diff options
| author | Tom Rini <trini@konsulko.com> | 2022-09-19 13:19:39 -0400 | 
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2022-09-19 16:07:12 -0400 | 
| commit | e9a1ff9724348408144c7f1c5b5cc26130ba46e5 (patch) | |
| tree | 68b56f117206d121b4a7e567b0209c02283c98e6 /lib | |
| parent | b6c50e5831f6ce3800d4b3cf3c7aa35dde8c48d9 (diff) | |
| parent | f76f3e3b44328fe6229650540109af93750fd5f0 (diff) | |
Merge branch 'master' into next
Signed-off-by: Tom Rini <trini@konsulko.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/efi_driver/efi_uclass.c | 9 | ||||
| -rw-r--r-- | lib/efi_loader/Kconfig | 17 | ||||
| -rw-r--r-- | lib/efi_loader/Makefile | 1 | ||||
| -rw-r--r-- | lib/efi_loader/efi_boottime.c | 9 | ||||
| -rw-r--r-- | lib/efi_loader/efi_conformance.c | 60 | ||||
| -rw-r--r-- | lib/efi_loader/efi_console.c | 5 | ||||
| -rw-r--r-- | lib/efi_loader/efi_device_path_to_text.c | 7 | ||||
| -rw-r--r-- | lib/efi_loader/efi_disk.c | 17 | ||||
| -rw-r--r-- | lib/efi_loader/efi_setup.c | 14 | ||||
| -rw-r--r-- | lib/efi_loader/helloworld.c | 66 | ||||
| -rw-r--r-- | lib/efi_selftest/Makefile | 1 | ||||
| -rw-r--r-- | lib/efi_selftest/efi_selftest.c | 38 | ||||
| -rw-r--r-- | lib/efi_selftest/efi_selftest_ecpt.c | 76 | ||||
| -rw-r--r-- | lib/efi_selftest/efi_selftest_fdt.c | 17 | ||||
| -rw-r--r-- | lib/efi_selftest/efi_selftest_miniapp_exception.c | 9 | ||||
| -rw-r--r-- | lib/efi_selftest/efi_selftest_util.c | 11 | ||||
| -rw-r--r-- | lib/tpm-v1.c | 5 | ||||
| -rw-r--r-- | lib/tpm-v2.c | 70 | ||||
| -rw-r--r-- | lib/tpm_api.c | 10 | ||||
| -rw-r--r-- | lib/uuid.c | 4 | 
20 files changed, 379 insertions, 67 deletions
| diff --git a/lib/efi_driver/efi_uclass.c b/lib/efi_driver/efi_uclass.c index b01ce89c84e..74dd0032437 100644 --- a/lib/efi_driver/efi_uclass.c +++ b/lib/efi_driver/efi_uclass.c @@ -71,6 +71,15 @@ static efi_status_t EFIAPI efi_uc_supported(  	EFI_ENTRY("%p, %p, %ls", this, controller_handle,  		  efi_dp_str(remaining_device_path)); +	/* +	 * U-Boot internal devices install protocols interfaces without calling +	 * ConnectController(). Hence we should not bind an extra driver. +	 */ +	if (controller_handle->dev) { +		ret = EFI_UNSUPPORTED; +		goto out; +	} +  	ret = EFI_CALL(systab.boottime->open_protocol(  			controller_handle, bp->ops->protocol,  			&interface, this->driver_binding_handle, diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index 476a22d7ea3..41756ea5396 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -384,6 +384,23 @@ config EFI_ESRT  	help  	  Enabling this option creates the ESRT UEFI system table. +config EFI_ECPT +	bool "Enable the UEFI ECPT generation" +	default y +	help +	  Enabling this option created the ECPT UEFI table. + +config EFI_EBBR_2_0_CONFORMANCE +	bool "Add the EBBRv2.0 conformance entry to the ECPT table" +	depends on EFI_ECPT +	depends on EFI_LOADER_HII +	depends on EFI_RISCV_BOOT_PROTOCOL || !RISCV +	depends on EFI_RNG_PROTOCOL || !DM_RNG +	depends on EFI_UNICODE_COLLATION_PROTOCOL2 +	default y +	help +	  Enabling this option adds the EBBRv2.0 conformance entry to the ECPT UEFI table. +  config EFI_RISCV_BOOT_PROTOCOL  	bool "RISCV_EFI_BOOT_PROTOCOL support"  	default y diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile index f54c244c326..e187d2a914f 100644 --- a/lib/efi_loader/Makefile +++ b/lib/efi_loader/Makefile @@ -76,6 +76,7 @@ obj-$(CONFIG_EFI_TCG2_PROTOCOL) += efi_tcg2.o  obj-$(CONFIG_EFI_RISCV_BOOT_PROTOCOL) += efi_riscv.o  obj-$(CONFIG_EFI_LOAD_FILE2_INITRD) += efi_load_initrd.o  obj-$(CONFIG_EFI_SIGNATURE_SUPPORT) += efi_signature.o +obj-$(CONFIG_EFI_ECPT) += efi_conformance.o  EFI_VAR_SEED_FILE := $(subst $\",,$(CONFIG_EFI_VAR_SEED_FILE))  $(obj)/efi_var_seed.o: $(srctree)/$(EFI_VAR_SEED_FILE) diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c index 8da3bb29aa7..1bfd094e89f 100644 --- a/lib/efi_loader/efi_boottime.c +++ b/lib/efi_loader/efi_boottime.c @@ -619,9 +619,14 @@ efi_status_t efi_remove_all_protocols(const efi_handle_t handle)   */  void efi_delete_handle(efi_handle_t handle)  { -	if (!handle) +	efi_status_t ret; + +	ret = efi_remove_all_protocols(handle); +	if (ret == EFI_INVALID_PARAMETER) { +		log_err("Can't remove invalid handle %p\n", handle);  		return; -	efi_remove_all_protocols(handle); +	} +  	list_del(&handle->link);  	free(handle);  } diff --git a/lib/efi_loader/efi_conformance.c b/lib/efi_loader/efi_conformance.c new file mode 100644 index 00000000000..a49aae92497 --- /dev/null +++ b/lib/efi_loader/efi_conformance.c @@ -0,0 +1,60 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + *  EFI conformance profile table + * + *  Copyright (C) 2022 Arm Ltd. + */ + +#include <common.h> +#include <efi_loader.h> +#include <log.h> +#include <efi_api.h> +#include <malloc.h> + +static const efi_guid_t efi_ecpt_guid = EFI_CONFORMANCE_PROFILES_TABLE_GUID; +static const efi_guid_t efi_ebbr_2_0_guid = +	EFI_CONFORMANCE_PROFILE_EBBR_2_0_GUID; + +/** + * efi_ecpt_register() - Install the ECPT system table. + * + * Return: status code + */ +efi_status_t efi_ecpt_register(void) +{ +	int num_entries = 0; +	struct efi_conformance_profiles_table *ecpt; +	efi_status_t ret; +	size_t ecpt_size; + +	ecpt_size = num_entries * sizeof(efi_guid_t) +		+ sizeof(struct efi_conformance_profiles_table); +	ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, ecpt_size, +				(void **)&ecpt); + +	if (ret != EFI_SUCCESS) { +		log_err("Out of memory\n"); + +		return ret; +	} + +	if (CONFIG_IS_ENABLED(EFI_EBBR_2_0_CONFORMANCE)) +		guidcpy(&ecpt->conformance_profiles[num_entries++], +			&efi_ebbr_2_0_guid); + +	ecpt->version = EFI_CONFORMANCE_PROFILES_TABLE_VERSION; +	ecpt->number_of_profiles = num_entries; + +	/* Install the ECPT in the system configuration table. */ +	ret = efi_install_configuration_table(&efi_ecpt_guid, (void *)ecpt); +	if (ret != EFI_SUCCESS) { +		log_err("Failed to install ECPT\n"); +		efi_free_pool(ecpt); + +		return ret; +	} + +	log_debug("ECPT created\n"); + +	return EFI_SUCCESS; +} diff --git a/lib/efi_loader/efi_console.c b/lib/efi_loader/efi_console.c index 5be509f0d6e..cf9fbd9cb54 100644 --- a/lib/efi_loader/efi_console.c +++ b/lib/efi_loader/efi_console.c @@ -988,12 +988,14 @@ static efi_status_t EFIAPI efi_cin_read_key_stroke_ex(  	efi_cin_check();  	if (!key_available) { +		memset(key_data, 0, sizeof(struct efi_key_data));  		ret = EFI_NOT_READY;  		goto out;  	}  	/*  	 * CTRL+A - CTRL+Z have to be signaled as a - z.  	 * SHIFT+CTRL+A - SHIFT+CTRL+Z have to be signaled as A - Z. +	 * CTRL+\ - CTRL+_ have to be signaled as \ - _.  	 */  	switch (next_key.key.unicode_char) {  	case 0x01 ... 0x07: @@ -1006,6 +1008,9 @@ static efi_status_t EFIAPI efi_cin_read_key_stroke_ex(  			next_key.key.unicode_char += 0x40;  		else  			next_key.key.unicode_char += 0x60; +		break; +	case 0x1c ... 0x1f: +			next_key.key.unicode_char += 0x40;  	}  	*key_data = next_key;  	key_available = false; diff --git a/lib/efi_loader/efi_device_path_to_text.c b/lib/efi_loader/efi_device_path_to_text.c index 6c428ee061f..9062058ac22 100644 --- a/lib/efi_loader/efi_device_path_to_text.c +++ b/lib/efi_loader/efi_device_path_to_text.c @@ -190,13 +190,14 @@ static char *dp_msging(char *s, struct efi_device_path *dp)  		struct efi_device_path_nvme *ndp =  			(struct efi_device_path_nvme *)dp;  		u32 ns_id; -		int i;  		memcpy(&ns_id, &ndp->ns_id, sizeof(ns_id));  		s += sprintf(s, "NVMe(0x%x,", ns_id); -		for (i = 0; i < sizeof(ndp->eui64); ++i) + +		/* Display byte 7 first, byte 0 last */ +		for (int i = 0; i < 8; ++i)  			s += sprintf(s, "%s%02x", i ? "-" : "", -				     ndp->eui64[i]); +				     ndp->eui64[i ^ 7]);  		s += sprintf(s, ")");  		break; diff --git a/lib/efi_loader/efi_disk.c b/lib/efi_loader/efi_disk.c index 819dcb4f131..e39968a3f37 100644 --- a/lib/efi_loader/efi_disk.c +++ b/lib/efi_loader/efi_disk.c @@ -810,3 +810,20 @@ efi_status_t efi_disk_get_device_name(const efi_handle_t handle, char *buf, int  	return EFI_SUCCESS;  } + +/** + * efi_disks_register() - ensure all block devices are available in UEFI + * + * The function probes all block devices. As we store UEFI variables on the + * EFI system partition this function has to be called before enabling + * variable services. + */ +efi_status_t efi_disks_register(void) +{ +	struct udevice *dev; + +	uclass_foreach_dev_probe(UCLASS_BLK, dev) { +	} + +	return EFI_SUCCESS; +} diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c index 751beda5902..c633fcd91e3 100644 --- a/lib/efi_loader/efi_setup.c +++ b/lib/efi_loader/efi_setup.c @@ -246,6 +246,14 @@ efi_status_t efi_init_obj_list(void)  	/* Set up console modes */  	efi_setup_console_size(); +	/* +	 * Probe block devices to find the ESP. +	 * efi_disks_register() must be called before efi_init_variables(). +	 */ +	ret = efi_disks_register(); +	if (ret != EFI_SUCCESS) +		goto out; +  	/* Initialize variable services */  	ret = efi_init_variables();  	if (ret != EFI_SUCCESS) @@ -266,6 +274,12 @@ efi_status_t efi_init_obj_list(void)  	if (ret != EFI_SUCCESS)  		goto out; +	if (IS_ENABLED(CONFIG_EFI_ECPT)) { +		ret = efi_ecpt_register(); +		if (ret != EFI_SUCCESS) +			goto out; +	} +  	if (IS_ENABLED(CONFIG_EFI_ESRT)) {  		ret = efi_esrt_register();  		if (ret != EFI_SUCCESS) diff --git a/lib/efi_loader/helloworld.c b/lib/efi_loader/helloworld.c index 10666dc0f22..d565f327457 100644 --- a/lib/efi_loader/helloworld.c +++ b/lib/efi_loader/helloworld.c @@ -29,24 +29,66 @@ static struct efi_system_table *systable;  static struct efi_boot_services *boottime;  static struct efi_simple_text_output_protocol *con_out; +/* + * Print an unsigned 32bit value as decimal number to an u16 string + * + * @value:	value to be printed + * @buf:	pointer to buffer address + *		on return position of terminating zero word + */ +static void uint2dec(u32 value, u16 **buf) +{ +	u16 *pos = *buf; +	int i; +	u16 c; +	u64 f; + +	/* +	 * Increment by .5 and multiply with +	 * (2 << 60) / 1,000,000,000 = 0x44B82FA0.9B5A52CC +	 * to move the first digit to bit 60-63. +	 */ +	f = 0x225C17D0; +	f += (0x9B5A52DULL * value) >> 28; +	f += 0x44B82FA0ULL * value; + +	for (i = 0; i < 10; ++i) { +		/* Write current digit */ +		c = f >> 60; +		if (c || pos != *buf) +			*pos++ = c + '0'; +		/* Eliminate current digit */ +		f &= 0xfffffffffffffff; +		/* Get next digit */ +		f *= 0xaULL; +	} +	if (pos == *buf) +		*pos++ = '0'; +	*pos = 0; +	*buf = pos; +} +  /**   * print_uefi_revision() - print UEFI revision number   */  static void print_uefi_revision(void)  { -	u16 rev[] = u"0.0.0"; - -	rev[0] = (systable->hdr.revision >> 16) + '0'; -	rev[4] = systable->hdr.revision & 0xffff; -	for (; rev[4] >= 10;) { -		rev[4] -= 10; -		++rev[2]; +	u16 rev[13] = {0}; +	u16 *buf = rev; +	u16 digit; + +	uint2dec(systable->hdr.revision >> 16, &buf); +	*buf++ = '.'; +	uint2dec(systable->hdr.revision & 0xffff, &buf); + +	/* Minor revision is only to be shown if non-zero */ +	digit = *--buf; +	if (digit == '0') { +		*buf = 0; +	} else { +		*buf++ = '.'; +		*buf = digit;  	} -	/* Third digit is only to be shown if non-zero */ -	if (rev[4]) -		rev[4] += '0'; -	else -		rev[3] = 0;  	con_out->output_string(con_out, u"Running on UEFI ");  	con_out->output_string(con_out, rev); diff --git a/lib/efi_selftest/Makefile b/lib/efi_selftest/Makefile index 33536c9ec02..daac6c39682 100644 --- a/lib/efi_selftest/Makefile +++ b/lib/efi_selftest/Makefile @@ -49,6 +49,7 @@ efi_selftest_variables.o \  efi_selftest_variables_runtime.o \  efi_selftest_watchdog.o +obj-$(CONFIG_EFI_ECPT) += efi_selftest_ecpt.o  obj-$(CONFIG_NET) += efi_selftest_snp.o  obj-$(CONFIG_EFI_DEVICE_PATH_TO_TEXT) += efi_selftest_devicepath.o diff --git a/lib/efi_selftest/efi_selftest.c b/lib/efi_selftest/efi_selftest.c index 8e427b9e511..191da7fc451 100644 --- a/lib/efi_selftest/efi_selftest.c +++ b/lib/efi_selftest/efi_selftest.c @@ -14,8 +14,8 @@  #define EFI_ST_EXECUTE	2  #define EFI_ST_TEARDOWN	4 -static const struct efi_system_table *systable; -static const struct efi_boot_services *boottime; +const struct efi_system_table *st_systable; +const struct efi_boot_services *st_boottime;  static const struct efi_runtime_services *runtime;  static efi_handle_t handle;  static u16 reset_message[] = u"Selftest completed"; @@ -41,7 +41,7 @@ void efi_st_exit_boot_services(void)  	/* Do not detach devices in ExitBootServices. We need the console. */  	efi_st_keep_devices = true; -	ret = boottime->get_memory_map(&map_size, NULL, &map_key, &desc_size, +	ret = st_boottime->get_memory_map(&map_size, NULL, &map_key, &desc_size,  				       &desc_version);  	if (ret != EFI_BUFFER_TOO_SMALL) {  		efi_st_error( @@ -50,19 +50,19 @@ void efi_st_exit_boot_services(void)  	}  	/* Allocate extra space for newly allocated memory */  	map_size += sizeof(struct efi_mem_desc); -	ret = boottime->allocate_pool(EFI_BOOT_SERVICES_DATA, map_size, +	ret = st_boottime->allocate_pool(EFI_BOOT_SERVICES_DATA, map_size,  				      (void **)&memory_map);  	if (ret != EFI_SUCCESS) {  		efi_st_error("AllocatePool did not return EFI_SUCCESS\n");  		return;  	} -	ret = boottime->get_memory_map(&map_size, memory_map, &map_key, +	ret = st_boottime->get_memory_map(&map_size, memory_map, &map_key,  				       &desc_size, &desc_version);  	if (ret != EFI_SUCCESS) {  		efi_st_error("GetMemoryMap did not return EFI_SUCCESS\n");  		return;  	} -	ret = boottime->exit_boot_services(handle, map_key); +	ret = st_boottime->exit_boot_services(handle, map_key);  	if (ret != EFI_SUCCESS) {  		efi_st_error("ExitBootServices did not return EFI_SUCCESS\n");  		return; @@ -84,7 +84,7 @@ static int setup(struct efi_unit_test *test, unsigned int *failures)  	if (!test->setup)  		return EFI_ST_SUCCESS;  	efi_st_printc(EFI_LIGHTBLUE, "\nSetting up '%s'\n", test->name); -	ret = test->setup(handle, systable); +	ret = test->setup(handle, st_systable);  	if (ret != EFI_ST_SUCCESS) {  		efi_st_error("Setting up '%s' failed\n", test->name);  		++*failures; @@ -240,8 +240,8 @@ void efi_st_do_tests(const u16 *testname, unsigned int phase,   * All tests use a driver model and are run in three phases:   * setup, execute, teardown.   * - * A test may be setup and executed at boottime, - * it may be setup at boottime and executed at runtime, + * A test may be setup and executed at st_boottime, + * it may be setup at st_boottime and executed at runtime,   * or it may be setup and executed at runtime.   *   * After executing all tests the system is reset. @@ -257,14 +257,14 @@ efi_status_t EFIAPI efi_selftest(efi_handle_t image_handle,  	struct efi_loaded_image *loaded_image;  	efi_status_t ret; -	systable = systab; -	boottime = systable->boottime; -	runtime = systable->runtime; +	st_systable = systab; +	st_boottime = st_systable->boottime; +	runtime = st_systable->runtime;  	handle = image_handle; -	con_out = systable->con_out; -	con_in = systable->con_in; +	con_out = st_systable->con_out; +	con_in = st_systable->con_in; -	ret = boottime->handle_protocol(image_handle, &efi_guid_loaded_image, +	ret = st_boottime->handle_protocol(image_handle, &efi_guid_loaded_image,  					(void **)&loaded_image);  	if (ret != EFI_SUCCESS) {  		efi_st_error("Cannot open loaded image protocol\n"); @@ -280,9 +280,9 @@ efi_status_t EFIAPI efi_selftest(efi_handle_t image_handle,  			list_all_tests();  			/*  			 * TODO: -			 * Once the Exit boottime service is correctly +			 * Once the Exit st_boottime service is correctly  			 * implemented we should call -			 *   boottime->exit(image_handle, EFI_SUCCESS, 0, NULL); +			 *   st_boottime->exit(image_handle, EFI_SUCCESS, 0, NULL);  			 * here, cf.  			 * https://lists.denx.de/pipermail/u-boot/2017-October/308720.html  			 */ @@ -300,7 +300,7 @@ efi_status_t EFIAPI efi_selftest(efi_handle_t image_handle,  					     efi_unit_test));  	/* Allocate buffer for setup results */ -	ret = boottime->allocate_pool(EFI_RUNTIME_SERVICES_DATA, sizeof(int) * +	ret = st_boottime->allocate_pool(EFI_RUNTIME_SERVICES_DATA, sizeof(int) *  				      ll_entry_count(struct efi_unit_test,  						     efi_unit_test),  				      (void **)&setup_status); @@ -309,7 +309,7 @@ efi_status_t EFIAPI efi_selftest(efi_handle_t image_handle,  		return ret;  	} -	/* Execute boottime tests */ +	/* Execute st_boottime tests */  	efi_st_do_tests(testname, EFI_EXECUTE_BEFORE_BOOTTIME_EXIT,  			EFI_ST_SETUP | EFI_ST_EXECUTE | EFI_ST_TEARDOWN,  			&failures); diff --git a/lib/efi_selftest/efi_selftest_ecpt.c b/lib/efi_selftest/efi_selftest_ecpt.c new file mode 100644 index 00000000000..e8cc13545db --- /dev/null +++ b/lib/efi_selftest/efi_selftest_ecpt.c @@ -0,0 +1,76 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * efi_selftest_fdt + * + * Copyright (c) 2022 Heinrich Schuchardt <xypron.glpk@gmx.de> + * + * Check the EFI_CONFORMANCE_PROFILE_TABLE + */ + +#include <efi_selftest.h> + +static const efi_guid_t guid_ecpt = EFI_CONFORMANCE_PROFILES_TABLE_GUID; +static const efi_guid_t guid_ebbr_2_0 = EFI_CONFORMANCE_PROFILE_EBBR_2_0_GUID; + +/* + * ecpt_find_guid() - find GUID in EFI Conformance Profile Table + * + * @ecpt:	EFI Conformance Profile Table + * @guid:	GUID to find + * Return:	EFI_ST_SUCCESS for success + */ +static int ecpt_find_guid(struct efi_conformance_profiles_table *ecpt, +			  const efi_guid_t *guid) { +	int i; + +	for (i = 0; i < ecpt->number_of_profiles; ++i) { +		if (!memcmp(&ecpt->conformance_profiles[i], guid, 16)) +			return EFI_ST_SUCCESS; +	} +	efi_st_error("GUID %pU not found\n", guid); +	return EFI_ST_FAILURE; +} + +/* + * Execute unit test. + * + * Return:	EFI_ST_SUCCESS for success + */ +static int execute(void) +{ +	struct efi_conformance_profiles_table *ecpt; +	int expected_entries = 0; + +	ecpt = efi_st_get_config_table(&guid_ecpt); + +	if (!ecpt) { +		efi_st_error("Missing EFI Conformance Profile Table\n"); +		return EFI_ST_FAILURE; +	} + +	if (ecpt->version != EFI_CONFORMANCE_PROFILES_TABLE_VERSION) { +		efi_st_error("Wrong table version\n"); +		return EFI_ST_FAILURE; +	} + +	if (CONFIG_IS_ENABLED(EFI_EBBR_2_0_CONFORMANCE)) { +		++expected_entries; +		if (ecpt_find_guid(ecpt, &guid_ebbr_2_0)) +			return EFI_ST_FAILURE; +	} + +	if (ecpt->number_of_profiles != expected_entries) { +		efi_st_error("Expected %d entries, found %d\n", +			     expected_entries, ecpt->number_of_profiles); +		return EFI_ST_FAILURE; +	} + +	return EFI_ST_SUCCESS; +} + + +EFI_UNIT_TEST(ecpt) = { +	.name = "conformance profile table", +	.phase = EFI_EXECUTE_BEFORE_BOOTTIME_EXIT, +	.execute = execute, +}; diff --git a/lib/efi_selftest/efi_selftest_fdt.c b/lib/efi_selftest/efi_selftest_fdt.c index 114ac58bf5c..aa3b13ae3ab 100644 --- a/lib/efi_selftest/efi_selftest_fdt.c +++ b/lib/efi_selftest/efi_selftest_fdt.c @@ -144,23 +144,6 @@ static char *get_property(const u16 *property, const u16 *node)  	return NULL;  } -/** - * efi_st_get_config_table() - get configuration table - * - * @guid:	GUID of the configuration table - * Return:	pointer to configuration table or NULL - */ -static void *efi_st_get_config_table(const efi_guid_t *guid) -{ -	size_t i; - -	for (i = 0; i < systab.nr_tables; i++) { -		if (!guidcmp(guid, &systemtab->tables[i].guid)) -			return systemtab->tables[i].table; -	} -	return NULL; -} -  /*   * Setup unit test.   * diff --git a/lib/efi_selftest/efi_selftest_miniapp_exception.c b/lib/efi_selftest/efi_selftest_miniapp_exception.c index 79f9a67859b..a9ad381001f 100644 --- a/lib/efi_selftest/efi_selftest_miniapp_exception.c +++ b/lib/efi_selftest/efi_selftest_miniapp_exception.c @@ -9,6 +9,7 @@  #include <common.h>  #include <efi_api.h> +#include <host_arch.h>  /*   * Entry point of the EFI application. @@ -33,11 +34,17 @@ efi_status_t EFIAPI efi_main(efi_handle_t handle,  	asm volatile (".word 0xe7f7defb\n");  #elif defined(CONFIG_RISCV)  	asm volatile (".word 0xffffffff\n"); +#elif defined(CONFIG_X86) +	asm volatile (".word 0xffff\n");  #elif defined(CONFIG_SANDBOX) +#if (HOST_ARCH == HOST_ARCH_ARM || HOST_ARCH == HOST_ARCH_AARCH64) +	asm volatile (".word 0xe7f7defb\n"); +#elif (HOST_ARCH == HOST_ARCH_RISCV32 || HOST_ARCH == HOST_ARCH_RISCV64)  	asm volatile (".word 0xffffffff\n"); -#elif defined(CONFIG_X86) +#elif (HOST_ARCH == HOST_ARCH_X86 || HOST_ARCH == HOST_ARCH_X86_64)  	asm volatile (".word 0xffff\n");  #endif +#endif  	con_out->output_string(con_out, u"Exception not triggered.\n");  	return EFI_ABORTED;  } diff --git a/lib/efi_selftest/efi_selftest_util.c b/lib/efi_selftest/efi_selftest_util.c index dba02d6b567..7e03e0c9392 100644 --- a/lib/efi_selftest/efi_selftest_util.c +++ b/lib/efi_selftest/efi_selftest_util.c @@ -110,3 +110,14 @@ int efi_st_strcmp_16_8(const u16 *buf1, const char *buf2)  	}  	return 0;  } + +void *efi_st_get_config_table(const efi_guid_t *guid) +{ +	size_t i; + +	for (i = 0; i < st_systable->nr_tables; i++) { +		if (!guidcmp(guid, &st_systable->tables[i].guid)) +			return st_systable->tables[i].table; +	} +	return NULL; +} diff --git a/lib/tpm-v1.c b/lib/tpm-v1.c index 22a769c5874..d0e3ab1b21d 100644 --- a/lib/tpm-v1.c +++ b/lib/tpm-v1.c @@ -456,12 +456,13 @@ u32 tpm1_get_permissions(struct udevice *dev, u32 index, u32 *perm)  		0x0, 0x0, 0x0, 0x4,  	};  	const size_t index_offset = 18; -	const size_t perm_offset = 60; +	const size_t perm_offset = 74;  	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];  	size_t response_length = sizeof(response);  	u32 err; -	if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command), +	if (pack_byte_string(buf, sizeof(buf), "sd", +			     0, command, sizeof(command),  			     index_offset, index))  		return TPM_LIB_ERROR;  	err = tpm_sendrecv_command(dev, buf, response, &response_length); diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 1bf627853af..697b982e079 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -89,14 +89,18 @@ u32 tpm2_nv_define_space(struct udevice *dev, u32 space_index,  	 * Calculate the offset of the nv_policy piece by adding each of the  	 * chunks below.  	 */ -	uint offset = 10 + 8 + 13 + 14; +	const int platform_len = sizeof(u32); +	const int session_hdr_len = 13; +	const int message_len = 14; +	uint offset = TPM2_HDR_LEN + platform_len + session_hdr_len + +		message_len;  	u8 command_v2[COMMAND_BUFFER_SIZE] = {  		/* header 10 bytes */  		tpm_u16(TPM2_ST_SESSIONS),	/* TAG */ -		tpm_u32(offset + nv_policy_size),/* Length */ +		tpm_u32(offset + nv_policy_size + 2),/* Length */  		tpm_u32(TPM2_CC_NV_DEFINE_SPACE),/* Command code */ -		/* handles 8 bytes */ +		/* handles 4 bytes */  		tpm_u32(TPM2_RH_PLATFORM),	/* Primary platform seed */  		/* session header 13 bytes */ @@ -107,12 +111,15 @@ u32 tpm2_nv_define_space(struct udevice *dev, u32 space_index,  		tpm_u16(0),			/* auth_size */  		/* message 14 bytes + policy */ -		tpm_u16(12 + nv_policy_size),	/* size */ +		tpm_u16(message_len + nv_policy_size),	/* size */  		tpm_u32(space_index),  		tpm_u16(TPM2_ALG_SHA256),  		tpm_u32(nv_attributes),  		tpm_u16(nv_policy_size), -		/* nv_policy */ +		/* +		 * nv_policy +		 * space_size +		 */  	};  	int ret; @@ -120,8 +127,9 @@ u32 tpm2_nv_define_space(struct udevice *dev, u32 space_index,  	 * Fill the command structure starting from the first buffer:  	 *     - the password (if any)  	 */ -	ret = pack_byte_string(command_v2, sizeof(command_v2), "s", -			       offset, nv_policy, nv_policy_size); +	ret = pack_byte_string(command_v2, sizeof(command_v2), "sw", +			       offset, nv_policy, nv_policy_size, +			       offset + nv_policy_size, space_size);  	if (ret)  		return TPM_LIB_ERROR; @@ -157,6 +165,8 @@ u32 tpm2_pcr_extend(struct udevice *dev, u32 index, u32 algorithm,  	};  	int ret; +	if (!digest) +		return -EINVAL;  	/*  	 * Fill the command structure starting from the first buffer:  	 *     - the digest @@ -669,3 +679,49 @@ u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,  {  	return tpm_sendrecv_command(dev, sendbuf, recvbuf, recv_size);  } + +u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd, +		      u8 *recvbuf, size_t *recv_size) +{ +	u8 command_v2[COMMAND_BUFFER_SIZE] = { +		/* header 10 bytes */ +		tpm_u16(TPM2_ST_NO_SESSIONS),		/* TAG */ +		tpm_u32(10 + 2),			/* Length */ +		tpm_u32(vendor_cmd),	/* Command code */ + +		tpm_u16(vendor_subcmd), +	}; +	int ret; + +	ret = tpm_sendrecv_command(dev, command_v2, recvbuf, recv_size); +	log_debug("ret=%s, %x\n", dev->name, ret); +	if (ret) +		return ret; +	if (*recv_size < 12) +		return -ENODATA; +	*recv_size -= 12; +	memcpy(recvbuf, recvbuf + 12, *recv_size); + +	return 0; +} + +u32 tpm2_enable_nvcommits(struct udevice *dev, uint vendor_cmd, +			  uint vendor_subcmd) +{ +	u8 command_v2[COMMAND_BUFFER_SIZE] = { +		/* header 10 bytes */ +		tpm_u16(TPM2_ST_NO_SESSIONS),		/* TAG */ +		tpm_u32(10 + 2),			/* Length */ +		tpm_u32(vendor_cmd),	/* Command code */ + +		tpm_u16(vendor_subcmd), +	}; +	int ret; + +	ret = tpm_sendrecv_command(dev, command_v2, NULL, NULL); +	log_debug("ret=%s, %x\n", dev->name, ret); +	if (ret) +		return ret; + +	return 0; +} diff --git a/lib/tpm_api.c b/lib/tpm_api.c index 032f383ca04..7e8df8795ef 100644 --- a/lib/tpm_api.c +++ b/lib/tpm_api.c @@ -140,15 +140,17 @@ u32 tpm_write_lock(struct udevice *dev, u32 index)  }  u32 tpm_pcr_extend(struct udevice *dev, u32 index, const void *in_digest, -		   void *out_digest) +		   uint size, void *out_digest, const char *name)  { -	if (tpm_is_v1(dev)) +	if (tpm_is_v1(dev)) {  		return tpm1_extend(dev, index, in_digest, out_digest); -	else if (tpm_is_v2(dev)) +	} else if (tpm_is_v2(dev)) {  		return tpm2_pcr_extend(dev, index, TPM2_ALG_SHA256, in_digest,  				       TPM2_DIGEST_LEN); -	else +		/* @name is ignored as we do not support the TPM log here */ +	} else {  		return -ENOSYS; +	}  }  u32 tpm_pcr_read(struct udevice *dev, u32 index, void *data, size_t count) diff --git a/lib/uuid.c b/lib/uuid.c index 284f8113ff8..465e1ac38f5 100644 --- a/lib/uuid.c +++ b/lib/uuid.c @@ -220,6 +220,10 @@ static const struct {  		"TCG2 Final Events Table",  		EFI_TCG2_FINAL_EVENTS_TABLE_GUID,  	}, +	{ +		"EFI Conformance Profiles Table", +		EFI_CONFORMANCE_PROFILES_TABLE_GUID, +	},  #ifdef CONFIG_EFI_RISCV_BOOT_PROTOCOL  	{  		"RISC-V Boot", | 
