summaryrefslogtreecommitdiff
path: root/src/boot/selfboot.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/boot/selfboot.c')
-rw-r--r--src/boot/selfboot.c497
1 files changed, 497 insertions, 0 deletions
diff --git a/src/boot/selfboot.c b/src/boot/selfboot.c
new file mode 100644
index 0000000000..6aae0d8f55
--- /dev/null
+++ b/src/boot/selfboot.c
@@ -0,0 +1,497 @@
+#include <console/console.h>
+#include <part/fallback_boot.h>
+#include <boot/elf.h>
+#include <boot/elf_boot.h>
+#include <boot/coreboot_tables.h>
+#include <ip_checksum.h>
+#include <stream/read_bytes.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <romfs.h>
+
+#ifndef CONFIG_BIG_ENDIAN
+#define ntohl(x) ( ((x&0xff)<<24) | ((x&0xff00)<<8) | \
+ ((x&0xff0000) >> 8) | ((x&0xff000000) >> 24) )
+#else
+#define ntohl(x) (x)
+#endif
+
+/* Maximum physical address we can use for the coreboot bounce buffer.
+ */
+#ifndef MAX_ADDR
+#define MAX_ADDR -1UL
+#endif
+
+extern unsigned char _ram_seg;
+extern unsigned char _eram_seg;
+
+struct segment {
+ struct segment *next;
+ struct segment *prev;
+ struct segment *phdr_next;
+ struct segment *phdr_prev;
+ unsigned long s_dstaddr;
+ unsigned long s_srcaddr;
+ unsigned long s_memsz;
+ unsigned long s_filesz;
+};
+
+struct verify_callback {
+ struct verify_callback *next;
+ int (*callback)(struct verify_callback *vcb,
+ Elf_ehdr *ehdr, Elf_phdr *phdr, struct segment *head);
+ unsigned long desc_offset;
+ unsigned long desc_addr;
+};
+
+struct ip_checksum_vcb {
+ struct verify_callback data;
+ unsigned short ip_checksum;
+};
+
+int romfs_self_decompress(int algo, void *src,struct segment *new)
+{
+ u8 *dst;
+
+ /* for uncompressed, it's easy: just point at the area in ROM */
+ if (algo == ROMFS_COMPRESS_NONE) {
+ new->s_srcaddr = (u32) src;
+ new->s_filesz = new->s_memsz;
+ return 0;
+ }
+
+ /* for compression, let's keep it simple. We'll malloc the destination
+ * area and decompress to there. The compression overhead far outweighs
+ * any overhead for an extra copy.
+ */
+ dst = malloc(new->s_memsz);
+ if (! dst)
+ return -1;
+
+ switch(algo) {
+#ifdef CONFIG_COMPRESSION_LZMA
+ case ROMFS_COMPRESS_LZMA: {
+ unsigned long ulzma(unsigned char *src, unsigned char *dst);
+ ulzma(src, dst);
+ }
+#endif
+
+#ifdef CONFIG_COMPRESSION_NRV2B
+ case ROMFS_COMPRESS_NRV2B: {
+ unsigned long unrv2b(u8 *src, u8 *dst, unsigned long *ilen_p);
+ unsigned long tmp;
+ unrv2b(src, dst, &tmp);
+ }
+#endif
+ default:
+ printk_info( "ROMFS: Unknown compression type %d\n",
+ algo);
+ return -1;
+ }
+
+ new->s_srcaddr = (u32) dst;
+ new->s_filesz = new->s_memsz;
+ return 0;
+
+}
+
+/* The problem:
+ * Static executables all want to share the same addresses
+ * in memory because only a few addresses are reliably present on
+ * a machine, and implementing general relocation is hard.
+ *
+ * The solution:
+ * - Allocate a buffer twice the size of the coreboot image.
+ * - Anything that would overwrite coreboot copy into the lower half of
+ * the buffer.
+ * - After loading an ELF image copy coreboot to the upper half of the
+ * buffer.
+ * - Then jump to the loaded image.
+ *
+ * Benefits:
+ * - Nearly arbitrary standalone executables can be loaded.
+ * - Coreboot is preserved, so it can be returned to.
+ * - The implementation is still relatively simple,
+ * and much simpler then the general case implemented in kexec.
+ *
+ */
+
+static unsigned long get_bounce_buffer(struct lb_memory *mem)
+{
+ unsigned long lb_size;
+ unsigned long mem_entries;
+ unsigned long buffer;
+ int i;
+ lb_size = (unsigned long)(&_eram_seg - &_ram_seg);
+ /* Double coreboot size so I have somewhere to place a copy to return to */
+ lb_size = lb_size + lb_size;
+ mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
+ buffer = 0;
+ for(i = 0; i < mem_entries; i++) {
+ unsigned long mstart, mend;
+ unsigned long msize;
+ unsigned long tbuffer;
+ if (mem->map[i].type != LB_MEM_RAM)
+ continue;
+ if (unpack_lb64(mem->map[i].start) > MAX_ADDR)
+ continue;
+ if (unpack_lb64(mem->map[i].size) < lb_size)
+ continue;
+ mstart = unpack_lb64(mem->map[i].start);
+ msize = MAX_ADDR - mstart +1;
+ if (msize > unpack_lb64(mem->map[i].size))
+ msize = unpack_lb64(mem->map[i].size);
+ mend = mstart + msize;
+ tbuffer = mend - lb_size;
+ if (tbuffer < buffer)
+ continue;
+ buffer = tbuffer;
+ }
+ return buffer;
+}
+
+static int valid_area(struct lb_memory *mem, unsigned long buffer,
+ unsigned long start, unsigned long len)
+{
+ /* Check through all of the memory segments and ensure
+ * the segment that was passed in is completely contained
+ * in RAM.
+ */
+ int i;
+ unsigned long end = start + len;
+ unsigned long mem_entries = (mem->size - sizeof(*mem))/sizeof(mem->map[0]);
+
+ /* See if I conflict with the bounce buffer */
+ if (end >= buffer) {
+ return 0;
+ }
+
+ /* Walk through the table of valid memory ranges and see if I
+ * have a match.
+ */
+ for(i = 0; i < mem_entries; i++) {
+ uint64_t mstart, mend;
+ uint32_t mtype;
+ mtype = mem->map[i].type;
+ mstart = unpack_lb64(mem->map[i].start);
+ mend = mstart + unpack_lb64(mem->map[i].size);
+ if ((mtype == LB_MEM_RAM) && (start < mend) && (end > mstart)) {
+ break;
+ }
+ if ((mtype == LB_MEM_TABLE) && (start < mend) && (end > mstart)) {
+ printk_err("Payload is overwriting Coreboot tables.\n");
+ break;
+ }
+ }
+ if (i == mem_entries) {
+ printk_err("No matching ram area found for range:\n");
+ printk_err(" [0x%016lx, 0x%016lx)\n", start, end);
+ printk_err("Ram areas\n");
+ for(i = 0; i < mem_entries; i++) {
+ uint64_t mstart, mend;
+ uint32_t mtype;
+ mtype = mem->map[i].type;
+ mstart = unpack_lb64(mem->map[i].start);
+ mend = mstart + unpack_lb64(mem->map[i].size);
+ printk_err(" [0x%016lx, 0x%016lx) %s\n",
+ (unsigned long)mstart,
+ (unsigned long)mend,
+ (mtype == LB_MEM_RAM)?"RAM":"Reserved");
+
+ }
+ return 0;
+ }
+ return 1;
+}
+
+static void relocate_segment(unsigned long buffer, struct segment *seg)
+{
+ /* Modify all segments that want to load onto coreboot
+ * to load onto the bounce buffer instead.
+ */
+ unsigned long lb_start = (unsigned long)&_ram_seg;
+ unsigned long lb_end = (unsigned long)&_eram_seg;
+ unsigned long start, middle, end;
+
+ printk_spew("lb: [0x%016lx, 0x%016lx)\n",
+ lb_start, lb_end);
+
+ start = seg->s_dstaddr;
+ middle = start + seg->s_filesz;
+ end = start + seg->s_memsz;
+ /* I don't conflict with coreboot so get out of here */
+ if ((end <= lb_start) || (start >= lb_end))
+ return;
+
+ printk_spew("segment: [0x%016lx, 0x%016lx, 0x%016lx)\n",
+ start, middle, end);
+
+ /* Slice off a piece at the beginning
+ * that doesn't conflict with coreboot.
+ */
+ if (start < lb_start) {
+ struct segment *new;
+ unsigned long len = lb_start - start;
+ new = malloc(sizeof(*new));
+ *new = *seg;
+ new->s_memsz = len;
+ seg->s_memsz -= len;
+ seg->s_dstaddr += len;
+ seg->s_srcaddr += len;
+ if (seg->s_filesz > len) {
+ new->s_filesz = len;
+ seg->s_filesz -= len;
+ } else {
+ seg->s_filesz = 0;
+ }
+
+ /* Order by stream offset */
+ new->next = seg;
+ new->prev = seg->prev;
+ seg->prev->next = new;
+ seg->prev = new;
+ /* Order by original program header order */
+ new->phdr_next = seg;
+ new->phdr_prev = seg->phdr_prev;
+ seg->phdr_prev->phdr_next = new;
+ seg->phdr_prev = new;
+
+ /* compute the new value of start */
+ start = seg->s_dstaddr;
+
+ printk_spew(" early: [0x%016lx, 0x%016lx, 0x%016lx)\n",
+ new->s_dstaddr,
+ new->s_dstaddr + new->s_filesz,
+ new->s_dstaddr + new->s_memsz);
+ }
+
+ /* Slice off a piece at the end
+ * that doesn't conflict with coreboot
+ */
+ if (end > lb_end) {
+ unsigned long len = lb_end - start;
+ struct segment *new;
+ new = malloc(sizeof(*new));
+ *new = *seg;
+ seg->s_memsz = len;
+ new->s_memsz -= len;
+ new->s_dstaddr += len;
+ new->s_srcaddr += len;
+ if (seg->s_filesz > len) {
+ seg->s_filesz = len;
+ new->s_filesz -= len;
+ } else {
+ new->s_filesz = 0;
+ }
+ /* Order by stream offset */
+ new->next = seg->next;
+ new->prev = seg;
+ seg->next->prev = new;
+ seg->next = new;
+ /* Order by original program header order */
+ new->phdr_next = seg->phdr_next;
+ new->phdr_prev = seg;
+ seg->phdr_next->phdr_prev = new;
+ seg->phdr_next = new;
+
+ /* compute the new value of end */
+ end = start + len;
+
+ printk_spew(" late: [0x%016lx, 0x%016lx, 0x%016lx)\n",
+ new->s_dstaddr,
+ new->s_dstaddr + new->s_filesz,
+ new->s_dstaddr + new->s_memsz);
+
+ }
+ /* Now retarget this segment onto the bounce buffer */
+ /* sort of explanation: the buffer is a 1:1 mapping to coreboot.
+ * so you will make the dstaddr be this buffer, and it will get copied
+ * later to where coreboot lives.
+ */
+ seg->s_dstaddr = buffer + (seg->s_dstaddr - lb_start);
+
+ printk_spew(" bounce: [0x%016lx, 0x%016lx, 0x%016lx)\n",
+ seg->s_dstaddr,
+ seg->s_dstaddr + seg->s_filesz,
+ seg->s_dstaddr + seg->s_memsz);
+}
+
+
+static int build_self_segment_list(
+ struct segment *head,
+ unsigned long bounce_buffer, struct lb_memory *mem,
+ struct romfs_payload *payload, u32 *entry)
+{
+ struct segment *new;
+ struct segment *ptr;
+ u8 *data;
+ int datasize;
+ struct romfs_payload_segment *segment, *first_segment;
+ memset(head, 0, sizeof(*head));
+ head->phdr_next = head->phdr_prev = head;
+ head->next = head->prev = head;
+ first_segment = segment = &payload->segments;
+
+ while(1) {
+ printk_debug("Segment %p\n", segment);
+ switch(segment->type) {
+ default: printk_emerg("Bad segment type %x\n", segment->type);
+ return -1;
+ case PAYLOAD_SEGMENT_PARAMS:
+ printk_info("found param section\n");
+ segment++;
+ continue;
+ case PAYLOAD_SEGMENT_CODE:
+ case PAYLOAD_SEGMENT_DATA:
+ printk_info( "%s: ", segment->type == PAYLOAD_SEGMENT_CODE ?
+ "code" : "data");
+ new = malloc(sizeof(*new));
+ new->s_dstaddr = ntohl((u32) segment->load_addr);
+ new->s_memsz = ntohl(segment->mem_len);
+
+ datasize = ntohl(segment->len);
+ /* figure out decompression, do it, get pointer to the area */
+ if (romfs_self_decompress(ntohl(segment->compression),
+ ((unsigned char *) first_segment) +
+ ntohl(segment->offset), new)) {
+ printk_emerg("romfs_self_decompress failed\n");
+ return;
+ }
+ printk_debug("New segment dstaddr 0x%lx memsize 0x%lx srcaddr 0x%lx filesize 0x%lx\n",
+ new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
+ /* Clean up the values */
+ if (new->s_filesz > new->s_memsz) {
+ new->s_filesz = new->s_memsz;
+ }
+ printk_debug("(cleaned up) New segment addr 0x%lx size 0x%lx offset 0x%lx filesize 0x%lx\n",
+ new->s_dstaddr, new->s_memsz, new->s_srcaddr, new->s_filesz);
+ break;
+ case PAYLOAD_SEGMENT_BSS:
+ printk_info("BSS %p/%d\n", (void *) ntohl((u32) segment->load_addr),
+ ntohl(segment->mem_len));
+ new = malloc(sizeof(*new));
+ new->s_filesz = 0;
+ new->s_dstaddr = ntohl((u32) segment->load_addr);
+ new->s_memsz = ntohl(segment->mem_len);
+
+ break;
+
+ case PAYLOAD_SEGMENT_ENTRY:
+ printk_info("Entry %p\n", (void *) ntohl((u32) segment->load_addr));
+ *entry = (void *) ntohl((u32) segment->load_addr);
+ return 1;
+ }
+ segment++;
+ for(ptr = head->next; ptr != head; ptr = ptr->next) {
+ if (new->s_srcaddr < ntohl((u32) segment->load_addr))
+ break;
+ }
+ /* Order by stream offset */
+ new->next = ptr;
+ new->prev = ptr->prev;
+ ptr->prev->next = new;
+ ptr->prev = new;
+ /* Order by original program header order */
+ new->phdr_next = head;
+ new->phdr_prev = head->phdr_prev;
+ head->phdr_prev->phdr_next = new;
+ head->phdr_prev = new;
+
+ /* Verify the memory addresses in the segment are valid */
+ if (!valid_area(mem, bounce_buffer, new->s_dstaddr, new->s_memsz))
+ goto out;
+
+ /* Modify the segment to load onto the bounce_buffer if necessary.
+ */
+ relocate_segment(bounce_buffer, new);
+ }
+ return 1;
+ out:
+ return 0;
+}
+
+static int load_self_segments(
+ struct segment *head, struct romfs_payload *payload)
+{
+ unsigned long offset;
+ struct segment *ptr;
+
+ offset = 0;
+ for(ptr = head->next; ptr != head; ptr = ptr->next) {
+ unsigned long skip_bytes, read_bytes;
+ unsigned char *dest, *middle, *end, *src;
+ byte_offset_t result;
+ printk_debug("Loading Segment: addr: 0x%016lx memsz: 0x%016lx filesz: 0x%016lx\n",
+ ptr->s_dstaddr, ptr->s_memsz, ptr->s_filesz);
+
+ /* Compute the boundaries of the segment */
+ dest = (unsigned char *)(ptr->s_dstaddr);
+ end = dest + ptr->s_memsz;
+ middle = dest + ptr->s_filesz;
+ src = ptr->s_srcaddr;
+ printk_spew("[ 0x%016lx, %016lx, 0x%016lx) <- %016lx\n",
+ (unsigned long)dest,
+ (unsigned long)middle,
+ (unsigned long)end,
+ (unsigned long)src);
+
+ /* Copy data from the initial buffer */
+ if (ptr->s_filesz) {
+ size_t len;
+ len = ptr->s_filesz;
+ memcpy(dest, src, len);
+ dest += len;
+ }
+
+ /* Zero the extra bytes between middle & end */
+ if (middle < end) {
+ printk_debug("Clearing Segment: addr: 0x%016lx memsz: 0x%016lx\n",
+ (unsigned long)middle, (unsigned long)(end - middle));
+
+ /* Zero the extra bytes */
+ memset(middle, 0, end - middle);
+ }
+ }
+ return 1;
+ out:
+ return 0;
+}
+
+int selfboot(struct lb_memory *mem, struct romfs_payload *payload)
+{
+ void *entry;
+ struct segment head;
+ unsigned long bounce_buffer;
+
+ /* Find a bounce buffer so I can load to coreboot's current location */
+ bounce_buffer = get_bounce_buffer(mem);
+ if (!bounce_buffer) {
+ printk_err("Could not find a bounce buffer...\n");
+ goto out;
+ }
+
+ /* Preprocess the self segments */
+ if (!build_self_segment_list(&head, bounce_buffer, mem, payload, &entry))
+ goto out;
+
+ /* Load the segments */
+ if (!load_self_segments(&head, payload))
+ goto out;
+
+ printk_spew("Loaded segments\n");
+
+ /* Reset to booting from this image as late as possible */
+ boot_successful();
+
+ printk_debug("Jumping to boot code at %p\n", entry);
+ post_code(0xfe);
+
+ /* Jump to kernel */
+ jmp_to_elf_entry(entry, bounce_buffer);
+ return 1;
+
+ out:
+ return 0;
+}
+