LM
/
u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pull request for efi-2021-07-rc4 

Documentation:
 
 * correct mmc man-page
 
 Bug fixes:
 
 * reduce code size of efidebug command
 * remove 31 character limit for file paths in efidebug command
 * fix build warning in the TCG2 protocol implementation
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmCtA2wACgkQxIHbvCwF
 GsSGDRAAlgLjaj+dhxhv7zsrUxbqL3/hB2yqeOXo+JCx0AMvly5S43f4LvlwNNUH
 ixleYpRzR+rR2W/PP5yOnY4dmEUqusYdYPG1KdL4wPuX1Xa302Ug6GGszIFPT5/s
 8yrgaHfhUqJTR9hjqVryQplrwmV+QF5VydvFBTXD2eQtfae6HV1YfTCG+OulMKtf
 6nPRR5+4AChLnhVCjXJVLsq4lkLns8oNtdKg9N1PqODzaGKoRtVKribc8KYFR1Kq
 NWwwK8jflIdzF1GIss7PGrAs9d17oJc/Ut4U7XwjlDn+ZZFtvFKUL3bHmEEngyZv
 C6XYsM6tEfvajJ1aG4TF1TDkzh7SiJ6I95rcqFQAl2ithWriXif6ckjpWr/JEw0l
 eydwutd8YWleGkQdrS/e0SGVyZ3l5MJKSSAFhrzrx+SMG4xCqJ3bMUWH5ups/3Il
 uyL2bPYG//s/mQS++fgB5T3fG3BC53NelMOCERNyrWaBoCb4ieDBJJ0cdCFUP+F0
 Zv1BMrTWGUUhr77X6cp/VFw8cs0Q3pHX0ek07njsi0z1AJFc8IqhHWb8xmN0VZVw
 dI5fOT+vA8TnHQXVy3uRgVLymgq9Imo1O+9t6pA+DqLToBsW5bSCgK7htFeQFDrz
 wRFRmXEdkA/3WrOaJsXdd5fOzge8CK5Dqqpj0ZI8oLk9GhL9oL4=
 =GZQh
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-07-rc4' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2021-07-rc4

Documentation:

* correct mmc man-page

Bug fixes:

* reduce code size of efidebug command
* remove 31 character limit for file paths in efidebug command
* fix build warning in the TCG2 protocol implementation
This commit is contained in:
Tom Rini 2021-05-25 11:48:55 -04:00
parent 4c3e99460c 1f6871df40
commit f25a0c3742
10 changed files with 137 additions and 162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
cmd/efidebug.c
View File

@ -12,6 +12,7 @@
#include <efi_load_initrd.h>
#include <efi_loader.h>
#include <efi_rng.h>
#include <efi_variable.h>
#include <exports.h>
#include <hexdump.h>
#include <log.h>
@ -227,8 +228,7 @@ static int do_efi_capsule_res(struct cmd_tbl *cmdtp, int flag,
{
int capsule_id;
char *endp;
char var_name[12];
u16 var_name16[12], *p;
u16 var_name16[12];
efi_guid_t guid;
struct efi_capsule_result_variable_header *result = NULL;
efi_uintn_t size;
@ -240,8 +240,9 @@ static int do_efi_capsule_res(struct cmd_tbl *cmdtp, int flag,
guid = efi_guid_capsule_report;
if (argc == 1) {
size = sizeof(var_name16);
ret = EFI_CALL(RT->get_variable(L"CapsuleLast", &guid, NULL,
&size, var_name16));
ret = efi_get_variable_int(L"CapsuleLast", &guid, NULL,
&size, var_name16, NULL);
if (ret != EFI_SUCCESS) {
if (ret == EFI_NOT_FOUND)
printf("CapsuleLast doesn't exist\n");
@ -259,19 +260,18 @@ static int do_efi_capsule_res(struct cmd_tbl *cmdtp, int flag,
if (capsule_id < 0 || capsule_id > 0xffff)
return CMD_RET_USAGE;
sprintf(var_name, "Capsule%04X", capsule_id);
p = var_name16;
utf8_utf16_strncpy(&p, var_name, 9);
efi_create_indexed_name(var_name16, sizeof(var_name16),
"Capsule", capsule_id);
}
size = 0;
ret = EFI_CALL(RT->get_variable(var_name16, &guid, NULL, &size, NULL));
ret = efi_get_variable_int(var_name16, &guid, NULL, &size, NULL, NULL);
if (ret == EFI_BUFFER_TOO_SMALL) {
result = malloc(size);
if (!result)
return CMD_RET_FAILURE;
ret = EFI_CALL(RT->get_variable(var_name16, &guid, NULL, &size,
result));
ret = efi_get_variable_int(var_name16, &guid, NULL, &size,
result, NULL);
}
if (ret != EFI_SUCCESS) {
free(result);
@ -954,8 +954,7 @@ static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
{
int id;
char *endp;
char var_name[9];
u16 var_name16[9], *p;
u16 var_name16[9];
efi_guid_t guid;
size_t label_len, label_len16;
u16 *label;
@ -988,9 +987,8 @@ static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
if (*endp != '\0' || id > 0xffff)
return CMD_RET_USAGE;
sprintf(var_name, "Boot%04X", id);
p = var_name16;
utf8_utf16_strncpy(&p, var_name, 9);
efi_create_indexed_name(var_name16, sizeof(var_name16),
"Boot", id);
/* label */
label_len = strlen(argv[2]);
@ -1066,11 +1064,11 @@ static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
goto out;
}
ret = EFI_CALL(efi_set_variable(var_name16, &guid,
ret = efi_set_variable_int(var_name16, &guid,
EFI_VARIABLE_NON_VOLATILE |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_RUNTIME_ACCESS,
size, data));
size, data, false);
if (ret != EFI_SUCCESS) {
printf("Cannot set %ls\n", var_name16);
r = CMD_RET_FAILURE;
@ -1107,8 +1105,7 @@ static int do_efi_boot_rm(struct cmd_tbl *cmdtp, int flag,
efi_guid_t guid;
int id, i;
char *endp;
char var_name[9];
u16 var_name16[9], *p;
u16 var_name16[9];
efi_status_t ret;
if (argc == 1)
@ -1120,11 +1117,10 @@ static int do_efi_boot_rm(struct cmd_tbl *cmdtp, int flag,
if (*endp != '\0' || id > 0xffff)
return CMD_RET_FAILURE;
sprintf(var_name, "Boot%04X", id);
p = var_name16;
utf8_utf16_strncpy(&p, var_name, 9);
ret = EFI_CALL(efi_set_variable(var_name16, &guid, 0, 0, NULL));
efi_create_indexed_name(var_name16, sizeof(var_name16),
"Boot", id);
ret = efi_set_variable_int(var_name16, &guid, 0, 0, NULL,
false);
if (ret) {
printf("Cannot remove %ls\n", var_name16);
return CMD_RET_FAILURE;
@ -1147,8 +1143,6 @@ static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
{
struct efi_device_path *initrd_path = NULL;
struct efi_load_option lo;
char *label, *p;
size_t label_len16, label_len;
u16 *dp_str;
efi_status_t ret;
efi_uintn_t initrd_dp_size;
@ -1160,14 +1154,6 @@ static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
return;
}
label_len16 = u16_strlen(lo.label);
label_len = utf16_utf8_strnlen(lo.label, label_len16);
label = malloc(label_len + 1);
if (!label)
return;
p = label;
utf16_utf8_strncpy(&p, lo.label, label_len16);
printf("%ls:\nattributes: %c%c%c (0x%08x)\n",
varname16,
/* ACTIVE */
@ -1177,7 +1163,7 @@ static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
/* HIDDEN */
lo.attributes & LOAD_OPTION_HIDDEN ? 'H' : '-',
lo.attributes);
printf(" label: %s\n", label);
printf(" label: %ls\n", lo.label);
dp_str = efi_dp_str(lo.file_path);
printf(" file_path: %ls\n", dp_str);
@ -1194,7 +1180,6 @@ static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
printf(" data:\n");
print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
lo.optional_data, *size, true);
free(label);
}
/**
@ -1324,12 +1309,9 @@ static int show_efi_boot_order(void)
u16 *bootorder;
efi_uintn_t size;
int num, i;
char var_name[9];
u16 var_name16[9], *p16;
u16 var_name16[9];
void *data;
struct efi_load_option lo;
char *label, *p;
size_t label_len16, label_len;
efi_status_t ret;
size = 0;
@ -1357,16 +1339,15 @@ static int show_efi_boot_order(void)
num = size / sizeof(u16);
for (i = 0; i < num; i++) {
sprintf(var_name, "Boot%04X", bootorder[i]);
p16 = var_name16;
utf8_utf16_strncpy(&p16, var_name, 9);
efi_create_indexed_name(var_name16, sizeof(var_name16),
"Boot", i);
size = 0;
ret = EFI_CALL(efi_get_variable(var_name16,
&efi_global_variable_guid, NULL,
&size, NULL));
if (ret != EFI_BUFFER_TOO_SMALL) {
printf("%2d: %s: (not defined)\n", i + 1, var_name);
printf("%2d: %ls: (not defined)\n", i + 1, var_name16);
continue;
}
@ -1391,18 +1372,7 @@ static int show_efi_boot_order(void)
goto out;
}
label_len16 = u16_strlen(lo.label);
label_len = utf16_utf8_strnlen(lo.label, label_len16);
label = malloc(label_len + 1);
if (!label) {
free(data);
ret = CMD_RET_FAILURE;
goto out;
}
p = label;
utf16_utf8_strncpy(&p, lo.label, label_len16);
printf("%2d: %s: %s\n", i + 1, var_name, label);
free(label);
printf("%2d: %ls: %ls\n", i + 1, var_name16, lo.label);
free(data);
}
@ -1449,11 +1419,11 @@ static int do_efi_boot_next(struct cmd_tbl *cmdtp, int flag,
guid = efi_global_variable_guid;
size = sizeof(u16);
ret = EFI_CALL(efi_set_variable(L"BootNext", &guid,
ret = efi_set_variable_int(L"BootNext", &guid,
EFI_VARIABLE_NON_VOLATILE |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_RUNTIME_ACCESS,
size, &bootnext));
size, &bootnext, false);
if (ret != EFI_SUCCESS) {
printf("Cannot set BootNext\n");
r = CMD_RET_FAILURE;
@ -1510,11 +1480,11 @@ static int do_efi_boot_order(struct cmd_tbl *cmdtp, int flag,
}
guid = efi_global_variable_guid;
ret = EFI_CALL(efi_set_variable(L"BootOrder", &guid,
ret = efi_set_variable_int(L"BootOrder", &guid,
EFI_VARIABLE_NON_VOLATILE |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_RUNTIME_ACCESS,
size, bootorder));
size, bootorder, true);
if (ret != EFI_SUCCESS) {
printf("Cannot set BootOrder\n");
r = CMD_RET_FAILURE;

3
doc/usage/mmc.rst
View File

@ -40,7 +40,7 @@ The 'mmc write' command writes raw data to MMC device from memory address with b
cnt
block count
The 'mmc erase' command erases MMC device from block offset until count.
The 'mmc erase' command erases *cnt* blocks on the MMC device starting at block *blk#*.
blk#
start block offset
@ -110,6 +110,7 @@ The 'mmc partconf' command shows or changes PARTITION_CONFIG field.
partitions to access
The 'mmc bootpart-resize' command changes sizes of boot and RPMB partitions.
dev
device number
boot part size MB

5
lib/efi_loader/Kconfig
View File

@ -175,6 +175,7 @@ config EFI_CAPSULE_AUTHENTICATE
select PKCS7_VERIFY
select IMAGE_SIGN_INFO
select HASH_CALCULATE
select EFI_SIGNATURE_SUPPORT
default n
help
Select this option if you want to enable capsule
@ -344,6 +345,7 @@ config EFI_SECURE_BOOT
select PKCS7_MESSAGE_PARSER
select PKCS7_VERIFY
select HASH_CALCULATE
select EFI_SIGNATURE_SUPPORT
default n
help
Select this option to enable EFI secure boot support.
@ -351,6 +353,9 @@ config EFI_SECURE_BOOT
it is signed with a trusted key. To do that, you need to install,
at least, PK, KEK and db.
config EFI_SIGNATURE_SUPPORT
bool
config EFI_ESRT
bool "Enable the UEFI ESRT generation"
depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT

2
lib/efi_loader/Makefile
View File

@ -63,7 +63,7 @@ obj-$(CONFIG_GENERATE_SMBIOS_TABLE) += efi_smbios.o
obj-$(CONFIG_EFI_RNG_PROTOCOL) += efi_rng.o
obj-$(CONFIG_EFI_TCG2_PROTOCOL) += efi_tcg2.o
obj-$(CONFIG_EFI_LOAD_FILE2_INITRD) += efi_load_initrd.o
obj-y += efi_signature.o
obj-$(CONFIG_EFI_SIGNATURE_SUPPORT) += efi_signature.o
EFI_VAR_SEED_FILE := $(subst $\",,$(CONFIG_EFI_VAR_SEED_FILE))
$(obj)/efi_var_seed.o: $(srctree)/$(EFI_VAR_SEED_FILE)

10
lib/efi_loader/efi_capsule.c
View File

@ -208,16 +208,6 @@ skip:
const efi_guid_t efi_guid_capsule_root_cert_guid =
EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;
__weak int efi_get_public_key_data(void **pkey, efi_uintn_t *pkey_len)
{
/* The platform is supposed to provide
* a method for getting the public key
* stored in the form of efi signature
* list
*/
return 0;
}
efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size,
void **image, efi_uintn_t *image_size)
{

9
lib/efi_loader/efi_device_path.c
View File

@ -1171,7 +1171,7 @@ efi_status_t efi_dp_from_name(const char *dev, const char *devnr,
struct blk_desc *desc = NULL;
struct disk_partition fs_partition;
int part = 0;
char filename[32] = { 0 }; /* dp->str is u16[32] long */
char *filename;
char *s;
if (path && !file)
@ -1198,12 +1198,17 @@ efi_status_t efi_dp_from_name(const char *dev, const char *devnr,
if (!path)
return EFI_SUCCESS;
snprintf(filename, sizeof(filename), "%s", path);
filename = calloc(1, strlen(path) + 1);
if (!filename)
return EFI_OUT_OF_RESOURCES;
sprintf(filename, "%s", path);
/* DOS style file path: */
s = filename;
while ((s = strchr(s, '/')))
*s++ = '\\';
*file = efi_dp_from_file(desc, part, filename);
free(filename);
if (!*file)
return EFI_INVALID_PARAMETER;

64
lib/efi_loader/efi_image_loader.c
View File

@ -213,7 +213,68 @@ static void efi_set_code_and_data_type(
}
}
#ifdef CONFIG_EFI_SECURE_BOOT
/**
* efi_image_region_add() - add an entry of region
* @regs: Pointer to array of regions
* @start: Start address of region (included)
* @end: End address of region (excluded)
* @nocheck: flag against overlapped regions
*
* Take one entry of region [@start, @end[ and insert it into the list.
*
* * If @nocheck is false, the list will be sorted ascending by address.
* Overlapping entries will not be allowed.
*
* * If @nocheck is true, the list will be sorted ascending by sequence
* of adding the entries. Overlapping is allowed.
*
* Return: status code
*/
efi_status_t efi_image_region_add(struct efi_image_regions *regs,
const void *start, const void *end,
int nocheck)
{
struct image_region *reg;
int i, j;
if (regs->num >= regs->max) {
EFI_PRINT("%s: no more room for regions\n", __func__);
return EFI_OUT_OF_RESOURCES;
}
if (end < start)
return EFI_INVALID_PARAMETER;
for (i = 0; i < regs->num; i++) {
reg = &regs->reg[i];
if (nocheck)
continue;
/* new data after registered region */
if (start >= reg->data + reg->size)
continue;
/* new data preceding registered region */
if (end <= reg->data) {
for (j = regs->num - 1; j >= i; j--)
memcpy(&regs->reg[j + 1], &regs->reg[j],
sizeof(*reg));
break;
}
/* new data overlapping registered region */
EFI_PRINT("%s: new region already part of another\n", __func__);
return EFI_INVALID_PARAMETER;
}
reg = &regs->reg[i];
reg->data = start;
reg->size = end - start;
regs->num++;
return EFI_SUCCESS;
}
/**
* cmp_pe_section() - compare virtual addresses of two PE image sections
* @arg1: pointer to pointer to first section header
@ -422,6 +483,7 @@ err:
return false;
}
#ifdef CONFIG_EFI_SECURE_BOOT
/**
* efi_image_unsigned_authenticate() - authenticate unsigned image with
* SHA256 hash

67
lib/efi_loader/efi_signature.c
View File

@ -15,18 +15,16 @@
#include <crypto/public_key.h>
#include <linux/compat.h>
#include <linux/oid_registry.h>
#include <u-boot/hash-checksum.h>
#include <u-boot/rsa.h>
#include <u-boot/sha256.h>
const efi_guid_t efi_guid_image_security_database =
EFI_IMAGE_SECURITY_DATABASE_GUID;
const efi_guid_t efi_guid_sha256 = EFI_CERT_SHA256_GUID;
const efi_guid_t efi_guid_cert_rsa2048 = EFI_CERT_RSA2048_GUID;
const efi_guid_t efi_guid_cert_x509 = EFI_CERT_X509_GUID;
const efi_guid_t efi_guid_cert_x509_sha256 = EFI_CERT_X509_SHA256_GUID;
const efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
#if defined(CONFIG_EFI_SECURE_BOOT) || defined(CONFIG_EFI_CAPSULE_AUTHENTICATE)
static u8 pkcs7_hdr[] = {
/* SEQUENCE */
0x30, 0x82, 0x05, 0xc7,
@ -539,68 +537,6 @@ out:
return !revoked;
}
/**
* efi_image_region_add() - add an entry of region
* @regs: Pointer to array of regions
* @start: Start address of region (included)
* @end: End address of region (excluded)
* @nocheck: flag against overlapped regions
*
* Take one entry of region [@start, @end[ and insert it into the list.
*
* * If @nocheck is false, the list will be sorted ascending by address.
* Overlapping entries will not be allowed.
*
* * If @nocheck is true, the list will be sorted ascending by sequence
* of adding the entries. Overlapping is allowed.
*
* Return: status code
*/
efi_status_t efi_image_region_add(struct efi_image_regions *regs,
const void *start, const void *end,
int nocheck)
{
struct image_region *reg;
int i, j;
if (regs->num >= regs->max) {
EFI_PRINT("%s: no more room for regions\n", __func__);
return EFI_OUT_OF_RESOURCES;
}
if (end < start)
return EFI_INVALID_PARAMETER;
for (i = 0; i < regs->num; i++) {
reg = &regs->reg[i];
if (nocheck)
continue;
/* new data after registered region */
if (start >= reg->data + reg->size)
continue;
/* new data preceding registered region */
if (end <= reg->data) {
for (j = regs->num - 1; j >= i; j--)
memcpy(&regs->reg[j + 1], &regs->reg[j],
sizeof(*reg));
break;
}
/* new data overlapping registered region */
EFI_PRINT("%s: new region already part of another\n", __func__);
return EFI_INVALID_PARAMETER;
}
reg = &regs->reg[i];
reg->data = start;
reg->size = end - start;
regs->num++;
return EFI_SUCCESS;
}
/**
* efi_sigstore_free - free signature store
* @sigstore: Pointer to signature store structure
@ -846,4 +782,3 @@ struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name)
return efi_build_signature_store(db, db_size);
}
#endif /* CONFIG_EFI_SECURE_BOOT || CONFIG_EFI_CAPSULE_AUTHENTICATE */

40
lib/efi_loader/efi_tcg2.c
View File

@ -53,7 +53,7 @@ struct digest_info {
u16 hash_len;
};
const static struct digest_info hash_algo_list[] = {
static const struct digest_info hash_algo_list[] = {
{
TPM2_ALG_SHA1,
EFI_TCG2_BOOT_HASH_ALG_SHA1,
@ -87,7 +87,7 @@ const static struct digest_info hash_algo_list[] = {
*/
static u32 alg_to_mask(u16 hash_alg)
{
int i;
size_t i;
for (i = 0; i < MAX_HASH_COUNT; i++) {
if (hash_algo_list[i].hash_alg == hash_alg)
@ -106,7 +106,7 @@ static u32 alg_to_mask(u16 hash_alg)
*/
static u16 alg_to_len(u16 hash_alg)
{
int i;
size_t i;
for (i = 0; i < MAX_HASH_COUNT; i++) {
if (hash_algo_list[i].hash_alg == hash_alg)
@ -119,7 +119,7 @@ static u16 alg_to_len(u16 hash_alg)
static u32 tcg_event_final_size(struct tpml_digest_values *digest_list)
{
u32 len;
int i;
size_t i;
len = offsetof(struct tcg_pcr_event2, digests);
len += offsetof(struct tpml_digest_values, digests);
@ -145,7 +145,7 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev, u32 pcr_index,
struct tpml_digest_values *digest_list)
{
u32 rc;
int i;
size_t i;
for (i = 0; i < digest_list->count; i++) {
u32 alg = digest_list->digests[i].hash_alg;
@ -178,7 +178,7 @@ static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
{
void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
size_t pos;
int i;
size_t i;
u32 event_size;
if (event_log.get_event_called)
@ -400,7 +400,8 @@ static int tpm2_get_pcr_info(struct udevice *dev, u32 *supported_pcr,
u8 response[TPM2_RESPONSE_BUFFER_SIZE];
struct tpml_pcr_selection pcrs;
u32 ret, num_pcr;
int i, tpm_ret;
size_t i;
int tpm_ret;
memset(response, 0, sizeof(response));
ret = tpm2_get_capability(dev, TPM2_CAP_PCRS, 0, response, 1);
@ -518,7 +519,7 @@ static efi_status_t tcg2_create_digest(const u8 *input, u32 length,
u8 final[TPM2_SHA512_DIGEST_SIZE];
efi_status_t ret;
u32 active;
int i;
size_t i;
ret = __get_active_pcr_banks(&active);
if (ret != EFI_SUCCESS)
@ -749,8 +750,7 @@ efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
goto out;
}
if (efi_tcg_event->header.pcr_index < 0 ||
efi_tcg_event->header.pcr_index > TPM2_MAX_PCRS) {
if (efi_tcg_event->header.pcr_index > TPM2_MAX_PCRS) {
ret = EFI_INVALID_PARAMETER;
goto out;
}
@ -810,9 +810,11 @@ out:
* Return: status code
*/
static efi_status_t EFIAPI
efi_tcg2_submit_command(struct efi_tcg2_protocol *this,
u32 input_param_block_size, u8 *input_param_block,
u32 output_param_block_size, u8 *output_param_block)
efi_tcg2_submit_command(__maybe_unused struct efi_tcg2_protocol *this,
u32 __maybe_unused input_param_block_size,
u8 __maybe_unused *input_param_block,
u32 __maybe_unused output_param_block_size,
u8 __maybe_unused *output_param_block)
{
return EFI_UNSUPPORTED;
}
@ -847,8 +849,8 @@ efi_tcg2_get_active_pcr_banks(struct efi_tcg2_protocol *this,
* Return: status code
*/
static efi_status_t EFIAPI
efi_tcg2_set_active_pcr_banks(struct efi_tcg2_protocol *this,
u32 active_pcr_banks)
efi_tcg2_set_active_pcr_banks(__maybe_unused struct efi_tcg2_protocol *this,
u32 __maybe_unused active_pcr_banks)
{
return EFI_UNSUPPORTED;
}
@ -866,8 +868,9 @@ efi_tcg2_set_active_pcr_banks(struct efi_tcg2_protocol *this,
* Return: status code
*/
static efi_status_t EFIAPI
efi_tcg2_get_result_of_set_active_pcr_banks(struct efi_tcg2_protocol *this,
u32 *operation_present, u32 *response)
efi_tcg2_get_result_of_set_active_pcr_banks(__maybe_unused struct efi_tcg2_protocol *this,
u32 __maybe_unused *operation_present,
u32 __maybe_unused *response)
{
return EFI_UNSUPPORTED;
}
@ -898,7 +901,8 @@ static efi_status_t create_specid_event(struct udevice *dev, void *buffer,
size_t spec_event_size;
efi_status_t ret = EFI_DEVICE_ERROR;
u32 active, supported;
int err, i;
int err;
size_t i;
/*
* Create Spec event. This needs to be the first event in the log

3
lib/efi_loader/efi_var_common.c
View File

@ -24,6 +24,9 @@ struct efi_auth_var_name_type {
const enum efi_auth_var_type type;
};
const efi_guid_t efi_guid_image_security_database =
EFI_IMAGE_SECURITY_DATABASE_GUID;
static const struct efi_auth_var_name_type name_type[] = {
{u"PK", &efi_global_variable_guid, EFI_AUTH_VAR_PK},
{u"KEK", &efi_global_variable_guid, EFI_AUTH_VAR_KEK},