There is a number of users that use uclass_first_device to access the
first and (assumed) only device in uclass.
Some check the return value of uclass_first_device and also that a
device was returned which is exactly what uclass_first_device_err does.
Some are not checking that a device was returned and can potentially
crash if no device exists in the uclass. Finally there is one that
returns NULL on error either way.
Convert all of these to use uclass_first_device_err instead, the return
value will be removed from uclass_first_device in a later patch.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Loadfile2 code is installing two protocols on it's own handle
and uses efi_delete_handle() to clean it up on failure(s). However
commit 05c4c9e21a ("efi_loader: define internal implementations of
install/uninstallmultiple") prepares the ground for us to clean up
efi_delete_handle() used in favor of Install/UninstallMultipleProtocol.
While at it clean up the non needed void casts to (void *) on the
protolcol installation.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The option SHA256_ALGO does not exist. Remove selecting it.
Fixes: 26dd993657 ("lib: add crypt subsystem")
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Make it clearer why InstallMultipleProtocolInterfaces is invoked with two
NULLs:
* rename guid to esp_guid
* put protocol GUIDs and the related interfaces on same lines
* add comment
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
* Replace the OpenProtocol() call by efi_search_protocol().
* Remove the CloseProtocol() call.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Avoid EFI_CALL() by using efi_close_protocol().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Allow avoiding using EFI_CALL() when closing a protocol by providing an
internal function.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The CloseProtocol() boot service requires a handle as first argument.
Passing the protocol interface is incorrect.
CloseProtocol() only has an effect if called with a non-zero value for
agent_handle. HandleProtocol() uses an opaque agent_handle when invoking
OpenProtocol() (currently NULL). Therefore HandleProtocol() should be
avoided.
* Replace the LocateHandle() call by efi_search_protocol().
* Remove the CloseProtocol() call.
Fixes: 8d99026f06 ("efi_loader: capsule: support firmware update")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The CloseProtocol() boot service requires a handle as first argument.
Passing the protocol interface is incorrect.
CloseProtocol() only has an effect if called with a non-zero value for
agent_handle. HandleProtocol() uses an opaque agent_handle when invoking
OpenProtocol() (currently NULL). Therefore HandleProtocol() should be
avoided.
* Replace the LocateHandle() call by efi_search_protocol().
* Remove the CloseProtocol() call.
* Remove a superfluous goto.
Fixes: ce3dbc5d08 ("efi_loader: add UEFI GPT measurement")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We must always call EFI_EXIT() when returning from an EFIAPI function.
Fixes: 05ef48a248 ("efi_driver: EFI block driver")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
part is unsigned. So it must be printed with %u.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
A following patch is cleaning up the core EFI code trying to remove
sequences of efi_create_handle, efi_add_protocol.
Although this works fine there's a problem with the latter since it is
usually combined with efi_delete_handle() which blindly removes all
protocols on a handle and deletes the handle. We should try to adhere to
the EFI spec which only deletes a handle if the last instance of a protocol
has been removed. Another problem is that efi_delete_handle() never checks
for opened protocols, but the EFI spec defines that the caller is
responsible for ensuring that there are no references to a protocol
interface that is going to be removed.
So let's fix this by replacing all callsites of
efi_create_handle(), efi_add_protocol() , efi_delete_handle() with
Install/UninstallMultipleProtocol.
In order to do that redefine functions that can be used by the U-Boot
proper internally and add '_ext' variants that will be used from the
EFI API
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Move the registration of events for the addition and removal of block
devices to the block device driver. Here we can add a reference to the
EFI Driver Binding protocol as context.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
A function event_notify() exists. We should not use the same name for and
EFI event. Rename events in unit tests.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
For handling added and removed block devices we need to register events
which has to be done when the driver is installed.
This patch only creates an empty init function that will be filled with
code later on. The function needs to be called before any EFI block devices
are used. Move the efi_driver_init() call to early init.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
DisconnectController() is based on the open protocol information created
when the driver opens a protocol with BY_CHILD_CONTROLLER or BY_DRIVER.
To create an open protocol information it is required to supply the handle
of the driver as agent handle. This information is available as field
DriverBindingHandle in the driver binding protocol.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
* Carve out function efi_bl_create_block_device() from efi_bl_bind().
* Add a check for U-Boot devices to efi_bl_bind().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
If creating the block device fails,
* delete all created objects and references
* close the protocol interface on the controller
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
When deleting a device or a handle we must remove the link between the two
to avoid dangling references.
Provide function efi_unlink_dev() for this purpose.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
dp_alloc() may return NULL. This needs to be caught.
Fixes: 98d48bdf41 ("efi_loader: provide a function to create a partition node")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
At present there is only one device tree used by the ofnode functions,
except for some esoteric use of live tree. In preparation for supporting
more than one, add a way to reset the list of device trees.
For now this does nothing.
Signed-off-by: Simon Glass <sjg@chromium.org>
An upcoming patch set creates a global function flush(). To make debugging
easier we should not use the same name for a static function.
Rename static functions in the LoadImage() unit test adding an efi_st_
prefix.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The current implementation creates a 'name' value for every node. This
is not needed for the latest device tree format, which includes a name in
the node header.
Adjust the code to point the name at the node header instead.
Also simplify ofnode_get_name(), now that we can rely on it to set the
name correctly. Update the comment to make it clear what name the root
node has.
Signed-off-by: Simon Glass <sjg@chromium.org>
An upcoming patch set creates a global function flush(). To make debugging
easier we should not use the same name for a static function.
Rename static functions in the LoadImage() unit test adding an efi_st_
prefix.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Function print_size() round size to the nearst value with one decimal
fraction number. But in special cases also unit order may overflow.
For example value 1073689396 is printed as "1024 MiB" and value 1073741824
as "1 GiB".
Fix this issue by detecting order overflow and increasing unit order.
With this change also value 1073689396 is printed as "1 GiB".
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Globally replace all occurances of WATCHDOG_RESET() with schedule(),
which handles the HW_WATCHDOG functionality and the cyclic
infrastructure.
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com> [am335x_evm, mx6cuboxi, rpi_3,dra7xx_evm, pine64_plus, am65x_evm, j721e_evm]
We currently have an if_type (interface type) and a uclass id. These are
closely related and we don't need to have both.
Drop the if_type values and use the uclass ones instead.
Maintain the existing, subtle, one-way conversion between UCLASS_USB and
UCLASS_MASS_STORAGE for now, and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
efi_set_blk_dev_to_system_partition() assumes that 0 is an invalid
if_type. This is true now but is about to be false. Fix this bug to avoid
a test failure.
Signed-off-by: Simon Glass <sjg@chromium.org>
Selecting this option can be handled in the Kconfig option itself, as it
is with BLK. Update this an drop the various 'select' clauses.
Signed-off-by: Simon Glass <sjg@chromium.org>
This option is fact really related to SPL. For U-Boot proper we always use
driver model for block devices, so CONFIG_BLK is enabled if block devices
are in use.
It is only for SPL that we have two cases:
- SPL_BLK is enabled, in which case we use driver model and blk-uclass.c
- SPL_BLK is not enabled, in which case (if we need block devices) we must
use blk_legacy.c
Rename the symbol to SPL_LEGACY_BLOCK to make this clear. This is
different enough from BLK and SPL_BLK that there should be no confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Check the that the hash length is shorter than the message length. This
avoids:
./tools/../lib/rsa/rsa-verify.c:275:11: warning:
‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
275 | db[0] &= 0xff >> leftmost_bits;
Fixes: 061daa0b61 ("rsa: add support of padding pss")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
UEFI specification requires booting from removal media using
a architecture-specific default image name such as BOOTAA64.EFI.
This commit adds the removable media entries into bootmenu,
so that user can select the removable media and boot with
default image.
The bootmenu automatically enumerates the possible bootable
media devices supporting EFI_SIMPLE_FILE_SYSTEM_PROTOCOL,
add it as new UEFI boot option(BOOT####) and update BootOrder
variable. This automatically generated UEFI boot option
has the dedicated guid in the optional_data to distinguish it from
the UEFI boot option user adds manually. This optional_data is
removed when the efi bootmgr loads the selected UEFI boot option.
This commit also provides the BOOT#### variable maintenance feature.
Depending on the system hardware setup, some devices
may not exist at a later system boot, so bootmenu checks the
available device in each bootmenu invocation and automatically
removes the BOOT#### variable corrensponding to the non-existent
media device.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
This commit add the "eficonfig" command.
The "eficonfig" command implements the menu-driven UEFI boot option
maintenance feature. This commit implements the addition of
new boot option. User can select the block device volume having
efi_simple_file_system_protocol and select the file corresponding
to the Boot#### variable. User can also enter the description and
optional_data of the BOOT#### variable in utf8.
This commit adds "include/efi_config.h", it contains the common
definition to be used from other menus such as UEFI Secure Boot
key management.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
UEFI block devices can either mirror U-Boot's internal devices or be
provided by an EFI application like iPXE.
When ConnectController() is invoked for the EFI_BLOCK_IO_PROTOCOL
interface for such an application provided device we create a virtual
U-Boot block device of type "efi_blk".
Currently we do not call ConnectController() when handles for U-Boot's
internal block devices are created. If an EFI application calls
ConnectController() for a handle relating to an internal block device,
we erroneously create an extra "efi_blk" block device.
E.g. the UEFI shell has a command 'connect -r' which calls
ConnectController() for all handles with device path protocol.
In the Supported() method of our EFI_DRIVER_BINDING_PROTOCOL return
EFI_UNSUPPORTED when dealing with an U-Boot internal device.
Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
Fixes: commit 05ef48a248 ("efi_driver: EFI block driver")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Change efi_delete_handle() to not free EFI handles twice.
This change tries to resolved an issue seen since U-Boot v2022.07
in which ExitBootService() attempts to release some EFI handles twice.
The issue was seen booting a EFI shell that invokes 'connect -r' and
then boots a Linux kernel. Execution of connect command makes EFI
subsystem to bind a block device for each root block devices EFI handles.
However these EFI device handles are already bound to a driver and we
can have 2 registered devices relating to the same EFI handler. On
ExitBootService(), the loop removing the devices makes these EFI handles
to be released twice which corrupts memory.
This patch prevents the memory release operation caused by the issue but
but does not resolve the underlying problem.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Add log message.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add a new unit test to test the integrity of the
EFI Conformance Profile Table.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We can use efi_st_get_config_table() in multiple unit tests.
Export the function.
Export system-table and boot-services.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add an option to tell the TPM to commit non-volatile data immediately it
is changed, rather than waiting until later. This is needed in some
situations, since if the device reboots it may not write the data.
Add definitions for the rest of the Cr50 commands while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>