summaryrefslogtreecommitdiff
path: root/lib/efi_loader/Kconfig
AgeCommit message (Collapse)Author
2020-08-13efi_loader: signature: rework for intermediate certificates supportAKASHI Takahiro
In this commit, efi_signature_verify(with_sigdb) will be re-implemented using pcks7_verify_one() in order to support certificates chain, where the signer's certificate will be signed by an intermediate CA (certificate authority) and the latter's certificate will also be signed by another CA and so on. What we need to do here is to search for certificates in a signature, build up a chain of certificates and verify one by one. pkcs7_verify_one() handles most of these steps except the last one. pkcs7_verify_one() returns, if succeeded, the last certificate to verify, which can be either a self-signed one or one that should be signed by one of certificates in "db". Re-worked efi_signature_verify() will take care of this step. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-16efi_loader: pre-seed UEFI variablesHeinrich Schuchardt
Include a file with the initial values for non-volatile UEFI variables into the U-Boot binary. If this variable is set, changes to variable PK will not be allowed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-16efi_loader: configuration of variables storeHeinrich Schuchardt
The file based and the OP-TEE based UEFI variable store are mutually exclusive. Define them as choice options in Kconfig. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11efi_loader: UEFI variable persistenceHeinrich Schuchardt
Persist non-volatile UEFI variables in a file on the EFI system partition. The file is written whenever a non-volatile UEFI variable is changed after initialization of the UEFI sub-system. The file is read during the UEFI sub-system initialization to restore non-volatile UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-03efi_loader: imply FAT, FAT_WRITEHeinrich Schuchardt
The UEFI spec requires support for the FAT file system. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-05-17efi_loader: Implement EFI variable handling via OP-TEEIlias Apalodimas
In OP-TEE we can run EDK2's StandAloneMM on a secure partition. StandAloneMM is responsible for the UEFI variable support. In combination with OP-TEE and it's U-Boot supplicant, variables are authenticated/validated in secure world and stored on an RPMB partition. So let's add a new config option in U-Boot implementing the necessary calls to OP-TEE for the variable management. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Pipat Methavanitpong <pipat1010@gmail.com> Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: add CONFIG_EFI_SECURE_BOOT config optionAKASHI Takahiro
Under this configuration, UEFI secure boot support will be added in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: enable RNG if DM_RNG is enabledPeter Robinson
Enable EFI_RNG_PROTOCOL by default if DM_RNG is set. Signed-off-by: Peter Robinson <pbrobinson@gmail.com> Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org> Remove superfluous 'if DM_RNG' Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-02-28efi_loader: Implement FileLoad2 for initramfs loadingIlias Apalodimas
Following kernel's proposal for an arch-agnostic initrd loading mechanism [1] let's implement the U-boot counterpart. This new approach has a number of advantages compared to what we did up to now. The file is loaded into memory only when requested limiting the area of TOCTOU attacks. Users will be allowed to place the initramfs file on any u-boot accessible partition instead of just the ESP one. Finally this is an attempt of a generic interface across architectures in the linux kernel so it makes sense to support that. The file location is intentionally only supported as a config option argument(CONFIG_EFI_INITRD_FILESPEC), in an effort to enhance security. Although U-boot is not responsible for verifying the integrity of the initramfs, we can enhance the offered security by only accepting a built-in option, which will be naturally verified by UEFI Secure Boot. This can easily change in the future if needed and configure that via ENV or UEFI variable. [1] https://lore.kernel.org/linux-efi/20200207202637.GA3464906@rani.riverdale.lan/T/#m4a25eb33112fab7a22faa0fd65d4d663209af32f Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-02-19efi_loader: EFI_RNG_PROTOCOLHeinrich Schuchardt
Do not use quotation marks for Kconfig help text. Replace rng abbreviation by full words. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-15efi_loader: imply VIDEO_ANSIHeinrich Schuchardt
UEFI programs like GRUB make change terminal colors which requires support for ANSI escape sequences. Let CONFIG_EFI_LOADER=y imply CONFIG_VIDEO_ANSI. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-07efi: qemu: arm64: Add efi_rng_protocol implementation for the platformSughosh Ganu
Add support for the EFI_RNG_PROTOCOL routines for the qemu arm64 platform. EFI_RNG_PROTOCOL is an uefi boottime service which is invoked by the efi stub in the kernel for getting random seed for kaslr. The routines are platform specific, and use the virtio-rng device on the platform to get random data. The feature can be enabled through the following config CONFIG_EFI_RNG_PROTOCOL Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Changed SPDX header to use /* instead of //. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-07efi_loader: imply USB_KEYBOARD_FN_KEYSHeinrich Schuchardt
UEFI applications like GRUB and SCT assume that function keys are enabled on the keyboard. Let EFI_LOADER imply USB_KEYBOARD_FN_KEYS. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-11-23efi_loader: default EFI_LOADER=n on ARM11Heinrich Schuchardt
Some of the ARM11 boards have tight limits on the size of U-Boots. Hence use EFI_LOADER=n as default on ARM11. Set EFI_LOADER=y for the Raspberry Pi and Raspberry Pi Zero as these boards have sufficient storage on the SD card. Suggested-by: Tom Rini <trini@konsulko.com> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-11-19efi_loader: enable EFI_LOADER on arm1136 and arm1176Heinrich Schuchardt
With an implementation for allow_unaligned() available for arm1136 and arm1176 UEFI can be supported on these architectures. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-11-19efi_loader: restrict EFI_LOADER to armv7 and armv8 on ARMHeinrich Schuchardt
fatload USB was reported to fail on the Sheevaplug. Debugging showed that this was caused by an incorrect unaligned write to memory in path_to_uefi(). UEFI on ARM requires that unaligned memory access is enabled. * ARMv5 does not support unaligned access at all. * ARMv6 supports unaligned access when we clear the A flag and set the U flag. * On ARMv7 unaligned access is possible when clearing the aligned flag, which we do in function allow_unaligned() (arch/arm/cpu/armv7/sctlr.S). For none of the other cpus in arch/arm/cpu/ we have implemented a similar function. * ARMv8 allows unaligned access. Let EFI_LOADER on ARM depend on SYS_CPU=armv7 or SYS_CPU=armv8. Once we have implemented allow_unaligned() for other ARM CPUs we can add these to Kconfig. Reported-by: Gray Remlin <gryrmln@gmail.com> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-30efi_loader: re-enable GRUB workaround on 32bit ARMHeinrich Schuchardt
GRUB on ARM 32bit prior to version 2.04 lacks proper handling of caches. In U-Boot v2019.04 a workaround for this was inadvertently removed. The workaround is currently also needed for booting on systems with caches that cannot be managed via CP15 (e.g. with an i.MX6 CPU). Re-enable the workaround and make it customizable. Fixes: f69d63fae281 ("efi_loader: use efi_start_image() for bootefi") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-06efi_loader: decision on EFI_RT_SUPPORTED_RESET_SYSTEMHeinrich Schuchardt
Move the logic determining which board supports reset at runtime to Kconfig. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-01efi_loader: Kconfig entries for GetTime(), SetTime()Heinrich Schuchardt
The GetTime() and the SetTime() runtime services are not obligatory. So let's make them customizable. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-19efi_loader: implement deprecated Unicode collation protocolHeinrich Schuchardt
In EFI 1.10 a version of the Unicode collation protocol using ISO 639-2 language codes existed. This protocol is not part of the UEFI specification any longer. Unfortunately it is required to run the UEFI Self Certification Test (SCT) II, version 2.6, 2017. So we implement it here for the sole purpose of running the SCT. It can be removed once a compliant SCT is available. The configuration option defaults to no. Signed-off-by: Rob Clark <robdclark@gmail.com> Most of Rob's original patch is already merged. Only the deprecated protocol is missing. Rebase it and make it configurable. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-19efi_loader: rename Unicode collation protocol 2 variablesHeinrich Schuchardt
Rename variables to make it clear they refer to the Unicode collation protocol identified by the EFI_UNICODE_PROTOCOL2_GUID. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: make device path to text protocol customizableHeinrich Schuchardt
The device path to text protocol is not needed for EBBR compliance. So let's make it a customizable option. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: make Unicode collation protocol customizableHeinrich Schuchardt
The Unicode collation protocol is not needed for EBBR compliance. So let's make it a customizable option. The Unicode capitalization table is only needed by this protocol. So let it depend on the Unicode collation protocol. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: reword the EFI_LOADER config optionHeinrich Schuchardt
No need to mention U-Boot in brief description. Fix several typos, mention iPXE. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: format KconfigHeinrich Schuchardt
Use if/endif for dependencies to give structure to the configuration menu. Sort important settings to the top. Abbreviate the short description of EFI_LOADER_HII. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-12efi_loader: fix setting PlatformLangHeinrich Schuchardt
The UEFI variables PlatformLang and PlatformLangCodes specify the current firmware language and the list of all available languages. Currently their values are hard coded. With the patch a new configuration variable EFI_PLATFORM_LANG_CODES is provided. When initializing the UEFI subsystem this configuration variable is used to initialize PlatformLangCodes. The value of variable PlatformLang is read. If it is not set, the first language specified in EFI_PLATFORM_LANG_CODES is used to initialize PlatformLang. Suggested-by: Takahiro Akashi <takahiro.akashi@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-12efi_loader: enable HII protocols by defaultHeinrich Schuchardt
As the UEFI shell requires the HII protocols let's enable them by default. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-02-13efi_loader: Make HII a config optionAlexander Graf
Heinrich ran into issues with HII and iPXE which lead to #SErrors on his Odroid-C2 system. We definitely do not want to regress just yet, so let's not expose the HII protocols by default. Instead, let's make it a config option that people can play with This way, we can stabilize the code in tree without breaking any users. Once someone figures out, why this breaks iPXE (probably a NULL dereference), we can enable it by default. Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Alexander Graf <agraf@suse.de> --- v1 -> v2: - Remove HII selftest as well v2 -> v3: - Make config option
2019-02-13efi_loader: GetNextVariableName() relies on REGEXHeinrich Schuchardt
Our implementation of GetNextVariableName() relies on CONFIG_REGEX=y. So EFI_LOADER has to select it. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Alexander Graf <agraf@suse.de>
2018-09-23efi: sandbox: Enable EFI loader build for sandboxSimon Glass
This allows this feature to build within sandbox. This is useful for testing. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2018-09-23lib: charset: upper/lower case conversionHeinrich Schuchardt
Provide functions for upper and lower case conversion. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Alexander Graf <agraf@suse.de>
2018-07-25Revert "efi_loader: no support for ARMV7_NONSEC=y"Mark Kettenis
This reverts commit c524997acb3d322e1bbd36c06ad02ef589705e7c. Booting ARMv7 in non-secure mode using bootefi works now. Signed-off-by: Mark Kettenis <kettenis@openbsd.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2018-06-03efi_loader: if EFI_LOADER is enabled, enable CFB_CONSOLE_ANSIHeinrich Schuchardt
EFI applications like GRUB issue ANSI sequences for setting colors and for positioning. So if the EFI subsystem is enabled, we should also enable ANSI control sequences by default. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Alexander Graf <agraf@suse.de>
2018-05-29efi_loader: Enable RISC-V supportRick Chen
We have almost all pieces needed to support RISC-V UEFI binaries in place already. The only missing piece are ELF relocations for runtime code and data. This patch adds respective support in the linker script and the runtime relocation code. It also allows users to enable the EFI_LOADER configuration switch on RISC-V platforms. Signed-off-by: Alexander Graf <agraf@suse.de>
2018-04-23efi_loader: no support for ARMV7_NONSEC=yHeinrich Schuchardt
We do not support bootefi booting ARMv7 in non-secure mode. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Alexander Graf <agraf@suse.de>
2018-02-08Move most CONFIG_HAVE_BLOCK_DEVICE to KconfigAdam Ford
config_fallbacks.h has some logic that sets HAVE_BLOCK_DEVICE based on a list of enabled options. Moving HAVE_BLOCK_DEVICE to Kconfig allows us to drastically shrink the logic in config_fallbacks.h Signed-off-by: Adam Ford <aford173@gmail.com> [trini: Rename HAVE_BLOCK_DEVICE to CONFIG_BLOCK_DEVICE] Signed-off-by: Tom Rini <trini@konsulko.com>
2018-02-08Convert LIB_UUID to KconfigAdam Ford
config_fallback.h has some logic that checks a variety of options and selects LIB_UUID if it hasn't already been selected. This will all LIB_UUID in Kconfig and select this option for the list of options to allow us to remove the logic from fallbacks Signed-off-by: Adam Ford <aford173@gmail.com>
2018-01-28efi: Conflict efi_loader with different stub bitnessAlexander Graf
We have 2 users of the EFI headers: efi_loader and the EFI stub. Efi_loader always expects that the bitness of the definitions it uses is identical to the execution. The EFI stub however allows to run x86_64 U-Boot on 32bit EFI and the other way around, so it allows for different bitness of EFI definitions and U-Boot environment. This patch explicitly requests via Kconfig that efi_loader can only be enabled if the bitness is identical. Because we can run efi_loader on x86_64 without EFI stub enabled, it also ensures that this case propagates the correct ABI constraints. Signed-off-by: Alexander Graf <agraf@suse.de>
2016-11-14x86: Enable EFI loader supportSimon Glass
Enable this so that EFI applications (notably grub) can be run under U-Boot on x86 platforms. At present the 'hello world' EFI application is not supported for the qemu-x86_efi_payload64 board. That board builds a payload consisting of a 64-bit header and a 32-bit U-Boot, which is incompatible with the way the EFI loader builds its EFI application. The following error is obtained: x86_64-linux-ld.bfd: i386 architecture of input file `lib/efi_loader/helloworld.o' is incompatible with i386:x86-64 output This could be corrected with additional Makefile rules. For now, this feature is disabled for that board. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> [agraf: drop hello kconfig bits] Signed-off-by: Alexander Graf <agraf@suse.de>
2016-11-14efi_loader: fix depends on line of EFI_LOADERMasahiro Yamada
This line is shown as depends on (ARM64 ||\302\240ARM) && OF_LIBFDT on my Emacs. Use ASCII characters only. Assuming it is (ARM64 || ARM), remove the redundancy. Unlike Linux, CONFIG_ARM includes CONFIG_ARM64 in U-Boot. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2016-05-27efi_loader: Add bounce buffer supportAlexander Graf
Some hardware that is supported by U-Boot can not handle DMA above 32bits. For these systems, we need to come up with a way to expose the disk interface in a safe way. This patch implements EFI specific bounce buffers. For non-EFI cases, this apparently was no issue so far, since we can just define our environment variables conveniently. Signed-off-by: Alexander Graf <agraf@suse.de>
2016-03-15efi_loader: hook up in build environmentAlexander Graf
Now that we have all the bits and pieces ready for EFI payload loading support, hook them up in Makefiles and KConfigs so that we can build. Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Simon Glass <sjg@chromium.org> Tested-by: Simon Glass <sjg@chromium.org> [trini: Enable only when we of OF_LIBFDT, disable on kwb and colibri_pxa270] Signed-off-by: Tom Rini <trini@konsulko.com>