src/boot/selfboot.c

   1 /*
   2  * This file is part of the coreboot project.
   3  *
   4  * Copyright (C) 2003 Eric W. Biederman <ebiederm@xmission.com>
   5  * Copyright (C) 2009 Ron Minnich <rminnich@gmail.com>
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; version 2 of the License.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA, 02110-1301 USA
  19  */
  20
  21 #include <console/console.h>
  22 #include <part/fallback_boot.h>
  23 #include <boot/elf.h>
  24 #include <boot/elf_boot.h>
  25 #include <boot/coreboot_tables.h>
  26 #include <ip_checksum.h>
  27 #include <stream/read_bytes.h>
  28 #include <stdint.h>
  29 #include <stdlib.h>
  30 #include <string.h>
  31 #include <cbfs.h>
  32
  33 #ifndef CONFIG_BIG_ENDIAN
  34 #define ntohl(x) ( ((x&0xff)<<24) | ((x&0xff00)<<8) | \
  35                 ((x&0xff0000) >> 8) | ((x&0xff000000) >> 24) )
  36 #else
  37 #define ntohl(x) (x)
  38 #endif
  39
  40 /* Maximum physical address we can use for the coreboot bounce buffer.
  41  */
  42 #ifndef MAX_ADDR
  43 #define MAX_ADDR -1UL
  44 #endif
  45
  46 extern unsigned char _ram_seg;
  47 extern unsigned char _eram_seg;
  48
  49 struct segment {
  50         struct segment *next;
  51         struct segment *prev;
  52         struct segment *phdr_next;
  53         struct segment *phdr_prev;
  54         unsigned long s_dstaddr;
  55         unsigned long s_srcaddr;
  56         unsigned long s_memsz;
  57         unsigned long s_filesz;
  58 };
  59
  60 struct verify_callback {
  61         struct verify_callback *next;
  62         int (*callback)(struct verify_callback *vcb,
  63                 Elf_ehdr *ehdr, Elf_phdr *phdr, struct segment *head);
  64         unsigned long desc_offset;
  65         unsigned long desc_addr;
  66 };
  67
  68 struct ip_checksum_vcb {
  69         struct verify_callback data;
  70         unsigned short ip_checksum;
  71 };
  72
  73 int cbfs_self_decompress(int algo, void *src,struct segment *new)
  74 {
  75         u8 *dst;
  76
  77         /* for uncompressed, it's easy: just point at the area in ROM */
  78         if (algo ==  CBFS_COMPRESS_NONE) {
  79                 new->s_srcaddr = (u32) src;
  80                 new->s_filesz =  new->s_memsz;
  81                 return 0;
  82         }
  83
  84         /* for compression, let's keep it simple. We'll malloc the destination
  85          * area and decompress to there. The compression overhead far outweighs
  86          * any overhead for an extra copy.
  87          */
  88         dst = malloc(new->s_memsz);
  89         if (! dst)
  90                 return -1;
  91
  92         switch(algo) {
  93 #ifdef CONFIG_COMPRESSION_LZMA
  94         case CBFS_COMPRESS_LZMA: {
  95                 unsigned long ulzma(unsigned char *src, unsigned char *dst);
  96                 ulzma(src, dst);
  97                 break;
  98         }
  99 #endif
 100
 101 #ifdef CONFIG_COMPRESSION_NRV2B
 102         case CBFS_COMPRESS_NRV2B: {
 103                 unsigned long unrv2b(u8 *src, u8 *dst, unsigned long *ilen_p);
 104                 unsigned long tmp;
 105                 unrv2b(src, dst, &tmp);
 106                 break;
 107         }
 108 #endif
 109         default:
 110                 printk_info( "CBFS:  Unknown compression type %d\n",
 111                        algo);
 112                 return -1;
 113         }
 114
 115         new->s_srcaddr = (u32) dst;
 116         new->s_filesz =  new->s_memsz;
 117         return 0;
 118
 119 }
 120
 121 /* The problem:
 122  * Static executables all want to share the same addresses
 123  * in memory because only a few addresses are reliably present on
 124  * a machine, and implementing general relocation is hard.
 125  *
 126  * The solution:
 127  * - Allocate a buffer twice the size of the coreboot image.
 128  * - Anything that would overwrite coreboot copy into the lower half of
 129  *   the buffer.
 130  * - After loading an ELF image copy coreboot to the upper half of the
 131  *   buffer.
 132  * - Then jump to the loaded image.
 133  *
 134  * Benefits:
 135  * - Nearly arbitrary standalone executables can be loaded.
 136  * - Coreboot is preserved, so it can be returned to.
 137  * - The implementation is still relatively simple,
 138  *   and much simpler then the general case implemented in kexec.
 139  *
 140  */
 141
 142 static unsigned long get_bounce_buffer(struct lb_memory *mem)
 143 {
 144         unsigned long lb_size;
 145         unsigned long mem_entries;
 146         unsigned long buffer;
 147         int i;
 148         lb_size = (unsigned long)(&_eram_seg - &_ram_seg);
 149         /* Double coreboot size so I have somewhere to place a copy to return to */
 150         lb_size = lb_size + lb_size;
 151         mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
 152         buffer = 0;
 153         for(i = 0; i < mem_entries; i++) {
 154                 unsigned long mstart, mend;
 155                 unsigned long msize;
 156                 unsigned long tbuffer;
 157                 if (mem->map[i].type != LB_MEM_RAM)
 158                         continue;
 159                 if (unpack_lb64(mem->map[i].start) > MAX_ADDR)
 160                         continue;
 161                 if (unpack_lb64(mem->map[i].size) < lb_size)
 162                         continue;
 163                 mstart = unpack_lb64(mem->map[i].start);
 164                 msize = MAX_ADDR - mstart +1;
 165                 if (msize > unpack_lb64(mem->map[i].size))
 166                         msize = unpack_lb64(mem->map[i].size);
 167                 mend = mstart + msize;
 168                 tbuffer = mend - lb_size;
 169                 if (tbuffer < buffer)
 170                         continue;
 171                 buffer = tbuffer;
 172         }
 173         return buffer;
 174 }
 175
 176 static int valid_area(struct lb_memory *mem, unsigned long buffer,
 177         unsigned long start, unsigned long len)
 178 {
 179         /* Check through all of the memory segments and ensure
 180          * the segment that was passed in is completely contained
 181          * in RAM.
 182          */
 183         int i;
 184         unsigned long end = start + len;
 185         unsigned long mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
 186
 187         /* See if I conflict with the bounce buffer */
 188         if (end >= buffer) {
 189                 return 0;
 190         }
 191
 192         /* Walk through the table of valid memory ranges and see if I
 193          * have a match.
 194          */
 195         for(i = 0; i < mem_entries; i++) {
 196                 uint64_t mstart, mend;
 197                 uint32_t mtype;
 198                 mtype = mem->map[i].type;
 199                 mstart = unpack_lb64(mem->map[i].start);
 200                 mend = mstart + unpack_lb64(mem->map[i].size);
 201                 if ((mtype == LB_MEM_RAM) && (start < mend) && (end > mstart)) {
 202                         break;
 203                 }
 204                 if ((mtype == LB_MEM_TABLE) && (start < mend) && (end > mstart)) {
 205                         printk_err("Payload is overwriting Coreboot tables.\n");
 206                         break;
 207                 }
 208         }
 209         if (i == mem_entries) {
 210                 printk_err("No matching ram area found for range:\n");
 211                 printk_err("  [0x%016lx, 0x%016lx)\n", start, end);
 212                 printk_err("Ram areas\n");
 213                 for(i = 0; i < mem_entries; i++) {
 214                         uint64_t mstart, mend;
 215                         uint32_t mtype;
 216                         mtype = mem->map[i].type;
 217                         mstart = unpack_lb64(mem->map[i].start);
 218                         mend = mstart + unpack_lb64(mem->map[i].size);
 219                         printk_err("  [0x%016lx, 0x%016lx) %s\n",
 220                                 (unsigned long)mstart,
 221                                 (unsigned long)mend,
 222                                 (mtype == LB_MEM_RAM)?"RAM":"Reserved");
 223
 224                 }
 225                 return 0;
 226         }
 227         return 1;
 228 }
 229
 230 static void relocate_segment(unsigned long buffer, struct segment *seg)
 231 {
 232         /* Modify all segments that want to load onto coreboot
 233          * to load onto the bounce buffer instead.
 234          */
 235         unsigned long lb_start = (unsigned long)&_ram_seg;
 236         unsigned long lb_end = (unsigned long)&_eram_seg;
 237         unsigned long start, middle, end;
 238
 239         printk_spew("lb: [0x%016lx, 0x%016lx)\n",
 240                 lb_start, lb_end);
 241
 242         start = seg->s_dstaddr;
 243         middle = start + seg->s_filesz;
 244         end = start + seg->s_memsz;
 245         /* I don't conflict with coreboot so get out of here */
 246         if ((end <= lb_start) || (start >= lb_end))
 247                 return;
 248
 249         printk_spew("segment: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 250                 start, middle, end);
 251
 252         /* Slice off a piece at the beginning
 253          * that doesn't conflict with coreboot.
 254          */
 255         if (start < lb_start) {
 256                 struct segment *new;
 257                 unsigned long len = lb_start - start;
 258                 new = malloc(sizeof(*new));
 259                 *new = *seg;
 260                 new->s_memsz = len;
 261                 seg->s_memsz -= len;
 262                 seg->s_dstaddr += len;
 263                 seg->s_srcaddr += len;
 264                 if (seg->s_filesz > len) {
 265                         new->s_filesz = len;
 266                         seg->s_filesz -= len;
 267                 } else {
 268                         seg->s_filesz = 0;
 269                 }
 270
 271                 /* Order by stream offset */
 272                 new->next = seg;
 273                 new->prev = seg->prev;
 274                 seg->prev->next = new;
 275                 seg->prev = new;
 276                 /* Order by original program header order */
 277                 new->phdr_next = seg;
 278                 new->phdr_prev = seg->phdr_prev;
 279                 seg->phdr_prev->phdr_next = new;
 280                 seg->phdr_prev = new;
 281
 282                 /* compute the new value of start */
 283                 start = seg->s_dstaddr;
 284
 285                 printk_spew("   early: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 286                         new->s_dstaddr,
 287                         new->s_dstaddr + new->s_filesz,
 288                         new->s_dstaddr + new->s_memsz);
 289         }
 290
 291         /* Slice off a piece at the end
 292          * that doesn't conflict with coreboot
 293          */
 294         if (end > lb_end) {
 295                 unsigned long len = lb_end - start;
 296                 struct segment *new;
 297                 new = malloc(sizeof(*new));
 298                 *new = *seg;
 299                 seg->s_memsz = len;
 300                 new->s_memsz -= len;
 301                 new->s_dstaddr += len;
 302                 new->s_srcaddr += len;
 303                 if (seg->s_filesz > len) {
 304                         seg->s_filesz = len;
 305                         new->s_filesz -= len;
 306                 } else {
 307                         new->s_filesz = 0;
 308                 }
 309                 /* Order by stream offset */
 310                 new->next = seg->next;
 311                 new->prev = seg;
 312                 seg->next->prev = new;
 313                 seg->next = new;
 314                 /* Order by original program header order */
 315                 new->phdr_next = seg->phdr_next;
 316                 new->phdr_prev = seg;
 317                 seg->phdr_next->phdr_prev = new;
 318                 seg->phdr_next = new;
 319
 320                 /* compute the new value of end */
 321                 end = start + len;
 322
 323                 printk_spew("   late: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 324                         new->s_dstaddr,
 325                         new->s_dstaddr + new->s_filesz,
 326                         new->s_dstaddr + new->s_memsz);
 327
 328         }
 329         /* Now retarget this segment onto the bounce buffer */
 330         /* sort of explanation: the buffer is a 1:1 mapping to coreboot.
 331          * so you will make the dstaddr be this buffer, and it will get copied
 332          * later to where coreboot lives.
 333          */
 334         seg->s_dstaddr = buffer + (seg->s_dstaddr - lb_start);
 335
 336         printk_spew(" bounce: [0x%016lx, 0x%016lx, 0x%016lx)\n",
 337                 seg->s_dstaddr,
 338                 seg->s_dstaddr + seg->s_filesz,
 339                 seg->s_dstaddr + seg->s_memsz);
 340 }
 341
 342
 343 static int build_self_segment_list(
 344         struct segment *head,
 345         unsigned long bounce_buffer, struct lb_memory *mem,
 346         struct cbfs_payload *payload, u32 *entry)
 347 {
 348         struct segment *new;
 349         struct segment *ptr;
 350         u8 *data;
 351         int datasize;
 352         struct cbfs_payload_segment *segment, *first_segment;
 353         memset(head, 0, sizeof(*head));
 354         head->phdr_next = head->phdr_prev = head;
 355         head->next = head->prev = head;
 356         first_segment = segment = &payload->segments;
 357
 358         while(1) {
 359                 printk_debug("Segment %p\n", segment);
 360                 switch(segment->type) {
 361                 default: printk_emerg("Bad segment type %x\n", segment->type);
 362                         return -1;
 363                 case PAYLOAD_SEGMENT_PARAMS:
 364                         printk_info("found param section\n");
 365                         segment++;
 366                         continue;
 367                 case PAYLOAD_SEGMENT_CODE:
 368                 case PAYLOAD_SEGMENT_DATA:
 369                         printk_info( "%s: ", segment->type == PAYLOAD_SEGMENT_CODE ?
 370                                 "code" : "data");
 371                 new = malloc(sizeof(*new));
 372                 new->s_dstaddr = ntohl((u32) segment->load_addr);
 373                 new->s_memsz = ntohl(segment->mem_len);
 374
 375                 datasize = ntohl(segment->len);
 376                 /* figure out decompression, do it, get pointer to the area */
 377                 if (cbfs_self_decompress(ntohl(segment->compression),
 378                                              ((unsigned char *) first_segment) +
 379                                              ntohl(segment->offset), new)) {
 380                         printk_emerg("cbfs_self_decompress failed\n");
 381                         return;
 382                 }
 383                 printk_debug("New segment dstaddr 0x%lx memsize 0x%lx srcaddr 0x%lx filesize 0x%lx\n",
 384                         new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
 385                 /* Clean up the values */
 386                 if (new->s_filesz > new->s_memsz)  {
 387                         new->s_filesz = new->s_memsz;
 388                 }
 389                 printk_debug("(cleaned up) New segment addr 0x%lx size 0x%lx offset 0x%lx filesize 0x%lx\n",
 390                         new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
 391                 break;
 392                 case PAYLOAD_SEGMENT_BSS:
 393                         printk_info("BSS %p/%d\n", (void *) ntohl((u32) segment->load_addr),
 394                                  ntohl(segment->mem_len));
 395                         new = malloc(sizeof(*new));
 396                         new->s_filesz = 0;
 397                         new->s_dstaddr = ntohl((u32) segment->load_addr);
 398                         new->s_memsz = ntohl(segment->mem_len);
 399
 400                         break;
 401
 402                 case PAYLOAD_SEGMENT_ENTRY:
 403                         printk_info("Entry %p\n", (void *) ntohl((u32) segment->load_addr));
 404                         *entry =  (void *) ntohl((u32) segment->load_addr);
 405                         return 1;
 406                 }
 407                 segment++;
 408                 for(ptr = head->next; ptr != head; ptr = ptr->next) {
 409                         if (new->s_srcaddr < ntohl((u32) segment->load_addr))
 410                                 break;
 411                 }
 412                 /* Order by stream offset */
 413                 new->next = ptr;
 414                 new->prev = ptr->prev;
 415                 ptr->prev->next = new;
 416                 ptr->prev = new;
 417                 /* Order by original program header order */
 418                 new->phdr_next = head;
 419                 new->phdr_prev = head->phdr_prev;
 420                 head->phdr_prev->phdr_next  = new;
 421                 head->phdr_prev = new;
 422
 423                 /* Verify the memory addresses in the segment are valid */
 424                 if (!valid_area(mem, bounce_buffer, new->s_dstaddr, new->s_memsz))
 425                         goto out;
 426
 427                 /* Modify the segment to load onto the bounce_buffer if necessary.
 428                  */
 429                 relocate_segment(bounce_buffer, new);
 430         }
 431         return 1;
 432  out:
 433         return 0;
 434 }
 435
 436 static int load_self_segments(
 437         struct segment *head, struct cbfs_payload *payload)
 438 {
 439         unsigned long offset;
 440         struct segment *ptr;
 441
 442         offset = 0;
 443         for(ptr = head->next; ptr != head; ptr = ptr->next) {
 444                 unsigned long skip_bytes, read_bytes;
 445                 unsigned char *dest, *middle, *end, *src;
 446                 byte_offset_t result;
 447                 printk_debug("Loading Segment: addr: 0x%016lx memsz: 0x%016lx filesz: 0x%016lx\n",
 448                         ptr->s_dstaddr, ptr->s_memsz, ptr->s_filesz);
 449
 450                 /* Compute the boundaries of the segment */
 451                 dest = (unsigned char *)(ptr->s_dstaddr);
 452                 end = dest + ptr->s_memsz;
 453                 middle = dest + ptr->s_filesz;
 454                 src = ptr->s_srcaddr;
 455                 printk_spew("[ 0x%016lx, %016lx, 0x%016lx) <- %016lx\n",
 456                         (unsigned long)dest,
 457                         (unsigned long)middle,
 458                         (unsigned long)end,
 459                         (unsigned long)src);
 460
 461                 /* Copy data from the initial buffer */
 462                 if (ptr->s_filesz) {
 463                         size_t len;
 464                         len = ptr->s_filesz;
 465                         memcpy(dest, src, len);
 466                         dest += len;
 467                 }
 468
 469                 /* Zero the extra bytes between middle & end */
 470                 if (middle < end) {
 471                         printk_debug("Clearing Segment: addr: 0x%016lx memsz: 0x%016lx\n",
 472                                 (unsigned long)middle, (unsigned long)(end - middle));
 473
 474                         /* Zero the extra bytes */
 475                         memset(middle, 0, end - middle);
 476                 }
 477         }
 478         return 1;
 479  out:
 480         return 0;
 481 }
 482
 483 int selfboot(struct lb_memory *mem, struct cbfs_payload *payload)
 484 {
 485         void *entry;
 486         struct segment head;
 487         unsigned long bounce_buffer;
 488
 489         /* Find a bounce buffer so I can load to coreboot's current location */
 490         bounce_buffer = get_bounce_buffer(mem);
 491         if (!bounce_buffer) {
 492                 printk_err("Could not find a bounce buffer...\n");
 493                 goto out;
 494         }
 495
 496         /* Preprocess the self segments */
 497         if (!build_self_segment_list(&head, bounce_buffer, mem, payload, &entry))
 498                 goto out;
 499
 500         /* Load the segments */
 501         if (!load_self_segments(&head, payload))
 502                 goto out;
 503
 504         printk_spew("Loaded segments\n");
 505
 506         /* Reset to booting from this image as late as possible */
 507         boot_successful();
 508
 509         printk_debug("Jumping to boot code at %p\n", entry);
 510         post_code(0xfe);
 511
 512         /* Jump to kernel */
 513         jmp_to_elf_entry(entry, bounce_buffer);
 514         return 1;
 515
 516  out:
 517         return 0;
 518 }
 519