When converting an IPv4 device path node to text, the
EFI_DEVICE_PATH_TO_TEXT_PROTOCOL will produce the following string:
IPv4(5.6.7.8,TCP,UDP,0x6,DHCP,1.2.3.4,9.10.11.12,255.255.255.0)
This string erroneously contains multiple protocols: TCP, UDP and 0x6.
Add the missing `break' statements in the dp_msging() function to fix this
and obtain the following expected string instead:
IPv4(5.6.7.8,TCP,DHCP,1.2.3.4,9.10.11.12,255.255.255.0)
Fixes: aaf63429a1 ("efi_loader: add IPv4() to device path to text protocol")
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Adriano Cordova <adrianox@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Ben reports a failure to boot the kernel on hardware that starts its
physical memory from 0x0.
The reason is that lmb_alloc_addr(), which is supposed to reserve a
specific address, takes the address as the first argument, but then also
returns the address for success or failure and treats 0 as a failure.
Since we already know the address change the prototype to return an int.
Reported-by: Ben Schneider <ben@bens.haus>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Ben Schneider <ben@bens.haus>
Reviewed-by: Sughosh Ganu <sughosh.ganu@linaro.org>
EFI applications need to be relocatable. Ordinarily, this is achieved
through a PE-format .reloc section, but since that requires toolchain
tricks to achieve, U-Boot's EFI applications instead embed ELF-flavored
relocation information and use it for self-relocation; thus, the
.dynamic section needs to be preserved.
Before this patch, it was tacked on to the end of .text, but this was
not proper: A .text section is SHT_PROGBITS, while the .dynamic section
is SHT_DYNAMIC. Attempting to combine them like this creates a section
type mismatch. While GNU ld doesn't seem to complain, LLVM's lld
considers this a fatal linking error.
This patch moves .dynamic out to its own section, so that the output ELF
has the correct types. (They're all mashed together when converting to
binary anyway, so this patch causes no change in the final .efi output.)
Signed-off-by: Sam Edwards <CFSworks@gmail.com>
Cc: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This commit fixes an use after free introduced in Commit e55a4acb54
(" efi_loader: net: set EFI bootdevice device path to HTTP when loaded
from wget"). The logic in efi_net_set_dp is reworked so that when the
function is invoked it not only changes the value of the static variable
net_dp (this is how the function was implemented in e55a4acb54) but also
updates the protocol interface of the device path protocol in case efi
has started.
Fixes: e55a4acb54 ("efi_loader: net: set EFI bootdevice device path to HTTP when loaded from wget")
Signed-off-by: Adriano Cordova <adriano.cordova@canonical.com>
Refactor the entire kconfig page for mbedtls, adapt mbedtls makefile
and default config file using 'XPL_', in order to have independent
mbedtls kconfig options in U-Boot Proper, SPL, TPL and VPL.
User can choose legacy or mbedtls libraries for them independently.
Set mbedtls native hashing libraries as default when MBEDTLS_LIB,
SPL_MBEDTLS_LIB, TPL_MBEDTLS_LIB or VPL_MBEDTLS_LIB is selected.
If users prefer using U-Boot legacy hashing libraries, please select
MBEDTLS_LIB_HASHING_ALT, SPL_MBEDTLS_LIB_HASHING_ALT,
TPL_MBEDTLS_LIB_HASHING_ALT or VPL_MBEDTLS_LIB_HASHING_ALT for U-Boot
Proper, SPL, TPL and VPL respectively.
Moreover, rename a few kconfig options and update their descriptions to
improve the consistency of terminology.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
U-Boot requires to access x509_internal.h, mbedtls_sha256_context and
mbedtls_sha1_context in the porting layer, and this requires to
enable MBEDTLS_ALLOW_PRIVATE_ACCESS.
Enable it to mscode and pkcs7_parser to fix a mbedtls internal building
error when X509 is selected.
Moreover, Move it to a separate file to avoid enabling it in multiple
places.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Fixed the building failures when WGET_HTTPS,NET_LWIP and MBEDTLS_LIB
are selected due to a few incorrect kconfig dependencies.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used in the efi_memory.c module.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
When building with qemu_arm64_defconfig with CONFIG_CC_OPTIMIZE_FOR_DEBUG=y
and CONFIG_EFI_LOADER=n an error undefined reference to efi_add_memory_map_pg
occurs.
Move the EFI dependent part of lmb_map_update_notify() to the EFI
sub-system.
Reported-by: Liya Huang <1425075683@qq.com>
Acked-by: Liya Huang <1425075683@qq.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Instead of testing the value of parameter op at runtime use an enum to
ensure that only valid values are used.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Up to now root has been the parent device for all block devices created via
calling ConnectController(). This does not work well together with the
implementation of bootstd.
Add a dummy parent device for all EFI block devices.
With this change EFI block devices are also accessible via commands like
'cat', 'load', and 'ls'.
=> dm tree
Class Seq Probed Driver Name
-----------------------------------------------------------
efi 0 [ + ] EFI block driver `-- efi
blk 3 [ + ] efi_blk `-- efi.efiblk#0
partition 0 [ + ] blk_partition `-- efi.efiblk#0:1
=> ls efiloader 0:1
13 hello.txt
7 u-boot.txt
2 file(s), 0 dir(s)
=> cat efiloader 0:1 hello.txt
Hello world!
=> efidebug dh
0000000018df1700 (efi.efiblk#0:1)
/VenHw(dbca4c98-6cb0-694d-0872-819c650cb7b8)/HD(1,MBR,0xd1535d21,0x1,0x7f)
Block IO
Simple File System
Adjust the event dump unit test to consider the new event spy.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
For EFI runtime services, we manage to preserve string literals
by placing the .efi_runtime section just before .data and preserving
it when marking the runtime memory by marking surrounding boottime
code as runtime. This is ok for now but will break if we update any
linker scripts and decouple .text and .runtime sections.
So let's define the strings we used to compare in the appropriate
section for runtime services
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
After having been compared to a NULL value at efi_disk.c:426,
pointer 'part_info' is dereferenced at efi_disk.c:534.
Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add more EFI protocols GUIDs to the translation table used by
uuid_guid_get_str().
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Tom Rini <trini@konsulko.com>
When we squash imported mbedtls, the git submodule "framework" was
preserved in the commit. However, U-Boot itself does not use git
submodule, and provides no .gitmodules file to specify the submodule
repository.
This is normally not an issue when cloning U-Boot repository. However,
when U-Boot is imported as a submodule, this will break git option
`--recurse-submodules` as it fails to resolve "framework".
As we do not use the submodule, remove it to unbreak existing workflows.
Fixes: 12f1212e95 ("Merge commit '0344c602eadc0802776b65ff90f0a02c856cf53c' as 'lib/mbedtls/external/mbedtls'")
Signed-off-by: ZHANG Yuntian <yt@radxa.com>
Implement library function strnstr().
Implement strstr() using strnstr().
Sort the includes.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
[jf: replace <stdint.h> by <limits.h>, folded from next patch]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Find_option() is used to retrieve the block size value in an option
acknowledgment in response to a request containing a block size option
according to RFC2348.
The format of an OACK response is described in RFC2347 as
+-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+
| opc | opt1 | 0 | value1 | 0 | optN | 0 | valueN | 0 |
+-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+
The current implementation of find_option() only works if
* blksize is the first option
* lwip_strnstr() ignores the length parameter,
i.e. is implemented via strstr()
The OACK messages starts with 0x00 0x06. If 'blksize' is the first option,
strstr() reports a match when the first parameter points to 0x06. Adding
the string length of 'blksize' plus 2 to the location of the 0x06 byte
points to the value.
Find_option() would report a match for option 'blksize' if the response
contained an option called 'foo_blksize_bar'. In this case find_option()
would return 'bar' as the value string.
If 'blksize' were the second option, find_option() would return a pointer
to the second character of the value string.
Furthermore find_option() does not detect if the value string is NUL
terminated. This may lead to a buffer overrun.
Provide an implementation that correctly steps from option to option.
Fixes: 27d7ccda94 ("net: lwip: tftp: add support of blksize option to client")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (qemu_arm64_lwip)
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Mark these functions as needed by relocation. These functions are used
to copy data while relocating the next-phase image.
Drop the 'safe' versions from SPL as they are not needed. Change the
static array to a local one, to avoid link errors when trying to access
the data.
Signed-off-by: Simon Glass <sjg@chromium.org>
Mark the lz4 decompression code as needed by relocation. This is used to
decompress the next-phase image.
Drop the 'safe' versions from SPL as they are not needed. Change the
static array to a local one, to avoid a crash errors when trying to
access the data from relocated code. Make this conditional to avoid a
code-size increase when SPL_RELOC is not used/
Signed-off-by: Simon Glass <sjg@chromium.org>
Mark the crc8 code as needed by relocation. This is used as a simple
check against corruption of the code when copying.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the build rule so that hash algorithms are only included in an
SPL build if they are requested. This helps to reduce code size.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
This code is not necessarily needed in VPL, even if SPL uses it, so
adjust the rules to allow it to be dropped.
Do the same for the hash API.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Get tpm event log from bloblist instead of FDT when bloblist is
enabled and valid from previous boot stage.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Move default eventlog size from efi to tpm for using in both
efi and measured boot.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
During PCR extend process, if any unsupported algorithms are active,
try to use PCR allocate to inactivate them.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Get eventlog bank mask when parsing the eventlog from previous
boot stage and invoke PCR allocate function based on it.
PCR allocate will be proceeded if any dismatches observed among
the active, supportted and eventlog bank masks to re-configurate
the TPM with the proper algorithms and reboot the system.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add PCR allocate wrapper APIs for using in tcg2 protocol.
The wrapper proceeds a PCR allocate command, followed by a
shutdown command.
A system boot is required after two commands since TPM device needs
a HW reset to activate the new algorithms config.
Also, a helper function is included to determine the new bank mask
for PCR allocation by combining the status of current active,
supported and eventlog bank masks.
A new kconfig is created. PCR allocate and system reboot only
happens when the kconfig is selected, otherwise just exit with
errors.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
TPM2_PCR_Allocate command is required to reconfigure a TPM device
to enable or disable algorithms in run-time, thus this patch introduces
the implementation of PCR allocate APIs and adds related cmd functions
for testing.
To test the feature, ensure that TPM is started up.
Run pcr_allocate command to turn on/off an algorithm, multiple calls
are supported and all changes will be cached:
`tpm2 pcr_allocate <algorithm_name> <on|off>`
Run startup command with argument 'off' to shutdown the TPM.
`tpm2 startup TPM2_SU_CLEAR off`
Reboot the board via `reset` to activate the changes.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
TPM2_shutdown command is sharing same structure and logics with
TPM2_startup, thus this patch extends the existing startup APIs and
cmd functions to support shutdown instead of created new ones.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Rather than setting up the global variables and then making the call,
pass them into function directly. This cleans up the code and makes it
all a bit easier to understand.
Signed-off-by: Simon Glass <sjg@chromium.org>
This code is only needed if an invalid image/device path is passed in.
Move the code out to a caller where this can be dealt with. The normal
flow will provide these parameters.
Signed-off-by: Simon Glass <sjg@chromium.org>
This uses a few global variables at present. With the bootflow we have
the required parameters, so add a function which accepts these. Update
the existing function to call the new one with the globals.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Provide these globals as parameters to this function, on the way to
making it possible to start an image without relying on the globals.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
If a board has a strict size limit, disable
* Unicode capitalization and
* HII protocols
by default to reduce the image size.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The log category should be LOGC_EFI all over the EFI sub-system.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
When logging running an image, e.g. `bootefi hello` the indent is not
correctly reset.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The add_u_boot_and_runtime() function paints with a broad brush,
considering all of the memory from the top of U-Boot stack to
gd->ram_top as EFI_RUNTIME_SERVICES_CODE
This is fine, but we need to make sure we don't add a separate entry for
any ACPI tables in this region (which happens when bloblist is used for
tables). Otherwise the memory map looks strange and we get a test
failure on qemu-x86 (only) for the 'virtual address map' test.
Good map:
Type Start End Attributes
================ ================ ================ ==========
CONVENTIONAL 0000000000000000-00000000000a0000 WB
RESERVED 00000000000a0000-00000000000f0000 WB
RUNTIME DATA 00000000000f0000-00000000000f2000 WB|RT
RESERVED 00000000000f2000-0000000000100000 WB
CONVENTIONAL 0000000000100000-0000000005cc7000 WB
BOOT DATA 0000000005cc7000-0000000005ccc000 WB
RUNTIME DATA 0000000005ccc000-0000000005ccd000 WB|RT
BOOT DATA 0000000005ccd000-0000000005cce000 WB
RUNTIME DATA 0000000005cce000-0000000005cf0000 WB|RT
BOOT DATA 0000000005cf0000-0000000006cf5000 WB
RESERVED 0000000006cf5000-0000000006cfa000 WB
ACPI RECLAIM MEM 0000000006cfa000-0000000006d1c000 WB
RESERVED 0000000006d1c000-0000000006f35000 WB
RUNTIME CODE 0000000006f35000-0000000006f37000 WB|RT
RESERVED 0000000006f37000-0000000008000000 WB
RESERVED 00000000e0000000-00000000f0000000 WB
Bad map: (with BLOBLIST_TABLES but without this patch):
Type Start End Attributes
================ ================ ================ ==========
CONVENTIONAL 0000000000000000-00000000000a0000 WB
RESERVED 00000000000a0000-00000000000f0000 WB
ACPI RECLAIM MEM 00000000000f0000-00000000000f1000 WB
RESERVED 00000000000f1000-0000000000100000 WB
CONVENTIONAL 0000000000100000-0000000005ca5000 WB
BOOT DATA 0000000005ca5000-0000000005caa000 WB
RUNTIME DATA 0000000005caa000-0000000005cab000 WB|RT
BOOT DATA 0000000005cab000-0000000005cac000 WB
RUNTIME DATA 0000000005cac000-0000000005cce000 WB|RT
BOOT DATA 0000000005cce000-0000000006cd3000 WB
RUNTIME DATA 0000000006cd3000-0000000006cd5000 WB|RT
BOOT DATA 0000000006cd5000-0000000006cf4000 WB
RESERVED 0000000006cf4000-0000000006cf9000 WB
ACPI RECLAIM MEM 0000000006cf9000-0000000006ce6000 WB
Signed-off-by: Simon Glass <sjg@chromium.org>
QEMU can have its own internal ACPI and SMBIOS tables. At present U-Boot
copies out the SMBIOS tables but points directly to the ACPI ones.
The ACPI tables are not aligned on a 4KB boundary, which means that UPL
cannot use them directly, since it uses a reserved-memory node for the
tables and that it assumed (by EDK2) to be 4KB-aligned.
On x86, QEMU provides the tables in a mapped memory region and U-Boot
makes use of these directly, thus making it difficult to use any common
code.
Adjust the logic to fit within the existing table-generation code. Use a
bloblist always and ensure that the ACPI tables is placed in an aligned
region. Set a size of 8K for QEMU. This does not actually put all the
tables in one place, for QEMU, since it currently adds a pointer to the
tables in QFW.
On ARM, enable bloblist so that SMBIOS tables can be added to the
bloblist.
Signed-off-by: Simon Glass <sjg@chromium.org>
In many cases it is useful to get the address of a buffer, e.g. when
booting from it. Add a function to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
When using the ACPI tables supplied by QEMU, we don't need to build the
FADT and MADT tables in U-Boot.
This patch avoids a build failure
make qemu-riscv64_smode_defconfig acpi.config
riscv64-linux-gnu-ld.bfd: lib/acpi/acpi_table.o:
in function `acpi_write_fadt':
lib/acpi/acpi_table.c:265:(.text.acpi_write_fadt+0x15c):
undefined reference to `acpi_fill_fadt'
riscv64-linux-gnu-ld.bfd: lib/acpi/acpi_table.o:
in function `acpi_write_madt':
lib/acpi/acpi_table.c:294:(.text.acpi_write_madt+0x52):
undefined reference to `acpi_fill_madt'
Fixes: f5f7962091 ("acpi: x86: Write FADT in common code")
Fixes: 4a3fc0f525 ("acpi: x86: Move MADT to common code")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Patrick Rudolph <patrick.rudolph@9elements.com>
In reworking the BLK usage in Kconfig, I found there's a few issues with
EFI_LOADER=y and BLK=n. In general, we can easily say that
lib/efi_loader/efi_file.c also should only be built with CONFIG_BLK.
That however leaves the bootmgr code, eficonfig code and then parts of
efi_device_path.c, efi_boottime.c and efi_setup.c which functionally
depend on BLK. While these calls can be if'd out, I'm unsure if the
result is usable. So rather than leave that buildable and imply that it
is, I'm leaving that combination non-buildable and commenting that
EFI_LOADER depends on BLK in the Kconfig currently.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Philippe Reynes <philippe.reynes@softathome.com> says:
This serie adds the support of sha256_hmac and sha256_hkdf.
A first version was sent several months ago just before the
integration of mbedtls. This new version is based on mbedtls.
The first patch of this serie add the support of hkdf
using mbedtls.
Link: https://lore.kernel.org/r/20241219130554.49825-1-philippe.reynes@softathome.com
Adds the support of key derivation using the scheme hkdf.
This scheme is defined in rfc5869.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Raymond Mao <raymond.mao@linaro.org>
