src/boot/selfboot.c

   1 /*
   2  * This file is part of the coreboot project.
   3  *
   4  * Copyright (C) 2003 Eric W. Biederman <ebiederm@xmission.com>
   5  * Copyright (C) 2009 Ron Minnich <rminnich@gmail.com>
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; version 2 of the License.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA, 02110-1301 USA
  19  */
  20
  21 #include <console/console.h>
  22 #include <part/fallback_boot.h>
  23 #include <boot/elf.h>
  24 #include <boot/elf_boot.h>
  25 #include <boot/coreboot_tables.h>
  26 #include <ip_checksum.h>
  27 #include <stream/read_bytes.h>
  28 #include <stdint.h>
  29 #include <stdlib.h>
  30 #include <string.h>
  31 #include <cbfs.h>
  32
  33 #ifndef CONFIG_BIG_ENDIAN
  34 #define ntohl(x) ( ((x&0xff)<<24) | ((x&0xff00)<<8) | \
  35                 ((x&0xff0000) >> 8) | ((x&0xff000000) >> 24) )
  36 #else
  37 #define ntohl(x) (x)
  38 #endif
  39
  40 /* Maximum physical address we can use for the coreboot bounce buffer.
  41  */
  42 #ifndef MAX_ADDR
  43 #define MAX_ADDR -1UL
  44 #endif
  45
  46 extern unsigned char _ram_seg;
  47 extern unsigned char _eram_seg;
  48
  49 struct segment {
  50         struct segment *next;
  51         struct segment *prev;
  52         struct segment *phdr_next;
  53         struct segment *phdr_prev;
  54         unsigned long s_dstaddr;
  55         unsigned long s_srcaddr;
  56         unsigned long s_memsz;
  57         unsigned long s_filesz;
  58 };
  59
  60 struct verify_callback {
  61         struct verify_callback *next;
  62         int (*callback)(struct verify_callback *vcb,
  63                 Elf_ehdr *ehdr, Elf_phdr *phdr, struct segment *head);
  64         unsigned long desc_offset;
  65         unsigned long desc_addr;
  66 };
  67
  68 struct ip_checksum_vcb {
  69         struct verify_callback data;
  70         unsigned short ip_checksum;
  71 };
  72
  73 int cbfs_self_decompress(int algo, void *src,struct segment *new)
  74 {
  75         u8 *dst;
  76
  77         /* for uncompressed, it's easy: just point at the area in ROM */
  78         if (algo ==  CBFS_COMPRESS_NONE) {
  79                 new->s_srcaddr = (u32) src;
  80                 new->s_filesz =  new->s_memsz;
  81                 return 0;
  82         }
  83
  84         /* for compression, let's keep it simple. We'll malloc the destination
  85          * area and decompress to there. The compression overhead far outweighs
  86          * any overhead for an extra copy.
  87          */
  88         dst = malloc(new->s_memsz);
  89         if (! dst)
  90                 return -1;
  91
  92         switch(algo) {
  93 #ifdef CONFIG_COMPRESSION_LZMA
  94         case CBFS_COMPRESS_LZMA: {
  95                 unsigned long ulzma(unsigned char *src, unsigned char *dst);
  96                 ulzma(src, dst);
  97         }
  98 #endif
  99
 100 #ifdef CONFIG_COMPRESSION_NRV2B
 101         case CBFS_COMPRESS_NRV2B: {
 102                 unsigned long unrv2b(u8 *src, u8 *dst, unsigned long *ilen_p);
 103                 unsigned long tmp;
 104                 unrv2b(src, dst, &tmp);
 105         }
 106 #endif
 107         default:
 108                 printk_info( "CBFS:  Unknown compression type %d\n",
 109                        algo);
 110                 return -1;
 111         }
 112
 113         new->s_srcaddr = (u32) dst;
 114         new->s_filesz =  new->s_memsz;
 115         return 0;
 116
 117 }
 118
 119 /* The problem:
 120  * Static executables all want to share the same addresses
 121  * in memory because only a few addresses are reliably present on
 122  * a machine, and implementing general relocation is hard.
 123  *
 124  * The solution:
 125  * - Allocate a buffer twice the size of the coreboot image.
 126  * - Anything that would overwrite coreboot copy into the lower half of
 127  *   the buffer.
 128  * - After loading an ELF image copy coreboot to the upper half of the
 129  *   buffer.
 130  * - Then jump to the loaded image.
 131  *
 132  * Benefits:
 133  * - Nearly arbitrary standalone executables can be loaded.
 134  * - Coreboot is preserved, so it can be returned to.
 135  * - The implementation is still relatively simple,
 136  *   and much simpler then the general case implemented in kexec.
 137  *
 138  */
 139
 140 static unsigned long get_bounce_buffer(struct lb_memory *mem)
 141 {
 142         unsigned long lb_size;
 143         unsigned long mem_entries;
 144         unsigned long buffer;
 145         int i;
 146         lb_size = (unsigned long)(&_eram_seg - &_ram_seg);
 147         /* Double coreboot size so I have somewhere to place a copy to return to */
 148         lb_size = lb_size + lb_size;
 149         mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
 150         buffer = 0;
 151         for(i = 0; i < mem_entries; i++) {
 152                 unsigned long mstart, mend;
 153                 unsigned long msize;
 154                 unsigned long tbuffer;
 155                 if (mem->map[i].type != LB_MEM_RAM)
 156                         continue;
 157                 if (unpack_lb64(mem->map[i].start) > MAX_ADDR)
 158                         continue;
 159                 if (unpack_lb64(mem->map[i].size) < lb_size)
 160                         continue;
 161                 mstart = unpack_lb64(mem->map[i].start);
 162                 msize = MAX_ADDR - mstart +1;
 163                 if (msize > unpack_lb64(mem->map[i].size))
 164                         msize = unpack_lb64(mem->map[i].size);
 165                 mend = mstart + msize;
 166                 tbuffer = mend - lb_size;
 167                 if (tbuffer < buffer)
 168                         continue;
 169                 buffer = tbuffer;
 170         }
 171         return buffer;
 172 }
 173
 174 static int valid_area(struct lb_memory *mem, unsigned long buffer,
 175         unsigned long start, unsigned long len)
 176 {
 177         /* Check through all of the memory segments and ensure
 178          * the segment that was passed in is completely contained
 179          * in RAM.
 180          */
 181         int i;
 182         unsigned long end = start + len;
 183         unsigned long mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
 184
 185         /* See if I conflict with the bounce buffer */
 186         if (end >= buffer) {
 187                 return 0;
 188         }
 189
 190         /* Walk through the table of valid memory ranges and see if I
 191          * have a match.
 192          */
 193         for(i = 0; i < mem_entries; i++) {
 194                 uint64_t mstart, mend;
 195                 uint32_t mtype;
 196                 mtype = mem->map[i].type;
 197                 mstart = unpack_lb64(mem->map[i].start);
 198                 mend = mstart + unpack_lb64(mem->map[i].size);
 199                 if ((mtype == LB_MEM_RAM) && (start < mend) && (end > mstart)) {
 200                         break;
 201                 }
 202                 if ((mtype == LB_MEM_TABLE) && (start < mend) && (end > mstart)) {
 203                         printk_err("Payload is overwriting Coreboot tables.\n");
 204                         break;
 205                 }
 206         }
 207         if (i == mem_entries) {
 208                 printk_err("No matching ram area found for range:\n");
 209                 printk_err("  [0x%016lx, 0x%016lx)\n", start, end);
 210                 printk_err("Ram areas\n");
 211                 for(i = 0; i < mem_entries; i++) {
 212                         uint64_t mstart, mend;
 213                         uint32_t mtype;
 214                         mtype = mem->map[i].type;
 215                         mstart = unpack_lb64(mem->map[i].start);
 216                         mend = mstart + unpack_lb64(mem->map[i].size);
 217                         printk_err("  [0x%016lx, 0x%016lx) %s\n",
 218                                 (unsigned long)mstart,
 219                                 (unsigned long)mend,
 220                                 (mtype == LB_MEM_RAM)?"RAM":"Reserved");
 221
 222                 }
 223                 return 0;
 224         }
 225         return 1;
 226 }
 227
 228 static void relocate_segment(unsigned long buffer, struct segment *seg)
 229 {
 230         /* Modify all segments that want to load onto coreboot
 231          * to load onto the bounce buffer instead.
 232          */
 233         unsigned long lb_start = (unsigned long)&_ram_seg;
 234         unsigned long lb_end = (unsigned long)&_eram_seg;
 235         unsigned long start, middle, end;
 236
 237         printk_spew("lb: [0x%016lx, 0x%016lx)\n",
 238                 lb_start, lb_end);
 239
 240         start = seg->s_dstaddr;
 241         middle = start + seg->s_filesz;
 242         end = start + seg->s_memsz;
 243         /* I don't conflict with coreboot so get out of here */
 244         if ((end <= lb_start) || (start >= lb_end))
 245                 return;
 246
 247         printk_spew("segment: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 248                 start, middle, end);
 249
 250         /* Slice off a piece at the beginning
 251          * that doesn't conflict with coreboot.
 252          */
 253         if (start < lb_start) {
 254                 struct segment *new;
 255                 unsigned long len = lb_start - start;
 256                 new = malloc(sizeof(*new));
 257                 *new = *seg;
 258                 new->s_memsz = len;
 259                 seg->s_memsz -= len;
 260                 seg->s_dstaddr += len;
 261                 seg->s_srcaddr += len;
 262                 if (seg->s_filesz > len) {
 263                         new->s_filesz = len;
 264                         seg->s_filesz -= len;
 265                 } else {
 266                         seg->s_filesz = 0;
 267                 }
 268
 269                 /* Order by stream offset */
 270                 new->next = seg;
 271                 new->prev = seg->prev;
 272                 seg->prev->next = new;
 273                 seg->prev = new;
 274                 /* Order by original program header order */
 275                 new->phdr_next = seg;
 276                 new->phdr_prev = seg->phdr_prev;
 277                 seg->phdr_prev->phdr_next = new;
 278                 seg->phdr_prev = new;
 279
 280                 /* compute the new value of start */
 281                 start = seg->s_dstaddr;
 282
 283                 printk_spew("   early: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 284                         new->s_dstaddr,
 285                         new->s_dstaddr + new->s_filesz,
 286                         new->s_dstaddr + new->s_memsz);
 287         }
 288
 289         /* Slice off a piece at the end
 290          * that doesn't conflict with coreboot
 291          */
 292         if (end > lb_end) {
 293                 unsigned long len = lb_end - start;
 294                 struct segment *new;
 295                 new = malloc(sizeof(*new));
 296                 *new = *seg;
 297                 seg->s_memsz = len;
 298                 new->s_memsz -= len;
 299                 new->s_dstaddr += len;
 300                 new->s_srcaddr += len;
 301                 if (seg->s_filesz > len) {
 302                         seg->s_filesz = len;
 303                         new->s_filesz -= len;
 304                 } else {
 305                         new->s_filesz = 0;
 306                 }
 307                 /* Order by stream offset */
 308                 new->next = seg->next;
 309                 new->prev = seg;
 310                 seg->next->prev = new;
 311                 seg->next = new;
 312                 /* Order by original program header order */
 313                 new->phdr_next = seg->phdr_next;
 314                 new->phdr_prev = seg;
 315                 seg->phdr_next->phdr_prev = new;
 316                 seg->phdr_next = new;
 317
 318                 /* compute the new value of end */
 319                 end = start + len;
 320
 321                 printk_spew("   late: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 322                         new->s_dstaddr,
 323                         new->s_dstaddr + new->s_filesz,
 324                         new->s_dstaddr + new->s_memsz);
 325
 326         }
 327         /* Now retarget this segment onto the bounce buffer */
 328         /* sort of explanation: the buffer is a 1:1 mapping to coreboot.
 329          * so you will make the dstaddr be this buffer, and it will get copied
 330          * later to where coreboot lives.
 331          */
 332         seg->s_dstaddr = buffer + (seg->s_dstaddr - lb_start);
 333
 334         printk_spew(" bounce: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 335                 seg->s_dstaddr,
 336                 seg->s_dstaddr + seg->s_filesz,
 337                 seg->s_dstaddr + seg->s_memsz);
 338 }
 339
 340
 341 static int build_self_segment_list(
 342         struct segment *head,
 343         unsigned long bounce_buffer, struct lb_memory *mem,
 344         struct cbfs_payload *payload, u32 *entry)
 345 {
 346         struct segment *new;
 347         struct segment *ptr;
 348         u8 *data;
 349         int datasize;
 350         struct cbfs_payload_segment *segment, *first_segment;
 351         memset(head, 0, sizeof(*head));
 352         head->phdr_next = head->phdr_prev = head;
 353         head->next = head->prev = head;
 354         first_segment = segment = &payload->segments;
 355
 356         while(1) {
 357                 printk_debug("Segment %p\n", segment);
 358                 switch(segment->type) {
 359                 default: printk_emerg("Bad segment type %x\n", segment->type);
 360                         return -1;
 361                 case PAYLOAD_SEGMENT_PARAMS:
 362                         printk_info("found param section\n");
 363                         segment++;
 364                         continue;
 365                 case PAYLOAD_SEGMENT_CODE:
 366                 case PAYLOAD_SEGMENT_DATA:
 367                         printk_info( "%s: ", segment->type == PAYLOAD_SEGMENT_CODE ?
 368                                 "code" : "data");
 369                 new = malloc(sizeof(*new));
 370                 new->s_dstaddr = ntohl((u32) segment->load_addr);
 371                 new->s_memsz = ntohl(segment->mem_len);
 372
 373                 datasize = ntohl(segment->len);
 374                 /* figure out decompression, do it, get pointer to the area */
 375                 if (cbfs_self_decompress(ntohl(segment->compression),
 376                                              ((unsigned char *) first_segment) +
 377                                              ntohl(segment->offset), new)) {
 378                         printk_emerg("cbfs_self_decompress failed\n");
 379                         return;
 380                 }
 381                 printk_debug("New segment dstaddr 0x%lx memsize 0x%lx srcaddr 0x%lx filesize 0x%lx\n",
 382                         new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
 383                 /* Clean up the values */
 384                 if (new->s_filesz > new->s_memsz)  {
 385                         new->s_filesz = new->s_memsz;
 386                 }
 387                 printk_debug("(cleaned up) New segment addr 0x%lx size 0x%lx offset 0x%lx filesize 0x%lx\n",
 388                         new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
 389                 break;
 390                 case PAYLOAD_SEGMENT_BSS:
 391                         printk_info("BSS %p/%d\n", (void *) ntohl((u32) segment->load_addr),
 392                                  ntohl(segment->mem_len));
 393                         new = malloc(sizeof(*new));
 394                         new->s_filesz = 0;
 395                         new->s_dstaddr = ntohl((u32) segment->load_addr);
 396                         new->s_memsz = ntohl(segment->mem_len);
 397
 398                         break;
 399
 400                 case PAYLOAD_SEGMENT_ENTRY:
 401                         printk_info("Entry %p\n", (void *) ntohl((u32) segment->load_addr));
 402                         *entry =  (void *) ntohl((u32) segment->load_addr);
 403                         return 1;
 404                 }
 405                 segment++;
 406                 for(ptr = head->next; ptr != head; ptr = ptr->next) {
 407                         if (new->s_srcaddr < ntohl((u32) segment->load_addr))
 408                                 break;
 409                 }
 410                 /* Order by stream offset */
 411                 new->next = ptr;
 412                 new->prev = ptr->prev;
 413                 ptr->prev->next = new;
 414                 ptr->prev = new;
 415                 /* Order by original program header order */
 416                 new->phdr_next = head;
 417                 new->phdr_prev = head->phdr_prev;
 418                 head->phdr_prev->phdr_next  = new;
 419                 head->phdr_prev = new;
 420
 421                 /* Verify the memory addresses in the segment are valid */
 422                 if (!valid_area(mem, bounce_buffer, new->s_dstaddr, new->s_memsz))
 423                         goto out;
 424
 425                 /* Modify the segment to load onto the bounce_buffer if necessary.
 426                  */
 427                 relocate_segment(bounce_buffer, new);
 428         }
 429         return 1;
 430  out:
 431         return 0;
 432 }
 433
 434 static int load_self_segments(
 435         struct segment *head, struct cbfs_payload *payload)
 436 {
 437         unsigned long offset;
 438         struct segment *ptr;
 439
 440         offset = 0;
 441         for(ptr = head->next; ptr != head; ptr = ptr->next) {
 442                 unsigned long skip_bytes, read_bytes;
 443                 unsigned char *dest, *middle, *end, *src;
 444                 byte_offset_t result;
 445                 printk_debug("Loading Segment: addr: 0x%016lx memsz: 0x%016lx filesz: 0x%016lx\n",
 446                         ptr->s_dstaddr, ptr->s_memsz, ptr->s_filesz);
 447
 448                 /* Compute the boundaries of the segment */
 449                 dest = (unsigned char *)(ptr->s_dstaddr);
 450                 end = dest + ptr->s_memsz;
 451                 middle = dest + ptr->s_filesz;
 452                 src = ptr->s_srcaddr;
 453                 printk_spew("[ 0x%016lx, %016lx, 0x%016lx) <- %016lx\n",
 454                         (unsigned long)dest,
 455                         (unsigned long)middle,
 456                         (unsigned long)end,
 457                         (unsigned long)src);
 458
 459                 /* Copy data from the initial buffer */
 460                 if (ptr->s_filesz) {
 461                         size_t len;
 462                         len = ptr->s_filesz;
 463                         memcpy(dest, src, len);
 464                         dest += len;
 465                 }
 466
 467                 /* Zero the extra bytes between middle & end */
 468                 if (middle < end) {
 469                         printk_debug("Clearing Segment: addr: 0x%016lx memsz: 0x%016lx\n",
 470                                 (unsigned long)middle, (unsigned long)(end - middle));
 471
 472                         /* Zero the extra bytes */
 473                         memset(middle, 0, end - middle);
 474                 }
 475         }
 476         return 1;
 477  out:
 478         return 0;
 479 }
 480
 481 int selfboot(struct lb_memory *mem, struct cbfs_payload *payload)
 482 {
 483         void *entry;
 484         struct segment head;
 485         unsigned long bounce_buffer;
 486
 487         /* Find a bounce buffer so I can load to coreboot's current location */
 488         bounce_buffer = get_bounce_buffer(mem);
 489         if (!bounce_buffer) {
 490                 printk_err("Could not find a bounce buffer...\n");
 491                 goto out;
 492         }
 493
 494         /* Preprocess the self segments */
 495         if (!build_self_segment_list(&head, bounce_buffer, mem, payload, &entry))
 496                 goto out;
 497
 498         /* Load the segments */
 499         if (!load_self_segments(&head, payload))
 500                 goto out;
 501
 502         printk_spew("Loaded segments\n");
 503
 504         /* Reset to booting from this image as late as possible */
 505         boot_successful();
 506
 507         printk_debug("Jumping to boot code at %p\n", entry);
 508         post_code(0xfe);
 509
 510         /* Jump to kernel */
 511         jmp_to_elf_entry(entry, bounce_buffer);
 512         return 1;
 513
 514  out:
 515         return 0;
 516 }
 517