Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2
3/* -----------------------------------------------------------------------
4 *
5 * Copyright 2011 Intel Corporation; author Matt Fleming
6 *
7 * ----------------------------------------------------------------------- */
8
9#include <linux/efi.h>
10#include <linux/pci.h>
11#include <linux/stddef.h>
12
13#include <asm/efi.h>
14#include <asm/e820/types.h>
15#include <asm/setup.h>
16#include <asm/desc.h>
17#include <asm/boot.h>
18#include <asm/kaslr.h>
19#include <asm/sev.h>
20
21#include "efistub.h"
22#include "x86-stub.h"
23
24extern char _bss[], _ebss[];
25
26const efi_system_table_t *efi_system_table;
27const efi_dxe_services_table_t *efi_dxe_table;
28static efi_loaded_image_t *image = NULL;
29static efi_memory_attribute_protocol_t *memattr;
30
31typedef union sev_memory_acceptance_protocol sev_memory_acceptance_protocol_t;
32union sev_memory_acceptance_protocol {
33 struct {
34 efi_status_t (__efiapi * allow_unaccepted_memory)(
35 sev_memory_acceptance_protocol_t *);
36 };
37 struct {
38 u32 allow_unaccepted_memory;
39 } mixed_mode;
40};
41
42static efi_status_t
43preserve_pci_rom_image(efi_pci_io_protocol_t *pci, struct pci_setup_rom **__rom)
44{
45 struct pci_setup_rom *rom = NULL;
46 efi_status_t status;
47 unsigned long size;
48 uint64_t romsize;
49 void *romimage;
50
51 /*
52 * Some firmware images contain EFI function pointers at the place where
53 * the romimage and romsize fields are supposed to be. Typically the EFI
54 * code is mapped at high addresses, translating to an unrealistically
55 * large romsize. The UEFI spec limits the size of option ROMs to 16
56 * MiB so we reject any ROMs over 16 MiB in size to catch this.
57 */
58 romimage = efi_table_attr(pci, romimage);
59 romsize = efi_table_attr(pci, romsize);
60 if (!romimage || !romsize || romsize > SZ_16M)
61 return EFI_INVALID_PARAMETER;
62
63 size = romsize + sizeof(*rom);
64
65 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
66 (void **)&rom);
67 if (status != EFI_SUCCESS) {
68 efi_err("Failed to allocate memory for 'rom'\n");
69 return status;
70 }
71
72 memset(rom, 0, sizeof(*rom));
73
74 rom->data.type = SETUP_PCI;
75 rom->data.len = size - sizeof(struct setup_data);
76 rom->data.next = 0;
77 rom->pcilen = romsize;
78 *__rom = rom;
79
80 status = efi_call_proto(pci, pci.read, EfiPciIoWidthUint16,
81 PCI_VENDOR_ID, 1, &rom->vendor);
82
83 if (status != EFI_SUCCESS) {
84 efi_err("Failed to read rom->vendor\n");
85 goto free_struct;
86 }
87
88 status = efi_call_proto(pci, pci.read, EfiPciIoWidthUint16,
89 PCI_DEVICE_ID, 1, &rom->devid);
90
91 if (status != EFI_SUCCESS) {
92 efi_err("Failed to read rom->devid\n");
93 goto free_struct;
94 }
95
96 status = efi_call_proto(pci, get_location, &rom->segment, &rom->bus,
97 &rom->device, &rom->function);
98
99 if (status != EFI_SUCCESS)
100 goto free_struct;
101
102 memcpy(rom->romdata, romimage, romsize);
103 return status;
104
105free_struct:
106 efi_bs_call(free_pool, rom);
107 return status;
108}
109
110/*
111 * There's no way to return an informative status from this function,
112 * because any analysis (and printing of error messages) needs to be
113 * done directly at the EFI function call-site.
114 *
115 * For example, EFI_INVALID_PARAMETER could indicate a bug or maybe we
116 * just didn't find any PCI devices, but there's no way to tell outside
117 * the context of the call.
118 */
119static void setup_efi_pci(struct boot_params *params)
120{
121 efi_status_t status;
122 void **pci_handle = NULL;
123 efi_guid_t pci_proto = EFI_PCI_IO_PROTOCOL_GUID;
124 unsigned long size = 0;
125 struct setup_data *data;
126 efi_handle_t h;
127 int i;
128
129 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
130 &pci_proto, NULL, &size, pci_handle);
131
132 if (status == EFI_BUFFER_TOO_SMALL) {
133 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
134 (void **)&pci_handle);
135
136 if (status != EFI_SUCCESS) {
137 efi_err("Failed to allocate memory for 'pci_handle'\n");
138 return;
139 }
140
141 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
142 &pci_proto, NULL, &size, pci_handle);
143 }
144
145 if (status != EFI_SUCCESS)
146 goto free_handle;
147
148 data = (struct setup_data *)(unsigned long)params->hdr.setup_data;
149
150 while (data && data->next)
151 data = (struct setup_data *)(unsigned long)data->next;
152
153 for_each_efi_handle(h, pci_handle, size, i) {
154 efi_pci_io_protocol_t *pci = NULL;
155 struct pci_setup_rom *rom;
156
157 status = efi_bs_call(handle_protocol, h, &pci_proto,
158 (void **)&pci);
159 if (status != EFI_SUCCESS || !pci)
160 continue;
161
162 status = preserve_pci_rom_image(pci, &rom);
163 if (status != EFI_SUCCESS)
164 continue;
165
166 if (data)
167 data->next = (unsigned long)rom;
168 else
169 params->hdr.setup_data = (unsigned long)rom;
170
171 data = (struct setup_data *)rom;
172 }
173
174free_handle:
175 efi_bs_call(free_pool, pci_handle);
176}
177
178static void retrieve_apple_device_properties(struct boot_params *boot_params)
179{
180 efi_guid_t guid = APPLE_PROPERTIES_PROTOCOL_GUID;
181 struct setup_data *data, *new;
182 efi_status_t status;
183 u32 size = 0;
184 apple_properties_protocol_t *p;
185
186 status = efi_bs_call(locate_protocol, &guid, NULL, (void **)&p);
187 if (status != EFI_SUCCESS)
188 return;
189
190 if (efi_table_attr(p, version) != 0x10000) {
191 efi_err("Unsupported properties proto version\n");
192 return;
193 }
194
195 efi_call_proto(p, get_all, NULL, &size);
196 if (!size)
197 return;
198
199 do {
200 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA,
201 size + sizeof(struct setup_data),
202 (void **)&new);
203 if (status != EFI_SUCCESS) {
204 efi_err("Failed to allocate memory for 'properties'\n");
205 return;
206 }
207
208 status = efi_call_proto(p, get_all, new->data, &size);
209
210 if (status == EFI_BUFFER_TOO_SMALL)
211 efi_bs_call(free_pool, new);
212 } while (status == EFI_BUFFER_TOO_SMALL);
213
214 new->type = SETUP_APPLE_PROPERTIES;
215 new->len = size;
216 new->next = 0;
217
218 data = (struct setup_data *)(unsigned long)boot_params->hdr.setup_data;
219 if (!data) {
220 boot_params->hdr.setup_data = (unsigned long)new;
221 } else {
222 while (data->next)
223 data = (struct setup_data *)(unsigned long)data->next;
224 data->next = (unsigned long)new;
225 }
226}
227
228efi_status_t efi_adjust_memory_range_protection(unsigned long start,
229 unsigned long size)
230{
231 efi_status_t status;
232 efi_gcd_memory_space_desc_t desc;
233 unsigned long end, next;
234 unsigned long rounded_start, rounded_end;
235 unsigned long unprotect_start, unprotect_size;
236
237 rounded_start = rounddown(start, EFI_PAGE_SIZE);
238 rounded_end = roundup(start + size, EFI_PAGE_SIZE);
239
240 if (memattr != NULL) {
241 status = efi_call_proto(memattr, set_memory_attributes,
242 rounded_start,
243 rounded_end - rounded_start,
244 EFI_MEMORY_RO);
245 if (status != EFI_SUCCESS) {
246 efi_warn("Failed to set EFI_MEMORY_RO attribute\n");
247 return status;
248 }
249
250 status = efi_call_proto(memattr, clear_memory_attributes,
251 rounded_start,
252 rounded_end - rounded_start,
253 EFI_MEMORY_XP);
254 if (status != EFI_SUCCESS)
255 efi_warn("Failed to clear EFI_MEMORY_XP attribute\n");
256 return status;
257 }
258
259 if (efi_dxe_table == NULL)
260 return EFI_SUCCESS;
261
262 /*
263 * Don't modify memory region attributes, they are
264 * already suitable, to lower the possibility to
265 * encounter firmware bugs.
266 */
267
268 for (end = start + size; start < end; start = next) {
269
270 status = efi_dxe_call(get_memory_space_descriptor, start, &desc);
271
272 if (status != EFI_SUCCESS)
273 break;
274
275 next = desc.base_address + desc.length;
276
277 /*
278 * Only system memory is suitable for trampoline/kernel image placement,
279 * so only this type of memory needs its attributes to be modified.
280 */
281
282 if (desc.gcd_memory_type != EfiGcdMemoryTypeSystemMemory ||
283 (desc.attributes & (EFI_MEMORY_RO | EFI_MEMORY_XP)) == 0)
284 continue;
285
286 unprotect_start = max(rounded_start, (unsigned long)desc.base_address);
287 unprotect_size = min(rounded_end, next) - unprotect_start;
288
289 status = efi_dxe_call(set_memory_space_attributes,
290 unprotect_start, unprotect_size,
291 EFI_MEMORY_WB);
292
293 if (status != EFI_SUCCESS) {
294 efi_warn("Unable to unprotect memory range [%08lx,%08lx]: %lx\n",
295 unprotect_start,
296 unprotect_start + unprotect_size,
297 status);
298 break;
299 }
300 }
301 return EFI_SUCCESS;
302}
303
304static void setup_unaccepted_memory(void)
305{
306 efi_guid_t mem_acceptance_proto = OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID;
307 sev_memory_acceptance_protocol_t *proto;
308 efi_status_t status;
309
310 if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
311 return;
312
313 /*
314 * Enable unaccepted memory before calling exit boot services in order
315 * for the UEFI to not accept all memory on EBS.
316 */
317 status = efi_bs_call(locate_protocol, &mem_acceptance_proto, NULL,
318 (void **)&proto);
319 if (status != EFI_SUCCESS)
320 return;
321
322 status = efi_call_proto(proto, allow_unaccepted_memory);
323 if (status != EFI_SUCCESS)
324 efi_err("Memory acceptance protocol failed\n");
325}
326
327static efi_char16_t *efistub_fw_vendor(void)
328{
329 unsigned long vendor = efi_table_attr(efi_system_table, fw_vendor);
330
331 return (efi_char16_t *)vendor;
332}
333
334static const efi_char16_t apple[] = L"Apple";
335
336static void setup_quirks(struct boot_params *boot_params)
337{
338 if (IS_ENABLED(CONFIG_APPLE_PROPERTIES) &&
339 !memcmp(efistub_fw_vendor(), apple, sizeof(apple)))
340 retrieve_apple_device_properties(boot_params);
341}
342
343/*
344 * See if we have Universal Graphics Adapter (UGA) protocol
345 */
346static efi_status_t
347setup_uga(struct screen_info *si, efi_guid_t *uga_proto, unsigned long size)
348{
349 efi_status_t status;
350 u32 width, height;
351 void **uga_handle = NULL;
352 efi_uga_draw_protocol_t *uga = NULL, *first_uga;
353 efi_handle_t handle;
354 int i;
355
356 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
357 (void **)&uga_handle);
358 if (status != EFI_SUCCESS)
359 return status;
360
361 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
362 uga_proto, NULL, &size, uga_handle);
363 if (status != EFI_SUCCESS)
364 goto free_handle;
365
366 height = 0;
367 width = 0;
368
369 first_uga = NULL;
370 for_each_efi_handle(handle, uga_handle, size, i) {
371 efi_guid_t pciio_proto = EFI_PCI_IO_PROTOCOL_GUID;
372 u32 w, h, depth, refresh;
373 void *pciio;
374
375 status = efi_bs_call(handle_protocol, handle, uga_proto,
376 (void **)&uga);
377 if (status != EFI_SUCCESS)
378 continue;
379
380 pciio = NULL;
381 efi_bs_call(handle_protocol, handle, &pciio_proto, &pciio);
382
383 status = efi_call_proto(uga, get_mode, &w, &h, &depth, &refresh);
384 if (status == EFI_SUCCESS && (!first_uga || pciio)) {
385 width = w;
386 height = h;
387
388 /*
389 * Once we've found a UGA supporting PCIIO,
390 * don't bother looking any further.
391 */
392 if (pciio)
393 break;
394
395 first_uga = uga;
396 }
397 }
398
399 if (!width && !height)
400 goto free_handle;
401
402 /* EFI framebuffer */
403 si->orig_video_isVGA = VIDEO_TYPE_EFI;
404
405 si->lfb_depth = 32;
406 si->lfb_width = width;
407 si->lfb_height = height;
408
409 si->red_size = 8;
410 si->red_pos = 16;
411 si->green_size = 8;
412 si->green_pos = 8;
413 si->blue_size = 8;
414 si->blue_pos = 0;
415 si->rsvd_size = 8;
416 si->rsvd_pos = 24;
417
418free_handle:
419 efi_bs_call(free_pool, uga_handle);
420
421 return status;
422}
423
424static void setup_graphics(struct boot_params *boot_params)
425{
426 efi_guid_t graphics_proto = EFI_GRAPHICS_OUTPUT_PROTOCOL_GUID;
427 struct screen_info *si;
428 efi_guid_t uga_proto = EFI_UGA_PROTOCOL_GUID;
429 efi_status_t status;
430 unsigned long size;
431 void **gop_handle = NULL;
432 void **uga_handle = NULL;
433
434 si = &boot_params->screen_info;
435 memset(si, 0, sizeof(*si));
436
437 size = 0;
438 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
439 &graphics_proto, NULL, &size, gop_handle);
440 if (status == EFI_BUFFER_TOO_SMALL)
441 status = efi_setup_gop(si, &graphics_proto, size);
442
443 if (status != EFI_SUCCESS) {
444 size = 0;
445 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
446 &uga_proto, NULL, &size, uga_handle);
447 if (status == EFI_BUFFER_TOO_SMALL)
448 setup_uga(si, &uga_proto, size);
449 }
450}
451
452
453static void __noreturn efi_exit(efi_handle_t handle, efi_status_t status)
454{
455 efi_bs_call(exit, handle, status, 0, NULL);
456 for(;;)
457 asm("hlt");
458}
459
460void __noreturn efi_stub_entry(efi_handle_t handle,
461 efi_system_table_t *sys_table_arg,
462 struct boot_params *boot_params);
463
464/*
465 * Because the x86 boot code expects to be passed a boot_params we
466 * need to create one ourselves (usually the bootloader would create
467 * one for us).
468 */
469efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
470 efi_system_table_t *sys_table_arg)
471{
472 static struct boot_params boot_params __page_aligned_bss;
473 struct setup_header *hdr = &boot_params.hdr;
474 efi_guid_t proto = LOADED_IMAGE_PROTOCOL_GUID;
475 int options_size = 0;
476 efi_status_t status;
477 char *cmdline_ptr;
478
479 if (efi_is_native())
480 memset(_bss, 0, _ebss - _bss);
481
482 efi_system_table = sys_table_arg;
483
484 /* Check if we were booted by the EFI firmware */
485 if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
486 efi_exit(handle, EFI_INVALID_PARAMETER);
487
488 status = efi_bs_call(handle_protocol, handle, &proto, (void **)&image);
489 if (status != EFI_SUCCESS) {
490 efi_err("Failed to get handle for LOADED_IMAGE_PROTOCOL\n");
491 efi_exit(handle, status);
492 }
493
494 /* Assign the setup_header fields that the kernel actually cares about */
495 hdr->root_flags = 1;
496 hdr->vid_mode = 0xffff;
497
498 hdr->type_of_loader = 0x21;
499 hdr->initrd_addr_max = INT_MAX;
500
501 /* Convert unicode cmdline to ascii */
502 cmdline_ptr = efi_convert_cmdline(image, &options_size);
503 if (!cmdline_ptr)
504 goto fail;
505
506 efi_set_u64_split((unsigned long)cmdline_ptr, &hdr->cmd_line_ptr,
507 &boot_params.ext_cmd_line_ptr);
508
509 efi_stub_entry(handle, sys_table_arg, &boot_params);
510 /* not reached */
511
512fail:
513 efi_exit(handle, status);
514}
515
516static void add_e820ext(struct boot_params *params,
517 struct setup_data *e820ext, u32 nr_entries)
518{
519 struct setup_data *data;
520
521 e820ext->type = SETUP_E820_EXT;
522 e820ext->len = nr_entries * sizeof(struct boot_e820_entry);
523 e820ext->next = 0;
524
525 data = (struct setup_data *)(unsigned long)params->hdr.setup_data;
526
527 while (data && data->next)
528 data = (struct setup_data *)(unsigned long)data->next;
529
530 if (data)
531 data->next = (unsigned long)e820ext;
532 else
533 params->hdr.setup_data = (unsigned long)e820ext;
534}
535
536static efi_status_t
537setup_e820(struct boot_params *params, struct setup_data *e820ext, u32 e820ext_size)
538{
539 struct boot_e820_entry *entry = params->e820_table;
540 struct efi_info *efi = ¶ms->efi_info;
541 struct boot_e820_entry *prev = NULL;
542 u32 nr_entries;
543 u32 nr_desc;
544 int i;
545
546 nr_entries = 0;
547 nr_desc = efi->efi_memmap_size / efi->efi_memdesc_size;
548
549 for (i = 0; i < nr_desc; i++) {
550 efi_memory_desc_t *d;
551 unsigned int e820_type = 0;
552 unsigned long m = efi->efi_memmap;
553
554#ifdef CONFIG_X86_64
555 m |= (u64)efi->efi_memmap_hi << 32;
556#endif
557
558 d = efi_early_memdesc_ptr(m, efi->efi_memdesc_size, i);
559 switch (d->type) {
560 case EFI_RESERVED_TYPE:
561 case EFI_RUNTIME_SERVICES_CODE:
562 case EFI_RUNTIME_SERVICES_DATA:
563 case EFI_MEMORY_MAPPED_IO:
564 case EFI_MEMORY_MAPPED_IO_PORT_SPACE:
565 case EFI_PAL_CODE:
566 e820_type = E820_TYPE_RESERVED;
567 break;
568
569 case EFI_UNUSABLE_MEMORY:
570 e820_type = E820_TYPE_UNUSABLE;
571 break;
572
573 case EFI_ACPI_RECLAIM_MEMORY:
574 e820_type = E820_TYPE_ACPI;
575 break;
576
577 case EFI_LOADER_CODE:
578 case EFI_LOADER_DATA:
579 case EFI_BOOT_SERVICES_CODE:
580 case EFI_BOOT_SERVICES_DATA:
581 case EFI_CONVENTIONAL_MEMORY:
582 if (efi_soft_reserve_enabled() &&
583 (d->attribute & EFI_MEMORY_SP))
584 e820_type = E820_TYPE_SOFT_RESERVED;
585 else
586 e820_type = E820_TYPE_RAM;
587 break;
588
589 case EFI_ACPI_MEMORY_NVS:
590 e820_type = E820_TYPE_NVS;
591 break;
592
593 case EFI_PERSISTENT_MEMORY:
594 e820_type = E820_TYPE_PMEM;
595 break;
596
597 case EFI_UNACCEPTED_MEMORY:
598 if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
599 continue;
600 e820_type = E820_TYPE_RAM;
601 process_unaccepted_memory(d->phys_addr,
602 d->phys_addr + PAGE_SIZE * d->num_pages);
603 break;
604 default:
605 continue;
606 }
607
608 /* Merge adjacent mappings */
609 if (prev && prev->type == e820_type &&
610 (prev->addr + prev->size) == d->phys_addr) {
611 prev->size += d->num_pages << 12;
612 continue;
613 }
614
615 if (nr_entries == ARRAY_SIZE(params->e820_table)) {
616 u32 need = (nr_desc - i) * sizeof(struct e820_entry) +
617 sizeof(struct setup_data);
618
619 if (!e820ext || e820ext_size < need)
620 return EFI_BUFFER_TOO_SMALL;
621
622 /* boot_params map full, switch to e820 extended */
623 entry = (struct boot_e820_entry *)e820ext->data;
624 }
625
626 entry->addr = d->phys_addr;
627 entry->size = d->num_pages << PAGE_SHIFT;
628 entry->type = e820_type;
629 prev = entry++;
630 nr_entries++;
631 }
632
633 if (nr_entries > ARRAY_SIZE(params->e820_table)) {
634 u32 nr_e820ext = nr_entries - ARRAY_SIZE(params->e820_table);
635
636 add_e820ext(params, e820ext, nr_e820ext);
637 nr_entries -= nr_e820ext;
638 }
639
640 params->e820_entries = (u8)nr_entries;
641
642 return EFI_SUCCESS;
643}
644
645static efi_status_t alloc_e820ext(u32 nr_desc, struct setup_data **e820ext,
646 u32 *e820ext_size)
647{
648 efi_status_t status;
649 unsigned long size;
650
651 size = sizeof(struct setup_data) +
652 sizeof(struct e820_entry) * nr_desc;
653
654 if (*e820ext) {
655 efi_bs_call(free_pool, *e820ext);
656 *e820ext = NULL;
657 *e820ext_size = 0;
658 }
659
660 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
661 (void **)e820ext);
662 if (status == EFI_SUCCESS)
663 *e820ext_size = size;
664
665 return status;
666}
667
668static efi_status_t allocate_e820(struct boot_params *params,
669 struct setup_data **e820ext,
670 u32 *e820ext_size)
671{
672 struct efi_boot_memmap *map;
673 efi_status_t status;
674 __u32 nr_desc;
675
676 status = efi_get_memory_map(&map, false);
677 if (status != EFI_SUCCESS)
678 return status;
679
680 nr_desc = map->map_size / map->desc_size;
681 if (nr_desc > ARRAY_SIZE(params->e820_table) - EFI_MMAP_NR_SLACK_SLOTS) {
682 u32 nr_e820ext = nr_desc - ARRAY_SIZE(params->e820_table) +
683 EFI_MMAP_NR_SLACK_SLOTS;
684
685 status = alloc_e820ext(nr_e820ext, e820ext, e820ext_size);
686 }
687
688 if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY) && status == EFI_SUCCESS)
689 status = allocate_unaccepted_bitmap(nr_desc, map);
690
691 efi_bs_call(free_pool, map);
692 return status;
693}
694
695struct exit_boot_struct {
696 struct boot_params *boot_params;
697 struct efi_info *efi;
698};
699
700static efi_status_t exit_boot_func(struct efi_boot_memmap *map,
701 void *priv)
702{
703 const char *signature;
704 struct exit_boot_struct *p = priv;
705
706 signature = efi_is_64bit() ? EFI64_LOADER_SIGNATURE
707 : EFI32_LOADER_SIGNATURE;
708 memcpy(&p->efi->efi_loader_signature, signature, sizeof(__u32));
709
710 efi_set_u64_split((unsigned long)efi_system_table,
711 &p->efi->efi_systab, &p->efi->efi_systab_hi);
712 p->efi->efi_memdesc_size = map->desc_size;
713 p->efi->efi_memdesc_version = map->desc_ver;
714 efi_set_u64_split((unsigned long)map->map,
715 &p->efi->efi_memmap, &p->efi->efi_memmap_hi);
716 p->efi->efi_memmap_size = map->map_size;
717
718 return EFI_SUCCESS;
719}
720
721static efi_status_t exit_boot(struct boot_params *boot_params, void *handle)
722{
723 struct setup_data *e820ext = NULL;
724 __u32 e820ext_size = 0;
725 efi_status_t status;
726 struct exit_boot_struct priv;
727
728 priv.boot_params = boot_params;
729 priv.efi = &boot_params->efi_info;
730
731 status = allocate_e820(boot_params, &e820ext, &e820ext_size);
732 if (status != EFI_SUCCESS)
733 return status;
734
735 /* Might as well exit boot services now */
736 status = efi_exit_boot_services(handle, &priv, exit_boot_func);
737 if (status != EFI_SUCCESS)
738 return status;
739
740 /* Historic? */
741 boot_params->alt_mem_k = 32 * 1024;
742
743 status = setup_e820(boot_params, e820ext, e820ext_size);
744 if (status != EFI_SUCCESS)
745 return status;
746
747 return EFI_SUCCESS;
748}
749
750static bool have_unsupported_snp_features(void)
751{
752 u64 unsupported;
753
754 unsupported = snp_get_unsupported_features(sev_get_status());
755 if (unsupported) {
756 efi_err("Unsupported SEV-SNP features detected: 0x%llx\n",
757 unsupported);
758 return true;
759 }
760 return false;
761}
762
763static void efi_get_seed(void *seed, int size)
764{
765 efi_get_random_bytes(size, seed);
766
767 /*
768 * This only updates seed[0] when running on 32-bit, but in that case,
769 * seed[1] is not used anyway, as there is no virtual KASLR on 32-bit.
770 */
771 *(unsigned long *)seed ^= kaslr_get_random_long("EFI");
772}
773
774static void error(char *str)
775{
776 efi_warn("Decompression failed: %s\n", str);
777}
778
779static const char *cmdline_memmap_override;
780
781static efi_status_t parse_options(const char *cmdline)
782{
783 static const char opts[][14] = {
784 "mem=", "memmap=", "efi_fake_mem=", "hugepages="
785 };
786
787 for (int i = 0; i < ARRAY_SIZE(opts); i++) {
788 const char *p = strstr(cmdline, opts[i]);
789
790 if (p == cmdline || (p > cmdline && isspace(p[-1]))) {
791 cmdline_memmap_override = opts[i];
792 break;
793 }
794 }
795
796 return efi_parse_options(cmdline);
797}
798
799static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry)
800{
801 unsigned long virt_addr = LOAD_PHYSICAL_ADDR;
802 unsigned long addr, alloc_size, entry;
803 efi_status_t status;
804 u32 seed[2] = {};
805
806 /* determine the required size of the allocation */
807 alloc_size = ALIGN(max_t(unsigned long, output_len, kernel_total_size),
808 MIN_KERNEL_ALIGN);
809
810 if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && !efi_nokaslr) {
811 u64 range = KERNEL_IMAGE_SIZE - LOAD_PHYSICAL_ADDR - kernel_total_size;
812 static const efi_char16_t ami[] = L"American Megatrends";
813
814 efi_get_seed(seed, sizeof(seed));
815
816 virt_addr += (range * seed[1]) >> 32;
817 virt_addr &= ~(CONFIG_PHYSICAL_ALIGN - 1);
818
819 /*
820 * Older Dell systems with AMI UEFI firmware v2.0 may hang
821 * while decompressing the kernel if physical address
822 * randomization is enabled.
823 *
824 * https://bugzilla.kernel.org/show_bug.cgi?id=218173
825 */
826 if (efi_system_table->hdr.revision <= EFI_2_00_SYSTEM_TABLE_REVISION &&
827 !memcmp(efistub_fw_vendor(), ami, sizeof(ami))) {
828 efi_debug("AMI firmware v2.0 or older detected - disabling physical KASLR\n");
829 seed[0] = 0;
830 } else if (cmdline_memmap_override) {
831 efi_info("%s detected on the kernel command line - disabling physical KASLR\n",
832 cmdline_memmap_override);
833 seed[0] = 0;
834 }
835
836 boot_params_ptr->hdr.loadflags |= KASLR_FLAG;
837 }
838
839 status = efi_random_alloc(alloc_size, CONFIG_PHYSICAL_ALIGN, &addr,
840 seed[0], EFI_LOADER_CODE,
841 LOAD_PHYSICAL_ADDR,
842 EFI_X86_KERNEL_ALLOC_LIMIT);
843 if (status != EFI_SUCCESS)
844 return status;
845
846 entry = decompress_kernel((void *)addr, virt_addr, error);
847 if (entry == ULONG_MAX) {
848 efi_free(alloc_size, addr);
849 return EFI_LOAD_ERROR;
850 }
851
852 *kernel_entry = addr + entry;
853
854 return efi_adjust_memory_range_protection(addr, kernel_text_size);
855}
856
857static void __noreturn enter_kernel(unsigned long kernel_addr,
858 struct boot_params *boot_params)
859{
860 /* enter decompressed kernel with boot_params pointer in RSI/ESI */
861 asm("jmp *%0"::"r"(kernel_addr), "S"(boot_params));
862
863 unreachable();
864}
865
866/*
867 * On success, this routine will jump to the relocated image directly and never
868 * return. On failure, it will exit to the firmware via efi_exit() instead of
869 * returning.
870 */
871void __noreturn efi_stub_entry(efi_handle_t handle,
872 efi_system_table_t *sys_table_arg,
873 struct boot_params *boot_params)
874{
875 efi_guid_t guid = EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID;
876 struct setup_header *hdr = &boot_params->hdr;
877 const struct linux_efi_initrd *initrd = NULL;
878 unsigned long kernel_entry;
879 efi_status_t status;
880
881 boot_params_ptr = boot_params;
882
883 efi_system_table = sys_table_arg;
884 /* Check if we were booted by the EFI firmware */
885 if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
886 efi_exit(handle, EFI_INVALID_PARAMETER);
887
888 if (have_unsupported_snp_features())
889 efi_exit(handle, EFI_UNSUPPORTED);
890
891 if (IS_ENABLED(CONFIG_EFI_DXE_MEM_ATTRIBUTES)) {
892 efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID);
893 if (efi_dxe_table &&
894 efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) {
895 efi_warn("Ignoring DXE services table: invalid signature\n");
896 efi_dxe_table = NULL;
897 }
898 }
899
900 /* grab the memory attributes protocol if it exists */
901 efi_bs_call(locate_protocol, &guid, NULL, (void **)&memattr);
902
903 status = efi_setup_5level_paging();
904 if (status != EFI_SUCCESS) {
905 efi_err("efi_setup_5level_paging() failed!\n");
906 goto fail;
907 }
908
909#ifdef CONFIG_CMDLINE_BOOL
910 status = parse_options(CONFIG_CMDLINE);
911 if (status != EFI_SUCCESS) {
912 efi_err("Failed to parse options\n");
913 goto fail;
914 }
915#endif
916 if (!IS_ENABLED(CONFIG_CMDLINE_OVERRIDE)) {
917 unsigned long cmdline_paddr = ((u64)hdr->cmd_line_ptr |
918 ((u64)boot_params->ext_cmd_line_ptr << 32));
919 status = parse_options((char *)cmdline_paddr);
920 if (status != EFI_SUCCESS) {
921 efi_err("Failed to parse options\n");
922 goto fail;
923 }
924 }
925
926 if (efi_mem_encrypt > 0)
927 hdr->xloadflags |= XLF_MEM_ENCRYPTION;
928
929 status = efi_decompress_kernel(&kernel_entry);
930 if (status != EFI_SUCCESS) {
931 efi_err("Failed to decompress kernel\n");
932 goto fail;
933 }
934
935 /*
936 * At this point, an initrd may already have been loaded by the
937 * bootloader and passed via bootparams. We permit an initrd loaded
938 * from the LINUX_EFI_INITRD_MEDIA_GUID device path to supersede it.
939 *
940 * If the device path is not present, any command-line initrd=
941 * arguments will be processed only if image is not NULL, which will be
942 * the case only if we were loaded via the PE entry point.
943 */
944 status = efi_load_initrd(image, hdr->initrd_addr_max, ULONG_MAX,
945 &initrd);
946 if (status != EFI_SUCCESS)
947 goto fail;
948 if (initrd && initrd->size > 0) {
949 efi_set_u64_split(initrd->base, &hdr->ramdisk_image,
950 &boot_params->ext_ramdisk_image);
951 efi_set_u64_split(initrd->size, &hdr->ramdisk_size,
952 &boot_params->ext_ramdisk_size);
953 }
954
955
956 /*
957 * If the boot loader gave us a value for secure_boot then we use that,
958 * otherwise we ask the BIOS.
959 */
960 if (boot_params->secure_boot == efi_secureboot_mode_unset)
961 boot_params->secure_boot = efi_get_secureboot();
962
963 /* Ask the firmware to clear memory on unclean shutdown */
964 efi_enable_reset_attack_mitigation();
965
966 efi_random_get_seed();
967
968 efi_retrieve_eventlog();
969
970 setup_graphics(boot_params);
971
972 setup_efi_pci(boot_params);
973
974 setup_quirks(boot_params);
975
976 setup_unaccepted_memory();
977
978 status = exit_boot(boot_params, handle);
979 if (status != EFI_SUCCESS) {
980 efi_err("exit_boot() failed!\n");
981 goto fail;
982 }
983
984 /*
985 * Call the SEV init code while still running with the firmware's
986 * GDT/IDT, so #VC exceptions will be handled by EFI.
987 */
988 sev_enable(boot_params);
989
990 efi_5level_switch();
991
992 enter_kernel(kernel_entry, boot_params);
993fail:
994 efi_err("efi_stub_entry() failed!\n");
995
996 efi_exit(handle, status);
997}
998
999#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
1000void efi_handover_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg,
1001 struct boot_params *boot_params)
1002{
1003 memset(_bss, 0, _ebss - _bss);
1004 efi_stub_entry(handle, sys_table_arg, boot_params);
1005}
1006
1007#ifndef CONFIG_EFI_MIXED
1008extern __alias(efi_handover_entry)
1009void efi32_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg,
1010 struct boot_params *boot_params);
1011
1012extern __alias(efi_handover_entry)
1013void efi64_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg,
1014 struct boot_params *boot_params);
1015#endif
1016#endif
1// SPDX-License-Identifier: GPL-2.0-only
2
3/* -----------------------------------------------------------------------
4 *
5 * Copyright 2011 Intel Corporation; author Matt Fleming
6 *
7 * ----------------------------------------------------------------------- */
8
9#include <linux/efi.h>
10#include <linux/pci.h>
11#include <linux/stddef.h>
12
13#include <asm/efi.h>
14#include <asm/e820/types.h>
15#include <asm/setup.h>
16#include <asm/desc.h>
17#include <asm/boot.h>
18#include <asm/kaslr.h>
19#include <asm/sev.h>
20
21#include "efistub.h"
22#include "x86-stub.h"
23
24extern char _bss[], _ebss[];
25
26const efi_system_table_t *efi_system_table;
27const efi_dxe_services_table_t *efi_dxe_table;
28static efi_loaded_image_t *image = NULL;
29static efi_memory_attribute_protocol_t *memattr;
30
31typedef union sev_memory_acceptance_protocol sev_memory_acceptance_protocol_t;
32union sev_memory_acceptance_protocol {
33 struct {
34 efi_status_t (__efiapi * allow_unaccepted_memory)(
35 sev_memory_acceptance_protocol_t *);
36 };
37 struct {
38 u32 allow_unaccepted_memory;
39 } mixed_mode;
40};
41
42static efi_status_t
43preserve_pci_rom_image(efi_pci_io_protocol_t *pci, struct pci_setup_rom **__rom)
44{
45 struct pci_setup_rom *rom = NULL;
46 efi_status_t status;
47 unsigned long size;
48 uint64_t romsize;
49 void *romimage;
50
51 /*
52 * Some firmware images contain EFI function pointers at the place where
53 * the romimage and romsize fields are supposed to be. Typically the EFI
54 * code is mapped at high addresses, translating to an unrealistically
55 * large romsize. The UEFI spec limits the size of option ROMs to 16
56 * MiB so we reject any ROMs over 16 MiB in size to catch this.
57 */
58 romimage = efi_table_attr(pci, romimage);
59 romsize = efi_table_attr(pci, romsize);
60 if (!romimage || !romsize || romsize > SZ_16M)
61 return EFI_INVALID_PARAMETER;
62
63 size = romsize + sizeof(*rom);
64
65 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
66 (void **)&rom);
67 if (status != EFI_SUCCESS) {
68 efi_err("Failed to allocate memory for 'rom'\n");
69 return status;
70 }
71
72 memset(rom, 0, sizeof(*rom));
73
74 rom->data.type = SETUP_PCI;
75 rom->data.len = size - sizeof(struct setup_data);
76 rom->data.next = 0;
77 rom->pcilen = romsize;
78 *__rom = rom;
79
80 status = efi_call_proto(pci, pci.read, EfiPciIoWidthUint16,
81 PCI_VENDOR_ID, 1, &rom->vendor);
82
83 if (status != EFI_SUCCESS) {
84 efi_err("Failed to read rom->vendor\n");
85 goto free_struct;
86 }
87
88 status = efi_call_proto(pci, pci.read, EfiPciIoWidthUint16,
89 PCI_DEVICE_ID, 1, &rom->devid);
90
91 if (status != EFI_SUCCESS) {
92 efi_err("Failed to read rom->devid\n");
93 goto free_struct;
94 }
95
96 status = efi_call_proto(pci, get_location, &rom->segment, &rom->bus,
97 &rom->device, &rom->function);
98
99 if (status != EFI_SUCCESS)
100 goto free_struct;
101
102 memcpy(rom->romdata, romimage, romsize);
103 return status;
104
105free_struct:
106 efi_bs_call(free_pool, rom);
107 return status;
108}
109
110/*
111 * There's no way to return an informative status from this function,
112 * because any analysis (and printing of error messages) needs to be
113 * done directly at the EFI function call-site.
114 *
115 * For example, EFI_INVALID_PARAMETER could indicate a bug or maybe we
116 * just didn't find any PCI devices, but there's no way to tell outside
117 * the context of the call.
118 */
119static void setup_efi_pci(struct boot_params *params)
120{
121 efi_status_t status;
122 void **pci_handle = NULL;
123 efi_guid_t pci_proto = EFI_PCI_IO_PROTOCOL_GUID;
124 unsigned long size = 0;
125 struct setup_data *data;
126 efi_handle_t h;
127 int i;
128
129 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
130 &pci_proto, NULL, &size, pci_handle);
131
132 if (status == EFI_BUFFER_TOO_SMALL) {
133 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
134 (void **)&pci_handle);
135
136 if (status != EFI_SUCCESS) {
137 efi_err("Failed to allocate memory for 'pci_handle'\n");
138 return;
139 }
140
141 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
142 &pci_proto, NULL, &size, pci_handle);
143 }
144
145 if (status != EFI_SUCCESS)
146 goto free_handle;
147
148 data = (struct setup_data *)(unsigned long)params->hdr.setup_data;
149
150 while (data && data->next)
151 data = (struct setup_data *)(unsigned long)data->next;
152
153 for_each_efi_handle(h, pci_handle, size, i) {
154 efi_pci_io_protocol_t *pci = NULL;
155 struct pci_setup_rom *rom;
156
157 status = efi_bs_call(handle_protocol, h, &pci_proto,
158 (void **)&pci);
159 if (status != EFI_SUCCESS || !pci)
160 continue;
161
162 status = preserve_pci_rom_image(pci, &rom);
163 if (status != EFI_SUCCESS)
164 continue;
165
166 if (data)
167 data->next = (unsigned long)rom;
168 else
169 params->hdr.setup_data = (unsigned long)rom;
170
171 data = (struct setup_data *)rom;
172 }
173
174free_handle:
175 efi_bs_call(free_pool, pci_handle);
176}
177
178static void retrieve_apple_device_properties(struct boot_params *boot_params)
179{
180 efi_guid_t guid = APPLE_PROPERTIES_PROTOCOL_GUID;
181 struct setup_data *data, *new;
182 efi_status_t status;
183 u32 size = 0;
184 apple_properties_protocol_t *p;
185
186 status = efi_bs_call(locate_protocol, &guid, NULL, (void **)&p);
187 if (status != EFI_SUCCESS)
188 return;
189
190 if (efi_table_attr(p, version) != 0x10000) {
191 efi_err("Unsupported properties proto version\n");
192 return;
193 }
194
195 efi_call_proto(p, get_all, NULL, &size);
196 if (!size)
197 return;
198
199 do {
200 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA,
201 size + sizeof(struct setup_data),
202 (void **)&new);
203 if (status != EFI_SUCCESS) {
204 efi_err("Failed to allocate memory for 'properties'\n");
205 return;
206 }
207
208 status = efi_call_proto(p, get_all, new->data, &size);
209
210 if (status == EFI_BUFFER_TOO_SMALL)
211 efi_bs_call(free_pool, new);
212 } while (status == EFI_BUFFER_TOO_SMALL);
213
214 new->type = SETUP_APPLE_PROPERTIES;
215 new->len = size;
216 new->next = 0;
217
218 data = (struct setup_data *)(unsigned long)boot_params->hdr.setup_data;
219 if (!data) {
220 boot_params->hdr.setup_data = (unsigned long)new;
221 } else {
222 while (data->next)
223 data = (struct setup_data *)(unsigned long)data->next;
224 data->next = (unsigned long)new;
225 }
226}
227
228static bool apple_match_product_name(void)
229{
230 static const char type1_product_matches[][15] = {
231 "MacBookPro11,3",
232 "MacBookPro11,5",
233 "MacBookPro13,3",
234 "MacBookPro14,3",
235 "MacBookPro15,1",
236 "MacBookPro15,3",
237 "MacBookPro16,1",
238 "MacBookPro16,4",
239 };
240 const struct efi_smbios_type1_record *record;
241 const u8 *product;
242
243 record = (struct efi_smbios_type1_record *)efi_get_smbios_record(1);
244 if (!record)
245 return false;
246
247 product = efi_get_smbios_string(record, product_name);
248 if (!product)
249 return false;
250
251 for (int i = 0; i < ARRAY_SIZE(type1_product_matches); i++) {
252 if (!strcmp(product, type1_product_matches[i]))
253 return true;
254 }
255
256 return false;
257}
258
259static void apple_set_os(void)
260{
261 struct {
262 unsigned long version;
263 efi_status_t (__efiapi *set_os_version)(const char *);
264 efi_status_t (__efiapi *set_os_vendor)(const char *);
265 } *set_os;
266 efi_status_t status;
267
268 if (!efi_is_64bit() || !apple_match_product_name())
269 return;
270
271 status = efi_bs_call(locate_protocol, &APPLE_SET_OS_PROTOCOL_GUID, NULL,
272 (void **)&set_os);
273 if (status != EFI_SUCCESS)
274 return;
275
276 if (set_os->version >= 2) {
277 status = set_os->set_os_vendor("Apple Inc.");
278 if (status != EFI_SUCCESS)
279 efi_err("Failed to set OS vendor via apple_set_os\n");
280 }
281
282 if (set_os->version > 0) {
283 /* The version being set doesn't seem to matter */
284 status = set_os->set_os_version("Mac OS X 10.9");
285 if (status != EFI_SUCCESS)
286 efi_err("Failed to set OS version via apple_set_os\n");
287 }
288}
289
290efi_status_t efi_adjust_memory_range_protection(unsigned long start,
291 unsigned long size)
292{
293 efi_status_t status;
294 efi_gcd_memory_space_desc_t desc;
295 unsigned long end, next;
296 unsigned long rounded_start, rounded_end;
297 unsigned long unprotect_start, unprotect_size;
298
299 rounded_start = rounddown(start, EFI_PAGE_SIZE);
300 rounded_end = roundup(start + size, EFI_PAGE_SIZE);
301
302 if (memattr != NULL) {
303 status = efi_call_proto(memattr, set_memory_attributes,
304 rounded_start,
305 rounded_end - rounded_start,
306 EFI_MEMORY_RO);
307 if (status != EFI_SUCCESS) {
308 efi_warn("Failed to set EFI_MEMORY_RO attribute\n");
309 return status;
310 }
311
312 status = efi_call_proto(memattr, clear_memory_attributes,
313 rounded_start,
314 rounded_end - rounded_start,
315 EFI_MEMORY_XP);
316 if (status != EFI_SUCCESS)
317 efi_warn("Failed to clear EFI_MEMORY_XP attribute\n");
318 return status;
319 }
320
321 if (efi_dxe_table == NULL)
322 return EFI_SUCCESS;
323
324 /*
325 * Don't modify memory region attributes, they are
326 * already suitable, to lower the possibility to
327 * encounter firmware bugs.
328 */
329
330 for (end = start + size; start < end; start = next) {
331
332 status = efi_dxe_call(get_memory_space_descriptor, start, &desc);
333
334 if (status != EFI_SUCCESS)
335 break;
336
337 next = desc.base_address + desc.length;
338
339 /*
340 * Only system memory is suitable for trampoline/kernel image placement,
341 * so only this type of memory needs its attributes to be modified.
342 */
343
344 if (desc.gcd_memory_type != EfiGcdMemoryTypeSystemMemory ||
345 (desc.attributes & (EFI_MEMORY_RO | EFI_MEMORY_XP)) == 0)
346 continue;
347
348 unprotect_start = max(rounded_start, (unsigned long)desc.base_address);
349 unprotect_size = min(rounded_end, next) - unprotect_start;
350
351 status = efi_dxe_call(set_memory_space_attributes,
352 unprotect_start, unprotect_size,
353 EFI_MEMORY_WB);
354
355 if (status != EFI_SUCCESS) {
356 efi_warn("Unable to unprotect memory range [%08lx,%08lx]: %lx\n",
357 unprotect_start,
358 unprotect_start + unprotect_size,
359 status);
360 break;
361 }
362 }
363 return EFI_SUCCESS;
364}
365
366static void setup_unaccepted_memory(void)
367{
368 efi_guid_t mem_acceptance_proto = OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID;
369 sev_memory_acceptance_protocol_t *proto;
370 efi_status_t status;
371
372 if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
373 return;
374
375 /*
376 * Enable unaccepted memory before calling exit boot services in order
377 * for the UEFI to not accept all memory on EBS.
378 */
379 status = efi_bs_call(locate_protocol, &mem_acceptance_proto, NULL,
380 (void **)&proto);
381 if (status != EFI_SUCCESS)
382 return;
383
384 status = efi_call_proto(proto, allow_unaccepted_memory);
385 if (status != EFI_SUCCESS)
386 efi_err("Memory acceptance protocol failed\n");
387}
388
389static efi_char16_t *efistub_fw_vendor(void)
390{
391 unsigned long vendor = efi_table_attr(efi_system_table, fw_vendor);
392
393 return (efi_char16_t *)vendor;
394}
395
396static const efi_char16_t apple[] = L"Apple";
397
398static void setup_quirks(struct boot_params *boot_params)
399{
400 if (!memcmp(efistub_fw_vendor(), apple, sizeof(apple))) {
401 if (IS_ENABLED(CONFIG_APPLE_PROPERTIES))
402 retrieve_apple_device_properties(boot_params);
403
404 apple_set_os();
405 }
406}
407
408/*
409 * See if we have Universal Graphics Adapter (UGA) protocol
410 */
411static efi_status_t
412setup_uga(struct screen_info *si, efi_guid_t *uga_proto, unsigned long size)
413{
414 efi_status_t status;
415 u32 width, height;
416 void **uga_handle = NULL;
417 efi_uga_draw_protocol_t *uga = NULL, *first_uga;
418 efi_handle_t handle;
419 int i;
420
421 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
422 (void **)&uga_handle);
423 if (status != EFI_SUCCESS)
424 return status;
425
426 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
427 uga_proto, NULL, &size, uga_handle);
428 if (status != EFI_SUCCESS)
429 goto free_handle;
430
431 height = 0;
432 width = 0;
433
434 first_uga = NULL;
435 for_each_efi_handle(handle, uga_handle, size, i) {
436 efi_guid_t pciio_proto = EFI_PCI_IO_PROTOCOL_GUID;
437 u32 w, h, depth, refresh;
438 void *pciio;
439
440 status = efi_bs_call(handle_protocol, handle, uga_proto,
441 (void **)&uga);
442 if (status != EFI_SUCCESS)
443 continue;
444
445 pciio = NULL;
446 efi_bs_call(handle_protocol, handle, &pciio_proto, &pciio);
447
448 status = efi_call_proto(uga, get_mode, &w, &h, &depth, &refresh);
449 if (status == EFI_SUCCESS && (!first_uga || pciio)) {
450 width = w;
451 height = h;
452
453 /*
454 * Once we've found a UGA supporting PCIIO,
455 * don't bother looking any further.
456 */
457 if (pciio)
458 break;
459
460 first_uga = uga;
461 }
462 }
463
464 if (!width && !height)
465 goto free_handle;
466
467 /* EFI framebuffer */
468 si->orig_video_isVGA = VIDEO_TYPE_EFI;
469
470 si->lfb_depth = 32;
471 si->lfb_width = width;
472 si->lfb_height = height;
473
474 si->red_size = 8;
475 si->red_pos = 16;
476 si->green_size = 8;
477 si->green_pos = 8;
478 si->blue_size = 8;
479 si->blue_pos = 0;
480 si->rsvd_size = 8;
481 si->rsvd_pos = 24;
482
483free_handle:
484 efi_bs_call(free_pool, uga_handle);
485
486 return status;
487}
488
489static void setup_graphics(struct boot_params *boot_params)
490{
491 efi_guid_t graphics_proto = EFI_GRAPHICS_OUTPUT_PROTOCOL_GUID;
492 struct screen_info *si;
493 efi_guid_t uga_proto = EFI_UGA_PROTOCOL_GUID;
494 efi_status_t status;
495 unsigned long size;
496 void **gop_handle = NULL;
497 void **uga_handle = NULL;
498
499 si = &boot_params->screen_info;
500 memset(si, 0, sizeof(*si));
501
502 size = 0;
503 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
504 &graphics_proto, NULL, &size, gop_handle);
505 if (status == EFI_BUFFER_TOO_SMALL)
506 status = efi_setup_gop(si, &graphics_proto, size);
507
508 if (status != EFI_SUCCESS) {
509 size = 0;
510 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL,
511 &uga_proto, NULL, &size, uga_handle);
512 if (status == EFI_BUFFER_TOO_SMALL)
513 setup_uga(si, &uga_proto, size);
514 }
515}
516
517
518static void __noreturn efi_exit(efi_handle_t handle, efi_status_t status)
519{
520 efi_bs_call(exit, handle, status, 0, NULL);
521 for(;;)
522 asm("hlt");
523}
524
525void __noreturn efi_stub_entry(efi_handle_t handle,
526 efi_system_table_t *sys_table_arg,
527 struct boot_params *boot_params);
528
529/*
530 * Because the x86 boot code expects to be passed a boot_params we
531 * need to create one ourselves (usually the bootloader would create
532 * one for us).
533 */
534efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
535 efi_system_table_t *sys_table_arg)
536{
537 efi_guid_t proto = LOADED_IMAGE_PROTOCOL_GUID;
538 struct boot_params *boot_params;
539 struct setup_header *hdr;
540 efi_status_t status;
541 unsigned long alloc;
542 char *cmdline_ptr;
543
544 efi_system_table = sys_table_arg;
545
546 /* Check if we were booted by the EFI firmware */
547 if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
548 efi_exit(handle, EFI_INVALID_PARAMETER);
549
550 status = efi_bs_call(handle_protocol, handle, &proto, (void **)&image);
551 if (status != EFI_SUCCESS) {
552 efi_err("Failed to get handle for LOADED_IMAGE_PROTOCOL\n");
553 efi_exit(handle, status);
554 }
555
556 status = efi_allocate_pages(PARAM_SIZE, &alloc, ULONG_MAX);
557 if (status != EFI_SUCCESS)
558 efi_exit(handle, status);
559
560 boot_params = memset((void *)alloc, 0x0, PARAM_SIZE);
561 hdr = &boot_params->hdr;
562
563 /* Assign the setup_header fields that the kernel actually cares about */
564 hdr->root_flags = 1;
565 hdr->vid_mode = 0xffff;
566
567 hdr->type_of_loader = 0x21;
568 hdr->initrd_addr_max = INT_MAX;
569
570 /* Convert unicode cmdline to ascii */
571 cmdline_ptr = efi_convert_cmdline(image);
572 if (!cmdline_ptr) {
573 efi_free(PARAM_SIZE, alloc);
574 efi_exit(handle, EFI_OUT_OF_RESOURCES);
575 }
576
577 efi_set_u64_split((unsigned long)cmdline_ptr, &hdr->cmd_line_ptr,
578 &boot_params->ext_cmd_line_ptr);
579
580 efi_stub_entry(handle, sys_table_arg, boot_params);
581 /* not reached */
582}
583
584static void add_e820ext(struct boot_params *params,
585 struct setup_data *e820ext, u32 nr_entries)
586{
587 struct setup_data *data;
588
589 e820ext->type = SETUP_E820_EXT;
590 e820ext->len = nr_entries * sizeof(struct boot_e820_entry);
591 e820ext->next = 0;
592
593 data = (struct setup_data *)(unsigned long)params->hdr.setup_data;
594
595 while (data && data->next)
596 data = (struct setup_data *)(unsigned long)data->next;
597
598 if (data)
599 data->next = (unsigned long)e820ext;
600 else
601 params->hdr.setup_data = (unsigned long)e820ext;
602}
603
604static efi_status_t
605setup_e820(struct boot_params *params, struct setup_data *e820ext, u32 e820ext_size)
606{
607 struct boot_e820_entry *entry = params->e820_table;
608 struct efi_info *efi = ¶ms->efi_info;
609 struct boot_e820_entry *prev = NULL;
610 u32 nr_entries;
611 u32 nr_desc;
612 int i;
613
614 nr_entries = 0;
615 nr_desc = efi->efi_memmap_size / efi->efi_memdesc_size;
616
617 for (i = 0; i < nr_desc; i++) {
618 efi_memory_desc_t *d;
619 unsigned int e820_type = 0;
620 unsigned long m = efi->efi_memmap;
621
622#ifdef CONFIG_X86_64
623 m |= (u64)efi->efi_memmap_hi << 32;
624#endif
625
626 d = efi_memdesc_ptr(m, efi->efi_memdesc_size, i);
627 switch (d->type) {
628 case EFI_RESERVED_TYPE:
629 case EFI_RUNTIME_SERVICES_CODE:
630 case EFI_RUNTIME_SERVICES_DATA:
631 case EFI_MEMORY_MAPPED_IO:
632 case EFI_MEMORY_MAPPED_IO_PORT_SPACE:
633 case EFI_PAL_CODE:
634 e820_type = E820_TYPE_RESERVED;
635 break;
636
637 case EFI_UNUSABLE_MEMORY:
638 e820_type = E820_TYPE_UNUSABLE;
639 break;
640
641 case EFI_ACPI_RECLAIM_MEMORY:
642 e820_type = E820_TYPE_ACPI;
643 break;
644
645 case EFI_LOADER_CODE:
646 case EFI_LOADER_DATA:
647 case EFI_BOOT_SERVICES_CODE:
648 case EFI_BOOT_SERVICES_DATA:
649 case EFI_CONVENTIONAL_MEMORY:
650 if (efi_soft_reserve_enabled() &&
651 (d->attribute & EFI_MEMORY_SP))
652 e820_type = E820_TYPE_SOFT_RESERVED;
653 else
654 e820_type = E820_TYPE_RAM;
655 break;
656
657 case EFI_ACPI_MEMORY_NVS:
658 e820_type = E820_TYPE_NVS;
659 break;
660
661 case EFI_PERSISTENT_MEMORY:
662 e820_type = E820_TYPE_PMEM;
663 break;
664
665 case EFI_UNACCEPTED_MEMORY:
666 if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
667 continue;
668 e820_type = E820_TYPE_RAM;
669 process_unaccepted_memory(d->phys_addr,
670 d->phys_addr + PAGE_SIZE * d->num_pages);
671 break;
672 default:
673 continue;
674 }
675
676 /* Merge adjacent mappings */
677 if (prev && prev->type == e820_type &&
678 (prev->addr + prev->size) == d->phys_addr) {
679 prev->size += d->num_pages << 12;
680 continue;
681 }
682
683 if (nr_entries == ARRAY_SIZE(params->e820_table)) {
684 u32 need = (nr_desc - i) * sizeof(struct e820_entry) +
685 sizeof(struct setup_data);
686
687 if (!e820ext || e820ext_size < need)
688 return EFI_BUFFER_TOO_SMALL;
689
690 /* boot_params map full, switch to e820 extended */
691 entry = (struct boot_e820_entry *)e820ext->data;
692 }
693
694 entry->addr = d->phys_addr;
695 entry->size = d->num_pages << PAGE_SHIFT;
696 entry->type = e820_type;
697 prev = entry++;
698 nr_entries++;
699 }
700
701 if (nr_entries > ARRAY_SIZE(params->e820_table)) {
702 u32 nr_e820ext = nr_entries - ARRAY_SIZE(params->e820_table);
703
704 add_e820ext(params, e820ext, nr_e820ext);
705 nr_entries -= nr_e820ext;
706 }
707
708 params->e820_entries = (u8)nr_entries;
709
710 return EFI_SUCCESS;
711}
712
713static efi_status_t alloc_e820ext(u32 nr_desc, struct setup_data **e820ext,
714 u32 *e820ext_size)
715{
716 efi_status_t status;
717 unsigned long size;
718
719 size = sizeof(struct setup_data) +
720 sizeof(struct e820_entry) * nr_desc;
721
722 if (*e820ext) {
723 efi_bs_call(free_pool, *e820ext);
724 *e820ext = NULL;
725 *e820ext_size = 0;
726 }
727
728 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size,
729 (void **)e820ext);
730 if (status == EFI_SUCCESS)
731 *e820ext_size = size;
732
733 return status;
734}
735
736static efi_status_t allocate_e820(struct boot_params *params,
737 struct setup_data **e820ext,
738 u32 *e820ext_size)
739{
740 struct efi_boot_memmap *map;
741 efi_status_t status;
742 __u32 nr_desc;
743
744 status = efi_get_memory_map(&map, false);
745 if (status != EFI_SUCCESS)
746 return status;
747
748 nr_desc = map->map_size / map->desc_size;
749 if (nr_desc > ARRAY_SIZE(params->e820_table) - EFI_MMAP_NR_SLACK_SLOTS) {
750 u32 nr_e820ext = nr_desc - ARRAY_SIZE(params->e820_table) +
751 EFI_MMAP_NR_SLACK_SLOTS;
752
753 status = alloc_e820ext(nr_e820ext, e820ext, e820ext_size);
754 }
755
756 if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY) && status == EFI_SUCCESS)
757 status = allocate_unaccepted_bitmap(nr_desc, map);
758
759 efi_bs_call(free_pool, map);
760 return status;
761}
762
763struct exit_boot_struct {
764 struct boot_params *boot_params;
765 struct efi_info *efi;
766};
767
768static efi_status_t exit_boot_func(struct efi_boot_memmap *map,
769 void *priv)
770{
771 const char *signature;
772 struct exit_boot_struct *p = priv;
773
774 signature = efi_is_64bit() ? EFI64_LOADER_SIGNATURE
775 : EFI32_LOADER_SIGNATURE;
776 memcpy(&p->efi->efi_loader_signature, signature, sizeof(__u32));
777
778 efi_set_u64_split((unsigned long)efi_system_table,
779 &p->efi->efi_systab, &p->efi->efi_systab_hi);
780 p->efi->efi_memdesc_size = map->desc_size;
781 p->efi->efi_memdesc_version = map->desc_ver;
782 efi_set_u64_split((unsigned long)map->map,
783 &p->efi->efi_memmap, &p->efi->efi_memmap_hi);
784 p->efi->efi_memmap_size = map->map_size;
785
786 return EFI_SUCCESS;
787}
788
789static efi_status_t exit_boot(struct boot_params *boot_params, void *handle)
790{
791 struct setup_data *e820ext = NULL;
792 __u32 e820ext_size = 0;
793 efi_status_t status;
794 struct exit_boot_struct priv;
795
796 priv.boot_params = boot_params;
797 priv.efi = &boot_params->efi_info;
798
799 status = allocate_e820(boot_params, &e820ext, &e820ext_size);
800 if (status != EFI_SUCCESS)
801 return status;
802
803 /* Might as well exit boot services now */
804 status = efi_exit_boot_services(handle, &priv, exit_boot_func);
805 if (status != EFI_SUCCESS)
806 return status;
807
808 /* Historic? */
809 boot_params->alt_mem_k = 32 * 1024;
810
811 status = setup_e820(boot_params, e820ext, e820ext_size);
812 if (status != EFI_SUCCESS)
813 return status;
814
815 return EFI_SUCCESS;
816}
817
818static bool have_unsupported_snp_features(void)
819{
820 u64 unsupported;
821
822 unsupported = snp_get_unsupported_features(sev_get_status());
823 if (unsupported) {
824 efi_err("Unsupported SEV-SNP features detected: 0x%llx\n",
825 unsupported);
826 return true;
827 }
828 return false;
829}
830
831static void efi_get_seed(void *seed, int size)
832{
833 efi_get_random_bytes(size, seed);
834
835 /*
836 * This only updates seed[0] when running on 32-bit, but in that case,
837 * seed[1] is not used anyway, as there is no virtual KASLR on 32-bit.
838 */
839 *(unsigned long *)seed ^= kaslr_get_random_long("EFI");
840}
841
842static void error(char *str)
843{
844 efi_warn("Decompression failed: %s\n", str);
845}
846
847static const char *cmdline_memmap_override;
848
849static efi_status_t parse_options(const char *cmdline)
850{
851 static const char opts[][14] = {
852 "mem=", "memmap=", "hugepages="
853 };
854
855 for (int i = 0; i < ARRAY_SIZE(opts); i++) {
856 const char *p = strstr(cmdline, opts[i]);
857
858 if (p == cmdline || (p > cmdline && isspace(p[-1]))) {
859 cmdline_memmap_override = opts[i];
860 break;
861 }
862 }
863
864 return efi_parse_options(cmdline);
865}
866
867static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry)
868{
869 unsigned long virt_addr = LOAD_PHYSICAL_ADDR;
870 unsigned long addr, alloc_size, entry;
871 efi_status_t status;
872 u32 seed[2] = {};
873
874 /* determine the required size of the allocation */
875 alloc_size = ALIGN(max_t(unsigned long, output_len, kernel_total_size),
876 MIN_KERNEL_ALIGN);
877
878 if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && !efi_nokaslr) {
879 u64 range = KERNEL_IMAGE_SIZE - LOAD_PHYSICAL_ADDR - kernel_total_size;
880 static const efi_char16_t ami[] = L"American Megatrends";
881
882 efi_get_seed(seed, sizeof(seed));
883
884 virt_addr += (range * seed[1]) >> 32;
885 virt_addr &= ~(CONFIG_PHYSICAL_ALIGN - 1);
886
887 /*
888 * Older Dell systems with AMI UEFI firmware v2.0 may hang
889 * while decompressing the kernel if physical address
890 * randomization is enabled.
891 *
892 * https://bugzilla.kernel.org/show_bug.cgi?id=218173
893 */
894 if (efi_system_table->hdr.revision <= EFI_2_00_SYSTEM_TABLE_REVISION &&
895 !memcmp(efistub_fw_vendor(), ami, sizeof(ami))) {
896 efi_debug("AMI firmware v2.0 or older detected - disabling physical KASLR\n");
897 seed[0] = 0;
898 } else if (cmdline_memmap_override) {
899 efi_info("%s detected on the kernel command line - disabling physical KASLR\n",
900 cmdline_memmap_override);
901 seed[0] = 0;
902 }
903
904 boot_params_ptr->hdr.loadflags |= KASLR_FLAG;
905 }
906
907 status = efi_random_alloc(alloc_size, CONFIG_PHYSICAL_ALIGN, &addr,
908 seed[0], EFI_LOADER_CODE,
909 LOAD_PHYSICAL_ADDR,
910 EFI_X86_KERNEL_ALLOC_LIMIT);
911 if (status != EFI_SUCCESS)
912 return status;
913
914 entry = decompress_kernel((void *)addr, virt_addr, error);
915 if (entry == ULONG_MAX) {
916 efi_free(alloc_size, addr);
917 return EFI_LOAD_ERROR;
918 }
919
920 *kernel_entry = addr + entry;
921
922 return efi_adjust_memory_range_protection(addr, kernel_text_size);
923}
924
925static void __noreturn enter_kernel(unsigned long kernel_addr,
926 struct boot_params *boot_params)
927{
928 /* enter decompressed kernel with boot_params pointer in RSI/ESI */
929 asm("jmp *%0"::"r"(kernel_addr), "S"(boot_params));
930
931 unreachable();
932}
933
934/*
935 * On success, this routine will jump to the relocated image directly and never
936 * return. On failure, it will exit to the firmware via efi_exit() instead of
937 * returning.
938 */
939void __noreturn efi_stub_entry(efi_handle_t handle,
940 efi_system_table_t *sys_table_arg,
941 struct boot_params *boot_params)
942{
943 efi_guid_t guid = EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID;
944 struct setup_header *hdr = &boot_params->hdr;
945 const struct linux_efi_initrd *initrd = NULL;
946 unsigned long kernel_entry;
947 efi_status_t status;
948
949 boot_params_ptr = boot_params;
950
951 efi_system_table = sys_table_arg;
952 /* Check if we were booted by the EFI firmware */
953 if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
954 efi_exit(handle, EFI_INVALID_PARAMETER);
955
956 if (have_unsupported_snp_features())
957 efi_exit(handle, EFI_UNSUPPORTED);
958
959 if (IS_ENABLED(CONFIG_EFI_DXE_MEM_ATTRIBUTES)) {
960 efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID);
961 if (efi_dxe_table &&
962 efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) {
963 efi_warn("Ignoring DXE services table: invalid signature\n");
964 efi_dxe_table = NULL;
965 }
966 }
967
968 /* grab the memory attributes protocol if it exists */
969 efi_bs_call(locate_protocol, &guid, NULL, (void **)&memattr);
970
971 status = efi_setup_5level_paging();
972 if (status != EFI_SUCCESS) {
973 efi_err("efi_setup_5level_paging() failed!\n");
974 goto fail;
975 }
976
977#ifdef CONFIG_CMDLINE_BOOL
978 status = parse_options(CONFIG_CMDLINE);
979 if (status != EFI_SUCCESS) {
980 efi_err("Failed to parse options\n");
981 goto fail;
982 }
983#endif
984 if (!IS_ENABLED(CONFIG_CMDLINE_OVERRIDE)) {
985 unsigned long cmdline_paddr = ((u64)hdr->cmd_line_ptr |
986 ((u64)boot_params->ext_cmd_line_ptr << 32));
987 status = parse_options((char *)cmdline_paddr);
988 if (status != EFI_SUCCESS) {
989 efi_err("Failed to parse options\n");
990 goto fail;
991 }
992 }
993
994 if (efi_mem_encrypt > 0)
995 hdr->xloadflags |= XLF_MEM_ENCRYPTION;
996
997 status = efi_decompress_kernel(&kernel_entry);
998 if (status != EFI_SUCCESS) {
999 efi_err("Failed to decompress kernel\n");
1000 goto fail;
1001 }
1002
1003 /*
1004 * At this point, an initrd may already have been loaded by the
1005 * bootloader and passed via bootparams. We permit an initrd loaded
1006 * from the LINUX_EFI_INITRD_MEDIA_GUID device path to supersede it.
1007 *
1008 * If the device path is not present, any command-line initrd=
1009 * arguments will be processed only if image is not NULL, which will be
1010 * the case only if we were loaded via the PE entry point.
1011 */
1012 status = efi_load_initrd(image, hdr->initrd_addr_max, ULONG_MAX,
1013 &initrd);
1014 if (status != EFI_SUCCESS)
1015 goto fail;
1016 if (initrd && initrd->size > 0) {
1017 efi_set_u64_split(initrd->base, &hdr->ramdisk_image,
1018 &boot_params->ext_ramdisk_image);
1019 efi_set_u64_split(initrd->size, &hdr->ramdisk_size,
1020 &boot_params->ext_ramdisk_size);
1021 }
1022
1023
1024 /*
1025 * If the boot loader gave us a value for secure_boot then we use that,
1026 * otherwise we ask the BIOS.
1027 */
1028 if (boot_params->secure_boot == efi_secureboot_mode_unset)
1029 boot_params->secure_boot = efi_get_secureboot();
1030
1031 /* Ask the firmware to clear memory on unclean shutdown */
1032 efi_enable_reset_attack_mitigation();
1033
1034 efi_random_get_seed();
1035
1036 efi_retrieve_eventlog();
1037
1038 setup_graphics(boot_params);
1039
1040 setup_efi_pci(boot_params);
1041
1042 setup_quirks(boot_params);
1043
1044 setup_unaccepted_memory();
1045
1046 status = exit_boot(boot_params, handle);
1047 if (status != EFI_SUCCESS) {
1048 efi_err("exit_boot() failed!\n");
1049 goto fail;
1050 }
1051
1052 /*
1053 * Call the SEV init code while still running with the firmware's
1054 * GDT/IDT, so #VC exceptions will be handled by EFI.
1055 */
1056 sev_enable(boot_params);
1057
1058 efi_5level_switch();
1059
1060 enter_kernel(kernel_entry, boot_params);
1061fail:
1062 efi_err("efi_stub_entry() failed!\n");
1063
1064 efi_exit(handle, status);
1065}
1066
1067#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
1068void efi_handover_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg,
1069 struct boot_params *boot_params)
1070{
1071 memset(_bss, 0, _ebss - _bss);
1072 efi_stub_entry(handle, sys_table_arg, boot_params);
1073}
1074
1075#ifndef CONFIG_EFI_MIXED
1076extern __alias(efi_handover_entry)
1077void efi32_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg,
1078 struct boot_params *boot_params);
1079
1080extern __alias(efi_handover_entry)
1081void efi64_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg,
1082 struct boot_params *boot_params);
1083#endif
1084#endif