From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: loongarch@lists.linux.dev, Ard Biesheuvel <ardb@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Huacai Chen <chenhuacai@loongson.cn>,
Xi Ruoyao <xry111@xry111.site>
Subject: [PATCH v2 6/8] efi: libstub: remove DT dependency from generic stub
Date: Tue, 20 Sep 2022 20:35:52 +0200 [thread overview]
Message-ID: <20220920183554.3870247-7-ardb@kernel.org> (raw)
In-Reply-To: <20220920183554.3870247-1-ardb@kernel.org>
Refactor the generic EFI stub entry code so that all the dependencies on
device tree are abstracted and hidden behind a generic efi_boot_kernel()
routine that can also be implemented in other ways. This allows users of
the generic stub to avoid using FDT for passing information to the core
kernel.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
drivers/firmware/efi/libstub/efi-stub.c | 53 +----------------
drivers/firmware/efi/libstub/efistub.h | 7 +--
drivers/firmware/efi/libstub/fdt.c | 61 ++++++++++++++++++--
3 files changed, 60 insertions(+), 61 deletions(-)
diff --git a/drivers/firmware/efi/libstub/efi-stub.c b/drivers/firmware/efi/libstub/efi-stub.c
index 7d53528613ce..e6179a89430b 100644
--- a/drivers/firmware/efi/libstub/efi-stub.c
+++ b/drivers/firmware/efi/libstub/efi-stub.c
@@ -10,7 +10,6 @@
*/
#include <linux/efi.h>
-#include <linux/libfdt.h>
#include <asm/efi.h>
#include "efistub.h"
@@ -132,14 +131,11 @@ efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
unsigned long image_addr;
unsigned long image_size = 0;
/* addr/point and size pairs for memory management*/
- unsigned long fdt_addr = 0; /* Original DTB */
- unsigned long fdt_size = 0;
char *cmdline_ptr = NULL;
int cmdline_size = 0;
efi_guid_t loaded_image_proto = LOADED_IMAGE_PROTOCOL_GUID;
unsigned long reserve_addr = 0;
unsigned long reserve_size = 0;
- enum efi_secureboot_mode secure_boot;
struct screen_info *si;
efi_properties_table_t *prop_tbl;
@@ -215,38 +211,6 @@ efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
/* Ask the firmware to clear memory on unclean shutdown */
efi_enable_reset_attack_mitigation();
- secure_boot = efi_get_secureboot();
-
- /*
- * Unauthenticated device tree data is a security hazard, so ignore
- * 'dtb=' unless UEFI Secure Boot is disabled. We assume that secure
- * boot is enabled if we can't determine its state.
- */
- if (!IS_ENABLED(CONFIG_EFI_ARMSTUB_DTB_LOADER) ||
- secure_boot != efi_secureboot_mode_disabled) {
- if (strstr(cmdline_ptr, "dtb="))
- efi_err("Ignoring DTB from command line.\n");
- } else {
- status = efi_load_dtb(image, &fdt_addr, &fdt_size);
-
- if (status != EFI_SUCCESS) {
- efi_err("Failed to load device tree!\n");
- goto fail_free_image;
- }
- }
-
- if (fdt_addr) {
- efi_info("Using DTB from command line\n");
- } else {
- /* Look for a device tree configuration table entry. */
- fdt_addr = (uintptr_t)get_fdt(&fdt_size);
- if (fdt_addr)
- efi_info("Using DTB from configuration table\n");
- }
-
- if (!fdt_addr)
- efi_info("Generating empty DTB\n");
-
efi_load_initrd(image, ULONG_MAX,
efi_get_max_initrd_addr(image_addr));
@@ -290,23 +254,8 @@ efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
install_memreserve_table();
- status = allocate_new_fdt_and_exit_boot(handle, &fdt_addr, cmdline_ptr,
- fdt_addr, fdt_size);
- if (status != EFI_SUCCESS)
- goto fail_free_fdt;
-
- if (IS_ENABLED(CONFIG_ARM))
- efi_handle_post_ebs_state();
-
- efi_enter_kernel(image_addr, fdt_addr, fdt_totalsize((void *)fdt_addr));
- /* not reached */
-
-fail_free_fdt:
- efi_err("Failed to update FDT and exit boot services\n");
-
- efi_free(fdt_size, fdt_addr);
+ status = efi_boot_kernel(handle, image, image_addr, cmdline_ptr);
-fail_free_image:
efi_free(image_size, image_addr);
efi_free(reserve_size, reserve_addr);
fail_free_screeninfo:
diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index 84d3d4e25d46..e26f8625a2b5 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -844,11 +844,8 @@ typedef efi_status_t (*efi_exit_boot_map_processing)(
efi_status_t efi_exit_boot_services(void *handle, void *priv,
efi_exit_boot_map_processing priv_func);
-efi_status_t allocate_new_fdt_and_exit_boot(void *handle,
- unsigned long *new_fdt_addr,
- char *cmdline_ptr,
- unsigned long fdt_addr,
- unsigned long fdt_size);
+efi_status_t efi_boot_kernel(void *handle, efi_loaded_image_t *image,
+ unsigned long kernel_addr, char *cmdline_ptr);
void *get_fdt(unsigned long *fdt_size);
diff --git a/drivers/firmware/efi/libstub/fdt.c b/drivers/firmware/efi/libstub/fdt.c
index 3c252346a425..dbea887b9956 100644
--- a/drivers/firmware/efi/libstub/fdt.c
+++ b/drivers/firmware/efi/libstub/fdt.c
@@ -220,17 +220,18 @@ static efi_status_t exit_boot_func(struct efi_boot_memmap *map, void *priv)
* exit_boot_services() call, so the exiting of boot services is very tightly
* tied to the creation of the FDT with the final memory map in it.
*/
-
+static
efi_status_t allocate_new_fdt_and_exit_boot(void *handle,
+ efi_loaded_image_t *image,
unsigned long *new_fdt_addr,
- char *cmdline_ptr,
- unsigned long fdt_addr,
- unsigned long fdt_size)
+ char *cmdline_ptr)
{
unsigned long desc_size;
u32 desc_ver;
efi_status_t status;
struct exit_boot_struct priv;
+ unsigned long fdt_addr = 0;
+ unsigned long fdt_size = 0;
if (!efi_novamap) {
status = efi_alloc_virtmap(&priv.runtime_map, &desc_size,
@@ -241,6 +242,36 @@ efi_status_t allocate_new_fdt_and_exit_boot(void *handle,
}
}
+ /*
+ * Unauthenticated device tree data is a security hazard, so ignore
+ * 'dtb=' unless UEFI Secure Boot is disabled. We assume that secure
+ * boot is enabled if we can't determine its state.
+ */
+ if (!IS_ENABLED(CONFIG_EFI_ARMSTUB_DTB_LOADER) ||
+ efi_get_secureboot() != efi_secureboot_mode_disabled) {
+ if (strstr(cmdline_ptr, "dtb="))
+ efi_err("Ignoring DTB from command line.\n");
+ } else {
+ status = efi_load_dtb(image, &fdt_addr, &fdt_size);
+
+ if (status != EFI_SUCCESS) {
+ efi_err("Failed to load device tree!\n");
+ goto fail;
+ }
+ }
+
+ if (fdt_addr) {
+ efi_info("Using DTB from command line\n");
+ } else {
+ /* Look for a device tree configuration table entry. */
+ fdt_addr = (uintptr_t)get_fdt(&fdt_size);
+ if (fdt_addr)
+ efi_info("Using DTB from configuration table\n");
+ }
+
+ if (!fdt_addr)
+ efi_info("Generating empty DTB\n");
+
efi_info("Exiting boot services...\n");
status = efi_allocate_pages(MAX_FDT_SIZE, new_fdt_addr, ULONG_MAX);
@@ -304,11 +335,33 @@ efi_status_t allocate_new_fdt_and_exit_boot(void *handle,
efi_free(MAX_FDT_SIZE, *new_fdt_addr);
fail:
+ efi_free(fdt_size, fdt_addr);
+
efi_bs_call(free_pool, priv.runtime_map);
return EFI_LOAD_ERROR;
}
+efi_status_t efi_boot_kernel(void *handle, efi_loaded_image_t *image,
+ unsigned long kernel_addr, char *cmdline_ptr)
+{
+ unsigned long fdt_addr;
+ efi_status_t status;
+
+ status = allocate_new_fdt_and_exit_boot(handle, image, &fdt_addr,
+ cmdline_ptr);
+ if (status != EFI_SUCCESS) {
+ efi_err("Failed to update FDT and exit boot services\n");
+ return status;
+ }
+
+ if (IS_ENABLED(CONFIG_ARM))
+ efi_handle_post_ebs_state();
+
+ efi_enter_kernel(kernel_addr, fdt_addr, fdt_totalsize((void *)fdt_addr));
+ /* not reached */
+}
+
void *get_fdt(unsigned long *fdt_size)
{
void *fdt;
--
2.35.1
next prev parent reply other threads:[~2022-09-20 18:36 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-20 18:35 [PATCH v2 0/8] efi: disentangle the generic EFI stub from FDT Ard Biesheuvel
2022-09-20 18:35 ` [PATCH v2 1/8] efi: libstub: drop pointless get_memory_map() call Ard Biesheuvel
2022-09-20 18:35 ` [PATCH v2 2/8] efi: libstub: avoid efi_get_memory_map() for allocating the virt map Ard Biesheuvel
2022-09-20 18:35 ` [PATCH v2 3/8] efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap Ard Biesheuvel
2022-09-20 18:35 ` [PATCH v2 4/8] efi: libstub: remove pointless goto kludge Ard Biesheuvel
2022-09-20 18:35 ` [PATCH v2 5/8] efi: libstub: unify initrd loading between architectures Ard Biesheuvel
2022-09-20 18:35 ` Ard Biesheuvel [this message]
2022-09-20 18:35 ` [PATCH v2 7/8] efi: libstub: install boot-time memory map as config table Ard Biesheuvel
2022-09-20 18:35 ` [PATCH v2 8/8] efi/loongarch: libstub: remove dependency on flattened DT Ard Biesheuvel
2022-09-21 4:00 ` Huacai Chen
2022-09-21 8:14 ` Ard Biesheuvel
2022-09-22 2:15 ` Huacai Chen
2022-09-22 7:12 ` Ard Biesheuvel
2022-09-22 7:21 ` Huacai Chen
2022-09-22 7:24 ` Ard Biesheuvel
2022-09-22 7:41 ` Huacai Chen
2022-09-22 8:59 ` Ard Biesheuvel
2022-09-22 12:07 ` Huacai Chen
2022-09-22 12:50 ` Ard Biesheuvel
2022-09-22 12:57 ` Ard Biesheuvel
2022-09-22 13:08 ` Huacai Chen
2022-09-22 13:10 ` Ard Biesheuvel
2022-09-22 13:12 ` Huacai Chen
2022-09-22 13:18 ` Ard Biesheuvel
2022-09-22 13:19 ` Ard Biesheuvel
2022-09-22 13:51 ` Ard Biesheuvel
2022-09-22 14:48 ` Huacai Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220920183554.3870247-7-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=chenhuacai@loongson.cn \
--cc=ilias.apalodimas@linaro.org \
--cc=linux-efi@vger.kernel.org \
--cc=loongarch@lists.linux.dev \
--cc=xry111@xry111.site \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox