/** Process a QEMU_LOADER_ADD_CHECKSUM command. @param[in] AddChecksum The QEMU_LOADER_ADD_CHECKSUM command to process. @param[in] Tracker The ORDERED_COLLECTION tracking the BLOB user structures created thus far. @retval EFI_PROTOCOL_ERROR Malformed fw_cfg file name has been found in AddChecksum, or the AddChecksum command references a file unknown to Tracker, or the range to checksum is invalid. @retval EFI_SUCCESS The requested range has been checksummed. **/ STATIC EFI_STATUS EFIAPI ProcessCmdAddChecksum ( IN CONST QEMU_LOADER_ADD_CHECKSUM *AddChecksum, IN CONST ORDERED_COLLECTION *Tracker ) { ORDERED_COLLECTION_ENTRY *TrackerEntry; BLOB *Blob; if (AddChecksum->File[QEMU_LOADER_FNAME_SIZE - 1] != '\0') { DEBUG ((EFI_D_ERROR, "%a: malformed file name\n", __FUNCTION__)); return EFI_PROTOCOL_ERROR; } TrackerEntry = OrderedCollectionFind (Tracker, AddChecksum->File); if (TrackerEntry == NULL) { DEBUG ((EFI_D_ERROR, "%a: invalid blob reference \"%a\"\n", __FUNCTION__, AddChecksum->File)); return EFI_PROTOCOL_ERROR; } Blob = OrderedCollectionUserStruct (TrackerEntry); if (Blob->Size <= AddChecksum->ResultOffset || Blob->Size < AddChecksum->Length || Blob->Size - AddChecksum->Length < AddChecksum->Start) { DEBUG ((EFI_D_ERROR, "%a: invalid checksum range in \"%a\"\n", __FUNCTION__, AddChecksum->File)); return EFI_PROTOCOL_ERROR; } Blob->Base[AddChecksum->ResultOffset] = CalculateCheckSum8 ( Blob->Base + AddChecksum->Start, AddChecksum->Length ); DEBUG ((EFI_D_VERBOSE, "%a: File=\"%a\" ResultOffset=0x%x Start=0x%x " "Length=0x%x\n", __FUNCTION__, AddChecksum->File, AddChecksum->ResultOffset, AddChecksum->Start, AddChecksum->Length)); return EFI_SUCCESS; }
/** Process a QEMU_LOADER_ADD_POINTER command in order to see if its target byte array is an ACPI table, and if so, install it. This function assumes that the entire QEMU linker/loader command file has been processed successfuly in a prior first pass. @param[in] AddPointer The QEMU_LOADER_ADD_POINTER command to process. @param[in] Tracker The ORDERED_COLLECTION tracking the BLOB user structures. @param[in] AcpiProtocol The ACPI table protocol used to install tables. @param[in,out] InstalledKey On input, an array of INSTALLED_TABLES_MAX UINTN elements, allocated by the caller. On output, the function will have stored (appended) the AcpiProtocol-internal key of the ACPI table that the function has installed, if the AddPointer command identified an ACPI table that is different from RSDT and XSDT. @param[in,out] NumInstalled On input, the number of entries already used in InstalledKey; it must be in [0, INSTALLED_TABLES_MAX] inclusive. On output, the parameter is incremented if the AddPointer command identified an ACPI table that is different from RSDT and XSDT. @retval EFI_INVALID_PARAMETER NumInstalled was outside the allowed range on input. @retval EFI_OUT_OF_RESOURCES The AddPointer command identified an ACPI table different from RSDT and XSDT, but there was no more room in InstalledKey. @retval EFI_SUCCESS AddPointer has been processed. Either an ACPI table different from RSDT and XSDT has been installed (reflected by InstalledKey and NumInstalled), or RSDT or XSDT has been identified but not installed, or the fw_cfg blob pointed-into by AddPointer has been marked as hosting something else than just direct ACPI table contents. @return Error codes returned by AcpiProtocol->InstallAcpiTable(). **/ STATIC EFI_STATUS EFIAPI Process2ndPassCmdAddPointer ( IN CONST QEMU_LOADER_ADD_POINTER *AddPointer, IN CONST ORDERED_COLLECTION *Tracker, IN EFI_ACPI_TABLE_PROTOCOL *AcpiProtocol, IN OUT UINTN InstalledKey[INSTALLED_TABLES_MAX], IN OUT INT32 *NumInstalled ) { CONST ORDERED_COLLECTION_ENTRY *TrackerEntry; CONST ORDERED_COLLECTION_ENTRY *TrackerEntry2; CONST BLOB *Blob; BLOB *Blob2; CONST UINT8 *PointerField; UINT64 PointerValue; UINTN Blob2Remaining; UINTN TableSize; CONST EFI_ACPI_1_0_FIRMWARE_ACPI_CONTROL_STRUCTURE *Facs; CONST EFI_ACPI_DESCRIPTION_HEADER *Header; EFI_STATUS Status; if (*NumInstalled < 0 || *NumInstalled > INSTALLED_TABLES_MAX) { return EFI_INVALID_PARAMETER; } TrackerEntry = OrderedCollectionFind (Tracker, AddPointer->PointerFile); TrackerEntry2 = OrderedCollectionFind (Tracker, AddPointer->PointeeFile); Blob = OrderedCollectionUserStruct (TrackerEntry); Blob2 = OrderedCollectionUserStruct (TrackerEntry2); PointerField = Blob->Base + AddPointer->PointerOffset; PointerValue = 0; CopyMem (&PointerValue, PointerField, AddPointer->PointerSize); // // We assert that PointerValue falls inside Blob2's contents. This is ensured // by the Blob2->Size check and later checks in ProcessCmdAddPointer(). // Blob2Remaining = (UINTN)Blob2->Base; ASSERT(PointerValue >= Blob2Remaining); Blob2Remaining += Blob2->Size; ASSERT (PointerValue < Blob2Remaining); Blob2Remaining -= (UINTN) PointerValue; DEBUG ((EFI_D_VERBOSE, "%a: checking for ACPI header in \"%a\" at 0x%Lx " "(remaining: 0x%Lx): ", __FUNCTION__, AddPointer->PointeeFile, PointerValue, (UINT64)Blob2Remaining)); TableSize = 0; // // To make our job simple, the FACS has a custom header. Sigh. // if (sizeof *Facs <= Blob2Remaining) { Facs = (EFI_ACPI_1_0_FIRMWARE_ACPI_CONTROL_STRUCTURE *)(UINTN)PointerValue; if (Facs->Length >= sizeof *Facs && Facs->Length <= Blob2Remaining && Facs->Signature == EFI_ACPI_1_0_FIRMWARE_ACPI_CONTROL_STRUCTURE_SIGNATURE) { DEBUG ((EFI_D_VERBOSE, "found \"%-4.4a\" size 0x%x\n", (CONST CHAR8 *)&Facs->Signature, Facs->Length)); TableSize = Facs->Length; } } // // check for the uniform tables // if (TableSize == 0 && sizeof *Header <= Blob2Remaining) { Header = (EFI_ACPI_DESCRIPTION_HEADER *)(UINTN)PointerValue; if (Header->Length >= sizeof *Header && Header->Length <= Blob2Remaining && CalculateSum8 ((CONST UINT8 *)Header, Header->Length) == 0) { // // This looks very much like an ACPI table from QEMU: // - Length field consistent with both ACPI and containing blob size // - checksum is correct // DEBUG ((EFI_D_VERBOSE, "found \"%-4.4a\" size 0x%x\n", (CONST CHAR8 *)&Header->Signature, Header->Length)); TableSize = Header->Length; // // Skip RSDT and XSDT because those are handled by // EFI_ACPI_TABLE_PROTOCOL automatically. if (Header->Signature == EFI_ACPI_1_0_ROOT_SYSTEM_DESCRIPTION_TABLE_SIGNATURE || Header->Signature == EFI_ACPI_2_0_EXTENDED_SYSTEM_DESCRIPTION_TABLE_SIGNATURE) { return EFI_SUCCESS; } } } if (TableSize == 0) { DEBUG ((EFI_D_VERBOSE, "not found; marking fw_cfg blob as opaque\n")); Blob2->HostsOnlyTableData = FALSE; return EFI_SUCCESS; } if (*NumInstalled == INSTALLED_TABLES_MAX) { DEBUG ((EFI_D_ERROR, "%a: can't install more than %d tables\n", __FUNCTION__, INSTALLED_TABLES_MAX)); return EFI_OUT_OF_RESOURCES; } Status = AcpiProtocol->InstallAcpiTable (AcpiProtocol, (VOID *)(UINTN)PointerValue, TableSize, &InstalledKey[*NumInstalled]); if (EFI_ERROR (Status)) { DEBUG ((EFI_D_ERROR, "%a: InstallAcpiTable(): %r\n", __FUNCTION__, Status)); return Status; } ++*NumInstalled; return EFI_SUCCESS; }
/** Process a QEMU_LOADER_ADD_POINTER command. @param[in] AddPointer The QEMU_LOADER_ADD_POINTER command to process. @param[in] Tracker The ORDERED_COLLECTION tracking the BLOB user structures created thus far. @retval EFI_PROTOCOL_ERROR Malformed fw_cfg file name(s) have been found in AddPointer, or the AddPointer command references a file unknown to Tracker, or the pointer to relocate has invalid location, size, or value, or the relocated pointer value is not representable in the given pointer size. @retval EFI_SUCCESS The pointer field inside the pointer blob has been relocated. **/ STATIC EFI_STATUS EFIAPI ProcessCmdAddPointer ( IN CONST QEMU_LOADER_ADD_POINTER *AddPointer, IN CONST ORDERED_COLLECTION *Tracker ) { ORDERED_COLLECTION_ENTRY *TrackerEntry, *TrackerEntry2; BLOB *Blob, *Blob2; UINT8 *PointerField; UINT64 PointerValue; if (AddPointer->PointerFile[QEMU_LOADER_FNAME_SIZE - 1] != '\0' || AddPointer->PointeeFile[QEMU_LOADER_FNAME_SIZE - 1] != '\0') { DEBUG ((EFI_D_ERROR, "%a: malformed file name\n", __FUNCTION__)); return EFI_PROTOCOL_ERROR; } TrackerEntry = OrderedCollectionFind (Tracker, AddPointer->PointerFile); TrackerEntry2 = OrderedCollectionFind (Tracker, AddPointer->PointeeFile); if (TrackerEntry == NULL || TrackerEntry2 == NULL) { DEBUG ((EFI_D_ERROR, "%a: invalid blob reference(s) \"%a\" / \"%a\"\n", __FUNCTION__, AddPointer->PointerFile, AddPointer->PointeeFile)); return EFI_PROTOCOL_ERROR; } Blob = OrderedCollectionUserStruct (TrackerEntry); Blob2 = OrderedCollectionUserStruct (TrackerEntry2); if ((AddPointer->PointerSize != 1 && AddPointer->PointerSize != 2 && AddPointer->PointerSize != 4 && AddPointer->PointerSize != 8) || Blob->Size < AddPointer->PointerSize || Blob->Size - AddPointer->PointerSize < AddPointer->PointerOffset) { DEBUG ((EFI_D_ERROR, "%a: invalid pointer location or size in \"%a\"\n", __FUNCTION__, AddPointer->PointerFile)); return EFI_PROTOCOL_ERROR; } PointerField = Blob->Base + AddPointer->PointerOffset; PointerValue = 0; CopyMem (&PointerValue, PointerField, AddPointer->PointerSize); if (PointerValue >= Blob2->Size) { DEBUG ((EFI_D_ERROR, "%a: invalid pointer value in \"%a\"\n", __FUNCTION__, AddPointer->PointerFile)); return EFI_PROTOCOL_ERROR; } // // The memory allocation system ensures that the address of the byte past the // last byte of any allocated object is expressible (no wraparound). // ASSERT ((UINTN)Blob2->Base <= MAX_ADDRESS - Blob2->Size); PointerValue += (UINT64)(UINTN)Blob2->Base; if (RShiftU64 ( RShiftU64 (PointerValue, AddPointer->PointerSize * 8 - 1), 1) != 0) { DEBUG ((EFI_D_ERROR, "%a: relocated pointer value unrepresentable in " "\"%a\"\n", __FUNCTION__, AddPointer->PointerFile)); return EFI_PROTOCOL_ERROR; } CopyMem (PointerField, &PointerValue, AddPointer->PointerSize); DEBUG ((EFI_D_VERBOSE, "%a: PointerFile=\"%a\" PointeeFile=\"%a\" " "PointerOffset=0x%x PointerSize=%d\n", __FUNCTION__, AddPointer->PointerFile, AddPointer->PointeeFile, AddPointer->PointerOffset, AddPointer->PointerSize)); return EFI_SUCCESS; }
/** Create a structure that maps the relative positions of PCI root buses to bus numbers. In the "bootorder" fw_cfg file, QEMU refers to extra PCI root buses by their positions, in relative root bus number order, not by their actual PCI bus numbers. The ACPI HID device path nodes however that are associated with PciRootBridgeIo protocol instances in the system have their UID fields set to the bus numbers. Create a map that gives, for each extra PCI root bus's position (ie. "serial number") its actual PCI bus number. @param[out] ExtraRootBusMap The data structure implementing the map. @retval EFI_SUCCESS ExtraRootBusMap has been populated. @retval EFI_OUT_OF_RESOURCES Memory allocation failed. @retval EFI_ALREADY_STARTED A duplicate root bus number has been found in the system. (This should never happen.) @return Error codes returned by gBS->LocateHandleBuffer() and gBS->HandleProtocol(). **/ EFI_STATUS CreateExtraRootBusMap ( OUT EXTRA_ROOT_BUS_MAP **ExtraRootBusMap ) { EFI_STATUS Status; UINTN NumHandles; EFI_HANDLE *Handles; ORDERED_COLLECTION *Collection; EXTRA_ROOT_BUS_MAP *Map; UINTN Idx; ORDERED_COLLECTION_ENTRY *Entry, *Entry2; // // Handles and Collection are temporary / helper variables, while in Map we // build the return value. // Status = gBS->LocateHandleBuffer (ByProtocol, &gEfiPciRootBridgeIoProtocolGuid, NULL /* SearchKey */, &NumHandles, &Handles); if (EFI_ERROR (Status)) { return Status; } Collection = OrderedCollectionInit (RootBridgePathCompare, RootBridgePathKeyCompare); if (Collection == NULL) { Status = EFI_OUT_OF_RESOURCES; goto FreeHandles; } Map = AllocateZeroPool (sizeof *Map); if (Map == NULL) { Status = EFI_OUT_OF_RESOURCES; goto FreeCollection; } // // Collect the ACPI device path protocols of the root bridges. // for (Idx = 0; Idx < NumHandles; ++Idx) { EFI_DEVICE_PATH_PROTOCOL *DevicePath; Status = gBS->HandleProtocol (Handles[Idx], &gEfiDevicePathProtocolGuid, (VOID**)&DevicePath); if (EFI_ERROR (Status)) { goto FreeMap; } // // Examine if the device path is an ACPI HID one, and if so, if UID is // nonzero (ie. the root bridge that the bus number belongs to is "extra", // not the main one). In that case, link the device path into Collection. // if (DevicePathType (DevicePath) == ACPI_DEVICE_PATH && DevicePathSubType (DevicePath) == ACPI_DP && ((ACPI_HID_DEVICE_PATH *)DevicePath)->HID == EISA_PNP_ID(0x0A03) && ((ACPI_HID_DEVICE_PATH *)DevicePath)->UID > 0) { Status = OrderedCollectionInsert (Collection, NULL, DevicePath); if (EFI_ERROR (Status)) { goto FreeMap; } ++Map->Count; } } if (Map->Count > 0) { // // At least one extra PCI root bus exists. // Map->BusNumbers = AllocatePool (Map->Count * sizeof *Map->BusNumbers); if (Map->BusNumbers == NULL) { Status = EFI_OUT_OF_RESOURCES; goto FreeMap; } } // // Now collect the bus numbers of the extra PCI root buses into Map. // Idx = 0; Entry = OrderedCollectionMin (Collection); while (Idx < Map->Count) { ACPI_HID_DEVICE_PATH *Acpi; ASSERT (Entry != NULL); Acpi = OrderedCollectionUserStruct (Entry); Map->BusNumbers[Idx] = Acpi->UID; DEBUG ((EFI_D_VERBOSE, "%a: extra bus position 0x%Lx maps to bus number (UID) 0x%x\n", __FUNCTION__, (UINT64)(Idx + 1), Acpi->UID)); ++Idx; Entry = OrderedCollectionNext (Entry); } ASSERT (Entry == NULL); *ExtraRootBusMap = Map; Status = EFI_SUCCESS; // // Fall through in order to release temporaries. // FreeMap: if (EFI_ERROR (Status)) { if (Map->BusNumbers != NULL) { FreePool (Map->BusNumbers); } FreePool (Map); } FreeCollection: for (Entry = OrderedCollectionMin (Collection); Entry != NULL; Entry = Entry2) { Entry2 = OrderedCollectionNext (Entry); OrderedCollectionDelete (Collection, Entry, NULL); } OrderedCollectionUninit (Collection); FreeHandles: FreePool (Handles); return Status; }