From b0f569ea4df875b3ef350685be6fb25a973e1022 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sat, 10 Apr 2021 20:07:54 +0200 Subject: [PATCH 1/7] board: toradex: apalis-imx8x: fix build warning The length of an underline must match the length of the header. Signed-off-by: Heinrich Schuchardt Reviewed-by: Oleksandr Suvorov --- doc/board/toradex/apalix-imx8x.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/board/toradex/apalix-imx8x.rst b/doc/board/toradex/apalix-imx8x.rst index efa7e0c72e..e62578b152 100644 --- a/doc/board/toradex/apalix-imx8x.rst +++ b/doc/board/toradex/apalix-imx8x.rst @@ -1,7 +1,7 @@ .. SPDX-License-Identifier: GPL-2.0+ Apalis iMX8X V1.1A Module (SoC NXP i.MX8QXP RevB) -========================== +================================================= Quick Start ----------- From 41ad972426bfcf8ac790bad0d19b4a55af0d230e Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sun, 11 Apr 2021 17:03:53 +0200 Subject: [PATCH 2/7] doc: imx: psb: fix footnotes In reStructured text footnotes are referenced like [1]_. Add missing underscores. Signed-off-by: Heinrich Schuchardt Acked-by: Marek Vasut --- doc/imx/misc/psb.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/imx/misc/psb.rst b/doc/imx/misc/psb.rst index 4d6f001b74..9bb84b4024 100644 --- a/doc/imx/misc/psb.rst +++ b/doc/imx/misc/psb.rst @@ -88,7 +88,7 @@ SIT format SIT is a 20 byte long structure containing of 5 32-bit words. Those encode bootloader B-copy area offset (called "firstSectorNumber"), magic value (called "tag") that is always 0x00112233, and three unused words set to 0. -SIT is documented in [1] and [2]. Example SIT are below:: +SIT is documented in [1]_ and [2]_. Example SIT are below:: $ hexdump -vC sit-mx7d.bin 00000000 00 00 00 00 From 15d9694600feda088974d54fe319984f81c7fb85 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sun, 11 Apr 2021 20:28:13 +0200 Subject: [PATCH 3/7] doc: fatinfo man-page Provide a man-page for the fatinfo command. Signed-off-by: Heinrich Schuchardt --- doc/usage/index.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/usage/index.rst b/doc/usage/index.rst index d330b14a17..b64cfe444a 100644 --- a/doc/usage/index.rst +++ b/doc/usage/index.rst @@ -28,6 +28,7 @@ Shell commands exception exit false + fatinfo for load loady From 798ece83bd47ea6f94b74624f5929ad6f2d6c361 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sat, 10 Apr 2021 20:32:03 +0200 Subject: [PATCH 4/7] doc: duplicate target 'youtube' Two external references cannot have the same name: doc/chromium/overview.rst:5: WARNING: Duplicate explicit target name: "youtube" Signed-off-by: Heinrich Schuchardt Reviewed-by: Simon Glass --- doc/chromium/overview.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/chromium/overview.rst b/doc/chromium/overview.rst index 5498ed9c16..790233cb66 100644 --- a/doc/chromium/overview.rst +++ b/doc/chromium/overview.rst @@ -45,7 +45,7 @@ Here is some material relevant to Chromium OS verified boot with U-Boot: - Presented at Open Source Firmware Conference 2018, Erlangen - Describes the work in progress as at the end of 2018 - Slides at `OSFC `_ - - Video on `Youtube `_ + - `Youtube video 'OSFC - U-Boot with Chrome OS and firmware packaging' `_ - "Verified Boot in Chrome OS and how to make it work for you" @@ -58,7 +58,7 @@ Here is some material relevant to Chromium OS verified boot with U-Boot: and pit/pi (`Samsung Chromebook 2 `_ with Exynos 5 Octa 5420 in 2014). - Slides at `Google research `_ - - Video at `Youtube `_ + - `Youtube video 'Verified Boot on Chrome OS and How to do it yourself' `_ - "Chrome University 2018: Chrome OS Firmware and Verified Boot 201" @@ -67,7 +67,7 @@ Here is some material relevant to Chromium OS verified boot with U-Boot: topics. This has no U-Boot information, but does cover coreboot and also talks about the Chrome OS EC and Security chip. This is probably the best introduction talk. - - Video at `YouTube `_ + - `Youtube video 'Chrome University 2018: Chrome OS Firmware and Verified Boot 201' `_ - `Chromium OS U-Boot `_ From 7d823747c695e8638b637abd0c19434f661e50d9 Mon Sep 17 00:00:00 2001 From: Sughosh Ganu Date: Wed, 14 Apr 2021 12:38:25 +0530 Subject: [PATCH 5/7] efi_loader: esrt: Remove incorrect invocations of EFI_CALL macro Remove function invocations using the EFI_CALL macro for those functions that do not have an EFI_ENTRY call in their definition. Such functions can use u-boot api's which rely on u-boot global data(gd) pointer. The Arm and RiscV architectures maintain a separate gd pointer, one for u-boot, and a separate gd for the efi application. Calling a function through the EFI_CALL macro changes the gd pointer to that used for the efi application, with u-boot gd being unavailable. Any function then trying to dereference u-boot's gd will result in an abort. Fix this issue by removing the EFI_CALL macro for all of such functions which do not begin by an EFI_ENTRY function call. Signed-off-by: Sughosh Ganu Reviewed-by: Heinrich Schuchardt --- lib/efi_loader/efi_esrt.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/efi_loader/efi_esrt.c b/lib/efi_loader/efi_esrt.c index 40f53260e4..3ca55ce23a 100644 --- a/lib/efi_loader/efi_esrt.c +++ b/lib/efi_loader/efi_esrt.c @@ -139,7 +139,7 @@ efi_status_t efi_esrt_allocate_install(u32 num_entries) /* If there was a previous ESRT, deallocate its memory now. */ if (esrt) - ret = EFI_CALL(efi_free_pool(esrt)); + ret = efi_free_pool(esrt); esrt = new_esrt; @@ -253,8 +253,8 @@ efi_status_t efi_esrt_add_from_fmp(struct efi_firmware_management_protocol *fmp) return EFI_INVALID_PARAMETER; } - ret = EFI_CALL(efi_allocate_pool(EFI_BOOT_SERVICES_DATA, info_size, - (void **)&img_info)); + ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, info_size, + (void **)&img_info); if (ret != EFI_SUCCESS) { EFI_PRINT("ESRT failed to allocate memory for image info.\n"); return ret; @@ -298,7 +298,7 @@ efi_status_t efi_esrt_add_from_fmp(struct efi_firmware_management_protocol *fmp) } out: - EFI_CALL(efi_free_pool(img_info)); + efi_free_pool(img_info); return EFI_SUCCESS; } @@ -384,8 +384,8 @@ efi_status_t efi_esrt_populate(void) goto out; } - ret = EFI_CALL(efi_allocate_pool(EFI_BOOT_SERVICES_DATA, info_size, - (void **)&img_info)); + ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, info_size, + (void **)&img_info); if (ret != EFI_SUCCESS) { EFI_PRINT("ESRT failed to allocate memory for image info\n"); goto out; @@ -405,13 +405,13 @@ efi_status_t efi_esrt_populate(void) if (ret != EFI_SUCCESS) { EFI_PRINT("ESRT failed to obtain image info from FMP\n"); - EFI_CALL(efi_free_pool(img_info)); + efi_free_pool(img_info); goto out; } num_entries += desc_count; - EFI_CALL(efi_free_pool(img_info)); + efi_free_pool(img_info); } EFI_PRINT("ESRT create table with %u entries\n", num_entries); @@ -430,9 +430,9 @@ efi_status_t efi_esrt_populate(void) */ it_handle = base_handle; for (u32 idx = 0; idx < no_handles; idx++, it_handle++) { - ret = EFI_CALL(efi_search_protocol(*it_handle, - &efi_guid_firmware_management_protocol, - &handler)); + ret = efi_search_protocol(*it_handle, + &efi_guid_firmware_management_protocol, + &handler); if (ret != EFI_SUCCESS) { EFI_PRINT("ESRT unable to find FMP handle (%u)\n", @@ -448,7 +448,7 @@ efi_status_t efi_esrt_populate(void) out: - EFI_CALL(efi_free_pool(base_handle)); + efi_free_pool(base_handle); return ret; } @@ -490,8 +490,8 @@ efi_status_t efi_esrt_register(void) return ret; } - ret = EFI_CALL(efi_create_event(EVT_NOTIFY_SIGNAL, TPL_CALLBACK, - efi_esrt_new_fmp_notify, NULL, NULL, &ev)); + ret = efi_create_event(EVT_NOTIFY_SIGNAL, TPL_CALLBACK, + efi_esrt_new_fmp_notify, NULL, NULL, &ev); if (ret != EFI_SUCCESS) { EFI_PRINT("ESRT failed to create event\n"); return ret; From e8287b0fb2be8acf8d0412be3b4174768fef348c Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sun, 11 Apr 2021 06:53:04 +0200 Subject: [PATCH 6/7] efi_loader: memory leak in efi_capsule_scan_dir() If realloc() fails, we should free the old buffer. Fixes: c74cd8bd08d1: ("efi_loader: capsule: add capsule_on_disk support") Signed-off-by: Heinrich Schuchardt --- lib/efi_loader/efi_capsule.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index 9df9c35084..691eda5e0d 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -756,8 +756,11 @@ static efi_status_t efi_capsule_scan_dir(u16 ***files, unsigned int *num) tmp_size = dirent_size; ret = EFI_CALL((*dirh->read)(dirh, &tmp_size, dirent)); if (ret == EFI_BUFFER_TOO_SMALL) { + struct efi_file_info *old_dirent = dirent; + dirent = realloc(dirent, tmp_size); if (!dirent) { + dirent = old_dirent; ret = EFI_OUT_OF_RESOURCES; goto err; } From b1a7a5e0b8822a0868ee9318d8d3fa9645efc12d Mon Sep 17 00:00:00 2001 From: Masahisa Kojima Date: Wed, 14 Apr 2021 11:55:49 +0900 Subject: [PATCH 7/7] efi_loader: fix possible buffer overflow Variable "final" will have SHA512 digest, but currently the array size is not sufficient. Let's fix it. Signed-off-by: Masahisa Kojima Reviewed-by: Ilias Apalodimas Reviewed-by: Heinrich Schuchardt --- lib/efi_loader/efi_tcg2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index ed86a220fb..d5eca68769 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -515,7 +515,7 @@ static efi_status_t tcg2_create_digest(const u8 *input, u32 length, sha1_context ctx; sha256_context ctx_256; sha512_context ctx_512; - u8 final[TPM2_ALG_SHA512]; + u8 final[TPM2_SHA512_DIGEST_SIZE]; efi_status_t ret; u32 active; int i;