1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 2013 Linaro Ltd; <roy.franz@linaro.org> 4 */ 5 #include <linux/efi.h> 6 #include <asm/efi.h> 7 8 #include "efistub.h" 9 10 efi_status_t check_platform_features(efi_system_table_t *sys_table_arg) 11 { 12 int block; 13 14 /* non-LPAE kernels can run anywhere */ 15 if (!IS_ENABLED(CONFIG_ARM_LPAE)) 16 return EFI_SUCCESS; 17 18 /* LPAE kernels need compatible hardware */ 19 block = cpuid_feature_extract(CPUID_EXT_MMFR0, 0); 20 if (block < 5) { 21 pr_efi_err(sys_table_arg, "This LPAE kernel is not supported by your CPU\n"); 22 return EFI_UNSUPPORTED; 23 } 24 return EFI_SUCCESS; 25 } 26 27 static efi_guid_t screen_info_guid = LINUX_EFI_ARM_SCREEN_INFO_TABLE_GUID; 28 29 struct screen_info *alloc_screen_info(efi_system_table_t *sys_table_arg) 30 { 31 struct screen_info *si; 32 efi_status_t status; 33 34 /* 35 * Unlike on arm64, where we can directly fill out the screen_info 36 * structure from the stub, we need to allocate a buffer to hold 37 * its contents while we hand over to the kernel proper from the 38 * decompressor. 39 */ 40 status = efi_call_early(allocate_pool, EFI_RUNTIME_SERVICES_DATA, 41 sizeof(*si), (void **)&si); 42 43 if (status != EFI_SUCCESS) 44 return NULL; 45 46 status = efi_call_early(install_configuration_table, 47 &screen_info_guid, si); 48 if (status == EFI_SUCCESS) 49 return si; 50 51 efi_call_early(free_pool, si); 52 return NULL; 53 } 54 55 void free_screen_info(efi_system_table_t *sys_table_arg, struct screen_info *si) 56 { 57 if (!si) 58 return; 59 60 efi_call_early(install_configuration_table, &screen_info_guid, NULL); 61 efi_call_early(free_pool, si); 62 } 63 64 static efi_status_t reserve_kernel_base(efi_system_table_t *sys_table_arg, 65 unsigned long dram_base, 66 unsigned long *reserve_addr, 67 unsigned long *reserve_size) 68 { 69 efi_physical_addr_t alloc_addr; 70 efi_memory_desc_t *memory_map; 71 unsigned long nr_pages, map_size, desc_size, buff_size; 72 efi_status_t status; 73 unsigned long l; 74 75 struct efi_boot_memmap map = { 76 .map = &memory_map, 77 .map_size = &map_size, 78 .desc_size = &desc_size, 79 .desc_ver = NULL, 80 .key_ptr = NULL, 81 .buff_size = &buff_size, 82 }; 83 84 /* 85 * Reserve memory for the uncompressed kernel image. This is 86 * all that prevents any future allocations from conflicting 87 * with the kernel. Since we can't tell from the compressed 88 * image how much DRAM the kernel actually uses (due to BSS 89 * size uncertainty) we allocate the maximum possible size. 90 * Do this very early, as prints can cause memory allocations 91 * that may conflict with this. 92 */ 93 alloc_addr = dram_base + MAX_UNCOMP_KERNEL_SIZE; 94 nr_pages = MAX_UNCOMP_KERNEL_SIZE / EFI_PAGE_SIZE; 95 status = efi_call_early(allocate_pages, EFI_ALLOCATE_MAX_ADDRESS, 96 EFI_BOOT_SERVICES_DATA, nr_pages, &alloc_addr); 97 if (status == EFI_SUCCESS) { 98 if (alloc_addr == dram_base) { 99 *reserve_addr = alloc_addr; 100 *reserve_size = MAX_UNCOMP_KERNEL_SIZE; 101 return EFI_SUCCESS; 102 } 103 /* 104 * If we end up here, the allocation succeeded but starts below 105 * dram_base. This can only occur if the real base of DRAM is 106 * not a multiple of 128 MB, in which case dram_base will have 107 * been rounded up. Since this implies that a part of the region 108 * was already occupied, we need to fall through to the code 109 * below to ensure that the existing allocations don't conflict. 110 * For this reason, we use EFI_BOOT_SERVICES_DATA above and not 111 * EFI_LOADER_DATA, which we wouldn't able to distinguish from 112 * allocations that we want to disallow. 113 */ 114 } 115 116 /* 117 * If the allocation above failed, we may still be able to proceed: 118 * if the only allocations in the region are of types that will be 119 * released to the OS after ExitBootServices(), the decompressor can 120 * safely overwrite them. 121 */ 122 status = efi_get_memory_map(sys_table_arg, &map); 123 if (status != EFI_SUCCESS) { 124 pr_efi_err(sys_table_arg, 125 "reserve_kernel_base(): Unable to retrieve memory map.\n"); 126 return status; 127 } 128 129 for (l = 0; l < map_size; l += desc_size) { 130 efi_memory_desc_t *desc; 131 u64 start, end; 132 133 desc = (void *)memory_map + l; 134 start = desc->phys_addr; 135 end = start + desc->num_pages * EFI_PAGE_SIZE; 136 137 /* Skip if entry does not intersect with region */ 138 if (start >= dram_base + MAX_UNCOMP_KERNEL_SIZE || 139 end <= dram_base) 140 continue; 141 142 switch (desc->type) { 143 case EFI_BOOT_SERVICES_CODE: 144 case EFI_BOOT_SERVICES_DATA: 145 /* Ignore types that are released to the OS anyway */ 146 continue; 147 148 case EFI_CONVENTIONAL_MEMORY: 149 /* Skip soft reserved conventional memory */ 150 if (efi_soft_reserve_enabled() && 151 (desc->attribute & EFI_MEMORY_SP)) 152 continue; 153 154 /* 155 * Reserve the intersection between this entry and the 156 * region. 157 */ 158 start = max(start, (u64)dram_base); 159 end = min(end, (u64)dram_base + MAX_UNCOMP_KERNEL_SIZE); 160 161 status = efi_call_early(allocate_pages, 162 EFI_ALLOCATE_ADDRESS, 163 EFI_LOADER_DATA, 164 (end - start) / EFI_PAGE_SIZE, 165 &start); 166 if (status != EFI_SUCCESS) { 167 pr_efi_err(sys_table_arg, 168 "reserve_kernel_base(): alloc failed.\n"); 169 goto out; 170 } 171 break; 172 173 case EFI_LOADER_CODE: 174 case EFI_LOADER_DATA: 175 /* 176 * These regions may be released and reallocated for 177 * another purpose (including EFI_RUNTIME_SERVICE_DATA) 178 * at any time during the execution of the OS loader, 179 * so we cannot consider them as safe. 180 */ 181 default: 182 /* 183 * Treat any other allocation in the region as unsafe */ 184 status = EFI_OUT_OF_RESOURCES; 185 goto out; 186 } 187 } 188 189 status = EFI_SUCCESS; 190 out: 191 efi_call_early(free_pool, memory_map); 192 return status; 193 } 194 195 efi_status_t handle_kernel_image(efi_system_table_t *sys_table, 196 unsigned long *image_addr, 197 unsigned long *image_size, 198 unsigned long *reserve_addr, 199 unsigned long *reserve_size, 200 unsigned long dram_base, 201 efi_loaded_image_t *image) 202 { 203 unsigned long kernel_base; 204 efi_status_t status; 205 206 /* 207 * Verify that the DRAM base address is compatible with the ARM 208 * boot protocol, which determines the base of DRAM by masking 209 * off the low 27 bits of the address at which the zImage is 210 * loaded. These assumptions are made by the decompressor, 211 * before any memory map is available. 212 */ 213 kernel_base = round_up(dram_base, SZ_128M); 214 215 /* 216 * Note that some platforms (notably, the Raspberry Pi 2) put 217 * spin-tables and other pieces of firmware at the base of RAM, 218 * abusing the fact that the window of TEXT_OFFSET bytes at the 219 * base of the kernel image is only partially used at the moment. 220 * (Up to 5 pages are used for the swapper page tables) 221 */ 222 kernel_base += TEXT_OFFSET - 5 * PAGE_SIZE; 223 224 status = reserve_kernel_base(sys_table, kernel_base, reserve_addr, 225 reserve_size); 226 if (status != EFI_SUCCESS) { 227 pr_efi_err(sys_table, "Unable to allocate memory for uncompressed kernel.\n"); 228 return status; 229 } 230 231 /* 232 * Relocate the zImage, so that it appears in the lowest 128 MB 233 * memory window. 234 */ 235 *image_size = image->image_size; 236 status = efi_relocate_kernel(sys_table, image_addr, *image_size, 237 *image_size, 238 kernel_base + MAX_UNCOMP_KERNEL_SIZE, 0, 0); 239 if (status != EFI_SUCCESS) { 240 pr_efi_err(sys_table, "Failed to relocate kernel.\n"); 241 efi_free(sys_table, *reserve_size, *reserve_addr); 242 *reserve_size = 0; 243 return status; 244 } 245 246 /* 247 * Check to see if we were able to allocate memory low enough 248 * in memory. The kernel determines the base of DRAM from the 249 * address at which the zImage is loaded. 250 */ 251 if (*image_addr + *image_size > dram_base + ZIMAGE_OFFSET_LIMIT) { 252 pr_efi_err(sys_table, "Failed to relocate kernel, no low memory available.\n"); 253 efi_free(sys_table, *reserve_size, *reserve_addr); 254 *reserve_size = 0; 255 efi_free(sys_table, *image_size, *image_addr); 256 *image_size = 0; 257 return EFI_LOAD_ERROR; 258 } 259 return EFI_SUCCESS; 260 } 261