xref: /openbmc/linux/arch/arm64/kernel/efi.c (revision 9cb37357) 
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Extensible Firmware Interface
4  *
5  * Based on Extensible Firmware Interface Specification version 2.4
6  *
7  * Copyright (C) 2013, 2014 Linaro Ltd.
8  */
9 
10 #include <linux/efi.h>
11 #include <linux/init.h>
12 #include <linux/percpu.h>
13 
14 #include <asm/efi.h>
15 
16 /*
17  * Only regions of type EFI_RUNTIME_SERVICES_CODE need to be
18  * executable, everything else can be mapped with the XN bits
19  * set. Also take the new (optional) RO/XP bits into account.
20  */
21 static __init pteval_t create_mapping_protection(efi_memory_desc_t *md)
22 {
23 	u64 attr = md->attribute;
24 	u32 type = md->type;
25 
26 	if (type == EFI_MEMORY_MAPPED_IO)
27 		return PROT_DEVICE_nGnRE;
28 
29 	if (WARN_ONCE(!PAGE_ALIGNED(md->phys_addr),
30 		      "UEFI Runtime regions are not aligned to 64 KB -- buggy firmware?"))
31 		/*
32 		 * If the region is not aligned to the page size of the OS, we
33 		 * can not use strict permissions, since that would also affect
34 		 * the mapping attributes of the adjacent regions.
35 		 */
36 		return pgprot_val(PAGE_KERNEL_EXEC);
37 
38 	/* R-- */
39 	if ((attr & (EFI_MEMORY_XP | EFI_MEMORY_RO)) ==
40 	    (EFI_MEMORY_XP | EFI_MEMORY_RO))
41 		return pgprot_val(PAGE_KERNEL_RO);
42 
43 	/* R-X */
44 	if (attr & EFI_MEMORY_RO)
45 		return pgprot_val(PAGE_KERNEL_ROX);
46 
47 	/* RW- */
48 	if (((attr & (EFI_MEMORY_RP | EFI_MEMORY_WP | EFI_MEMORY_XP)) ==
49 	     EFI_MEMORY_XP) ||
50 	    type != EFI_RUNTIME_SERVICES_CODE)
51 		return pgprot_val(PAGE_KERNEL);
52 
53 	/* RWX */
54 	return pgprot_val(PAGE_KERNEL_EXEC);
55 }
56 
57 /* we will fill this structure from the stub, so don't put it in .bss */
58 struct screen_info screen_info __section(".data");
59 EXPORT_SYMBOL(screen_info);
60 
61 int __init efi_create_mapping(struct mm_struct *mm, efi_memory_desc_t *md)
62 {
63 	pteval_t prot_val = create_mapping_protection(md);
64 	bool page_mappings_only = (md->type == EFI_RUNTIME_SERVICES_CODE ||
65 				   md->type == EFI_RUNTIME_SERVICES_DATA);
66 
67 	if (!PAGE_ALIGNED(md->phys_addr) ||
68 	    !PAGE_ALIGNED(md->num_pages << EFI_PAGE_SHIFT)) {
69 		/*
70 		 * If the end address of this region is not aligned to page
71 		 * size, the mapping is rounded up, and may end up sharing a
72 		 * page frame with the next UEFI memory region. If we create
73 		 * a block entry now, we may need to split it again when mapping
74 		 * the next region, and support for that is going to be removed
75 		 * from the MMU routines. So avoid block mappings altogether in
76 		 * that case.
77 		 */
78 		page_mappings_only = true;
79 	}
80 
81 	create_pgd_mapping(mm, md->phys_addr, md->virt_addr,
82 			   md->num_pages << EFI_PAGE_SHIFT,
83 			   __pgprot(prot_val | PTE_NG), page_mappings_only);
84 	return 0;
85 }
86 
87 static int __init set_permissions(pte_t *ptep, unsigned long addr, void *data)
88 {
89 	efi_memory_desc_t *md = data;
90 	pte_t pte = READ_ONCE(*ptep);
91 
92 	if (md->attribute & EFI_MEMORY_RO)
93 		pte = set_pte_bit(pte, __pgprot(PTE_RDONLY));
94 	if (md->attribute & EFI_MEMORY_XP)
95 		pte = set_pte_bit(pte, __pgprot(PTE_PXN));
96 	set_pte(ptep, pte);
97 	return 0;
98 }
99 
100 int __init efi_set_mapping_permissions(struct mm_struct *mm,
101 				       efi_memory_desc_t *md)
102 {
103 	BUG_ON(md->type != EFI_RUNTIME_SERVICES_CODE &&
104 	       md->type != EFI_RUNTIME_SERVICES_DATA);
105 
106 	/*
107 	 * Calling apply_to_page_range() is only safe on regions that are
108 	 * guaranteed to be mapped down to pages. Since we are only called
109 	 * for regions that have been mapped using efi_create_mapping() above
110 	 * (and this is checked by the generic Memory Attributes table parsing
111 	 * routines), there is no need to check that again here.
112 	 */
113 	return apply_to_page_range(mm, md->virt_addr,
114 				   md->num_pages << EFI_PAGE_SHIFT,
115 				   set_permissions, md);
116 }
117 
118 /*
119  * UpdateCapsule() depends on the system being shutdown via
120  * ResetSystem().
121  */
122 bool efi_poweroff_required(void)
123 {
124 	return efi_enabled(EFI_RUNTIME_SERVICES);
125 }
126 
127 asmlinkage efi_status_t efi_handle_corrupted_x18(efi_status_t s, const char *f)
128 {
129 	pr_err_ratelimited(FW_BUG "register x18 corrupted by EFI %s\n", f);
130 	return s;
131 }
132 
133 asmlinkage DEFINE_PER_CPU(u64, __efi_rt_asm_recover_sp);
134 
135 asmlinkage efi_status_t __efi_rt_asm_recover(void);
136 
137 asmlinkage efi_status_t efi_handle_runtime_exception(const char *f)
138 {
139 	pr_err(FW_BUG "Synchronous exception occurred in EFI runtime service %s()\n", f);
140 	clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
141 	return EFI_ABORTED;
142 }
143 
144 bool efi_runtime_fixup_exception(struct pt_regs *regs, const char *msg)
145 {
146 	 /* Check whether the exception occurred while running the firmware */
147 	if (current_work() != &efi_rts_work.work || regs->pc >= TASK_SIZE_64)
148 		return false;
149 
150 	pr_err(FW_BUG "Unable to handle %s in EFI runtime service\n", msg);
151 	add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
152 	dump_stack();
153 
154 	regs->pc = (u64)__efi_rt_asm_recover;
155 	return true;
156 }
157