[deliverable/linux.git] / arch / x86 / platform / efi / quirks.c

#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/string.h>
#include <linux/time.h>
#include <linux/types.h>
#include <linux/efi.h>
#include <linux/slab.h>
#include <linux/memblock.h>
#include <linux/bootmem.h>
#include <linux/acpi.h>
#include <linux/dmi.h>
#include <asm/efi.h>
#include <asm/uv/uv.h>

#define EFI_MIN_RESERVE 5120

#define EFI_DUMMY_GUID \
	EFI_GUID(0x4424ac57, 0xbe4b, 0x47dd, 0x9e, 0x97, 0xed, 0x50, 0xf0, 0x9f, 0x92, 0xa9)

static efi_char16_t efi_dummy_name[6] = { 'D', 'U', 'M', 'M', 'Y', 0 };

static bool efi_no_storage_paranoia;

/*
 * Some firmware implementations refuse to boot if there's insufficient
 * space in the variable store. The implementation of garbage collection
 * in some FW versions causes stale (deleted) variables to take up space
 * longer than intended and space is only freed once the store becomes
 * almost completely full.
 *
 * Enabling this option disables the space checks in
 * efi_query_variable_store() and forces garbage collection.
 *
 * Only enable this option if deleting EFI variables does not free up
 * space in your variable store, e.g. if despite deleting variables
 * you're unable to create new ones.
 */
static int __init setup_storage_paranoia(char *arg)
{
	efi_no_storage_paranoia = true;
	return 0;
}
early_param("efi_no_storage_paranoia", setup_storage_paranoia);

/*
 * Deleting the dummy variable which kicks off garbage collection
*/
void efi_delete_dummy_variable(void)
{
	efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID,
			 EFI_VARIABLE_NON_VOLATILE |
			 EFI_VARIABLE_BOOTSERVICE_ACCESS |
			 EFI_VARIABLE_RUNTIME_ACCESS,
			 0, NULL);
}

/*
 * Some firmware implementations refuse to boot if there's insufficient space
 * in the variable store. Ensure that we never use more than a safe limit.
 *
 * Return EFI_SUCCESS if it is safe to write 'size' bytes to the variable
 * store.
 */
efi_status_t efi_query_variable_store(u32 attributes, unsigned long size)
{
	efi_status_t status;
	u64 storage_size, remaining_size, max_size;

	if (!(attributes & EFI_VARIABLE_NON_VOLATILE))
		return 0;

	status = efi.query_variable_info(attributes, &storage_size,
					 &remaining_size, &max_size);
	if (status != EFI_SUCCESS)
		return status;

	/*
	 * We account for that by refusing the write if permitting it would
	 * reduce the available space to under 5KB. This figure was provided by
	 * Samsung, so should be safe.
	 */
	if ((remaining_size - size < EFI_MIN_RESERVE) &&
		!efi_no_storage_paranoia) {

		/*
		 * Triggering garbage collection may require that the firmware
		 * generate a real EFI_OUT_OF_RESOURCES error. We can force
		 * that by attempting to use more space than is available.
		 */
		unsigned long dummy_size = remaining_size + 1024;
		void *dummy = kzalloc(dummy_size, GFP_ATOMIC);

		if (!dummy)
			return EFI_OUT_OF_RESOURCES;

		status = efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID,
					  EFI_VARIABLE_NON_VOLATILE |
					  EFI_VARIABLE_BOOTSERVICE_ACCESS |
					  EFI_VARIABLE_RUNTIME_ACCESS,
					  dummy_size, dummy);

		if (status == EFI_SUCCESS) {
			/*
			 * This should have failed, so if it didn't make sure
			 * that we delete it...
			 */
			efi_delete_dummy_variable();
		}

		kfree(dummy);

		/*
		 * The runtime code may now have triggered a garbage collection
		 * run, so check the variable info again
		 */
		status = efi.query_variable_info(attributes, &storage_size,
						 &remaining_size, &max_size);

		if (status != EFI_SUCCESS)
			return status;

		/*
		 * There still isn't enough room, so return an error
		 */
		if (remaining_size - size < EFI_MIN_RESERVE)
			return EFI_OUT_OF_RESOURCES;
	}

	return EFI_SUCCESS;
}
EXPORT_SYMBOL_GPL(efi_query_variable_store);

/*
 * Helper function for efi_reserve_boot_services() to figure out if we
 * can free regions in efi_free_boot_services().
 *
 * Use this function to ensure we do not free regions owned by somebody
 * else. We must only reserve (and then free) regions:
 *
 * - Not within any part of the kernel
 * - Not the BIOS reserved area (E820_RESERVED, E820_NVS, etc)
 */
static bool can_free_region(u64 start, u64 size)
{
	if (start + size > __pa_symbol(_text) && start <= __pa_symbol(_end))
		return false;

	if (!e820_all_mapped(start, start+size, E820_RAM))
		return false;

	return true;
}

/*
 * The UEFI specification makes it clear that the operating system is free to do
 * whatever it wants with boot services code after ExitBootServices() has been
 * called. Ignoring this recommendation a significant bunch of EFI implementations 
 * continue calling into boot services code (SetVirtualAddressMap). In order to 
 * work around such buggy implementations we reserve boot services region during 
 * EFI init and make sure it stays executable. Then, after SetVirtualAddressMap(), it
* is discarded.
*/
void __init efi_reserve_boot_services(void)
{
	void *p;

	for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) {
		efi_memory_desc_t *md = p;
		u64 start = md->phys_addr;
		u64 size = md->num_pages << EFI_PAGE_SHIFT;
		bool already_reserved;

		if (md->type != EFI_BOOT_SERVICES_CODE &&
		    md->type != EFI_BOOT_SERVICES_DATA)
			continue;

		already_reserved = memblock_is_region_reserved(start, size);

		/*
		 * Because the following memblock_reserve() is paired
		 * with free_bootmem_late() for this region in
		 * efi_free_boot_services(), we must be extremely
		 * careful not to reserve, and subsequently free,
		 * critical regions of memory (like the kernel image) or
		 * those regions that somebody else has already
		 * reserved.
		 *
		 * A good example of a critical region that must not be
		 * freed is page zero (first 4Kb of memory), which may
		 * contain boot services code/data but is marked
		 * E820_RESERVED by trim_bios_range().
		 */
		if (!already_reserved) {
			memblock_reserve(start, size);

			/*
			 * If we are the first to reserve the region, no
			 * one else cares about it. We own it and can
			 * free it later.
			 */
			if (can_free_region(start, size))
				continue;
		}

		/*
		 * We don't own the region. We must not free it.
		 *
		 * Setting this bit for a boot services region really
		 * doesn't make sense as far as the firmware is
		 * concerned, but it does provide us with a way to tag
		 * those regions that must not be paired with
		 * free_bootmem_late().
		 */
		md->attribute |= EFI_MEMORY_RUNTIME;
	}
}

void __init efi_free_boot_services(void)
{
	void *p;

	for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) {
		efi_memory_desc_t *md = p;
		unsigned long long start = md->phys_addr;
		unsigned long long size = md->num_pages << EFI_PAGE_SHIFT;

		if (md->type != EFI_BOOT_SERVICES_CODE &&
		    md->type != EFI_BOOT_SERVICES_DATA)
			continue;

		/* Do not free, someone else owns it: */
		if (md->attribute & EFI_MEMORY_RUNTIME)
			continue;

		free_bootmem_late(start, size);
	}

	efi_unmap_memmap();
}

/*
 * A number of config table entries get remapped to virtual addresses
 * after entering EFI virtual mode. However, the kexec kernel requires
 * their physical addresses therefore we pass them via setup_data and
 * correct those entries to their respective physical addresses here.
 *
 * Currently only handles smbios which is necessary for some firmware
 * implementation.
 */
int __init efi_reuse_config(u64 tables, int nr_tables)
{
	int i, sz, ret = 0;
	void *p, *tablep;
	struct efi_setup_data *data;

	if (!efi_setup)
		return 0;

	if (!efi_enabled(EFI_64BIT))
		return 0;

	data = early_memremap(efi_setup, sizeof(*data));
	if (!data) {
		ret = -ENOMEM;
		goto out;
	}

	if (!data->smbios)
		goto out_memremap;

	sz = sizeof(efi_config_table_64_t);

	p = tablep = early_memremap(tables, nr_tables * sz);
	if (!p) {
		pr_err("Could not map Configuration table!\n");
		ret = -ENOMEM;
		goto out_memremap;
	}

	for (i = 0; i < efi.systab->nr_tables; i++) {
		efi_guid_t guid;

		guid = ((efi_config_table_64_t *)p)->guid;

		if (!efi_guidcmp(guid, SMBIOS_TABLE_GUID))
			((efi_config_table_64_t *)p)->table = data->smbios;
		p += sz;
	}
	early_memunmap(tablep, nr_tables * sz);

out_memremap:
	early_memunmap(data, sizeof(*data));
out:
	return ret;
}

static const struct dmi_system_id sgi_uv1_dmi[] = {
	{ NULL, "SGI UV1",
		{	DMI_MATCH(DMI_PRODUCT_NAME,	"Stoutland Platform"),
			DMI_MATCH(DMI_PRODUCT_VERSION,	"1.0"),
			DMI_MATCH(DMI_BIOS_VENDOR,	"SGI.COM"),
		}
	},
	{ } /* NULL entry stops DMI scanning */
};

void __init efi_apply_memmap_quirks(void)
{
	/*
	 * Once setup is done earlier, unmap the EFI memory map on mismatched
	 * firmware/kernel architectures since there is no support for runtime
	 * services.
	 */
	if (!efi_runtime_supported()) {
		pr_info("efi: Setup done, disabling due to 32/64-bit mismatch\n");
		efi_unmap_memmap();
	}

	/* UV2+ BIOS has a fix for this issue.  UV1 still needs the quirk. */
	if (dmi_check_system(sgi_uv1_dmi))
		set_bit(EFI_OLD_MEMMAP, &efi.flags);
}

/*
 * For most modern platforms the preferred method of powering off is via
 * ACPI. However, there are some that are known to require the use of
 * EFI runtime services and for which ACPI does not work at all.
 *
 * Using EFI is a last resort, to be used only if no other option
 * exists.
 */
bool efi_reboot_required(void)
{
	if (!acpi_gbl_reduced_hardware)
		return false;

	efi_reboot_quirk_mode = EFI_RESET_WARM;
	return true;
}

bool efi_poweroff_required(void)
{
	return !!acpi_gbl_reduced_hardware;
}
Commit	Line	Data
eeb9db09 ST	1	#include <linux/init.h>
	2	#include <linux/kernel.h>
	3	#include <linux/string.h>
	4	#include <linux/time.h>
	5	#include <linux/types.h>
	6	#include <linux/efi.h>
	7	#include <linux/slab.h>
	8	#include <linux/memblock.h>
	9	#include <linux/bootmem.h>
44be28e9	10	#include <linux/acpi.h>
d394f2d9	11	#include <linux/dmi.h>
eeb9db09 ST	12	#include <asm/efi.h>
	13	#include <asm/uv/uv.h>
	14
	15	#define EFI_MIN_RESERVE 5120
	16
	17	#define EFI_DUMMY_GUID \
	18	EFI_GUID(0x4424ac57, 0xbe4b, 0x47dd, 0x9e, 0x97, 0xed, 0x50, 0xf0, 0x9f, 0x92, 0xa9)
	19
	20	static efi_char16_t efi_dummy_name[6] = { 'D', 'U', 'M', 'M', 'Y', 0 };
	21
	22	static bool efi_no_storage_paranoia;
	23
	24	/*
	25	* Some firmware implementations refuse to boot if there's insufficient
	26	* space in the variable store. The implementation of garbage collection
	27	* in some FW versions causes stale (deleted) variables to take up space
	28	* longer than intended and space is only freed once the store becomes
	29	* almost completely full.
	30	*
	31	* Enabling this option disables the space checks in
	32	* efi_query_variable_store() and forces garbage collection.
	33	*
	34	* Only enable this option if deleting EFI variables does not free up
	35	* space in your variable store, e.g. if despite deleting variables
	36	* you're unable to create new ones.
	37	*/
	38	static int __init setup_storage_paranoia(char *arg)
	39	{
	40	efi_no_storage_paranoia = true;
	41	return 0;
	42	}
	43	early_param("efi_no_storage_paranoia", setup_storage_paranoia);
	44
	45	/*
	46	* Deleting the dummy variable which kicks off garbage collection
	47	*/
	48	void efi_delete_dummy_variable(void)
	49	{
	50	efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID,
	51	EFI_VARIABLE_NON_VOLATILE \|
	52	EFI_VARIABLE_BOOTSERVICE_ACCESS \|
	53	EFI_VARIABLE_RUNTIME_ACCESS,
	54	0, NULL);
	55	}
	56
	57	/*
	58	* Some firmware implementations refuse to boot if there's insufficient space
	59	* in the variable store. Ensure that we never use more than a safe limit.
	60	*
	61	* Return EFI_SUCCESS if it is safe to write 'size' bytes to the variable
	62	* store.
	63	*/
	64	efi_status_t efi_query_variable_store(u32 attributes, unsigned long size)
	65	{
	66	efi_status_t status;
	67	u64 storage_size, remaining_size, max_size;
	68
	69	if (!(attributes & EFI_VARIABLE_NON_VOLATILE))
	70	return 0;
	71
	72	status = efi.query_variable_info(attributes, &storage_size,
	73	&remaining_size, &max_size);
	74	if (status != EFI_SUCCESS)
	75	return status;
76
77	/*
78	* We account for that by refusing the write if permitting it would
79	* reduce the available space to under 5KB. This figure was provided by
80	* Samsung, so should be safe.
81	*/
82	if ((remaining_size - size < EFI_MIN_RESERVE) &&
83	!efi_no_storage_paranoia) {
84
85	/*
86	* Triggering garbage collection may require that the firmware
87	* generate a real EFI_OUT_OF_RESOURCES error. We can force
88	* that by attempting to use more space than is available.
89	*/
90	unsigned long dummy_size = remaining_size + 1024;
91	void *dummy = kzalloc(dummy_size, GFP_ATOMIC);
92
93	if (!dummy)
94	return EFI_OUT_OF_RESOURCES;
95
96	status = efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID,
97	EFI_VARIABLE_NON_VOLATILE \|
98	EFI_VARIABLE_BOOTSERVICE_ACCESS \|
99	EFI_VARIABLE_RUNTIME_ACCESS,
100	dummy_size, dummy);
101
102	if (status == EFI_SUCCESS) {
103	/*
104	* This should have failed, so if it didn't make sure
105	* that we delete it...
106	*/
107	efi_delete_dummy_variable();
108	}
109
110	kfree(dummy);
111
112	/*
113	* The runtime code may now have triggered a garbage collection
114	* run, so check the variable info again
115	*/
116	status = efi.query_variable_info(attributes, &storage_size,
117	&remaining_size, &max_size);
118
119	if (status != EFI_SUCCESS)
120	return status;
121
122	/*
123	* There still isn't enough room, so return an error
124	*/
125	if (remaining_size - size < EFI_MIN_RESERVE)
126	return EFI_OUT_OF_RESOURCES;
127	}
128
129	return EFI_SUCCESS;
130	}
131	EXPORT_SYMBOL_GPL(efi_query_variable_store);
132
452308de MF	133	/*
	134	* Helper function for efi_reserve_boot_services() to figure out if we
	135	* can free regions in efi_free_boot_services().
	136	*
	137	* Use this function to ensure we do not free regions owned by somebody
	138	* else. We must only reserve (and then free) regions:
	139	*
	140	* - Not within any part of the kernel
	141	* - Not the BIOS reserved area (E820_RESERVED, E820_NVS, etc)
	142	*/
	143	static bool can_free_region(u64 start, u64 size)
	144	{
	145	if (start + size > __pa_symbol(_text) && start <= __pa_symbol(_end))
	146	return false;
	147
	148	if (!e820_all_mapped(start, start+size, E820_RAM))
	149	return false;
	150
	151	return true;
	152	}
	153
eeb9db09 ST	154	/*
	155	* The UEFI specification makes it clear that the operating system is free to do
	156	* whatever it wants with boot services code after ExitBootServices() has been
	157	* called. Ignoring this recommendation a significant bunch of EFI implementations
	158	* continue calling into boot services code (SetVirtualAddressMap). In order to
	159	* work around such buggy implementations we reserve boot services region during
	160	* EFI init and make sure it stays executable. Then, after SetVirtualAddressMap(), it
	161	* is discarded.
	162	*/
	163	void __init efi_reserve_boot_services(void)
	164	{
	165	void *p;
	166
	167	for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) {
	168	efi_memory_desc_t *md = p;
	169	u64 start = md->phys_addr;
	170	u64 size = md->num_pages << EFI_PAGE_SHIFT;
452308de	171	bool already_reserved;
eeb9db09 ST	172
	173	if (md->type != EFI_BOOT_SERVICES_CODE &&
	174	md->type != EFI_BOOT_SERVICES_DATA)
	175	continue;
452308de MF	176
	177	already_reserved = memblock_is_region_reserved(start, size);
	178
	179	/*
	180	* Because the following memblock_reserve() is paired
	181	* with free_bootmem_late() for this region in
	182	* efi_free_boot_services(), we must be extremely
	183	* careful not to reserve, and subsequently free,
	184	* critical regions of memory (like the kernel image) or
	185	* those regions that somebody else has already
	186	* reserved.
	187	*
	188	* A good example of a critical region that must not be
	189	* freed is page zero (first 4Kb of memory), which may
	190	* contain boot services code/data but is marked
	191	* E820_RESERVED by trim_bios_range().
	192	*/
	193	if (!already_reserved) {
eeb9db09	194	memblock_reserve(start, size);
452308de MF	195
	196	/*
	197	* If we are the first to reserve the region, no
	198	* one else cares about it. We own it and can
	199	* free it later.
	200	*/
	201	if (can_free_region(start, size))
	202	continue;
	203	}
	204
	205	/*
	206	* We don't own the region. We must not free it.
	207	*
	208	* Setting this bit for a boot services region really
	209	* doesn't make sense as far as the firmware is
	210	* concerned, but it does provide us with a way to tag
	211	* those regions that must not be paired with
	212	* free_bootmem_late().
	213	*/
	214	md->attribute \|= EFI_MEMORY_RUNTIME;
eeb9db09 ST	215	}
	216	}
	217
	218	void __init efi_free_boot_services(void)
	219	{
	220	void *p;
	221
	222	for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) {
	223	efi_memory_desc_t *md = p;
	224	unsigned long long start = md->phys_addr;
	225	unsigned long long size = md->num_pages << EFI_PAGE_SHIFT;
	226
	227	if (md->type != EFI_BOOT_SERVICES_CODE &&
	228	md->type != EFI_BOOT_SERVICES_DATA)
	229	continue;
	230
452308de MF	231	/* Do not free, someone else owns it: */
452308de MF	232	if (md->attribute & EFI_MEMORY_RUNTIME)
eeb9db09 ST	233	continue;
	234
	235	free_bootmem_late(start, size);
	236	}
	237
	238	efi_unmap_memmap();
	239	}
	240
	241	/*
	242	* A number of config table entries get remapped to virtual addresses
	243	* after entering EFI virtual mode. However, the kexec kernel requires
	244	* their physical addresses therefore we pass them via setup_data and
	245	* correct those entries to their respective physical addresses here.
	246	*
	247	* Currently only handles smbios which is necessary for some firmware
	248	* implementation.
	249	*/
	250	int __init efi_reuse_config(u64 tables, int nr_tables)
	251	{
	252	int i, sz, ret = 0;
	253	void p, tablep;
	254	struct efi_setup_data *data;
	255
	256	if (!efi_setup)
	257	return 0;
	258
	259	if (!efi_enabled(EFI_64BIT))
	260	return 0;
	261
	262	data = early_memremap(efi_setup, sizeof(*data));
	263	if (!data) {
	264	ret = -ENOMEM;
	265	goto out;
	266	}
	267
	268	if (!data->smbios)
	269	goto out_memremap;
	270
	271	sz = sizeof(efi_config_table_64_t);
	272
	273	p = tablep = early_memremap(tables, nr_tables * sz);
	274	if (!p) {
	275	pr_err("Could not map Configuration table!\n");
	276	ret = -ENOMEM;
	277	goto out_memremap;
	278	}
	279
	280	for (i = 0; i < efi.systab->nr_tables; i++) {
	281	efi_guid_t guid;
	282
	283	guid = ((efi_config_table_64_t *)p)->guid;
	284
	285	if (!efi_guidcmp(guid, SMBIOS_TABLE_GUID))
	286	((efi_config_table_64_t *)p)->table = data->smbios;
	287	p += sz;
	288	}
98a716b6	289	early_memunmap(tablep, nr_tables * sz);
eeb9db09 ST	290
eeb9db09 ST	291	out_memremap:
98a716b6	292	early_memunmap(data, sizeof(*data));
eeb9db09 ST	293	out:
	294	return ret;
	295	}
	296
d394f2d9 AT	297	static const struct dmi_system_id sgi_uv1_dmi[] = {
	298	{ NULL, "SGI UV1",
	299	{ DMI_MATCH(DMI_PRODUCT_NAME, "Stoutland Platform"),
	300	DMI_MATCH(DMI_PRODUCT_VERSION, "1.0"),
	301	DMI_MATCH(DMI_BIOS_VENDOR, "SGI.COM"),
	302	}
	303	},
	304	{ } /* NULL entry stops DMI scanning */
	305	};
	306
eeb9db09 ST	307	void __init efi_apply_memmap_quirks(void)
	308	{
	309	/*
	310	* Once setup is done earlier, unmap the EFI memory map on mismatched
	311	* firmware/kernel architectures since there is no support for runtime
	312	* services.
	313	*/
	314	if (!efi_runtime_supported()) {
	315	pr_info("efi: Setup done, disabling due to 32/64-bit mismatch\n");
	316	efi_unmap_memmap();
	317	}
	318
d394f2d9 AT	319	/* UV2+ BIOS has a fix for this issue. UV1 still needs the quirk. */
d394f2d9 AT	320	if (dmi_check_system(sgi_uv1_dmi))
eeb9db09 ST	321	set_bit(EFI_OLD_MEMMAP, &efi.flags);
eeb9db09 ST	322	}
44be28e9 MF	323
	324	/*
	325	* For most modern platforms the preferred method of powering off is via
	326	* ACPI. However, there are some that are known to require the use of
	327	* EFI runtime services and for which ACPI does not work at all.
	328	*
	329	* Using EFI is a last resort, to be used only if no other option
	330	* exists.
	331	*/
	332	bool efi_reboot_required(void)
	333	{
	334	if (!acpi_gbl_reduced_hardware)
	335	return false;
	336
	337	efi_reboot_quirk_mode = EFI_RESET_WARM;
	338	return true;
	339	}
	340
	341	bool efi_poweroff_required(void)
	342	{
	343	return !!acpi_gbl_reduced_hardware;
	344	}