1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2015 Neel Natu <neel@freebsd.org>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <sys/param.h>
30
31 #include <sys/types.h>
32 #include <sys/mman.h>
33 #include <sys/stat.h>
34
35 #include <machine/vmm.h>
36
37 #include <err.h>
38 #include <errno.h>
39 #include <fcntl.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 #include <string.h>
43 #include <unistd.h>
44 #include <stdbool.h>
45
46 #include <vmmapi.h>
47
48 #include "bhyverun.h"
49 #include "bootrom.h"
50 #include "debug.h"
51 #include "mem.h"
52
53 #define BOOTROM_SIZE (16 * 1024 * 1024) /* 16 MB */
54
55 /*
56 * ROM region is 16 MB at the top of 4GB ("low") memory.
57 *
58 * The size is limited so it doesn't encroach into reserved MMIO space (e.g.,
59 * APIC, HPET, MSI).
60 *
61 * It is allocated in page-multiple blocks on a first-come first-serve basis,
62 * from high to low, during initialization, and does not change at runtime.
63 */
64 static char *romptr; /* Pointer to userspace-mapped bootrom region. */
65 static vm_paddr_t gpa_base; /* GPA of low end of region. */
66 static vm_paddr_t gpa_allocbot; /* Low GPA of free region. */
67 static vm_paddr_t gpa_alloctop; /* High GPA, minus 1, of free region. */
68
69 #define CFI_BCS_WRITE_BYTE 0x10
70 #define CFI_BCS_CLEAR_STATUS 0x50
71 #define CFI_BCS_READ_STATUS 0x70
72 #define CFI_BCS_READ_ARRAY 0xff
73
74 static struct bootrom_var_state {
75 uint8_t *mmap;
76 uint64_t gpa;
77 off_t size;
78 uint8_t cmd;
79 } var = { NULL, 0, 0, CFI_BCS_READ_ARRAY };
80
81 /*
82 * Emulate just those CFI basic commands that will convince EDK II
83 * that the Firmware Volume area is writable and persistent.
84 */
85 static int
bootrom_var_mem_handler(struct vcpu * vcpu __unused,int dir,uint64_t addr,int size,uint64_t * val,void * arg1 __unused,long arg2 __unused)86 bootrom_var_mem_handler(struct vcpu *vcpu __unused, int dir, uint64_t addr,
87 int size, uint64_t *val, void *arg1 __unused, long arg2 __unused)
88 {
89 off_t offset;
90
91 offset = addr - var.gpa;
92 if (offset + size > var.size || offset < 0 || offset + size <= offset)
93 return (EINVAL);
94
95 if (dir == MEM_F_WRITE) {
96 switch (var.cmd) {
97 case CFI_BCS_WRITE_BYTE:
98 memcpy(var.mmap + offset, val, size);
99 var.cmd = CFI_BCS_READ_ARRAY;
100 break;
101 default:
102 var.cmd = *(uint8_t *)val;
103 }
104 } else {
105 switch (var.cmd) {
106 case CFI_BCS_CLEAR_STATUS:
107 case CFI_BCS_READ_STATUS:
108 memset(val, 0, size);
109 var.cmd = CFI_BCS_READ_ARRAY;
110 break;
111 default:
112 memcpy(val, var.mmap + offset, size);
113 break;
114 }
115 }
116 return (0);
117 }
118
119 void
init_bootrom(struct vmctx * ctx)120 init_bootrom(struct vmctx *ctx)
121 {
122 romptr = vm_create_devmem(ctx, VM_BOOTROM, "bootrom", BOOTROM_SIZE);
123 if (romptr == MAP_FAILED)
124 err(4, "%s: vm_create_devmem", __func__);
125 gpa_base = (1ULL << 32) - BOOTROM_SIZE;
126 gpa_allocbot = gpa_base;
127 gpa_alloctop = (1ULL << 32) - 1;
128 }
129
130 int
bootrom_alloc(struct vmctx * ctx,size_t len,int prot,int flags,char ** region_out,uint64_t * gpa_out)131 bootrom_alloc(struct vmctx *ctx, size_t len, int prot, int flags,
132 char **region_out, uint64_t *gpa_out)
133 {
134 static const int bootrom_valid_flags = BOOTROM_ALLOC_TOP;
135
136 vm_paddr_t gpa;
137 vm_ooffset_t segoff;
138
139 if (flags & ~bootrom_valid_flags) {
140 warnx("%s: Invalid flags: %x", __func__,
141 flags & ~bootrom_valid_flags);
142 return (EINVAL);
143 }
144 if (prot & ~_PROT_ALL) {
145 warnx("%s: Invalid protection: %x", __func__,
146 prot & ~_PROT_ALL);
147 return (EINVAL);
148 }
149
150 if (len == 0 || len > BOOTROM_SIZE) {
151 warnx("ROM size %zu is invalid", len);
152 return (EINVAL);
153 }
154 if (len & PAGE_MASK) {
155 warnx("ROM size %zu is not a multiple of the page size",
156 len);
157 return (EINVAL);
158 }
159
160 if (flags & BOOTROM_ALLOC_TOP) {
161 gpa = (gpa_alloctop - len) + 1;
162 if (gpa < gpa_allocbot) {
163 warnx("No room for %zu ROM in bootrom region", len);
164 return (ENOMEM);
165 }
166 } else {
167 gpa = gpa_allocbot;
168 if (gpa > (gpa_alloctop - len) + 1) {
169 warnx("No room for %zu ROM in bootrom region", len);
170 return (ENOMEM);
171 }
172 }
173
174 segoff = gpa - gpa_base;
175 if (vm_mmap_memseg(ctx, gpa, VM_BOOTROM, segoff, len, prot) != 0) {
176 int serrno = errno;
177 warn("%s: vm_mmap_mapseg", __func__);
178 return (serrno);
179 }
180
181 if (flags & BOOTROM_ALLOC_TOP)
182 gpa_alloctop = gpa - 1;
183 else
184 gpa_allocbot = gpa + len;
185
186 *region_out = romptr + segoff;
187 if (gpa_out != NULL)
188 *gpa_out = gpa;
189 return (0);
190 }
191
192 int
bootrom_loadrom(struct vmctx * ctx,const nvlist_t * nvl)193 bootrom_loadrom(struct vmctx *ctx, const nvlist_t *nvl)
194 {
195 struct stat sbuf;
196 ssize_t rlen;
197 off_t rom_size, var_size, total_size;
198 char *ptr, *romfile;
199 int fd, varfd, i, rv;
200 const char *bootrom, *varfile;
201
202 rv = -1;
203 varfd = -1;
204
205 bootrom = get_config_value_node(nvl, "bootrom");
206 if (bootrom == NULL) {
207 return (-1);
208 }
209
210 /*
211 * get_config_value_node may use a thread local buffer to return
212 * variables. So, when we query the second variable, the first variable
213 * might get overwritten. For that reason, the bootrom should be
214 * duplicated.
215 */
216 romfile = strdup(bootrom);
217 if (romfile == NULL) {
218 return (-1);
219 }
220
221 fd = open(romfile, O_RDONLY);
222 if (fd < 0) {
223 EPRINTLN("Error opening bootrom \"%s\": %s",
224 romfile, strerror(errno));
225 goto done;
226 }
227
228 if (fstat(fd, &sbuf) < 0) {
229 EPRINTLN("Could not fstat bootrom file \"%s\": %s", romfile,
230 strerror(errno));
231 goto done;
232 }
233
234 rom_size = sbuf.st_size;
235
236 varfile = get_config_value_node(nvl, "bootvars");
237 var_size = 0;
238 if (varfile != NULL) {
239 varfd = open(varfile, O_RDWR);
240 if (varfd < 0) {
241 fprintf(stderr, "Error opening bootrom variable file "
242 "\"%s\": %s\n", varfile, strerror(errno));
243 goto done;
244 }
245
246 if (fstat(varfd, &sbuf) < 0) {
247 fprintf(stderr,
248 "Could not fstat bootrom variable file \"%s\": %s\n",
249 varfile, strerror(errno));
250 goto done;
251 }
252
253 var_size = sbuf.st_size;
254 }
255
256 if (var_size > BOOTROM_SIZE ||
257 (var_size != 0 && var_size < PAGE_SIZE)) {
258 fprintf(stderr, "Invalid bootrom variable size %ld\n",
259 var_size);
260 goto done;
261 }
262
263 total_size = rom_size + var_size;
264
265 if (total_size > BOOTROM_SIZE) {
266 fprintf(stderr, "Invalid bootrom and variable aggregate size "
267 "%ld\n", total_size);
268 goto done;
269 }
270
271 /* Map the bootrom into the guest address space */
272 if (bootrom_alloc(ctx, rom_size, PROT_READ | PROT_EXEC,
273 BOOTROM_ALLOC_TOP, &ptr, NULL) != 0) {
274 goto done;
275 }
276
277 /* Read 'romfile' into the guest address space */
278 for (i = 0; i < rom_size / PAGE_SIZE; i++) {
279 rlen = read(fd, ptr + i * PAGE_SIZE, PAGE_SIZE);
280 if (rlen != PAGE_SIZE) {
281 EPRINTLN("Incomplete read of page %d of bootrom "
282 "file %s: %ld bytes", i, romfile, rlen);
283 goto done;
284 }
285 }
286
287 if (varfd >= 0) {
288 #ifdef __FreeBSD__
289 var.mmap = mmap(NULL, var_size, PROT_READ | PROT_WRITE,
290 MAP_SHARED, varfd, 0);
291 #else
292 var.mmap = (uint8_t *)mmap(NULL, var_size,
293 PROT_READ | PROT_WRITE, MAP_SHARED, varfd, 0);
294 #endif
295 if (var.mmap == MAP_FAILED)
296 goto done;
297 var.size = var_size;
298 var.gpa = (gpa_alloctop - var_size) + 1;
299 gpa_alloctop = var.gpa - 1;
300 rv = register_mem(&(struct mem_range){
301 .name = "bootrom variable",
302 .flags = MEM_F_RW,
303 .handler = bootrom_var_mem_handler,
304 .base = var.gpa,
305 .size = var.size,
306 });
307 if (rv != 0)
308 goto done;
309 }
310
311 rv = 0;
312 done:
313 if (varfd >= 0)
314 close(varfd);
315 if (fd >= 0)
316 close(fd);
317 free(romfile);
318 return (rv);
319 }
320