1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * EFI application loader 4 * 5 * Copyright (c) 2016 Alexander Graf 6 */ 7 8 #include <charset.h> 9 #include <common.h> 10 #include <command.h> 11 #include <dm.h> 12 #include <efi_loader.h> 13 #include <efi_selftest.h> 14 #include <errno.h> 15 #include <linux/libfdt.h> 16 #include <linux/libfdt_env.h> 17 #include <mapmem.h> 18 #include <memalign.h> 19 #include <asm/global_data.h> 20 #include <asm-generic/sections.h> 21 #include <asm-generic/unaligned.h> 22 #include <linux/linkage.h> 23 24 #ifdef CONFIG_ARMV7_NONSEC 25 #include <asm/armv7.h> 26 #include <asm/secure.h> 27 #endif 28 29 DECLARE_GLOBAL_DATA_PTR; 30 31 #define OBJ_LIST_NOT_INITIALIZED 1 32 33 static efi_status_t efi_obj_list_initialized = OBJ_LIST_NOT_INITIALIZED; 34 35 static struct efi_device_path *bootefi_image_path; 36 static struct efi_device_path *bootefi_device_path; 37 38 /* Initialize and populate EFI object list */ 39 efi_status_t efi_init_obj_list(void) 40 { 41 efi_status_t ret = EFI_SUCCESS; 42 43 /* Initialize once only */ 44 if (efi_obj_list_initialized != OBJ_LIST_NOT_INITIALIZED) 45 return efi_obj_list_initialized; 46 47 /* Initialize system table */ 48 ret = efi_initialize_system_table(); 49 if (ret != EFI_SUCCESS) 50 goto out; 51 52 /* Initialize root node */ 53 ret = efi_root_node_register(); 54 if (ret != EFI_SUCCESS) 55 goto out; 56 57 /* Initialize EFI driver uclass */ 58 ret = efi_driver_init(); 59 if (ret != EFI_SUCCESS) 60 goto out; 61 62 ret = efi_console_register(); 63 if (ret != EFI_SUCCESS) 64 goto out; 65 #ifdef CONFIG_PARTITIONS 66 ret = efi_disk_register(); 67 if (ret != EFI_SUCCESS) 68 goto out; 69 #endif 70 #if defined(CONFIG_LCD) || defined(CONFIG_DM_VIDEO) 71 ret = efi_gop_register(); 72 if (ret != EFI_SUCCESS) 73 goto out; 74 #endif 75 #ifdef CONFIG_NET 76 ret = efi_net_register(); 77 if (ret != EFI_SUCCESS) 78 goto out; 79 #endif 80 #ifdef CONFIG_GENERATE_ACPI_TABLE 81 ret = efi_acpi_register(); 82 if (ret != EFI_SUCCESS) 83 goto out; 84 #endif 85 #ifdef CONFIG_GENERATE_SMBIOS_TABLE 86 ret = efi_smbios_register(); 87 if (ret != EFI_SUCCESS) 88 goto out; 89 #endif 90 ret = efi_watchdog_register(); 91 if (ret != EFI_SUCCESS) 92 goto out; 93 94 /* Initialize EFI runtime services */ 95 ret = efi_reset_system_init(); 96 if (ret != EFI_SUCCESS) 97 goto out; 98 99 out: 100 efi_obj_list_initialized = ret; 101 return ret; 102 } 103 104 /* 105 * Allow unaligned memory access. 106 * 107 * This routine is overridden by architectures providing this feature. 108 */ 109 void __weak allow_unaligned(void) 110 { 111 } 112 113 /* 114 * Set the load options of an image from an environment variable. 115 * 116 * @loaded_image_info: the image 117 * @env_var: name of the environment variable 118 */ 119 static void set_load_options(struct efi_loaded_image *loaded_image_info, 120 const char *env_var) 121 { 122 size_t size; 123 const char *env = env_get(env_var); 124 u16 *pos; 125 126 loaded_image_info->load_options = NULL; 127 loaded_image_info->load_options_size = 0; 128 if (!env) 129 return; 130 size = utf8_utf16_strlen(env) + 1; 131 loaded_image_info->load_options = calloc(size, sizeof(u16)); 132 if (!loaded_image_info->load_options) { 133 printf("ERROR: Out of memory\n"); 134 return; 135 } 136 pos = loaded_image_info->load_options; 137 utf8_utf16_strcpy(&pos, env); 138 loaded_image_info->load_options_size = size * 2; 139 } 140 141 /** 142 * copy_fdt() - Copy the device tree to a new location available to EFI 143 * 144 * The FDT is relocated into a suitable location within the EFI memory map. 145 * An additional 12KB is added to the space in case the device tree needs to be 146 * expanded later with fdt_open_into(). 147 * 148 * @fdt_addr: On entry, address of start of FDT. On exit, address of relocated 149 * FDT start 150 * @fdt_sizep: Returns new size of FDT, including 151 * @return new relocated address of FDT 152 */ 153 static efi_status_t copy_fdt(ulong *fdt_addrp, ulong *fdt_sizep) 154 { 155 unsigned long fdt_ram_start = -1L, fdt_pages; 156 efi_status_t ret = 0; 157 void *fdt, *new_fdt; 158 u64 new_fdt_addr; 159 uint fdt_size; 160 int i; 161 162 for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) { 163 u64 ram_start = gd->bd->bi_dram[i].start; 164 u64 ram_size = gd->bd->bi_dram[i].size; 165 166 if (!ram_size) 167 continue; 168 169 if (ram_start < fdt_ram_start) 170 fdt_ram_start = ram_start; 171 } 172 173 /* 174 * Give us at least 4KB of breathing room in case the device tree needs 175 * to be expanded later. Round up to the nearest EFI page boundary. 176 */ 177 fdt = map_sysmem(*fdt_addrp, 0); 178 fdt_size = fdt_totalsize(fdt); 179 fdt_size += 4096 * 3; 180 fdt_size = ALIGN(fdt_size + EFI_PAGE_SIZE - 1, EFI_PAGE_SIZE); 181 fdt_pages = fdt_size >> EFI_PAGE_SHIFT; 182 183 /* Safe fdt location is at 127MB */ 184 new_fdt_addr = fdt_ram_start + (127 * 1024 * 1024) + fdt_size; 185 ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS, 186 EFI_RUNTIME_SERVICES_DATA, fdt_pages, 187 &new_fdt_addr); 188 if (ret != EFI_SUCCESS) { 189 /* If we can't put it there, put it somewhere */ 190 new_fdt_addr = (ulong)memalign(EFI_PAGE_SIZE, fdt_size); 191 ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS, 192 EFI_RUNTIME_SERVICES_DATA, fdt_pages, 193 &new_fdt_addr); 194 if (ret != EFI_SUCCESS) { 195 printf("ERROR: Failed to reserve space for FDT\n"); 196 goto done; 197 } 198 } 199 200 new_fdt = map_sysmem(new_fdt_addr, fdt_size); 201 memcpy(new_fdt, fdt, fdt_totalsize(fdt)); 202 fdt_set_totalsize(new_fdt, fdt_size); 203 204 *fdt_addrp = new_fdt_addr; 205 *fdt_sizep = fdt_size; 206 done: 207 return ret; 208 } 209 210 static efi_status_t efi_do_enter( 211 efi_handle_t image_handle, struct efi_system_table *st, 212 EFIAPI efi_status_t (*entry)( 213 efi_handle_t image_handle, 214 struct efi_system_table *st)) 215 { 216 efi_status_t ret = EFI_LOAD_ERROR; 217 218 if (entry) 219 ret = entry(image_handle, st); 220 st->boottime->exit(image_handle, ret, 0, NULL); 221 return ret; 222 } 223 224 #ifdef CONFIG_ARM64 225 static efi_status_t efi_run_in_el2(EFIAPI efi_status_t (*entry)( 226 efi_handle_t image_handle, struct efi_system_table *st), 227 efi_handle_t image_handle, struct efi_system_table *st) 228 { 229 /* Enable caches again */ 230 dcache_enable(); 231 232 return efi_do_enter(image_handle, st, entry); 233 } 234 #endif 235 236 #ifdef CONFIG_ARMV7_NONSEC 237 static bool is_nonsec; 238 239 static efi_status_t efi_run_in_hyp(EFIAPI efi_status_t (*entry)( 240 efi_handle_t image_handle, struct efi_system_table *st), 241 efi_handle_t image_handle, struct efi_system_table *st) 242 { 243 /* Enable caches again */ 244 dcache_enable(); 245 246 is_nonsec = true; 247 248 return efi_do_enter(image_handle, st, entry); 249 } 250 #endif 251 252 /* 253 * efi_carve_out_dt_rsv() - Carve out DT reserved memory ranges 254 * 255 * The mem_rsv entries of the FDT are added to the memory map. Any failures are 256 * ignored because this is not critical and we would rather continue to try to 257 * boot. 258 * 259 * @fdt: Pointer to device tree 260 */ 261 static void efi_carve_out_dt_rsv(void *fdt) 262 { 263 int nr_rsv, i; 264 uint64_t addr, size, pages; 265 266 nr_rsv = fdt_num_mem_rsv(fdt); 267 268 /* Look for an existing entry and add it to the efi mem map. */ 269 for (i = 0; i < nr_rsv; i++) { 270 if (fdt_get_mem_rsv(fdt, i, &addr, &size) != 0) 271 continue; 272 273 pages = ALIGN(size, EFI_PAGE_SIZE) >> EFI_PAGE_SHIFT; 274 if (!efi_add_memory_map(addr, pages, EFI_RESERVED_MEMORY_TYPE, 275 false)) 276 printf("FDT memrsv map %d: Failed to add to map\n", i); 277 } 278 } 279 280 static efi_status_t efi_install_fdt(ulong fdt_addr) 281 { 282 bootm_headers_t img = { 0 }; 283 ulong fdt_pages, fdt_size, fdt_start; 284 efi_status_t ret; 285 void *fdt; 286 287 fdt = map_sysmem(fdt_addr, 0); 288 if (fdt_check_header(fdt)) { 289 printf("ERROR: invalid device tree\n"); 290 return EFI_INVALID_PARAMETER; 291 } 292 293 /* Prepare fdt for payload */ 294 ret = copy_fdt(&fdt_addr, &fdt_size); 295 if (ret) 296 return ret; 297 298 unmap_sysmem(fdt); 299 fdt = map_sysmem(fdt_addr, 0); 300 fdt_size = fdt_totalsize(fdt); 301 if (image_setup_libfdt(&img, fdt, 0, NULL)) { 302 printf("ERROR: failed to process device tree\n"); 303 return EFI_LOAD_ERROR; 304 } 305 306 efi_carve_out_dt_rsv(fdt); 307 308 /* Link to it in the efi tables */ 309 ret = efi_install_configuration_table(&efi_guid_fdt, fdt); 310 if (ret != EFI_SUCCESS) 311 return EFI_OUT_OF_RESOURCES; 312 313 /* And reserve the space in the memory map */ 314 fdt_start = fdt_addr; 315 fdt_pages = fdt_size >> EFI_PAGE_SHIFT; 316 317 ret = efi_add_memory_map(fdt_start, fdt_pages, 318 EFI_BOOT_SERVICES_DATA, true); 319 320 return ret; 321 } 322 323 /** 324 * do_bootefi_exec() - execute EFI binary 325 * 326 * @efi: address of the binary 327 * @device_path: path of the device from which the binary was loaded 328 * @image_path: device path of the binary 329 * Return: status code 330 * 331 * Load the EFI binary into a newly assigned memory unwinding the relocation 332 * information, install the loaded image protocol, and call the binary. 333 */ 334 static efi_status_t do_bootefi_exec(void *efi, 335 struct efi_device_path *device_path, 336 struct efi_device_path *image_path) 337 { 338 efi_handle_t mem_handle = NULL; 339 struct efi_device_path *memdp = NULL; 340 efi_status_t ret; 341 struct efi_loaded_image_obj *image_handle = NULL; 342 struct efi_loaded_image *loaded_image_info = NULL; 343 344 EFIAPI efi_status_t (*entry)(efi_handle_t image_handle, 345 struct efi_system_table *st); 346 347 /* 348 * Special case for efi payload not loaded from disk, such as 349 * 'bootefi hello' or for example payload loaded directly into 350 * memory via jtag, etc: 351 */ 352 if (!device_path && !image_path) { 353 printf("WARNING: using memory device/image path, this may confuse some payloads!\n"); 354 /* actual addresses filled in after efi_load_pe() */ 355 memdp = efi_dp_from_mem(0, 0, 0); 356 device_path = image_path = memdp; 357 /* 358 * Grub expects that the device path of the loaded image is 359 * installed on a handle. 360 */ 361 ret = efi_create_handle(&mem_handle); 362 if (ret != EFI_SUCCESS) 363 goto exit; 364 ret = efi_add_protocol(mem_handle, &efi_guid_device_path, 365 device_path); 366 if (ret != EFI_SUCCESS) 367 goto exit; 368 } else { 369 assert(device_path && image_path); 370 } 371 372 ret = efi_setup_loaded_image(device_path, image_path, &image_handle, 373 &loaded_image_info); 374 if (ret != EFI_SUCCESS) 375 goto exit; 376 377 /* 378 * gd lives in a fixed register which may get clobbered while we execute 379 * the payload. So save it here and restore it on every callback entry 380 */ 381 efi_save_gd(); 382 383 /* Transfer environment variable bootargs as load options */ 384 set_load_options(loaded_image_info, "bootargs"); 385 /* Load the EFI payload */ 386 entry = efi_load_pe(image_handle, efi, loaded_image_info); 387 if (!entry) { 388 ret = EFI_LOAD_ERROR; 389 goto exit; 390 } 391 392 if (memdp) { 393 struct efi_device_path_memory *mdp = (void *)memdp; 394 mdp->memory_type = loaded_image_info->image_code_type; 395 mdp->start_address = (uintptr_t)loaded_image_info->image_base; 396 mdp->end_address = mdp->start_address + 397 loaded_image_info->image_size; 398 } 399 400 /* we don't support much: */ 401 env_set("efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_OsIndicationsSupported", 402 "{ro,boot}(blob)0000000000000000"); 403 404 /* Call our payload! */ 405 debug("%s:%d Jumping to 0x%lx\n", __func__, __LINE__, (long)entry); 406 407 if (setjmp(&image_handle->exit_jmp)) { 408 ret = image_handle->exit_status; 409 goto exit; 410 } 411 412 #ifdef CONFIG_ARM64 413 /* On AArch64 we need to make sure we call our payload in < EL3 */ 414 if (current_el() == 3) { 415 smp_kick_all_cpus(); 416 dcache_disable(); /* flush cache before switch to EL2 */ 417 418 /* Move into EL2 and keep running there */ 419 armv8_switch_to_el2((ulong)entry, 420 (ulong)image_handle, 421 (ulong)&systab, 0, (ulong)efi_run_in_el2, 422 ES_TO_AARCH64); 423 424 /* Should never reach here, efi exits with longjmp */ 425 while (1) { } 426 } 427 #endif 428 429 #ifdef CONFIG_ARMV7_NONSEC 430 if (armv7_boot_nonsec() && !is_nonsec) { 431 dcache_disable(); /* flush cache before switch to HYP */ 432 433 armv7_init_nonsec(); 434 secure_ram_addr(_do_nonsec_entry)( 435 efi_run_in_hyp, 436 (uintptr_t)entry, 437 (uintptr_t)image_handle, 438 (uintptr_t)&systab); 439 440 /* Should never reach here, efi exits with longjmp */ 441 while (1) { } 442 } 443 #endif 444 445 ret = efi_do_enter(image_handle, &systab, entry); 446 447 exit: 448 /* image has returned, loaded-image obj goes *poof*: */ 449 if (image_handle) 450 efi_delete_handle(&image_handle->parent); 451 if (mem_handle) 452 efi_delete_handle(mem_handle); 453 454 return ret; 455 } 456 457 static int do_bootefi_bootmgr_exec(void) 458 { 459 struct efi_device_path *device_path, *file_path; 460 void *addr; 461 efi_status_t r; 462 463 /* 464 * gd lives in a fixed register which may get clobbered while we execute 465 * the payload. So save it here and restore it on every callback entry 466 */ 467 efi_save_gd(); 468 469 addr = efi_bootmgr_load(&device_path, &file_path); 470 if (!addr) 471 return 1; 472 473 printf("## Starting EFI application at %p ...\n", addr); 474 r = do_bootefi_exec(addr, device_path, file_path); 475 printf("## Application terminated, r = %lu\n", 476 r & ~EFI_ERROR_MASK); 477 478 if (r != EFI_SUCCESS) 479 return 1; 480 481 return 0; 482 } 483 484 /* Interpreter command to boot an arbitrary EFI image from memory */ 485 static int do_bootefi(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) 486 { 487 unsigned long addr; 488 char *saddr; 489 efi_status_t r; 490 unsigned long fdt_addr; 491 492 /* Allow unaligned memory access */ 493 allow_unaligned(); 494 495 /* Initialize EFI drivers */ 496 r = efi_init_obj_list(); 497 if (r != EFI_SUCCESS) { 498 printf("Error: Cannot set up EFI drivers, r = %lu\n", 499 r & ~EFI_ERROR_MASK); 500 return CMD_RET_FAILURE; 501 } 502 503 if (argc < 2) 504 return CMD_RET_USAGE; 505 506 if (argc > 2) { 507 fdt_addr = simple_strtoul(argv[2], NULL, 16); 508 if (!fdt_addr && *argv[2] != '0') 509 return CMD_RET_USAGE; 510 /* Install device tree */ 511 r = efi_install_fdt(fdt_addr); 512 if (r != EFI_SUCCESS) { 513 printf("ERROR: failed to install device tree\n"); 514 return CMD_RET_FAILURE; 515 } 516 } else { 517 /* Remove device tree. EFI_NOT_FOUND can be ignored here */ 518 efi_install_configuration_table(&efi_guid_fdt, NULL); 519 printf("WARNING: booting without device tree\n"); 520 } 521 #ifdef CONFIG_CMD_BOOTEFI_HELLO 522 if (!strcmp(argv[1], "hello")) { 523 ulong size = __efi_helloworld_end - __efi_helloworld_begin; 524 525 saddr = env_get("loadaddr"); 526 if (saddr) 527 addr = simple_strtoul(saddr, NULL, 16); 528 else 529 addr = CONFIG_SYS_LOAD_ADDR; 530 memcpy(map_sysmem(addr, size), __efi_helloworld_begin, size); 531 } else 532 #endif 533 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST 534 if (!strcmp(argv[1], "selftest")) { 535 struct efi_loaded_image_obj *image_handle; 536 struct efi_loaded_image *loaded_image_info; 537 538 /* Construct a dummy device path. */ 539 bootefi_device_path = efi_dp_from_mem(EFI_RESERVED_MEMORY_TYPE, 540 (uintptr_t)&efi_selftest, 541 (uintptr_t)&efi_selftest); 542 bootefi_image_path = efi_dp_from_file(NULL, 0, "\\selftest"); 543 544 r = efi_setup_loaded_image(bootefi_device_path, 545 bootefi_image_path, &image_handle, 546 &loaded_image_info); 547 if (r != EFI_SUCCESS) 548 return CMD_RET_FAILURE; 549 550 /* 551 * gd lives in a fixed register which may get clobbered while we 552 * execute the payload. So save it here and restore it on every 553 * callback entry 554 */ 555 efi_save_gd(); 556 /* Transfer environment variable efi_selftest as load options */ 557 set_load_options(loaded_image_info, "efi_selftest"); 558 /* Execute the test */ 559 r = efi_selftest(image_handle, &systab); 560 efi_restore_gd(); 561 free(loaded_image_info->load_options); 562 efi_delete_handle(&image_handle->parent); 563 return r != EFI_SUCCESS; 564 } else 565 #endif 566 if (!strcmp(argv[1], "bootmgr")) { 567 return do_bootefi_bootmgr_exec(); 568 } else { 569 saddr = argv[1]; 570 571 addr = simple_strtoul(saddr, NULL, 16); 572 /* Check that a numeric value was passed */ 573 if (!addr && *saddr != '0') 574 return CMD_RET_USAGE; 575 576 } 577 578 printf("## Starting EFI application at %08lx ...\n", addr); 579 r = do_bootefi_exec(map_sysmem(addr, 0), bootefi_device_path, 580 bootefi_image_path); 581 printf("## Application terminated, r = %lu\n", 582 r & ~EFI_ERROR_MASK); 583 584 if (r != EFI_SUCCESS) 585 return 1; 586 else 587 return 0; 588 } 589 590 #ifdef CONFIG_SYS_LONGHELP 591 static char bootefi_help_text[] = 592 "<image address> [fdt address]\n" 593 " - boot EFI payload stored at address <image address>.\n" 594 " If specified, the device tree located at <fdt address> gets\n" 595 " exposed as EFI configuration table.\n" 596 #ifdef CONFIG_CMD_BOOTEFI_HELLO 597 "bootefi hello\n" 598 " - boot a sample Hello World application stored within U-Boot\n" 599 #endif 600 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST 601 "bootefi selftest [fdt address]\n" 602 " - boot an EFI selftest application stored within U-Boot\n" 603 " Use environment variable efi_selftest to select a single test.\n" 604 " Use 'setenv efi_selftest list' to enumerate all tests.\n" 605 #endif 606 "bootefi bootmgr [fdt addr]\n" 607 " - load and boot EFI payload based on BootOrder/BootXXXX variables.\n" 608 "\n" 609 " If specified, the device tree located at <fdt address> gets\n" 610 " exposed as EFI configuration table.\n"; 611 #endif 612 613 U_BOOT_CMD( 614 bootefi, 3, 0, do_bootefi, 615 "Boots an EFI payload from memory", 616 bootefi_help_text 617 ); 618 619 void efi_set_bootdev(const char *dev, const char *devnr, const char *path) 620 { 621 char filename[32] = { 0 }; /* dp->str is u16[32] long */ 622 char *s; 623 624 /* efi_set_bootdev is typically called repeatedly, recover memory */ 625 efi_free_pool(bootefi_device_path); 626 efi_free_pool(bootefi_image_path); 627 /* If blk_get_device_part_str fails, avoid duplicate free. */ 628 bootefi_device_path = NULL; 629 bootefi_image_path = NULL; 630 631 if (strcmp(dev, "Net")) { 632 struct blk_desc *desc; 633 disk_partition_t fs_partition; 634 int part; 635 636 part = blk_get_device_part_str(dev, devnr, &desc, &fs_partition, 637 1); 638 if (part < 0) 639 return; 640 641 bootefi_device_path = efi_dp_from_part(desc, part); 642 } else { 643 #ifdef CONFIG_NET 644 bootefi_device_path = efi_dp_from_eth(); 645 #endif 646 } 647 648 if (!path) 649 return; 650 651 if (strcmp(dev, "Net")) { 652 /* Add leading / to fs paths, because they're absolute */ 653 snprintf(filename, sizeof(filename), "/%s", path); 654 } else { 655 snprintf(filename, sizeof(filename), "%s", path); 656 } 657 /* DOS style file path: */ 658 s = filename; 659 while ((s = strchr(s, '/'))) 660 *s++ = '\\'; 661 bootefi_image_path = efi_dp_from_file(NULL, 0, filename); 662 } 663