linux/drivers/firmware/efi/libstub/efi-stub-helper.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0
   2/*
   3 * Helper functions used by the EFI stub on multiple
   4 * architectures. This should be #included by the EFI stub
   5 * implementation files.
   6 *
   7 * Copyright 2011 Intel Corporation; author Matt Fleming
   8 */
   9
  10#include <linux/efi.h>
  11#include <asm/efi.h>
  12
  13#include "efistub.h"
  14
  15/*
  16 * Some firmware implementations have problems reading files in one go.
  17 * A read chunk size of 1MB seems to work for most platforms.
  18 *
  19 * Unfortunately, reading files in chunks triggers *other* bugs on some
  20 * platforms, so we provide a way to disable this workaround, which can
  21 * be done by passing "efi=nochunk" on the EFI boot stub command line.
  22 *
  23 * If you experience issues with initrd images being corrupt it's worth
  24 * trying efi=nochunk, but chunking is enabled by default because there
  25 * are far more machines that require the workaround than those that
  26 * break with it enabled.
  27 */
  28#define EFI_READ_CHUNK_SIZE     (1024 * 1024)
  29
  30static unsigned long __chunk_size = EFI_READ_CHUNK_SIZE;
  31
  32static int __section(.data) __nokaslr;
  33static int __section(.data) __quiet;
  34static int __section(.data) __novamap;
  35
  36int __pure nokaslr(void)
  37{
  38        return __nokaslr;
  39}
  40int __pure is_quiet(void)
  41{
  42        return __quiet;
  43}
  44int __pure novamap(void)
  45{
  46        return __novamap;
  47}
  48
  49#define EFI_MMAP_NR_SLACK_SLOTS 8
  50
  51struct file_info {
  52        efi_file_handle_t *handle;
  53        u64 size;
  54};
  55
  56void efi_printk(efi_system_table_t *sys_table_arg, char *str)
  57{
  58        char *s8;
  59
  60        for (s8 = str; *s8; s8++) {
  61                efi_char16_t ch[2] = { 0 };
  62
  63                ch[0] = *s8;
  64                if (*s8 == '\n') {
  65                        efi_char16_t nl[2] = { '\r', 0 };
  66                        efi_char16_printk(sys_table_arg, nl);
  67                }
  68
  69                efi_char16_printk(sys_table_arg, ch);
  70        }
  71}
  72
  73static inline bool mmap_has_headroom(unsigned long buff_size,
  74                                     unsigned long map_size,
  75                                     unsigned long desc_size)
  76{
  77        unsigned long slack = buff_size - map_size;
  78
  79        return slack / desc_size >= EFI_MMAP_NR_SLACK_SLOTS;
  80}
  81
  82efi_status_t efi_get_memory_map(efi_system_table_t *sys_table_arg,
  83                                struct efi_boot_memmap *map)
  84{
  85        efi_memory_desc_t *m = NULL;
  86        efi_status_t status;
  87        unsigned long key;
  88        u32 desc_version;
  89
  90        *map->desc_size =       sizeof(*m);
  91        *map->map_size =        *map->desc_size * 32;
  92        *map->buff_size =       *map->map_size;
  93again:
  94        status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
  95                                *map->map_size, (void **)&m);
  96        if (status != EFI_SUCCESS)
  97                goto fail;
  98
  99        *map->desc_size = 0;
 100        key = 0;
 101        status = efi_call_early(get_memory_map, map->map_size, m,
 102                                &key, map->desc_size, &desc_version);
 103        if (status == EFI_BUFFER_TOO_SMALL ||
 104            !mmap_has_headroom(*map->buff_size, *map->map_size,
 105                               *map->desc_size)) {
 106                efi_call_early(free_pool, m);
 107                /*
 108                 * Make sure there is some entries of headroom so that the
 109                 * buffer can be reused for a new map after allocations are
 110                 * no longer permitted.  Its unlikely that the map will grow to
 111                 * exceed this headroom once we are ready to trigger
 112                 * ExitBootServices()
 113                 */
 114                *map->map_size += *map->desc_size * EFI_MMAP_NR_SLACK_SLOTS;
 115                *map->buff_size = *map->map_size;
 116                goto again;
 117        }
 118
 119        if (status != EFI_SUCCESS)
 120                efi_call_early(free_pool, m);
 121
 122        if (map->key_ptr && status == EFI_SUCCESS)
 123                *map->key_ptr = key;
 124        if (map->desc_ver && status == EFI_SUCCESS)
 125                *map->desc_ver = desc_version;
 126
 127fail:
 128        *map->map = m;
 129        return status;
 130}
 131
 132
 133unsigned long get_dram_base(efi_system_table_t *sys_table_arg)
 134{
 135        efi_status_t status;
 136        unsigned long map_size, buff_size;
 137        unsigned long membase  = EFI_ERROR;
 138        struct efi_memory_map map;
 139        efi_memory_desc_t *md;
 140        struct efi_boot_memmap boot_map;
 141
 142        boot_map.map =          (efi_memory_desc_t **)&map.map;
 143        boot_map.map_size =     &map_size;
 144        boot_map.desc_size =    &map.desc_size;
 145        boot_map.desc_ver =     NULL;
 146        boot_map.key_ptr =      NULL;
 147        boot_map.buff_size =    &buff_size;
 148
 149        status = efi_get_memory_map(sys_table_arg, &boot_map);
 150        if (status != EFI_SUCCESS)
 151                return membase;
 152
 153        map.map_end = map.map + map_size;
 154
 155        for_each_efi_memory_desc_in_map(&map, md) {
 156                if (md->attribute & EFI_MEMORY_WB) {
 157                        if (membase > md->phys_addr)
 158                                membase = md->phys_addr;
 159                }
 160        }
 161
 162        efi_call_early(free_pool, map.map);
 163
 164        return membase;
 165}
 166
 167/*
 168 * Allocate at the highest possible address that is not above 'max'.
 169 */
 170efi_status_t efi_high_alloc(efi_system_table_t *sys_table_arg,
 171                            unsigned long size, unsigned long align,
 172                            unsigned long *addr, unsigned long max)
 173{
 174        unsigned long map_size, desc_size, buff_size;
 175        efi_memory_desc_t *map;
 176        efi_status_t status;
 177        unsigned long nr_pages;
 178        u64 max_addr = 0;
 179        int i;
 180        struct efi_boot_memmap boot_map;
 181
 182        boot_map.map =          &map;
 183        boot_map.map_size =     &map_size;
 184        boot_map.desc_size =    &desc_size;
 185        boot_map.desc_ver =     NULL;
 186        boot_map.key_ptr =      NULL;
 187        boot_map.buff_size =    &buff_size;
 188
 189        status = efi_get_memory_map(sys_table_arg, &boot_map);
 190        if (status != EFI_SUCCESS)
 191                goto fail;
 192
 193        /*
 194         * Enforce minimum alignment that EFI or Linux requires when
 195         * requesting a specific address.  We are doing page-based (or
 196         * larger) allocations, and both the address and size must meet
 197         * alignment constraints.
 198         */
 199        if (align < EFI_ALLOC_ALIGN)
 200                align = EFI_ALLOC_ALIGN;
 201
 202        size = round_up(size, EFI_ALLOC_ALIGN);
 203        nr_pages = size / EFI_PAGE_SIZE;
 204again:
 205        for (i = 0; i < map_size / desc_size; i++) {
 206                efi_memory_desc_t *desc;
 207                unsigned long m = (unsigned long)map;
 208                u64 start, end;
 209
 210                desc = efi_early_memdesc_ptr(m, desc_size, i);
 211                if (desc->type != EFI_CONVENTIONAL_MEMORY)
 212                        continue;
 213
 214                if (desc->num_pages < nr_pages)
 215                        continue;
 216
 217                start = desc->phys_addr;
 218                end = start + desc->num_pages * EFI_PAGE_SIZE;
 219
 220                if (end > max)
 221                        end = max;
 222
 223                if ((start + size) > end)
 224                        continue;
 225
 226                if (round_down(end - size, align) < start)
 227                        continue;
 228
 229                start = round_down(end - size, align);
 230
 231                /*
 232                 * Don't allocate at 0x0. It will confuse code that
 233                 * checks pointers against NULL.
 234                 */
 235                if (start == 0x0)
 236                        continue;
 237
 238                if (start > max_addr)
 239                        max_addr = start;
 240        }
 241
 242        if (!max_addr)
 243                status = EFI_NOT_FOUND;
 244        else {
 245                status = efi_call_early(allocate_pages,
 246                                        EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA,
 247                                        nr_pages, &max_addr);
 248                if (status != EFI_SUCCESS) {
 249                        max = max_addr;
 250                        max_addr = 0;
 251                        goto again;
 252                }
 253
 254                *addr = max_addr;
 255        }
 256
 257        efi_call_early(free_pool, map);
 258fail:
 259        return status;
 260}
 261
 262/*
 263 * Allocate at the lowest possible address.
 264 */
 265efi_status_t efi_low_alloc(efi_system_table_t *sys_table_arg,
 266                           unsigned long size, unsigned long align,
 267                           unsigned long *addr)
 268{
 269        unsigned long map_size, desc_size, buff_size;
 270        efi_memory_desc_t *map;
 271        efi_status_t status;
 272        unsigned long nr_pages;
 273        int i;
 274        struct efi_boot_memmap boot_map;
 275
 276        boot_map.map =          &map;
 277        boot_map.map_size =     &map_size;
 278        boot_map.desc_size =    &desc_size;
 279        boot_map.desc_ver =     NULL;
 280        boot_map.key_ptr =      NULL;
 281        boot_map.buff_size =    &buff_size;
 282
 283        status = efi_get_memory_map(sys_table_arg, &boot_map);
 284        if (status != EFI_SUCCESS)
 285                goto fail;
 286
 287        /*
 288         * Enforce minimum alignment that EFI or Linux requires when
 289         * requesting a specific address.  We are doing page-based (or
 290         * larger) allocations, and both the address and size must meet
 291         * alignment constraints.
 292         */
 293        if (align < EFI_ALLOC_ALIGN)
 294                align = EFI_ALLOC_ALIGN;
 295
 296        size = round_up(size, EFI_ALLOC_ALIGN);
 297        nr_pages = size / EFI_PAGE_SIZE;
 298        for (i = 0; i < map_size / desc_size; i++) {
 299                efi_memory_desc_t *desc;
 300                unsigned long m = (unsigned long)map;
 301                u64 start, end;
 302
 303                desc = efi_early_memdesc_ptr(m, desc_size, i);
 304
 305                if (desc->type != EFI_CONVENTIONAL_MEMORY)
 306                        continue;
 307
 308                if (desc->num_pages < nr_pages)
 309                        continue;
 310
 311                start = desc->phys_addr;
 312                end = start + desc->num_pages * EFI_PAGE_SIZE;
 313
 314                /*
 315                 * Don't allocate at 0x0. It will confuse code that
 316                 * checks pointers against NULL. Skip the first 8
 317                 * bytes so we start at a nice even number.
 318                 */
 319                if (start == 0x0)
 320                        start += 8;
 321
 322                start = round_up(start, align);
 323                if ((start + size) > end)
 324                        continue;
 325
 326                status = efi_call_early(allocate_pages,
 327                                        EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA,
 328                                        nr_pages, &start);
 329                if (status == EFI_SUCCESS) {
 330                        *addr = start;
 331                        break;
 332                }
 333        }
 334
 335        if (i == map_size / desc_size)
 336                status = EFI_NOT_FOUND;
 337
 338        efi_call_early(free_pool, map);
 339fail:
 340        return status;
 341}
 342
 343void efi_free(efi_system_table_t *sys_table_arg, unsigned long size,
 344              unsigned long addr)
 345{
 346        unsigned long nr_pages;
 347
 348        if (!size)
 349                return;
 350
 351        nr_pages = round_up(size, EFI_ALLOC_ALIGN) / EFI_PAGE_SIZE;
 352        efi_call_early(free_pages, addr, nr_pages);
 353}
 354
 355static efi_status_t efi_file_size(efi_system_table_t *sys_table_arg, void *__fh,
 356                                  efi_char16_t *filename_16, void **handle,
 357                                  u64 *file_sz)
 358{
 359        efi_file_handle_t *h, *fh = __fh;
 360        efi_file_info_t *info;
 361        efi_status_t status;
 362        efi_guid_t info_guid = EFI_FILE_INFO_ID;
 363        unsigned long info_sz;
 364
 365        status = efi_call_proto(efi_file_handle, open, fh, &h, filename_16,
 366                                EFI_FILE_MODE_READ, (u64)0);
 367        if (status != EFI_SUCCESS) {
 368                efi_printk(sys_table_arg, "Failed to open file: ");
 369                efi_char16_printk(sys_table_arg, filename_16);
 370                efi_printk(sys_table_arg, "\n");
 371                return status;
 372        }
 373
 374        *handle = h;
 375
 376        info_sz = 0;
 377        status = efi_call_proto(efi_file_handle, get_info, h, &info_guid,
 378                                &info_sz, NULL);
 379        if (status != EFI_BUFFER_TOO_SMALL) {
 380                efi_printk(sys_table_arg, "Failed to get file info size\n");
 381                return status;
 382        }
 383
 384grow:
 385        status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
 386                                info_sz, (void **)&info);
 387        if (status != EFI_SUCCESS) {
 388                efi_printk(sys_table_arg, "Failed to alloc mem for file info\n");
 389                return status;
 390        }
 391
 392        status = efi_call_proto(efi_file_handle, get_info, h, &info_guid,
 393                                &info_sz, info);
 394        if (status == EFI_BUFFER_TOO_SMALL) {
 395                efi_call_early(free_pool, info);
 396                goto grow;
 397        }
 398
 399        *file_sz = info->file_size;
 400        efi_call_early(free_pool, info);
 401
 402        if (status != EFI_SUCCESS)
 403                efi_printk(sys_table_arg, "Failed to get initrd info\n");
 404
 405        return status;
 406}
 407
 408static efi_status_t efi_file_read(void *handle, unsigned long *size, void *addr)
 409{
 410        return efi_call_proto(efi_file_handle, read, handle, size, addr);
 411}
 412
 413static efi_status_t efi_file_close(void *handle)
 414{
 415        return efi_call_proto(efi_file_handle, close, handle);
 416}
 417
 418static efi_status_t efi_open_volume(efi_system_table_t *sys_table_arg,
 419                                    efi_loaded_image_t *image,
 420                                    efi_file_handle_t **__fh)
 421{
 422        efi_file_io_interface_t *io;
 423        efi_file_handle_t *fh;
 424        efi_guid_t fs_proto = EFI_FILE_SYSTEM_GUID;
 425        efi_status_t status;
 426        void *handle = (void *)(unsigned long)efi_table_attr(efi_loaded_image,
 427                                                             device_handle,
 428                                                             image);
 429
 430        status = efi_call_early(handle_protocol, handle,
 431                                &fs_proto, (void **)&io);
 432        if (status != EFI_SUCCESS) {
 433                efi_printk(sys_table_arg, "Failed to handle fs_proto\n");
 434                return status;
 435        }
 436
 437        status = efi_call_proto(efi_file_io_interface, open_volume, io, &fh);
 438        if (status != EFI_SUCCESS)
 439                efi_printk(sys_table_arg, "Failed to open volume\n");
 440        else
 441                *__fh = fh;
 442
 443        return status;
 444}
 445
 446/*
 447 * Parse the ASCII string 'cmdline' for EFI options, denoted by the efi=
 448 * option, e.g. efi=nochunk.
 449 *
 450 * It should be noted that efi= is parsed in two very different
 451 * environments, first in the early boot environment of the EFI boot
 452 * stub, and subsequently during the kernel boot.
 453 */
 454efi_status_t efi_parse_options(char const *cmdline)
 455{
 456        char *str;
 457
 458        str = strstr(cmdline, "nokaslr");
 459        if (str == cmdline || (str && str > cmdline && *(str - 1) == ' '))
 460                __nokaslr = 1;
 461
 462        str = strstr(cmdline, "quiet");
 463        if (str == cmdline || (str && str > cmdline && *(str - 1) == ' '))
 464                __quiet = 1;
 465
 466        /*
 467         * If no EFI parameters were specified on the cmdline we've got
 468         * nothing to do.
 469         */
 470        str = strstr(cmdline, "efi=");
 471        if (!str)
 472                return EFI_SUCCESS;
 473
 474        /* Skip ahead to first argument */
 475        str += strlen("efi=");
 476
 477        /*
 478         * Remember, because efi= is also used by the kernel we need to
 479         * skip over arguments we don't understand.
 480         */
 481        while (*str && *str != ' ') {
 482                if (!strncmp(str, "nochunk", 7)) {
 483                        str += strlen("nochunk");
 484                        __chunk_size = -1UL;
 485                }
 486
 487                if (!strncmp(str, "novamap", 7)) {
 488                        str += strlen("novamap");
 489                        __novamap = 1;
 490                }
 491
 492                /* Group words together, delimited by "," */
 493                while (*str && *str != ' ' && *str != ',')
 494                        str++;
 495
 496                if (*str == ',')
 497                        str++;
 498        }
 499
 500        return EFI_SUCCESS;
 501}
 502
 503/*
 504 * Check the cmdline for a LILO-style file= arguments.
 505 *
 506 * We only support loading a file from the same filesystem as
 507 * the kernel image.
 508 */
 509efi_status_t handle_cmdline_files(efi_system_table_t *sys_table_arg,
 510                                  efi_loaded_image_t *image,
 511                                  char *cmd_line, char *option_string,
 512                                  unsigned long max_addr,
 513                                  unsigned long *load_addr,
 514                                  unsigned long *load_size)
 515{
 516        struct file_info *files;
 517        unsigned long file_addr;
 518        u64 file_size_total;
 519        efi_file_handle_t *fh = NULL;
 520        efi_status_t status;
 521        int nr_files;
 522        char *str;
 523        int i, j, k;
 524
 525        file_addr = 0;
 526        file_size_total = 0;
 527
 528        str = cmd_line;
 529
 530        j = 0;                  /* See close_handles */
 531
 532        if (!load_addr || !load_size)
 533                return EFI_INVALID_PARAMETER;
 534
 535        *load_addr = 0;
 536        *load_size = 0;
 537
 538        if (!str || !*str)
 539                return EFI_SUCCESS;
 540
 541        for (nr_files = 0; *str; nr_files++) {
 542                str = strstr(str, option_string);
 543                if (!str)
 544                        break;
 545
 546                str += strlen(option_string);
 547
 548                /* Skip any leading slashes */
 549                while (*str == '/' || *str == '\\')
 550                        str++;
 551
 552                while (*str && *str != ' ' && *str != '\n')
 553                        str++;
 554        }
 555
 556        if (!nr_files)
 557                return EFI_SUCCESS;
 558
 559        status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
 560                                nr_files * sizeof(*files), (void **)&files);
 561        if (status != EFI_SUCCESS) {
 562                pr_efi_err(sys_table_arg, "Failed to alloc mem for file handle list\n");
 563                goto fail;
 564        }
 565
 566        str = cmd_line;
 567        for (i = 0; i < nr_files; i++) {
 568                struct file_info *file;
 569                efi_char16_t filename_16[256];
 570                efi_char16_t *p;
 571
 572                str = strstr(str, option_string);
 573                if (!str)
 574                        break;
 575
 576                str += strlen(option_string);
 577
 578                file = &files[i];
 579                p = filename_16;
 580
 581                /* Skip any leading slashes */
 582                while (*str == '/' || *str == '\\')
 583                        str++;
 584
 585                while (*str && *str != ' ' && *str != '\n') {
 586                        if ((u8 *)p >= (u8 *)filename_16 + sizeof(filename_16))
 587                                break;
 588
 589                        if (*str == '/') {
 590                                *p++ = '\\';
 591                                str++;
 592                        } else {
 593                                *p++ = *str++;
 594                        }
 595                }
 596
 597                *p = '\0';
 598
 599                /* Only open the volume once. */
 600                if (!i) {
 601                        status = efi_open_volume(sys_table_arg, image, &fh);
 602                        if (status != EFI_SUCCESS)
 603                                goto free_files;
 604                }
 605
 606                status = efi_file_size(sys_table_arg, fh, filename_16,
 607                                       (void **)&file->handle, &file->size);
 608                if (status != EFI_SUCCESS)
 609                        goto close_handles;
 610
 611                file_size_total += file->size;
 612        }
 613
 614        if (file_size_total) {
 615                unsigned long addr;
 616
 617                /*
 618                 * Multiple files need to be at consecutive addresses in memory,
 619                 * so allocate enough memory for all the files.  This is used
 620                 * for loading multiple files.
 621                 */
 622                status = efi_high_alloc(sys_table_arg, file_size_total, 0x1000,
 623                                    &file_addr, max_addr);
 624                if (status != EFI_SUCCESS) {
 625                        pr_efi_err(sys_table_arg, "Failed to alloc highmem for files\n");
 626                        goto close_handles;
 627                }
 628
 629                /* We've run out of free low memory. */
 630                if (file_addr > max_addr) {
 631                        pr_efi_err(sys_table_arg, "We've run out of free low memory\n");
 632                        status = EFI_INVALID_PARAMETER;
 633                        goto free_file_total;
 634                }
 635
 636                addr = file_addr;
 637                for (j = 0; j < nr_files; j++) {
 638                        unsigned long size;
 639
 640                        size = files[j].size;
 641                        while (size) {
 642                                unsigned long chunksize;
 643
 644                                if (IS_ENABLED(CONFIG_X86) && size > __chunk_size)
 645                                        chunksize = __chunk_size;
 646                                else
 647                                        chunksize = size;
 648
 649                                status = efi_file_read(files[j].handle,
 650                                                       &chunksize,
 651                                                       (void *)addr);
 652                                if (status != EFI_SUCCESS) {
 653                                        pr_efi_err(sys_table_arg, "Failed to read file\n");
 654                                        goto free_file_total;
 655                                }
 656                                addr += chunksize;
 657                                size -= chunksize;
 658                        }
 659
 660                        efi_file_close(files[j].handle);
 661                }
 662
 663        }
 664
 665        efi_call_early(free_pool, files);
 666
 667        *load_addr = file_addr;
 668        *load_size = file_size_total;
 669
 670        return status;
 671
 672free_file_total:
 673        efi_free(sys_table_arg, file_size_total, file_addr);
 674
 675close_handles:
 676        for (k = j; k < i; k++)
 677                efi_file_close(files[k].handle);
 678free_files:
 679        efi_call_early(free_pool, files);
 680fail:
 681        *load_addr = 0;
 682        *load_size = 0;
 683
 684        return status;
 685}
 686/*
 687 * Relocate a kernel image, either compressed or uncompressed.
 688 * In the ARM64 case, all kernel images are currently
 689 * uncompressed, and as such when we relocate it we need to
 690 * allocate additional space for the BSS segment. Any low
 691 * memory that this function should avoid needs to be
 692 * unavailable in the EFI memory map, as if the preferred
 693 * address is not available the lowest available address will
 694 * be used.
 695 */
 696efi_status_t efi_relocate_kernel(efi_system_table_t *sys_table_arg,
 697                                 unsigned long *image_addr,
 698                                 unsigned long image_size,
 699                                 unsigned long alloc_size,
 700                                 unsigned long preferred_addr,
 701                                 unsigned long alignment)
 702{
 703        unsigned long cur_image_addr;
 704        unsigned long new_addr = 0;
 705        efi_status_t status;
 706        unsigned long nr_pages;
 707        efi_physical_addr_t efi_addr = preferred_addr;
 708
 709        if (!image_addr || !image_size || !alloc_size)
 710                return EFI_INVALID_PARAMETER;
 711        if (alloc_size < image_size)
 712                return EFI_INVALID_PARAMETER;
 713
 714        cur_image_addr = *image_addr;
 715
 716        /*
 717         * The EFI firmware loader could have placed the kernel image
 718         * anywhere in memory, but the kernel has restrictions on the
 719         * max physical address it can run at.  Some architectures
 720         * also have a prefered address, so first try to relocate
 721         * to the preferred address.  If that fails, allocate as low
 722         * as possible while respecting the required alignment.
 723         */
 724        nr_pages = round_up(alloc_size, EFI_ALLOC_ALIGN) / EFI_PAGE_SIZE;
 725        status = efi_call_early(allocate_pages,
 726                                EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA,
 727                                nr_pages, &efi_addr);
 728        new_addr = efi_addr;
 729        /*
 730         * If preferred address allocation failed allocate as low as
 731         * possible.
 732         */
 733        if (status != EFI_SUCCESS) {
 734                status = efi_low_alloc(sys_table_arg, alloc_size, alignment,
 735                                       &new_addr);
 736        }
 737        if (status != EFI_SUCCESS) {
 738                pr_efi_err(sys_table_arg, "Failed to allocate usable memory for kernel.\n");
 739                return status;
 740        }
 741
 742        /*
 743         * We know source/dest won't overlap since both memory ranges
 744         * have been allocated by UEFI, so we can safely use memcpy.
 745         */
 746        memcpy((void *)new_addr, (void *)cur_image_addr, image_size);
 747
 748        /* Return the new address of the relocated image. */
 749        *image_addr = new_addr;
 750
 751        return status;
 752}
 753
 754/*
 755 * Get the number of UTF-8 bytes corresponding to an UTF-16 character.
 756 * This overestimates for surrogates, but that is okay.
 757 */
 758static int efi_utf8_bytes(u16 c)
 759{
 760        return 1 + (c >= 0x80) + (c >= 0x800);
 761}
 762
 763/*
 764 * Convert an UTF-16 string, not necessarily null terminated, to UTF-8.
 765 */
 766static u8 *efi_utf16_to_utf8(u8 *dst, const u16 *src, int n)
 767{
 768        unsigned int c;
 769
 770        while (n--) {
 771                c = *src++;
 772                if (n && c >= 0xd800 && c <= 0xdbff &&
 773                    *src >= 0xdc00 && *src <= 0xdfff) {
 774                        c = 0x10000 + ((c & 0x3ff) << 10) + (*src & 0x3ff);
 775                        src++;
 776                        n--;
 777                }
 778                if (c >= 0xd800 && c <= 0xdfff)
 779                        c = 0xfffd; /* Unmatched surrogate */
 780                if (c < 0x80) {
 781                        *dst++ = c;
 782                        continue;
 783                }
 784                if (c < 0x800) {
 785                        *dst++ = 0xc0 + (c >> 6);
 786                        goto t1;
 787                }
 788                if (c < 0x10000) {
 789                        *dst++ = 0xe0 + (c >> 12);
 790                        goto t2;
 791                }
 792                *dst++ = 0xf0 + (c >> 18);
 793                *dst++ = 0x80 + ((c >> 12) & 0x3f);
 794        t2:
 795                *dst++ = 0x80 + ((c >> 6) & 0x3f);
 796        t1:
 797                *dst++ = 0x80 + (c & 0x3f);
 798        }
 799
 800        return dst;
 801}
 802
 803#ifndef MAX_CMDLINE_ADDRESS
 804#define MAX_CMDLINE_ADDRESS     ULONG_MAX
 805#endif
 806
 807/*
 808 * Convert the unicode UEFI command line to ASCII to pass to kernel.
 809 * Size of memory allocated return in *cmd_line_len.
 810 * Returns NULL on error.
 811 */
 812char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
 813                          efi_loaded_image_t *image,
 814                          int *cmd_line_len)
 815{
 816        const u16 *s2;
 817        u8 *s1 = NULL;
 818        unsigned long cmdline_addr = 0;
 819        int load_options_chars = image->load_options_size / 2; /* UTF-16 */
 820        const u16 *options = image->load_options;
 821        int options_bytes = 0;  /* UTF-8 bytes */
 822        int options_chars = 0;  /* UTF-16 chars */
 823        efi_status_t status;
 824        u16 zero = 0;
 825
 826        if (options) {
 827                s2 = options;
 828                while (*s2 && *s2 != '\n'
 829                       && options_chars < load_options_chars) {
 830                        options_bytes += efi_utf8_bytes(*s2++);
 831                        options_chars++;
 832                }
 833        }
 834
 835        if (!options_chars) {
 836                /* No command line options, so return empty string*/
 837                options = &zero;
 838        }
 839
 840        options_bytes++;        /* NUL termination */
 841
 842        status = efi_high_alloc(sys_table_arg, options_bytes, 0,
 843                                &cmdline_addr, MAX_CMDLINE_ADDRESS);
 844        if (status != EFI_SUCCESS)
 845                return NULL;
 846
 847        s1 = (u8 *)cmdline_addr;
 848        s2 = (const u16 *)options;
 849
 850        s1 = efi_utf16_to_utf8(s1, s2, options_chars);
 851        *s1 = '\0';
 852
 853        *cmd_line_len = options_bytes;
 854        return (char *)cmdline_addr;
 855}
 856
 857/*
 858 * Handle calling ExitBootServices according to the requirements set out by the
 859 * spec.  Obtains the current memory map, and returns that info after calling
 860 * ExitBootServices.  The client must specify a function to perform any
 861 * processing of the memory map data prior to ExitBootServices.  A client
 862 * specific structure may be passed to the function via priv.  The client
 863 * function may be called multiple times.
 864 */
 865efi_status_t efi_exit_boot_services(efi_system_table_t *sys_table_arg,
 866                                    void *handle,
 867                                    struct efi_boot_memmap *map,
 868                                    void *priv,
 869                                    efi_exit_boot_map_processing priv_func)
 870{
 871        efi_status_t status;
 872
 873        status = efi_get_memory_map(sys_table_arg, map);
 874
 875        if (status != EFI_SUCCESS)
 876                goto fail;
 877
 878        status = priv_func(sys_table_arg, map, priv);
 879        if (status != EFI_SUCCESS)
 880                goto free_map;
 881
 882        status = efi_call_early(exit_boot_services, handle, *map->key_ptr);
 883
 884        if (status == EFI_INVALID_PARAMETER) {
 885                /*
 886                 * The memory map changed between efi_get_memory_map() and
 887                 * exit_boot_services().  Per the UEFI Spec v2.6, Section 6.4:
 888                 * EFI_BOOT_SERVICES.ExitBootServices we need to get the
 889                 * updated map, and try again.  The spec implies one retry
 890                 * should be sufficent, which is confirmed against the EDK2
 891                 * implementation.  Per the spec, we can only invoke
 892                 * get_memory_map() and exit_boot_services() - we cannot alloc
 893                 * so efi_get_memory_map() cannot be used, and we must reuse
 894                 * the buffer.  For all practical purposes, the headroom in the
 895                 * buffer should account for any changes in the map so the call
 896                 * to get_memory_map() is expected to succeed here.
 897                 */
 898                *map->map_size = *map->buff_size;
 899                status = efi_call_early(get_memory_map,
 900                                        map->map_size,
 901                                        *map->map,
 902                                        map->key_ptr,
 903                                        map->desc_size,
 904                                        map->desc_ver);
 905
 906                /* exit_boot_services() was called, thus cannot free */
 907                if (status != EFI_SUCCESS)
 908                        goto fail;
 909
 910                status = priv_func(sys_table_arg, map, priv);
 911                /* exit_boot_services() was called, thus cannot free */
 912                if (status != EFI_SUCCESS)
 913                        goto fail;
 914
 915                status = efi_call_early(exit_boot_services, handle, *map->key_ptr);
 916        }
 917
 918        /* exit_boot_services() was called, thus cannot free */
 919        if (status != EFI_SUCCESS)
 920                goto fail;
 921
 922        return EFI_SUCCESS;
 923
 924free_map:
 925        efi_call_early(free_pool, *map->map);
 926fail:
 927        return status;
 928}
 929