[PATCH v2] cmd: bootefi: restore ability to boot arbitrary blob
Kyle Evans
kevans at freebsd.org
Mon Apr 11 21:19:47 CEST 2022
On Mon, Apr 11, 2022 at 1:14 PM Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>
> On 4/10/22 23:05, kevans at FreeBSD.org wrote:
> > From: Kyle Evans <kevans at FreeBSD.org>
> >
> > Up until commit 5f59518a7b1ae ("efi_loader: setting boot device"), we
> > could boot an arbitrary blob with bootefi. Indeed, efi_run_image() even
> > has a special case for missing device paths indicating a payload that
> > was directly loaded via JTAG, for example.
> >
> > Restore the ability to inject a UEFI payload into memory and `bootefi`
> > it. If the address passed isn't the last PE-COFF loaded, then we'll
> > wipe out the pre-existing DP/Image information and let efi_run_image()
> > synthesize a memory device path.
> >
> > An image size is required if we're booting an arbitrary payload, and
> > the FDT argument has been changed to accept `-`. The size could be
> > deduced from the image header, but it's required anyways as an explicit
> > acknowledgment that one's trying to boot an arbitrary payload rather
> > than accidentally using the wrong address in the single-addr form.
> >
> > If the image address matches the last loaded PE_COFF, it is an error
> > to pass the incorrect size (but the size may be omitted).
> >
> > Signed-off-by: Kyle Evans <kevans at FreeBSD.org>
> > ---
> >
> > Changes since v1:
> > - Specifying an address that isn't the last-known without a size produces the
> > same error as in the past ("No UEFI binary known at ...")
> > - Specifying a size with the last known address that doesn't match the last
> > recorded size will get: Size does not match known UEFI binary at %s
> >
> > cmd/bootefi.c | 42 ++++++++++++++++++++++++++++++++++--------
> > 1 file changed, 34 insertions(+), 8 deletions(-)
> >
> > diff --git a/cmd/bootefi.c b/cmd/bootefi.c
> > index 53d9f0e0dc..0d3aecb2a1 100644
> > --- a/cmd/bootefi.c
> > +++ b/cmd/bootefi.c
> > @@ -425,7 +425,7 @@ static int do_efibootmgr(void)
> > * @image_opt: string of image start address
> > * Return: status code
> > */
> > -static int do_bootefi_image(const char *image_opt)
> > +static int do_bootefi_image(const char *image_opt, const char *size_opt)
> > {
> > void *image_buf;
> > unsigned long addr, size;
> > @@ -444,13 +444,35 @@ static int do_bootefi_image(const char *image_opt)
> > if (!addr)
> > return CMD_RET_USAGE;
> >
> > + size = 0;
> > + if (size_opt) {
> > + size = strtoul(size_opt, NULL, 16);
> > + /* Check that a numeric value was passed */
> > + if (!size)
> > + return CMD_RET_USAGE;
> > + }
> > +
> > image_buf = map_sysmem(addr, 0);
> >
> > if (image_buf != image_addr) {
> > - log_err("No UEFI binary known at %s\n", image_opt);
> > - return CMD_RET_FAILURE;
> > + /* Fake device path -- we must have a size. */
> > +
> > + if (size == 0) {
>
> U-Boot prefers (!size) over (size == 0).
>
Ah, interesting, thanks for the note! I recall seeing a warning about
this from patman about pointers/NULL, but hadn't thought to apply the
same here.
> > + printf("No UEFI binary known at %s\n", image_opt);
>
>
> We should use logerr() here.
>
My apologies, I missed that the message I was restoring used the
correct mechanism.
> > + return CMD_RET_FAILURE;
> > + }
> > +
> > + if (image_addr)
> > + efi_clear_bootdev();
> > + } else {
> > + if (size != 0 && size != image_size) {
> > + printf("Size does not match known UEFI binary at %s\n",
> > + image_opt);
>
> ditto.
>
> > + return CMD_RET_FAILURE;
> > + }
> > +
> > + size = image_size;
> > }
> > - size = image_size;
> > }
> > ret = efi_run_image(image_buf, size);
> >
> > @@ -654,7 +676,7 @@ static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc,
> > return CMD_RET_FAILURE;
> > }
> >
> > - if (argc > 2) {
> > + if (argc > 2 && strcmp(argv[2], "-") != 0) {
> > uintptr_t fdt_addr;
> >
> > fdt_addr = hextoul(argv[2], NULL);
> > @@ -677,15 +699,19 @@ static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc,
> > return do_efi_selftest();
> > #endif
> >
> > - return do_bootefi_image(argv[1]);
> > + return do_bootefi_image(argv[1], argc > 3 ? argv[3] : NULL);
> > }
> >
> > #ifdef CONFIG_SYS_LONGHELP
> > static char bootefi_help_text[] =
> > - "<image address> [fdt address]\n"
> > + "<image address> [fdt address [image size]]\n"
> > " - boot EFI payload stored at address <image address>.\n"
> > " If specified, the device tree located at <fdt address> gets\n"
> > " exposed as EFI configuration table.\n"
> > + " The image size is required if this is not a preloaded image, but\n"
> > + " it must be omitted if the image was preloaded.\n"
>
> It may be omitted. See code above.
>
> I can take care of the necessary changes.
>
> Acked-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
>
Thanks!
More information about the U-Boot
mailing list