Blame - marvell/linux/arch/arm64/kernel/efi.c - T108

blob: 14b7352bc05eb99712186b45dd17c55ca929253c [file] [log] [blame]

b.liu	e958203	2025-04-17 19:18:16 +0800	[diff] [blame^]	1	// SPDX-License-Identifier: GPL-2.0-only
				2	/*
				3	* Extensible Firmware Interface
				4	*
				5	* Based on Extensible Firmware Interface Specification version 2.4
				6	*
				7	* Copyright (C) 2013, 2014 Linaro Ltd.
				8	*/
				9
				10	#include <linux/efi.h>
				11	#include <linux/init.h>
				12
				13	#include <asm/efi.h>
				14
				15	static bool region_is_misaligned(const efi_memory_desc_t *md)
				16	{
				17	if (PAGE_SIZE == EFI_PAGE_SIZE)
				18	return false;
				19	return !PAGE_ALIGNED(md->phys_addr) \|\|
				20	!PAGE_ALIGNED(md->num_pages << EFI_PAGE_SHIFT);
				21	}
				22
				23	/*
				24	* Only regions of type EFI_RUNTIME_SERVICES_CODE need to be
				25	* executable, everything else can be mapped with the XN bits
				26	* set. Also take the new (optional) RO/XP bits into account.
				27	*/
				28	static __init pteval_t create_mapping_protection(efi_memory_desc_t *md)
				29	{
				30	u64 attr = md->attribute;
				31	u32 type = md->type;
				32
				33	if (type == EFI_MEMORY_MAPPED_IO)
				34	return PROT_DEVICE_nGnRE;
				35
				36	if (region_is_misaligned(md)) {
				37	static bool __initdata code_is_misaligned;
				38
				39	/*
				40	* Regions that are not aligned to the OS page size cannot be
				41	* mapped with strict permissions, as those might interfere
				42	* with the permissions that are needed by the adjacent
				43	* region's mapping. However, if we haven't encountered any
				44	* misaligned runtime code regions so far, we can safely use
				45	* non-executable permissions for non-code regions.
				46	*/
				47	code_is_misaligned \|= (type == EFI_RUNTIME_SERVICES_CODE);
				48
				49	return code_is_misaligned ? pgprot_val(PAGE_KERNEL_EXEC)
				50	: pgprot_val(PAGE_KERNEL);
				51	}
				52
				53	/* R-- */
				54	if ((attr & (EFI_MEMORY_XP \| EFI_MEMORY_RO)) ==
				55	(EFI_MEMORY_XP \| EFI_MEMORY_RO))
				56	return pgprot_val(PAGE_KERNEL_RO);
				57
				58	/* R-X */
				59	if (attr & EFI_MEMORY_RO)
				60	return pgprot_val(PAGE_KERNEL_ROX);
				61
				62	/* RW- */
				63	if (((attr & (EFI_MEMORY_RP \| EFI_MEMORY_WP \| EFI_MEMORY_XP)) ==
				64	EFI_MEMORY_XP) \|\|
				65	type != EFI_RUNTIME_SERVICES_CODE)
				66	return pgprot_val(PAGE_KERNEL);
				67
				68	/* RWX */
				69	return pgprot_val(PAGE_KERNEL_EXEC);
				70	}
				71
				72	/* we will fill this structure from the stub, so don't put it in .bss */
				73	struct screen_info screen_info __section(.data);
				74
				75	int __init efi_create_mapping(struct mm_struct mm, efi_memory_desc_t md)
				76	{
				77	pteval_t prot_val = create_mapping_protection(md);
				78	bool page_mappings_only = (md->type == EFI_RUNTIME_SERVICES_CODE \|\|
				79	md->type == EFI_RUNTIME_SERVICES_DATA);
				80
				81	/*
				82	* If this region is not aligned to the page size used by the OS, the
				83	* mapping will be rounded outwards, and may end up sharing a page
				84	* frame with an adjacent runtime memory region. Given that the page
				85	* table descriptor covering the shared page will be rewritten when the
				86	* adjacent region gets mapped, we must avoid block mappings here so we
				87	* don't have to worry about splitting them when that happens.
				88	*/
				89	if (region_is_misaligned(md))
				90	page_mappings_only = true;
				91
				92	create_pgd_mapping(mm, md->phys_addr, md->virt_addr,
				93	md->num_pages << EFI_PAGE_SHIFT,
				94	__pgprot(prot_val \| PTE_NG), page_mappings_only);
				95	return 0;
				96	}
				97
				98	static int __init set_permissions(pte_t ptep, unsigned long addr, void data)
				99	{
				100	efi_memory_desc_t *md = data;
				101	pte_t pte = READ_ONCE(*ptep);
				102
				103	if (md->attribute & EFI_MEMORY_RO)
				104	pte = set_pte_bit(pte, __pgprot(PTE_RDONLY));
				105	if (md->attribute & EFI_MEMORY_XP)
				106	pte = set_pte_bit(pte, __pgprot(PTE_PXN));
				107	set_pte(ptep, pte);
				108	return 0;
				109	}
				110
				111	int __init efi_set_mapping_permissions(struct mm_struct *mm,
				112	efi_memory_desc_t *md)
				113	{
				114	BUG_ON(md->type != EFI_RUNTIME_SERVICES_CODE &&
				115	md->type != EFI_RUNTIME_SERVICES_DATA);
				116
				117	if (region_is_misaligned(md))
				118	return 0;
				119
				120	/*
				121	* Calling apply_to_page_range() is only safe on regions that are
				122	* guaranteed to be mapped down to pages. Since we are only called
				123	* for regions that have been mapped using efi_create_mapping() above
				124	* (and this is checked by the generic Memory Attributes table parsing
				125	* routines), there is no need to check that again here.
				126	*/
				127	return apply_to_page_range(mm, md->virt_addr,
				128	md->num_pages << EFI_PAGE_SHIFT,
				129	set_permissions, md);
				130	}
				131
				132	/*
				133	* UpdateCapsule() depends on the system being shutdown via
				134	* ResetSystem().
				135	*/
				136	bool efi_poweroff_required(void)
				137	{
				138	return efi_enabled(EFI_RUNTIME_SERVICES);
				139	}
				140
				141	asmlinkage efi_status_t efi_handle_corrupted_x18(efi_status_t s, const char *f)
				142	{
				143	pr_err_ratelimited(FW_BUG "register x18 corrupted by EFI %s\n", f);
				144	return s;
				145	}