[PATCH v2 3/3] efi: Show the location of the bounce buffer

Simon Glass sjg at chromium.org
Fri Aug 9 20:36:35 CEST 2024 

Hi Heinrich,

On Fri, 9 Aug 2024 at 11:32, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>
> On 01.08.24 19:36, Simon Glass wrote:
> > The EFI_LOADER_BOUNCE_BUFFER feature was added many years ago. It is not
> > clear whether it is still needed, but 24 boards (lx2160ardb_tfa_stmm,
> > lx2162aqds_tfa_SECURE_BOOT and the like) use it.
> >
> > This feature uses EFI page allocation to create a 64MB buffer 'in space'
> > without any knowledge of where boards intend to load their images. This
> > may result in image corruption or other problems.
> >
> > For example, if the feature is enabled on qemu_arm64 it puts the EFI
> > bounce buffer at 1045MB, with the kernel at 1028MB and the ramdisk at
> > 1088MB. The kernel is probably smaller than 27MB but the buffer does
> > overlap the ramdisk.
> >
> > The solution is probably to use BOUNCE_BUFFER instead, with the EFI
> > version being dropped. For now, show the address of the EFI bounce
> > buffer so people have a better chance to detect the problem.
> >
> > Note: I avoided converting this #ifdef to use IS_ENABLED() since I hope
> > that the feature may be removed.
>
> EFI_BLOCK_IO_PROTOCOL.ReadBlocks() and
> EFI_BLOCK_IO_PROTOCOL.WriteBlocks() are expected to block until all
> bytes are transferred.
>
> The complete file transfer is chunked according to the size of the EFI
> bounce buffer.
>
> Taking care of alignment issues would best handled by the block uclass.
>
> When CONFIG_BOUNCE_BUFFER=y, bounce_buffer_start_extalign() uses
> memalign() which limits the bounce buffer to available malloc() memory
> (typically < 2 MiB).
>
> I cannot see how blk_read() with CONFIG_BOUNCE_BUFFER=y will work if
> blkcnt * desc->blksz is greater than the available malloc memory.

Yes, it uses malloc(). The maximum read length on MMC, for example,
seems to default to 32MB, although it is only 128KB on a few
platforms.

I am thinking we should be allocating space in the bloblist to hold
all these sorts of things...it can be as large as needed and we can
allocate space for it during relocation.

>
> Shouldn't the block uclass support chunking?

It only supports readling whole blocks, if that is what you mean. Are
you suggesting changing the blk API, or something else?

Regards,
Simon



>
> Best regards
>
> Heinrich
>
> >
> > Signed-off-by: Simon Glass <sjg at chromium.org>
> > ---
> >
> > Changes in v2:
> > - Drop patch 'Show more information in efi index'
> > - Drop patch 'Avoid pool allocation in efi_get_memory_map_alloc()'
> > - Add the word 'warning', use log_warning() and show the end address
> > - Reorder patches a little
> >
> >   lib/efi_loader/efi_bootbin.c | 9 +++++++++
> >   1 file changed, 9 insertions(+)
> >
> > diff --git a/lib/efi_loader/efi_bootbin.c b/lib/efi_loader/efi_bootbin.c
> > index 5bb0fdcf75d..9779dc09b5e 100644
> > --- a/lib/efi_loader/efi_bootbin.c
> > +++ b/lib/efi_loader/efi_bootbin.c
> > @@ -211,6 +211,15 @@ efi_status_t efi_binary_run(void *image, size_t size, void *fdt)
> >               return -1;
> >       }
> >
> > +#ifdef CONFIG_EFI_LOADER_BOUNCE_BUFFER
> > +     /*
> > +      * Add a warning about this buffer, since it may conflict with other
> > +      * things
> > +      */
> > +     log_warning("Warning: EFI bounce buffer %p-%p\n", efi_bounce_buffer,
> > +                 efi_bounce_buffer + EFI_LOADER_BOUNCE_BUFFER_SIZE);
> > +#endif
> > +
> >       ret = efi_install_fdt(fdt);
> >       if (ret != EFI_SUCCESS)
> >               return ret;
>

More information about the U-Boot mailing list