Commit | Line | Data |
---|---|---|
eeb9db09 ST |
1 | #include <linux/init.h> |
2 | #include <linux/kernel.h> | |
3 | #include <linux/string.h> | |
4 | #include <linux/time.h> | |
5 | #include <linux/types.h> | |
6 | #include <linux/efi.h> | |
7 | #include <linux/slab.h> | |
8 | #include <linux/memblock.h> | |
9 | #include <linux/bootmem.h> | |
44be28e9 | 10 | #include <linux/acpi.h> |
d394f2d9 | 11 | #include <linux/dmi.h> |
eeb9db09 ST |
12 | #include <asm/efi.h> |
13 | #include <asm/uv/uv.h> | |
14 | ||
15 | #define EFI_MIN_RESERVE 5120 | |
16 | ||
17 | #define EFI_DUMMY_GUID \ | |
18 | EFI_GUID(0x4424ac57, 0xbe4b, 0x47dd, 0x9e, 0x97, 0xed, 0x50, 0xf0, 0x9f, 0x92, 0xa9) | |
19 | ||
20 | static efi_char16_t efi_dummy_name[6] = { 'D', 'U', 'M', 'M', 'Y', 0 }; | |
21 | ||
22 | static bool efi_no_storage_paranoia; | |
23 | ||
24 | /* | |
25 | * Some firmware implementations refuse to boot if there's insufficient | |
26 | * space in the variable store. The implementation of garbage collection | |
27 | * in some FW versions causes stale (deleted) variables to take up space | |
28 | * longer than intended and space is only freed once the store becomes | |
29 | * almost completely full. | |
30 | * | |
31 | * Enabling this option disables the space checks in | |
32 | * efi_query_variable_store() and forces garbage collection. | |
33 | * | |
34 | * Only enable this option if deleting EFI variables does not free up | |
35 | * space in your variable store, e.g. if despite deleting variables | |
36 | * you're unable to create new ones. | |
37 | */ | |
38 | static int __init setup_storage_paranoia(char *arg) | |
39 | { | |
40 | efi_no_storage_paranoia = true; | |
41 | return 0; | |
42 | } | |
43 | early_param("efi_no_storage_paranoia", setup_storage_paranoia); | |
44 | ||
45 | /* | |
46 | * Deleting the dummy variable which kicks off garbage collection | |
47 | */ | |
48 | void efi_delete_dummy_variable(void) | |
49 | { | |
50 | efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID, | |
51 | EFI_VARIABLE_NON_VOLATILE | | |
52 | EFI_VARIABLE_BOOTSERVICE_ACCESS | | |
53 | EFI_VARIABLE_RUNTIME_ACCESS, | |
54 | 0, NULL); | |
55 | } | |
56 | ||
57 | /* | |
58 | * Some firmware implementations refuse to boot if there's insufficient space | |
59 | * in the variable store. Ensure that we never use more than a safe limit. | |
60 | * | |
61 | * Return EFI_SUCCESS if it is safe to write 'size' bytes to the variable | |
62 | * store. | |
63 | */ | |
64 | efi_status_t efi_query_variable_store(u32 attributes, unsigned long size) | |
65 | { | |
66 | efi_status_t status; | |
67 | u64 storage_size, remaining_size, max_size; | |
68 | ||
69 | if (!(attributes & EFI_VARIABLE_NON_VOLATILE)) | |
70 | return 0; | |
71 | ||
72 | status = efi.query_variable_info(attributes, &storage_size, | |
73 | &remaining_size, &max_size); | |
74 | if (status != EFI_SUCCESS) | |
75 | return status; | |
76 | ||
77 | /* | |
78 | * We account for that by refusing the write if permitting it would | |
79 | * reduce the available space to under 5KB. This figure was provided by | |
80 | * Samsung, so should be safe. | |
81 | */ | |
82 | if ((remaining_size - size < EFI_MIN_RESERVE) && | |
83 | !efi_no_storage_paranoia) { | |
84 | ||
85 | /* | |
86 | * Triggering garbage collection may require that the firmware | |
87 | * generate a real EFI_OUT_OF_RESOURCES error. We can force | |
88 | * that by attempting to use more space than is available. | |
89 | */ | |
90 | unsigned long dummy_size = remaining_size + 1024; | |
91 | void *dummy = kzalloc(dummy_size, GFP_ATOMIC); | |
92 | ||
93 | if (!dummy) | |
94 | return EFI_OUT_OF_RESOURCES; | |
95 | ||
96 | status = efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID, | |
97 | EFI_VARIABLE_NON_VOLATILE | | |
98 | EFI_VARIABLE_BOOTSERVICE_ACCESS | | |
99 | EFI_VARIABLE_RUNTIME_ACCESS, | |
100 | dummy_size, dummy); | |
101 | ||
102 | if (status == EFI_SUCCESS) { | |
103 | /* | |
104 | * This should have failed, so if it didn't make sure | |
105 | * that we delete it... | |
106 | */ | |
107 | efi_delete_dummy_variable(); | |
108 | } | |
109 | ||
110 | kfree(dummy); | |
111 | ||
112 | /* | |
113 | * The runtime code may now have triggered a garbage collection | |
114 | * run, so check the variable info again | |
115 | */ | |
116 | status = efi.query_variable_info(attributes, &storage_size, | |
117 | &remaining_size, &max_size); | |
118 | ||
119 | if (status != EFI_SUCCESS) | |
120 | return status; | |
121 | ||
122 | /* | |
123 | * There still isn't enough room, so return an error | |
124 | */ | |
125 | if (remaining_size - size < EFI_MIN_RESERVE) | |
126 | return EFI_OUT_OF_RESOURCES; | |
127 | } | |
128 | ||
129 | return EFI_SUCCESS; | |
130 | } | |
131 | EXPORT_SYMBOL_GPL(efi_query_variable_store); | |
132 | ||
452308de MF |
133 | /* |
134 | * Helper function for efi_reserve_boot_services() to figure out if we | |
135 | * can free regions in efi_free_boot_services(). | |
136 | * | |
137 | * Use this function to ensure we do not free regions owned by somebody | |
138 | * else. We must only reserve (and then free) regions: | |
139 | * | |
140 | * - Not within any part of the kernel | |
141 | * - Not the BIOS reserved area (E820_RESERVED, E820_NVS, etc) | |
142 | */ | |
143 | static bool can_free_region(u64 start, u64 size) | |
144 | { | |
145 | if (start + size > __pa_symbol(_text) && start <= __pa_symbol(_end)) | |
146 | return false; | |
147 | ||
148 | if (!e820_all_mapped(start, start+size, E820_RAM)) | |
149 | return false; | |
150 | ||
151 | return true; | |
152 | } | |
153 | ||
eeb9db09 ST |
154 | /* |
155 | * The UEFI specification makes it clear that the operating system is free to do | |
156 | * whatever it wants with boot services code after ExitBootServices() has been | |
157 | * called. Ignoring this recommendation a significant bunch of EFI implementations | |
158 | * continue calling into boot services code (SetVirtualAddressMap). In order to | |
159 | * work around such buggy implementations we reserve boot services region during | |
160 | * EFI init and make sure it stays executable. Then, after SetVirtualAddressMap(), it | |
161 | * is discarded. | |
162 | */ | |
163 | void __init efi_reserve_boot_services(void) | |
164 | { | |
165 | void *p; | |
166 | ||
167 | for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) { | |
168 | efi_memory_desc_t *md = p; | |
169 | u64 start = md->phys_addr; | |
170 | u64 size = md->num_pages << EFI_PAGE_SHIFT; | |
452308de | 171 | bool already_reserved; |
eeb9db09 ST |
172 | |
173 | if (md->type != EFI_BOOT_SERVICES_CODE && | |
174 | md->type != EFI_BOOT_SERVICES_DATA) | |
175 | continue; | |
452308de MF |
176 | |
177 | already_reserved = memblock_is_region_reserved(start, size); | |
178 | ||
179 | /* | |
180 | * Because the following memblock_reserve() is paired | |
181 | * with free_bootmem_late() for this region in | |
182 | * efi_free_boot_services(), we must be extremely | |
183 | * careful not to reserve, and subsequently free, | |
184 | * critical regions of memory (like the kernel image) or | |
185 | * those regions that somebody else has already | |
186 | * reserved. | |
187 | * | |
188 | * A good example of a critical region that must not be | |
189 | * freed is page zero (first 4Kb of memory), which may | |
190 | * contain boot services code/data but is marked | |
191 | * E820_RESERVED by trim_bios_range(). | |
192 | */ | |
193 | if (!already_reserved) { | |
eeb9db09 | 194 | memblock_reserve(start, size); |
452308de MF |
195 | |
196 | /* | |
197 | * If we are the first to reserve the region, no | |
198 | * one else cares about it. We own it and can | |
199 | * free it later. | |
200 | */ | |
201 | if (can_free_region(start, size)) | |
202 | continue; | |
203 | } | |
204 | ||
205 | /* | |
206 | * We don't own the region. We must not free it. | |
207 | * | |
208 | * Setting this bit for a boot services region really | |
209 | * doesn't make sense as far as the firmware is | |
210 | * concerned, but it does provide us with a way to tag | |
211 | * those regions that must not be paired with | |
212 | * free_bootmem_late(). | |
213 | */ | |
214 | md->attribute |= EFI_MEMORY_RUNTIME; | |
eeb9db09 ST |
215 | } |
216 | } | |
217 | ||
218 | void __init efi_free_boot_services(void) | |
219 | { | |
220 | void *p; | |
221 | ||
222 | for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) { | |
223 | efi_memory_desc_t *md = p; | |
224 | unsigned long long start = md->phys_addr; | |
225 | unsigned long long size = md->num_pages << EFI_PAGE_SHIFT; | |
226 | ||
227 | if (md->type != EFI_BOOT_SERVICES_CODE && | |
228 | md->type != EFI_BOOT_SERVICES_DATA) | |
229 | continue; | |
230 | ||
452308de MF |
231 | /* Do not free, someone else owns it: */ |
232 | if (md->attribute & EFI_MEMORY_RUNTIME) | |
eeb9db09 ST |
233 | continue; |
234 | ||
235 | free_bootmem_late(start, size); | |
236 | } | |
237 | ||
238 | efi_unmap_memmap(); | |
239 | } | |
240 | ||
241 | /* | |
242 | * A number of config table entries get remapped to virtual addresses | |
243 | * after entering EFI virtual mode. However, the kexec kernel requires | |
244 | * their physical addresses therefore we pass them via setup_data and | |
245 | * correct those entries to their respective physical addresses here. | |
246 | * | |
247 | * Currently only handles smbios which is necessary for some firmware | |
248 | * implementation. | |
249 | */ | |
250 | int __init efi_reuse_config(u64 tables, int nr_tables) | |
251 | { | |
252 | int i, sz, ret = 0; | |
253 | void *p, *tablep; | |
254 | struct efi_setup_data *data; | |
255 | ||
256 | if (!efi_setup) | |
257 | return 0; | |
258 | ||
259 | if (!efi_enabled(EFI_64BIT)) | |
260 | return 0; | |
261 | ||
262 | data = early_memremap(efi_setup, sizeof(*data)); | |
263 | if (!data) { | |
264 | ret = -ENOMEM; | |
265 | goto out; | |
266 | } | |
267 | ||
268 | if (!data->smbios) | |
269 | goto out_memremap; | |
270 | ||
271 | sz = sizeof(efi_config_table_64_t); | |
272 | ||
273 | p = tablep = early_memremap(tables, nr_tables * sz); | |
274 | if (!p) { | |
275 | pr_err("Could not map Configuration table!\n"); | |
276 | ret = -ENOMEM; | |
277 | goto out_memremap; | |
278 | } | |
279 | ||
280 | for (i = 0; i < efi.systab->nr_tables; i++) { | |
281 | efi_guid_t guid; | |
282 | ||
283 | guid = ((efi_config_table_64_t *)p)->guid; | |
284 | ||
285 | if (!efi_guidcmp(guid, SMBIOS_TABLE_GUID)) | |
286 | ((efi_config_table_64_t *)p)->table = data->smbios; | |
287 | p += sz; | |
288 | } | |
98a716b6 | 289 | early_memunmap(tablep, nr_tables * sz); |
eeb9db09 ST |
290 | |
291 | out_memremap: | |
98a716b6 | 292 | early_memunmap(data, sizeof(*data)); |
eeb9db09 ST |
293 | out: |
294 | return ret; | |
295 | } | |
296 | ||
d394f2d9 AT |
297 | static const struct dmi_system_id sgi_uv1_dmi[] = { |
298 | { NULL, "SGI UV1", | |
299 | { DMI_MATCH(DMI_PRODUCT_NAME, "Stoutland Platform"), | |
300 | DMI_MATCH(DMI_PRODUCT_VERSION, "1.0"), | |
301 | DMI_MATCH(DMI_BIOS_VENDOR, "SGI.COM"), | |
302 | } | |
303 | }, | |
304 | { } /* NULL entry stops DMI scanning */ | |
305 | }; | |
306 | ||
eeb9db09 ST |
307 | void __init efi_apply_memmap_quirks(void) |
308 | { | |
309 | /* | |
310 | * Once setup is done earlier, unmap the EFI memory map on mismatched | |
311 | * firmware/kernel architectures since there is no support for runtime | |
312 | * services. | |
313 | */ | |
314 | if (!efi_runtime_supported()) { | |
315 | pr_info("efi: Setup done, disabling due to 32/64-bit mismatch\n"); | |
316 | efi_unmap_memmap(); | |
317 | } | |
318 | ||
d394f2d9 AT |
319 | /* UV2+ BIOS has a fix for this issue. UV1 still needs the quirk. */ |
320 | if (dmi_check_system(sgi_uv1_dmi)) | |
eeb9db09 ST |
321 | set_bit(EFI_OLD_MEMMAP, &efi.flags); |
322 | } | |
44be28e9 MF |
323 | |
324 | /* | |
325 | * For most modern platforms the preferred method of powering off is via | |
326 | * ACPI. However, there are some that are known to require the use of | |
327 | * EFI runtime services and for which ACPI does not work at all. | |
328 | * | |
329 | * Using EFI is a last resort, to be used only if no other option | |
330 | * exists. | |
331 | */ | |
332 | bool efi_reboot_required(void) | |
333 | { | |
334 | if (!acpi_gbl_reduced_hardware) | |
335 | return false; | |
336 | ||
337 | efi_reboot_quirk_mode = EFI_RESET_WARM; | |
338 | return true; | |
339 | } | |
340 | ||
341 | bool efi_poweroff_required(void) | |
342 | { | |
343 | return !!acpi_gbl_reduced_hardware; | |
344 | } |