1 #include <linux/init.h> 2 #include <linux/kernel.h> 3 #include <linux/string.h> 4 #include <linux/time.h> 5 #include <linux/types.h> 6 #include <linux/efi.h> 7 #include <linux/slab.h> 8 #include <linux/memblock.h> 9 #include <linux/bootmem.h> 10 #include <linux/acpi.h> 11 #include <linux/dmi.h> 12 #include <asm/efi.h> 13 #include <asm/uv/uv.h> 14 15 #define EFI_MIN_RESERVE 5120 16 17 #define EFI_DUMMY_GUID \ 18 EFI_GUID(0x4424ac57, 0xbe4b, 0x47dd, 0x9e, 0x97, 0xed, 0x50, 0xf0, 0x9f, 0x92, 0xa9) 19 20 static efi_char16_t efi_dummy_name[6] = { 'D', 'U', 'M', 'M', 'Y', 0 }; 21 22 static bool efi_no_storage_paranoia; 23 24 /* 25 * Some firmware implementations refuse to boot if there's insufficient 26 * space in the variable store. The implementation of garbage collection 27 * in some FW versions causes stale (deleted) variables to take up space 28 * longer than intended and space is only freed once the store becomes 29 * almost completely full. 30 * 31 * Enabling this option disables the space checks in 32 * efi_query_variable_store() and forces garbage collection. 33 * 34 * Only enable this option if deleting EFI variables does not free up 35 * space in your variable store, e.g. if despite deleting variables 36 * you're unable to create new ones. 37 */ 38 static int __init setup_storage_paranoia(char *arg) 39 { 40 efi_no_storage_paranoia = true; 41 return 0; 42 } 43 early_param("efi_no_storage_paranoia", setup_storage_paranoia); 44 45 /* 46 * Deleting the dummy variable which kicks off garbage collection 47 */ 48 void efi_delete_dummy_variable(void) 49 { 50 efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID, 51 EFI_VARIABLE_NON_VOLATILE | 52 EFI_VARIABLE_BOOTSERVICE_ACCESS | 53 EFI_VARIABLE_RUNTIME_ACCESS, 54 0, NULL); 55 } 56 57 /* 58 * Some firmware implementations refuse to boot if there's insufficient space 59 * in the variable store. Ensure that we never use more than a safe limit. 60 * 61 * Return EFI_SUCCESS if it is safe to write 'size' bytes to the variable 62 * store. 63 */ 64 efi_status_t efi_query_variable_store(u32 attributes, unsigned long size) 65 { 66 efi_status_t status; 67 u64 storage_size, remaining_size, max_size; 68 69 if (!(attributes & EFI_VARIABLE_NON_VOLATILE)) 70 return 0; 71 72 status = efi.query_variable_info(attributes, &storage_size, 73 &remaining_size, &max_size); 74 if (status != EFI_SUCCESS) 75 return status; 76 77 /* 78 * We account for that by refusing the write if permitting it would 79 * reduce the available space to under 5KB. This figure was provided by 80 * Samsung, so should be safe. 81 */ 82 if ((remaining_size - size < EFI_MIN_RESERVE) && 83 !efi_no_storage_paranoia) { 84 85 /* 86 * Triggering garbage collection may require that the firmware 87 * generate a real EFI_OUT_OF_RESOURCES error. We can force 88 * that by attempting to use more space than is available. 89 */ 90 unsigned long dummy_size = remaining_size + 1024; 91 void *dummy = kzalloc(dummy_size, GFP_ATOMIC); 92 93 if (!dummy) 94 return EFI_OUT_OF_RESOURCES; 95 96 status = efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID, 97 EFI_VARIABLE_NON_VOLATILE | 98 EFI_VARIABLE_BOOTSERVICE_ACCESS | 99 EFI_VARIABLE_RUNTIME_ACCESS, 100 dummy_size, dummy); 101 102 if (status == EFI_SUCCESS) { 103 /* 104 * This should have failed, so if it didn't make sure 105 * that we delete it... 106 */ 107 efi_delete_dummy_variable(); 108 } 109 110 kfree(dummy); 111 112 /* 113 * The runtime code may now have triggered a garbage collection 114 * run, so check the variable info again 115 */ 116 status = efi.query_variable_info(attributes, &storage_size, 117 &remaining_size, &max_size); 118 119 if (status != EFI_SUCCESS) 120 return status; 121 122 /* 123 * There still isn't enough room, so return an error 124 */ 125 if (remaining_size - size < EFI_MIN_RESERVE) 126 return EFI_OUT_OF_RESOURCES; 127 } 128 129 return EFI_SUCCESS; 130 } 131 EXPORT_SYMBOL_GPL(efi_query_variable_store); 132 133 /* 134 * Helper function for efi_reserve_boot_services() to figure out if we 135 * can free regions in efi_free_boot_services(). 136 * 137 * Use this function to ensure we do not free regions owned by somebody 138 * else. We must only reserve (and then free) regions: 139 * 140 * - Not within any part of the kernel 141 * - Not the BIOS reserved area (E820_RESERVED, E820_NVS, etc) 142 */ 143 static bool can_free_region(u64 start, u64 size) 144 { 145 if (start + size > __pa_symbol(_text) && start <= __pa_symbol(_end)) 146 return false; 147 148 if (!e820_all_mapped(start, start+size, E820_RAM)) 149 return false; 150 151 return true; 152 } 153 154 /* 155 * The UEFI specification makes it clear that the operating system is free to do 156 * whatever it wants with boot services code after ExitBootServices() has been 157 * called. Ignoring this recommendation a significant bunch of EFI implementations 158 * continue calling into boot services code (SetVirtualAddressMap). In order to 159 * work around such buggy implementations we reserve boot services region during 160 * EFI init and make sure it stays executable. Then, after SetVirtualAddressMap(), it 161 * is discarded. 162 */ 163 void __init efi_reserve_boot_services(void) 164 { 165 void *p; 166 167 for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) { 168 efi_memory_desc_t *md = p; 169 u64 start = md->phys_addr; 170 u64 size = md->num_pages << EFI_PAGE_SHIFT; 171 bool already_reserved; 172 173 if (md->type != EFI_BOOT_SERVICES_CODE && 174 md->type != EFI_BOOT_SERVICES_DATA) 175 continue; 176 177 already_reserved = memblock_is_region_reserved(start, size); 178 179 /* 180 * Because the following memblock_reserve() is paired 181 * with free_bootmem_late() for this region in 182 * efi_free_boot_services(), we must be extremely 183 * careful not to reserve, and subsequently free, 184 * critical regions of memory (like the kernel image) or 185 * those regions that somebody else has already 186 * reserved. 187 * 188 * A good example of a critical region that must not be 189 * freed is page zero (first 4Kb of memory), which may 190 * contain boot services code/data but is marked 191 * E820_RESERVED by trim_bios_range(). 192 */ 193 if (!already_reserved) { 194 memblock_reserve(start, size); 195 196 /* 197 * If we are the first to reserve the region, no 198 * one else cares about it. We own it and can 199 * free it later. 200 */ 201 if (can_free_region(start, size)) 202 continue; 203 } 204 205 /* 206 * We don't own the region. We must not free it. 207 * 208 * Setting this bit for a boot services region really 209 * doesn't make sense as far as the firmware is 210 * concerned, but it does provide us with a way to tag 211 * those regions that must not be paired with 212 * free_bootmem_late(). 213 */ 214 md->attribute |= EFI_MEMORY_RUNTIME; 215 } 216 } 217 218 void __init efi_free_boot_services(void) 219 { 220 void *p; 221 222 for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) { 223 efi_memory_desc_t *md = p; 224 unsigned long long start = md->phys_addr; 225 unsigned long long size = md->num_pages << EFI_PAGE_SHIFT; 226 227 if (md->type != EFI_BOOT_SERVICES_CODE && 228 md->type != EFI_BOOT_SERVICES_DATA) 229 continue; 230 231 /* Do not free, someone else owns it: */ 232 if (md->attribute & EFI_MEMORY_RUNTIME) 233 continue; 234 235 free_bootmem_late(start, size); 236 } 237 238 efi_unmap_memmap(); 239 } 240 241 /* 242 * A number of config table entries get remapped to virtual addresses 243 * after entering EFI virtual mode. However, the kexec kernel requires 244 * their physical addresses therefore we pass them via setup_data and 245 * correct those entries to their respective physical addresses here. 246 * 247 * Currently only handles smbios which is necessary for some firmware 248 * implementation. 249 */ 250 int __init efi_reuse_config(u64 tables, int nr_tables) 251 { 252 int i, sz, ret = 0; 253 void *p, *tablep; 254 struct efi_setup_data *data; 255 256 if (!efi_setup) 257 return 0; 258 259 if (!efi_enabled(EFI_64BIT)) 260 return 0; 261 262 data = early_memremap(efi_setup, sizeof(*data)); 263 if (!data) { 264 ret = -ENOMEM; 265 goto out; 266 } 267 268 if (!data->smbios) 269 goto out_memremap; 270 271 sz = sizeof(efi_config_table_64_t); 272 273 p = tablep = early_memremap(tables, nr_tables * sz); 274 if (!p) { 275 pr_err("Could not map Configuration table!\n"); 276 ret = -ENOMEM; 277 goto out_memremap; 278 } 279 280 for (i = 0; i < efi.systab->nr_tables; i++) { 281 efi_guid_t guid; 282 283 guid = ((efi_config_table_64_t *)p)->guid; 284 285 if (!efi_guidcmp(guid, SMBIOS_TABLE_GUID)) 286 ((efi_config_table_64_t *)p)->table = data->smbios; 287 p += sz; 288 } 289 early_memunmap(tablep, nr_tables * sz); 290 291 out_memremap: 292 early_memunmap(data, sizeof(*data)); 293 out: 294 return ret; 295 } 296 297 static const struct dmi_system_id sgi_uv1_dmi[] = { 298 { NULL, "SGI UV1", 299 { DMI_MATCH(DMI_PRODUCT_NAME, "Stoutland Platform"), 300 DMI_MATCH(DMI_PRODUCT_VERSION, "1.0"), 301 DMI_MATCH(DMI_BIOS_VENDOR, "SGI.COM"), 302 } 303 }, 304 { } /* NULL entry stops DMI scanning */ 305 }; 306 307 void __init efi_apply_memmap_quirks(void) 308 { 309 /* 310 * Once setup is done earlier, unmap the EFI memory map on mismatched 311 * firmware/kernel architectures since there is no support for runtime 312 * services. 313 */ 314 if (!efi_runtime_supported()) { 315 pr_info("efi: Setup done, disabling due to 32/64-bit mismatch\n"); 316 efi_unmap_memmap(); 317 } 318 319 /* UV2+ BIOS has a fix for this issue. UV1 still needs the quirk. */ 320 if (dmi_check_system(sgi_uv1_dmi)) 321 set_bit(EFI_OLD_MEMMAP, &efi.flags); 322 } 323 324 /* 325 * For most modern platforms the preferred method of powering off is via 326 * ACPI. However, there are some that are known to require the use of 327 * EFI runtime services and for which ACPI does not work at all. 328 * 329 * Using EFI is a last resort, to be used only if no other option 330 * exists. 331 */ 332 bool efi_reboot_required(void) 333 { 334 if (!acpi_gbl_reduced_hardware) 335 return false; 336 337 efi_reboot_quirk_mode = EFI_RESET_WARM; 338 return true; 339 } 340 341 bool efi_poweroff_required(void) 342 { 343 return !!acpi_gbl_reduced_hardware; 344 } 345