regarding
UEFI secure boot, in particluar in the commit 012c56ac76e1 ("efi_loader:
restructure code for TEE variables").
So add the orignal author's copyright notice.
Signed-off-by: AKASHI Takahiro <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
We recently added functions for storing/restoring variables
from a file to a memory backed buffer marked as __efi_runtime_data
commit f1f990a8c958 ("efi_loader: memory buffer for variables")
commit 5f7dcf079de8 ("efi_loader: UEFI variable persistence")
Using the same idea we now can support GetVariable() and GetNextVariable()
on the OP-TEE based variables as well.
So let's re-arrange the code a bit and move the commmon code for
accessing variables out of efi_variable.c. Create common functions for
reading variables from memory that both implementations can use on
run-time. Then just use those functions in the run-time variants of the
OP-TEE based EFI variable implementation and initialize the memory
buffer on ExitBootServices()
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
To determine if a varible is on the of the authentication variables
PK, KEK, db, dbx we have to check both the name and the GUID.
Provide a function converting the variable-name/guid pair to an enum and
use it consistently.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
When using secure boot functions needed both for file and TEE based UEFI
variables have to be moved to the common code module efi_var_common.c.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Separate the remaining UEFI variable API functions GetNextVariableName and
QueryVariableInfo() from internal functions implementing them.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
We currently have two implementations of UEFI variables:
* variables provided via an OP-TEE module
* variables stored in the U-Boot environment
Read only variables are up to now only implemented in the U-Boot
environment implementation.
Provide a common interface for both implementations that allows handling
read-only variables.
As variable access is limited to very few source files put variable
related definitions into new include efi_variable.h instead of efi_loader.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
