summaryrefslogtreecommitdiff
path: root/lib/efi_loader/efi_boottime.c
AgeCommit message (Collapse)Author
2020-04-16efi_loader: image_loader: support image authenticationAKASHI Takahiro
With this commit, image validation can be enforced, as UEFI specification section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled. Currently we support * authentication based on db and dbx, so dbx-validated image will always be rejected. * following signature types: EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images) EFI_CERT_X509_GUID (x509 certificate for signed images) Timestamp-based certificate revocation is not supported here. Internally, authentication data is stored in one of certificates tables of PE image (See efi_image_parse()) and will be verified by efi_image_authenticate() before loading a given image. It seems that UEFI specification defines the verification process in a bit ambiguous way. I tried to implement it as closely to as EDK2 does. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-03-17efi_loader: export a couple of protocol related functionsAKASHI Takahiro
This is a preparatory patch. Those functions will be used in an implementation of UEFI firmware management protocol as part of my capsule update patch. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-03-11efi_loader: unnecessary assignment in efi_queue_eventHeinrich Schuchardt
The assigned value NULL is never used. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-15efi_loader: describe returning of controlHeinrich Schuchardt
Provide a sober description of how control can be returned by a UEFI binary. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-07efi_loader: Add guidcpy functionSughosh Ganu
Add guidcpy function to copy the source guid to the destination guid. Use this function instead of memcpy for copying to the destination guid. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Use void * instead of efi_guid_t * for arguments to allow copying unaligned GUIDs. The GUIDs of configuration tables are __packed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-12-02common: Move enable/disable_interrupts out of common.hSimon Glass
Move these two functions into the irq_funcs.h header file. Also move interrupt_handler_t as this is used by the irq_install_handler() function. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02common: Move get_ticks() function out of common.hSimon Glass
This function belongs in time.h so move it over and add a comment. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02crc32: Use the crc.h header for crc functionsSimon Glass
Drop inclusion of crc.h in common.h and use the correct header directly instead. With this we can drop the conflicting definition in fw_env.h and rely on the crc.h header, which is already included. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
2019-09-20efi_loader: incorrect return value form DisconnectControllerHeinrich Schuchardt
DisconnectController() should never return EFI_NOT_FOUND. If EFI_DRIVER_BINDING_PROTOCOL.Stop() fails, return EFI_DEVICE_ERROR. If the driver handle does not expose the EFI_DRIVER_BINDING_PROTOCOL return EFI_INVALID_PARAMETER. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-08-11env: Drop environment.h header file where not neededSimon Glass
This header file is now only used by files that access internal environment features. Drop it from various places where it is not needed. Acked-by: Joe Hershberger <joe.hershberger@ni.com> Signed-off-by: Simon Glass <sjg@chromium.org>
2019-07-30efi_loader: re-enable GRUB workaround on 32bit ARMHeinrich Schuchardt
GRUB on ARM 32bit prior to version 2.04 lacks proper handling of caches. In U-Boot v2019.04 a workaround for this was inadvertently removed. The workaround is currently also needed for booting on systems with caches that cannot be managed via CP15 (e.g. with an i.MX6 CPU). Re-enable the workaround and make it customizable. Fixes: f69d63fae281 ("efi_loader: use efi_start_image() for bootefi") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-16efi_loader: fix comments for efi_update_exit_data()Heinrich Schuchardt
Add missing colons after parameter descriptions. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-16efi_loader: fix function comments in efi_boottime.cHeinrich Schuchardt
scripts/kernel-doc pointed out some errors in the function comments in efi_boottime.c. Add missing and remove superfluous parameter descriptions. Escape * in a function description. Add empty lines for readability. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-16efi_loader: EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGEHeinrich Schuchardt
Implement the EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. This requires allocating the event and the event list from runtime data. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-06efi_loader: detach runtime in ExitBootServices()Heinrich Schuchardt
Linux can be called with a command line parameter efi=novamap, cf. commit 4e46c2a95621 ("efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted"). In this case SetVirtualAddressMap() is not called after ExitBootServices(). OpenBSD 32bit does not call SetVirtualAddressMap() either. Runtime services must be set to an implementation supported at runtime in ExitBootServices(). Reported-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Suggested-by: Alexander Graf <agraf@csgraf.de> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-06efi_loader: let the variable driver patch out the runtimeHeinrich Schuchardt
Our variable services are only provided at boottime. Therefore when leaving boottime the variable function are replaced by dummy functions returning EFI_UNSUPPORTED. Move this patching of the runtime table to the variable services implementation. Executed it in ExitBootServices(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-06efi_loader: remove NULL entries from runtime detach listHeinrich Schuchardt
Some entries in the system table are set to NULL in ExitBootServices(). We had them in the runtime detach list to avoid relocation of NULL. Let's instead assign the pointers dynamically in efi_initialize_system_table() to avoid the relocation entry. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-07-06efi_loader: remove superfluous spaces in commentsHeinrich Schuchardt
Leave only a single space after * if not aligning. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-20efi_loader: system table setupHeinrich Schuchardt
When setting up the system table avoid superfluous void * conversions. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-14efi_loader: correct ExitBootServices()Heinrich Schuchardt
Always use EFI_EXIT() to return from the function. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-14efi_loader: loaded images cannot be started twiceHeinrich Schuchardt
If an image already has been started, return EFI_INVALID_PARAMETER when StartImage() is called for the same handle again. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-14efi_loader: LoadImage must return EFI_NOT_FOUNDHeinrich Schuchardt
If the file path does not relate to an existing file, LoadImage() must return EFI_NOT_FOUND. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-14efi_loader: LoadImage w/o SourceBuffer and DevicePathHeinrich Schuchardt
If both SourceBuffer and DevicePath are NULL, LoadImage() must return EFI_INVALID_PARAMETER. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-10efi_loader: implement event queueHeinrich Schuchardt
Up to now we have only been using a flag queued for events. But this does not satisfy the requirements of the UEFI spec. Events must be notified in the sequence of decreasing TPL level and within a TPL level in the sequence of signaling. Implement a queue for signaled events. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-10efi_loader: event signaling in ExitBootServicesHeinrich Schuchardt
ExitBootServices() has to stop timer related activity before calling the events of the EFI_EVENT_GROUP_EXIT_BOOT_SERVICES event group. But our current implementation was stopping all other events. All events have to observe the task priority level. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-10efi_loader: SignalEvent for event in signaled stateHeinrich Schuchardt
If an event is already in the signaled state, SignalEvent should not queue the notification function but simply return EFI_SUCCESS. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-10efi_loader: RegisterProtocolNotify event signalingHeinrich Schuchardt
In a following patch efi_signal_event() will only queue an event if it is not signaled. Set the is_signaled status to false before signaling the event. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-05Merge tag 'efi-2019-07-rc4-2' of git://git.denx.de/u-boot-efiTom Rini
Pull request for UEFI sub-system for v2019.07-rc4-2 Support for managing the non-volatile attribute of UEFI variables is added though we do not have a backend for persistence yet. Error messages for changes of UEFI variables are provided. UEFI boottime service implementations are corrected.
2019-06-04efi_loader: close protocols in UnloadImage()Heinrich Schuchardt
When UnloadImage() is called all protocols opened by the image have to be closed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-04efi_loader: check timer events in Stall()Heinrich Schuchardt
During a call to Stall() we should periodically check for timer events. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-04efi_loader: DisconnectController() with no driverHeinrich Schuchardt
If DisconnectController() is called and no driver is managing ControllerHandle, return EFI_SUCCESS. UEFI SCT II 2017, 3.3.12 DisconnectController(), 5.1.3.12.4 - 5.1.3.12.6 Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-01efi_loader: CloseProtocol() fix open protocol informationHeinrich Schuchardt
CloseProtocol() must delete all open protocol information records relating to import parameters not only one. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-01efi_loader: open protocol informationHeinrich Schuchardt
When a protocol is opened the open protocol information must be updated. The key fields of the open protocol information records are ImageHandle, ControllerHandle, and Attributes. Consider the Attributes field when determining if an open protocol information record has to be updated or a new one has to be created. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-01efi_loader: correct HandleProtocol()Heinrich Schuchardt
The UEFI specification requires that when a protocol is opened via HandleProtocol() the agent handle is the image handle of the EFI firmware (see chapter on EFI_BOOT_SERVICES.OpenProtocol()). Let efi_handle_protocol() pass efi_root as agent handle to efi_open_protocol(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-31efi_loader: correct UninstallProtocolInterface()Heinrich Schuchardt
When uninstalling a protocol the following steps are needed: * request all drivers to disconnect * close protocol for all non-drivers * check if any open instance of the protocol exists on the handle and return EFI_ACCESS_DENIED in this case * remove the protocol interface By tort we tested for remaining open protocol instances already after requesting drivers to disconnect. With this correction the UEFI SCT II tests for UninstallProtocolInterface() and ReinstallProtocolInterface are passed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-31efi_loader: avoid crash in OpenProtocol()Heinrich Schuchardt
When trying to open a protocol exclusively attached drivers have to be removed. This removes entries in the open protocol information linked list over which we are looping. As additionally child controllers may have been removed the only safe thing to do is to restart the loop over the linked list when a driver is removed. By observing the return code of DisconnectController() we can eliminate a loop. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-31efi_loader: correct OpenProtocol()Heinrich Schuchardt
If a protocol is opened BY_DRIVER it cannot be opened by another agent BY_DRIVER. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-31efi_loader: registration key in LocateProtocol()Heinrich Schuchardt
In LocateProtocol() implement searching by the registration key returned by RegisterNotifyProtocol(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-31efi_loader: factor out efi_check_register_notify_event()Heinrich Schuchardt
The code to check if a registration key is a valid key returned by RegisterProtocolNotify() can be reused. So let us factor it out into a new function efi_check_register_notify_event(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-31efi_loader: correct notification of protocol installationHeinrich Schuchardt
When a protocol is installed the handle should be queued for the registration key of each registered event. LocateHandle() should return the first handle from the queue for the registration key and delete it from the queue. Implement the queueing. Correct the selftest. With the patch the UEFI SCT tests for LocateHandle() are passed without failure. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-24efi_loader: correct device path checkHeinrich Schuchardt
Since commit 226cddbe32f0 ("efi_loader: check device path in InstallMultipleProtocolInterfaces") iPXE fails to access the network. LocateDevicePath() returns EFI_SUCCESS even if a shorter path is found as a partial match. It returns the remaining path. So to be sure that we found a complete match we need to check that the remaining path refers to an end node. Provide debug output if a device path has already been installed. Fixes: 226cddbe32f0 ("efi_loader: check device path in InstallMultipleProtocolInterfaces") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-19efi_loader: GetNextMonotonicCount() check parameterHeinrich Schuchardt
Do not write to address indicated by NULL pointer. UEFI SCT II 2.6 (2017), 3.6.5 GetNextMonotonicCount(), 5.1.5.5.1 Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-19efi_loader: parameter checks CalculateCrc32()Heinrich Schuchardt
Not checking the parameters may lead reading or writing from NULL. Implement the parameter checks prescribed in the UEFI spec. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-19efi_loader: check device path in InstallMultipleProtocolInterfacesHeinrich Schuchardt
According to the UEFI spec InstallMultipleProtocolInterfaces() must check if a device path has already been installed. In this case it must return EFI_ALREADY_STARTED. Cf. UEFI SCT II 2.6 A (2017), 3.3.16 InstallMultipleProtocolInterfaces(), 5.1.3.16.1. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: infinite recursion notifying eventsHeinrich Schuchardt
UEFI SCT uses this call sequence to determine the current TPL level inside notification functions: OldTpl = BS->RaiseTPL(TPL_HIGH_LEVEL); BS->RestoreTPL(OldTpl); In RestoreTPL() we trigger the notification function of queued events. If we do not mark the event as non-queued before calling the notification function, this results in an infinite recursive call sequence. Mark the event as non-queued before entering the notification function. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: error code in UninstallProtocolInterface()Heinrich Schuchardt
According to the UEFI specification UninstallProtocolInteface() has to return EFI_NOT_FOUND if the interface is not found. Correct the return value. Cf. UEFI SCT II spec (2017), 3.3.2 UninstallProtocolInterface(), 5.1.3.2.4 Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: superfluous check in efi_remove_protocol()Heinrich Schuchardt
efi_search_protocol() already checks that the GUID matches. Don't check a second time. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: LocateDevicePath() incorrect parameter checkHeinrich Schuchardt
A parameter check in LocateDevicePath() does not match the requirements of the UEFI spec. If device is NULL, only return EFI_INVALID_PARAMETER if a matching handle is found. Cf. UEFI SCT II specification (2017)3.3.7 LocateDevicePath(), 5.1.3.7.3 Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-12efi_loader: fix typo in efi_locate_handle() commentHeinrich Schuchardt
%s/not buffer/no buffer/ Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: signature of ExitBootServices()Heinrich Schuchardt
Consistently use efi_uintn_t as type of memory keys. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Alexander Graf <graf@amazon.com>