summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2019-05-07efi_loader: LoadImage() check source sizeHeinrich Schuchardt
If the size of the source buffer is 0, return EFI_LOAD_ERROR. (UEFI SCT II 2017: 3.4.1 LoadImage() - 5.1.4.1.6) Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: LoadImage() check parent imageHeinrich Schuchardt
If the parent image handle does not refer to a loaded image return EFI_INVALID_PARAMETER. (UEFI SCT II 2017: 3.4.1 LoadImage() - 5.1.4.1.1) Mark our root node as a loaded image to avoid an error when using it as parent image. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: HandleProtocol parameter checksHeinrich Schuchardt
HandleProtocol() and OpenProtocol() have to return EFI_UNSUPPORTED if the protocol is not installed on the handle. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: use EFI_PRINT instead of debugHeinrich Schuchardt
For correct indentation of messages in the UEFI API implementation use EFI_PRINT() instead of debug(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: CloseProtocol() requires valid agent handleHeinrich Schuchardt
Return EFI_INVALID_PARAMETER from CloseProtcol() if the agent handle is not valid. Return EFI_INVALID_PARAMETER if the optional controller handle is not valid. Return immediately from efi_search_obj if the handle is NULL. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_selftest: unit test for RegisterProtocolNotify()Heinrich Schuchardt
Provide a unit test for the RegisterProtocolNotify() boot service. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: implement RegisterProtocolNotify()Heinrich Schuchardt
The RegisterProtocolNotify() boot service registers an event to be notified upon the installation of a protocol interface with the specified GUID. Add the missing implementation. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: EVT_NOTIFY_SIGNAL eventsHeinrich Schuchardt
The notification function of events of type EVT_NOTIFY_SIGNAL should always be queued when SignalEvent() is called. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_selftest: remove redundant function efi_st_memcmp()Heinrich Schuchardt
Function memcmp() is available in efi_freestanding.c. So we do not remove a further implementation. Replace all usages of efi_st_memcmp() by memcmp(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: unload applications upon Exit()Heinrich Schuchardt
Implement unloading of images in the Exit() boot services: * unload images that are not yet started, * unload started applications, * unload drivers returning an error. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: implement UnloadImage()Heinrich Schuchardt
Implement the UnloadImage() boot service Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: move efi_unload_image() down in sourceHeinrich Schuchardt
Move efi_unload_image() down in source to avoid forward declaration in follwing page. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: mark started imagesHeinrich Schuchardt
In UnloadImage() we need to know if an image is already started. Add a field to the handle structure identifying loaded and started images. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: correct parameter check in LocateHandle()Heinrich Schuchardt
If LocateHandle() does not find an entry EFI_NOT_FOUND has to be returned even if BufferSize is NULL. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-07efi_loader: allowable event types in CreateEventEx()Heinrich Schuchardt
CreateEventEx() does not allow the following event types: * EVT_SIGNAL_EXIT_BOOT_SERVICES * EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE This check is needed to pass the UEFI SCT conformance test. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Alexander Graf <agraf@csgraf.de>
2019-05-07efi_loader: clean up UEFI sub-system initializationHeinrich Schuchardt
allow_unaligned(), switch_to_non_secure_mode(), and efi_init_obj_list() are called in sequence in multiple places. Move calls to allow_unaligned() and switch_to_non_secure_mode() to efi_init_obj_list(). Remove unused includes. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-05lib: add Zstandard decompression supportMarek Behún
Add the zstd library from Linux kernel (only decompression support). There are minimal changes to build with U-Boot, otherwise the files are identical to Linux commit dc35da16 from March 2018, the files had not been touched since in kernel. Also SPDX lincese tags were added. Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-05lib: Add xxhash supportMarek Behún
This adds the xxhash support from Linux. Files are almost identical to those added to Linux in commit 5d240522 ("lib: Add xxhash module") (they haven't been touched since in Linux). The only difference is to add some includes to be compatible with U-Boot. Also SPDX lincese tags were added. Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-05lib/display_options: avoid illegal memory accessHeinrich Schuchardt
display_options_get_banner_priv() overwrites bytes before the start of the buffer if the buffer size is less then 3. This case occurs in the Sandbox when executing the `ut_print` command. Correctly handle small buffer sizes. Adjust the print unit test to catch when bytes before the buffer are overwritten. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
2019-05-03Merge branch '2019-05-03-master-imports'Tom Rini
- Various btrfs fixes - Various TI platform fixes - Other fixes (cross build, taurus update, Kconfig help text)
2019-05-03lib: Kconfig: fix help text for GZIPHeiko Schocher
commit 95f4bbd581cf ("lib: fdt: Allow LZO and GZIP DT compression in U-Boot") introduced Kconfig option for gzip in U-Boot, but help text says gzip for SPL, which is wrong. Fix this. Signed-off-by: Heiko Schocher <hs@denx.de> Acked-by: Marek Vasut <marex@denx.de>
2019-05-03lib/vsprintf: remove #include <uuid.h> from vsprintf.cHeinrich Schuchardt
common.h already includes uuid.h Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02lib: uuid: Fix unseeded PRNG on RANDOM_UUID=yEugeniu Rosca
The random uuid values (enabled via CONFIG_RANDOM_UUID=y) on our platform are always the same. Below is consistent on each cold boot: => ### interrupt autoboot => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc ... uuid_gpt_misc=d117f98e-6f2c-d04b-a5b2-331a19f91cb2 => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc ... uuid_gpt_misc=ad5ec4b6-2d9f-8544-9417-fe3bd1c9b1b3 => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc ... uuid_gpt_misc=cceb0b18-39cb-d547-9db7-03b405fa77d4 => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc ... uuid_gpt_misc=d4981a2b-0478-544e-9607-7fd3c651068d => env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc ... uuid_gpt_misc=6d6c9a36-e919-264d-a9ee-bd00379686c7 While the uuids do change on every 'gpt write' command, the values appear to be taken from the same pool, in the same order. Assuming U-Boot with RANDOM_UUID=y is deployed on a large number of devices, all those devices would essentially expose the same UUID, breaking the assumption of system/RFS/application designers who rely on UUID as being globally unique (e.g. a database using UUID as key would alias/mix up entries/records due to duplicated UUID). The root cause seems to be simply _not_ seeding PRNG before generating a random value. It turns out this belongs to an established class of PRNG-specific problems, commonly known as "unseeded randomness", for which I am able to find below bugs/CVE/CWE: - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0285 ("CVE-2015-0285 openssl: handshake with unseeded PRNG") - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-9019 ("CVE-2015-9019 libxslt: math.random() in xslt uses unseeded randomness") - https://cwe.mitre.org/data/definitions/336.html ("CWE-336: Same Seed in Pseudo-Random Number Generator (PRNG)") The first revision [1] of this patch updated the seed based on the output of get_timer(), similar to [4]. There are two problems with this approach: - get_timer() has a poor _ms_ resolution - when gen_rand_uuid() is called in a loop, get_timer() returns the same result, leading to the same seed being passed to srand(), leading to the same uuid being generated for several partitions with different names The above drawbacks have been addressed in the second version [2]. In its third revision (current), the patch reworded the description and summary line to emphasize it is a *fix* rather than an improvement. Testing [3] consisted of running 'gpt write mmc 1 $partitions' in a loop on R-Car3 for several minutes, collecting 8844 randomly generated UUIDS. Two consecutive cold boots are concatenated in the log. As a result, all uuid values are unique (scripted check). Thanks to Roman, who reported the issue and provided support in fixing. [1] https://patchwork.ozlabs.org/patch/1091802/ [2] https://patchwork.ozlabs.org/patch/1092945/ [3] https://gist.github.com/erosca/2820be9d554f76b982edd48474d0e7ca [4] commit da384a9d7628 ("net: rename and refactor eth_rand_ethaddr() function") Reported-by: Roman Stratiienko <roman.stratiienko@globallogic.com> Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_loader: description of efi_add_handle()Heinrich Schuchardt
Correct the comments describing function efi_add_handle(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_selftest: test exit_dataHeinrich Schuchardt
Amend the unit test 'start image exit' to transfer a string as exit data. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_loader: implement support of exit dataHeinrich Schuchardt
In case of a failure exit data may be passed to Exit() which in turn is returned by StartImage(). Let the `bootefi` command print the exit data string in case of an error. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_loader: optional data in load options are binaryHeinrich Schuchardt
The field boot OptionalData in structure _EFI_LOAD_OPTIONS is for binary data. When we use `efidebug boot add` we should convert the 5th argument from UTF-8 to UTF-16 before putting it into the BootXXXX variable. When printing boot variables with `efidebug boot dump` we should support the OptionalData being arbitrary binary data. So let's dump the data as hexadecimal values. Here is an example session protocol: => efidebug boot add 00a1 label1 scsi 0:1 doit1 'my option' => efidebug boot add 00a2 label2 scsi 0:1 doit2 => efidebug boot dump Boot00A0: attributes: A-- (0x00000001) label: label1 file_path: .../HD(1,MBR,0xeac4e18b,0x800,0x3fffe)/doit1 data: 00000000: 6d 00 79 00 20 00 6f 00 70 00 74 00 69 00 6f 00 m.y. .o.p.t.i.o. 00000010: 6e 00 00 00 n... Boot00A1: attributes: A-- (0x00000001) label: label2 file_path: .../HD(1,MBR,0xeac4e18b,0x800,0x3fffe)/doit2 data: Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_loader: set OsIndicationsSupported at initAKASHI Takahiro
UEFI variables should be installed using well-defined API. Currently we don't support much, but the value of OsIndicationsSupported will be updated once some features are added in the future. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Add comments. Rename a variable. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_loader: FreePages() must fail with pages = 0Heinrich Schuchardt
The UEFI spec requires that freeing of pages fails if the number of pages to be freed is 'invalid'. Check that it is not zero. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-02efi_loader: parameter check CreateEventEx()Heinrich Schuchardt
CreateEvent() and CreateEventEx() should check that a notify function is provided for either of EVT_NOTIFY_SIGNAL or EVT_NOTIFY_WAIT. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-24Merge tag 'pull-24apr19' of git://git.denx.de/u-boot-dmTom Rini
Various minor sandbox iumprovements Fixes for tracing with sandbox Refactoring for boot_get_fdt()
2019-04-24Merge tag 'efi-2019-07-rc1-3' of git://git.denx.de/u-boot-efiTom Rini
Pull request for UEFI sub-system for v2019.07-rc1 (3) This patch series reworks the implementation of the `bootefi` command to remove code duplication by using the LoadImage() boot service to load binaries. Missing short texts for UEFI protocols are added for display by the `efidebug dh` command. Missing parameter checks for AllocatePages() and CreateDeviceNode() are implemented. The constants for protocol GUIDs are changed to match the names in the UEFI specification.
2019-04-24image: android: allow booting lz4-compressed kernelsEugeniu Rosca
According to Android image format [1], kernel image resides at 1 page offset from the boot image address. Grab the magic number from there and allow U-Boot to handle LZ4-compressed KNL binaries instead of hardcoding compression type to IH_COMP_NONE. Other compression types, if needed, can be added later. Tested on H3ULCB-KF using the image detailed in [2]. [1] Excerpt from include/android_image.h +-----------------+ | boot header | 1 page +-----------------+ | kernel | n pages +-----------------+ | ramdisk | m pages +-----------------+ | second stage | o pages +-----------------+ [2] => iminfo 4c000000 ## Checking Image at 4c000000 ... Android image found kernel size: 85b9d1 kernel address: 48080000 ramdisk size: 54ddbc ramdisk addrress: 4a180000 second size: 0 second address: 48000800 tags address: 48000100 page size: 800 os_version: 1200012a (ver: 0.9.0, level: 2018.10) name: cmdline: buildvariant=userdebug Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
2019-04-23fdtdec: Use fdt_setprop_u32() for fdtdec_set_phandle()Thierry Reding
The fdt_setprop_u32() function does everything that we need, so we really only use the function as a convenience wrapper, in which case it can simply be a static inline function. Signed-off-by: Thierry Reding <treding@nvidia.com>
2019-04-23Convert CONFIG_TRACE_BUFFER_SIZE et al to KconfigSimon Glass
This converts the following to Kconfig: CONFIG_TRACE_BUFFER_SIZE CONFIG_TRACE_EARLY_SIZE CONFIG_TRACE_EARLY CONFIG_TRACE_EARLY_ADDR Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23Convert CONFIG_TRACE to KconfigSimon Glass
This converts the following to Kconfig: CONFIG_TRACE Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23trace: Tidy up error returnsSimon Glass
At present many functions in this file return -1. Update them to return a valid error code. Also tidy up the 'return' statements at the same time, since these should have a blank line before them. Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23div64: Don't instrument the division functionSimon Glass
This function may be called from tracing code, since that code needs to read the timer and this often requires calling do_div(), which calls __div64_32(). If this function is instrumented it causes an infinite loop, since emitting a trace record requests the time, which in turn emits a trace record, etc. Update the prototype to prevent instrumentation code being added. Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23div64: Use kernel typesSimon Glass
These functions still use uint32_t and uint64_t but checkpatch now requests that the kernel types be used instead. Update them as well as a few resulting checkpatch errors. Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23efi_loader: check length in CreateDeviceNode()Heinrich Schuchardt
When creating a device path node ensure that the size of the allocated memory at lest matches the size of the node header. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: check memory type in AllocatePages()Heinrich Schuchardt
The UEFI specification prescribes that AllocatePages() checks the memory type. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: need either ACPI table or device treeHeinrich Schuchardt
The EBBR specification prescribes that we should have either an ACPI table or a device tree but not both. Let us enforce this condition in the `bootefi` command. If the bootefi command is called without a device tree parameter use a previously device tree or fall back to the internal device tree. The fdt unit test should not be run on boards with an ACPI table. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_selftest: do not run FDT test with ACPI table.Heinrich Schuchardt
The EBBR specification prescribes that we should have either an ACPI table or a device tree but not both. So do not run the device tree unit test on boards with an ACPI table. Hence there is no need any longer to make it 'on request' only. Do not pass $fdtcontroladdr to `bootefi selftest`. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: rework bootmgr/bootefi using load_image APIAKASHI Takahiro
In the current implementation, bootefi command and EFI boot manager don't use load_image API, instead, use more primitive and internal functions. This will introduce duplicated code and potentially unknown bugs as well as inconsistent behaviours. With this patch, do_efibootmgr() and do_boot_efi() are completely overhauled and re-implemented using load_image API. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Use efi_root as parent handle for the loaded image. LoadImage() should be called with BootPolicy = true by the boot manager. Avoid duplicate free_pool(). Eliminate variable memdp which is not needed after anymore due to "efi_loader: correctly split device path of loaded image". Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: correctly split device path of loaded imageHeinrich Schuchardt
When the LoadImage() service is called for an image that is already loaded to memory the file path may be NULL or it will contain both a device path as well as a media path. We should not assume that there is no media path. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: consistent naming of protocol GUIDsHeinrich Schuchardt
We should consistently use the same name for protocol GUIDs as defined in the UEFI specification. Not adhering to this rule has led to duplicate definitions for the EFI_LOADED_IMAGE_PROTOCOL_GUID. Adjust misnamed protocol GUIDs. Adjust the text for the graphics output protocol in the output of the `efidebug dh` command. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: export root node handleAKASHI Takahiro
This is a preparatory patch. The root node handle will be used as a dummy parent handle when invoking an EFI image from bootefi/bootmgr command. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Rebased. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-23efi_loader: efi_setup_loaded_image() handle missing file nameAKASHI Takahiro
This is a preparatory patch. efi_dp_split_file_path() is used to create device_path and file_path from file_path for efi_setup_loaded_image(). In a special case, however, of HARDWARE_DEVICE/MEMORY, it doesn't work expectedly since this path doesn't contain any FILE_PATH sub-type. This patch makes a workaround. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Adjust the logic such that for all paths that do no end on a media file path we return NULL as file_path. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-04-15Merge tag 'efi-2019-07-rc1-2' of git://git.denx.de/u-boot-efiTom Rini
Pull request for UEFI sub-system for v2019.07-rc1 (2) In the aarch64 crash dump information about the loaded EFI images is added. In README.uefi the development target is for the UEFI subsystem is described as "Embedded Base Boot Requirements (EBBR) Specification" compliance. Several bug fixes are supplied.
2019-04-14Merge branch 'master' of git://git.denx.de/u-boot-spiTom Rini
Conflicts: arch/arm/dts/armada-385-amc.dts arch/arm/dts/armada-xp-theadorable.dts arch/arm/dts/stm32mp157c-ev1-u-boot.dtsi Signed-off-by: Tom Rini <trini@konsulko.com>