diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Kconfig | 13 | ||||
| -rw-r--r-- | lib/abuf.c | 5 | ||||
| -rw-r--r-- | lib/charset.c | 8 | ||||
| -rw-r--r-- | lib/crc32.c | 1 | ||||
| -rw-r--r-- | lib/efi_loader/Kconfig | 47 | ||||
| -rw-r--r-- | lib/efi_loader/capsule_esl.dtsi.in | 11 | ||||
| -rw-r--r-- | lib/efi_loader/efi_capsule.c | 20 | ||||
| -rw-r--r-- | lib/efi_loader/efi_disk.c | 15 | ||||
| -rw-r--r-- | lib/efi_loader/efi_file.c | 14 | ||||
| -rw-r--r-- | lib/efi_loader/efi_firmware.c | 8 | ||||
| -rw-r--r-- | lib/efi_loader/efi_image_loader.c | 5 | ||||
| -rw-r--r-- | lib/efi_loader/efi_memory.c | 19 | ||||
| -rw-r--r-- | lib/efi_loader/efi_tcg2.c | 6 | ||||
| -rw-r--r-- | lib/efi_loader/efi_variable_tee.c | 270 | ||||
| -rw-r--r-- | lib/efi_selftest/efi_selftest_hii.c | 11 | ||||
| -rw-r--r-- | lib/fdtdec.c | 6 | ||||
| -rw-r--r-- | lib/string.c | 14 | ||||
| -rw-r--r-- | lib/trace.c | 2 | ||||
| -rw-r--r-- | lib/uuid.c | 124 | ||||
| -rw-r--r-- | lib/vsprintf.c | 5 |
20 files changed, 451 insertions, 153 deletions
diff --git a/lib/Kconfig b/lib/Kconfig index 3926652db63..42e559ad0b5 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -534,6 +534,17 @@ config SHA_HW_ACCEL if SPL +config SPL_CRC32 + bool "Enable CRC32 support in SPL" + default y if SPL_LEGACY_IMAGE_SUPPORT || SPL_EFI_PARTITION + default y if SPL_ENV_SUPPORT || TPL_BLOBLIST + help + This option enables support of hashing using CRC32 algorithm. + The CRC32 algorithm produces 32-bit checksum value. For FIT + images, this is the least secure type of checksum, suitable for + detected accidental image corruption. For secure applications you + should consider SHA256 or SHA384. + config SPL_SHA1 bool "Enable SHA1 support in SPL" default y if SHA1 @@ -851,7 +862,7 @@ config OF_LIBFDT config OF_LIBFDT_ASSUME_MASK hex "Mask of conditions to assume for libfdt" depends on OF_LIBFDT || FIT - default 0 + default 0x0 help Use this to change the assumptions made by libfdt about the device tree it is working with. A value of 0 means that no assumptions diff --git a/lib/abuf.c b/lib/abuf.c index bd270467dd4..ce2cff53dc9 100644 --- a/lib/abuf.c +++ b/lib/abuf.c @@ -82,6 +82,11 @@ bool abuf_realloc(struct abuf *abuf, size_t new_size) } } +bool abuf_realloc_inc(struct abuf *abuf, size_t inc) +{ + return abuf_realloc(abuf, abuf->size + inc); +} + void *abuf_uninit_move(struct abuf *abuf, size_t *sizep) { void *ptr; diff --git a/lib/charset.c b/lib/charset.c index b1842755eb1..5e4c4f948a4 100644 --- a/lib/charset.c +++ b/lib/charset.c @@ -444,14 +444,14 @@ u16 *u16_strdup(const void *src) size_t u16_strlcat(u16 *dest, const u16 *src, size_t count) { - size_t destlen = u16_strlen(dest); + size_t destlen = u16_strnlen(dest, count); size_t srclen = u16_strlen(src); - size_t ret = destlen + srclen + 1; + size_t ret = destlen + srclen; if (destlen >= count) return ret; - if (ret > count) - srclen -= ret - count; + if (ret >= count) + srclen -= (ret - count + 1); memcpy(&dest[destlen], src, 2 * srclen); dest[destlen + srclen] = 0x0000; diff --git a/lib/crc32.c b/lib/crc32.c index aa94d70ef3e..f6fad8c15df 100644 --- a/lib/crc32.c +++ b/lib/crc32.c @@ -10,7 +10,6 @@ #ifdef USE_HOSTCC #include <arpa/inet.h> -#include <u-boot/crc.h> #else #include <common.h> #include <efi_loader.h> diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index a22e47616f7..d20aaab6dba 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -55,13 +55,50 @@ config EFI_VARIABLE_FILE_STORE stored as file /ubootefi.var on the EFI system partition. config EFI_MM_COMM_TEE - bool "UEFI variables storage service via OP-TEE" + bool "UEFI variables storage service via the trusted world" depends on OPTEE help + Allowing access to the MM SP services (SPs such as StandAlonneMM, smm-gateway). + When using the u-boot OP-TEE driver, StandAlonneMM is supported. + When using the u-boot FF-A driver any MM SP is supported. + If OP-TEE is present and running StandAloneMM, dispatch all UEFI variable related operations to that. The application will verify, authenticate and store the variables on an RPMB. + When ARM_FFA_TRANSPORT is used, dispatch all UEFI variable related + operations to the MM SP running in the secure world. + A door bell mechanism is used to notify the SP when there is data in the shared + MM buffer. The data is copied by u-boot to the shared buffer before issuing + the door bell event. + +config FFA_SHARED_MM_BUF_SIZE + int "Memory size of the shared MM communication buffer" + depends on EFI_MM_COMM_TEE && ARM_FFA_TRANSPORT + help + This defines the size in bytes of the memory area reserved for the shared + buffer used for communication between the MM feature in U-Boot and + the MM SP in secure world. + The size of the memory region must be a multiple of the size of the maximum + translation granule size that is specified in the ID_AA64MMFR0_EL1 System register. + It is assumed that the MM SP knows the size of the shared MM communication buffer. + +config FFA_SHARED_MM_BUF_OFFSET + int "Data offset in the shared MM communication buffer" + depends on EFI_MM_COMM_TEE && ARM_FFA_TRANSPORT + help + This defines the offset in bytes of the data read or written to in the shared + buffer by the MM SP. + +config FFA_SHARED_MM_BUF_ADDR + hex "Define the address of the shared MM communication buffer" + depends on EFI_MM_COMM_TEE && ARM_FFA_TRANSPORT + help + This defines the address of the shared MM communication buffer + used for communication between the MM feature in U-Boot and + the MM SP in secure world. + It is assumed that the MM SP knows the address of the shared MM communication buffer. + config EFI_VARIABLE_NO_STORE bool "Don't persist non-volatile UEFI variables" help @@ -235,6 +272,14 @@ config EFI_CAPSULE_MAX Select the max capsule index value used for capsule report variables. This value is used to create CapsuleMax variable. +config EFI_CAPSULE_ESL_FILE + string "Path to the EFI Signature List File" + depends on EFI_CAPSULE_AUTHENTICATE + help + Provides the path to the EFI Signature List file which will + be embedded in the platform's device tree and used for + capsule authentication at the time of capsule update. + config EFI_DEVICE_PATH_TO_TEXT bool "Device path to text protocol" default y diff --git a/lib/efi_loader/capsule_esl.dtsi.in b/lib/efi_loader/capsule_esl.dtsi.in new file mode 100644 index 00000000000..61a9f2b25e9 --- /dev/null +++ b/lib/efi_loader/capsule_esl.dtsi.in @@ -0,0 +1,11 @@ +// SPDX-License-Identifier: GPL-2.0+ +/** + * Devicetree file with the public key EFI Signature List(ESL) + * node. This file is used to generate the dtsi file to be + * included into the DTB. +*/ +/ { + signature { + capsule-key = /incbin/("ESL_BIN_FILE"); + }; +}; diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index 7a6f195cbc0..af8a2ee940c 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -368,9 +368,8 @@ efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_s auth_hdr->auth_info.hdr.dwLength - sizeof(auth_hdr->auth_info), &buf); - if (IS_ERR(capsule_sig)) { + if (!capsule_sig) { debug("Parsing variable's pkcs7 header failed\n"); - capsule_sig = NULL; goto out; } @@ -581,6 +580,13 @@ static efi_status_t efi_capsule_update_firmware( fw_accept_os = capsule_data->flags & FW_ACCEPT_OS ? 0x1 : 0x0; } + if (guidcmp(&capsule_data->capsule_guid, + &efi_guid_firmware_management_capsule_id)) { + log_err("Unsupported capsule type: %pUs\n", + &capsule_data->capsule_guid); + return EFI_UNSUPPORTED; + } + /* sanity check */ if (capsule_data->header_size < sizeof(*capsule) || capsule_data->header_size >= capsule_data->capsule_image_size) @@ -751,15 +757,7 @@ efi_status_t EFIAPI efi_update_capsule( log_debug("Capsule[%d] (guid:%pUs)\n", i, &capsule->capsule_guid); - if (!guidcmp(&capsule->capsule_guid, - &efi_guid_firmware_management_capsule_id)) { - ret = efi_capsule_update_firmware(capsule); - } else { - log_err("Unsupported capsule type: %pUs\n", - &capsule->capsule_guid); - ret = EFI_UNSUPPORTED; - } - + ret = efi_capsule_update_firmware(capsule); if (ret != EFI_SUCCESS) goto out; } diff --git a/lib/efi_loader/efi_disk.c b/lib/efi_loader/efi_disk.c index 46cb5704a72..f0d76113b00 100644 --- a/lib/efi_loader/efi_disk.c +++ b/lib/efi_loader/efi_disk.c @@ -487,15 +487,16 @@ static efi_status_t efi_disk_add_dev( */ if ((part || desc->part_type == PART_TYPE_UNKNOWN) && efi_fs_exists(desc, part)) { - diskobj->volume = efi_simple_file_system(desc, part, - diskobj->dp); + ret = efi_create_simple_file_system(desc, part, diskobj->dp, + &diskobj->volume); + if (ret != EFI_SUCCESS) + goto error; + ret = efi_add_protocol(&diskobj->header, &efi_simple_file_system_protocol_guid, diskobj->volume); - if (ret != EFI_SUCCESS) { - log_debug("simple FS failed\n"); - return ret; - } + if (ret != EFI_SUCCESS) + goto error; } diskobj->ops = block_io_disk_template; diskobj->dev_index = dev_index; @@ -538,6 +539,8 @@ static efi_status_t efi_disk_add_dev( return EFI_SUCCESS; error: efi_delete_handle(&diskobj->header); + free(diskobj->volume); + free(diskobj); return ret; } diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c index 520c730220a..3c56cebf965 100644 --- a/lib/efi_loader/efi_file.c +++ b/lib/efi_loader/efi_file.c @@ -195,6 +195,8 @@ static struct efi_file_handle *file_open(struct file_system *fs, /* +2 is for null and '/' */ fh = calloc(1, sizeof(*fh) + plen + (flen * MAX_UTF8_PER_UTF16) + 2); + if (!fh) + return NULL; fh->open_mode = open_mode; fh->base = efi_file_handle_protocol; @@ -1192,18 +1194,22 @@ efi_open_volume(struct efi_simple_file_system_protocol *this, return EFI_EXIT(efi_open_volume_int(this, root)); } -struct efi_simple_file_system_protocol * -efi_simple_file_system(struct blk_desc *desc, int part, - struct efi_device_path *dp) +efi_status_t +efi_create_simple_file_system(struct blk_desc *desc, int part, + struct efi_device_path *dp, + struct efi_simple_file_system_protocol **fsp) { struct file_system *fs; fs = calloc(1, sizeof(*fs)); + if (!fs) + return EFI_OUT_OF_RESOURCES; fs->base.rev = EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_REVISION; fs->base.open_volume = efi_open_volume; fs->desc = desc; fs->part = part; fs->dp = dp; + *fsp = &fs->base; - return &fs->base; + return EFI_SUCCESS; } diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index b557738370e..9abb29f1dff 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -159,7 +159,7 @@ static void efi_firmware_get_lsv_from_dtb(u8 image_index, const fdt32_t *val; const char *guid_str; int len, offset, index; - int parent; + int parent, ret; *lsv = 0; @@ -173,7 +173,11 @@ static void efi_firmware_get_lsv_from_dtb(u8 image_index, guid_str = fdt_getprop(fdt, offset, "image-type-id", &len); if (!guid_str) continue; - uuid_str_to_bin(guid_str, guid.b, UUID_STR_FORMAT_GUID); + ret = uuid_str_to_bin(guid_str, guid.b, UUID_STR_FORMAT_GUID); + if (ret < 0) { + log_warning("Wrong image-type-id format.\n"); + continue; + } val = fdt_getprop(fdt, offset, "image-index", &len); if (!val) diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c index 26df0da16c9..97547571ce3 100644 --- a/lib/efi_loader/efi_image_loader.c +++ b/lib/efi_loader/efi_image_loader.c @@ -592,6 +592,7 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) struct efi_signature_store *db = NULL, *dbx = NULL; void *new_efi = NULL; u8 *auth, *wincerts_end; + u64 new_efi_size = efi_size; size_t auth_size; bool ret = false; @@ -600,11 +601,11 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) if (!efi_secure_boot_enabled()) return true; - new_efi = efi_prepare_aligned_image(efi, (u64 *)&efi_size); + new_efi = efi_prepare_aligned_image(efi, &new_efi_size); if (!new_efi) return false; - if (!efi_image_parse(new_efi, efi_size, ®s, &wincerts, + if (!efi_image_parse(new_efi, new_efi_size, ®s, &wincerts, &wincerts_len)) { log_err("Parsing PE executable image failed\n"); goto out; diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c index e2ca78d935f..f752703b438 100644 --- a/lib/efi_loader/efi_memory.c +++ b/lib/efi_loader/efi_memory.c @@ -34,6 +34,7 @@ struct efi_mem_list { #define EFI_CARVE_NO_OVERLAP -1 #define EFI_CARVE_LOOP_AGAIN -2 #define EFI_CARVE_OVERLAPS_NONRAM -3 +#define EFI_CARVE_OUT_OF_RESOURCES -4 /* This list contains all memory map items */ static LIST_HEAD(efi_mem); @@ -239,6 +240,8 @@ static s64 efi_mem_carve_out(struct efi_mem_list *map, /* Create a new map from [ carve_start ... map_end ] */ newmap = calloc(1, sizeof(*newmap)); + if (!newmap) + return EFI_CARVE_OUT_OF_RESOURCES; newmap->desc = map->desc; newmap->desc.physical_start = carve_start; newmap->desc.virtual_start = carve_start; @@ -282,6 +285,8 @@ static efi_status_t efi_add_memory_map_pg(u64 start, u64 pages, ++efi_memory_map_key; newlist = calloc(1, sizeof(*newlist)); + if (!newlist) + return EFI_OUT_OF_RESOURCES; newlist->desc.type = memory_type; newlist->desc.physical_start = start; newlist->desc.virtual_start = start; @@ -311,11 +316,15 @@ static efi_status_t efi_add_memory_map_pg(u64 start, u64 pages, r = efi_mem_carve_out(lmem, &newlist->desc, overlap_only_ram); switch (r) { + case EFI_CARVE_OUT_OF_RESOURCES: + free(newlist); + return EFI_OUT_OF_RESOURCES; case EFI_CARVE_OVERLAPS_NONRAM: /* * The user requested to only have RAM overlaps, * but we hit a non-RAM region. Error out. */ + free(newlist); return EFI_NO_MAPPING; case EFI_CARVE_NO_OVERLAP: /* Just ignore this list entry */ @@ -346,6 +355,7 @@ static efi_status_t efi_add_memory_map_pg(u64 start, u64 pages, * The payload wanted to have RAM overlaps, but we overlapped * with an unallocated region. Error out. */ + free(newlist); return EFI_NO_MAPPING; } @@ -487,7 +497,7 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type, enum efi_memory_type memory_type, efi_uintn_t pages, uint64_t *memory) { - u64 len = pages << EFI_PAGE_SHIFT; + u64 len; efi_status_t ret; uint64_t addr; @@ -497,6 +507,11 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type, return EFI_INVALID_PARAMETER; if (!memory) return EFI_INVALID_PARAMETER; + len = (u64)pages << EFI_PAGE_SHIFT; + /* Catch possible overflow on 64bit systems */ + if (sizeof(efi_uintn_t) == sizeof(u64) && + (len >> EFI_PAGE_SHIFT) != (u64)pages) + return EFI_OUT_OF_RESOURCES; switch (type) { case EFI_ALLOCATE_ANY_PAGES: @@ -862,7 +877,7 @@ efi_status_t efi_add_conventional_memory_map(u64 ram_start, u64 ram_end, */ __weak void efi_add_known_memory(void) { - u64 ram_top = board_get_usable_ram_top(0) & ~EFI_PAGE_MASK; + u64 ram_top = gd->ram_top & ~EFI_PAGE_MASK; int i; /* diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 49f8a5e77cb..7b7926a0d46 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -706,8 +706,7 @@ static efi_status_t tcg2_create_digest(const u8 *input, u32 length, sha512_finish(&ctx_512, final); break; default: - EFI_PRINT("Unsupported algorithm %x\n", hash_alg); - return EFI_INVALID_PARAMETER; + continue; } digest_list->digests[digest_list->count].hash_alg = hash_alg; memcpy(&digest_list->digests[digest_list->count].digest, final, @@ -930,8 +929,7 @@ static efi_status_t tcg2_hash_pe_image(void *efi, u64 efi_size, hash_calculate("sha512", regs->reg, regs->num, hash); break; default: - EFI_PRINT("Unsupported algorithm %x\n", hash_alg); - return EFI_INVALID_PARAMETER; + continue; } digest_list->digests[digest_list->count].hash_alg = hash_alg; memcpy(&digest_list->digests[digest_list->count].digest, hash, diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c index dfef18435df..09d03c0eee7 100644 --- a/lib/efi_loader/efi_variable_tee.c +++ b/lib/efi_loader/efi_variable_tee.c @@ -4,16 +4,38 @@ * * Copyright (C) 2019 Linaro Ltd. <sughosh.ganu@linaro.org> * Copyright (C) 2019 Linaro Ltd. <ilias.apalodimas@linaro.org> + * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com> + * + * Authors: + * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> */ #include <common.h> +#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT) +#include <arm_ffa.h> +#endif +#include <cpu_func.h> +#include <dm.h> #include <efi.h> #include <efi_api.h> #include <efi_loader.h> #include <efi_variable.h> -#include <tee.h> #include <malloc.h> +#include <mapmem.h> #include <mm_communication.h> +#include <tee.h> + +#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT) +/* MM return codes */ +#define MM_SUCCESS (0) +#define MM_NOT_SUPPORTED (-1) +#define MM_INVALID_PARAMETER (-2) +#define MM_DENIED (-3) +#define MM_NO_MEMORY (-5) + +static const char *mm_sp_svc_uuid = MM_SP_UUID; +static u16 mm_sp_id; +#endif extern struct efi_var_file __efi_runtime_data *efi_var_buf; static efi_uintn_t max_buffer_size; /* comm + var + func + data */ @@ -144,12 +166,238 @@ static efi_status_t optee_mm_communicate(void *comm_buf, ulong dsize) return ret; } +#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT) +/** + * ffa_notify_mm_sp() - Announce there is data in the shared buffer + * + * Notify the MM partition in the trusted world that + * data is available in the shared buffer. + * This is a blocking call during which trusted world has exclusive access + * to the MM shared buffer. + * + * Return: + * + * 0 on success + */ +static int ffa_notify_mm_sp(void) +{ + struct ffa_send_direct_data msg = {0}; + int ret; + int sp_event_ret; + struct udevice *dev; + + ret = uclass_first_device_err(UCLASS_FFA, &dev); + if (ret) { + log_err("EFI: Cannot find FF-A bus device, notify MM SP failure\n"); + return ret; + } + + msg.data0 = CONFIG_FFA_SHARED_MM_BUF_OFFSET; /* x3 */ + + ret = ffa_sync_send_receive(dev, mm_sp_id, &msg, 1); + if (ret) + return ret; + + sp_event_ret = msg.data0; /* x3 */ + + switch (sp_event_ret) { + case MM_SUCCESS: + ret = 0; + break; + case MM_NOT_SUPPORTED: + ret = -EINVAL; + break; + case MM_INVALID_PARAMETER: + ret = -EPERM; + break; + case MM_DENIED: + ret = -EACCES; + break; + case MM_NO_MEMORY: + ret = -EBUSY; + break; + default: + ret = -EACCES; + } + + return ret; +} + +/** + * ffa_discover_mm_sp_id() - Query the MM partition ID + * + * Use the FF-A driver to get the MM partition ID. + * If multiple partitions are found, use the first one. + * This is a boot time function. + * + * Return: + * + * 0 on success + */ +static int ffa_discover_mm_sp_id(void) +{ + u32 count = 0; + int ret; + struct ffa_partition_desc *descs; + struct udevice *dev; + + ret = uclass_first_device_err(UCLASS_FFA, &dev); + if (ret) { + log_err("EFI: Cannot find FF-A bus device, MM SP discovery failure\n"); + return ret; + } + + /* Ask the driver to fill the buffer with the SPs info */ + ret = ffa_partition_info_get(dev, mm_sp_svc_uuid, &count, &descs); + if (ret) { + log_err("EFI: Failure in querying SPs info (%d), MM SP discovery failure\n", ret); + return ret; + } + + /* MM SPs found , use the first one */ + + mm_sp_id = descs[0].info.id; + + log_info("EFI: MM partition ID 0x%x\n", mm_sp_id); + + return 0; +} + /** - * mm_communicate() - Adjust the cmonnucation buffer to StandAlonneMM and send + * ffa_mm_communicate() - Exchange EFI services data with the MM partition using FF-A + * @comm_buf: locally allocated communication buffer used for rx/tx + * @dsize: communication buffer size + * + * Issue a door bell event to notify the MM partition (SP) running in OP-TEE + * that there is data to read from the shared buffer. + * Communication with the MM SP is performed using FF-A transport. + * On the event, MM SP can read the data from the buffer and + * update the MM shared buffer with response data. + * The response data is copied back to the communication buffer. + * + * Return: + * + * EFI status code + */ +static efi_status_t ffa_mm_communicate(void *comm_buf, ulong comm_buf_size) +{ + ulong tx_data_size; + int ffa_ret; + efi_status_t efi_ret; + struct efi_mm_communicate_header *mm_hdr; + void *virt_shared_buf; + + if (!comm_buf) + return EFI_INVALID_PARAMETER; + + /* Discover MM partition ID at boot time */ + if (!mm_sp_id && ffa_discover_mm_sp_id()) { + log_err("EFI: Failure to discover MM SP ID at boot time, FF-A MM comms failure\n"); + return EFI_UNSUPPORTED; + } + + mm_hdr = (struct efi_mm_communicate_header *)comm_buf; + tx_data_size = mm_hdr->message_len + sizeof(efi_guid_t) + sizeof(size_t); + + if (comm_buf_size != tx_data_size || tx_data_size > CONFIG_FFA_SHARED_MM_BUF_SIZE) + return EFI_INVALID_PARAMETER; + + /* Copy the data to the shared buffer */ + + virt_shared_buf = map_sysmem((phys_addr_t)CONFIG_FFA_SHARED_MM_BUF_ADDR, 0); + memcpy(virt_shared_buf, comm_buf, tx_data_size); + + /* + * The secure world might have cache disabled for + * the device region used for shared buffer (which is the case for Optee). + * In this case, the secure world reads the data from DRAM. + * Let's flush the cache so the DRAM is updated with the latest data. + */ +#ifdef CONFIG_ARM64 + invalidate_dcache_all(); +#endif + + /* Announce there is data in the shared buffer */ + + ffa_ret = ffa_notify_mm_sp(); + + switch (ffa_ret) { + case 0: { + ulong rx_data_size; + /* Copy the MM SP response from the shared buffer to the communication buffer */ + rx_data_size = ((struct efi_mm_communicate_header *)virt_shared_buf)->message_len + + sizeof(efi_guid_t) + + sizeof(size_t); + + if (rx_data_size > comm_buf_size) { + efi_ret = EFI_OUT_OF_RESOURCES; + break; + } + + memcpy(comm_buf, virt_shared_buf, rx_data_size); + efi_ret = EFI_SUCCESS; + break; + } + case -EINVAL: + efi_ret = EFI_DEVICE_ERROR; + break; + case -EPERM: + efi_ret = EFI_INVALID_PARAMETER; + break; + case -EACCES: + efi_ret = EFI_ACCESS_DENIED; + break; + case -EBUSY: + efi_ret = EFI_OUT_OF_RESOURCES; + break; + default: + efi_ret = EFI_ACCESS_DENIED; + } + + unmap_sysmem(virt_shared_buf); + return efi_ret; +} + +/** + * get_mm_comms() - detect the available MM transport + * + * Make sure the FF-A bus is probed successfully + * which means FF-A communication with secure world works and ready + * for use. + * + * If FF-A bus is not ready, use OPTEE comms. + * + * Return: + * + * MM_COMMS_FFA or MM_COMMS_OPTEE + */ +static enum mm_comms_select get_mm_comms(void) +{ + struct udevice *dev; + int ret; + + ret = uclass_first_device_err(UCLASS_FFA, &dev); + if (ret) { + log_debug("EFI: Cannot find FF-A bus device, trying Optee comms\n"); + return MM_COMMS_OPTEE; + } + + return MM_COMMS_FFA; +} +#endif + +/** + * mm_communicate() - Adjust the communication buffer to the MM SP and send * it to OP-TEE * - * @comm_buf: locally allocted communcation buffer + * @comm_buf: locally allocated communication buffer * @dsize: buffer size + * + * The SP (also called partition) can be any MM SP such as StandAlonneMM or smm-gateway. + * The comm_buf format is the same for both partitions. + * When using the u-boot OP-TEE driver, StandAlonneMM is supported. + * When using the u-boot FF-A driver, any MM SP is supported. + * * Return: status code */ static efi_status_t mm_communicate(u8 *comm_buf, efi_uintn_t dsize) @@ -157,12 +405,24 @@ static efi_status_t mm_communicate(u8 *comm_buf, efi_uintn_t dsize) efi_status_t ret; struct efi_mm_communicate_header *mm_hdr; struct smm_variable_communicate_header *var_hdr; +#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT) + enum mm_comms_select mm_comms; +#endif dsize += MM_COMMUNICATE_HEADER_SIZE + MM_VARIABLE_COMMUNICATE_SIZE; mm_hdr = (struct efi_mm_communicate_header *)comm_buf; var_hdr = (struct smm_variable_communicate_header *)mm_hdr->data; - ret = optee_mm_communicate(comm_buf, dsize); +#if CONFIG_IS_ENABLED(ARM_FFA_TRANSPORT) + mm_comms = get_mm_comms(); + if (mm_comms == MM_COMMS_FFA) + ret = ffa_mm_communicate(comm_buf, dsize); + else + ret = optee_mm_communicate(comm_buf, dsize); +#else + ret = optee_mm_communicate(comm_buf, dsize); +#endif + if (ret != EFI_SUCCESS) { log_err("%s failed!\n", __func__); return ret; @@ -697,7 +957,7 @@ void efi_variables_boot_exit_notify(void) ret = EFI_NOT_FOUND; if (ret != EFI_SUCCESS) - log_err("Unable to notify StMM for ExitBootServices\n"); + log_err("Unable to notify the MM partition for ExitBootServices\n"); free(comm_buf); /* diff --git a/lib/efi_selftest/efi_selftest_hii.c b/lib/efi_selftest/efi_selftest_hii.c index f4b55889e29..f219c0120a3 100644 --- a/lib/efi_selftest/efi_selftest_hii.c +++ b/lib/efi_selftest/efi_selftest_hii.c @@ -220,14 +220,12 @@ static int test_hii_database_list_package_lists(void) if (ret != EFI_BUFFER_TOO_SMALL) { efi_st_error("list_package_lists returned %u\n", (unsigned int)ret); - ret = EFI_ST_FAILURE; goto out; } ret = boottime->allocate_pool(EFI_LOADER_DATA, handles_size, (void **)&handles); if (ret != EFI_SUCCESS) { efi_st_error("AllocatePool failed\n"); - ret = EFI_ST_FAILURE; goto out; } ret = hii_database_protocol->list_package_lists(hii_database_protocol, @@ -236,7 +234,6 @@ static int test_hii_database_list_package_lists(void) if (ret != EFI_SUCCESS) { efi_st_error("list_package_lists returned %u\n", (unsigned int)ret); - ret = EFI_ST_FAILURE; goto out; } ret = boottime->free_pool(handles); @@ -254,14 +251,12 @@ static int test_hii_database_list_package_lists(void) if (ret != EFI_BUFFER_TOO_SMALL) { efi_st_error("list_package_lists returned %u\n", (unsigned int)ret); - ret = EFI_ST_FAILURE; goto out; } ret = boottime->allocate_pool(EFI_LOADER_DATA, handles_size, (void **)&handles); if (ret != EFI_SUCCESS) { efi_st_error("AllocatePool failed\n"); - ret = EFI_ST_FAILURE; goto out; } ret = hii_database_protocol->list_package_lists(hii_database_protocol, @@ -270,13 +265,11 @@ static int test_hii_database_list_package_lists(void) if (ret != EFI_SUCCESS) { efi_st_error("list_package_lists returned %u\n", (unsigned int)ret); - ret = EFI_ST_FAILURE; goto out; } ret = boottime->free_pool(handles); if (ret != EFI_SUCCESS) { efi_st_error("FreePool failed\n"); - ret = EFI_ST_FAILURE; goto out; } @@ -289,14 +282,12 @@ static int test_hii_database_list_package_lists(void) if (ret != EFI_BUFFER_TOO_SMALL) { efi_st_error("list_package_lists returned %u\n", (unsigned int)ret); - ret = EFI_ST_FAILURE; goto out; } ret = boottime->allocate_pool(EFI_LOADER_DATA, handles_size, (void **)&handles); if (ret != EFI_SUCCESS) { efi_st_error("AllocatePool failed\n"); - ret = EFI_ST_FAILURE; goto out; } ret = hii_database_protocol->list_package_lists(hii_database_protocol, @@ -305,13 +296,11 @@ static int test_hii_database_list_package_lists(void) if (ret != EFI_SUCCESS) { efi_st_error("list_package_lists returned %u\n", (unsigned int)ret); - ret = EFI_ST_FAILURE; goto out; } ret = boottime->free_pool(handles); if (ret != EFI_SUCCESS) { efi_st_error("FreePool failed\n"); - ret = EFI_ST_FAILURE; goto out; } diff --git a/lib/fdtdec.c b/lib/fdtdec.c index c60972dfbe8..7a691676483 100644 --- a/lib/fdtdec.c +++ b/lib/fdtdec.c @@ -1230,12 +1230,12 @@ static void *fdt_find_separate(void) #ifdef CONFIG_SPL_BUILD /* FDT is at end of BSS unless it is in a different memory region */ if (IS_ENABLED(CONFIG_SPL_SEPARATE_BSS)) - fdt_blob = (ulong *)&_image_binary_end; + fdt_blob = (ulong *)_image_binary_end; else - fdt_blob = (ulong *)&__bss_end; + fdt_blob = (ulong *)__bss_end; #else /* FDT is at end of image */ - fdt_blob = (ulong *)&_end; + fdt_blob = (ulong *)_end; if (_DEBUG && !fdtdec_prepare_fdt(fdt_blob)) { int stack_ptr; diff --git a/lib/string.c b/lib/string.c index ecea755f405..f2c61471288 100644 --- a/lib/string.c +++ b/lib/string.c @@ -116,20 +116,18 @@ char * strncpy(char * dest,const char *src,size_t count) * of course, the buffer size is zero). It does not pad * out the result like strncpy() does. * - * Return: the number of bytes copied + * Return: strlen(src) */ size_t strlcpy(char *dest, const char *src, size_t size) { - if (size) { - size_t srclen = strlen(src); - size_t len = (srclen >= size) ? size - 1 : srclen; + size_t ret = strlen(src); + if (size) { + size_t len = (ret >= size) ? size - 1 : ret; memcpy(dest, src, len); dest[len] = '\0'; - return len + 1; } - - return 0; + return ret; } #endif @@ -191,6 +189,8 @@ char * strncat(char *dest, const char *src, size_t count) * Compatible with *BSD: the result is always a valid NUL-terminated string that * fits in the buffer (unless, of course, the buffer size is zero). It does not * write past @size like strncat() does. + * + * Return: min(strlen(dest), size) + strlen(src) */ size_t strlcat(char *dest, const char *src, size_t size) { diff --git a/lib/trace.c b/lib/trace.c index 1091a5793a1..4874bef861b 100644 --- a/lib/trace.c +++ b/lib/trace.c @@ -51,7 +51,7 @@ static inline uintptr_t __attribute__((no_instrument_function)) uintptr_t offset = (uintptr_t)func_ptr; #ifdef CONFIG_SANDBOX - offset -= (uintptr_t)&_init; + offset -= (uintptr_t)_init; #else if (gd->flags & GD_FLG_RELOC) offset -= gd->relocaddr; diff --git a/lib/uuid.c b/lib/uuid.c index ab30fbf9152..afb40bff507 100644 --- a/lib/uuid.c +++ b/lib/uuid.c @@ -1,8 +1,14 @@ // SPDX-License-Identifier: GPL-2.0+ /* * Copyright 2011 Calxeda, Inc. + * Copyright 2022-2023 Arm Limited and/or its affiliates <open-source-office@arm.com> + * + * Authors: + * Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com> */ +#define LOG_CATEGOT LOGC_CORE + #include <common.h> #include <command.h> #include <efi_api.h> @@ -19,50 +25,6 @@ #include <dm/uclass.h> #include <rng.h> -/* - * UUID - Universally Unique IDentifier - 128 bits unique number. - * There are 5 versions and one variant of UUID defined by RFC4122 - * specification. A UUID contains a set of fields. The set varies - * depending on the version of the UUID, as shown below: - * - time, MAC address(v1), - * - user ID(v2), - * - MD5 of name or URL(v3), - * - random data(v4), - * - SHA-1 of name or URL(v5), - * - * Layout of UUID: - * timestamp - 60-bit: time_low, time_mid, time_hi_and_version - * version - 4 bit (bit 4 through 7 of the time_hi_and_version) - * clock seq - 14 bit: clock_seq_hi_and_reserved, clock_seq_low - * variant: - bit 6 and 7 of clock_seq_hi_and_reserved - * node - 48 bit - * - * source: https://www.ietf.org/rfc/rfc4122.txt - * - * UUID binary format (16 bytes): - * - * 4B-2B-2B-2B-6B (big endian - network byte order) - * - * UUID string is 36 length of characters (36 bytes): - * - * 0 9 14 19 24 - * xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx - * be be be be be - * - * where x is a hexadecimal character. Fields are separated by '-'s. - * When converting to a binary UUID, le means the field should be converted - * to little endian and be means it should be converted to big endian. - * - * UUID is also used as GUID (Globally Unique Identifier) with the same binary - * format but it differs in string format like below. - * - * GUID: - * 0 9 14 19 24 - * xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx - * le le le be be - * - * GUID is used e.g. in GPT (GUID Partition Table) as a partiions unique id. - */ int uuid_str_valid(const char *uuid) { int i, valid; @@ -101,6 +63,10 @@ static const struct { {"swap", PARTITION_LINUX_SWAP_GUID}, {"lvm", PARTITION_LINUX_LVM_GUID}, {"u-boot-env", PARTITION_U_BOOT_ENVIRONMENT}, + {"cros-kern", PARTITION_CROS_KERNEL}, + {"cros-root", PARTITION_CROS_ROOT}, + {"cros-fw", PARTITION_CROS_FIRMWARE}, + {"cros-rsrv", PARTITION_CROS_RESERVED}, #endif #if defined(CONFIG_CMD_EFIDEBUG) || defined(CONFIG_EFI) { @@ -265,12 +231,6 @@ static const struct { #endif }; -/* - * uuid_guid_get_bin() - this function get GUID bin for string - * - * @param guid_str - pointer to partition type string - * @param guid_bin - pointer to allocated array for big endian output [16B] - */ int uuid_guid_get_bin(const char *guid_str, unsigned char *guid_bin) { int i; @@ -284,13 +244,6 @@ int uuid_guid_get_bin(const char *guid_str, unsigned char *guid_bin) return -ENODEV; } -/* - * uuid_guid_get_str() - this function get string for GUID. - * - * @param guid_bin - pointer to string with partition type guid [16B] - * - * Returns NULL if the type GUID is not known. - */ const char *uuid_guid_get_str(const unsigned char *guid_bin) { int i; @@ -303,13 +256,6 @@ const char *uuid_guid_get_str(const unsigned char *guid_bin) return NULL; } -/* - * uuid_str_to_bin() - convert string UUID or GUID to big endian binary data. - * - * @param uuid_str - pointer to UUID or GUID string [37B] or GUID shorcut - * @param uuid_bin - pointer to allocated array for big endian output [16B] - * @str_format - UUID string format: 0 - UUID; 1 - GUID - */ int uuid_str_to_bin(const char *uuid_str, unsigned char *uuid_bin, int str_format) { @@ -318,6 +264,7 @@ int uuid_str_to_bin(const char *uuid_str, unsigned char *uuid_bin, uint64_t tmp64; if (!uuid_str_valid(uuid_str)) { + log_debug("not valid\n"); #ifdef CONFIG_PARTITION_TYPE_GUID if (!uuid_guid_get_bin(uuid_str, uuid_bin)) return 0; @@ -354,14 +301,33 @@ int uuid_str_to_bin(const char *uuid_str, unsigned char *uuid_bin, return 0; } -/* - * uuid_bin_to_str() - convert big endian binary data to string UUID or GUID. - * - * @param uuid_bin: pointer to binary data of UUID (big endian) [16B] - * @param uuid_str: pointer to allocated array for output string [37B] - * @str_format: bit 0: 0 - UUID; 1 - GUID - * bit 1: 0 - lower case; 2 - upper case - */ +int uuid_str_to_le_bin(const char *uuid_str, unsigned char *uuid_bin) +{ + u16 tmp16; + u32 tmp32; + u64 tmp64; + + if (!uuid_str_valid(uuid_str) || !uuid_bin) + return -EINVAL; + + tmp32 = cpu_to_le32(hextoul(uuid_str, NULL)); + memcpy(uuid_bin, &tmp32, 4); + + tmp16 = cpu_to_le16(hextoul(uuid_str + 9, NULL)); + memcpy(uuid_bin + 4, &tmp16, 2); + + tmp16 = cpu_to_le16(hextoul(uuid_str + 14, NULL)); + memcpy(uuid_bin + 6, &tmp16, 2); + + tmp16 = cpu_to_le16(hextoul(uuid_str + 19, NULL)); + memcpy(uuid_bin + 8, &tmp16, 2); + + tmp64 = cpu_to_le64(simple_strtoull(uuid_str + 24, NULL, 16)); + memcpy(uuid_bin + 10, &tmp64, 6); + + return 0; +} + void uuid_bin_to_str(const unsigned char *uuid_bin, char *uuid_str, int str_format) { @@ -401,13 +367,6 @@ void uuid_bin_to_str(const unsigned char *uuid_bin, char *uuid_str, } } -/* - * gen_rand_uuid() - this function generates a random binary UUID version 4. - * In this version all fields beside 4 bits of version and - * 2 bits of variant are randomly generated. - * - * @param uuid_bin - pointer to allocated array [16B]. Output is in big endian. -*/ #if defined(CONFIG_RANDOM_UUID) || defined(CONFIG_CMD_UUID) void gen_rand_uuid(unsigned char *uuid_bin) { @@ -445,13 +404,6 @@ void gen_rand_uuid(unsigned char *uuid_bin) memcpy(uuid_bin, uuid, 16); } -/* - * gen_rand_uuid_str() - this function generates UUID v4 (random) in two string - * formats UUID or GUID. - * - * @param uuid_str - pointer to allocated array [37B]. - * @param - uuid output type: UUID - 0, GUID - 1 - */ void gen_rand_uuid_str(char *uuid_str, int str_format) { unsigned char uuid_bin[UUID_BIN_LEN]; diff --git a/lib/vsprintf.c b/lib/vsprintf.c index e87503e41ad..e14c6ca9f96 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -680,8 +680,10 @@ repeat: break; case 'd': - if (fmt[1] == 'E') + if (fmt[1] == 'E') { flags |= ERRSTR; + fmt++; + } /* fallthrough */ case 'i': flags |= SIGN; @@ -725,7 +727,6 @@ repeat: ADDCH(str, ' '); for (p = errno_str(num); *p; p++) ADDCH(str, *p); - fmt++; } } |