aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Rini <trini@konsulko.com>2024-04-08 14:33:59 -0600
committerTom Rini <trini@konsulko.com>2024-04-08 14:33:59 -0600
commit069d07396e30aa9be396c1dd3fc158ac199e6843 (patch)
treef4f2b1af27384f789e5531f9a98cf61ad7f2cdf3
parent9cba29b19f43f9450117e8bc89e7dda691ed5ab5 (diff)
parent3f8d13044b32ddd906bb9f2fc705b988ec93df35 (diff)
downloadu-boot-WIP/08Apr2024.zip
u-boot-WIP/08Apr2024.tar.gz
u-boot-WIP/08Apr2024.tar.bz2
Merge tag 'efi-2024-07-rc1' of https://source.denx.de/u-boot/custodians/u-boot-efiWIP/08Apr2024
Pull request efi-2024-07-rc1 Documentation: * improve description of FAT partition name generation * add missing :: in doc/usage/cmd/itest.rst UEFI: * fix address mode for __efi_runtime_start/stop, __efi_runtime_rel_start/stop * fix size of variable attribute constants * enable booting via EFI boot manager by default * correct the sequence of the EFI boot methods * correct finding the default EFI binary * don't delete variable from memory if update failed * fix append write behavior to non-existent variable * Use binman for testing capsule updates on the sandbox * Consider capsule test files in .gitignore and make clean
-rw-r--r--.gitignore3
-rw-r--r--Makefile4
-rw-r--r--arch/sandbox/config.mk2
-rw-r--r--arch/sandbox/dts/sandbox.dts4
-rw-r--r--arch/sandbox/dts/sandbox_capsule.dtsi169
-rw-r--r--arch/sandbox/dts/test.dts4
-rw-r--r--boot/Kconfig10
-rw-r--r--boot/Makefile2
-rw-r--r--boot/bootmeth_efi.c46
-rw-r--r--boot/bootmeth_efi_mgr.c2
-rw-r--r--boot/bootmeth_pxe.c2
-rw-r--r--configs/sandbox64_defconfig5
-rw-r--r--configs/sandbox_noinst_defconfig2
-rw-r--r--configs/sandbox_spl_defconfig2
-rw-r--r--configs/sandbox_vpl_defconfig2
-rw-r--r--doc/usage/cmd/itest.rst2
-rw-r--r--doc/usage/partitions.rst17
-rw-r--r--include/efi.h18
-rw-r--r--include/efi_variable.h2
-rw-r--r--include/host_arch.h2
-rw-r--r--lib/efi_loader/Kconfig1
-rw-r--r--lib/efi_loader/Makefile3
-rw-r--r--lib/efi_loader/efi_memory.c4
-rw-r--r--lib/efi_loader/efi_runtime.c6
-rw-r--r--lib/efi_loader/efi_var_common.c2
-rw-r--r--lib/efi_loader/efi_variable.c45
-rw-r--r--lib/efi_selftest/efi_selftest_variables.c48
-rw-r--r--test/boot/bootflow.c6
-rw-r--r--test/py/tests/test_efi_capsule/capsule_gen_binman.dts167
-rw-r--r--test/py/tests/test_efi_capsule/conftest.py1
30 files changed, 326 insertions, 257 deletions
diff --git a/.gitignore b/.gitignore
index d9a64d7..be13704 100644
--- a/.gitignore
+++ b/.gitignore
@@ -64,6 +64,9 @@ fit-dtb.blob*
/tpl/
/defconfig
/generated_defconfig
+/Test*
+/capsule.*.efi-capsule
+/capsule*.map
#
# Generated include files
diff --git a/Makefile b/Makefile
index 5d28595..1069adc 100644
--- a/Makefile
+++ b/Makefile
@@ -1963,6 +1963,7 @@ define filechk_version.h
echo \#define U_BOOT_VERSION_NUM $(VERSION); \
echo \#define U_BOOT_VERSION_NUM_PATCH $$(echo $(PATCHLEVEL) | \
sed -e "s/^0*//"); \
+ echo \#define HOST_ARCH $(HOST_ARCH); \
echo \#define CC_VERSION_STRING \"$$(LC_ALL=C $(CC) --version | head -n 1)\"; \
echo \#define LD_VERSION_STRING \"$$(LC_ALL=C $(LD) --version | head -n 1)\"; )
endef
@@ -2199,7 +2200,8 @@ CLEAN_FILES += include/autoconf.mk* include/bmp_logo.h include/bmp_logo_data.h \
mkimage-out.spl.mkimage mkimage.spl.mkimage imx-boot.map \
itb.fit.fit itb.fit.itb itb.map spl.map mkimage-out.rom.mkimage \
mkimage.rom.mkimage mkimage-in-simple-bin* rom.map simple-bin* \
- idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb
+ idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb \
+ Test* capsule.*.efi-capsule capsule*.map
# Directories & files removed with 'make mrproper'
MRPROPER_DIRS += include/config include/generated spl tpl vpl \
diff --git a/arch/sandbox/config.mk b/arch/sandbox/config.mk
index 1d50991..4058438 100644
--- a/arch/sandbox/config.mk
+++ b/arch/sandbox/config.mk
@@ -69,5 +69,3 @@ EFI_LDS := ${SRCDIR}/../../../arch/riscv/lib/elf_riscv64_efi.lds
endif
EFI_CRT0 := crt0_sandbox_efi.o
EFI_RELOC := reloc_sandbox_efi.o
-AFLAGS_crt0_sandbox_efi.o += -DHOST_ARCH="$(HOST_ARCH)"
-CFLAGS_reloc_sandbox_efi.o += -DHOST_ARCH="$(HOST_ARCH)"
diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts
index 12d3eff..8392206 100644
--- a/arch/sandbox/dts/sandbox.dts
+++ b/arch/sandbox/dts/sandbox.dts
@@ -106,3 +106,7 @@
#if IS_ENABLED(CONFIG_SUPPORT_VPL)
#include "sandbox_vpl.dtsi"
#endif
+
+#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)
+#include "sandbox_capsule.dtsi"
+#endif
diff --git a/arch/sandbox/dts/sandbox_capsule.dtsi b/arch/sandbox/dts/sandbox_capsule.dtsi
new file mode 100644
index 0000000..34d2991
--- /dev/null
+++ b/arch/sandbox/dts/sandbox_capsule.dtsi
@@ -0,0 +1,169 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Devicetree file with binman nodes needed for generating EFI
+ * capsules.
+ *
+ */
+
+#include <sandbox_efi_capsule.h>
+
+/ {
+ binman: binman {
+ multiple-images;
+ };
+};
+
+&binman {
+ capsule1 {
+ filename = "Test01";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule2 {
+ filename = "Test02";
+ efi-capsule {
+ image-index = <0x2>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule3 {
+ filename = "Test03";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_INCORRECT_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule4 {
+ filename = "Test101";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x5>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule5 {
+ filename = "Test102";
+ efi-capsule {
+ image-index = <0x2>;
+ fw-version = <0xa>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule6 {
+ filename = "Test103";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x2>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule7 {
+ filename = "Test11";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_PRIV_KEY;
+ public-key-cert = CAPSULE_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule8 {
+ filename = "Test12";
+ efi-capsule {
+ image-index = <0x1>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_INVAL_KEY;
+ public-key-cert = CAPSULE_INVAL_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule9 {
+ filename = "Test111";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x5>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_PRIV_KEY;
+ public-key-cert = CAPSULE_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+
+ capsule10 {
+ filename = "Test112";
+ efi-capsule {
+ image-index = <0x2>;
+ fw-version = <0xa>;
+ image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
+ private-key = CAPSULE_PRIV_KEY;
+ public-key-cert = CAPSULE_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot-env:New";
+ };
+ };
+ };
+
+ capsule11 {
+ filename = "Test113";
+ efi-capsule {
+ image-index = <0x1>;
+ fw-version = <0x2>;
+ image-guid = SANDBOX_UBOOT_IMAGE_GUID;
+ private-key = CAPSULE_PRIV_KEY;
+ public-key-cert = CAPSULE_PUB_KEY;
+ monotonic-count = <0x1>;
+
+ text {
+ text = "u-boot:New";
+ };
+ };
+ };
+};
diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts
index e264b29..a012f5c 100644
--- a/arch/sandbox/dts/test.dts
+++ b/arch/sandbox/dts/test.dts
@@ -1990,4 +1990,8 @@
#include "sandbox_vpl.dtsi"
#endif
+#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT)
+#include "sandbox_capsule.dtsi"
+#endif
+
#include "cedit.dtsi"
diff --git a/boot/Kconfig b/boot/Kconfig
index 3d7aabd..d9a6c27 100644
--- a/boot/Kconfig
+++ b/boot/Kconfig
@@ -558,6 +558,16 @@ config BOOTMETH_EFILOADER
This provides a way to try out standard boot on an existing boot flow.
+config BOOTMETH_EFI_BOOTMGR
+ bool "Bootdev support for EFI boot manager"
+ depends on EFI_BOOTMGR
+ select BOOTMETH_GLOBAL
+ default y
+ help
+ Enable booting via the UEFI boot manager. Based on the EFI variables
+ the EFI binary to be launched is determined. To set the EFI variables
+ use the eficonfig command.
+
config BOOTMETH_VBE
bool "Bootdev support for Verified Boot for Embedded"
depends on FIT
diff --git a/boot/Makefile b/boot/Makefile
index f0a279c..84ccfea 100644
--- a/boot/Makefile
+++ b/boot/Makefile
@@ -34,8 +34,8 @@ obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_CROS) += bootm.o bootm_os.o bootmeth_cros.o
obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_SANDBOX) += bootmeth_sandbox.o
obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_SCRIPT) += bootmeth_script.o
obj-$(CONFIG_$(SPL_TPL_)CEDIT) += cedit.o
+obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_EFI_BOOTMGR) += bootmeth_efi_mgr.o
ifdef CONFIG_$(SPL_TPL_)BOOTSTD_FULL
-obj-$(CONFIG_EFI_BOOTMGR) += bootmeth_efi_mgr.o
obj-$(CONFIG_$(SPL_TPL_)EXPO) += bootflow_menu.o
obj-$(CONFIG_$(SPL_TPL_)BOOTSTD) += bootflow_menu.o
endif
diff --git a/boot/bootmeth_efi.c b/boot/bootmeth_efi.c
index c4eb331..aebc520 100644
--- a/boot/bootmeth_efi.c
+++ b/boot/bootmeth_efi.c
@@ -14,6 +14,7 @@
#include <bootmeth.h>
#include <command.h>
#include <dm.h>
+#include <efi_default_filename.h>
#include <efi_loader.h>
#include <fs.h>
#include <malloc.h>
@@ -23,43 +24,7 @@
#include <pxe_utils.h>
#include <linux/sizes.h>
-#define EFI_DIRNAME "efi/boot/"
-
-/**
- * get_efi_leafname() - Get the leaf name for the EFI file we expect
- *
- * @str: Place to put leaf name for this architecture, e.g. "bootaa64.efi".
- * Must have at least 16 bytes of space
- * @max_len: Length of @str, must be >=16
- */
-static int get_efi_leafname(char *str, int max_len)
-{
- const char *base;
-
- if (max_len < 16)
- return log_msg_ret("spc", -ENOSPC);
- if (IS_ENABLED(CONFIG_ARM64))
- base = "bootaa64";
- else if (IS_ENABLED(CONFIG_ARM))
- base = "bootarm";
- else if (IS_ENABLED(CONFIG_X86_RUN_32BIT))
- base = "bootia32";
- else if (IS_ENABLED(CONFIG_X86_RUN_64BIT))
- base = "bootx64";
- else if (IS_ENABLED(CONFIG_ARCH_RV32I))
- base = "bootriscv32";
- else if (IS_ENABLED(CONFIG_ARCH_RV64I))
- base = "bootriscv64";
- else if (IS_ENABLED(CONFIG_SANDBOX))
- base = "bootsbox";
- else
- return -EINVAL;
-
- strcpy(str, base);
- strcat(str, ".efi");
-
- return 0;
-}
+#define EFI_DIRNAME "/EFI/BOOT/"
static int get_efi_pxe_arch(void)
{
@@ -259,10 +224,7 @@ static int distro_efi_try_bootflow_files(struct udevice *dev,
return -ENOENT;
strcpy(fname, EFI_DIRNAME);
- ret = get_efi_leafname(fname + strlen(fname),
- sizeof(fname) - strlen(fname));
- if (ret)
- return log_msg_ret("leaf", ret);
+ strcat(fname, BOOTEFI_NAME);
if (bflow->blk)
desc = dev_get_uclass_plat(bflow->blk);
@@ -489,7 +451,7 @@ static const struct udevice_id distro_efi_bootmeth_ids[] = {
{ }
};
-U_BOOT_DRIVER(bootmeth_efi) = {
+U_BOOT_DRIVER(bootmeth_4efi) = {
.name = "bootmeth_efi",
.id = UCLASS_BOOTMETH,
.of_match = distro_efi_bootmeth_ids,
diff --git a/boot/bootmeth_efi_mgr.c b/boot/bootmeth_efi_mgr.c
index ed29d7e..b7d429f 100644
--- a/boot/bootmeth_efi_mgr.c
+++ b/boot/bootmeth_efi_mgr.c
@@ -114,7 +114,7 @@ static const struct udevice_id efi_mgr_bootmeth_ids[] = {
{ }
};
-U_BOOT_DRIVER(bootmeth_efi_mgr) = {
+U_BOOT_DRIVER(bootmeth_3efi_mgr) = {
.name = "bootmeth_efi_mgr",
.id = UCLASS_BOOTMETH,
.of_match = efi_mgr_bootmeth_ids,
diff --git a/boot/bootmeth_pxe.c b/boot/bootmeth_pxe.c
index 8d489a1..70f693a 100644
--- a/boot/bootmeth_pxe.c
+++ b/boot/bootmeth_pxe.c
@@ -184,7 +184,7 @@ static const struct udevice_id extlinux_bootmeth_pxe_ids[] = {
{ }
};
-U_BOOT_DRIVER(bootmeth_pxe) = {
+U_BOOT_DRIVER(bootmeth_zpxe) = {
.name = "bootmeth_pxe",
.id = UCLASS_BOOTMETH,
.of_match = extlinux_bootmeth_pxe_ids,
diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig
index a62faf7..2bd4eea 100644
--- a/configs/sandbox64_defconfig
+++ b/configs/sandbox64_defconfig
@@ -135,7 +135,6 @@ CONFIG_CPU=y
CONFIG_DM_DEMO=y
CONFIG_DM_DEMO_SIMPLE=y
CONFIG_DM_DEMO_SHAPE=y
-CONFIG_DFU_SF=y
CONFIG_FASTBOOT_FLASH=y
CONFIG_FASTBOOT_FLASH_MMC_DEV=0
CONFIG_ARM_FFA_TRANSPORT=y
@@ -268,12 +267,8 @@ CONFIG_CMD_DHRYSTONE=y
CONFIG_TPM=y
CONFIG_ERRNO_STR=y
CONFIG_GETOPT=y
-CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y
-CONFIG_EFI_CAPSULE_ON_DISK=y
-CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_EFI_SECURE_BOOT=y
CONFIG_TEST_FDTDEC=y
-CONFIG_FWU_MULTI_BANK_UPDATE=y
CONFIG_UNIT_TEST=y
CONFIG_UT_TIME=y
CONFIG_UT_DM=y
diff --git a/configs/sandbox_noinst_defconfig b/configs/sandbox_noinst_defconfig
index 137b3c6..f372301 100644
--- a/configs/sandbox_noinst_defconfig
+++ b/configs/sandbox_noinst_defconfig
@@ -281,8 +281,6 @@ CONFIG_TPM=y
CONFIG_ZSTD=y
CONFIG_SPL_LZMA=y
CONFIG_ERRNO_STR=y
-CONFIG_EFI_CAPSULE_ON_DISK=y
-CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_UNIT_TEST=y
CONFIG_SPL_UNIT_TEST=y
CONFIG_UT_TIME=y
diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig
index d0cd91e..f7b92dc 100644
--- a/configs/sandbox_spl_defconfig
+++ b/configs/sandbox_spl_defconfig
@@ -249,8 +249,6 @@ CONFIG_ZSTD=y
CONFIG_SPL_LZMA=y
CONFIG_ERRNO_STR=y
CONFIG_SPL_HEXDUMP=y
-CONFIG_EFI_CAPSULE_ON_DISK=y
-CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_UNIT_TEST=y
CONFIG_SPL_UNIT_TEST=y
CONFIG_UT_TIME=y
diff --git a/configs/sandbox_vpl_defconfig b/configs/sandbox_vpl_defconfig
index b138b35..72483d8 100644
--- a/configs/sandbox_vpl_defconfig
+++ b/configs/sandbox_vpl_defconfig
@@ -252,8 +252,6 @@ CONFIG_TPM=y
CONFIG_ZSTD=y
# CONFIG_VPL_LZMA is not set
CONFIG_ERRNO_STR=y
-CONFIG_EFI_CAPSULE_ON_DISK=y
-CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_UNIT_TEST=y
CONFIG_SPL_UNIT_TEST=y
CONFIG_UT_TIME=y
diff --git a/doc/usage/cmd/itest.rst b/doc/usage/cmd/itest.rst
index ab933db..9c307fb 100644
--- a/doc/usage/cmd/itest.rst
+++ b/doc/usage/cmd/itest.rst
@@ -86,6 +86,8 @@ Numbers will be truncated according to the postfix before comparing:
Postfix .s causes a string compare. The string '0xa1234' is alphabetically
smaller than '0xb'.
+::
+
=> if itest.s 0xa1234 < 0xb; then echo true; else echo false; fi
true
diff --git a/doc/usage/partitions.rst b/doc/usage/partitions.rst
index 628469b..acf4573 100644
--- a/doc/usage/partitions.rst
+++ b/doc/usage/partitions.rst
@@ -44,9 +44,20 @@ partname
<devtype><devletter><partnum>
devtype
- A device type like ``mmcsd`` or ``hd``. See the
- ``part_set_generic_name`` function in ``disk/part.c`` for a
- complete list.
+ The devtype field is set in dependence of the device class:
+
+ ======= ===============
+ devtype device class
+ ======= ===============
+ hd IDE or SATA
+ sd SCSI
+ usbd USB
+ mmcsd eMMC or SD-card
+ xx others
+ ======= ===============
+
+ See the ``part_set_generic_name`` function in ``disk/part.c``
+ for the complete list.
devletter
The device number as an offset from ``a``. For example, device
diff --git a/include/efi.h b/include/efi.h
index f0e5faa..c3c4b93 100644
--- a/include/efi.h
+++ b/include/efi.h
@@ -492,13 +492,14 @@ extern char _binary_u_boot_bin_start[], _binary_u_boot_bin_end[];
/*
* Variable Attributes
*/
-#define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001
-#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002
-#define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004
-#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x0000000000000008
-#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x0000000000000010
-#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x0000000000000020
-#define EFI_VARIABLE_APPEND_WRITE 0x0000000000000040
+#define EFI_VARIABLE_NON_VOLATILE 0x00000001
+#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002
+#define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004
+#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x00000008
+#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010
+#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x00000020
+#define EFI_VARIABLE_APPEND_WRITE 0x00000040
+#define EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS 0x00000080
#define EFI_VARIABLE_MASK (EFI_VARIABLE_NON_VOLATILE | \
EFI_VARIABLE_BOOTSERVICE_ACCESS | \
@@ -506,7 +507,8 @@ extern char _binary_u_boot_bin_start[], _binary_u_boot_bin_end[];
EFI_VARIABLE_HARDWARE_ERROR_RECORD | \
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \
- EFI_VARIABLE_APPEND_WRITE)
+ EFI_VARIABLE_APPEND_WRITE | \
+ EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS)
/**
* efi_get_priv() - Get access to the EFI-private information
diff --git a/include/efi_variable.h b/include/efi_variable.h
index 805e6c5..42a2b7c 100644
--- a/include/efi_variable.h
+++ b/include/efi_variable.h
@@ -8,7 +8,7 @@
#include <linux/bitops.h>
-#define EFI_VARIABLE_READ_ONLY BIT(31)
+#define EFI_VARIABLE_READ_ONLY 0x80000000
enum efi_auth_var_type {
EFI_AUTH_VAR_NONE = 0,
diff --git a/include/host_arch.h b/include/host_arch.h
index 169d494..261194b 100644
--- a/include/host_arch.h
+++ b/include/host_arch.h
@@ -16,6 +16,8 @@ export HOST_ARCH_X86=0x0386
export HOST_ARCH_X86_64=0x8664
#endif
+#include <version.h>
+
#define HOST_ARCH_AARCH64 0xaa64
#define HOST_ARCH_ARM 0x00a7
#define HOST_ARCH_RISCV32 0x5032
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index a7c3e05..e13a6f9 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -44,7 +44,6 @@ config EFI_BINARY_EXEC
config EFI_BOOTMGR
bool "UEFI Boot Manager"
default y
- select BOOTMETH_GLOBAL if BOOTSTD
help
Select this option if you want to select the UEFI binary to be booted
via UEFI variables Boot####, BootOrder, and BootNext. You should also
diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile
index fcb0af7..086521f 100644
--- a/lib/efi_loader/Makefile
+++ b/lib/efi_loader/Makefile
@@ -6,8 +6,7 @@
# This file only gets included with CONFIG_EFI_LOADER set, so all
# object inclusion implicitly depends on it
-asflags-y += -DHOST_ARCH="$(HOST_ARCH)" -I.
-ccflags-y += -DHOST_ARCH="$(HOST_ARCH)"
+asflags-y += -I.
CFLAGS_efi_boottime.o += \
-DFW_VERSION="0x$(VERSION)" \
diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c
index edfad2d..aba3100 100644
--- a/lib/efi_loader/efi_memory.c
+++ b/lib/efi_loader/efi_memory.c
@@ -933,8 +933,8 @@ static void add_u_boot_and_runtime(void)
* Add Runtime Services. We mark surrounding boottime code as runtime as
* well to fulfill the runtime alignment constraints but avoid padding.
*/
- runtime_start = (ulong)&__efi_runtime_start & ~runtime_mask;
- runtime_end = (ulong)&__efi_runtime_stop;
+ runtime_start = (uintptr_t)__efi_runtime_start & ~runtime_mask;
+ runtime_end = (uintptr_t)__efi_runtime_stop;
runtime_end = (runtime_end + runtime_mask) & ~runtime_mask;
runtime_pages = (runtime_end - runtime_start) >> EFI_PAGE_SHIFT;
efi_add_memory_map_pg(runtime_start, runtime_pages,
diff --git a/lib/efi_loader/efi_runtime.c b/lib/efi_loader/efi_runtime.c
index 9185f18..a61c9a7 100644
--- a/lib/efi_loader/efi_runtime.c
+++ b/lib/efi_loader/efi_runtime.c
@@ -669,14 +669,14 @@ static __efi_runtime void efi_relocate_runtime_table(ulong offset)
void efi_runtime_relocate(ulong offset, struct efi_mem_desc *map)
{
#ifdef IS_RELA
- struct elf_rela *rel = (void*)&__efi_runtime_rel_start;
+ struct elf_rela *rel = (void *)__efi_runtime_rel_start;
#else
- struct elf_rel *rel = (void*)&__efi_runtime_rel_start;
+ struct elf_rel *rel = (void *)__efi_runtime_rel_start;
static ulong lastoff = CONFIG_TEXT_BASE;
#endif
debug("%s: Relocating to offset=%lx\n", __func__, offset);
- for (; (ulong)rel < (ulong)&__efi_runtime_rel_stop; rel++) {
+ for (; (uintptr_t)rel < (uintptr_t)__efi_runtime_rel_stop; rel++) {
ulong base = CONFIG_TEXT_BASE;
ulong *p;
ulong newaddr;
diff --git a/lib/efi_loader/efi_var_common.c b/lib/efi_loader/efi_var_common.c
index d528747..16b2c3d 100644
--- a/lib/efi_loader/efi_var_common.c
+++ b/lib/efi_loader/efi_var_common.c
@@ -99,7 +99,7 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
data_size, data);
/* Make sure that the EFI_VARIABLE_READ_ONLY flag is not set */
- if (attributes & ~(u32)EFI_VARIABLE_MASK)
+ if (attributes & ~EFI_VARIABLE_MASK)
ret = EFI_INVALID_PARAMETER;
else
ret = efi_set_variable_int(variable_name, vendor, attributes,
diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
index 40f7a0f..2951dc7 100644
--- a/lib/efi_loader/efi_variable.c
+++ b/lib/efi_loader/efi_variable.c
@@ -235,8 +235,12 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
if (data_size && !data)
return EFI_INVALID_PARAMETER;
- /* EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated */
- if (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
+ /*
+ * EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated.
+ * We don't support EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS.
+ */
+ if (attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \
+ EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS))
return EFI_UNSUPPORTED;
/* Make sure if runtime bit is set, boot service bit is set also */
@@ -259,7 +263,7 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
/* check if a variable exists */
var = efi_var_mem_find(vendor, variable_name, NULL);
append = !!(attributes & EFI_VARIABLE_APPEND_WRITE);
- attributes &= ~(u32)EFI_VARIABLE_APPEND_WRITE;
+ attributes &= ~EFI_VARIABLE_APPEND_WRITE;
delete = !append && (!data_size || !attributes);
/* check attributes */
@@ -276,17 +280,27 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
/* attributes won't be changed */
if (!delete &&
((ro_check && var->attr != attributes) ||
- (!ro_check && ((var->attr & ~(u32)EFI_VARIABLE_READ_ONLY)
- != (attributes & ~(u32)EFI_VARIABLE_READ_ONLY))))) {
+ (!ro_check && ((var->attr & ~EFI_VARIABLE_READ_ONLY)
+ != (attributes & ~EFI_VARIABLE_READ_ONLY))))) {
return EFI_INVALID_PARAMETER;
}
time = var->time;
} else {
- if (delete || append)
- /*
- * Trying to delete or to update a non-existent
- * variable.
- */
+ /*
+ * UEFI specification does not clearly describe the expected
+ * behavior of append write with data size 0, we follow
+ * the EDK II reference implementation.
+ */
+ if (append && !data_size)
+ return EFI_SUCCESS;
+
+ /*
+ * EFI_VARIABLE_APPEND_WRITE to non-existent variable is accepted
+ * and new variable is created in EDK II reference implementation.
+ * We follow it and only check the deletion here.
+ */
+ if (delete)
+ /* Trying to delete a non-existent variable. */
return EFI_NOT_FOUND;
}
@@ -329,7 +343,11 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
/* EFI_NOT_FOUND has been handled before */
attributes = var->attr;
ret = EFI_SUCCESS;
- } else if (append) {
+ } else if (append && var) {
+ /*
+ * data is appended if EFI_VARIABLE_APPEND_WRITE is set and
+ * variable exists.
+ */
u16 *old_data = var->name;
for (; *old_data; ++old_data)
@@ -342,11 +360,12 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
ret = efi_var_mem_ins(variable_name, vendor, attributes,
data_size, data, 0, NULL, time);
}
- efi_var_mem_del(var);
if (ret != EFI_SUCCESS)
return ret;
+ efi_var_mem_del(var);
+
if (var_type == EFI_AUTH_VAR_PK)
ret = efi_init_secure_state();
else
@@ -384,7 +403,7 @@ efi_status_t efi_query_variable_info_int(u32 attributes,
EFI_VARIABLE_RUNTIME_ACCESS)
return EFI_INVALID_PARAMETER;
- if (attributes & ~(u32)EFI_VARIABLE_MASK)
+ if (attributes & ~EFI_VARIABLE_MASK)
return EFI_INVALID_PARAMETER;
*maximum_variable_storage_size = EFI_VAR_BUF_SIZE -
diff --git a/lib/efi_selftest/efi_selftest_variables.c b/lib/efi_selftest/efi_selftest_variables.c
index c7a3fdb..39ad03a0 100644
--- a/lib/efi_selftest/efi_selftest_variables.c
+++ b/lib/efi_selftest/efi_selftest_variables.c
@@ -131,13 +131,57 @@ static int execute(void)
(unsigned int)len);
if (memcmp(data, v, len))
efi_st_todo("GetVariable returned wrong value\n");
- /* Append variable 2 */
+
+ /* Append variable 2, write to non-existent variable with datasize=0 */
+ ret = runtime->set_variable(u"efi_none", &guid_vendor1,
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_APPEND_WRITE,
+ 0, v);
+ if (ret != EFI_SUCCESS) {
+ efi_st_error(
+ "SetVariable(APPEND_WRITE) with size 0 to non-existent variable returns wrong code\n");
+ return EFI_ST_FAILURE;
+ }
+ len = EFI_ST_MAX_DATA_SIZE;
+ ret = runtime->get_variable(u"efi_none", &guid_vendor1,
+ &attr, &len, data);
+ if (ret != EFI_NOT_FOUND) {
+ efi_st_error("Variable must not be created\n");
+ return EFI_ST_FAILURE;
+ }
+ /* Append variable 2, write to non-existent variable with valid data size*/
ret = runtime->set_variable(u"efi_none", &guid_vendor1,
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_APPEND_WRITE,
15, v);
+ if (ret != EFI_SUCCESS) {
+ efi_st_error("SetVariable(APPEND_WRITE) with valid size and data to non-existent variable must be succcessful\n");
+ return EFI_ST_FAILURE;
+ }
+ len = EFI_ST_MAX_DATA_SIZE;
+ ret = runtime->get_variable(u"efi_none", &guid_vendor1,
+ &attr, &len, data);
+ if (ret != EFI_SUCCESS) {
+ efi_st_error("GetVariable failed\n");
+ return EFI_ST_FAILURE;
+ }
+ if (len != 15)
+ efi_st_todo("GetVariable returned wrong length %u\n",
+ (unsigned int)len);
+ if (memcmp(data, v, len))
+ efi_st_todo("GetVariable returned wrong value\n");
+ /* Delete variable efi_none */
+ ret = runtime->set_variable(u"efi_none", &guid_vendor1,
+ 0, 0, NULL);
+ if (ret != EFI_SUCCESS) {
+ efi_st_error("SetVariable failed\n");
+ return EFI_ST_FAILURE;
+ }
+ len = EFI_ST_MAX_DATA_SIZE;
+ ret = runtime->get_variable(u"efi_none", &guid_vendor1,
+ &attr, &len, data);
if (ret != EFI_NOT_FOUND) {
- efi_st_error("SetVariable(APPEND_WRITE) with size 0 to non-existent variable returns wrong code\n");
+ efi_st_error("Variable was not deleted\n");
return EFI_ST_FAILURE;
}
/* Enumerate variables */
diff --git a/test/boot/bootflow.c b/test/boot/bootflow.c
index 4845b71..674d4c0 100644
--- a/test/boot/bootflow.c
+++ b/test/boot/bootflow.c
@@ -13,6 +13,7 @@
#include <bootstd.h>
#include <cli.h>
#include <dm.h>
+#include <efi_default_filename.h>
#include <expo.h>
#ifdef CONFIG_SANDBOX
#include <asm/test.h>
@@ -179,7 +180,8 @@ static int bootflow_cmd_scan_e(struct unit_test_state *uts)
ut_assert_nextline(" 3 efi media mmc 0 mmc1.bootdev.whole ");
ut_assert_nextline(" ** No partition found, err=-2: No such file or directory");
ut_assert_nextline(" 4 extlinux ready mmc 1 mmc1.bootdev.part_1 /extlinux/extlinux.conf");
- ut_assert_nextline(" 5 efi fs mmc 1 mmc1.bootdev.part_1 efi/boot/bootsbox.efi");
+ ut_assert_nextline(" 5 efi fs mmc 1 mmc1.bootdev.part_1 /EFI/BOOT/"
+ BOOTEFI_NAME);
ut_assert_skip_to_line("Scanning bootdev 'mmc0.bootdev':");
ut_assert_skip_to_line(
@@ -377,7 +379,7 @@ static int bootflow_system(struct unit_test_state *uts)
if (!IS_ENABLED(CONFIG_EFI_BOOTMGR))
return -EAGAIN;
ut_assertok(uclass_first_device_err(UCLASS_BOOTSTD, &bootstd));
- ut_assertok(device_bind(bootstd, DM_DRIVER_GET(bootmeth_efi_mgr),
+ ut_assertok(device_bind(bootstd, DM_DRIVER_GET(bootmeth_3efi_mgr),
"efi_mgr", 0, ofnode_null(), &dev));
ut_assertok(device_probe(dev));
sandbox_set_fake_efi_mgr_dev(dev, true);
diff --git a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
index e8a1858..1a62c26 100644
--- a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
+++ b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts
@@ -55,42 +55,6 @@
};
capsule1 {
- filename = "Test01";
- efi-capsule {
- image-index = <0x1>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule2 {
- filename = "Test02";
- efi-capsule {
- image-index = <0x2>;
- image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
-
- text {
- text = "u-boot-env:New";
- };
- };
- };
-
- capsule3 {
- filename = "Test03";
- efi-capsule {
- image-index = <0x1>;
- image-guid = SANDBOX_INCORRECT_GUID;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule4 {
filename = "Test04";
efi-capsule {
image-index = <0x1>;
@@ -102,7 +66,7 @@
};
};
- capsule5 {
+ capsule2 {
filename = "Test05";
efi-capsule {
image-index = <0x1>;
@@ -114,46 +78,7 @@
};
};
- capsule6 {
- filename = "Test101";
- efi-capsule {
- image-index = <0x1>;
- fw-version = <0x5>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule7 {
- filename = "Test102";
- efi-capsule {
- image-index = <0x2>;
- fw-version = <0xa>;
- image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
-
- text {
- text = "u-boot-env:New";
- };
- };
- };
-
- capsule8 {
- filename = "Test103";
- efi-capsule {
- image-index = <0x1>;
- fw-version = <0x2>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule9 {
+ capsule3 {
filename = "Test104";
efi-capsule {
image-index = <0x1>;
@@ -166,7 +91,7 @@
};
};
- capsule10 {
+ capsule4 {
filename = "Test105";
efi-capsule {
image-index = <0x1>;
@@ -179,37 +104,7 @@
};
};
- capsule11 {
- filename = "Test11";
- efi-capsule {
- image-index = <0x1>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
- private-key = CAPSULE_PRIV_KEY;
- public-key-cert = CAPSULE_PUB_KEY;
- monotonic-count = <0x1>;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule12 {
- filename = "Test12";
- efi-capsule {
- image-index = <0x1>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
- private-key = CAPSULE_INVAL_KEY;
- public-key-cert = CAPSULE_INVAL_PUB_KEY;
- monotonic-count = <0x1>;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule13 {
+ capsule5 {
filename = "Test13";
efi-capsule {
image-index = <0x1>;
@@ -224,7 +119,7 @@
};
};
- capsule14 {
+ capsule6 {
filename = "Test14";
efi-capsule {
image-index = <0x1>;
@@ -239,55 +134,7 @@
};
};
- capsule15 {
- filename = "Test111";
- efi-capsule {
- image-index = <0x1>;
- fw-version = <0x5>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
- private-key = CAPSULE_PRIV_KEY;
- public-key-cert = CAPSULE_PUB_KEY;
- monotonic-count = <0x1>;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule16 {
- filename = "Test112";
- efi-capsule {
- image-index = <0x2>;
- fw-version = <0xa>;
- image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID;
- private-key = CAPSULE_PRIV_KEY;
- public-key-cert = CAPSULE_PUB_KEY;
- monotonic-count = <0x1>;
-
- text {
- text = "u-boot-env:New";
- };
- };
- };
-
- capsule17 {
- filename = "Test113";
- efi-capsule {
- image-index = <0x1>;
- fw-version = <0x2>;
- image-guid = SANDBOX_UBOOT_IMAGE_GUID;
- private-key = CAPSULE_PRIV_KEY;
- public-key-cert = CAPSULE_PUB_KEY;
- monotonic-count = <0x1>;
-
- text {
- text = "u-boot:New";
- };
- };
- };
-
- capsule18 {
+ capsule7 {
filename = "Test114";
efi-capsule {
image-index = <0x1>;
@@ -303,7 +150,7 @@
};
};
- capsule19 {
+ capsule8 {
filename = "Test115";
efi-capsule {
image-index = <0x1>;
diff --git a/test/py/tests/test_efi_capsule/conftest.py b/test/py/tests/test_efi_capsule/conftest.py
index dd41da9..80b1297 100644
--- a/test/py/tests/test_efi_capsule/conftest.py
+++ b/test/py/tests/test_efi_capsule/conftest.py
@@ -85,6 +85,7 @@ def efi_capsule_data(request, u_boot_config):
check_call('cd %s; '
'./tools/binman/binman --toolpath %s/tools build -u -d %s/capsule_binman.dtb -O %s -m --allow-missing -I %s -I ./board/sandbox -I ./arch/sandbox/dts'
% (u_boot_config.source_dir, u_boot_config.build_dir, data_dir, data_dir, data_dir), shell=True)
+ check_call('cp %s/Test* %s' % (u_boot_config.build_dir, data_dir), shell=True)
os.environ['PYTHONPATH'] = pythonpath
# Create a disk image with EFI system partition