efi_64.c source code [linux/arch/x86/platform/efi/efi_64.c]

1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	* x86_64 specific EFI support functions
4	* Based on Extensible Firmware Interface Specification version 1.0
5	*
6	* Copyright (C) 2005-2008 Intel Co.
7	* Fenghua Yu <fenghua.yu@intel.com>
8	* Bibo Mao <bibo.mao@intel.com>
9	* Chandramouli Narayanan <mouli@linux.intel.com>
10	* Huang Ying <ying.huang@intel.com>
11	*
12	* Code to convert EFI to E820 map has been implemented in elilo bootloader
13	* based on a EFI patch by Edgar Hucek. Based on the E820 map, the page table
14	* is setup appropriately for EFI runtime code.
15	* - mouli 06/14/2007.
16	*
17	*/
18
19	#define pr_fmt(fmt) "efi: " fmt
20
21	#include <linux/kernel.h>
22	#include <linux/init.h>
23	#include <linux/mm.h>
24	#include <linux/types.h>
25	#include <linux/spinlock.h>
26	#include <linux/memblock.h>
27	#include <linux/ioport.h>
28	#include <linux/mc146818rtc.h>
29	#include <linux/efi.h>
30	#include <linux/export.h>
31	#include <linux/uaccess.h>
32	#include <linux/io.h>
33	#include <linux/reboot.h>
34	#include <linux/slab.h>
35	#include <linux/ucs2_string.h>
36	#include <linux/cc_platform.h>
37	#include <linux/sched/task.h>
38
39	#include <asm/setup.h>
40	#include <asm/page.h>
41	#include <asm/e820/api.h>
42	#include <asm/tlbflush.h>
43	#include <asm/proto.h>
44	#include <asm/efi.h>
45	#include <asm/cacheflush.h>
46	#include <asm/fixmap.h>
47	#include <asm/realmode.h>
48	#include <asm/time.h>
49	#include <asm/pgalloc.h>
50	#include <asm/sev.h>
51
52	/*
53	* We allocate runtime services regions top-down, starting from -4G, i.e.
54	* 0xffff_ffff_0000_0000 and limit EFI VA mapping space to 64G.
55	*/
56	static u64 efi_va = EFI_VA_START;
57	static struct mm_struct *efi_prev_mm;
58
59	/*
60	* We need our own copy of the higher levels of the page tables
61	* because we want to avoid inserting EFI region mappings (EFI_VA_END
62	* to EFI_VA_START) into the standard kernel page tables. Everything
63	* else can be shared, see efi_sync_low_kernel_mappings().
64	*
65	* We don't want the pgd on the pgd_list and cannot use pgd_alloc() for the
66	* allocation.
67	*/
68	int __init efi_alloc_page_tables(void)
69	{
70	pgd_t pgd, efi_pgd;
71	p4d_t *p4d;
72	pud_t *pud;
73	gfp_t gfp_mask;
74
75	gfp_mask = GFP_KERNEL \| __GFP_ZERO;
76	efi_pgd = (pgd_t *)__get_free_pages(gfp_mask, PGD_ALLOCATION_ORDER);
77	if (!efi_pgd)
78	goto fail;
79
80	pgd = efi_pgd + pgd_index(EFI_VA_END);
81	p4d = p4d_alloc(mm: &init_mm, pgd, EFI_VA_END);
82	if (!p4d)
83	goto free_pgd;
84
85	pud = pud_alloc(mm: &init_mm, p4d, EFI_VA_END);
86	if (!pud)
87	goto free_p4d;
88
89	efi_mm.pgd = efi_pgd;
90	mm_init_cpumask(mm: &efi_mm);
91	init_new_context(NULL, mm: &efi_mm);
92
93	return `0`;
94
95	free_p4d:
96	if (pgtable_l5_enabled())
97	free_page((unsigned long)pgd_page_vaddr(*pgd));
98	free_pgd:
99	free_pages(addr: (unsigned long)efi_pgd, PGD_ALLOCATION_ORDER);
100	fail:
101	return -ENOMEM;
102	}
103
104	/*
105	* Add low kernel mappings for passing arguments to EFI functions.
106	*/
107	void efi_sync_low_kernel_mappings(void)
108	{
109	unsigned num_entries;
110	pgd_t pgd_k, pgd_efi;
111	p4d_t p4d_k, p4d_efi;
112	pud_t pud_k, pud_efi;
113	pgd_t *efi_pgd = efi_mm.pgd;
114
115	pgd_efi = efi_pgd + pgd_index(PAGE_OFFSET);
116	pgd_k = pgd_offset_k(PAGE_OFFSET);
117
118	num_entries = pgd_index(EFI_VA_END) - pgd_index(PAGE_OFFSET);
119	memcpy(pgd_efi, pgd_k, sizeof(pgd_t) * num_entries);
120
121	pgd_efi = efi_pgd + pgd_index(EFI_VA_END);
122	pgd_k = pgd_offset_k(EFI_VA_END);
123	p4d_efi = p4d_offset(pgd: pgd_efi, address: `0`);
124	p4d_k = p4d_offset(pgd: pgd_k, address: `0`);
125
126	num_entries = p4d_index(EFI_VA_END);
127	memcpy(p4d_efi, p4d_k, sizeof(p4d_t) * num_entries);
128
129	/*
130	* We share all the PUD entries apart from those that map the
131	* EFI regions. Copy around them.
132	*/
133	BUILD_BUG_ON((EFI_VA_START & ~PUD_MASK) != `0`);
134	BUILD_BUG_ON((EFI_VA_END & ~PUD_MASK) != `0`);
135
136	p4d_efi = p4d_offset(pgd: pgd_efi, EFI_VA_END);
137	p4d_k = p4d_offset(pgd: pgd_k, EFI_VA_END);
138	pud_efi = pud_offset(p4d: p4d_efi, address: `0`);
139	pud_k = pud_offset(p4d: p4d_k, address: `0`);
140
141	num_entries = pud_index(EFI_VA_END);
142	memcpy(pud_efi, pud_k, sizeof(pud_t) * num_entries);
143
144	pud_efi = pud_offset(p4d: p4d_efi, EFI_VA_START);
145	pud_k = pud_offset(p4d: p4d_k, EFI_VA_START);
146
147	num_entries = PTRS_PER_PUD - pud_index(EFI_VA_START);
148	memcpy(pud_efi, pud_k, sizeof(pud_t) * num_entries);
149	}
150
151	/*
152	* Wrapper for slow_virt_to_phys() that handles NULL addresses.
153	*/
154	static inline phys_addr_t
155	virt_to_phys_or_null_size(void va, unsigned* long size)
156	{
157	phys_addr_t pa;
158
159	if (!va)
160	return `0`;
161
162	if (virt_addr_valid(va))
163	return virt_to_phys(address: va);
164
165	pa = slow_virt_to_phys(address: va);
166
167	/ check if the object crosses a page boundary /
168	if (WARN_ON((pa ^ (pa + size - `1`)) & PAGE_MASK))
169	return `0`;
170
171	return pa;
172	}
173
174	#define virt_to_phys_or_null(addr) \
175	virt_to_phys_or_null_size((addr), sizeof(*(addr)))
176
177	int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
178	{
179	extern const u8 __efi64_thunk_ret_tramp[];
180	unsigned long pfn, text, pf, rodata, tramp;
181	struct page *page;
182	unsigned npages;
183	pgd_t *pgd = efi_mm.pgd;
184
185	/*
186	* It can happen that the physical address of new_memmap lands in memory
187	* which is not mapped in the EFI page table. Therefore we need to go
188	* and ident-map those pages containing the map before calling
189	* phys_efi_set_virtual_address_map().
190	*/
191	pfn = pa_memmap >> PAGE_SHIFT;
192	pf = _PAGE_NX \| _PAGE_RW \| _PAGE_ENC;
193	if (kernel_map_pages_in_pgd(pgd, pfn, address: pa_memmap, numpages: num_pages, page_flags: pf)) {
194	pr_err("Error ident-mapping new memmap (0x%lx)!\n", pa_memmap);
195	return `1`;
196	}
197
198	/*
199	* Certain firmware versions are way too sentimental and still believe
200	* they are exclusive and unquestionable owners of the first physical page,
201	* even though they explicitly mark it as EFI_CONVENTIONAL_MEMORY
202	* (but then write-access it later during SetVirtualAddressMap()).
203	*
204	* Create a 1:1 mapping for this page, to avoid triple faults during early
205	* boot with such firmware. We are free to hand this page to the BIOS,
206	* as trim_bios_range() will reserve the first page and isolate it away
207	* from memory allocators anyway.
208	*/
209	if (kernel_map_pages_in_pgd(pgd, pfn: `0x0`, address: `0x0`, numpages: `1`, page_flags: pf)) {
210	pr_err("Failed to create 1:1 mapping for the first page!\n");
211	return `1`;
212	}
213
214	/*
215	* When SEV-ES is active, the GHCB as set by the kernel will be used
216	* by firmware. Create a 1:1 unencrypted mapping for each GHCB.
217	*/
218	if (sev_es_efi_map_ghcbs(pgd)) {
219	pr_err("Failed to create 1:1 mapping for the GHCBs!\n");
220	return `1`;
221	}
222
223	/*
224	* When making calls to the firmware everything needs to be 1:1
225	* mapped and addressable with 32-bit pointers. Map the kernel
226	* text and allocate a new stack because we can't rely on the
227	* stack pointer being < 4GB.
228	*/
229	if (!efi_is_mixed())
230	return `0`;
231
232	page = alloc_page(GFP_KERNEL\|__GFP_DMA32);
233	if (!page) {
234	pr_err("Unable to allocate EFI runtime stack < 4GB\n");
235	return `1`;
236	}
237
238	efi_mixed_mode_stack_pa = page_to_phys(page + `1`); / stack grows down /
239
240	npages = (_etext - _text) >> PAGE_SHIFT;
241	text = __pa(_text);
242
243	if (kernel_unmap_pages_in_pgd(pgd, address: text, numpages: npages)) {
244	pr_err("Failed to unmap kernel text 1:1 mapping\n");
245	return `1`;
246	}
247
248	npages = (__end_rodata - __start_rodata) >> PAGE_SHIFT;
249	rodata = __pa(__start_rodata);
250	pfn = rodata >> PAGE_SHIFT;
251
252	pf = _PAGE_NX \| _PAGE_ENC;
253	if (kernel_map_pages_in_pgd(pgd, pfn, address: rodata, numpages: npages, page_flags: pf)) {
254	pr_err("Failed to map kernel rodata 1:1\n");
255	return `1`;
256	}
257
258	tramp = __pa(__efi64_thunk_ret_tramp);
259	pfn = tramp >> PAGE_SHIFT;
260
261	pf = _PAGE_ENC;
262	if (kernel_map_pages_in_pgd(pgd, pfn, address: tramp, numpages: `1`, page_flags: pf)) {
263	pr_err("Failed to map mixed mode return trampoline\n");
264	return `1`;
265	}
266
267	return `0`;
268	}
269
270	static void __init __map_region(efi_memory_desc_t *md, u64 va)
271	{
272	unsigned long flags = _PAGE_RW;
273	unsigned long pfn;
274	pgd_t *pgd = efi_mm.pgd;
275
276	/*
277	* EFI_RUNTIME_SERVICES_CODE regions typically cover PE/COFF
278	* executable images in memory that consist of both R-X and
279	* RW- sections, so we cannot apply read-only or non-exec
280	* permissions just yet. However, modern EFI systems provide
281	* a memory attributes table that describes those sections
282	* with the appropriate restricted permissions, which are
283	* applied in efi_runtime_update_mappings() below. All other
284	* regions can be mapped non-executable at this point, with
285	* the exception of boot services code regions, but those will
286	* be unmapped again entirely in efi_free_boot_services().
287	*/
288	if (md->type != EFI_BOOT_SERVICES_CODE &&
289	md->type != EFI_RUNTIME_SERVICES_CODE)
290	flags \|= _PAGE_NX;
291
292	if (!(md->attribute & EFI_MEMORY_WB))
293	flags \|= _PAGE_PCD;
294
295	if (cc_platform_has(attr: CC_ATTR_GUEST_MEM_ENCRYPT) &&
296	md->type != EFI_MEMORY_MAPPED_IO)
297	flags \|= _PAGE_ENC;
298
299	pfn = md->phys_addr >> PAGE_SHIFT;
300	if (kernel_map_pages_in_pgd(pgd, pfn, address: va, numpages: md->num_pages, page_flags: flags))
301	pr_warn("Error mapping PA 0x%llx -> VA 0x%llx!\n",
302	md->phys_addr, va);
303	}
304
305	void __init efi_map_region(efi_memory_desc_t *md)
306	{
307	unsigned long size = md->num_pages << PAGE_SHIFT;
308	u64 pa = md->phys_addr;
309
310	/*
311	* Make sure the 1:1 mappings are present as a catch-all for b0rked
312	* firmware which doesn't update all internal pointers after switching
313	* to virtual mode and would otherwise crap on us.
314	*/
315	__map_region(md, va: md->phys_addr);
316
317	/*
318	* Enforce the 1:1 mapping as the default virtual address when
319	* booting in EFI mixed mode, because even though we may be
320	* running a 64-bit kernel, the firmware may only be 32-bit.
321	*/
322	if (efi_is_mixed()) {
323	md->virt_addr = md->phys_addr;
324	return;
325	}
326
327	efi_va -= size;
328
329	/ Is PA 2M-aligned? /
330	if (!(pa & (PMD_SIZE - `1`))) {
331	efi_va &= PMD_MASK;
332	} else {
333	u64 pa_offset = pa & (PMD_SIZE - `1`);
334	u64 prev_va = efi_va;
335
336	/ get us the same offset within this 2M page /
337	efi_va = (efi_va & PMD_MASK) + pa_offset;
338
339	if (efi_va > prev_va)
340	efi_va -= PMD_SIZE;
341	}
342
343	if (efi_va < EFI_VA_END) {
344	pr_warn(FW_WARN "VA address range overflow!\n");
345	return;
346	}
347
348	/ Do the VA map /
349	__map_region(md, va: efi_va);
350	md->virt_addr = efi_va;
351	}
352
353	/*
354	* kexec kernel will use efi_map_region_fixed to map efi runtime memory ranges.
355	* md->virt_addr is the original virtual address which had been mapped in kexec
356	* 1st kernel.
357	*/
358	void __init efi_map_region_fixed(efi_memory_desc_t *md)
359	{
360	__map_region(md, va: md->phys_addr);
361	__map_region(md, va: md->virt_addr);
362	}
363
364	void __init parse_efi_setup(u64 phys_addr, u32 data_len)
365	{
366	efi_setup = phys_addr + sizeof(struct setup_data);
367	}
368
369	static int __init efi_update_mappings(efi_memory_desc_t md, unsigned* long pf)
370	{
371	unsigned long pfn;
372	pgd_t *pgd = efi_mm.pgd;
373	int err1, err2;
374
375	/ Update the 1:1 mapping /
376	pfn = md->phys_addr >> PAGE_SHIFT;
377	err1 = kernel_map_pages_in_pgd(pgd, pfn, address: md->phys_addr, numpages: md->num_pages, page_flags: pf);
378	if (err1) {
379	pr_err("Error while updating 1:1 mapping PA 0x%llx -> VA 0x%llx!\n",
380	md->phys_addr, md->virt_addr);
381	}
382
383	err2 = kernel_map_pages_in_pgd(pgd, pfn, address: md->virt_addr, numpages: md->num_pages, page_flags: pf);
384	if (err2) {
385	pr_err("Error while updating VA mapping PA 0x%llx -> VA 0x%llx!\n",
386	md->phys_addr, md->virt_addr);
387	}
388
389	return err1 \|\| err2;
390	}
391
392	bool efi_disable_ibt_for_runtime __ro_after_init = true;
393
394	static int __init efi_update_mem_attr(struct mm_struct mm, efi_memory_desc_t md,
395	bool has_ibt)
396	{
397	unsigned long pf = `0`;
398
399	efi_disable_ibt_for_runtime \|= !has_ibt;
400
401	if (md->attribute & EFI_MEMORY_XP)
402	pf \|= _PAGE_NX;
403
404	if (!(md->attribute & EFI_MEMORY_RO))
405	pf \|= _PAGE_RW;
406
407	if (cc_platform_has(attr: CC_ATTR_GUEST_MEM_ENCRYPT))
408	pf \|= _PAGE_ENC;
409
410	return efi_update_mappings(md, pf);
411	}
412
413	void __init efi_runtime_update_mappings(void)
414	{
415	efi_memory_desc_t *md;
416
417	/*
418	* Use the EFI Memory Attribute Table for mapping permissions if it
419	* exists, since it is intended to supersede EFI_PROPERTIES_TABLE.
420	*/
421	if (efi_enabled(EFI_MEM_ATTR)) {
422	efi_disable_ibt_for_runtime = false;
423	efi_memattr_apply_permissions(NULL, fn: efi_update_mem_attr);
424	return;
425	}
426
427	/*
428	* EFI_MEMORY_ATTRIBUTES_TABLE is intended to replace
429	* EFI_PROPERTIES_TABLE. So, use EFI_PROPERTIES_TABLE to update
430	* permissions only if EFI_MEMORY_ATTRIBUTES_TABLE is not
431	* published by the firmware. Even if we find a buggy implementation of
432	* EFI_MEMORY_ATTRIBUTES_TABLE, don't fall back to
433	* EFI_PROPERTIES_TABLE, because of the same reason.
434	*/
435
436	if (!efi_enabled(EFI_NX_PE_DATA))
437	return;
438
439	for_each_efi_memory_desc(md) {
440	unsigned long pf = `0`;
441
442	if (!(md->attribute & EFI_MEMORY_RUNTIME))
443	continue;
444
445	if (!(md->attribute & EFI_MEMORY_WB))
446	pf \|= _PAGE_PCD;
447
448	if ((md->attribute & EFI_MEMORY_XP) \|\|
449	(md->type == EFI_RUNTIME_SERVICES_DATA))
450	pf \|= _PAGE_NX;
451
452	if (!(md->attribute & EFI_MEMORY_RO) &&
453	(md->type != EFI_RUNTIME_SERVICES_CODE))
454	pf \|= _PAGE_RW;
455
456	if (cc_platform_has(attr: CC_ATTR_GUEST_MEM_ENCRYPT))
457	pf \|= _PAGE_ENC;
458
459	efi_update_mappings(md, pf);
460	}
461	}
462
463	void __init efi_dump_pagetable(void)
464	{
465	#ifdef CONFIG_EFI_PGT_DUMP
466	ptdump_walk_pgd_level(NULL, mm: &efi_mm);
467	#endif
468	}
469
470	/*
471	* Makes the calling thread switch to/from efi_mm context. Can be used
472	* in a kernel thread and user context. Preemption needs to remain disabled
473	* while the EFI-mm is borrowed. mmgrab()/mmdrop() is not used because the mm
474	* can not change under us.
475	* It should be ensured that there are no concurrent calls to this function.
476	*/
477	static void efi_enter_mm(void)
478	{
479	efi_prev_mm = current->active_mm;
480	current->active_mm = &efi_mm;
481	switch_mm(prev: efi_prev_mm, next: &efi_mm, NULL);
482	}
483
484	static void efi_leave_mm(void)
485	{
486	current->active_mm = efi_prev_mm;
487	switch_mm(prev: &efi_mm, next: efi_prev_mm, NULL);
488	}
489
490	void arch_efi_call_virt_setup(void)
491	{
492	efi_sync_low_kernel_mappings();
493	efi_fpu_begin();
494	firmware_restrict_branch_speculation_start();
495	efi_enter_mm();
496	}
497
498	void arch_efi_call_virt_teardown(void)
499	{
500	efi_leave_mm();
501	firmware_restrict_branch_speculation_end();
502	efi_fpu_end();
503	}
504
505	static DEFINE_SPINLOCK(efi_runtime_lock);
506
507	/*
508	* DS and ES contain user values. We need to save them.
509	* The 32-bit EFI code needs a valid DS, ES, and SS. There's no
510	* need to save the old SS: __KERNEL_DS is always acceptable.
511	*/
512	#define __efi_thunk(func, ...) \
513	({ \
514	unsigned short __ds, __es; \
515	efi_status_t ____s; \
516	\
517	savesegment(ds, __ds); \
518	savesegment(es, __es); \
519	\
520	loadsegment(ss, __KERNEL_DS); \
521	loadsegment(ds, __KERNEL_DS); \
522	loadsegment(es, __KERNEL_DS); \
523	\
524	____s = efi64_thunk(efi.runtime->mixed_mode.func, __VA_ARGS__); \
525	\
526	loadsegment(ds, __ds); \
527	loadsegment(es, __es); \
528	\
529	____s ^= (____s & BIT(31)) \| (____s & BIT_ULL(31)) << 32; \
530	____s; \
531	})
532
533	/*
534	* Switch to the EFI page tables early so that we can access the 1:1
535	* runtime services mappings which are not mapped in any other page
536	* tables.
537	*
538	* Also, disable interrupts because the IDT points to 64-bit handlers,
539	* which aren't going to function correctly when we switch to 32-bit.
540	*/
541	#define efi_thunk(func...) \
542	({ \
543	efi_status_t __s; \
544	\
545	arch_efi_call_virt_setup(); \
546	\
547	__s = __efi_thunk(func); \
548	\
549	arch_efi_call_virt_teardown(); \
550	\
551	__s; \
552	})
553
554	static efi_status_t __init __no_sanitize_address
555	efi_thunk_set_virtual_address_map(unsigned long memory_map_size,
556	unsigned long descriptor_size,
557	u32 descriptor_version,
558	efi_memory_desc_t *virtual_map)
559	{
560	efi_status_t status;
561	unsigned long flags;
562
563	efi_sync_low_kernel_mappings();
564	local_irq_save(flags);
565
566	efi_enter_mm();
567
568	status = __efi_thunk(set_virtual_address_map, memory_map_size,
569	descriptor_size, descriptor_version, virtual_map);
570
571	efi_leave_mm();
572	local_irq_restore(flags);
573
574	return status;
575	}
576
577	static efi_status_t efi_thunk_get_time(efi_time_t tm, efi_time_cap_t tc)
578	{
579	return EFI_UNSUPPORTED;
580	}
581
582	static efi_status_t efi_thunk_set_time(efi_time_t *tm)
583	{
584	return EFI_UNSUPPORTED;
585	}
586
587	static efi_status_t
588	efi_thunk_get_wakeup_time(efi_bool_t enabled, efi_bool_t pending,
589	efi_time_t *tm)
590	{
591	return EFI_UNSUPPORTED;
592	}
593
594	static efi_status_t
595	efi_thunk_set_wakeup_time(efi_bool_t enabled, efi_time_t *tm)
596	{
597	return EFI_UNSUPPORTED;
598	}
599
600	static unsigned long efi_name_size(efi_char16_t *name)
601	{
602	return ucs2_strsize(data: name, EFI_VAR_NAME_LEN) + `1`;
603	}
604
605	static efi_status_t
606	efi_thunk_get_variable(efi_char16_t name, efi_guid_t vendor,
607	u32 attr, unsigned* long data_size, void* *data)
608	{
609	u8 buf[`24`] __aligned(`8`);
610	efi_guid_t vnd = PTR_ALIGN((efi_guid_t )buf, sizeof(*vnd));
611	efi_status_t status;
612	u32 phys_name, phys_vendor, phys_attr;
613	u32 phys_data_size, phys_data;
614	unsigned long flags;
615
616	spin_lock_irqsave(&efi_runtime_lock, flags);
617
618	vnd = vendor;
619
620	phys_data_size = virt_to_phys_or_null(data_size);
621	phys_vendor = virt_to_phys_or_null(vnd);
622	phys_name = virt_to_phys_or_null_size(va: name, size: efi_name_size(name));
623	phys_attr = virt_to_phys_or_null(attr);
624	phys_data = virt_to_phys_or_null_size(va: data, size: *data_size);
625
626	if (!phys_name \|\| (data && !phys_data))
627	status = EFI_INVALID_PARAMETER;
628	else
629	status = efi_thunk(get_variable, phys_name, phys_vendor,
630	phys_attr, phys_data_size, phys_data);
631
632	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
633
634	return status;
635	}
636
637	static efi_status_t
638	efi_thunk_set_variable(efi_char16_t name, efi_guid_t vendor,
639	u32 attr, unsigned long data_size, void *data)
640	{
641	u8 buf[`24`] __aligned(`8`);
642	efi_guid_t vnd = PTR_ALIGN((efi_guid_t )buf, sizeof(*vnd));
643	u32 phys_name, phys_vendor, phys_data;
644	efi_status_t status;
645	unsigned long flags;
646
647	spin_lock_irqsave(&efi_runtime_lock, flags);
648
649	vnd = vendor;
650
651	phys_name = virt_to_phys_or_null_size(va: name, size: efi_name_size(name));
652	phys_vendor = virt_to_phys_or_null(vnd);
653	phys_data = virt_to_phys_or_null_size(va: data, size: data_size);
654
655	if (!phys_name \|\| (data && !phys_data))
656	status = EFI_INVALID_PARAMETER;
657	else
658	status = efi_thunk(set_variable, phys_name, phys_vendor,
659	attr, data_size, phys_data);
660
661	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
662
663	return status;
664	}
665
666	static efi_status_t
667	efi_thunk_set_variable_nonblocking(efi_char16_t name, efi_guid_t vendor,
668	u32 attr, unsigned long data_size,
669	void *data)
670	{
671	u8 buf[`24`] __aligned(`8`);
672	efi_guid_t vnd = PTR_ALIGN((efi_guid_t )buf, sizeof(*vnd));
673	u32 phys_name, phys_vendor, phys_data;
674	efi_status_t status;
675	unsigned long flags;
676
677	if (!spin_trylock_irqsave(&efi_runtime_lock, flags))
678	return EFI_NOT_READY;
679
680	vnd = vendor;
681
682	phys_name = virt_to_phys_or_null_size(va: name, size: efi_name_size(name));
683	phys_vendor = virt_to_phys_or_null(vnd);
684	phys_data = virt_to_phys_or_null_size(va: data, size: data_size);
685
686	if (!phys_name \|\| (data && !phys_data))
687	status = EFI_INVALID_PARAMETER;
688	else
689	status = efi_thunk(set_variable, phys_name, phys_vendor,
690	attr, data_size, phys_data);
691
692	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
693
694	return status;
695	}
696
697	static efi_status_t
698	efi_thunk_get_next_variable(unsigned long *name_size,
699	efi_char16_t *name,
700	efi_guid_t *vendor)
701	{
702	u8 buf[`24`] __aligned(`8`);
703	efi_guid_t vnd = PTR_ALIGN((efi_guid_t )buf, sizeof(*vnd));
704	efi_status_t status;
705	u32 phys_name_size, phys_name, phys_vendor;
706	unsigned long flags;
707
708	spin_lock_irqsave(&efi_runtime_lock, flags);
709
710	vnd = vendor;
711
712	phys_name_size = virt_to_phys_or_null(name_size);
713	phys_vendor = virt_to_phys_or_null(vnd);
714	phys_name = virt_to_phys_or_null_size(va: name, size: *name_size);
715
716	if (!phys_name)
717	status = EFI_INVALID_PARAMETER;
718	else
719	status = efi_thunk(get_next_variable, phys_name_size,
720	phys_name, phys_vendor);
721
722	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
723
724	vendor = vnd;
725	return status;
726	}
727
728	static efi_status_t
729	efi_thunk_get_next_high_mono_count(u32 *count)
730	{
731	return EFI_UNSUPPORTED;
732	}
733
734	static void
735	efi_thunk_reset_system(int reset_type, efi_status_t status,
736	unsigned long data_size, efi_char16_t *data)
737	{
738	u32 phys_data;
739	unsigned long flags;
740
741	spin_lock_irqsave(&efi_runtime_lock, flags);
742
743	phys_data = virt_to_phys_or_null_size(va: data, size: data_size);
744
745	efi_thunk(reset_system, reset_type, status, data_size, phys_data);
746
747	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
748	}
749
750	static efi_status_t
751	efi_thunk_update_capsule(efi_capsule_header_t **capsules,
752	unsigned long count, unsigned long sg_list)
753	{
754	/*
755	* To properly support this function we would need to repackage
756	* 'capsules' because the firmware doesn't understand 64-bit
757	* pointers.
758	*/
759	return EFI_UNSUPPORTED;
760	}
761
762	static efi_status_t
763	efi_thunk_query_variable_info(u32 attr, u64 *storage_space,
764	u64 *remaining_space,
765	u64 *max_variable_size)
766	{
767	efi_status_t status;
768	u32 phys_storage, phys_remaining, phys_max;
769	unsigned long flags;
770
771	if (efi.runtime_version < EFI_2_00_SYSTEM_TABLE_REVISION)
772	return EFI_UNSUPPORTED;
773
774	spin_lock_irqsave(&efi_runtime_lock, flags);
775
776	phys_storage = virt_to_phys_or_null(storage_space);
777	phys_remaining = virt_to_phys_or_null(remaining_space);
778	phys_max = virt_to_phys_or_null(max_variable_size);
779
780	status = efi_thunk(query_variable_info, attr, phys_storage,
781	phys_remaining, phys_max);
782
783	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
784
785	return status;
786	}
787
788	static efi_status_t
789	efi_thunk_query_variable_info_nonblocking(u32 attr, u64 *storage_space,
790	u64 *remaining_space,
791	u64 *max_variable_size)
792	{
793	efi_status_t status;
794	u32 phys_storage, phys_remaining, phys_max;
795	unsigned long flags;
796
797	if (efi.runtime_version < EFI_2_00_SYSTEM_TABLE_REVISION)
798	return EFI_UNSUPPORTED;
799
800	if (!spin_trylock_irqsave(&efi_runtime_lock, flags))
801	return EFI_NOT_READY;
802
803	phys_storage = virt_to_phys_or_null(storage_space);
804	phys_remaining = virt_to_phys_or_null(remaining_space);
805	phys_max = virt_to_phys_or_null(max_variable_size);
806
807	status = efi_thunk(query_variable_info, attr, phys_storage,
808	phys_remaining, phys_max);
809
810	spin_unlock_irqrestore(lock: &efi_runtime_lock, flags);
811
812	return status;
813	}
814
815	static efi_status_t
816	efi_thunk_query_capsule_caps(efi_capsule_header_t **capsules,
817	unsigned long count, u64 *max_size,
818	int *reset_type)
819	{
820	/*
821	* To properly support this function we would need to repackage
822	* 'capsules' because the firmware doesn't understand 64-bit
823	* pointers.
824	*/
825	return EFI_UNSUPPORTED;
826	}
827
828	void __init efi_thunk_runtime_setup(void)
829	{
830	if (!IS_ENABLED(CONFIG_EFI_MIXED))
831	return;
832
833	efi.get_time = efi_thunk_get_time;
834	efi.set_time = efi_thunk_set_time;
835	efi.get_wakeup_time = efi_thunk_get_wakeup_time;
836	efi.set_wakeup_time = efi_thunk_set_wakeup_time;
837	efi.get_variable = efi_thunk_get_variable;
838	efi.get_next_variable = efi_thunk_get_next_variable;
839	efi.set_variable = efi_thunk_set_variable;
840	efi.set_variable_nonblocking = efi_thunk_set_variable_nonblocking;
841	efi.get_next_high_mono_count = efi_thunk_get_next_high_mono_count;
842	efi.reset_system = efi_thunk_reset_system;
843	efi.query_variable_info = efi_thunk_query_variable_info;
844	efi.query_variable_info_nonblocking = efi_thunk_query_variable_info_nonblocking;
845	efi.update_capsule = efi_thunk_update_capsule;
846	efi.query_capsule_caps = efi_thunk_query_capsule_caps;
847	}
848
849	efi_status_t __init __no_sanitize_address
850	efi_set_virtual_address_map(unsigned long memory_map_size,
851	unsigned long descriptor_size,
852	u32 descriptor_version,
853	efi_memory_desc_t *virtual_map,
854	unsigned long systab_phys)
855	{
856	const efi_system_table_t systab = (efi_system_table_t )systab_phys;
857	efi_status_t status;
858	unsigned long flags;
859
860	if (efi_is_mixed())
861	return efi_thunk_set_virtual_address_map(memory_map_size,
862	descriptor_size,
863	descriptor_version,
864	virtual_map);
865	efi_enter_mm();
866
867	efi_fpu_begin();
868
869	/ Disable interrupts around EFI calls: /
870	local_irq_save(flags);
871	status = arch_efi_call_virt(efi.runtime, set_virtual_address_map,
872	memory_map_size, descriptor_size,
873	descriptor_version, virtual_map);
874	local_irq_restore(flags);
875
876	efi_fpu_end();
877
878	/ grab the virtually remapped EFI runtime services table pointer /
879	efi.runtime = READ_ONCE(systab->runtime);
880
881	efi_leave_mm();
882
883	return status;
884	}
885

source code of linux/arch/x86/platform/efi/efi_64.c