xref: /linux/drivers/firmware/efi/efi.c (revision 67feaba413ec68daf4124e9870878899b4ed9a0e)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * efi.c - EFI subsystem
4  *
5  * Copyright (C) 2001,2003,2004 Dell <Matt_Domsch@dell.com>
6  * Copyright (C) 2004 Intel Corporation <matthew.e.tolentino@intel.com>
7  * Copyright (C) 2013 Tom Gundersen <teg@jklm.no>
8  *
9  * This code registers /sys/firmware/efi{,/efivars} when EFI is supported,
10  * allowing the efivarfs to be mounted or the efivars module to be loaded.
11  * The existance of /sys/firmware/efi may also be used by userspace to
12  * determine that the system supports EFI.
13  */
14 
15 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
16 
17 #include <linux/kobject.h>
18 #include <linux/module.h>
19 #include <linux/init.h>
20 #include <linux/debugfs.h>
21 #include <linux/device.h>
22 #include <linux/efi.h>
23 #include <linux/of.h>
24 #include <linux/io.h>
25 #include <linux/kexec.h>
26 #include <linux/platform_device.h>
27 #include <linux/random.h>
28 #include <linux/reboot.h>
29 #include <linux/slab.h>
30 #include <linux/acpi.h>
31 #include <linux/ucs2_string.h>
32 #include <linux/memblock.h>
33 #include <linux/security.h>
34 
35 #include <asm/early_ioremap.h>
36 
37 struct efi __read_mostly efi = {
38 	.runtime_supported_mask = EFI_RT_SUPPORTED_ALL,
39 	.acpi			= EFI_INVALID_TABLE_ADDR,
40 	.acpi20			= EFI_INVALID_TABLE_ADDR,
41 	.smbios			= EFI_INVALID_TABLE_ADDR,
42 	.smbios3		= EFI_INVALID_TABLE_ADDR,
43 	.esrt			= EFI_INVALID_TABLE_ADDR,
44 	.tpm_log		= EFI_INVALID_TABLE_ADDR,
45 	.tpm_final_log		= EFI_INVALID_TABLE_ADDR,
46 #ifdef CONFIG_LOAD_UEFI_KEYS
47 	.mokvar_table		= EFI_INVALID_TABLE_ADDR,
48 #endif
49 #ifdef CONFIG_EFI_COCO_SECRET
50 	.coco_secret		= EFI_INVALID_TABLE_ADDR,
51 #endif
52 };
53 EXPORT_SYMBOL(efi);
54 
55 unsigned long __ro_after_init efi_rng_seed = EFI_INVALID_TABLE_ADDR;
56 static unsigned long __initdata mem_reserve = EFI_INVALID_TABLE_ADDR;
57 static unsigned long __initdata rt_prop = EFI_INVALID_TABLE_ADDR;
58 
59 struct mm_struct efi_mm = {
60 	.mm_rb			= RB_ROOT,
61 	.mm_users		= ATOMIC_INIT(2),
62 	.mm_count		= ATOMIC_INIT(1),
63 	.write_protect_seq      = SEQCNT_ZERO(efi_mm.write_protect_seq),
64 	MMAP_LOCK_INITIALIZER(efi_mm)
65 	.page_table_lock	= __SPIN_LOCK_UNLOCKED(efi_mm.page_table_lock),
66 	.mmlist			= LIST_HEAD_INIT(efi_mm.mmlist),
67 	.cpu_bitmap		= { [BITS_TO_LONGS(NR_CPUS)] = 0},
68 };
69 
70 struct workqueue_struct *efi_rts_wq;
71 
72 static bool disable_runtime = IS_ENABLED(CONFIG_EFI_DISABLE_RUNTIME);
73 static int __init setup_noefi(char *arg)
74 {
75 	disable_runtime = true;
76 	return 0;
77 }
78 early_param("noefi", setup_noefi);
79 
80 bool efi_runtime_disabled(void)
81 {
82 	return disable_runtime;
83 }
84 
85 bool __pure __efi_soft_reserve_enabled(void)
86 {
87 	return !efi_enabled(EFI_MEM_NO_SOFT_RESERVE);
88 }
89 
90 static int __init parse_efi_cmdline(char *str)
91 {
92 	if (!str) {
93 		pr_warn("need at least one option\n");
94 		return -EINVAL;
95 	}
96 
97 	if (parse_option_str(str, "debug"))
98 		set_bit(EFI_DBG, &efi.flags);
99 
100 	if (parse_option_str(str, "noruntime"))
101 		disable_runtime = true;
102 
103 	if (parse_option_str(str, "runtime"))
104 		disable_runtime = false;
105 
106 	if (parse_option_str(str, "nosoftreserve"))
107 		set_bit(EFI_MEM_NO_SOFT_RESERVE, &efi.flags);
108 
109 	return 0;
110 }
111 early_param("efi", parse_efi_cmdline);
112 
113 struct kobject *efi_kobj;
114 
115 /*
116  * Let's not leave out systab information that snuck into
117  * the efivars driver
118  * Note, do not add more fields in systab sysfs file as it breaks sysfs
119  * one value per file rule!
120  */
121 static ssize_t systab_show(struct kobject *kobj,
122 			   struct kobj_attribute *attr, char *buf)
123 {
124 	char *str = buf;
125 
126 	if (!kobj || !buf)
127 		return -EINVAL;
128 
129 	if (efi.acpi20 != EFI_INVALID_TABLE_ADDR)
130 		str += sprintf(str, "ACPI20=0x%lx\n", efi.acpi20);
131 	if (efi.acpi != EFI_INVALID_TABLE_ADDR)
132 		str += sprintf(str, "ACPI=0x%lx\n", efi.acpi);
133 	/*
134 	 * If both SMBIOS and SMBIOS3 entry points are implemented, the
135 	 * SMBIOS3 entry point shall be preferred, so we list it first to
136 	 * let applications stop parsing after the first match.
137 	 */
138 	if (efi.smbios3 != EFI_INVALID_TABLE_ADDR)
139 		str += sprintf(str, "SMBIOS3=0x%lx\n", efi.smbios3);
140 	if (efi.smbios != EFI_INVALID_TABLE_ADDR)
141 		str += sprintf(str, "SMBIOS=0x%lx\n", efi.smbios);
142 
143 	if (IS_ENABLED(CONFIG_IA64) || IS_ENABLED(CONFIG_X86))
144 		str = efi_systab_show_arch(str);
145 
146 	return str - buf;
147 }
148 
149 static struct kobj_attribute efi_attr_systab = __ATTR_RO_MODE(systab, 0400);
150 
151 static ssize_t fw_platform_size_show(struct kobject *kobj,
152 				     struct kobj_attribute *attr, char *buf)
153 {
154 	return sprintf(buf, "%d\n", efi_enabled(EFI_64BIT) ? 64 : 32);
155 }
156 
157 extern __weak struct kobj_attribute efi_attr_fw_vendor;
158 extern __weak struct kobj_attribute efi_attr_runtime;
159 extern __weak struct kobj_attribute efi_attr_config_table;
160 static struct kobj_attribute efi_attr_fw_platform_size =
161 	__ATTR_RO(fw_platform_size);
162 
163 static struct attribute *efi_subsys_attrs[] = {
164 	&efi_attr_systab.attr,
165 	&efi_attr_fw_platform_size.attr,
166 	&efi_attr_fw_vendor.attr,
167 	&efi_attr_runtime.attr,
168 	&efi_attr_config_table.attr,
169 	NULL,
170 };
171 
172 umode_t __weak efi_attr_is_visible(struct kobject *kobj, struct attribute *attr,
173 				   int n)
174 {
175 	return attr->mode;
176 }
177 
178 static const struct attribute_group efi_subsys_attr_group = {
179 	.attrs = efi_subsys_attrs,
180 	.is_visible = efi_attr_is_visible,
181 };
182 
183 static struct efivars generic_efivars;
184 static struct efivar_operations generic_ops;
185 
186 static int generic_ops_register(void)
187 {
188 	generic_ops.get_variable = efi.get_variable;
189 	generic_ops.get_next_variable = efi.get_next_variable;
190 	generic_ops.query_variable_store = efi_query_variable_store;
191 
192 	if (efi_rt_services_supported(EFI_RT_SUPPORTED_SET_VARIABLE)) {
193 		generic_ops.set_variable = efi.set_variable;
194 		generic_ops.set_variable_nonblocking = efi.set_variable_nonblocking;
195 	}
196 	return efivars_register(&generic_efivars, &generic_ops, efi_kobj);
197 }
198 
199 static void generic_ops_unregister(void)
200 {
201 	efivars_unregister(&generic_efivars);
202 }
203 
204 #ifdef CONFIG_EFI_CUSTOM_SSDT_OVERLAYS
205 #define EFIVAR_SSDT_NAME_MAX	16UL
206 static char efivar_ssdt[EFIVAR_SSDT_NAME_MAX] __initdata;
207 static int __init efivar_ssdt_setup(char *str)
208 {
209 	int ret = security_locked_down(LOCKDOWN_ACPI_TABLES);
210 
211 	if (ret)
212 		return ret;
213 
214 	if (strlen(str) < sizeof(efivar_ssdt))
215 		memcpy(efivar_ssdt, str, strlen(str));
216 	else
217 		pr_warn("efivar_ssdt: name too long: %s\n", str);
218 	return 1;
219 }
220 __setup("efivar_ssdt=", efivar_ssdt_setup);
221 
222 static __init int efivar_ssdt_load(void)
223 {
224 	unsigned long name_size = 256;
225 	efi_char16_t *name = NULL;
226 	efi_status_t status;
227 	efi_guid_t guid;
228 
229 	if (!efivar_ssdt[0])
230 		return 0;
231 
232 	name = kzalloc(name_size, GFP_KERNEL);
233 	if (!name)
234 		return -ENOMEM;
235 
236 	for (;;) {
237 		char utf8_name[EFIVAR_SSDT_NAME_MAX];
238 		unsigned long data_size = 0;
239 		void *data;
240 		int limit;
241 
242 		status = efi.get_next_variable(&name_size, name, &guid);
243 		if (status == EFI_NOT_FOUND) {
244 			break;
245 		} else if (status == EFI_BUFFER_TOO_SMALL) {
246 			name = krealloc(name, name_size, GFP_KERNEL);
247 			if (!name)
248 				return -ENOMEM;
249 			continue;
250 		}
251 
252 		limit = min(EFIVAR_SSDT_NAME_MAX, name_size);
253 		ucs2_as_utf8(utf8_name, name, limit - 1);
254 		if (strncmp(utf8_name, efivar_ssdt, limit) != 0)
255 			continue;
256 
257 		pr_info("loading SSDT from variable %s-%pUl\n", efivar_ssdt, &guid);
258 
259 		status = efi.get_variable(name, &guid, NULL, &data_size, NULL);
260 		if (status != EFI_BUFFER_TOO_SMALL || !data_size)
261 			return -EIO;
262 
263 		data = kmalloc(data_size, GFP_KERNEL);
264 		if (!data)
265 			return -ENOMEM;
266 
267 		status = efi.get_variable(name, &guid, NULL, &data_size, data);
268 		if (status == EFI_SUCCESS) {
269 			acpi_status ret = acpi_load_table(data, NULL);
270 			if (ret)
271 				pr_err("failed to load table: %u\n", ret);
272 		} else {
273 			pr_err("failed to get var data: 0x%lx\n", status);
274 		}
275 		kfree(data);
276 	}
277 	return 0;
278 }
279 #else
280 static inline int efivar_ssdt_load(void) { return 0; }
281 #endif
282 
283 #ifdef CONFIG_DEBUG_FS
284 
285 #define EFI_DEBUGFS_MAX_BLOBS 32
286 
287 static struct debugfs_blob_wrapper debugfs_blob[EFI_DEBUGFS_MAX_BLOBS];
288 
289 static void __init efi_debugfs_init(void)
290 {
291 	struct dentry *efi_debugfs;
292 	efi_memory_desc_t *md;
293 	char name[32];
294 	int type_count[EFI_BOOT_SERVICES_DATA + 1] = {};
295 	int i = 0;
296 
297 	efi_debugfs = debugfs_create_dir("efi", NULL);
298 	if (IS_ERR_OR_NULL(efi_debugfs))
299 		return;
300 
301 	for_each_efi_memory_desc(md) {
302 		switch (md->type) {
303 		case EFI_BOOT_SERVICES_CODE:
304 			snprintf(name, sizeof(name), "boot_services_code%d",
305 				 type_count[md->type]++);
306 			break;
307 		case EFI_BOOT_SERVICES_DATA:
308 			snprintf(name, sizeof(name), "boot_services_data%d",
309 				 type_count[md->type]++);
310 			break;
311 		default:
312 			continue;
313 		}
314 
315 		if (i >= EFI_DEBUGFS_MAX_BLOBS) {
316 			pr_warn("More then %d EFI boot service segments, only showing first %d in debugfs\n",
317 				EFI_DEBUGFS_MAX_BLOBS, EFI_DEBUGFS_MAX_BLOBS);
318 			break;
319 		}
320 
321 		debugfs_blob[i].size = md->num_pages << EFI_PAGE_SHIFT;
322 		debugfs_blob[i].data = memremap(md->phys_addr,
323 						debugfs_blob[i].size,
324 						MEMREMAP_WB);
325 		if (!debugfs_blob[i].data)
326 			continue;
327 
328 		debugfs_create_blob(name, 0400, efi_debugfs, &debugfs_blob[i]);
329 		i++;
330 	}
331 }
332 #else
333 static inline void efi_debugfs_init(void) {}
334 #endif
335 
336 /*
337  * We register the efi subsystem with the firmware subsystem and the
338  * efivars subsystem with the efi subsystem, if the system was booted with
339  * EFI.
340  */
341 static int __init efisubsys_init(void)
342 {
343 	int error;
344 
345 	if (!efi_enabled(EFI_RUNTIME_SERVICES))
346 		efi.runtime_supported_mask = 0;
347 
348 	if (!efi_enabled(EFI_BOOT))
349 		return 0;
350 
351 	if (efi.runtime_supported_mask) {
352 		/*
353 		 * Since we process only one efi_runtime_service() at a time, an
354 		 * ordered workqueue (which creates only one execution context)
355 		 * should suffice for all our needs.
356 		 */
357 		efi_rts_wq = alloc_ordered_workqueue("efi_rts_wq", 0);
358 		if (!efi_rts_wq) {
359 			pr_err("Creating efi_rts_wq failed, EFI runtime services disabled.\n");
360 			clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
361 			efi.runtime_supported_mask = 0;
362 			return 0;
363 		}
364 	}
365 
366 	if (efi_rt_services_supported(EFI_RT_SUPPORTED_TIME_SERVICES))
367 		platform_device_register_simple("rtc-efi", 0, NULL, 0);
368 
369 	/* We register the efi directory at /sys/firmware/efi */
370 	efi_kobj = kobject_create_and_add("efi", firmware_kobj);
371 	if (!efi_kobj) {
372 		pr_err("efi: Firmware registration failed.\n");
373 		destroy_workqueue(efi_rts_wq);
374 		return -ENOMEM;
375 	}
376 
377 	if (efi_rt_services_supported(EFI_RT_SUPPORTED_GET_VARIABLE |
378 				      EFI_RT_SUPPORTED_GET_NEXT_VARIABLE_NAME)) {
379 		error = generic_ops_register();
380 		if (error)
381 			goto err_put;
382 		efivar_ssdt_load();
383 		platform_device_register_simple("efivars", 0, NULL, 0);
384 	}
385 
386 	error = sysfs_create_group(efi_kobj, &efi_subsys_attr_group);
387 	if (error) {
388 		pr_err("efi: Sysfs attribute export failed with error %d.\n",
389 		       error);
390 		goto err_unregister;
391 	}
392 
393 	error = efi_runtime_map_init(efi_kobj);
394 	if (error)
395 		goto err_remove_group;
396 
397 	/* and the standard mountpoint for efivarfs */
398 	error = sysfs_create_mount_point(efi_kobj, "efivars");
399 	if (error) {
400 		pr_err("efivars: Subsystem registration failed.\n");
401 		goto err_remove_group;
402 	}
403 
404 	if (efi_enabled(EFI_DBG) && efi_enabled(EFI_PRESERVE_BS_REGIONS))
405 		efi_debugfs_init();
406 
407 #ifdef CONFIG_EFI_COCO_SECRET
408 	if (efi.coco_secret != EFI_INVALID_TABLE_ADDR)
409 		platform_device_register_simple("efi_secret", 0, NULL, 0);
410 #endif
411 
412 	return 0;
413 
414 err_remove_group:
415 	sysfs_remove_group(efi_kobj, &efi_subsys_attr_group);
416 err_unregister:
417 	if (efi_rt_services_supported(EFI_RT_SUPPORTED_GET_VARIABLE |
418 				      EFI_RT_SUPPORTED_GET_NEXT_VARIABLE_NAME))
419 		generic_ops_unregister();
420 err_put:
421 	kobject_put(efi_kobj);
422 	destroy_workqueue(efi_rts_wq);
423 	return error;
424 }
425 
426 subsys_initcall(efisubsys_init);
427 
428 void __init efi_find_mirror(void)
429 {
430 	efi_memory_desc_t *md;
431 	u64 mirror_size = 0, total_size = 0;
432 
433 	if (!efi_enabled(EFI_MEMMAP))
434 		return;
435 
436 	for_each_efi_memory_desc(md) {
437 		unsigned long long start = md->phys_addr;
438 		unsigned long long size = md->num_pages << EFI_PAGE_SHIFT;
439 
440 		total_size += size;
441 		if (md->attribute & EFI_MEMORY_MORE_RELIABLE) {
442 			memblock_mark_mirror(start, size);
443 			mirror_size += size;
444 		}
445 	}
446 	if (mirror_size)
447 		pr_info("Memory: %lldM/%lldM mirrored memory\n",
448 			mirror_size>>20, total_size>>20);
449 }
450 
451 /*
452  * Find the efi memory descriptor for a given physical address.  Given a
453  * physical address, determine if it exists within an EFI Memory Map entry,
454  * and if so, populate the supplied memory descriptor with the appropriate
455  * data.
456  */
457 int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md)
458 {
459 	efi_memory_desc_t *md;
460 
461 	if (!efi_enabled(EFI_MEMMAP)) {
462 		pr_err_once("EFI_MEMMAP is not enabled.\n");
463 		return -EINVAL;
464 	}
465 
466 	if (!out_md) {
467 		pr_err_once("out_md is null.\n");
468 		return -EINVAL;
469         }
470 
471 	for_each_efi_memory_desc(md) {
472 		u64 size;
473 		u64 end;
474 
475 		size = md->num_pages << EFI_PAGE_SHIFT;
476 		end = md->phys_addr + size;
477 		if (phys_addr >= md->phys_addr && phys_addr < end) {
478 			memcpy(out_md, md, sizeof(*out_md));
479 			return 0;
480 		}
481 	}
482 	return -ENOENT;
483 }
484 
485 /*
486  * Calculate the highest address of an efi memory descriptor.
487  */
488 u64 __init efi_mem_desc_end(efi_memory_desc_t *md)
489 {
490 	u64 size = md->num_pages << EFI_PAGE_SHIFT;
491 	u64 end = md->phys_addr + size;
492 	return end;
493 }
494 
495 void __init __weak efi_arch_mem_reserve(phys_addr_t addr, u64 size) {}
496 
497 /**
498  * efi_mem_reserve - Reserve an EFI memory region
499  * @addr: Physical address to reserve
500  * @size: Size of reservation
501  *
502  * Mark a region as reserved from general kernel allocation and
503  * prevent it being released by efi_free_boot_services().
504  *
505  * This function should be called drivers once they've parsed EFI
506  * configuration tables to figure out where their data lives, e.g.
507  * efi_esrt_init().
508  */
509 void __init efi_mem_reserve(phys_addr_t addr, u64 size)
510 {
511 	if (!memblock_is_region_reserved(addr, size))
512 		memblock_reserve(addr, size);
513 
514 	/*
515 	 * Some architectures (x86) reserve all boot services ranges
516 	 * until efi_free_boot_services() because of buggy firmware
517 	 * implementations. This means the above memblock_reserve() is
518 	 * superfluous on x86 and instead what it needs to do is
519 	 * ensure the @start, @size is not freed.
520 	 */
521 	efi_arch_mem_reserve(addr, size);
522 }
523 
524 static const efi_config_table_type_t common_tables[] __initconst = {
525 	{ACPI_20_TABLE_GUID,			&efi.acpi20,		"ACPI 2.0"	},
526 	{ACPI_TABLE_GUID,			&efi.acpi,		"ACPI"		},
527 	{SMBIOS_TABLE_GUID,			&efi.smbios,		"SMBIOS"	},
528 	{SMBIOS3_TABLE_GUID,			&efi.smbios3,		"SMBIOS 3.0"	},
529 	{EFI_SYSTEM_RESOURCE_TABLE_GUID,	&efi.esrt,		"ESRT"		},
530 	{EFI_MEMORY_ATTRIBUTES_TABLE_GUID,	&efi_mem_attr_table,	"MEMATTR"	},
531 	{LINUX_EFI_RANDOM_SEED_TABLE_GUID,	&efi_rng_seed,		"RNG"		},
532 	{LINUX_EFI_TPM_EVENT_LOG_GUID,		&efi.tpm_log,		"TPMEventLog"	},
533 	{LINUX_EFI_TPM_FINAL_LOG_GUID,		&efi.tpm_final_log,	"TPMFinalLog"	},
534 	{LINUX_EFI_MEMRESERVE_TABLE_GUID,	&mem_reserve,		"MEMRESERVE"	},
535 	{EFI_RT_PROPERTIES_TABLE_GUID,		&rt_prop,		"RTPROP"	},
536 #ifdef CONFIG_EFI_RCI2_TABLE
537 	{DELLEMC_EFI_RCI2_TABLE_GUID,		&rci2_table_phys			},
538 #endif
539 #ifdef CONFIG_LOAD_UEFI_KEYS
540 	{LINUX_EFI_MOK_VARIABLE_TABLE_GUID,	&efi.mokvar_table,	"MOKvar"	},
541 #endif
542 #ifdef CONFIG_EFI_COCO_SECRET
543 	{LINUX_EFI_COCO_SECRET_AREA_GUID,	&efi.coco_secret,	"CocoSecret"	},
544 #endif
545 	{},
546 };
547 
548 static __init int match_config_table(const efi_guid_t *guid,
549 				     unsigned long table,
550 				     const efi_config_table_type_t *table_types)
551 {
552 	int i;
553 
554 	for (i = 0; efi_guidcmp(table_types[i].guid, NULL_GUID); i++) {
555 		if (!efi_guidcmp(*guid, table_types[i].guid)) {
556 			*(table_types[i].ptr) = table;
557 			if (table_types[i].name[0])
558 				pr_cont("%s=0x%lx ",
559 					table_types[i].name, table);
560 			return 1;
561 		}
562 	}
563 
564 	return 0;
565 }
566 
567 int __init efi_config_parse_tables(const efi_config_table_t *config_tables,
568 				   int count,
569 				   const efi_config_table_type_t *arch_tables)
570 {
571 	const efi_config_table_64_t *tbl64 = (void *)config_tables;
572 	const efi_config_table_32_t *tbl32 = (void *)config_tables;
573 	const efi_guid_t *guid;
574 	unsigned long table;
575 	int i;
576 
577 	pr_info("");
578 	for (i = 0; i < count; i++) {
579 		if (!IS_ENABLED(CONFIG_X86)) {
580 			guid = &config_tables[i].guid;
581 			table = (unsigned long)config_tables[i].table;
582 		} else if (efi_enabled(EFI_64BIT)) {
583 			guid = &tbl64[i].guid;
584 			table = tbl64[i].table;
585 
586 			if (IS_ENABLED(CONFIG_X86_32) &&
587 			    tbl64[i].table > U32_MAX) {
588 				pr_cont("\n");
589 				pr_err("Table located above 4GB, disabling EFI.\n");
590 				return -EINVAL;
591 			}
592 		} else {
593 			guid = &tbl32[i].guid;
594 			table = tbl32[i].table;
595 		}
596 
597 		if (!match_config_table(guid, table, common_tables) && arch_tables)
598 			match_config_table(guid, table, arch_tables);
599 	}
600 	pr_cont("\n");
601 	set_bit(EFI_CONFIG_TABLES, &efi.flags);
602 
603 	if (efi_rng_seed != EFI_INVALID_TABLE_ADDR) {
604 		struct linux_efi_random_seed *seed;
605 		u32 size = 0;
606 
607 		seed = early_memremap(efi_rng_seed, sizeof(*seed));
608 		if (seed != NULL) {
609 			size = READ_ONCE(seed->size);
610 			early_memunmap(seed, sizeof(*seed));
611 		} else {
612 			pr_err("Could not map UEFI random seed!\n");
613 		}
614 		if (size > 0) {
615 			seed = early_memremap(efi_rng_seed,
616 					      sizeof(*seed) + size);
617 			if (seed != NULL) {
618 				pr_notice("seeding entropy pool\n");
619 				add_bootloader_randomness(seed->bits, size);
620 				early_memunmap(seed, sizeof(*seed) + size);
621 			} else {
622 				pr_err("Could not map UEFI random seed!\n");
623 			}
624 		}
625 	}
626 
627 	if (!IS_ENABLED(CONFIG_X86_32) && efi_enabled(EFI_MEMMAP))
628 		efi_memattr_init();
629 
630 	efi_tpm_eventlog_init();
631 
632 	if (mem_reserve != EFI_INVALID_TABLE_ADDR) {
633 		unsigned long prsv = mem_reserve;
634 
635 		while (prsv) {
636 			struct linux_efi_memreserve *rsv;
637 			u8 *p;
638 
639 			/*
640 			 * Just map a full page: that is what we will get
641 			 * anyway, and it permits us to map the entire entry
642 			 * before knowing its size.
643 			 */
644 			p = early_memremap(ALIGN_DOWN(prsv, PAGE_SIZE),
645 					   PAGE_SIZE);
646 			if (p == NULL) {
647 				pr_err("Could not map UEFI memreserve entry!\n");
648 				return -ENOMEM;
649 			}
650 
651 			rsv = (void *)(p + prsv % PAGE_SIZE);
652 
653 			/* reserve the entry itself */
654 			memblock_reserve(prsv,
655 					 struct_size(rsv, entry, rsv->size));
656 
657 			for (i = 0; i < atomic_read(&rsv->count); i++) {
658 				memblock_reserve(rsv->entry[i].base,
659 						 rsv->entry[i].size);
660 			}
661 
662 			prsv = rsv->next;
663 			early_memunmap(p, PAGE_SIZE);
664 		}
665 	}
666 
667 	if (rt_prop != EFI_INVALID_TABLE_ADDR) {
668 		efi_rt_properties_table_t *tbl;
669 
670 		tbl = early_memremap(rt_prop, sizeof(*tbl));
671 		if (tbl) {
672 			efi.runtime_supported_mask &= tbl->runtime_services_supported;
673 			early_memunmap(tbl, sizeof(*tbl));
674 		}
675 	}
676 
677 	return 0;
678 }
679 
680 int __init efi_systab_check_header(const efi_table_hdr_t *systab_hdr,
681 				   int min_major_version)
682 {
683 	if (systab_hdr->signature != EFI_SYSTEM_TABLE_SIGNATURE) {
684 		pr_err("System table signature incorrect!\n");
685 		return -EINVAL;
686 	}
687 
688 	if ((systab_hdr->revision >> 16) < min_major_version)
689 		pr_err("Warning: System table version %d.%02d, expected %d.00 or greater!\n",
690 		       systab_hdr->revision >> 16,
691 		       systab_hdr->revision & 0xffff,
692 		       min_major_version);
693 
694 	return 0;
695 }
696 
697 #ifndef CONFIG_IA64
698 static const efi_char16_t *__init map_fw_vendor(unsigned long fw_vendor,
699 						size_t size)
700 {
701 	const efi_char16_t *ret;
702 
703 	ret = early_memremap_ro(fw_vendor, size);
704 	if (!ret)
705 		pr_err("Could not map the firmware vendor!\n");
706 	return ret;
707 }
708 
709 static void __init unmap_fw_vendor(const void *fw_vendor, size_t size)
710 {
711 	early_memunmap((void *)fw_vendor, size);
712 }
713 #else
714 #define map_fw_vendor(p, s)	__va(p)
715 #define unmap_fw_vendor(v, s)
716 #endif
717 
718 void __init efi_systab_report_header(const efi_table_hdr_t *systab_hdr,
719 				     unsigned long fw_vendor)
720 {
721 	char vendor[100] = "unknown";
722 	const efi_char16_t *c16;
723 	size_t i;
724 
725 	c16 = map_fw_vendor(fw_vendor, sizeof(vendor) * sizeof(efi_char16_t));
726 	if (c16) {
727 		for (i = 0; i < sizeof(vendor) - 1 && c16[i]; ++i)
728 			vendor[i] = c16[i];
729 		vendor[i] = '\0';
730 
731 		unmap_fw_vendor(c16, sizeof(vendor) * sizeof(efi_char16_t));
732 	}
733 
734 	pr_info("EFI v%u.%.02u by %s\n",
735 		systab_hdr->revision >> 16,
736 		systab_hdr->revision & 0xffff,
737 		vendor);
738 
739 	if (IS_ENABLED(CONFIG_X86_64) &&
740 	    systab_hdr->revision > EFI_1_10_SYSTEM_TABLE_REVISION &&
741 	    !strcmp(vendor, "Apple")) {
742 		pr_info("Apple Mac detected, using EFI v1.10 runtime services only\n");
743 		efi.runtime_version = EFI_1_10_SYSTEM_TABLE_REVISION;
744 	}
745 }
746 
747 static __initdata char memory_type_name[][13] = {
748 	"Reserved",
749 	"Loader Code",
750 	"Loader Data",
751 	"Boot Code",
752 	"Boot Data",
753 	"Runtime Code",
754 	"Runtime Data",
755 	"Conventional",
756 	"Unusable",
757 	"ACPI Reclaim",
758 	"ACPI Mem NVS",
759 	"MMIO",
760 	"MMIO Port",
761 	"PAL Code",
762 	"Persistent",
763 };
764 
765 char * __init efi_md_typeattr_format(char *buf, size_t size,
766 				     const efi_memory_desc_t *md)
767 {
768 	char *pos;
769 	int type_len;
770 	u64 attr;
771 
772 	pos = buf;
773 	if (md->type >= ARRAY_SIZE(memory_type_name))
774 		type_len = snprintf(pos, size, "[type=%u", md->type);
775 	else
776 		type_len = snprintf(pos, size, "[%-*s",
777 				    (int)(sizeof(memory_type_name[0]) - 1),
778 				    memory_type_name[md->type]);
779 	if (type_len >= size)
780 		return buf;
781 
782 	pos += type_len;
783 	size -= type_len;
784 
785 	attr = md->attribute;
786 	if (attr & ~(EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMORY_WT |
787 		     EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_RO |
788 		     EFI_MEMORY_WP | EFI_MEMORY_RP | EFI_MEMORY_XP |
789 		     EFI_MEMORY_NV | EFI_MEMORY_SP | EFI_MEMORY_CPU_CRYPTO |
790 		     EFI_MEMORY_RUNTIME | EFI_MEMORY_MORE_RELIABLE))
791 		snprintf(pos, size, "|attr=0x%016llx]",
792 			 (unsigned long long)attr);
793 	else
794 		snprintf(pos, size,
795 			 "|%3s|%2s|%2s|%2s|%2s|%2s|%2s|%2s|%2s|%3s|%2s|%2s|%2s|%2s]",
796 			 attr & EFI_MEMORY_RUNTIME		? "RUN" : "",
797 			 attr & EFI_MEMORY_MORE_RELIABLE	? "MR"  : "",
798 			 attr & EFI_MEMORY_CPU_CRYPTO   	? "CC"  : "",
799 			 attr & EFI_MEMORY_SP			? "SP"  : "",
800 			 attr & EFI_MEMORY_NV			? "NV"  : "",
801 			 attr & EFI_MEMORY_XP			? "XP"  : "",
802 			 attr & EFI_MEMORY_RP			? "RP"  : "",
803 			 attr & EFI_MEMORY_WP			? "WP"  : "",
804 			 attr & EFI_MEMORY_RO			? "RO"  : "",
805 			 attr & EFI_MEMORY_UCE			? "UCE" : "",
806 			 attr & EFI_MEMORY_WB			? "WB"  : "",
807 			 attr & EFI_MEMORY_WT			? "WT"  : "",
808 			 attr & EFI_MEMORY_WC			? "WC"  : "",
809 			 attr & EFI_MEMORY_UC			? "UC"  : "");
810 	return buf;
811 }
812 
813 /*
814  * IA64 has a funky EFI memory map that doesn't work the same way as
815  * other architectures.
816  */
817 #ifndef CONFIG_IA64
818 /*
819  * efi_mem_attributes - lookup memmap attributes for physical address
820  * @phys_addr: the physical address to lookup
821  *
822  * Search in the EFI memory map for the region covering
823  * @phys_addr. Returns the EFI memory attributes if the region
824  * was found in the memory map, 0 otherwise.
825  */
826 u64 efi_mem_attributes(unsigned long phys_addr)
827 {
828 	efi_memory_desc_t *md;
829 
830 	if (!efi_enabled(EFI_MEMMAP))
831 		return 0;
832 
833 	for_each_efi_memory_desc(md) {
834 		if ((md->phys_addr <= phys_addr) &&
835 		    (phys_addr < (md->phys_addr +
836 		    (md->num_pages << EFI_PAGE_SHIFT))))
837 			return md->attribute;
838 	}
839 	return 0;
840 }
841 
842 /*
843  * efi_mem_type - lookup memmap type for physical address
844  * @phys_addr: the physical address to lookup
845  *
846  * Search in the EFI memory map for the region covering @phys_addr.
847  * Returns the EFI memory type if the region was found in the memory
848  * map, -EINVAL otherwise.
849  */
850 int efi_mem_type(unsigned long phys_addr)
851 {
852 	const efi_memory_desc_t *md;
853 
854 	if (!efi_enabled(EFI_MEMMAP))
855 		return -ENOTSUPP;
856 
857 	for_each_efi_memory_desc(md) {
858 		if ((md->phys_addr <= phys_addr) &&
859 		    (phys_addr < (md->phys_addr +
860 				  (md->num_pages << EFI_PAGE_SHIFT))))
861 			return md->type;
862 	}
863 	return -EINVAL;
864 }
865 #endif
866 
867 int efi_status_to_err(efi_status_t status)
868 {
869 	int err;
870 
871 	switch (status) {
872 	case EFI_SUCCESS:
873 		err = 0;
874 		break;
875 	case EFI_INVALID_PARAMETER:
876 		err = -EINVAL;
877 		break;
878 	case EFI_OUT_OF_RESOURCES:
879 		err = -ENOSPC;
880 		break;
881 	case EFI_DEVICE_ERROR:
882 		err = -EIO;
883 		break;
884 	case EFI_WRITE_PROTECTED:
885 		err = -EROFS;
886 		break;
887 	case EFI_SECURITY_VIOLATION:
888 		err = -EACCES;
889 		break;
890 	case EFI_NOT_FOUND:
891 		err = -ENOENT;
892 		break;
893 	case EFI_ABORTED:
894 		err = -EINTR;
895 		break;
896 	default:
897 		err = -EINVAL;
898 	}
899 
900 	return err;
901 }
902 EXPORT_SYMBOL_GPL(efi_status_to_err);
903 
904 static DEFINE_SPINLOCK(efi_mem_reserve_persistent_lock);
905 static struct linux_efi_memreserve *efi_memreserve_root __ro_after_init;
906 
907 static int __init efi_memreserve_map_root(void)
908 {
909 	if (mem_reserve == EFI_INVALID_TABLE_ADDR)
910 		return -ENODEV;
911 
912 	efi_memreserve_root = memremap(mem_reserve,
913 				       sizeof(*efi_memreserve_root),
914 				       MEMREMAP_WB);
915 	if (WARN_ON_ONCE(!efi_memreserve_root))
916 		return -ENOMEM;
917 	return 0;
918 }
919 
920 static int efi_mem_reserve_iomem(phys_addr_t addr, u64 size)
921 {
922 	struct resource *res, *parent;
923 	int ret;
924 
925 	res = kzalloc(sizeof(struct resource), GFP_ATOMIC);
926 	if (!res)
927 		return -ENOMEM;
928 
929 	res->name	= "reserved";
930 	res->flags	= IORESOURCE_MEM;
931 	res->start	= addr;
932 	res->end	= addr + size - 1;
933 
934 	/* we expect a conflict with a 'System RAM' region */
935 	parent = request_resource_conflict(&iomem_resource, res);
936 	ret = parent ? request_resource(parent, res) : 0;
937 
938 	/*
939 	 * Given that efi_mem_reserve_iomem() can be called at any
940 	 * time, only call memblock_reserve() if the architecture
941 	 * keeps the infrastructure around.
942 	 */
943 	if (IS_ENABLED(CONFIG_ARCH_KEEP_MEMBLOCK) && !ret)
944 		memblock_reserve(addr, size);
945 
946 	return ret;
947 }
948 
949 int __ref efi_mem_reserve_persistent(phys_addr_t addr, u64 size)
950 {
951 	struct linux_efi_memreserve *rsv;
952 	unsigned long prsv;
953 	int rc, index;
954 
955 	if (efi_memreserve_root == (void *)ULONG_MAX)
956 		return -ENODEV;
957 
958 	if (!efi_memreserve_root) {
959 		rc = efi_memreserve_map_root();
960 		if (rc)
961 			return rc;
962 	}
963 
964 	/* first try to find a slot in an existing linked list entry */
965 	for (prsv = efi_memreserve_root->next; prsv; ) {
966 		rsv = memremap(prsv, sizeof(*rsv), MEMREMAP_WB);
967 		index = atomic_fetch_add_unless(&rsv->count, 1, rsv->size);
968 		if (index < rsv->size) {
969 			rsv->entry[index].base = addr;
970 			rsv->entry[index].size = size;
971 
972 			memunmap(rsv);
973 			return efi_mem_reserve_iomem(addr, size);
974 		}
975 		prsv = rsv->next;
976 		memunmap(rsv);
977 	}
978 
979 	/* no slot found - allocate a new linked list entry */
980 	rsv = (struct linux_efi_memreserve *)__get_free_page(GFP_ATOMIC);
981 	if (!rsv)
982 		return -ENOMEM;
983 
984 	rc = efi_mem_reserve_iomem(__pa(rsv), SZ_4K);
985 	if (rc) {
986 		free_page((unsigned long)rsv);
987 		return rc;
988 	}
989 
990 	/*
991 	 * The memremap() call above assumes that a linux_efi_memreserve entry
992 	 * never crosses a page boundary, so let's ensure that this remains true
993 	 * even when kexec'ing a 4k pages kernel from a >4k pages kernel, by
994 	 * using SZ_4K explicitly in the size calculation below.
995 	 */
996 	rsv->size = EFI_MEMRESERVE_COUNT(SZ_4K);
997 	atomic_set(&rsv->count, 1);
998 	rsv->entry[0].base = addr;
999 	rsv->entry[0].size = size;
1000 
1001 	spin_lock(&efi_mem_reserve_persistent_lock);
1002 	rsv->next = efi_memreserve_root->next;
1003 	efi_memreserve_root->next = __pa(rsv);
1004 	spin_unlock(&efi_mem_reserve_persistent_lock);
1005 
1006 	return efi_mem_reserve_iomem(addr, size);
1007 }
1008 
1009 static int __init efi_memreserve_root_init(void)
1010 {
1011 	if (efi_memreserve_root)
1012 		return 0;
1013 	if (efi_memreserve_map_root())
1014 		efi_memreserve_root = (void *)ULONG_MAX;
1015 	return 0;
1016 }
1017 early_initcall(efi_memreserve_root_init);
1018 
1019 #ifdef CONFIG_KEXEC
1020 static int update_efi_random_seed(struct notifier_block *nb,
1021 				  unsigned long code, void *unused)
1022 {
1023 	struct linux_efi_random_seed *seed;
1024 	u32 size = 0;
1025 
1026 	if (!kexec_in_progress)
1027 		return NOTIFY_DONE;
1028 
1029 	seed = memremap(efi_rng_seed, sizeof(*seed), MEMREMAP_WB);
1030 	if (seed != NULL) {
1031 		size = min(seed->size, EFI_RANDOM_SEED_SIZE);
1032 		memunmap(seed);
1033 	} else {
1034 		pr_err("Could not map UEFI random seed!\n");
1035 	}
1036 	if (size > 0) {
1037 		seed = memremap(efi_rng_seed, sizeof(*seed) + size,
1038 				MEMREMAP_WB);
1039 		if (seed != NULL) {
1040 			seed->size = size;
1041 			get_random_bytes(seed->bits, seed->size);
1042 			memunmap(seed);
1043 		} else {
1044 			pr_err("Could not map UEFI random seed!\n");
1045 		}
1046 	}
1047 	return NOTIFY_DONE;
1048 }
1049 
1050 static struct notifier_block efi_random_seed_nb = {
1051 	.notifier_call = update_efi_random_seed,
1052 };
1053 
1054 static int __init register_update_efi_random_seed(void)
1055 {
1056 	if (efi_rng_seed == EFI_INVALID_TABLE_ADDR)
1057 		return 0;
1058 	return register_reboot_notifier(&efi_random_seed_nb);
1059 }
1060 late_initcall(register_update_efi_random_seed);
1061 #endif
1062