Open Menu / lib / efi_loader / efi_dt_fixup.c
Loading...
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
// SPDX-License-Identifier: GPL-2.0+
/*
 * EFI_DT_FIXUP_PROTOCOL
 *
 * Copyright (c) 2020 Heinrich Schuchardt
 */

#define LOG_CATEGORY LOGC_EFI

#include <efi_dt_fixup.h>
#include <efi_loader.h>
#include <efi_rng.h>
#include <fdtdec.h>
#include <mapmem.h>

const efi_guid_t efi_guid_dt_fixup_protocol = EFI_DT_FIXUP_PROTOCOL_GUID;

/**
 * efi_reserve_memory() - add reserved memory to memory map
 *
 * @addr:	start address of the reserved memory range
 * @size:	size of the reserved memory range
 * @nomap:	indicates that the memory range shall not be accessed by the
 *		UEFI payload
 */
static void efi_reserve_memory(u64 addr, u64 size, bool nomap)
{
	int type;
	efi_uintn_t ret;

	/* Convert from sandbox address space. */
	addr = (uintptr_t)map_sysmem(addr, 0);

	if (nomap)
		type = EFI_RESERVED_MEMORY_TYPE;
	else
		type = EFI_BOOT_SERVICES_DATA;

	ret = efi_add_memory_map(addr, size, type);
	if (ret != EFI_SUCCESS)
		log_err("Reserved memory mapping failed addr %llx size %llx\n",
			addr, size);
}

/**
 * efi_try_purge_rng_seed() - Remove unused kaslr-seed, rng-seed
 *
 * Kernel's EFI STUB only relies on EFI_RNG_PROTOCOL for randomization
 * and completely ignores the kaslr-seed for its own randomness needs
 * (i.e the randomization of the physical placement of the kernel).
 * Weed it out from the DTB we hand over, which would mess up our DTB
 * TPM measurements as well.
 *
 * @fdt: Pointer to device tree
 */
void efi_try_purge_rng_seed(void *fdt)
{
	const char * const prop[] = {"kaslr-seed", "rng-seed"};
	const efi_guid_t efi_guid_rng_protocol = EFI_RNG_PROTOCOL_GUID;
	struct efi_handler *handler;
	efi_status_t ret;
	int nodeoff = 0;
	int err = 0;

	ret = efi_search_protocol(efi_root, &efi_guid_rng_protocol, &handler);
	if (ret != EFI_SUCCESS)
		return;

	nodeoff = fdt_path_offset(fdt, "/chosen");
	if (nodeoff < 0)
		return;

	for (size_t i = 0; i < ARRAY_SIZE(prop); ++i) {
		err = fdt_delprop(fdt, nodeoff, prop[i]);
		if (err < 0 && err != -FDT_ERR_NOTFOUND)
			log_err("Error deleting %s\n", prop[i]);
		else
			log_debug("Deleted /chosen/%s\n", prop[i]);
	}
}

/**
 * efi_carve_out_dt_rsv() - Carve out DT reserved memory ranges
 *
 * The mem_rsv entries of the FDT are added to the memory map. Any failures are
 * ignored because this is not critical and we would rather continue to try to
 * boot.
 *
 * @fdt: Pointer to device tree
 */
void efi_carve_out_dt_rsv(void *fdt)
{
	int nr_rsv, i;
	u64 addr, size;
	int nodeoffset, subnode;

	nr_rsv = fdt_num_mem_rsv(fdt);

	/* Look for an existing entry and add it to the efi mem map. */
	for (i = 0; i < nr_rsv; i++) {
		if (fdt_get_mem_rsv(fdt, i, &addr, &size) != 0)
			continue;
		efi_reserve_memory(addr, size, true);
	}

	/* process reserved-memory */
	nodeoffset = fdt_subnode_offset(fdt, 0, "reserved-memory");
	if (nodeoffset >= 0) {
		subnode = fdt_first_subnode(fdt, nodeoffset);
		while (subnode >= 0) {
			fdt_addr_t fdt_addr;
			fdt_size_t fdt_size;

			/* check if this subnode has a reg property */
			fdt_addr = fdtdec_get_addr_size_auto_parent(
						fdt, nodeoffset, subnode,
						"reg", 0, &fdt_size, false);
			/*
			 * The /reserved-memory node may have children with
			 * a size instead of a reg property.
			 */
			if (fdt_addr != FDT_ADDR_T_NONE &&
			    fdtdec_get_is_enabled(fdt, subnode)) {
				bool nomap;

				nomap = !!fdt_getprop(fdt, subnode, "no-map",
						      NULL);
				efi_reserve_memory(fdt_addr, fdt_size, nomap);
			}
			subnode = fdt_next_subnode(fdt, subnode);
		}
	}
}

/**
 * efi_dt_fixup() - fix up device tree
 *
 * This function implements the Fixup() service of the
 * EFI Device Tree Fixup Protocol.
 *
 * @this:		instance of the protocol
 * @dtb:		device tree provided by caller
 * @buffer_size:	size of buffer for the device tree including free space
 * @flags:		bit field designating action to be performed
 * Return:		status code
 */
static efi_status_t __maybe_unused EFIAPI
efi_dt_fixup(struct efi_dt_fixup_protocol *this, void *dtb,
	     efi_uintn_t *buffer_size, u32 flags)
{
	efi_status_t ret;
	size_t required_size;
	size_t total_size;
	struct bootm_headers img = { 0 };

	EFI_ENTRY("%p, %p, %p, %d", this, dtb, buffer_size, flags);

	if (this != &efi_dt_fixup_prot || !dtb || !buffer_size ||
	    !flags || (flags & ~EFI_DT_ALL)) {
		ret = EFI_INVALID_PARAMETER;
		goto out;
	}
	if (fdt_check_header(dtb)) {
		ret = EFI_INVALID_PARAMETER;
		goto out;
	}
	if (flags & EFI_DT_APPLY_FIXUPS) {
		/* Check size */
		required_size = fdt_off_dt_strings(dtb) +
				fdt_size_dt_strings(dtb) +
				CONFIG_SYS_FDT_PAD;
		total_size = fdt_totalsize(dtb);
		if (required_size < total_size)
			required_size = total_size;
		if (required_size > *buffer_size) {
			*buffer_size = required_size;
			ret = EFI_BUFFER_TOO_SMALL;
			goto out;
		}

		fdt_set_totalsize(dtb, *buffer_size);
		if (image_setup_libfdt(&img, dtb, false)) {
			log_err("failed to process device tree\n");
			ret = EFI_INVALID_PARAMETER;
			goto out;
		}
	}
	if (flags & EFI_DT_RESERVE_MEMORY)
		efi_carve_out_dt_rsv(dtb);

	if (flags & EFI_DT_INSTALL_TABLE) {
		ret = efi_install_configuration_table(&efi_guid_fdt, dtb);
		if (ret != EFI_SUCCESS) {
			log_err("failed to install device tree\n");
			goto out;
		}
	}

	ret = EFI_SUCCESS;
out:
	return EFI_EXIT(ret);
}

struct efi_dt_fixup_protocol efi_dt_fixup_prot = {
	.revision = EFI_DT_FIXUP_PROTOCOL_REVISION,
	.fixup = efi_dt_fixup
};