1 /* 2 * EFI capsule loader driver. 3 * 4 * Copyright 2015 Intel Corporation 5 * 6 * This file is part of the Linux kernel, and is made available under 7 * the terms of the GNU General Public License version 2. 8 */ 9 10 #define pr_fmt(fmt) "efi: " fmt 11 12 #include <linux/kernel.h> 13 #include <linux/module.h> 14 #include <linux/miscdevice.h> 15 #include <linux/highmem.h> 16 #include <linux/slab.h> 17 #include <linux/mutex.h> 18 #include <linux/efi.h> 19 #include <linux/vmalloc.h> 20 21 #define NO_FURTHER_WRITE_ACTION -1 22 23 #ifndef phys_to_page 24 #define phys_to_page(x) pfn_to_page((x) >> PAGE_SHIFT) 25 #endif 26 27 /** 28 * efi_free_all_buff_pages - free all previous allocated buffer pages 29 * @cap_info: pointer to current instance of capsule_info structure 30 * 31 * In addition to freeing buffer pages, it flags NO_FURTHER_WRITE_ACTION 32 * to cease processing data in subsequent write(2) calls until close(2) 33 * is called. 34 **/ 35 static void efi_free_all_buff_pages(struct capsule_info *cap_info) 36 { 37 while (cap_info->index > 0) 38 __free_page(phys_to_page(cap_info->pages[--cap_info->index])); 39 40 cap_info->index = NO_FURTHER_WRITE_ACTION; 41 } 42 43 int __efi_capsule_setup_info(struct capsule_info *cap_info) 44 { 45 size_t pages_needed; 46 int ret; 47 void *temp_page; 48 49 pages_needed = ALIGN(cap_info->total_size, PAGE_SIZE) / PAGE_SIZE; 50 51 if (pages_needed == 0) { 52 pr_err("invalid capsule size"); 53 return -EINVAL; 54 } 55 56 /* Check if the capsule binary supported */ 57 ret = efi_capsule_supported(cap_info->header.guid, 58 cap_info->header.flags, 59 cap_info->header.imagesize, 60 &cap_info->reset_type); 61 if (ret) { 62 pr_err("capsule not supported\n"); 63 return ret; 64 } 65 66 temp_page = krealloc(cap_info->pages, 67 pages_needed * sizeof(void *), 68 GFP_KERNEL | __GFP_ZERO); 69 if (!temp_page) 70 return -ENOMEM; 71 72 cap_info->pages = temp_page; 73 74 return 0; 75 } 76 77 /** 78 * efi_capsule_setup_info - obtain the efi capsule header in the binary and 79 * setup capsule_info structure 80 * @cap_info: pointer to current instance of capsule_info structure 81 * @kbuff: a mapped first page buffer pointer 82 * @hdr_bytes: the total received number of bytes for efi header 83 * 84 * Platforms with non-standard capsule update mechanisms can override 85 * this __weak function so they can perform any required capsule 86 * image munging. See quark_quirk_function() for an example. 87 **/ 88 int __weak efi_capsule_setup_info(struct capsule_info *cap_info, void *kbuff, 89 size_t hdr_bytes) 90 { 91 /* Only process data block that is larger than efi header size */ 92 if (hdr_bytes < sizeof(efi_capsule_header_t)) 93 return 0; 94 95 memcpy(&cap_info->header, kbuff, sizeof(cap_info->header)); 96 cap_info->total_size = cap_info->header.imagesize; 97 98 return __efi_capsule_setup_info(cap_info); 99 } 100 101 /** 102 * efi_capsule_submit_update - invoke the efi_capsule_update API once binary 103 * upload done 104 * @cap_info: pointer to current instance of capsule_info structure 105 **/ 106 static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info) 107 { 108 int ret; 109 110 ret = efi_capsule_update(&cap_info->header, cap_info->pages); 111 if (ret) { 112 pr_err("capsule update failed\n"); 113 return ret; 114 } 115 116 /* Indicate capsule binary uploading is done */ 117 cap_info->index = NO_FURTHER_WRITE_ACTION; 118 pr_info("Successfully upload capsule file with reboot type '%s'\n", 119 !cap_info->reset_type ? "RESET_COLD" : 120 cap_info->reset_type == 1 ? "RESET_WARM" : 121 "RESET_SHUTDOWN"); 122 return 0; 123 } 124 125 /** 126 * efi_capsule_write - store the capsule binary and pass it to 127 * efi_capsule_update() API 128 * @file: file pointer 129 * @buff: buffer pointer 130 * @count: number of bytes in @buff 131 * @offp: not used 132 * 133 * Expectation: 134 * - A user space tool should start at the beginning of capsule binary and 135 * pass data in sequentially. 136 * - Users should close and re-open this file note in order to upload more 137 * capsules. 138 * - After an error returned, user should close the file and restart the 139 * operation for the next try otherwise -EIO will be returned until the 140 * file is closed. 141 * - An EFI capsule header must be located at the beginning of capsule 142 * binary file and passed in as first block data of write operation. 143 **/ 144 static ssize_t efi_capsule_write(struct file *file, const char __user *buff, 145 size_t count, loff_t *offp) 146 { 147 int ret = 0; 148 struct capsule_info *cap_info = file->private_data; 149 struct page *page; 150 void *kbuff = NULL; 151 size_t write_byte; 152 153 if (count == 0) 154 return 0; 155 156 /* Return error while NO_FURTHER_WRITE_ACTION is flagged */ 157 if (cap_info->index < 0) 158 return -EIO; 159 160 /* Only alloc a new page when previous page is full */ 161 if (!cap_info->page_bytes_remain) { 162 page = alloc_page(GFP_KERNEL); 163 if (!page) { 164 ret = -ENOMEM; 165 goto failed; 166 } 167 168 cap_info->pages[cap_info->index++] = page_to_phys(page); 169 cap_info->page_bytes_remain = PAGE_SIZE; 170 } else { 171 page = phys_to_page(cap_info->pages[cap_info->index - 1]); 172 } 173 174 kbuff = kmap(page); 175 kbuff += PAGE_SIZE - cap_info->page_bytes_remain; 176 177 /* Copy capsule binary data from user space to kernel space buffer */ 178 write_byte = min_t(size_t, count, cap_info->page_bytes_remain); 179 if (copy_from_user(kbuff, buff, write_byte)) { 180 ret = -EFAULT; 181 goto fail_unmap; 182 } 183 cap_info->page_bytes_remain -= write_byte; 184 185 /* Setup capsule binary info structure */ 186 if (cap_info->header.headersize == 0) { 187 ret = efi_capsule_setup_info(cap_info, kbuff - cap_info->count, 188 cap_info->count + write_byte); 189 if (ret) 190 goto fail_unmap; 191 } 192 193 cap_info->count += write_byte; 194 kunmap(page); 195 196 /* Submit the full binary to efi_capsule_update() API */ 197 if (cap_info->header.headersize > 0 && 198 cap_info->count >= cap_info->total_size) { 199 if (cap_info->count > cap_info->total_size) { 200 pr_err("capsule upload size exceeded header defined size\n"); 201 ret = -EINVAL; 202 goto failed; 203 } 204 205 ret = efi_capsule_submit_update(cap_info); 206 if (ret) 207 goto failed; 208 } 209 210 return write_byte; 211 212 fail_unmap: 213 kunmap(page); 214 failed: 215 efi_free_all_buff_pages(cap_info); 216 return ret; 217 } 218 219 /** 220 * efi_capsule_flush - called by file close or file flush 221 * @file: file pointer 222 * @id: not used 223 * 224 * If a capsule is being partially uploaded then calling this function 225 * will be treated as upload termination and will free those completed 226 * buffer pages and -ECANCELED will be returned. 227 **/ 228 static int efi_capsule_flush(struct file *file, fl_owner_t id) 229 { 230 int ret = 0; 231 struct capsule_info *cap_info = file->private_data; 232 233 if (cap_info->index > 0) { 234 pr_err("capsule upload not complete\n"); 235 efi_free_all_buff_pages(cap_info); 236 ret = -ECANCELED; 237 } 238 239 return ret; 240 } 241 242 /** 243 * efi_capsule_release - called by file close 244 * @inode: not used 245 * @file: file pointer 246 * 247 * We will not free successfully submitted pages since efi update 248 * requires data to be maintained across system reboot. 249 **/ 250 static int efi_capsule_release(struct inode *inode, struct file *file) 251 { 252 struct capsule_info *cap_info = file->private_data; 253 254 kfree(cap_info->pages); 255 kfree(file->private_data); 256 file->private_data = NULL; 257 return 0; 258 } 259 260 /** 261 * efi_capsule_open - called by file open 262 * @inode: not used 263 * @file: file pointer 264 * 265 * Will allocate each capsule_info memory for each file open call. 266 * This provided the capability to support multiple file open feature 267 * where user is not needed to wait for others to finish in order to 268 * upload their capsule binary. 269 **/ 270 static int efi_capsule_open(struct inode *inode, struct file *file) 271 { 272 struct capsule_info *cap_info; 273 274 cap_info = kzalloc(sizeof(*cap_info), GFP_KERNEL); 275 if (!cap_info) 276 return -ENOMEM; 277 278 cap_info->pages = kzalloc(sizeof(void *), GFP_KERNEL); 279 if (!cap_info->pages) { 280 kfree(cap_info); 281 return -ENOMEM; 282 } 283 284 file->private_data = cap_info; 285 286 return 0; 287 } 288 289 static const struct file_operations efi_capsule_fops = { 290 .owner = THIS_MODULE, 291 .open = efi_capsule_open, 292 .write = efi_capsule_write, 293 .flush = efi_capsule_flush, 294 .release = efi_capsule_release, 295 .llseek = no_llseek, 296 }; 297 298 static struct miscdevice efi_capsule_misc = { 299 .minor = MISC_DYNAMIC_MINOR, 300 .name = "efi_capsule_loader", 301 .fops = &efi_capsule_fops, 302 }; 303 304 static int __init efi_capsule_loader_init(void) 305 { 306 int ret; 307 308 if (!efi_enabled(EFI_RUNTIME_SERVICES)) 309 return -ENODEV; 310 311 ret = misc_register(&efi_capsule_misc); 312 if (ret) 313 pr_err("Unable to register capsule loader device\n"); 314 315 return ret; 316 } 317 module_init(efi_capsule_loader_init); 318 319 static void __exit efi_capsule_loader_exit(void) 320 { 321 misc_deregister(&efi_capsule_misc); 322 } 323 module_exit(efi_capsule_loader_exit); 324 325 MODULE_DESCRIPTION("EFI capsule firmware binary loader"); 326 MODULE_LICENSE("GPL v2"); 327