Update libavb to commit 5fbb42a189aa in AOSP/master, because new version
has support for super partition [1], which we need for implementing
Android dynamic partitions. All changes from previous patches for libavb
in U-Boot are accounted for in this commit:
- commit ecc6f6bea6 ("libavb: Handle wrong hashtree_error_mode in
avb_append_options()")
- commit 897a1d947e ("libavb: Update SPDX tag style")
- commit d8f9d2af96 ("avb2.0: add Android Verified Boot 2.0 library")
Tested on X15:
## Android Verified Boot 2.0 version 1.1.0
read_is_device_unlocked not supported yet
read_rollback_index not supported yet
read_is_device_unlocked not supported yet
Verification passed successfully
AVB verification OK.
Unit test passes:
$ ./test/py/test.py --bd sandbox --build -k test_avb
test/py/tests/test_android/test_avb.py ss..s.
[1] 49936b4c01
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Acked-by: Igor Opaniuk <igor.opaniuk@gmail.com>
malloc_cache_aligned() might return zero, so fix potential NULL pointer
access if __GFP_ZERO flag is set.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Add a simple implementation of this function, to allow logging to be
enabled in the SPL or TPL for systems that rely on the tiny printf()
implementation.
To keep the code size small,
- The function is built only when logging is enabled, as it
(currently) is not needed otherwise; and
- Like the existing implementation of snprintf(), its buffer-size
parameter is ignored.
Signed-off-by: Simon South <simon@simonsouth.net>
Macro ERRNO_MSG() ignores the error number but we should still use the same
constants as in include/linux/errno.h.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If errno_str() is called with an unsupported error number, do not return a
random pointer but a reasonable text.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add get_timer_us(), which is useful e.g. when we need higher
precision timestamps.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
[trini: Fixup arch/arm/mach-bcm283x/include/mach/timer.h]
Signed-off-by: Tom Rini <trini@konsulko.com>
In the current implementation, EFI_SIMPLEFILE_SYSTEM_PROTOCOL is always
installed to all the partitions even if some of them may house no file
system.
With this patch, that protocol will be installed only if any file system
exists.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
device_path strcuture has 2 bytes of "length" field, and so
file path length should not exceed this limit, 65535.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Currently, if image verification with a required key fails, rsa_verify()
code tries to find another key to verify the FIT image. This however, is
not the intended behavior as the documentation says that required keys
"must be verified for the image / configuration to be considered valid".
This patch fixes the issue by making rsa_verify() return immediately if
the verification of a required key fails.
Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@gmail.com>
- Rename existing FSP code to fsp1
- Add fsp2 directory in preparation to support FSP 2.0
- Various x86 platform codes update
- Various bug fixes and updates in dm core, sandbox and spl
This function ise effectively replaced by ofnode_read_pci_addr() which
works with flat tree. Delete it to avoid code duplication.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present there is only one control for this and it is used for both SPL
and TPL. But SPL might have a lot more space than TPL so the extra cost of
a full printf() might be acceptable.
Split the option into two, providing separate SPL and TPL controls. The
TPL setting defaults to the same as SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
We don't have a console in SPL so it doesn't make sense to check for
Ctrl-C when printing a memory dump. Skip this so that print_buffer() can
be used in SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This allows our EFI API to create a device path node for NVMe
devices. It adds the necessary device path struct, uses the
nvme namespace accessor to retrieve the id and eui64, and also
provides support for the device path text protocol.
Signed-off-by: Patrick Wildt <patrick@blueri.se>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI spec has this sentence:
"Variables that have runtime access but that are not nonvolatile are
read-only data variables once ExitBootServices() is performed."
At least EDK2 therefore treats variable PlatformLangCodes only as read-only
at runtime. Nowhere do we make this variable read-only in U-Boot.
Do not use variable PlatformLangCodes for testing if the read only
attribute of variables is observed before ExitBootServices().
Fixes: 5a24239c95 ("efi_loader: selftest: enable APPEND_WRITE tests")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Errors should not only be announced as text but should also result in
EFI_ST_FAILURE being returned.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Appending to a non-existent variable must result in an error of type
EFI_NOT_FOUND.
Fixes: 09c76b79a9db ("efi_loader: SetVariable() deleting variables")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This reads the low cell of the PCI address from the wrong cell. Fix it.
Also fix the function that this code came from.
Fixes: 9e51204527 (dm: core: Add operations on device tree references)
Fixes: 4ea5243a3a (fdt: fix fdtdec_get_pci_addr() for CONFIG_PHYS_64BIT)
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
APPEND_WRITE with data length zero is allowable according to the UEFI
specification.
The EDK2 interpretation of no access attributes is attributes = 0. As
the UEFI specification is vague in this respect let's stick to EDK2 here.
Fixes: commit 6d2f27c5fd ("efi_loader: variable: support APPEND_WRITE")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We always have to return via EFI_EXIT() from EFIAPI functions.
Coverity reported an unreachable line and a resource leak.
Fixes: commit 6d2f27c5fd ("efi_loader: variable: support APPEND_WRITE")
Reported-by: Coverity Scan CID 253575, CID 184095
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Remove outdated TODO for efi_stri_coll(). efi_stri_coll() is already using
the Unicode capitalization table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
u16 version of strcmp(): u16_strncmp() works like u16_strcmp() but only
at most n characters (in u16) are compared.
This function will be used in my UEFI secure boot patch.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Now that APPEND_WRITE is supported,
the result check for the only existing test case should be changed to
'todo' to 'error', while two more test cases are added.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If EFI_VARIABLE_APPEND_WRITE is specified in attributes at
efi_set_variable(), specified data will be appended to the variable's
original value. Attributes other than APPEND_WRITE should not be
modified.
With this patch, APPEND_WRITE test in 'variables' selftest will pass.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
DisconnectController() should never return EFI_NOT_FOUND.
If EFI_DRIVER_BINDING_PROTOCOL.Stop() fails, return EFI_DEVICE_ERROR.
If the driver handle does not expose the EFI_DRIVER_BINDING_PROTOCOL
return EFI_INVALID_PARAMETER.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Sandbox's "host" devices are currently described as UCLASS_ROOT udevice
with DEV_IF_HOST block device. As the current implementation of
efi_device_path doesn't support such a type, any "host" device
on sandbox cannot be seen as a distinct object.
For example,
=> host bind 0 /foo/disk.img
=> efi devices
Scanning disk host0...
Found 1 disks
Device Device Path
================ ====================
0000000015c19970 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
0000000015c19d70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
=> efi dh
Handle Protocols
================ ====================
0000000015c19970 Device Path, Device Path To Text, Device Path Utilities, Unicode Collation 2, HII String, HII Database, HII Config Routing
0000000015c19ba0 Driver Binding
0000000015c19c10 Simple Text Output
0000000015c19c80 Simple Text Input, Simple Text Input Ex
0000000015c19d70 Block IO, Device Path, Simple File System
As you can see here, efi_root (0x0000000015c19970) and host0 device
(0x0000000015c19d70) have the same representation of device path.
This is not only inconvenient, but also confusing since two different
efi objects are associated with the same device path and
efi_dp_find_obj() will possibly return a wrong result.
Solution:
Each "host" device should be given an additional device path node
of "vendor device path" to make it distinguishable.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We do not support volume label changes. No parameter checks are needed
here.
When the info for as file is changed the buffer must always contain a file
name.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Check the parameters of EFI_FILE_PROTOCOL.GetInfo() to avoid possible NULL
dereference.
Check the buffer size for EFI_FILE_SYSTEM_INFO.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We cannot determine the volume name in U-Boot. Instead of providing a dummy
volume name in case of EFI_FILE_SYSTEM_INFO and EFI_UNSUPPORTED in case of
EFI_FILE_SYSTEM_VOLUME_LABEL consistently return an empty string.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI specification requires to implement version 2 of the
EFI_FILE_PROTOCOL. Provide the missing functions as stubs.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The file size has to be determined in multiple places. Factor out a common
function.
If on entry into EFI_FILE_PROTOCOL.Read() the current position is beyond
the end of the file, return EFI_DEVICE_ERROR.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
EFI_FILE_PROTOCOL.Read() is used both to read files and directories.
When reaching the end of a directory we always have to return buffer size
zero irrespective of the incoming buffer size. (The described scenario for
a Shim quirk cannot arise because every directory has at least '.' and '..'
as entries.)
Even when the buffer_size is too small multiple times we have to keep a
reference to our last read directory entry.
When we return to the start of the directory via SetPosition() we must
remove the reference to a previously kept directory entry.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
ascii2unicode() can only convert characters 0x00-0x7f from UTF-8 to UTF-16.
Use utf8_utf16_strcpy() instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Check the parameters passed to Write():
* cannot write to directories (UEFI SCT 2017, 5.7.3.5.15)
* cannot write to file opened read only (UEFI SCT 2017, 5.7.3.5.16)
Add missing comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We cannot do anything in EFI_BLOCK_IO_PROTOCOL.Reset() but this does not
justify to return an error.
Let EFI_BLOCK_IO_PROTOCOL.Reset() return EFI_SUCCESS.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
EFI_PRINT() offers indention of debug messages. Adjust the debug messages
of the BLOCK_IO_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Check parameters of ReadBlocks() and WriteBlocks().
If the buffer size is not a multiple of the block size, we have to return
EFI_BAD_BUFFER_SIZE.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL.SetMode() should return EFI_UNDEFINED if a
screen mode is not available.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Alexander Graf <agraf@csgraf.de>
When backspacing in column 0 do no set the column index to ULONG_MAX.
Ensure that the row number is not set to ULONG_MAX even if the row count is
advertised as 0.
Ignore control characters other the 0x08, 0x0a, 0x0d when updating the
column.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Correct the name of the partition size component in struct
efi_device_path_cdrom_path.
Render entry, start, and size when converting a CD-ROM device path node to
text.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Vendor device paths may contain data. When converting vendor device paths
to text this binary data has to be rendered.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Adding a conventional memory region to the memory map may require ram_top
limitation and it can be also commonly used. Extract adding a conventional
memory to the memory map in a separate routine for generic use.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Implement the MCastIPtoMAC service of the simple network protocol.
It converts an multicast IPv4 (or IPv6) address to a multicast Ethernet
address.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The network should start in status EfiSimpleNetworkStopped.
Add and correct status checks in the simple network protocol.
Correct the unit test:
* Shutdown() and Stop() during setup if needed
* invoke Shutdown() before Stop() when tearing down
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Fill the media header in EFI_SIMPLE_NETWORK.Transmit().
Check that the buffer size is large enough for the header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Check that when the WaitForPacket event occurs
EFI_SIMPLE_NETWORK_RECEIVE_INTERRUPT is set.
Check the return value of Receive().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
GetStatus() must clear the interrupt status.
Transmit() should set the TX interrupt.
Receive() should clear the RX interrupt.
Initialize() and Start() should clear the interrupt status.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
