1// SPDX-License-Identifier: GPL-2.0-only 2 3/* ----------------------------------------------------------------------- 4 * 5 * Copyright 2011 Intel Corporation; author Matt Fleming 6 * 7 * ----------------------------------------------------------------------- */ 8 9#include <linux/efi.h> 10#include <linux/pci.h> 11#include <linux/stddef.h> 12 13#include <asm/efi.h> 14#include <asm/e820/types.h> 15#include <asm/setup.h> 16#include <asm/desc.h> 17#include <asm/boot.h> 18#include <asm/kaslr.h> 19#include <asm/sev.h> 20 21#include "efistub.h" 22#include "x86-stub.h" 23 24extern char _bss[], _ebss[]; 25 26const efi_system_table_t *efi_system_table; 27const efi_dxe_services_table_t *efi_dxe_table; 28static efi_loaded_image_t *image = NULL; 29static efi_memory_attribute_protocol_t *memattr; 30 31typedef union sev_memory_acceptance_protocol sev_memory_acceptance_protocol_t; 32union sev_memory_acceptance_protocol { 33 struct { 34 efi_status_t (__efiapi * allow_unaccepted_memory)( 35 sev_memory_acceptance_protocol_t *); 36 }; 37 struct { 38 u32 allow_unaccepted_memory; 39 } mixed_mode; 40}; 41 42static efi_status_t 43preserve_pci_rom_image(efi_pci_io_protocol_t *pci, struct pci_setup_rom **__rom) 44{ 45 struct pci_setup_rom *rom = NULL; 46 efi_status_t status; 47 unsigned long size; 48 uint64_t romsize; 49 void *romimage; 50 51 /* 52 * Some firmware images contain EFI function pointers at the place where 53 * the romimage and romsize fields are supposed to be. Typically the EFI 54 * code is mapped at high addresses, translating to an unrealistically 55 * large romsize. The UEFI spec limits the size of option ROMs to 16 56 * MiB so we reject any ROMs over 16 MiB in size to catch this. 57 */ 58 romimage = efi_table_attr(pci, romimage); 59 romsize = efi_table_attr(pci, romsize); 60 if (!romimage || !romsize || romsize > SZ_16M) 61 return EFI_INVALID_PARAMETER; 62 63 size = romsize + sizeof(*rom); 64 65 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, 66 (void **)&rom); 67 if (status != EFI_SUCCESS) { 68 efi_err("Failed to allocate memory for 'rom'\n"); 69 return status; 70 } 71 72 memset(rom, 0, sizeof(*rom)); 73 74 rom->data.type = SETUP_PCI; 75 rom->data.len = size - sizeof(struct setup_data); 76 rom->data.next = 0; 77 rom->pcilen = romsize; 78 *__rom = rom; 79 80 status = efi_call_proto(pci, pci.read, EfiPciIoWidthUint16, 81 PCI_VENDOR_ID, 1, &rom->vendor); 82 83 if (status != EFI_SUCCESS) { 84 efi_err("Failed to read rom->vendor\n"); 85 goto free_struct; 86 } 87 88 status = efi_call_proto(pci, pci.read, EfiPciIoWidthUint16, 89 PCI_DEVICE_ID, 1, &rom->devid); 90 91 if (status != EFI_SUCCESS) { 92 efi_err("Failed to read rom->devid\n"); 93 goto free_struct; 94 } 95 96 status = efi_call_proto(pci, get_location, &rom->segment, &rom->bus, 97 &rom->device, &rom->function); 98 99 if (status != EFI_SUCCESS) 100 goto free_struct; 101 102 memcpy(rom->romdata, romimage, romsize); 103 return status; 104 105free_struct: 106 efi_bs_call(free_pool, rom); 107 return status; 108} 109 110/* 111 * There's no way to return an informative status from this function, 112 * because any analysis (and printing of error messages) needs to be 113 * done directly at the EFI function call-site. 114 * 115 * For example, EFI_INVALID_PARAMETER could indicate a bug or maybe we 116 * just didn't find any PCI devices, but there's no way to tell outside 117 * the context of the call. 118 */ 119static void setup_efi_pci(struct boot_params *params) 120{ 121 efi_status_t status; 122 void **pci_handle = NULL; 123 efi_guid_t pci_proto = EFI_PCI_IO_PROTOCOL_GUID; 124 unsigned long size = 0; 125 struct setup_data *data; 126 efi_handle_t h; 127 int i; 128 129 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL, 130 &pci_proto, NULL, &size, pci_handle); 131 132 if (status == EFI_BUFFER_TOO_SMALL) { 133 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, 134 (void **)&pci_handle); 135 136 if (status != EFI_SUCCESS) { 137 efi_err("Failed to allocate memory for 'pci_handle'\n"); 138 return; 139 } 140 141 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL, 142 &pci_proto, NULL, &size, pci_handle); 143 } 144 145 if (status != EFI_SUCCESS) 146 goto free_handle; 147 148 data = (struct setup_data *)(unsigned long)params->hdr.setup_data; 149 150 while (data && data->next) 151 data = (struct setup_data *)(unsigned long)data->next; 152 153 for_each_efi_handle(h, pci_handle, size, i) { 154 efi_pci_io_protocol_t *pci = NULL; 155 struct pci_setup_rom *rom; 156 157 status = efi_bs_call(handle_protocol, h, &pci_proto, 158 (void **)&pci); 159 if (status != EFI_SUCCESS || !pci) 160 continue; 161 162 status = preserve_pci_rom_image(pci, &rom); 163 if (status != EFI_SUCCESS) 164 continue; 165 166 if (data) 167 data->next = (unsigned long)rom; 168 else 169 params->hdr.setup_data = (unsigned long)rom; 170 171 data = (struct setup_data *)rom; 172 } 173 174free_handle: 175 efi_bs_call(free_pool, pci_handle); 176} 177 178static void retrieve_apple_device_properties(struct boot_params *boot_params) 179{ 180 efi_guid_t guid = APPLE_PROPERTIES_PROTOCOL_GUID; 181 struct setup_data *data, *new; 182 efi_status_t status; 183 u32 size = 0; 184 apple_properties_protocol_t *p; 185 186 status = efi_bs_call(locate_protocol, &guid, NULL, (void **)&p); 187 if (status != EFI_SUCCESS) 188 return; 189 190 if (efi_table_attr(p, version) != 0x10000) { 191 efi_err("Unsupported properties proto version\n"); 192 return; 193 } 194 195 efi_call_proto(p, get_all, NULL, &size); 196 if (!size) 197 return; 198 199 do { 200 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, 201 size + sizeof(struct setup_data), 202 (void **)&new); 203 if (status != EFI_SUCCESS) { 204 efi_err("Failed to allocate memory for 'properties'\n"); 205 return; 206 } 207 208 status = efi_call_proto(p, get_all, new->data, &size); 209 210 if (status == EFI_BUFFER_TOO_SMALL) 211 efi_bs_call(free_pool, new); 212 } while (status == EFI_BUFFER_TOO_SMALL); 213 214 new->type = SETUP_APPLE_PROPERTIES; 215 new->len = size; 216 new->next = 0; 217 218 data = (struct setup_data *)(unsigned long)boot_params->hdr.setup_data; 219 if (!data) { 220 boot_params->hdr.setup_data = (unsigned long)new; 221 } else { 222 while (data->next) 223 data = (struct setup_data *)(unsigned long)data->next; 224 data->next = (unsigned long)new; 225 } 226} 227 228efi_status_t efi_adjust_memory_range_protection(unsigned long start, 229 unsigned long size) 230{ 231 efi_status_t status; 232 efi_gcd_memory_space_desc_t desc; 233 unsigned long end, next; 234 unsigned long rounded_start, rounded_end; 235 unsigned long unprotect_start, unprotect_size; 236 237 rounded_start = rounddown(start, EFI_PAGE_SIZE); 238 rounded_end = roundup(start + size, EFI_PAGE_SIZE); 239 240 if (memattr != NULL) { 241 status = efi_call_proto(memattr, clear_memory_attributes, 242 rounded_start, 243 rounded_end - rounded_start, 244 EFI_MEMORY_XP); 245 if (status != EFI_SUCCESS) 246 efi_warn("Failed to clear EFI_MEMORY_XP attribute\n"); 247 return status; 248 } 249 250 if (efi_dxe_table == NULL) 251 return EFI_SUCCESS; 252 253 /* 254 * Don't modify memory region attributes, they are 255 * already suitable, to lower the possibility to 256 * encounter firmware bugs. 257 */ 258 259 for (end = start + size; start < end; start = next) { 260 261 status = efi_dxe_call(get_memory_space_descriptor, start, &desc); 262 263 if (status != EFI_SUCCESS) 264 break; 265 266 next = desc.base_address + desc.length; 267 268 /* 269 * Only system memory is suitable for trampoline/kernel image placement, 270 * so only this type of memory needs its attributes to be modified. 271 */ 272 273 if (desc.gcd_memory_type != EfiGcdMemoryTypeSystemMemory || 274 (desc.attributes & (EFI_MEMORY_RO | EFI_MEMORY_XP)) == 0) 275 continue; 276 277 unprotect_start = max(rounded_start, (unsigned long)desc.base_address); 278 unprotect_size = min(rounded_end, next) - unprotect_start; 279 280 status = efi_dxe_call(set_memory_space_attributes, 281 unprotect_start, unprotect_size, 282 EFI_MEMORY_WB); 283 284 if (status != EFI_SUCCESS) { 285 efi_warn("Unable to unprotect memory range [%08lx,%08lx]: %lx\n", 286 unprotect_start, 287 unprotect_start + unprotect_size, 288 status); 289 break; 290 } 291 } 292 return EFI_SUCCESS; 293} 294 295static void setup_unaccepted_memory(void) 296{ 297 efi_guid_t mem_acceptance_proto = OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID; 298 sev_memory_acceptance_protocol_t *proto; 299 efi_status_t status; 300 301 if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY)) 302 return; 303 304 /* 305 * Enable unaccepted memory before calling exit boot services in order 306 * for the UEFI to not accept all memory on EBS. 307 */ 308 status = efi_bs_call(locate_protocol, &mem_acceptance_proto, NULL, 309 (void **)&proto); 310 if (status != EFI_SUCCESS) 311 return; 312 313 status = efi_call_proto(proto, allow_unaccepted_memory); 314 if (status != EFI_SUCCESS) 315 efi_err("Memory acceptance protocol failed\n"); 316} 317 318static efi_char16_t *efistub_fw_vendor(void) 319{ 320 unsigned long vendor = efi_table_attr(efi_system_table, fw_vendor); 321 322 return (efi_char16_t *)vendor; 323} 324 325static const efi_char16_t apple[] = L"Apple"; 326 327static void setup_quirks(struct boot_params *boot_params) 328{ 329 if (IS_ENABLED(CONFIG_APPLE_PROPERTIES) && 330 !memcmp(efistub_fw_vendor(), apple, sizeof(apple))) 331 retrieve_apple_device_properties(boot_params); 332} 333 334/* 335 * See if we have Universal Graphics Adapter (UGA) protocol 336 */ 337static efi_status_t 338setup_uga(struct screen_info *si, efi_guid_t *uga_proto, unsigned long size) 339{ 340 efi_status_t status; 341 u32 width, height; 342 void **uga_handle = NULL; 343 efi_uga_draw_protocol_t *uga = NULL, *first_uga; 344 efi_handle_t handle; 345 int i; 346 347 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, 348 (void **)&uga_handle); 349 if (status != EFI_SUCCESS) 350 return status; 351 352 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL, 353 uga_proto, NULL, &size, uga_handle); 354 if (status != EFI_SUCCESS) 355 goto free_handle; 356 357 height = 0; 358 width = 0; 359 360 first_uga = NULL; 361 for_each_efi_handle(handle, uga_handle, size, i) { 362 efi_guid_t pciio_proto = EFI_PCI_IO_PROTOCOL_GUID; 363 u32 w, h, depth, refresh; 364 void *pciio; 365 366 status = efi_bs_call(handle_protocol, handle, uga_proto, 367 (void **)&uga); 368 if (status != EFI_SUCCESS) 369 continue; 370 371 pciio = NULL; 372 efi_bs_call(handle_protocol, handle, &pciio_proto, &pciio); 373 374 status = efi_call_proto(uga, get_mode, &w, &h, &depth, &refresh); 375 if (status == EFI_SUCCESS && (!first_uga || pciio)) { 376 width = w; 377 height = h; 378 379 /* 380 * Once we've found a UGA supporting PCIIO, 381 * don't bother looking any further. 382 */ 383 if (pciio) 384 break; 385 386 first_uga = uga; 387 } 388 } 389 390 if (!width && !height) 391 goto free_handle; 392 393 /* EFI framebuffer */ 394 si->orig_video_isVGA = VIDEO_TYPE_EFI; 395 396 si->lfb_depth = 32; 397 si->lfb_width = width; 398 si->lfb_height = height; 399 400 si->red_size = 8; 401 si->red_pos = 16; 402 si->green_size = 8; 403 si->green_pos = 8; 404 si->blue_size = 8; 405 si->blue_pos = 0; 406 si->rsvd_size = 8; 407 si->rsvd_pos = 24; 408 409free_handle: 410 efi_bs_call(free_pool, uga_handle); 411 412 return status; 413} 414 415static void setup_graphics(struct boot_params *boot_params) 416{ 417 efi_guid_t graphics_proto = EFI_GRAPHICS_OUTPUT_PROTOCOL_GUID; 418 struct screen_info *si; 419 efi_guid_t uga_proto = EFI_UGA_PROTOCOL_GUID; 420 efi_status_t status; 421 unsigned long size; 422 void **gop_handle = NULL; 423 void **uga_handle = NULL; 424 425 si = &boot_params->screen_info; 426 memset(si, 0, sizeof(*si)); 427 428 size = 0; 429 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL, 430 &graphics_proto, NULL, &size, gop_handle); 431 if (status == EFI_BUFFER_TOO_SMALL) 432 status = efi_setup_gop(si, &graphics_proto, size); 433 434 if (status != EFI_SUCCESS) { 435 size = 0; 436 status = efi_bs_call(locate_handle, EFI_LOCATE_BY_PROTOCOL, 437 &uga_proto, NULL, &size, uga_handle); 438 if (status == EFI_BUFFER_TOO_SMALL) 439 setup_uga(si, &uga_proto, size); 440 } 441} 442 443 444static void __noreturn efi_exit(efi_handle_t handle, efi_status_t status) 445{ 446 efi_bs_call(exit, handle, status, 0, NULL); 447 for(;;) 448 asm("hlt"); 449} 450 451void __noreturn efi_stub_entry(efi_handle_t handle, 452 efi_system_table_t *sys_table_arg, 453 struct boot_params *boot_params); 454 455/* 456 * Because the x86 boot code expects to be passed a boot_params we 457 * need to create one ourselves (usually the bootloader would create 458 * one for us). 459 */ 460efi_status_t __efiapi efi_pe_entry(efi_handle_t handle, 461 efi_system_table_t *sys_table_arg) 462{ 463 static struct boot_params boot_params __page_aligned_bss; 464 struct setup_header *hdr = &boot_params.hdr; 465 efi_guid_t proto = LOADED_IMAGE_PROTOCOL_GUID; 466 int options_size = 0; 467 efi_status_t status; 468 char *cmdline_ptr; 469 470 if (efi_is_native()) 471 memset(_bss, 0, _ebss - _bss); 472 473 efi_system_table = sys_table_arg; 474 475 /* Check if we were booted by the EFI firmware */ 476 if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) 477 efi_exit(handle, EFI_INVALID_PARAMETER); 478 479 status = efi_bs_call(handle_protocol, handle, &proto, (void **)&image); 480 if (status != EFI_SUCCESS) { 481 efi_err("Failed to get handle for LOADED_IMAGE_PROTOCOL\n"); 482 efi_exit(handle, status); 483 } 484 485 /* Assign the setup_header fields that the kernel actually cares about */ 486 hdr->root_flags = 1; 487 hdr->vid_mode = 0xffff; 488 489 hdr->type_of_loader = 0x21; 490 491 /* Convert unicode cmdline to ascii */ 492 cmdline_ptr = efi_convert_cmdline(image, &options_size); 493 if (!cmdline_ptr) 494 goto fail; 495 496 efi_set_u64_split((unsigned long)cmdline_ptr, &hdr->cmd_line_ptr, 497 &boot_params.ext_cmd_line_ptr); 498 499 efi_stub_entry(handle, sys_table_arg, &boot_params); 500 /* not reached */ 501 502fail: 503 efi_exit(handle, status); 504} 505 506static void add_e820ext(struct boot_params *params, 507 struct setup_data *e820ext, u32 nr_entries) 508{ 509 struct setup_data *data; 510 511 e820ext->type = SETUP_E820_EXT; 512 e820ext->len = nr_entries * sizeof(struct boot_e820_entry); 513 e820ext->next = 0; 514 515 data = (struct setup_data *)(unsigned long)params->hdr.setup_data; 516 517 while (data && data->next) 518 data = (struct setup_data *)(unsigned long)data->next; 519 520 if (data) 521 data->next = (unsigned long)e820ext; 522 else 523 params->hdr.setup_data = (unsigned long)e820ext; 524} 525 526static efi_status_t 527setup_e820(struct boot_params *params, struct setup_data *e820ext, u32 e820ext_size) 528{ 529 struct boot_e820_entry *entry = params->e820_table; 530 struct efi_info *efi = ¶ms->efi_info; 531 struct boot_e820_entry *prev = NULL; 532 u32 nr_entries; 533 u32 nr_desc; 534 int i; 535 536 nr_entries = 0; 537 nr_desc = efi->efi_memmap_size / efi->efi_memdesc_size; 538 539 for (i = 0; i < nr_desc; i++) { 540 efi_memory_desc_t *d; 541 unsigned int e820_type = 0; 542 unsigned long m = efi->efi_memmap; 543 544#ifdef CONFIG_X86_64 545 m |= (u64)efi->efi_memmap_hi << 32; 546#endif 547 548 d = efi_early_memdesc_ptr(m, efi->efi_memdesc_size, i); 549 switch (d->type) { 550 case EFI_RESERVED_TYPE: 551 case EFI_RUNTIME_SERVICES_CODE: 552 case EFI_RUNTIME_SERVICES_DATA: 553 case EFI_MEMORY_MAPPED_IO: 554 case EFI_MEMORY_MAPPED_IO_PORT_SPACE: 555 case EFI_PAL_CODE: 556 e820_type = E820_TYPE_RESERVED; 557 break; 558 559 case EFI_UNUSABLE_MEMORY: 560 e820_type = E820_TYPE_UNUSABLE; 561 break; 562 563 case EFI_ACPI_RECLAIM_MEMORY: 564 e820_type = E820_TYPE_ACPI; 565 break; 566 567 case EFI_LOADER_CODE: 568 case EFI_LOADER_DATA: 569 case EFI_BOOT_SERVICES_CODE: 570 case EFI_BOOT_SERVICES_DATA: 571 case EFI_CONVENTIONAL_MEMORY: 572 if (efi_soft_reserve_enabled() && 573 (d->attribute & EFI_MEMORY_SP)) 574 e820_type = E820_TYPE_SOFT_RESERVED; 575 else 576 e820_type = E820_TYPE_RAM; 577 break; 578 579 case EFI_ACPI_MEMORY_NVS: 580 e820_type = E820_TYPE_NVS; 581 break; 582 583 case EFI_PERSISTENT_MEMORY: 584 e820_type = E820_TYPE_PMEM; 585 break; 586 587 case EFI_UNACCEPTED_MEMORY: 588 if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY)) 589 continue; 590 e820_type = E820_TYPE_RAM; 591 process_unaccepted_memory(d->phys_addr, 592 d->phys_addr + PAGE_SIZE * d->num_pages); 593 break; 594 default: 595 continue; 596 } 597 598 /* Merge adjacent mappings */ 599 if (prev && prev->type == e820_type && 600 (prev->addr + prev->size) == d->phys_addr) { 601 prev->size += d->num_pages << 12; 602 continue; 603 } 604 605 if (nr_entries == ARRAY_SIZE(params->e820_table)) { 606 u32 need = (nr_desc - i) * sizeof(struct e820_entry) + 607 sizeof(struct setup_data); 608 609 if (!e820ext || e820ext_size < need) 610 return EFI_BUFFER_TOO_SMALL; 611 612 /* boot_params map full, switch to e820 extended */ 613 entry = (struct boot_e820_entry *)e820ext->data; 614 } 615 616 entry->addr = d->phys_addr; 617 entry->size = d->num_pages << PAGE_SHIFT; 618 entry->type = e820_type; 619 prev = entry++; 620 nr_entries++; 621 } 622 623 if (nr_entries > ARRAY_SIZE(params->e820_table)) { 624 u32 nr_e820ext = nr_entries - ARRAY_SIZE(params->e820_table); 625 626 add_e820ext(params, e820ext, nr_e820ext); 627 nr_entries -= nr_e820ext; 628 } 629 630 params->e820_entries = (u8)nr_entries; 631 632 return EFI_SUCCESS; 633} 634 635static efi_status_t alloc_e820ext(u32 nr_desc, struct setup_data **e820ext, 636 u32 *e820ext_size) 637{ 638 efi_status_t status; 639 unsigned long size; 640 641 size = sizeof(struct setup_data) + 642 sizeof(struct e820_entry) * nr_desc; 643 644 if (*e820ext) { 645 efi_bs_call(free_pool, *e820ext); 646 *e820ext = NULL; 647 *e820ext_size = 0; 648 } 649 650 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, size, 651 (void **)e820ext); 652 if (status == EFI_SUCCESS) 653 *e820ext_size = size; 654 655 return status; 656} 657 658static efi_status_t allocate_e820(struct boot_params *params, 659 struct setup_data **e820ext, 660 u32 *e820ext_size) 661{ 662 struct efi_boot_memmap *map; 663 efi_status_t status; 664 __u32 nr_desc; 665 666 status = efi_get_memory_map(&map, false); 667 if (status != EFI_SUCCESS) 668 return status; 669 670 nr_desc = map->map_size / map->desc_size; 671 if (nr_desc > ARRAY_SIZE(params->e820_table) - EFI_MMAP_NR_SLACK_SLOTS) { 672 u32 nr_e820ext = nr_desc - ARRAY_SIZE(params->e820_table) + 673 EFI_MMAP_NR_SLACK_SLOTS; 674 675 status = alloc_e820ext(nr_e820ext, e820ext, e820ext_size); 676 } 677 678 if (IS_ENABLED(CONFIG_UNACCEPTED_MEMORY) && status == EFI_SUCCESS) 679 status = allocate_unaccepted_bitmap(nr_desc, map); 680 681 efi_bs_call(free_pool, map); 682 return status; 683} 684 685struct exit_boot_struct { 686 struct boot_params *boot_params; 687 struct efi_info *efi; 688}; 689 690static efi_status_t exit_boot_func(struct efi_boot_memmap *map, 691 void *priv) 692{ 693 const char *signature; 694 struct exit_boot_struct *p = priv; 695 696 signature = efi_is_64bit() ? EFI64_LOADER_SIGNATURE 697 : EFI32_LOADER_SIGNATURE; 698 memcpy(&p->efi->efi_loader_signature, signature, sizeof(__u32)); 699 700 efi_set_u64_split((unsigned long)efi_system_table, 701 &p->efi->efi_systab, &p->efi->efi_systab_hi); 702 p->efi->efi_memdesc_size = map->desc_size; 703 p->efi->efi_memdesc_version = map->desc_ver; 704 efi_set_u64_split((unsigned long)map->map, 705 &p->efi->efi_memmap, &p->efi->efi_memmap_hi); 706 p->efi->efi_memmap_size = map->map_size; 707 708 return EFI_SUCCESS; 709} 710 711static efi_status_t exit_boot(struct boot_params *boot_params, void *handle) 712{ 713 struct setup_data *e820ext = NULL; 714 __u32 e820ext_size = 0; 715 efi_status_t status; 716 struct exit_boot_struct priv; 717 718 priv.boot_params = boot_params; 719 priv.efi = &boot_params->efi_info; 720 721 status = allocate_e820(boot_params, &e820ext, &e820ext_size); 722 if (status != EFI_SUCCESS) 723 return status; 724 725 /* Might as well exit boot services now */ 726 status = efi_exit_boot_services(handle, &priv, exit_boot_func); 727 if (status != EFI_SUCCESS) 728 return status; 729 730 /* Historic? */ 731 boot_params->alt_mem_k = 32 * 1024; 732 733 status = setup_e820(boot_params, e820ext, e820ext_size); 734 if (status != EFI_SUCCESS) 735 return status; 736 737 return EFI_SUCCESS; 738} 739 740static bool have_unsupported_snp_features(void) 741{ 742 u64 unsupported; 743 744 unsupported = snp_get_unsupported_features(sev_get_status()); 745 if (unsupported) { 746 efi_err("Unsupported SEV-SNP features detected: 0x%llx\n", 747 unsupported); 748 return true; 749 } 750 return false; 751} 752 753static void efi_get_seed(void *seed, int size) 754{ 755 efi_get_random_bytes(size, seed); 756 757 /* 758 * This only updates seed[0] when running on 32-bit, but in that case, 759 * seed[1] is not used anyway, as there is no virtual KASLR on 32-bit. 760 */ 761 *(unsigned long *)seed ^= kaslr_get_random_long("EFI"); 762} 763 764static void error(char *str) 765{ 766 efi_warn("Decompression failed: %s\n", str); 767} 768 769static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry) 770{ 771 unsigned long virt_addr = LOAD_PHYSICAL_ADDR; 772 unsigned long addr, alloc_size, entry; 773 efi_status_t status; 774 u32 seed[2] = {}; 775 776 /* determine the required size of the allocation */ 777 alloc_size = ALIGN(max_t(unsigned long, output_len, kernel_total_size), 778 MIN_KERNEL_ALIGN); 779 780 if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && !efi_nokaslr) { 781 u64 range = KERNEL_IMAGE_SIZE - LOAD_PHYSICAL_ADDR - kernel_total_size; 782 static const efi_char16_t ami[] = L"American Megatrends"; 783 784 efi_get_seed(seed, sizeof(seed)); 785 786 virt_addr += (range * seed[1]) >> 32; 787 virt_addr &= ~(CONFIG_PHYSICAL_ALIGN - 1); 788 789 /* 790 * Older Dell systems with AMI UEFI firmware v2.0 may hang 791 * while decompressing the kernel if physical address 792 * randomization is enabled. 793 * 794 * https://bugzilla.kernel.org/show_bug.cgi?id=218173 795 */ 796 if (efi_system_table->hdr.revision <= EFI_2_00_SYSTEM_TABLE_REVISION && 797 !memcmp(efistub_fw_vendor(), ami, sizeof(ami))) { 798 efi_debug("AMI firmware v2.0 or older detected - disabling physical KASLR\n"); 799 seed[0] = 0; 800 } 801 } 802 803 status = efi_random_alloc(alloc_size, CONFIG_PHYSICAL_ALIGN, &addr, 804 seed[0], EFI_LOADER_CODE, 805 LOAD_PHYSICAL_ADDR, 806 EFI_X86_KERNEL_ALLOC_LIMIT); 807 if (status != EFI_SUCCESS) 808 return status; 809 810 entry = decompress_kernel((void *)addr, virt_addr, error); 811 if (entry == ULONG_MAX) { 812 efi_free(alloc_size, addr); 813 return EFI_LOAD_ERROR; 814 } 815 816 *kernel_entry = addr + entry; 817 818 return efi_adjust_memory_range_protection(addr, kernel_total_size); 819} 820 821static void __noreturn enter_kernel(unsigned long kernel_addr, 822 struct boot_params *boot_params) 823{ 824 /* enter decompressed kernel with boot_params pointer in RSI/ESI */ 825 asm("jmp *%0"::"r"(kernel_addr), "S"(boot_params)); 826 827 unreachable(); 828} 829 830/* 831 * On success, this routine will jump to the relocated image directly and never 832 * return. On failure, it will exit to the firmware via efi_exit() instead of 833 * returning. 834 */ 835void __noreturn efi_stub_entry(efi_handle_t handle, 836 efi_system_table_t *sys_table_arg, 837 struct boot_params *boot_params) 838{ 839 efi_guid_t guid = EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID; 840 struct setup_header *hdr = &boot_params->hdr; 841 const struct linux_efi_initrd *initrd = NULL; 842 unsigned long kernel_entry; 843 efi_status_t status; 844 845 boot_params_pointer = boot_params; 846 847 efi_system_table = sys_table_arg; 848 /* Check if we were booted by the EFI firmware */ 849 if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) 850 efi_exit(handle, EFI_INVALID_PARAMETER); 851 852 if (have_unsupported_snp_features()) 853 efi_exit(handle, EFI_UNSUPPORTED); 854 855 if (IS_ENABLED(CONFIG_EFI_DXE_MEM_ATTRIBUTES)) { 856 efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID); 857 if (efi_dxe_table && 858 efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) { 859 efi_warn("Ignoring DXE services table: invalid signature\n"); 860 efi_dxe_table = NULL; 861 } 862 } 863 864 /* grab the memory attributes protocol if it exists */ 865 efi_bs_call(locate_protocol, &guid, NULL, (void **)&memattr); 866 867 status = efi_setup_5level_paging(); 868 if (status != EFI_SUCCESS) { 869 efi_err("efi_setup_5level_paging() failed!\n"); 870 goto fail; 871 } 872 873#ifdef CONFIG_CMDLINE_BOOL 874 status = efi_parse_options(CONFIG_CMDLINE); 875 if (status != EFI_SUCCESS) { 876 efi_err("Failed to parse options\n"); 877 goto fail; 878 } 879#endif 880 if (!IS_ENABLED(CONFIG_CMDLINE_OVERRIDE)) { 881 unsigned long cmdline_paddr = ((u64)hdr->cmd_line_ptr | 882 ((u64)boot_params->ext_cmd_line_ptr << 32)); 883 status = efi_parse_options((char *)cmdline_paddr); 884 if (status != EFI_SUCCESS) { 885 efi_err("Failed to parse options\n"); 886 goto fail; 887 } 888 } 889 890 status = efi_decompress_kernel(&kernel_entry); 891 if (status != EFI_SUCCESS) { 892 efi_err("Failed to decompress kernel\n"); 893 goto fail; 894 } 895 896 /* 897 * At this point, an initrd may already have been loaded by the 898 * bootloader and passed via bootparams. We permit an initrd loaded 899 * from the LINUX_EFI_INITRD_MEDIA_GUID device path to supersede it. 900 * 901 * If the device path is not present, any command-line initrd= 902 * arguments will be processed only if image is not NULL, which will be 903 * the case only if we were loaded via the PE entry point. 904 */ 905 status = efi_load_initrd(image, hdr->initrd_addr_max, ULONG_MAX, 906 &initrd); 907 if (status != EFI_SUCCESS) 908 goto fail; 909 if (initrd && initrd->size > 0) { 910 efi_set_u64_split(initrd->base, &hdr->ramdisk_image, 911 &boot_params->ext_ramdisk_image); 912 efi_set_u64_split(initrd->size, &hdr->ramdisk_size, 913 &boot_params->ext_ramdisk_size); 914 } 915 916 917 /* 918 * If the boot loader gave us a value for secure_boot then we use that, 919 * otherwise we ask the BIOS. 920 */ 921 if (boot_params->secure_boot == efi_secureboot_mode_unset) 922 boot_params->secure_boot = efi_get_secureboot(); 923 924 /* Ask the firmware to clear memory on unclean shutdown */ 925 efi_enable_reset_attack_mitigation(); 926 927 efi_random_get_seed(); 928 929 efi_retrieve_tpm2_eventlog(); 930 931 setup_graphics(boot_params); 932 933 setup_efi_pci(boot_params); 934 935 setup_quirks(boot_params); 936 937 setup_unaccepted_memory(); 938 939 status = exit_boot(boot_params, handle); 940 if (status != EFI_SUCCESS) { 941 efi_err("exit_boot() failed!\n"); 942 goto fail; 943 } 944 945 /* 946 * Call the SEV init code while still running with the firmware's 947 * GDT/IDT, so #VC exceptions will be handled by EFI. 948 */ 949 sev_enable(boot_params); 950 951 efi_5level_switch(); 952 953 enter_kernel(kernel_entry, boot_params); 954fail: 955 efi_err("efi_stub_entry() failed!\n"); 956 957 efi_exit(handle, status); 958} 959 960#ifdef CONFIG_EFI_HANDOVER_PROTOCOL 961void efi_handover_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg, 962 struct boot_params *boot_params) 963{ 964 memset(_bss, 0, _ebss - _bss); 965 efi_stub_entry(handle, sys_table_arg, boot_params); 966} 967 968#ifndef CONFIG_EFI_MIXED 969extern __alias(efi_handover_entry) 970void efi32_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg, 971 struct boot_params *boot_params); 972 973extern __alias(efi_handover_entry) 974void efi64_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg, 975 struct boot_params *boot_params); 976#endif 977#endif 978