From 85a6e9b3c9d16ec062a6da3129448f39aad94fc9 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 3 Jul 2017 13:32:35 +0200
Subject: efi_loader: Add check for fallback fdt memory reservation

When running bootefi, we allocate new space but never check whether
the allocation succeeded. This patch adds a check so that in case
things go wrong, we at least know they did.

Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/cmd/bootefi.c b/cmd/bootefi.c
index a0a5434..771300e 100644
--- a/cmd/bootefi.c
+++ b/cmd/bootefi.c
@@ -133,7 +133,13 @@ static void *copy_fdt(void *fdt)
 			       &new_fdt_addr) != EFI_SUCCESS) {
 		/* If we can't put it there, put it somewhere */
 		new_fdt_addr = (ulong)memalign(4096, fdt_size);
+		if (efi_allocate_pages(1, EFI_BOOT_SERVICES_DATA, fdt_pages,
+				       &new_fdt_addr) != EFI_SUCCESS) {
+			printf("ERROR: Failed to reserve space for FDT\n");
+			return NULL;
+		}
 	}
+
 	new_fdt = (void*)(ulong)new_fdt_addr;
 	memcpy(new_fdt, fdt, fdt_totalsize(fdt));
 	fdt_set_totalsize(new_fdt, fdt_size);
-- 
cgit v0.10.2


From 37a980b3fa0b0ad26b16b7b9b9dbb25b0075a06b Mon Sep 17 00:00:00 2001
From: Jonathan Gray <jsg@jsg.id.au>
Date: Sun, 12 Mar 2017 19:26:06 +1100
Subject: efi_loader: run CreateEvent() notify function based on flags

The UEFI specification states that the tpl, function and context
arguments are to be ignored if neither EVT_NOTIFY_WAIT or
EVT_NOTIFY_SIGNAL are specified.  This matches observed behaviour with
an AMI EDK2 based UEFI implementation.

Skip calling the notify function if neither flag is present.

Signed-off-by: Jonathan Gray <jsg@jsg.id.au>
Acked-By: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/include/efi_api.h b/include/efi_api.h
index 5c3836a..f071b36 100644
--- a/include/efi_api.h
+++ b/include/efi_api.h
@@ -28,6 +28,9 @@ enum efi_event_type {
 	EFI_TIMER_RELATIVE = 2
 };
 
+#define EVT_NOTIFY_WAIT		0x00000100
+#define EVT_NOTIFY_SIGNAL	0x00000200
+
 /* EFI Boot Services table */
 struct efi_boot_services {
 	struct efi_table_hdr hdr;
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 51080cb..eb5946a 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -210,7 +210,9 @@ void efi_timer_check(void)
 		/* Triggering! */
 		if (efi_event.trigger_type == EFI_TIMER_PERIODIC)
 			efi_event.trigger_next += efi_event.trigger_time / 10;
-		efi_event.notify_function(&efi_event, efi_event.notify_context);
+		if (efi_event.type & (EVT_NOTIFY_WAIT | EVT_NOTIFY_SIGNAL))
+			efi_event.notify_function(&efi_event,
+			                          efi_event.notify_context);
 	}
 
 	WATCHDOG_RESET();
-- 
cgit v0.10.2


From a95343b8d3db894681dd427bc60077abc891aecc Mon Sep 17 00:00:00 2001
From: Jonathan Gray <jsg@jsg.id.au>
Date: Sun, 12 Mar 2017 19:26:07 +1100
Subject: efi_loader: check CreateEvent() parameters

Add some of the invalid parameter checks described in the UEFI
specification for CreateEvent().  This does not include checking
the validity of the type and tpl parameters.

Signed-off-by: Jonathan Gray <jsg@jsg.id.au>
Acked-By: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: fix checkpatch.pl indent warning]
Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index eb5946a..44bcbb1 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -189,6 +189,16 @@ static efi_status_t EFIAPI efi_create_event(
 		return EFI_EXIT(EFI_OUT_OF_RESOURCES);
 	}
 
+	if (event == NULL)
+		return EFI_EXIT(EFI_INVALID_PARAMETER);
+
+	if ((type & EVT_NOTIFY_SIGNAL) && (type & EVT_NOTIFY_WAIT))
+		return EFI_EXIT(EFI_INVALID_PARAMETER);
+
+	if ((type & (EVT_NOTIFY_SIGNAL|EVT_NOTIFY_WAIT)) &&
+	    notify_function == NULL)
+		return EFI_EXIT(EFI_INVALID_PARAMETER);
+
 	efi_event.type = type;
 	efi_event.notify_tpl = notify_tpl;
 	efi_event.notify_function = notify_function;
-- 
cgit v0.10.2


From 6e0bf8d8b40ac0ad6987e203c50f1cb16d22273b Mon Sep 17 00:00:00 2001
From: Masahiro Yamada <yamada.masahiro@socionext.com>
Date: Thu, 22 Jun 2017 17:49:03 +0900
Subject: efi_loader: add static to local functions

These are locally used in lib/efi_loader/efi_boottime.c

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 44bcbb1..556d806 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -104,9 +104,9 @@ static void EFIAPI efi_restore_tpl(unsigned long old_tpl)
 	EFI_EXIT(efi_unsupported(__func__));
 }
 
-efi_status_t EFIAPI efi_allocate_pages_ext(int type, int memory_type,
-					   unsigned long pages,
-					   uint64_t *memory)
+static efi_status_t EFIAPI efi_allocate_pages_ext(int type, int memory_type,
+						  unsigned long pages,
+						  uint64_t *memory)
 {
 	efi_status_t r;
 
@@ -115,7 +115,8 @@ efi_status_t EFIAPI efi_allocate_pages_ext(int type, int memory_type,
 	return EFI_EXIT(r);
 }
 
-efi_status_t EFIAPI efi_free_pages_ext(uint64_t memory, unsigned long pages)
+static efi_status_t EFIAPI efi_free_pages_ext(uint64_t memory,
+					      unsigned long pages)
 {
 	efi_status_t r;
 
@@ -124,11 +125,12 @@ efi_status_t EFIAPI efi_free_pages_ext(uint64_t memory, unsigned long pages)
 	return EFI_EXIT(r);
 }
 
-efi_status_t EFIAPI efi_get_memory_map_ext(unsigned long *memory_map_size,
-					   struct efi_mem_desc *memory_map,
-					   unsigned long *map_key,
-					   unsigned long *descriptor_size,
-					   uint32_t *descriptor_version)
+static efi_status_t EFIAPI efi_get_memory_map_ext(
+					unsigned long *memory_map_size,
+					struct efi_mem_desc *memory_map,
+					unsigned long *map_key,
+					unsigned long *descriptor_size,
+					uint32_t *descriptor_version)
 {
 	efi_status_t r;
 
-- 
cgit v0.10.2


From 8e1d329ff5eebb7bcc9bf8eb931b8c6517598a10 Mon Sep 17 00:00:00 2001
From: "xypron.glpk@gmx.de" <xypron.glpk@gmx.de>
Date: Thu, 29 Jun 2017 21:16:19 +0200
Subject: efi_loader: efi_handle_protocol set attributes

UEFI spec 2.7 indicates that HandleProtocol can be implemented
by calling OpenProtocol with
attributes = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL.

Currently we pass attributes = 0 to efi_open_protocol. 0 is not a
valid value when calling OpenProtocol. This does not cause any errors
yet because our implementation of OpenProtocol is incomplete.

We should pass the correct value to enable a fully compliant
implementation of OpenProtocol in the future.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 556d806..27e51a2 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -752,8 +752,8 @@ static efi_status_t EFIAPI efi_handle_protocol(void *handle,
 					       efi_guid_t *protocol,
 					       void **protocol_interface)
 {
-	return efi_open_protocol(handle, protocol, protocol_interface,
-				 NULL, NULL, 0);
+	return efi_open_protocol(handle, protocol, protocol_interface, NULL,
+				 NULL, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL);
 }
 
 static const struct efi_boot_services efi_boot_services = {
-- 
cgit v0.10.2


From bc188a30c631939f470c94a8d0e3f7245192f456 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 3 Jul 2017 18:10:31 +0200
Subject: efi_loader: Add efi-next git tree to MAINTAINERS file

The efi-next tree lives on github, not the usual denx git.
Reflect this in the MAINTAINERS file so that people can
find it.

Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/MAINTAINERS b/MAINTAINERS
index 957e27c..85dfa14 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -264,6 +264,7 @@ F:	test/dm/
 EFI PAYLOAD
 M:	Alexander Graf <agraf@suse.de>
 S:	Maintained
+T:	git git://github.com/agraf/u-boot.git
 F:	include/efi_loader.h
 F:	lib/efi_loader/
 F:	cmd/bootefi.c
-- 
cgit v0.10.2


From da684a646d0c94f7a6126e7ecf110278691465a6 Mon Sep 17 00:00:00 2001
From: "xypron.glpk@gmx.de" <xypron.glpk@gmx.de>
Date: Tue, 4 Jul 2017 00:12:58 +0200
Subject: efi_loader: abort on unsupported relocation type

If a relocation type is not supported loading the EFI binary
should be aborted.

Writing a message only is insufficient.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: use a() != b coding style]
Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 3262d76..d4c62e6 100644
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -26,7 +26,7 @@ efi_status_t EFIAPI efi_return_handle(void *handle, efi_guid_t *protocol,
 	return EFI_SUCCESS;
 }
 
-static void efi_loader_relocate(const IMAGE_BASE_RELOCATION *rel,
+static efi_status_t efi_loader_relocate(const IMAGE_BASE_RELOCATION *rel,
 			unsigned long rel_size, void *efi_reloc)
 {
 	const IMAGE_BASE_RELOCATION *end;
@@ -63,11 +63,13 @@ static void efi_loader_relocate(const IMAGE_BASE_RELOCATION *rel,
 			default:
 				printf("Unknown Relocation off %x type %x\n",
 				       offset, type);
+				return EFI_LOAD_ERROR;
 			}
 			relocs++;
 		}
 		rel = (const IMAGE_BASE_RELOCATION *)relocs;
 	}
+	return EFI_SUCCESS;
 }
 
 void __weak invalidate_icache_all(void)
@@ -171,7 +173,11 @@ void *efi_load_pe(void *efi, struct efi_loaded_image *loaded_image_info)
 	}
 
 	/* Run through relocations */
-	efi_loader_relocate(rel, rel_size, efi_reloc);
+	if (efi_loader_relocate(rel, rel_size, efi_reloc) != EFI_SUCCESS) {
+		efi_free_pages((uintptr_t) efi_reloc,
+			       (virt_size + EFI_PAGE_MASK) >> EFI_PAGE_SHIFT);
+		return NULL;
+	}
 
 	/* Flush cache */
 	flush_cache((ulong)efi_reloc,
-- 
cgit v0.10.2