1 /*- 2 * Copyright (c) 2008-2010 Rui Paulo 3 * Copyright (c) 2006 Marcel Moolenaar 4 * All rights reserved. 5 * 6 * Copyright (c) 2016-2019 Netflix, Inc. written by M. Warner Losh 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include <stand.h> 31 32 #include <sys/disk.h> 33 #include <sys/param.h> 34 #include <sys/reboot.h> 35 #include <sys/boot.h> 36 #ifdef EFI_ZFS_BOOT 37 #include <sys/zfs_bootenv.h> 38 #endif 39 #include <paths.h> 40 #include <netinet/in.h> 41 #include <netinet/in_systm.h> 42 #include <stdint.h> 43 #include <string.h> 44 #include <setjmp.h> 45 #include <disk.h> 46 #include <dev_net.h> 47 #include <net.h> 48 #include <machine/_inttypes.h> 49 50 #include <efi.h> 51 #include <efilib.h> 52 #include <efichar.h> 53 #include <efirng.h> 54 55 #include <uuid.h> 56 57 #include <bootstrap.h> 58 #include <smbios.h> 59 60 #include <dev/random/fortuna.h> 61 #include <geom/eli/pkcs5v2.h> 62 63 #include "efizfs.h" 64 #include "framebuffer.h" 65 66 #include "platform/acfreebsd.h" 67 #include "acconfig.h" 68 #define ACPI_SYSTEM_XFACE 69 #include "actypes.h" 70 #include "actbl.h" 71 72 #include <acpi_detect.h> 73 74 #include "loader_efi.h" 75 76 struct arch_switch archsw = { /* MI/MD interface boundary */ 77 .arch_autoload = efi_autoload, 78 .arch_getdev = efi_getdev, 79 .arch_copyin = efi_copyin, 80 .arch_copyout = efi_copyout, 81 #if defined(__amd64__) || defined(__i386__) 82 .arch_hypervisor = x86_hypervisor, 83 #endif 84 .arch_readin = efi_readin, 85 .arch_zfs_probe = efi_zfs_probe, 86 }; 87 88 EFI_GUID devid = DEVICE_PATH_PROTOCOL; 89 EFI_GUID imgid = LOADED_IMAGE_PROTOCOL; 90 EFI_GUID mps = MPS_TABLE_GUID; 91 EFI_GUID netid = EFI_SIMPLE_NETWORK_PROTOCOL; 92 EFI_GUID smbios = SMBIOS_TABLE_GUID; 93 EFI_GUID smbios3 = SMBIOS3_TABLE_GUID; 94 EFI_GUID dxe = DXE_SERVICES_TABLE_GUID; 95 EFI_GUID hoblist = HOB_LIST_TABLE_GUID; 96 EFI_GUID lzmadecomp = LZMA_DECOMPRESSION_GUID; 97 EFI_GUID mpcore = ARM_MP_CORE_INFO_TABLE_GUID; 98 EFI_GUID esrt = ESRT_TABLE_GUID; 99 EFI_GUID memtype = MEMORY_TYPE_INFORMATION_TABLE_GUID; 100 EFI_GUID debugimg = DEBUG_IMAGE_INFO_TABLE_GUID; 101 EFI_GUID fdtdtb = FDT_TABLE_GUID; 102 EFI_GUID inputid = SIMPLE_TEXT_INPUT_PROTOCOL; 103 104 /* 105 * Number of seconds to wait for a keystroke before exiting with failure 106 * in the event no currdev is found. -2 means always break, -1 means 107 * never break, 0 means poll once and then reboot, > 0 means wait for 108 * that many seconds. "fail_timeout" can be set in the environment as 109 * well. 110 */ 111 static int fail_timeout = 5; 112 113 /* 114 * Current boot variable 115 */ 116 UINT16 boot_current; 117 118 /* 119 * Image that we booted from. 120 */ 121 EFI_LOADED_IMAGE *boot_img; 122 123 static bool 124 has_keyboard(void) 125 { 126 EFI_STATUS status; 127 EFI_DEVICE_PATH *path; 128 EFI_HANDLE *hin, *hin_end, *walker; 129 UINTN sz; 130 bool retval = false; 131 132 /* 133 * Find all the handles that support the SIMPLE_TEXT_INPUT_PROTOCOL and 134 * do the typical dance to get the right sized buffer. 135 */ 136 sz = 0; 137 hin = NULL; 138 status = BS->LocateHandle(ByProtocol, &inputid, 0, &sz, 0); 139 if (status == EFI_BUFFER_TOO_SMALL) { 140 hin = (EFI_HANDLE *)malloc(sz); 141 status = BS->LocateHandle(ByProtocol, &inputid, 0, &sz, 142 hin); 143 if (EFI_ERROR(status)) 144 free(hin); 145 } 146 if (EFI_ERROR(status)) 147 return retval; 148 149 /* 150 * Look at each of the handles. If it supports the device path protocol, 151 * use it to get the device path for this handle. Then see if that 152 * device path matches either the USB device path for keyboards or the 153 * legacy device path for keyboards. 154 */ 155 hin_end = &hin[sz / sizeof(*hin)]; 156 for (walker = hin; walker < hin_end; walker++) { 157 status = OpenProtocolByHandle(*walker, &devid, (void **)&path); 158 if (EFI_ERROR(status)) 159 continue; 160 161 while (!IsDevicePathEnd(path)) { 162 /* 163 * Check for the ACPI keyboard node. All PNP3xx nodes 164 * are keyboards of different flavors. Note: It is 165 * unclear of there's always a keyboard node when 166 * there's a keyboard controller, or if there's only one 167 * when a keyboard is detected at boot. 168 */ 169 if (DevicePathType(path) == ACPI_DEVICE_PATH && 170 (DevicePathSubType(path) == ACPI_DP || 171 DevicePathSubType(path) == ACPI_EXTENDED_DP)) { 172 ACPI_HID_DEVICE_PATH *acpi; 173 174 acpi = (ACPI_HID_DEVICE_PATH *)(void *)path; 175 if ((EISA_ID_TO_NUM(acpi->HID) & 0xff00) == 0x300 && 176 (acpi->HID & 0xffff) == PNP_EISA_ID_CONST) { 177 retval = true; 178 goto out; 179 } 180 /* 181 * Check for USB keyboard node, if present. Unlike a 182 * PS/2 keyboard, these definitely only appear when 183 * connected to the system. 184 */ 185 } else if (DevicePathType(path) == MESSAGING_DEVICE_PATH && 186 DevicePathSubType(path) == MSG_USB_CLASS_DP) { 187 USB_CLASS_DEVICE_PATH *usb; 188 189 usb = (USB_CLASS_DEVICE_PATH *)(void *)path; 190 if (usb->DeviceClass == 3 && /* HID */ 191 usb->DeviceSubClass == 1 && /* Boot devices */ 192 usb->DeviceProtocol == 1) { /* Boot keyboards */ 193 retval = true; 194 goto out; 195 } 196 } 197 path = NextDevicePathNode(path); 198 } 199 } 200 out: 201 free(hin); 202 return retval; 203 } 204 205 static void 206 set_currdev_devdesc(struct devdesc *currdev) 207 { 208 const char *devname; 209 210 devname = devformat(currdev); 211 printf("Setting currdev to %s\n", devname); 212 set_currdev(devname); 213 } 214 215 static void 216 set_currdev_devsw(struct devsw *dev, int unit) 217 { 218 struct devdesc currdev; 219 220 currdev.d_dev = dev; 221 currdev.d_unit = unit; 222 223 set_currdev_devdesc(&currdev); 224 } 225 226 static void 227 set_currdev_pdinfo(pdinfo_t *dp) 228 { 229 230 /* 231 * Disks are special: they have partitions. if the parent 232 * pointer is non-null, we're a partition not a full disk 233 * and we need to adjust currdev appropriately. 234 */ 235 if (dp->pd_devsw->dv_type == DEVT_DISK) { 236 struct disk_devdesc currdev; 237 238 currdev.dd.d_dev = dp->pd_devsw; 239 if (dp->pd_parent == NULL) { 240 currdev.dd.d_unit = dp->pd_unit; 241 currdev.d_slice = D_SLICENONE; 242 currdev.d_partition = D_PARTNONE; 243 } else { 244 currdev.dd.d_unit = dp->pd_parent->pd_unit; 245 currdev.d_slice = dp->pd_unit; 246 currdev.d_partition = D_PARTISGPT; /* XXX Assumes GPT */ 247 } 248 set_currdev_devdesc((struct devdesc *)&currdev); 249 } else { 250 set_currdev_devsw(dp->pd_devsw, dp->pd_unit); 251 } 252 } 253 254 static bool 255 sanity_check_currdev(void) 256 { 257 struct stat st; 258 259 return (stat(PATH_DEFAULTS_LOADER_CONF, &st) == 0 || 260 #ifdef PATH_BOOTABLE_TOKEN 261 stat(PATH_BOOTABLE_TOKEN, &st) == 0 || /* non-standard layout */ 262 #endif 263 stat(PATH_KERNEL, &st) == 0); 264 } 265 266 #ifdef EFI_ZFS_BOOT 267 static bool 268 probe_zfs_currdev(uint64_t guid) 269 { 270 char buf[VDEV_PAD_SIZE]; 271 char *devname; 272 struct zfs_devdesc currdev; 273 274 currdev.dd.d_dev = &zfs_dev; 275 currdev.dd.d_unit = 0; 276 currdev.pool_guid = guid; 277 currdev.root_guid = 0; 278 devname = devformat(&currdev.dd); 279 set_currdev(devname); 280 printf("Setting currdev to %s\n", devname); 281 init_zfs_boot_options(devname); 282 283 if (zfs_get_bootonce(&currdev, OS_BOOTONCE, buf, sizeof(buf)) == 0) { 284 printf("zfs bootonce: %s\n", buf); 285 set_currdev(buf); 286 setenv("zfs-bootonce", buf, 1); 287 } 288 (void)zfs_attach_nvstore(&currdev); 289 290 return (sanity_check_currdev()); 291 } 292 #endif 293 294 #ifdef MD_IMAGE_SIZE 295 extern struct devsw md_dev; 296 297 static bool 298 probe_md_currdev(void) 299 { 300 bool rv; 301 302 set_currdev_devsw(&md_dev, 0); 303 rv = sanity_check_currdev(); 304 if (!rv) 305 printf("MD not present\n"); 306 return (rv); 307 } 308 #endif 309 310 static bool 311 try_as_currdev(pdinfo_t *hd, pdinfo_t *pp) 312 { 313 #ifdef EFI_ZFS_BOOT 314 uint64_t guid; 315 316 /* 317 * If there's a zpool on this device, try it as a ZFS 318 * filesystem, which has somewhat different setup than all 319 * other types of fs due to imperfect loader integration. 320 * This all stems from ZFS being both a device (zpool) and 321 * a filesystem, plus the boot env feature. 322 */ 323 if (efizfs_get_guid_by_handle(pp->pd_handle, &guid)) 324 return (probe_zfs_currdev(guid)); 325 #endif 326 /* 327 * All other filesystems just need the pdinfo 328 * initialized in the standard way. 329 */ 330 set_currdev_pdinfo(pp); 331 return (sanity_check_currdev()); 332 } 333 334 /* 335 * Sometimes we get filenames that are all upper case 336 * and/or have backslashes in them. Filter all this out 337 * if it looks like we need to do so. 338 */ 339 static void 340 fix_dosisms(char *p) 341 { 342 while (*p) { 343 if (isupper(*p)) 344 *p = tolower(*p); 345 else if (*p == '\\') 346 *p = '/'; 347 p++; 348 } 349 } 350 351 #define SIZE(dp, edp) (size_t)((intptr_t)(void *)edp - (intptr_t)(void *)dp) 352 353 enum { BOOT_INFO_OK = 0, BAD_CHOICE = 1, NOT_SPECIFIC = 2 }; 354 static int 355 match_boot_info(char *boot_info, size_t bisz) 356 { 357 uint32_t attr; 358 uint16_t fplen; 359 size_t len; 360 char *walker, *ep; 361 EFI_DEVICE_PATH *dp, *edp, *first_dp, *last_dp; 362 pdinfo_t *pp; 363 CHAR16 *descr; 364 char *kernel = NULL; 365 FILEPATH_DEVICE_PATH *fp; 366 struct stat st; 367 CHAR16 *text; 368 369 /* 370 * FreeBSD encodes its boot loading path into the boot loader 371 * BootXXXX variable. We look for the last one in the path 372 * and use that to load the kernel. However, if we only find 373 * one DEVICE_PATH, then there's nothing specific and we should 374 * fall back. 375 * 376 * In an ideal world, we'd look at the image handle we were 377 * passed, match up with the loader we are and then return the 378 * next one in the path. This would be most flexible and cover 379 * many chain booting scenarios where you need to use this 380 * boot loader to get to the next boot loader. However, that 381 * doesn't work. We rarely have the path to the image booted 382 * (just the device) so we can't count on that. So, we do the 383 * next best thing: we look through the device path(s) passed 384 * in the BootXXXX variable. If there's only one, we return 385 * NOT_SPECIFIC. Otherwise, we look at the last one and try to 386 * load that. If we can, we return BOOT_INFO_OK. Otherwise we 387 * return BAD_CHOICE for the caller to sort out. 388 */ 389 if (bisz < sizeof(attr) + sizeof(fplen) + sizeof(CHAR16)) 390 return NOT_SPECIFIC; 391 walker = boot_info; 392 ep = walker + bisz; 393 memcpy(&attr, walker, sizeof(attr)); 394 walker += sizeof(attr); 395 memcpy(&fplen, walker, sizeof(fplen)); 396 walker += sizeof(fplen); 397 descr = (CHAR16 *)(intptr_t)walker; 398 len = ucs2len(descr); 399 walker += (len + 1) * sizeof(CHAR16); 400 last_dp = first_dp = dp = (EFI_DEVICE_PATH *)walker; 401 edp = (EFI_DEVICE_PATH *)(walker + fplen); 402 if ((char *)edp > ep) 403 return NOT_SPECIFIC; 404 while (dp < edp && SIZE(dp, edp) > sizeof(EFI_DEVICE_PATH)) { 405 text = efi_devpath_name(dp); 406 if (text != NULL) { 407 printf(" BootInfo Path: %S\n", text); 408 efi_free_devpath_name(text); 409 } 410 last_dp = dp; 411 dp = (EFI_DEVICE_PATH *)((char *)dp + efi_devpath_length(dp)); 412 } 413 414 /* 415 * If there's only one item in the list, then nothing was 416 * specified. Or if the last path doesn't have a media 417 * path in it. Those show up as various VenHw() nodes 418 * which are basically opaque to us. Don't count those 419 * as something specifc. 420 */ 421 if (last_dp == first_dp) { 422 printf("Ignoring Boot%04x: Only one DP found\n", boot_current); 423 return NOT_SPECIFIC; 424 } 425 if (efi_devpath_to_media_path(last_dp) == NULL) { 426 printf("Ignoring Boot%04x: No Media Path\n", boot_current); 427 return NOT_SPECIFIC; 428 } 429 430 /* 431 * OK. At this point we either have a good path or a bad one. 432 * Let's check. 433 */ 434 pp = efiblk_get_pdinfo_by_device_path(last_dp); 435 if (pp == NULL) { 436 printf("Ignoring Boot%04x: Device Path not found\n", boot_current); 437 return BAD_CHOICE; 438 } 439 set_currdev_pdinfo(pp); 440 if (!sanity_check_currdev()) { 441 printf("Ignoring Boot%04x: sanity check failed\n", boot_current); 442 return BAD_CHOICE; 443 } 444 445 /* 446 * OK. We've found a device that matches, next we need to check the last 447 * component of the path. If it's a file, then we set the default kernel 448 * to that. Otherwise, just use this as the default root. 449 * 450 * Reminder: we're running very early, before we've parsed the defaults 451 * file, so we may need to have a hack override. 452 */ 453 dp = efi_devpath_last_node(last_dp); 454 if (DevicePathType(dp) != MEDIA_DEVICE_PATH || 455 DevicePathSubType(dp) != MEDIA_FILEPATH_DP) { 456 printf("Using Boot%04x for root partition\n", boot_current); 457 return (BOOT_INFO_OK); /* use currdir, default kernel */ 458 } 459 fp = (FILEPATH_DEVICE_PATH *)dp; 460 ucs2_to_utf8(fp->PathName, &kernel); 461 if (kernel == NULL) { 462 printf("Not using Boot%04x: can't decode kernel\n", boot_current); 463 return (BAD_CHOICE); 464 } 465 if (*kernel == '\\' || isupper(*kernel)) 466 fix_dosisms(kernel); 467 if (stat(kernel, &st) != 0) { 468 free(kernel); 469 printf("Not using Boot%04x: can't find %s\n", boot_current, 470 kernel); 471 return (BAD_CHOICE); 472 } 473 setenv("kernel", kernel, 1); 474 free(kernel); 475 text = efi_devpath_name(last_dp); 476 if (text) { 477 printf("Using Boot%04x %S + %s\n", boot_current, text, 478 kernel); 479 efi_free_devpath_name(text); 480 } 481 482 return (BOOT_INFO_OK); 483 } 484 485 /* 486 * Look at the passed-in boot_info, if any. If we find it then we need 487 * to see if we can find ourselves in the boot chain. If we can, and 488 * there's another specified thing to boot next, assume that the file 489 * is loaded from / and use that for the root filesystem. If can't 490 * find the specified thing, we must fail the boot. If we're last on 491 * the list, then we fallback to looking for the first available / 492 * candidate (ZFS, if there's a bootable zpool, otherwise a UFS 493 * partition that has either /boot/defaults/loader.conf on it or 494 * /boot/kernel/kernel (the default kernel) that we can use. 495 * 496 * We always fail if we can't find the right thing. However, as 497 * a concession to buggy UEFI implementations, like u-boot, if 498 * we have determined that the host is violating the UEFI boot 499 * manager protocol, we'll signal the rest of the program that 500 * a drop to the OK boot loader prompt is possible. 501 */ 502 static int 503 find_currdev(bool do_bootmgr, char *boot_info, size_t boot_info_sz) 504 { 505 pdinfo_t *dp, *pp; 506 EFI_DEVICE_PATH *devpath, *copy; 507 EFI_HANDLE h; 508 CHAR16 *text; 509 struct devsw *dev; 510 int unit; 511 uint64_t extra; 512 int rv; 513 char *rootdev; 514 515 /* 516 * First choice: if rootdev is already set, use that, even if 517 * it's wrong. 518 */ 519 rootdev = getenv("rootdev"); 520 if (rootdev != NULL && *rootdev != '\0') { 521 printf(" Setting currdev to configured rootdev %s\n", 522 rootdev); 523 set_currdev(rootdev); 524 return (0); 525 } 526 527 /* 528 * Second choice: If uefi_rootdev is set, translate that UEFI device 529 * path to the loader's internal name and use that. 530 */ 531 do { 532 rootdev = getenv("uefi_rootdev"); 533 if (rootdev == NULL) 534 break; 535 devpath = efi_name_to_devpath(rootdev); 536 if (devpath == NULL) 537 break; 538 dp = efiblk_get_pdinfo_by_device_path(devpath); 539 efi_devpath_free(devpath); 540 if (dp == NULL) 541 break; 542 printf(" Setting currdev to UEFI path %s\n", 543 rootdev); 544 set_currdev_pdinfo(dp); 545 return (0); 546 } while (0); 547 548 /* 549 * Third choice: If we can find out image boot_info, and there's 550 * a follow-on boot image in that boot_info, use that. In this 551 * case root will be the partition specified in that image and 552 * we'll load the kernel specified by the file path. Should there 553 * not be a filepath, we use the default. This filepath overrides 554 * loader.conf. 555 */ 556 if (do_bootmgr) { 557 rv = match_boot_info(boot_info, boot_info_sz); 558 switch (rv) { 559 case BOOT_INFO_OK: /* We found it */ 560 return (0); 561 case BAD_CHOICE: /* specified file not found -> error */ 562 /* XXX do we want to have an escape hatch for last in boot order? */ 563 return (ENOENT); 564 } /* Nothing specified, try normal match */ 565 } 566 567 #ifdef EFI_ZFS_BOOT 568 /* 569 * Did efi_zfs_probe() detect the boot pool? If so, use the zpool 570 * it found, if it's sane. ZFS is the only thing that looks for 571 * disks and pools to boot. This may change in the future, however, 572 * if we allow specifying which pool to boot from via UEFI variables 573 * rather than the bootenv stuff that FreeBSD uses today. 574 */ 575 if (pool_guid != 0) { 576 printf("Trying ZFS pool\n"); 577 if (probe_zfs_currdev(pool_guid)) 578 return (0); 579 } 580 #endif /* EFI_ZFS_BOOT */ 581 582 #ifdef MD_IMAGE_SIZE 583 /* 584 * If there is an embedded MD, try to use that. 585 */ 586 printf("Trying MD\n"); 587 if (probe_md_currdev()) 588 return (0); 589 #endif /* MD_IMAGE_SIZE */ 590 591 /* 592 * Try to find the block device by its handle based on the 593 * image we're booting. If we can't find a sane partition, 594 * search all the other partitions of the disk. We do not 595 * search other disks because it's a violation of the UEFI 596 * boot protocol to do so. We fail and let UEFI go on to 597 * the next candidate. 598 */ 599 dp = efiblk_get_pdinfo_by_handle(boot_img->DeviceHandle); 600 if (dp != NULL) { 601 text = efi_devpath_name(dp->pd_devpath); 602 if (text != NULL) { 603 printf("Trying ESP: %S\n", text); 604 efi_free_devpath_name(text); 605 } 606 set_currdev_pdinfo(dp); 607 if (sanity_check_currdev()) 608 return (0); 609 if (dp->pd_parent != NULL) { 610 pdinfo_t *espdp = dp; 611 dp = dp->pd_parent; 612 STAILQ_FOREACH(pp, &dp->pd_part, pd_link) { 613 /* Already tried the ESP */ 614 if (espdp == pp) 615 continue; 616 /* 617 * Roll up the ZFS special case 618 * for those partitions that have 619 * zpools on them. 620 */ 621 text = efi_devpath_name(pp->pd_devpath); 622 if (text != NULL) { 623 printf("Trying: %S\n", text); 624 efi_free_devpath_name(text); 625 } 626 if (try_as_currdev(dp, pp)) 627 return (0); 628 } 629 } 630 } 631 632 /* 633 * Try the device handle from our loaded image first. If that 634 * fails, use the device path from the loaded image and see if 635 * any of the nodes in that path match one of the enumerated 636 * handles. Currently, this handle list is only for netboot. 637 */ 638 if (efi_handle_lookup(boot_img->DeviceHandle, &dev, &unit, &extra) == 0) { 639 set_currdev_devsw(dev, unit); 640 if (sanity_check_currdev()) 641 return (0); 642 } 643 644 copy = NULL; 645 devpath = efi_lookup_image_devpath(IH); 646 while (devpath != NULL) { 647 h = efi_devpath_handle(devpath); 648 if (h == NULL) 649 break; 650 651 free(copy); 652 copy = NULL; 653 654 if (efi_handle_lookup(h, &dev, &unit, &extra) == 0) { 655 set_currdev_devsw(dev, unit); 656 if (sanity_check_currdev()) 657 return (0); 658 } 659 660 devpath = efi_lookup_devpath(h); 661 if (devpath != NULL) { 662 copy = efi_devpath_trim(devpath); 663 devpath = copy; 664 } 665 } 666 free(copy); 667 668 return (ENOENT); 669 } 670 671 static bool 672 interactive_interrupt(const char *msg) 673 { 674 time_t now, then, last; 675 676 last = 0; 677 now = then = getsecs(); 678 printf("%s\n", msg); 679 if (fail_timeout == -2) /* Always break to OK */ 680 return (true); 681 if (fail_timeout == -1) /* Never break to OK */ 682 return (false); 683 do { 684 if (last != now) { 685 printf("press any key to interrupt reboot in %d seconds\r", 686 fail_timeout - (int)(now - then)); 687 last = now; 688 } 689 690 /* XXX no pause or timeout wait for char */ 691 if (ischar()) 692 return (true); 693 now = getsecs(); 694 } while (now - then < fail_timeout); 695 return (false); 696 } 697 698 static int 699 parse_args(int argc, CHAR16 *argv[]) 700 { 701 int i, howto; 702 char var[128]; 703 704 /* 705 * Parse the args to set the console settings, etc 706 * boot1.efi passes these in, if it can read /boot.config or /boot/config 707 * or iPXE may be setup to pass these in. Or the optional argument in the 708 * boot environment was used to pass these arguments in (in which case 709 * neither /boot.config nor /boot/config are consulted). 710 * 711 * Loop through the args, and for each one that contains an '=' that is 712 * not the first character, add it to the environment. This allows 713 * loader and kernel env vars to be passed on the command line. Convert 714 * args from UCS-2 to ASCII (16 to 8 bit) as they are copied (though this 715 * method is flawed for non-ASCII characters). 716 */ 717 howto = 0; 718 for (i = 0; i < argc; i++) { 719 cpy16to8(argv[i], var, sizeof(var)); 720 howto |= boot_parse_arg(var); 721 } 722 723 return (howto); 724 } 725 726 static void 727 setenv_int(const char *key, int val) 728 { 729 char buf[20]; 730 731 snprintf(buf, sizeof(buf), "%d", val); 732 setenv(key, buf, 1); 733 } 734 735 static void * 736 acpi_map_sdt(vm_offset_t addr) 737 { 738 /* PA == VA */ 739 return ((void *)addr); 740 } 741 742 static int 743 acpi_checksum(void *p, size_t length) 744 { 745 uint8_t *bp; 746 uint8_t sum; 747 748 bp = p; 749 sum = 0; 750 while (length--) 751 sum += *bp++; 752 753 return (sum); 754 } 755 756 static void * 757 acpi_find_table(uint8_t *sig) 758 { 759 int entries, i, addr_size; 760 ACPI_TABLE_HEADER *sdp; 761 ACPI_TABLE_RSDT *rsdt; 762 ACPI_TABLE_XSDT *xsdt; 763 vm_offset_t addr; 764 765 if (rsdp == NULL) 766 return (NULL); 767 768 rsdt = (ACPI_TABLE_RSDT *)(uintptr_t)rsdp->RsdtPhysicalAddress; 769 xsdt = (ACPI_TABLE_XSDT *)(uintptr_t)rsdp->XsdtPhysicalAddress; 770 if (rsdp->Revision < 2) { 771 sdp = (ACPI_TABLE_HEADER *)rsdt; 772 addr_size = sizeof(uint32_t); 773 } else { 774 sdp = (ACPI_TABLE_HEADER *)xsdt; 775 addr_size = sizeof(uint64_t); 776 } 777 entries = (sdp->Length - sizeof(ACPI_TABLE_HEADER)) / addr_size; 778 for (i = 0; i < entries; i++) { 779 if (addr_size == 4) 780 addr = le32toh(rsdt->TableOffsetEntry[i]); 781 else 782 addr = le64toh(xsdt->TableOffsetEntry[i]); 783 if (addr == 0) 784 continue; 785 sdp = (ACPI_TABLE_HEADER *)acpi_map_sdt(addr); 786 if (acpi_checksum(sdp, sdp->Length)) { 787 printf("RSDT entry %d (sig %.4s) is corrupt", i, 788 sdp->Signature); 789 continue; 790 } 791 if (memcmp(sig, sdp->Signature, 4) == 0) 792 return (sdp); 793 } 794 return (NULL); 795 } 796 797 /* 798 * Convert the InterfaceType in the SPCR. These are encoded the same for DBG2 799 * tables as well (though we don't parse those here). 800 */ 801 static const char * 802 acpi_uart_type(UINT8 t) 803 { 804 static const char *types[] = { 805 [0x00] = "ns8250", /* Full 16550 */ 806 [0x01] = "ns8250", /* DBGP Rev 1 16550 subset */ 807 [0x03] = "pl011", /* Arm PL011 */ 808 [0x05] = "ns8250", /* Nvidia 16550 */ 809 [0x0d] = "pl011", /* Arm SBSA 32-bit width */ 810 [0x0e] = "pl011", /* Arm SBSA generic */ 811 [0x12] = "ns8250", /* 16550 defined in SerialPort */ 812 }; 813 814 if (t >= nitems(types)) 815 return (NULL); 816 return (types[t]); 817 } 818 819 static int 820 acpi_uart_baud(UINT8 b) 821 { 822 static int baud[] = { 0, -1, -1, 9600, 19200, -1, 57600, 115200 }; 823 824 if (b > 7) 825 return (-1); 826 return (baud[b]); 827 } 828 829 static int 830 acpi_uart_regionwidth(UINT8 rw) 831 { 832 if (rw == 0) 833 return (1); 834 if (rw > 4) 835 return (-1); 836 return (1 << (rw - 1)); 837 } 838 839 static const char * 840 acpi_uart_parity(UINT8 p) 841 { 842 /* Some of these SPCR entires get this wrong, hard wire none */ 843 return ("none"); 844 } 845 846 /* 847 * See if we can find a SPCR ACPI table in the static tables. If so, then it 848 * describes the serial console that's been redirected to, so we know that at 849 * least there's a serial console. this is most important for embedded systems 850 * that don't have traidtional PC serial ports. 851 * 852 * All the two letter variables in this function correspond to their usage in 853 * the uart(4) console string. We use io == -1 to select between I/O ports and 854 * memory mapped addresses. Set both hw.uart.console and hw.uart.consol.extra 855 * to communicate settings from SPCR to the kernel. 856 */ 857 static int 858 check_acpi_spcr(void) 859 { 860 ACPI_TABLE_SPCR *spcr; 861 int br, db, io, rs, rw, xo, pv, pd; 862 uintmax_t mm; 863 const char *dt, *pa; 864 char *val = NULL; 865 866 spcr = acpi_find_table(ACPI_SIG_SPCR); 867 if (spcr == NULL) 868 return (0); 869 dt = acpi_uart_type(spcr->InterfaceType); 870 if (dt == NULL) { /* Kernel can't use unknown types */ 871 printf("UART Type %d not known\n", spcr->InterfaceType); 872 return (0); 873 } 874 875 /* I/O vs Memory mapped vs PCI device */ 876 io = -1; 877 pv = spcr->PciVendorId; 878 pd = spcr->PciDeviceId; 879 if (pv == 0xffff && pd == 0xffff) { 880 if (spcr->SerialPort.SpaceId == 1) 881 io = spcr->SerialPort.Address; 882 else { 883 mm = spcr->SerialPort.Address; 884 rs = ffs(spcr->SerialPort.BitWidth) - 4; 885 rw = acpi_uart_regionwidth(spcr->SerialPort.AccessWidth); 886 } 887 } else { 888 /* XXX todo: bus:device:function + flags and segment */ 889 } 890 891 /* Uart settings */ 892 pa = acpi_uart_parity(spcr->Parity); 893 db = 8; 894 895 /* 896 * UartClkFreq is 3 and newer. We always use it then (it's only valid if 897 * it isn't 0, but if it is 0, we want to use 0 to have the kernel 898 * guess). 899 */ 900 if (spcr->Header.Revision <= 2) 901 xo = 0; 902 else 903 xo = spcr->UartClkFreq; 904 905 /* 906 * PreciseBaudrate, when non-zero, is to be preferred. It's only valid, 907 * though, for rev 4 and newer. So when it's 0 or the version is too 908 * old, we do the old-style table lookup. Otherwise we believe it. 909 */ 910 if (spcr->Header.Revision <= 3 || spcr->PreciseBaudrate == 0) 911 br = acpi_uart_baud(spcr->BaudRate); 912 else 913 br = spcr->PreciseBaudrate; 914 915 if (io != -1) { 916 asprintf(&val, "db:%d,dt:%s,io:%#x,pa:%s,br:%d,xo=%d", 917 db, dt, io, pa, br, xo); 918 } else if (pv != 0xffff && pd != 0xffff) { 919 asprintf(&val, "db:%d,dt:%s,pv:%#x,pd:%#x,pa:%s,br:%d,xo=%d", 920 db, dt, pv, pd, pa, br, xo); 921 } else { 922 asprintf(&val, "db:%d,dt:%s,mm:%#jx,rs:%d,rw:%d,pa:%s,br:%d,xo=%d", 923 db, dt, mm, rs, rw, pa, br, xo); 924 } 925 env_setenv("hw.uart.console", EV_VOLATILE, val, NULL, NULL); 926 free(val); 927 928 return (RB_SERIAL); 929 } 930 931 932 /* 933 * Parse ConOut (the list of consoles active) and see if we can find a serial 934 * port and/or a video port. It would be nice to also walk the ACPI DSDT to map 935 * the UID for the serial port to a port since there's no standard mapping. Also 936 * check for ConIn as well. This will be enough to determine if we have serial, 937 * and if we don't, we default to video. If there's a dual-console situation 938 * with only ConIn defined, this will currently fail. 939 */ 940 int 941 parse_uefi_con_out(void) 942 { 943 int how, rv; 944 int vid_seen = 0, com_seen = 0, seen = 0; 945 size_t sz; 946 char buf[4096], *ep; 947 EFI_DEVICE_PATH *node; 948 ACPI_HID_DEVICE_PATH *acpi; 949 UART_DEVICE_PATH *uart; 950 bool pci_pending; 951 952 /* 953 * A SPCR in the ACPI fixed tables documents a serial port used for the 954 * console. It may mirror a video console, or may be stand alone. If it 955 * is present, we return RB_SERIAL and will use it for the kernel. 956 */ 957 how = check_acpi_spcr(); 958 sz = sizeof(buf); 959 rv = efi_global_getenv("ConOut", buf, &sz); 960 if (rv != EFI_SUCCESS) 961 rv = efi_global_getenv("ConOutDev", buf, &sz); 962 if (rv != EFI_SUCCESS) 963 rv = efi_global_getenv("ConIn", buf, &sz); 964 if (rv != EFI_SUCCESS) { 965 /* 966 * If we don't have any Con* variable use both. If we have GOP 967 * make video primary, otherwise set serial primary. In either 968 * case, try to use both the 'efi' console which will use the 969 * GOP, if present and serial. If there's an EFI BIOS that omits 970 * this, but has a serial port redirect, we'll unavioidably get 971 * doubled characters, but we'll be right in all the other more 972 * common cases. 973 */ 974 if (efi_has_gop()) 975 how |= RB_MULTIPLE; 976 else 977 how |= RB_MULTIPLE | RB_SERIAL; 978 setenv("console", "efi,comconsole", 1); 979 goto out; 980 } 981 ep = buf + sz; 982 node = (EFI_DEVICE_PATH *)buf; 983 while ((char *)node < ep) { 984 if (IsDevicePathEndType(node)) { 985 if (pci_pending && vid_seen == 0) 986 vid_seen = ++seen; 987 } 988 pci_pending = false; 989 if (DevicePathType(node) == ACPI_DEVICE_PATH && 990 (DevicePathSubType(node) == ACPI_DP || 991 DevicePathSubType(node) == ACPI_EXTENDED_DP)) { 992 /* Check for Serial node */ 993 acpi = (void *)node; 994 if (EISA_ID_TO_NUM(acpi->HID) == 0x501) { 995 setenv_int("efi_8250_uid", acpi->UID); 996 com_seen = ++seen; 997 } 998 } else if (DevicePathType(node) == MESSAGING_DEVICE_PATH && 999 DevicePathSubType(node) == MSG_UART_DP) { 1000 com_seen = ++seen; 1001 uart = (void *)node; 1002 setenv_int("efi_com_speed", uart->BaudRate); 1003 } else if (DevicePathType(node) == ACPI_DEVICE_PATH && 1004 DevicePathSubType(node) == ACPI_ADR_DP) { 1005 /* Check for AcpiAdr() Node for video */ 1006 vid_seen = ++seen; 1007 } else if (DevicePathType(node) == HARDWARE_DEVICE_PATH && 1008 DevicePathSubType(node) == HW_PCI_DP) { 1009 /* 1010 * Note, vmware fusion has a funky console device 1011 * PciRoot(0x0)/Pci(0xf,0x0) 1012 * which we can only detect at the end since we also 1013 * have to cope with: 1014 * PciRoot(0x0)/Pci(0x1f,0x0)/Serial(0x1) 1015 * so only match it if it's last. 1016 */ 1017 pci_pending = true; 1018 } 1019 node = NextDevicePathNode(node); 1020 } 1021 1022 /* 1023 * Truth table for RB_MULTIPLE | RB_SERIAL 1024 * Value Result 1025 * 0 Use only video console 1026 * RB_SERIAL Use only serial console 1027 * RB_MULTIPLE Use both video and serial console 1028 * (but video is primary so gets rc messages) 1029 * both Use both video and serial console 1030 * (but serial is primary so gets rc messages) 1031 * 1032 * Try to honor this as best we can. If only one of serial / video 1033 * found, then use that. Otherwise, use the first one we found. 1034 * This also implies if we found nothing, default to video. 1035 */ 1036 how = 0; 1037 if (vid_seen && com_seen) { 1038 how |= RB_MULTIPLE; 1039 if (com_seen < vid_seen) 1040 how |= RB_SERIAL; 1041 } else if (com_seen) 1042 how |= RB_SERIAL; 1043 out: 1044 return (how); 1045 } 1046 1047 void 1048 parse_loader_efi_config(EFI_HANDLE h, const char *env_fn) 1049 { 1050 pdinfo_t *dp; 1051 struct stat st; 1052 int fd = -1; 1053 char *env = NULL; 1054 1055 dp = efiblk_get_pdinfo_by_handle(h); 1056 if (dp == NULL) 1057 return; 1058 set_currdev_pdinfo(dp); 1059 if (stat(env_fn, &st) != 0) 1060 return; 1061 fd = open(env_fn, O_RDONLY); 1062 if (fd == -1) 1063 return; 1064 env = malloc(st.st_size + 1); 1065 if (env == NULL) 1066 goto out; 1067 if (read(fd, env, st.st_size) != st.st_size) 1068 goto out; 1069 env[st.st_size] = '\0'; 1070 boot_parse_cmdline(env); 1071 out: 1072 free(env); 1073 close(fd); 1074 } 1075 1076 static void 1077 read_loader_env(const char *name, char *def_fn, bool once) 1078 { 1079 UINTN len; 1080 char *fn, *freeme = NULL; 1081 1082 len = 0; 1083 fn = def_fn; 1084 if (efi_freebsd_getenv(name, NULL, &len) == EFI_BUFFER_TOO_SMALL) { 1085 freeme = fn = malloc(len + 1); 1086 if (fn != NULL) { 1087 if (efi_freebsd_getenv(name, fn, &len) != EFI_SUCCESS) { 1088 free(fn); 1089 fn = NULL; 1090 printf( 1091 "Can't fetch FreeBSD::%s we know is there\n", name); 1092 } else { 1093 /* 1094 * if tagged as 'once' delete the env variable so we 1095 * only use it once. 1096 */ 1097 if (once) 1098 efi_freebsd_delenv(name); 1099 /* 1100 * We malloced 1 more than len above, then redid the call. 1101 * so now we have room at the end of the string to NUL terminate 1102 * it here, even if the typical idium would have '- 1' here to 1103 * not overflow. len should be the same on return both times. 1104 */ 1105 fn[len] = '\0'; 1106 } 1107 } else { 1108 printf( 1109 "Can't allocate %d bytes to fetch FreeBSD::%s env var\n", 1110 len, name); 1111 } 1112 } 1113 if (fn) { 1114 printf(" Reading loader env vars from %s\n", fn); 1115 parse_loader_efi_config(boot_img->DeviceHandle, fn); 1116 } 1117 1118 free(freeme); 1119 } 1120 1121 caddr_t 1122 ptov(uintptr_t x) 1123 { 1124 return ((caddr_t)x); 1125 } 1126 1127 static void 1128 efi_smbios_detect(void) 1129 { 1130 VOID *smbios_v2_ptr = NULL; 1131 UINTN k; 1132 1133 for (k = 0; k < ST->NumberOfTableEntries; k++) { 1134 EFI_GUID *guid; 1135 VOID *const VT = ST->ConfigurationTable[k].VendorTable; 1136 char buf[40]; 1137 bool is_smbios_v2, is_smbios_v3; 1138 1139 guid = &ST->ConfigurationTable[k].VendorGuid; 1140 is_smbios_v2 = memcmp(guid, &smbios, sizeof(*guid)) == 0; 1141 is_smbios_v3 = memcmp(guid, &smbios3, sizeof(*guid)) == 0; 1142 1143 if (!is_smbios_v2 && !is_smbios_v3) 1144 continue; 1145 1146 snprintf(buf, sizeof(buf), "%p", VT); 1147 setenv("hint.smbios.0.mem", buf, 1); 1148 if (is_smbios_v2) 1149 /* 1150 * We will parse a v2 table only if we don't find a v3 1151 * table. In the meantime, store the address. 1152 */ 1153 smbios_v2_ptr = VT; 1154 else if (smbios_detect(VT) != NULL) 1155 /* v3 parsing succeeded, we are done. */ 1156 return; 1157 } 1158 if (smbios_v2_ptr != NULL) 1159 (void)smbios_detect(smbios_v2_ptr); 1160 } 1161 1162 EFI_STATUS 1163 main(int argc, CHAR16 *argv[]) 1164 { 1165 int howto, i, uhowto; 1166 bool has_kbd; 1167 char *s; 1168 EFI_DEVICE_PATH *imgpath; 1169 CHAR16 *text; 1170 EFI_STATUS rv; 1171 size_t sz, bisz = 0; 1172 UINT16 boot_order[100]; 1173 char boot_info[4096]; 1174 char buf[32]; 1175 bool uefi_boot_mgr; 1176 1177 #if !defined(__arm__) 1178 efi_smbios_detect(); 1179 #endif 1180 1181 /* Get our loaded image protocol interface structure. */ 1182 (void) OpenProtocolByHandle(IH, &imgid, (void **)&boot_img); 1183 1184 /* Report the RSDP early. */ 1185 acpi_detect(); 1186 1187 /* 1188 * Chicken-and-egg problem; we want to have console output early, but 1189 * some console attributes may depend on reading from eg. the boot 1190 * device, which we can't do yet. We can use printf() etc. once this is 1191 * done. So, we set it to the efi console, then call console init. This 1192 * gets us printf early, but also primes the pump for all future console 1193 * changes to take effect, regardless of where they come from. 1194 */ 1195 setenv("console", "efi", 1); 1196 uhowto = parse_uefi_con_out(); 1197 #if defined(__riscv) 1198 /* 1199 * This workaround likely is papering over a real issue 1200 */ 1201 if ((uhowto & RB_SERIAL) != 0) 1202 setenv("console", "comconsole", 1); 1203 #endif 1204 cons_probe(); 1205 1206 /* Set print_delay variable to have hooks in place. */ 1207 env_setenv("print_delay", EV_VOLATILE, "", setprint_delay, env_nounset); 1208 1209 /* Set up currdev variable to have hooks in place. */ 1210 env_setenv("currdev", EV_VOLATILE, "", gen_setcurrdev, env_nounset); 1211 1212 /* Init the time source */ 1213 efi_time_init(); 1214 1215 /* 1216 * Initialise the block cache. Set the upper limit. 1217 */ 1218 bcache_init(32768, 512); 1219 1220 /* 1221 * Scan the BLOCK IO MEDIA handles then 1222 * march through the device switch probing for things. 1223 */ 1224 i = efipart_inithandles(); 1225 if (i != 0 && i != ENOENT) { 1226 printf("efipart_inithandles failed with ERRNO %d, expect " 1227 "failures\n", i); 1228 } 1229 1230 devinit(); 1231 1232 /* 1233 * Detect console settings two different ways: one via the command 1234 * args (eg -h) or via the UEFI ConOut variable. 1235 */ 1236 has_kbd = has_keyboard(); 1237 howto = parse_args(argc, argv); 1238 if (!has_kbd && (howto & RB_PROBE)) 1239 howto |= RB_SERIAL | RB_MULTIPLE; 1240 howto &= ~RB_PROBE; 1241 1242 /* 1243 * Read additional environment variables from the boot device's 1244 * "LoaderEnv" file. Any boot loader environment variable may be set 1245 * there, which are subtly different than loader.conf variables. Only 1246 * the 'simple' ones may be set so things like foo_load="YES" won't work 1247 * for two reasons. First, the parser is simplistic and doesn't grok 1248 * quotes. Second, because the variables that cause an action to happen 1249 * are parsed by the lua, 4th or whatever code that's not yet 1250 * loaded. This is relative to the root directory when loader.efi is 1251 * loaded off the UFS root drive (when chain booted), or from the ESP 1252 * when directly loaded by the BIOS. 1253 * 1254 * We also read in NextLoaderEnv if it was specified. This allows next boot 1255 * functionality to be implemented and to override anything in LoaderEnv. 1256 */ 1257 read_loader_env("LoaderEnv", "/efi/freebsd/loader.env", false); 1258 read_loader_env("NextLoaderEnv", NULL, true); 1259 1260 /* 1261 * We now have two notions of console. howto should be viewed as 1262 * overrides. If console is already set, don't set it again. 1263 */ 1264 #define VIDEO_ONLY 0 1265 #define SERIAL_ONLY RB_SERIAL 1266 #define VID_SER_BOTH RB_MULTIPLE 1267 #define SER_VID_BOTH (RB_SERIAL | RB_MULTIPLE) 1268 #define CON_MASK (RB_SERIAL | RB_MULTIPLE) 1269 if (strcmp(getenv("console"), "efi") == 0) { 1270 if ((howto & CON_MASK) == 0) { 1271 /* No override, uhowto is controlling and efi cons is perfect */ 1272 howto = howto | (uhowto & CON_MASK); 1273 } else if ((howto & CON_MASK) == (uhowto & CON_MASK)) { 1274 /* override matches what UEFI told us, efi console is perfect */ 1275 } else if ((uhowto & (CON_MASK)) != 0) { 1276 /* 1277 * We detected a serial console on ConOut. All possible 1278 * overrides include serial. We can't really override what efi 1279 * gives us, so we use it knowing it's the best choice. 1280 */ 1281 /* Do nothing */ 1282 } else { 1283 /* 1284 * We detected some kind of serial in the override, but ConOut 1285 * has no serial, so we have to sort out which case it really is. 1286 */ 1287 switch (howto & CON_MASK) { 1288 case SERIAL_ONLY: 1289 setenv("console", "comconsole", 1); 1290 break; 1291 case VID_SER_BOTH: 1292 setenv("console", "efi comconsole", 1); 1293 break; 1294 case SER_VID_BOTH: 1295 setenv("console", "comconsole efi", 1); 1296 break; 1297 /* case VIDEO_ONLY can't happen -- it's the first if above */ 1298 } 1299 } 1300 } 1301 1302 /* 1303 * howto is set now how we want to export the flags to the kernel, so 1304 * set the env based on it. 1305 */ 1306 boot_howto_to_env(howto); 1307 1308 if (efi_copy_init()) 1309 return (EFI_BUFFER_TOO_SMALL); 1310 1311 if ((s = getenv("fail_timeout")) != NULL) 1312 fail_timeout = strtol(s, NULL, 10); 1313 1314 printf("%s\n", bootprog_info); 1315 printf(" Command line arguments:"); 1316 for (i = 0; i < argc; i++) 1317 printf(" %S", argv[i]); 1318 printf("\n"); 1319 1320 printf(" Image base: 0x%lx\n", (unsigned long)boot_img->ImageBase); 1321 printf(" EFI version: %d.%02d\n", ST->Hdr.Revision >> 16, 1322 ST->Hdr.Revision & 0xffff); 1323 printf(" EFI Firmware: %S (rev %d.%02d)\n", ST->FirmwareVendor, 1324 ST->FirmwareRevision >> 16, ST->FirmwareRevision & 0xffff); 1325 printf(" Console: %s (%#x)\n", getenv("console"), howto); 1326 1327 /* Determine the devpath of our image so we can prefer it. */ 1328 text = efi_devpath_name(boot_img->FilePath); 1329 if (text != NULL) { 1330 printf(" Load Path: %S\n", text); 1331 efi_setenv_freebsd_wcs("LoaderPath", text); 1332 efi_free_devpath_name(text); 1333 } 1334 1335 rv = OpenProtocolByHandle(boot_img->DeviceHandle, &devid, 1336 (void **)&imgpath); 1337 if (rv == EFI_SUCCESS) { 1338 text = efi_devpath_name(imgpath); 1339 if (text != NULL) { 1340 printf(" Load Device: %S\n", text); 1341 efi_setenv_freebsd_wcs("LoaderDev", text); 1342 efi_free_devpath_name(text); 1343 } 1344 } 1345 1346 if (getenv("uefi_ignore_boot_mgr") != NULL) { 1347 printf(" Ignoring UEFI boot manager\n"); 1348 uefi_boot_mgr = false; 1349 } else { 1350 uefi_boot_mgr = true; 1351 boot_current = 0; 1352 sz = sizeof(boot_current); 1353 rv = efi_global_getenv("BootCurrent", &boot_current, &sz); 1354 if (rv == EFI_SUCCESS) 1355 printf(" BootCurrent: %04x\n", boot_current); 1356 else { 1357 boot_current = 0xffff; 1358 uefi_boot_mgr = false; 1359 } 1360 1361 sz = sizeof(boot_order); 1362 rv = efi_global_getenv("BootOrder", &boot_order, &sz); 1363 if (rv == EFI_SUCCESS) { 1364 printf(" BootOrder:"); 1365 for (i = 0; i < sz / sizeof(boot_order[0]); i++) 1366 printf(" %04x%s", boot_order[i], 1367 boot_order[i] == boot_current ? "[*]" : ""); 1368 printf("\n"); 1369 } else if (uefi_boot_mgr) { 1370 /* 1371 * u-boot doesn't set BootOrder, but otherwise participates in the 1372 * boot manager protocol. So we fake it here and don't consider it 1373 * a failure. 1374 */ 1375 boot_order[0] = boot_current; 1376 } 1377 } 1378 1379 /* 1380 * Next, find the boot info structure the UEFI boot manager is 1381 * supposed to setup. We need this so we can walk through it to 1382 * find where we are in the booting process and what to try to 1383 * boot next. 1384 */ 1385 if (uefi_boot_mgr) { 1386 snprintf(buf, sizeof(buf), "Boot%04X", boot_current); 1387 sz = sizeof(boot_info); 1388 rv = efi_global_getenv(buf, &boot_info, &sz); 1389 if (rv == EFI_SUCCESS) 1390 bisz = sz; 1391 else 1392 uefi_boot_mgr = false; 1393 } 1394 1395 /* 1396 * Disable the watchdog timer. By default the boot manager sets 1397 * the timer to 5 minutes before invoking a boot option. If we 1398 * want to return to the boot manager, we have to disable the 1399 * watchdog timer and since we're an interactive program, we don't 1400 * want to wait until the user types "quit". The timer may have 1401 * fired by then. We don't care if this fails. It does not prevent 1402 * normal functioning in any way... 1403 */ 1404 BS->SetWatchdogTimer(0, 0, 0, NULL); 1405 1406 /* 1407 * Initialize the trusted/forbidden certificates from UEFI. 1408 * They will be later used to verify the manifest(s), 1409 * which should contain hashes of verified files. 1410 * This needs to be initialized before any configuration files 1411 * are loaded. 1412 */ 1413 #ifdef EFI_SECUREBOOT 1414 ve_efi_init(); 1415 #endif 1416 1417 /* 1418 * Try and find a good currdev based on the image that was booted. 1419 * It might be desirable here to have a short pause to allow falling 1420 * through to the boot loader instead of returning instantly to follow 1421 * the boot protocol and also allow an escape hatch for users wishing 1422 * to try something different. 1423 */ 1424 if (find_currdev(uefi_boot_mgr, boot_info, bisz) != 0) 1425 if (uefi_boot_mgr && 1426 !interactive_interrupt("Failed to find bootable partition")) 1427 return (EFI_NOT_FOUND); 1428 1429 autoload_font(false); /* Set up the font list for console. */ 1430 efi_init_environment(); 1431 1432 interact(); /* doesn't return */ 1433 1434 return (EFI_SUCCESS); /* keep compiler happy */ 1435 } 1436 1437 COMMAND_SET(efi_seed_entropy, "efi-seed-entropy", "try to get entropy from the EFI RNG", command_seed_entropy); 1438 1439 static int 1440 command_seed_entropy(int argc, char *argv[]) 1441 { 1442 EFI_STATUS status; 1443 EFI_RNG_PROTOCOL *rng; 1444 unsigned int size_efi = RANDOM_FORTUNA_DEFPOOLSIZE * RANDOM_FORTUNA_NPOOLS; 1445 unsigned int size = RANDOM_FORTUNA_DEFPOOLSIZE * RANDOM_FORTUNA_NPOOLS; 1446 void *buf_efi; 1447 void *buf; 1448 1449 if (argc > 1) { 1450 size_efi = strtol(argv[1], NULL, 0); 1451 1452 /* Don't *compress* the entropy we get from EFI. */ 1453 if (size_efi > size) 1454 size = size_efi; 1455 1456 /* 1457 * If the amount of entropy we get from EFI is less than the 1458 * size of a single Fortuna pool -- i.e. not enough to ensure 1459 * that Fortuna is safely seeded -- don't expand it since we 1460 * don't want to trick Fortuna into thinking that it has been 1461 * safely seeded when it has not. 1462 */ 1463 if (size_efi < RANDOM_FORTUNA_DEFPOOLSIZE) 1464 size = size_efi; 1465 } 1466 1467 status = BS->LocateProtocol(&rng_guid, NULL, (VOID **)&rng); 1468 if (status != EFI_SUCCESS) { 1469 command_errmsg = "RNG protocol not found"; 1470 return (CMD_ERROR); 1471 } 1472 1473 if ((buf = malloc(size)) == NULL) { 1474 command_errmsg = "out of memory"; 1475 return (CMD_ERROR); 1476 } 1477 1478 if ((buf_efi = malloc(size_efi)) == NULL) { 1479 free(buf); 1480 command_errmsg = "out of memory"; 1481 return (CMD_ERROR); 1482 } 1483 1484 TSENTER2("rng->GetRNG"); 1485 status = rng->GetRNG(rng, NULL, size_efi, (UINT8 *)buf_efi); 1486 TSEXIT(); 1487 if (status != EFI_SUCCESS) { 1488 free(buf_efi); 1489 free(buf); 1490 command_errmsg = "GetRNG failed"; 1491 return (CMD_ERROR); 1492 } 1493 if (size_efi < size) 1494 pkcs5v2_genkey_raw(buf, size, "", 0, buf_efi, size_efi, 1); 1495 else 1496 memcpy(buf, buf_efi, size); 1497 1498 if (file_addbuf("efi_rng_seed", "boot_entropy_platform", size, buf) != 0) { 1499 free(buf_efi); 1500 free(buf); 1501 return (CMD_ERROR); 1502 } 1503 1504 explicit_bzero(buf_efi, size_efi); 1505 free(buf_efi); 1506 free(buf); 1507 return (CMD_OK); 1508 } 1509 1510 COMMAND_SET(poweroff, "poweroff", "power off the system", command_poweroff); 1511 COMMAND_SET(halt, "halt", "power off the system", command_poweroff); 1512 1513 static int 1514 command_poweroff(int argc __unused, char *argv[] __unused) 1515 { 1516 int i; 1517 1518 for (i = 0; devsw[i] != NULL; ++i) 1519 if (devsw[i]->dv_cleanup != NULL) 1520 (devsw[i]->dv_cleanup)(); 1521 1522 RS->ResetSystem(EfiResetShutdown, EFI_SUCCESS, 0, NULL); 1523 1524 /* NOTREACHED */ 1525 return (CMD_ERROR); 1526 } 1527 1528 COMMAND_SET(reboot, "reboot", "reboot the system", command_reboot); 1529 1530 static int 1531 command_reboot(int argc, char *argv[]) 1532 { 1533 int i; 1534 1535 for (i = 0; devsw[i] != NULL; ++i) 1536 if (devsw[i]->dv_cleanup != NULL) 1537 (devsw[i]->dv_cleanup)(); 1538 1539 RS->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL); 1540 1541 /* NOTREACHED */ 1542 return (CMD_ERROR); 1543 } 1544 1545 COMMAND_SET(memmap, "memmap", "print memory map", command_memmap); 1546 1547 static int 1548 command_memmap(int argc __unused, char *argv[] __unused) 1549 { 1550 UINTN sz; 1551 EFI_MEMORY_DESCRIPTOR *map, *p; 1552 UINTN key, dsz; 1553 UINT32 dver; 1554 EFI_STATUS status; 1555 int i, ndesc; 1556 char line[80]; 1557 1558 sz = 0; 1559 status = BS->GetMemoryMap(&sz, 0, &key, &dsz, &dver); 1560 if (status != EFI_BUFFER_TOO_SMALL) { 1561 printf("Can't determine memory map size\n"); 1562 return (CMD_ERROR); 1563 } 1564 map = malloc(sz); 1565 status = BS->GetMemoryMap(&sz, map, &key, &dsz, &dver); 1566 if (EFI_ERROR(status)) { 1567 printf("Can't read memory map\n"); 1568 return (CMD_ERROR); 1569 } 1570 1571 ndesc = sz / dsz; 1572 snprintf(line, sizeof(line), "%23s %12s %12s %8s %4s\n", 1573 "Type", "Physical", "Virtual", "#Pages", "Attr"); 1574 pager_open(); 1575 if (pager_output(line)) { 1576 pager_close(); 1577 return (CMD_OK); 1578 } 1579 1580 for (i = 0, p = map; i < ndesc; 1581 i++, p = NextMemoryDescriptor(p, dsz)) { 1582 snprintf(line, sizeof(line), "%23s %012jx %012jx %08jx ", 1583 efi_memory_type(p->Type), (uintmax_t)p->PhysicalStart, 1584 (uintmax_t)p->VirtualStart, (uintmax_t)p->NumberOfPages); 1585 if (pager_output(line)) 1586 break; 1587 1588 if (p->Attribute & EFI_MEMORY_UC) 1589 printf("UC "); 1590 if (p->Attribute & EFI_MEMORY_WC) 1591 printf("WC "); 1592 if (p->Attribute & EFI_MEMORY_WT) 1593 printf("WT "); 1594 if (p->Attribute & EFI_MEMORY_WB) 1595 printf("WB "); 1596 if (p->Attribute & EFI_MEMORY_UCE) 1597 printf("UCE "); 1598 if (p->Attribute & EFI_MEMORY_WP) 1599 printf("WP "); 1600 if (p->Attribute & EFI_MEMORY_RP) 1601 printf("RP "); 1602 if (p->Attribute & EFI_MEMORY_XP) 1603 printf("XP "); 1604 if (p->Attribute & EFI_MEMORY_NV) 1605 printf("NV "); 1606 if (p->Attribute & EFI_MEMORY_MORE_RELIABLE) 1607 printf("MR "); 1608 if (p->Attribute & EFI_MEMORY_RO) 1609 printf("RO "); 1610 if (pager_output("\n")) 1611 break; 1612 } 1613 1614 pager_close(); 1615 return (CMD_OK); 1616 } 1617 1618 COMMAND_SET(configuration, "configuration", "print configuration tables", 1619 command_configuration); 1620 1621 static int 1622 command_configuration(int argc, char *argv[]) 1623 { 1624 UINTN i; 1625 char *name; 1626 1627 printf("NumberOfTableEntries=%lu\n", 1628 (unsigned long)ST->NumberOfTableEntries); 1629 1630 for (i = 0; i < ST->NumberOfTableEntries; i++) { 1631 EFI_GUID *guid; 1632 1633 printf(" "); 1634 guid = &ST->ConfigurationTable[i].VendorGuid; 1635 1636 if (efi_guid_to_name(guid, &name) == true) { 1637 printf(name); 1638 free(name); 1639 } else { 1640 printf("Error while translating UUID to name"); 1641 } 1642 printf(" at %p\n", ST->ConfigurationTable[i].VendorTable); 1643 } 1644 1645 return (CMD_OK); 1646 } 1647 1648 1649 COMMAND_SET(mode, "mode", "change or display EFI text modes", command_mode); 1650 1651 static int 1652 command_mode(int argc, char *argv[]) 1653 { 1654 UINTN cols, rows; 1655 unsigned int mode; 1656 int i; 1657 char *cp; 1658 EFI_STATUS status; 1659 SIMPLE_TEXT_OUTPUT_INTERFACE *conout; 1660 1661 conout = ST->ConOut; 1662 1663 if (argc > 1) { 1664 mode = strtol(argv[1], &cp, 0); 1665 if (cp[0] != '\0') { 1666 printf("Invalid mode\n"); 1667 return (CMD_ERROR); 1668 } 1669 status = conout->QueryMode(conout, mode, &cols, &rows); 1670 if (EFI_ERROR(status)) { 1671 printf("invalid mode %d\n", mode); 1672 return (CMD_ERROR); 1673 } 1674 status = conout->SetMode(conout, mode); 1675 if (EFI_ERROR(status)) { 1676 printf("couldn't set mode %d\n", mode); 1677 return (CMD_ERROR); 1678 } 1679 (void) cons_update_mode(true); 1680 return (CMD_OK); 1681 } 1682 1683 printf("Current mode: %d\n", conout->Mode->Mode); 1684 for (i = 0; i <= conout->Mode->MaxMode; i++) { 1685 status = conout->QueryMode(conout, i, &cols, &rows); 1686 if (EFI_ERROR(status)) 1687 continue; 1688 printf("Mode %d: %u columns, %u rows\n", i, (unsigned)cols, 1689 (unsigned)rows); 1690 } 1691 1692 if (i != 0) 1693 printf("Select a mode with the command \"mode <number>\"\n"); 1694 1695 return (CMD_OK); 1696 } 1697 1698 COMMAND_SET(lsefi, "lsefi", "list EFI handles", command_lsefi); 1699 1700 static void 1701 lsefi_print_handle_info(EFI_HANDLE handle) 1702 { 1703 EFI_DEVICE_PATH *devpath; 1704 EFI_DEVICE_PATH *imagepath; 1705 CHAR16 *dp_name; 1706 1707 imagepath = efi_lookup_image_devpath(handle); 1708 if (imagepath != NULL) { 1709 dp_name = efi_devpath_name(imagepath); 1710 printf("Handle for image %S", dp_name); 1711 efi_free_devpath_name(dp_name); 1712 return; 1713 } 1714 devpath = efi_lookup_devpath(handle); 1715 if (devpath != NULL) { 1716 dp_name = efi_devpath_name(devpath); 1717 printf("Handle for device %S", dp_name); 1718 efi_free_devpath_name(dp_name); 1719 return; 1720 } 1721 printf("Handle %p", handle); 1722 } 1723 1724 static int 1725 command_lsefi(int argc __unused, char *argv[] __unused) 1726 { 1727 char *name; 1728 EFI_HANDLE *buffer = NULL; 1729 EFI_HANDLE handle; 1730 UINTN bufsz = 0, i, j; 1731 EFI_STATUS status; 1732 int ret = 0; 1733 1734 status = BS->LocateHandle(AllHandles, NULL, NULL, &bufsz, buffer); 1735 if (status != EFI_BUFFER_TOO_SMALL) { 1736 snprintf(command_errbuf, sizeof (command_errbuf), 1737 "unexpected error: %lld", (long long)status); 1738 return (CMD_ERROR); 1739 } 1740 if ((buffer = malloc(bufsz)) == NULL) { 1741 sprintf(command_errbuf, "out of memory"); 1742 return (CMD_ERROR); 1743 } 1744 1745 status = BS->LocateHandle(AllHandles, NULL, NULL, &bufsz, buffer); 1746 if (EFI_ERROR(status)) { 1747 free(buffer); 1748 snprintf(command_errbuf, sizeof (command_errbuf), 1749 "LocateHandle() error: %lld", (long long)status); 1750 return (CMD_ERROR); 1751 } 1752 1753 pager_open(); 1754 for (i = 0; i < (bufsz / sizeof (EFI_HANDLE)); i++) { 1755 UINTN nproto = 0; 1756 EFI_GUID **protocols = NULL; 1757 1758 handle = buffer[i]; 1759 lsefi_print_handle_info(handle); 1760 if (pager_output("\n")) 1761 break; 1762 /* device path */ 1763 1764 status = BS->ProtocolsPerHandle(handle, &protocols, &nproto); 1765 if (EFI_ERROR(status)) { 1766 snprintf(command_errbuf, sizeof (command_errbuf), 1767 "ProtocolsPerHandle() error: %lld", 1768 (long long)status); 1769 continue; 1770 } 1771 1772 for (j = 0; j < nproto; j++) { 1773 if (efi_guid_to_name(protocols[j], &name) == true) { 1774 printf(" %s", name); 1775 free(name); 1776 } else { 1777 printf("Error while translating UUID to name"); 1778 } 1779 if ((ret = pager_output("\n")) != 0) 1780 break; 1781 } 1782 BS->FreePool(protocols); 1783 if (ret != 0) 1784 break; 1785 } 1786 pager_close(); 1787 free(buffer); 1788 return (CMD_OK); 1789 } 1790 1791 #ifdef LOADER_FDT_SUPPORT 1792 extern int command_fdt_internal(int argc, char *argv[]); 1793 1794 /* 1795 * Since proper fdt command handling function is defined in fdt_loader_cmd.c, 1796 * and declaring it as extern is in contradiction with COMMAND_SET() macro 1797 * (which uses static pointer), we're defining wrapper function, which 1798 * calls the proper fdt handling routine. 1799 */ 1800 static int 1801 command_fdt(int argc, char *argv[]) 1802 { 1803 1804 return (command_fdt_internal(argc, argv)); 1805 } 1806 1807 COMMAND_SET(fdt, "fdt", "flattened device tree handling", command_fdt); 1808 #endif 1809 1810 /* 1811 * Chain load another efi loader. 1812 */ 1813 static int 1814 command_chain(int argc, char *argv[]) 1815 { 1816 EFI_GUID LoadedImageGUID = LOADED_IMAGE_PROTOCOL; 1817 EFI_HANDLE loaderhandle; 1818 EFI_LOADED_IMAGE *loaded_image; 1819 UINTN ExitDataSize; 1820 CHAR16 *ExitData = NULL; 1821 EFI_STATUS status; 1822 struct stat st; 1823 struct devdesc *dev; 1824 char *name, *path; 1825 void *buf; 1826 int fd; 1827 1828 if (argc < 2) { 1829 command_errmsg = "wrong number of arguments"; 1830 return (CMD_ERROR); 1831 } 1832 1833 name = argv[1]; 1834 1835 if ((fd = open(name, O_RDONLY)) < 0) { 1836 command_errmsg = "no such file"; 1837 return (CMD_ERROR); 1838 } 1839 1840 #ifdef LOADER_VERIEXEC 1841 if (verify_file(fd, name, 0, VE_MUST, __func__) < 0) { 1842 sprintf(command_errbuf, "can't verify: %s", name); 1843 close(fd); 1844 return (CMD_ERROR); 1845 } 1846 #endif 1847 1848 if (fstat(fd, &st) < -1) { 1849 command_errmsg = "stat failed"; 1850 close(fd); 1851 return (CMD_ERROR); 1852 } 1853 1854 status = BS->AllocatePool(EfiLoaderCode, (UINTN)st.st_size, &buf); 1855 if (status != EFI_SUCCESS) { 1856 command_errmsg = "failed to allocate buffer"; 1857 close(fd); 1858 return (CMD_ERROR); 1859 } 1860 if (read(fd, buf, st.st_size) != st.st_size) { 1861 command_errmsg = "error while reading the file"; 1862 (void)BS->FreePool(buf); 1863 close(fd); 1864 return (CMD_ERROR); 1865 } 1866 close(fd); 1867 status = BS->LoadImage(FALSE, IH, NULL, buf, st.st_size, &loaderhandle); 1868 (void)BS->FreePool(buf); 1869 if (status != EFI_SUCCESS) { 1870 command_errmsg = "LoadImage failed"; 1871 return (CMD_ERROR); 1872 } 1873 status = OpenProtocolByHandle(loaderhandle, &LoadedImageGUID, 1874 (void **)&loaded_image); 1875 1876 if (argc > 2) { 1877 int i, len = 0; 1878 CHAR16 *argp; 1879 1880 for (i = 2; i < argc; i++) 1881 len += strlen(argv[i]) + 1; 1882 1883 len *= sizeof (*argp); 1884 loaded_image->LoadOptions = argp = malloc (len); 1885 loaded_image->LoadOptionsSize = len; 1886 for (i = 2; i < argc; i++) { 1887 char *ptr = argv[i]; 1888 while (*ptr) 1889 *(argp++) = *(ptr++); 1890 *(argp++) = ' '; 1891 } 1892 *(--argv) = 0; 1893 } 1894 1895 if (efi_getdev((void **)&dev, name, (const char **)&path) == 0) { 1896 #ifdef EFI_ZFS_BOOT 1897 struct zfs_devdesc *z_dev; 1898 #endif 1899 struct disk_devdesc *d_dev; 1900 pdinfo_t *hd, *pd; 1901 1902 switch (dev->d_dev->dv_type) { 1903 #ifdef EFI_ZFS_BOOT 1904 case DEVT_ZFS: 1905 z_dev = (struct zfs_devdesc *)dev; 1906 loaded_image->DeviceHandle = 1907 efizfs_get_handle_by_guid(z_dev->pool_guid); 1908 break; 1909 #endif 1910 case DEVT_NET: 1911 loaded_image->DeviceHandle = 1912 efi_find_handle(dev->d_dev, dev->d_unit); 1913 break; 1914 default: 1915 hd = efiblk_get_pdinfo(dev); 1916 if (STAILQ_EMPTY(&hd->pd_part)) { 1917 loaded_image->DeviceHandle = hd->pd_handle; 1918 break; 1919 } 1920 d_dev = (struct disk_devdesc *)dev; 1921 STAILQ_FOREACH(pd, &hd->pd_part, pd_link) { 1922 /* 1923 * d_partition should be 255 1924 */ 1925 if (pd->pd_unit == (uint32_t)d_dev->d_slice) { 1926 loaded_image->DeviceHandle = 1927 pd->pd_handle; 1928 break; 1929 } 1930 } 1931 break; 1932 } 1933 } 1934 1935 dev_cleanup(); 1936 1937 status = BS->StartImage(loaderhandle, &ExitDataSize, &ExitData); 1938 if (status != EFI_SUCCESS) { 1939 printf("StartImage failed (%lu)", EFI_ERROR_CODE(status)); 1940 if (ExitData != NULL) { 1941 printf(": %S", ExitData); 1942 BS->FreePool(ExitData); 1943 } 1944 putchar('\n'); 1945 command_errmsg = ""; 1946 free(loaded_image->LoadOptions); 1947 loaded_image->LoadOptions = NULL; 1948 status = BS->UnloadImage(loaded_image); 1949 return (CMD_ERROR); 1950 } 1951 1952 return (CMD_ERROR); /* not reached */ 1953 } 1954 1955 COMMAND_SET(chain, "chain", "chain load file", command_chain); 1956 1957 #if defined(LOADER_NET_SUPPORT) 1958 extern struct in_addr servip; 1959 static int 1960 command_netserver(int argc, char *argv[]) 1961 { 1962 char *proto; 1963 n_long rootaddr; 1964 1965 if (argc > 2) { 1966 command_errmsg = "wrong number of arguments"; 1967 return (CMD_ERROR); 1968 } 1969 if (argc < 2) { 1970 proto = netproto == NET_TFTP ? "tftp://" : "nfs://"; 1971 printf("Netserver URI: %s%s%s\n", proto, intoa(rootip.s_addr), 1972 rootpath); 1973 return (CMD_OK); 1974 } 1975 if (argc == 2) { 1976 strncpy(rootpath, argv[1], sizeof(rootpath)); 1977 rootpath[sizeof(rootpath) -1] = '\0'; 1978 if ((rootaddr = net_parse_rootpath()) != INADDR_NONE) 1979 servip.s_addr = rootip.s_addr = rootaddr; 1980 return (CMD_OK); 1981 } 1982 return (CMD_ERROR); /* not reached */ 1983 1984 } 1985 1986 COMMAND_SET(netserver, "netserver", "change or display netserver URI", 1987 command_netserver); 1988 #endif 1989