1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright (c) 2020, Linaro Limited
4  */
5 
6 #define LOG_CATEGORY LOGC_EFI
7 #include <common.h>
8 #include <env.h>
9 #include <malloc.h>
10 #include <dm.h>
11 #include <fs.h>
12 #include <efi_load_initrd.h>
13 #include <efi_loader.h>
14 #include <efi_variable.h>
15 
16 #if defined(CONFIG_CMD_EFIDEBUG) || defined(CONFIG_EFI_LOAD_FILE2_INITRD)
17 /* GUID used by Linux to identify the LoadFile2 protocol with the initrd */
18 const efi_guid_t efi_lf2_initrd_guid = EFI_INITRD_MEDIA_GUID;
19 #endif
20 
21 /**
22  * efi_create_current_boot_var() - Return Boot#### name were #### is replaced by
23  *			           the value of BootCurrent
24  *
25  * @var_name:		variable name
26  * @var_name_size:	size of var_name
27  *
28  * Return:	Status code
29  */
efi_create_current_boot_var(u16 var_name[],size_t var_name_size)30 static efi_status_t efi_create_current_boot_var(u16 var_name[],
31 						size_t var_name_size)
32 {
33 	efi_uintn_t boot_current_size;
34 	efi_status_t ret;
35 	u16 boot_current;
36 	u16 *pos;
37 
38 	boot_current_size = sizeof(boot_current);
39 	ret = efi_get_variable_int(u"BootCurrent",
40 				   &efi_global_variable_guid, NULL,
41 				   &boot_current_size, &boot_current, NULL);
42 	if (ret != EFI_SUCCESS)
43 		goto out;
44 
45 	pos = efi_create_indexed_name(var_name, var_name_size, "Boot",
46 				      boot_current);
47 	if (!pos) {
48 		ret = EFI_OUT_OF_RESOURCES;
49 		goto out;
50 	}
51 
52 out:
53 	return ret;
54 }
55 
56 /**
57  * efi_get_dp_from_boot() - Retrieve and return a device path from an EFI
58  *			    Boot### variable.
59  *			    A boot option may contain an array of device paths.
60  *			    We use a VenMedia() with a specific GUID to identify
61  *			    the usage of the array members. This function is
62  *			    used to extract a specific device path
63  *
64  * @guid:	vendor GUID of the VenMedia() device path node identifying the
65  *		device path
66  *
67  * Return:	device path or NULL. Caller must free the returned value
68  */
efi_get_dp_from_boot(const efi_guid_t guid)69 struct efi_device_path *efi_get_dp_from_boot(const efi_guid_t guid)
70 {
71 	struct efi_load_option lo;
72 	void *var_value;
73 	efi_uintn_t size;
74 	efi_status_t ret;
75 	u16 var_name[16];
76 
77 	ret = efi_create_current_boot_var(var_name, sizeof(var_name));
78 	if (ret != EFI_SUCCESS)
79 		return NULL;
80 
81 	var_value = efi_get_var(var_name, &efi_global_variable_guid, &size);
82 	if (!var_value)
83 		return NULL;
84 
85 	ret = efi_deserialize_load_option(&lo, var_value, &size);
86 	if (ret != EFI_SUCCESS)
87 		goto err;
88 
89 	return efi_dp_from_lo(&lo, &guid);
90 
91 err:
92 	free(var_value);
93 	return NULL;
94 }
95 
96 const struct guid_to_hash_map {
97 	efi_guid_t guid;
98 	const char algo[32];
99 	u32 bits;
100 } guid_to_hash[] = {
101 	{
102 		EFI_CERT_X509_SHA256_GUID,
103 		"sha256",
104 		SHA256_SUM_LEN * 8,
105 	},
106 	{
107 		EFI_CERT_SHA256_GUID,
108 		"sha256",
109 		SHA256_SUM_LEN * 8,
110 	},
111 	{
112 		EFI_CERT_X509_SHA384_GUID,
113 		"sha384",
114 		SHA384_SUM_LEN * 8,
115 	},
116 	{
117 		EFI_CERT_X509_SHA512_GUID,
118 		"sha512",
119 		SHA512_SUM_LEN * 8,
120 	},
121 };
122 
123 #define MAX_GUID_TO_HASH_COUNT ARRAY_SIZE(guid_to_hash)
124 
125 /** guid_to_sha_str - return the sha string e.g "sha256" for a given guid
126  *                    used on EFI security databases
127  *
128  * @guid: guid to check
129  *
130  * Return: len or 0 if no match is found
131  */
guid_to_sha_str(const efi_guid_t * guid)132 const char *guid_to_sha_str(const efi_guid_t *guid)
133 {
134 	size_t i;
135 
136 	for (i = 0; i < MAX_GUID_TO_HASH_COUNT; i++) {
137 		if (!guidcmp(guid, &guid_to_hash[i].guid))
138 			return guid_to_hash[i].algo;
139 	}
140 
141 	return NULL;
142 }
143 
144 /** algo_to_len - return the sha size in bytes for a given string
145  *
146  * @algo: string indicating hashing algorithm to check
147  *
148  * Return: length of hash in bytes or 0 if no match is found
149  */
algo_to_len(const char * algo)150 int algo_to_len(const char *algo)
151 {
152 	size_t i;
153 
154 	for (i = 0; i < MAX_GUID_TO_HASH_COUNT; i++) {
155 		if (!strcmp(algo, guid_to_hash[i].algo))
156 			return guid_to_hash[i].bits / 8;
157 	}
158 
159 	return 0;
160 }
161 
162 /** efi_link_dev - link the efi_handle_t and udevice
163  *
164  * @handle:	efi handle to associate with udevice
165  * @dev:	udevice to associate with efi handle
166  *
167  * Return:	0 on success, negative on failure
168  */
efi_link_dev(efi_handle_t handle,struct udevice * dev)169 int efi_link_dev(efi_handle_t handle, struct udevice *dev)
170 {
171 	handle->dev = dev;
172 	return dev_tag_set_ptr(dev, DM_TAG_EFI, handle);
173 }
174 
175 /**
176  * efi_unlink_dev() - unlink udevice and handle
177  *
178  * @handle:	EFI handle to unlink
179  *
180  * Return:	0 on success, negative on failure
181  */
efi_unlink_dev(efi_handle_t handle)182 int efi_unlink_dev(efi_handle_t handle)
183 {
184 	int ret;
185 
186 	ret = dev_tag_del(handle->dev, DM_TAG_EFI);
187 	if (ret)
188 		return ret;
189 	handle->dev = NULL;
190 
191 	return 0;
192 }
193 
u16_tohex(u16 c)194 static int u16_tohex(u16 c)
195 {
196 	if (c >= '0' && c <= '9')
197 		return c - '0';
198 	if (c >= 'A' && c <= 'F')
199 		return c - 'A' + 10;
200 
201 	/* not hexadecimal */
202 	return -1;
203 }
204 
efi_varname_is_load_option(u16 * var_name16,int * index)205 bool efi_varname_is_load_option(u16 *var_name16, int *index)
206 {
207 	int id, i, digit;
208 
209 	if (memcmp(var_name16, u"Boot", 8))
210 		return false;
211 
212 	for (id = 0, i = 0; i < 4; i++) {
213 		digit = u16_tohex(var_name16[4 + i]);
214 		if (digit < 0)
215 			break;
216 		id = (id << 4) + digit;
217 	}
218 	if (i == 4 && !var_name16[8]) {
219 		if (index)
220 			*index = id;
221 		return true;
222 	}
223 
224 	return false;
225 }
226 
227 /**
228  * efi_next_variable_name() - get next variable name
229  *
230  * This function is a wrapper of efi_get_next_variable_name_int().
231  * If efi_get_next_variable_name_int() returns EFI_BUFFER_TOO_SMALL,
232  * @size and @buf are updated by new buffer size and realloced buffer.
233  *
234  * @size:	pointer to the buffer size
235  * @buf:	pointer to the buffer
236  * @guid:	pointer to the guid
237  * Return:	status code
238  */
efi_next_variable_name(efi_uintn_t * size,u16 ** buf,efi_guid_t * guid)239 efi_status_t efi_next_variable_name(efi_uintn_t *size, u16 **buf, efi_guid_t *guid)
240 {
241 	u16 *p;
242 	efi_status_t ret;
243 	efi_uintn_t buf_size = *size;
244 
245 	ret = efi_get_next_variable_name_int(&buf_size, *buf, guid);
246 	if (ret == EFI_NOT_FOUND)
247 		return ret;
248 	if (ret == EFI_BUFFER_TOO_SMALL) {
249 		p = realloc(*buf, buf_size);
250 		if (!p)
251 			return EFI_OUT_OF_RESOURCES;
252 
253 		*buf = p;
254 		*size = buf_size;
255 		ret = efi_get_next_variable_name_int(&buf_size, *buf, guid);
256 	}
257 
258 	return ret;
259 }
260