From mboxrd@z Thu Jan 1 00:00:00 1970 From: Masahisa Kojima Date: Thu, 15 Apr 2021 22:30:19 +0900 Subject: [PATCH 1/2] efi_loader: expose efi_image_parse() even if UEFI Secure Boot is disabled In-Reply-To: <20210415133020.29175-1-masahisa.kojima@linaro.org> References: <20210415133020.29175-1-masahisa.kojima@linaro.org> Message-ID: <20210415133020.29175-2-masahisa.kojima@linaro.org> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de This is preparation for PE/COFF measurement support. PE/COFF image hash calculation is same in both UEFI Secure Boot image verification and measurement in measured boot. This commit exposes the hash calculation functions even if UEFI Secure Boot is not enabled. Signed-off-by: Masahisa Kojima --- lib/efi_loader/efi_image_loader.c | 2 +- lib/efi_loader/efi_signature.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c index f53ef367ec..2c35cb5651 100644 --- a/lib/efi_loader/efi_image_loader.c +++ b/lib/efi_loader/efi_image_loader.c @@ -213,7 +213,6 @@ static void efi_set_code_and_data_type( } } -#ifdef CONFIG_EFI_SECURE_BOOT /** * cmp_pe_section() - compare virtual addresses of two PE image sections * @arg1: pointer to pointer to first section header @@ -422,6 +421,7 @@ err: return false; } +#ifdef CONFIG_EFI_SECURE_BOOT /** * efi_image_unsigned_authenticate() - authenticate unsigned image with * SHA256 hash diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c index c7ec275414..1dd9d0e130 100644 --- a/lib/efi_loader/efi_signature.c +++ b/lib/efi_loader/efi_signature.c @@ -538,6 +538,7 @@ out: EFI_PRINT("%s: Exit, revoked: %d\n", __func__, revoked); return !revoked; } +#endif /** * efi_image_region_add() - add an entry of region @@ -601,6 +602,7 @@ efi_status_t efi_image_region_add(struct efi_image_regions *regs, return EFI_SUCCESS; } +#if defined(CONFIG_EFI_SECURE_BOOT) || defined(CONFIG_EFI_CAPSULE_AUTHENTICATE) /** * efi_sigstore_free - free signature store * @sigstore: Pointer to signature store structure -- 2.17.1