The efidebug command was conceived for testing purposes.
The manipulation of boot options does better fit to the bootefi command
that is used to invoke the boot manager.
Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com>
---
cmd/bootefi.c | 672 +++++++++++++++++-
cmd/efidebug.c | 662 +----------------
doc/develop/uefi/uefi.rst | 4 +-
include/efi_loader.h | 2 -
lib/efi_selftest/efi_selftest_tcg2.c | 8 +-
.../test_efi_capsule/test_capsule_firmware.py | 12 +-
test/py/tests/test_efi_secboot/test_signed.py | 48 +-
.../test_efi_secboot/test_signed_intca.py | 22 +-
.../tests/test_efi_secboot/test_unsigned.py | 22 +-
9 files changed, 723 insertions(+), 729 deletions(-)
diff --git a/cmd/bootefi.c b/cmd/bootefi.c
index 83eab0bd7f..003aa5265e 100644
--- a/cmd/bootefi.c
+++ b/cmd/bootefi.c
@@ -12,10 +12,13 @@
#include <charset.h>
#include <command.h>
#include <dm.h>
+#include <efi_load_initrd.h>
#include <efi_loader.h>
#include <efi_selftest.h>
+#include <efi_variable.h>
#include <env.h>
#include <errno.h>
+#include <hexdump.h>
#include <image.h>
#include <log.h>
#include <malloc.h>
@@ -47,6 +50,620 @@ static void efi_clear_bootdev(void)
image_size = 0;
}
+/**
+ * create_initrd_dp() - Create a special device for our Boot### option
+ *
+ * @dev: Device
+ * @part: Disk partition
+ * @file: Filename
+ * Return: Pointer to the device path or ERR_PTR
+ *
+ */
+static
+struct efi_device_path *create_initrd_dp(const char *dev, const char *part,
+ const char *file)
+
+{
+ struct efi_device_path *tmp_dp = NULL, *tmp_fp = NULL;
+ struct efi_device_path *initrd_dp = NULL;
+ efi_status_t ret;
+ const struct efi_initrd_dp id_dp = {
+ .vendor = {
+ {
+ DEVICE_PATH_TYPE_MEDIA_DEVICE,
+ DEVICE_PATH_SUB_TYPE_VENDOR_PATH,
+ sizeof(id_dp.vendor),
+ },
+ EFI_INITRD_MEDIA_GUID,
+ },
+ .end = {
+ DEVICE_PATH_TYPE_END,
+ DEVICE_PATH_SUB_TYPE_END,
+ sizeof(id_dp.end),
+ }
+ };
+
+ ret = efi_dp_from_name(dev, part, file, &tmp_dp, &tmp_fp);
+ if (ret != EFI_SUCCESS) {
+ printf("Cannot create device path for \"%s %s\"\n", part, file);
+ goto out;
+ }
+
+ initrd_dp = efi_dp_append((const struct efi_device_path *)&id_dp,
+ tmp_fp);
+
+out:
+ efi_free_pool(tmp_dp);
+ efi_free_pool(tmp_fp);
+ return initrd_dp;
+}
+
+/**
+ * do_efi_boot_add() - set UEFI load option
+ *
+ * @cmdtp: Command table
+ * @flag: Command flag
+ * @argc: Number of arguments
+ * @argv: Argument array
+ * Return: CMD_RET_SUCCESS on success,
+ * CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
+ *
+ * Implement "add" sub-command. Create or change UEFI load option.
+ *
+ * booteif add -b <id> <label> <interface> <devnum>[:<part>] <file>
+ * -i <file> <interface2> <devnum2>[:<part>] <initrd>
+ * -s '<options>'
+ */
+static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
+ int argc, char *const argv[])
+{
+ int id;
+ char *endp;
+ u16 var_name16[9];
+ efi_guid_t guid;
+ size_t label_len, label_len16;
+ u16 *label;
+ struct efi_device_path *device_path = NULL, *file_path = NULL;
+ struct efi_device_path *final_fp = NULL;
+ struct efi_device_path *initrd_dp = NULL;
+ struct efi_load_option lo;
+ void *data = NULL;
+ efi_uintn_t size;
+ efi_uintn_t fp_size = 0;
+ efi_status_t ret;
+ int r = CMD_RET_SUCCESS;
+
+ guid = efi_global_variable_guid;
+
+ /* attributes */
+ lo.attributes = LOAD_OPTION_ACTIVE; /* always ACTIVE */
+ lo.optional_data = NULL;
+ lo.label = NULL;
+
+ argc--;
+ argv++; /* 'add' */
+ for (; argc > 0; argc--, argv++) {
+ if (!strcmp(argv[0], "-b")) {
+ if (argc < 5 || lo.label) {
+ r = CMD_RET_USAGE;
+ goto out;
+ }
+ id = (int)hextoul(argv[1], &endp);
+ if (*endp != '\0' || id > 0xffff)
+ return CMD_RET_USAGE;
+
+ efi_create_indexed_name(var_name16, sizeof(var_name16),
+ "Boot", id);
+
+ /* label */
+ label_len = strlen(argv[2]);
+ label_len16 = utf8_utf16_strnlen(argv[2], label_len);
+ label = malloc((label_len16 + 1) * sizeof(u16));
+ if (!label)
+ return CMD_RET_FAILURE;
+ lo.label = label; /* label will be changed below */
+ utf8_utf16_strncpy(&label, argv[2], label_len);
+
+ /* file path */
+ ret = efi_dp_from_name(argv[3], argv[4], argv[5],
+ &device_path, &file_path);
+ if (ret != EFI_SUCCESS) {
+ printf("Cannot create device path for \"%s
%s\"\n",
+ argv[3], argv[4]);
+ r = CMD_RET_FAILURE;
+ goto out;
+ }
+ fp_size += efi_dp_size(file_path) +
+ sizeof(struct efi_device_path);
+ argc -= 5;
+ argv += 5;
+ } else if (!strcmp(argv[0], "-i")) {
+ if (argc < 3 || initrd_dp) {
+ r = CMD_RET_USAGE;
+ goto out;
+ }
+
+ initrd_dp = create_initrd_dp(argv[1], argv[2], argv[3]);
+ if (!initrd_dp) {
+ printf("Cannot add an initrd\n");
+ r = CMD_RET_FAILURE;
+ goto out;
+ }
+ argc -= 3;
+ argv += 3;
+ fp_size += efi_dp_size(initrd_dp) +
+ sizeof(struct efi_device_path);
+ } else if (!strcmp(argv[0], "-s")) {
+ if (argc < 1 || lo.optional_data) {
+ r = CMD_RET_USAGE;
+ goto out;
+ }
+ lo.optional_data = (const u8 *)argv[1];
+ argc -= 1;
+ argv += 1;
+ } else {
+ r = CMD_RET_USAGE;
+ goto out;
+ }
+ }
+
+ if (!file_path) {
+ printf("Missing binary\n");
+ r = CMD_RET_USAGE;
+ goto out;
+ }
+
+ final_fp = efi_dp_concat(file_path, initrd_dp);
+ if (!final_fp) {
+ printf("Cannot create final device path\n");
+ r = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ lo.file_path = final_fp;
+ lo.file_path_length = fp_size;
+
+ size = efi_serialize_load_option(&lo, (u8 **)&data);
+ if (!size) {
+ r = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ ret = efi_set_variable_int(var_name16, &guid,
+ EFI_VARIABLE_NON_VOLATILE |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_RUNTIME_ACCESS,
+ size, data, false);
+ if (ret != EFI_SUCCESS) {
+ printf("Cannot set %ls\n", var_name16);
+ r = CMD_RET_FAILURE;
+ }
+
+out:
+ free(data);
+ efi_free_pool(final_fp);
+ efi_free_pool(initrd_dp);
+ efi_free_pool(device_path);
+ efi_free_pool(file_path);
+ free(lo.label);
+
+ return r;
+}
+
+/**
+ * do_efi_boot_rm() - delete UEFI load options
+ *
+ * @cmdtp: Command table
+ * @flag: Command flag
+ * @argc: Number of arguments
+ * @argv: Argument array
+ * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
+ *
+ * Implement "rm" sub-command.
+ * Delete UEFI load options.
+ *
+ * bootefi rm <id> ...
+ */
+static int do_efi_boot_rm(struct cmd_tbl *cmdtp, int flag,
+ int argc, char *const argv[])
+{
+ efi_guid_t guid;
+ int id, i;
+ char *endp;
+ u16 var_name16[9];
+ efi_status_t ret;
+
+ if (argc == 1)
+ return CMD_RET_USAGE;
+
+ guid = efi_global_variable_guid;
+ for (i = 1; i < argc; i++, argv++) {
+ id = (int)hextoul(argv[1], &endp);
+ if (*endp != '\0' || id > 0xffff)
+ return CMD_RET_FAILURE;
+
+ efi_create_indexed_name(var_name16, sizeof(var_name16),
+ "Boot", id);
+ ret = efi_set_variable_int(var_name16, &guid, 0, 0, NULL,
+ false);
+ if (ret) {
+ printf("Cannot remove %ls\n", var_name16);
+ return CMD_RET_FAILURE;
+ }
+ }
+
+ return CMD_RET_SUCCESS;
+}
+
+/**
+ * show_efi_boot_opt_data() - dump UEFI load option
+ *
+ * @varname16: variable name
+ * @data: value of UEFI load option variable
+ * @size: size of the boot option
+ *
+ * Decode the value of UEFI load option variable and print information.
+ */
+static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
+{
+ struct efi_device_path *initrd_path = NULL;
+ struct efi_load_option lo;
+ efi_status_t ret;
+
+ ret = efi_deserialize_load_option(&lo, data, size);
+ if (ret != EFI_SUCCESS) {
+ printf("%ls: invalid load option\n", varname16);
+ return;
+ }
+
+ printf("%ls:\nattributes: %c%c%c (0x%08x)\n",
+ varname16,
+ /* ACTIVE */
+ lo.attributes & LOAD_OPTION_ACTIVE ? 'A' : '-',
+ /* FORCE RECONNECT */
+ lo.attributes & LOAD_OPTION_FORCE_RECONNECT ? 'R' : '-',
+ /* HIDDEN */
+ lo.attributes & LOAD_OPTION_HIDDEN ? 'H' : '-',
+ lo.attributes);
+ printf(" label: %ls\n", lo.label);
+
+ printf(" file_path: %pD\n", lo.file_path);
+
+ initrd_path = efi_dp_from_lo(&lo, &efi_lf2_initrd_guid);
+ if (initrd_path) {
+ printf(" initrd_path: %pD\n", initrd_path);
+ efi_free_pool(initrd_path);
+ }
+
+ printf(" data:\n");
+ print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
+ lo.optional_data, *size, true);
+}
+
+/**
+ * show_efi_boot_opt() - dump UEFI load option
+ *
+ * @varname16: variable name
+ *
+ * Dump information defined by UEFI load option.
+ */
+static void show_efi_boot_opt(u16 *varname16)
+{
+ void *data;
+ efi_uintn_t size;
+ efi_status_t ret;
+
+ size = 0;
+ ret = EFI_CALL(efi_get_variable(varname16, &efi_global_variable_guid,
+ NULL, &size, NULL));
+ if (ret == EFI_BUFFER_TOO_SMALL) {
+ data = malloc(size);
+ if (!data) {
+ printf("ERROR: Out of memory\n");
+ return;
+ }
+ ret = EFI_CALL(efi_get_variable(varname16,
+ &efi_global_variable_guid,
+ NULL, &size, data));
+ if (ret == EFI_SUCCESS)
+ show_efi_boot_opt_data(varname16, data, &size);
+ free(data);
+ }
+}
+
+static int u16_tohex(u16 c)
+{
+ if (c >= '0' && c <= '9')
+ return c - '0';
+ if (c >= 'A' && c <= 'F')
+ return c - 'A' + 10;
+
+ /* not hexadecimal */
+ return -1;
+}
+
+/**
+ * show_efi_boot_dump() - dump all UEFI load options
+ *
+ * @cmdtp: Command table
+ * @flag: Command flag
+ * @argc: Number of arguments
+ * @argv: Argument array
+ * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
+ *
+ * Implement "dump" sub-command.
+ * Dump information of all UEFI load options defined.
+ *
+ * bootefi dump
+ */
+static int do_efi_boot_dump(struct cmd_tbl *cmdtp, int flag,
+ int argc, char *const argv[])
+{
+ u16 *var_name16, *p;
+ efi_uintn_t buf_size, size;
+ efi_guid_t guid;
+ int id, i, digit;
+ efi_status_t ret;
+
+ if (argc > 1)
+ return CMD_RET_USAGE;
+
+ buf_size = 128;
+ var_name16 = malloc(buf_size);
+ if (!var_name16)
+ return CMD_RET_FAILURE;
+
+ var_name16[0] = 0;
+ for (;;) {
+ size = buf_size;
+ ret = EFI_CALL(efi_get_next_variable_name(&size, var_name16,
+ &guid));
+ if (ret == EFI_NOT_FOUND)
+ break;
+ if (ret == EFI_BUFFER_TOO_SMALL) {
+ buf_size = size;
+ p = realloc(var_name16, buf_size);
+ if (!p) {
+ free(var_name16);
+ return CMD_RET_FAILURE;
+ }
+ var_name16 = p;
+ ret = EFI_CALL(efi_get_next_variable_name(&size,
+ var_name16,
+ &guid));
+ }
+ if (ret != EFI_SUCCESS) {
+ free(var_name16);
+ return CMD_RET_FAILURE;
+ }
+
+ if (memcmp(var_name16, L"Boot", 8))
+ continue;
+
+ for (id = 0, i = 0; i < 4; i++) {
+ digit = u16_tohex(var_name16[4 + i]);
+ if (digit < 0)
+ break;
+ id = (id << 4) + digit;
+ }
+ if (i == 4 && !var_name16[8])
+ show_efi_boot_opt(var_name16);
+ }
+
+ free(var_name16);
+
+ return CMD_RET_SUCCESS;
+}
+
+/**
+ * show_efi_boot_order() - show order of UEFI load options
+ *
+ * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
+ *
+ * Show order of UEFI load options defined by BootOrder variable.
+ */
+static int show_efi_boot_order(void)
+{
+ u16 *bootorder;
+ efi_uintn_t size;
+ int num, i;
+ u16 var_name16[9];
+ void *data;
+ struct efi_load_option lo;
+ efi_status_t ret;
+
+ size = 0;
+ ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
+ NULL, &size, NULL));
+ if (ret != EFI_BUFFER_TOO_SMALL) {
+ if (ret == EFI_NOT_FOUND) {
+ printf("BootOrder not defined\n");
+ return CMD_RET_SUCCESS;
+ } else {
+ return CMD_RET_FAILURE;
+ }
+ }
+ bootorder = malloc(size);
+ if (!bootorder) {
+ printf("ERROR: Out of memory\n");
+ return CMD_RET_FAILURE;
+ }
+ ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
+ NULL, &size, bootorder));
+ if (ret != EFI_SUCCESS) {
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ num = size / sizeof(u16);
+ for (i = 0; i < num; i++) {
+ efi_create_indexed_name(var_name16, sizeof(var_name16),
+ "Boot", bootorder[i]);
+
+ size = 0;
+ ret = EFI_CALL(efi_get_variable(var_name16,
+ &efi_global_variable_guid, NULL,
+ &size, NULL));
+ if (ret != EFI_BUFFER_TOO_SMALL) {
+ printf("%2d: %ls: (not defined)\n", i + 1, var_name16);
+ continue;
+ }
+
+ data = malloc(size);
+ if (!data) {
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+ ret = EFI_CALL(efi_get_variable(var_name16,
+ &efi_global_variable_guid, NULL,
+ &size, data));
+ if (ret != EFI_SUCCESS) {
+ free(data);
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ ret = efi_deserialize_load_option(&lo, data, &size);
+ if (ret != EFI_SUCCESS) {
+ printf("%ls: invalid load option\n", var_name16);
+ ret = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ printf("%2d: %ls: %ls\n", i + 1, var_name16, lo.label);
+
+ free(data);
+ }
+out:
+ free(bootorder);
+
+ return ret;
+}
+
+/**
+ * do_efi_boot_next() - manage UEFI BootNext variable
+ *
+ * @cmdtp: Command table
+ * @flag: Command flag
+ * @argc: Number of arguments
+ * @argv: Argument array
+ * Return: CMD_RET_SUCCESS on success,
+ * CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
+ *
+ * Implement "next" sub-command.
+ * Set BootNext variable.
+ *
+ * bootefi next <id>
+ */
+static int do_efi_boot_next(struct cmd_tbl *cmdtp, int flag,
+ int argc, char *const argv[])
+{
+ u16 bootnext;
+ efi_uintn_t size;
+ char *endp;
+ efi_guid_t guid;
+ efi_status_t ret;
+ int r = CMD_RET_SUCCESS;
+
+ if (argc > 2)
+ return CMD_RET_USAGE;
+
+ if (argc == 1) {
+ size = sizeof(bootnext);
+ ret = efi_get_variable_int(L"BootNext",
+ &efi_global_variable_guid,
+ NULL, &size, &bootnext, NULL);
+ if (size != 2 || ret != EFI_SUCCESS)
+ return CMD_RET_FAILURE;
+ printf("%04X\n", bootnext);
+ return CMD_RET_SUCCESS;
+ }
+
+ bootnext = (u16)hextoul(argv[1], &endp);
+ if (*endp) {
+ printf("invalid value: %s\n", argv[1]);
+ r = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ guid = efi_global_variable_guid;
+ size = sizeof(u16);
+ ret = efi_set_variable_int(L"BootNext", &guid,
+ EFI_VARIABLE_NON_VOLATILE |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_RUNTIME_ACCESS,
+ size, &bootnext, false);
+ if (ret != EFI_SUCCESS) {
+ printf("Cannot set BootNext\n");
+ r = CMD_RET_FAILURE;
+ }
+out:
+ return r;
+}
+
+/**
+ * do_efi_boot_order() - manage UEFI BootOrder variable
+ *
+ * @cmdtp: Command table
+ * @flag: Command flag
+ * @argc: Number of arguments
+ * @argv: Argument array
+ * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
+ *
+ * Implement "order" sub-command.
+ * Show order of UEFI load options, or change it in BootOrder variable.
+ *
+ * bootefi order [<id> ...]
+ */
+static int do_efi_boot_order(struct cmd_tbl *cmdtp, int flag,
+ int argc, char *const argv[])
+{
+ u16 *bootorder = NULL;
+ efi_uintn_t size;
+ int id, i;
+ char *endp;
+ efi_guid_t guid;
+ efi_status_t ret;
+ int r = CMD_RET_SUCCESS;
+
+ if (argc == 1)
+ return show_efi_boot_order();
+
+ argc--;
+ argv++;
+
+ size = argc * sizeof(u16);
+ bootorder = malloc(size);
+ if (!bootorder)
+ return CMD_RET_FAILURE;
+
+ for (i = 0; i < argc; i++) {
+ id = (int)hextoul(argv[i], &endp);
+ if (*endp != '\0' || id > 0xffff) {
+ printf("invalid value: %s\n", argv[i]);
+ r = CMD_RET_FAILURE;
+ goto out;
+ }
+
+ bootorder[i] = (u16)id;
+ }
+
+ guid = efi_global_variable_guid;
+ ret = efi_set_variable_int(L"BootOrder", &guid,
+ EFI_VARIABLE_NON_VOLATILE |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_RUNTIME_ACCESS,
+ size, bootorder, true);
+ if (ret != EFI_SUCCESS) {
+ printf("Cannot set BootOrder\n");
+ r = CMD_RET_FAILURE;
+ }
+out:
+ free(bootorder);
+
+ return r;
+}
+
/**
* efi_set_bootdev() - set boot device
*
@@ -498,7 +1115,6 @@ out:
return ret;
}
-#ifdef CONFIG_CMD_BOOTEFI_SELFTEST
static efi_status_t bootefi_run_prepare(const char *load_options_path,
struct efi_device_path *device_path,
struct efi_device_path *image_path,
@@ -597,7 +1213,6 @@ static int do_efi_selftest(void)
return ret != EFI_SUCCESS;
}
-#endif /* CONFIG_CMD_BOOTEFI_SELFTEST */
/**
* do_bootefi() - execute `bootefi` command
@@ -611,9 +1226,23 @@ static int do_efi_selftest(void)
static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc,
char *const argv[])
{
+ struct cmd_tbl *cp;
efi_status_t ret;
void *fdt;
+ static struct cmd_tbl cmd_bootefi_sub[] = {
+ U_BOOT_CMD_MKENT(add, CONFIG_SYS_MAXARGS, 1,
+ do_efi_boot_add, "", ""),
+ U_BOOT_CMD_MKENT(dump, CONFIG_SYS_MAXARGS,
+ 1, do_efi_boot_dump, "", ""),
+ U_BOOT_CMD_MKENT(next, CONFIG_SYS_MAXARGS, 1,
+ do_efi_boot_next, "", ""),
+ U_BOOT_CMD_MKENT(order, CONFIG_SYS_MAXARGS, 1,
+ do_efi_boot_order, "", ""),
+ U_BOOT_CMD_MKENT(rm, CONFIG_SYS_MAXARGS, 1,
+ do_efi_boot_rm, "", ""),
+ };
+
if (argc < 2)
return CMD_RET_USAGE;
@@ -625,7 +1254,19 @@ static int do_bootefi(struct cmd_tbl *cmdtp, int flag,
int argc,
return CMD_RET_FAILURE;
}
- if (argc > 2) {
+ if (IS_ENABLED(CONFIG_CMD_BOOTEFI_BOOTMGR)) {
+ cp = find_cmd_tbl(argv[1], cmd_bootefi_sub,
+ ARRAY_SIZE(cmd_bootefi_sub));
+ if (cp) {
+ argc--;
+ argv++;
+ return cp->cmd(cmdtp, flag, argc, argv);
+ }
+ }
+
+ if (argc > 3)
+ return CMD_RET_USAGE;
+ if (argc == 3) {
uintptr_t fdt_addr;
fdt_addr = hextoul(argv[2], NULL);
@@ -643,10 +1284,10 @@ static int do_bootefi(struct cmd_tbl *cmdtp, int flag,
int argc,
if (!strcmp(argv[1], "bootmgr"))
return do_efibootmgr();
}
-#ifdef CONFIG_CMD_BOOTEFI_SELFTEST
- if (!strcmp(argv[1], "selftest"))
- return do_efi_selftest();
-#endif
+ if (IS_ENABLED(CONFIG_CMD_BOOTEFI_SELFTEST)) {
+ if (!strcmp(argv[1], "selftest"))
+ return do_efi_selftest();
+ }
return do_bootefi_image(argv[1]);
}
@@ -668,6 +1309,21 @@ static char bootefi_help_text[] =
" Use 'setenv efi_selftest list' to enumerate all tests.\n"
#endif
#ifdef CONFIG_CMD_BOOTEFI_BOOTMGR
+ "bootefi add "
+ "-b <bootid> <label> <interface> <devnum>[:<part>] <file path> "
+ "-i <interface> <devnum>[:<part>] <initrd file path> "
+ "-s '<optional data>'\n"
+ " - set UEFI BootXXXX variable\n"
+ " <load options> will be passed to UEFI application\n"
+ "bootefi rm <bootid#1> [<bootid#2> [<bootid#3> [...]]]\n"
+ " - delete UEFI BootXXXX variables\n"
+ "bootefi dump\n"
+ " - dump all UEFI BootXXXX variables\n"
+ "bootefi next [bootid]\n"
+ " - set/show UEFI BootNext variable\n"
+ "bootefi order [<bootid#1> [<bootid#2> [<bootid#3> [...]]]]\n"
+ " - set/show UEFI boot order\n"
+ "\n"
"bootefi bootmgr [fdt address]\n"
" - load and boot EFI payload based on BootOrder/BootXXXX variables.\n"
"\n"
@@ -678,7 +1334,7 @@ static char bootefi_help_text[] =
#endif
U_BOOT_CMD(
- bootefi, 3, 0, do_bootefi,
+ bootefi, CONFIG_SYS_MAXARGS, 0, do_bootefi,
"Boots an EFI payload from memory",
bootefi_help_text
);
diff --git a/cmd/efidebug.c b/cmd/efidebug.c
index a977ca9c72..121906a336 100644
--- a/cmd/efidebug.c
+++ b/cmd/efidebug.c
@@ -9,12 +9,10 @@
#include <common.h>
#include <command.h>
#include <efi_dt_fixup.h>
-#include <efi_load_initrd.h>
#include <efi_loader.h>
-#include <efi_rng.h>
#include <efi_variable.h>
+#include <efi_rng.h>
#include <exports.h>
-#include <hexdump.h>
#include <log.h>
#include <malloc.h>
#include <mapmem.h>
@@ -885,648 +883,6 @@ static int do_efi_show_tables(struct cmd_tbl *cmdtp, int
flag,
return CMD_RET_SUCCESS;
}
-/**
- * create_initrd_dp() - Create a special device for our Boot### option
- *
- * @dev: Device
- * @part: Disk partition
- * @file: Filename
- * Return: Pointer to the device path or ERR_PTR
- *
- */
-static
-struct efi_device_path *create_initrd_dp(const char *dev, const char *part,
- const char *file)
-
-{
- struct efi_device_path *tmp_dp = NULL, *tmp_fp = NULL;
- struct efi_device_path *initrd_dp = NULL;
- efi_status_t ret;
- const struct efi_initrd_dp id_dp = {
- .vendor = {
- {
- DEVICE_PATH_TYPE_MEDIA_DEVICE,
- DEVICE_PATH_SUB_TYPE_VENDOR_PATH,
- sizeof(id_dp.vendor),
- },
- EFI_INITRD_MEDIA_GUID,
- },
- .end = {
- DEVICE_PATH_TYPE_END,
- DEVICE_PATH_SUB_TYPE_END,
- sizeof(id_dp.end),
- }
- };
-
- ret = efi_dp_from_name(dev, part, file, &tmp_dp, &tmp_fp);
- if (ret != EFI_SUCCESS) {
- printf("Cannot create device path for \"%s %s\"\n", part, file);
- goto out;
- }
-
- initrd_dp = efi_dp_append((const struct efi_device_path *)&id_dp,
- tmp_fp);
-
-out:
- efi_free_pool(tmp_dp);
- efi_free_pool(tmp_fp);
- return initrd_dp;
-}
-
-/**
- * do_efi_boot_add() - set UEFI load option
- *
- * @cmdtp: Command table
- * @flag: Command flag
- * @argc: Number of arguments
- * @argv: Argument array
- * Return: CMD_RET_SUCCESS on success,
- * CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- *
- * Implement efidebug "boot add" sub-command. Create or change UEFI load
option.
- *
- * efidebug boot add -b <id> <label> <interface> <devnum>[:<part>] <file>
- * -i <file> <interface2> <devnum2>[:<part>] <initrd>
- * -s '<options>'
- */
-static int do_efi_boot_add(struct cmd_tbl *cmdtp, int flag,
- int argc, char *const argv[])
-{
- int id;
- char *endp;
- u16 var_name16[9];
- efi_guid_t guid;
- size_t label_len, label_len16;
- u16 *label;
- struct efi_device_path *device_path = NULL, *file_path = NULL;
- struct efi_device_path *final_fp = NULL;
- struct efi_device_path *initrd_dp = NULL;
- struct efi_load_option lo;
- void *data = NULL;
- efi_uintn_t size;
- efi_uintn_t fp_size = 0;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
-
- guid = efi_global_variable_guid;
-
- /* attributes */
- lo.attributes = LOAD_OPTION_ACTIVE; /* always ACTIVE */
- lo.optional_data = NULL;
- lo.label = NULL;
-
- argc--;
- argv++; /* 'add' */
- for (; argc > 0; argc--, argv++) {
- if (!strcmp(argv[0], "-b")) {
- if (argc < 5 || lo.label) {
- r = CMD_RET_USAGE;
- goto out;
- }
- id = (int)hextoul(argv[1], &endp);
- if (*endp != '\0' || id > 0xffff)
- return CMD_RET_USAGE;
-
- efi_create_indexed_name(var_name16, sizeof(var_name16),
- "Boot", id);
-
- /* label */
- label_len = strlen(argv[2]);
- label_len16 = utf8_utf16_strnlen(argv[2], label_len);
- label = malloc((label_len16 + 1) * sizeof(u16));
- if (!label)
- return CMD_RET_FAILURE;
- lo.label = label; /* label will be changed below */
- utf8_utf16_strncpy(&label, argv[2], label_len);
-
- /* file path */
- ret = efi_dp_from_name(argv[3], argv[4], argv[5],
- &device_path, &file_path);
- if (ret != EFI_SUCCESS) {
- printf("Cannot create device path for \"%s
%s\"\n",
- argv[3], argv[4]);
- r = CMD_RET_FAILURE;
- goto out;
- }
- fp_size += efi_dp_size(file_path) +
- sizeof(struct efi_device_path);
- argc -= 5;
- argv += 5;
- } else if (!strcmp(argv[0], "-i")) {
- if (argc < 3 || initrd_dp) {
- r = CMD_RET_USAGE;
- goto out;
- }
-
- initrd_dp = create_initrd_dp(argv[1], argv[2], argv[3]);
- if (!initrd_dp) {
- printf("Cannot add an initrd\n");
- r = CMD_RET_FAILURE;
- goto out;
- }
- argc -= 3;
- argv += 3;
- fp_size += efi_dp_size(initrd_dp) +
- sizeof(struct efi_device_path);
- } else if (!strcmp(argv[0], "-s")) {
- if (argc < 1 || lo.optional_data) {
- r = CMD_RET_USAGE;
- goto out;
- }
- lo.optional_data = (const u8 *)argv[1];
- argc -= 1;
- argv += 1;
- } else {
- r = CMD_RET_USAGE;
- goto out;
- }
- }
-
- if (!file_path) {
- printf("Missing binary\n");
- r = CMD_RET_USAGE;
- goto out;
- }
-
- final_fp = efi_dp_concat(file_path, initrd_dp);
- if (!final_fp) {
- printf("Cannot create final device path\n");
- r = CMD_RET_FAILURE;
- goto out;
- }
-
- lo.file_path = final_fp;
- lo.file_path_length = fp_size;
-
- size = efi_serialize_load_option(&lo, (u8 **)&data);
- if (!size) {
- r = CMD_RET_FAILURE;
- goto out;
- }
-
- ret = efi_set_variable_int(var_name16, &guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS |
- EFI_VARIABLE_RUNTIME_ACCESS,
- size, data, false);
- if (ret != EFI_SUCCESS) {
- printf("Cannot set %ls\n", var_name16);
- r = CMD_RET_FAILURE;
- }
-
-out:
- free(data);
- efi_free_pool(final_fp);
- efi_free_pool(initrd_dp);
- efi_free_pool(device_path);
- efi_free_pool(file_path);
- free(lo.label);
-
- return r;
-}
-
-/**
- * do_efi_boot_rm() - delete UEFI load options
- *
- * @cmdtp: Command table
- * @flag: Command flag
- * @argc: Number of arguments
- * @argv: Argument array
- * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- *
- * Implement efidebug "boot rm" sub-command.
- * Delete UEFI load options.
- *
- * efidebug boot rm <id> ...
- */
-static int do_efi_boot_rm(struct cmd_tbl *cmdtp, int flag,
- int argc, char *const argv[])
-{
- efi_guid_t guid;
- int id, i;
- char *endp;
- u16 var_name16[9];
- efi_status_t ret;
-
- if (argc == 1)
- return CMD_RET_USAGE;
-
- guid = efi_global_variable_guid;
- for (i = 1; i < argc; i++, argv++) {
- id = (int)hextoul(argv[1], &endp);
- if (*endp != '\0' || id > 0xffff)
- return CMD_RET_FAILURE;
-
- efi_create_indexed_name(var_name16, sizeof(var_name16),
- "Boot", id);
- ret = efi_set_variable_int(var_name16, &guid, 0, 0, NULL,
- false);
- if (ret) {
- printf("Cannot remove %ls\n", var_name16);
- return CMD_RET_FAILURE;
- }
- }
-
- return CMD_RET_SUCCESS;
-}
-
-/**
- * show_efi_boot_opt_data() - dump UEFI load option
- *
- * @varname16: variable name
- * @data: value of UEFI load option variable
- * @size: size of the boot option
- *
- * Decode the value of UEFI load option variable and print information.
- */
-static void show_efi_boot_opt_data(u16 *varname16, void *data, size_t *size)
-{
- struct efi_device_path *initrd_path = NULL;
- struct efi_load_option lo;
- efi_status_t ret;
-
- ret = efi_deserialize_load_option(&lo, data, size);
- if (ret != EFI_SUCCESS) {
- printf("%ls: invalid load option\n", varname16);
- return;
- }
-
- printf("%ls:\nattributes: %c%c%c (0x%08x)\n",
- varname16,
- /* ACTIVE */
- lo.attributes & LOAD_OPTION_ACTIVE ? 'A' : '-',
- /* FORCE RECONNECT */
- lo.attributes & LOAD_OPTION_FORCE_RECONNECT ? 'R' : '-',
- /* HIDDEN */
- lo.attributes & LOAD_OPTION_HIDDEN ? 'H' : '-',
- lo.attributes);
- printf(" label: %ls\n", lo.label);
-
- printf(" file_path: %pD\n", lo.file_path);
-
- initrd_path = efi_dp_from_lo(&lo, &efi_lf2_initrd_guid);
- if (initrd_path) {
- printf(" initrd_path: %pD\n", initrd_path);
- efi_free_pool(initrd_path);
- }
-
- printf(" data:\n");
- print_hex_dump(" ", DUMP_PREFIX_OFFSET, 16, 1,
- lo.optional_data, *size, true);
-}
-
-/**
- * show_efi_boot_opt() - dump UEFI load option
- *
- * @varname16: variable name
- *
- * Dump information defined by UEFI load option.
- */
-static void show_efi_boot_opt(u16 *varname16)
-{
- void *data;
- efi_uintn_t size;
- efi_status_t ret;
-
- size = 0;
- ret = EFI_CALL(efi_get_variable(varname16, &efi_global_variable_guid,
- NULL, &size, NULL));
- if (ret == EFI_BUFFER_TOO_SMALL) {
- data = malloc(size);
- if (!data) {
- printf("ERROR: Out of memory\n");
- return;
- }
- ret = EFI_CALL(efi_get_variable(varname16,
- &efi_global_variable_guid,
- NULL, &size, data));
- if (ret == EFI_SUCCESS)
- show_efi_boot_opt_data(varname16, data, &size);
- free(data);
- }
-}
-
-static int u16_tohex(u16 c)
-{
- if (c >= '0' && c <= '9')
- return c - '0';
- if (c >= 'A' && c <= 'F')
- return c - 'A' + 10;
-
- /* not hexadecimal */
- return -1;
-}
-
-/**
- * show_efi_boot_dump() - dump all UEFI load options
- *
- * @cmdtp: Command table
- * @flag: Command flag
- * @argc: Number of arguments
- * @argv: Argument array
- * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- *
- * Implement efidebug "boot dump" sub-command.
- * Dump information of all UEFI load options defined.
- *
- * efidebug boot dump
- */
-static int do_efi_boot_dump(struct cmd_tbl *cmdtp, int flag,
- int argc, char *const argv[])
-{
- u16 *var_name16, *p;
- efi_uintn_t buf_size, size;
- efi_guid_t guid;
- int id, i, digit;
- efi_status_t ret;
-
- if (argc > 1)
- return CMD_RET_USAGE;
-
- buf_size = 128;
- var_name16 = malloc(buf_size);
- if (!var_name16)
- return CMD_RET_FAILURE;
-
- var_name16[0] = 0;
- for (;;) {
- size = buf_size;
- ret = EFI_CALL(efi_get_next_variable_name(&size, var_name16,
- &guid));
- if (ret == EFI_NOT_FOUND)
- break;
- if (ret == EFI_BUFFER_TOO_SMALL) {
- buf_size = size;
- p = realloc(var_name16, buf_size);
- if (!p) {
- free(var_name16);
- return CMD_RET_FAILURE;
- }
- var_name16 = p;
- ret = EFI_CALL(efi_get_next_variable_name(&size,
- var_name16,
- &guid));
- }
- if (ret != EFI_SUCCESS) {
- free(var_name16);
- return CMD_RET_FAILURE;
- }
-
- if (memcmp(var_name16, L"Boot", 8))
- continue;
-
- for (id = 0, i = 0; i < 4; i++) {
- digit = u16_tohex(var_name16[4 + i]);
- if (digit < 0)
- break;
- id = (id << 4) + digit;
- }
- if (i == 4 && !var_name16[8])
- show_efi_boot_opt(var_name16);
- }
-
- free(var_name16);
-
- return CMD_RET_SUCCESS;
-}
-
-/**
- * show_efi_boot_order() - show order of UEFI load options
- *
- * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- *
- * Show order of UEFI load options defined by BootOrder variable.
- */
-static int show_efi_boot_order(void)
-{
- u16 *bootorder;
- efi_uintn_t size;
- int num, i;
- u16 var_name16[9];
- void *data;
- struct efi_load_option lo;
- efi_status_t ret;
-
- size = 0;
- ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
- NULL, &size, NULL));
- if (ret != EFI_BUFFER_TOO_SMALL) {
- if (ret == EFI_NOT_FOUND) {
- printf("BootOrder not defined\n");
- return CMD_RET_SUCCESS;
- } else {
- return CMD_RET_FAILURE;
- }
- }
- bootorder = malloc(size);
- if (!bootorder) {
- printf("ERROR: Out of memory\n");
- return CMD_RET_FAILURE;
- }
- ret = EFI_CALL(efi_get_variable(L"BootOrder", &efi_global_variable_guid,
- NULL, &size, bootorder));
- if (ret != EFI_SUCCESS) {
- ret = CMD_RET_FAILURE;
- goto out;
- }
-
- num = size / sizeof(u16);
- for (i = 0; i < num; i++) {
- efi_create_indexed_name(var_name16, sizeof(var_name16),
- "Boot", bootorder[i]);
-
- size = 0;
- ret = EFI_CALL(efi_get_variable(var_name16,
- &efi_global_variable_guid, NULL,
- &size, NULL));
- if (ret != EFI_BUFFER_TOO_SMALL) {
- printf("%2d: %ls: (not defined)\n", i + 1, var_name16);
- continue;
- }
-
- data = malloc(size);
- if (!data) {
- ret = CMD_RET_FAILURE;
- goto out;
- }
- ret = EFI_CALL(efi_get_variable(var_name16,
- &efi_global_variable_guid, NULL,
- &size, data));
- if (ret != EFI_SUCCESS) {
- free(data);
- ret = CMD_RET_FAILURE;
- goto out;
- }
-
- ret = efi_deserialize_load_option(&lo, data, &size);
- if (ret != EFI_SUCCESS) {
- printf("%ls: invalid load option\n", var_name16);
- ret = CMD_RET_FAILURE;
- goto out;
- }
-
- printf("%2d: %ls: %ls\n", i + 1, var_name16, lo.label);
-
- free(data);
- }
-out:
- free(bootorder);
-
- return ret;
-}
-
-/**
- * do_efi_boot_next() - manage UEFI BootNext variable
- *
- * @cmdtp: Command table
- * @flag: Command flag
- * @argc: Number of arguments
- * @argv: Argument array
- * Return: CMD_RET_SUCCESS on success,
- * CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- *
- * Implement efidebug "boot next" sub-command.
- * Set BootNext variable.
- *
- * efidebug boot next <id>
- */
-static int do_efi_boot_next(struct cmd_tbl *cmdtp, int flag,
- int argc, char *const argv[])
-{
- u16 bootnext;
- efi_uintn_t size;
- char *endp;
- efi_guid_t guid;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
-
- if (argc != 2)
- return CMD_RET_USAGE;
-
- bootnext = (u16)hextoul(argv[1], &endp);
- if (*endp) {
- printf("invalid value: %s\n", argv[1]);
- r = CMD_RET_FAILURE;
- goto out;
- }
-
- guid = efi_global_variable_guid;
- size = sizeof(u16);
- ret = efi_set_variable_int(L"BootNext", &guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS |
- EFI_VARIABLE_RUNTIME_ACCESS,
- size, &bootnext, false);
- if (ret != EFI_SUCCESS) {
- printf("Cannot set BootNext\n");
- r = CMD_RET_FAILURE;
- }
-out:
- return r;
-}
-
-/**
- * do_efi_boot_order() - manage UEFI BootOrder variable
- *
- * @cmdtp: Command table
- * @flag: Command flag
- * @argc: Number of arguments
- * @argv: Argument array
- * Return: CMD_RET_SUCCESS on success, CMD_RET_RET_FAILURE on failure
- *
- * Implement efidebug "boot order" sub-command.
- * Show order of UEFI load options, or change it in BootOrder variable.
- *
- * efidebug boot order [<id> ...]
- */
-static int do_efi_boot_order(struct cmd_tbl *cmdtp, int flag,
- int argc, char *const argv[])
-{
- u16 *bootorder = NULL;
- efi_uintn_t size;
- int id, i;
- char *endp;
- efi_guid_t guid;
- efi_status_t ret;
- int r = CMD_RET_SUCCESS;
-
- if (argc == 1)
- return show_efi_boot_order();
-
- argc--;
- argv++;
-
- size = argc * sizeof(u16);
- bootorder = malloc(size);
- if (!bootorder)
- return CMD_RET_FAILURE;
-
- for (i = 0; i < argc; i++) {
- id = (int)hextoul(argv[i], &endp);
- if (*endp != '\0' || id > 0xffff) {
- printf("invalid value: %s\n", argv[i]);
- r = CMD_RET_FAILURE;
- goto out;
- }
-
- bootorder[i] = (u16)id;
- }
-
- guid = efi_global_variable_guid;
- ret = efi_set_variable_int(L"BootOrder", &guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS |
- EFI_VARIABLE_RUNTIME_ACCESS,
- size, bootorder, true);
- if (ret != EFI_SUCCESS) {
- printf("Cannot set BootOrder\n");
- r = CMD_RET_FAILURE;
- }
-out:
- free(bootorder);
-
- return r;
-}
-
-static struct cmd_tbl cmd_efidebug_boot_sub[] = {
- U_BOOT_CMD_MKENT(add, CONFIG_SYS_MAXARGS, 1, do_efi_boot_add, "", ""),
- U_BOOT_CMD_MKENT(rm, CONFIG_SYS_MAXARGS, 1, do_efi_boot_rm, "", ""),
- U_BOOT_CMD_MKENT(dump, CONFIG_SYS_MAXARGS, 1, do_efi_boot_dump, "", ""),
- U_BOOT_CMD_MKENT(next, CONFIG_SYS_MAXARGS, 1, do_efi_boot_next, "", ""),
- U_BOOT_CMD_MKENT(order, CONFIG_SYS_MAXARGS, 1, do_efi_boot_order,
- "", ""),
-};
-
-/**
- * do_efi_boot_opt() - manage UEFI load options
- *
- * @cmdtp: Command table
- * @flag: Command flag
- * @argc: Number of arguments
- * @argv: Argument array
- * Return: CMD_RET_SUCCESS on success,
- * CMD_RET_USAGE or CMD_RET_RET_FAILURE on failure
- *
- * Implement efidebug "boot" sub-command.
- */
-static int do_efi_boot_opt(struct cmd_tbl *cmdtp, int flag,
- int argc, char *const argv[])
-{
- struct cmd_tbl *cp;
-
- if (argc < 2)
- return CMD_RET_USAGE;
-
- argc--; argv++;
-
- cp = find_cmd_tbl(argv[0], cmd_efidebug_boot_sub,
- ARRAY_SIZE(cmd_efidebug_boot_sub));
- if (!cp)
- return CMD_RET_USAGE;
-
- return cp->cmd(cmdtp, flag, argc, argv);
-}
-
/**
* do_efi_test_bootmgr() - run simple bootmgr for test
*
@@ -1656,7 +1012,6 @@ static int do_efi_query_info(struct cmd_tbl *cmdtp, int
flag,
}
static struct cmd_tbl cmd_efidebug_sub[] = {
- U_BOOT_CMD_MKENT(boot, CONFIG_SYS_MAXARGS, 1, do_efi_boot_opt, "", ""),
#ifdef CONFIG_EFI_HAVE_CAPSULE_SUPPORT
U_BOOT_CMD_MKENT(capsule, CONFIG_SYS_MAXARGS, 1, do_efi_capsule,
"", ""),
@@ -1723,21 +1078,6 @@ static int do_efidebug(struct cmd_tbl *cmdtp, int flag,
static char efidebug_help_text[] =
" - UEFI Shell-like interface to configure UEFI environment\n"
"\n"
- "efidebug boot add "
- "-b <bootid> <label> <interface> <devnum>[:<part>] <file path> "
- "-i <interface> <devnum>[:<part>] <initrd file path> "
- "-s '<optional data>'\n"
- " - set UEFI BootXXXX variable\n"
- " <load options> will be passed to UEFI application\n"
- "efidebug boot rm <bootid#1> [<bootid#2> [<bootid#3> [...]]]\n"
- " - delete UEFI BootXXXX variables\n"
- "efidebug boot dump\n"
- " - dump all UEFI BootXXXX variables\n"
- "efidebug boot next <bootid>\n"
- " - set UEFI BootNext variable\n"
- "efidebug boot order [<bootid#1> [<bootid#2> [<bootid#3> [...]]]]\n"
- " - set/show UEFI boot order\n"
- "\n"
#ifdef CONFIG_EFI_HAVE_CAPSULE_SUPPORT
"efidebug capsule update [-v] <capsule address>\n"
" - process a capsule\n"
diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst
index 43fb10f797..205755446f 100644
--- a/doc/develop/uefi/uefi.rst
+++ b/doc/develop/uefi/uefi.rst
@@ -178,13 +178,13 @@ Now in U-Boot install the keys on your board::
Set up boot parameters on your board::
- efidebug boot add -b 1 HELLO mmc 0:1 /helloworld.efi.signed ""
+ bootefi boot add -b 1 HELLO mmc 0:1 /helloworld.efi.signed ""
Since kernel 5.7 there's an alternative way of loading an initrd using
LoadFile2 protocol if CONFIG_EFI_LOAD_FILE2_INITRD is enabled.
The initrd path can be specified with::
- efidebug boot add -b ABE0 'kernel' mmc 0:1 Image -i mmc 0:1 initrd
+ bootefi boot add -b ABE0 'kernel' mmc 0:1 Image -i mmc 0:1 initrd
Now your board can run the signed image via the boot manager (see below).
You can also try this sequence by running Pytest, test_efi_secboot,
diff --git a/include/efi_loader.h b/include/efi_loader.h
index f4860e87fc..d369b112c3 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -798,14 +798,12 @@ efi_status_t __efi_runtime EFIAPI efi_get_time(
efi_status_t __efi_runtime EFIAPI efi_set_time(struct efi_time *time);
-#ifdef CONFIG_CMD_BOOTEFI_SELFTEST
/*
* Entry point for the tests of the EFI API.
* It is called by 'bootefi selftest'
*/
efi_status_t EFIAPI efi_selftest(efi_handle_t image_handle,
struct efi_system_table *systab);
-#endif
efi_status_t EFIAPI efi_get_variable(u16 *variable_name,
const efi_guid_t *vendor, u32 *attributes,
diff --git a/lib/efi_selftest/efi_selftest_tcg2.c
b/lib/efi_selftest/efi_selftest_tcg2.c
index c5b0b7dd02..eb3bcafd1f 100644
--- a/lib/efi_selftest/efi_selftest_tcg2.c
+++ b/lib/efi_selftest/efi_selftest_tcg2.c
@@ -70,7 +70,7 @@ static struct efi_runtime_services *runtime;
EFI_VARIABLE_BOOTSERVICE_ACCESS | \
EFI_VARIABLE_RUNTIME_ACCESS)
-/* "efidebug boot add -b 1000 test1000 virtio 0:1 /EFI/debian/grubaa64.efi" */
+/* "bootefi add -b 1000 test1000 virtio 0:1 /EFI/debian/grubaa64.efi" */
static const u8 boot_1000[] = {
0x01, 0x00, 0x00, 0x00, 0x8d, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00,
0x74, 0x00, 0x30, 0x00, 0x00, 0x00, 0x01, 0x04, 0x14, 0x00, 0xb9, 0x73,
@@ -87,7 +87,7 @@ static const u8 boot_1000[] = {
0x00, 0x2e, 0x00, 0x65, 0x00, 0x66, 0x00, 0x69, 0x00, 0x00, 0x00, 0x7f,
0xff, 0x04, 0x00 };
-/* "efidebug boot add -b 1001 test1001 virtio 0:1 /EFI/debian/grubaa64.efi" */
+/* "bootefi add -b 1001 test1001 virtio 0:1 /EFI/debian/grubaa64.efi" */
static const u8 boot_1001[] = {
0x01, 0x00, 0x00, 0x00, 0x8d, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00,
0x74, 0x00, 0x31, 0x00, 0x00, 0x00, 0x01, 0x04, 0x14, 0x00, 0xb9, 0x73,
@@ -104,7 +104,7 @@ static const u8 boot_1001[] = {
0x00, 0x2e, 0x00, 0x65, 0x00, 0x66, 0x00, 0x69, 0x00, 0x00, 0x00, 0x7f,
0xff, 0x04, 0x00 };
-/* "efidebug boot add -b 1002 test1002 virtio 0:1 /EFI/debian/grubaa64.efi" */
+/* "bootefi add -b 1002 test1002 virtio 0:1 /EFI/debian/grubaa64.efi" */
static const u8 boot_1002[] = {
0x01, 0x00, 0x00, 0x00, 0x8d, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00,
0x74, 0x00, 0x32, 0x00, 0x00, 0x00, 0x01, 0x04, 0x14, 0x00, 0xb9, 0x73,
@@ -121,7 +121,7 @@ static const u8 boot_1002[] = {
0x00, 0x2e, 0x00, 0x65, 0x00, 0x66, 0x00, 0x69, 0x00, 0x00, 0x00, 0x7f,
0xff, 0x04, 0x00};
-/* "efidebug boot order 1002 1000 1001" */
+/* "bootefi order 1002 1000 1001" */
static u8 boot_order[] = {0x02, 0x10, 0x00, 0x10, 0x01, 0x10};
static void *orig_smbios_table;
diff --git a/test/py/tests/test_efi_capsule/test_capsule_firmware.py
b/test/py/tests/test_efi_capsule/test_capsule_firmware.py
index 9eeaae27d6..ac54b14aa6 100644
--- a/test/py/tests/test_efi_capsule/test_capsule_firmware.py
+++ b/test/py/tests/test_efi_capsule/test_capsule_firmware.py
@@ -39,8 +39,8 @@ class TestEfiCapsuleFirmwareFit(object):
with u_boot_console.log.section('Test Case 1-a, before reboot'):
output = u_boot_console.run_command_list([
'host bind 0 %s' % disk_img,
- 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""',
- 'efidebug boot order 1',
+ 'bootefi add -b 1 TEST host 0:1 /helloworld.efi -s ""',
+ 'bootefi order 1',
'env set -e OsIndications',
'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000
0x50000;u-boot-env raw 0x150000 0x200000"',
'env save'])
@@ -114,8 +114,8 @@ class TestEfiCapsuleFirmwareFit(object):
with u_boot_console.log.section('Test Case 2-a, before reboot'):
output = u_boot_console.run_command_list([
'host bind 0 %s' % disk_img,
- 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""',
- 'efidebug boot order 1',
+ 'bootefi add -b 1 TEST host 0:1 /helloworld.efi -s ""',
+ 'bootefi order 1',
'env set -e -nv -bs -rt OsIndications =0x0000000000000004',
'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000
0x50000;u-boot-env raw 0x150000 0x200000"',
'env save'])
@@ -188,8 +188,8 @@ class TestEfiCapsuleFirmwareFit(object):
with u_boot_console.log.section('Test Case 3-a, before reboot'):
output = u_boot_console.run_command_list([
'host bind 0 %s' % disk_img,
- 'efidebug boot add -b 1 TEST host 0:1 /helloworld.efi -s ""',
- 'efidebug boot order 1',
+ 'bootefi add -b 1 TEST host 0:1 /helloworld.efi -s ""',
+ 'bootefi order 1',
'env set -e -nv -bs -rt OsIndications =0x0000000000000004',
'env set dfu_alt_info "sf 0:0=u-boot-bin raw 0x100000
0x50000;u-boot-env raw 0x150000 0x200000"',
'env save'])
diff --git a/test/py/tests/test_efi_secboot/test_signed.py
b/test/py/tests/test_efi_secboot/test_signed.py
index 0aee34479f..4af4d90d4c 100644
--- a/test/py/tests/test_efi_secboot/test_signed.py
+++ b/test/py/tests/test_efi_secboot/test_signed.py
@@ -28,16 +28,16 @@ class TestEfiSignedImage(object):
# Test Case 1a, run signed image if no PK
output = u_boot_console.run_command_list([
'host bind 0 %s' % disk_img,
- 'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld.efi.signed
-s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s
""',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
with u_boot_console.log.section('Test Case 1b'):
# Test Case 1b, run unsigned image if no PK
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""',
- 'efidebug boot next 2',
+ 'bootefi add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""',
+ 'bootefi next 2',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -58,14 +58,14 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld.efi.signed
-s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO1 host 0:1 /helloworld.efi.signed -s
""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert('\'HELLO1\' failed' in ''.join(output))
assert('efi_start_image() returned: 26' in ''.join(output))
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""',
- 'efidebug boot next 2',
+ 'bootefi add -b 2 HELLO2 host 0:1 /helloworld.efi -s ""',
+ 'bootefi next 2',
'efidebug test bootmgr'])
assert '\'HELLO2\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -77,12 +77,12 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 2',
+ 'bootefi next 2',
'efidebug test bootmgr'])
assert '\'HELLO2\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -104,8 +104,8 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed
-s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -117,7 +117,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -142,8 +142,8 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed
-s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -169,8 +169,8 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1
/helloworld.efi.signed_2sigs -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed_2sigs
-s ""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -181,7 +181,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize db'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -193,7 +193,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -204,7 +204,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -227,8 +227,8 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi.signed
-s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi.signed -s ""',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -239,7 +239,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -253,7 +253,7 @@ class TestEfiSignedImage(object):
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
diff --git a/test/py/tests/test_efi_secboot/test_signed_intca.py
b/test/py/tests/test_efi_secboot/test_signed_intca.py
index d8d599d22f..b2eb6b6824 100644
--- a/test/py/tests/test_efi_secboot/test_signed_intca.py
+++ b/test/py/tests/test_efi_secboot/test_signed_intca.py
@@ -39,8 +39,8 @@ class TestEfiSignedImageIntca(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO_a host 0:1
/helloworld.efi.signed_a -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO_a host 0:1 /helloworld.efi.signed_a -s
""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO_a\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -48,8 +48,8 @@ class TestEfiSignedImageIntca(object):
with u_boot_console.log.section('Test Case 1b'):
# Test Case 1b, signed and authenticated by root CA
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 2 HELLO_ab host 0:1
/helloworld.efi.signed_ab -s ""',
- 'efidebug boot next 2',
+ 'bootefi add -b 2 HELLO_ab host 0:1 /helloworld.efi.signed_ab
-s ""',
+ 'bootefi next 2',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -70,8 +70,8 @@ class TestEfiSignedImageIntca(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO_abc host 0:1
/helloworld.efi.signed_abc -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO_abc host 0:1
/helloworld.efi.signed_abc -s ""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO_abc\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -81,7 +81,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 db_b.auth',
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO_abc\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
@@ -91,7 +91,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 db_c.auth',
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -116,8 +116,8 @@ class TestEfiSignedImageIntca(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO_abc host 0:1
/helloworld.efi.signed_abc -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO_abc host 0:1
/helloworld.efi.signed_abc -s ""',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'Hello, world!' in ''.join(output)
# Or,
@@ -129,7 +129,7 @@ class TestEfiSignedImageIntca(object):
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 dbx_c.auth',
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert '\'HELLO_abc\' failed' in ''.join(output)
assert 'efi_start_image() returned: 26' in ''.join(output)
diff --git a/test/py/tests/test_efi_secboot/test_unsigned.py
b/test/py/tests/test_efi_secboot/test_unsigned.py
index df63f0df08..8964595d85 100644
--- a/test/py/tests/test_efi_secboot/test_unsigned.py
+++ b/test/py/tests/test_efi_secboot/test_unsigned.py
@@ -35,12 +35,12 @@ class TestEfiUnsignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'efi_start_image() returned: 26' in ''.join(output)
assert 'Hello, world!' not in ''.join(output)
@@ -64,8 +64,8 @@ class TestEfiUnsignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert 'Hello, world!' in ''.join(output)
@@ -88,12 +88,12 @@ class TestEfiUnsignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'efi_start_image() returned: 26' in ''.join(output)
assert 'Hello, world!' not in ''.join(output)
@@ -106,12 +106,12 @@ class TestEfiUnsignedImage(object):
assert 'Failed to set EFI variable' not in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
- 'efidebug boot next 1',
+ 'bootefi add -b 1 HELLO host 0:1 /helloworld.efi -s ""',
+ 'bootefi next 1',
'bootefi bootmgr'])
assert '\'HELLO\' failed' in ''.join(output)
output = u_boot_console.run_command_list([
- 'efidebug boot next 1',
+ 'bootefi next 1',
'efidebug test bootmgr'])
assert 'efi_start_image() returned: 26' in ''.join(output)
assert 'Hello, world!' not in ''.join(output)
--
2.33.1
