From patchwork Tue Aug 9 08:09:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 596277 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3295CC19F2D for ; Tue, 9 Aug 2022 08:10:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233614AbiHIIKr (ORCPT ); Tue, 9 Aug 2022 04:10:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54342 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233351AbiHIIKr (ORCPT ); Tue, 9 Aug 2022 04:10:47 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 50567BF7B for ; Tue, 9 Aug 2022 01:10:46 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E18F8612E6 for ; Tue, 9 Aug 2022 08:10:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 588A0C433C1; Tue, 9 Aug 2022 08:10:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1660032645; bh=811jnPqLnkp6atI8McTN6peGWiDf8Xq+/StSpgTNa58=; h=From:To:Cc:Subject:Date:From; b=tPDUzTfu+Cwd+9AJd9TgPPdrSaZFf855qIoGPXO5aD7Crz2gQAf4kCIvoyOj226Tb /f1Mku4UTyUmazt2c6fJCRSJrOO3THduDA2VTMP0j1u/ymFrrFN/fdgb1Xk+noeZlL lxed5jnNtYFfZEykMTX5xwoCIxUhoWWCRnEjYbC1n+Rw/Vvoo28IyQohnVNuJgvKa1 kUBsLWhGb8p2NQH+Pg16QFxKM9VHWJivVjvg/yBHM5M+x35E4WtbZupjihoRKlAsFH jQszVAqYMOVHy6p8BNQQuNYu5CxESiGaOPtKUmvxPWH1DYg9ijYXBEmUX+5aEUocJG VcRtduf2Vf5lw== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: catalin.marinas@arm.com, will@kernel.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Lennart Poettering Subject: [PATCH v2 0/6] efi: implement generic compressed boot support Date: Tue, 9 Aug 2022 10:09:38 +0200 Message-Id: <20220809080944.1119654-1-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4138; i=ardb@kernel.org; h=from:subject; bh=811jnPqLnkp6atI8McTN6peGWiDf8Xq+/StSpgTNa58=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBi8hY5pLxBBkQN7Pgapqn8GV+srZmd1WQVdtvu4rx6 g/inUdSJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYvIWOQAKCRDDTyI5ktmPJMhHC/ 4/rCJm7EWWFrNv+7iWmV9KagQAodZLOHEmzRypY3QcVUQTC8/UhZ5mp8BNvtsUmPSQ119eWs6lJl5Z IwnCGg+W3r52YAUv+hXg5xJacnAcu6ir6U+5gcCxN6DtYwBHIVWe9KkDM40h2bAA8i3EFNbJV/3d6f CLRh60Ed2/WNK5w1Rr0FHf2S6z6+ravmBMBSFOW818z8db4bTBYYgc24teZO1XxtzymoBlyR2EwTCZ sisQzM2jDH01bo4K+TeZp3zC04fLEfN5lgXRp+0bqh7Nk4BMBf6MtwEtJUVAFaHyrvwDDVlTNT6uA4 +/qm1LeNwIM3Q0PM56G6IeYJ5l2FsJy/IUpIRK9QrHo1EinL0ruQIay7ldxbZA9IvhtfVrM91S+97R bKgKTK9Gowxoq8Kt+Jg0a+oVR8glsw8kBSHPAbJt881SPYXXU2KJZBf96ugFSkUGn7yOOq08s7c+DJ 0fj90ddne5ZHuxfwzSTZ4Z5+4BC9/8tef9SCGp42t1b7Q= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Relatively modern architectures such as arm64 or RISC-V don't implement a self-decompressing kernel, and leave it up to the bootloader to decompress the compressed image before executing it. For bare metal boot, this policy makes sense, as a self-decompressing image essentially duplicates a lot of fiddly preparation work to create a 1:1 mapping and set up the C runtime, and to discover or infer where DRAM lives from device trees or other firmware tables. For EFI boot, the situation is a bit different: the EFI entrypoint is called with a 1:1 cached mapping covering all of DRAM already active, and with a stack, a heap, a memory map and boot services to load and start images. This means it is rather trivial to implement a self-decompressing wrapper for EFI boot in a generic manner, and reuse it across architectures that implement EFI boot. The only slight downside is that when UEFI secure boot is enabled, the generic LoadImage/StartImage only allow signed images to be loaded and started, and we prefer to avoid the need to sign both the inner and outer PE/COFF images. This series adopts the EFI shim approach, i.e., to override an internal UEFI/PI protocol that is used by the image loader, to allow the inner image to be booted after decompression. This has been tested to work with Tianocore based EFI implementations on arm64, but u-boot will need some interoperability tweaks as well, ideally just a protocol that exposes a LoadImage/StartImage combo that the decompresor can use directly to circumvent the signature check. (Note that EFI apps have full control over the CPU, page tables, etc. so having code that circumvents authentication checks is not as crazy as it sounds, given that the app can do anything it pleases already.) The code is wired up for arm64 and RISC-V. The latter was build tested only. Cc: "James E.J. Bottomley" Cc: Matthew Garrett Cc: Peter Jones Cc: Ilias Apalodimas Cc: Heinrich Schuchardt Cc: AKASHI Takahiro Cc: Palmer Dabbelt Cc: Atish Patra Cc: Arnd Bergmann Cc: Huacai Chen Cc: Lennart Poettering Ard Biesheuvel (6): efi: stub: add some missing boot service prototypes efi: stub: split off printk() routines efi: stub: move efi_system_table global var into separate object efi: stub: implement generic EFI zboot arm64: efi: enable generic EFI compressed boot riscv: efi: enable generic EFI compressed boot arch/arm64/Makefile | 5 + arch/arm64/boot/Makefile | 12 ++ arch/riscv/Makefile | 5 + arch/riscv/boot/Makefile | 14 ++ drivers/firmware/efi/Kconfig | 9 + drivers/firmware/efi/libstub/Makefile | 7 +- drivers/firmware/efi/libstub/Makefile.zboot | 30 +++ drivers/firmware/efi/libstub/efi-stub-helper.c | 141 --------------- drivers/firmware/efi/libstub/efi-stub.c | 2 - drivers/firmware/efi/libstub/efistub.h | 12 +- drivers/firmware/efi/libstub/printk.c | 158 ++++++++++++++++ drivers/firmware/efi/libstub/systable.c | 8 + drivers/firmware/efi/libstub/zboot-header.S | 144 +++++++++++++++ drivers/firmware/efi/libstub/zboot.c | 191 ++++++++++++++++++++ drivers/firmware/efi/libstub/zboot.lds | 41 +++++ include/linux/efi.h | 2 + 16 files changed, 633 insertions(+), 148 deletions(-) create mode 100644 drivers/firmware/efi/libstub/Makefile.zboot create mode 100644 drivers/firmware/efi/libstub/printk.c create mode 100644 drivers/firmware/efi/libstub/systable.c create mode 100644 drivers/firmware/efi/libstub/zboot-header.S create mode 100644 drivers/firmware/efi/libstub/zboot.c create mode 100644 drivers/firmware/efi/libstub/zboot.lds