On Sat, Jan 15, 2022 at 01:49:07AM +0100, Heinrich Schuchardt wrote:
The efidebug command was conceived for testing purposes.
Well, I initially implemented the command as an alternative of "EFI shell" as the shell was not able to run on EFI U-Boot at that time.
The manipulation of boot options does better fit to the bootefi command that is used to invoke the boot manager.
I believe that it would be best to have those two features in separate commands(/applications) since the bootefi/bootmgr be focused on booting EFI images while efidebug/EFI shell provides a kind of user interfaces for manipulating the system.
*If* you dare to move the code to bootefi/bootmgr, I'd ask you to honor and add my copyright to the file as "efidebug boot" feature is a core part of efidebug. Or export sub-command functions from efidebug.c and import them in bootefi.c.
-Takahiro Akashi
Signed-off-by: Heinrich Schuchardt heinrich.schuchardt@canonical.com
cmd/bootefi.c | 672 +++++++++++++++++- cmd/efidebug.c | 662 +---------------- doc/develop/uefi/uefi.rst | 4 +- include/efi_loader.h | 2 - lib/efi_selftest/efi_selftest_tcg2.c | 8 +- .../test_efi_capsule/test_capsule_firmware.py | 12 +- test/py/tests/test_efi_secboot/test_signed.py | 48 +- .../test_efi_secboot/test_signed_intca.py | 22 +- .../tests/test_efi_secboot/test_unsigned.py | 22 +- 9 files changed, 723 insertions(+), 729 deletions(-)
diff --git a/cmd/bootefi.c b/cmd/bootefi.c index 83eab0bd7f..003aa5265e 100644 --- a/cmd/bootefi.c +++ b/cmd/bootefi.c @@ -12,10 +12,13 @@ #include <charset.h> #include <command.h> #include <dm.h> +#include <efi_load_initrd.h> #include <efi_loader.h> #include <efi_selftest.h> +#include <efi_variable.h> #include <env.h> #include <errno.h> +#include <hexdump.h> #include <image.h> #include <log.h> #include <malloc.h> @@ -47,6 +50,620 @@ static void efi_clear_bootdev(void) image_size = 0; }
+/**
- create_initrd_dp() - Create a special device for our Boot### option
- @dev: Device
- @part: Disk partition
- @file: Filename
- Return: Pointer to the device path or ERR_PTR
- */
+static +struct efi_device_path *create_initrd_dp(const char *dev, const char *part,
const char *file)+{
- struct efi_device_path *tmp_dp = NULL, *tmp_fp = NULL;
- struct efi_device_path *initrd_dp = NULL;
- efi_status_t ret;
- const struct efi_initrd_dp id_dp = {
.vendor = {{DEVICE_PATH_TYPE_MEDIA_DEVICE,DEVICE_PATH_SUB_TYPE_VENDOR_PATH,sizeof(id_dp.vendor),},EFI_INITRD_MEDIA_GUID,},.end = {DEVICE_PATH_TYPE_END,DEVICE_PATH_SUB_TYPE_END,sizeof(id_dp.end),}- };
- ret = efi_dp_from_name(dev, part, file, &tmp_dp, &tmp_fp);
- if (ret != EFI_SUCCESS) {
printf("Cannot create device path for \"%s %s\"\n", part, file);goto out;- }
- initrd_dp = efi_dp_append((const struct efi_device_path *)&id_dp,
tmp_fp);+out:
- efi_free_pool(tmp_dp);
- efi_free_pool(tmp_fp);
- return initrd_dp;
+}
+/**
- do_efi_boot_add() - set UEFI load option
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success,
CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- Implement "add" sub-command. Create or change UEFI load option.
- booteif add -b <id> <label> <interface> <devnum>[:<part>] <file>
-i <file> <interface2> <devnum2>[:<part>] <initrd>
-s '<options>'- */
+static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])+{
- int id;
- char *endp;
- u16 var_name16[9];
- efi_guid_t guid;
- size_t label_len, label_len16;
- u16 *label;
- struct efi_device_path *device_path = NULL, *file_path = NULL;
- struct efi_device_path *final_fp = NULL;
- struct efi_device_path *initrd_dp = NULL;
- struct efi_load_option lo;
- void *data = NULL;
- efi_uintn_t size;
- efi_uintn_t fp_size = 0;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
- guid = efi_global_variable_guid;
- /* attributes */
- lo.attributes = LOAD_OPTION_ACTIVE; /* always ACTIVE */
- lo.optional_data = NULL;
- lo.label = NULL;
- argc--;
- argv++; /* 'add' */
- for (; argc > 0; argc--, argv++) {
if (!strcmp(argv[0], "-b")) {if (argc < 5 || lo.label) {r = CMD_RET_USAGE;goto out;}id = (int)hextoul(argv[1], &endp);if (*endp != '\0' || id > 0xffff)return CMD_RET_USAGE;efi_create_indexed_name(var_name16, sizeof(var_name16),"Boot", id);/* label */label_len = strlen(argv[2]);label_len16 = utf8_utf16_strnlen(argv[2], label_len);label = malloc((label_len16 + 1) * sizeof(u16));if (!label)return CMD_RET_FAILURE;lo.label = label; /* label will be changed below */utf8_utf16_strncpy(&label, argv[2], label_len);/* file path */ret = efi_dp_from_name(argv[3], argv[4], argv[5],&device_path, &file_path);if (ret != EFI_SUCCESS) {printf("Cannot create device path for \"%s %s\"\n",argv[3], argv[4]);r = CMD_RET_FAILURE;goto out;}fp_size += efi_dp_size(file_path) +sizeof(struct efi_device_path);argc -= 5;argv += 5;} else if (!strcmp(argv[0], "-i")) {if (argc < 3 || initrd_dp) {r = CMD_RET_USAGE;goto out;}initrd_dp = create_initrd_dp(argv[1], argv[2], argv[3]);if (!initrd_dp) {printf("Cannot add an initrd\n");r = CMD_RET_FAILURE;goto out;}argc -= 3;argv += 3;fp_size += efi_dp_size(initrd_dp) +sizeof(struct efi_device_path);} else if (!strcmp(argv[0], "-s")) {if (argc < 1 || lo.optional_data) {r = CMD_RET_USAGE;goto out;}lo.optional_data = (const u8 *)argv[1];argc -= 1;argv += 1;} else {r = CMD_RET_USAGE;goto out;}- }
- if (!file_path) {
printf("Missing binary\n");r = CMD_RET_USAGE;goto out;- }
- final_fp = efi_dp_concat(file_path, initrd_dp);
- if (!final_fp) {
printf("Cannot create final device path\n");r = CMD_RET_FAILURE;goto out;- }
- lo.file_path = final_fp;
- lo.file_path_length = fp_size;
- size = efi_serialize_load_option(&lo, (u8 **)&data);
- if (!size) {
r = CMD_RET_FAILURE;goto out;- }
- ret = efi_set_variable_int(var_name16, &guid,
EFI_VARIABLE_NON_VOLATILE |EFI_VARIABLE_BOOTSERVICE_ACCESS |EFI_VARIABLE_RUNTIME_ACCESS,size, data, false);- if (ret != EFI_SUCCESS) {
printf("Cannot set %ls\n", var_name16);r = CMD_RET_FAILURE;- }
+out:
- free(data);
- efi_free_pool(final_fp);
- efi_free_pool(initrd_dp);
- efi_free_pool(device_path);
- efi_free_pool(file_path);
- free(lo.label);
- return r;
+}
+/**
- do_efi_boot_rm() - delete UEFI load options
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Implement "rm" sub-command.
- Delete UEFI load options.
bootefi rm <id> ...- */
+static int do_efi_boot_rm(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])+{
- efi_guid_t guid;
- int id, i;
- char *endp;
- u16 var_name16[9];
- efi_status_t ret;
- if (argc == 1)
return CMD_RET_USAGE;- guid = efi_global_variable_guid;
- for (i = 1; i < argc; i++, argv++) {
id = (int)hextoul(argv[1], &endp);if (*endp != '\0' || id > 0xffff)return CMD_RET_FAILURE;efi_create_indexed_name(var_name16, sizeof(var_name16),"Boot", id);ret = efi_set_variable_int(var_name16, &guid, 0, 0, NULL,false);if (ret) {printf("Cannot remove %ls\n", var_name16);return CMD_RET_FAILURE;}- }
- return CMD_RET_SUCCESS;
+}
+/**
- show_efi_boot_opt_data() - dump UEFI load option
- @varname16: variable name
- @data: value of UEFI load option variable
- @size: size of the boot option
- Decode the value of UEFI load option variable and print information.
- */
+static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size) +{
- struct efi_device_path *initrd_path = NULL;
- struct efi_load_option lo;
- efi_status_t ret;
- ret = efi_deserialize_load_option(&lo, data, size);
- if (ret != EFI_SUCCESS) {
printf("%ls: invalid load option\n", varname16);return;- }
- printf("%ls:\nattributes: %c%c%c (0x%08x)\n",
varname16,/* ACTIVE */lo.attributes & LOAD_OPTION_ACTIVE ? 'A' : '-',/* FORCE RECONNECT */lo.attributes & LOAD_OPTION_FORCE_RECONNECT ? 'R' : '-',/* HIDDEN */lo.attributes & LOAD_OPTION_HIDDEN ? 'H' : '-',lo.attributes);- printf(" label: %ls\n", lo.label);
- printf(" file_path: %pD\n", lo.file_path);
- initrd_path = efi_dp_from_lo(&lo, &efi_lf2_initrd_guid);
- if (initrd_path) {
printf(" initrd_path: %pD\n", initrd_path);efi_free_pool(initrd_path);- }
- printf(" data:\n");
- print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
lo.optional_data, *size, true);+}
+/**
- show_efi_boot_opt() - dump UEFI load option
- @varname16: variable name
- Dump information defined by UEFI load option.
- */
+static void show_efi_boot_opt(u16 *varname16) +{
- void *data;
- efi_uintn_t size;
- efi_status_t ret;
- size = 0;
- ret = EFI_CALL(efi_get_variable(varname16, &efi_global_variable_guid,
NULL, &size, NULL));- if (ret == EFI_BUFFER_TOO_SMALL) {
data = malloc(size);if (!data) {printf("ERROR: Out of memory\n");return;}ret = EFI_CALL(efi_get_variable(varname16,&efi_global_variable_guid,NULL, &size, data));if (ret == EFI_SUCCESS)show_efi_boot_opt_data(varname16, data, &size);free(data);- }
+}
+static int u16_tohex(u16 c) +{
- if (c >= '0' && c <= '9')
return c - '0';- if (c >= 'A' && c <= 'F')
return c - 'A' + 10;- /* not hexadecimal */
- return -1;
+}
+/**
- show_efi_boot_dump() - dump all UEFI load options
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Implement "dump" sub-command.
- Dump information of all UEFI load options defined.
bootefi dump- */
+static int do_efi_boot_dump(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])+{
- u16 *var_name16, *p;
- efi_uintn_t buf_size, size;
- efi_guid_t guid;
- int id, i, digit;
- efi_status_t ret;
- if (argc > 1)
return CMD_RET_USAGE;- buf_size = 128;
- var_name16 = malloc(buf_size);
- if (!var_name16)
return CMD_RET_FAILURE;- var_name16[0] = 0;
- for (;;) {
size = buf_size;ret = EFI_CALL(efi_get_next_variable_name(&size, var_name16,&guid));if (ret == EFI_NOT_FOUND)break;if (ret == EFI_BUFFER_TOO_SMALL) {buf_size = size;p = realloc(var_name16, buf_size);if (!p) {free(var_name16);return CMD_RET_FAILURE;}var_name16 = p;ret = EFI_CALL(efi_get_next_variable_name(&size,var_name16,&guid));}if (ret != EFI_SUCCESS) {free(var_name16);return CMD_RET_FAILURE;}if (memcmp(var_name16, L"Boot", 8))continue;for (id = 0, i = 0; i < 4; i++) {digit = u16_tohex(var_name16[4 + i]);if (digit < 0)break;id = (id << 4) + digit;}if (i == 4 && !var_name16[8])show_efi_boot_opt(var_name16);- }
- free(var_name16);
- return CMD_RET_SUCCESS;
+}
+/**
- show_efi_boot_order() - show order of UEFI load options
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Show order of UEFI load options defined by BootOrder variable.
- */
+static int show_efi_boot_order(void) +{
- u16 *bootorder;
- efi_uintn_t size;
- int num, i;
- u16 var_name16[9];
- void *data;
- struct efi_load_option lo;
- efi_status_t ret;
- size = 0;
- ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
NULL, &size, NULL));- if (ret != EFI_BUFFER_TOO_SMALL) {
if (ret == EFI_NOT_FOUND) {printf("BootOrder not defined\n");return CMD_RET_SUCCESS;} else {return CMD_RET_FAILURE;}- }
- bootorder = malloc(size);
- if (!bootorder) {
printf("ERROR: Out of memory\n");return CMD_RET_FAILURE;- }
- ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
NULL, &size, bootorder));- if (ret != EFI_SUCCESS) {
ret = CMD_RET_FAILURE;goto out;- }
- num = size / sizeof(u16);
- for (i = 0; i < num; i++) {
efi_create_indexed_name(var_name16, sizeof(var_name16),"Boot", bootorder[i]);size = 0;ret = EFI_CALL(efi_get_variable(var_name16,&efi_global_variable_guid, NULL,&size, NULL));if (ret != EFI_BUFFER_TOO_SMALL) {printf("%2d: %ls: (not defined)\n", i + 1, var_name16);continue;}data = malloc(size);if (!data) {ret = CMD_RET_FAILURE;goto out;}ret = EFI_CALL(efi_get_variable(var_name16,&efi_global_variable_guid, NULL,&size, data));if (ret != EFI_SUCCESS) {free(data);ret = CMD_RET_FAILURE;goto out;}ret = efi_deserialize_load_option(&lo, data, &size);if (ret != EFI_SUCCESS) {printf("%ls: invalid load option\n", var_name16);ret = CMD_RET_FAILURE;goto out;}printf("%2d: %ls: %ls\n", i + 1, var_name16, lo.label);free(data);- }
+out:
- free(bootorder);
- return ret;
+}
+/**
- do_efi_boot_next() - manage UEFI BootNext variable
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success,
CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- Implement "next" sub-command.
- Set BootNext variable.
bootefi next <id>- */
+static int do_efi_boot_next(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])+{
- u16 bootnext;
- efi_uintn_t size;
- char *endp;
- efi_guid_t guid;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
- if (argc > 2)
return CMD_RET_USAGE;- if (argc == 1) {
size = sizeof(bootnext);ret = efi_get_variable_int(L"BootNext",&efi_global_variable_guid,NULL, &size, &bootnext, NULL);if (size != 2 || ret != EFI_SUCCESS)return CMD_RET_FAILURE;printf("%04X\n", bootnext);return CMD_RET_SUCCESS;- }
- bootnext = (u16)hextoul(argv[1], &endp);
- if (*endp) {
printf("invalid value: %s\n", argv[1]);r = CMD_RET_FAILURE;goto out;- }
- guid = efi_global_variable_guid;
- size = sizeof(u16);
- ret = efi_set_variable_int(L"BootNext", &guid,
EFI_VARIABLE_NON_VOLATILE |EFI_VARIABLE_BOOTSERVICE_ACCESS |EFI_VARIABLE_RUNTIME_ACCESS,size, &bootnext, false);- if (ret != EFI_SUCCESS) {
printf("Cannot set BootNext\n");r = CMD_RET_FAILURE;- }
+out:
- return r;
+}
+/**
- do_efi_boot_order() - manage UEFI BootOrder variable
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Implement "order" sub-command.
- Show order of UEFI load options, or change it in BootOrder variable.
bootefi order [<id> ...]- */
+static int do_efi_boot_order(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])+{
- u16 *bootorder = NULL;
- efi_uintn_t size;
- int id, i;
- char *endp;
- efi_guid_t guid;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
- if (argc == 1)
return show_efi_boot_order();- argc--;
- argv++;
- size = argc * sizeof(u16);
- bootorder = malloc(size);
- if (!bootorder)
return CMD_RET_FAILURE;- for (i = 0; i < argc; i++) {
id = (int)hextoul(argv[i], &endp);if (*endp != '\0' || id > 0xffff) {printf("invalid value: %s\n", argv[i]);r = CMD_RET_FAILURE;goto out;}bootorder[i] = (u16)id;- }
- guid = efi_global_variable_guid;
- ret = efi_set_variable_int(L"BootOrder", &guid,
EFI_VARIABLE_NON_VOLATILE |EFI_VARIABLE_BOOTSERVICE_ACCESS |EFI_VARIABLE_RUNTIME_ACCESS,size, bootorder, true);- if (ret != EFI_SUCCESS) {
printf("Cannot set BootOrder\n");r = CMD_RET_FAILURE;- }
+out:
- free(bootorder);
- return r;
+}
/**
- efi_set_bootdev() - set boot device
@@ -498,7 +1115,6 @@ out: return ret; }
-#ifdef CONFIG_CMD_BOOTEFI_SELFTEST static efi_status_t bootefi_run_prepare(const char *load_options_path, struct efi_device_path *device_path, struct efi_device_path *image_path, @@ -597,7 +1213,6 @@ static int do_efi_selftest(void)
return ret != EFI_SUCCESS; } -#endif /* CONFIG_CMD_BOOTEFI_SELFTEST */
/**
- do_bootefi() - execute `bootefi` command
@@ -611,9 +1226,23 @@ static int do_efi_selftest(void) static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) {
struct cmd_tbl *cp; efi_status_t ret; void *fdt;
static struct cmd_tbl cmd_bootefi_sub[] = {
U_BOOT_CMD_MKENT(add, CONFIG_SYS_MAXARGS, 1,do_efi_boot_add, "", ""),U_BOOT_CMD_MKENT(dump, CONFIG_SYS_MAXARGS,1, do_efi_boot_dump, "", ""),U_BOOT_CMD_MKENT(next, CONFIG_SYS_MAXARGS, 1,do_efi_boot_next, "", ""),U_BOOT_CMD_MKENT(order, CONFIG_SYS_MAXARGS, 1,do_efi_boot_order, "", ""),U_BOOT_CMD_MKENT(rm, CONFIG_SYS_MAXARGS, 1,do_efi_boot_rm, "", ""),};
if (argc < 2) return CMD_RET_USAGE;
@@ -625,7 +1254,19 @@ static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc, return CMD_RET_FAILURE; }
- if (argc > 2) {
if (IS_ENABLED(CONFIG_CMD_BOOTEFI_BOOTMGR)) {
cp = find_cmd_tbl(argv[1], cmd_bootefi_sub,ARRAY_SIZE(cmd_bootefi_sub));if (cp) {argc--;argv++;return cp->cmd(cmdtp, flag, argc, argv);}}
if (argc > 3)
return CMD_RET_USAGE;if (argc == 3) { uintptr_t fdt_addr;
fdt_addr = hextoul(argv[2], NULL);
@@ -643,10 +1284,10 @@ static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc, if (!strcmp(argv[1], "bootmgr")) return do_efibootmgr(); } -#ifdef CONFIG_CMD_BOOTEFI_SELFTEST
- if (!strcmp(argv[1], "selftest"))
return do_efi_selftest();-#endif
if (IS_ENABLED(CONFIG_CMD_BOOTEFI_SELFTEST)) {
if (!strcmp(argv[1], "selftest"))return do_efi_selftest();}
return do_bootefi_image(argv[1]);
} @@ -668,6 +1309,21 @@ static char bootefi_help_text[] = " Use 'setenv efi_selftest list' to enumerate all tests.\n" #endif #ifdef CONFIG_CMD_BOOTEFI_BOOTMGR
- "bootefi add "
- "-b <bootid> <label> <interface> <devnum>[:<part>] <file path> "
- "-i <interface> <devnum>[:<part>] <initrd file path> "
- "-s '<optional data>'\n"
- " - set UEFI BootXXXX variable\n"
- " <load options> will be passed to UEFI application\n"
- "bootefi rm <bootid#1> [<bootid#2> [<bootid#3> [...]]]\n"
- " - delete UEFI BootXXXX variables\n"
- "bootefi dump\n"
- " - dump all UEFI BootXXXX variables\n"
- "bootefi next [bootid]\n"
- " - set/show UEFI BootNext variable\n"
- "bootefi order [<bootid#1> [<bootid#2> [<bootid#3> [...]]]]\n"
- " - set/show UEFI boot order\n"
- "\n" "bootefi bootmgr [fdt address]\n" " - load and boot EFI payload based on BootOrder/BootXXXX variables.\n" "\n"
@@ -678,7 +1334,7 @@ static char bootefi_help_text[] = #endif
U_BOOT_CMD(
- bootefi, 3, 0, do_bootefi,
- bootefi, CONFIG_SYS_MAXARGS, 0, do_bootefi, "Boots an EFI payload from memory", bootefi_help_text
); diff --git a/cmd/efidebug.c b/cmd/efidebug.c index a977ca9c72..121906a336 100644 --- a/cmd/efidebug.c +++ b/cmd/efidebug.c @@ -9,12 +9,10 @@ #include <common.h> #include <command.h> #include <efi_dt_fixup.h> -#include <efi_load_initrd.h> #include <efi_loader.h> -#include <efi_rng.h> #include <efi_variable.h> +#include <efi_rng.h> #include <exports.h> -#include <hexdump.h> #include <log.h> #include <malloc.h> #include <mapmem.h> @@ -885,648 +883,6 @@ static int do_efi_show_tables(struct cmd_tbl *cmdtp, int flag, return CMD_RET_SUCCESS; }
-/**
- create_initrd_dp() - Create a special device for our Boot### option
- @dev: Device
- @part: Disk partition
- @file: Filename
- Return: Pointer to the device path or ERR_PTR
- */
-static -struct efi_device_path *create_initrd_dp(const char *dev, const char *part,
const char *file)-{
- struct efi_device_path *tmp_dp = NULL, *tmp_fp = NULL;
- struct efi_device_path *initrd_dp = NULL;
- efi_status_t ret;
- const struct efi_initrd_dp id_dp = {
.vendor = {{DEVICE_PATH_TYPE_MEDIA_DEVICE,DEVICE_PATH_SUB_TYPE_VENDOR_PATH,sizeof(id_dp.vendor),},EFI_INITRD_MEDIA_GUID,},.end = {DEVICE_PATH_TYPE_END,DEVICE_PATH_SUB_TYPE_END,sizeof(id_dp.end),}- };
- ret = efi_dp_from_name(dev, part, file, &tmp_dp, &tmp_fp);
- if (ret != EFI_SUCCESS) {
printf("Cannot create device path for \"%s %s\"\n", part, file);goto out;- }
- initrd_dp = efi_dp_append((const struct efi_device_path *)&id_dp,
tmp_fp);-out:
- efi_free_pool(tmp_dp);
- efi_free_pool(tmp_fp);
- return initrd_dp;
-}
-/**
- do_efi_boot_add() - set UEFI load option
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success,
CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- Implement efidebug "boot add" sub-command. Create or change UEFI load option.
- efidebug boot add -b <id> <label> <interface> <devnum>[:<part>] <file>
-i <file> <interface2> <devnum2>[:<part>] <initrd>
-s '<options>'- */
-static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])-{
- int id;
- char *endp;
- u16 var_name16[9];
- efi_guid_t guid;
- size_t label_len, label_len16;
- u16 *label;
- struct efi_device_path *device_path = NULL, *file_path = NULL;
- struct efi_device_path *final_fp = NULL;
- struct efi_device_path *initrd_dp = NULL;
- struct efi_load_option lo;
- void *data = NULL;
- efi_uintn_t size;
- efi_uintn_t fp_size = 0;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
- guid = efi_global_variable_guid;
- /* attributes */
- lo.attributes = LOAD_OPTION_ACTIVE; /* always ACTIVE */
- lo.optional_data = NULL;
- lo.label = NULL;
- argc--;
- argv++; /* 'add' */
- for (; argc > 0; argc--, argv++) {
if (!strcmp(argv[0], "-b")) {if (argc < 5 || lo.label) {r = CMD_RET_USAGE;goto out;}id = (int)hextoul(argv[1], &endp);if (*endp != '\0' || id > 0xffff)return CMD_RET_USAGE;efi_create_indexed_name(var_name16, sizeof(var_name16),"Boot", id);/* label */label_len = strlen(argv[2]);label_len16 = utf8_utf16_strnlen(argv[2], label_len);label = malloc((label_len16 + 1) * sizeof(u16));if (!label)return CMD_RET_FAILURE;lo.label = label; /* label will be changed below */utf8_utf16_strncpy(&label, argv[2], label_len);/* file path */ret = efi_dp_from_name(argv[3], argv[4], argv[5],&device_path, &file_path);if (ret != EFI_SUCCESS) {printf("Cannot create device path for \"%s %s\"\n",argv[3], argv[4]);r = CMD_RET_FAILURE;goto out;}fp_size += efi_dp_size(file_path) +sizeof(struct efi_device_path);argc -= 5;argv += 5;} else if (!strcmp(argv[0], "-i")) {if (argc < 3 || initrd_dp) {r = CMD_RET_USAGE;goto out;}initrd_dp = create_initrd_dp(argv[1], argv[2], argv[3]);if (!initrd_dp) {printf("Cannot add an initrd\n");r = CMD_RET_FAILURE;goto out;}argc -= 3;argv += 3;fp_size += efi_dp_size(initrd_dp) +sizeof(struct efi_device_path);} else if (!strcmp(argv[0], "-s")) {if (argc < 1 || lo.optional_data) {r = CMD_RET_USAGE;goto out;}lo.optional_data = (const u8 *)argv[1];argc -= 1;argv += 1;} else {r = CMD_RET_USAGE;goto out;}- }
- if (!file_path) {
printf("Missing binary\n");r = CMD_RET_USAGE;goto out;- }
- final_fp = efi_dp_concat(file_path, initrd_dp);
- if (!final_fp) {
printf("Cannot create final device path\n");r = CMD_RET_FAILURE;goto out;- }
- lo.file_path = final_fp;
- lo.file_path_length = fp_size;
- size = efi_serialize_load_option(&lo, (u8 **)&data);
- if (!size) {
r = CMD_RET_FAILURE;goto out;- }
- ret = efi_set_variable_int(var_name16, &guid,
EFI_VARIABLE_NON_VOLATILE |EFI_VARIABLE_BOOTSERVICE_ACCESS |EFI_VARIABLE_RUNTIME_ACCESS,size, data, false);- if (ret != EFI_SUCCESS) {
printf("Cannot set %ls\n", var_name16);r = CMD_RET_FAILURE;- }
-out:
- free(data);
- efi_free_pool(final_fp);
- efi_free_pool(initrd_dp);
- efi_free_pool(device_path);
- efi_free_pool(file_path);
- free(lo.label);
- return r;
-}
-/**
- do_efi_boot_rm() - delete UEFI load options
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Implement efidebug "boot rm" sub-command.
- Delete UEFI load options.
efidebug boot rm <id> ...- */
-static int do_efi_boot_rm(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])-{
- efi_guid_t guid;
- int id, i;
- char *endp;
- u16 var_name16[9];
- efi_status_t ret;
- if (argc == 1)
return CMD_RET_USAGE;- guid = efi_global_variable_guid;
- for (i = 1; i < argc; i++, argv++) {
id = (int)hextoul(argv[1], &endp);if (*endp != '\0' || id > 0xffff)return CMD_RET_FAILURE;efi_create_indexed_name(var_name16, sizeof(var_name16),"Boot", id);ret = efi_set_variable_int(var_name16, &guid, 0, 0, NULL,false);if (ret) {printf("Cannot remove %ls\n", var_name16);return CMD_RET_FAILURE;}- }
- return CMD_RET_SUCCESS;
-}
-/**
- show_efi_boot_opt_data() - dump UEFI load option
- @varname16: variable name
- @data: value of UEFI load option variable
- @size: size of the boot option
- Decode the value of UEFI load option variable and print information.
- */
-static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size) -{
- struct efi_device_path *initrd_path = NULL;
- struct efi_load_option lo;
- efi_status_t ret;
- ret = efi_deserialize_load_option(&lo, data, size);
- if (ret != EFI_SUCCESS) {
printf("%ls: invalid load option\n", varname16);return;- }
- printf("%ls:\nattributes: %c%c%c (0x%08x)\n",
varname16,/* ACTIVE */lo.attributes & LOAD_OPTION_ACTIVE ? 'A' : '-',/* FORCE RECONNECT */lo.attributes & LOAD_OPTION_FORCE_RECONNECT ? 'R' : '-',/* HIDDEN */lo.attributes & LOAD_OPTION_HIDDEN ? 'H' : '-',lo.attributes);- printf(" label: %ls\n", lo.label);
- printf(" file_path: %pD\n", lo.file_path);
- initrd_path = efi_dp_from_lo(&lo, &efi_lf2_initrd_guid);
- if (initrd_path) {
printf(" initrd_path: %pD\n", initrd_path);efi_free_pool(initrd_path);- }
- printf(" data:\n");
- print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
lo.optional_data, *size, true);-}
-/**
- show_efi_boot_opt() - dump UEFI load option
- @varname16: variable name
- Dump information defined by UEFI load option.
- */
-static void show_efi_boot_opt(u16 *varname16) -{
- void *data;
- efi_uintn_t size;
- efi_status_t ret;
- size = 0;
- ret = EFI_CALL(efi_get_variable(varname16, &efi_global_variable_guid,
NULL, &size, NULL));- if (ret == EFI_BUFFER_TOO_SMALL) {
data = malloc(size);if (!data) {printf("ERROR: Out of memory\n");return;}ret = EFI_CALL(efi_get_variable(varname16,&efi_global_variable_guid,NULL, &size, data));if (ret == EFI_SUCCESS)show_efi_boot_opt_data(varname16, data, &size);free(data);- }
-}
-static int u16_tohex(u16 c) -{
- if (c >= '0' && c <= '9')
return c - '0';- if (c >= 'A' && c <= 'F')
return c - 'A' + 10;- /* not hexadecimal */
- return -1;
-}
-/**
- show_efi_boot_dump() - dump all UEFI load options
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Implement efidebug "boot dump" sub-command.
- Dump information of all UEFI load options defined.
efidebug boot dump- */
-static int do_efi_boot_dump(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])-{
- u16 *var_name16, *p;
- efi_uintn_t buf_size, size;
- efi_guid_t guid;
- int id, i, digit;
- efi_status_t ret;
- if (argc > 1)
return CMD_RET_USAGE;- buf_size = 128;
- var_name16 = malloc(buf_size);
- if (!var_name16)
return CMD_RET_FAILURE;- var_name16[0] = 0;
- for (;;) {
size = buf_size;ret = EFI_CALL(efi_get_next_variable_name(&size, var_name16,&guid));if (ret == EFI_NOT_FOUND)break;if (ret == EFI_BUFFER_TOO_SMALL) {buf_size = size;p = realloc(var_name16, buf_size);if (!p) {free(var_name16);return CMD_RET_FAILURE;}var_name16 = p;ret = EFI_CALL(efi_get_next_variable_name(&size,var_name16,&guid));}if (ret != EFI_SUCCESS) {free(var_name16);return CMD_RET_FAILURE;}if (memcmp(var_name16, L"Boot", 8))continue;for (id = 0, i = 0; i < 4; i++) {digit = u16_tohex(var_name16[4 + i]);if (digit < 0)break;id = (id << 4) + digit;}if (i == 4 && !var_name16[8])show_efi_boot_opt(var_name16);- }
- free(var_name16);
- return CMD_RET_SUCCESS;
-}
-/**
- show_efi_boot_order() - show order of UEFI load options
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Show order of UEFI load options defined by BootOrder variable.
- */
-static int show_efi_boot_order(void) -{
- u16 *bootorder;
- efi_uintn_t size;
- int num, i;
- u16 var_name16[9];
- void *data;
- struct efi_load_option lo;
- efi_status_t ret;
- size = 0;
- ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
NULL, &size, NULL));- if (ret != EFI_BUFFER_TOO_SMALL) {
if (ret == EFI_NOT_FOUND) {printf("BootOrder not defined\n");return CMD_RET_SUCCESS;} else {return CMD_RET_FAILURE;}- }
- bootorder = malloc(size);
- if (!bootorder) {
printf("ERROR: Out of memory\n");return CMD_RET_FAILURE;- }
- ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
NULL, &size, bootorder));- if (ret != EFI_SUCCESS) {
ret = CMD_RET_FAILURE;goto out;- }
- num = size / sizeof(u16);
- for (i = 0; i < num; i++) {
efi_create_indexed_name(var_name16, sizeof(var_name16),"Boot", bootorder[i]);size = 0;ret = EFI_CALL(efi_get_variable(var_name16,&efi_global_variable_guid, NULL,&size, NULL));if (ret != EFI_BUFFER_TOO_SMALL) {printf("%2d: %ls: (not defined)\n", i + 1, var_name16);continue;}data = malloc(size);if (!data) {ret = CMD_RET_FAILURE;goto out;}ret = EFI_CALL(efi_get_variable(var_name16,&efi_global_variable_guid, NULL,&size, data));if (ret != EFI_SUCCESS) {free(data);ret = CMD_RET_FAILURE;goto out;}ret = efi_deserialize_load_option(&lo, data, &size);if (ret != EFI_SUCCESS) {printf("%ls: invalid load option\n", var_name16);ret = CMD_RET_FAILURE;goto out;}printf("%2d: %ls: %ls\n", i + 1, var_name16, lo.label);free(data);- }
-out:
- free(bootorder);
- return ret;
-}
-/**
- do_efi_boot_next() - manage UEFI BootNext variable
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success,
CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- Implement efidebug "boot next" sub-command.
- Set BootNext variable.
efidebug boot next <id>- */
-static int do_efi_boot_next(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])-{
- u16 bootnext;
- efi_uintn_t size;
- char *endp;
- efi_guid_t guid;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
- if (argc != 2)
return CMD_RET_USAGE;- bootnext = (u16)hextoul(argv[1], &endp);
- if (*endp) {
printf("invalid value: %s\n", argv[1]);r = CMD_RET_FAILURE;goto out;- }
- guid = efi_global_variable_guid;
- size = sizeof(u16);
- ret = efi_set_variable_int(L"BootNext", &guid,
EFI_VARIABLE_NON_VOLATILE |EFI_VARIABLE_BOOTSERVICE_ACCESS |EFI_VARIABLE_RUNTIME_ACCESS,size, &bootnext, false);- if (ret != EFI_SUCCESS) {
printf("Cannot set BootNext\n");r = CMD_RET_FAILURE;- }
-out:
- return r;
-}
-/**
- do_efi_boot_order() - manage UEFI BootOrder variable
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- Implement efidebug "boot order" sub-command.
- Show order of UEFI load options, or change it in BootOrder variable.
efidebug boot order [<id> ...]- */
-static int do_efi_boot_order(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])-{
- u16 *bootorder = NULL;
- efi_uintn_t size;
- int id, i;
- char *endp;
- efi_guid_t guid;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
- if (argc == 1)
return show_efi_boot_order();- argc--;
- argv++;
- size = argc * sizeof(u16);
- bootorder = malloc(size);
- if (!bootorder)
return CMD_RET_FAILURE;- for (i = 0; i < argc; i++) {
id = (int)hextoul(argv[i], &endp);if (*endp != '\0' || id > 0xffff) {printf("invalid value: %s\n", argv[i]);r = CMD_RET_FAILURE;goto out;}bootorder[i] = (u16)id;- }
- guid = efi_global_variable_guid;
- ret = efi_set_variable_int(L"BootOrder", &guid,
EFI_VARIABLE_NON_VOLATILE |EFI_VARIABLE_BOOTSERVICE_ACCESS |EFI_VARIABLE_RUNTIME_ACCESS,size, bootorder, true);- if (ret != EFI_SUCCESS) {
printf("Cannot set BootOrder\n");r = CMD_RET_FAILURE;- }
-out:
- free(bootorder);
- return r;
-}
-static struct cmd_tbl cmd_efidebug_boot_sub[] = {
- U_BOOT_CMD_MKENT(add, CONFIG_SYS_MAXARGS, 1, do_efi_boot_add, "", ""),
- U_BOOT_CMD_MKENT(rm, CONFIG_SYS_MAXARGS, 1, do_efi_boot_rm, "", ""),
- U_BOOT_CMD_MKENT(dump, CONFIG_SYS_MAXARGS, 1, do_efi_boot_dump, "", ""),
- U_BOOT_CMD_MKENT(next, CONFIG_SYS_MAXARGS, 1, do_efi_boot_next, "", ""),
- U_BOOT_CMD_MKENT(order, CONFIG_SYS_MAXARGS, 1, do_efi_boot_order,
"", ""),-};
-/**
- do_efi_boot_opt() - manage UEFI load options
- @cmdtp: Command table
- @flag: Command flag
- @argc: Number of arguments
- @argv: Argument array
- Return: CMD_RET_SUCCESS on success,
CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- Implement efidebug "boot" sub-command.
- */
-static int do_efi_boot_opt(struct cmd_tbl *cmdtp, int flag,
int argc, char *const argv[])-{
- struct cmd_tbl *cp;
- if (argc < 2)
return CMD_RET_USAGE;- argc--; argv++;
- cp = find_cmd_tbl(argv[0], cmd_efidebug_boot_sub,
ARRAY_SIZE(cmd_efidebug_boot_sub));- if (!cp)
return CMD_RET_USAGE;- return cp->cmd(cmdtp, flag, argc, argv);
-}
/**
- do_efi_test_bootmgr() - run simple bootmgr for test
@@ -1656,7 +1012,6 @@ static int do_efi_query_info(struct cmd_tbl *cmdtp, int flag, }
static struct cmd_tbl cmd_efidebug_sub[] = {
- U_BOOT_CMD_MKENT(boot, CONFIG_SYS_MAXARGS, 1, do_efi_boot_opt, "", ""),
#ifdef CONFIG_EFI_HAVE_CAPSULE_SUPPORT U_BOOT_CMD_MKENT(capsule, CONFIG_SYS_MAXARGS, 1, do_efi_capsule, "", ""), @@ -1723,21 +1078,6 @@ static int do_efidebug(struct cmd_tbl *cmdtp, int flag, static char efidebug_help_text[] = " - UEFI Shell-like interface to configure UEFI environment\n" "\n"
- "efidebug boot add "
- "-b <bootid> <label> <interface> <devnum>[:<part>] <file path> "
- "-i <interface> <devnum>[:<part>] <initrd file path> "
- "-s '<optional data>'\n"
- " - set UEFI BootXXXX variable\n"
- " <load options> will be passed to UEFI application\n"
- "efidebug boot rm <bootid#1> [<bootid#2> [<bootid#3> [...]]]\n"
- " - delete UEFI BootXXXX variables\n"
- "efidebug boot dump\n"
- " - dump all UEFI BootXXXX variables\n"
- "efidebug boot next <bootid>\n"
- " - set UEFI BootNext variable\n"
- "efidebug boot order [<bootid#1> [<bootid#2> [<bootid#3> [...]]]]\n"
- " - set/show UEFI boot order\n"
- "\n"
#ifdef CONFIG_EFI_HAVE_CAPSULE_SUPPORT "efidebug capsule update [-v] <capsule address>\n" " - process a capsule\n" diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index 43fb10f797..205755446f 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -178,13 +178,13 @@ Now in U-Boot install the keys on your board::
Set up boot parameters on your board::
- efidebug boot add -b 1 HELLO mmc 0:1 /helloworld.efi.signed ""
- bootefi boot add -b 1 HELLO mmc 0:1 /helloworld.efi.signed ""
Since kernel 5.7 there's an alternative way of loading an initrd using LoadFile2 protocol if CONFIG_EFI_LOAD_FILE2_INITRD is enabled. The initrd path can be specified with::
- efidebug boot add -b ABE0 'kernel' mmc 0:1 Image -i mmc 0:1 initrd
- bootefi boot add -b ABE0 'kernel' mmc 0:1 Image -i mmc 0:1 initrd
Now your board can run the signed image via the boot manager (see below). You can also try this sequence by running Pytest, test_efi_secboot, diff --git a/include/efi_loader.h b/include/efi_loader.h index f4860e87fc..d369b112c3 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -798,14 +798,12 @@ efi_status_t __efi_runtime EFIAPI efi_get_time(
efi_status_t __efi_runtime EFIAPI efi_set_time(struct efi_time *time);
-#ifdef CONFIG_CMD_BOOTEFI_SELFTEST /*
- Entry point for the tests of the EFI API.
- It is called by 'bootefi selftest'
*/ efi_status_t EFIAPI efi_selftest(efi_handle_t image_handle, struct efi_system_table *systab); -#endif
efi_status_t EFIAPI efi_get_variable(u16 *variable_name, const efi_guid_t *vendor, u32 *attributes, diff --git a/lib/efi_selftest/efi_selftest_tcg2.c b/lib/efi_selftest/efi_selftest_tcg2.c index c5b0b7dd02..eb3bcafd1f 100644 --- a/lib/efi_selftest/efi_selftest_tcg2.c +++ b/lib/efi_selftest/efi_selftest_tcg2.c @@ -70,7 +70,7 @@ static struct efi_runtime_services *runtime; EFI_VARIABLE_BOOTSERVICE_ACCESS | \ EFI_VARIABLE_RUNTIME_ACCESS)
-/* "efidebug boot add -b 1000 test1000 virtio 0:1 /EFI/debian/grubaa64.efi" */ +/* "bootefi add -b 1000 test1000 virtio 0:1 /EFI/debian/grubaa64.efi" */ static const u8 boot_1000[] = { 0x01, 0x00, 0x00, 0x00, 0x8d, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x30, 0x00, 0x00, 0x00, 0x01, 0x04, 0x14, 0x00, 0xb9, 0x73, @@ -87,7 +87,7 @@ static const u8 boot_1000[] = { 0x00, 0x2e, 0x00, 0x65, 0x00, 0x66, 0x00, 0x69, 0x00, 0x00, 0x00, 0x7f, 0xff, 0x04, 0x00 };
-/* "efidebug boot add -b 1001 test1001 virtio 0:1 /EFI/debian/grubaa64.efi" */ +/* "bootefi add -b 1001 test1001 virtio 0:1 /EFI/debian/grubaa64.efi" */ static const u8 boot_1001[] = { 0x01, 0x00, 0x00, 0x00, 0x8d, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x31, 0x00, 0x00, 0x00, 0x01, 0x04, 0x14, 0x00, 0xb9, 0x73, @@ -104,7 +104,7 @@ static const u8 boot_1001[] = { 0x00, 0x2e, 0x00, 0x65, 0x00, 0x66, 0x00, 0x69, 0x00, 0x00, 0x00, 0x7f, 0xff, 0x04, 0x00 };
-/* "efidebug boot add -b 1002 test1002 virtio 0:1 /EFI/debian/grubaa64.efi" */ +/* "bootefi add -b 1002 test1002 virtio 0:1 /EFI/debian/grubaa64.efi" */ static const u8 boot_1002[] = { 0x01, 0x00, 0x00, 0x00, 0x8d, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x32, 0x00, 0x00, 0x00, 0x01, 0x04, 0x14, 0x00, 0xb9, 0x73, @@ -121,7 +121,7 @@ static const u8 boot_1002[] = { 0x00, 0x2e, 0x00, 0x65, 0x00, 0x66, 0x00, 0x69, 0x00, 0x00, 0x00, 0x7f, 0xff, 0x04, 0x00};
-/* "efidebug boot order 1002 1000 1001" */ +/* "bootefi order 1002 1000 1001" */ static u8 boot_order[] = {0x02, 0x10, 0x00, 0x10, 0x01, 0x10};
static void *orig_smbios_table; diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware.py b/test/py/tests/test_efi_capsule/test_capsule_firmware.py index 9eeaae27d6..ac54b14aa6 100644 --- a/test/py/tests/test_efi_capsule/test_capsule_firmware.py +++ b/test/py/tests/test_efi_capsule/test_capsule_firmware.py @@ -39,8 +39,8 @@ class TestEfiCapsuleFirmwareFit(object): with u_boot_console.log.section('Test Case 1-a, before reboot'): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img,
'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""','efidebug boot order 1',
'bootefi add -b 1 TEST host 0:1 /helloworld.efi -s ""','bootefi order 1', 'env set -e OsIndications', 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'env save'])@@ -114,8 +114,8 @@ class TestEfiCapsuleFirmwareFit(object): with u_boot_console.log.section('Test Case 2-a, before reboot'): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img,
'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""','efidebug boot order 1',
'bootefi add -b 1 TEST host 0:1 /helloworld.efi -s ""','bootefi order 1', 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'env save'])@@ -188,8 +188,8 @@ class TestEfiCapsuleFirmwareFit(object): with u_boot_console.log.section('Test Case 3-a, before reboot'): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img,
'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""','efidebug boot order 1',
'bootefi add -b 1 TEST host 0:1 /helloworld.efi -s ""','bootefi order 1', 'env set -e -nv -bs -rt OsIndications =0x0000000000000004', 'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000 0x50000;u-boot-env raw 0x150000 0x200000"', 'env save'])diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py index 0aee34479f..4af4d90d4c 100644 --- a/test/py/tests/test_efi_secboot/test_signed.py +++ b/test/py/tests/test_efi_secboot/test_signed.py @@ -28,16 +28,16 @@ class TestEfiSignedImage(object): # Test Case 1a, run signed image if no PK output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img,
'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s ""','bootefi next 1', 'bootefi bootmgr']) assert 'Hello, world!' in ''.join(output) with u_boot_console.log.section('Test Case 1b'): # Test Case 1b, run unsigned image if no PK output = u_boot_console.run_command_list([
'efidebug boot add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""','efidebug boot next 2',
'bootefi add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""','bootefi next 2', 'bootefi bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -58,14 +58,14 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s ""','bootefi next 1', 'efidebug test bootmgr']) assert('\'HELLO1\' failed' in ''.join(output)) assert('efi_start_image() returned: 26' in ''.join(output)) output = u_boot_console.run_command_list([
'efidebug boot add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""','efidebug boot next 2',
'bootefi add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""','bootefi next 2', 'efidebug test bootmgr']) assert '\'HELLO2\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -77,12 +77,12 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize db']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 2',
'bootefi next 2', 'efidebug test bootmgr']) assert '\'HELLO2\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'bootefi bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -104,8 +104,8 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""','bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -117,7 +117,7 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize db']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -142,8 +142,8 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""','bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -169,8 +169,8 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs -s ""','bootefi next 1', 'efidebug test bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -181,7 +181,7 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize db']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -193,7 +193,7 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -204,7 +204,7 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize dbx']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -227,8 +227,8 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""','bootefi next 1', 'bootefi bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -239,7 +239,7 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -253,7 +253,7 @@ class TestEfiSignedImage(object): 'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx']) assert 'Failed to set EFI variable' not in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)diff --git a/test/py/tests/test_efi_secboot/test_signed_intca.py b/test/py/tests/test_efi_secboot/test_signed_intca.py index d8d599d22f..b2eb6b6824 100644 --- a/test/py/tests/test_efi_secboot/test_signed_intca.py +++ b/test/py/tests/test_efi_secboot/test_signed_intca.py @@ -39,8 +39,8 @@ class TestEfiSignedImageIntca(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO_a host 0:1 /helloworld.efi.signed_a -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO_a host 0:1 /helloworld.efi.signed_a -s ""','bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO_a\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -48,8 +48,8 @@ class TestEfiSignedImageIntca(object): with u_boot_console.log.section('Test Case 1b'): # Test Case 1b, signed and authenticated by root CA output = u_boot_console.run_command_list([
'efidebug boot add -b 2 HELLO_ab host 0:1 /helloworld.efi.signed_ab -s ""','efidebug boot next 2',
'bootefi add -b 2 HELLO_ab host 0:1 /helloworld.efi.signed_ab -s ""','bootefi next 2', 'bootefi bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -70,8 +70,8 @@ class TestEfiSignedImageIntca(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO_abc host 0:1 /helloworld.efi.signed_abc -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO_abc host 0:1 /helloworld.efi.signed_abc -s ""','bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO_abc\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -81,7 +81,7 @@ class TestEfiSignedImageIntca(object): output = u_boot_console.run_command_list([ 'fatload host 0:1 4000000 db_b.auth', 'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO_abc\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)@@ -91,7 +91,7 @@ class TestEfiSignedImageIntca(object): output = u_boot_console.run_command_list([ 'fatload host 0:1 4000000 db_c.auth', 'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -116,8 +116,8 @@ class TestEfiSignedImageIntca(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO_abc host 0:1 /helloworld.efi.signed_abc -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO_abc host 0:1 /helloworld.efi.signed_abc -s ""','bootefi next 1', 'efidebug test bootmgr']) assert 'Hello, world!' in ''.join(output) # Or,@@ -129,7 +129,7 @@ class TestEfiSignedImageIntca(object): output = u_boot_console.run_command_list([ 'fatload host 0:1 4000000 dbx_c.auth', 'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert '\'HELLO_abc\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output)diff --git a/test/py/tests/test_efi_secboot/test_unsigned.py b/test/py/tests/test_efi_secboot/test_unsigned.py index df63f0df08..8964595d85 100644 --- a/test/py/tests/test_efi_secboot/test_unsigned.py +++ b/test/py/tests/test_efi_secboot/test_unsigned.py @@ -35,12 +35,12 @@ class TestEfiUnsignedImage(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""','bootefi next 1', 'bootefi bootmgr']) assert '\'HELLO\' failed' in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert 'efi_start_image() returned: 26' in ''.join(output) assert 'Hello, world!' not in ''.join(output)@@ -64,8 +64,8 @@ class TestEfiUnsignedImage(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""','bootefi next 1', 'bootefi bootmgr']) assert 'Hello, world!' in ''.join(output)@@ -88,12 +88,12 @@ class TestEfiUnsignedImage(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""','bootefi next 1', 'bootefi bootmgr']) assert '\'HELLO\' failed' in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert 'efi_start_image() returned: 26' in ''.join(output) assert 'Hello, world!' not in ''.join(output)@@ -106,12 +106,12 @@ class TestEfiUnsignedImage(object): assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""','efidebug boot next 1',
'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""','bootefi next 1', 'bootefi bootmgr']) assert '\'HELLO\' failed' in ''.join(output) output = u_boot_console.run_command_list([
'efidebug boot next 1',
'bootefi next 1', 'efidebug test bootmgr']) assert 'efi_start_image() returned: 26' in ''.join(output) assert 'Hello, world!' not in ''.join(output)-- 2.33.1