1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * EFI application loader
4 *
5 * Copyright (c) 2016 Alexander Graf
6 */
7
8 #define LOG_CATEGORY LOGC_EFI
9
10 #include <common.h>
11 #include <bootm.h>
12 #include <charset.h>
13 #include <command.h>
14 #include <dm.h>
15 #include <efi_loader.h>
16 #include <efi_selftest.h>
17 #include <env.h>
18 #include <errno.h>
19 #include <image.h>
20 #include <log.h>
21 #include <malloc.h>
22 #include <asm/global_data.h>
23 #include <linux/libfdt.h>
24 #include <linux/libfdt_env.h>
25 #include <mapmem.h>
26 #include <memalign.h>
27 #include <asm-generic/sections.h>
28 #include <linux/linkage.h>
29
30 DECLARE_GLOBAL_DATA_PTR;
31
32 static struct efi_device_path *bootefi_image_path;
33 static struct efi_device_path *bootefi_device_path;
34 static void *image_addr;
35 static size_t image_size;
36
37 /**
38 * efi_clear_bootdev() - clear boot device
39 */
efi_clear_bootdev(void)40 static void efi_clear_bootdev(void)
41 {
42 efi_free_pool(bootefi_device_path);
43 efi_free_pool(bootefi_image_path);
44 bootefi_device_path = NULL;
45 bootefi_image_path = NULL;
46 image_addr = NULL;
47 image_size = 0;
48 }
49
50 /**
51 * efi_set_bootdev() - set boot device
52 *
53 * This function is called when a file is loaded, e.g. via the 'load' command.
54 * We use the path to this file to inform the UEFI binary about the boot device.
55 *
56 * @dev: device, e.g. "MMC"
57 * @devnr: number of the device, e.g. "1:2"
58 * @path: path to file loaded
59 * @buffer: buffer with file loaded
60 * @buffer_size: size of file loaded
61 */
efi_set_bootdev(const char * dev,const char * devnr,const char * path,void * buffer,size_t buffer_size)62 void efi_set_bootdev(const char *dev, const char *devnr, const char *path,
63 void *buffer, size_t buffer_size)
64 {
65 struct efi_device_path *device, *image;
66 efi_status_t ret;
67
68 /* Forget overwritten image */
69 if (buffer + buffer_size >= image_addr &&
70 image_addr + image_size >= buffer)
71 efi_clear_bootdev();
72
73 /* Remember only PE-COFF and FIT images */
74 if (efi_check_pe(buffer, buffer_size, NULL) != EFI_SUCCESS) {
75 #ifdef CONFIG_FIT
76 if (fit_check_format(buffer, IMAGE_SIZE_INVAL))
77 return;
78 /*
79 * FIT images of type EFI_OS are started via command bootm.
80 * We should not use their boot device with the bootefi command.
81 */
82 buffer = 0;
83 buffer_size = 0;
84 #else
85 return;
86 #endif
87 }
88
89 /* efi_set_bootdev() is typically called repeatedly, recover memory */
90 efi_clear_bootdev();
91
92 image_addr = buffer;
93 image_size = buffer_size;
94
95 ret = efi_dp_from_name(dev, devnr, path, &device, &image);
96 if (ret == EFI_SUCCESS) {
97 bootefi_device_path = device;
98 if (image) {
99 /* FIXME: image should not contain device */
100 struct efi_device_path *image_tmp = image;
101
102 efi_dp_split_file_path(image, &device, &image);
103 efi_free_pool(image_tmp);
104 }
105 bootefi_image_path = image;
106 } else {
107 efi_clear_bootdev();
108 }
109 }
110
111 /**
112 * efi_env_set_load_options() - set load options from environment variable
113 *
114 * @handle: the image handle
115 * @env_var: name of the environment variable
116 * @load_options: pointer to load options (output)
117 * Return: status code
118 */
efi_env_set_load_options(efi_handle_t handle,const char * env_var,u16 ** load_options)119 static efi_status_t efi_env_set_load_options(efi_handle_t handle,
120 const char *env_var,
121 u16 **load_options)
122 {
123 const char *env = env_get(env_var);
124 size_t size;
125 u16 *pos;
126 efi_status_t ret;
127
128 *load_options = NULL;
129 if (!env)
130 return EFI_SUCCESS;
131 size = sizeof(u16) * (utf8_utf16_strlen(env) + 1);
132 pos = calloc(size, 1);
133 if (!pos)
134 return EFI_OUT_OF_RESOURCES;
135 *load_options = pos;
136 utf8_utf16_strcpy(&pos, env);
137 ret = efi_set_load_options(handle, size, *load_options);
138 if (ret != EFI_SUCCESS) {
139 free(*load_options);
140 *load_options = NULL;
141 }
142 return ret;
143 }
144
145 #if !CONFIG_IS_ENABLED(GENERATE_ACPI_TABLE)
146
147 /**
148 * copy_fdt() - Copy the device tree to a new location available to EFI
149 *
150 * The FDT is copied to a suitable location within the EFI memory map.
151 * Additional 12 KiB are added to the space in case the device tree needs to be
152 * expanded later with fdt_open_into().
153 *
154 * @fdtp: On entry a pointer to the flattened device tree.
155 * On exit a pointer to the copy of the flattened device tree.
156 * FDT start
157 * Return: status code
158 */
copy_fdt(void ** fdtp)159 static efi_status_t copy_fdt(void **fdtp)
160 {
161 unsigned long fdt_ram_start = -1L, fdt_pages;
162 efi_status_t ret = 0;
163 void *fdt, *new_fdt;
164 u64 new_fdt_addr;
165 uint fdt_size;
166 int i;
167
168 for (i = 0; i < CONFIG_NR_DRAM_BANKS; i++) {
169 u64 ram_start = gd->bd->bi_dram[i].start;
170 u64 ram_size = gd->bd->bi_dram[i].size;
171
172 if (!ram_size)
173 continue;
174
175 if (ram_start < fdt_ram_start)
176 fdt_ram_start = ram_start;
177 }
178
179 /*
180 * Give us at least 12 KiB of breathing room in case the device tree
181 * needs to be expanded later.
182 */
183 fdt = *fdtp;
184 fdt_pages = efi_size_in_pages(fdt_totalsize(fdt) + 0x3000);
185 fdt_size = fdt_pages << EFI_PAGE_SHIFT;
186
187 /*
188 * Safe fdt location is at 127 MiB.
189 * On the sandbox convert from the sandbox address space.
190 */
191 new_fdt_addr = (uintptr_t)map_sysmem(fdt_ram_start + 0x7f00000 +
192 fdt_size, 0);
193 ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS,
194 EFI_ACPI_RECLAIM_MEMORY, fdt_pages,
195 &new_fdt_addr);
196 if (ret != EFI_SUCCESS) {
197 /* If we can't put it there, put it somewhere */
198 new_fdt_addr = (ulong)memalign(EFI_PAGE_SIZE, fdt_size);
199 ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS,
200 EFI_ACPI_RECLAIM_MEMORY, fdt_pages,
201 &new_fdt_addr);
202 if (ret != EFI_SUCCESS) {
203 log_err("ERROR: Failed to reserve space for FDT\n");
204 goto done;
205 }
206 }
207 new_fdt = (void *)(uintptr_t)new_fdt_addr;
208 memcpy(new_fdt, fdt, fdt_totalsize(fdt));
209 fdt_set_totalsize(new_fdt, fdt_size);
210
211 *fdtp = (void *)(uintptr_t)new_fdt_addr;
212 done:
213 return ret;
214 }
215
216 /**
217 * get_config_table() - get configuration table
218 *
219 * @guid: GUID of the configuration table
220 * Return: pointer to configuration table or NULL
221 */
get_config_table(const efi_guid_t * guid)222 static void *get_config_table(const efi_guid_t *guid)
223 {
224 size_t i;
225
226 for (i = 0; i < systab.nr_tables; i++) {
227 if (!guidcmp(guid, &systab.tables[i].guid))
228 return systab.tables[i].table;
229 }
230 return NULL;
231 }
232
233 #endif /* !CONFIG_IS_ENABLED(GENERATE_ACPI_TABLE) */
234
235 /**
236 * efi_install_fdt() - install device tree
237 *
238 * If fdt is not EFI_FDT_USE_INTERNAL, the device tree located at that memory
239 * address will will be installed as configuration table, otherwise the device
240 * tree located at the address indicated by environment variable fdt_addr or as
241 * fallback fdtcontroladdr will be used.
242 *
243 * On architectures using ACPI tables device trees shall not be installed as
244 * configuration table.
245 *
246 * @fdt: address of device tree or EFI_FDT_USE_INTERNAL to use the
247 * the hardware device tree as indicated by environment variable
248 * fdt_addr or as fallback the internal device tree as indicated by
249 * the environment variable fdtcontroladdr
250 * Return: status code
251 */
efi_install_fdt(void * fdt)252 efi_status_t efi_install_fdt(void *fdt)
253 {
254 /*
255 * The EBBR spec requires that we have either an FDT or an ACPI table
256 * but not both.
257 */
258 #if CONFIG_IS_ENABLED(GENERATE_ACPI_TABLE)
259 if (fdt) {
260 log_err("ERROR: can't have ACPI table and device tree.\n");
261 return EFI_LOAD_ERROR;
262 }
263 #else
264 bootm_headers_t img = { 0 };
265 efi_status_t ret;
266
267 if (fdt == EFI_FDT_USE_INTERNAL) {
268 const char *fdt_opt;
269 uintptr_t fdt_addr;
270
271 /* Look for device tree that is already installed */
272 if (get_config_table(&efi_guid_fdt))
273 return EFI_SUCCESS;
274 /* Check if there is a hardware device tree */
275 fdt_opt = env_get("fdt_addr");
276 /* Use our own device tree as fallback */
277 if (!fdt_opt) {
278 fdt_opt = env_get("fdtcontroladdr");
279 if (!fdt_opt) {
280 log_err("ERROR: need device tree\n");
281 return EFI_NOT_FOUND;
282 }
283 }
284 fdt_addr = simple_strtoul(fdt_opt, NULL, 16);
285 if (!fdt_addr) {
286 log_err("ERROR: invalid $fdt_addr or $fdtcontroladdr\n");
287 return EFI_LOAD_ERROR;
288 }
289 fdt = map_sysmem(fdt_addr, 0);
290 }
291
292 /* Install device tree */
293 if (fdt_check_header(fdt)) {
294 log_err("ERROR: invalid device tree\n");
295 return EFI_LOAD_ERROR;
296 }
297
298 /* Prepare device tree for payload */
299 ret = copy_fdt(&fdt);
300 if (ret) {
301 log_err("ERROR: out of memory\n");
302 return EFI_OUT_OF_RESOURCES;
303 }
304
305 if (image_setup_libfdt(&img, fdt, 0, NULL)) {
306 log_err("ERROR: failed to process device tree\n");
307 return EFI_LOAD_ERROR;
308 }
309
310 /* Create memory reservations as indicated by the device tree */
311 efi_carve_out_dt_rsv(fdt);
312
313 /* Install device tree as UEFI table */
314 ret = efi_install_configuration_table(&efi_guid_fdt, fdt);
315 if (ret != EFI_SUCCESS) {
316 log_err("ERROR: failed to install device tree\n");
317 return ret;
318 }
319 #endif /* GENERATE_ACPI_TABLE */
320
321 return EFI_SUCCESS;
322 }
323
324 /**
325 * do_bootefi_exec() - execute EFI binary
326 *
327 * The image indicated by @handle is started. When it returns the allocated
328 * memory for the @load_options is freed.
329 *
330 * @handle: handle of loaded image
331 * @load_options: load options
332 * Return: status code
333 *
334 * Load the EFI binary into a newly assigned memory unwinding the relocation
335 * information, install the loaded image protocol, and call the binary.
336 */
do_bootefi_exec(efi_handle_t handle,void * load_options)337 static efi_status_t do_bootefi_exec(efi_handle_t handle, void *load_options)
338 {
339 efi_status_t ret;
340 efi_uintn_t exit_data_size = 0;
341 u16 *exit_data = NULL;
342
343 /* On ARM switch from EL3 or secure mode to EL2 or non-secure mode */
344 switch_to_non_secure_mode();
345
346 /* Call our payload! */
347 ret = EFI_CALL(efi_start_image(handle, &exit_data_size, &exit_data));
348 if (ret != EFI_SUCCESS) {
349 log_err("## Application failed, r = %lu\n",
350 ret & ~EFI_ERROR_MASK);
351 if (exit_data) {
352 log_err("## %ls\n", exit_data);
353 efi_free_pool(exit_data);
354 }
355 }
356
357 efi_restore_gd();
358
359 free(load_options);
360
361 return ret;
362 }
363
364 /**
365 * do_efibootmgr() - execute EFI boot manager
366 *
367 * Return: status code
368 */
do_efibootmgr(void)369 static int do_efibootmgr(void)
370 {
371 efi_handle_t handle;
372 efi_status_t ret;
373 void *load_options;
374
375 ret = efi_bootmgr_load(&handle, &load_options);
376 if (ret != EFI_SUCCESS) {
377 log_notice("EFI boot manager: Cannot load any image\n");
378 return CMD_RET_FAILURE;
379 }
380
381 ret = do_bootefi_exec(handle, load_options);
382
383 if (ret != EFI_SUCCESS)
384 return CMD_RET_FAILURE;
385
386 return CMD_RET_SUCCESS;
387 }
388
389 /**
390 * do_bootefi_image() - execute EFI binary
391 *
392 * Set up memory image for the binary to be loaded, prepare device path, and
393 * then call do_bootefi_exec() to execute it.
394 *
395 * @image_opt: string of image start address
396 * Return: status code
397 */
do_bootefi_image(const char * image_opt)398 static int do_bootefi_image(const char *image_opt)
399 {
400 void *image_buf;
401 unsigned long addr, size;
402 efi_status_t ret;
403
404 #ifdef CONFIG_CMD_BOOTEFI_HELLO
405 if (!strcmp(image_opt, "hello")) {
406 image_buf = __efi_helloworld_begin;
407 size = __efi_helloworld_end - __efi_helloworld_begin;
408 efi_clear_bootdev();
409 } else
410 #endif
411 {
412 addr = strtoul(image_opt, NULL, 16);
413 /* Check that a numeric value was passed */
414 if (!addr)
415 return CMD_RET_USAGE;
416
417 image_buf = map_sysmem(addr, 0);
418
419 if (image_buf != image_addr) {
420 log_err("No UEFI binary known at %s\n", image_opt);
421 return CMD_RET_FAILURE;
422 }
423 size = image_size;
424 }
425 ret = efi_run_image(image_buf, size);
426
427 if (ret != EFI_SUCCESS)
428 return CMD_RET_FAILURE;
429
430 return CMD_RET_SUCCESS;
431 }
432
433 /**
434 * efi_run_image() - run loaded UEFI image
435 *
436 * @source_buffer: memory address of the UEFI image
437 * @source_size: size of the UEFI image
438 * Return: status code
439 */
efi_run_image(void * source_buffer,efi_uintn_t source_size)440 efi_status_t efi_run_image(void *source_buffer, efi_uintn_t source_size)
441 {
442 efi_handle_t mem_handle = NULL, handle;
443 struct efi_device_path *file_path = NULL;
444 struct efi_device_path *msg_path;
445 efi_status_t ret;
446 u16 *load_options;
447
448 if (!bootefi_device_path || !bootefi_image_path) {
449 /*
450 * Special case for efi payload not loaded from disk,
451 * such as 'bootefi hello' or for example payload
452 * loaded directly into memory via JTAG, etc:
453 */
454 file_path = efi_dp_from_mem(EFI_RESERVED_MEMORY_TYPE,
455 (uintptr_t)source_buffer,
456 source_size);
457 /*
458 * Make sure that device for device_path exist
459 * in load_image(). Otherwise, shell and grub will fail.
460 */
461 ret = efi_create_handle(&mem_handle);
462 if (ret != EFI_SUCCESS)
463 goto out;
464
465 ret = efi_add_protocol(mem_handle, &efi_guid_device_path,
466 file_path);
467 if (ret != EFI_SUCCESS)
468 goto out;
469 msg_path = file_path;
470 } else {
471 file_path = efi_dp_append(bootefi_device_path,
472 bootefi_image_path);
473 msg_path = bootefi_image_path;
474 }
475
476 log_info("Booting %pD\n", msg_path);
477
478 ret = EFI_CALL(efi_load_image(false, efi_root, file_path, source_buffer,
479 source_size, &handle));
480 if (ret != EFI_SUCCESS) {
481 log_err("Loading image failed\n");
482 goto out;
483 }
484
485 /* Transfer environment variable as load options */
486 ret = efi_env_set_load_options(handle, "bootargs", &load_options);
487 if (ret != EFI_SUCCESS)
488 goto out;
489
490 ret = do_bootefi_exec(handle, load_options);
491
492 out:
493 efi_delete_handle(mem_handle);
494 efi_free_pool(file_path);
495 return ret;
496 }
497
498 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST
bootefi_run_prepare(const char * load_options_path,struct efi_device_path * device_path,struct efi_device_path * image_path,struct efi_loaded_image_obj ** image_objp,struct efi_loaded_image ** loaded_image_infop)499 static efi_status_t bootefi_run_prepare(const char *load_options_path,
500 struct efi_device_path *device_path,
501 struct efi_device_path *image_path,
502 struct efi_loaded_image_obj **image_objp,
503 struct efi_loaded_image **loaded_image_infop)
504 {
505 efi_status_t ret;
506 u16 *load_options;
507
508 ret = efi_setup_loaded_image(device_path, image_path, image_objp,
509 loaded_image_infop);
510 if (ret != EFI_SUCCESS)
511 return ret;
512
513 /* Transfer environment variable as load options */
514 return efi_env_set_load_options((efi_handle_t)*image_objp,
515 load_options_path,
516 &load_options);
517 }
518
519 /**
520 * bootefi_test_prepare() - prepare to run an EFI test
521 *
522 * Prepare to run a test as if it were provided by a loaded image.
523 *
524 * @image_objp: pointer to be set to the loaded image handle
525 * @loaded_image_infop: pointer to be set to the loaded image protocol
526 * @path: dummy file path used to construct the device path
527 * set in the loaded image protocol
528 * @load_options_path: name of a U-Boot environment variable. Its value is
529 * set as load options in the loaded image protocol.
530 * Return: status code
531 */
bootefi_test_prepare(struct efi_loaded_image_obj ** image_objp,struct efi_loaded_image ** loaded_image_infop,const char * path,const char * load_options_path)532 static efi_status_t bootefi_test_prepare
533 (struct efi_loaded_image_obj **image_objp,
534 struct efi_loaded_image **loaded_image_infop, const char *path,
535 const char *load_options_path)
536 {
537 efi_status_t ret;
538
539 /* Construct a dummy device path */
540 bootefi_device_path = efi_dp_from_mem(EFI_RESERVED_MEMORY_TYPE, 0, 0);
541 if (!bootefi_device_path)
542 return EFI_OUT_OF_RESOURCES;
543
544 bootefi_image_path = efi_dp_from_file(NULL, 0, path);
545 if (!bootefi_image_path) {
546 ret = EFI_OUT_OF_RESOURCES;
547 goto failure;
548 }
549
550 ret = bootefi_run_prepare(load_options_path, bootefi_device_path,
551 bootefi_image_path, image_objp,
552 loaded_image_infop);
553 if (ret == EFI_SUCCESS)
554 return ret;
555
556 failure:
557 efi_clear_bootdev();
558 return ret;
559 }
560
561 /**
562 * bootefi_run_finish() - finish up after running an EFI test
563 *
564 * @loaded_image_info: Pointer to a struct which holds the loaded image info
565 * @image_obj: Pointer to a struct which holds the loaded image object
566 */
bootefi_run_finish(struct efi_loaded_image_obj * image_obj,struct efi_loaded_image * loaded_image_info)567 static void bootefi_run_finish(struct efi_loaded_image_obj *image_obj,
568 struct efi_loaded_image *loaded_image_info)
569 {
570 efi_restore_gd();
571 free(loaded_image_info->load_options);
572 efi_delete_handle(&image_obj->header);
573 }
574
575 /**
576 * do_efi_selftest() - execute EFI selftest
577 *
578 * Return: status code
579 */
do_efi_selftest(void)580 static int do_efi_selftest(void)
581 {
582 struct efi_loaded_image_obj *image_obj;
583 struct efi_loaded_image *loaded_image_info;
584 efi_status_t ret;
585
586 ret = bootefi_test_prepare(&image_obj, &loaded_image_info,
587 "\\selftest", "efi_selftest");
588 if (ret != EFI_SUCCESS)
589 return CMD_RET_FAILURE;
590
591 /* Execute the test */
592 ret = EFI_CALL(efi_selftest(&image_obj->header, &systab));
593 bootefi_run_finish(image_obj, loaded_image_info);
594
595 return ret != EFI_SUCCESS;
596 }
597 #endif /* CONFIG_CMD_BOOTEFI_SELFTEST */
598
599 /**
600 * do_bootefi() - execute `bootefi` command
601 *
602 * @cmdtp: table entry describing command
603 * @flag: bitmap indicating how the command was invoked
604 * @argc: number of arguments
605 * @argv: command line arguments
606 * Return: status code
607 */
do_bootefi(struct cmd_tbl * cmdtp,int flag,int argc,char * const argv[])608 static int do_bootefi(struct cmd_tbl *cmdtp, int flag, int argc,
609 char *const argv[])
610 {
611 efi_status_t ret;
612 void *fdt;
613
614 if (argc < 2)
615 return CMD_RET_USAGE;
616
617 /* Initialize EFI drivers */
618 ret = efi_init_obj_list();
619 if (ret != EFI_SUCCESS) {
620 log_err("Error: Cannot initialize UEFI sub-system, r = %lu\n",
621 ret & ~EFI_ERROR_MASK);
622 return CMD_RET_FAILURE;
623 }
624
625 if (argc > 2) {
626 uintptr_t fdt_addr;
627
628 fdt_addr = simple_strtoul(argv[2], NULL, 16);
629 fdt = map_sysmem(fdt_addr, 0);
630 } else {
631 fdt = EFI_FDT_USE_INTERNAL;
632 }
633 ret = efi_install_fdt(fdt);
634 if (ret == EFI_INVALID_PARAMETER)
635 return CMD_RET_USAGE;
636 else if (ret != EFI_SUCCESS)
637 return CMD_RET_FAILURE;
638
639 if (IS_ENABLED(CONFIG_CMD_BOOTEFI_BOOTMGR)) {
640 if (!strcmp(argv[1], "bootmgr"))
641 return do_efibootmgr();
642 }
643 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST
644 if (!strcmp(argv[1], "selftest"))
645 return do_efi_selftest();
646 #endif
647
648 return do_bootefi_image(argv[1]);
649 }
650
651 #ifdef CONFIG_SYS_LONGHELP
652 static char bootefi_help_text[] =
653 "<image address> [fdt address]\n"
654 " - boot EFI payload stored at address <image address>.\n"
655 " If specified, the device tree located at <fdt address> gets\n"
656 " exposed as EFI configuration table.\n"
657 #ifdef CONFIG_CMD_BOOTEFI_HELLO
658 "bootefi hello\n"
659 " - boot a sample Hello World application stored within U-Boot\n"
660 #endif
661 #ifdef CONFIG_CMD_BOOTEFI_SELFTEST
662 "bootefi selftest [fdt address]\n"
663 " - boot an EFI selftest application stored within U-Boot\n"
664 " Use environment variable efi_selftest to select a single test.\n"
665 " Use 'setenv efi_selftest list' to enumerate all tests.\n"
666 #endif
667 #ifdef CONFIG_CMD_BOOTEFI_BOOTMGR
668 "bootefi bootmgr [fdt address]\n"
669 " - load and boot EFI payload based on BootOrder/BootXXXX variables.\n"
670 "\n"
671 " If specified, the device tree located at <fdt address> gets\n"
672 " exposed as EFI configuration table.\n"
673 #endif
674 ;
675 #endif
676
677 U_BOOT_CMD(
678 bootefi, 3, 0, do_bootefi,
679 "Boots an EFI payload from memory",
680 bootefi_help_text
681 );
682