Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / shift / mainline / b72231eb708459ea9171eb21201a0701fb39adfb / . / arch / x86 / xen / efi.c
blob: 1fbb629a9d78fc6b402a1a8fa95ed4b81ebfe21f [file] [log] [blame]
Juergen Gross901d2092018-08-28 09:40:15 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]2/*
3 * Copyright (c) 2014 Oracle Co., Daniel Kiper
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]4 */
5
Daniel Kiper342cd342014-09-08 15:22:18 +0200[diff] [blame]6#include <linux/bitops.h>
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]7#include <linux/efi.h>
8#include <linux/init.h>
9#include <linux/string.h>
10
Shannon Zhaoa62ed502016-04-07 20:03:31 +0800[diff] [blame]11#include <xen/xen.h>
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]12#include <xen/xen-ops.h>
Shannon Zhaoa62ed502016-04-07 20:03:31 +0800[diff] [blame]13#include <xen/interface/platform.h>
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]14
Daniel Kiper342cd342014-09-08 15:22:18 +0200[diff] [blame]15#include <asm/page.h>
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]16#include <asm/setup.h>
Shannon Zhaoa62ed502016-04-07 20:03:31 +0800[diff] [blame]17#include <asm/xen/hypercall.h>
18
19static efi_char16_t vendor[100] __initdata;
20
21static efi_system_table_t efi_systab_xen __initdata = {
22 .hdr = {
23 .signature = EFI_SYSTEM_TABLE_SIGNATURE,
24 .revision = 0, /* Initialized later. */
25 .headersize = 0, /* Ignored by Linux Kernel. */
26 .crc32 = 0, /* Ignored by Linux Kernel. */
27 .reserved = 0
28 },
29 .fw_vendor = EFI_INVALID_TABLE_ADDR, /* Initialized later. */
30 .fw_revision = 0, /* Initialized later. */
31 .con_in_handle = EFI_INVALID_TABLE_ADDR, /* Not used under Xen. */
32 .con_in = EFI_INVALID_TABLE_ADDR, /* Not used under Xen. */
33 .con_out_handle = EFI_INVALID_TABLE_ADDR, /* Not used under Xen. */
34 .con_out = EFI_INVALID_TABLE_ADDR, /* Not used under Xen. */
35 .stderr_handle = EFI_INVALID_TABLE_ADDR, /* Not used under Xen. */
36 .stderr = EFI_INVALID_TABLE_ADDR, /* Not used under Xen. */
37 .runtime = (efi_runtime_services_t *)EFI_INVALID_TABLE_ADDR,
38 /* Not used under Xen. */
39 .boottime = (efi_boot_services_t *)EFI_INVALID_TABLE_ADDR,
40 /* Not used under Xen. */
41 .nr_tables = 0, /* Initialized later. */
42 .tables = EFI_INVALID_TABLE_ADDR /* Initialized later. */
43};
44
Shannon Zhaoa62ed502016-04-07 20:03:31 +0800[diff] [blame]45static efi_system_table_t __init *xen_efi_probe(void)
46{
47 struct xen_platform_op op = {
48 .cmd = XENPF_firmware_info,
49 .u.firmware_info = {
50 .type = XEN_FW_EFI_INFO,
51 .index = XEN_FW_EFI_CONFIG_TABLE
52 }
53 };
54 union xenpf_efi_info *info = &op.u.firmware_info.u.efi_info;
55
56 if (!xen_initial_domain() || HYPERVISOR_platform_op(&op) < 0)
57 return NULL;
58
59 /* Here we know that Xen runs on EFI platform. */
60
Daniel Kiper6c644472017-06-22 12:51:37 +0200[diff] [blame]61 efi.get_time = xen_efi_get_time;
62 efi.set_time = xen_efi_set_time;
63 efi.get_wakeup_time = xen_efi_get_wakeup_time;
64 efi.set_wakeup_time = xen_efi_set_wakeup_time;
65 efi.get_variable = xen_efi_get_variable;
66 efi.get_next_variable = xen_efi_get_next_variable;
67 efi.set_variable = xen_efi_set_variable;
68 efi.query_variable_info = xen_efi_query_variable_info;
69 efi.update_capsule = xen_efi_update_capsule;
70 efi.query_capsule_caps = xen_efi_query_capsule_caps;
71 efi.get_next_high_mono_count = xen_efi_get_next_high_mono_count;
72 efi.reset_system = xen_efi_reset_system;
Shannon Zhaoa62ed502016-04-07 20:03:31 +0800[diff] [blame]73
74 efi_systab_xen.tables = info->cfg.addr;
75 efi_systab_xen.nr_tables = info->cfg.nent;
76
77 op.cmd = XENPF_firmware_info;
78 op.u.firmware_info.type = XEN_FW_EFI_INFO;
79 op.u.firmware_info.index = XEN_FW_EFI_VENDOR;
80 info->vendor.bufsz = sizeof(vendor);
81 set_xen_guest_handle(info->vendor.name, vendor);
82
83 if (HYPERVISOR_platform_op(&op) == 0) {
84 efi_systab_xen.fw_vendor = __pa_symbol(vendor);
85 efi_systab_xen.fw_revision = info->vendor.revision;
86 } else
87 efi_systab_xen.fw_vendor = __pa_symbol(L"UNKNOWN");
88
89 op.cmd = XENPF_firmware_info;
90 op.u.firmware_info.type = XEN_FW_EFI_INFO;
91 op.u.firmware_info.index = XEN_FW_EFI_VERSION;
92
93 if (HYPERVISOR_platform_op(&op) == 0)
94 efi_systab_xen.hdr.revision = info->version;
95
96 op.cmd = XENPF_firmware_info;
97 op.u.firmware_info.type = XEN_FW_EFI_INFO;
98 op.u.firmware_info.index = XEN_FW_EFI_RT_VERSION;
99
100 if (HYPERVISOR_platform_op(&op) == 0)
101 efi.runtime_version = info->version;
102
103 return &efi_systab_xen;
104}
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]105
Daniel Kipera7012bd2018-05-04 07:59:47 +0200[diff] [blame]106/*
107 * Determine whether we're in secure boot mode.
108 *
109 * Please keep the logic in sync with
110 * drivers/firmware/efi/libstub/secureboot.c:efi_get_secureboot().
111 */
112static enum efi_secureboot_mode xen_efi_get_secureboot(void)
113{
114 static efi_guid_t efi_variable_guid = EFI_GLOBAL_VARIABLE_GUID;
115 static efi_guid_t shim_guid = EFI_SHIM_LOCK_GUID;
116 efi_status_t status;
117 u8 moksbstate, secboot, setupmode;
118 unsigned long size;
119
120 size = sizeof(secboot);
121 status = efi.get_variable(L"SecureBoot", &efi_variable_guid,
122 NULL, &size, &secboot);
123
124 if (status == EFI_NOT_FOUND)
125 return efi_secureboot_mode_disabled;
126
127 if (status != EFI_SUCCESS)
128 goto out_efi_err;
129
130 size = sizeof(setupmode);
131 status = efi.get_variable(L"SetupMode", &efi_variable_guid,
132 NULL, &size, &setupmode);
133
134 if (status != EFI_SUCCESS)
135 goto out_efi_err;
136
137 if (secboot == 0 || setupmode == 1)
138 return efi_secureboot_mode_disabled;
139
140 /* See if a user has put the shim into insecure mode. */
141 size = sizeof(moksbstate);
142 status = efi.get_variable(L"MokSBStateRT", &shim_guid,
143 NULL, &size, &moksbstate);
144
145 /* If it fails, we don't care why. Default to secure. */
146 if (status != EFI_SUCCESS)
147 goto secure_boot_enabled;
148
149 if (moksbstate == 1)
150 return efi_secureboot_mode_disabled;
151
152 secure_boot_enabled:
153 pr_info("UEFI Secure Boot is enabled.\n");
154 return efi_secureboot_mode_enabled;
155
156 out_efi_err:
157 pr_err("Could not determine UEFI Secure Boot status.\n");
158 return efi_secureboot_mode_unknown;
159}
160
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]161void __init xen_efi_init(void)
162{
163 efi_system_table_t *efi_systab_xen;
164
165 efi_systab_xen = xen_efi_probe();
166
167 if (efi_systab_xen == NULL)
168 return;
169
170 strncpy((char *)&boot_params.efi_info.efi_loader_signature, "Xen",
171 sizeof(boot_params.efi_info.efi_loader_signature));
172 boot_params.efi_info.efi_systab = (__u32)__pa(efi_systab_xen);
173 boot_params.efi_info.efi_systab_hi = (__u32)(__pa(efi_systab_xen) >> 32);
174
Daniel Kipera7012bd2018-05-04 07:59:47 +0200[diff] [blame]175 boot_params.secure_boot = xen_efi_get_secureboot();
176
Daniel Kiperc7341d62014-07-12 23:09:48 +0200[diff] [blame]177 set_bit(EFI_BOOT, &efi.flags);
178 set_bit(EFI_PARAVIRT, &efi.flags);
179 set_bit(EFI_64BIT, &efi.flags);
180}