Merge tag 'efi-2021-10-rc4-2' of https://source.denx.de/u-boot/custodians/u-boot-efiWIP/12Sep2021

Pull request for efi-2021-10-rc4-2

Documentation:

* improve documentation of U-Boot for /config DT node
* integrate bloblist documentation

UEFI:

* correct usage of EFI_CALL()
* code tidy up

12 files changed, 88 insertions, 40 deletions

diff --git a/board/toradex/apalis-imx8/MAINTAINERS b/board/toradex/apalis-imx8/MAINTAINERS
index 7fbd1be10f..507172c596 100644
--- a/board/toradex/apalis-imx8/MAINTAINERS
+++ b/board/toradex/apalis-imx8/MAINTAINERS
@@ -6,5 +6,5 @@ F:	arch/arm/dts/fsl-imx8-apalis.dts
 F:	arch/arm/dts/fsl-imx8-apalis-u-boot.dtsi
 F:	board/toradex/apalis-imx8/
 F:	configs/apalis-imx8_defconfig
-F:	doc/board/toradex/apalix-imx8.rst
+F:	doc/board/toradex/apalis-imx8.rst
 F:	include/configs/apalis-imx8.h
diff --git a/cmd/nvedit_efi.c b/cmd/nvedit_efi.c
index 676bbda950..710d923a91 100644
--- a/cmd/nvedit_efi.c
+++ b/cmd/nvedit_efi.c
@@ -187,8 +187,8 @@ static int efi_dump_var_all(int argc,  char *const argv[],
 	var_name16[0] = 0;
 	for (;;) {
 		size = buf_size;
-		ret = EFI_CALL(efi_get_next_variable_name(&size, var_name16,
-							  &guid));
+		ret = efi_get_next_variable_name_int(&size, var_name16,
+						     &guid);
 		if (ret == EFI_NOT_FOUND)
 			break;
 		if (ret == EFI_BUFFER_TOO_SMALL) {
@@ -199,9 +199,8 @@ static int efi_dump_var_all(int argc,  char *const argv[],
 				return CMD_RET_FAILURE;
 			}
 			var_name16 = p;
-			ret = EFI_CALL(efi_get_next_variable_name(&size,
-								  var_name16,
-								  &guid));
+			ret = efi_get_next_variable_name_int(&size, var_name16,
+							     &guid);
 		}
 		if (ret != EFI_SUCCESS) {
 			free(var_name16);
diff --git a/doc/board/toradex/apalix-imx8.rst b/doc/board/toradex/apalis-imx8.rst
index 29593faf1a..29593faf1a 100644
--- a/doc/board/toradex/apalix-imx8.rst
+++ b/doc/board/toradex/apalis-imx8.rst
diff --git a/doc/board/toradex/apalix-imx8x.rst b/doc/board/toradex/apalis-imx8x.rst
index e62578b152..e62578b152 100644
--- a/doc/board/toradex/apalix-imx8x.rst
+++ b/doc/board/toradex/apalis-imx8x.rst
diff --git a/doc/board/toradex/index.rst b/doc/board/toradex/index.rst
index abba648f86..5652848019 100644
--- a/doc/board/toradex/index.rst
+++ b/doc/board/toradex/index.rst
@@ -6,8 +6,8 @@ Toradex
 .. toctree::
    :maxdepth: 2
 
-   apalix-imx8
-   apalix-imx8x
+   apalis-imx8
+   apalis-imx8x
    colibri_imx7
    colibri-imx8x
    verdin-imx8mm
diff --git a/doc/README.bloblist b/doc/develop/bloblist.rst
index 274c460557..317ebc4919 100644
--- a/doc/README.bloblist
+++ b/doc/develop/bloblist.rst
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: GPL-2.0+
+.. SPDX-License-Identifier: GPL-2.0+
 
 Blob Lists - bloblist
 =====================
@@ -39,7 +39,7 @@ Blob tags
 
 Each blob has a tag which is a 32-bit number. This uniquely identifies the
 owner of the blob. Blob tags are listed in enum blob_tag_t and are named
-with a BLOBT_ prefix.
+with a `BLOBT_` prefix.
 
 
 Single structure
diff --git a/doc/develop/index.rst b/doc/develop/index.rst
index 83c929babd..2a32645cfd 100644
--- a/doc/develop/index.rst
+++ b/doc/develop/index.rst
@@ -9,6 +9,7 @@ Implementation
 .. toctree::
    :maxdepth: 1
 
+   bloblist
    ci_testing
    commands
    devicetree/index
diff --git a/doc/device-tree-bindings/config.txt b/doc/device-tree-bindings/config.txt
index 6cdc16da5b..85379fbbe5 100644
--- a/doc/device-tree-bindings/config.txt
+++ b/doc/device-tree-bindings/config.txt
@@ -5,15 +5,39 @@ A number of run-time configuration options are provided in the /config node
 of the control device tree. You can access these using fdtdec_get_config_int(),
 fdtdec_get_config_bool() and fdtdec_get_config_string().
 
+These options are designed to affect the operation of U-Boot at runtime.
+Runtime-configuration items can help avoid proliferation of different builds
+with only minor changes, e.g. enabling and disabling console output. Items
+here should be those that can usefully be set by the build system after U-Boot
+is built.
+
 Available options are:
 
-silent-console
-	If present and non-zero, the console is silenced by default on boot.
+bootcmd (string)
+	Allows overwriting of the boot command used by U-Boot on startup. If
+	present, U-Boot uses this command instead. Note that this feature can
+	work even if loading the environment is disabled, e.g. for security
+	reasons. See also bootsecure.
+
+bootdelay (int)
+	This allows selecting of the U-Boot bootdelay, to control whether U-Boot
+	waits on boot or for how long. This allows this option to be configured
+	by the build system or by a previous-stage binary. For example, if the
+	images is being packed for testing or a user holds down a button, it may
+	allow a delay, but disable it for production.
 
-no-keyboard
-	Tells U-Boot not to expect an attached keyboard with a VGA console
+u-boot,boot-led (string)
+u-boot,error-led (string)
+	This is used to specify the label for an LED to indicate an error and
+	a successful boot, on supported hardware.
 
-u-boot,efi-partition-entries-offset
+bootsecure (int)
+	Indicates that U-Boot should use secure_boot_cmd() to run commands,
+	rather than the normal CLI. This can be used in production images, to
+	restrict the amount of parsing done or the options available, to cut
+	back on the available surface for security attacks.
+
+u-boot,efi-partition-entries-offset (int)
 	If present, this provides an offset (in bytes, from the start of a
 	device) that should be skipped over before the partition entries.
 	This is used by the EFI/GPT partition implementation when a device
@@ -21,17 +45,18 @@ u-boot,efi-partition-entries-offset
 
 	This setting will override any values configured via Kconfig.
 
-u-boot,mmc-env-partition
-	if present, the environment shall be placed at the last
-	CONFIG_ENV_SIZE blocks of the partition on the
-	CONFIG_SYS_MMC_ENV_DEV.
+kernel-offset (int)
+	This allows setting the 'kernaddr' environment variable, used to select
+	the address to load the kernel. It is useful for systems that use U-Boot
+	to flash a device, so the scripts that do this know where to put the
+	kernel to be flashed.
 
-	if u-boot,mmc-env-offset* is present, this setting will take
-	precedence. In that case, only if the partition is not found,
-	mmc-env-offset* will be tried.
+load-environment (int)
+	Allows control over whether U-Boot loads its environment after
+	relocation (0=no, 1 or not present=yes).
 
-u-boot,mmc-env-offset
-u-boot,mmc-env-offset-redundant
+u-boot,mmc-env-offset (int)
+u-boot,mmc-env-offset-redundant (int)
 	If present, the values of the 'u-boot,mmc-env-offset' and/or
 	of the u-boot,mmc-env-offset-redundant' properties overrides
 	CONFIG_ENV_OFFSET and CONFIG_ENV_OFFSET_REDUND, respectively,
@@ -42,12 +67,38 @@ u-boot,mmc-env-offset-redundant
 	will point at the beginning of a LBA and values that are not
 	LBA-aligned will be rounded up to the next LBA address.
 
-u-boot,spl-payload-offset
+u-boot,mmc-env-partition (int)
+	if present, the environment shall be placed at the last
+	CONFIG_ENV_SIZE blocks of the partition on the
+	CONFIG_SYS_MMC_ENV_DEV.
+
+	if u-boot,mmc-env-offset* is present, this setting will take
+	precedence. In that case, only if the partition is not found,
+	mmc-env-offset* will be tried.
+
+u-boot,no-apm-finalize (bool)
+	For x86 devices running on coreboot, this tells U-Boot not to lock
+	down the Intel Management Engine (ME) registers. This allows U-Boot to
+	access the hardware more fully for platforms that need it.
+
+u-boot,no-keyboard (bool)
+	Tells U-Boot not to expect an attached keyboard with a VGA console.
+
+rootdisk-offset (int)
+	This allows setting the 'rootdisk' environment variable, used to select
+	the address to load the rootdisk. It is useful for systems that use
+	U-Boot to flash a device, so the scripts that do this know where to put
+	the root disk to be flashed.
+
+silent-console (int)
+	If present and non-zero, the console is silenced by default on boot.
+
+u-boot,spl-payload-offset (int)
 	If present (and SPL is controlled by the device-tree), this allows
 	to override the CONFIG_SYS_SPI_U_BOOT_OFFS setting using a value
 	from the device-tree.
 
-sysreset-gpio
+sysreset-gpio (string)
 	If present (and supported by the specific board), indicates a
 	GPIO that can be set to trigger a system reset.  It is assumed
 	that such a system reset will effect a complete platform reset,
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
index c99384fb00..5a1a36212e 100644
--- a/include/efi_tcg2.h
+++ b/include/efi_tcg2.h
@@ -130,7 +130,7 @@ struct efi_tcg2_boot_service_capability {
 };
 
 /* up to and including the vendor ID (manufacturer_id) field */
-#define boot_service_capability_min \
+#define BOOT_SERVICE_CAPABILITY_MIN \
 	offsetof(struct efi_tcg2_boot_service_capability, number_of_pcr_banks)
 
 #define TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03 "Spec ID Event03"
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index edd4ae29f1..649ee57330 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -10,6 +10,7 @@ config EFI_LOADER
 	depends on !EFI_STUB || !X86_64 || EFI_STUB_64BIT
 	# We need EFI_STUB_32BIT to be set on x86_32 with EFI_STUB
 	depends on !EFI_STUB || !X86 || X86_64 || EFI_STUB_32BIT
+	depends on BLK
 	default y if !ARM || SYS_CPU = armv7 || SYS_CPU = armv8
 	select LIB_UUID
 	select PARTITION_UUIDS
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index b268a02976..cb48919223 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -607,8 +607,8 @@ efi_tcg2_get_capability(struct efi_tcg2_protocol *this,
 		goto out;
 	}
 
-	if (capability->size < boot_service_capability_min) {
-		capability->size = boot_service_capability_min;
+	if (capability->size < BOOT_SERVICE_CAPABILITY_MIN) {
+		capability->size = BOOT_SERVICE_CAPABILITY_MIN;
 		efi_ret = EFI_BUFFER_TOO_SMALL;
 		goto out;
 	}
@@ -865,20 +865,19 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
 	if (ret != EFI_SUCCESS)
 		return ret;
 
-	ret = EFI_CALL(efi_search_protocol(&handle->header,
-					   &efi_guid_loaded_image_device_path,
-					   &handler));
+	ret = efi_search_protocol(&handle->header,
+				  &efi_guid_loaded_image_device_path, &handler);
 	if (ret != EFI_SUCCESS)
 		return ret;
 
-	device_path = EFI_CALL(handler->protocol_interface);
+	device_path = handler->protocol_interface;
 	device_path_length = efi_dp_size(device_path);
 	if (device_path_length > 0) {
 		/* add end node size */
 		device_path_length += sizeof(struct efi_device_path);
 	}
 	event_size = sizeof(struct uefi_image_load_event) + device_path_length;
-	image_load_event = (struct uefi_image_load_event *)malloc(event_size);
+	image_load_event = calloc(1, event_size);
 	if (!image_load_event)
 		return EFI_OUT_OF_RESOURCES;
 
@@ -901,10 +900,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
 		goto out;
 	}
 
-	if (device_path_length > 0) {
-		memcpy(image_load_event->device_path, device_path,
-		       device_path_length);
-	}
+	/* device_path_length might be zero */
+	memcpy(image_load_event->device_path, device_path, device_path_length);
 
 	ret = tcg2_agile_log_append(pcr_index, event_type, &digest_list,
 				    event_size, (u8 *)image_load_event);
diff --git a/lib/efi_loader/efi_watchdog.c b/lib/efi_loader/efi_watchdog.c
index 61ea0f7926..87ca6c5b0b 100644
--- a/lib/efi_loader/efi_watchdog.c
+++ b/lib/efi_loader/efi_watchdog.c
@@ -27,8 +27,7 @@ static void EFIAPI efi_watchdog_timer_notify(struct efi_event *event,
 	EFI_ENTRY("%p, %p", event, context);
 
 	printf("\nEFI: Watchdog timeout\n");
-	EFI_CALL_VOID(efi_runtime_services.reset_system(EFI_RESET_COLD,
-							EFI_SUCCESS, 0, NULL));
+	do_reset(NULL, 0, 0, NULL);
 
 	EFI_EXIT(EFI_UNSUPPORTED);
 }