#endif
#endif
+static inline void set_gd(volatile gd_t *gd_ptr)
+{
+#ifdef CONFIG_ARM64
+ __asm__ volatile("ldr x18, %0\n" : : "m"(gd_ptr));
+#else
+ __asm__ volatile("ldr r9, %0\n" : : "m"(gd_ptr));
+#endif
+}
+
#endif /* __ASM_GBL_DATA_H */
*
* Decode the value of UEFI load option variable and print information.
*/
-static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t size)
+static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
{
struct efi_load_option lo;
char *label, *p;
size_t label_len16, label_len;
u16 *dp_str;
+ efi_status_t ret;
- efi_deserialize_load_option(&lo, data);
+ ret = efi_deserialize_load_option(&lo, data, size);
+ if (ret != EFI_SUCCESS) {
+ printf("%ls: invalid load option\n", varname16);
+ return;
+ }
label_len16 = u16_strlen(lo.label);
label_len = utf16_utf8_strnlen(lo.label, label_len16);
printf(" data:\n");
print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
- lo.optional_data, size + (u8 *)data -
- (u8 *)lo.optional_data, true);
+ lo.optional_data, *size, true);
free(label);
}
&efi_global_variable_guid,
NULL, &size, data));
if (ret == EFI_SUCCESS)
- show_efi_boot_opt_data(varname16, data, size);
+ show_efi_boot_opt_data(varname16, data, &size);
free(data);
}
}
goto out;
}
- efi_deserialize_load_option(&lo, data);
+ ret = efi_deserialize_load_option(&lo, data, &size);
+ if (ret != EFI_SUCCESS) {
+ printf("%ls: invalid load option\n", var_name16);
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
label_len16 = u16_strlen(lo.label);
label_len = utf16_utf8_strnlen(lo.label, label_len16);
const u8 *optional_data;
};
-void efi_deserialize_load_option(struct efi_load_option *lo, u8 *data);
+efi_status_t efi_deserialize_load_option(struct efi_load_option *lo, u8 *data,
+ efi_uintn_t *size);
unsigned long efi_serialize_load_option(struct efi_load_option *lo, u8 **data);
efi_status_t efi_bootmgr_load(efi_handle_t *handle);
*
* @lo: pointer to target
* @data: serialized data
+ * @size: size of the load option, on return size of the optional data
+ * Return: status code
*/
-void efi_deserialize_load_option(struct efi_load_option *lo, u8 *data)
+efi_status_t efi_deserialize_load_option(struct efi_load_option *lo, u8 *data,
+ efi_uintn_t *size)
{
+ efi_uintn_t len;
+
+ len = sizeof(u32);
+ if (*size < len + 2 * sizeof(u16))
+ return EFI_INVALID_PARAMETER;
lo->attributes = get_unaligned_le32(data);
- data += sizeof(u32);
+ data += len;
+ *size -= len;
+ len = sizeof(u16);
lo->file_path_length = get_unaligned_le16(data);
- data += sizeof(u16);
+ data += len;
+ *size -= len;
- /* FIXME */
lo->label = (u16 *)data;
- data += (u16_strlen(lo->label) + 1) * sizeof(u16);
-
- /* FIXME */
+ len = u16_strnlen(lo->label, *size / sizeof(u16) - 1);
+ if (lo->label[len])
+ return EFI_INVALID_PARAMETER;
+ len = (len + 1) * sizeof(u16);
+ if (*size < len)
+ return EFI_INVALID_PARAMETER;
+ data += len;
+ *size -= len;
+
+ len = lo->file_path_length;
+ if (*size < len)
+ return EFI_INVALID_PARAMETER;
lo->file_path = (struct efi_device_path *)data;
- data += lo->file_path_length;
+ /*
+ * TODO: validate device path. There should be an end node within
+ * the indicated file_path_length.
+ */
+ data += len;
+ *size -= len;
lo->optional_data = data;
+
+ return EFI_SUCCESS;
}
/**
if (!load_option)
return EFI_LOAD_ERROR;
- efi_deserialize_load_option(&lo, load_option);
+ ret = efi_deserialize_load_option(&lo, load_option, &size);
+ if (ret != EFI_SUCCESS) {
+ log_warning("Invalid load option for %ls\n", varname);
+ goto error;
+ }
if (lo.attributes & LOAD_OPTION_ACTIVE) {
u32 attributes;
* restriction so we need to manually swap its and our view of that register on
* EFI callback entry/exit.
*/
-static volatile void *efi_gd, *app_gd;
+static volatile gd_t *efi_gd, *app_gd;
#endif
/* 1 if inside U-Boot code, 0 if inside EFI payload code */
#ifdef CONFIG_ARM
assert(efi_gd);
app_gd = gd;
- gd = efi_gd;
+ set_gd(efi_gd);
#endif
return ret;
}
{
int ret = --entry_count == 0;
#ifdef CONFIG_ARM
- gd = app_gd;
+ set_gd(app_gd);
#endif
return ret;
}
/* Only restore if we're already in EFI context */
if (!efi_gd)
return;
- gd = efi_gd;
+ set_gd(efi_gd);
#endif
}
* otherwise __efi_entry_check() will put the wrong value into
* app_gd.
*/
- gd = app_gd;
+ set_gd(app_gd);
#endif
/*
* To get ready to call EFI_EXIT below we have to execute the
#ifdef CONFIG_EFI_SECURE_BOOT
/**
- * cmp_pe_section - compare two sections
- * @arg1: Pointer to pointer to first section
- * @arg2: Pointer to pointer to second section
+ * cmp_pe_section() - compare virtual addresses of two PE image sections
+ * @arg1: pointer to pointer to first section header
+ * @arg2: pointer to pointer to second section header
*
- * Compare two sections in PE image.
+ * Compare the virtual addresses of two sections of an portable executable.
+ * The arguments are defined as const void * to allow usage with qsort().
*
- * Return: -1, 0, 1 respectively if arg1 < arg2, arg1 == arg2 or
- * arg1 > arg2
+ * Return: -1 if the virtual address of arg1 is less than that of arg2,
+ * 0 if the virtual addresses are equal, 1 if the virtual address
+ * of arg1 is greater than that of arg2.
*/
static int cmp_pe_section(const void *arg1, const void *arg2)
{
}
/**
- * efi_image_parse - parse a PE image
+ * efi_image_parse() - parse a PE image
* @efi: Pointer to image
* @len: Size of @efi
* @regp: Pointer to a list of regions
}
/**
- * efi_image_unsigned_authenticate - authenticate unsigned image with
+ * efi_image_unsigned_authenticate() - authenticate unsigned image with
* SHA256 hash
* @regs: List of regions to be verified
*
}
/**
- * efi_image_authenticate - verify a signature of signed image
+ * efi_image_authenticate() - verify a signature of signed image
* @efi: Pointer to image
* @efi_size: Size of @efi
*
goto err;
}
- /* assume sizeof(IMAGE_NT_HEADERS32) <= sizeof(IMAGE_NT_HEADERS64) */
- if (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS32)) {
+ /*
+ * Check if the image section header fits into the file. Knowing that at
+ * least one section header follows we only need to check for the length
+ * of the 64bit header which is longer than the 32bit header.
+ */
+ if (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS64)) {
printf("%s: Invalid offset for Extended Header\n", __func__);
ret = EFI_LOAD_ERROR;
goto err;
}
nt = (void *) ((char *)efi + dos->e_lfanew);
- if ((nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) &&
- (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS64))) {
- printf("%s: Invalid offset for Extended Header\n", __func__);
- ret = EFI_LOAD_ERROR;
- goto err;
- }
-
if (nt->Signature != IMAGE_NT_SIGNATURE) {
printf("%s: Invalid NT Signature\n", __func__);
ret = EFI_LOAD_ERROR;
const efi_guid_t efi_guid_cert_rsa2048 = EFI_CERT_RSA2048_GUID;
const efi_guid_t efi_guid_cert_x509 = EFI_CERT_X509_GUID;
const efi_guid_t efi_guid_cert_x509_sha256 = EFI_CERT_X509_SHA256_GUID;
+const efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
#ifdef CONFIG_EFI_SECURE_BOOT
EFI_MODE_DEPLOYED,
};
-const efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
static bool efi_secure_boot;
static int efi_secure_mode;
static u8 efi_vendor_keys;
projects / oweals / u-boot.git / commitdiff