2 * This file is part of the coreboot project.
4 * Copyright (C) 2003 Eric W. Biederman <ebiederm@xmission.com>
5 * Copyright (C) 2009 Ron Minnich <rminnich@gmail.com>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; version 2 of the License.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA, 02110-1301 USA
21 #include <console/console.h>
24 #include <boot/elf_boot.h>
25 #include <boot/coreboot_tables.h>
26 #include <ip_checksum.h>
33 #ifndef CONFIG_BIG_ENDIAN
34 #define ntohl(x) ( ((x&0xff)<<24) | ((x&0xff00)<<8) | \
35 ((x&0xff0000) >> 8) | ((x&0xff000000) >> 24) )
40 /* Maximum physical address we can use for the coreboot bounce buffer.
46 extern unsigned char _ram_seg;
47 extern unsigned char _eram_seg;
52 struct segment *phdr_next;
53 struct segment *phdr_prev;
54 unsigned long s_dstaddr;
55 unsigned long s_srcaddr;
56 unsigned long s_memsz;
57 unsigned long s_filesz;
61 struct verify_callback {
62 struct verify_callback *next;
63 int (*callback)(struct verify_callback *vcb,
64 Elf_ehdr *ehdr, Elf_phdr *phdr, struct segment *head);
65 unsigned long desc_offset;
66 unsigned long desc_addr;
69 struct ip_checksum_vcb {
70 struct verify_callback data;
71 unsigned short ip_checksum;
74 static int selfboot(struct lb_memory *mem, struct cbfs_payload *payload);
76 void * cbfs_load_payload(struct lb_memory *lb_mem, const char *name)
78 struct cbfs_payload *payload;
80 payload = (struct cbfs_payload *)cbfs_find_file(name, CBFS_TYPE_PAYLOAD);
83 printk(BIOS_DEBUG, "Got a payload\n");
85 selfboot(lb_mem, payload);
86 printk(BIOS_EMERG, "SELFBOOT RETURNED!\n");
92 * Static executables all want to share the same addresses
93 * in memory because only a few addresses are reliably present on
94 * a machine, and implementing general relocation is hard.
97 * - Allocate a buffer the size of the coreboot image plus additional
99 * - Anything that would overwrite coreboot copy into the lower part of
101 * - After loading an ELF image copy coreboot to the top of the buffer.
102 * - Then jump to the loaded image.
105 * - Nearly arbitrary standalone executables can be loaded.
106 * - Coreboot is preserved, so it can be returned to.
107 * - The implementation is still relatively simple,
108 * and much simpler than the general case implemented in kexec.
112 static unsigned long bounce_size, bounce_buffer;
114 static void get_bounce_buffer(struct lb_memory *mem, unsigned long req_size)
116 unsigned long lb_size;
117 unsigned long mem_entries;
118 unsigned long buffer;
120 lb_size = (unsigned long)(&_eram_seg - &_ram_seg);
121 /* Double coreboot size so I have somewhere to place a copy to return to */
122 lb_size = req_size + lb_size;
123 mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
125 for(i = 0; i < mem_entries; i++) {
126 unsigned long mstart, mend;
128 unsigned long tbuffer;
129 if (mem->map[i].type != LB_MEM_RAM)
131 if (unpack_lb64(mem->map[i].start) > MAX_ADDR)
133 if (unpack_lb64(mem->map[i].size) < lb_size)
135 mstart = unpack_lb64(mem->map[i].start);
136 msize = MAX_ADDR - mstart +1;
137 if (msize > unpack_lb64(mem->map[i].size))
138 msize = unpack_lb64(mem->map[i].size);
139 mend = mstart + msize;
140 tbuffer = mend - lb_size;
141 if (tbuffer < buffer)
145 bounce_buffer = buffer;
146 bounce_size = req_size;
149 static int valid_area(struct lb_memory *mem, unsigned long buffer,
150 unsigned long start, unsigned long len)
152 /* Check through all of the memory segments and ensure
153 * the segment that was passed in is completely contained
157 unsigned long end = start + len;
158 unsigned long mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
160 /* See if I conflict with the bounce buffer */
165 /* Walk through the table of valid memory ranges and see if I
168 for(i = 0; i < mem_entries; i++) {
169 uint64_t mstart, mend;
171 mtype = mem->map[i].type;
172 mstart = unpack_lb64(mem->map[i].start);
173 mend = mstart + unpack_lb64(mem->map[i].size);
174 if ((mtype == LB_MEM_RAM) && (start < mend) && (end > mstart)) {
177 if ((mtype == LB_MEM_TABLE) && (start < mend) && (end > mstart)) {
178 printk(BIOS_ERR, "Payload is overwriting Coreboot tables.\n");
182 if (i == mem_entries) {
183 printk(BIOS_ERR, "No matching ram area found for range:\n");
184 printk(BIOS_ERR, " [0x%016lx, 0x%016lx)\n", start, end);
185 printk(BIOS_ERR, "Ram areas\n");
186 for(i = 0; i < mem_entries; i++) {
187 uint64_t mstart, mend;
189 mtype = mem->map[i].type;
190 mstart = unpack_lb64(mem->map[i].start);
191 mend = mstart + unpack_lb64(mem->map[i].size);
192 printk(BIOS_ERR, " [0x%016lx, 0x%016lx) %s\n",
193 (unsigned long)mstart,
195 (mtype == LB_MEM_RAM)?"RAM":"Reserved");
203 static const unsigned long lb_start = (unsigned long)&_ram_seg;
204 static const unsigned long lb_end = (unsigned long)&_eram_seg;
206 static int overlaps_coreboot(struct segment *seg)
208 unsigned long start, end;
209 start = seg->s_dstaddr;
210 end = start + seg->s_memsz;
211 return !((end <= lb_start) || (start >= lb_end));
214 static int relocate_segment(unsigned long buffer, struct segment *seg)
216 /* Modify all segments that want to load onto coreboot
217 * to load onto the bounce buffer instead.
219 /* ret: 1 : A new segment is inserted before the seg.
220 * 0 : A new segment is inserted after the seg, or no new one. */
221 unsigned long start, middle, end, ret = 0;
223 printk(BIOS_SPEW, "lb: [0x%016lx, 0x%016lx)\n",
226 /* I don't conflict with coreboot so get out of here */
227 if (!overlaps_coreboot(seg))
230 start = seg->s_dstaddr;
231 middle = start + seg->s_filesz;
232 end = start + seg->s_memsz;
234 printk(BIOS_SPEW, "segment: [0x%016lx, 0x%016lx, 0x%016lx)\n",
237 if (seg->compression == CBFS_COMPRESS_NONE) {
238 /* Slice off a piece at the beginning
239 * that doesn't conflict with coreboot.
241 if (start < lb_start) {
243 unsigned long len = lb_start - start;
244 new = malloc(sizeof(*new));
248 seg->s_dstaddr += len;
249 seg->s_srcaddr += len;
250 if (seg->s_filesz > len) {
252 seg->s_filesz -= len;
257 /* Order by stream offset */
259 new->prev = seg->prev;
260 seg->prev->next = new;
262 /* Order by original program header order */
263 new->phdr_next = seg;
264 new->phdr_prev = seg->phdr_prev;
265 seg->phdr_prev->phdr_next = new;
266 seg->phdr_prev = new;
268 /* compute the new value of start */
269 start = seg->s_dstaddr;
271 printk(BIOS_SPEW, " early: [0x%016lx, 0x%016lx, 0x%016lx)\n",
273 new->s_dstaddr + new->s_filesz,
274 new->s_dstaddr + new->s_memsz);
279 /* Slice off a piece at the end
280 * that doesn't conflict with coreboot
283 unsigned long len = lb_end - start;
285 new = malloc(sizeof(*new));
289 new->s_dstaddr += len;
290 new->s_srcaddr += len;
291 if (seg->s_filesz > len) {
293 new->s_filesz -= len;
297 /* Order by stream offset */
298 new->next = seg->next;
300 seg->next->prev = new;
302 /* Order by original program header order */
303 new->phdr_next = seg->phdr_next;
304 new->phdr_prev = seg;
305 seg->phdr_next->phdr_prev = new;
306 seg->phdr_next = new;
308 printk(BIOS_SPEW, " late: [0x%016lx, 0x%016lx, 0x%016lx)\n",
310 new->s_dstaddr + new->s_filesz,
311 new->s_dstaddr + new->s_memsz);
315 /* Now retarget this segment onto the bounce buffer */
316 /* sort of explanation: the buffer is a 1:1 mapping to coreboot.
317 * so you will make the dstaddr be this buffer, and it will get copied
318 * later to where coreboot lives.
320 seg->s_dstaddr = buffer + (seg->s_dstaddr - lb_start);
322 printk(BIOS_SPEW, " bounce: [0x%016lx, 0x%016lx, 0x%016lx)\n",
324 seg->s_dstaddr + seg->s_filesz,
325 seg->s_dstaddr + seg->s_memsz);
331 static int build_self_segment_list(
332 struct segment *head,
333 struct lb_memory *mem,
334 struct cbfs_payload *payload, u32 *entry)
338 struct cbfs_payload_segment *segment, *first_segment;
339 memset(head, 0, sizeof(*head));
340 head->phdr_next = head->phdr_prev = head;
341 head->next = head->prev = head;
342 first_segment = segment = &payload->segments;
345 printk(BIOS_DEBUG, "Loading segment from rom address 0x%p\n", segment);
346 switch(segment->type) {
347 case PAYLOAD_SEGMENT_PARAMS:
348 printk(BIOS_DEBUG, " parameter section (skipped)\n");
352 case PAYLOAD_SEGMENT_CODE:
353 case PAYLOAD_SEGMENT_DATA:
354 printk(BIOS_DEBUG, " %s (compression=%x)\n",
355 segment->type == PAYLOAD_SEGMENT_CODE ? "code" : "data",
356 ntohl(segment->compression));
357 new = malloc(sizeof(*new));
358 new->s_dstaddr = ntohl((u32) segment->load_addr);
359 new->s_memsz = ntohl(segment->mem_len);
360 new->compression = ntohl(segment->compression);
362 new->s_srcaddr = (u32) ((unsigned char *) first_segment) + ntohl(segment->offset);
363 new->s_filesz = ntohl(segment->len);
364 printk(BIOS_DEBUG, " New segment dstaddr 0x%lx memsize 0x%lx srcaddr 0x%lx filesize 0x%lx\n",
365 new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
366 /* Clean up the values */
367 if (new->s_filesz > new->s_memsz) {
368 new->s_filesz = new->s_memsz;
370 printk(BIOS_DEBUG, " (cleaned up) New segment addr 0x%lx size 0x%lx offset 0x%lx filesize 0x%lx\n",
371 new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
374 case PAYLOAD_SEGMENT_BSS:
375 printk(BIOS_DEBUG, " BSS 0x%p (%d byte)\n", (void *) ntohl((u32) segment->load_addr),
376 ntohl(segment->mem_len));
377 new = malloc(sizeof(*new));
379 new->s_dstaddr = ntohl((u32) segment->load_addr);
380 new->s_memsz = ntohl(segment->mem_len);
383 case PAYLOAD_SEGMENT_ENTRY:
384 printk(BIOS_DEBUG, " Entry Point 0x%p\n", (void *) ntohl((u32) segment->load_addr));
385 *entry = ntohl((u32) segment->load_addr);
386 /* Per definition, a payload always has the entry point
387 * as last segment. Thus, we use the occurence of the
388 * entry point as break condition for the loop.
389 * Can we actually just look at the number of section?
394 /* We found something that we don't know about. Throw
395 * hands into the sky and run away!
397 printk(BIOS_EMERG, "Bad segment type %x\n", segment->type);
403 // FIXME: Explain what this is
404 for(ptr = head->next; ptr != head; ptr = ptr->next) {
405 if (new->s_srcaddr < ntohl((u32) segment->load_addr))
409 /* Order by stream offset */
411 new->prev = ptr->prev;
412 ptr->prev->next = new;
415 /* Order by original program header order */
416 new->phdr_next = head;
417 new->phdr_prev = head->phdr_prev;
418 head->phdr_prev->phdr_next = new;
419 head->phdr_prev = new;
425 static int load_self_segments(
426 struct segment *head,
427 struct lb_memory *mem,
428 struct cbfs_payload *payload)
432 unsigned long bounce_high = lb_end;
433 for(ptr = head->next; ptr != head; ptr = ptr->next) {
434 if (!overlaps_coreboot(ptr)) continue;
435 if (ptr->s_dstaddr + ptr->s_memsz > bounce_high)
436 bounce_high = ptr->s_dstaddr + ptr->s_memsz;
438 get_bounce_buffer(mem, bounce_high - lb_start);
439 if (!bounce_buffer) {
440 printk(BIOS_ERR, "Could not find a bounce buffer...\n");
443 for(ptr = head->next; ptr != head; ptr = ptr->next) {
444 /* Verify the memory addresses in the segment are valid */
445 if (!valid_area(mem, bounce_buffer, ptr->s_dstaddr, ptr->s_memsz))
448 for(ptr = head->next; ptr != head; ptr = ptr->next) {
449 unsigned char *dest, *src;
450 printk(BIOS_DEBUG, "Loading Segment: addr: 0x%016lx memsz: 0x%016lx filesz: 0x%016lx\n",
451 ptr->s_dstaddr, ptr->s_memsz, ptr->s_filesz);
453 /* Modify the segment to load onto the bounce_buffer if necessary.
455 if (relocate_segment(bounce_buffer, ptr)) {
456 ptr = (ptr->prev)->prev;
460 printk(BIOS_DEBUG, "Post relocation: addr: 0x%016lx memsz: 0x%016lx filesz: 0x%016lx\n",
461 ptr->s_dstaddr, ptr->s_memsz, ptr->s_filesz);
463 /* Compute the boundaries of the segment */
464 dest = (unsigned char *)(ptr->s_dstaddr);
465 src = (unsigned char *)(ptr->s_srcaddr);
467 /* Copy data from the initial buffer */
469 unsigned char *middle, *end;
472 switch(ptr->compression) {
473 case CBFS_COMPRESS_LZMA: {
474 printk(BIOS_DEBUG, "using LZMA\n");
475 len = ulzma(src, dest);
476 if (!len) /* Decompression Error. */
480 #if CONFIG_COMPRESSED_PAYLOAD_NRV2B==1
481 case CBFS_COMPRESS_NRV2B: {
482 printk(BIOS_DEBUG, "using NRV2B\n");
483 unsigned long unrv2b(u8 *src, u8 *dst, unsigned long *ilen_p);
485 len = unrv2b(src, dest, &tmp);
489 case CBFS_COMPRESS_NONE: {
490 printk(BIOS_DEBUG, "it's not compressed!\n");
491 memcpy(dest, src, len);
495 printk(BIOS_INFO, "CBFS: Unknown compression type %d\n", ptr->compression);
498 end = dest + ptr->s_memsz;
500 printk(BIOS_SPEW, "[ 0x%08lx, %08lx, 0x%08lx) <- %08lx\n",
502 (unsigned long)middle,
506 /* Zero the extra bytes between middle & end */
508 printk(BIOS_DEBUG, "Clearing Segment: addr: 0x%016lx memsz: 0x%016lx\n",
509 (unsigned long)middle, (unsigned long)(end - middle));
511 /* Zero the extra bytes */
512 memset(middle, 0, end - middle);
514 /* Copy the data that's outside the area that shadows coreboot_ram */
515 printk(BIOS_DEBUG, "dest %p, end %p, bouncebuffer %lx\n", dest, end, bounce_buffer);
516 if ((unsigned long)end > bounce_buffer) {
517 if ((unsigned long)dest < bounce_buffer) {
518 unsigned char *from = dest;
519 unsigned char *to = (unsigned char*)(lb_start-(bounce_buffer-(unsigned long)dest));
520 unsigned long amount = bounce_buffer-(unsigned long)dest;
521 printk(BIOS_DEBUG, "move prefix around: from %p, to %p, amount: %lx\n", from, to, amount);
522 memcpy(to, from, amount);
524 if ((unsigned long)end > bounce_buffer + (lb_end - lb_start)) {
525 unsigned long from = bounce_buffer + (lb_end - lb_start);
526 unsigned long to = lb_end;
527 unsigned long amount = (unsigned long)end - from;
528 printk(BIOS_DEBUG, "move suffix around: from %lx, to %lx, amount: %lx\n", from, to, amount);
529 memcpy((char*)to, (char*)from, amount);
537 static int selfboot(struct lb_memory *mem, struct cbfs_payload *payload)
542 /* Preprocess the self segments */
543 if (!build_self_segment_list(&head, mem, payload, &entry))
546 /* Load the segments */
547 if (!load_self_segments(&head, mem, payload))
550 printk(BIOS_SPEW, "Loaded segments\n");
552 /* Reset to booting from this image as late as possible */
555 printk(BIOS_DEBUG, "Jumping to boot code at %x\n", entry);
559 jmp_to_elf_entry((void*)entry, bounce_buffer, bounce_size);