Merge branch 'efi-2022-01' of https://source.denx.de/u-boot/custodians/u-boot-efi

Scripts:
* Update spelling.txt

LMB:
* remove extern keyword in lmb.h
* drop unused lmb_size_bytes()

Test:
* test truncation in snprintf()

Documentation:
* add include/lmb.h to HTML documentation

UEFI:
* reduce non-debug logging output for measured boot
* fix use after free in measured boot
* startup the tpm device when installing the protocol
* implement EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES
* record capsule result only if capsule is read

5 files changed, 153 insertions, 45 deletions

diff --git a/lib/Kconfig b/lib/Kconfig
index 70bf8e7a46..807a4c6ade 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -793,7 +793,7 @@ config LMB
 	  Support the library logical memory blocks.
 
 config LMB_USE_MAX_REGIONS
-	bool "Use a commun number of memory and reserved regions in lmb lib"
+	bool "Use a common number of memory and reserved regions in lmb lib"
 	depends on LMB
 	default y
 	help
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 1823990d9b..6fdd0ef77a 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -71,6 +71,9 @@ const efi_guid_t efi_guid_driver_binding_protocol =
 /* event group ExitBootServices() invoked */
 const efi_guid_t efi_guid_event_group_exit_boot_services =
 			EFI_EVENT_GROUP_EXIT_BOOT_SERVICES;
+/* event group before ExitBootServices() invoked */
+const efi_guid_t efi_guid_event_group_before_exit_boot_services =
+			EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES;
 /* event group SetVirtualAddressMap() invoked */
 const efi_guid_t efi_guid_event_group_virtual_address_change =
 			EFI_EVENT_GROUP_VIRTUAL_ADDRESS_CHANGE;
@@ -2123,6 +2126,16 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
 	if (!systab.boottime)
 		goto out;
 
+	/* Notify EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES event group. */
+	list_for_each_entry(evt, &efi_events, link) {
+		if (evt->group &&
+		    !guidcmp(evt->group,
+			     &efi_guid_event_group_before_exit_boot_services)) {
+			efi_signal_event(evt);
+			break;
+		}
+	}
+
 	/* Stop all timer related activities */
 	timers_enabled = false;
 
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 850937fd12..502bcfca6e 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -1108,13 +1108,13 @@ efi_status_t efi_launch_capsules(void)
 				log_err("Applying capsule %ls failed\n",
 					files[i]);
 
+			/* create CapsuleXXXX */
+			set_capsule_result(index, capsule, ret);
+
 			free(capsule);
 		} else {
 			log_err("Reading capsule %ls failed\n", files[i]);
 		}
-		/* create CapsuleXXXX */
-		set_capsule_result(index, capsule, ret);
-
 		/* delete a capsule either in case of success or failure */
 		ret = efi_capsule_delete_file(files[i]);
 		if (ret != EFI_SUCCESS)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 189e4a5ba5..8c1f22e337 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -18,6 +18,7 @@
 #include <smbios.h>
 #include <version_string.h>
 #include <tpm-v2.h>
+#include <tpm_api.h>
 #include <u-boot/hash-checksum.h>
 #include <u-boot/sha1.h>
 #include <u-boot/sha256.h>
@@ -27,6 +28,17 @@
 #include <linux/unaligned/generic.h>
 #include <hexdump.h>
 
+/**
+ * struct event_log_buffer - internal eventlog management structure
+ *
+ * @buffer:		eventlog buffer
+ * @final_buffer:	finalevent config table buffer
+ * @pos:		current position of 'buffer'
+ * @final_pos:		current position of 'final_buffer'
+ * @get_event_called:	true if GetEventLog has been invoked at least once
+ * @ebs_called:		true if ExitBootServices has been invoked
+ * @truncated:		true if the 'buffer' is truncated
+ */
 struct event_log_buffer {
 	void *buffer;
 	void *final_buffer;
@@ -34,6 +46,7 @@ struct event_log_buffer {
 	size_t final_pos; /* final events config table position */
 	size_t last_event_size;
 	bool get_event_called;
+	bool ebs_called;
 	bool truncated;
 };
 
@@ -186,39 +199,29 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev, u32 pcr_index,
 	return EFI_SUCCESS;
 }
 
-/* tcg2_agile_log_append - Append an agile event to out eventlog
+/* put_event - Append an agile event to an eventlog
  *
  * @pcr_index:		PCR index
  * @event_type:		type of event added
  * @digest_list:	list of digest algorithms to add
  * @size:		size of event
  * @event:		event to add
+ * @log:		log buffer to append the event
  *
- * @Return: status code
  */
-static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
-					  struct tpml_digest_values *digest_list,
-					  u32 size, u8 event[])
+static void put_event(u32 pcr_index, u32 event_type,
+		      struct tpml_digest_values *digest_list, u32 size,
+		      u8 event[], void *log)
 {
-	void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
 	size_t pos;
 	size_t i;
 	u32 event_size;
 
-	if (event_log.get_event_called)
-		log = (void *)((uintptr_t)event_log.final_buffer +
-			       event_log.final_pos);
-
 	/*
 	 * size refers to the length of event[] only, we need to check against
 	 * the final tcg_pcr_event2 size
 	 */
 	event_size = size + tcg_event_final_size(digest_list);
-	if (event_log.pos + event_size > TPM2_EVENT_LOG_SIZE ||
-	    event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) {
-		event_log.truncated = true;
-		return EFI_VOLUME_FULL;
-	}
 
 	put_unaligned_le32(pcr_index, log);
 	pos = offsetof(struct tcg_pcr_event2, event_type);
@@ -242,25 +245,62 @@ static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
 	memcpy((void *)((uintptr_t)log + pos), event, size);
 	pos += size;
 
-	/* make sure the calculated buffer is what we checked against */
+	/*
+	 * make sure the calculated buffer is what we checked against
+	 * This check should never fail.  It checks the code above is
+	 * calculating the right length for the event we are adding
+	 */
 	if (pos != event_size)
-		return EFI_INVALID_PARAMETER;
+		log_err("Appending to the EventLog failed\n");
+}
 
-	/* if GetEventLog hasn't been called update the normal log */
-	if (!event_log.get_event_called) {
-		event_log.pos += pos;
-		event_log.last_event_size = pos;
-	} else {
-	/* if GetEventLog has been called update config table log */
-		struct efi_tcg2_final_events_table *final_event;
+/* tcg2_agile_log_append - Append an agile event to an eventlog
+ *
+ * @pcr_index:		PCR index
+ * @event_type:		type of event added
+ * @digest_list:	list of digest algorithms to add
+ * @size:		size of event
+ * @event:		event to add
+ * @log:		log buffer to append the event
+ *
+ * @Return: status code
+ */
+static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
+					  struct tpml_digest_values *digest_list,
+					  u32 size, u8 event[])
+{
+	void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
+	u32 event_size = size + tcg_event_final_size(digest_list);
+	struct efi_tcg2_final_events_table *final_event;
+	efi_status_t ret = EFI_SUCCESS;
 
-		final_event =
-			(struct efi_tcg2_final_events_table *)(event_log.final_buffer);
-		final_event->number_of_events++;
-		event_log.final_pos += pos;
+	/* if ExitBootServices hasn't been called update the normal log */
+	if (!event_log.ebs_called) {
+		if (event_log.truncated ||
+		    event_log.pos + event_size > TPM2_EVENT_LOG_SIZE) {
+			event_log.truncated = true;
+			return EFI_VOLUME_FULL;
+		}
+		put_event(pcr_index, event_type, digest_list, size, event, log);
+		event_log.pos += event_size;
+		event_log.last_event_size = event_size;
 	}
 
-	return EFI_SUCCESS;
+	if (!event_log.get_event_called)
+		return ret;
+
+	/* if GetEventLog has been called update FinalEventLog as well */
+	if (event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE)
+		return EFI_VOLUME_FULL;
+
+	log = (void *)((uintptr_t)event_log.final_buffer + event_log.final_pos);
+	put_event(pcr_index, event_type, digest_list, size, event, log);
+
+	final_event = event_log.final_buffer;
+	final_event->number_of_events++;
+	event_log.final_pos += event_size;
+
+	return ret;
 }
 
 /**
@@ -1303,6 +1343,7 @@ static efi_status_t efi_init_event_log(void)
 	event_log.pos = 0;
 	event_log.last_event_size = 0;
 	event_log.get_event_called = false;
+	event_log.ebs_called = false;
 	event_log.truncated = false;
 
 	/*
@@ -1472,7 +1513,7 @@ static efi_status_t tcg2_measure_boot_variable(struct udevice *dev)
 				      &var_data_size);
 
 		if (!bootvar) {
-			log_info("%ls not found\n", boot_name);
+			log_debug("%ls not found\n", boot_name);
 			continue;
 		}
 
@@ -1792,6 +1833,7 @@ efi_tcg2_notify_exit_boot_services(struct efi_event *event, void *context)
 
 	EFI_ENTRY("%p, %p", event, context);
 
+	event_log.ebs_called = true;
 	ret = platform_get_tpm2_device(&dev);
 	if (ret != EFI_SUCCESS)
 		goto out;
@@ -1902,6 +1944,7 @@ efi_status_t efi_tcg2_register(void)
 	efi_status_t ret = EFI_SUCCESS;
 	struct udevice *dev;
 	struct efi_event *event;
+	u32 err;
 
 	ret = platform_get_tpm2_device(&dev);
 	if (ret != EFI_SUCCESS) {
@@ -1909,6 +1952,13 @@ efi_status_t efi_tcg2_register(void)
 		return EFI_SUCCESS;
 	}
 
+	/* initialize the TPM as early as possible. */
+	err = tpm_startup(dev, TPM_ST_CLEAR);
+	if (err) {
+		log_err("TPM startup failed\n");
+		goto fail;
+	}
+
 	ret = efi_init_event_log();
 	if (ret != EFI_SUCCESS)
 		goto fail;
diff --git a/lib/efi_selftest/efi_selftest_exitbootservices.c b/lib/efi_selftest/efi_selftest_exitbootservices.c
index 4fecd1b415..59ab15407a 100644
--- a/lib/efi_selftest/efi_selftest_exitbootservices.c
+++ b/lib/efi_selftest/efi_selftest_exitbootservices.c
@@ -10,9 +10,34 @@
 
 #include <efi_selftest.h>
 
+static efi_guid_t guid_before_exit_boot_services =
+	EFI_GUID(0x8be0e274, 0x3970, 0x4b44, 0x80, 0xc5,
+		 0x1a, 0xb9, 0x50, 0x2f, 0x3b, 0xfc);
+#define CAPACITY 4
+
+struct notification_record {
+	unsigned int count;
+	unsigned int type[CAPACITY];
+};
+
+struct notification_context {
+	struct notification_record *record;
+	unsigned int type;
+};
+
 static struct efi_boot_services *boottime;
 static struct efi_event *event_notify;
-static unsigned int notification_count;
+struct notification_record record;
+
+struct notification_context context_before = {
+	.record = &record,
+	.type = 1,
+};
+
+struct notification_context context = {
+	.record = &record,
+	.type = 2,
+};
 
 /*
  * Notification function, increments the notification count.
@@ -20,11 +45,15 @@ static unsigned int notification_count;
  * @event	notified event
  * @context	pointer to the notification count
  */
-static void EFIAPI notify(struct efi_event *event, void *context)
+static void EFIAPI ebs_notify(struct efi_event *event, void *context)
 {
-	unsigned int *count = context;
+	struct notification_context *ctx = context;
+
+	if (ctx->record->count >= CAPACITY)
+		return;
 
-	++*count;
+	ctx->record->type[ctx->record->count] = ctx->type;
+	ctx->record->count++;
 }
 
 /*
@@ -43,15 +72,23 @@ static int setup(const efi_handle_t handle,
 
 	boottime = systable->boottime;
 
-	notification_count = 0;
 	ret = boottime->create_event(EVT_SIGNAL_EXIT_BOOT_SERVICES,
-				     TPL_CALLBACK, notify,
-				     (void *)&notification_count,
+				     TPL_CALLBACK, ebs_notify,
+				     &context,
 				     &event_notify);
 	if (ret != EFI_SUCCESS) {
 		efi_st_error("could not create event\n");
 		return EFI_ST_FAILURE;
 	}
+	ret = boottime->create_event_ex(0, TPL_CALLBACK, ebs_notify,
+					&context_before,
+					&guid_before_exit_boot_services,
+					&event_notify);
+	if (ret != EFI_SUCCESS) {
+		efi_st_error("could not create event\n");
+		return EFI_ST_FAILURE;
+	}
+
 	return EFI_ST_SUCCESS;
 }
 
@@ -68,13 +105,21 @@ static int setup(const efi_handle_t handle,
  */
 static int execute(void)
 {
-	if (notification_count != 1) {
-		efi_st_error("ExitBootServices was not notified\n");
+	if (record.count != 2) {
+		efi_st_error("Incorrect event count %u\n", record.count);
+		return EFI_ST_FAILURE;
+	}
+	if (record.type[0] != 1) {
+		efi_st_error("EFI_GROUP_BEFORE_EXIT_BOOT_SERVICE not notified\n");
+		return EFI_ST_FAILURE;
+	}
+	if (record.type[1] != 2) {
+		efi_st_error("EVT_SIGNAL_EXIT_BOOT_SERVICES was not notified\n");
 		return EFI_ST_FAILURE;
 	}
 	efi_st_exit_boot_services();
-	if (notification_count != 1) {
-		efi_st_error("ExitBootServices was notified twice\n");
+	if (record.count != 2) {
+		efi_st_error("Incorrect event count %u\n", record.count);
 		return EFI_ST_FAILURE;
 	}
 	return EFI_ST_SUCCESS;