From patchwork Mon Dec 28 12:24:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 352613 Delivered-To: patch@linaro.org Received: by 2002:a02:85a7:0:0:0:0:0 with SMTP id d36csp9706049jai; Mon, 28 Dec 2020 04:25:25 -0800 (PST) X-Google-Smtp-Source: ABdhPJyYbjb+kBoZZB4MfpaGoWESHujHJDz6NAJVFf48ggdm8XOqGe4RINFsa8WODZLb5VJRcLN7 X-Received: by 2002:a17:906:f9da:: with SMTP id lj26mr40439127ejb.467.1609158325290; Mon, 28 Dec 2020 04:25:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609158325; cv=none; d=google.com; s=arc-20160816; b=eZkBOJ3uKgkZ5t9jd8rswpSfaCNgwJnuEok8YR11Gj/tZh3FyFIuvOEVIt3EyAAmKx jsZKHsU7KojEzbUNB/iWYO41B0E4VeED+odEkGpXIkeU//aUkeFwRB/r/xeRZpHzKuwN Pocmv8DtQxnx+L0pmihBOKDIMXYSXTtnPXF5wLwnumHpOOicIoJB0n6pT/QY2H5zFUzs Wz19Qh29pfb3OJ/9NmvkJSHRANoQVOIaSUp0wD0/v3lxAWZ/R2sfZol1qmkwlAELM/b9 9XhaDejKATCUgI8od3qhvXO2Jywka4AgjEBPvNeMVNTpjuBJae2jIn0AzzFZBFZTc1ps VIsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=4a46bwnsrQkOkqJ3spx6VV0iU619VGKCfjwSSYJZe0k=; b=X9gOi+m/mdyedazi+Az0Cr0NV15F6Llb3J5MCVp3YP9JkpFxg846jwmiUopmYbRKT/ CnQGcow3sFyltPLpb3UsqXsutPcmiWjDpJK5LGqT1KvNjnjpj5FuMrkFLpReRY44FXaU c8XTF0nH+s6kfR7hLNLi7Cedmlen99UwQhc9q4ioeOsYgUgpZce4P3OqS6K+kl8Q0L1N RIKagcaVM+9NPsuz2aWjIdSatuBrPNihiBCAweg+pxS3+N8i+Z+Z6DUK+MsJbpNfB2tW Zo3LMGM/j230mkH01Ov7fX1hU3fznbjsI4bwcSfDIJp8uFlzuzhAtbFv2vvZifBVmns1 DoSA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=qEUmTnP0; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id h14si18043752eji.737.2020.12.28.04.25.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Dec 2020 04:25:25 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=qEUmTnP0; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E89C8823D3; Mon, 28 Dec 2020 13:25:11 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="qEUmTnP0"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id DE09D8253F; Mon, 28 Dec 2020 13:24:56 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A00AC8232D for ; Mon, 28 Dec 2020 13:24:51 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wr1-x432.google.com with SMTP id d13so11139643wrc.13 for ; Mon, 28 Dec 2020 04:24:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4a46bwnsrQkOkqJ3spx6VV0iU619VGKCfjwSSYJZe0k=; b=qEUmTnP0PoSoLvBJFtpwb/G3ZS2NxlYnZtjVXLLWEOhVZMCQ9MxI0YrAOzLRCVyVJp pAykqChmTErySXd4oyCqTUdw7Bw6V2ufyTC3P86m+NQrVR/2TDq91FxV6bXqJPagIMHx 892t3QT06L/jZBuhvpJrT4PLWkoItMEBe4dCUKyTP2LWR+//6Du+/2IAt4WD3qXrvgMp SfR5dg1Ip405x0/AiLuAmJiPDFloTVlwUJUlAEMBKX6OwPsrZ4aRBr2J+O4WMWd+HyjD t8RHirRkT2t/1FxQewgGnTKNprCNLwqqwMjr/jitPJtOlqMw+yk7kjF71KZjDbo/ogFk JM0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4a46bwnsrQkOkqJ3spx6VV0iU619VGKCfjwSSYJZe0k=; b=P6dAy67tcGyNcBCxE2ZD8zT0JNTLxZL6fSNRiVx/B1EHBBVMyiRHBfj3k3W2Kcpe2X 9mtkdkDpYuKbtA/oa+9EgRF8Mg0iRLoM7uEeIltrFZhzcVrKRIxAxeXyE9yimPS7FtBF ul9NEKn1OIyU+Wi/Cn5UrqMhE9eYqTGyiwXoCNcij8ECSufvjxs2ainNWGHG4gHT96nI hrdTOZ8i4frrNLNzP45BpXu472VClqn3cQWfThJbAKaLj/SmgUVh2NkKwlOiaccOwwkJ sERPBh0gkbemnoNRBJtg3C60mJUaE0axJ9KNWmHE33yJpKuxULVJwB17XCzyCq7J8AD9 CCuQ== X-Gm-Message-State: AOAM530prmnYFvJ6UWT+PwC7cb80PdAgpRGmkOF9XYfL+cj8dc55OYVl lTj7pmlDT92QPN9wXI26J5TAOw== X-Received: by 2002:a5d:6045:: with SMTP id j5mr49157752wrt.223.1609158291205; Mon, 28 Dec 2020 04:24:51 -0800 (PST) Received: from localhost.localdomain (athedsl-4484548.home.otenet.gr. [94.71.57.204]) by smtp.gmail.com with ESMTPSA id w21sm18710321wmi.45.2020.12.28.04.24.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Dec 2020 04:24:50 -0800 (PST) From: Ilias Apalodimas To: xypron.glpk@gmx.de Cc: takahiro.akashi@linaro.org, ard.biesheuvel@arm.com, Ilias Apalodimas , Alexander Graf , u-boot@lists.denx.de Subject: [PATCH 3/6] efi_loader: Replace config option with EFI variable for initrd loading Date: Mon, 28 Dec 2020 14:24:35 +0200 Message-Id: <20201228122440.316403-4-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.30.0.rc2 In-Reply-To: <20201228122440.316403-1-ilias.apalodimas@linaro.org> References: <20201228122440.316403-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.3 at phobos.denx.de X-Virus-Status: Clean Up to now we register EFI_LOAD_FILE2_PROTOCOL to load an initrd unconditionally. Although we correctly return various EFI return codes depending on the file status (i.e EFI_NO_MEDIA, EFI_NOT_FOUND etc), the kernel loader, only falls back to the cmdline interpreted initrd if the protocol is not registered. This creates a problem for EFI installers, since they won't be able to load their own initrd and continue the installation. So let's introduce a different logic that will decopouple the initrd path from the config option we currently support. When the EFI application is launched through the bootmgr, we'll try to match the BootCurrent value to an Initrd#### EFI variable. i.e Boot0000 -> Initrd0000, Boot0010 -> Initrd0010 etc. The Initrd#### EFI variable is expected to include the full file path, i.e 'mmc 0:1 initrd'. If the file is found, we'll register the appropriate protocol so the kernel's efi-stub load our initrd. If the file is not found the kernel will still try to load an initrd parsing the kernel cmdline, since the protocol won't be registered. This opens up another path using U-Boot and defines a new boot flow. A user will be able to control the kernel/initrd pairs without explicit cmdline args or GRUB. So we can base the whole boot flow on the Boot#### and Initrd#### paired values. Suggested-by: Heinrich Schuchardt Signed-off-by: Ilias Apalodimas --- lib/efi_loader/Kconfig | 12 ++--- lib/efi_loader/Makefile | 2 +- lib/efi_loader/efi_bootmgr.c | 6 ++- lib/efi_loader/efi_load_initrd.c | 86 +++++++++----------------------- 4 files changed, 33 insertions(+), 73 deletions(-) -- 2.30.0.rc2 diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index dd8b93bd3c5a..eca24e82b8b1 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -212,14 +212,10 @@ config EFI_LOAD_FILE2_INITRD help Expose a EFI_FILE_LOAD2_PROTOCOL that the Linux UEFI stub can use to load the initial ramdisk. Once this is enabled using - initrd= will stop working. - -config EFI_INITRD_FILESPEC - string "initramfs path" - default "host 0:1 initrd" - depends on EFI_LOAD_FILE2_INITRD - help - Full path of the initramfs file, e.g. mmc 0:2 initramfs.cpio.gz. + initrd= will stop working. The protocol will only be + registered if bootmgr is used and the file is found on the defined + path. A boot entry of Boot0001 will try to match Initrd0001 and use + it. Initrd format 'mmc 0:1 ' config EFI_SECURE_BOOT bool "Enable EFI secure boot support" diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile index cd4b252a417c..793e5b7f8730 100644 --- a/lib/efi_loader/Makefile +++ b/lib/efi_loader/Makefile @@ -54,7 +54,7 @@ obj-$(CONFIG_GENERATE_ACPI_TABLE) += efi_acpi.o obj-$(CONFIG_GENERATE_SMBIOS_TABLE) += efi_smbios.o obj-$(CONFIG_EFI_RNG_PROTOCOL) += efi_rng.o obj-$(CONFIG_EFI_TCG2_PROTOCOL) += efi_tcg2.o -obj-$(CONFIG_EFI_LOAD_FILE2_INITRD) += efi_load_initrd.o +obj-$(CONFIG_EFI_LOAD_FILE2_INITRD) += efi_helper.o efi_load_initrd.o obj-y += efi_signature.o EFI_VAR_SEED_FILE := $(subst $\",,$(CONFIG_EFI_VAR_SEED_FILE)) diff --git a/lib/efi_loader/efi_bootmgr.c b/lib/efi_loader/efi_bootmgr.c index 61dc72a23da8..ceca5c5b1bf3 100644 --- a/lib/efi_loader/efi_bootmgr.c +++ b/lib/efi_loader/efi_bootmgr.c @@ -12,6 +12,7 @@ #include #include #include +#include #include #include @@ -348,8 +349,11 @@ efi_status_t efi_bootmgr_load(efi_handle_t *handle, void **load_options) log_debug("%s trying to load Boot%04X\n", __func__, bootorder[i]); ret = try_load_entry(bootorder[i], handle, load_options); - if (ret == EFI_SUCCESS) + if (ret == EFI_SUCCESS) { + if (IS_ENABLED(CONFIG_EFI_LOAD_FILE2_INITRD)) + ret = efi_initrd_register(); break; + } } free(bootorder); diff --git a/lib/efi_loader/efi_load_initrd.c b/lib/efi_loader/efi_load_initrd.c index d517d686c330..984fea1bd679 100644 --- a/lib/efi_loader/efi_load_initrd.c +++ b/lib/efi_loader/efi_load_initrd.c @@ -10,7 +10,9 @@ #include #include #include +#include #include +#include static const efi_guid_t efi_guid_load_file2_protocol = EFI_LOAD_FILE2_PROTOCOL_GUID; @@ -45,40 +47,7 @@ static const struct efi_initrd_dp dp = { }; /** - * get_file_size() - retrieve the size of initramfs, set efi status on error - * - * @dev: device to read from, e.g. "mmc" - * @part: device partition, e.g. "0:1" - * @file: name of file - * @status: EFI exit code in case of failure - * - * Return: size of file - */ -static loff_t get_file_size(const char *dev, const char *part, const char *file, - efi_status_t *status) -{ - loff_t sz = 0; - int ret; - - ret = fs_set_blk_dev(dev, part, FS_TYPE_ANY); - if (ret) { - *status = EFI_NO_MEDIA; - goto out; - } - - ret = fs_size(file, &sz); - if (ret) { - sz = 0; - *status = EFI_NOT_FOUND; - goto out; - } - -out: - return sz; -} - -/** - * efi_load_file2initrd() - load initial RAM disk + * efi_load_file2_initrd() - load initial RAM disk * * This function implements the LoadFile service of the EFI_LOAD_FILE2_PROTOCOL * in order to load an initial RAM disk requested by the Linux kernel stub. @@ -98,21 +67,14 @@ efi_load_file2_initrd(struct efi_load_file_protocol *this, struct efi_device_path *file_path, bool boot_policy, efi_uintn_t *buffer_size, void *buffer) { - char *filespec; efi_status_t status = EFI_NOT_FOUND; loff_t file_sz = 0, read_sz = 0; - char *dev, *part, *file; - char *pos; int ret; + struct load_file_info info; EFI_ENTRY("%p, %p, %d, %p, %p", this, file_path, boot_policy, buffer_size, buffer); - filespec = strdup(CONFIG_EFI_INITRD_FILESPEC); - if (!filespec) - goto out; - pos = filespec; - if (!this || this != &efi_lf2_protocol || !buffer_size) { status = EFI_INVALID_PARAMETER; @@ -130,24 +92,11 @@ efi_load_file2_initrd(struct efi_load_file_protocol *this, goto out; } - /* - * expect a string with three space separated parts: - * - * * a block device type, e.g. "mmc" - * * a device and partition identifier, e.g. "0:1" - * * a file path on the block device, e.g. "/boot/initrd.cpio.gz" - */ - dev = strsep(&pos, " "); - if (!dev) - goto out; - part = strsep(&pos, " "); - if (!part) - goto out; - file = strsep(&pos, " "); - if (!file) + status = efi_get_fp_from_var(L"Initrd####", 6, &info); + if (status != EFI_SUCCESS) goto out; - file_sz = get_file_size(dev, part, file, &status); + file_sz = get_file_size(&info, &status); if (!file_sz) goto out; @@ -155,23 +104,25 @@ efi_load_file2_initrd(struct efi_load_file_protocol *this, status = EFI_BUFFER_TOO_SMALL; *buffer_size = file_sz; } else { - ret = fs_set_blk_dev(dev, part, FS_TYPE_ANY); + ret = fs_set_blk_dev(info.dev, info.part, + FS_TYPE_ANY); if (ret) { status = EFI_NO_MEDIA; goto out; } - ret = fs_read(file, map_to_sysmem(buffer), 0, *buffer_size, - &read_sz); - if (ret || read_sz != file_sz) + ret = fs_read(info.filename, map_to_sysmem(buffer), 0, + *buffer_size, &read_sz); + if (ret || read_sz != file_sz) { + status = EFI_DEVICE_ERROR; goto out; + } *buffer_size = read_sz; status = EFI_SUCCESS; } out: - free(filespec); return EFI_EXIT(status); } @@ -189,6 +140,15 @@ efi_status_t efi_initrd_register(void) { efi_handle_t efi_initrd_handle = NULL; efi_status_t ret; + struct load_file_info info; + + ret = efi_get_fp_from_var(L"Initrd####", 6, &info); + /* + * Don't fail here. If we don't register the protocol the efi-stub will + * try to load and initrd parsing the kernel cmdline + */ + if (ret != EFI_SUCCESS) + return EFI_SUCCESS; ret = EFI_CALL(efi_install_multiple_protocol_interfaces (&efi_initrd_handle,