diff options
author | Tom Rini <trini@konsulko.com> | 2024-04-08 14:33:59 -0600 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2024-04-08 14:33:59 -0600 |
commit | 069d07396e30aa9be396c1dd3fc158ac199e6843 (patch) | |
tree | f4f2b1af27384f789e5531f9a98cf61ad7f2cdf3 | |
parent | 9cba29b19f43f9450117e8bc89e7dda691ed5ab5 (diff) | |
parent | 3f8d13044b32ddd906bb9f2fc705b988ec93df35 (diff) | |
download | u-boot-WIP/08Apr2024.zip u-boot-WIP/08Apr2024.tar.gz u-boot-WIP/08Apr2024.tar.bz2 |
Merge tag 'efi-2024-07-rc1' of https://source.denx.de/u-boot/custodians/u-boot-efiWIP/08Apr2024
Pull request efi-2024-07-rc1
Documentation:
* improve description of FAT partition name generation
* add missing :: in doc/usage/cmd/itest.rst
UEFI:
* fix address mode for __efi_runtime_start/stop,
__efi_runtime_rel_start/stop
* fix size of variable attribute constants
* enable booting via EFI boot manager by default
* correct the sequence of the EFI boot methods
* correct finding the default EFI binary
* don't delete variable from memory if update failed
* fix append write behavior to non-existent variable
* Use binman for testing capsule updates on the sandbox
* Consider capsule test files in .gitignore and make clean
30 files changed, 326 insertions, 257 deletions
@@ -64,6 +64,9 @@ fit-dtb.blob* /tpl/ /defconfig /generated_defconfig +/Test* +/capsule.*.efi-capsule +/capsule*.map # # Generated include files @@ -1963,6 +1963,7 @@ define filechk_version.h echo \#define U_BOOT_VERSION_NUM $(VERSION); \ echo \#define U_BOOT_VERSION_NUM_PATCH $$(echo $(PATCHLEVEL) | \ sed -e "s/^0*//"); \ + echo \#define HOST_ARCH $(HOST_ARCH); \ echo \#define CC_VERSION_STRING \"$$(LC_ALL=C $(CC) --version | head -n 1)\"; \ echo \#define LD_VERSION_STRING \"$$(LC_ALL=C $(LD) --version | head -n 1)\"; ) endef @@ -2199,7 +2200,8 @@ CLEAN_FILES += include/autoconf.mk* include/bmp_logo.h include/bmp_logo_data.h \ mkimage-out.spl.mkimage mkimage.spl.mkimage imx-boot.map \ itb.fit.fit itb.fit.itb itb.map spl.map mkimage-out.rom.mkimage \ mkimage.rom.mkimage mkimage-in-simple-bin* rom.map simple-bin* \ - idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb + idbloader-spi.img lib/efi_loader/helloworld_efi.S *.itb \ + Test* capsule.*.efi-capsule capsule*.map # Directories & files removed with 'make mrproper' MRPROPER_DIRS += include/config include/generated spl tpl vpl \ diff --git a/arch/sandbox/config.mk b/arch/sandbox/config.mk index 1d50991..4058438 100644 --- a/arch/sandbox/config.mk +++ b/arch/sandbox/config.mk @@ -69,5 +69,3 @@ EFI_LDS := ${SRCDIR}/../../../arch/riscv/lib/elf_riscv64_efi.lds endif EFI_CRT0 := crt0_sandbox_efi.o EFI_RELOC := reloc_sandbox_efi.o -AFLAGS_crt0_sandbox_efi.o += -DHOST_ARCH="$(HOST_ARCH)" -CFLAGS_reloc_sandbox_efi.o += -DHOST_ARCH="$(HOST_ARCH)" diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts index 12d3eff..8392206 100644 --- a/arch/sandbox/dts/sandbox.dts +++ b/arch/sandbox/dts/sandbox.dts @@ -106,3 +106,7 @@ #if IS_ENABLED(CONFIG_SUPPORT_VPL) #include "sandbox_vpl.dtsi" #endif + +#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT) +#include "sandbox_capsule.dtsi" +#endif diff --git a/arch/sandbox/dts/sandbox_capsule.dtsi b/arch/sandbox/dts/sandbox_capsule.dtsi new file mode 100644 index 0000000..34d2991 --- /dev/null +++ b/arch/sandbox/dts/sandbox_capsule.dtsi @@ -0,0 +1,169 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Devicetree file with binman nodes needed for generating EFI + * capsules. + * + */ + +#include <sandbox_efi_capsule.h> + +/ { + binman: binman { + multiple-images; + }; +}; + +&binman { + capsule1 { + filename = "Test01"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule2 { + filename = "Test02"; + efi-capsule { + image-index = <0x2>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule3 { + filename = "Test03"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_INCORRECT_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule4 { + filename = "Test101"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule5 { + filename = "Test102"; + efi-capsule { + image-index = <0x2>; + fw-version = <0xa>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule6 { + filename = "Test103"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule7 { + filename = "Test11"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule8 { + filename = "Test12"; + efi-capsule { + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_INVAL_KEY; + public-key-cert = CAPSULE_INVAL_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule9 { + filename = "Test111"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule10 { + filename = "Test112"; + efi-capsule { + image-index = <0x2>; + fw-version = <0xa>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule11 { + filename = "Test113"; + efi-capsule { + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; +}; diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts index e264b29..a012f5c 100644 --- a/arch/sandbox/dts/test.dts +++ b/arch/sandbox/dts/test.dts @@ -1990,4 +1990,8 @@ #include "sandbox_vpl.dtsi" #endif +#if IS_ENABLED(CONFIG_EFI_HAVE_CAPSULE_SUPPORT) +#include "sandbox_capsule.dtsi" +#endif + #include "cedit.dtsi" diff --git a/boot/Kconfig b/boot/Kconfig index 3d7aabd..d9a6c27 100644 --- a/boot/Kconfig +++ b/boot/Kconfig @@ -558,6 +558,16 @@ config BOOTMETH_EFILOADER This provides a way to try out standard boot on an existing boot flow. +config BOOTMETH_EFI_BOOTMGR + bool "Bootdev support for EFI boot manager" + depends on EFI_BOOTMGR + select BOOTMETH_GLOBAL + default y + help + Enable booting via the UEFI boot manager. Based on the EFI variables + the EFI binary to be launched is determined. To set the EFI variables + use the eficonfig command. + config BOOTMETH_VBE bool "Bootdev support for Verified Boot for Embedded" depends on FIT diff --git a/boot/Makefile b/boot/Makefile index f0a279c..84ccfea 100644 --- a/boot/Makefile +++ b/boot/Makefile @@ -34,8 +34,8 @@ obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_CROS) += bootm.o bootm_os.o bootmeth_cros.o obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_SANDBOX) += bootmeth_sandbox.o obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_SCRIPT) += bootmeth_script.o obj-$(CONFIG_$(SPL_TPL_)CEDIT) += cedit.o +obj-$(CONFIG_$(SPL_TPL_)BOOTMETH_EFI_BOOTMGR) += bootmeth_efi_mgr.o ifdef CONFIG_$(SPL_TPL_)BOOTSTD_FULL -obj-$(CONFIG_EFI_BOOTMGR) += bootmeth_efi_mgr.o obj-$(CONFIG_$(SPL_TPL_)EXPO) += bootflow_menu.o obj-$(CONFIG_$(SPL_TPL_)BOOTSTD) += bootflow_menu.o endif diff --git a/boot/bootmeth_efi.c b/boot/bootmeth_efi.c index c4eb331..aebc520 100644 --- a/boot/bootmeth_efi.c +++ b/boot/bootmeth_efi.c @@ -14,6 +14,7 @@ #include <bootmeth.h> #include <command.h> #include <dm.h> +#include <efi_default_filename.h> #include <efi_loader.h> #include <fs.h> #include <malloc.h> @@ -23,43 +24,7 @@ #include <pxe_utils.h> #include <linux/sizes.h> -#define EFI_DIRNAME "efi/boot/" - -/** - * get_efi_leafname() - Get the leaf name for the EFI file we expect - * - * @str: Place to put leaf name for this architecture, e.g. "bootaa64.efi". - * Must have at least 16 bytes of space - * @max_len: Length of @str, must be >=16 - */ -static int get_efi_leafname(char *str, int max_len) -{ - const char *base; - - if (max_len < 16) - return log_msg_ret("spc", -ENOSPC); - if (IS_ENABLED(CONFIG_ARM64)) - base = "bootaa64"; - else if (IS_ENABLED(CONFIG_ARM)) - base = "bootarm"; - else if (IS_ENABLED(CONFIG_X86_RUN_32BIT)) - base = "bootia32"; - else if (IS_ENABLED(CONFIG_X86_RUN_64BIT)) - base = "bootx64"; - else if (IS_ENABLED(CONFIG_ARCH_RV32I)) - base = "bootriscv32"; - else if (IS_ENABLED(CONFIG_ARCH_RV64I)) - base = "bootriscv64"; - else if (IS_ENABLED(CONFIG_SANDBOX)) - base = "bootsbox"; - else - return -EINVAL; - - strcpy(str, base); - strcat(str, ".efi"); - - return 0; -} +#define EFI_DIRNAME "/EFI/BOOT/" static int get_efi_pxe_arch(void) { @@ -259,10 +224,7 @@ static int distro_efi_try_bootflow_files(struct udevice *dev, return -ENOENT; strcpy(fname, EFI_DIRNAME); - ret = get_efi_leafname(fname + strlen(fname), - sizeof(fname) - strlen(fname)); - if (ret) - return log_msg_ret("leaf", ret); + strcat(fname, BOOTEFI_NAME); if (bflow->blk) desc = dev_get_uclass_plat(bflow->blk); @@ -489,7 +451,7 @@ static const struct udevice_id distro_efi_bootmeth_ids[] = { { } }; -U_BOOT_DRIVER(bootmeth_efi) = { +U_BOOT_DRIVER(bootmeth_4efi) = { .name = "bootmeth_efi", .id = UCLASS_BOOTMETH, .of_match = distro_efi_bootmeth_ids, diff --git a/boot/bootmeth_efi_mgr.c b/boot/bootmeth_efi_mgr.c index ed29d7e..b7d429f 100644 --- a/boot/bootmeth_efi_mgr.c +++ b/boot/bootmeth_efi_mgr.c @@ -114,7 +114,7 @@ static const struct udevice_id efi_mgr_bootmeth_ids[] = { { } }; -U_BOOT_DRIVER(bootmeth_efi_mgr) = { +U_BOOT_DRIVER(bootmeth_3efi_mgr) = { .name = "bootmeth_efi_mgr", .id = UCLASS_BOOTMETH, .of_match = efi_mgr_bootmeth_ids, diff --git a/boot/bootmeth_pxe.c b/boot/bootmeth_pxe.c index 8d489a1..70f693a 100644 --- a/boot/bootmeth_pxe.c +++ b/boot/bootmeth_pxe.c @@ -184,7 +184,7 @@ static const struct udevice_id extlinux_bootmeth_pxe_ids[] = { { } }; -U_BOOT_DRIVER(bootmeth_pxe) = { +U_BOOT_DRIVER(bootmeth_zpxe) = { .name = "bootmeth_pxe", .id = UCLASS_BOOTMETH, .of_match = extlinux_bootmeth_pxe_ids, diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index a62faf7..2bd4eea 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -135,7 +135,6 @@ CONFIG_CPU=y CONFIG_DM_DEMO=y CONFIG_DM_DEMO_SIMPLE=y CONFIG_DM_DEMO_SHAPE=y -CONFIG_DFU_SF=y CONFIG_FASTBOOT_FLASH=y CONFIG_FASTBOOT_FLASH_MMC_DEV=0 CONFIG_ARM_FFA_TRANSPORT=y @@ -268,12 +267,8 @@ CONFIG_CMD_DHRYSTONE=y CONFIG_TPM=y CONFIG_ERRNO_STR=y CONFIG_GETOPT=y -CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_SECURE_BOOT=y CONFIG_TEST_FDTDEC=y -CONFIG_FWU_MULTI_BANK_UPDATE=y CONFIG_UNIT_TEST=y CONFIG_UT_TIME=y CONFIG_UT_DM=y diff --git a/configs/sandbox_noinst_defconfig b/configs/sandbox_noinst_defconfig index 137b3c6..f372301 100644 --- a/configs/sandbox_noinst_defconfig +++ b/configs/sandbox_noinst_defconfig @@ -281,8 +281,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig index d0cd91e..f7b92dc 100644 --- a/configs/sandbox_spl_defconfig +++ b/configs/sandbox_spl_defconfig @@ -249,8 +249,6 @@ CONFIG_ZSTD=y CONFIG_SPL_LZMA=y CONFIG_ERRNO_STR=y CONFIG_SPL_HEXDUMP=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/configs/sandbox_vpl_defconfig b/configs/sandbox_vpl_defconfig index b138b35..72483d8 100644 --- a/configs/sandbox_vpl_defconfig +++ b/configs/sandbox_vpl_defconfig @@ -252,8 +252,6 @@ CONFIG_TPM=y CONFIG_ZSTD=y # CONFIG_VPL_LZMA is not set CONFIG_ERRNO_STR=y -CONFIG_EFI_CAPSULE_ON_DISK=y -CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_UNIT_TEST=y CONFIG_SPL_UNIT_TEST=y CONFIG_UT_TIME=y diff --git a/doc/usage/cmd/itest.rst b/doc/usage/cmd/itest.rst index ab933db..9c307fb 100644 --- a/doc/usage/cmd/itest.rst +++ b/doc/usage/cmd/itest.rst @@ -86,6 +86,8 @@ Numbers will be truncated according to the postfix before comparing: Postfix .s causes a string compare. The string '0xa1234' is alphabetically smaller than '0xb'. +:: + => if itest.s 0xa1234 < 0xb; then echo true; else echo false; fi true diff --git a/doc/usage/partitions.rst b/doc/usage/partitions.rst index 628469b..acf4573 100644 --- a/doc/usage/partitions.rst +++ b/doc/usage/partitions.rst @@ -44,9 +44,20 @@ partname <devtype><devletter><partnum> devtype - A device type like ``mmcsd`` or ``hd``. See the - ``part_set_generic_name`` function in ``disk/part.c`` for a - complete list. + The devtype field is set in dependence of the device class: + + ======= =============== + devtype device class + ======= =============== + hd IDE or SATA + sd SCSI + usbd USB + mmcsd eMMC or SD-card + xx others + ======= =============== + + See the ``part_set_generic_name`` function in ``disk/part.c`` + for the complete list. devletter The device number as an offset from ``a``. For example, device diff --git a/include/efi.h b/include/efi.h index f0e5faa..c3c4b93 100644 --- a/include/efi.h +++ b/include/efi.h @@ -492,13 +492,14 @@ extern char _binary_u_boot_bin_start[], _binary_u_boot_bin_end[]; /* * Variable Attributes */ -#define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001 -#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002 -#define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004 -#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x0000000000000008 -#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x0000000000000010 -#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x0000000000000020 -#define EFI_VARIABLE_APPEND_WRITE 0x0000000000000040 +#define EFI_VARIABLE_NON_VOLATILE 0x00000001 +#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002 +#define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004 +#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x00000008 +#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010 +#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x00000020 +#define EFI_VARIABLE_APPEND_WRITE 0x00000040 +#define EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS 0x00000080 #define EFI_VARIABLE_MASK (EFI_VARIABLE_NON_VOLATILE | \ EFI_VARIABLE_BOOTSERVICE_ACCESS | \ @@ -506,7 +507,8 @@ extern char _binary_u_boot_bin_start[], _binary_u_boot_bin_end[]; EFI_VARIABLE_HARDWARE_ERROR_RECORD | \ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \ - EFI_VARIABLE_APPEND_WRITE) + EFI_VARIABLE_APPEND_WRITE | \ + EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS) /** * efi_get_priv() - Get access to the EFI-private information diff --git a/include/efi_variable.h b/include/efi_variable.h index 805e6c5..42a2b7c 100644 --- a/include/efi_variable.h +++ b/include/efi_variable.h @@ -8,7 +8,7 @@ #include <linux/bitops.h> -#define EFI_VARIABLE_READ_ONLY BIT(31) +#define EFI_VARIABLE_READ_ONLY 0x80000000 enum efi_auth_var_type { EFI_AUTH_VAR_NONE = 0, diff --git a/include/host_arch.h b/include/host_arch.h index 169d494..261194b 100644 --- a/include/host_arch.h +++ b/include/host_arch.h @@ -16,6 +16,8 @@ export HOST_ARCH_X86=0x0386 export HOST_ARCH_X86_64=0x8664 #endif +#include <version.h> + #define HOST_ARCH_AARCH64 0xaa64 #define HOST_ARCH_ARM 0x00a7 #define HOST_ARCH_RISCV32 0x5032 diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index a7c3e05..e13a6f9 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -44,7 +44,6 @@ config EFI_BINARY_EXEC config EFI_BOOTMGR bool "UEFI Boot Manager" default y - select BOOTMETH_GLOBAL if BOOTSTD help Select this option if you want to select the UEFI binary to be booted via UEFI variables Boot####, BootOrder, and BootNext. You should also diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile index fcb0af7..086521f 100644 --- a/lib/efi_loader/Makefile +++ b/lib/efi_loader/Makefile @@ -6,8 +6,7 @@ # This file only gets included with CONFIG_EFI_LOADER set, so all # object inclusion implicitly depends on it -asflags-y += -DHOST_ARCH="$(HOST_ARCH)" -I. -ccflags-y += -DHOST_ARCH="$(HOST_ARCH)" +asflags-y += -I. CFLAGS_efi_boottime.o += \ -DFW_VERSION="0x$(VERSION)" \ diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c index edfad2d..aba3100 100644 --- a/lib/efi_loader/efi_memory.c +++ b/lib/efi_loader/efi_memory.c @@ -933,8 +933,8 @@ static void add_u_boot_and_runtime(void) * Add Runtime Services. We mark surrounding boottime code as runtime as * well to fulfill the runtime alignment constraints but avoid padding. */ - runtime_start = (ulong)&__efi_runtime_start & ~runtime_mask; - runtime_end = (ulong)&__efi_runtime_stop; + runtime_start = (uintptr_t)__efi_runtime_start & ~runtime_mask; + runtime_end = (uintptr_t)__efi_runtime_stop; runtime_end = (runtime_end + runtime_mask) & ~runtime_mask; runtime_pages = (runtime_end - runtime_start) >> EFI_PAGE_SHIFT; efi_add_memory_map_pg(runtime_start, runtime_pages, diff --git a/lib/efi_loader/efi_runtime.c b/lib/efi_loader/efi_runtime.c index 9185f18..a61c9a7 100644 --- a/lib/efi_loader/efi_runtime.c +++ b/lib/efi_loader/efi_runtime.c @@ -669,14 +669,14 @@ static __efi_runtime void efi_relocate_runtime_table(ulong offset) void efi_runtime_relocate(ulong offset, struct efi_mem_desc *map) { #ifdef IS_RELA - struct elf_rela *rel = (void*)&__efi_runtime_rel_start; + struct elf_rela *rel = (void *)__efi_runtime_rel_start; #else - struct elf_rel *rel = (void*)&__efi_runtime_rel_start; + struct elf_rel *rel = (void *)__efi_runtime_rel_start; static ulong lastoff = CONFIG_TEXT_BASE; #endif debug("%s: Relocating to offset=%lx\n", __func__, offset); - for (; (ulong)rel < (ulong)&__efi_runtime_rel_stop; rel++) { + for (; (uintptr_t)rel < (uintptr_t)__efi_runtime_rel_stop; rel++) { ulong base = CONFIG_TEXT_BASE; ulong *p; ulong newaddr; diff --git a/lib/efi_loader/efi_var_common.c b/lib/efi_loader/efi_var_common.c index d528747..16b2c3d 100644 --- a/lib/efi_loader/efi_var_common.c +++ b/lib/efi_loader/efi_var_common.c @@ -99,7 +99,7 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name, data_size, data); /* Make sure that the EFI_VARIABLE_READ_ONLY flag is not set */ - if (attributes & ~(u32)EFI_VARIABLE_MASK) + if (attributes & ~EFI_VARIABLE_MASK) ret = EFI_INVALID_PARAMETER; else ret = efi_set_variable_int(variable_name, vendor, attributes, diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index 40f7a0f..2951dc7 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -235,8 +235,12 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, if (data_size && !data) return EFI_INVALID_PARAMETER; - /* EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated */ - if (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) + /* + * EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated. + * We don't support EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS. + */ + if (attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ + EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS)) return EFI_UNSUPPORTED; /* Make sure if runtime bit is set, boot service bit is set also */ @@ -259,7 +263,7 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, /* check if a variable exists */ var = efi_var_mem_find(vendor, variable_name, NULL); append = !!(attributes & EFI_VARIABLE_APPEND_WRITE); - attributes &= ~(u32)EFI_VARIABLE_APPEND_WRITE; + attributes &= ~EFI_VARIABLE_APPEND_WRITE; delete = !append && (!data_size || !attributes); /* check attributes */ @@ -276,17 +280,27 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, /* attributes won't be changed */ if (!delete && ((ro_check && var->attr != attributes) || - (!ro_check && ((var->attr & ~(u32)EFI_VARIABLE_READ_ONLY) - != (attributes & ~(u32)EFI_VARIABLE_READ_ONLY))))) { + (!ro_check && ((var->attr & ~EFI_VARIABLE_READ_ONLY) + != (attributes & ~EFI_VARIABLE_READ_ONLY))))) { return EFI_INVALID_PARAMETER; } time = var->time; } else { - if (delete || append) - /* - * Trying to delete or to update a non-existent - * variable. - */ + /* + * UEFI specification does not clearly describe the expected + * behavior of append write with data size 0, we follow + * the EDK II reference implementation. + */ + if (append && !data_size) + return EFI_SUCCESS; + + /* + * EFI_VARIABLE_APPEND_WRITE to non-existent variable is accepted + * and new variable is created in EDK II reference implementation. + * We follow it and only check the deletion here. + */ + if (delete) + /* Trying to delete a non-existent variable. */ return EFI_NOT_FOUND; } @@ -329,7 +343,11 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, /* EFI_NOT_FOUND has been handled before */ attributes = var->attr; ret = EFI_SUCCESS; - } else if (append) { + } else if (append && var) { + /* + * data is appended if EFI_VARIABLE_APPEND_WRITE is set and + * variable exists. + */ u16 *old_data = var->name; for (; *old_data; ++old_data) @@ -342,11 +360,12 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, ret = efi_var_mem_ins(variable_name, vendor, attributes, data_size, data, 0, NULL, time); } - efi_var_mem_del(var); if (ret != EFI_SUCCESS) return ret; + efi_var_mem_del(var); + if (var_type == EFI_AUTH_VAR_PK) ret = efi_init_secure_state(); else @@ -384,7 +403,7 @@ efi_status_t efi_query_variable_info_int(u32 attributes, EFI_VARIABLE_RUNTIME_ACCESS) return EFI_INVALID_PARAMETER; - if (attributes & ~(u32)EFI_VARIABLE_MASK) + if (attributes & ~EFI_VARIABLE_MASK) return EFI_INVALID_PARAMETER; *maximum_variable_storage_size = EFI_VAR_BUF_SIZE - diff --git a/lib/efi_selftest/efi_selftest_variables.c b/lib/efi_selftest/efi_selftest_variables.c index c7a3fdb..39ad03a0 100644 --- a/lib/efi_selftest/efi_selftest_variables.c +++ b/lib/efi_selftest/efi_selftest_variables.c @@ -131,13 +131,57 @@ static int execute(void) (unsigned int)len); if (memcmp(data, v, len)) efi_st_todo("GetVariable returned wrong value\n"); - /* Append variable 2 */ + + /* Append variable 2, write to non-existent variable with datasize=0 */ + ret = runtime->set_variable(u"efi_none", &guid_vendor1, + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_APPEND_WRITE, + 0, v); + if (ret != EFI_SUCCESS) { + efi_st_error( + "SetVariable(APPEND_WRITE) with size 0 to non-existent variable returns wrong code\n"); + return EFI_ST_FAILURE; + } + len = EFI_ST_MAX_DATA_SIZE; + ret = runtime->get_variable(u"efi_none", &guid_vendor1, + &attr, &len, data); + if (ret != EFI_NOT_FOUND) { + efi_st_error("Variable must not be created\n"); + return EFI_ST_FAILURE; + } + /* Append variable 2, write to non-existent variable with valid data size*/ ret = runtime->set_variable(u"efi_none", &guid_vendor1, EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_APPEND_WRITE, 15, v); + if (ret != EFI_SUCCESS) { + efi_st_error("SetVariable(APPEND_WRITE) with valid size and data to non-existent variable must be succcessful\n"); + return EFI_ST_FAILURE; + } + len = EFI_ST_MAX_DATA_SIZE; + ret = runtime->get_variable(u"efi_none", &guid_vendor1, + &attr, &len, data); + if (ret != EFI_SUCCESS) { + efi_st_error("GetVariable failed\n"); + return EFI_ST_FAILURE; + } + if (len != 15) + efi_st_todo("GetVariable returned wrong length %u\n", + (unsigned int)len); + if (memcmp(data, v, len)) + efi_st_todo("GetVariable returned wrong value\n"); + /* Delete variable efi_none */ + ret = runtime->set_variable(u"efi_none", &guid_vendor1, + 0, 0, NULL); + if (ret != EFI_SUCCESS) { + efi_st_error("SetVariable failed\n"); + return EFI_ST_FAILURE; + } + len = EFI_ST_MAX_DATA_SIZE; + ret = runtime->get_variable(u"efi_none", &guid_vendor1, + &attr, &len, data); if (ret != EFI_NOT_FOUND) { - efi_st_error("SetVariable(APPEND_WRITE) with size 0 to non-existent variable returns wrong code\n"); + efi_st_error("Variable was not deleted\n"); return EFI_ST_FAILURE; } /* Enumerate variables */ diff --git a/test/boot/bootflow.c b/test/boot/bootflow.c index 4845b71..674d4c0 100644 --- a/test/boot/bootflow.c +++ b/test/boot/bootflow.c @@ -13,6 +13,7 @@ #include <bootstd.h> #include <cli.h> #include <dm.h> +#include <efi_default_filename.h> #include <expo.h> #ifdef CONFIG_SANDBOX #include <asm/test.h> @@ -179,7 +180,8 @@ static int bootflow_cmd_scan_e(struct unit_test_state *uts) ut_assert_nextline(" 3 efi media mmc 0 mmc1.bootdev.whole "); ut_assert_nextline(" ** No partition found, err=-2: No such file or directory"); ut_assert_nextline(" 4 extlinux ready mmc 1 mmc1.bootdev.part_1 /extlinux/extlinux.conf"); - ut_assert_nextline(" 5 efi fs mmc 1 mmc1.bootdev.part_1 efi/boot/bootsbox.efi"); + ut_assert_nextline(" 5 efi fs mmc 1 mmc1.bootdev.part_1 /EFI/BOOT/" + BOOTEFI_NAME); ut_assert_skip_to_line("Scanning bootdev 'mmc0.bootdev':"); ut_assert_skip_to_line( @@ -377,7 +379,7 @@ static int bootflow_system(struct unit_test_state *uts) if (!IS_ENABLED(CONFIG_EFI_BOOTMGR)) return -EAGAIN; ut_assertok(uclass_first_device_err(UCLASS_BOOTSTD, &bootstd)); - ut_assertok(device_bind(bootstd, DM_DRIVER_GET(bootmeth_efi_mgr), + ut_assertok(device_bind(bootstd, DM_DRIVER_GET(bootmeth_3efi_mgr), "efi_mgr", 0, ofnode_null(), &dev)); ut_assertok(device_probe(dev)); sandbox_set_fake_efi_mgr_dev(dev, true); diff --git a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts index e8a1858..1a62c26 100644 --- a/test/py/tests/test_efi_capsule/capsule_gen_binman.dts +++ b/test/py/tests/test_efi_capsule/capsule_gen_binman.dts @@ -55,42 +55,6 @@ }; capsule1 { - filename = "Test01"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule2 { - filename = "Test02"; - efi-capsule { - image-index = <0x2>; - image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; - - text { - text = "u-boot-env:New"; - }; - }; - }; - - capsule3 { - filename = "Test03"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_INCORRECT_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule4 { filename = "Test04"; efi-capsule { image-index = <0x1>; @@ -102,7 +66,7 @@ }; }; - capsule5 { + capsule2 { filename = "Test05"; efi-capsule { image-index = <0x1>; @@ -114,46 +78,7 @@ }; }; - capsule6 { - filename = "Test101"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x5>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule7 { - filename = "Test102"; - efi-capsule { - image-index = <0x2>; - fw-version = <0xa>; - image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; - - text { - text = "u-boot-env:New"; - }; - }; - }; - - capsule8 { - filename = "Test103"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x2>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule9 { + capsule3 { filename = "Test104"; efi-capsule { image-index = <0x1>; @@ -166,7 +91,7 @@ }; }; - capsule10 { + capsule4 { filename = "Test105"; efi-capsule { image-index = <0x1>; @@ -179,37 +104,7 @@ }; }; - capsule11 { - filename = "Test11"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule12 { - filename = "Test12"; - efi-capsule { - image-index = <0x1>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_INVAL_KEY; - public-key-cert = CAPSULE_INVAL_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule13 { + capsule5 { filename = "Test13"; efi-capsule { image-index = <0x1>; @@ -224,7 +119,7 @@ }; }; - capsule14 { + capsule6 { filename = "Test14"; efi-capsule { image-index = <0x1>; @@ -239,55 +134,7 @@ }; }; - capsule15 { - filename = "Test111"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x5>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule16 { - filename = "Test112"; - efi-capsule { - image-index = <0x2>; - fw-version = <0xa>; - image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot-env:New"; - }; - }; - }; - - capsule17 { - filename = "Test113"; - efi-capsule { - image-index = <0x1>; - fw-version = <0x2>; - image-guid = SANDBOX_UBOOT_IMAGE_GUID; - private-key = CAPSULE_PRIV_KEY; - public-key-cert = CAPSULE_PUB_KEY; - monotonic-count = <0x1>; - - text { - text = "u-boot:New"; - }; - }; - }; - - capsule18 { + capsule7 { filename = "Test114"; efi-capsule { image-index = <0x1>; @@ -303,7 +150,7 @@ }; }; - capsule19 { + capsule8 { filename = "Test115"; efi-capsule { image-index = <0x1>; diff --git a/test/py/tests/test_efi_capsule/conftest.py b/test/py/tests/test_efi_capsule/conftest.py index dd41da9..80b1297 100644 --- a/test/py/tests/test_efi_capsule/conftest.py +++ b/test/py/tests/test_efi_capsule/conftest.py @@ -85,6 +85,7 @@ def efi_capsule_data(request, u_boot_config): check_call('cd %s; ' './tools/binman/binman --toolpath %s/tools build -u -d %s/capsule_binman.dtb -O %s -m --allow-missing -I %s -I ./board/sandbox -I ./arch/sandbox/dts' % (u_boot_config.source_dir, u_boot_config.build_dir, data_dir, data_dir, data_dir), shell=True) + check_call('cp %s/Test* %s' % (u_boot_config.build_dir, data_dir), shell=True) os.environ['PYTHONPATH'] = pythonpath # Create a disk image with EFI system partition |