1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * EFI application loader 4 * 5 * Copyright (c) 2016 Alexander Graf 6 */ 7 8 #include <charset.h> 9 #include <common.h> 10 #include <command.h> 11 #include <dm.h> 12 #include <efi_loader.h> 13 #include <efi_selftest.h> 14 #include <errno.h> 15 #include <linux/libfdt.h> 16 #include <linux/libfdt_env.h> 17 #include <mapmem.h> 18 #include <memalign.h> 19 #include <asm/global_data.h> 20 #include <asm-generic/sections.h> 21 #include <asm-generic/unaligned.h> 22 #include <linux/linkage.h> 23 24 #ifdef CONFIG_ARMV7_NONSEC 25 #include <asm/armv7.h> 26 #include <asm/secure.h> 27 #endif 28 29 DECLARE_GLOBAL_DATA_PTR; 30 31 #define OBJ_LIST_NOT_INITIALIZED 1 32 33 static efi_status_t efi_obj_list_initialized = OBJ_LIST_NOT_INITIALIZED; 34 35 static struct efi_device_path *bootefi_image_path; 36 static struct efi_device_path *bootefi_device_path; 37 38 /* Initialize and populate EFI object list */ 39 efi_status_t efi_init_obj_list(void) 40 { 41 efi_status_t ret = EFI_SUCCESS; 42 43 /* 44 * On the ARM architecture gd is mapped to a fixed register (r9 or x18). 45 * As this register may be overwritten by an EFI payload we save it here 46 * and restore it on every callback entered. 47 */ 48 efi_save_gd(); 49 50 /* Initialize once only */ 51 if (efi_obj_list_initialized != OBJ_LIST_NOT_INITIALIZED) 52 return efi_obj_list_initialized; 53 54 /* Initialize system table */ 55 ret = efi_initialize_system_table(); 56 if (ret != EFI_SUCCESS) 57 goto out; 58 59 /* Initialize root node */ 60 ret = efi_root_node_register(); 61 if (ret != EFI_SUCCESS) 62 goto out; 63 64 /* Initialize EFI driver uclass */ 65 ret = efi_driver_init(); 66 if (ret != EFI_SUCCESS) 67 goto out; 68 69 ret = efi_console_register(); 70 if (ret != EFI_SUCCESS) 71 goto out; 72 #ifdef CONFIG_PARTITIONS 73 ret = efi_disk_register(); 74 if (ret != EFI_SUCCESS) 75 goto out; 76 #endif 77 #if defined(CONFIG_LCD) || defined(CONFIG_DM_VIDEO) 78 ret = efi_gop_register(); 79 if (ret != EFI_SUCCESS) 80 goto out; 81 #endif 82 #ifdef CONFIG_NET 83 ret = efi_net_register(); 84 if (ret != EFI_SUCCESS) 85 goto out; 86 #endif 87 #ifdef CONFIG_GENERATE_ACPI_TABLE 88 ret = efi_acpi_register(); 89 if (ret != EFI_SUCCESS) 90 goto out; 91 #endif 92 #ifdef CONFIG_GENERATE_SMBIOS_TABLE 93 ret = efi_smbios_register(); 94 if (ret != EFI_SUCCESS) 95 goto out; 96 #endif 97 ret = efi_watchdog_register(); 98 if (ret != EFI_SUCCESS) 99 goto out; 100 101 /* Initialize EFI runtime services */ 102 ret = efi_reset_system_init(); 103 if (ret != EFI_SUCCESS) 104 goto out; 105 106 out: 107 efi_obj_list_initialized = ret; 108 return ret; 109 } 110 111 /* 112 * Allow unaligned memory access. 113 * 114 * This routine is overridden by architectures providing this feature. 115 */ 116 void __weak allow_unaligned(void) 117 { 118 } 119 120 /* 121 * Set the load options of an image from an environment variable. 122 * 123 * @loaded_image_info: the image 124 * @env_var: name of the environment variable 125 */ 126 static void set_load_options(struct efi_loaded_image *loaded_image_info, 127 const char *env_var) 128 { 129 size_t size; 130 const char *env = env_get(env_var); 131 u16 *pos; 132 133 loaded_image_info->load_options = NULL; 134 loaded_image_info->load_options_size = 0; 135 if (!env) 136 return; 137 size = utf8_utf16_strlen(env) + 1; 138 loaded_image_info->load_options = calloc(size, sizeof(u16)); 139 if (!loaded_image_info->load_options) { 140 printf("ERROR: Out of memory\n"); 141 return; 142 } 143 pos = loaded_image_info->load_options; 144 utf8_utf16_strcpy(&pos, env); 145 loaded_image_info->load_options_size = size * 2; 146 } 147 148 /** 149 * copy_fdt() - Copy the device tree to a new location available to EFI 150 * 151 * The FDT is copied to a suitable location within the EFI memory map. 152 * Additional 12 KiB are added to the space in case the device tree needs to be 153 * expanded later with fdt_open_into(). 154 * 155 * @fdtp: On entry a pointer to the flattened device tree. 156 * On exit a pointer to the copy of the flattened device tree. 157 * FDT start 158 * Return: status code 159 */ 160 static efi_status_t copy_fdt(void **fdtp) 161 { 162 unsigned long fdt_ram_start = -1L, fdt_pages; 163 efi_status_t ret = 0; 164 void *fdt, *new_fdt; 165 u64 new_fdt_addr; 166 uint fdt_size; 167 int i; 168 169 for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) { 170 u64 ram_start = gd->bd->bi_dram[i].start; 171 u64 ram_size = gd->bd->bi_dram[i].size; 172 173 if (!ram_size) 174 continue; 175 176 if (ram_start < fdt_ram_start) 177 fdt_ram_start = ram_start; 178 } 179 180 /* 181 * Give us at least 12 KiB of breathing room in case the device tree 182 * needs to be expanded later. 183 */ 184 fdt = *fdtp; 185 fdt_pages = efi_size_in_pages(fdt_totalsize(fdt) + 0x3000); 186 fdt_size = fdt_pages << EFI_PAGE_SHIFT; 187 188 /* 189 * Safe fdt location is at 127 MiB. 190 * On the sandbox convert from the sandbox address space. 191 */ 192 new_fdt_addr = (uintptr_t)map_sysmem(fdt_ram_start + 0x7f00000 + 193 fdt_size, 0); 194 ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS, 195 EFI_RUNTIME_SERVICES_DATA, fdt_pages, 196 &new_fdt_addr); 197 if (ret != EFI_SUCCESS) { 198 /* If we can't put it there, put it somewhere */ 199 new_fdt_addr = (ulong)memalign(EFI_PAGE_SIZE, fdt_size); 200 ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS, 201 EFI_RUNTIME_SERVICES_DATA, fdt_pages, 202 &new_fdt_addr); 203 if (ret != EFI_SUCCESS) { 204 printf("ERROR: Failed to reserve space for FDT\n"); 205 goto done; 206 } 207 } 208 new_fdt = (void *)(uintptr_t)new_fdt_addr; 209 memcpy(new_fdt, fdt, fdt_totalsize(fdt)); 210 fdt_set_totalsize(new_fdt, fdt_size); 211 212 *fdtp = (void *)(uintptr_t)new_fdt_addr; 213 done: 214 return ret; 215 } 216 217 static efi_status_t efi_do_enter( 218 efi_handle_t image_handle, struct efi_system_table *st, 219 EFIAPI efi_status_t (*entry)( 220 efi_handle_t image_handle, 221 struct efi_system_table *st)) 222 { 223 efi_status_t ret = EFI_LOAD_ERROR; 224 225 if (entry) 226 ret = entry(image_handle, st); 227 st->boottime->exit(image_handle, ret, 0, NULL); 228 return ret; 229 } 230 231 #ifdef CONFIG_ARM64 232 static efi_status_t efi_run_in_el2(EFIAPI efi_status_t (*entry)( 233 efi_handle_t image_handle, struct efi_system_table *st), 234 efi_handle_t image_handle, struct efi_system_table *st) 235 { 236 /* Enable caches again */ 237 dcache_enable(); 238 239 return efi_do_enter(image_handle, st, entry); 240 } 241 #endif 242 243 #ifdef CONFIG_ARMV7_NONSEC 244 static bool is_nonsec; 245 246 static efi_status_t efi_run_in_hyp(EFIAPI efi_status_t (*entry)( 247 efi_handle_t image_handle, struct efi_system_table *st), 248 efi_handle_t image_handle, struct efi_system_table *st) 249 { 250 /* Enable caches again */ 251 dcache_enable(); 252 253 is_nonsec = true; 254 255 return efi_do_enter(image_handle, st, entry); 256 } 257 #endif 258 259 /* 260 * efi_carve_out_dt_rsv() - Carve out DT reserved memory ranges 261 * 262 * The mem_rsv entries of the FDT are added to the memory map. Any failures are 263 * ignored because this is not critical and we would rather continue to try to 264 * boot. 265 * 266 * @fdt: Pointer to device tree 267 */ 268 static void efi_carve_out_dt_rsv(void *fdt) 269 { 270 int nr_rsv, i; 271 uint64_t addr, size, pages; 272 273 nr_rsv = fdt_num_mem_rsv(fdt); 274 275 /* Look for an existing entry and add it to the efi mem map. */ 276 for (i = 0; i < nr_rsv; i++) { 277 if (fdt_get_mem_rsv(fdt, i, &addr, &size) != 0) 278 continue; 279 280 /* Convert from sandbox address space. */ 281 addr = (uintptr_t)map_sysmem(addr, 0); 282 283 /* 284 * Do not carve out the device tree. It is already marked as 285 * EFI_RUNTIME_SERVICES_DATA 286 */ 287 if (addr == (uintptr_t)fdt) 288 continue; 289 290 pages = efi_size_in_pages(size + (addr & EFI_PAGE_MASK)); 291 addr &= ~EFI_PAGE_MASK; 292 if (!efi_add_memory_map(addr, pages, EFI_RESERVED_MEMORY_TYPE, 293 false)) 294 printf("FDT memrsv map %d: Failed to add to map\n", i); 295 } 296 } 297 298 static efi_status_t efi_install_fdt(ulong fdt_addr) 299 { 300 bootm_headers_t img = { 0 }; 301 efi_status_t ret; 302 void *fdt; 303 304 fdt = map_sysmem(fdt_addr, 0); 305 if (fdt_check_header(fdt)) { 306 printf("ERROR: invalid device tree\n"); 307 return EFI_INVALID_PARAMETER; 308 } 309 310 /* Prepare fdt for payload */ 311 ret = copy_fdt(&fdt); 312 if (ret) 313 return ret; 314 315 if (image_setup_libfdt(&img, fdt, 0, NULL)) { 316 printf("ERROR: failed to process device tree\n"); 317 return EFI_LOAD_ERROR; 318 } 319 320 efi_carve_out_dt_rsv(fdt); 321 322 /* Link to it in the efi tables */ 323 ret = efi_install_configuration_table(&efi_guid_fdt, fdt); 324 if (ret != EFI_SUCCESS) 325 return EFI_OUT_OF_RESOURCES; 326 327 return ret; 328 } 329 330 static efi_status_t bootefi_run_prepare(const char *load_options_path, 331 struct efi_device_path *device_path, 332 struct efi_device_path *image_path, 333 struct efi_loaded_image_obj **image_objp, 334 struct efi_loaded_image **loaded_image_infop) 335 { 336 efi_status_t ret; 337 338 ret = efi_setup_loaded_image(device_path, image_path, image_objp, 339 loaded_image_infop); 340 if (ret != EFI_SUCCESS) 341 return ret; 342 343 /* Transfer environment variable as load options */ 344 set_load_options(*loaded_image_infop, load_options_path); 345 346 return 0; 347 } 348 349 /** 350 * bootefi_run_finish() - finish up after running an EFI test 351 * 352 * @loaded_image_info: Pointer to a struct which holds the loaded image info 353 * @image_objj: Pointer to a struct which holds the loaded image object 354 */ 355 static void bootefi_run_finish(struct efi_loaded_image_obj *image_obj, 356 struct efi_loaded_image *loaded_image_info) 357 { 358 efi_restore_gd(); 359 free(loaded_image_info->load_options); 360 efi_delete_handle(&image_obj->header); 361 } 362 363 /** 364 * do_bootefi_exec() - execute EFI binary 365 * 366 * @efi: address of the binary 367 * @device_path: path of the device from which the binary was loaded 368 * @image_path: device path of the binary 369 * Return: status code 370 * 371 * Load the EFI binary into a newly assigned memory unwinding the relocation 372 * information, install the loaded image protocol, and call the binary. 373 */ 374 static efi_status_t do_bootefi_exec(void *efi, 375 struct efi_device_path *device_path, 376 struct efi_device_path *image_path) 377 { 378 efi_handle_t mem_handle = NULL; 379 struct efi_device_path *memdp = NULL; 380 efi_status_t ret; 381 struct efi_loaded_image_obj *image_obj = NULL; 382 struct efi_loaded_image *loaded_image_info = NULL; 383 384 EFIAPI efi_status_t (*entry)(efi_handle_t image_handle, 385 struct efi_system_table *st); 386 387 /* 388 * Special case for efi payload not loaded from disk, such as 389 * 'bootefi hello' or for example payload loaded directly into 390 * memory via JTAG, etc: 391 */ 392 if (!device_path && !image_path) { 393 printf("WARNING: using memory device/image path, this may confuse some payloads!\n"); 394 /* actual addresses filled in after efi_load_pe() */ 395 memdp = efi_dp_from_mem(0, 0, 0); 396 device_path = image_path = memdp; 397 /* 398 * Grub expects that the device path of the loaded image is 399 * installed on a handle. 400 */ 401 ret = efi_create_handle(&mem_handle); 402 if (ret != EFI_SUCCESS) 403 return ret; /* TODO: leaks device_path */ 404 ret = efi_add_protocol(mem_handle, &efi_guid_device_path, 405 device_path); 406 if (ret != EFI_SUCCESS) 407 goto err_add_protocol; 408 } else { 409 assert(device_path && image_path); 410 } 411 412 ret = bootefi_run_prepare("bootargs", device_path, image_path, 413 &image_obj, &loaded_image_info); 414 if (ret) 415 goto err_prepare; 416 417 /* Load the EFI payload */ 418 entry = efi_load_pe(image_obj, efi, loaded_image_info); 419 if (!entry) { 420 ret = EFI_LOAD_ERROR; 421 goto err_prepare; 422 } 423 424 if (memdp) { 425 struct efi_device_path_memory *mdp = (void *)memdp; 426 mdp->memory_type = loaded_image_info->image_code_type; 427 mdp->start_address = (uintptr_t)loaded_image_info->image_base; 428 mdp->end_address = mdp->start_address + 429 loaded_image_info->image_size; 430 } 431 432 /* we don't support much: */ 433 env_set("efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_OsIndicationsSupported", 434 "{ro,boot}(blob)0000000000000000"); 435 436 /* Call our payload! */ 437 debug("%s:%d Jumping to 0x%lx\n", __func__, __LINE__, (long)entry); 438 439 if (setjmp(&image_obj->exit_jmp)) { 440 ret = image_obj->exit_status; 441 goto err_prepare; 442 } 443 444 #ifdef CONFIG_ARM64 445 /* On AArch64 we need to make sure we call our payload in < EL3 */ 446 if (current_el() == 3) { 447 smp_kick_all_cpus(); 448 dcache_disable(); /* flush cache before switch to EL2 */ 449 450 /* Move into EL2 and keep running there */ 451 armv8_switch_to_el2((ulong)entry, 452 (ulong)&image_obj->header, 453 (ulong)&systab, 0, (ulong)efi_run_in_el2, 454 ES_TO_AARCH64); 455 456 /* Should never reach here, efi exits with longjmp */ 457 while (1) { } 458 } 459 #endif 460 461 #ifdef CONFIG_ARMV7_NONSEC 462 if (armv7_boot_nonsec() && !is_nonsec) { 463 dcache_disable(); /* flush cache before switch to HYP */ 464 465 armv7_init_nonsec(); 466 secure_ram_addr(_do_nonsec_entry)( 467 efi_run_in_hyp, 468 (uintptr_t)entry, 469 (uintptr_t)&image_obj->header, 470 (uintptr_t)&systab); 471 472 /* Should never reach here, efi exits with longjmp */ 473 while (1) { } 474 } 475 #endif 476 477 ret = efi_do_enter(&image_obj->header, &systab, entry); 478 479 err_prepare: 480 /* image has returned, loaded-image obj goes *poof*: */ 481 bootefi_run_finish(image_obj, loaded_image_info); 482 483 err_add_protocol: 484 if (mem_handle) 485 efi_delete_handle(mem_handle); 486 487 return ret; 488 } 489 490 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST 491 /** 492 * bootefi_test_prepare() - prepare to run an EFI test 493 * 494 * This sets things up so we can call EFI functions. This involves preparing 495 * the 'gd' pointer and setting up the load ed image data structures. 496 * 497 * @image_objp: loaded_image_infop: Pointer to a struct which will hold the 498 * loaded image object. This struct will be inited by this function before 499 * use. 500 * @loaded_image_infop: Pointer to a struct which will hold the loaded image 501 * info. This struct will be inited by this function before use. 502 * @path: File path to the test being run (often just the test name with a 503 * backslash before it 504 * @test_func: Address of the test function that is being run 505 * @load_options_path: U-Boot environment variable to use as load options 506 * @return 0 if OK, -ve on error 507 */ 508 static efi_status_t bootefi_test_prepare 509 (struct efi_loaded_image_obj **image_objp, 510 struct efi_loaded_image **loaded_image_infop, const char *path, 511 ulong test_func, const char *load_options_path) 512 { 513 /* Construct a dummy device path */ 514 bootefi_device_path = efi_dp_from_mem(EFI_RESERVED_MEMORY_TYPE, 515 (uintptr_t)test_func, 516 (uintptr_t)test_func); 517 if (!bootefi_device_path) 518 return EFI_OUT_OF_RESOURCES; 519 bootefi_image_path = efi_dp_from_file(NULL, 0, path); 520 if (!bootefi_image_path) 521 return EFI_OUT_OF_RESOURCES; 522 523 return bootefi_run_prepare(load_options_path, bootefi_device_path, 524 bootefi_image_path, image_objp, 525 loaded_image_infop); 526 } 527 528 #endif /* CONFIG_CMD_BOOTEFI_SELFTEST */ 529 530 static int do_bootefi_bootmgr_exec(void) 531 { 532 struct efi_device_path *device_path, *file_path; 533 void *addr; 534 efi_status_t r; 535 536 addr = efi_bootmgr_load(&device_path, &file_path); 537 if (!addr) 538 return 1; 539 540 printf("## Starting EFI application at %p ...\n", addr); 541 r = do_bootefi_exec(addr, device_path, file_path); 542 printf("## Application terminated, r = %lu\n", 543 r & ~EFI_ERROR_MASK); 544 545 if (r != EFI_SUCCESS) 546 return 1; 547 548 return 0; 549 } 550 551 /* Interpreter command to boot an arbitrary EFI image from memory */ 552 static int do_bootefi(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) 553 { 554 unsigned long addr; 555 char *saddr; 556 efi_status_t r; 557 unsigned long fdt_addr; 558 559 /* Allow unaligned memory access */ 560 allow_unaligned(); 561 562 /* Initialize EFI drivers */ 563 r = efi_init_obj_list(); 564 if (r != EFI_SUCCESS) { 565 printf("Error: Cannot set up EFI drivers, r = %lu\n", 566 r & ~EFI_ERROR_MASK); 567 return CMD_RET_FAILURE; 568 } 569 570 if (argc < 2) 571 return CMD_RET_USAGE; 572 573 if (argc > 2) { 574 fdt_addr = simple_strtoul(argv[2], NULL, 16); 575 if (!fdt_addr && *argv[2] != '0') 576 return CMD_RET_USAGE; 577 /* Install device tree */ 578 r = efi_install_fdt(fdt_addr); 579 if (r != EFI_SUCCESS) { 580 printf("ERROR: failed to install device tree\n"); 581 return CMD_RET_FAILURE; 582 } 583 } else { 584 /* Remove device tree. EFI_NOT_FOUND can be ignored here */ 585 efi_install_configuration_table(&efi_guid_fdt, NULL); 586 printf("WARNING: booting without device tree\n"); 587 } 588 #ifdef CONFIG_CMD_BOOTEFI_HELLO 589 if (!strcmp(argv[1], "hello")) { 590 ulong size = __efi_helloworld_end - __efi_helloworld_begin; 591 592 saddr = env_get("loadaddr"); 593 if (saddr) 594 addr = simple_strtoul(saddr, NULL, 16); 595 else 596 addr = CONFIG_SYS_LOAD_ADDR; 597 memcpy(map_sysmem(addr, size), __efi_helloworld_begin, size); 598 } else 599 #endif 600 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST 601 if (!strcmp(argv[1], "selftest")) { 602 struct efi_loaded_image_obj *image_obj; 603 struct efi_loaded_image *loaded_image_info; 604 605 if (bootefi_test_prepare(&image_obj, &loaded_image_info, 606 "\\selftest", (uintptr_t)&efi_selftest, 607 "efi_selftest")) 608 return CMD_RET_FAILURE; 609 610 /* Execute the test */ 611 r = efi_selftest(&image_obj->header, &systab); 612 bootefi_run_finish(image_obj, loaded_image_info); 613 return r != EFI_SUCCESS; 614 } else 615 #endif 616 if (!strcmp(argv[1], "bootmgr")) { 617 return do_bootefi_bootmgr_exec(); 618 } else { 619 saddr = argv[1]; 620 621 addr = simple_strtoul(saddr, NULL, 16); 622 /* Check that a numeric value was passed */ 623 if (!addr && *saddr != '0') 624 return CMD_RET_USAGE; 625 626 } 627 628 printf("## Starting EFI application at %08lx ...\n", addr); 629 r = do_bootefi_exec(map_sysmem(addr, 0), bootefi_device_path, 630 bootefi_image_path); 631 printf("## Application terminated, r = %lu\n", 632 r & ~EFI_ERROR_MASK); 633 634 if (r != EFI_SUCCESS) 635 return 1; 636 else 637 return 0; 638 } 639 640 #ifdef CONFIG_SYS_LONGHELP 641 static char bootefi_help_text[] = 642 "<image address> [fdt address]\n" 643 " - boot EFI payload stored at address <image address>.\n" 644 " If specified, the device tree located at <fdt address> gets\n" 645 " exposed as EFI configuration table.\n" 646 #ifdef CONFIG_CMD_BOOTEFI_HELLO 647 "bootefi hello\n" 648 " - boot a sample Hello World application stored within U-Boot\n" 649 #endif 650 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST 651 "bootefi selftest [fdt address]\n" 652 " - boot an EFI selftest application stored within U-Boot\n" 653 " Use environment variable efi_selftest to select a single test.\n" 654 " Use 'setenv efi_selftest list' to enumerate all tests.\n" 655 #endif 656 "bootefi bootmgr [fdt addr]\n" 657 " - load and boot EFI payload based on BootOrder/BootXXXX variables.\n" 658 "\n" 659 " If specified, the device tree located at <fdt address> gets\n" 660 " exposed as EFI configuration table.\n"; 661 #endif 662 663 U_BOOT_CMD( 664 bootefi, 3, 0, do_bootefi, 665 "Boots an EFI payload from memory", 666 bootefi_help_text 667 ); 668 669 void efi_set_bootdev(const char *dev, const char *devnr, const char *path) 670 { 671 struct efi_device_path *device, *image; 672 efi_status_t ret; 673 674 /* efi_set_bootdev is typically called repeatedly, recover memory */ 675 efi_free_pool(bootefi_device_path); 676 efi_free_pool(bootefi_image_path); 677 678 ret = efi_dp_from_name(dev, devnr, path, &device, &image); 679 if (ret == EFI_SUCCESS) { 680 bootefi_device_path = device; 681 bootefi_image_path = image; 682 } else { 683 bootefi_device_path = NULL; 684 bootefi_image_path = NULL; 685 } 686 } 687