aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)AuthorFilesLines
2021-01-05timer: Use a shorter error in TPLSimon Glass1-2/+8
This error should not happen in normal use. Reduce the length of it to save space in the image. Add an empty spl.h file to sh since it appears to lack this. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-05dm: Use access methods for dev/uclass private dataSimon Glass1-1/+1
Most drivers use these access methods but a few do not. Update them. In some cases the access is not permitted, so mark those with a FIXME tag for the maintainer to check. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Acked-by: Pratyush Yadav <p.yadav@ti.com>
2021-01-05serial: Update NS16550_t and struct NS16550Simon Glass1-1/+1
Typedefs should not be used in U-Boot and structs should be lower case. Update the code to use struct ns16550 consistently. Put a header guard on the file while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2020-12-31efi_loader: Enable uefi capsule authenticationSughosh Ganu1-1/+35
Add support for enabling uefi capsule authentication. This feature is enabled by setting the environment variable "capsule_authentication_enabled". The following configs are needed for enabling uefi capsule update and capsule authentication features on the platform. CONFIG_EFI_HAVE_CAPSULE_SUPPORT=y CONFIG_EFI_CAPSULE_ON_DISK=y CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT=y CONFIG_EFI_CAPSULE_FIRMWARE=y CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y CONFIG_EFI_CAPSULE_AUTHENTICATE=y Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31efi: capsule: Add support for uefi capsule authenticationSughosh Ganu3-2/+141
Add support for authenticating uefi capsules. Most of the signature verification functionality is shared with the uefi secure boot feature. The root certificate containing the public key used for the signature verification is stored as part of the device tree blob. The root certificate is stored as an efi signature list(esl) file -- this file contains the x509 certificate which is the root certificate. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31efi_loader: Re-factor code to build the signature store from efi signature listSughosh Ganu1-42/+61
The efi_sigstore_parse_sigdb function reads the uefi authenticated variable, stored in the signature database format and builds the signature store structure. Factor out the code for building the signature store. This can then be used by the capsule authentication routine to build the signature store even when the signature database is not stored as an uefi authenticated variable Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31efi_loader: Make the pkcs7 header parsing function an externSughosh Ganu2-89/+89
The pkcs7 header parsing functionality is pretty generic, and can be used by other features like capsule authentication. Make the function an extern, also changing it's name to efi_parse_pkcs7_header Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31efi_loader: Add logic to parse EDKII specific fmp payload headerSughosh Ganu1-0/+41
When building the capsule using scripts in edk2, a fmp header is added on top of the binary payload. Add logic to detect presence of the header. When present, the pointer to the image needs to be adjusted as per the size of the header to point to the actual binary payload. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31crypto: Fix the logic to calculate hash with authattributes setSughosh Ganu1-11/+26
RFC 2315 Section 9.3 describes the message digesting process. The digest calculated depends on whether the authenticated attributes are present. In case of a scenario where the authenticated attributes are present, the message digest that gets signed and is part of the pkcs7 message is computed from the auth attributes rather than the contents field. Check if the auth attributes are present, and if set, use the auth attributes to compute the hash that would be compared with the encrypted hash on the pkcs7 message. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31efi_loader: event queueingHeinrich Schuchardt1-1/+1
When a new event is queued we have to process the event queue by calling efi_process_event_queue(). But there is not reason to call the function when the event is not queueable. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: Add size checks to efi_create_indexed_name()Ilias Apalodimas2-5/+12
Although the function description states the caller must provide a sufficient buffer, it's better to have in function checks that the destination buffer can hold the intended value. So let's add an extra argument with the buffer size and check that before doing any copying. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: Remove unconditional installation of file2 protocol for initrdIlias Apalodimas1-5/+0
Up to now we install the EFI_LOAD_FILE2_PROTOCOL to load an initrd unconditionally. Although we correctly return various EFI exit codes depending on the file status (i.e EFI_NO_MEDIA, EFI_NOT_FOUND etc), the kernel loader only falls back to the cmdline interpreted initrd if the protocol is not installed. This creates a problem for EFI installers, since they won't be able to load their own initrd and start the installation. A following patch introduces a different logic where we search for an initrd path defined in an EFI variable named 'Initrd####'. If the bootmgr is used to launch the EFI payload, we'll will try to match the BootCurrent value and find the corresponding initrd (i.e Boot0000 -> Initrd0000 etc). If the file is found, we'll install the required protocol which the kernel's efi-stub can use and load our initrd. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: Remove unused headers from efi_load_initrd.cIlias Apalodimas1-5/+3
dm.h and env.h serve no purpose here. Remove them and sort the remaining in alphabetical order. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: use after free in efi_exit()Heinrich Schuchardt1-5/+12
Do not use data from the loaded image object after deleting it. Fixes: 126a43f15b36 ("efi_loader: unload applications upon Exit()") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: efi_signal_event() fix comment typosHeinrich Schuchardt1-2/+2
Add missing commas. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: avoid invalid freeHeinrich Schuchardt1-1/+1
load_options passed from do_efibootmgr() to do_bootefi_exec() may contain invalid data from the stack which will lead to an invalid free(). Fixes: 0ad64007feb9 ("efi_loader: set load options in boot manager") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: escape key handlingHeinrich Schuchardt1-0/+12
Up to now the escape key was not correctly detected in UEFI applications. We had to hit it twice for a single escape to be recognized. Use a 10 ms delay to detect if we are dealing with the escape key or an escape sequence. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: missing parentheses after ifHeinrich Schuchardt1-1/+1
IS_ENABLED() contains parentheses. But we should still put extra parentheses around it in an if statement for readability. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: Extra checks while opening an OPTEE sessionIlias Apalodimas1-5/+15
When opening an OP-TEE session we need to check the internal return value of OP-TEE call arguments as well the return code of the function itself. The code was also ignoring to close the OP-TEE session in case the shared memory registration failed. Fixes: f042e47e8fb43 ("efi_loader: Implement EFI variable handling via OP-TEE") Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-31efi_loader: make variable store size customizableHeinrich Schuchardt1-0/+14
Currently the size of the buffer to keep UEFI variables in memory is fixed at 16384 bytes. This size has proven to be too small for some use cases. Make the size of the memory buffer for UEFI variables customizable. Reported-by: Paulo Alcantara (SUSE) <pc@cjr.nz> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2020-12-22fdt: Use phandle to distinguish DT nodes with same nameAswath Govindraju2-0/+19
While assigning the sequence number to subsystem instances by reading the aliases property, only DT nodes names are compared and not the complete path. This causes a problem when there are two DT nodes with same name but have different paths. In arch/arm/dts/k3-am65-main.dtsi there are two USB controllers with the same device tree node name but different path. When aliases are defined for these USB controllers then fdtdec_get_alias_seq() fails to pick the correct instance for a given index. fdt_path_offset() function is slow and this would effect the U-Boot startup. To avert the time penalty on all boards, apply this extra check only when required by using a config option. Fix it by comparing the phandles of DT nodes after the node names match, under a config option. Signed-off-by: Aswath Govindraju <a-govindraju@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org> Fix whitespace error in Kconfig: Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-22sandbox: implement runtime system resetHeinrich Schuchardt1-1/+2
Implement a reset function that we can call after ExitBootServices(), when all driver model devices are gone. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-18x86: Simplify acpi_device_infer_name()Simon Glass1-24/+3
There is no-longer any need to check if sequence numbers are valid, since this is ensured by driver model. Drop the unwanted logic. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-18dm: Avoid accessing seq directlySimon Glass1-2/+2
At present various drivers etc. access the device's 'seq' member directly. This makes it harder to change the meaning of that member. Change access to go through a function instead. The drivers/i2c/lpc32xx_i2c.c file is left unchanged for now. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13dm: treewide: Rename ..._platdata variables to just ..._platSimon Glass3-7/+7
Try to maintain some consistency between these variables by using _plat as a suffix for them. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13dm: treewide: Rename dev_get_platdata() to dev_get_plat()Simon Glass1-3/+3
Rename this to be consistent with the change from 'platdata'. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13dm: treewide: Rename 'platdata' variables to just 'plat'Simon Glass5-21/+21
We use 'priv' for private data but often use 'platdata' for platform data. We can't really use 'pdata' since that is ambiguous (it could mean private or platform data). Rename some of the latter variables to end with 'plat' for consistency. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13dm: treewide: Rename auto_alloc_size members to be shorterSimon Glass1-1/+1
This construct is quite long-winded. In earlier days it made some sense since auto-allocation was a strange concept. But with driver model now used pretty universally, we can shorten this to 'auto'. This reduces verbosity and makes it easier to read. Coincidentally it also ensures that every declaration is on one line, thus making dtoc's job easier. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13efi_selftest: implement exception test for sandboxHeinrich Schuchardt1-0/+2
Provide a unit test that causes an illegal instruction to occur. The test can be run with the following commands: => setenv efi_selftest exception => bootefi selftest This might be the output: Executing 'exception' EFI application triggers exception. Illegal instruction pc = 0x1444d016, pc_reloc = 0xffffaa078e8dd016 UEFI image [0x0000000000000000:0xffffffffffffffff] '/\selftest' UEFI image [0x000000001444b000:0x0000000014451fff] pc=0x2016 '/bug.efi' Resetting ... It would tell us that the exception was triggered by an instruction 0x2016 bytes after the load address of the binary with filename /bug.efi. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-10efi_loader: link partition to block deviceHeinrich Schuchardt1-0/+20
We provide a UEFI driver for block devices. When ConnectController() is called for a handle with the EFI_BLOCK_IO_PROTOCOL this driver creates the partitions. When DisconnectController() is called the handles for the partitions have to be deleted. This requires that the child controllers (partitions) open the EFI_BLOCK_IO_PROTOCOL of the controller (block IO device) with attribute EFI_OPEN_PROTOCOL_BY_CHILD_CONTROLLER. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: make efi_protocol_open() non-staticHeinrich Schuchardt1-1/+1
Provide efi_protocol_open() as library function. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_selftest: test EFI_LOAD_FILE_PROTOCOLHeinrich Schuchardt2-0/+478
A unit test is supplied to test the support for the EFI_LOAD_FILE_PROTOCOL and the EFI_LOAD_FILE2_PROTOCOL by the LoadImage() boot service. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_selftest: clean up MakefileHeinrich Schuchardt1-8/+6
Bring all obj-y entries together. Sort *.o targets. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: support EFI_LOAD_FILE_PROTOCOLHeinrich Schuchardt1-1/+48
Support loading images via the EFI_LOAD_FILE_PROTOCOL and EFI_LOAD_FILE2_PROTOCOL. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: carve out efi_load_image_from_file()Heinrich Schuchardt1-9/+36
efi_load_image_from_file() should read via either of: * EFI_SIMPLE_FILE_SYSTEM_PROTOCOL * EFI_LOAD_FILE_PROTOCOL * EFI_LOAD_FILE2_PROTOCOL To make the code readable carve out a function to load the image via the file system protocol. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: pass boot_policy to efi_load_image_from_pathHeinrich Schuchardt1-7/+9
Implementing support for loading images via the EFI_LOAD_FILE_PROTOCOL requires the boot policy as input for efi_load_image_from_path(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: move EFI_LOAD_FILE2_PROTOCOL_GUIDHeinrich Schuchardt3-6/+7
The EFI_LOAD_FILE_PROTOCOL_GUID and EFI_LOAD_FILE2_PROTOCOL_GUID are needed to complement the implementation of the LoadFile() boot service. Remove a duplicate declaration of a variable for the EFI_LOAD_FILE2_PROTOCOL_GUID. Move the remaining declaration to efi_boottime.c. Add a variable for the EFI_LOAD_FILE_PROTOCOL_GUID. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: resequence functions in efi_boottime.cHeinrich Schuchardt1-82/+82
For implementing support for the EFI_LOAD_FILE_PROTOCOL in the LoadImage() service we will have to call the LocateDevicePath() service. To avoid a forward declaration resequence the functions. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: remove EFI_HII_CONFIG_ROUTING_PROTOCOLHeinrich Schuchardt3-7/+8
Our implementation of the EFI_HII_CONFIG_ROUTING_PROTOCOL is a mere stub, where all services return an error code. The protocol is neither needed for the EFI shell nor for the UEFI SCT. To reduce the code size remove it from the U-Boot binary. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10efi_loader: don't set EFI_RT_SUPPORTED_UPDATE_CAPSULEHeinrich Schuchardt1-4/+0
The EFI_RT_PROPERTIES_TABLE configuration table indicates which runtime services are available at runtime. Even if CONFIG_EFI_RUNTIME_UPDATE_CAPSULE=y, we neither support UpdateCapsule() nor QueryCapsuleCapabilities() at runtime. Thus we should not set the corresponding flags EFI_RT_SUPPORTED_UPDATE_CAPSULE and EFI_RT_SUPPORTED_QUERY_CAPSULE_CAPABILITIES in RuntimeServicesSupported. Fixes: 2bc27ca8a04a ("efi_loader: define UpdateCapsule api") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-10fs: fat: create correct short namesHeinrich Schuchardt1-1/+1
The current function set_name() used to create short names has the following deficiencies resolved by this patch: * Long names (e.g. FOO.TXT) are stored even if a short name is enough. * Short names with spaces are created, e.g. "A ~1.TXT". * Short names with illegal characters are created, e.g. "FOO++BAR". * Debug output does not not consider that the short file name has no concluding '\0'. The solution for the following bug is split of into a separate patch: * Short file names must be unique. This patch only provides the loop over possible short file names. Fixes: c30a15e590c ("FAT: Add FAT write feature") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-12-04env: Allow returning errors from hdelete_r()Simon Glass1-6/+6
At present this function returns 1 on success and 0 on failure. But in the latter case it provides no indication of what went wrong. If an attempt is made to delete a non-existent variable, the caller may want to ignore this error. This happens when setting a non-existent variable to "", for example. Update the function to return 0 on success and a useful error code on failure. Add a function comment too. Make sure that env_set() does not return an error if it is deleting a variable that doesn't exist. We could update env_set() to return useful error numbers also, but that is beyond the scope of this change. Signed-off-by: Simon Glass <sjg@chromium.org> wip
2020-12-03efi_loader: add firmware management protocol for raw imageAKASHI Takahiro4-58/+194
In this commit, a very simple firmware management protocol driver is implemented. It will take a binary image in a capsule file and apply the data using dfu backend storage drivers via dfu_write_by_alt() interface. So "dfu_alt_info" variable should be properly set to specify a device and location to be updated. Please read README.dfu. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03efi_loader: add firmware management protocol for FIT imageAKASHI Takahiro4-1/+314
In this commit, a very simple firmware management protocol driver is implemented. It will take a common FIT image firmware in a capsule file and apply the data using dfu backend storage drivers via update_fit() interface. So "dfu_alt_info" variable should be properly set to specify a device and location to be updated. Please read README.dfu. Fit image is a common file format for firmware update on U-Boot, and this protocol works neatly just as a wrapper for one. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03efi_loader: capsule: support firmware updateAKASHI Takahiro3-12/+252
A capsule tagged with the guid, EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID, is handled as a firmware update object. What efi_update_capsule() basically does is to load any firmware management protocol (or fmp) drivers contained in a capsule, find out an appropriate fmp driver and then invoke its set_image() interface against each binary in a capsule. In this commit, however, loading drivers is not supported. The result of applying a capsule is set to be stored in "CapsuleXXXX" variable, but its implementation is deferred to a fmp driver. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03efi_loader: capsule: add capsule_on_disk supportAKASHI Takahiro3-0/+528
Capsule data can be loaded into the system either via UpdateCapsule runtime service or files on a file system (of boot device). The latter case is called "capsules on disk", and actual updates will take place at the next boot time. In this commit, we will support capsule on disk mechanism. Please note that U-Boot itself has no notion of "boot device" and all the capsule files to be executed will be detected only if they are located in a specific directory, \EFI\UpdateCapsule, on a device that is identified as a boot device by "BootXXXX" variables. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03efi_loader: define UpdateCapsule apiAKASHI Takahiro5-54/+291
In this commit, skeleton functions for capsule-related API's are added under CONFIG_EFI_UPDATE_CAPSULE configuration. Detailed implementation for a specific capsule type will be added in the succeeding patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03efi_loader: Introduce eventlog support for TCG2_PROTOCOLIlias Apalodimas3-23/+551
In the previous patches we only introduced a minimal subset of the EFI_TCG2_PROTOCOL protocol implementing GetCapability(). So let's continue adding features to it, introducing the GetEventLog() and HashLogExtendEvent() functions. In order to do that we first need to construct the eventlog in memory, specifically in EFI_BOOT_SERVICES_DATA memory and a configuration table from EFI_ACPI_MEMORY_NVS. U-Boot won't currently add any events to the log or measure any components, but will expose the necessary EFI APIs for applications to do so. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2020-12-03tpm: use more than sha256 on pcr_extendIlias Apalodimas1-5/+6
The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-03efi_loader: replace printf by log in efi_uclass.cHeinrich Schuchardt1-9/+9
Use logging functions instead of printf() and debug(). Change logging messages for uclass creation and destruction to log_debug(). Reported-by: Simon Glass <sjg@chromium.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>