[RFC RESEND 1/2] efi: Add ESRT to the EFI system table
Heinrich Schuchardt
xypron.glpk at gmx.de
Thu Jan 28 16:29:57 CET 2021
On 28.01.21 14:29, Jose Marinho wrote:
> The ESRT is initialised during efi_init_objlist, after
> efi_initialize_system_table().
>
> In this commit, the ESRT occupies at most one page.
> During initialization, the list of all the already existing
> FMP instances is traversed in order to fill the corresponsing entries.
>
> Later, when any FMP is added, the corresponding ESRT entries are
> initialized as long as there is available entries in the table.
>
> Signed-off-by: Jose Marinho <jose.marinho at arm.com>
> CC: Heinrich Schuchardt <xypron.glpk at gmx.de>
> CC: Sughosh Ganu <sughosh.ganu at linaro.org>
> CC: AKASHI Takahiro <takahiro.akashi at linaro.org>
> CC: Andre Przywara <andre.przywara at arm.com>
> CC: Alexander Graf <agraf at csgraf.de>
> CC: nd at arm.com
> ---
> include/efi_api.h | 21 +++
> include/efi_loader.h | 22 +++
> lib/efi_loader/Makefile | 1 +
> lib/efi_loader/efi_boottime.c | 12 ++
> lib/efi_loader/efi_esrt.c | 294 ++++++++++++++++++++++++++++++++++
> lib/efi_loader/efi_setup.c | 4 +
> 6 files changed, 354 insertions(+)
> create mode 100644 lib/efi_loader/efi_esrt.c
>
> diff --git a/include/efi_api.h b/include/efi_api.h
> index 48e48a6263..f4a88603e9 100644
> --- a/include/efi_api.h
> +++ b/include/efi_api.h
> @@ -1722,6 +1722,23 @@ struct efi_load_file_protocol {
> void *buffer);
> };
>
> +struct efi_system_resource_entry {
> + efi_guid_t fw_class;
> + uint32_t fw_type;
> + uint32_t fw_version;
> + uint32_t lowest_supported_fw_version;
> + uint32_t capsule_flags;
> + uint32_t last_attempt_version;
> + uint32_t last_attempt_status;
> +} __attribute__((__packed__));
> +
> +struct efi_system_resource_table {
> + uint32_t fw_resource_count;
> + uint32_t fw_resource_count_max;
> + uint64_t fw_resource_version;
> + struct efi_system_resource_entry entries[];
> +} __attribute__((__packed__));
> +
> /* Boot manager load options */
> #define LOAD_OPTION_ACTIVE 0x00000001
> #define LOAD_OPTION_FORCE_RECONNECT 0x00000002
> @@ -1740,6 +1757,10 @@ struct efi_load_file_protocol {
> #define ESRT_FW_TYPE_DEVICEFIRMWARE 0x00000002
> #define ESRT_FW_TYPE_UEFIDRIVER 0x00000003
>
> +#define EFI_SYSTEM_RESOURCE_TABLE_GUID\
> + EFI_GUID(0xb122a263, 0x3661, 0x4f68,\
> + 0x99, 0x29, 0x78, 0xf8, 0xb0, 0xd6, 0x21, 0x80 )
Dear Joel,
thank you for addressing this missing piece in U-Boot.
Please, add the GUID to guid_list[] in cmd/efidebug.c.
> +
> /* Last Attempt Status Values */
> #define LAST_ATTEMPT_STATUS_SUCCESS 0x00000000
> #define LAST_ATTEMPT_STATUS_ERROR_UNSUCCESSFUL 0x00000001
> diff --git a/include/efi_loader.h b/include/efi_loader.h
> index f470bbd636..7b20ec1ad2 100644
> --- a/include/efi_loader.h
> +++ b/include/efi_loader.h
> @@ -884,4 +884,26 @@ static inline efi_status_t efi_launch_capsules(void)
>
> #endif /* CONFIG_IS_ENABLED(EFI_LOADER) */
>
> +/*
> + * Install the ESRT system table.
> + *
> + * @return status code
> + */
> +efi_status_t efi_esrt_register(void);
> +
> +/**
> + * esrt_add_from_fmp() - Populates a sequence of ESRT entries from the FW
> + * images in the FMP.
> + *
> + * @fmp: the fmp from which fw images are added to the ESRT
> + * @image_type: the type of the FW image in the ESRT entry
> + * @flags: the capsule flags to be set in the ESRT entry
> + *
> + * Return:
> + * - EFI_SUCCESS if all the FW images in the FMP are added to the ESRT
> + * - Error status otherwise
> + */
> +efi_status_t esrt_add_from_fmp(struct efi_firmware_management_protocol *fmp,
> + u32 image_type, u32 flags);
> +
> #endif /* _EFI_LOADER_H */
> diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile
> index 10b42e8847..dec791b310 100644
> --- a/lib/efi_loader/Makefile
> +++ b/lib/efi_loader/Makefile
> @@ -52,6 +52,7 @@ obj-y += efi_variable.o
> obj-$(CONFIG_EFI_VARIABLES_PRESEED) += efi_var_seed.o
> endif
> obj-y += efi_watchdog.o
> +obj-y += efi_esrt.o
> obj-$(CONFIG_LCD) += efi_gop.o
> obj-$(CONFIG_DM_VIDEO) += efi_gop.o
> obj-$(CONFIG_PARTITIONS) += efi_disk.o
> diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
> index ce658a8e73..8077b467c7 100644
> --- a/lib/efi_loader/efi_boottime.c
> +++ b/lib/efi_loader/efi_boottime.c
> @@ -1150,6 +1150,18 @@ efi_status_t efi_add_protocol(const efi_handle_t handle,
>
> if (!guidcmp(&efi_guid_device_path, protocol))
> EFI_PRINT("installed device path '%pD'\n", protocol_interface);
> +
> + if (!guidcmp(&efi_guid_firmware_management_protocol, protocol)) {
> + EFI_PRINT("installed FMP, updating ESRT entries\n");
> +
> + ret = esrt_add_from_fmp((struct efi_firmware_management_protocol *)
> + protocol_interface, ESRT_FW_TYPE_UNKNOWN, 0);
> + if (ret != EFI_SUCCESS) {
> + EFI_PRINT("Failed to update FMP ESRT entries\n");
> + return ret;
> + }
On some systems we are very tight on memory. So we should have a
configuration setting to disable the ESRT code.
Calling RegisterProtocolNotify() offers a mor UEFI style implementation
alternative but would need more code.
> + }
> +
> return EFI_SUCCESS;
> }
>
> diff --git a/lib/efi_loader/efi_esrt.c b/lib/efi_loader/efi_esrt.c
> new file mode 100644
> index 0000000000..c651ce6c73
> --- /dev/null
> +++ b/lib/efi_loader/efi_esrt.c
> @@ -0,0 +1,294 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * EFI application ESRT tables support
> + *
> + * Copyright (C) 2021 Arm Ltd.
> + */
> +
> +#include <common.h>
> +#include <efi_loader.h>
> +#include <log.h>
> +#include <efi_api.h>
> +#include <malloc.h>
> +
> +static const efi_guid_t esrt_guid = EFI_SYSTEM_RESOURCE_TABLE_GUID;
> +static bool esrt_initialized;
> +static struct efi_system_resource_table *esrt;
> +
> +#define EFI_ESRT_NUM_PAGES 1
> +
> +#define EFI_ESRT_SIZE (EFI_ESRT_NUM_PAGES * EFI_PAGE_SIZE)
> +
> +#define EFI_ESRT_ENTRIES_MAX ((EFI_ESRT_SIZE - \
> + sizeof(struct efi_system_resource_table)) / \
> + sizeof(struct efi_system_resource_entry))
> +
> +#define EFI_ESRT_VERSION 1
> +
> +/**
> + * esrt_image_info_to_entry() - copy the information present in a fw image
> + * descriptor to a ESRT entry.
> + *
> + * @img_info: the source image info descriptor
> + * @entry: pointer to the ESRT entry to be filled
> + * @desc_version: the version of the elements in img_info
> + * @image_type: the image type value to be set in the ESRT entry
> + * @flags: the capsule flags value to be set in the ESRT entry
> + *
> + */
> +void
> +esrt_image_info_to_entry(struct efi_firmware_image_descriptor *img_info,
> + struct efi_system_resource_entry *entry,
> + u32 desc_version, u32 image_type, u32 flags)
> +{
> + guidcpy(&entry->fw_class, &img_info->image_type_id);
> + entry->fw_version = img_info->version;
> +
> + entry->fw_type = image_type;
> + entry->capsule_flags = flags;
> +
> + /*
> + * The field lowest_supported_image_version is only present
> + * on image info structure of version 2 or greater.
> + * See the EFI_FIRMWARE_IMAGE_DESCRIPTOR definition in UEFI.
> + */
> + if (desc_version >= 2) {
> + entry->lowest_supported_fw_version =
> + img_info->lowest_supported_image_version;
> + } else {
> + entry->lowest_supported_fw_version = 0;
> + }
> +
> + /*
> + * The fields last_attempt_version and last_attempt_status
> + * are only present on image info structure of version 3 or
> + * greater.
> + * See the EFI_FIRMWARE_IMAGE_DESCRIPTOR definition in UEFI.
> + */
> + if (desc_version >= 3) {
> + entry->last_attempt_version =
> + img_info->last_attempt_version;
> +
> + entry->last_attempt_status =
> + img_info->last_attempt_status;
> + } else {
> + entry->last_attempt_version = 0;
> + entry->last_attempt_status = EFI_SUCCESS;
> + }
> +}
> +
> +/**
> + * esrt_find_entry() - Obtain the ESRT entry for the image with guid
%s/guid/GUID/
> + * img_fw_class.
%s/img_fw_class/@img_fw_class/
> + *
> + * If the img_fw_class is not yet present in the ESRT, this function
> + * reserves the tail element of the current ESRT as the entry for that fw_clas.
> + * The number of elements in the ESRT is updated in that case.
> + *
> + * @fw_img_class: the guid of the fw image which ESRT entry we want to obtain.
> + *
> + * Return:
> + * - a pointer to the ESRT entry for the image with guid img_fw_class,
> + * - NULL if there is no more space in the ESRT.
> + */
> +static
> +struct efi_system_resource_entry *esrt_find_entry(efi_guid_t *img_fw_class)
> +{
> + // if this function is called before the esrt init then it is erroneous
> + // behaviour.
> + assert(esrt_initialized);
assert is a nop if _DEBUG = 0.
Why don't you return NULL in this case?
Can this really occur?
> +
> + const u32 filled_entries = esrt->fw_resource_count;
> + const u32 max_entries = esrt->fw_resource_count_max;
> + struct efi_system_resource_entry *entry = esrt->entries;
> +
> + for (u32 idx; idx < filled_entries; idx++) {
> + if (!guidcmp(&entry[idx].fw_class, img_fw_class)) {
> + log_debug("EFI ESRT: found entry for image %pUl\n",
> + img_fw_class);
> + return &entry[idx];
> + }
> + }
> +
> + if (filled_entries == max_entries) {
> + log_warning("EFI ESRT: table is full\n");
> + return NULL;
> +
> + } else {
> + /*
> + * This is a new entry for a fw image, increment the element
> + * number in the table and set the fw_class field.
> + */
> + esrt->fw_resource_count++;
> + entry[filled_entries].fw_class = *img_fw_class;
> + return &entry[filled_entries];
> + }
> +}
> +
> +/**
> + * esrt_add_from_fmp() - Populates a sequence of ESRT entries from the FW
> + * images in the FMP.
> + *
> + * @fmp: the fmp from which fw images are added to the ESRT
> + * @image_type: the type of the FW image in the ESRT entry
> + * @flags: the capsule flags to be set in the ESRT entry
> + *
> + * Return:
> + * - EFI_SUCCESS if all the FW images in the FMP are added to the ESRT
> + * - Error status otherwise
> + */
> +efi_status_t esrt_add_from_fmp(struct efi_firmware_management_protocol *fmp,
> + u32 image_type, u32 flags)
> +{
> + struct efi_system_resource_entry *entry = NULL;
> + size_t info_size = 0;
> + struct efi_firmware_image_descriptor *img_info = NULL;
> + u32 desc_version;
> + u8 desc_count;
> + size_t desc_size;
> + efi_status_t ret = EFI_SUCCESS;
> +
> + if (!esrt_initialized)
> + return EFI_NOT_READY;
Can this really occur?
> +
> + ret = fmp->get_image_info(fmp, &info_size, img_info,
> + &desc_version, &desc_count,
> + &desc_size, NULL, NULL);
> +
> + /*
> + * An input of info_size=0 should always lead to BUFFER_TO_SMALL return
> + * if this is not the case then the get_image_info implementation is
> + * anoumalous, hence the assert.
%s/anoumalous/anomalous/
> + */
> + assert_noisy(ret == EFI_BUFFER_TOO_SMALL);
What do you want the user to do when he sees this message? Why would you
continue.
I guess the right thing is to return an error EFI_INVALID_PARAMETER if
the fmp protocol is not compliant. You can use EFI_PRINT() to write a
debug message.
> +
> + img_info = malloc(info_size);
Always check the result of malloc().
> +
> + ret = fmp->get_image_info(fmp, &info_size, img_info,
> + &desc_version, &desc_count,
> + &desc_size, NULL, NULL);
> + if (ret != EFI_SUCCESS) {
> + log_err("EFI ESRT: failed to obtain the FMP image info\n");
> + goto out;
> + }
> +
> + /*
> + * Iterate over all the FW images in the FMP.
> + */
> + for (u32 desc_idx = 0; desc_idx < desc_count; desc_idx++) {
> + struct efi_firmware_image_descriptor *cur_img_info =
> + (struct efi_firmware_image_descriptor *)
> + ((uintptr_t)img_info) + desc_idx * desc_size;
> +
> + /*
> + * Obtain the ESRT entry for the FW image with fw_class
> + * equal to cur_img_info->image_type_id.
> + */
> + entry = esrt_find_entry(&cur_img_info->image_type_id);
> +
> + if (entry) {
> + esrt_image_info_to_entry(cur_img_info, entry,
> + desc_version, image_type,
> + flags);
> + } else {
> + log_err("EFI ESRT: failed to add esrt entry for %pUl\n",
> + &cur_img_info->image_type_id);
> + continue;
> + }
> + }
> +
> +out:
> + free(img_info);
> + return true;
EFI_SUCCESS
> +}
> +
> +/**
> + * esrt_populate() - Populates the ESRT entries from the FMP instances
> + * registered so far and performs basic initialization of the ESRT fields.
> + *
> + * Return:
> + * - true if ESRT initialized successfully.
> + * - false otherwise.
> + */
> +static bool esrt_populate(void)
> +{
> + efi_handle_t *handle = NULL;
> + size_t no_handles = 0;
> + struct efi_firmware_management_protocol *fmp;
> + efi_status_t ret;
> +
> + esrt->fw_resource_count_max = EFI_ESRT_ENTRIES_MAX;
> + esrt->fw_resource_version = EFI_ESRT_VERSION;
> +
> + esrt_initialized = true;
> +
> + /*
> + * Obtain the number of registered FMP handles.
> + */
> + ret = EFI_CALL(efi_locate_handle_buffer(BY_PROTOCOL, &efi_guid_firmware_management_protocol,
> + NULL, &no_handles,
> + (efi_handle_t **)&handle));
> +
> + if (ret != EFI_SUCCESS) {
> + log_warning("EFI ESRT: failed to obtain FMP handles (%lx)\n",
> + ret);
> + return esrt_initialized;
> + }
Can't we initialize ESRT before any FMP is installed to get rid of this
function module?
> +
> + log_debug("EFI ESRT: populate esrt from (%ld) avaialble FMP handles\n",
> + no_handles);
> + /*
> + * Populate the ESRT entries with any already existing FMP.
> + */
> + for (u32 idx = 0; idx < no_handles; idx++, handle++) {
> + ret = EFI_CALL(efi_handle_protocol(*handle, &efi_guid_firmware_management_protocol,
> + (void **)&fmp));
> + if (ret != EFI_SUCCESS) {
> + log_err("EFI ESRT: Unable to find FMP handle (%d)\n",
> + idx);
> + continue;
> + }
> +
> + ret = esrt_add_from_fmp(fmp, ESRT_FW_TYPE_UNKNOWN, 0);
> + if (ret != EFI_SUCCESS) {
> + log_err("EFI ESRT: failed to add from FMP (%d)\n", idx);
> + continue;
> + }
> + }
> + return esrt_initialized;
> +}
> +
> +/**
> + * efi_esrt_register() - Install the ESRT system table.
> + *
> + * @return status code
> + */
> +efi_status_t efi_esrt_register(void)
> +{
> + esrt = (struct efi_system_resource_table *)(uintptr_t)U32_MAX;
> + efi_status_t ret;
> +
> + log_debug("EFI ESRT: ESRT creation start\n");
> +
> + /* Reserve pages for ESRT */
> + ret = efi_allocate_pages(EFI_ALLOCATE_MAX_ADDRESS,
> + EFI_RUNTIME_SERVICES_DATA, EFI_ESRT_NUM_PAGES,
Do we need an ESRT before the installation of the first FMP?
Why are you using a fixed number of pages? Doesn't the size depend on
the number of FMPs? Shouldn't the table be resized whenever a new
protocol is installed?
Unfortunately you never check if you overrun the allocated space. So I
just need an EFI driver that installs a high number of FMP and it will
crash U-Boot.
So I would drop this function and move (re-)allocating the ESRT to
esrt_add_from_fmp().
Best regards
Heinrich
> + (uint64_t *)&esrt);
> +
> + if (ret != EFI_SUCCESS)
> + return ret;
> +
> + if (!esrt_populate())
> + log_warning("EFI ESRT: failed to initialize ESRT\n");
> +
> + /* And expose them to our EFI payload */
> + ret = efi_install_configuration_table(&esrt_guid, (void *)esrt);
> + if (ret != EFI_SUCCESS) {
> + log_err("EFI ESRT: failed to create ESRT\n");
> + return ret;
> + }
> +
> + log_debug("EFI ESRT: table created\n");
> +
> + return ret;
> +}
> diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
> index 5800cbf6d4..7660a20822 100644
> --- a/lib/efi_loader/efi_setup.c
> +++ b/lib/efi_loader/efi_setup.c
> @@ -231,6 +231,10 @@ efi_status_t efi_init_obj_list(void)
> if (ret != EFI_SUCCESS)
> goto out;
>
> + ret = efi_esrt_register();
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> if (IS_ENABLED(CONFIG_EFI_TCG2_PROTOCOL)) {
> ret = efi_tcg2_register();
> if (ret != EFI_SUCCESS)
>
More information about the U-Boot
mailing list