/* * Determine whether we're in secure boot mode. */ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg) { u32 attr; u8 secboot, setupmode, moksbstate; unsigned long size; efi_status_t status; size = sizeof(secboot); status = get_efi_var(efi_SecureBoot_name, &efi_variable_guid, NULL, &size, &secboot); if (status != EFI_SUCCESS) goto out_efi_err; size = sizeof(setupmode); status = get_efi_var(efi_SetupMode_name, &efi_variable_guid, NULL, &size, &setupmode); if (status != EFI_SUCCESS) goto out_efi_err; if (secboot == 0 || setupmode == 1) return efi_secureboot_mode_disabled; /* * See if a user has put the shim into insecure mode. If so, and if the * variable doesn't have the runtime attribute set, we might as well * honor that. */ size = sizeof(moksbstate); status = get_efi_var(shim_MokSBState_name, &shim_guid, &attr, &size, &moksbstate); /* If it fails, we don't care why. Default to secure */ if (status != EFI_SUCCESS) goto secure_boot_enabled; if (!(attr & EFI_VARIABLE_RUNTIME_ACCESS) && moksbstate == 1) return efi_secureboot_mode_disabled; secure_boot_enabled: pr_efi(sys_table_arg, "UEFI Secure Boot is enabled.\n"); return efi_secureboot_mode_enabled; out_efi_err: pr_efi_err(sys_table_arg, "Could not determine UEFI Secure Boot status.\n"); if (status == EFI_NOT_FOUND) return efi_secureboot_mode_disabled; return efi_secureboot_mode_unknown; }
/* * EFI entry point for the arm/arm64 EFI stubs. This is the entrypoint * that is described in the PE/COFF header. Most of the code is the same * for both archictectures, with the arch-specific code provided in the * handle_kernel_image() function. */ unsigned long efi_entry(void *handle, efi_system_table_t *sys_table, unsigned long *image_addr) { efi_loaded_image_t *image; efi_status_t status; unsigned long image_size = 0; unsigned long dram_base; /* addr/point and size pairs for memory management*/ unsigned long initrd_addr; u64 initrd_size = 0; unsigned long fdt_addr = 0; /* Original DTB */ unsigned long fdt_size = 0; char *cmdline_ptr = NULL; int cmdline_size = 0; unsigned long new_fdt_addr; efi_guid_t loaded_image_proto = LOADED_IMAGE_PROTOCOL_GUID; unsigned long reserve_addr = 0; unsigned long reserve_size = 0; int secure_boot = 0; struct screen_info *si; /* Check if we were booted by the EFI firmware */ if (sys_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) goto fail; pr_efi(sys_table, "Booting Linux Kernel...\n"); status = check_platform_features(sys_table); if (status != EFI_SUCCESS) goto fail; /* * Get a handle to the loaded image protocol. This is used to get * information about the running image, such as size and the command * line. */ status = sys_table->boottime->handle_protocol(handle, &loaded_image_proto, (void *)&image); if (status != EFI_SUCCESS) { pr_efi_err(sys_table, "Failed to get loaded image protocol\n"); goto fail; } dram_base = get_dram_base(sys_table); if (dram_base == EFI_ERROR) { pr_efi_err(sys_table, "Failed to find DRAM base\n"); goto fail; } /* * Get the command line from EFI, using the LOADED_IMAGE * protocol. We are going to copy the command line into the * device tree, so this can be allocated anywhere. */ cmdline_ptr = efi_convert_cmdline(sys_table, image, &cmdline_size); if (!cmdline_ptr) { pr_efi_err(sys_table, "getting command line via LOADED_IMAGE_PROTOCOL\n"); goto fail; } /* check whether 'nokaslr' was passed on the command line */ if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) { static const u8 default_cmdline[] = CONFIG_CMDLINE; const u8 *str, *cmdline = cmdline_ptr; if (IS_ENABLED(CONFIG_CMDLINE_FORCE)) cmdline = default_cmdline; str = strstr(cmdline, "nokaslr"); if (str == cmdline || (str > cmdline && *(str - 1) == ' ')) __nokaslr = true; } si = setup_graphics(sys_table); status = handle_kernel_image(sys_table, image_addr, &image_size, &reserve_addr, &reserve_size, dram_base, image); if (status != EFI_SUCCESS) { pr_efi_err(sys_table, "Failed to relocate kernel\n"); goto fail_free_cmdline; } status = efi_parse_options(cmdline_ptr); if (status != EFI_SUCCESS) pr_efi_err(sys_table, "Failed to parse EFI cmdline options\n"); secure_boot = efi_get_secureboot(sys_table); if (secure_boot > 0) pr_efi(sys_table, "UEFI Secure Boot is enabled.\n"); if (secure_boot < 0) { pr_efi_err(sys_table, "could not determine UEFI Secure Boot status.\n"); } /* * Unauthenticated device tree data is a security hazard, so * ignore 'dtb=' unless UEFI Secure Boot is disabled. */ if (secure_boot != 0 && strstr(cmdline_ptr, "dtb=")) { pr_efi(sys_table, "Ignoring DTB from command line.\n"); } else { status = handle_cmdline_files(sys_table, image, cmdline_ptr, "dtb=", ~0UL, &fdt_addr, &fdt_size); if (status != EFI_SUCCESS) { pr_efi_err(sys_table, "Failed to load device tree!\n"); goto fail_free_image; } } if (fdt_addr) { pr_efi(sys_table, "Using DTB from command line\n"); } else { /* Look for a device tree configuration table entry. */ fdt_addr = (uintptr_t)get_fdt(sys_table, &fdt_size); if (fdt_addr) pr_efi(sys_table, "Using DTB from configuration table\n"); } if (!fdt_addr) pr_efi(sys_table, "Generating empty DTB\n"); status = handle_cmdline_files(sys_table, image, cmdline_ptr, "initrd=", dram_base + SZ_512M, (unsigned long *)&initrd_addr, (unsigned long *)&initrd_size); if (status != EFI_SUCCESS) pr_efi_err(sys_table, "Failed initrd from command line!\n"); efi_random_get_seed(sys_table); new_fdt_addr = fdt_addr; status = allocate_new_fdt_and_exit_boot(sys_table, handle, &new_fdt_addr, dram_base + MAX_FDT_OFFSET, initrd_addr, initrd_size, cmdline_ptr, fdt_addr, fdt_size); /* * If all went well, we need to return the FDT address to the * calling function so it can be passed to kernel as part of * the kernel boot protocol. */ if (status == EFI_SUCCESS) return new_fdt_addr; pr_efi_err(sys_table, "Failed to update FDT and exit boot services\n"); efi_free(sys_table, initrd_size, initrd_addr); efi_free(sys_table, fdt_size, fdt_addr); fail_free_image: efi_free(sys_table, image_size, *image_addr); efi_free(sys_table, reserve_size, reserve_addr); fail_free_cmdline: free_screen_info(sys_table, si); efi_free(sys_table, cmdline_size, (unsigned long)cmdline_ptr); fail: return EFI_ERROR; }
efi_status_t allocate_new_fdt_and_exit_boot(efi_system_table_t *sys_table, void *handle, unsigned long *new_fdt_addr, unsigned long max_addr, u64 initrd_addr, u64 initrd_size, char *cmdline_ptr, unsigned long fdt_addr, unsigned long fdt_size) { unsigned long map_size, desc_size, buff_size; u32 desc_ver; unsigned long mmap_key; efi_memory_desc_t *memory_map, *runtime_map; unsigned long new_fdt_size; efi_status_t status; int runtime_entry_count = 0; struct efi_boot_memmap map; struct exit_boot_struct priv; map.map = &runtime_map; map.map_size = &map_size; map.desc_size = &desc_size; map.desc_ver = &desc_ver; map.key_ptr = &mmap_key; map.buff_size = &buff_size; /* * Get a copy of the current memory map that we will use to prepare * the input for SetVirtualAddressMap(). We don't have to worry about * subsequent allocations adding entries, since they could not affect * the number of EFI_MEMORY_RUNTIME regions. */ status = efi_get_memory_map(sys_table, &map); if (status != EFI_SUCCESS) { pr_efi_err(sys_table, "Unable to retrieve UEFI memory map.\n"); return status; } pr_efi(sys_table, "Exiting boot services and installing virtual address map...\n"); map.map = &memory_map; /* * Estimate size of new FDT, and allocate memory for it. We * will allocate a bigger buffer if this ends up being too * small, so a rough guess is OK here. */ new_fdt_size = fdt_size + EFI_PAGE_SIZE; while (1) { status = efi_high_alloc(sys_table, new_fdt_size, EFI_FDT_ALIGN, new_fdt_addr, max_addr); if (status != EFI_SUCCESS) { pr_efi_err(sys_table, "Unable to allocate memory for new device tree.\n"); goto fail; } /* * Now that we have done our final memory allocation (and free) * we can get the memory map key needed for * exit_boot_services(). */ status = efi_get_memory_map(sys_table, &map); if (status != EFI_SUCCESS) goto fail_free_new_fdt; status = update_fdt(sys_table, (void *)fdt_addr, fdt_size, (void *)*new_fdt_addr, new_fdt_size, cmdline_ptr, initrd_addr, initrd_size, memory_map, map_size, desc_size, desc_ver); /* Succeeding the first time is the expected case. */ if (status == EFI_SUCCESS) break; if (status == EFI_BUFFER_TOO_SMALL) { /* * We need to allocate more space for the new * device tree, so free existing buffer that is * too small. Also free memory map, as we will need * to get new one that reflects the free/alloc we do * on the device tree buffer. */ efi_free(sys_table, new_fdt_size, *new_fdt_addr); sys_table->boottime->free_pool(memory_map); new_fdt_size += EFI_PAGE_SIZE; } else { pr_efi_err(sys_table, "Unable to construct new device tree.\n"); goto fail_free_mmap; } } sys_table->boottime->free_pool(memory_map); priv.runtime_map = runtime_map; priv.runtime_entry_count = &runtime_entry_count; status = efi_exit_boot_services(sys_table, handle, &map, &priv, exit_boot_func); if (status == EFI_SUCCESS) { efi_set_virtual_address_map_t *svam; /* Install the new virtual address map */ svam = sys_table->runtime->set_virtual_address_map; status = svam(runtime_entry_count * desc_size, desc_size, desc_ver, runtime_map); /* * We are beyond the point of no return here, so if the call to * SetVirtualAddressMap() failed, we need to signal that to the * incoming kernel but proceed normally otherwise. */ if (status != EFI_SUCCESS) { int l; /* * Set the virtual address field of all * EFI_MEMORY_RUNTIME entries to 0. This will signal * the incoming kernel that no virtual translation has * been installed. */ for (l = 0; l < map_size; l += desc_size) { efi_memory_desc_t *p = (void *)memory_map + l; if (p->attribute & EFI_MEMORY_RUNTIME) p->virt_addr = 0; } } return EFI_SUCCESS; } pr_efi_err(sys_table, "Exit boot services failed.\n"); fail_free_mmap: sys_table->boottime->free_pool(memory_map); fail_free_new_fdt: efi_free(sys_table, new_fdt_size, *new_fdt_addr); fail: sys_table->boottime->free_pool(runtime_map); return EFI_LOAD_ERROR; }