2008-10-12 01:55:55 +01:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) 2008 Michael Brown <mbrown@fensystems.co.uk>.
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License as
|
|
|
|
|
* published by the Free Software Foundation; either version 2 of the
|
|
|
|
|
* License, or any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2012-07-20 19:55:45 +01:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
|
|
|
* 02110-1301, USA.
|
2008-10-12 01:55:55 +01:00
|
|
|
*/
|
|
|
|
|
|
2009-05-01 15:41:06 +01:00
|
|
|
FILE_LICENCE ( GPL2_OR_LATER );
|
|
|
|
|
|
2008-10-12 01:55:55 +01:00
|
|
|
#include <errno.h>
|
2011-08-08 15:54:15 -04:00
|
|
|
#include <stdlib.h>
|
2025-04-30 15:18:34 +01:00
|
|
|
#include <string.h>
|
2013-03-13 22:36:32 +00:00
|
|
|
#include <wchar.h>
|
2010-04-19 20:16:01 +01:00
|
|
|
#include <ipxe/efi/efi.h>
|
2013-03-13 22:36:32 +00:00
|
|
|
#include <ipxe/efi/efi_snp.h>
|
|
|
|
|
#include <ipxe/efi/efi_download.h>
|
|
|
|
|
#include <ipxe/efi/efi_file.h>
|
2020-10-16 14:12:56 +01:00
|
|
|
#include <ipxe/efi/efi_path.h>
|
2013-03-13 22:36:32 +00:00
|
|
|
#include <ipxe/efi/efi_strings.h>
|
2014-07-16 01:25:37 +01:00
|
|
|
#include <ipxe/efi/efi_wrap.h>
|
2015-09-01 21:23:34 +01:00
|
|
|
#include <ipxe/efi/efi_pxe.h>
|
2020-10-01 16:07:23 +01:00
|
|
|
#include <ipxe/efi/efi_driver.h>
|
2023-05-22 14:11:22 +01:00
|
|
|
#include <ipxe/efi/efi_image.h>
|
|
|
|
|
#include <ipxe/efi/efi_shim.h>
|
2025-03-28 14:20:44 +00:00
|
|
|
#include <ipxe/efi/efi_fdt.h>
|
2010-04-19 20:16:01 +01:00
|
|
|
#include <ipxe/image.h>
|
2010-05-27 20:08:28 -07:00
|
|
|
#include <ipxe/init.h>
|
2010-04-19 20:16:01 +01:00
|
|
|
#include <ipxe/features.h>
|
2011-08-08 15:54:15 -04:00
|
|
|
#include <ipxe/uri.h>
|
2015-10-05 19:19:26 +01:00
|
|
|
#include <ipxe/console.h>
|
2008-10-12 01:55:55 +01:00
|
|
|
|
|
|
|
|
FEATURE ( FEATURE_IMAGE, "EFI", DHCP_EB_FEATURE_EFI, 1 );
|
|
|
|
|
|
2013-04-19 13:29:22 +01:00
|
|
|
/* Disambiguate the various error causes */
|
|
|
|
|
#define EINFO_EEFI_LOAD \
|
|
|
|
|
__einfo_uniqify ( EINFO_EPLATFORM, 0x01, \
|
|
|
|
|
"Could not load image" )
|
|
|
|
|
#define EINFO_EEFI_LOAD_PROHIBITED \
|
|
|
|
|
__einfo_platformify ( EINFO_EEFI_LOAD, EFI_SECURITY_VIOLATION, \
|
|
|
|
|
"Image prohibited by security policy" )
|
|
|
|
|
#define EEFI_LOAD_PROHIBITED \
|
|
|
|
|
__einfo_error ( EINFO_EEFI_LOAD_PROHIBITED )
|
|
|
|
|
#define EEFI_LOAD( efirc ) EPLATFORM ( EINFO_EEFI_LOAD, efirc, \
|
|
|
|
|
EEFI_LOAD_PROHIBITED )
|
|
|
|
|
#define EINFO_EEFI_START \
|
|
|
|
|
__einfo_uniqify ( EINFO_EPLATFORM, 0x02, \
|
|
|
|
|
"Could not start image" )
|
|
|
|
|
#define EEFI_START( efirc ) EPLATFORM ( EINFO_EEFI_START, efirc )
|
|
|
|
|
|
2011-08-08 15:54:15 -04:00
|
|
|
/**
|
2013-03-13 22:36:32 +00:00
|
|
|
* Create device path for image
|
|
|
|
|
*
|
|
|
|
|
* @v image EFI image
|
|
|
|
|
* @v parent Parent device path
|
|
|
|
|
* @ret path Device path, or NULL on failure
|
|
|
|
|
*
|
|
|
|
|
* The caller must eventually free() the device path.
|
|
|
|
|
*/
|
2013-03-19 23:16:09 +00:00
|
|
|
static EFI_DEVICE_PATH_PROTOCOL *
|
|
|
|
|
efi_image_path ( struct image *image, EFI_DEVICE_PATH_PROTOCOL *parent ) {
|
2013-03-13 22:36:32 +00:00
|
|
|
EFI_DEVICE_PATH_PROTOCOL *path;
|
|
|
|
|
FILEPATH_DEVICE_PATH *filepath;
|
|
|
|
|
EFI_DEVICE_PATH_PROTOCOL *end;
|
|
|
|
|
size_t name_len;
|
|
|
|
|
size_t prefix_len;
|
|
|
|
|
size_t filepath_len;
|
|
|
|
|
size_t len;
|
|
|
|
|
|
|
|
|
|
/* Calculate device path lengths */
|
2020-10-16 14:12:56 +01:00
|
|
|
prefix_len = efi_path_len ( parent );
|
2013-03-13 22:36:32 +00:00
|
|
|
name_len = strlen ( image->name );
|
|
|
|
|
filepath_len = ( SIZE_OF_FILEPATH_DEVICE_PATH +
|
|
|
|
|
( name_len + 1 /* NUL */ ) * sizeof ( wchar_t ) );
|
|
|
|
|
len = ( prefix_len + filepath_len + sizeof ( *end ) );
|
|
|
|
|
|
|
|
|
|
/* Allocate device path */
|
|
|
|
|
path = zalloc ( len );
|
|
|
|
|
if ( ! path )
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
/* Construct device path */
|
|
|
|
|
memcpy ( path, parent, prefix_len );
|
|
|
|
|
filepath = ( ( ( void * ) path ) + prefix_len );
|
|
|
|
|
filepath->Header.Type = MEDIA_DEVICE_PATH;
|
|
|
|
|
filepath->Header.SubType = MEDIA_FILEPATH_DP;
|
|
|
|
|
filepath->Header.Length[0] = ( filepath_len & 0xff );
|
|
|
|
|
filepath->Header.Length[1] = ( filepath_len >> 8 );
|
|
|
|
|
efi_snprintf ( filepath->PathName, ( name_len + 1 /* NUL */ ),
|
|
|
|
|
"%s", image->name );
|
|
|
|
|
end = ( ( ( void * ) filepath ) + filepath_len );
|
2023-01-23 19:07:35 +00:00
|
|
|
efi_path_terminate ( end );
|
2013-03-13 22:36:32 +00:00
|
|
|
|
|
|
|
|
return path;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Create command line for image
|
2011-08-08 15:54:15 -04:00
|
|
|
*
|
|
|
|
|
* @v image EFI image
|
2013-03-13 22:36:32 +00:00
|
|
|
* @ret cmdline Command line, or NULL on failure
|
2011-08-08 15:54:15 -04:00
|
|
|
*/
|
2013-03-13 22:36:32 +00:00
|
|
|
static wchar_t * efi_image_cmdline ( struct image *image ) {
|
|
|
|
|
wchar_t *cmdline;
|
2011-08-08 15:54:15 -04:00
|
|
|
|
2023-05-22 13:35:34 +01:00
|
|
|
/* Allocate and construct command line */
|
|
|
|
|
if ( efi_asprintf ( &cmdline, "%s%s%s", image->name,
|
|
|
|
|
( image->cmdline ? " " : "" ),
|
|
|
|
|
( image->cmdline ? image->cmdline : "" ) ) < 0 ) {
|
2013-03-13 22:36:32 +00:00
|
|
|
return NULL;
|
2023-05-22 13:35:34 +01:00
|
|
|
}
|
|
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
return cmdline;
|
2011-08-08 15:54:15 -04:00
|
|
|
}
|
|
|
|
|
|
2025-03-28 14:20:44 +00:00
|
|
|
/**
|
|
|
|
|
* Install EFI Flattened Device Tree table (when no FDT support is present)
|
|
|
|
|
*
|
2025-04-01 16:53:02 +01:00
|
|
|
* @v cmdline Command line, or NULL
|
2025-03-28 14:20:44 +00:00
|
|
|
* @ret rc Return status code
|
|
|
|
|
*/
|
2025-04-01 16:53:02 +01:00
|
|
|
__weak int efi_fdt_install ( const char *cmdline __unused ) {
|
2025-03-28 14:20:44 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Uninstall EFI Flattened Device Tree table (when no FDT support is present)
|
|
|
|
|
*
|
|
|
|
|
* @ret rc Return status code
|
|
|
|
|
*/
|
|
|
|
|
__weak int efi_fdt_uninstall ( void ) {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-10-12 01:55:55 +01:00
|
|
|
/**
|
|
|
|
|
* Execute EFI image
|
|
|
|
|
*
|
|
|
|
|
* @v image EFI image
|
|
|
|
|
* @ret rc Return status code
|
|
|
|
|
*/
|
|
|
|
|
static int efi_image_exec ( struct image *image ) {
|
|
|
|
|
EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
|
2013-03-13 22:36:32 +00:00
|
|
|
struct efi_snp_device *snpdev;
|
|
|
|
|
EFI_DEVICE_PATH_PROTOCOL *path;
|
2025-03-24 14:24:47 +00:00
|
|
|
EFI_LOADED_IMAGE_PROTOCOL *loaded;
|
2023-05-22 14:11:22 +01:00
|
|
|
struct image *shim;
|
|
|
|
|
struct image *exec;
|
2025-03-29 21:28:53 +00:00
|
|
|
EFI_HANDLE device;
|
2008-10-12 01:55:55 +01:00
|
|
|
EFI_HANDLE handle;
|
2020-10-01 16:07:23 +01:00
|
|
|
EFI_MEMORY_TYPE type;
|
2013-03-13 22:36:32 +00:00
|
|
|
wchar_t *cmdline;
|
2023-05-05 14:46:42 +01:00
|
|
|
unsigned int toggle;
|
2008-10-12 01:55:55 +01:00
|
|
|
EFI_STATUS efirc;
|
2010-05-27 20:08:28 -07:00
|
|
|
int rc;
|
2008-10-12 01:55:55 +01:00
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
/* Find an appropriate device handle to use */
|
|
|
|
|
snpdev = last_opened_snpdev();
|
|
|
|
|
if ( ! snpdev ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not identify SNP device\n",
|
|
|
|
|
image->name );
|
2013-03-13 22:36:32 +00:00
|
|
|
rc = -ENODEV;
|
|
|
|
|
goto err_no_snpdev;
|
|
|
|
|
}
|
2025-03-29 21:28:53 +00:00
|
|
|
device = snpdev->handle;
|
2013-03-13 22:36:32 +00:00
|
|
|
|
2023-05-22 14:11:22 +01:00
|
|
|
/* Use shim instead of directly executing image if applicable */
|
|
|
|
|
shim = ( efi_can_load ( image ) ?
|
|
|
|
|
NULL : find_image_tag ( &efi_shim ) );
|
|
|
|
|
exec = ( shim ? shim : image );
|
|
|
|
|
if ( shim ) {
|
|
|
|
|
DBGC ( image, "EFIIMAGE %s executing via %s\n",
|
|
|
|
|
image->name, shim->name );
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-05 14:46:42 +01:00
|
|
|
/* Re-register as a hidden image to allow for access via file I/O */
|
|
|
|
|
toggle = ( ~image->flags & IMAGE_HIDDEN );
|
|
|
|
|
image->flags |= IMAGE_HIDDEN;
|
|
|
|
|
if ( ( rc = register_image ( image ) ) != 0 )
|
|
|
|
|
goto err_register_image;
|
|
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
/* Install file I/O protocols */
|
2025-03-29 21:28:53 +00:00
|
|
|
if ( ( rc = efi_file_install ( device ) ) != 0 ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not install file protocol: "
|
|
|
|
|
"%s\n", image->name, strerror ( rc ) );
|
2013-03-13 22:36:32 +00:00
|
|
|
goto err_file_install;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-01 21:23:34 +01:00
|
|
|
/* Install PXE base code protocol */
|
2025-03-29 21:28:53 +00:00
|
|
|
if ( ( rc = efi_pxe_install ( device, snpdev->netdev ) ) != 0 ){
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not install PXE protocol: "
|
|
|
|
|
"%s\n", image->name, strerror ( rc ) );
|
2015-09-01 21:23:34 +01:00
|
|
|
goto err_pxe_install;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
/* Install iPXE download protocol */
|
2025-03-29 21:28:53 +00:00
|
|
|
if ( ( rc = efi_download_install ( device ) ) != 0 ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not install iPXE download "
|
|
|
|
|
"protocol: %s\n", image->name, strerror ( rc ) );
|
2013-03-13 22:36:32 +00:00
|
|
|
goto err_download_install;
|
|
|
|
|
}
|
|
|
|
|
|
2025-03-28 14:20:44 +00:00
|
|
|
/* Install Flattened Device Tree table */
|
2025-04-01 16:53:02 +01:00
|
|
|
if ( ( rc = efi_fdt_install ( image->cmdline ) ) != 0 ) {
|
2025-03-28 14:20:44 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not install FDT: %s\n",
|
|
|
|
|
image->name, strerror ( rc ) );
|
|
|
|
|
goto err_fdt_install;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
/* Create device path for image */
|
2023-05-22 14:11:22 +01:00
|
|
|
path = efi_image_path ( exec, snpdev->path );
|
2013-03-13 22:36:32 +00:00
|
|
|
if ( ! path ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not create device path\n",
|
|
|
|
|
image->name );
|
2013-03-13 22:36:32 +00:00
|
|
|
rc = -ENOMEM;
|
|
|
|
|
goto err_image_path;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Create command line for image */
|
|
|
|
|
cmdline = efi_image_cmdline ( image );
|
|
|
|
|
if ( ! cmdline ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not create command line\n",
|
|
|
|
|
image->name );
|
2013-03-13 22:36:32 +00:00
|
|
|
rc = -ENOMEM;
|
|
|
|
|
goto err_cmdline;
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-22 14:11:22 +01:00
|
|
|
/* Install shim special handling if applicable */
|
|
|
|
|
if ( shim &&
|
2025-03-29 21:28:53 +00:00
|
|
|
( ( rc = efi_shim_install ( shim, device, &cmdline ) ) != 0 ) ) {
|
2023-05-22 14:11:22 +01:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not install shim handling: "
|
|
|
|
|
"%s\n", image->name, strerror ( rc ) );
|
|
|
|
|
goto err_shim_install;
|
|
|
|
|
}
|
|
|
|
|
|
2025-04-30 14:14:51 +01:00
|
|
|
/* Attempt loading image
|
|
|
|
|
*
|
|
|
|
|
* LoadImage() does not (allegedly) modify the image content,
|
|
|
|
|
* but requires a non-const pointer to SourceBuffer. We
|
|
|
|
|
* therefore use the .rwdata field rather than .data.
|
|
|
|
|
*/
|
2020-06-04 22:24:21 +01:00
|
|
|
handle = NULL;
|
2013-03-13 22:36:32 +00:00
|
|
|
if ( ( efirc = bs->LoadImage ( FALSE, efi_image_handle, path,
|
2025-04-30 14:14:51 +01:00
|
|
|
exec->rwdata, exec->len,
|
2025-04-21 00:15:52 +01:00
|
|
|
&handle ) ) != 0 ) {
|
2008-10-12 01:55:55 +01:00
|
|
|
/* Not an EFI image */
|
2013-04-19 13:29:22 +01:00
|
|
|
rc = -EEFI_LOAD ( efirc );
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not load: %s\n",
|
|
|
|
|
image->name, strerror ( rc ) );
|
2020-06-04 22:24:21 +01:00
|
|
|
if ( efirc == EFI_SECURITY_VIOLATION ) {
|
|
|
|
|
goto err_load_image_security_violation;
|
|
|
|
|
} else {
|
|
|
|
|
goto err_load_image;
|
|
|
|
|
}
|
2008-10-12 01:55:55 +01:00
|
|
|
}
|
|
|
|
|
|
2011-08-08 15:54:15 -04:00
|
|
|
/* Get the loaded image protocol for the newly loaded image */
|
2025-03-23 19:11:13 +00:00
|
|
|
if ( ( rc = efi_open ( handle, &efi_loaded_image_protocol_guid,
|
2025-03-24 14:24:47 +00:00
|
|
|
&loaded ) ) != 0 ) {
|
2011-08-08 15:54:15 -04:00
|
|
|
/* Should never happen */
|
|
|
|
|
goto err_open_protocol;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-30 16:16:10 +01:00
|
|
|
/* Some EFI 1.10 implementations seem not to fill in DeviceHandle */
|
2025-03-24 14:24:47 +00:00
|
|
|
if ( loaded->DeviceHandle == NULL ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s filling in missing DeviceHandle\n",
|
|
|
|
|
image->name );
|
2025-03-29 21:28:53 +00:00
|
|
|
loaded->DeviceHandle = device;
|
2014-07-30 16:16:10 +01:00
|
|
|
}
|
|
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
/* Sanity checks */
|
2025-03-24 14:24:47 +00:00
|
|
|
assert ( loaded->ParentHandle == efi_image_handle );
|
2025-03-29 21:28:53 +00:00
|
|
|
assert ( loaded->DeviceHandle == device );
|
2025-03-24 14:24:47 +00:00
|
|
|
assert ( loaded->LoadOptionsSize == 0 );
|
|
|
|
|
assert ( loaded->LoadOptions == NULL );
|
2013-03-13 22:36:32 +00:00
|
|
|
|
2020-10-01 16:07:23 +01:00
|
|
|
/* Record image code type */
|
2025-03-24 14:24:47 +00:00
|
|
|
type = loaded->ImageCodeType;
|
2020-10-01 16:07:23 +01:00
|
|
|
|
2013-03-13 22:36:32 +00:00
|
|
|
/* Set command line */
|
2025-03-24 14:24:47 +00:00
|
|
|
loaded->LoadOptions = cmdline;
|
|
|
|
|
loaded->LoadOptionsSize =
|
2013-03-13 22:36:32 +00:00
|
|
|
( ( wcslen ( cmdline ) + 1 /* NUL */ ) * sizeof ( wchar_t ) );
|
2011-08-08 15:54:15 -04:00
|
|
|
|
2014-03-14 14:16:05 +00:00
|
|
|
/* Release network devices for use via SNP */
|
|
|
|
|
efi_snp_release();
|
|
|
|
|
|
2014-07-16 01:25:37 +01:00
|
|
|
/* Wrap calls made by the loaded image (for debugging) */
|
2025-03-20 12:25:26 +00:00
|
|
|
efi_wrap_image ( handle );
|
2014-07-16 01:25:37 +01:00
|
|
|
|
2015-10-05 19:19:26 +01:00
|
|
|
/* Reset console since image will probably use it */
|
|
|
|
|
console_reset();
|
|
|
|
|
|
2025-03-29 21:28:53 +00:00
|
|
|
/* Assume that image may cause SNP device to be removed */
|
|
|
|
|
snpdev = NULL;
|
|
|
|
|
|
2008-10-12 01:55:55 +01:00
|
|
|
/* Start the image */
|
2013-03-19 23:16:09 +00:00
|
|
|
if ( ( efirc = bs->StartImage ( handle, NULL, NULL ) ) != 0 ) {
|
2013-04-19 13:29:22 +01:00
|
|
|
rc = -EEFI_START ( efirc );
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not start (or returned with "
|
|
|
|
|
"error): %s\n", image->name, strerror ( rc ) );
|
2011-08-08 15:54:15 -04:00
|
|
|
goto err_start_image;
|
2008-10-12 01:55:55 +01:00
|
|
|
}
|
2010-05-27 20:08:28 -07:00
|
|
|
|
2020-10-01 16:07:23 +01:00
|
|
|
/* If image was a driver, connect it up to anything available */
|
|
|
|
|
if ( type == EfiBootServicesCode ) {
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s connecting drivers\n", image->name );
|
2020-10-01 16:07:23 +01:00
|
|
|
efi_driver_reconnect_all();
|
|
|
|
|
}
|
|
|
|
|
|
2011-08-08 15:54:15 -04:00
|
|
|
/* Success */
|
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
|
|
err_start_image:
|
2025-03-20 12:25:26 +00:00
|
|
|
efi_unwrap();
|
2014-03-14 14:16:05 +00:00
|
|
|
efi_snp_claim();
|
2011-08-08 15:54:15 -04:00
|
|
|
err_open_protocol:
|
2014-07-30 16:07:25 +01:00
|
|
|
/* If there was no error, then the image must have been
|
|
|
|
|
* started and returned successfully. It either unloaded
|
|
|
|
|
* itself, or it intended to remain loaded (e.g. it was a
|
|
|
|
|
* driver). We therefore do not unload successful images.
|
|
|
|
|
*
|
|
|
|
|
* If there was an error, attempt to unload the image. This
|
|
|
|
|
* may not work. In particular, there is no way to tell
|
|
|
|
|
* whether an error returned from StartImage() was due to
|
|
|
|
|
* being unable to start the image (in which case we probably
|
|
|
|
|
* should call UnloadImage()), or due to the image itself
|
|
|
|
|
* returning an error (in which case we probably should not
|
|
|
|
|
* call UnloadImage()). We therefore ignore any failures from
|
|
|
|
|
* the UnloadImage() call itself.
|
2008-10-12 01:55:55 +01:00
|
|
|
*/
|
2020-06-04 22:24:21 +01:00
|
|
|
err_load_image_security_violation:
|
2014-07-30 16:07:25 +01:00
|
|
|
if ( rc != 0 )
|
|
|
|
|
bs->UnloadImage ( handle );
|
2011-08-08 15:54:15 -04:00
|
|
|
err_load_image:
|
2023-05-22 14:11:22 +01:00
|
|
|
if ( shim )
|
|
|
|
|
efi_shim_uninstall();
|
|
|
|
|
err_shim_install:
|
2013-03-13 22:36:32 +00:00
|
|
|
free ( cmdline );
|
|
|
|
|
err_cmdline:
|
|
|
|
|
free ( path );
|
|
|
|
|
err_image_path:
|
2025-03-28 14:20:44 +00:00
|
|
|
efi_fdt_uninstall();
|
|
|
|
|
err_fdt_install:
|
2025-03-29 21:28:53 +00:00
|
|
|
efi_download_uninstall ( device );
|
2013-03-13 22:36:32 +00:00
|
|
|
err_download_install:
|
2025-03-29 21:28:53 +00:00
|
|
|
efi_pxe_uninstall ( device );
|
2015-09-01 21:23:34 +01:00
|
|
|
err_pxe_install:
|
2025-03-29 21:28:53 +00:00
|
|
|
efi_file_uninstall ( device );
|
2013-03-13 22:36:32 +00:00
|
|
|
err_file_install:
|
2023-05-05 14:46:42 +01:00
|
|
|
unregister_image ( image );
|
|
|
|
|
err_register_image:
|
|
|
|
|
image->flags ^= toggle;
|
2013-03-13 22:36:32 +00:00
|
|
|
err_no_snpdev:
|
2010-05-27 20:08:28 -07:00
|
|
|
return rc;
|
2008-10-12 01:55:55 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2011-03-07 00:37:50 +00:00
|
|
|
* Probe EFI image
|
2008-10-12 01:55:55 +01:00
|
|
|
*
|
|
|
|
|
* @v image EFI file
|
|
|
|
|
* @ret rc Return status code
|
|
|
|
|
*/
|
2011-03-07 00:37:50 +00:00
|
|
|
static int efi_image_probe ( struct image *image ) {
|
2008-10-12 01:55:55 +01:00
|
|
|
EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
|
2014-09-19 13:16:31 +01:00
|
|
|
static EFI_DEVICE_PATH_PROTOCOL empty_path = {
|
|
|
|
|
.Type = END_DEVICE_PATH_TYPE,
|
|
|
|
|
.SubType = END_ENTIRE_DEVICE_PATH_SUBTYPE,
|
|
|
|
|
.Length[0] = sizeof ( empty_path ),
|
|
|
|
|
};
|
2008-10-12 01:55:55 +01:00
|
|
|
EFI_HANDLE handle;
|
|
|
|
|
EFI_STATUS efirc;
|
2013-04-18 21:29:53 +01:00
|
|
|
int rc;
|
2008-10-12 01:55:55 +01:00
|
|
|
|
2025-04-30 14:14:51 +01:00
|
|
|
/* Attempt loading image
|
|
|
|
|
*
|
|
|
|
|
* LoadImage() does not (allegedly) modify the image content,
|
|
|
|
|
* but requires a non-const pointer to SourceBuffer. We
|
|
|
|
|
* therefore use the .rwdata field rather than .data.
|
|
|
|
|
*/
|
2020-06-04 22:24:21 +01:00
|
|
|
handle = NULL;
|
2014-09-19 13:16:31 +01:00
|
|
|
if ( ( efirc = bs->LoadImage ( FALSE, efi_image_handle, &empty_path,
|
2025-04-30 14:14:51 +01:00
|
|
|
image->rwdata, image->len,
|
2025-04-21 00:15:52 +01:00
|
|
|
&handle ) ) != 0 ) {
|
2008-10-12 01:55:55 +01:00
|
|
|
/* Not an EFI image */
|
2013-04-19 13:29:22 +01:00
|
|
|
rc = -EEFI_LOAD ( efirc );
|
2023-03-07 14:18:00 +00:00
|
|
|
DBGC ( image, "EFIIMAGE %s could not load: %s\n",
|
|
|
|
|
image->name, strerror ( rc ) );
|
2020-06-04 22:24:21 +01:00
|
|
|
if ( efirc == EFI_SECURITY_VIOLATION ) {
|
|
|
|
|
goto err_load_image_security_violation;
|
|
|
|
|
} else {
|
|
|
|
|
goto err_load_image;
|
|
|
|
|
}
|
2008-10-12 01:55:55 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Unload the image. We can't leave it loaded, because we
|
|
|
|
|
* have no "unload" operation.
|
|
|
|
|
*/
|
|
|
|
|
bs->UnloadImage ( handle );
|
|
|
|
|
|
|
|
|
|
return 0;
|
2020-06-04 22:24:21 +01:00
|
|
|
|
|
|
|
|
err_load_image_security_violation:
|
|
|
|
|
bs->UnloadImage ( handle );
|
|
|
|
|
err_load_image:
|
|
|
|
|
return rc;
|
2008-10-12 01:55:55 +01:00
|
|
|
}
|
|
|
|
|
|
2023-05-17 14:36:25 +01:00
|
|
|
/**
|
|
|
|
|
* Probe EFI PE image
|
|
|
|
|
*
|
|
|
|
|
* @v image EFI file
|
|
|
|
|
* @ret rc Return status code
|
|
|
|
|
*
|
|
|
|
|
* The extremely broken UEFI Secure Boot model provides no way for us
|
|
|
|
|
* to unambiguously determine that a valid EFI executable image was
|
|
|
|
|
* rejected by LoadImage() because it failed signature verification.
|
|
|
|
|
* We must therefore use heuristics to guess whether not an image that
|
|
|
|
|
* was rejected by LoadImage() could still be loaded via a separate PE
|
|
|
|
|
* loader such as the UEFI shim.
|
|
|
|
|
*/
|
|
|
|
|
static int efi_pe_image_probe ( struct image *image ) {
|
|
|
|
|
const UINT16 magic = ( ( sizeof ( UINTN ) == sizeof ( uint32_t ) ) ?
|
|
|
|
|
EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC :
|
|
|
|
|
EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC );
|
2025-04-25 00:49:27 +01:00
|
|
|
const EFI_IMAGE_DOS_HEADER *dos;
|
|
|
|
|
const EFI_IMAGE_OPTIONAL_HEADER_UNION *pe;
|
2023-05-17 14:36:25 +01:00
|
|
|
|
|
|
|
|
/* Check for existence of DOS header */
|
2025-04-25 00:49:27 +01:00
|
|
|
if ( image->len < sizeof ( *dos ) ) {
|
2023-05-17 14:36:25 +01:00
|
|
|
DBGC ( image, "EFIIMAGE %s too short for DOS header\n",
|
|
|
|
|
image->name );
|
|
|
|
|
return -ENOEXEC;
|
|
|
|
|
}
|
2025-04-25 00:49:27 +01:00
|
|
|
dos = image->data;
|
|
|
|
|
if ( dos->e_magic != EFI_IMAGE_DOS_SIGNATURE ) {
|
2023-05-17 14:36:25 +01:00
|
|
|
DBGC ( image, "EFIIMAGE %s missing MZ signature\n",
|
|
|
|
|
image->name );
|
|
|
|
|
return -ENOEXEC;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Check for existence of PE header */
|
2025-04-25 00:49:27 +01:00
|
|
|
if ( ( image->len < dos->e_lfanew ) ||
|
|
|
|
|
( ( image->len - dos->e_lfanew ) < sizeof ( *pe ) ) ) {
|
2023-05-17 14:36:25 +01:00
|
|
|
DBGC ( image, "EFIIMAGE %s too short for PE header\n",
|
|
|
|
|
image->name );
|
|
|
|
|
return -ENOEXEC;
|
|
|
|
|
}
|
2025-04-25 00:49:27 +01:00
|
|
|
pe = ( image->data + dos->e_lfanew );
|
|
|
|
|
if ( pe->Pe32.Signature != EFI_IMAGE_NT_SIGNATURE ) {
|
2023-05-17 14:36:25 +01:00
|
|
|
DBGC ( image, "EFIIMAGE %s missing PE signature\n",
|
|
|
|
|
image->name );
|
|
|
|
|
return -ENOEXEC;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Check PE header magic */
|
2025-04-25 00:49:27 +01:00
|
|
|
if ( pe->Pe32.OptionalHeader.Magic != magic ) {
|
2023-05-17 14:36:25 +01:00
|
|
|
DBGC ( image, "EFIIMAGE %s incorrect magic %04x\n",
|
2025-04-25 00:49:27 +01:00
|
|
|
image->name, pe->Pe32.OptionalHeader.Magic );
|
2023-05-17 14:36:25 +01:00
|
|
|
return -ENOEXEC;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** EFI image types */
|
|
|
|
|
struct image_type efi_image_type[] __image_type ( PROBE_NORMAL ) = {
|
|
|
|
|
{
|
|
|
|
|
.name = "EFI",
|
|
|
|
|
.probe = efi_image_probe,
|
|
|
|
|
.exec = efi_image_exec,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
.name = "EFIPE",
|
|
|
|
|
.probe = efi_pe_image_probe,
|
|
|
|
|
.exec = efi_image_exec,
|
|
|
|
|
},
|
2008-10-12 01:55:55 +01:00
|
|
|
};
|
