xref: /linux/drivers/firmware/efi/libstub/efi-stub-helper.c (revision 071bf69a0220253a44acb8b2a27f7a262b9a46bf)
1 /*
2  * Helper functions used by the EFI stub on multiple
3  * architectures. This should be #included by the EFI stub
4  * implementation files.
5  *
6  * Copyright 2011 Intel Corporation; author Matt Fleming
7  *
8  * This file is part of the Linux kernel, and is made available
9  * under the terms of the GNU General Public License version 2.
10  *
11  */
12 
13 #include <linux/efi.h>
14 #include <asm/efi.h>
15 
16 #include "efistub.h"
17 
18 /*
19  * Some firmware implementations have problems reading files in one go.
20  * A read chunk size of 1MB seems to work for most platforms.
21  *
22  * Unfortunately, reading files in chunks triggers *other* bugs on some
23  * platforms, so we provide a way to disable this workaround, which can
24  * be done by passing "efi=nochunk" on the EFI boot stub command line.
25  *
26  * If you experience issues with initrd images being corrupt it's worth
27  * trying efi=nochunk, but chunking is enabled by default because there
28  * are far more machines that require the workaround than those that
29  * break with it enabled.
30  */
31 #define EFI_READ_CHUNK_SIZE	(1024 * 1024)
32 
33 static unsigned long __chunk_size = EFI_READ_CHUNK_SIZE;
34 
35 /*
36  * Allow the platform to override the allocation granularity: this allows
37  * systems that have the capability to run with a larger page size to deal
38  * with the allocations for initrd and fdt more efficiently.
39  */
40 #ifndef EFI_ALLOC_ALIGN
41 #define EFI_ALLOC_ALIGN		EFI_PAGE_SIZE
42 #endif
43 
44 struct file_info {
45 	efi_file_handle_t *handle;
46 	u64 size;
47 };
48 
49 void efi_printk(efi_system_table_t *sys_table_arg, char *str)
50 {
51 	char *s8;
52 
53 	for (s8 = str; *s8; s8++) {
54 		efi_char16_t ch[2] = { 0 };
55 
56 		ch[0] = *s8;
57 		if (*s8 == '\n') {
58 			efi_char16_t nl[2] = { '\r', 0 };
59 			efi_char16_printk(sys_table_arg, nl);
60 		}
61 
62 		efi_char16_printk(sys_table_arg, ch);
63 	}
64 }
65 
66 efi_status_t efi_get_memory_map(efi_system_table_t *sys_table_arg,
67 				efi_memory_desc_t **map,
68 				unsigned long *map_size,
69 				unsigned long *desc_size,
70 				u32 *desc_ver,
71 				unsigned long *key_ptr)
72 {
73 	efi_memory_desc_t *m = NULL;
74 	efi_status_t status;
75 	unsigned long key;
76 	u32 desc_version;
77 
78 	*map_size = sizeof(*m) * 32;
79 again:
80 	/*
81 	 * Add an additional efi_memory_desc_t because we're doing an
82 	 * allocation which may be in a new descriptor region.
83 	 */
84 	*map_size += sizeof(*m);
85 	status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
86 				*map_size, (void **)&m);
87 	if (status != EFI_SUCCESS)
88 		goto fail;
89 
90 	*desc_size = 0;
91 	key = 0;
92 	status = efi_call_early(get_memory_map, map_size, m,
93 				&key, desc_size, &desc_version);
94 	if (status == EFI_BUFFER_TOO_SMALL) {
95 		efi_call_early(free_pool, m);
96 		goto again;
97 	}
98 
99 	if (status != EFI_SUCCESS)
100 		efi_call_early(free_pool, m);
101 
102 	if (key_ptr && status == EFI_SUCCESS)
103 		*key_ptr = key;
104 	if (desc_ver && status == EFI_SUCCESS)
105 		*desc_ver = desc_version;
106 
107 fail:
108 	*map = m;
109 	return status;
110 }
111 
112 
113 unsigned long get_dram_base(efi_system_table_t *sys_table_arg)
114 {
115 	efi_status_t status;
116 	unsigned long map_size;
117 	unsigned long membase  = EFI_ERROR;
118 	struct efi_memory_map map;
119 	efi_memory_desc_t *md;
120 
121 	status = efi_get_memory_map(sys_table_arg, (efi_memory_desc_t **)&map.map,
122 				    &map_size, &map.desc_size, NULL, NULL);
123 	if (status != EFI_SUCCESS)
124 		return membase;
125 
126 	map.map_end = map.map + map_size;
127 
128 	for_each_efi_memory_desc_in_map(&map, md) {
129 		if (md->attribute & EFI_MEMORY_WB) {
130 			if (membase > md->phys_addr)
131 				membase = md->phys_addr;
132 		}
133 	}
134 
135 	efi_call_early(free_pool, map.map);
136 
137 	return membase;
138 }
139 
140 /*
141  * Allocate at the highest possible address that is not above 'max'.
142  */
143 efi_status_t efi_high_alloc(efi_system_table_t *sys_table_arg,
144 			    unsigned long size, unsigned long align,
145 			    unsigned long *addr, unsigned long max)
146 {
147 	unsigned long map_size, desc_size;
148 	efi_memory_desc_t *map;
149 	efi_status_t status;
150 	unsigned long nr_pages;
151 	u64 max_addr = 0;
152 	int i;
153 
154 	status = efi_get_memory_map(sys_table_arg, &map, &map_size, &desc_size,
155 				    NULL, NULL);
156 	if (status != EFI_SUCCESS)
157 		goto fail;
158 
159 	/*
160 	 * Enforce minimum alignment that EFI requires when requesting
161 	 * a specific address.  We are doing page-based allocations,
162 	 * so we must be aligned to a page.
163 	 */
164 	if (align < EFI_ALLOC_ALIGN)
165 		align = EFI_ALLOC_ALIGN;
166 
167 	nr_pages = round_up(size, EFI_ALLOC_ALIGN) / EFI_PAGE_SIZE;
168 again:
169 	for (i = 0; i < map_size / desc_size; i++) {
170 		efi_memory_desc_t *desc;
171 		unsigned long m = (unsigned long)map;
172 		u64 start, end;
173 
174 		desc = (efi_memory_desc_t *)(m + (i * desc_size));
175 		if (desc->type != EFI_CONVENTIONAL_MEMORY)
176 			continue;
177 
178 		if (desc->num_pages < nr_pages)
179 			continue;
180 
181 		start = desc->phys_addr;
182 		end = start + desc->num_pages * (1UL << EFI_PAGE_SHIFT);
183 
184 		if (end > max)
185 			end = max;
186 
187 		if ((start + size) > end)
188 			continue;
189 
190 		if (round_down(end - size, align) < start)
191 			continue;
192 
193 		start = round_down(end - size, align);
194 
195 		/*
196 		 * Don't allocate at 0x0. It will confuse code that
197 		 * checks pointers against NULL.
198 		 */
199 		if (start == 0x0)
200 			continue;
201 
202 		if (start > max_addr)
203 			max_addr = start;
204 	}
205 
206 	if (!max_addr)
207 		status = EFI_NOT_FOUND;
208 	else {
209 		status = efi_call_early(allocate_pages,
210 					EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA,
211 					nr_pages, &max_addr);
212 		if (status != EFI_SUCCESS) {
213 			max = max_addr;
214 			max_addr = 0;
215 			goto again;
216 		}
217 
218 		*addr = max_addr;
219 	}
220 
221 	efi_call_early(free_pool, map);
222 fail:
223 	return status;
224 }
225 
226 /*
227  * Allocate at the lowest possible address.
228  */
229 efi_status_t efi_low_alloc(efi_system_table_t *sys_table_arg,
230 			   unsigned long size, unsigned long align,
231 			   unsigned long *addr)
232 {
233 	unsigned long map_size, desc_size;
234 	efi_memory_desc_t *map;
235 	efi_status_t status;
236 	unsigned long nr_pages;
237 	int i;
238 
239 	status = efi_get_memory_map(sys_table_arg, &map, &map_size, &desc_size,
240 				    NULL, NULL);
241 	if (status != EFI_SUCCESS)
242 		goto fail;
243 
244 	/*
245 	 * Enforce minimum alignment that EFI requires when requesting
246 	 * a specific address.  We are doing page-based allocations,
247 	 * so we must be aligned to a page.
248 	 */
249 	if (align < EFI_ALLOC_ALIGN)
250 		align = EFI_ALLOC_ALIGN;
251 
252 	nr_pages = round_up(size, EFI_ALLOC_ALIGN) / EFI_PAGE_SIZE;
253 	for (i = 0; i < map_size / desc_size; i++) {
254 		efi_memory_desc_t *desc;
255 		unsigned long m = (unsigned long)map;
256 		u64 start, end;
257 
258 		desc = (efi_memory_desc_t *)(m + (i * desc_size));
259 
260 		if (desc->type != EFI_CONVENTIONAL_MEMORY)
261 			continue;
262 
263 		if (desc->num_pages < nr_pages)
264 			continue;
265 
266 		start = desc->phys_addr;
267 		end = start + desc->num_pages * (1UL << EFI_PAGE_SHIFT);
268 
269 		/*
270 		 * Don't allocate at 0x0. It will confuse code that
271 		 * checks pointers against NULL. Skip the first 8
272 		 * bytes so we start at a nice even number.
273 		 */
274 		if (start == 0x0)
275 			start += 8;
276 
277 		start = round_up(start, align);
278 		if ((start + size) > end)
279 			continue;
280 
281 		status = efi_call_early(allocate_pages,
282 					EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA,
283 					nr_pages, &start);
284 		if (status == EFI_SUCCESS) {
285 			*addr = start;
286 			break;
287 		}
288 	}
289 
290 	if (i == map_size / desc_size)
291 		status = EFI_NOT_FOUND;
292 
293 	efi_call_early(free_pool, map);
294 fail:
295 	return status;
296 }
297 
298 void efi_free(efi_system_table_t *sys_table_arg, unsigned long size,
299 	      unsigned long addr)
300 {
301 	unsigned long nr_pages;
302 
303 	if (!size)
304 		return;
305 
306 	nr_pages = round_up(size, EFI_ALLOC_ALIGN) / EFI_PAGE_SIZE;
307 	efi_call_early(free_pages, addr, nr_pages);
308 }
309 
310 /*
311  * Parse the ASCII string 'cmdline' for EFI options, denoted by the efi=
312  * option, e.g. efi=nochunk.
313  *
314  * It should be noted that efi= is parsed in two very different
315  * environments, first in the early boot environment of the EFI boot
316  * stub, and subsequently during the kernel boot.
317  */
318 efi_status_t efi_parse_options(char *cmdline)
319 {
320 	char *str;
321 
322 	/*
323 	 * If no EFI parameters were specified on the cmdline we've got
324 	 * nothing to do.
325 	 */
326 	str = strstr(cmdline, "efi=");
327 	if (!str)
328 		return EFI_SUCCESS;
329 
330 	/* Skip ahead to first argument */
331 	str += strlen("efi=");
332 
333 	/*
334 	 * Remember, because efi= is also used by the kernel we need to
335 	 * skip over arguments we don't understand.
336 	 */
337 	while (*str) {
338 		if (!strncmp(str, "nochunk", 7)) {
339 			str += strlen("nochunk");
340 			__chunk_size = -1UL;
341 		}
342 
343 		/* Group words together, delimited by "," */
344 		while (*str && *str != ',')
345 			str++;
346 
347 		if (*str == ',')
348 			str++;
349 	}
350 
351 	return EFI_SUCCESS;
352 }
353 
354 /*
355  * Check the cmdline for a LILO-style file= arguments.
356  *
357  * We only support loading a file from the same filesystem as
358  * the kernel image.
359  */
360 efi_status_t handle_cmdline_files(efi_system_table_t *sys_table_arg,
361 				  efi_loaded_image_t *image,
362 				  char *cmd_line, char *option_string,
363 				  unsigned long max_addr,
364 				  unsigned long *load_addr,
365 				  unsigned long *load_size)
366 {
367 	struct file_info *files;
368 	unsigned long file_addr;
369 	u64 file_size_total;
370 	efi_file_handle_t *fh = NULL;
371 	efi_status_t status;
372 	int nr_files;
373 	char *str;
374 	int i, j, k;
375 
376 	file_addr = 0;
377 	file_size_total = 0;
378 
379 	str = cmd_line;
380 
381 	j = 0;			/* See close_handles */
382 
383 	if (!load_addr || !load_size)
384 		return EFI_INVALID_PARAMETER;
385 
386 	*load_addr = 0;
387 	*load_size = 0;
388 
389 	if (!str || !*str)
390 		return EFI_SUCCESS;
391 
392 	for (nr_files = 0; *str; nr_files++) {
393 		str = strstr(str, option_string);
394 		if (!str)
395 			break;
396 
397 		str += strlen(option_string);
398 
399 		/* Skip any leading slashes */
400 		while (*str == '/' || *str == '\\')
401 			str++;
402 
403 		while (*str && *str != ' ' && *str != '\n')
404 			str++;
405 	}
406 
407 	if (!nr_files)
408 		return EFI_SUCCESS;
409 
410 	status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
411 				nr_files * sizeof(*files), (void **)&files);
412 	if (status != EFI_SUCCESS) {
413 		pr_efi_err(sys_table_arg, "Failed to alloc mem for file handle list\n");
414 		goto fail;
415 	}
416 
417 	str = cmd_line;
418 	for (i = 0; i < nr_files; i++) {
419 		struct file_info *file;
420 		efi_char16_t filename_16[256];
421 		efi_char16_t *p;
422 
423 		str = strstr(str, option_string);
424 		if (!str)
425 			break;
426 
427 		str += strlen(option_string);
428 
429 		file = &files[i];
430 		p = filename_16;
431 
432 		/* Skip any leading slashes */
433 		while (*str == '/' || *str == '\\')
434 			str++;
435 
436 		while (*str && *str != ' ' && *str != '\n') {
437 			if ((u8 *)p >= (u8 *)filename_16 + sizeof(filename_16))
438 				break;
439 
440 			if (*str == '/') {
441 				*p++ = '\\';
442 				str++;
443 			} else {
444 				*p++ = *str++;
445 			}
446 		}
447 
448 		*p = '\0';
449 
450 		/* Only open the volume once. */
451 		if (!i) {
452 			status = efi_open_volume(sys_table_arg, image,
453 						 (void **)&fh);
454 			if (status != EFI_SUCCESS)
455 				goto free_files;
456 		}
457 
458 		status = efi_file_size(sys_table_arg, fh, filename_16,
459 				       (void **)&file->handle, &file->size);
460 		if (status != EFI_SUCCESS)
461 			goto close_handles;
462 
463 		file_size_total += file->size;
464 	}
465 
466 	if (file_size_total) {
467 		unsigned long addr;
468 
469 		/*
470 		 * Multiple files need to be at consecutive addresses in memory,
471 		 * so allocate enough memory for all the files.  This is used
472 		 * for loading multiple files.
473 		 */
474 		status = efi_high_alloc(sys_table_arg, file_size_total, 0x1000,
475 				    &file_addr, max_addr);
476 		if (status != EFI_SUCCESS) {
477 			pr_efi_err(sys_table_arg, "Failed to alloc highmem for files\n");
478 			goto close_handles;
479 		}
480 
481 		/* We've run out of free low memory. */
482 		if (file_addr > max_addr) {
483 			pr_efi_err(sys_table_arg, "We've run out of free low memory\n");
484 			status = EFI_INVALID_PARAMETER;
485 			goto free_file_total;
486 		}
487 
488 		addr = file_addr;
489 		for (j = 0; j < nr_files; j++) {
490 			unsigned long size;
491 
492 			size = files[j].size;
493 			while (size) {
494 				unsigned long chunksize;
495 				if (size > __chunk_size)
496 					chunksize = __chunk_size;
497 				else
498 					chunksize = size;
499 
500 				status = efi_file_read(files[j].handle,
501 						       &chunksize,
502 						       (void *)addr);
503 				if (status != EFI_SUCCESS) {
504 					pr_efi_err(sys_table_arg, "Failed to read file\n");
505 					goto free_file_total;
506 				}
507 				addr += chunksize;
508 				size -= chunksize;
509 			}
510 
511 			efi_file_close(files[j].handle);
512 		}
513 
514 	}
515 
516 	efi_call_early(free_pool, files);
517 
518 	*load_addr = file_addr;
519 	*load_size = file_size_total;
520 
521 	return status;
522 
523 free_file_total:
524 	efi_free(sys_table_arg, file_size_total, file_addr);
525 
526 close_handles:
527 	for (k = j; k < i; k++)
528 		efi_file_close(files[k].handle);
529 free_files:
530 	efi_call_early(free_pool, files);
531 fail:
532 	*load_addr = 0;
533 	*load_size = 0;
534 
535 	return status;
536 }
537 /*
538  * Relocate a kernel image, either compressed or uncompressed.
539  * In the ARM64 case, all kernel images are currently
540  * uncompressed, and as such when we relocate it we need to
541  * allocate additional space for the BSS segment. Any low
542  * memory that this function should avoid needs to be
543  * unavailable in the EFI memory map, as if the preferred
544  * address is not available the lowest available address will
545  * be used.
546  */
547 efi_status_t efi_relocate_kernel(efi_system_table_t *sys_table_arg,
548 				 unsigned long *image_addr,
549 				 unsigned long image_size,
550 				 unsigned long alloc_size,
551 				 unsigned long preferred_addr,
552 				 unsigned long alignment)
553 {
554 	unsigned long cur_image_addr;
555 	unsigned long new_addr = 0;
556 	efi_status_t status;
557 	unsigned long nr_pages;
558 	efi_physical_addr_t efi_addr = preferred_addr;
559 
560 	if (!image_addr || !image_size || !alloc_size)
561 		return EFI_INVALID_PARAMETER;
562 	if (alloc_size < image_size)
563 		return EFI_INVALID_PARAMETER;
564 
565 	cur_image_addr = *image_addr;
566 
567 	/*
568 	 * The EFI firmware loader could have placed the kernel image
569 	 * anywhere in memory, but the kernel has restrictions on the
570 	 * max physical address it can run at.  Some architectures
571 	 * also have a prefered address, so first try to relocate
572 	 * to the preferred address.  If that fails, allocate as low
573 	 * as possible while respecting the required alignment.
574 	 */
575 	nr_pages = round_up(alloc_size, EFI_ALLOC_ALIGN) / EFI_PAGE_SIZE;
576 	status = efi_call_early(allocate_pages,
577 				EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA,
578 				nr_pages, &efi_addr);
579 	new_addr = efi_addr;
580 	/*
581 	 * If preferred address allocation failed allocate as low as
582 	 * possible.
583 	 */
584 	if (status != EFI_SUCCESS) {
585 		status = efi_low_alloc(sys_table_arg, alloc_size, alignment,
586 				       &new_addr);
587 	}
588 	if (status != EFI_SUCCESS) {
589 		pr_efi_err(sys_table_arg, "Failed to allocate usable memory for kernel.\n");
590 		return status;
591 	}
592 
593 	/*
594 	 * We know source/dest won't overlap since both memory ranges
595 	 * have been allocated by UEFI, so we can safely use memcpy.
596 	 */
597 	memcpy((void *)new_addr, (void *)cur_image_addr, image_size);
598 
599 	/* Return the new address of the relocated image. */
600 	*image_addr = new_addr;
601 
602 	return status;
603 }
604 
605 /*
606  * Get the number of UTF-8 bytes corresponding to an UTF-16 character.
607  * This overestimates for surrogates, but that is okay.
608  */
609 static int efi_utf8_bytes(u16 c)
610 {
611 	return 1 + (c >= 0x80) + (c >= 0x800);
612 }
613 
614 /*
615  * Convert an UTF-16 string, not necessarily null terminated, to UTF-8.
616  */
617 static u8 *efi_utf16_to_utf8(u8 *dst, const u16 *src, int n)
618 {
619 	unsigned int c;
620 
621 	while (n--) {
622 		c = *src++;
623 		if (n && c >= 0xd800 && c <= 0xdbff &&
624 		    *src >= 0xdc00 && *src <= 0xdfff) {
625 			c = 0x10000 + ((c & 0x3ff) << 10) + (*src & 0x3ff);
626 			src++;
627 			n--;
628 		}
629 		if (c >= 0xd800 && c <= 0xdfff)
630 			c = 0xfffd; /* Unmatched surrogate */
631 		if (c < 0x80) {
632 			*dst++ = c;
633 			continue;
634 		}
635 		if (c < 0x800) {
636 			*dst++ = 0xc0 + (c >> 6);
637 			goto t1;
638 		}
639 		if (c < 0x10000) {
640 			*dst++ = 0xe0 + (c >> 12);
641 			goto t2;
642 		}
643 		*dst++ = 0xf0 + (c >> 18);
644 		*dst++ = 0x80 + ((c >> 12) & 0x3f);
645 	t2:
646 		*dst++ = 0x80 + ((c >> 6) & 0x3f);
647 	t1:
648 		*dst++ = 0x80 + (c & 0x3f);
649 	}
650 
651 	return dst;
652 }
653 
654 #ifndef MAX_CMDLINE_ADDRESS
655 #define MAX_CMDLINE_ADDRESS	ULONG_MAX
656 #endif
657 
658 /*
659  * Convert the unicode UEFI command line to ASCII to pass to kernel.
660  * Size of memory allocated return in *cmd_line_len.
661  * Returns NULL on error.
662  */
663 char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
664 			  efi_loaded_image_t *image,
665 			  int *cmd_line_len)
666 {
667 	const u16 *s2;
668 	u8 *s1 = NULL;
669 	unsigned long cmdline_addr = 0;
670 	int load_options_chars = image->load_options_size / 2; /* UTF-16 */
671 	const u16 *options = image->load_options;
672 	int options_bytes = 0;  /* UTF-8 bytes */
673 	int options_chars = 0;  /* UTF-16 chars */
674 	efi_status_t status;
675 	u16 zero = 0;
676 
677 	if (options) {
678 		s2 = options;
679 		while (*s2 && *s2 != '\n'
680 		       && options_chars < load_options_chars) {
681 			options_bytes += efi_utf8_bytes(*s2++);
682 			options_chars++;
683 		}
684 	}
685 
686 	if (!options_chars) {
687 		/* No command line options, so return empty string*/
688 		options = &zero;
689 	}
690 
691 	options_bytes++;	/* NUL termination */
692 
693 	status = efi_high_alloc(sys_table_arg, options_bytes, 0,
694 				&cmdline_addr, MAX_CMDLINE_ADDRESS);
695 	if (status != EFI_SUCCESS)
696 		return NULL;
697 
698 	s1 = (u8 *)cmdline_addr;
699 	s2 = (const u16 *)options;
700 
701 	s1 = efi_utf16_to_utf8(s1, s2, options_chars);
702 	*s1 = '\0';
703 
704 	*cmd_line_len = options_bytes;
705 	return (char *)cmdline_addr;
706 }
707