/** @file
Stateful and implicitly initialized fw_cfg library implementation.
Copyright (C) 2013 - 2014, Red Hat, Inc.
Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
(C) Copyright 2021 Hewlett Packard Enterprise Development LP
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include
#include
#include
#include
#include
#include
#include
#include
STATIC UINTN mFwCfgSelectorAddress;
STATIC UINTN mFwCfgDataAddress;
STATIC UINTN mFwCfgDmaAddress;
/**
Reads firmware configuration bytes into a buffer
@param[in] Size Size in bytes to read
@param[in] Buffer Buffer to store data into (OPTIONAL if Size is 0)
**/
typedef
VOID(EFIAPI READ_BYTES_FUNCTION)(
IN UINTN Size,
IN VOID *Buffer OPTIONAL
);
/**
Writes bytes from a buffer to firmware configuration
@param[in] Size Size in bytes to write
@param[in] Buffer Buffer to transfer data from (OPTIONAL if Size is 0)
**/
typedef
VOID(EFIAPI WRITE_BYTES_FUNCTION)(
IN UINTN Size,
IN VOID *Buffer OPTIONAL
);
/**
Skips bytes in firmware configuration
@param[in] Size Size in bytes to skip
**/
typedef
VOID(EFIAPI SKIP_BYTES_FUNCTION)(
IN UINTN Size
);
//
// Forward declaration of the two implementations we have.
//
STATIC READ_BYTES_FUNCTION MmioReadBytes;
STATIC WRITE_BYTES_FUNCTION MmioWriteBytes;
STATIC SKIP_BYTES_FUNCTION MmioSkipBytes;
STATIC READ_BYTES_FUNCTION DmaReadBytes;
STATIC WRITE_BYTES_FUNCTION DmaWriteBytes;
STATIC SKIP_BYTES_FUNCTION DmaSkipBytes;
//
// These correspond to the implementation we detect at runtime.
//
STATIC READ_BYTES_FUNCTION *InternalQemuFwCfgReadBytes = MmioReadBytes;
STATIC WRITE_BYTES_FUNCTION *InternalQemuFwCfgWriteBytes = MmioWriteBytes;
STATIC SKIP_BYTES_FUNCTION *InternalQemuFwCfgSkipBytes = MmioSkipBytes;
/**
Returns a boolean indicating if the firmware configuration interface
is available or not.
This function may change fw_cfg state.
@retval TRUE The interface is available
@retval FALSE The interface is not available
**/
BOOLEAN
EFIAPI
QemuFwCfgIsAvailable (
VOID
)
{
return (BOOLEAN)(mFwCfgSelectorAddress != 0 && mFwCfgDataAddress != 0);
}
RETURN_STATUS
EFIAPI
QemuFwCfgInitialize (
VOID
)
{
EFI_STATUS Status;
FDT_CLIENT_PROTOCOL *FdtClient;
CONST UINT64 *Reg;
UINT32 RegSize;
UINTN AddressCells, SizeCells;
UINT64 FwCfgSelectorAddress;
UINT64 FwCfgSelectorSize;
UINT64 FwCfgDataAddress;
UINT64 FwCfgDataSize;
UINT64 FwCfgDmaAddress;
UINT64 FwCfgDmaSize;
Status = gBS->LocateProtocol (
&gFdtClientProtocolGuid,
NULL,
(VOID **)&FdtClient
);
ASSERT_EFI_ERROR (Status);
Status = FdtClient->FindCompatibleNodeReg (
FdtClient,
"qemu,fw-cfg-mmio",
(CONST VOID **)&Reg,
&AddressCells,
&SizeCells,
&RegSize
);
if (EFI_ERROR (Status)) {
DEBUG ((
DEBUG_WARN,
"%a: No 'qemu,fw-cfg-mmio' compatible DT node found (Status == %r)\n",
__func__,
Status
));
return EFI_SUCCESS;
}
ASSERT (AddressCells == 2);
ASSERT (SizeCells == 2);
ASSERT (RegSize == 2 * sizeof (UINT64));
FwCfgDataAddress = SwapBytes64 (Reg[0]);
FwCfgDataSize = 8;
FwCfgSelectorAddress = FwCfgDataAddress + FwCfgDataSize;
FwCfgSelectorSize = 2;
//
// The following ASSERT()s express
//
// Address + Size - 1 <= MAX_UINTN
//
// for both registers, that is, that the last byte in each MMIO range is
// expressible as a MAX_UINTN. The form below is mathematically
// equivalent, and it also prevents any unsigned overflow before the
// comparison.
//
ASSERT (FwCfgSelectorAddress <= MAX_UINTN - FwCfgSelectorSize + 1);
ASSERT (FwCfgDataAddress <= MAX_UINTN - FwCfgDataSize + 1);
mFwCfgSelectorAddress = FwCfgSelectorAddress;
mFwCfgDataAddress = FwCfgDataAddress;
DEBUG ((
DEBUG_INFO,
"Found FwCfg @ 0x%Lx/0x%Lx\n",
FwCfgSelectorAddress,
FwCfgDataAddress
));
if (SwapBytes64 (Reg[1]) >= 0x18) {
FwCfgDmaAddress = FwCfgDataAddress + 0x10;
FwCfgDmaSize = 0x08;
//
// See explanation above.
//
ASSERT (FwCfgDmaAddress <= MAX_UINTN - FwCfgDmaSize + 1);
DEBUG ((DEBUG_INFO, "Found FwCfg DMA @ 0x%Lx\n", FwCfgDmaAddress));
} else {
FwCfgDmaAddress = 0;
}
if (QemuFwCfgIsAvailable ()) {
UINT32 Signature;
QemuFwCfgSelectItem (QemuFwCfgItemSignature);
Signature = QemuFwCfgRead32 ();
if (Signature == SIGNATURE_32 ('Q', 'E', 'M', 'U')) {
//
// For DMA support, we require the DTB to advertise the register, and the
// feature bitmap (which we read without DMA) to confirm the feature.
//
if (FwCfgDmaAddress != 0) {
UINT32 Features;
QemuFwCfgSelectItem (QemuFwCfgItemInterfaceVersion);
Features = QemuFwCfgRead32 ();
if ((Features & FW_CFG_F_DMA) != 0) {
mFwCfgDmaAddress = FwCfgDmaAddress;
InternalQemuFwCfgReadBytes = DmaReadBytes;
InternalQemuFwCfgWriteBytes = DmaWriteBytes;
InternalQemuFwCfgSkipBytes = DmaSkipBytes;
}
}
} else {
mFwCfgSelectorAddress = 0;
mFwCfgDataAddress = 0;
}
}
return RETURN_SUCCESS;
}
/**
Selects a firmware configuration item for reading.
Following this call, any data read from this item will start from the
beginning of the configuration item's data.
@param[in] QemuFwCfgItem Firmware Configuration item to read
**/
VOID
EFIAPI
QemuFwCfgSelectItem (
IN FIRMWARE_CONFIG_ITEM QemuFwCfgItem
)
{
if (QemuFwCfgIsAvailable ()) {
MmioWrite16 (mFwCfgSelectorAddress, SwapBytes16 ((UINT16)QemuFwCfgItem));
}
}
/**
Slow READ_BYTES_FUNCTION.
**/
STATIC
VOID
EFIAPI
MmioReadBytes (
IN UINTN Size,
IN VOID *Buffer OPTIONAL
)
{
UINTN Left;
UINT8 *Ptr;
UINT8 *End;
#if defined (MDE_CPU_AARCH64) || defined (MDE_CPU_RISCV64)
Left = Size & 7;
#else
Left = Size & 3;
#endif
Size -= Left;
Ptr = Buffer;
End = Ptr + Size;
#if defined (MDE_CPU_AARCH64) || defined (MDE_CPU_RISCV64)
while (Ptr < End) {
*(UINT64 *)Ptr = MmioRead64 (mFwCfgDataAddress);
Ptr += 8;
}
if (Left & 4) {
*(UINT32 *)Ptr = MmioRead32 (mFwCfgDataAddress);
Ptr += 4;
}
#else
while (Ptr < End) {
*(UINT32 *)Ptr = MmioRead32 (mFwCfgDataAddress);
Ptr += 4;
}
#endif
if (Left & 2) {
*(UINT16 *)Ptr = MmioRead16 (mFwCfgDataAddress);
Ptr += 2;
}
if (Left & 1) {
*Ptr = MmioRead8 (mFwCfgDataAddress);
}
}
/**
Transfer an array of bytes, or skip a number of bytes, using the DMA
interface.
@param[in] Size Size in bytes to transfer or skip.
@param[in,out] Buffer Buffer to read data into or write data from. Ignored,
and may be NULL, if Size is zero, or Control is
FW_CFG_DMA_CTL_SKIP.
@param[in] Control One of the following:
FW_CFG_DMA_CTL_WRITE - write to fw_cfg from Buffer.
FW_CFG_DMA_CTL_READ - read from fw_cfg into Buffer.
FW_CFG_DMA_CTL_SKIP - skip bytes in fw_cfg.
**/
STATIC
VOID
DmaTransferBytes (
IN UINTN Size,
IN OUT VOID *Buffer OPTIONAL,
IN UINT32 Control
)
{
volatile FW_CFG_DMA_ACCESS Access;
UINT32 Status;
ASSERT (
Control == FW_CFG_DMA_CTL_WRITE || Control == FW_CFG_DMA_CTL_READ ||
Control == FW_CFG_DMA_CTL_SKIP
);
if (Size == 0) {
return;
}
ASSERT (Size <= MAX_UINT32);
Access.Control = SwapBytes32 (Control);
Access.Length = SwapBytes32 ((UINT32)Size);
Access.Address = SwapBytes64 ((UINT64)(UINTN)Buffer);
//
// We shouldn't start the transfer before setting up Access.
//
MemoryFence ();
//
// This will fire off the transfer.
//
#if defined (MDE_CPU_AARCH64) || defined (MDE_CPU_RISCV64)
MmioWrite64 (mFwCfgDmaAddress, SwapBytes64 ((UINT64)&Access));
#else
MmioWrite32 ((UINT32)(mFwCfgDmaAddress + 4), SwapBytes32 ((UINT32)&Access));
#endif
//
// We shouldn't look at Access.Control before starting the transfer.
//
MemoryFence ();
do {
Status = SwapBytes32 (Access.Control);
ASSERT ((Status & FW_CFG_DMA_CTL_ERROR) == 0);
} while (Status != 0);
//
// The caller will want to access the transferred data.
//
MemoryFence ();
}
/**
Fast READ_BYTES_FUNCTION.
**/
STATIC
VOID
EFIAPI
DmaReadBytes (
IN UINTN Size,
IN VOID *Buffer OPTIONAL
)
{
DmaTransferBytes (Size, Buffer, FW_CFG_DMA_CTL_READ);
}
/**
Reads firmware configuration bytes into a buffer
If called multiple times, then the data read will continue at the offset of
the firmware configuration item where the previous read ended.
@param[in] Size Size in bytes to read
@param[in] Buffer Buffer to store data into
**/
VOID
EFIAPI
QemuFwCfgReadBytes (
IN UINTN Size,
IN VOID *Buffer
)
{
if (QemuFwCfgIsAvailable ()) {
InternalQemuFwCfgReadBytes (Size, Buffer);
} else {
ZeroMem (Buffer, Size);
}
}
/**
Slow WRITE_BYTES_FUNCTION.
**/
STATIC
VOID
EFIAPI
MmioWriteBytes (
IN UINTN Size,
IN VOID *Buffer OPTIONAL
)
{
UINTN Idx;
for (Idx = 0; Idx < Size; ++Idx) {
MmioWrite8 (mFwCfgDataAddress, ((UINT8 *)Buffer)[Idx]);
}
}
/**
Fast WRITE_BYTES_FUNCTION.
**/
STATIC
VOID
EFIAPI
DmaWriteBytes (
IN UINTN Size,
IN VOID *Buffer OPTIONAL
)
{
DmaTransferBytes (Size, Buffer, FW_CFG_DMA_CTL_WRITE);
}
/**
Write firmware configuration bytes from a buffer
If called multiple times, then the data written will continue at the offset
of the firmware configuration item where the previous write ended.
@param[in] Size Size in bytes to write
@param[in] Buffer Buffer to read data from
**/
VOID
EFIAPI
QemuFwCfgWriteBytes (
IN UINTN Size,
IN VOID *Buffer
)
{
if (QemuFwCfgIsAvailable ()) {
InternalQemuFwCfgWriteBytes (Size, Buffer);
}
}
/**
Slow SKIP_BYTES_FUNCTION.
**/
STATIC
VOID
EFIAPI
MmioSkipBytes (
IN UINTN Size
)
{
UINTN ChunkSize;
UINT8 SkipBuffer[256];
//
// Emulate the skip by reading data in chunks, and throwing it away. The
// implementation below doesn't affect the static data footprint for client
// modules. Large skips are not expected, therefore this fallback is not
// performance critical. The size of SkipBuffer is thought not to exert a
// large pressure on the stack.
//
while (Size > 0) {
ChunkSize = MIN (Size, sizeof SkipBuffer);
MmioReadBytes (ChunkSize, SkipBuffer);
Size -= ChunkSize;
}
}
/**
Fast SKIP_BYTES_FUNCTION.
**/
STATIC
VOID
EFIAPI
DmaSkipBytes (
IN UINTN Size
)
{
DmaTransferBytes (Size, NULL, FW_CFG_DMA_CTL_SKIP);
}
/**
Skip bytes in the firmware configuration item.
Increase the offset of the firmware configuration item without transferring
bytes between the item and a caller-provided buffer. Subsequent read, write
or skip operations will commence at the increased offset.
@param[in] Size Number of bytes to skip.
**/
VOID
EFIAPI
QemuFwCfgSkipBytes (
IN UINTN Size
)
{
if (QemuFwCfgIsAvailable ()) {
InternalQemuFwCfgSkipBytes (Size);
}
}
/**
Reads a UINT8 firmware configuration value
@return Value of Firmware Configuration item read
**/
UINT8
EFIAPI
QemuFwCfgRead8 (
VOID
)
{
UINT8 Result;
QemuFwCfgReadBytes (sizeof Result, &Result);
return Result;
}
/**
Reads a UINT16 firmware configuration value
@return Value of Firmware Configuration item read
**/
UINT16
EFIAPI
QemuFwCfgRead16 (
VOID
)
{
UINT16 Result;
QemuFwCfgReadBytes (sizeof Result, &Result);
return Result;
}
/**
Reads a UINT32 firmware configuration value
@return Value of Firmware Configuration item read
**/
UINT32
EFIAPI
QemuFwCfgRead32 (
VOID
)
{
UINT32 Result;
QemuFwCfgReadBytes (sizeof Result, &Result);
return Result;
}
/**
Reads a UINT64 firmware configuration value
@return Value of Firmware Configuration item read
**/
UINT64
EFIAPI
QemuFwCfgRead64 (
VOID
)
{
UINT64 Result;
QemuFwCfgReadBytes (sizeof Result, &Result);
return Result;
}
/**
Find the configuration item corresponding to the firmware configuration file.
@param[in] Name Name of file to look up.
@param[out] Item Configuration item corresponding to the file, to be passed
to QemuFwCfgSelectItem ().
@param[out] Size Number of bytes in the file.
@retval RETURN_SUCCESS If file is found.
@retval RETURN_NOT_FOUND If file is not found.
@retval RETURN_UNSUPPORTED If firmware configuration is unavailable.
**/
RETURN_STATUS
EFIAPI
QemuFwCfgFindFile (
IN CONST CHAR8 *Name,
OUT FIRMWARE_CONFIG_ITEM *Item,
OUT UINTN *Size
)
{
UINT32 Count;
UINT32 Idx;
if (!QemuFwCfgIsAvailable ()) {
return RETURN_UNSUPPORTED;
}
QemuFwCfgSelectItem (QemuFwCfgItemFileDir);
Count = SwapBytes32 (QemuFwCfgRead32 ());
for (Idx = 0; Idx < Count; ++Idx) {
UINT32 FileSize;
UINT16 FileSelect;
CHAR8 FName[QEMU_FW_CFG_FNAME_SIZE];
FileSize = QemuFwCfgRead32 ();
FileSelect = QemuFwCfgRead16 ();
QemuFwCfgRead16 (); // skip the field called "reserved"
InternalQemuFwCfgReadBytes (sizeof (FName), FName);
if (AsciiStrCmp (Name, FName) == 0) {
*Item = (FIRMWARE_CONFIG_ITEM)SwapBytes16 (FileSelect);
*Size = SwapBytes32 (FileSize);
return RETURN_SUCCESS;
}
}
return RETURN_NOT_FOUND;
}