From d0d1c4a4f5d13c8dd792d5cc5379eb4c1e0f0c46 Mon Sep 17 00:00:00 2001 From: Harsimran Singh Tungal Date: Mon, 27 Apr 2026 16:05:30 +0100 Subject: efi_loader: fix AllocatePages overlap status MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Return EFI_NOT_FOUND for EFI_ALLOCATE_ADDRESS overlap When efi_allocate_pages() is called with EFI_ALLOCATE_ADDRESS, UEFI expects EFI_NOT_FOUND if the requested address range is already allocated or unavailable. U-Boot currently returns EFI_OUT_OF_RESOURCES when efi_update_memory_map() detects an overlap after a successful lmb_alloc_mem(), which does not match EFI_ALLOCATE_ADDRESS semantics. Return EFI_NOT_FOUND for EFI_ALLOCATE_ADDRESS requests that fail due to an overlapping EFI memory descriptor, while keeping EFI_OUT_OF_RESOURCES for other allocation types. The UEFI specification [1] specifies that EFI_BOOT_SERVICES.AllocatePages must return EFI_NOT_FOUND when the requested address range is unavailable or already allocated; EFI_OUT_OF_RESOURCES applies to non‑address‑specific allocation failures. [1] https://uefi.org/specs/UEFI/2.10_A/07_Services_Boot_Services.html Signed-off-by: Harsimran Singh Tungal The UEFI specification does not clearly specify the behavior. But let's follow the EDK II precedent here. Reviewed-by: Heinrich Schuchardt --- lib/efi_loader/efi_memory.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c index 046a2bb4641..2feb29f0a2c 100644 --- a/lib/efi_loader/efi_memory.c +++ b/lib/efi_loader/efi_memory.c @@ -495,7 +495,9 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type, /* Map would overlap, bail out */ lmb_free(addr, (u64)pages << EFI_PAGE_SHIFT, flags); unmap_sysmem((void *)(uintptr_t)efi_addr); - return EFI_OUT_OF_RESOURCES; + if (type == EFI_ALLOCATE_ADDRESS) + return EFI_NOT_FOUND; + return EFI_OUT_OF_RESOURCES; } *memory = efi_addr; -- cgit v1.2.3 From ec95a60d9dcd9436faa08f8151f05e4bba8e14a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vincent=20Stehl=C3=A9?= Date: Tue, 12 May 2026 19:40:33 +0200 Subject: efi_loader: fix hii keyboard layout pointer computation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The EFI_HII_KEYBOARD_LAYOUT field `layout_length' is expressed in bytes, but we add it to the `layout' pointer with (scaled) pointer arithmetic. When adding an HII keyboard package with multiple keyboard layouts, this results in only the first layout being added correctly; fix it. Fixes: 8d3b77e36e10 ("efi: hii: add keyboard layout package support") Signed-off-by: Vincent Stehlé Cc: Heinrich Schuchardt Cc: Ilias Apalodimas Cc: Tom Rini Cc: AKASHI Takahiro --- lib/efi_loader/efi_hii.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/efi_loader/efi_hii.c b/lib/efi_loader/efi_hii.c index 330d7c5830b..7bf51ad43d1 100644 --- a/lib/efi_loader/efi_hii.c +++ b/lib/efi_loader/efi_hii.c @@ -324,7 +324,8 @@ add_keyboard_package(struct efi_hii_packagelist *hii, list_add_tail(&layout_data->link_sys, &efi_keyboard_layout_list); - layout += layout_length; + layout = (struct efi_hii_keyboard_layout *) + ((uintptr_t)layout + layout_length); } list_add_tail(&package_data->link, &hii->keyboard_packages); -- cgit v1.2.3 From 5824ed13bcdf4726c13ef76e8186bc145d8e43f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vincent=20Stehl=C3=A9?= Date: Tue, 12 May 2026 19:40:34 +0200 Subject: efi_selftest: test hii keyboard layouts more MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The HII database test for keyboard layouts register two package lists with two keyboard layouts each, but the test verifies only the GUID of the first keyboard layout. This does not catch the bugs happening with the keyboard layouts after the first one in a package. Verify all the keyboard layout GUIDs in the unit test to prevent this. Signed-off-by: Vincent Stehlé Cc: Heinrich Schuchardt Cc: Ilias Apalodimas Cc: Tom Rini --- lib/efi_selftest/efi_selftest_hii.c | 67 ++++++++++++++++++-------------- lib/efi_selftest/efi_selftest_hii_data.c | 12 ++++++ 2 files changed, 49 insertions(+), 30 deletions(-) (limited to 'lib') diff --git a/lib/efi_selftest/efi_selftest_hii.c b/lib/efi_selftest/efi_selftest_hii.c index 228dc296950..fdbb08fb417 100644 --- a/lib/efi_selftest/efi_selftest_hii.c +++ b/lib/efi_selftest/efi_selftest_hii.c @@ -452,8 +452,7 @@ out: * test_hii_database_get_keyboard_layout() - test retrieval of keyboard layout * * This test adds two package lists, each of which has two keyboard layouts - * and then tries to get a handle to keyboard layout with a specific guid - * and the current one. + * and then tries to get a handle to every keyboard layout and the current one. * * @Return: status code */ @@ -463,7 +462,11 @@ static int test_hii_database_get_keyboard_layout(void) struct efi_hii_keyboard_layout *kb_layout; u16 kb_layout_size; efi_status_t ret; - int result = EFI_ST_FAILURE; + int result = EFI_ST_FAILURE, i; + static efi_guid_t *const kb_layout_guids[] = { + &kb_layout_guid11, &kb_layout_guid12, + &kb_layout_guid21, &kb_layout_guid22 + }; PRINT_TESTNAME; ret = hii_database_protocol->new_package_list(hii_database_protocol, @@ -484,33 +487,37 @@ static int test_hii_database_get_keyboard_layout(void) goto out; } - /* specific keyboard_layout(guid11) */ - kb_layout = NULL; - kb_layout_size = 0; - ret = hii_database_protocol->get_keyboard_layout(hii_database_protocol, - &kb_layout_guid11, &kb_layout_size, kb_layout); - if (ret != EFI_BUFFER_TOO_SMALL) { - efi_st_error("get_keyboard_layout returned %u\n", - (unsigned int)ret); - goto out; - } - ret = boottime->allocate_pool(EFI_LOADER_DATA, kb_layout_size, - (void **)&kb_layout); - if (ret != EFI_SUCCESS) { - efi_st_error("AllocatePool failed\n"); - goto out; - } - ret = hii_database_protocol->get_keyboard_layout(hii_database_protocol, - &kb_layout_guid11, &kb_layout_size, kb_layout); - if (ret != EFI_SUCCESS) { - efi_st_error("get_keyboard_layout returned %u\n", - (unsigned int)ret); - goto out; - } - ret = boottime->free_pool(kb_layout); - if (ret != EFI_SUCCESS) { - efi_st_error("FreePool failed\n"); - goto out; + /* Verify all keyboard layouts */ + for (i = 0; i < ARRAY_SIZE(kb_layout_guids); i++) { + efi_guid_t *kb_layout_guid = kb_layout_guids[i]; + + kb_layout = NULL; + kb_layout_size = 0; + ret = hii_database_protocol->get_keyboard_layout(hii_database_protocol, + kb_layout_guid, &kb_layout_size, kb_layout); + if (ret != EFI_BUFFER_TOO_SMALL) { + efi_st_error("get_keyboard_layout returned %u\n", + (unsigned int)ret); + goto out; + } + ret = boottime->allocate_pool(EFI_LOADER_DATA, kb_layout_size, + (void **)&kb_layout); + if (ret != EFI_SUCCESS) { + efi_st_error("AllocatePool failed\n"); + goto out; + } + ret = hii_database_protocol->get_keyboard_layout(hii_database_protocol, + kb_layout_guid, &kb_layout_size, kb_layout); + if (ret != EFI_SUCCESS) { + efi_st_error("get_keyboard_layout returned %u\n", + (unsigned int)ret); + goto out; + } + ret = boottime->free_pool(kb_layout); + if (ret != EFI_SUCCESS) { + efi_st_error("FreePool failed\n"); + goto out; + } } /* current */ diff --git a/lib/efi_selftest/efi_selftest_hii_data.c b/lib/efi_selftest/efi_selftest_hii_data.c index 5fc890112b4..2d29bb045d3 100644 --- a/lib/efi_selftest/efi_selftest_hii_data.c +++ b/lib/efi_selftest/efi_selftest_hii_data.c @@ -428,6 +428,18 @@ static efi_guid_t kb_layout_guid11 = EFI_GUID(0x8d40e495, 0xe2aa, 0x4c6f, 0x89, 0x70, 0x68, 0x85, 0x09, 0xee, 0xc7, 0xd2); +static efi_guid_t kb_layout_guid12 = + EFI_GUID(0x2ae60b3e, 0xb9d6, 0x49d8, + 0x9a, 0x16, 0xc2, 0x48, 0xf1, 0xeb, 0xa8, 0xdb); + +static efi_guid_t kb_layout_guid21 = + EFI_GUID(0xe0f56a1f, 0xdf6b, 0x4a7e, + 0xa3, 0x9a, 0xe7, 0xa5, 0x19, 0x15, 0x45, 0xd6); + +static efi_guid_t kb_layout_guid22 = + EFI_GUID(0x47be6ac9, 0x54cc, 0x46f9, + 0xa2, 0x62, 0xd5, 0x3b, 0x25, 0x6a, 0x0c, 0x34); + static efi_guid_t package_guid = EFI_GUID(0x0387c95a, 0xd703, 0x2346, 0xb2, 0xab, 0xd0, 0xc7, 0xdd, 0x90, 0x44, 0xf8); -- cgit v1.2.3