efi.c source code [linux/arch/arm64/kernel/efi.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/*
3	* Extensible Firmware Interface
4	*
5	* Based on Extensible Firmware Interface Specification version 2.4
6	*
7	* Copyright (C) 2013, 2014 Linaro Ltd.
8	*/
9
10	#include <linux/efi.h>
11	#include <linux/init.h>
12	#include <linux/screen_info.h>
13
14	#include <asm/efi.h>
15	#include <asm/stacktrace.h>
16
17	static bool region_is_misaligned(const efi_memory_desc_t *md)
18	{
19	if (PAGE_SIZE == EFI_PAGE_SIZE)
20	return false;
21	return !PAGE_ALIGNED(md->phys_addr) \|\|
22	!PAGE_ALIGNED(md->num_pages << EFI_PAGE_SHIFT);
23	}
24
25	/*
26	* Only regions of type EFI_RUNTIME_SERVICES_CODE need to be
27	* executable, everything else can be mapped with the XN bits
28	* set. Also take the new (optional) RO/XP bits into account.
29	*/
30	static __init pteval_t create_mapping_protection(efi_memory_desc_t *md)
31	{
32	u64 attr = md->attribute;
33	u32 type = md->type;
34
35	if (type == EFI_MEMORY_MAPPED_IO)
36	return PROT_DEVICE_nGnRE;
37
38	if (region_is_misaligned(md)) {
39	static bool __initdata code_is_misaligned;
40
41	/*
42	* Regions that are not aligned to the OS page size cannot be
43	* mapped with strict permissions, as those might interfere
44	* with the permissions that are needed by the adjacent
45	* region's mapping. However, if we haven't encountered any
46	* misaligned runtime code regions so far, we can safely use
47	* non-executable permissions for non-code regions.
48	*/
49	code_is_misaligned \|= (type == EFI_RUNTIME_SERVICES_CODE);
50
51	return code_is_misaligned ? pgprot_val(PAGE_KERNEL_EXEC)
52	: pgprot_val(PAGE_KERNEL);
53	}
54
55	/ R-- /
56	if ((attr & (EFI_MEMORY_XP \| EFI_MEMORY_RO)) ==
57	(EFI_MEMORY_XP \| EFI_MEMORY_RO))
58	return pgprot_val(PAGE_KERNEL_RO);
59
60	/ R-X /
61	if (attr & EFI_MEMORY_RO)
62	return pgprot_val(PAGE_KERNEL_ROX);
63
64	/ RW- /
65	if (((attr & (EFI_MEMORY_RP \| EFI_MEMORY_WP \| EFI_MEMORY_XP)) ==
66	EFI_MEMORY_XP) \|\|
67	type != EFI_RUNTIME_SERVICES_CODE)
68	return pgprot_val(PAGE_KERNEL);
69
70	/ RWX /
71	return pgprot_val(PAGE_KERNEL_EXEC);
72	}
73
74	int __init efi_create_mapping(struct mm_struct mm, efi_memory_desc_t md)
75	{
76	pteval_t prot_val = create_mapping_protection(md);
77	bool page_mappings_only = (md->type == EFI_RUNTIME_SERVICES_CODE \|\|
78	md->type == EFI_RUNTIME_SERVICES_DATA);
79
80	/*
81	* If this region is not aligned to the page size used by the OS, the
82	* mapping will be rounded outwards, and may end up sharing a page
83	* frame with an adjacent runtime memory region. Given that the page
84	* table descriptor covering the shared page will be rewritten when the
85	* adjacent region gets mapped, we must avoid block mappings here so we
86	* don't have to worry about splitting them when that happens.
87	*/
88	if (region_is_misaligned(md))
89	page_mappings_only = true;
90
91	create_pgd_mapping(mm, md->phys_addr, md->virt_addr,
92	md->num_pages << EFI_PAGE_SHIFT,
93	__pgprot(prot_val \| PTE_NG), page_mappings_only);
94	return `0`;
95	}
96
97	struct set_perm_data {
98	const efi_memory_desc_t *md;
99	bool has_bti;
100	};
101
102	static int __init set_permissions(pte_t ptep, unsigned* long addr, void *data)
103	{
104	struct set_perm_data *spd = data;
105	const efi_memory_desc_t *md = spd->md;
106	pte_t pte = __ptep_get(ptep);
107
108	if (md->attribute & EFI_MEMORY_RO)
109	pte = set_pte_bit(pte, __pgprot(PTE_RDONLY));
110	if (md->attribute & EFI_MEMORY_XP)
111	pte = set_pte_bit(pte, __pgprot(PTE_PXN));
112	else if (system_supports_bti_kernel() && spd->has_bti)
113	pte = set_pte_bit(pte, __pgprot(PTE_GP));
114	__set_pte(ptep, pte);
115	return `0`;
116	}
117
118	int __init efi_set_mapping_permissions(struct mm_struct *mm,
119	efi_memory_desc_t *md,
120	bool has_bti)
121	{
122	struct set_perm_data data = { md, has_bti };
123
124	BUG_ON(md->type != EFI_RUNTIME_SERVICES_CODE &&
125	md->type != EFI_RUNTIME_SERVICES_DATA);
126
127	if (region_is_misaligned(md))
128	return `0`;
129
130	/*
131	* Calling apply_to_page_range() is only safe on regions that are
132	* guaranteed to be mapped down to pages. Since we are only called
133	* for regions that have been mapped using efi_create_mapping() above
134	* (and this is checked by the generic Memory Attributes table parsing
135	* routines), there is no need to check that again here.
136	*/
137	return apply_to_page_range(mm, address: md->virt_addr,
138	size: md->num_pages << EFI_PAGE_SHIFT,
139	fn: set_permissions, data: &data);
140	}
141
142	/*
143	* UpdateCapsule() depends on the system being shutdown via
144	* ResetSystem().
145	*/
146	bool efi_poweroff_required(void)
147	{
148	return efi_enabled(EFI_RUNTIME_SERVICES);
149	}
150
151	asmlinkage efi_status_t efi_handle_corrupted_x18(efi_status_t s, const char *f)
152	{
153	pr_err_ratelimited(FW_BUG "register x18 corrupted by EFI %s\n", f);
154	return s;
155	}
156
157	static DEFINE_RAW_SPINLOCK(efi_rt_lock);
158
159	void arch_efi_call_virt_setup(void)
160	{
161	efi_virtmap_load();
162	__efi_fpsimd_begin();
163	raw_spin_lock(&efi_rt_lock);
164	}
165
166	void arch_efi_call_virt_teardown(void)
167	{
168	raw_spin_unlock(&efi_rt_lock);
169	__efi_fpsimd_end();
170	efi_virtmap_unload();
171	}
172
173	asmlinkage u64 *efi_rt_stack_top __ro_after_init;
174
175	asmlinkage efi_status_t __efi_rt_asm_recover(void);
176
177	bool efi_runtime_fixup_exception(struct pt_regs regs, const* char *msg)
178	{
179	/ Check whether the exception occurred while running the firmware /
180	if (!current_in_efi() \|\| regs->pc >= TASK_SIZE_64)
181	return false;
182
183	pr_err(FW_BUG "Unable to handle %s in EFI runtime service\n", msg);
184	add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
185	clear_bit(EFI_RUNTIME_SERVICES, addr: &efi.flags);
186
187	regs->regs[`0`] = EFI_ABORTED;
188	regs->regs[`30`] = efi_rt_stack_top[-`1`];
189	regs->pc = (u64)__efi_rt_asm_recover;
190
191	if (IS_ENABLED(CONFIG_SHADOW_CALL_STACK))
192	regs->regs[`18`] = efi_rt_stack_top[-`2`];
193
194	return true;
195	}
196
197	/ EFI requires 8 KiB of stack space for runtime services /
198	static_assert(THREAD_SIZE >= SZ_8K);
199
200	static int __init arm64_efi_rt_init(void)
201	{
202	void *p;
203
204	if (!efi_enabled(EFI_RUNTIME_SERVICES))
205	return `0`;
206
207	p = __vmalloc_node(THREAD_SIZE, THREAD_ALIGN, GFP_KERNEL,
208	NUMA_NO_NODE, &&l);
209	l: if (!p) {
210	pr_warn("Failed to allocate EFI runtime stack\n");
211	clear_bit(EFI_RUNTIME_SERVICES, addr: &efi.flags);
212	return -ENOMEM;
213	}
214
215	efi_rt_stack_top = p + THREAD_SIZE;
216	return `0`;
217	}
218	core_initcall(arm64_efi_rt_init);
219

source code of linux/arch/arm64/kernel/efi.c