Djam/u-boot
1
0
Fork 0
mirror of https://github.com/u-boot/u-boot.git synced 2025-04-19 03:15:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

efi_loader: Boot var automatic management

Browse source 
Changes for complying to EFI spec §3.5.1.1
'Removable Media Boot Behavior'.
Boot variables can be automatically generated during a removable
media is probed. At the same time, unused boot variables will be
detected and removed.

Please note that currently the function 'efi_disk_remove' has no
ability to distinguish below two scenarios
a) Unplugging of a removable media under U-Boot
b) U-Boot exiting and booting an OS
Thus currently the boot variables management is not added into
'efi_disk_remove' to avoid boot options being added/erased
repeatedly under scenario b) during power cycles
See TODO comments under function 'efi_disk_remove' for more details

The original efi_secboot tests expect that BootOrder EFI variable
is not defined. With this commit, the BootOrder EFI variable is
automatically added when the disk is detected. The original
efi_secboot tests end up with unexpected failure.
The efi_secboot tests need to be modified to explicitly set
the BootOrder EFI variable.

squashfs and erofs ls tests are also affected by this modification,
need to clear the previous state before squashfs ls test starts.

Co-developed-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This commit is contained in:
Raymond Mao 2023-11-10 13:25:37 +09:00 committed by Ilias Apalodimas
parent d822255d65
commit 550862bc12
7 changed files with 78 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
lib/efi_loader/efi_disk.c
View file

@ -690,6 +690,13 @@ int efi_disk_probe(void *ctx, struct event *event)
return -1;
}
/* only do the boot option management when UEFI sub-system is initialized */
if (IS_ENABLED(CONFIG_CMD_BOOTEFI_BOOTMGR) && efi_obj_list_initialized == EFI_SUCCESS) {
ret = efi_bootmgr_update_media_device_boot_option();
if (ret != EFI_SUCCESS)
return -1;
}
return 0;
}
@ -742,6 +749,17 @@ int efi_disk_remove(void *ctx, struct event *event)
dev_tag_del(dev, DM_TAG_EFI);
return 0;
/*
* TODO A flag to distinguish below 2 different scenarios of this
* function call is needed:
* a) Unplugging of a removable media under U-Boot
* b) U-Boot exiting and booting an OS
* In case of scenario a), efi_bootmgr_update_media_device_boot_option()
* needs to be invoked here to update the boot options and remove the
* unnecessary ones.
*/
}
/**

7
lib/efi_loader/efi_setup.c
View file

@ -245,6 +245,13 @@ efi_status_t efi_init_obj_list(void)
if (ret != EFI_SUCCESS)
goto out;
if (IS_ENABLED(CONFIG_CMD_BOOTEFI_BOOTMGR)) {
/* update boot option after variable service initialized */
ret = efi_bootmgr_update_media_device_boot_option();
if (ret != EFI_SUCCESS)
goto out;
}
/* Define supported languages */
ret = efi_init_platform_lang();
if (ret != EFI_SUCCESS)

42
test/py/tests/test_efi_secboot/test_signed.py
View file

@ -29,7 +29,7 @@ class TestEfiSignedImage(object):
output = u_boot_console.run_command_list([
'host bind 0 %s' % disk_img,
'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -37,7 +37,7 @@ class TestEfiSignedImage(object):
# Test Case 1b, run unsigned image if no PK
output = u_boot_console.run_command_list([
'efidebug boot add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""',
'efidebug boot next 2',
'efidebug boot order 2',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -59,13 +59,13 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert('\'HELLO1\' failed' in ''.join(output))
assert('efi_start_image() returned: 26' in ''.join(output))
output = u_boot_console.run_command_list([
'efidebug boot add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""',
'efidebug boot next 2',
'efidebug boot order 2',
'efidebug test bootmgr'])
assert '\'HELLO2\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -77,12 +77,12 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 2',
'efidebug boot order 2',
'efidebug test bootmgr'])
assert '\'HELLO2\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -105,7 +105,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -117,7 +117,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -143,7 +143,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -170,7 +170,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -181,7 +181,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize db'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -193,7 +193,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -205,7 +205,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -230,7 +230,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -254,7 +254,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -265,7 +265,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -279,7 +279,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -307,7 +307,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -330,7 +330,7 @@ class TestEfiSignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -349,7 +349,7 @@ class TestEfiSignedImage(object):
output = u_boot_console.run_command_list([
'host bind 0 %s' % disk_img,
'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld_forged.efi.signed -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert('hELLO, world!' in ''.join(output))
@ -364,7 +364,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert(not 'hELLO, world!' in ''.join(output))
assert('\'HELLO1\' failed' in ''.join(output))

14
test/py/tests/test_efi_secboot/test_signed_intca.py
View file

@ -40,7 +40,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO_a host 0:1 /helloworld.efi.signed_a -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO_a\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -49,7 +49,7 @@ class TestEfiSignedImageIntca(object):
# Test Case 1b, signed and authenticated by root CA
output = u_boot_console.run_command_list([
'efidebug boot add -b 2 HELLO_ab host 0:1 /helloworld.efi.signed_ab -s ""',
'efidebug boot next 2',
'efidebug boot order 2',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -71,7 +71,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO_abc host 0:1 /helloworld.efi.signed_abc -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO_abc\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -81,7 +81,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 db_b.auth',
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO_abc\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@ -91,7 +91,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 db_c.auth',
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -117,7 +117,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO_abc host 0:1 /helloworld.efi.signed_abc -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
# Or,
@ -129,7 +129,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 dbx_c.auth',
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert '\'HELLO_abc\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)

14
test/py/tests/test_efi_secboot/test_unsigned.py
View file

@ -36,11 +36,11 @@ class TestEfiUnsignedImage(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'efi_start_image() returned: 26' in ''.join(output)
assert 'Hello, world!' not in ''.join(output)
@ -65,7 +65,7 @@ class TestEfiUnsignedImage(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@ -89,11 +89,11 @@ class TestEfiUnsignedImage(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'efi_start_image() returned: 26' in ''.join(output)
assert 'Hello, world!' not in ''.join(output)
@ -107,11 +107,11 @@ class TestEfiUnsignedImage(object):
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
'efidebug boot next 1',
'efidebug boot order 1',
'bootefi bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug boot order 1',
'efidebug test bootmgr'])
assert 'efi_start_image() returned: 26' in ''.join(output)
assert 'Hello, world!' not in ''.join(output)

9
test/py/tests/test_fs/test_erofs.py
View file

@ -196,6 +196,15 @@ def test_erofs(u_boot_console):
"""
build_dir = u_boot_console.config.build_dir
# If the EFI subsystem is enabled and initialized, EFI subsystem tries to
# add EFI boot option when the new disk is detected. If there is no EFI
# System Partition exists, EFI subsystem outputs error messages and
# it ends up with test failure.
# Restart U-Boot to clear the previous state.
# TODO: Ideally EFI test cases need to be fixed, but it will
# increase the number of system reset.
u_boot_console.restart_uboot()
try:
# setup test environment
make_erofs_image(build_dir)

9
test/py/tests/test_fs/test_squashfs/test_sqfs_ls.py
View file

@ -118,6 +118,15 @@ def test_sqfs_ls(u_boot_console):
"""
build_dir = u_boot_console.config.build_dir
# If the EFI subsystem is enabled and initialized, EFI subsystem tries to
# add EFI boot option when the new disk is detected. If there is no EFI
# System Partition exists, EFI subsystem outputs error messages and
# it ends up with test failure.
# Restart U-Boot to clear the previous state.
# TODO: Ideally EFI test cases need to be fixed, but it will
# increase the number of system reset.
u_boot_console.restart_uboot()
# setup test environment
check_mksquashfs_version()
generate_sqfs_src_dir(build_dir)