summaryrefslogtreecommitdiff
path: root/lib/efi_loader
diff options
context:
space:
mode:
Diffstat (limited to 'lib/efi_loader')
-rw-r--r--lib/efi_loader/efi_bootmgr.c48
-rw-r--r--lib/efi_loader/efi_boottime.c10
-rw-r--r--lib/efi_loader/efi_console.c124
-rw-r--r--lib/efi_loader/efi_image_loader.c35
-rw-r--r--lib/efi_loader/efi_signature.c1
-rw-r--r--lib/efi_loader/efi_variable.c1
6 files changed, 177 insertions, 42 deletions
diff --git a/lib/efi_loader/efi_bootmgr.c b/lib/efi_loader/efi_bootmgr.c
index b112f5d81ef..e144b3e7f43 100644
--- a/lib/efi_loader/efi_bootmgr.c
+++ b/lib/efi_loader/efi_bootmgr.c
@@ -36,24 +36,50 @@ static const struct efi_runtime_services *rs;
*
* @lo: pointer to target
* @data: serialized data
+ * @size: size of the load option, on return size of the optional data
+ * Return: status code
*/
-void efi_deserialize_load_option(struct efi_load_option *lo, u8 *data)
+efi_status_t efi_deserialize_load_option(struct efi_load_option *lo, u8 *data,
+ efi_uintn_t *size)
{
+ efi_uintn_t len;
+
+ len = sizeof(u32);
+ if (*size < len + 2 * sizeof(u16))
+ return EFI_INVALID_PARAMETER;
lo->attributes = get_unaligned_le32(data);
- data += sizeof(u32);
+ data += len;
+ *size -= len;
+ len = sizeof(u16);
lo->file_path_length = get_unaligned_le16(data);
- data += sizeof(u16);
+ data += len;
+ *size -= len;
- /* FIXME */
lo->label = (u16 *)data;
- data += (u16_strlen(lo->label) + 1) * sizeof(u16);
-
- /* FIXME */
+ len = u16_strnlen(lo->label, *size / sizeof(u16) - 1);
+ if (lo->label[len])
+ return EFI_INVALID_PARAMETER;
+ len = (len + 1) * sizeof(u16);
+ if (*size < len)
+ return EFI_INVALID_PARAMETER;
+ data += len;
+ *size -= len;
+
+ len = lo->file_path_length;
+ if (*size < len)
+ return EFI_INVALID_PARAMETER;
lo->file_path = (struct efi_device_path *)data;
- data += lo->file_path_length;
+ /*
+ * TODO: validate device path. There should be an end node within
+ * the indicated file_path_length.
+ */
+ data += len;
+ *size -= len;
lo->optional_data = data;
+
+ return EFI_SUCCESS;
}
/**
@@ -168,7 +194,11 @@ static efi_status_t try_load_entry(u16 n, efi_handle_t *handle)
if (!load_option)
return EFI_LOAD_ERROR;
- efi_deserialize_load_option(&lo, load_option);
+ ret = efi_deserialize_load_option(&lo, load_option, &size);
+ if (ret != EFI_SUCCESS) {
+ log_warning("Invalid load option for %ls\n", varname);
+ goto error;
+ }
if (lo.attributes & LOAD_OPTION_ACTIVE) {
u32 attributes;
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index db349381965..1591ad83007 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -49,7 +49,7 @@ static efi_handle_t current_image;
* restriction so we need to manually swap its and our view of that register on
* EFI callback entry/exit.
*/
-static volatile void *efi_gd, *app_gd;
+static volatile gd_t *efi_gd, *app_gd;
#endif
/* 1 if inside U-Boot code, 0 if inside EFI payload code */
@@ -89,7 +89,7 @@ int __efi_entry_check(void)
#ifdef CONFIG_ARM
assert(efi_gd);
app_gd = gd;
- gd = efi_gd;
+ set_gd(efi_gd);
#endif
return ret;
}
@@ -99,7 +99,7 @@ int __efi_exit_check(void)
{
int ret = --entry_count == 0;
#ifdef CONFIG_ARM
- gd = app_gd;
+ set_gd(app_gd);
#endif
return ret;
}
@@ -123,7 +123,7 @@ void efi_restore_gd(void)
/* Only restore if we're already in EFI context */
if (!efi_gd)
return;
- gd = efi_gd;
+ set_gd(efi_gd);
#endif
}
@@ -2920,7 +2920,7 @@ efi_status_t EFIAPI efi_start_image(efi_handle_t image_handle,
* otherwise __efi_entry_check() will put the wrong value into
* app_gd.
*/
- gd = app_gd;
+ set_gd(app_gd);
#endif
/*
* To get ready to call EFI_EXIT below we have to execute the
diff --git a/lib/efi_loader/efi_console.c b/lib/efi_loader/efi_console.c
index ac0dec1146f..426de779517 100644
--- a/lib/efi_loader/efi_console.c
+++ b/lib/efi_loader/efi_console.c
@@ -80,13 +80,13 @@ static int term_get_char(s32 *c)
return 0;
}
-/*
+/**
* Receive and parse a reply from the terminal.
*
* @n: array of return values
* @num: number of return values expected
* @end_char: character indicating end of terminal message
- * @return: non-zero indicates error
+ * Return: non-zero indicates error
*/
static int term_read_reply(int *n, int num, char end_char)
{
@@ -127,6 +127,17 @@ static int term_read_reply(int *n, int num, char end_char)
return 0;
}
+/**
+ * efi_cout_output_string() - write Unicode string to console
+ *
+ * This function implements the OutputString service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * @this: simple text output protocol
+ * @string: u16 string
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_output_string(
struct efi_simple_text_output_protocol *this,
const efi_string_t string)
@@ -202,6 +213,20 @@ out:
return EFI_EXIT(ret);
}
+/**
+ * efi_cout_test_string() - test writing Unicode string to console
+ *
+ * This function implements the TestString service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * As in OutputString we simply convert UTF-16 to UTF-8 there are no unsupported
+ * code points and we can always return EFI_SUCCESS.
+ *
+ * @this: simple text output protocol
+ * @string: u16 string
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_test_string(
struct efi_simple_text_output_protocol *this,
const efi_string_t string)
@@ -210,6 +235,15 @@ static efi_status_t EFIAPI efi_cout_test_string(
return EFI_EXIT(EFI_SUCCESS);
}
+/**
+ * cout_mode_matches() - check if mode has given terminal size
+ *
+ * @mode: text mode
+ * @rows: number of rows
+ * @cols: number of columns
+ * Return: true if number of rows and columns matches the mode and
+ * the mode is present
+ */
static bool cout_mode_matches(struct cout_mode *mode, int rows, int cols)
{
if (!mode->present)
@@ -221,6 +255,9 @@ static bool cout_mode_matches(struct cout_mode *mode, int rows, int cols)
/**
* query_console_serial() - query console size
*
+ * When using a serial console or the net console we can only devise the
+ * terminal size by querying the terminal using ECMA-48 control sequences.
+ *
* @rows: pointer to return number of rows
* @cols: pointer to return number of columns
* Returns: 0 on success
@@ -261,8 +298,8 @@ out:
return ret;
}
-/*
- * Update the mode table.
+/**
+ * query_console_size() - update the mode table.
*
* By default the only mode available is 80x25. If the console has at least 50
* lines, enable mode 80x50. If we can query the console size and it is neither
@@ -306,6 +343,20 @@ static void query_console_size(void)
}
}
+
+/**
+ * efi_cout_query_mode() - get terminal size for a text mode
+ *
+ * This function implements the QueryMode service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * @this: simple text output protocol
+ * @mode_number: mode number to retrieve information on
+ * @columns: number of columns
+ * @rows: number of rows
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_query_mode(
struct efi_simple_text_output_protocol *this,
unsigned long mode_number, unsigned long *columns,
@@ -341,7 +392,17 @@ static const struct {
{ 37, 47 }, /* 7: light gray, map to white */
};
-/* See EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL.SetAttribute(). */
+/**
+ * efi_cout_set_attribute() - set fore- and background color
+ *
+ * This function implements the SetAttribute service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * @this: simple text output protocol
+ * @attribute: foreground color - bits 0-3, background color - bits 4-6
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_set_attribute(
struct efi_simple_text_output_protocol *this,
unsigned long attribute)
@@ -364,9 +425,9 @@ static efi_status_t EFIAPI efi_cout_set_attribute(
/**
* efi_cout_clear_screen() - clear screen
*
- * This function implements the ClearScreen service of the
- * EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL. See the Unified Extensible Firmware
- * Interface (UEFI) specification for details.
+ * This function implements the ClearScreen service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
*
* @this: pointer to the protocol instance
* Return: status code
@@ -387,6 +448,17 @@ static efi_status_t EFIAPI efi_cout_clear_screen(
return EFI_EXIT(EFI_SUCCESS);
}
+/**
+ * efi_cout_clear_set_mode() - set text model
+ *
+ * This function implements the SetMode service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * @this: pointer to the protocol instance
+ * @mode_number: number of the text mode to set
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_set_mode(
struct efi_simple_text_output_protocol *this,
unsigned long mode_number)
@@ -405,6 +477,17 @@ static efi_status_t EFIAPI efi_cout_set_mode(
return EFI_EXIT(EFI_SUCCESS);
}
+/**
+ * efi_cout_reset() - reset the terminal
+ *
+ * This function implements the Reset service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * @this: pointer to the protocol instance
+ * @extended_verification: if set an extended verification may be executed
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_reset(
struct efi_simple_text_output_protocol *this,
char extended_verification)
@@ -420,6 +503,18 @@ static efi_status_t EFIAPI efi_cout_reset(
return EFI_EXIT(EFI_SUCCESS);
}
+/**
+ * efi_cout_set_cursor_position() - reset the terminal
+ *
+ * This function implements the SetCursorPosition service of the simple text
+ * output protocol. See the Unified Extensible Firmware Interface (UEFI)
+ * specification for details.
+ *
+ * @this: pointer to the protocol instance
+ * @column: column to move to
+ * @row: row to move to
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_set_cursor_position(
struct efi_simple_text_output_protocol *this,
unsigned long column, unsigned long row)
@@ -451,6 +546,17 @@ out:
return EFI_EXIT(ret);
}
+/**
+ * efi_cout_enable_cursor() - enable the cursor
+ *
+ * This function implements the EnableCursor service of the simple text output
+ * protocol. See the Unified Extensible Firmware Interface (UEFI) specification
+ * for details.
+ *
+ * @this: pointer to the protocol instance
+ * @enable: if true enable, if false disable the cursor
+ * Return: status code
+ */
static efi_status_t EFIAPI efi_cout_enable_cursor(
struct efi_simple_text_output_protocol *this,
bool enable)
@@ -522,7 +628,7 @@ void set_shift_mask(int mod, struct efi_key_state *key_state)
* This gets called when we have already parsed CSI.
*
* @key_state: receives the state of the shift, alt, control, and logo keys
- * @return: the unmodified code
+ * Return: the unmodified code
*/
static int analyze_modifiers(struct efi_key_state *key_state)
{
diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 5dd601908d5..478aaf50d3a 100644
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -212,14 +212,16 @@ static void efi_set_code_and_data_type(
#ifdef CONFIG_EFI_SECURE_BOOT
/**
- * cmp_pe_section - compare two sections
- * @arg1: Pointer to pointer to first section
- * @arg2: Pointer to pointer to second section
+ * cmp_pe_section() - compare virtual addresses of two PE image sections
+ * @arg1: pointer to pointer to first section header
+ * @arg2: pointer to pointer to second section header
*
- * Compare two sections in PE image.
+ * Compare the virtual addresses of two sections of an portable executable.
+ * The arguments are defined as const void * to allow usage with qsort().
*
- * Return: -1, 0, 1 respectively if arg1 < arg2, arg1 == arg2 or
- * arg1 > arg2
+ * Return: -1 if the virtual address of arg1 is less than that of arg2,
+ * 0 if the virtual addresses are equal, 1 if the virtual address
+ * of arg1 is greater than that of arg2.
*/
static int cmp_pe_section(const void *arg1, const void *arg2)
{
@@ -237,7 +239,7 @@ static int cmp_pe_section(const void *arg1, const void *arg2)
}
/**
- * efi_image_parse - parse a PE image
+ * efi_image_parse() - parse a PE image
* @efi: Pointer to image
* @len: Size of @efi
* @regp: Pointer to a list of regions
@@ -404,7 +406,7 @@ err:
}
/**
- * efi_image_unsigned_authenticate - authenticate unsigned image with
+ * efi_image_unsigned_authenticate() - authenticate unsigned image with
* SHA256 hash
* @regs: List of regions to be verified
*
@@ -451,7 +453,7 @@ out:
}
/**
- * efi_image_authenticate - verify a signature of signed image
+ * efi_image_authenticate() - verify a signature of signed image
* @efi: Pointer to image
* @efi_size: Size of @efi
*
@@ -635,21 +637,18 @@ efi_status_t efi_load_pe(struct efi_loaded_image_obj *handle,
goto err;
}
- /* assume sizeof(IMAGE_NT_HEADERS32) <= sizeof(IMAGE_NT_HEADERS64) */
- if (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS32)) {
+ /*
+ * Check if the image section header fits into the file. Knowing that at
+ * least one section header follows we only need to check for the length
+ * of the 64bit header which is longer than the 32bit header.
+ */
+ if (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS64)) {
printf("%s: Invalid offset for Extended Header\n", __func__);
ret = EFI_LOAD_ERROR;
goto err;
}
nt = (void *) ((char *)efi + dos->e_lfanew);
- if ((nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) &&
- (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS64))) {
- printf("%s: Invalid offset for Extended Header\n", __func__);
- ret = EFI_LOAD_ERROR;
- goto err;
- }
-
if (nt->Signature != IMAGE_NT_SIGNATURE) {
printf("%s: Invalid NT Signature\n", __func__);
ret = EFI_LOAD_ERROR;
diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c
index adcb8c9cca6..6685253856a 100644
--- a/lib/efi_loader/efi_signature.c
+++ b/lib/efi_loader/efi_signature.c
@@ -22,6 +22,7 @@ const efi_guid_t efi_guid_sha256 = EFI_CERT_SHA256_GUID;
const efi_guid_t efi_guid_cert_rsa2048 = EFI_CERT_RSA2048_GUID;
const efi_guid_t efi_guid_cert_x509 = EFI_CERT_X509_GUID;
const efi_guid_t efi_guid_cert_x509_sha256 = EFI_CERT_X509_SHA256_GUID;
+const efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
#ifdef CONFIG_EFI_SECURE_BOOT
diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
index 0a43db56788..e097670e283 100644
--- a/lib/efi_loader/efi_variable.c
+++ b/lib/efi_loader/efi_variable.c
@@ -26,7 +26,6 @@ enum efi_secure_mode {
EFI_MODE_DEPLOYED,
};
-const efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
static bool efi_secure_boot;
static int efi_secure_mode;
static u8 efi_vendor_keys;
generated by cgit v1.2.3 (git 2.0.4) at 2025-08-04 03:29:29 +0000