Merge tag 'efi-2022-04-rc1-3' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-04-rc1-3
Documentation:
* update Nokia RX-51 documentation and move it to rst
* describe boot switch settings for HiFive Unmatched board
UEFI:
* fix the checking of images hashes and signatures
* provide the RISCV_EFI_BOOT_PROTOCOL
diff --git a/board/nokia/rx51/MAINTAINERS b/board/nokia/rx51/MAINTAINERS
index 58b16bf..25f8b3c 100644
--- a/board/nokia/rx51/MAINTAINERS
+++ b/board/nokia/rx51/MAINTAINERS
@@ -4,5 +4,5 @@
F: board/nokia/rx51/
F: include/configs/nokia_rx51.h
F: configs/nokia_rx51_defconfig
-F: doc/README.nokia_rx51
+F: doc/board/nokia/rx51.rst
F: test/nokia_rx51_test.sh
diff --git a/doc/README.nokia_rx51 b/doc/README.nokia_rx51
deleted file mode 100644
index 7f22ed4..0000000
--- a/doc/README.nokia_rx51
+++ /dev/null
@@ -1,96 +0,0 @@
-Board: Nokia RX-51 aka N900
-
-This board definition results in a u-boot.bin which can be chainloaded
-from NOLO in qemu or on a real N900. It does very little hardware config
-because NOLO has already configured the board. Only needed is enabling
-internal eMMC memory via twl4030 regulator which is not enabled by NOLO.
-
-NOLO is expecting a kernel image and will treat any image it finds in
-onenand as such. This u-boot is intended to be flashed to the N900 like
-a kernel. In order to transparently boot the original kernel, it will be
-appended to u-boot.bin at 0x40000. NOLO will load the entire image into
-(random) memory and execute u-boot, which saves hw revision, boot reason
-and boot mode ATAGs set by NOLO. Then the bootscripts will attempt to load
-uImage, zImage or boot.scr from a fat or ext2/3/4 filesystem on external
-SD card or internal eMMC memory. If this fails or keyboard is closed then
-the appended kernel image will be booted using some generated and some
-stored ATAGs (see boot order).
-
-For generating combined image of u-boot and kernel (either in uImage or zImage
-format) there is a simple script called u-boot-gen-combined. It is available in
-following repository:
-
- https://github.com/pali/u-boot-maemo
-
-There is support for hardware watchdog. Hardware watchdog is started by
-NOLO so u-boot must kick watchdog to prevent reboot device (but not very
-often, max every 2 seconds). There is also support for framebuffer display
-output with ANSI escape codes and the N900 HW keyboard input.
-
-When U-Boot is starting it enable IBE bit in Auxiliary Control Register,
-which is needed for Thumb-2 ISA support. It is workaround for errata 430973.
-
-Default boot order:
-
- * 0. if keyboard is closed boot automatically attached kernel image
- * 1. try boot from external SD card
- * 2. try boot from internal eMMC memory
- * 3. try boot from attached kernel image
-
-Boot from SD or eMMC in this order:
-
- * 1.
- * 1.1 find boot.scr on first fat partition
- * 1.2 find uImage on first fat partition
- * 1.3 find zImage on first fat partition
- * 1.4 same order for 2. - 4. fat partition
- * 2. same as 1. but for ext2/3 partition
- * 3. same as 1. but for ext4 partition
-
-
-Available additional commands/variables:
-
- * run sdboot - Boot from external SD card (see boot order)
- * run emmcboot - Boot from internal eMMC memory (see boot order)
- * run attachboot - Boot attached kernel image (attached to U-Boot binary)
-
- * run scriptload - Load boot script ${mmcscriptfile}
- * run scriptboot - Run loaded boot script
- * run kernload - Load kernel image ${mmckernfile}
- * run initrdload - Load initrd image ${mmcinitrdfile}
- * run kernboot - Boot loaded kernel image
- * run kerninitrdboot - Boot loaded kernel image with loaded initrd image
-
- * run trymmcscriptboot - Try to load and boot script ${mmcscriptfile}
- * run trymmckernboot - Try to load and boot kernel image ${mmckernfile}
- * run trymmckerninitrdboot - Try to load and boot kernel image ${mmckernfile}
- with initrd image ${mmcinitrdfile}
-
-Additional variables for loading files from mmc:
-
- * mmc ${mmcnum} (0 - external, 1 - internal)
- * partition number ${mmcpart} (1 - 4)
- * parition type ${mmctype} (fat, ext2, ext4)
-
-Additional variables for booting kernel:
-
- * setup_omap_atag - Add OMAP table into atags structure (needs maemo kernel)
- * setup_console_atag - Enable serial console in OMAP table
- * setup_boot_reason_atag - Change boot reason in OMAP table
- * setup_boot_mode_atag - Change boot mode in OMAP table
-
- Variable setup_omap_atag is automatically set when booting attached kernel.
- When variable setup_omap_atag is set, variable setup_console_atag is unset
- and u-boot standard output is set to serial then setup_console_atag is
- automatically set to 1. So output from Maemo kernel would go to serial port.
-
-UBIFS support:
-
- UBIFS support is disabled, because U-Boot image is too big and cannot be
- flashed with attached zImage to RX-51 kernel nand area. For enabling UBIFS
- support add following lines into file configs/nokia_rx51_defconfig
-
- CONFIG_CMD_UBI=y
- CONFIG_CMD_UBIFS=y
- CONFIG_MTD_UBI_FASTMAP=y
- CONFIG_MTD_UBI_FASTMAP_AUTOCONVERT=1
diff --git a/doc/board/index.rst b/doc/board/index.rst
index 5607e1f..75c34c4 100644
--- a/doc/board/index.rst
+++ b/doc/board/index.rst
@@ -22,6 +22,7 @@
intel/index
kontron/index
microchip/index
+ nokia/index
nxp/index
openpiton/index
qualcomm/index
diff --git a/doc/board/nokia/index.rst b/doc/board/nokia/index.rst
new file mode 100644
index 0000000..b68c3c6
--- /dev/null
+++ b/doc/board/nokia/index.rst
@@ -0,0 +1,9 @@
+.. SPDX-License-Identifier: GPL-2.0+
+
+Nokia
+=====
+
+.. toctree::
+ :maxdepth: 2
+
+ rx51
diff --git a/doc/board/nokia/rx51.rst b/doc/board/nokia/rx51.rst
new file mode 100644
index 0000000..941f78e
--- /dev/null
+++ b/doc/board/nokia/rx51.rst
@@ -0,0 +1,162 @@
+.. SPDX-License-Identifier: GPL-2.0+
+
+Nokia RX-51 aka N900
+====================
+
+The ``nokia_rx51_defconfig`` configuration file results in a ``u-boot.bin``
+which can be chainloaded by the Nokia second stage bootloader (NOLO) in QEMU or
+on a real N900. It does very little hardware configuration because NOLO has
+already configured the board. It is only needed to enable the internal eMMC
+memory via the twl4030 regulator which is not enabled by NOLO.
+
+NOLO is expecting a kernel image and will treat any image it finds in
+OneNAND as such. This u-boot is intended to be flashed to the N900 like
+a kernel. In order to transparently boot the original kernel, it will be
+appended to ``u-boot.bin`` at 0x40000. NOLO will load the entire image into
+(random) memory and execute U-Boot, which saves hardware revision, boot reason
+and boot mode ATAGs set by NOLO. Then the bootscripts will attempt to load
+``uImage``, ``zImage`` or ``boot.scr`` file from a FAT or ext2/3/4 filesystem
+on external SD card or internal eMMC memory. If this fails or keyboard is
+closed then the appended kernel image will be booted using some generated
+and some stored ATAGs (see boot order).
+
+For generating combined image of U-Boot and kernel (either in uImage or zImage
+format) there is a simple script called ``u-boot-gen-combined``. It is available
+in following repository: https://github.com/pali/u-boot-maemo.
+
+To generate the ``combined.bin`` image from ``u-boot.bin`` and ``kernel.bin``
+(in either uImage or zImage format) use:
+
+.. code-block:: bash
+
+ sh u-boot-gen-combined u-boot.bin kernel.bin combined.bin
+
+The original Maemo Fremantle PR1.3 zImage kernel binary is available at:
+http://repository.maemo.org/pool/maemo5.0/free/k/kernel/kernel_2.6.28-20103103+0m5_armel.deb
+
+To unpack it (from DEB/AR, TAR and FIASCO) execute the following commands:
+
+.. code-block:: bash
+
+ ar x kernel_2.6.28-20103103+0m5_armel.deb data.tar.gz
+ tar -O -xf data.tar.gz ./boot/zImage-2.6.28-20103103+0m5.fiasco > kernel_2.6.28-20103103+0m5.fiasco
+ 0xFFFF -M kernel_2.6.28-20103103+0m5.fiasco -u
+
+The flashed image must start with a 2 KiB ``NOLO!img`` header which contains
+size of the image. The header consists of the bytes
+``NOLO!img\x02\x00\x00\x00\x00\x00\x00\x00`` followed by the 4 byte little
+endian size of the image. The rest of the 2 KiB header just contains zero bytes.
+
+The Nokia proprietary flasher and also the open source 0xFFFF flasher
+automatically prepend the required ``NOLO!img`` header and both applications
+expect that the image does not contain a ``NOLO!img`` header. Adding a
+``NOLO!img`` header is required only in case of using the ``nandwrite`` tool for
+flashing.
+
+The open source 0xFFFF flasher is available in the following repository:
+https://github.com/pali/0xFFFF
+
+It is possible to load ``u-boot.bin`` via USB to the N900 RAM and boot it
+without needing to flash it. This is done via 0xFFFF running on the host PC:
+
+.. code-block:: bash
+
+ 0xFFFF -m u-boot.bin -l -b
+
+0xFFFF also supports flashing a kernel image either via USB or directly on
+N900 device. Flashing u-boot/kernel/combined image is done as:
+
+.. code-block:: bash
+
+ 0xFFFF -m combined.bin -f
+
+Via 0xFFFF it is also possible to generate a standard flashable image in
+Nokia FIASCO format which contains metadata information like device
+identification (RX-51) and version string (v2021.04):
+
+.. code-block:: bash
+
+ 0xFFFF -m RX-51:v2021.04:kernel:u-boot.bin -g u-boot.fiasco
+
+There is support for the hardware watchdog. The hardware watchdog is started by
+NOLO so U-Boot must reset the watchdog to prevent rebooting the device (but not
+very often, max every 2 seconds). There is also support for framebuffer display
+output with ANSI escape codes and the N900 hardware keyboard input.
+
+When U-Boot is starting it sets the IBE bit in the Auxiliary Control Register,
+which is needed for Thumb-2 ISA support. This is a workaround for erratum
+430973.
+
+Default boot order
+------------------
+
+0. if keyboard is closed boot automatically attached kernel image
+1. try boot from external SD card
+2. try boot from internal eMMC memory
+3. try boot from attached kernel image
+
+Boot from SD or eMMC in this order:
+
+1. boot from FAT partition
+
+ a. find ``boot.scr`` on first FAT partition
+ b. find ``uImage`` on first FAT partition
+ c. find ``zImage`` on first FAT partition
+ d. same order for 2nd - 4th FAT partition
+
+2. same as 1. but for ext2/3/4 partition
+
+Available additional commands/variables
+---------------------------------------
+
+* run sdboot - Boot from external SD card (see boot order)
+* run emmcboot - Boot from internal eMMC memory (see boot order)
+* run attachboot - Boot attached kernel image (attached to U-Boot binary)
+
+\
+
+* run scriptload - Load boot script ``${mmcscriptfile}``
+* run scriptboot - Run loaded boot script
+* run kernload - Load kernel image ``${mmckernfile}``
+* run initrdload - Load initrd image ``${mmcinitrdfile}``
+* run kernboot - Boot loaded kernel image
+* run kerninitrdboot - Boot loaded kernel image with loaded initrd image
+
+\
+
+* run trymmcscriptboot - Try to load and boot script ``${mmcscriptfile}``
+* run trymmckernboot - Try to load and boot kernel image ``${mmckernfile}``
+* run trymmckerninitrdboot - Try to load and boot kernel image ``${mmckernfile}``
+ with initrd image ``${mmcinitrdfile}``
+
+Additional variables for loading files from mmc
+-----------------------------------------------
+
+* mmc ``${mmcnum}`` (0 - external, 1 - internal)
+* partition number ``${mmcpart}`` (1 - 4)
+* partition type ``${mmctype}`` (fat, ext2, ext4; ext2 is just alias for ext4)
+
+Additional variables for booting a kernel
+-----------------------------------------
+
+* ``setup_omap_atag`` - Add OMAP table into atags structure (needed for maemo kernel)
+* ``setup_console_atag`` - Enable serial console in OMAP table
+* ``setup_boot_reason_atag`` - Change boot reason in OMAP table
+* ``setup_boot_mode_atag`` - Change boot mode in OMAP table
+
+Variable ``setup_omap_atag`` is automatically set when booting attached kernel.
+When variable ``setup_omap_atag`` is set, variable ``setup_console_atag`` is unset
+and u-boot standard output is set to serial then ``setup_console_atag`` is
+automatically set to 1. So output from Maemo kernel would go to serial port.
+
+UBIFS support
+-------------
+
+UBIFS support is disabled, because U-Boot image is too big and cannot be
+flashed with attached kernel image to RX-51 kernel nand area. For enabling
+UBIFS support add following lines into file ``configs/nokia_rx51_defconfig``::
+
+ CONFIG_CMD_UBI=y
+ CONFIG_CMD_UBIFS=y
+ CONFIG_MTD_UBI_FASTMAP=y
+ CONFIG_MTD_UBI_FASTMAP_AUTOCONVERT=1
diff --git a/doc/board/sifive/unmatched.rst b/doc/board/sifive/unmatched.rst
index b52a1f6..24a8899 100644
--- a/doc/board/sifive/unmatched.rst
+++ b/doc/board/sifive/unmatched.rst
@@ -20,8 +20,11 @@
4. SiFive SPI Driver.
5. MMC SPI Driver for MMC/SD support.
-Booting from uSD using U-Boot SPL
----------------------------------
+Booting from micro SD card using U-Boot SPL
+-------------------------------------------
+
+Booting from an SD card requires that the boot mode selection DIP switches
+MSEL[3:0] are set to 1011.
Building
--------
diff --git a/include/efi_api.h b/include/efi_api.h
index 8d5d835..982c200 100644
--- a/include/efi_api.h
+++ b/include/efi_api.h
@@ -438,6 +438,10 @@
EFI_GUID(0x607f766c, 0x7455, 0x42be, 0x93, \
0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f)
+#define RISCV_EFI_BOOT_PROTOCOL_GUID \
+ EFI_GUID(0xccd15fec, 0x6f73, 0x4eec, 0x83, \
+ 0x95, 0x3e, 0x69, 0xe4, 0xb9, 0x40, 0xbf)
+
/**
* struct efi_configuration_table - EFI Configuration Table
*
@@ -1845,9 +1849,21 @@
#define LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL_VENDOR_RANGE_MAX 0x00004000
/* Certificate types in signature database */
+#define EFI_CERT_SHA1_GUID \
+ EFI_GUID(0x826ca512, 0xcf10, 0x4ac9, 0xb1, 0x87, \
+ 0xbe, 0x01, 0x49, 0x66, 0x31, 0xbd)
+#define EFI_CERT_SHA224_GUID \
+ EFI_GUID(0xb6e5233, 0xa65c, 0x44c9, 0x94, 0x07, \
+ 0xd9, 0xab, 0x83, 0xbf, 0xc8, 0xbd)
#define EFI_CERT_SHA256_GUID \
EFI_GUID(0xc1c41626, 0x504c, 0x4092, 0xac, 0xa9, \
0x41, 0xf9, 0x36, 0x93, 0x43, 0x28)
+#define EFI_CERT_SHA384_GUID \
+ EFI_GUID(0xff3e5307, 0x9fd0, 0x48c9, 0x85, 0xf1, \
+ 0x8a, 0xd5, 0x6c, 0x70, 0x1e, 0x01)
+#define EFI_CERT_SHA512_GUID \
+ EFI_GUID(0x93e0fae, 0xa6c4, 0x4f50, 0x9f, 0x1b, \
+ 0xd4, 0x1e, 0x2b, 0x89, 0xc1, 0x9a)
#define EFI_CERT_RSA2048_GUID \
EFI_GUID(0x3c5766e8, 0x269c, 0x4e34, 0xaa, 0x14, \
0xed, 0x77, 0x6e, 0x85, 0xb3, 0xb6)
diff --git a/include/efi_loader.h b/include/efi_loader.h
index 701efcd..4e50f2d 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -527,6 +527,8 @@
efi_status_t efi_rng_register(void);
/* Called by efi_init_obj_list() to install EFI_TCG2_PROTOCOL */
efi_status_t efi_tcg2_register(void);
+/* Called by efi_init_obj_list() to install RISCV_EFI_BOOT_PROTOCOL */
+efi_status_t efi_riscv_register(void);
/* Called by efi_init_obj_list() to do initial measurement */
efi_status_t efi_tcg2_do_initial_measurement(void);
/* measure the pe-coff image, extend PCR and add Event Log */
@@ -910,7 +912,8 @@
struct pkcs7_message;
bool efi_signature_lookup_digest(struct efi_image_regions *regs,
- struct efi_signature_store *db);
+ struct efi_signature_store *db,
+ bool dbx);
bool efi_signature_verify(struct efi_image_regions *regs,
struct pkcs7_message *msg,
struct efi_signature_store *db,
diff --git a/include/efi_riscv.h b/include/efi_riscv.h
new file mode 100644
index 0000000..4bd39c4
--- /dev/null
+++ b/include/efi_riscv.h
@@ -0,0 +1,24 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * RISCV_EFI_BOOT_PROTOCOL
+ *
+ * Copyright (c) 2022 Ventana Micro Systems Inc
+ */
+
+#include <efi_api.h>
+
+#define RISCV_EFI_BOOT_PROTOCOL_REVISION 0x00010000
+
+/**
+ * struct riscv_efi_boot_protocol - RISCV_EFI_BOOT_PROTOCOL
+ * @revision: Version of the protocol implemented
+ * @get_boot_hartid: Get the boot hart ID
+ */
+struct riscv_efi_boot_protocol {
+ u64 revision;
+
+ efi_status_t (EFIAPI * get_boot_hartid) (struct riscv_efi_boot_protocol *this,
+ efi_uintn_t *boot_hartid);
+};
+
+extern struct riscv_efi_boot_protocol riscv_efi_boot_prot;
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index 24f9a2b..e5e35fe 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -369,4 +369,14 @@
help
Enabling this option creates the ESRT UEFI system table.
+config EFI_RISCV_BOOT_PROTOCOL
+ bool "RISCV_EFI_BOOT_PROTOCOL support"
+ default y
+ depends on RISCV
+ help
+ The EFI_RISCV_BOOT_PROTOCOL is used to transfer the boot hart ID
+ to the next boot stage. It should be enabled as it is meant to
+ replace the transfer via the device-tree. The latter is not
+ possible on systems using ACPI.
+
endif
diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile
index fd344ce..b2c664d 100644
--- a/lib/efi_loader/Makefile
+++ b/lib/efi_loader/Makefile
@@ -62,6 +62,7 @@
obj-$(CONFIG_GENERATE_SMBIOS_TABLE) += efi_smbios.o
obj-$(CONFIG_EFI_RNG_PROTOCOL) += efi_rng.o
obj-$(CONFIG_EFI_TCG2_PROTOCOL) += efi_tcg2.o
+obj-$(CONFIG_EFI_RISCV_BOOT_PROTOCOL) += efi_riscv.o
obj-$(CONFIG_EFI_LOAD_FILE2_INITRD) += efi_load_initrd.o
obj-$(CONFIG_EFI_SIGNATURE_SUPPORT) += efi_signature.o
diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index 9aa0030..7a7077e 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -1084,7 +1084,7 @@
* efi_file_from_path() - open file via device path
*
* @fp: device path
- * @return: EFI_FILE_PROTOCOL for the file or NULL
+ * Return: EFI_FILE_PROTOCOL for the file or NULL
*/
struct efi_file_handle *efi_file_from_path(struct efi_device_path *fp)
{
diff --git a/lib/efi_loader/efi_freestanding.c b/lib/efi_loader/efi_freestanding.c
index bd0dff1..c85df02 100644
--- a/lib/efi_loader/efi_freestanding.c
+++ b/lib/efi_loader/efi_freestanding.c
@@ -97,8 +97,8 @@
*
* We do nothing here.
*
- * @param func_ptr Pointer to function being entered
- * @param caller Pointer to function which called this function
+ * func_ptr: Pointer to function being entered
+ * caller: Pointer to function which called this function
*/
void __attribute__((no_instrument_function))
__cyg_profile_func_enter(void *func_ptr, void *caller)
@@ -113,8 +113,8 @@
*
* We do nothing here.
*
- * @param func_ptr Pointer to function being entered
- * @param caller Pointer to function which called this function
+ * func_ptr: Pointer to function being entered
+ * caller: Pointer to function which called this function
*/
void __attribute__((no_instrument_function))
__cyg_profile_func_exit(void *func_ptr, void *caller)
diff --git a/lib/efi_loader/efi_gop.c b/lib/efi_loader/efi_gop.c
index 7683a34..2c81859 100644
--- a/lib/efi_loader/efi_gop.c
+++ b/lib/efi_loader/efi_gop.c
@@ -407,7 +407,7 @@
* @width: width of rectangle
* @height: height of rectangle
* @delta: length in bytes of a line in the pixel buffer (optional)
- * @return: status code
+ * Return: status code
*/
efi_status_t EFIAPI gop_blt(struct efi_gop *this, struct efi_gop_pixel *buffer,
u32 operation, efi_uintn_t sx,
diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 255613e..f43dfb3 100644
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -545,13 +545,13 @@
}
/* try black-list first */
- if (efi_signature_lookup_digest(regs, dbx)) {
+ if (efi_signature_lookup_digest(regs, dbx, true)) {
EFI_PRINT("Image is not signed and its digest found in \"dbx\"\n");
goto out;
}
/* try white-list */
- if (efi_signature_lookup_digest(regs, db))
+ if (efi_signature_lookup_digest(regs, db, false))
ret = true;
else
EFI_PRINT("Image is not signed and its digest not found in \"db\" or \"dbx\"\n");
@@ -633,7 +633,7 @@
goto err;
}
- if (efi_signature_lookup_digest(regs, dbx)) {
+ if (efi_signature_lookup_digest(regs, dbx, true)) {
EFI_PRINT("Image's digest was found in \"dbx\"\n");
goto err;
}
@@ -734,7 +734,7 @@
EFI_PRINT("Signature was not verified by \"db\"\n");
- if (efi_signature_lookup_digest(regs, db)) {
+ if (efi_signature_lookup_digest(regs, db, false)) {
ret = true;
break;
}
diff --git a/lib/efi_loader/efi_riscv.c b/lib/efi_loader/efi_riscv.c
new file mode 100644
index 0000000..bccfefd
--- /dev/null
+++ b/lib/efi_loader/efi_riscv.c
@@ -0,0 +1,60 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Defines APIs that allow an OS to interact with UEFI firmware to query
+ * information about the boot hart ID.
+ *
+ * Copyright (c) 2022, Ventana Micro Systems Inc
+ */
+
+#define LOG_CATEGORY LOGC_EFI
+#include <common.h>
+#include <efi_loader.h>
+#include <efi_variable.h>
+#include <log.h>
+#include <asm/global_data.h>
+#include <efi_riscv.h>
+
+DECLARE_GLOBAL_DATA_PTR;
+
+static const efi_guid_t efi_guid_riscv_boot_protocol = RISCV_EFI_BOOT_PROTOCOL_GUID;
+
+/**
+ * efi_riscv_get_boot_hartid() - return boot hart ID
+ * @this: RISCV_EFI_BOOT_PROTOCOL instance
+ * @boot_hartid: caller allocated memory to return boot hart id
+ * Return: status code
+ */
+static efi_status_t EFIAPI
+efi_riscv_get_boot_hartid(struct riscv_efi_boot_protocol *this,
+ efi_uintn_t *boot_hartid)
+{
+ EFI_ENTRY("%p, %p", this, boot_hartid);
+
+ if (this != &riscv_efi_boot_prot || !boot_hartid)
+ return EFI_INVALID_PARAMETER;
+
+ *boot_hartid = gd->arch.boot_hart;
+
+ return EFI_EXIT(EFI_SUCCESS);
+}
+
+struct riscv_efi_boot_protocol riscv_efi_boot_prot = {
+ .revision = RISCV_EFI_BOOT_PROTOCOL_REVISION,
+ .get_boot_hartid = efi_riscv_get_boot_hartid
+};
+
+/**
+ * efi_riscv_register() - register RISCV_EFI_BOOT_PROTOCOL
+ *
+ * Return: status code
+ */
+efi_status_t efi_riscv_register(void)
+{
+ efi_status_t ret = EFI_SUCCESS;
+
+ ret = efi_add_protocol(efi_root, &efi_guid_riscv_boot_protocol,
+ (void *)&riscv_efi_boot_prot);
+ if (ret != EFI_SUCCESS)
+ log_err("Cannot install RISCV_EFI_BOOT_PROTOCOL\n");
+ return ret;
+}
diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
index 49172e3..380adc1 100644
--- a/lib/efi_loader/efi_setup.c
+++ b/lib/efi_loader/efi_setup.c
@@ -247,6 +247,12 @@
goto out;
}
+ if (IS_ENABLED(CONFIG_EFI_RISCV_BOOT_PROTOCOL)) {
+ ret = efi_riscv_register();
+ if (ret != EFI_SUCCESS)
+ goto out;
+ }
+
/* Secure boot */
ret = efi_init_secure_boot();
if (ret != EFI_SUCCESS)
diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c
index 3243e2c..1bd1fdc 100644
--- a/lib/efi_loader/efi_signature.c
+++ b/lib/efi_loader/efi_signature.c
@@ -147,9 +147,34 @@
}
/**
+ * hash_algo_supported - check if the requested hash algorithm is supported
+ * @guid: guid of the algorithm
+ *
+ * Return: true if supported false otherwise
+ */
+static bool hash_algo_supported(const efi_guid_t guid)
+{
+ int i;
+ const efi_guid_t unsupported_hashes[] = {
+ EFI_CERT_SHA1_GUID,
+ EFI_CERT_SHA224_GUID,
+ EFI_CERT_SHA384_GUID,
+ EFI_CERT_SHA512_GUID,
+ };
+
+ for (i = 0; i < ARRAY_SIZE(unsupported_hashes); i++) {
+ if (!guidcmp(&unsupported_hashes[i], &guid))
+ return false;
+ }
+
+ return true;
+}
+
+/**
* efi_signature_lookup_digest - search for an image's digest in sigdb
* @regs: List of regions to be authenticated
* @db: Signature database for trusted certificates
+ * @dbx Caller needs to set this to true if he is searching dbx
*
* A message digest of image pointed to by @regs is calculated and
* its hash value is compared to entries in signature database pointed
@@ -158,13 +183,16 @@
* Return: true if found, false if not
*/
bool efi_signature_lookup_digest(struct efi_image_regions *regs,
- struct efi_signature_store *db)
+ struct efi_signature_store *db,
+ bool dbx)
+
{
struct efi_signature_store *siglist;
struct efi_sig_data *sig_data;
void *hash = NULL;
size_t size = 0;
bool found = false;
+ bool hash_done = false;
EFI_PRINT("%s: Enter, %p, %p\n", __func__, regs, db);
@@ -172,17 +200,27 @@
goto out;
for (siglist = db; siglist; siglist = siglist->next) {
- /* TODO: support other hash algorithms */
- if (guidcmp(&siglist->sig_type, &efi_guid_sha256)) {
- EFI_PRINT("Digest algorithm is not supported: %pUs\n",
- &siglist->sig_type);
- break;
- }
+ /*
+ * if the hash algorithm is unsupported and we get an entry in
+ * dbx reject the image
+ */
+ if (dbx && !hash_algo_supported(siglist->sig_type)) {
+ found = true;
+ continue;
+ };
+ /*
+ * Only support sha256 for now, that's what
+ * hash-to-efi-sig-list produces
+ */
+ if (guidcmp(&siglist->sig_type, &efi_guid_sha256))
+ continue;
- if (!efi_hash_regions(regs->reg, regs->num, &hash, &size)) {
+ if (!hash_done &&
+ !efi_hash_regions(regs->reg, regs->num, &hash, &size)) {
EFI_PRINT("Digesting an image failed\n");
break;
}
+ hash_done = true;
for (sig_data = siglist->sig_data_list; sig_data;
sig_data = sig_data->next) {
diff --git a/lib/efi_loader/helloworld.c b/lib/efi_loader/helloworld.c
index 3f215e2..33e4fbc 100644
--- a/lib/efi_loader/helloworld.c
+++ b/lib/efi_loader/helloworld.c
@@ -133,7 +133,7 @@
*
* @handle: handle of the loaded image
* @systab: system table
- * @return: status code
+ * Return: status code
*/
efi_status_t EFIAPI efi_main(efi_handle_t handle,
struct efi_system_table *systab)
diff --git a/lib/efi_selftest/dtbdump.c b/lib/efi_selftest/dtbdump.c
index ed3b985..6e1eaa4 100644
--- a/lib/efi_selftest/dtbdump.c
+++ b/lib/efi_selftest/dtbdump.c
@@ -495,7 +495,7 @@
*
* @handle: handle of the loaded image
* @systab: system table
- * @return: status code
+ * Return: status code
*/
efi_status_t EFIAPI efi_main(efi_handle_t image_handle,
struct efi_system_table *systab)
diff --git a/lib/efi_selftest/efi_selftest.c b/lib/efi_selftest/efi_selftest.c
index 3da34b1..474a8b8 100644
--- a/lib/efi_selftest/efi_selftest.c
+++ b/lib/efi_selftest/efi_selftest.c
@@ -149,7 +149,7 @@
* Check that a test requiring reset exists.
*
* @testname: name of the test
- * @return: test, or NULL if not found
+ * Return: test, or NULL if not found
*/
static bool need_reset(const u16 *testname)
{
@@ -170,7 +170,7 @@
* Check that a test exists.
*
* @testname: name of the test
- * @return: test, or NULL if not found
+ * Return: test, or NULL if not found
*/
static struct efi_unit_test *find_test(const u16 *testname)
{
diff --git a/lib/efi_selftest/efi_selftest_bitblt.c b/lib/efi_selftest/efi_selftest_bitblt.c
index fb33150..1def843 100644
--- a/lib/efi_selftest/efi_selftest_bitblt.c
+++ b/lib/efi_selftest/efi_selftest_bitblt.c
@@ -94,7 +94,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -198,7 +198,7 @@
/*
* Tear down unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -225,7 +225,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_block_device.c b/lib/efi_selftest/efi_selftest_block_device.c
index ad53dac..62b3e04 100644
--- a/lib/efi_selftest/efi_selftest_block_device.c
+++ b/lib/efi_selftest/efi_selftest_block_device.c
@@ -180,7 +180,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -240,7 +240,7 @@
/*
* Tear down unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -292,7 +292,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_config_table.c b/lib/efi_selftest/efi_selftest_config_table.c
index 2bf12b5..1961e29 100644
--- a/lib/efi_selftest/efi_selftest_config_table.c
+++ b/lib/efi_selftest/efi_selftest_config_table.c
@@ -68,7 +68,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -85,7 +85,7 @@
* A table is installed, updated, removed. The table entry and the
* triggering of events is checked.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_console.c b/lib/efi_selftest/efi_selftest_console.c
index 3187e10..fd2b3d0 100644
--- a/lib/efi_selftest/efi_selftest_console.c
+++ b/lib/efi_selftest/efi_selftest_console.c
@@ -274,7 +274,7 @@
/*
* Reads an Unicode character from the input device.
*
- * @return: Unicode character
+ * Return: Unicode character
*/
u16 efi_st_get_key(void)
{
diff --git a/lib/efi_selftest/efi_selftest_crc32.c b/lib/efi_selftest/efi_selftest_crc32.c
index 19153c7..f2be353 100644
--- a/lib/efi_selftest/efi_selftest_crc32.c
+++ b/lib/efi_selftest/efi_selftest_crc32.c
@@ -68,7 +68,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -112,7 +112,7 @@
*
* Check tables after ExitBootServices()
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_devicepath_util.c b/lib/efi_selftest/efi_selftest_devicepath_util.c
index c846e05..1801e30 100644
--- a/lib/efi_selftest/efi_selftest_devicepath_util.c
+++ b/lib/efi_selftest/efi_selftest_devicepath_util.c
@@ -49,7 +49,7 @@
*
* @length: length of the media device node
* @dp: device path
- * @return: status code
+ * Return: status code
*/
static int create_single_node_device_path(unsigned int length,
struct efi_device_path **dp)
diff --git a/lib/efi_selftest/efi_selftest_esrt.c b/lib/efi_selftest/efi_selftest_esrt.c
index 99793de..922ff25 100644
--- a/lib/efi_selftest/efi_selftest_esrt.c
+++ b/lib/efi_selftest/efi_selftest_esrt.c
@@ -108,7 +108,7 @@
* @esrt: pointer to the ESRT
* @img_info: an image_info_descriptor output by the FMP get_image_info
*
- * @return: true if matching ESRT entry is found and if all the ESRT entry fields match the
+ * Return: true if matching ESRT entry is found and if all the ESRT entry fields match the
* corresponding @img_info fields.
*/
static bool lib_test_check_uuid_entry(struct efi_system_resource_table *esrt,
@@ -168,7 +168,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -185,7 +185,7 @@
*
* Uninstall the test FMP.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
diff --git a/lib/efi_selftest/efi_selftest_event_groups.c b/lib/efi_selftest/efi_selftest_event_groups.c
index 6dcde50..7a6d9fb 100644
--- a/lib/efi_selftest/efi_selftest_event_groups.c
+++ b/lib/efi_selftest/efi_selftest_event_groups.c
@@ -38,7 +38,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -54,7 +54,7 @@
* Create multiple events in an event group. Signal each event once and check
* that all events are notified once in each round.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_events.c b/lib/efi_selftest/efi_selftest_events.c
index 1077cbd..9007153 100644
--- a/lib/efi_selftest/efi_selftest_events.c
+++ b/lib/efi_selftest/efi_selftest_events.c
@@ -39,7 +39,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -69,7 +69,7 @@
*
* Close the events created in setup.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -103,7 +103,7 @@
* Run a 100 ms single shot timer and check that it is called once
* while waiting for 100 ms periodic timer for two periods.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_exception.c b/lib/efi_selftest/efi_selftest_exception.c
index d86228a..dca7f7d 100644
--- a/lib/efi_selftest/efi_selftest_exception.c
+++ b/lib/efi_selftest/efi_selftest_exception.c
@@ -99,7 +99,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -118,7 +118,7 @@
*
* Load and start the application image.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_exitbootservices.c b/lib/efi_selftest/efi_selftest_exitbootservices.c
index 59ab154..f5e0d9d 100644
--- a/lib/efi_selftest/efi_selftest_exitbootservices.c
+++ b/lib/efi_selftest/efi_selftest_exitbootservices.c
@@ -63,7 +63,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -101,7 +101,7 @@
* Call ExitBootServices again and check that the notification function is
* not called again.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_fdt.c b/lib/efi_selftest/efi_selftest_fdt.c
index 739f029..70fe06e 100644
--- a/lib/efi_selftest/efi_selftest_fdt.c
+++ b/lib/efi_selftest/efi_selftest_fdt.c
@@ -165,7 +165,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t img_handle,
const struct efi_system_table *systable)
@@ -192,7 +192,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_gop.c b/lib/efi_selftest/efi_selftest_gop.c
index d64294a..e500752 100644
--- a/lib/efi_selftest/efi_selftest_gop.c
+++ b/lib/efi_selftest/efi_selftest_gop.c
@@ -18,7 +18,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -39,7 +39,7 @@
/*
* Tear down unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -49,7 +49,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_hii.c b/lib/efi_selftest/efi_selftest_hii.c
index f4b70f7..66ccec1 100644
--- a/lib/efi_selftest/efi_selftest_hii.c
+++ b/lib/efi_selftest/efi_selftest_hii.c
@@ -28,7 +28,7 @@
* @handle: handle of the loaded image
* @systable: system table
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -1033,7 +1033,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success, EFI_ST_FAILURE for failure
+ * Return: EFI_ST_SUCCESS for success, EFI_ST_FAILURE for failure
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_load_file.c b/lib/efi_selftest/efi_selftest_load_file.c
index bf955cb..bac0e6b 100644
--- a/lib/efi_selftest/efi_selftest_load_file.c
+++ b/lib/efi_selftest/efi_selftest_load_file.c
@@ -284,7 +284,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int efi_st_load_file_setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -326,7 +326,7 @@
/*
* Tear down unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int efi_st_load_file_teardown(void)
{
@@ -377,7 +377,7 @@
* Try loading an image via the EFI_LOAD_FILE_PROTOCOL and the
* EFI_LOAD_FILE2_PROTOCOL. Finally execute the image.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int efi_st_load_file_execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_loadimage.c b/lib/efi_selftest/efi_selftest_loadimage.c
index 4975d80..72c8d51 100644
--- a/lib/efi_selftest/efi_selftest_loadimage.c
+++ b/lib/efi_selftest/efi_selftest_loadimage.c
@@ -411,7 +411,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -447,7 +447,7 @@
*
* Uninstall protocols and free memory.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -486,7 +486,7 @@
*
* Load and start the application image.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_miniapp_exit.c b/lib/efi_selftest/efi_selftest_miniapp_exit.c
index 6b5cfb0..2ea19f2 100644
--- a/lib/efi_selftest/efi_selftest_miniapp_exit.c
+++ b/lib/efi_selftest/efi_selftest_miniapp_exit.c
@@ -21,7 +21,7 @@
*
* @image_handle: handle of the loaded image
* @systable: system table
- * @return: status code
+ * Return: status code
*/
static efi_status_t EFIAPI check_loaded_image_protocol
(efi_handle_t image_handle, struct efi_system_table *systable)
@@ -60,7 +60,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: status code
+ * Return: status code
*/
efi_status_t EFIAPI efi_main(efi_handle_t handle,
struct efi_system_table *systable)
diff --git a/lib/efi_selftest/efi_selftest_reset.c b/lib/efi_selftest/efi_selftest_reset.c
index 8b6ac24..f888054 100644
--- a/lib/efi_selftest/efi_selftest_reset.c
+++ b/lib/efi_selftest/efi_selftest_reset.c
@@ -17,7 +17,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -29,7 +29,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_rng.c b/lib/efi_selftest/efi_selftest_rng.c
index fca9749..007d1c8 100644
--- a/lib/efi_selftest/efi_selftest_rng.c
+++ b/lib/efi_selftest/efi_selftest_rng.c
@@ -20,7 +20,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -35,7 +35,7 @@
* Retrieve available RNG algorithms.
* Retrieve two random values and compare them.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_rtc.c b/lib/efi_selftest/efi_selftest_rtc.c
index 6f7035d..e9e47e9 100644
--- a/lib/efi_selftest/efi_selftest_rtc.c
+++ b/lib/efi_selftest/efi_selftest_rtc.c
@@ -19,7 +19,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -35,7 +35,7 @@
* Set a new value and read it back.
* Set the real time clock back the current time.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_set_virtual_address_map.c b/lib/efi_selftest/efi_selftest_set_virtual_address_map.c
index 8e2e8ba..d28ed83 100644
--- a/lib/efi_selftest/efi_selftest_set_virtual_address_map.c
+++ b/lib/efi_selftest/efi_selftest_set_virtual_address_map.c
@@ -73,7 +73,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -176,7 +176,7 @@
* The triggering of the EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event is checked via
* the call count of the notification function.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_snp.c b/lib/efi_selftest/efi_selftest_snp.c
index 818cbfc..15af8d3 100644
--- a/lib/efi_selftest/efi_selftest_snp.c
+++ b/lib/efi_selftest/efi_selftest_snp.c
@@ -77,7 +77,7 @@
*
* @buf: IP header
* @len: length of header in bytes
- * @return: checksum
+ * Return: checksum
*/
static unsigned int efi_ip_checksum(const void *buf, size_t len)
{
@@ -175,7 +175,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -282,7 +282,7 @@
* A DHCP discover message is sent. The test is successful if a
* DHCP reply is received within 10 seconds.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
@@ -422,7 +422,7 @@
* Close the timer event created in setup.
* Shut down the network adapter.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
diff --git a/lib/efi_selftest/efi_selftest_startimage_exit.c b/lib/efi_selftest/efi_selftest_startimage_exit.c
index 5d4c0a6..b65a10b 100644
--- a/lib/efi_selftest/efi_selftest_startimage_exit.c
+++ b/lib/efi_selftest/efi_selftest_startimage_exit.c
@@ -79,7 +79,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -96,7 +96,7 @@
/*
* Tear down unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -117,7 +117,7 @@
*
* Load and start the application image.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_startimage_return.c b/lib/efi_selftest/efi_selftest_startimage_return.c
index 44c2364..3e0c5a9 100644
--- a/lib/efi_selftest/efi_selftest_startimage_return.c
+++ b/lib/efi_selftest/efi_selftest_startimage_return.c
@@ -79,7 +79,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -96,7 +96,7 @@
/*
* Tear down unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -117,7 +117,7 @@
*
* Load and start the application image.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_tcg2.c b/lib/efi_selftest/efi_selftest_tcg2.c
index 2eed588..a2b4a79 100644
--- a/lib/efi_selftest/efi_selftest_tcg2.c
+++ b/lib/efi_selftest/efi_selftest_tcg2.c
@@ -612,7 +612,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: status code
+ * Return: status code
*/
static int efi_st_tcg2_setup(const efi_handle_t img_handle,
const struct efi_system_table *systable)
@@ -949,7 +949,7 @@
/*
* efi_st_tcg2_teardown() - Tear down unit test
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int efi_st_tcg2_teardown(void)
{
diff --git a/lib/efi_selftest/efi_selftest_textinput.c b/lib/efi_selftest/efi_selftest_textinput.c
index b90671c..141856a 100644
--- a/lib/efi_selftest/efi_selftest_textinput.c
+++ b/lib/efi_selftest/efi_selftest_textinput.c
@@ -21,7 +21,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -34,7 +34,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_textinputex.c b/lib/efi_selftest/efi_selftest_textinputex.c
index de44224..bd221d6 100644
--- a/lib/efi_selftest/efi_selftest_textinputex.c
+++ b/lib/efi_selftest/efi_selftest_textinputex.c
@@ -45,7 +45,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -93,7 +93,7 @@
*
* Unregister notify function.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -112,7 +112,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_textoutput.c b/lib/efi_selftest/efi_selftest_textoutput.c
index a87f65e..450fe97 100644
--- a/lib/efi_selftest/efi_selftest_textoutput.c
+++ b/lib/efi_selftest/efi_selftest_textoutput.c
@@ -15,7 +15,7 @@
/*
* Execute unit test.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_tpl.c b/lib/efi_selftest/efi_selftest_tpl.c
index 0c0e412..f4e4672 100644
--- a/lib/efi_selftest/efi_selftest_tpl.c
+++ b/lib/efi_selftest/efi_selftest_tpl.c
@@ -37,7 +37,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -68,7 +68,7 @@
*
* Close the events created in setup.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -106,7 +106,7 @@
* Lower the TPL level and check that the queued notification
* function is called.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_unaligned.c b/lib/efi_selftest/efi_selftest_unaligned.c
index 1802948..6fce110 100644
--- a/lib/efi_selftest/efi_selftest_unaligned.c
+++ b/lib/efi_selftest/efi_selftest_unaligned.c
@@ -19,7 +19,7 @@
* occurs.
*
* @addr: address to read
- * @return: value at the address
+ * Return: value at the address
*/
static inline u32 deref(u32 *addr)
{
@@ -37,7 +37,7 @@
* Execute unit test.
* An unaligned memory access is executed. The result is checked.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/efi_selftest_watchdog.c b/lib/efi_selftest/efi_selftest_watchdog.c
index cbc6761..a352d4a 100644
--- a/lib/efi_selftest/efi_selftest_watchdog.c
+++ b/lib/efi_selftest/efi_selftest_watchdog.c
@@ -65,7 +65,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -98,7 +98,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup_timer(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -112,7 +112,7 @@
*
* @handle: handle of the loaded image
* @systable: system table
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int setup_reboot(const efi_handle_t handle,
const struct efi_system_table *systable)
@@ -126,7 +126,7 @@
*
* Close the events created in setup.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int teardown(void)
{
@@ -166,7 +166,7 @@
* Run a 1350 ms single shot timer and check that the 600ms timer has
* been called 2 times.
*
- * @return: EFI_ST_SUCCESS for success
+ * Return: EFI_ST_SUCCESS for success
*/
static int execute(void)
{
diff --git a/lib/efi_selftest/initrddump.c b/lib/efi_selftest/initrddump.c
index 325951b..efdcf0d 100644
--- a/lib/efi_selftest/initrddump.c
+++ b/lib/efi_selftest/initrddump.c
@@ -405,7 +405,7 @@
*
* @handle: handle of the loaded image
* @systab: system table
- * @return: status code
+ * Return: status code
*/
efi_status_t EFIAPI efi_main(efi_handle_t image_handle,
struct efi_system_table *systab)
diff --git a/lib/uuid.c b/lib/uuid.c
index 24571ef..284f811 100644
--- a/lib/uuid.c
+++ b/lib/uuid.c
@@ -220,7 +220,13 @@
"TCG2 Final Events Table",
EFI_TCG2_FINAL_EVENTS_TABLE_GUID,
},
+#ifdef CONFIG_EFI_RISCV_BOOT_PROTOCOL
+ {
+ "RISC-V Boot",
+ RISCV_EFI_BOOT_PROTOCOL_GUID,
+ },
#endif
+#endif /* CONFIG_CMD_EFIDEBUG */
#ifdef CONFIG_CMD_NVEDIT_EFI
/* signature database */
{
diff --git a/tools/mkeficapsule.c b/tools/mkeficapsule.c
index 4995ba4..243fd6e 100644
--- a/tools/mkeficapsule.c
+++ b/tools/mkeficapsule.c
@@ -7,6 +7,7 @@
#include <getopt.h>
#include <malloc.h>
#include <stdbool.h>
+#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -51,27 +52,132 @@
static void print_usage(void)
{
printf("Usage: %s [options] <output file>\n"
- "Options:\n"
+ "Options:\n"
- "\t-f, --fit <fit image> new FIT image file\n"
- "\t-r, --raw <raw image> new raw image file\n"
- "\t-i, --index <index> update image index\n"
- "\t-I, --instance <instance> update hardware instance\n"
- "\t-h, --help print a help message\n",
- tool_name);
+ "\t-f, --fit <fit image> new FIT image file\n"
+ "\t-r, --raw <raw image> new raw image file\n"
+ "\t-i, --index <index> update image index\n"
+ "\t-I, --instance <instance> update hardware instance\n"
+ "\t-h, --help print a help message\n",
+ tool_name);
}
+/**
+ * read_bin_file - read a firmware binary file
+ * @bin: Path to a firmware binary file
+ * @data: Pointer to pointer of allocated buffer
+ * @bin_size: Size of allocated buffer
+ *
+ * Read out a content of binary, @bin, into @data.
+ * A caller should free @data.
+ *
+ * Return:
+ * * 0 - on success
+ * * -1 - on failure
+ */
+static int read_bin_file(char *bin, void **data, off_t *bin_size)
+{
+ FILE *g;
+ struct stat bin_stat;
+ void *buf;
+ size_t size;
+ int ret = 0;
+
+ g = fopen(bin, "r");
+ if (!g) {
+ fprintf(stderr, "cannot open %s\n", bin);
+ return -1;
+ }
+ if (stat(bin, &bin_stat) < 0) {
+ fprintf(stderr, "cannot determine the size of %s\n", bin);
+ ret = -1;
+ goto err;
+ }
+ if (bin_stat.st_size > SIZE_MAX) {
+ fprintf(stderr, "file size is too large for malloc: %s\n", bin);
+ ret = -1;
+ goto err;
+ }
+ buf = malloc(bin_stat.st_size);
+ if (!buf) {
+ fprintf(stderr, "cannot allocate memory: %zx\n",
+ (size_t)bin_stat.st_size);
+ ret = -1;
+ goto err;
+ }
+
+ size = fread(buf, 1, bin_stat.st_size, g);
+ if (size < bin_stat.st_size) {
+ fprintf(stderr, "read failed (%zx)\n", size);
+ ret = -1;
+ goto err;
+ }
+
+ *data = buf;
+ *bin_size = bin_stat.st_size;
+err:
+ fclose(g);
+
+ return ret;
+}
+
+/**
+ * write_capsule_file - write a capsule file
+ * @bin: FILE stream
+ * @data: Pointer to data
+ * @bin_size: Size of data
+ *
+ * Write out data, @data, with the size @bin_size.
+ *
+ * Return:
+ * * 0 - on success
+ * * -1 - on failure
+ */
+static int write_capsule_file(FILE *f, void *data, size_t size, const char *msg)
+{
+ size_t size_written;
+
+ size_written = fwrite(data, 1, size, f);
+ if (size_written < size) {
+ fprintf(stderr, "%s: write failed (%zx != %zx)\n", msg,
+ size_written, size);
+ return -1;
+ }
+
+ return 0;
+}
+
+/**
+ * create_fwbin - create an uefi capsule file
+ * @path: Path to a created capsule file
+ * @bin: Path to a firmware binary to encapsulate
+ * @guid: GUID of related FMP driver
+ * @index: Index number in capsule
+ * @instance: Instance number in capsule
+ * @mcount: Monotonic count in authentication information
+ * @private_file: Path to a private key file
+ * @cert_file: Path to a certificate file
+ *
+ * This function actually does the job of creating an uefi capsule file.
+ * All the arguments must be supplied.
+ * If either @private_file ror @cert_file is NULL, the capsule file
+ * won't be signed.
+ *
+ * Return:
+ * * 0 - on success
+ * * -1 - on failure
+ */
static int create_fwbin(char *path, char *bin, efi_guid_t *guid,
unsigned long index, unsigned long instance)
{
struct efi_capsule_header header;
struct efi_firmware_management_capsule_header capsule;
struct efi_firmware_management_capsule_image_header image;
- FILE *f, *g;
- struct stat bin_stat;
- u8 *data;
- size_t size;
+ FILE *f;
+ void *data;
+ off_t bin_size;
u64 offset;
+ int ret;
#ifdef DEBUG
printf("For output: %s\n", path);
@@ -79,25 +185,28 @@
printf("\tindex: %ld\n\tinstance: %ld\n", index, instance);
#endif
- g = fopen(bin, "r");
- if (!g) {
- printf("cannot open %s\n", bin);
- return -1;
- }
- if (stat(bin, &bin_stat) < 0) {
- printf("cannot determine the size of %s\n", bin);
- goto err_1;
- }
- data = malloc(bin_stat.st_size);
- if (!data) {
- printf("cannot allocate memory: %zx\n", (size_t)bin_stat.st_size);
- goto err_1;
- }
+ f = NULL;
+ data = NULL;
+ ret = -1;
+
+ /*
+ * read a firmware binary
+ */
+ if (read_bin_file(bin, &data, &bin_size))
+ goto err;
+
+ /*
+ * write a capsule file
+ */
f = fopen(path, "w");
if (!f) {
- printf("cannot open %s\n", path);
- goto err_2;
+ fprintf(stderr, "cannot open %s\n", path);
+ goto err;
}
+
+ /*
+ * capsule file header
+ */
header.capsule_guid = efi_guid_fm_capsule;
header.header_size = sizeof(header);
/* TODO: The current implementation ignores flags */
@@ -105,70 +214,57 @@
header.capsule_image_size = sizeof(header)
+ sizeof(capsule) + sizeof(u64)
+ sizeof(image)
- + bin_stat.st_size;
-
- size = fwrite(&header, 1, sizeof(header), f);
- if (size < sizeof(header)) {
- printf("write failed (%zx)\n", size);
- goto err_3;
- }
+ + bin_size;
+ if (write_capsule_file(f, &header, sizeof(header),
+ "Capsule header"))
+ goto err;
+ /*
+ * firmware capsule header
+ * This capsule has only one firmware capsule image.
+ */
capsule.version = 0x00000001;
capsule.embedded_driver_count = 0;
capsule.payload_item_count = 1;
- size = fwrite(&capsule, 1, sizeof(capsule), f);
- if (size < (sizeof(capsule))) {
- printf("write failed (%zx)\n", size);
- goto err_3;
- }
+ if (write_capsule_file(f, &capsule, sizeof(capsule),
+ "Firmware capsule header"))
+ goto err;
+
offset = sizeof(capsule) + sizeof(u64);
- size = fwrite(&offset, 1, sizeof(offset), f);
- if (size < sizeof(offset)) {
- printf("write failed (%zx)\n", size);
- goto err_3;
- }
+ if (write_capsule_file(f, &offset, sizeof(offset),
+ "Offset to capsule image"))
+ goto err;
+ /*
+ * firmware capsule image header
+ */
image.version = 0x00000003;
memcpy(&image.update_image_type_id, guid, sizeof(*guid));
image.update_image_index = index;
image.reserved[0] = 0;
image.reserved[1] = 0;
image.reserved[2] = 0;
- image.update_image_size = bin_stat.st_size;
+ image.update_image_size = bin_size;
image.update_vendor_code_size = 0; /* none */
image.update_hardware_instance = instance;
image.image_capsule_support = 0;
-
- size = fwrite(&image, 1, sizeof(image), f);
- if (size < sizeof(image)) {
- printf("write failed (%zx)\n", size);
- goto err_3;
- }
- size = fread(data, 1, bin_stat.st_size, g);
- if (size < bin_stat.st_size) {
- printf("read failed (%zx)\n", size);
- goto err_3;
- }
- size = fwrite(data, 1, bin_stat.st_size, f);
- if (size < bin_stat.st_size) {
- printf("write failed (%zx)\n", size);
- goto err_3;
- }
+ if (write_capsule_file(f, &image, sizeof(image),
+ "Firmware capsule image header"))
+ goto err;
- fclose(f);
- fclose(g);
- free(data);
+ /*
+ * firmware binary
+ */
+ if (write_capsule_file(f, data, bin_size, "Firmware binary"))
+ goto err;
- return 0;
-
-err_3:
- fclose(f);
-err_2:
+ ret = 0;
+err:
+ if (f)
+ fclose(f);
free(data);
-err_1:
- fclose(g);
- return -1;
+ return ret;
}
/*
@@ -194,7 +290,7 @@
switch (c) {
case 'f':
if (file) {
- printf("Image already specified\n");
+ fprintf(stderr, "Image already specified\n");
return -1;
}
file = optarg;
@@ -202,7 +298,7 @@
break;
case 'r':
if (file) {
- printf("Image already specified\n");
+ fprintf(stderr, "Image already specified\n");
return -1;
}
file = optarg;
@@ -234,7 +330,7 @@
if (create_fwbin(argv[optind], file, guid, index, instance)
< 0) {
- printf("Creating firmware capsule failed\n");
+ fprintf(stderr, "Creating firmware capsule failed\n");
exit(EXIT_FAILURE);
}