1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2015 Neel Natu <neel@freebsd.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/param.h> 30 __FBSDID("$FreeBSD$"); 31 32 #include <sys/types.h> 33 #include <sys/mman.h> 34 #include <sys/stat.h> 35 36 #include <machine/vmm.h> 37 38 #include <err.h> 39 #include <errno.h> 40 #include <fcntl.h> 41 #include <stdio.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include <unistd.h> 45 #include <stdbool.h> 46 47 #include <vmmapi.h> 48 49 #include "bhyverun.h" 50 #include "bootrom.h" 51 #include "debug.h" 52 #include "mem.h" 53 54 #define BOOTROM_SIZE (16 * 1024 * 1024) /* 16 MB */ 55 56 /* 57 * ROM region is 16 MB at the top of 4GB ("low") memory. 58 * 59 * The size is limited so it doesn't encroach into reserved MMIO space (e.g., 60 * APIC, HPET, MSI). 61 * 62 * It is allocated in page-multiple blocks on a first-come first-serve basis, 63 * from high to low, during initialization, and does not change at runtime. 64 */ 65 static char *romptr; /* Pointer to userspace-mapped bootrom region. */ 66 static vm_paddr_t gpa_base; /* GPA of low end of region. */ 67 static vm_paddr_t gpa_allocbot; /* Low GPA of free region. */ 68 static vm_paddr_t gpa_alloctop; /* High GPA, minus 1, of free region. */ 69 70 #define CFI_BCS_WRITE_BYTE 0x10 71 #define CFI_BCS_CLEAR_STATUS 0x50 72 #define CFI_BCS_READ_STATUS 0x70 73 #define CFI_BCS_READ_ARRAY 0xff 74 75 static struct bootrom_var_state { 76 uint8_t *mmap; 77 uint64_t gpa; 78 off_t size; 79 uint8_t cmd; 80 } var = { NULL, 0, 0, CFI_BCS_READ_ARRAY }; 81 82 /* 83 * Emulate just those CFI basic commands that will convince EDK II 84 * that the Firmware Volume area is writable and persistent. 85 */ 86 static int 87 bootrom_var_mem_handler(struct vmctx *ctx, int vcpu, int dir, uint64_t addr, 88 int size, uint64_t *val, void *arg1, long arg2) 89 { 90 off_t offset; 91 92 offset = addr - var.gpa; 93 if (offset + size > var.size || offset < 0 || offset + size <= offset) 94 return (EINVAL); 95 96 if (dir == MEM_F_WRITE) { 97 switch (var.cmd) { 98 case CFI_BCS_WRITE_BYTE: 99 memcpy(var.mmap + offset, val, size); 100 var.cmd = CFI_BCS_READ_ARRAY; 101 break; 102 default: 103 var.cmd = *(uint8_t *)val; 104 } 105 } else { 106 switch (var.cmd) { 107 case CFI_BCS_CLEAR_STATUS: 108 case CFI_BCS_READ_STATUS: 109 memset(val, 0, size); 110 var.cmd = CFI_BCS_READ_ARRAY; 111 break; 112 default: 113 memcpy(val, var.mmap + offset, size); 114 break; 115 } 116 } 117 return (0); 118 } 119 120 void 121 init_bootrom(struct vmctx *ctx) 122 { 123 romptr = vm_create_devmem(ctx, VM_BOOTROM, "bootrom", BOOTROM_SIZE); 124 if (romptr == MAP_FAILED) 125 err(4, "%s: vm_create_devmem", __func__); 126 gpa_base = (1ULL << 32) - BOOTROM_SIZE; 127 gpa_allocbot = gpa_base; 128 gpa_alloctop = (1ULL << 32) - 1; 129 } 130 131 int 132 bootrom_alloc(struct vmctx *ctx, size_t len, int prot, int flags, 133 char **region_out, uint64_t *gpa_out) 134 { 135 static const int bootrom_valid_flags = BOOTROM_ALLOC_TOP; 136 137 vm_paddr_t gpa; 138 vm_ooffset_t segoff; 139 140 if (flags & ~bootrom_valid_flags) { 141 warnx("%s: Invalid flags: %x", __func__, 142 flags & ~bootrom_valid_flags); 143 return (EINVAL); 144 } 145 if (prot & ~_PROT_ALL) { 146 warnx("%s: Invalid protection: %x", __func__, 147 prot & ~_PROT_ALL); 148 return (EINVAL); 149 } 150 151 if (len == 0 || len > BOOTROM_SIZE) { 152 warnx("ROM size %zu is invalid", len); 153 return (EINVAL); 154 } 155 if (len & PAGE_MASK) { 156 warnx("ROM size %zu is not a multiple of the page size", 157 len); 158 return (EINVAL); 159 } 160 161 if (flags & BOOTROM_ALLOC_TOP) { 162 gpa = (gpa_alloctop - len) + 1; 163 if (gpa < gpa_allocbot) { 164 warnx("No room for %zu ROM in bootrom region", len); 165 return (ENOMEM); 166 } 167 } else { 168 gpa = gpa_allocbot; 169 if (gpa > (gpa_alloctop - len) + 1) { 170 warnx("No room for %zu ROM in bootrom region", len); 171 return (ENOMEM); 172 } 173 } 174 175 segoff = gpa - gpa_base; 176 if (vm_mmap_memseg(ctx, gpa, VM_BOOTROM, segoff, len, prot) != 0) { 177 int serrno = errno; 178 warn("%s: vm_mmap_mapseg", __func__); 179 return (serrno); 180 } 181 182 if (flags & BOOTROM_ALLOC_TOP) 183 gpa_alloctop = gpa - 1; 184 else 185 gpa_allocbot = gpa + len; 186 187 *region_out = romptr + segoff; 188 if (gpa_out != NULL) 189 *gpa_out = gpa; 190 return (0); 191 } 192 193 int 194 bootrom_loadrom(struct vmctx *ctx, const char *romfile) 195 { 196 struct stat sbuf; 197 ssize_t rlen; 198 off_t rom_size, var_size, total_size; 199 char *ptr, *varfile; 200 int fd, varfd, i, rv; 201 202 rv = -1; 203 varfd = -1; 204 205 varfile = strdup(romfile); 206 romfile = strsep(&varfile, ","); 207 208 fd = open(romfile, O_RDONLY); 209 if (fd < 0) { 210 EPRINTLN("Error opening bootrom \"%s\": %s", 211 romfile, strerror(errno)); 212 goto done; 213 } 214 215 if (varfile != NULL) { 216 varfd = open(varfile, O_RDWR); 217 if (varfd < 0) { 218 fprintf(stderr, "Error opening bootrom variable file " 219 "\"%s\": %s\n", varfile, strerror(errno)); 220 goto done; 221 } 222 } 223 224 if (fstat(fd, &sbuf) < 0) { 225 EPRINTLN("Could not fstat bootrom file \"%s\": %s", 226 romfile, strerror(errno)); 227 goto done; 228 } 229 230 rom_size = sbuf.st_size; 231 if (varfd < 0) { 232 var_size = 0; 233 } else { 234 if (fstat(varfd, &sbuf) < 0) { 235 fprintf(stderr, "Could not fstat bootrom variable file \"%s\": %s\n", 236 varfile, strerror(errno)); 237 goto done; 238 } 239 var_size = sbuf.st_size; 240 } 241 242 if (var_size > BOOTROM_SIZE || 243 (var_size != 0 && var_size < PAGE_SIZE)) { 244 fprintf(stderr, "Invalid bootrom variable size %ld\n", 245 var_size); 246 goto done; 247 } 248 249 total_size = rom_size + var_size; 250 251 if (total_size > BOOTROM_SIZE) { 252 fprintf(stderr, "Invalid bootrom and variable aggregate size " 253 "%ld\n", total_size); 254 goto done; 255 } 256 257 /* Map the bootrom into the guest address space */ 258 if (bootrom_alloc(ctx, rom_size, PROT_READ | PROT_EXEC, 259 BOOTROM_ALLOC_TOP, &ptr, NULL) != 0) { 260 goto done; 261 } 262 263 /* Read 'romfile' into the guest address space */ 264 for (i = 0; i < rom_size / PAGE_SIZE; i++) { 265 rlen = read(fd, ptr + i * PAGE_SIZE, PAGE_SIZE); 266 if (rlen != PAGE_SIZE) { 267 EPRINTLN("Incomplete read of page %d of bootrom " 268 "file %s: %ld bytes", i, romfile, rlen); 269 goto done; 270 } 271 } 272 273 if (varfd >= 0) { 274 var.mmap = mmap(NULL, var_size, PROT_READ | PROT_WRITE, 275 MAP_SHARED, varfd, 0); 276 if (var.mmap == MAP_FAILED) 277 goto done; 278 var.size = var_size; 279 var.gpa = (gpa_alloctop - var_size) + 1; 280 gpa_alloctop = var.gpa - 1; 281 rv = register_mem(&(struct mem_range){ 282 .name = "bootrom variable", 283 .flags = MEM_F_RW, 284 .handler = bootrom_var_mem_handler, 285 .base = var.gpa, 286 .size = var.size, 287 }); 288 if (rv != 0) 289 goto done; 290 } 291 292 rv = 0; 293 done: 294 if (fd >= 0) 295 close(fd); 296 return (rv); 297 } 298