Stable shared branch between EFI and driver tree
Stable shared branch to ease the integration of Hans's series to support device firmware loaded from EFI boot service memory regions. [PATCH v12 00/10] efi/firmware/platform-x86: Add EFI embedded fw support https://lore.kernel.org/linux-efi/20200115163554.101315-1-hdegoede@redhat.com/ -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEnNKg2mrY9zMBdeK7wjcgfpV0+n0FAl5eJNoACgkQwjcgfpV0 +n16Fwf/fXCS+xefhIeXZuUQsQexDsofHYrWlt9oS74KF6iqxVDdfSRZHZvAT/Hr r1pYpMFSKhRy/u8hhTz1RxwoJXiwQg+yPKwLAMvt+xx2BaNJzLFPvWX8euHYDubM mWfrjStgandAcNzBDBIYYdG/fSYjlzq/xWF+rlYnnhMNa6lcYhecwgxmt0iYtMnB S31473zE7DZE0PyV9vEEMyaEbQJYprKrIGoaVpbQ80Y2f2MDNaft+7/EGXx5Hxex pHZrBdkCL1v7ej7pg8bcxqid682fle5tnogzxf5jo0xMMSXnT5xVPg4OL3rY7kwD Ba4cLaJD4Q1fFZ1GwPfa59PrDnUIfA== =sj1e -----END PGP SIGNATURE----- Merge tag 'stable-shared-branch-for-driver-tree' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi into driver-core-next Ard writes: Stable shared branch between EFI and driver tree Stable shared branch to ease the integration of Hans's series to support device firmware loaded from EFI boot service memory regions. [PATCH v12 00/10] efi/firmware/platform-x86: Add EFI embedded fw support https://lore.kernel.org/linux-efi/20200115163554.101315-1-hdegoede@redhat.com/ * tag 'stable-shared-branch-for-driver-tree' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: efi: Add embedded peripheral firmware support efi: Export boot-services code and data as debugfs-blobs
This commit is contained in:
commit
4445eb6d94
|
@ -243,6 +243,7 @@ int __init efi_memblock_x86_reserve_range(void)
|
||||||
efi.memmap.desc_version);
|
efi.memmap.desc_version);
|
||||||
|
|
||||||
memblock_reserve(pmap, efi.memmap.nr_map * efi.memmap.desc_size);
|
memblock_reserve(pmap, efi.memmap.nr_map * efi.memmap.desc_size);
|
||||||
|
set_bit(EFI_PRESERVE_BS_REGIONS, &efi.flags);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -943,6 +944,7 @@ static void __init __efi_enter_virtual_mode(void)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
efi_check_for_embedded_firmwares();
|
||||||
efi_free_boot_services();
|
efi_free_boot_services();
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -410,6 +410,10 @@ void __init efi_free_boot_services(void)
|
||||||
int num_entries = 0;
|
int num_entries = 0;
|
||||||
void *new, *new_md;
|
void *new, *new_md;
|
||||||
|
|
||||||
|
/* Keep all regions for /sys/kernel/debug/efi */
|
||||||
|
if (efi_enabled(EFI_DBG))
|
||||||
|
return;
|
||||||
|
|
||||||
for_each_efi_memory_desc(md) {
|
for_each_efi_memory_desc(md) {
|
||||||
unsigned long long start = md->phys_addr;
|
unsigned long long start = md->phys_addr;
|
||||||
unsigned long long size = md->num_pages << EFI_PAGE_SHIFT;
|
unsigned long long size = md->num_pages << EFI_PAGE_SHIFT;
|
||||||
|
|
|
@ -239,6 +239,11 @@ config EFI_DISABLE_PCI_DMA
|
||||||
|
|
||||||
endmenu
|
endmenu
|
||||||
|
|
||||||
|
config EFI_EMBEDDED_FIRMWARE
|
||||||
|
bool
|
||||||
|
depends on EFI
|
||||||
|
select CRYPTO_LIB_SHA256
|
||||||
|
|
||||||
config UEFI_CPER
|
config UEFI_CPER
|
||||||
bool
|
bool
|
||||||
|
|
||||||
|
|
|
@ -26,6 +26,7 @@ obj-$(CONFIG_EFI_TEST) += test/
|
||||||
obj-$(CONFIG_EFI_DEV_PATH_PARSER) += dev-path-parser.o
|
obj-$(CONFIG_EFI_DEV_PATH_PARSER) += dev-path-parser.o
|
||||||
obj-$(CONFIG_APPLE_PROPERTIES) += apple-properties.o
|
obj-$(CONFIG_APPLE_PROPERTIES) += apple-properties.o
|
||||||
obj-$(CONFIG_EFI_RCI2_TABLE) += rci2-table.o
|
obj-$(CONFIG_EFI_RCI2_TABLE) += rci2-table.o
|
||||||
|
obj-$(CONFIG_EFI_EMBEDDED_FIRMWARE) += embedded-firmware.o
|
||||||
|
|
||||||
fake_map-y += fake_mem.o
|
fake_map-y += fake_mem.o
|
||||||
fake_map-$(CONFIG_X86) += x86_fake_mem.o
|
fake_map-$(CONFIG_X86) += x86_fake_mem.o
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
#include <linux/kobject.h>
|
#include <linux/kobject.h>
|
||||||
#include <linux/module.h>
|
#include <linux/module.h>
|
||||||
#include <linux/init.h>
|
#include <linux/init.h>
|
||||||
|
#include <linux/debugfs.h>
|
||||||
#include <linux/device.h>
|
#include <linux/device.h>
|
||||||
#include <linux/efi.h>
|
#include <linux/efi.h>
|
||||||
#include <linux/of.h>
|
#include <linux/of.h>
|
||||||
|
@ -325,6 +326,59 @@ free_entry:
|
||||||
static inline int efivar_ssdt_load(void) { return 0; }
|
static inline int efivar_ssdt_load(void) { return 0; }
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef CONFIG_DEBUG_FS
|
||||||
|
|
||||||
|
#define EFI_DEBUGFS_MAX_BLOBS 32
|
||||||
|
|
||||||
|
static struct debugfs_blob_wrapper debugfs_blob[EFI_DEBUGFS_MAX_BLOBS];
|
||||||
|
|
||||||
|
static void __init efi_debugfs_init(void)
|
||||||
|
{
|
||||||
|
struct dentry *efi_debugfs;
|
||||||
|
efi_memory_desc_t *md;
|
||||||
|
char name[32];
|
||||||
|
int type_count[EFI_BOOT_SERVICES_DATA + 1] = {};
|
||||||
|
int i = 0;
|
||||||
|
|
||||||
|
efi_debugfs = debugfs_create_dir("efi", NULL);
|
||||||
|
if (IS_ERR_OR_NULL(efi_debugfs))
|
||||||
|
return;
|
||||||
|
|
||||||
|
for_each_efi_memory_desc(md) {
|
||||||
|
switch (md->type) {
|
||||||
|
case EFI_BOOT_SERVICES_CODE:
|
||||||
|
snprintf(name, sizeof(name), "boot_services_code%d",
|
||||||
|
type_count[md->type]++);
|
||||||
|
break;
|
||||||
|
case EFI_BOOT_SERVICES_DATA:
|
||||||
|
snprintf(name, sizeof(name), "boot_services_data%d",
|
||||||
|
type_count[md->type]++);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (i >= EFI_DEBUGFS_MAX_BLOBS) {
|
||||||
|
pr_warn("More then %d EFI boot service segments, only showing first %d in debugfs\n",
|
||||||
|
EFI_DEBUGFS_MAX_BLOBS, EFI_DEBUGFS_MAX_BLOBS);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
debugfs_blob[i].size = md->num_pages << EFI_PAGE_SHIFT;
|
||||||
|
debugfs_blob[i].data = memremap(md->phys_addr,
|
||||||
|
debugfs_blob[i].size,
|
||||||
|
MEMREMAP_WB);
|
||||||
|
if (!debugfs_blob[i].data)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
debugfs_create_blob(name, 0400, efi_debugfs, &debugfs_blob[i]);
|
||||||
|
i++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
static inline void efi_debugfs_init(void) {}
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We register the efi subsystem with the firmware subsystem and the
|
* We register the efi subsystem with the firmware subsystem and the
|
||||||
* efivars subsystem with the efi subsystem, if the system was booted with
|
* efivars subsystem with the efi subsystem, if the system was booted with
|
||||||
|
@ -381,6 +435,9 @@ static int __init efisubsys_init(void)
|
||||||
goto err_remove_group;
|
goto err_remove_group;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (efi_enabled(EFI_DBG) && efi_enabled(EFI_PRESERVE_BS_REGIONS))
|
||||||
|
efi_debugfs_init();
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
err_remove_group:
|
err_remove_group:
|
||||||
|
|
147
drivers/firmware/efi/embedded-firmware.c
Normal file
147
drivers/firmware/efi/embedded-firmware.c
Normal file
|
@ -0,0 +1,147 @@
|
||||||
|
// SPDX-License-Identifier: GPL-2.0
|
||||||
|
/*
|
||||||
|
* Support for extracting embedded firmware for peripherals from EFI code,
|
||||||
|
*
|
||||||
|
* Copyright (c) 2018 Hans de Goede <hdegoede@redhat.com>
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <linux/dmi.h>
|
||||||
|
#include <linux/efi.h>
|
||||||
|
#include <linux/efi_embedded_fw.h>
|
||||||
|
#include <linux/io.h>
|
||||||
|
#include <linux/slab.h>
|
||||||
|
#include <linux/types.h>
|
||||||
|
#include <linux/vmalloc.h>
|
||||||
|
#include <crypto/sha.h>
|
||||||
|
|
||||||
|
/* Exported for use by lib/test_firmware.c only */
|
||||||
|
LIST_HEAD(efi_embedded_fw_list);
|
||||||
|
EXPORT_SYMBOL_GPL(efi_embedded_fw_list);
|
||||||
|
|
||||||
|
static bool checked_for_fw;
|
||||||
|
|
||||||
|
static const struct dmi_system_id * const embedded_fw_table[] = {
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Note the efi_check_for_embedded_firmwares() code currently makes the
|
||||||
|
* following 2 assumptions. This may needs to be revisited if embedded firmware
|
||||||
|
* is found where this is not true:
|
||||||
|
* 1) The firmware is only found in EFI_BOOT_SERVICES_CODE memory segments
|
||||||
|
* 2) The firmware always starts at an offset which is a multiple of 8 bytes
|
||||||
|
*/
|
||||||
|
static int __init efi_check_md_for_embedded_firmware(
|
||||||
|
efi_memory_desc_t *md, const struct efi_embedded_fw_desc *desc)
|
||||||
|
{
|
||||||
|
struct sha256_state sctx;
|
||||||
|
struct efi_embedded_fw *fw;
|
||||||
|
u8 sha256[32];
|
||||||
|
u64 i, size;
|
||||||
|
u8 *map;
|
||||||
|
|
||||||
|
size = md->num_pages << EFI_PAGE_SHIFT;
|
||||||
|
map = memremap(md->phys_addr, size, MEMREMAP_WB);
|
||||||
|
if (!map) {
|
||||||
|
pr_err("Error mapping EFI mem at %#llx\n", md->phys_addr);
|
||||||
|
return -ENOMEM;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0; (i + desc->length) <= size; i += 8) {
|
||||||
|
if (memcmp(map + i, desc->prefix, EFI_EMBEDDED_FW_PREFIX_LEN))
|
||||||
|
continue;
|
||||||
|
|
||||||
|
sha256_init(&sctx);
|
||||||
|
sha256_update(&sctx, map + i, desc->length);
|
||||||
|
sha256_final(&sctx, sha256);
|
||||||
|
if (memcmp(sha256, desc->sha256, 32) == 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if ((i + desc->length) > size) {
|
||||||
|
memunmap(map);
|
||||||
|
return -ENOENT;
|
||||||
|
}
|
||||||
|
|
||||||
|
pr_info("Found EFI embedded fw '%s'\n", desc->name);
|
||||||
|
|
||||||
|
fw = kmalloc(sizeof(*fw), GFP_KERNEL);
|
||||||
|
if (!fw) {
|
||||||
|
memunmap(map);
|
||||||
|
return -ENOMEM;
|
||||||
|
}
|
||||||
|
|
||||||
|
fw->data = kmemdup(map + i, desc->length, GFP_KERNEL);
|
||||||
|
memunmap(map);
|
||||||
|
if (!fw->data) {
|
||||||
|
kfree(fw);
|
||||||
|
return -ENOMEM;
|
||||||
|
}
|
||||||
|
|
||||||
|
fw->name = desc->name;
|
||||||
|
fw->length = desc->length;
|
||||||
|
list_add(&fw->list, &efi_embedded_fw_list);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void __init efi_check_for_embedded_firmwares(void)
|
||||||
|
{
|
||||||
|
const struct efi_embedded_fw_desc *fw_desc;
|
||||||
|
const struct dmi_system_id *dmi_id;
|
||||||
|
efi_memory_desc_t *md;
|
||||||
|
int i, r;
|
||||||
|
|
||||||
|
for (i = 0; embedded_fw_table[i]; i++) {
|
||||||
|
dmi_id = dmi_first_match(embedded_fw_table[i]);
|
||||||
|
if (!dmi_id)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
fw_desc = dmi_id->driver_data;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* In some drivers the struct driver_data contains may contain
|
||||||
|
* other driver specific data after the fw_desc struct; and
|
||||||
|
* the fw_desc struct itself may be empty, skip these.
|
||||||
|
*/
|
||||||
|
if (!fw_desc->name)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
for_each_efi_memory_desc(md) {
|
||||||
|
if (md->type != EFI_BOOT_SERVICES_CODE)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
r = efi_check_md_for_embedded_firmware(md, fw_desc);
|
||||||
|
if (r == 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
checked_for_fw = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
int efi_get_embedded_fw(const char *name, const u8 **data, size_t *size)
|
||||||
|
{
|
||||||
|
struct efi_embedded_fw *iter, *fw = NULL;
|
||||||
|
|
||||||
|
if (!checked_for_fw) {
|
||||||
|
pr_warn("Warning %s called while we did not check for embedded fw\n",
|
||||||
|
__func__);
|
||||||
|
return -ENOENT;
|
||||||
|
}
|
||||||
|
|
||||||
|
list_for_each_entry(iter, &efi_embedded_fw_list, list) {
|
||||||
|
if (strcmp(name, iter->name) == 0) {
|
||||||
|
fw = iter;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!fw)
|
||||||
|
return -ENOENT;
|
||||||
|
|
||||||
|
*data = fw->data;
|
||||||
|
*size = fw->length;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
EXPORT_SYMBOL_GPL(efi_get_embedded_fw);
|
|
@ -1124,6 +1124,7 @@ extern int __init efi_setup_pcdp_console(char *);
|
||||||
#define EFI_NX_PE_DATA 9 /* Can runtime data regions be mapped non-executable? */
|
#define EFI_NX_PE_DATA 9 /* Can runtime data regions be mapped non-executable? */
|
||||||
#define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */
|
#define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */
|
||||||
#define EFI_MEM_NO_SOFT_RESERVE 11 /* Is the kernel configured to ignore soft reservations? */
|
#define EFI_MEM_NO_SOFT_RESERVE 11 /* Is the kernel configured to ignore soft reservations? */
|
||||||
|
#define EFI_PRESERVE_BS_REGIONS 12 /* Are EFI boot-services memory segments available? */
|
||||||
|
|
||||||
#ifdef CONFIG_EFI
|
#ifdef CONFIG_EFI
|
||||||
/*
|
/*
|
||||||
|
@ -1553,6 +1554,12 @@ static inline void
|
||||||
efi_enable_reset_attack_mitigation(void) { }
|
efi_enable_reset_attack_mitigation(void) { }
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef CONFIG_EFI_EMBEDDED_FIRMWARE
|
||||||
|
void efi_check_for_embedded_firmwares(void);
|
||||||
|
#else
|
||||||
|
static inline void efi_check_for_embedded_firmwares(void) { }
|
||||||
|
#endif
|
||||||
|
|
||||||
efi_status_t efi_random_get_seed(void);
|
efi_status_t efi_random_get_seed(void);
|
||||||
|
|
||||||
void efi_retrieve_tpm2_eventlog(void);
|
void efi_retrieve_tpm2_eventlog(void);
|
||||||
|
|
41
include/linux/efi_embedded_fw.h
Normal file
41
include/linux/efi_embedded_fw.h
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
/* SPDX-License-Identifier: GPL-2.0 */
|
||||||
|
#ifndef _LINUX_EFI_EMBEDDED_FW_H
|
||||||
|
#define _LINUX_EFI_EMBEDDED_FW_H
|
||||||
|
|
||||||
|
#include <linux/list.h>
|
||||||
|
#include <linux/mod_devicetable.h>
|
||||||
|
|
||||||
|
#define EFI_EMBEDDED_FW_PREFIX_LEN 8
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This struct and efi_embedded_fw_list are private to the efi-embedded fw
|
||||||
|
* implementation they are in this header for use by lib/test_firmware.c only!
|
||||||
|
*/
|
||||||
|
struct efi_embedded_fw {
|
||||||
|
struct list_head list;
|
||||||
|
const char *name;
|
||||||
|
const u8 *data;
|
||||||
|
size_t length;
|
||||||
|
};
|
||||||
|
|
||||||
|
extern struct list_head efi_embedded_fw_list;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* struct efi_embedded_fw_desc - This struct is used by the EFI embedded-fw
|
||||||
|
* code to search for embedded firmwares.
|
||||||
|
*
|
||||||
|
* @name: Name to register the firmware with if found
|
||||||
|
* @prefix: First 8 bytes of the firmware
|
||||||
|
* @length: Length of the firmware in bytes including prefix
|
||||||
|
* @sha256: SHA256 of the firmware
|
||||||
|
*/
|
||||||
|
struct efi_embedded_fw_desc {
|
||||||
|
const char *name;
|
||||||
|
u8 prefix[EFI_EMBEDDED_FW_PREFIX_LEN];
|
||||||
|
u32 length;
|
||||||
|
u8 sha256[32];
|
||||||
|
};
|
||||||
|
|
||||||
|
int efi_get_embedded_fw(const char *name, const u8 **dat, size_t *sz);
|
||||||
|
|
||||||
|
#endif
|
Loading…
Reference in a new issue