It does not make sense to enable all SHA algorithms unless they are
needed. It bloats the code and in this case, causes chromebook_link to
fail to build. That board does use the TPM, but not with measured boot,
nor EFI.
Since EFI_TCG2_PROTOCOL already selects these options, we just need to
add them to MEASURED_BOOT as well.
Note that the original commit combines refactoring and new features,
which makes it hard to see what is going on.
Fixes: 97707f12fd tpm: Support boot measurements
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
A while back we moved the core functions of the EFI TCG protocol to the
TPM APIs in order for them to be used with bootm, booti etc.
Some prototypes changed from returning efi_status_t to int, which is more
appropriate for the non-EFI APIs. However, some of the EFI callsites never
changed and we ended up assigning the int value to efi_status_t.
This is unlikely to cause any problems, apart from returning invalid
values on failures and violating the EFI spec. Let's fix them
by looking at the new return code and map it to the proper EFI return
code on failures.
Fixes: commit 97707f12fd ("tpm: Support boot measurements")
Fixes: commit d6b55a420c ("efi_loader: startup the tpm device when installing the protocol")
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We currently return 'No space left on device' if the eventlong buffer
we allocated is not enough. On a similar check later on that function
during the call to tcg2_log_init() we return 'No buffer space
available'. So switch both error codes to -ENOBUFS since we are always
checking a buffer and not a device.
Fixes: commit 97707f12fd ("tpm: Support boot measurements")
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Code is pretty much supports only DT properties and completely ignore
information coming from sysinfo driver.
Code is calling smbios_add_prop() which calls with
smbios_add_prop_si(SYSINFO_ID_NONE). But SYSINFO_ID_NONE can't
differentiate different entries from sysinfo driver.
That's why introduce separate SYSINFO macros which can be used in sysinfo
driver and passed to smbios structure.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently code looks like that it sysinfo drivers are supported but
actually none checking that system is detected. That's why call
sysinfo_detect() to make sure that priv->detected in sysinfo uclass is
setup hence information from driver can be passed to smbios.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
If multiple weak implementations of a weak function exist, it is unclear
which one the linker should chose. cmd/cache.c already defines a weak
invalidate_icache_all().
We don't need a call to invalidate_icache_all() on x86.
ARM, RISC-V, and Sandbox provide an implementation.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
If SYSINFO support isn't enabled, it's a given that uclass_first_device
for UCLASS_SYSINFO will not find anything, therefore let's skip the test
entirely.
This allows to get rid of the following debug message that may be
confusing:
Cannot find uclass for id 118: please add the UCLASS_DRIVER() declaration for this UCLASS_... id
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
The PC client spec [0], doesn't describe measurements for DTBs. It does
describe what do to for ACPI tables though.
There is a description for ACPI in 3.3.4.1 PCR[0] – SRTM, POST BIOS,
and Embedded Drivers and they explicitly mention ACPI in there. There's
no mention of ACPI in 3.3.4.2 PCR[1] – Host Platform Configuration.
However, in Figure 6 -- PCR Mapping of UEFI Components ACPI is shown
in PCR1. The general description also mentions PCR0 is for code and PCR1
is for data such as ACPI and SMBIOS.
So let's switch over the DTB measurements to PCR1 which seems a better
fit.
[0] https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Eddie James <eajames@linux.ibm.com>
Loading and running the ELF image is the responsibility of the
library and should not be associated with the command line interface.
It is also required to run ELF images from FIT with the bootm command
so as not to depend on the command line interface.
Signed-off-by: Maxim Moskalets <maximmosk4@gmail.com>
The BLK symbol is used both for "we have a block device subsystem
enabled" and "we need to utilize the block device library functions". In
the case of efi_loader, it is the case of "we need to utilize the block
device library", so select rather than depends on it. In turn, also
disable EFI_LOADER on platforms which did not have it on previously due
to a lack of block devices. They can enable it themselves if desired.
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Comment is not kernel-doc format that's why don't label it like that and
also fix indentation to have proper multiline comment.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
According to UEFI v2.10 spec section 8.2.6, if a caller invokes the
SetVariables() service, it will produce a digest from hash(VariableName,
VendorGuid, Attributes, TimeStamp, DataNew_variable_content), then the
firmware that implements the SetVariable() service will compare the
digest with the result of applying the signer’s public key to the
signature. For EFI variable append write, efitools sign-efi-sig-list has
an option "-a" to add EFI_VARIABLE_APPEND_WRITE attr, and u-boot will
drop this attribute in efi_set_variable_int(). So if a caller uses
"sign-efi-sig-list -a" to create the authenticated variable, this append
write will fail in the u-boot due to "hash check failed".
This patch resumes writing the EFI_VARIABLE_APPEND_WRITE attr to ensure
that the hash check is correct. And also update the "test_efi_secboot"
test case to compliance with the change.
Signed-off-by: Weizhao Ouyang <o451686892@gmail.com>
As we now also store device-tree device-paths in load options rename
struct efi_initrd_dp to efi_lo_dp_prefix.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
If no device-tree is specified, try to load a device-tree from the boot
device use the $fdtfile concatenated to either of the paths '/dtb/', '/',
'/dtb/current/'.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
For finding distro supplied device-trees we need to know from which device
we are booting. This can be identified via the device-path of the binary.
Up to now efi_dp_from_lo() only could return the initrd or fdt device-path.
Allow returning the binary device-path, too.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We allow to specify the triple of binary, initrd, and device-tree in boot
options.
Add the code to actually load the specified device-tree.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We already support creating a load option where the device-path
field contains the concatenation of the binary device-path and
optionally the device path of the initrd which we expose via the
EFI_LOAD_FILE2_PROTOCOL.
Allow to append another device-path pointing to the device-tree
identified by the device-tree GUID.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Allow appending a device-path to a device-path that contains an end node
as separator. We need this feature for creating boot options specifying
kernel, initrd, and dtb.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Sughosh Ganu <sughosh.ganu@linaro.org> says:
The following patch series adds support for version 2 of the FWU
metadata. The version 2 metadata structure is defined in the latest
revision of the FWU specification [1].
The earlier versions of these patches were migrating to a version 2
only support in U-Boot, similar to TF-A. However, based on feedback
from ST [2], this series has been updated to support both versions. A
platform would still be needed to enable one of the two versions of
metadata through a config symbol.
TF-A has code which reads the FWU metadata and boots the platform from
the active partition. TF-A has decided to migrate the FWU code to a
version 2 only support. These changes have been merged in upstream
TF-A.
These changes have been tested on the ST DK2 board, which uses the GPT
based partitioning scheme. Both V1 and V2 metadata versions have been
tested on the DK2 board.
These changes need to be tested on platforms with MTD partitioned
storage devices.
Make changes to the functions used for generating the DFU's alt
variable so that the FWU image information is obtained from the common
version agnostic structure instead of reading the metadata.
While here, also update the name of the field used for storing the
image GUID in the FWU metadata.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Information about FWU images on MTD partitions is now stored with the
corresponding driver instead of a global variable. Get this
information from the driver.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The third argument passed to the function gen_image_alt_info() is not
used and is superfluous. Remove this unused argument from the function
call.
Fixes: 4898679e19 (FWU: Add FWU metadata access driver for MTD storage regions)
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Support has been added for version 2 of the FWU metadata
structure. Add config symbols to enable either of the two versions.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Transition the platform to either Trial State or Regular State on a
successful update. Do this by calling the fwu_state_machine_updates()
API function.
For version 1 of the FWU metadata, the transition to Trial State is
done by starting the Trial State counter, while for version 2, in
addition to the counter, the bank_state field of the FWU metadata is
also updated to Valid.
For transitioning the platform to Regular State, no action is needed
with version 1 of the FWU metadata structure, while for version 2, the
bank_state field is set to Accepted.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
With addition of support for version 2 of the FWU metadata structure,
the metadata information is collected into a version agnostic
structure. Make changes to the FWU functions so that the information
that was earlier obtained by reading the metadata structure is now
obtained through this version agnostic structure.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Support is being added in U-Boot for version 2 of the FWU
metadata. Support for this version is to co-exist with version 1
support. To achieve this, a common, version agnostic structure has
been added to keep information provided by the FWU metadata
structure.
Add API's to handle the version specific FWU metadata fields. The
version agnostic structure gets initialized at boot by reading the FWU
metadata. Updates to the FWU metadata result in the API's getting
called to populate the version specific fields of the strucure, before
the metadata gets written to the storage media.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Use of typedef is beneficial for porting with other crypto libs
without changing the API callers.
Secondly, it is for the code consistency with other digest libs.
SHA1, SHA256 and SHA512 are all using typedef for their context.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add SPL variant of DM_RNG so that the DM_RNG can be disabled in SPL
if necessary. This may be necessary due to e.g. size constraints of
the SPL.
Signed-off-by: Marek Vasut <marex@denx.de>
Previous patches added QueryVariableInfo at runtime tests and
split a common function that can be used at boottime. Weire it
up and run a similar set of tets. While at it move a test which is
checiking for 0 available storage in the common code
Add tests for
- Test QueryVariableInfo returns EFI_SUCCESS
- Test null pointers for the function arguments
- Test invalid combination of attributes
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Since we support QueryVariableInfo at runtime now add the relevant
tests. Since we want those to be reusable at bootime, add them
in a separate file
Add tests for
- Test QueryVariableInfo returns EFI_SUCCESS
- Test null pointers for the function arguments
- Test invalid combination of attributes
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Since commit c28d32f946 ("efi_loader: conditionally enable SetvariableRT")
we are enabling the last bits of missing runtime services.
Add support for QueryVariableInfo which we already support at boottime
and we just need to mark some fucntions available at runtime and move
some checks around.
It's worth noting that pointer checks for maxmimum and remaining
variable storage aren't when we store variables on the RPMB, since the
Secure World backend is already performing them.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The check of the return code is already done a few lines above.
Although it doesn't cause any functional issues, remove the superfluous
checks
Addresses-Coverity-ID: 492766 Control flow issues (DEADCODE)
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
If the UEFI boot manager fails there is no point in installing the
device-tree as a configuration table.
Unload image if device-tree cannot be installed.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The image is not unloaded if a security violation occurs.
If efi_set_load_options() fails, we do not free the memory allocated for
the optional data. We do not unload the image.
* Unload the image if a security violation occurs.
* Free load_options if efi_set_load_options() fails.
* Unload the image if efi_set_load_options() fails.
Fixes: 53f6a5aa86 ("efi_loader: Replace config option for initrd loading")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
EFI_CALL() invokes __efi_entry_check() which executes set_gd(efi_gd).
There is no need to execute set_gd(efi_gd) again via efi_restore_gd().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Michal Simek <michal.simek@amd.com> says:
I looked as cleaning up some dependencies and I found that qconfig is
reporting some issues. This series is fixing some of them. But there are
still some other pending. That's why please go and fix them if they are
related to your board.
UTF-8: I am using uni2ascii -B < file to do conversion. When you run it in
a loop you will find some other issue with copyright chars or some issues
in files taken from the Linux kernel like DTs. They should be likely fixed
in the kernel first.
Based on discussion I am ignoring names too.
Convert UTF-8 chars to ASCII in cases where make sense. No Copyright or
names are converted.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Marek Behún <kabel@kernel.org>
All errors are generated by ./tools/qconfig.py -b -j8 -i whatever.
Error look like this:
warning: style: quotes recommended around default value for string symbol
EFI_VAR_SEED_FILE (defined at lib/efi_loader/Kconfig:130)
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
All errors are generated by ./tools/qconfig.py -b -j8 -i whatever.
Error look like this:
drivers/crypto/Kconfig:9: warning: style: quotes recommended around
'drivers/crypto/nuvoton/Kconfig' in 'source drivers/crypto/nuvoton/Kconfig'
Signed-off-by: Michal Simek <michal.simek@amd.com>
Since we support SetVariableRT now add the relevant tests
- Search for the RTStorageVolatile and VarToFile variables after EBS
- Try to update with invalid variales (BS, RT only)
- Try to write a variable bigger than our backend storage
- Write a variable that fits and check VarToFile has been updated
correclty
- Append to the variable and check VarToFile changes
- Try to delete VarToFile which is write protected
- Try to add/delete runtime variables
- Verify VarToFile contains a valid file format
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
