[PATCH 1/7] drivers: video: efi-gop: fix null reference pointer.

[PATCH 1/7] drivers: video: efi-gop: fix null reference pointer.

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

fix a null reference pointer on mode variable, that was never initialized,
the mode will be set by the framebuffer subsyetem after initialisation so
it's not necessary to change the resolution here.

Fixes: 6518b21c6c66 ("video: add EFI Graphics Output Protocol support")
Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 drivers/video/efi_gop.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/video/efi_gop.c b/drivers/video/efi_gop.c
index f4f58d9271f5..cef8a6816cac 100644
--- a/drivers/video/efi_gop.c
+++ b/drivers/video/efi_gop.c
@@ -169,8 +169,6 @@ static int efi_gop_query(struct efi_gop_priv *priv)
 
 	priv->fb.screen_base = mode->frame_buffer_base;
 	priv->mode = mode->mode;
-	priv->fb.xres = priv->fb.mode->xres;
-	priv->fb.yres = priv->fb.mode->yres;
 
 	return 0;
 }
-- 
2.34.1

[PATCH 2/7] efi: video: gop: remove dependency to x86.

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

efi GOP work also in arm64, the efi has drivers that implements
LCDs and expose them as GOP protocol.
Tested on QEMU ramfb and RPi3b 64 bit.

Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 drivers/video/Kconfig | 1 -
 1 file changed, 1 deletion(-)

diff --git a/drivers/video/Kconfig b/drivers/video/Kconfig
index 9a0e54bddbaf..b2eccd5db7fe 100644
--- a/drivers/video/Kconfig
+++ b/drivers/video/Kconfig
@@ -32,7 +32,6 @@ config DRIVER_VIDEO_ATMEL_HLCD
 config DRIVER_VIDEO_EFI_GOP
 	bool "EFI Graphics Output Protocol (GOP)"
 	depends on EFI_PAYLOAD
-	depends on X86
 
 config DRIVER_VIDEO_IMX
 	bool "i.MX framebuffer driver"
-- 
2.34.1

Re: [PATCH 2/7] efi: video: gop: remove dependency to x86.

[Ahmad Fatoum]

Hi,

On 8/31/25 5:55 AM, chalianis1@gmail.com wrote:
> From: Chali Anis <chalianis1@gmail.com>
> 
> efi GOP work also in arm64, the efi has drivers that implements
> LCDs and expose them as GOP protocol.
> Tested on QEMU ramfb and RPi3b 64 bit.
> 
> Signed-off-by: Chali Anis <chalianis1@gmail.com>

Acked-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

Nice, didn't expect the resolution patch to be so small..

Thanks,
Ahmad

> ---
>  drivers/video/Kconfig | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/drivers/video/Kconfig b/drivers/video/Kconfig
> index 9a0e54bddbaf..b2eccd5db7fe 100644
> --- a/drivers/video/Kconfig
> +++ b/drivers/video/Kconfig
> @@ -32,7 +32,6 @@ config DRIVER_VIDEO_ATMEL_HLCD
>  config DRIVER_VIDEO_EFI_GOP
>  	bool "EFI Graphics Output Protocol (GOP)"
>  	depends on EFI_PAYLOAD
> -	depends on X86
>  
>  config DRIVER_VIDEO_IMX
>  	bool "i.MX framebuffer driver"

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

[PATCH 3/7] efi: payload: initrd: implement efi initrd media protocol.

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

Add the ability to install an initrd media protocol from an initrd file
or a fitImage, support both the initrd media protocol or installing the
initramfs directly to efi like what linux do.

Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 efi/guid.c                |   7 +++
 efi/payload/Makefile      |   1 +
 efi/payload/efi-initrd.c  | 123 ++++++++++++++++++++++++++++++++++++++
 include/efi.h             |   4 ++
 include/efi/efi-payload.h |   3 +
 5 files changed, 138 insertions(+)
 create mode 100644 efi/payload/efi-initrd.c

diff --git a/efi/guid.c b/efi/guid.c
index ef230a2b2403..7b572acb768b 100644
--- a/efi/guid.c
+++ b/efi/guid.c
@@ -44,6 +44,7 @@ const efi_guid_t efi_load_file_protocol_guid = EFI_LOAD_FILE_PROTOCOL_GUID;
 const efi_guid_t efi_load_file2_protocol_guid = EFI_LOAD_FILE2_PROTOCOL_GUID;
 const efi_guid_t efi_device_path_utilities_protocol_guid =
 	EFI_DEVICE_PATH_UTILITIES_PROTOCOL_GUID;
+const efi_guid_t efi_linux_initrd_media_guid = EFI_LINUX_INITRD_MEDIA_GUID;
 
 #define EFI_GUID_STRING(guid, short, long) do {	\
 	if (!efi_guidcmp(guid, *g))		\
@@ -128,5 +129,11 @@ const char *efi_guid_string(efi_guid_t *g)
 	EFI_GUID_STRING(EFI_ISCSIDXE_INF_GUID, "IScsiDxe.inf", "EFI IScsiDxe.inf File GUID");
 	EFI_GUID_STRING(EFI_VLANCONFIGDXE_INF_GUID, "VlanConfigDxe.inf", "EFI VlanConfigDxe.inf File GUID");
 
+	/* FDT */
+	EFI_GUID_STRING(EFI_DEVICE_TREE_GUID, "DeviceTree", "EFI Device Tree GUID");
+
+	/* Ramdisk */
+	EFI_GUID_STRING(EFI_LINUX_INITRD_MEDIA_GUID, "Initrd Media", "EFI Linux Initrd Media GUID");
+
 	return "unknown";
 }
diff --git a/efi/payload/Makefile b/efi/payload/Makefile
index a4a0332a8288..1250535302d3 100644
--- a/efi/payload/Makefile
+++ b/efi/payload/Makefile
@@ -2,6 +2,7 @@
 
 obj-y += init.o
 obj-y += image.o
+obj-y += efi-initrd.o
 obj-$(CONFIG_OFTREE) += fdt.o
 bbenv-y += env-efi
 obj-$(CONFIG_CMD_IOMEM) += iomem.o
diff --git a/efi/payload/efi-initrd.c b/efi/payload/efi-initrd.c
new file mode 100644
index 000000000000..633fbc29c137
--- /dev/null
+++ b/efi/payload/efi-initrd.c
@@ -0,0 +1,123 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * efi-initrd.c - barebox EFI payload support
+ *
+ * Copyright (c) 2025 Anis Chali <chalianis1@gmail.com>
+ */
+#include <common.h>
+#include <driver.h>
+#include <init.h>
+#include <linux/hw_random.h>
+#include <efi.h>
+#include <efi/efi-device.h>
+#include <efi/device-path.h>
+#include <efi/efi-payload.h>
+
+static efi_status_t EFIAPI efi_initrd_load_file2(
+	struct efi_load_file_protocol *this, struct efi_device_path *file_path,
+	bool boot_policy, unsigned long *buffer_size, void *buffer);
+
+static const struct {
+	struct efi_device_path_vendor vendor;
+	struct efi_device_path end;
+} __packed initrd_dev_path = { { {
+					 DEVICE_PATH_TYPE_MEDIA_DEVICE,
+					 DEVICE_PATH_SUB_TYPE_VENDOR_PATH,
+					 sizeof(initrd_dev_path.vendor),
+				 },
+				 EFI_LINUX_INITRD_MEDIA_GUID },
+			       { DEVICE_PATH_TYPE_END, DEVICE_PATH_SUB_TYPE_END,
+				 DEVICE_PATH_END_LENGTH } };
+
+static struct efi_device_path_memory *initrd_dev;
+static efi_handle_t lf2_handle;
+static struct efi_load_file_protocol efi_lf2_p = {
+	.load_file = efi_initrd_load_file2
+};
+
+static efi_status_t EFIAPI efi_initrd_load_file2(
+	struct efi_load_file_protocol *this, struct efi_device_path *file_path,
+	bool boot_policy, unsigned long *buffer_size, void *buffer)
+{
+	size_t initrd_size;
+
+	if (!this || this != &efi_lf2_p || !buffer_size)
+		return EFI_INVALID_PARAMETER;
+
+	if (file_path->type != initrd_dev_path.end.type ||
+	    file_path->sub_type != initrd_dev_path.end.sub_type)
+		return EFI_INVALID_PARAMETER;
+
+	if (boot_policy)
+		return EFI_UNSUPPORTED;
+
+	initrd_size = initrd_dev->ending_address - initrd_dev->starting_address;
+	if (!buffer || *buffer_size < initrd_size) {
+		*buffer_size = initrd_size;
+		return EFI_BUFFER_TOO_SMALL;
+	}
+
+	else {
+		memcpy(buffer, (void *)(uintptr_t)initrd_dev->starting_address,
+		       initrd_size);
+		*buffer_size = initrd_size;
+	}
+
+	return EFI_SUCCESS;
+}
+
+int efi_initrd_register(void *initrd, size_t initrd_sz)
+{
+	efi_physical_addr_t mem;
+	efi_status_t efiret;
+	size_t sz;
+	int ret;
+
+	sz = sizeof(struct efi_device_path_memory) +
+	     sizeof(struct efi_device_path);
+	efiret = BS->allocate_pool(EFI_BOOT_SERVICES_DATA, sz, (void **)&mem);
+	if (EFI_ERROR(efiret)) {
+		pr_err("Failed to allocate memory for INITRD %s\n",
+		       efi_strerror(efiret));
+		ret = -efi_errno(efiret);
+		return ret;
+	}
+
+	initrd_dev = efi_phys_to_virt(mem);
+	initrd_dev->header.type = DEVICE_PATH_TYPE_HARDWARE_DEVICE;
+	initrd_dev->header.sub_type = DEVICE_PATH_SUB_TYPE_MEMORY;
+	initrd_dev->header.length = sizeof(struct efi_device_path_memory);
+	initrd_dev->memory_type = EFI_LOADER_DATA;
+	initrd_dev->starting_address = efi_virt_to_phys(initrd);
+	initrd_dev->ending_address = efi_virt_to_phys(initrd) + initrd_sz;
+
+	memcpy(&initrd_dev[1], &initrd_dev_path.end, DEVICE_PATH_END_LENGTH);
+
+	efiret = BS->install_multiple_protocol_interfaces(
+		&lf2_handle, &efi_load_file2_protocol_guid, &efi_lf2_p,
+		&efi_device_path_protocol_guid, &initrd_dev_path, NULL);
+	if (EFI_ERROR(efiret)) {
+		pr_err("Failed to install protocols for INITRD %s\n",
+		       efi_strerror(efiret));
+		ret = -efi_errno(efiret);
+		goto out;
+	}
+
+	return 0;
+out:
+	BS->free_pool(efi_phys_to_virt(mem));
+	return ret;
+}
+
+void efi_initrd_unregister(void)
+{
+	if (!initrd_dev)
+		return;
+
+	BS->uninstall_multiple_protocol_interfaces(
+		lf2_handle, &efi_device_path_protocol_guid, &initrd_dev_path,
+		&efi_load_file2_protocol_guid, &efi_lf2_p, NULL);
+
+	BS->free_pool(initrd_dev);
+	initrd_dev = NULL;
+}
diff --git a/include/efi.h b/include/efi.h
index 40b69fdb0188..bd339ea097c3 100644
--- a/include/efi.h
+++ b/include/efi.h
@@ -558,6 +558,9 @@ extern struct efi_runtime_services *RT;
 #define EFI_DRIVER_BINDING_PROTOCOL_GUID \
     EFI_GUID(0x18a031ab, 0xb443, 0x4d1a, 0xa5, 0xc0, 0x0c, 0x09, 0x26, 0x1e, 0x9f, 0x71)
 
+#define EFI_LINUX_INITRD_MEDIA_GUID \
+	EFI_GUID(0x5568e427, 0x68fc, 0x4f3d,  0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68)
+
 struct efi_driver_binding_protocol {
 	efi_status_t (EFIAPI * supported)(
 			struct efi_driver_binding_protocol *this,
@@ -603,6 +606,7 @@ extern const efi_guid_t efi_guid_event_group_reset_system;
 extern const efi_guid_t efi_load_file_protocol_guid;
 extern const efi_guid_t efi_load_file2_protocol_guid;
 extern const efi_guid_t efi_device_path_utilities_protocol_guid;
+extern const efi_guid_t efi_linux_initrd_media_guid;
 
 struct efi_config_table {
 	efi_guid_t guid;
diff --git a/include/efi/efi-payload.h b/include/efi/efi-payload.h
index fe45864dd8a7..d8e66a187a87 100644
--- a/include/efi/efi-payload.h
+++ b/include/efi/efi-payload.h
@@ -34,4 +34,7 @@ int efi_set_variable_usec(char *name, efi_guid_t *vendor, uint64_t usec);
 void *efi_earlymem_alloc(const struct efi_system_table *sys_table,
 			 size_t *memsize, enum efi_memory_type mem_type);
 
+int efi_initrd_register(void *initrd, size_t initrd_size);
+void efi_initrd_unregister(void);
+
 #endif
-- 
2.34.1

[PATCH 4/7] arm: efi: add a generic efi machine.

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

add a generic arm64 machine that can select the CPU_V8 and the
required efi payload minimal configs. this machine permits to have
a clean arm64 efi payload, idealy we don't need the other machine
that comes from multi arch since they execute code that is specific
for the correspondig hardware. with this generic efi machine the
barebox log shell is more clean. to get a pure clean efi payload
you need to unselect all the other arch machines and keep only the
EFI ARM64.

Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 arch/arm/Kconfig | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index cce71b50eb04..0a098440ddde 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -254,6 +254,18 @@ config ARCH_ZYNQMP
 	select GPIOLIB
 	select HAS_MACB
 
+config EFI_ARM64
+	bool "EFI on ARM64"
+	select CPU_V8
+	select CPU_SUPPORTS_64BIT_KERNEL
+	select HAVE_EFI_PAYLOAD
+	select EFI_PAYLOAD
+	select BOOTM_FITIMAGE
+    select CLOCKSOURCE_EFI
+    select DRIVER_VIDEO_EFI_GOP
+	depends on 64BIT
+	default y if ARCH_MULTIARCH
+
 source "arch/arm/cpu/Kconfig"
 source "arch/arm/mach-at91/Kconfig"
 source "arch/arm/mach-bcm283x/Kconfig"
-- 
2.34.1

Re: [PATCH 4/7] arm: efi: add a generic efi machine.

[Sascha Hauer]

On Sat, Aug 30, 2025 at 11:55:39PM -0400, chalianis1@gmail.com wrote:
> From: Chali Anis <chalianis1@gmail.com>
> 
> add a generic arm64 machine that can select the CPU_V8 and the
> required efi payload minimal configs. this machine permits to have
> a clean arm64 efi payload, idealy we don't need the other machine
> that comes from multi arch since they execute code that is specific
> for the correspondig hardware. with this generic efi machine the
> barebox log shell is more clean. to get a pure clean efi payload
> you need to unselect all the other arch machines and keep only the
> EFI ARM64.
> 
> Signed-off-by: Chali Anis <chalianis1@gmail.com>
> ---
>  arch/arm/Kconfig | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> index cce71b50eb04..0a098440ddde 100644
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> @@ -254,6 +254,18 @@ config ARCH_ZYNQMP
>  	select GPIOLIB
>  	select HAS_MACB
>  
> +config EFI_ARM64
> +	bool "EFI on ARM64"
> +	select CPU_V8
> +	select CPU_SUPPORTS_64BIT_KERNEL
> +	select HAVE_EFI_PAYLOAD
> +	select EFI_PAYLOAD
> +	select BOOTM_FITIMAGE
> +    select CLOCKSOURCE_EFI
> +    select DRIVER_VIDEO_EFI_GOP

Do we actually require this driver?

Nit: should be tabs here.

> +	depends on 64BIT
> +	default y if ARCH_MULTIARCH

No default y here please.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH 4/7] arm: efi: add a generic efi machine.

[Ahmad Fatoum]

Hi,

On 31.08.25 05:55, chalianis1@gmail.com wrote:
> From: Chali Anis <chalianis1@gmail.com>
> 
> add a generic arm64 machine that can select the CPU_V8 and the
> required efi payload minimal configs. this machine permits to have
> a clean arm64 efi payload, idealy we don't need the other machine
> that comes from multi arch since they execute code that is specific
> for the correspondig hardware. with this generic efi machine the
> barebox log shell is more clean. to get a pure clean efi payload
> you need to unselect all the other arch machines and keep only the
> EFI ARM64.
> 
> Signed-off-by: Chali Anis <chalianis1@gmail.com>
> ---
>  arch/arm/Kconfig | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> index cce71b50eb04..0a098440ddde 100644
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> @@ -254,6 +254,18 @@ config ARCH_ZYNQMP
>  	select GPIOLIB
>  	select HAS_MACB
>  
> +config EFI_ARM64

Thinking about it, this doesn't really fit into the existing model.
We have CONFIG_EFI_PAYLOAD, which when enabled gives _all_ images
an EFI stub.

I think it's better to just give CPU_V7 and CPU_V8 prompts.
Then they can be enabled for the barebones EFI-only use case alongside
CONFIG_EFI_PAYLOAD. CONFIG_EFI_PAYLOAD should have its depends on
COMPILE_TEST removed as last patch in your series then I think (or
before last if you add a dedicated efi_defconfig).

> +	bool "EFI on ARM64"

Generally, we should call it EFI payload to differentiate from
EFI loader (firmware)

> +	select CPU_V8
> +	select CPU_SUPPORTS_64BIT_KERNEL

Symbol doesn't exist on ARM.

> +	select HAVE_EFI_PAYLOAD

Already selected by CPU_64

> +	select EFI_PAYLOAD
> +	select BOOTM_FITIMAGE

select means it can't be deselected, which is not needed here.

> +    select CLOCKSOURCE_EFI
> +    select DRIVER_VIDEO_EFI_GOP

It's reasonable to disable GOP if the device is headless anyway.
You can give the DRIVER_VIDEO_EFI_GOP a default y though if you like,
because many (most?) users will likely want to use GOP.

Point is moot with above suggested change though.

> +	depends on 64BIT
> +	default y if ARCH_MULTIARCH

> +
>  source "arch/arm/cpu/Kconfig"
>  source "arch/arm/mach-at91/Kconfig"
>  source "arch/arm/mach-bcm283x/Kconfig"


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH 4/7] arm: efi: add a generic efi machine.

[anis chali]

Hi,

> Thinking about it, this doesn't really fit into the existing model.
> We have CONFIG_EFI_PAYLOAD, which when enabled gives _all_ images
> an EFI stub.
> 
> I think it's better to just give CPU_V7 and CPU_V8 prompts.
Don't understand.

> Then they can be enabled for the barebones EFI-only use case alongside
> CONFIG_EFI_PAYLOAD. CONFIG_EFI_PAYLOAD should have its depends on
> COMPILE_TEST removed as last patch in your series then I think (or
> before last if you add a dedicated efi_defconfig).
So we keep a specific kconfig variant that will be selected using efi_defconfig
file and not merging the multi_v8_defconfig with the efi_payload config in the makefile
Is it what you mean?
will this defconfig serve only arm64 or should we think about it more globally to 
be used with what ever cpu or arch and in that case maybe we can just keep the same 
startegy than merguing between configs and this time we will take the efi_payload config
and add the selected arch from the environment variable ARCH???

especially the efi payload is not more than an application compiled on a given architecture and
and is loadable by efi, so it should never change the hardware state and stay hardware agnostic.

> 
> +	bool "EFI on ARM64"
> > 
> 
> Generally, we should call it EFI payload to differentiate from
> EFI loader (firmware)
Ack,  will change it for "Arm 64 EFI Payload", but maybe see think it with what I just said
before.

> Symbol doesn't exist on ARM.
> 
> +	select HAVE_EFI_PAYLOAD
> > 
> 
> Already selected by CPU_64
Ack
 
> +	select EFI_PAYLOAD
> > +	select BOOTM_FITIMAGE
> > 
> 
> select means it can't be deselected, which is not needed here.
Ok, it makes sense, bootm fit is not required.

> 
> +    select CLOCKSOURCE_EFI
> > +    select DRIVER_VIDEO_EFI_GOP
> > 
> 
> It's reasonable to disable GOP if the device is headless anyway.
> You can give the DRIVER_VIDEO_EFI_GOP a default y though if you like,
> because many (most?) users will likely want to use GOP.
Ok, will make it as just default but not select with kconfig.
 
> Point is moot with above suggested change though.
> 
> +	depends on 64BIT
> > +	default y if ARCH_MULTIARCH
> > 
> 
Ack.

Maybe if you have a couple of minutes to just summarize what need to be done
and have some plan for efi payload stuff, it is very apperciated the time you
spend supporting, I didn't know anything about barebox a few weeks ago, but I 
noticed that it is really a very good quality code, maintainable, it will an
excellent replacement for all the efi payloads, it could also be an excellent choice
if we need to build the same software stack on different and mixed closed architectures 
products where the efi is the only supported bootloader.

Cheers,

Anis C.

Re: [PATCH 4/7] arm: efi: add a generic efi machine.

[Ahmad Fatoum]

Hi Anis,

On 9/5/25 2:16 AM, anis chali wrote:
> Hi,
> 
>> Thinking about it, this doesn't really fit into the existing model.
>> We have CONFIG_EFI_PAYLOAD, which when enabled gives _all_ images
>> an EFI stub.
>>
>> I think it's better to just give CPU_V7 and CPU_V8 prompts.
> Don't understand.

See
https://lore.kernel.org/all/20250904081626.93182-1-a.fatoum@pengutronix.de/

This way you can just enable CPU_V8 and keep all SoCs disabled to build
barebox for UEFI.

>> Then they can be enabled for the barebones EFI-only use case alongside
>> CONFIG_EFI_PAYLOAD. CONFIG_EFI_PAYLOAD should have its depends on
>> COMPILE_TEST removed as last patch in your series then I think (or
>> before last if you add a dedicated efi_defconfig).
> So we keep a specific kconfig variant that will be selected using efi_defconfig
> file and not merging the multi_v8_defconfig with the efi_payload config in the makefile
> Is it what you mean?

While multi_v8_efi_defconfig is nice to have, I see the utility now in
having an efi_v8_defconfig (or efi_{payload,app}_v8_defconfig?) that
disables all other boards, because they aren't needed.

The new efi_*_v8_defconfig would just enable CPU_V8 and
CONFIG_EFI_PAYLOAD and this way we don't need an extra machine.

> will this defconfig serve only arm64 or should we think about it more globally to 
> be used with what ever cpu or arch and in that case maybe we can just keep the same 
> startegy than merguing between configs and this time we will take the efi_payload config
> and add the selected arch from the environment variable ARCH???

Let's just add a single efi_v8_defconfig for now and think about merging
later.

> especially the efi payload is not more than an application compiled on a given architecture and
> and is loadable by efi, so it should never change the hardware state and stay hardware agnostic.

Agreed. ISA should be the only dependency in the optimal case.

>> +	bool "EFI on ARM64"
>>>
>>
>> Generally, we should call it EFI payload to differentiate from
>> EFI loader (firmware)
> Ack,  will change it for "Arm 64 EFI Payload", but maybe see think it with what I just said
> before.
> 
>> Symbol doesn't exist on ARM.
>>
>> +	select HAVE_EFI_PAYLOAD
>>>
>>
>> Already selected by CPU_64
> Ack
>  
>> +	select EFI_PAYLOAD
>>> +	select BOOTM_FITIMAGE
>>>
>>
>> select means it can't be deselected, which is not needed here.
> Ok, it makes sense, bootm fit is not required.
> 
>>
>> +    select CLOCKSOURCE_EFI
>>> +    select DRIVER_VIDEO_EFI_GOP
>>>
>>
>> It's reasonable to disable GOP if the device is headless anyway.
>> You can give the DRIVER_VIDEO_EFI_GOP a default y though if you like,
>> because many (most?) users will likely want to use GOP.
> Ok, will make it as just default but not select with kconfig.
>  
>> Point is moot with above suggested change though.
>>
>> +	depends on 64BIT
>>> +	default y if ARCH_MULTIARCH
>>>
>>
> Ack.
> 
> Maybe if you have a couple of minutes to just summarize what need to be done
> and have some plan for efi payload stuff, it is very apperciated the time you
> spend supporting, I didn't know anything about barebox a few weeks ago, but I 
> noticed that it is really a very good quality code, maintainable, it will an
> excellent replacement for all the efi payloads, it could also be an excellent choice
> if we need to build the same software stack on different and mixed closed architectures 
> products where the efi is the only supported bootloader.

The current EFI_PAYLOAD support for ARM is similar to the kernel's, it
modifies the normal image(s) to add an EFI stub and images can then be
booted in two different ways: Executing the first instruction or by
parsing the PE header and executing it from within an EFI environment.

Because CONFIG_EFI_PAYLOAD is invasive in this manner and affects all
images generated, I don't want it selected by a separate
subarchitecture, because it doesn't reflect its global effect.

That's why I prefer having CPU_V8 and CPU_V7 symbols with a prompt and
then CONFIG_EFI_PAYLOAD will just EFI stub all images.

Now with EFI_PAYLOAD enabled, we are missing out on a way to boot an
EFI-stubbed kernel from within barebox. Currently, we only support the
legacy handover protocol, which is not standard, x86-only and can be
disabled in newer kernels.

barebox needs a spec-conforming boot method that can be used on ARM and
that can also be used on x86 later.

FIT image support is good to have, but it's a separate manner from being
able to just boot an EFI stubbed kernel with a normal

  bootm -r /boot/initrd.gz -o /efi.dtb /boot/Image.gz

With that in place, I think we should have everything for barebox to be
a viable EFI bootloader on ARM as it's on x86.

Cheers,
Ahmad


> 
> Cheers,
> 
> Anis C.
> 

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

[PATCH 5/7] lib: fdt: add lib fdt padding size.

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

When loading an unflating an FDT in some cases we need to have
a padding space to be able to apply fixes.

Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 lib/Kconfig | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/Kconfig b/lib/Kconfig
index d07e2f3b6959..89e95d202c2c 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -121,6 +121,10 @@ config FSL_QE_FIRMWARE
 	select CRC32
 	bool
 
+config FDT_PADDING
+	int "FDT padding size for fixups"
+	default 4096
+
 config LIBFDT
 	bool
 
-- 
2.34.1

[PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

This patch has more stock, between implementing EFI STUB boot, refactor to
reuse the code and finaly support the fit image format.
This code is tested on many qemu EFI compilations comming from ovmf ubuntu
package, tianocore efi for qemu, local edk2 build, and also tested on RPi3b
64 bit EFI from tianocore and a local build of edk2, more mchines will be
tested soon. the test was for a full boot chain on RPi3b booting a fit image
containing a kernel, an fdt, and a ramdisk with ostree initrd to mount an
ostree root filesystem. for contribution in short term,
1. it would be nice to test with more hardware,
2. linux global checkup of efivars, efi capsule update, efi runtime services
3. The state.dtb to support barebox state to manage multiple system boot
   and a recovery.
   the case would be sys1 = new ostree commit, sys2 = old commit (rollback)
   and a recovery boot system on readonly disk.
4. secure boot, PoC to check if there is a way to load TF-A from EFI
and then load the efi payload from it and launch optee??

Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 efi/payload/image.c | 457 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 403 insertions(+), 54 deletions(-)

diff --git a/efi/payload/image.c b/efi/payload/image.c
index 33c5e18dac27..38d52a32ea64 100644
--- a/efi/payload/image.c
+++ b/efi/payload/image.c
@@ -25,6 +25,7 @@
 #include <libfile.h>
 #include <binfmt.h>
 #include <wchar.h>
+#include <image-fit.h>
 #include <efi/efi-payload.h>
 #include <efi/efi-device.h>
 
@@ -77,42 +78,41 @@ struct linux_kernel_header {
 	uint32_t handover_offset;	/** */
 } __attribute__ ((packed));
 
-static void *efi_read_file(const char *file, size_t *size)
-{
-	efi_physical_addr_t mem;
-	efi_status_t efiret;
-	struct stat s;
-	char *buf;
-	ssize_t ret;
+struct efi_mem_resource {
+	efi_physical_addr_t base;
+	size_t size;
+} __attribute__ ((packed));
 
-	buf = read_file(file, size);
-	if (buf || errno != ENOMEM)
-		return buf;
+struct efi_image_data {
+	struct image_data *data;
 
-	ret = stat(file, &s);
-	if (ret)
-		return NULL;
+	efi_handle_t handle;
+	struct efi_loaded_image *loaded_image;
 
-	efiret = BS->allocate_pages(EFI_ALLOCATE_ANY_PAGES,
-				    EFI_LOADER_CODE,
-				    DIV_ROUND_UP(s.st_size, EFI_PAGE_SIZE),
-				    &mem);
+	struct efi_mem_resource image_res;
+	struct efi_mem_resource oftree_res;
+	struct efi_mem_resource *initrd_res;
+};
+
+
+static void *efi_allocate_pages(efi_physical_addr_t *mem,
+				size_t size,
+				enum efi_allocate_type allocate_type,
+				enum efi_memory_type mem_type)
+{
+	efi_status_t efiret;
+
+	efiret = BS->allocate_pages(allocate_type, mem_type,
+				    DIV_ROUND_UP(size, EFI_PAGE_SIZE), mem);
 	if (EFI_ERROR(efiret)) {
 		errno = efi_errno(efiret);
 		return NULL;
 	}
 
-	buf = efi_phys_to_virt(mem);
-
-	ret = read_file_into_buf(file, buf, s.st_size);
-	if (ret < 0)
-		return NULL;
-
-	*size = ret;
-	return buf;
+	return efi_phys_to_virt(*mem);
 }
 
-static void efi_free_file(void *_mem, size_t size)
+static void efi_free_pages(void *_mem, size_t size)
 {
 	efi_physical_addr_t mem = efi_virt_to_phys(_mem);
 
@@ -122,28 +122,40 @@ static void efi_free_file(void *_mem, size_t size)
 		BS->free_pages(mem, DIV_ROUND_UP(size, EFI_PAGE_SIZE));
 }
 
-static int efi_load_image(const char *file, struct efi_loaded_image **loaded_image,
-		efi_handle_t *h)
+static int efi_load_file_image(const char *file,
+			       struct efi_loaded_image **loaded_image,
+			       efi_handle_t *h)
 {
+	efi_physical_addr_t mem;
 	void *exe;
+	char *buf;
 	size_t size;
 	efi_handle_t handle;
 	efi_status_t efiret = EFI_SUCCESS;
 
-	exe = efi_read_file(file, &size);
-	if (!exe)
-		return -errno;
+	buf = read_file(file, &size);
+	if (!buf)
+		return -ENOMEM;
 
-	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe, size,
-			&handle);
+	exe = efi_allocate_pages(&mem, size, EFI_ALLOCATE_ANY_PAGES,
+				 EFI_LOADER_CODE);
+	if (!exe) {
+		pr_err("Failed to allocate pages for image\n");
+		return -ENOMEM;
+	}
+
+	memcpy(exe, buf, size);
+
+	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe,
+				size, &handle);
 	if (EFI_ERROR(efiret)) {
 		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
 		goto out;
 	};
 
 	efiret = BS->open_protocol(handle, &efi_loaded_image_protocol_guid,
-			(void **)loaded_image,
-			efi_parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
+				   (void **)loaded_image, efi_parent_image,
+				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
 	if (EFI_ERROR(efiret)) {
 		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
 		BS->unload_image(handle);
@@ -151,8 +163,10 @@ static int efi_load_image(const char *file, struct efi_loaded_image **loaded_ima
 	}
 
 	*h = handle;
+
+	return 0;
 out:
-	efi_free_file(exe, size);
+	efi_free_pages(exe, size);
 	return -efi_errno(efiret);
 }
 
@@ -171,20 +185,16 @@ static bool is_linux_image(enum filetype filetype, const void *base)
 	return false;
 }
 
-static int efi_execute_image(enum filetype filetype, const char *file)
+static int efi_execute_image(efi_handle_t handle,
+			     struct efi_loaded_image *loaded_image,
+			     enum filetype filetype)
 {
-	efi_handle_t handle;
-	struct efi_loaded_image *loaded_image;
 	efi_status_t efiret;
 	const char *options;
 	bool is_driver;
-	int ret;
-
-	ret = efi_load_image(file, &loaded_image, &handle);
-	if (ret)
-		return ret;
 
-	is_driver = (loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
+	is_driver =
+		(loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
 		(loaded_image->image_code_type == EFI_RUNTIME_SERVICES_CODE);
 
 	if (is_linux_image(filetype, loaded_image->image_base)) {
@@ -192,7 +202,8 @@ static int efi_execute_image(enum filetype filetype, const char *file)
 		options = linux_bootargs_get();
 		pr_info("add linux options '%s'\n", options);
 		if (options) {
-			loaded_image->load_options = xstrdup_char_to_wchar(options);
+			loaded_image->load_options =
+				xstrdup_char_to_wchar(options);
 			loaded_image->load_options_size =
 				(strlen(options) + 1) * sizeof(wchar_t);
 		}
@@ -216,11 +227,11 @@ static int efi_execute_image(enum filetype filetype, const char *file)
 	return -efi_errno(efiret);
 }
 
-typedef void(*handover_fn)(void *image, struct efi_system_table *table,
-		struct linux_kernel_header *header);
+typedef void (*handover_fn)(void *image, struct efi_system_table *table,
+			    struct linux_kernel_header *header);
 
 static inline void linux_efi_handover(efi_handle_t handle,
-		struct linux_kernel_header *header)
+				      struct linux_kernel_header *header)
 {
 	handover_fn handover;
 	uintptr_t addr;
@@ -244,7 +255,7 @@ static int do_bootm_efi(struct image_data *data)
 	struct efi_loaded_image *loaded_image;
 	struct linux_kernel_header *image_header, *boot_header;
 
-	ret = efi_load_image(data->os_file, &loaded_image, &handle);
+	ret = efi_load_file_image(data->os_file, &loaded_image, &handle);
 	if (ret)
 		return ret;
 
@@ -284,8 +295,9 @@ static int do_bootm_efi(struct image_data *data)
 		boot_header->cmdline_size = strlen(options);
 	}
 
-	boot_header->code32_start = efi_virt_to_phys(loaded_image->image_base +
-			(image_header->setup_sects+1) * 512);
+	boot_header->code32_start =
+		efi_virt_to_phys(loaded_image->image_base +
+				 (image_header->setup_sects + 1) * 512);
 
 	if (bootm_verbose(data)) {
 		printf("\nStarting kernel at 0x%p", loaded_image->image_base);
@@ -311,15 +323,350 @@ static int do_bootm_efi(struct image_data *data)
 	return 0;
 }
 
+static bool ramdisk_is_fit(struct image_data *data)
+{
+	struct stat st;
+
+	if (bootm_signed_images_are_forced())
+		return true;
+
+	if (data->initrd_file) {
+		if (!stat(data->initrd_file, &st) && st.st_size > 0)
+			return false;
+	}
+
+	return data->os_fit ? (bool)fit_has_image(data->os_fit,
+			data->fit_config, "ramdisk") : false;
+}
+
+static bool fdt_is_fit(struct image_data *data)
+{
+	struct stat st;
+
+	if (bootm_signed_images_are_forced())
+		return true;
+
+	if (data->oftree_file) {
+		if (!stat(data->initrd_file, &st) && st.st_size > 0)
+			return false;
+	}
+
+	return data->os_fit ? (bool)fit_has_image(data->os_fit,
+			data->fit_config, "fdt") : false;
+}
+
+static int efi_load_os(struct efi_image_data *e)
+{
+	efi_status_t efiret = EFI_SUCCESS;
+	efi_physical_addr_t mem;
+	size_t image_size = 0;
+	void *image = NULL;
+	void *vmem = NULL;
+	int ret = 0;
+
+	if (e->data->os_fit) {
+		image = (void *)e->data->fit_kernel;
+		image_size = e->data->fit_kernel_size;
+	} else if (e->data->os_file)
+		return efi_load_file_image(e->data->os_file,
+				&e->loaded_image, &e->handle);
+
+	vmem = efi_allocate_pages(&mem, image_size, EFI_ALLOCATE_ANY_PAGES,
+				 EFI_LOADER_CODE);
+	if (!vmem) {
+		pr_err("Failed to allocate pages for image\n");
+		return -ENOMEM;
+	}
+
+	memcpy(vmem, image, image_size);
+
+	efiret = BS->load_image(false, efi_parent_image, efi_device_path, image,
+				image_size, &e->handle);
+	if (EFI_ERROR(efiret)) {
+		ret = -efi_errno(efiret);
+		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
+		goto out_mem;
+	};
+
+	efiret = BS->open_protocol(e->handle, &efi_loaded_image_protocol_guid,
+				   (void **)&e->loaded_image, efi_parent_image,
+				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
+	if (EFI_ERROR(efiret)) {
+		ret = -efi_errno(efiret);
+		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
+		goto out_unload;
+	}
+
+	e->image_res.base = mem;
+	e->image_res.size = image_size;
+
+	return 0;
+
+out_mem:
+	efi_free_pages(vmem, image_size);
+out_unload:
+	BS->unload_image(e->handle);
+	return ret;
+}
+
+static void efi_unload_os(struct efi_image_data *e)
+{
+	BS->close_protocol(e->handle, &efi_loaded_image_protocol_guid,
+				 efi_parent_image, NULL);
+
+	BS->unload_image(e->handle);
+	efi_free_pages(efi_phys_to_virt(e->image_res.base),
+				 e->image_res.size);
+}
+
+static int efi_load_ramdisk(struct efi_image_data *e)
+{
+	void *vmem, *tmp = NULL;
+	efi_physical_addr_t mem;
+	efi_status_t efiret = EFI_SUCCESS;
+	const void *initrd;
+	unsigned long initrd_size;
+	bool from_fit;
+	int ret;
+
+	from_fit = ramdisk_is_fit(e->data);
+
+	if (from_fit) {
+		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
+				     "ramdisk", &initrd, &initrd_size);
+		if (ret) {
+			pr_err("Cannot open ramdisk image in FIT image: %pe\n",
+			       ERR_PTR(ret));
+			return ret;
+		}
+	}
+
+	if (!from_fit) {
+		if (!e->data->initrd_file)
+			return 0;
+
+		pr_info("Loading ramdisk from '%s'\n", e->data->initrd_file);
+		tmp = read_file(e->data->initrd_file, &initrd_size);
+		if (!tmp || initrd_size <= 0) {
+			pr_err("Failed to read initrd from file: %s\n",
+				e->data->initrd_file);
+			return -EINVAL;
+		}
+		initrd = tmp;
+	}
+
+	efiret = BS->allocate_pool(EFI_LOADER_DATA,
+			sizeof(struct efi_mem_resource),
+			(void **)&e->initrd_res);
+	if (EFI_ERROR(efiret) || !e->initrd_res) {
+		ret = -efi_errno(efiret);
+		pr_err("Failed to allocate initrd %s/n", efi_strerror(efiret));
+		goto free_mem;
+	}
+
+	vmem = efi_allocate_pages(&mem, initrd_size,
+				 EFI_ALLOCATE_MAX_ADDRESS, EFI_LOADER_DATA);
+	if (!vmem) {
+		pr_err("Failed to allocate pages for initrd data\n");
+		ret = -ENOMEM;
+		goto free_pool;
+	}
+
+	memcpy(vmem, (void *)initrd, initrd_size);
+	e->initrd_res->base = (uint64_t)mem;
+	e->initrd_res->size = (uint64_t)initrd_size;
+
+	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL)) {
+		efiret = BS->install_configuration_table(
+			&efi_linux_initrd_media_guid,
+			(void *)e->initrd_res);
+		if (EFI_ERROR(efiret)) {
+			ret = -efi_errno(efiret);
+			pr_err("Failed to install INITRD %s/n",
+					efi_strerror(efiret));
+			goto free_pages;
+		}
+	} else {
+		ret = efi_initrd_register(vmem, initrd_size);
+		if (ret) {
+			pr_err("Failed to register INITRD %s/n",
+				strerror(efiret));
+			goto free_pages;
+		}
+	}
+
+	if (!from_fit && tmp)
+		free(tmp);
+
+	return 0;
+
+free_pages:
+	efi_free_pages(vmem, initrd_size);
+free_pool:
+	BS->free_pool(e->initrd_res);
+free_mem:
+	if (!from_fit && tmp)
+		free(tmp);
+
+	return ret;
+}
+
+static void efi_unload_ramdisk(struct efi_image_data *e)
+{
+
+	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL))
+		BS->install_configuration_table(
+			&efi_linux_initrd_media_guid, NULL);
+	else
+		efi_initrd_unregister();
+
+	efi_free_pages(efi_phys_to_virt(e->initrd_res->base),
+				 e->initrd_res->size);
+
+	BS->free_pool(e->initrd_res);
+	e->initrd_res = NULL;
+}
+
+static int efi_load_fdt(struct efi_image_data *e)
+{
+	efi_status_t efiret = EFI_SUCCESS;
+	efi_physical_addr_t mem;
+	void *vmem, *tmp = NULL;
+	const void *of_tree;
+	unsigned long of_size;
+	bool from_fit;
+	int ret;
+
+	if (IS_ENABLED(CONFIG_EFI_FDT_FORCE))
+		return 0;
+
+	from_fit = fdt_is_fit(e->data);
+	if (from_fit) {
+		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
+				     "fdt", &of_tree, &of_size);
+		if (ret) {
+			pr_err("Cannot open FDT image in FIT image: %pe\n",
+			       ERR_PTR(ret));
+			return ret;
+		}
+	}
+
+	if (!from_fit) {
+		if (!e->data->oftree_file)
+			return 0;
+
+		pr_info("Loading devicetree from '%s'\n", e->data->oftree_file);
+		tmp = read_file(e->data->oftree_file, &of_size);
+		if (!tmp || of_size <= 0) {
+			pr_err("Failed to read initrd from file: %s\n",
+				e->data->initrd_file);
+			return -EINVAL;
+		}
+		of_tree = tmp;
+	}
+
+	vmem = efi_allocate_pages(&mem, of_size + CONFIG_FDT_PADDING,
+				 EFI_ALLOCATE_ANY_PAGES,
+				 EFI_ACPI_RECLAIM_MEMORY);
+	if (!vmem) {
+		pr_err("Failed to allocate pages for FDT\n");
+		goto free_file;
+		return -ENOMEM;
+	}
+
+	memcpy(vmem, of_tree, of_size);
+
+	efiret = BS->install_configuration_table(&efi_fdt_guid,
+			(void *)mem);
+	if (EFI_ERROR(efiret)) {
+		pr_err("Failed to install FDT %s/n", efi_strerror(efiret));
+		ret = -efi_errno(efiret);
+		goto free_mem;
+	}
+
+	e->oftree_res.base = mem;
+	e->oftree_res.size = of_size + CONFIG_FDT_PADDING;
+
+	if (!from_fit && tmp)
+		free(tmp);
+
+	return 0;
+
+free_mem:
+	efi_free_pages(vmem, of_size);
+free_file:
+	if (!from_fit && tmp)
+		free(tmp);
+
+	return ret;
+}
+
+static void efi_unload_fdt(struct efi_image_data *e)
+{
+	BS->install_configuration_table(&efi_fdt_guid, NULL);
+
+	efi_free_pages(efi_phys_to_virt(e->oftree_res.base),
+				 e->oftree_res.size);
+}
+
+static int do_bootm_efi_stub(struct image_data *data)
+{
+	struct efi_image_data e = {.data = data};
+	enum filetype type;
+	int ret = 0;
+
+	ret = efi_load_os(&e);
+	if (ret)
+		return ret;
+
+	ret = efi_load_fdt(&e);
+	if (ret)
+		goto unload_os;
+
+	ret = efi_load_ramdisk(&e);
+	if (ret)
+		goto unload_oftree;
+
+	type = file_detect_type(e.loaded_image->image_base, PAGE_SIZE);
+	ret = efi_execute_image(e.handle, e.loaded_image, type);
+	if (ret)
+		goto unload_ramdisk;
+
+	return 0;
+
+unload_ramdisk:
+	if (e.initrd_res)
+		efi_unload_ramdisk(&e);
+unload_oftree:
+	efi_unload_fdt(&e);
+unload_os:
+	efi_unload_os(&e);
+	return ret;
+}
+
 static struct image_handler efi_handle_tr = {
 	.name = "EFI Application",
 	.bootm = do_bootm_efi,
 	.filetype = filetype_exe,
 };
 
+static struct image_handler efi_arm64_handle_tr = {
+	.name = "EFI ARM64 Linux kernel",
+	.bootm = do_bootm_efi_stub,
+	.filetype = filetype_arm64_efi_linux_image,
+};
+
 static int efi_execute(struct binfmt_hook *b, char *file, int argc, char **argv)
 {
-	return efi_execute_image(b->type, file);
+	int ret;
+	efi_handle_t handle;
+	struct efi_loaded_image *loaded_image;
+
+	ret = efi_load_file_image(file, &loaded_image, &handle);
+	if (ret)
+		return ret;
+
+	return efi_execute_image(handle, loaded_image, b->type);
 }
 
 static struct binfmt_hook binfmt_efi_hook = {
@@ -360,8 +707,10 @@ static int efi_register_image_handler(void)
 	if (IS_ENABLED(CONFIG_X86))
 		register_image_handler(&non_efi_handle_linux_x86);
 
-	if (IS_ENABLED(CONFIG_ARM64))
+	if (IS_ENABLED(CONFIG_ARM64)) {
+		register_image_handler(&efi_arm64_handle_tr);
 		binfmt_register(&binfmt_arm64_efi_hook);
+	}
 
 	return 0;
 }
-- 
2.34.1

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[Sascha Hauer]

Hi,

Some things worth fixing below.


On Sat, Aug 30, 2025 at 11:55:41PM -0400, chalianis1@gmail.com wrote:
> +static int efi_load_file_image(const char *file,
> +			       struct efi_loaded_image **loaded_image,
> +			       efi_handle_t *h)
>  {
> +	efi_physical_addr_t mem;
>  	void *exe;
> +	char *buf;
>  	size_t size;
>  	efi_handle_t handle;
>  	efi_status_t efiret = EFI_SUCCESS;
>  
> -	exe = efi_read_file(file, &size);
> -	if (!exe)
> -		return -errno;
> +	buf = read_file(file, &size);
> +	if (!buf)
> +		return -ENOMEM;

buf is never freed, neither in the error nor in the success path.

>  
> -	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe, size,
> -			&handle);
> +	exe = efi_allocate_pages(&mem, size, EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_LOADER_CODE);
> +	if (!exe) {
> +		pr_err("Failed to allocate pages for image\n");
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(exe, buf, size);
> +
> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe,
> +				size, &handle);
>  	if (EFI_ERROR(efiret)) {
>  		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
>  		goto out;
>  	};
>  
>  	efiret = BS->open_protocol(handle, &efi_loaded_image_protocol_guid,
> -			(void **)loaded_image,
> -			efi_parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> +				   (void **)loaded_image, efi_parent_image,
> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
>  	if (EFI_ERROR(efiret)) {
>  		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
>  		BS->unload_image(handle);
> @@ -151,8 +163,10 @@ static int efi_load_image(const char *file, struct efi_loaded_image **loaded_ima
>  	}
>  
>  	*h = handle;
> +
> +	return 0;
>  out:
> -	efi_free_file(exe, size);
> +	efi_free_pages(exe, size);
>  	return -efi_errno(efiret);
>  }
>  
> @@ -171,20 +185,16 @@ static bool is_linux_image(enum filetype filetype, const void *base)
>  	return false;
>  }
>  
> +static bool ramdisk_is_fit(struct image_data *data)
> +{
> +	struct stat st;
> +
> +	if (bootm_signed_images_are_forced())
> +		return true;
> +
> +	if (data->initrd_file) {
> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> +			return false;
> +	}
> +
> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> +			data->fit_config, "ramdisk") : false;
> +}
> +
> +static bool fdt_is_fit(struct image_data *data)
> +{
> +	struct stat st;
> +
> +	if (bootm_signed_images_are_forced())
> +		return true;
> +
> +	if (data->oftree_file) {
> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> +			return false;
> +	}
> +
> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> +			data->fit_config, "fdt") : false;

fit_has_image() can return an error code. Casting this to bool will
result in 'true' which is not what you want here.

> +}
> +
> +static int efi_load_os(struct efi_image_data *e)
> +{
> +	efi_status_t efiret = EFI_SUCCESS;
> +	efi_physical_addr_t mem;
> +	size_t image_size = 0;
> +	void *image = NULL;
> +	void *vmem = NULL;
> +	int ret = 0;
> +
> +	if (e->data->os_fit) {
> +		image = (void *)e->data->fit_kernel;
> +		image_size = e->data->fit_kernel_size;
> +	} else if (e->data->os_file)
> +		return efi_load_file_image(e->data->os_file,
> +				&e->loaded_image, &e->handle);

If neither of the above is true you continue with image = NULL and
image_size = 0. I think you need a else return -ESOMETHING here.

> +
> +	vmem = efi_allocate_pages(&mem, image_size, EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_LOADER_CODE);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for image\n");
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(vmem, image, image_size);
> +
> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, image,
> +				image_size, &e->handle);
> +	if (EFI_ERROR(efiret)) {
> +		ret = -efi_errno(efiret);
> +		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
> +		goto out_mem;
> +	};
> +
> +	efiret = BS->open_protocol(e->handle, &efi_loaded_image_protocol_guid,
> +				   (void **)&e->loaded_image, efi_parent_image,
> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> +	if (EFI_ERROR(efiret)) {
> +		ret = -efi_errno(efiret);
> +		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
> +		goto out_unload;
> +	}
> +
> +	e->image_res.base = mem;
> +	e->image_res.size = image_size;
> +
> +	return 0;
> +
> +out_mem:
> +	efi_free_pages(vmem, image_size);
> +out_unload:
> +	BS->unload_image(e->handle);
> +	return ret;
> +}
> +
> +static int efi_load_fdt(struct efi_image_data *e)
> +{
> +	efi_status_t efiret = EFI_SUCCESS;
> +	efi_physical_addr_t mem;
> +	void *vmem, *tmp = NULL;
> +	const void *of_tree;
> +	unsigned long of_size;
> +	bool from_fit;
> +	int ret;
> +
> +	if (IS_ENABLED(CONFIG_EFI_FDT_FORCE))
> +		return 0;
> +
> +	from_fit = fdt_is_fit(e->data);
> +	if (from_fit) {
> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> +				     "fdt", &of_tree, &of_size);
> +		if (ret) {
> +			pr_err("Cannot open FDT image in FIT image: %pe\n",
> +			       ERR_PTR(ret));
> +			return ret;
> +		}
> +	}
> +
> +	if (!from_fit) {

else instead?

> +		if (!e->data->oftree_file)
> +			return 0;
> +
> +		pr_info("Loading devicetree from '%s'\n", e->data->oftree_file);
> +		tmp = read_file(e->data->oftree_file, &of_size);
> +		if (!tmp || of_size <= 0) {
> +			pr_err("Failed to read initrd from file: %s\n",
> +				e->data->initrd_file);
> +			return -EINVAL;
> +		}
> +		of_tree = tmp;
> +	}
> +
> +	vmem = efi_allocate_pages(&mem, of_size + CONFIG_FDT_PADDING,
> +				 EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_ACPI_RECLAIM_MEMORY);

Can you replace CONFIG_FDT_PADDING with a #define in this file? The
Kconfig option you introduced becomes visible for every user, but it
only has a meaning in special cases. I think on EFI machines we are not
scarce on memory, so you could allocate a much higher amount of memory,
say 128KiB to reduce the need to make this configurable.

> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for FDT\n");
> +		goto free_file;
> +		return -ENOMEM;

This return is never reached. Also add ret = -ENOMEM before the goto.

> +	}
> +
> +	memcpy(vmem, of_tree, of_size);
> +
> +	efiret = BS->install_configuration_table(&efi_fdt_guid,
> +			(void *)mem);
> +	if (EFI_ERROR(efiret)) {
> +		pr_err("Failed to install FDT %s/n", efi_strerror(efiret));
> +		ret = -efi_errno(efiret);
> +		goto free_mem;
> +	}
> +
> +	e->oftree_res.base = mem;
> +	e->oftree_res.size = of_size + CONFIG_FDT_PADDING;
> +
> +	if (!from_fit && tmp)
> +		free(tmp);

No need to check, free() handles NULL pointers fine.

Some of the comments apply to efi_load_ramdisk() as well.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[Sascha Hauer]

On Thu, Sep 04, 2025 at 02:20:59AM -0400, anis chali wrote:
>    Hi Sascha,
>    > Please keep the list on Cc. Other people might be interested as well and
>    > might have some opinion in the discussions taking place.
>    Sorry for that of course.
>    > I just looked around how fit_has_image() is used. The return value is
>    > treated as bool by all callers, so I think it's better to just return
>    > bool from the function. I just sent a patch for it...
>    ack
>    > Sorry, I don't understand the question.
>    I was asking, would 128KB be always enough to cover any hardware, should
>    we go for 512KB instead?

When I understand correctly the 128KiB would only be the additional
memory for later additions to the device tree, right?

I think for that 128KiB should be quite much already.

>    For now I submitted with 128KB.
>    > No. I don't do EFI very much and I currently don't have a setup for
>    > testing this. Ahmad is more experienced with EFI than me.
>    Ok, I can maybe share my scripts, they are not clean at all with many
>    repos.  if I have time
>    I will do some clean up and share them (there scripts to generate
>    fitImage, linux, dts, optee, TF-A, UKI, edk2, custom qemu ...).
>    Thanks.

Great, looking forward to it.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[Ahmad Fatoum]

Hi,

On 04.09.25 08:48, Sascha Hauer wrote:
> On Thu, Sep 04, 2025 at 02:20:59AM -0400, anis chali wrote:
>>    For now I submitted with 128KB.
>>    > No. I don't do EFI very much and I currently don't have a setup for
>>    > testing this. Ahmad is more experienced with EFI than me.
>>    Ok, I can maybe share my scripts, they are not clean at all with many
>>    repos.  if I have time
>>    I will do some clean up and share them (there scripts to generate
>>    fitImage, linux, dts, optee, TF-A, UKI, edk2, custom qemu ...).
>>    Thanks.
> 
> Great, looking forward to it.

That would be very useful. I already started setting up a Yocto BSP, which
generates some of this components (OP-TEE, TF-A and kernel for 32-bit ARM
so far) for eventual use by CI and development.

Your scripts would help in fleshing it out.

Cheers,
Ahmad

> 
> Sascha
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[Ahmad Fatoum]

Hi,

On 8/31/25 5:55 AM, chalianis1@gmail.com wrote:
> From: Chali Anis <chalianis1@gmail.com>
> 
> This patch has more stock, between implementing EFI STUB boot, refactor to
> reuse the code and finaly support the fit image format.

We should rename the existing image.c to handover.c and keep it x86 only
and add your code without the historical baggage IMO.

Given that Sascha already commented on some things, I want to ask you to
squash your latest changes into this commit, have two separate files
(maybe call this one boot.c) and resend.

Thanks,
Ahmad

> This code is tested on many qemu EFI compilations comming from ovmf ubuntu
> package, tianocore efi for qemu, local edk2 build, and also tested on RPi3b
> 64 bit EFI from tianocore and a local build of edk2, more mchines will be
> tested soon. the test was for a full boot chain on RPi3b booting a fit image
> containing a kernel, an fdt, and a ramdisk with ostree initrd to mount an
> ostree root filesystem. for contribution in short term,
> 1. it would be nice to test with more hardware,
> 2. linux global checkup of efivars, efi capsule update, efi runtime services
> 3. The state.dtb to support barebox state to manage multiple system boot
>    and a recovery.
>    the case would be sys1 = new ostree commit, sys2 = old commit (rollback)
>    and a recovery boot system on readonly disk.
> 4. secure boot, PoC to check if there is a way to load TF-A from EFI
> and then load the efi payload from it and launch optee??
> 
> Signed-off-by: Chali Anis <chalianis1@gmail.com>
> ---
>  efi/payload/image.c | 457 ++++++++++++++++++++++++++++++++++++++------
>  1 file changed, 403 insertions(+), 54 deletions(-)
> 
> diff --git a/efi/payload/image.c b/efi/payload/image.c
> index 33c5e18dac27..38d52a32ea64 100644
> --- a/efi/payload/image.c
> +++ b/efi/payload/image.c
> @@ -25,6 +25,7 @@
>  #include <libfile.h>
>  #include <binfmt.h>
>  #include <wchar.h>
> +#include <image-fit.h>
>  #include <efi/efi-payload.h>
>  #include <efi/efi-device.h>
>  
> @@ -77,42 +78,41 @@ struct linux_kernel_header {
>  	uint32_t handover_offset;	/** */
>  } __attribute__ ((packed));
>  
> -static void *efi_read_file(const char *file, size_t *size)
> -{
> -	efi_physical_addr_t mem;
> -	efi_status_t efiret;
> -	struct stat s;
> -	char *buf;
> -	ssize_t ret;
> +struct efi_mem_resource {
> +	efi_physical_addr_t base;
> +	size_t size;
> +} __attribute__ ((packed));
>  
> -	buf = read_file(file, size);
> -	if (buf || errno != ENOMEM)
> -		return buf;
> +struct efi_image_data {
> +	struct image_data *data;
>  
> -	ret = stat(file, &s);
> -	if (ret)
> -		return NULL;
> +	efi_handle_t handle;
> +	struct efi_loaded_image *loaded_image;
>  
> -	efiret = BS->allocate_pages(EFI_ALLOCATE_ANY_PAGES,
> -				    EFI_LOADER_CODE,
> -				    DIV_ROUND_UP(s.st_size, EFI_PAGE_SIZE),
> -				    &mem);
> +	struct efi_mem_resource image_res;
> +	struct efi_mem_resource oftree_res;
> +	struct efi_mem_resource *initrd_res;
> +};
> +
> +
> +static void *efi_allocate_pages(efi_physical_addr_t *mem,
> +				size_t size,
> +				enum efi_allocate_type allocate_type,
> +				enum efi_memory_type mem_type)
> +{
> +	efi_status_t efiret;
> +
> +	efiret = BS->allocate_pages(allocate_type, mem_type,
> +				    DIV_ROUND_UP(size, EFI_PAGE_SIZE), mem);
>  	if (EFI_ERROR(efiret)) {
>  		errno = efi_errno(efiret);
>  		return NULL;
>  	}
>  
> -	buf = efi_phys_to_virt(mem);
> -
> -	ret = read_file_into_buf(file, buf, s.st_size);
> -	if (ret < 0)
> -		return NULL;
> -
> -	*size = ret;
> -	return buf;
> +	return efi_phys_to_virt(*mem);
>  }
>  
> -static void efi_free_file(void *_mem, size_t size)
> +static void efi_free_pages(void *_mem, size_t size)
>  {
>  	efi_physical_addr_t mem = efi_virt_to_phys(_mem);
>  
> @@ -122,28 +122,40 @@ static void efi_free_file(void *_mem, size_t size)
>  		BS->free_pages(mem, DIV_ROUND_UP(size, EFI_PAGE_SIZE));
>  }
>  
> -static int efi_load_image(const char *file, struct efi_loaded_image **loaded_image,
> -		efi_handle_t *h)
> +static int efi_load_file_image(const char *file,
> +			       struct efi_loaded_image **loaded_image,
> +			       efi_handle_t *h)
>  {
> +	efi_physical_addr_t mem;
>  	void *exe;
> +	char *buf;
>  	size_t size;
>  	efi_handle_t handle;
>  	efi_status_t efiret = EFI_SUCCESS;
>  
> -	exe = efi_read_file(file, &size);
> -	if (!exe)
> -		return -errno;
> +	buf = read_file(file, &size);
> +	if (!buf)
> +		return -ENOMEM;
>  
> -	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe, size,
> -			&handle);
> +	exe = efi_allocate_pages(&mem, size, EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_LOADER_CODE);
> +	if (!exe) {
> +		pr_err("Failed to allocate pages for image\n");
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(exe, buf, size);
> +
> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe,
> +				size, &handle);
>  	if (EFI_ERROR(efiret)) {
>  		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
>  		goto out;
>  	};
>  
>  	efiret = BS->open_protocol(handle, &efi_loaded_image_protocol_guid,
> -			(void **)loaded_image,
> -			efi_parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> +				   (void **)loaded_image, efi_parent_image,
> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
>  	if (EFI_ERROR(efiret)) {
>  		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
>  		BS->unload_image(handle);
> @@ -151,8 +163,10 @@ static int efi_load_image(const char *file, struct efi_loaded_image **loaded_ima
>  	}
>  
>  	*h = handle;
> +
> +	return 0;
>  out:
> -	efi_free_file(exe, size);
> +	efi_free_pages(exe, size);
>  	return -efi_errno(efiret);
>  }
>  
> @@ -171,20 +185,16 @@ static bool is_linux_image(enum filetype filetype, const void *base)
>  	return false;
>  }
>  
> -static int efi_execute_image(enum filetype filetype, const char *file)
> +static int efi_execute_image(efi_handle_t handle,
> +			     struct efi_loaded_image *loaded_image,
> +			     enum filetype filetype)
>  {
> -	efi_handle_t handle;
> -	struct efi_loaded_image *loaded_image;
>  	efi_status_t efiret;
>  	const char *options;
>  	bool is_driver;
> -	int ret;
> -
> -	ret = efi_load_image(file, &loaded_image, &handle);
> -	if (ret)
> -		return ret;
>  
> -	is_driver = (loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
> +	is_driver =
> +		(loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
>  		(loaded_image->image_code_type == EFI_RUNTIME_SERVICES_CODE);
>  
>  	if (is_linux_image(filetype, loaded_image->image_base)) {
> @@ -192,7 +202,8 @@ static int efi_execute_image(enum filetype filetype, const char *file)
>  		options = linux_bootargs_get();
>  		pr_info("add linux options '%s'\n", options);
>  		if (options) {
> -			loaded_image->load_options = xstrdup_char_to_wchar(options);
> +			loaded_image->load_options =
> +				xstrdup_char_to_wchar(options);
>  			loaded_image->load_options_size =
>  				(strlen(options) + 1) * sizeof(wchar_t);
>  		}
> @@ -216,11 +227,11 @@ static int efi_execute_image(enum filetype filetype, const char *file)
>  	return -efi_errno(efiret);
>  }
>  
> -typedef void(*handover_fn)(void *image, struct efi_system_table *table,
> -		struct linux_kernel_header *header);
> +typedef void (*handover_fn)(void *image, struct efi_system_table *table,
> +			    struct linux_kernel_header *header);
>  
>  static inline void linux_efi_handover(efi_handle_t handle,
> -		struct linux_kernel_header *header)
> +				      struct linux_kernel_header *header)
>  {
>  	handover_fn handover;
>  	uintptr_t addr;
> @@ -244,7 +255,7 @@ static int do_bootm_efi(struct image_data *data)
>  	struct efi_loaded_image *loaded_image;
>  	struct linux_kernel_header *image_header, *boot_header;
>  
> -	ret = efi_load_image(data->os_file, &loaded_image, &handle);
> +	ret = efi_load_file_image(data->os_file, &loaded_image, &handle);
>  	if (ret)
>  		return ret;
>  
> @@ -284,8 +295,9 @@ static int do_bootm_efi(struct image_data *data)
>  		boot_header->cmdline_size = strlen(options);
>  	}
>  
> -	boot_header->code32_start = efi_virt_to_phys(loaded_image->image_base +
> -			(image_header->setup_sects+1) * 512);
> +	boot_header->code32_start =
> +		efi_virt_to_phys(loaded_image->image_base +
> +				 (image_header->setup_sects + 1) * 512);
>  
>  	if (bootm_verbose(data)) {
>  		printf("\nStarting kernel at 0x%p", loaded_image->image_base);
> @@ -311,15 +323,350 @@ static int do_bootm_efi(struct image_data *data)
>  	return 0;
>  }
>  
> +static bool ramdisk_is_fit(struct image_data *data)
> +{
> +	struct stat st;
> +
> +	if (bootm_signed_images_are_forced())
> +		return true;
> +
> +	if (data->initrd_file) {
> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> +			return false;
> +	}
> +
> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> +			data->fit_config, "ramdisk") : false;
> +}
> +
> +static bool fdt_is_fit(struct image_data *data)
> +{
> +	struct stat st;
> +
> +	if (bootm_signed_images_are_forced())
> +		return true;
> +
> +	if (data->oftree_file) {
> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> +			return false;
> +	}
> +
> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> +			data->fit_config, "fdt") : false;
> +}
> +
> +static int efi_load_os(struct efi_image_data *e)
> +{
> +	efi_status_t efiret = EFI_SUCCESS;
> +	efi_physical_addr_t mem;
> +	size_t image_size = 0;
> +	void *image = NULL;
> +	void *vmem = NULL;
> +	int ret = 0;
> +
> +	if (e->data->os_fit) {
> +		image = (void *)e->data->fit_kernel;
> +		image_size = e->data->fit_kernel_size;
> +	} else if (e->data->os_file)
> +		return efi_load_file_image(e->data->os_file,
> +				&e->loaded_image, &e->handle);
> +
> +	vmem = efi_allocate_pages(&mem, image_size, EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_LOADER_CODE);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for image\n");
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(vmem, image, image_size);
> +
> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, image,
> +				image_size, &e->handle);
> +	if (EFI_ERROR(efiret)) {
> +		ret = -efi_errno(efiret);
> +		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
> +		goto out_mem;
> +	};
> +
> +	efiret = BS->open_protocol(e->handle, &efi_loaded_image_protocol_guid,
> +				   (void **)&e->loaded_image, efi_parent_image,
> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> +	if (EFI_ERROR(efiret)) {
> +		ret = -efi_errno(efiret);
> +		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
> +		goto out_unload;
> +	}
> +
> +	e->image_res.base = mem;
> +	e->image_res.size = image_size;
> +
> +	return 0;
> +
> +out_mem:
> +	efi_free_pages(vmem, image_size);
> +out_unload:
> +	BS->unload_image(e->handle);
> +	return ret;
> +}
> +
> +static void efi_unload_os(struct efi_image_data *e)
> +{
> +	BS->close_protocol(e->handle, &efi_loaded_image_protocol_guid,
> +				 efi_parent_image, NULL);
> +
> +	BS->unload_image(e->handle);
> +	efi_free_pages(efi_phys_to_virt(e->image_res.base),
> +				 e->image_res.size);
> +}
> +
> +static int efi_load_ramdisk(struct efi_image_data *e)
> +{
> +	void *vmem, *tmp = NULL;
> +	efi_physical_addr_t mem;
> +	efi_status_t efiret = EFI_SUCCESS;
> +	const void *initrd;
> +	unsigned long initrd_size;
> +	bool from_fit;
> +	int ret;
> +
> +	from_fit = ramdisk_is_fit(e->data);
> +
> +	if (from_fit) {
> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> +				     "ramdisk", &initrd, &initrd_size);
> +		if (ret) {
> +			pr_err("Cannot open ramdisk image in FIT image: %pe\n",
> +			       ERR_PTR(ret));
> +			return ret;
> +		}
> +	}
> +
> +	if (!from_fit) {
> +		if (!e->data->initrd_file)
> +			return 0;
> +
> +		pr_info("Loading ramdisk from '%s'\n", e->data->initrd_file);
> +		tmp = read_file(e->data->initrd_file, &initrd_size);
> +		if (!tmp || initrd_size <= 0) {
> +			pr_err("Failed to read initrd from file: %s\n",
> +				e->data->initrd_file);
> +			return -EINVAL;
> +		}
> +		initrd = tmp;
> +	}
> +
> +	efiret = BS->allocate_pool(EFI_LOADER_DATA,
> +			sizeof(struct efi_mem_resource),
> +			(void **)&e->initrd_res);
> +	if (EFI_ERROR(efiret) || !e->initrd_res) {
> +		ret = -efi_errno(efiret);
> +		pr_err("Failed to allocate initrd %s/n", efi_strerror(efiret));
> +		goto free_mem;
> +	}
> +
> +	vmem = efi_allocate_pages(&mem, initrd_size,
> +				 EFI_ALLOCATE_MAX_ADDRESS, EFI_LOADER_DATA);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for initrd data\n");
> +		ret = -ENOMEM;
> +		goto free_pool;
> +	}
> +
> +	memcpy(vmem, (void *)initrd, initrd_size);
> +	e->initrd_res->base = (uint64_t)mem;
> +	e->initrd_res->size = (uint64_t)initrd_size;
> +
> +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL)) {
> +		efiret = BS->install_configuration_table(
> +			&efi_linux_initrd_media_guid,
> +			(void *)e->initrd_res);
> +		if (EFI_ERROR(efiret)) {
> +			ret = -efi_errno(efiret);
> +			pr_err("Failed to install INITRD %s/n",
> +					efi_strerror(efiret));
> +			goto free_pages;
> +		}
> +	} else {
> +		ret = efi_initrd_register(vmem, initrd_size);
> +		if (ret) {
> +			pr_err("Failed to register INITRD %s/n",
> +				strerror(efiret));
> +			goto free_pages;
> +		}
> +	}
> +
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return 0;
> +
> +free_pages:
> +	efi_free_pages(vmem, initrd_size);
> +free_pool:
> +	BS->free_pool(e->initrd_res);
> +free_mem:
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return ret;
> +}
> +
> +static void efi_unload_ramdisk(struct efi_image_data *e)
> +{
> +
> +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL))
> +		BS->install_configuration_table(
> +			&efi_linux_initrd_media_guid, NULL);
> +	else
> +		efi_initrd_unregister();
> +
> +	efi_free_pages(efi_phys_to_virt(e->initrd_res->base),
> +				 e->initrd_res->size);
> +
> +	BS->free_pool(e->initrd_res);
> +	e->initrd_res = NULL;
> +}
> +
> +static int efi_load_fdt(struct efi_image_data *e)
> +{
> +	efi_status_t efiret = EFI_SUCCESS;
> +	efi_physical_addr_t mem;
> +	void *vmem, *tmp = NULL;
> +	const void *of_tree;
> +	unsigned long of_size;
> +	bool from_fit;
> +	int ret;
> +
> +	if (IS_ENABLED(CONFIG_EFI_FDT_FORCE))
> +		return 0;
> +
> +	from_fit = fdt_is_fit(e->data);
> +	if (from_fit) {
> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> +				     "fdt", &of_tree, &of_size);
> +		if (ret) {
> +			pr_err("Cannot open FDT image in FIT image: %pe\n",
> +			       ERR_PTR(ret));
> +			return ret;
> +		}
> +	}
> +
> +	if (!from_fit) {
> +		if (!e->data->oftree_file)
> +			return 0;
> +
> +		pr_info("Loading devicetree from '%s'\n", e->data->oftree_file);
> +		tmp = read_file(e->data->oftree_file, &of_size);
> +		if (!tmp || of_size <= 0) {
> +			pr_err("Failed to read initrd from file: %s\n",
> +				e->data->initrd_file);
> +			return -EINVAL;
> +		}
> +		of_tree = tmp;
> +	}
> +
> +	vmem = efi_allocate_pages(&mem, of_size + CONFIG_FDT_PADDING,
> +				 EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_ACPI_RECLAIM_MEMORY);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for FDT\n");
> +		goto free_file;
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(vmem, of_tree, of_size);
> +
> +	efiret = BS->install_configuration_table(&efi_fdt_guid,
> +			(void *)mem);
> +	if (EFI_ERROR(efiret)) {
> +		pr_err("Failed to install FDT %s/n", efi_strerror(efiret));
> +		ret = -efi_errno(efiret);
> +		goto free_mem;
> +	}
> +
> +	e->oftree_res.base = mem;
> +	e->oftree_res.size = of_size + CONFIG_FDT_PADDING;
> +
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return 0;
> +
> +free_mem:
> +	efi_free_pages(vmem, of_size);
> +free_file:
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return ret;
> +}
> +
> +static void efi_unload_fdt(struct efi_image_data *e)
> +{
> +	BS->install_configuration_table(&efi_fdt_guid, NULL);
> +
> +	efi_free_pages(efi_phys_to_virt(e->oftree_res.base),
> +				 e->oftree_res.size);
> +}
> +
> +static int do_bootm_efi_stub(struct image_data *data)
> +{
> +	struct efi_image_data e = {.data = data};
> +	enum filetype type;
> +	int ret = 0;
> +
> +	ret = efi_load_os(&e);
> +	if (ret)
> +		return ret;
> +
> +	ret = efi_load_fdt(&e);
> +	if (ret)
> +		goto unload_os;
> +
> +	ret = efi_load_ramdisk(&e);
> +	if (ret)
> +		goto unload_oftree;
> +
> +	type = file_detect_type(e.loaded_image->image_base, PAGE_SIZE);
> +	ret = efi_execute_image(e.handle, e.loaded_image, type);
> +	if (ret)
> +		goto unload_ramdisk;
> +
> +	return 0;
> +
> +unload_ramdisk:
> +	if (e.initrd_res)
> +		efi_unload_ramdisk(&e);
> +unload_oftree:
> +	efi_unload_fdt(&e);
> +unload_os:
> +	efi_unload_os(&e);
> +	return ret;
> +}
> +
>  static struct image_handler efi_handle_tr = {
>  	.name = "EFI Application",
>  	.bootm = do_bootm_efi,
>  	.filetype = filetype_exe,
>  };
>  
> +static struct image_handler efi_arm64_handle_tr = {
> +	.name = "EFI ARM64 Linux kernel",
> +	.bootm = do_bootm_efi_stub,
> +	.filetype = filetype_arm64_efi_linux_image,
> +};
> +
>  static int efi_execute(struct binfmt_hook *b, char *file, int argc, char **argv)
>  {
> -	return efi_execute_image(b->type, file);
> +	int ret;
> +	efi_handle_t handle;
> +	struct efi_loaded_image *loaded_image;
> +
> +	ret = efi_load_file_image(file, &loaded_image, &handle);
> +	if (ret)
> +		return ret;
> +
> +	return efi_execute_image(handle, loaded_image, b->type);
>  }
>  
>  static struct binfmt_hook binfmt_efi_hook = {
> @@ -360,8 +707,10 @@ static int efi_register_image_handler(void)
>  	if (IS_ENABLED(CONFIG_X86))
>  		register_image_handler(&non_efi_handle_linux_x86);
>  
> -	if (IS_ENABLED(CONFIG_ARM64))
> +	if (IS_ENABLED(CONFIG_ARM64)) {
> +		register_image_handler(&efi_arm64_handle_tr);
>  		binfmt_register(&binfmt_arm64_efi_hook);
> +	}
>  
>  	return 0;
>  }

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[anis chali]

Hi,

> We should rename the existing image.c to handover.c and keep it x86 only
> and add your code without the historical baggage IMO.
Ok, We can rename the file, do we need to create a shared file between them,
beacuse we have all the code for reading the image and allocating in common 
between the handover.c (comming) and the image.c, An option would be refactoring
the handover to become just a branch that we take if a config is enabled, Knowing
that we meybe can support efi stub in x86 with the same code in image.c, in that case 
we maybe should just name it efi/payload/bootm.c and it will cover linux as efi application
fitImage on all supported architectures??

> Given that Sascha already commented on some things, I want to ask you to
> squash your latest changes into this commit, have two separate files
> (maybe call this one boot.c) and resend.

Okay, I’ll wait for your feedback before proceeding.

> Thanks,
> Ahmad
> 
> This code is tested on many qemu EFI compilations comming from ovmf ubuntu
> > package, tianocore efi for qemu, local edk2 build, and also tested on RPi3b
> > 64 bit EFI from tianocore and a local build of edk2, more mchines will be
> > tested soon. the test was for a full boot chain on RPi3b booting a fit image
> > containing a kernel, an fdt, and a ramdisk with ostree initrd to mount an
> > ostree root filesystem. for contribution in short term,
> > 1. it would be nice to test with more hardware,
> > 2. linux global checkup of efivars, efi capsule update, efi runtime services
> > 3. The state.dtb to support barebox state to manage multiple system boot
> >    and a recovery.
> >    the case would be sys1 = new ostree commit, sys2 = old commit (rollback)
> >    and a recovery boot system on readonly disk.
> > 4. secure boot, PoC to check if there is a way to load TF-A from EFI
> > and then load the efi payload from it and launch optee??
> > 
> Signed-off-by: Chali Anis <[chalianis1@gmail.com](mailto:chalianis1@gmail.com)>
> > ---
> >  efi/payload/image.c | 457 ++++++++++++++++++++++++++++++++++++++------
> >  1 file changed, 403 insertions(+), 54 deletions(-)
> > 
> diff --git a/efi/payload/image.c b/efi/payload/image.c
> > index 33c5e18dac27..38d52a32ea64 100644
> > --- a/efi/payload/image.c
> > +++ b/efi/payload/image.c
> > @@ -25,6 +25,7 @@
> >  #include <libfile.h>
> >  #include <binfmt.h>
> >  #include <wchar.h>
> > +#include <image-fit.h>
> >  #include <efi/efi-payload.h>
> >  #include <efi/efi-device.h>
> >  
> > @@ -77,42 +78,41 @@ struct linux_kernel_header {
> >  	uint32_t handover_offset;	/** */
> >  } __attribute__ ((packed));
> >  
> > -static void *efi_read_file(const char *file, size_t *size)
> > -{
> > -	efi_physical_addr_t mem;
> > -	efi_status_t efiret;
> > -	struct stat s;
> > -	char *buf;
> > -	ssize_t ret;
> > +struct efi_mem_resource {
> > +	efi_physical_addr_t base;
> > +	size_t size;
> > +} __attribute__ ((packed));
> >  
> > -	buf = read_file(file, size);
> > -	if (buf || errno != ENOMEM)
> > -		return buf;
> > +struct efi_image_data {
> > +	struct image_data *data;
> >  
> > -	ret = stat(file, &s);
> > -	if (ret)
> > -		return NULL;
> > +	efi_handle_t handle;
> > +	struct efi_loaded_image *loaded_image;
> >  
> > -	efiret = BS->allocate_pages(EFI_ALLOCATE_ANY_PAGES,
> > -				    EFI_LOADER_CODE,
> > -				    DIV_ROUND_UP(s.st_size, EFI_PAGE_SIZE),
> > -				    &mem);
> > +	struct efi_mem_resource image_res;
> > +	struct efi_mem_resource oftree_res;
> > +	struct efi_mem_resource *initrd_res;
> > +};
> > +
> > +
> > +static void *efi_allocate_pages(efi_physical_addr_t *mem,
> > +				size_t size,
> > +				enum efi_allocate_type allocate_type,
> > +				enum efi_memory_type mem_type)
> > +{
> > +	efi_status_t efiret;
> > +
> > +	efiret = BS->allocate_pages(allocate_type, mem_type,
> > +				    DIV_ROUND_UP(size, EFI_PAGE_SIZE), mem);
> >  	if (EFI_ERROR(efiret)) {
> >  		errno = efi_errno(efiret);
> >  		return NULL;
> >  	}
> >  
> > -	buf = efi_phys_to_virt(mem);
> > -
> > -	ret = read_file_into_buf(file, buf, s.st_size);
> > -	if (ret < 0)
> > -		return NULL;
> > -
> > -	*size = ret;
> > -	return buf;
> > +	return efi_phys_to_virt(*mem);
> >  }
> >  
> > -static void efi_free_file(void *_mem, size_t size)
> > +static void efi_free_pages(void *_mem, size_t size)
> >  {
> >  	efi_physical_addr_t mem = efi_virt_to_phys(_mem);
> >  
> > @@ -122,28 +122,40 @@ static void efi_free_file(void *_mem, size_t size)
> >  		BS->free_pages(mem, DIV_ROUND_UP(size, EFI_PAGE_SIZE));
> >  }
> >  
> > -static int efi_load_image(const char *file, struct efi_loaded_image **loaded_image,
> > -		efi_handle_t *h)
> > +static int efi_load_file_image(const char *file,
> > +			       struct efi_loaded_image **loaded_image,
> > +			       efi_handle_t *h)
> >  {
> > +	efi_physical_addr_t mem;
> >  	void *exe;
> > +	char *buf;
> >  	size_t size;
> >  	efi_handle_t handle;
> >  	efi_status_t efiret = EFI_SUCCESS;
> >  
> > -	exe = efi_read_file(file, &size);
> > -	if (!exe)
> > -		return -errno;
> > +	buf = read_file(file, &size);
> > +	if (!buf)
> > +		return -ENOMEM;
> >  
> > -	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe, size,
> > -			&handle);
> > +	exe = efi_allocate_pages(&mem, size, EFI_ALLOCATE_ANY_PAGES,
> > +				 EFI_LOADER_CODE);
> > +	if (!exe) {
> > +		pr_err("Failed to allocate pages for image\n");
> > +		return -ENOMEM;
> > +	}
> > +
> > +	memcpy(exe, buf, size);
> > +
> > +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe,
> > +				size, &handle);
> >  	if (EFI_ERROR(efiret)) {
> >  		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
> >  		goto out;
> >  	};
> >  
> >  	efiret = BS->open_protocol(handle, &efi_loaded_image_protocol_guid,
> > -			(void **)loaded_image,
> > -			efi_parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> > +				   (void **)loaded_image, efi_parent_image,
> > +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> >  	if (EFI_ERROR(efiret)) {
> >  		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
> >  		BS->unload_image(handle);
> > @@ -151,8 +163,10 @@ static int efi_load_image(const char *file, struct efi_loaded_image **loaded_ima
> >  	}
> >  
> >  	*h = handle;
> > +
> > +	return 0;
> >  out:
> > -	efi_free_file(exe, size);
> > +	efi_free_pages(exe, size);
> >  	return -efi_errno(efiret);
> >  }
> >  
> > @@ -171,20 +185,16 @@ static bool is_linux_image(enum filetype filetype, const void *base)
> >  	return false;
> >  }
> >  
> > -static int efi_execute_image(enum filetype filetype, const char *file)
> > +static int efi_execute_image(efi_handle_t handle,
> > +			     struct efi_loaded_image *loaded_image,
> > +			     enum filetype filetype)
> >  {
> > -	efi_handle_t handle;
> > -	struct efi_loaded_image *loaded_image;
> >  	efi_status_t efiret;
> >  	const char *options;
> >  	bool is_driver;
> > -	int ret;
> > -
> > -	ret = efi_load_image(file, &loaded_image, &handle);
> > -	if (ret)
> > -		return ret;
> >  
> > -	is_driver = (loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
> > +	is_driver =
> > +		(loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
> >  		(loaded_image->image_code_type == EFI_RUNTIME_SERVICES_CODE);
> >  
> >  	if (is_linux_image(filetype, loaded_image->image_base)) {
> > @@ -192,7 +202,8 @@ static int efi_execute_image(enum filetype filetype, const char *file)
> >  		options = linux_bootargs_get();
> >  		pr_info("add linux options '%s'\n", options);
> >  		if (options) {
> > -			loaded_image->load_options = xstrdup_char_to_wchar(options);
> > +			loaded_image->load_options =
> > +				xstrdup_char_to_wchar(options);
> >  			loaded_image->load_options_size =
> >  				(strlen(options) + 1) * sizeof(wchar_t);
> >  		}
> > @@ -216,11 +227,11 @@ static int efi_execute_image(enum filetype filetype, const char *file)
> >  	return -efi_errno(efiret);
> >  }
> >  
> > -typedef void(*handover_fn)(void *image, struct efi_system_table *table,
> > -		struct linux_kernel_header *header);
> > +typedef void (*handover_fn)(void *image, struct efi_system_table *table,
> > +			    struct linux_kernel_header *header);
> >  
> >  static inline void linux_efi_handover(efi_handle_t handle,
> > -		struct linux_kernel_header *header)
> > +				      struct linux_kernel_header *header)
> >  {
> >  	handover_fn handover;
> >  	uintptr_t addr;
> > @@ -244,7 +255,7 @@ static int do_bootm_efi(struct image_data *data)
> >  	struct efi_loaded_image *loaded_image;
> >  	struct linux_kernel_header *image_header, *boot_header;
> >  
> > -	ret = efi_load_image(data->os_file, &loaded_image, &handle);
> > +	ret = efi_load_file_image(data->os_file, &loaded_image, &handle);
> >  	if (ret)
> >  		return ret;
> >  
> > @@ -284,8 +295,9 @@ static int do_bootm_efi(struct image_data *data)
> >  		boot_header->cmdline_size = strlen(options);
> >  	}
> >  
> > -	boot_header->code32_start = efi_virt_to_phys(loaded_image->image_base +
> > -			(image_header->setup_sects+1) * 512);
> > +	boot_header->code32_start =
> > +		efi_virt_to_phys(loaded_image->image_base +
> > +				 (image_header->setup_sects + 1) * 512);
> >  
> >  	if (bootm_verbose(data)) {
> >  		printf("\nStarting kernel at 0x%p", loaded_image->image_base);
> > @@ -311,15 +323,350 @@ static int do_bootm_efi(struct image_data *data)
> >  	return 0;
> >  }
> >  
> > +static bool ramdisk_is_fit(struct image_data *data)
> > +{
> > +	struct stat st;
> > +
> > +	if (bootm_signed_images_are_forced())
> > +		return true;
> > +
> > +	if (data->initrd_file) {
> > +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> > +			return false;
> > +	}
> > +
> > +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> > +			data->fit_config, "ramdisk") : false;
> > +}
> > +
> > +static bool fdt_is_fit(struct image_data *data)
> > +{
> > +	struct stat st;
> > +
> > +	if (bootm_signed_images_are_forced())
> > +		return true;
> > +
> > +	if (data->oftree_file) {
> > +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> > +			return false;
> > +	}
> > +
> > +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> > +			data->fit_config, "fdt") : false;
> > +}
> > +
> > +static int efi_load_os(struct efi_image_data *e)
> > +{
> > +	efi_status_t efiret = EFI_SUCCESS;
> > +	efi_physical_addr_t mem;
> > +	size_t image_size = 0;
> > +	void *image = NULL;
> > +	void *vmem = NULL;
> > +	int ret = 0;
> > +
> > +	if (e->data->os_fit) {
> > +		image = (void *)e->data->fit_kernel;
> > +		image_size = e->data->fit_kernel_size;
> > +	} else if (e->data->os_file)
> > +		return efi_load_file_image(e->data->os_file,
> > +				&e->loaded_image, &e->handle);
> > +
> > +	vmem = efi_allocate_pages(&mem, image_size, EFI_ALLOCATE_ANY_PAGES,
> > +				 EFI_LOADER_CODE);
> > +	if (!vmem) {
> > +		pr_err("Failed to allocate pages for image\n");
> > +		return -ENOMEM;
> > +	}
> > +
> > +	memcpy(vmem, image, image_size);
> > +
> > +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, image,
> > +				image_size, &e->handle);
> > +	if (EFI_ERROR(efiret)) {
> > +		ret = -efi_errno(efiret);
> > +		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
> > +		goto out_mem;
> > +	};
> > +
> > +	efiret = BS->open_protocol(e->handle, &efi_loaded_image_protocol_guid,
> > +				   (void **)&e->loaded_image, efi_parent_image,
> > +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> > +	if (EFI_ERROR(efiret)) {
> > +		ret = -efi_errno(efiret);
> > +		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
> > +		goto out_unload;
> > +	}
> > +
> > +	e->image_res.base = mem;
> > +	e->image_res.size = image_size;
> > +
> > +	return 0;
> > +
> > +out_mem:
> > +	efi_free_pages(vmem, image_size);
> > +out_unload:
> > +	BS->unload_image(e->handle);
> > +	return ret;
> > +}
> > +
> > +static void efi_unload_os(struct efi_image_data *e)
> > +{
> > +	BS->close_protocol(e->handle, &efi_loaded_image_protocol_guid,
> > +				 efi_parent_image, NULL);
> > +
> > +	BS->unload_image(e->handle);
> > +	efi_free_pages(efi_phys_to_virt(e->image_res.base),
> > +				 e->image_res.size);
> > +}
> > +
> > +static int efi_load_ramdisk(struct efi_image_data *e)
> > +{
> > +	void *vmem, *tmp = NULL;
> > +	efi_physical_addr_t mem;
> > +	efi_status_t efiret = EFI_SUCCESS;
> > +	const void *initrd;
> > +	unsigned long initrd_size;
> > +	bool from_fit;
> > +	int ret;
> > +
> > +	from_fit = ramdisk_is_fit(e->data);
> > +
> > +	if (from_fit) {
> > +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> > +				     "ramdisk", &initrd, &initrd_size);
> > +		if (ret) {
> > +			pr_err("Cannot open ramdisk image in FIT image: %pe\n",
> > +			       ERR_PTR(ret));
> > +			return ret;
> > +		}
> > +	}
> > +
> > +	if (!from_fit) {
> > +		if (!e->data->initrd_file)
> > +			return 0;
> > +
> > +		pr_info("Loading ramdisk from '%s'\n", e->data->initrd_file);
> > +		tmp = read_file(e->data->initrd_file, &initrd_size);
> > +		if (!tmp || initrd_size <= 0) {
> > +			pr_err("Failed to read initrd from file: %s\n",
> > +				e->data->initrd_file);
> > +			return -EINVAL;
> > +		}
> > +		initrd = tmp;
> > +	}
> > +
> > +	efiret = BS->allocate_pool(EFI_LOADER_DATA,
> > +			sizeof(struct efi_mem_resource),
> > +			(void **)&e->initrd_res);
> > +	if (EFI_ERROR(efiret) || !e->initrd_res) {
> > +		ret = -efi_errno(efiret);
> > +		pr_err("Failed to allocate initrd %s/n", efi_strerror(efiret));
> > +		goto free_mem;
> > +	}
> > +
> > +	vmem = efi_allocate_pages(&mem, initrd_size,
> > +				 EFI_ALLOCATE_MAX_ADDRESS, EFI_LOADER_DATA);
> > +	if (!vmem) {
> > +		pr_err("Failed to allocate pages for initrd data\n");
> > +		ret = -ENOMEM;
> > +		goto free_pool;
> > +	}
> > +
> > +	memcpy(vmem, (void *)initrd, initrd_size);
> > +	e->initrd_res->base = (uint64_t)mem;
> > +	e->initrd_res->size = (uint64_t)initrd_size;
> > +
> > +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL)) {
> > +		efiret = BS->install_configuration_table(
> > +			&efi_linux_initrd_media_guid,
> > +			(void *)e->initrd_res);
> > +		if (EFI_ERROR(efiret)) {
> > +			ret = -efi_errno(efiret);
> > +			pr_err("Failed to install INITRD %s/n",
> > +					efi_strerror(efiret));
> > +			goto free_pages;
> > +		}
> > +	} else {
> > +		ret = efi_initrd_register(vmem, initrd_size);
> > +		if (ret) {
> > +			pr_err("Failed to register INITRD %s/n",
> > +				strerror(efiret));
> > +			goto free_pages;
> > +		}
> > +	}
> > +
> > +	if (!from_fit && tmp)
> > +		free(tmp);
> > +
> > +	return 0;
> > +
> > +free_pages:
> > +	efi_free_pages(vmem, initrd_size);
> > +free_pool:
> > +	BS->free_pool(e->initrd_res);
> > +free_mem:
> > +	if (!from_fit && tmp)
> > +		free(tmp);
> > +
> > +	return ret;
> > +}
> > +
> > +static void efi_unload_ramdisk(struct efi_image_data *e)
> > +{
> > +
> > +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL))
> > +		BS->install_configuration_table(
> > +			&efi_linux_initrd_media_guid, NULL);
> > +	else
> > +		efi_initrd_unregister();
> > +
> > +	efi_free_pages(efi_phys_to_virt(e->initrd_res->base),
> > +				 e->initrd_res->size);
> > +
> > +	BS->free_pool(e->initrd_res);
> > +	e->initrd_res = NULL;
> > +}
> > +
> > +static int efi_load_fdt(struct efi_image_data *e)
> > +{
> > +	efi_status_t efiret = EFI_SUCCESS;
> > +	efi_physical_addr_t mem;
> > +	void *vmem, *tmp = NULL;
> > +	const void *of_tree;
> > +	unsigned long of_size;
> > +	bool from_fit;
> > +	int ret;
> > +
> > +	if (IS_ENABLED(CONFIG_EFI_FDT_FORCE))
> > +		return 0;
> > +
> > +	from_fit = fdt_is_fit(e->data);
> > +	if (from_fit) {
> > +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> > +				     "fdt", &of_tree, &of_size);
> > +		if (ret) {
> > +			pr_err("Cannot open FDT image in FIT image: %pe\n",
> > +			       ERR_PTR(ret));
> > +			return ret;
> > +		}
> > +	}
> > +
> > +	if (!from_fit) {
> > +		if (!e->data->oftree_file)
> > +			return 0;
> > +
> > +		pr_info("Loading devicetree from '%s'\n", e->data->oftree_file);
> > +		tmp = read_file(e->data->oftree_file, &of_size);
> > +		if (!tmp || of_size <= 0) {
> > +			pr_err("Failed to read initrd from file: %s\n",
> > +				e->data->initrd_file);
> > +			return -EINVAL;
> > +		}
> > +		of_tree = tmp;
> > +	}
> > +
> > +	vmem = efi_allocate_pages(&mem, of_size + CONFIG_FDT_PADDING,
> > +				 EFI_ALLOCATE_ANY_PAGES,
> > +				 EFI_ACPI_RECLAIM_MEMORY);
> > +	if (!vmem) {
> > +		pr_err("Failed to allocate pages for FDT\n");
> > +		goto free_file;
> > +		return -ENOMEM;
> > +	}
> > +
> > +	memcpy(vmem, of_tree, of_size);
> > +
> > +	efiret = BS->install_configuration_table(&efi_fdt_guid,
> > +			(void *)mem);
> > +	if (EFI_ERROR(efiret)) {
> > +		pr_err("Failed to install FDT %s/n", efi_strerror(efiret));
> > +		ret = -efi_errno(efiret);
> > +		goto free_mem;
> > +	}
> > +
> > +	e->oftree_res.base = mem;
> > +	e->oftree_res.size = of_size + CONFIG_FDT_PADDING;
> > +
> > +	if (!from_fit && tmp)
> > +		free(tmp);
> > +
> > +	return 0;
> > +
> > +free_mem:
> > +	efi_free_pages(vmem, of_size);
> > +free_file:
> > +	if (!from_fit && tmp)
> > +		free(tmp);
> > +
> > +	return ret;
> > +}
> > +
> > +static void efi_unload_fdt(struct efi_image_data *e)
> > +{
> > +	BS->install_configuration_table(&efi_fdt_guid, NULL);
> > +
> > +	efi_free_pages(efi_phys_to_virt(e->oftree_res.base),
> > +				 e->oftree_res.size);
> > +}
> > +
> > +static int do_bootm_efi_stub(struct image_data *data)
> > +{
> > +	struct efi_image_data e = {.data = data};
> > +	enum filetype type;
> > +	int ret = 0;
> > +
> > +	ret = efi_load_os(&e);
> > +	if (ret)
> > +		return ret;
> > +
> > +	ret = efi_load_fdt(&e);
> > +	if (ret)
> > +		goto unload_os;
> > +
> > +	ret = efi_load_ramdisk(&e);
> > +	if (ret)
> > +		goto unload_oftree;
> > +
> > +	type = file_detect_type(e.loaded_image->image_base, PAGE_SIZE);
> > +	ret = efi_execute_image(e.handle, e.loaded_image, type);
> > +	if (ret)
> > +		goto unload_ramdisk;
> > +
> > +	return 0;
> > +
> > +unload_ramdisk:
> > +	if (e.initrd_res)
> > +		efi_unload_ramdisk(&e);
> > +unload_oftree:
> > +	efi_unload_fdt(&e);
> > +unload_os:
> > +	efi_unload_os(&e);
> > +	return ret;
> > +}
> > +
> >  static struct image_handler efi_handle_tr = {
> >  	.name = "EFI Application",
> >  	.bootm = do_bootm_efi,
> >  	.filetype = filetype_exe,
> >  };
> >  
> > +static struct image_handler efi_arm64_handle_tr = {
> > +	.name = "EFI ARM64 Linux kernel",
> > +	.bootm = do_bootm_efi_stub,
> > +	.filetype = filetype_arm64_efi_linux_image,
> > +};
> > +
> >  static int efi_execute(struct binfmt_hook *b, char *file, int argc, char **argv)
> >  {
> > -	return efi_execute_image(b->type, file);
> > +	int ret;
> > +	efi_handle_t handle;
> > +	struct efi_loaded_image *loaded_image;
> > +
> > +	ret = efi_load_file_image(file, &loaded_image, &handle);
> > +	if (ret)
> > +		return ret;
> > +
> > +	return efi_execute_image(handle, loaded_image, b->type);
> >  }
> >  
> >  static struct binfmt_hook binfmt_efi_hook = {
> > @@ -360,8 +707,10 @@ static int efi_register_image_handler(void)
> >  	if (IS_ENABLED(CONFIG_X86))
> >  		register_image_handler(&non_efi_handle_linux_x86);
> >  
> > -	if (IS_ENABLED(CONFIG_ARM64))
> > +	if (IS_ENABLED(CONFIG_ARM64)) {
> > +		register_image_handler(&efi_arm64_handle_tr);
> >  		binfmt_register(&binfmt_arm64_efi_hook);
> > +	}
> >  
> >  	return 0;
> >  }
> > 
> 
> ```

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[Ahmad Fatoum]

Hi,

On 9/5/25 12:44 AM, anis chali wrote:
> Hi,
> 
>> We should rename the existing image.c to handover.c and keep it x86 only
>> and add your code without the historical baggage IMO.
> Ok, We can rename the file, do we need to create a shared file between them,
> beacuse we have all the code for reading the image and allocating in common 
> between the handover.c (comming) and the image.c, An option would be refactoring
> the handover to become just a branch that we take if a config is enabled, Knowing
> that we meybe can support efi stub in x86 with the same code in image.c, in that case 
> we maybe should just name it efi/payload/bootm.c and it will cover linux as efi application
> fitImage on all supported architectures??

I think it would be easiest if you just rename image.c to handover.c,
duplicate all its code in a new bootm.c, throw away all the x86/handover
specific stuff and implement the spec-conforming protocol without the
handover baggage. Consolidation can happen separately, once we have
something that works and is upstream.

>> Given that Sascha already commented on some things, I want to ask you to
>> squash your latest changes into this commit, have two separate files
>> (maybe call this one boot.c) and resend.
> 
> Okay, I’ll wait for your feedback before proceeding.

Sorry, I should have been clearer; The usual workflow is that you squash
requested changes into the original patch and then send a v2 (or v3, ...
etc.). I see that you addressed Sascha's feedback in a separate patch.

Please resend the series fully with feedback applied for the next round
of review.

Thanks,
Ahmad

> 
>> Thanks,
>> Ahmad
>>
>> This code is tested on many qemu EFI compilations comming from ovmf ubuntu
>>> package, tianocore efi for qemu, local edk2 build, and also tested on RPi3b
>>> 64 bit EFI from tianocore and a local build of edk2, more mchines will be
>>> tested soon. the test was for a full boot chain on RPi3b booting a fit image
>>> containing a kernel, an fdt, and a ramdisk with ostree initrd to mount an
>>> ostree root filesystem. for contribution in short term,
>>> 1. it would be nice to test with more hardware,
>>> 2. linux global checkup of efivars, efi capsule update, efi runtime services
>>> 3. The state.dtb to support barebox state to manage multiple system boot
>>>    and a recovery.
>>>    the case would be sys1 = new ostree commit, sys2 = old commit (rollback)
>>>    and a recovery boot system on readonly disk.
>>> 4. secure boot, PoC to check if there is a way to load TF-A from EFI
>>> and then load the efi payload from it and launch optee??
>>>
>> Signed-off-by: Chali Anis <[chalianis1@gmail.com](mailto:chalianis1@gmail.com)>
>>> ---
>>>  efi/payload/image.c | 457 ++++++++++++++++++++++++++++++++++++++------
>>>  1 file changed, 403 insertions(+), 54 deletions(-)
>>>
>> diff --git a/efi/payload/image.c b/efi/payload/image.c
>>> index 33c5e18dac27..38d52a32ea64 100644
>>> --- a/efi/payload/image.c
>>> +++ b/efi/payload/image.c
>>> @@ -25,6 +25,7 @@
>>>  #include <libfile.h>
>>>  #include <binfmt.h>
>>>  #include <wchar.h>
>>> +#include <image-fit.h>
>>>  #include <efi/efi-payload.h>
>>>  #include <efi/efi-device.h>
>>>  
>>> @@ -77,42 +78,41 @@ struct linux_kernel_header {
>>>  	uint32_t handover_offset;	/** */
>>>  } __attribute__ ((packed));
>>>  
>>> -static void *efi_read_file(const char *file, size_t *size)
>>> -{
>>> -	efi_physical_addr_t mem;
>>> -	efi_status_t efiret;
>>> -	struct stat s;
>>> -	char *buf;
>>> -	ssize_t ret;
>>> +struct efi_mem_resource {
>>> +	efi_physical_addr_t base;
>>> +	size_t size;
>>> +} __attribute__ ((packed));
>>>  
>>> -	buf = read_file(file, size);
>>> -	if (buf || errno != ENOMEM)
>>> -		return buf;
>>> +struct efi_image_data {
>>> +	struct image_data *data;
>>>  
>>> -	ret = stat(file, &s);
>>> -	if (ret)
>>> -		return NULL;
>>> +	efi_handle_t handle;
>>> +	struct efi_loaded_image *loaded_image;
>>>  
>>> -	efiret = BS->allocate_pages(EFI_ALLOCATE_ANY_PAGES,
>>> -				    EFI_LOADER_CODE,
>>> -				    DIV_ROUND_UP(s.st_size, EFI_PAGE_SIZE),
>>> -				    &mem);
>>> +	struct efi_mem_resource image_res;
>>> +	struct efi_mem_resource oftree_res;
>>> +	struct efi_mem_resource *initrd_res;
>>> +};
>>> +
>>> +
>>> +static void *efi_allocate_pages(efi_physical_addr_t *mem,
>>> +				size_t size,
>>> +				enum efi_allocate_type allocate_type,
>>> +				enum efi_memory_type mem_type)
>>> +{
>>> +	efi_status_t efiret;
>>> +
>>> +	efiret = BS->allocate_pages(allocate_type, mem_type,
>>> +				    DIV_ROUND_UP(size, EFI_PAGE_SIZE), mem);
>>>  	if (EFI_ERROR(efiret)) {
>>>  		errno = efi_errno(efiret);
>>>  		return NULL;
>>>  	}
>>>  
>>> -	buf = efi_phys_to_virt(mem);
>>> -
>>> -	ret = read_file_into_buf(file, buf, s.st_size);
>>> -	if (ret < 0)
>>> -		return NULL;
>>> -
>>> -	*size = ret;
>>> -	return buf;
>>> +	return efi_phys_to_virt(*mem);
>>>  }
>>>  
>>> -static void efi_free_file(void *_mem, size_t size)
>>> +static void efi_free_pages(void *_mem, size_t size)
>>>  {
>>>  	efi_physical_addr_t mem = efi_virt_to_phys(_mem);
>>>  
>>> @@ -122,28 +122,40 @@ static void efi_free_file(void *_mem, size_t size)
>>>  		BS->free_pages(mem, DIV_ROUND_UP(size, EFI_PAGE_SIZE));
>>>  }
>>>  
>>> -static int efi_load_image(const char *file, struct efi_loaded_image **loaded_image,
>>> -		efi_handle_t *h)
>>> +static int efi_load_file_image(const char *file,
>>> +			       struct efi_loaded_image **loaded_image,
>>> +			       efi_handle_t *h)
>>>  {
>>> +	efi_physical_addr_t mem;
>>>  	void *exe;
>>> +	char *buf;
>>>  	size_t size;
>>>  	efi_handle_t handle;
>>>  	efi_status_t efiret = EFI_SUCCESS;
>>>  
>>> -	exe = efi_read_file(file, &size);
>>> -	if (!exe)
>>> -		return -errno;
>>> +	buf = read_file(file, &size);
>>> +	if (!buf)
>>> +		return -ENOMEM;
>>>  
>>> -	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe, size,
>>> -			&handle);
>>> +	exe = efi_allocate_pages(&mem, size, EFI_ALLOCATE_ANY_PAGES,
>>> +				 EFI_LOADER_CODE);
>>> +	if (!exe) {
>>> +		pr_err("Failed to allocate pages for image\n");
>>> +		return -ENOMEM;
>>> +	}
>>> +
>>> +	memcpy(exe, buf, size);
>>> +
>>> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe,
>>> +				size, &handle);
>>>  	if (EFI_ERROR(efiret)) {
>>>  		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
>>>  		goto out;
>>>  	};
>>>  
>>>  	efiret = BS->open_protocol(handle, &efi_loaded_image_protocol_guid,
>>> -			(void **)loaded_image,
>>> -			efi_parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
>>> +				   (void **)loaded_image, efi_parent_image,
>>> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
>>>  	if (EFI_ERROR(efiret)) {
>>>  		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
>>>  		BS->unload_image(handle);
>>> @@ -151,8 +163,10 @@ static int efi_load_image(const char *file, struct efi_loaded_image **loaded_ima
>>>  	}
>>>  
>>>  	*h = handle;
>>> +
>>> +	return 0;
>>>  out:
>>> -	efi_free_file(exe, size);
>>> +	efi_free_pages(exe, size);
>>>  	return -efi_errno(efiret);
>>>  }
>>>  
>>> @@ -171,20 +185,16 @@ static bool is_linux_image(enum filetype filetype, const void *base)
>>>  	return false;
>>>  }
>>>  
>>> -static int efi_execute_image(enum filetype filetype, const char *file)
>>> +static int efi_execute_image(efi_handle_t handle,
>>> +			     struct efi_loaded_image *loaded_image,
>>> +			     enum filetype filetype)
>>>  {
>>> -	efi_handle_t handle;
>>> -	struct efi_loaded_image *loaded_image;
>>>  	efi_status_t efiret;
>>>  	const char *options;
>>>  	bool is_driver;
>>> -	int ret;
>>> -
>>> -	ret = efi_load_image(file, &loaded_image, &handle);
>>> -	if (ret)
>>> -		return ret;
>>>  
>>> -	is_driver = (loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
>>> +	is_driver =
>>> +		(loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
>>>  		(loaded_image->image_code_type == EFI_RUNTIME_SERVICES_CODE);
>>>  
>>>  	if (is_linux_image(filetype, loaded_image->image_base)) {
>>> @@ -192,7 +202,8 @@ static int efi_execute_image(enum filetype filetype, const char *file)
>>>  		options = linux_bootargs_get();
>>>  		pr_info("add linux options '%s'\n", options);
>>>  		if (options) {
>>> -			loaded_image->load_options = xstrdup_char_to_wchar(options);
>>> +			loaded_image->load_options =
>>> +				xstrdup_char_to_wchar(options);
>>>  			loaded_image->load_options_size =
>>>  				(strlen(options) + 1) * sizeof(wchar_t);
>>>  		}
>>> @@ -216,11 +227,11 @@ static int efi_execute_image(enum filetype filetype, const char *file)
>>>  	return -efi_errno(efiret);
>>>  }
>>>  
>>> -typedef void(*handover_fn)(void *image, struct efi_system_table *table,
>>> -		struct linux_kernel_header *header);
>>> +typedef void (*handover_fn)(void *image, struct efi_system_table *table,
>>> +			    struct linux_kernel_header *header);
>>>  
>>>  static inline void linux_efi_handover(efi_handle_t handle,
>>> -		struct linux_kernel_header *header)
>>> +				      struct linux_kernel_header *header)
>>>  {
>>>  	handover_fn handover;
>>>  	uintptr_t addr;
>>> @@ -244,7 +255,7 @@ static int do_bootm_efi(struct image_data *data)
>>>  	struct efi_loaded_image *loaded_image;
>>>  	struct linux_kernel_header *image_header, *boot_header;
>>>  
>>> -	ret = efi_load_image(data->os_file, &loaded_image, &handle);
>>> +	ret = efi_load_file_image(data->os_file, &loaded_image, &handle);
>>>  	if (ret)
>>>  		return ret;
>>>  
>>> @@ -284,8 +295,9 @@ static int do_bootm_efi(struct image_data *data)
>>>  		boot_header->cmdline_size = strlen(options);
>>>  	}
>>>  
>>> -	boot_header->code32_start = efi_virt_to_phys(loaded_image->image_base +
>>> -			(image_header->setup_sects+1) * 512);
>>> +	boot_header->code32_start =
>>> +		efi_virt_to_phys(loaded_image->image_base +
>>> +				 (image_header->setup_sects + 1) * 512);
>>>  
>>>  	if (bootm_verbose(data)) {
>>>  		printf("\nStarting kernel at 0x%p", loaded_image->image_base);
>>> @@ -311,15 +323,350 @@ static int do_bootm_efi(struct image_data *data)
>>>  	return 0;
>>>  }
>>>  
>>> +static bool ramdisk_is_fit(struct image_data *data)
>>> +{
>>> +	struct stat st;
>>> +
>>> +	if (bootm_signed_images_are_forced())
>>> +		return true;
>>> +
>>> +	if (data->initrd_file) {
>>> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
>>> +			return false;
>>> +	}
>>> +
>>> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
>>> +			data->fit_config, "ramdisk") : false;
>>> +}
>>> +
>>> +static bool fdt_is_fit(struct image_data *data)
>>> +{
>>> +	struct stat st;
>>> +
>>> +	if (bootm_signed_images_are_forced())
>>> +		return true;
>>> +
>>> +	if (data->oftree_file) {
>>> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
>>> +			return false;
>>> +	}
>>> +
>>> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
>>> +			data->fit_config, "fdt") : false;
>>> +}
>>> +
>>> +static int efi_load_os(struct efi_image_data *e)
>>> +{
>>> +	efi_status_t efiret = EFI_SUCCESS;
>>> +	efi_physical_addr_t mem;
>>> +	size_t image_size = 0;
>>> +	void *image = NULL;
>>> +	void *vmem = NULL;
>>> +	int ret = 0;
>>> +
>>> +	if (e->data->os_fit) {
>>> +		image = (void *)e->data->fit_kernel;
>>> +		image_size = e->data->fit_kernel_size;
>>> +	} else if (e->data->os_file)
>>> +		return efi_load_file_image(e->data->os_file,
>>> +				&e->loaded_image, &e->handle);
>>> +
>>> +	vmem = efi_allocate_pages(&mem, image_size, EFI_ALLOCATE_ANY_PAGES,
>>> +				 EFI_LOADER_CODE);
>>> +	if (!vmem) {
>>> +		pr_err("Failed to allocate pages for image\n");
>>> +		return -ENOMEM;
>>> +	}
>>> +
>>> +	memcpy(vmem, image, image_size);
>>> +
>>> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, image,
>>> +				image_size, &e->handle);
>>> +	if (EFI_ERROR(efiret)) {
>>> +		ret = -efi_errno(efiret);
>>> +		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
>>> +		goto out_mem;
>>> +	};
>>> +
>>> +	efiret = BS->open_protocol(e->handle, &efi_loaded_image_protocol_guid,
>>> +				   (void **)&e->loaded_image, efi_parent_image,
>>> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
>>> +	if (EFI_ERROR(efiret)) {
>>> +		ret = -efi_errno(efiret);
>>> +		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
>>> +		goto out_unload;
>>> +	}
>>> +
>>> +	e->image_res.base = mem;
>>> +	e->image_res.size = image_size;
>>> +
>>> +	return 0;
>>> +
>>> +out_mem:
>>> +	efi_free_pages(vmem, image_size);
>>> +out_unload:
>>> +	BS->unload_image(e->handle);
>>> +	return ret;
>>> +}
>>> +
>>> +static void efi_unload_os(struct efi_image_data *e)
>>> +{
>>> +	BS->close_protocol(e->handle, &efi_loaded_image_protocol_guid,
>>> +				 efi_parent_image, NULL);
>>> +
>>> +	BS->unload_image(e->handle);
>>> +	efi_free_pages(efi_phys_to_virt(e->image_res.base),
>>> +				 e->image_res.size);
>>> +}
>>> +
>>> +static int efi_load_ramdisk(struct efi_image_data *e)
>>> +{
>>> +	void *vmem, *tmp = NULL;
>>> +	efi_physical_addr_t mem;
>>> +	efi_status_t efiret = EFI_SUCCESS;
>>> +	const void *initrd;
>>> +	unsigned long initrd_size;
>>> +	bool from_fit;
>>> +	int ret;
>>> +
>>> +	from_fit = ramdisk_is_fit(e->data);
>>> +
>>> +	if (from_fit) {
>>> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
>>> +				     "ramdisk", &initrd, &initrd_size);
>>> +		if (ret) {
>>> +			pr_err("Cannot open ramdisk image in FIT image: %pe\n",
>>> +			       ERR_PTR(ret));
>>> +			return ret;
>>> +		}
>>> +	}
>>> +
>>> +	if (!from_fit) {
>>> +		if (!e->data->initrd_file)
>>> +			return 0;
>>> +
>>> +		pr_info("Loading ramdisk from '%s'\n", e->data->initrd_file);
>>> +		tmp = read_file(e->data->initrd_file, &initrd_size);
>>> +		if (!tmp || initrd_size <= 0) {
>>> +			pr_err("Failed to read initrd from file: %s\n",
>>> +				e->data->initrd_file);
>>> +			return -EINVAL;
>>> +		}
>>> +		initrd = tmp;
>>> +	}
>>> +
>>> +	efiret = BS->allocate_pool(EFI_LOADER_DATA,
>>> +			sizeof(struct efi_mem_resource),
>>> +			(void **)&e->initrd_res);
>>> +	if (EFI_ERROR(efiret) || !e->initrd_res) {
>>> +		ret = -efi_errno(efiret);
>>> +		pr_err("Failed to allocate initrd %s/n", efi_strerror(efiret));
>>> +		goto free_mem;
>>> +	}
>>> +
>>> +	vmem = efi_allocate_pages(&mem, initrd_size,
>>> +				 EFI_ALLOCATE_MAX_ADDRESS, EFI_LOADER_DATA);
>>> +	if (!vmem) {
>>> +		pr_err("Failed to allocate pages for initrd data\n");
>>> +		ret = -ENOMEM;
>>> +		goto free_pool;
>>> +	}
>>> +
>>> +	memcpy(vmem, (void *)initrd, initrd_size);
>>> +	e->initrd_res->base = (uint64_t)mem;
>>> +	e->initrd_res->size = (uint64_t)initrd_size;
>>> +
>>> +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL)) {
>>> +		efiret = BS->install_configuration_table(
>>> +			&efi_linux_initrd_media_guid,
>>> +			(void *)e->initrd_res);
>>> +		if (EFI_ERROR(efiret)) {
>>> +			ret = -efi_errno(efiret);
>>> +			pr_err("Failed to install INITRD %s/n",
>>> +					efi_strerror(efiret));
>>> +			goto free_pages;
>>> +		}
>>> +	} else {
>>> +		ret = efi_initrd_register(vmem, initrd_size);
>>> +		if (ret) {
>>> +			pr_err("Failed to register INITRD %s/n",
>>> +				strerror(efiret));
>>> +			goto free_pages;
>>> +		}
>>> +	}
>>> +
>>> +	if (!from_fit && tmp)
>>> +		free(tmp);
>>> +
>>> +	return 0;
>>> +
>>> +free_pages:
>>> +	efi_free_pages(vmem, initrd_size);
>>> +free_pool:
>>> +	BS->free_pool(e->initrd_res);
>>> +free_mem:
>>> +	if (!from_fit && tmp)
>>> +		free(tmp);
>>> +
>>> +	return ret;
>>> +}
>>> +
>>> +static void efi_unload_ramdisk(struct efi_image_data *e)
>>> +{
>>> +
>>> +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL))
>>> +		BS->install_configuration_table(
>>> +			&efi_linux_initrd_media_guid, NULL);
>>> +	else
>>> +		efi_initrd_unregister();
>>> +
>>> +	efi_free_pages(efi_phys_to_virt(e->initrd_res->base),
>>> +				 e->initrd_res->size);
>>> +
>>> +	BS->free_pool(e->initrd_res);
>>> +	e->initrd_res = NULL;
>>> +}
>>> +
>>> +static int efi_load_fdt(struct efi_image_data *e)
>>> +{
>>> +	efi_status_t efiret = EFI_SUCCESS;
>>> +	efi_physical_addr_t mem;
>>> +	void *vmem, *tmp = NULL;
>>> +	const void *of_tree;
>>> +	unsigned long of_size;
>>> +	bool from_fit;
>>> +	int ret;
>>> +
>>> +	if (IS_ENABLED(CONFIG_EFI_FDT_FORCE))
>>> +		return 0;
>>> +
>>> +	from_fit = fdt_is_fit(e->data);
>>> +	if (from_fit) {
>>> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
>>> +				     "fdt", &of_tree, &of_size);
>>> +		if (ret) {
>>> +			pr_err("Cannot open FDT image in FIT image: %pe\n",
>>> +			       ERR_PTR(ret));
>>> +			return ret;
>>> +		}
>>> +	}
>>> +
>>> +	if (!from_fit) {
>>> +		if (!e->data->oftree_file)
>>> +			return 0;
>>> +
>>> +		pr_info("Loading devicetree from '%s'\n", e->data->oftree_file);
>>> +		tmp = read_file(e->data->oftree_file, &of_size);
>>> +		if (!tmp || of_size <= 0) {
>>> +			pr_err("Failed to read initrd from file: %s\n",
>>> +				e->data->initrd_file);
>>> +			return -EINVAL;
>>> +		}
>>> +		of_tree = tmp;
>>> +	}
>>> +
>>> +	vmem = efi_allocate_pages(&mem, of_size + CONFIG_FDT_PADDING,
>>> +				 EFI_ALLOCATE_ANY_PAGES,
>>> +				 EFI_ACPI_RECLAIM_MEMORY);
>>> +	if (!vmem) {
>>> +		pr_err("Failed to allocate pages for FDT\n");
>>> +		goto free_file;
>>> +		return -ENOMEM;
>>> +	}
>>> +
>>> +	memcpy(vmem, of_tree, of_size);
>>> +
>>> +	efiret = BS->install_configuration_table(&efi_fdt_guid,
>>> +			(void *)mem);
>>> +	if (EFI_ERROR(efiret)) {
>>> +		pr_err("Failed to install FDT %s/n", efi_strerror(efiret));
>>> +		ret = -efi_errno(efiret);
>>> +		goto free_mem;
>>> +	}
>>> +
>>> +	e->oftree_res.base = mem;
>>> +	e->oftree_res.size = of_size + CONFIG_FDT_PADDING;
>>> +
>>> +	if (!from_fit && tmp)
>>> +		free(tmp);
>>> +
>>> +	return 0;
>>> +
>>> +free_mem:
>>> +	efi_free_pages(vmem, of_size);
>>> +free_file:
>>> +	if (!from_fit && tmp)
>>> +		free(tmp);
>>> +
>>> +	return ret;
>>> +}
>>> +
>>> +static void efi_unload_fdt(struct efi_image_data *e)
>>> +{
>>> +	BS->install_configuration_table(&efi_fdt_guid, NULL);
>>> +
>>> +	efi_free_pages(efi_phys_to_virt(e->oftree_res.base),
>>> +				 e->oftree_res.size);
>>> +}
>>> +
>>> +static int do_bootm_efi_stub(struct image_data *data)
>>> +{
>>> +	struct efi_image_data e = {.data = data};
>>> +	enum filetype type;
>>> +	int ret = 0;
>>> +
>>> +	ret = efi_load_os(&e);
>>> +	if (ret)
>>> +		return ret;
>>> +
>>> +	ret = efi_load_fdt(&e);
>>> +	if (ret)
>>> +		goto unload_os;
>>> +
>>> +	ret = efi_load_ramdisk(&e);
>>> +	if (ret)
>>> +		goto unload_oftree;
>>> +
>>> +	type = file_detect_type(e.loaded_image->image_base, PAGE_SIZE);
>>> +	ret = efi_execute_image(e.handle, e.loaded_image, type);
>>> +	if (ret)
>>> +		goto unload_ramdisk;
>>> +
>>> +	return 0;
>>> +
>>> +unload_ramdisk:
>>> +	if (e.initrd_res)
>>> +		efi_unload_ramdisk(&e);
>>> +unload_oftree:
>>> +	efi_unload_fdt(&e);
>>> +unload_os:
>>> +	efi_unload_os(&e);
>>> +	return ret;
>>> +}
>>> +
>>>  static struct image_handler efi_handle_tr = {
>>>  	.name = "EFI Application",
>>>  	.bootm = do_bootm_efi,
>>>  	.filetype = filetype_exe,
>>>  };
>>>  
>>> +static struct image_handler efi_arm64_handle_tr = {
>>> +	.name = "EFI ARM64 Linux kernel",
>>> +	.bootm = do_bootm_efi_stub,
>>> +	.filetype = filetype_arm64_efi_linux_image,
>>> +};
>>> +
>>>  static int efi_execute(struct binfmt_hook *b, char *file, int argc, char **argv)
>>>  {
>>> -	return efi_execute_image(b->type, file);
>>> +	int ret;
>>> +	efi_handle_t handle;
>>> +	struct efi_loaded_image *loaded_image;
>>> +
>>> +	ret = efi_load_file_image(file, &loaded_image, &handle);
>>> +	if (ret)
>>> +		return ret;
>>> +
>>> +	return efi_execute_image(handle, loaded_image, b->type);
>>>  }
>>>  
>>>  static struct binfmt_hook binfmt_efi_hook = {
>>> @@ -360,8 +707,10 @@ static int efi_register_image_handler(void)
>>>  	if (IS_ENABLED(CONFIG_X86))
>>>  		register_image_handler(&non_efi_handle_linux_x86);
>>>  
>>> -	if (IS_ENABLED(CONFIG_ARM64))
>>> +	if (IS_ENABLED(CONFIG_ARM64)) {
>>> +		register_image_handler(&efi_arm64_handle_tr);
>>>  		binfmt_register(&binfmt_arm64_efi_hook);
>>> +	}
>>>  
>>>  	return 0;
>>>  }
>>>
>>
>> ```
> 

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

Re: [PATCH 6/7] efi: payload: add support for efi stub boot and fit image.

[Ahmad Fatoum]

Hi,

On 8/31/25 5:55 AM, chalianis1@gmail.com wrote:
> From: Chali Anis <chalianis1@gmail.com>
> 
> This patch has more stock, between implementing EFI STUB boot, refactor to
> reuse the code and finaly support the fit image format.

If you look at the existing image_handler code for ARM64, you will find
that it has no FIT specific code; everything is handled by the common
FIT support. I thus wonder why the EFI code is special and needs FIT
awareness. Normally, the image_handler should just be told, here is your
image, inird and oftree, please boot it according to the convention you
implement and the metadata in the image format.

You might very well have a reason to add the FIT-specific stuff into the
EFI code, but it would help review if you could split the changes into
two different commits: One adding the ability to boot EFI-stubbed
kernels via bootm and another for FIT.

Thanks very much for the work you put into this so far.
I look forward to see this upstream. :-)

Cheers,
Ahmad

> This code is tested on many qemu EFI compilations comming from ovmf ubuntu
> package, tianocore efi for qemu, local edk2 build, and also tested on RPi3b
> 64 bit EFI from tianocore and a local build of edk2, more mchines will be
> tested soon. the test was for a full boot chain on RPi3b booting a fit image
> containing a kernel, an fdt, and a ramdisk with ostree initrd to mount an
> ostree root filesystem. for contribution in short term,
> 1. it would be nice to test with more hardware,
> 2. linux global checkup of efivars, efi capsule update, efi runtime services
> 3. The state.dtb to support barebox state to manage multiple system boot
>    and a recovery.
>    the case would be sys1 = new ostree commit, sys2 = old commit (rollback)
>    and a recovery boot system on readonly disk.
> 4. secure boot, PoC to check if there is a way to load TF-A from EFI
> and then load the efi payload from it and launch optee??
> 
> Signed-off-by: Chali Anis <chalianis1@gmail.com>
> ---
>  efi/payload/image.c | 457 ++++++++++++++++++++++++++++++++++++++------
>  1 file changed, 403 insertions(+), 54 deletions(-)
> 
> diff --git a/efi/payload/image.c b/efi/payload/image.c
> index 33c5e18dac27..38d52a32ea64 100644
> --- a/efi/payload/image.c
> +++ b/efi/payload/image.c
> @@ -25,6 +25,7 @@
>  #include <libfile.h>
>  #include <binfmt.h>
>  #include <wchar.h>
> +#include <image-fit.h>
>  #include <efi/efi-payload.h>
>  #include <efi/efi-device.h>
>  
> @@ -77,42 +78,41 @@ struct linux_kernel_header {
>  	uint32_t handover_offset;	/** */
>  } __attribute__ ((packed));
>  
> -static void *efi_read_file(const char *file, size_t *size)
> -{
> -	efi_physical_addr_t mem;
> -	efi_status_t efiret;
> -	struct stat s;
> -	char *buf;
> -	ssize_t ret;
> +struct efi_mem_resource {
> +	efi_physical_addr_t base;
> +	size_t size;
> +} __attribute__ ((packed));
>  
> -	buf = read_file(file, size);
> -	if (buf || errno != ENOMEM)
> -		return buf;
> +struct efi_image_data {
> +	struct image_data *data;
>  
> -	ret = stat(file, &s);
> -	if (ret)
> -		return NULL;
> +	efi_handle_t handle;
> +	struct efi_loaded_image *loaded_image;
>  
> -	efiret = BS->allocate_pages(EFI_ALLOCATE_ANY_PAGES,
> -				    EFI_LOADER_CODE,
> -				    DIV_ROUND_UP(s.st_size, EFI_PAGE_SIZE),
> -				    &mem);
> +	struct efi_mem_resource image_res;
> +	struct efi_mem_resource oftree_res;
> +	struct efi_mem_resource *initrd_res;
> +};
> +
> +
> +static void *efi_allocate_pages(efi_physical_addr_t *mem,
> +				size_t size,
> +				enum efi_allocate_type allocate_type,
> +				enum efi_memory_type mem_type)
> +{
> +	efi_status_t efiret;
> +
> +	efiret = BS->allocate_pages(allocate_type, mem_type,
> +				    DIV_ROUND_UP(size, EFI_PAGE_SIZE), mem);
>  	if (EFI_ERROR(efiret)) {
>  		errno = efi_errno(efiret);
>  		return NULL;
>  	}
>  
> -	buf = efi_phys_to_virt(mem);
> -
> -	ret = read_file_into_buf(file, buf, s.st_size);
> -	if (ret < 0)
> -		return NULL;
> -
> -	*size = ret;
> -	return buf;
> +	return efi_phys_to_virt(*mem);
>  }
>  
> -static void efi_free_file(void *_mem, size_t size)
> +static void efi_free_pages(void *_mem, size_t size)
>  {
>  	efi_physical_addr_t mem = efi_virt_to_phys(_mem);
>  
> @@ -122,28 +122,40 @@ static void efi_free_file(void *_mem, size_t size)
>  		BS->free_pages(mem, DIV_ROUND_UP(size, EFI_PAGE_SIZE));
>  }
>  
> -static int efi_load_image(const char *file, struct efi_loaded_image **loaded_image,
> -		efi_handle_t *h)
> +static int efi_load_file_image(const char *file,
> +			       struct efi_loaded_image **loaded_image,
> +			       efi_handle_t *h)
>  {
> +	efi_physical_addr_t mem;
>  	void *exe;
> +	char *buf;
>  	size_t size;
>  	efi_handle_t handle;
>  	efi_status_t efiret = EFI_SUCCESS;
>  
> -	exe = efi_read_file(file, &size);
> -	if (!exe)
> -		return -errno;
> +	buf = read_file(file, &size);
> +	if (!buf)
> +		return -ENOMEM;
>  
> -	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe, size,
> -			&handle);
> +	exe = efi_allocate_pages(&mem, size, EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_LOADER_CODE);
> +	if (!exe) {
> +		pr_err("Failed to allocate pages for image\n");
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(exe, buf, size);
> +
> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, exe,
> +				size, &handle);
>  	if (EFI_ERROR(efiret)) {
>  		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
>  		goto out;
>  	};
>  
>  	efiret = BS->open_protocol(handle, &efi_loaded_image_protocol_guid,
> -			(void **)loaded_image,
> -			efi_parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> +				   (void **)loaded_image, efi_parent_image,
> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
>  	if (EFI_ERROR(efiret)) {
>  		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
>  		BS->unload_image(handle);
> @@ -151,8 +163,10 @@ static int efi_load_image(const char *file, struct efi_loaded_image **loaded_ima
>  	}
>  
>  	*h = handle;
> +
> +	return 0;
>  out:
> -	efi_free_file(exe, size);
> +	efi_free_pages(exe, size);
>  	return -efi_errno(efiret);
>  }
>  
> @@ -171,20 +185,16 @@ static bool is_linux_image(enum filetype filetype, const void *base)
>  	return false;
>  }
>  
> -static int efi_execute_image(enum filetype filetype, const char *file)
> +static int efi_execute_image(efi_handle_t handle,
> +			     struct efi_loaded_image *loaded_image,
> +			     enum filetype filetype)
>  {
> -	efi_handle_t handle;
> -	struct efi_loaded_image *loaded_image;
>  	efi_status_t efiret;
>  	const char *options;
>  	bool is_driver;
> -	int ret;
> -
> -	ret = efi_load_image(file, &loaded_image, &handle);
> -	if (ret)
> -		return ret;
>  
> -	is_driver = (loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
> +	is_driver =
> +		(loaded_image->image_code_type == EFI_BOOT_SERVICES_CODE) ||
>  		(loaded_image->image_code_type == EFI_RUNTIME_SERVICES_CODE);
>  
>  	if (is_linux_image(filetype, loaded_image->image_base)) {
> @@ -192,7 +202,8 @@ static int efi_execute_image(enum filetype filetype, const char *file)
>  		options = linux_bootargs_get();
>  		pr_info("add linux options '%s'\n", options);
>  		if (options) {
> -			loaded_image->load_options = xstrdup_char_to_wchar(options);
> +			loaded_image->load_options =
> +				xstrdup_char_to_wchar(options);
>  			loaded_image->load_options_size =
>  				(strlen(options) + 1) * sizeof(wchar_t);
>  		}
> @@ -216,11 +227,11 @@ static int efi_execute_image(enum filetype filetype, const char *file)
>  	return -efi_errno(efiret);
>  }
>  
> -typedef void(*handover_fn)(void *image, struct efi_system_table *table,
> -		struct linux_kernel_header *header);
> +typedef void (*handover_fn)(void *image, struct efi_system_table *table,
> +			    struct linux_kernel_header *header);
>  
>  static inline void linux_efi_handover(efi_handle_t handle,
> -		struct linux_kernel_header *header)
> +				      struct linux_kernel_header *header)
>  {
>  	handover_fn handover;
>  	uintptr_t addr;
> @@ -244,7 +255,7 @@ static int do_bootm_efi(struct image_data *data)
>  	struct efi_loaded_image *loaded_image;
>  	struct linux_kernel_header *image_header, *boot_header;
>  
> -	ret = efi_load_image(data->os_file, &loaded_image, &handle);
> +	ret = efi_load_file_image(data->os_file, &loaded_image, &handle);
>  	if (ret)
>  		return ret;
>  
> @@ -284,8 +295,9 @@ static int do_bootm_efi(struct image_data *data)
>  		boot_header->cmdline_size = strlen(options);
>  	}
>  
> -	boot_header->code32_start = efi_virt_to_phys(loaded_image->image_base +
> -			(image_header->setup_sects+1) * 512);
> +	boot_header->code32_start =
> +		efi_virt_to_phys(loaded_image->image_base +
> +				 (image_header->setup_sects + 1) * 512);
>  
>  	if (bootm_verbose(data)) {
>  		printf("\nStarting kernel at 0x%p", loaded_image->image_base);
> @@ -311,15 +323,350 @@ static int do_bootm_efi(struct image_data *data)
>  	return 0;
>  }
>  
> +static bool ramdisk_is_fit(struct image_data *data)
> +{
> +	struct stat st;
> +
> +	if (bootm_signed_images_are_forced())
> +		return true;
> +
> +	if (data->initrd_file) {
> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> +			return false;
> +	}
> +
> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> +			data->fit_config, "ramdisk") : false;
> +}
> +
> +static bool fdt_is_fit(struct image_data *data)
> +{
> +	struct stat st;
> +
> +	if (bootm_signed_images_are_forced())
> +		return true;
> +
> +	if (data->oftree_file) {
> +		if (!stat(data->initrd_file, &st) && st.st_size > 0)
> +			return false;
> +	}
> +
> +	return data->os_fit ? (bool)fit_has_image(data->os_fit,
> +			data->fit_config, "fdt") : false;
> +}
> +
> +static int efi_load_os(struct efi_image_data *e)
> +{
> +	efi_status_t efiret = EFI_SUCCESS;
> +	efi_physical_addr_t mem;
> +	size_t image_size = 0;
> +	void *image = NULL;
> +	void *vmem = NULL;
> +	int ret = 0;
> +
> +	if (e->data->os_fit) {
> +		image = (void *)e->data->fit_kernel;
> +		image_size = e->data->fit_kernel_size;
> +	} else if (e->data->os_file)
> +		return efi_load_file_image(e->data->os_file,
> +				&e->loaded_image, &e->handle);
> +
> +	vmem = efi_allocate_pages(&mem, image_size, EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_LOADER_CODE);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for image\n");
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(vmem, image, image_size);
> +
> +	efiret = BS->load_image(false, efi_parent_image, efi_device_path, image,
> +				image_size, &e->handle);
> +	if (EFI_ERROR(efiret)) {
> +		ret = -efi_errno(efiret);
> +		pr_err("failed to LoadImage: %s\n", efi_strerror(efiret));
> +		goto out_mem;
> +	};
> +
> +	efiret = BS->open_protocol(e->handle, &efi_loaded_image_protocol_guid,
> +				   (void **)&e->loaded_image, efi_parent_image,
> +				   NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL);
> +	if (EFI_ERROR(efiret)) {
> +		ret = -efi_errno(efiret);
> +		pr_err("failed to OpenProtocol: %s\n", efi_strerror(efiret));
> +		goto out_unload;
> +	}
> +
> +	e->image_res.base = mem;
> +	e->image_res.size = image_size;
> +
> +	return 0;
> +
> +out_mem:
> +	efi_free_pages(vmem, image_size);
> +out_unload:
> +	BS->unload_image(e->handle);
> +	return ret;
> +}
> +
> +static void efi_unload_os(struct efi_image_data *e)
> +{
> +	BS->close_protocol(e->handle, &efi_loaded_image_protocol_guid,
> +				 efi_parent_image, NULL);
> +
> +	BS->unload_image(e->handle);
> +	efi_free_pages(efi_phys_to_virt(e->image_res.base),
> +				 e->image_res.size);
> +}
> +
> +static int efi_load_ramdisk(struct efi_image_data *e)
> +{
> +	void *vmem, *tmp = NULL;
> +	efi_physical_addr_t mem;
> +	efi_status_t efiret = EFI_SUCCESS;
> +	const void *initrd;
> +	unsigned long initrd_size;
> +	bool from_fit;
> +	int ret;
> +
> +	from_fit = ramdisk_is_fit(e->data);
> +
> +	if (from_fit) {
> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> +				     "ramdisk", &initrd, &initrd_size);
> +		if (ret) {
> +			pr_err("Cannot open ramdisk image in FIT image: %pe\n",
> +			       ERR_PTR(ret));
> +			return ret;
> +		}
> +	}
> +
> +	if (!from_fit) {
> +		if (!e->data->initrd_file)
> +			return 0;
> +
> +		pr_info("Loading ramdisk from '%s'\n", e->data->initrd_file);
> +		tmp = read_file(e->data->initrd_file, &initrd_size);
> +		if (!tmp || initrd_size <= 0) {
> +			pr_err("Failed to read initrd from file: %s\n",
> +				e->data->initrd_file);
> +			return -EINVAL;
> +		}
> +		initrd = tmp;
> +	}
> +
> +	efiret = BS->allocate_pool(EFI_LOADER_DATA,
> +			sizeof(struct efi_mem_resource),
> +			(void **)&e->initrd_res);
> +	if (EFI_ERROR(efiret) || !e->initrd_res) {
> +		ret = -efi_errno(efiret);
> +		pr_err("Failed to allocate initrd %s/n", efi_strerror(efiret));
> +		goto free_mem;
> +	}
> +
> +	vmem = efi_allocate_pages(&mem, initrd_size,
> +				 EFI_ALLOCATE_MAX_ADDRESS, EFI_LOADER_DATA);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for initrd data\n");
> +		ret = -ENOMEM;
> +		goto free_pool;
> +	}
> +
> +	memcpy(vmem, (void *)initrd, initrd_size);
> +	e->initrd_res->base = (uint64_t)mem;
> +	e->initrd_res->size = (uint64_t)initrd_size;
> +
> +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL)) {
> +		efiret = BS->install_configuration_table(
> +			&efi_linux_initrd_media_guid,
> +			(void *)e->initrd_res);
> +		if (EFI_ERROR(efiret)) {
> +			ret = -efi_errno(efiret);
> +			pr_err("Failed to install INITRD %s/n",
> +					efi_strerror(efiret));
> +			goto free_pages;
> +		}
> +	} else {
> +		ret = efi_initrd_register(vmem, initrd_size);
> +		if (ret) {
> +			pr_err("Failed to register INITRD %s/n",
> +				strerror(efiret));
> +			goto free_pages;
> +		}
> +	}
> +
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return 0;
> +
> +free_pages:
> +	efi_free_pages(vmem, initrd_size);
> +free_pool:
> +	BS->free_pool(e->initrd_res);
> +free_mem:
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return ret;
> +}
> +
> +static void efi_unload_ramdisk(struct efi_image_data *e)
> +{
> +
> +	if (IS_ENABLED(CONFIG_EFI_INITRD_INSTALL))
> +		BS->install_configuration_table(
> +			&efi_linux_initrd_media_guid, NULL);
> +	else
> +		efi_initrd_unregister();
> +
> +	efi_free_pages(efi_phys_to_virt(e->initrd_res->base),
> +				 e->initrd_res->size);
> +
> +	BS->free_pool(e->initrd_res);
> +	e->initrd_res = NULL;
> +}
> +
> +static int efi_load_fdt(struct efi_image_data *e)
> +{
> +	efi_status_t efiret = EFI_SUCCESS;
> +	efi_physical_addr_t mem;
> +	void *vmem, *tmp = NULL;
> +	const void *of_tree;
> +	unsigned long of_size;
> +	bool from_fit;
> +	int ret;
> +
> +	if (IS_ENABLED(CONFIG_EFI_FDT_FORCE))
> +		return 0;
> +
> +	from_fit = fdt_is_fit(e->data);
> +	if (from_fit) {
> +		ret = fit_open_image(e->data->os_fit, e->data->fit_config,
> +				     "fdt", &of_tree, &of_size);
> +		if (ret) {
> +			pr_err("Cannot open FDT image in FIT image: %pe\n",
> +			       ERR_PTR(ret));
> +			return ret;
> +		}
> +	}
> +
> +	if (!from_fit) {
> +		if (!e->data->oftree_file)
> +			return 0;
> +
> +		pr_info("Loading devicetree from '%s'\n", e->data->oftree_file);
> +		tmp = read_file(e->data->oftree_file, &of_size);
> +		if (!tmp || of_size <= 0) {
> +			pr_err("Failed to read initrd from file: %s\n",
> +				e->data->initrd_file);
> +			return -EINVAL;
> +		}
> +		of_tree = tmp;
> +	}
> +
> +	vmem = efi_allocate_pages(&mem, of_size + CONFIG_FDT_PADDING,
> +				 EFI_ALLOCATE_ANY_PAGES,
> +				 EFI_ACPI_RECLAIM_MEMORY);
> +	if (!vmem) {
> +		pr_err("Failed to allocate pages for FDT\n");
> +		goto free_file;
> +		return -ENOMEM;
> +	}
> +
> +	memcpy(vmem, of_tree, of_size);
> +
> +	efiret = BS->install_configuration_table(&efi_fdt_guid,
> +			(void *)mem);
> +	if (EFI_ERROR(efiret)) {
> +		pr_err("Failed to install FDT %s/n", efi_strerror(efiret));
> +		ret = -efi_errno(efiret);
> +		goto free_mem;
> +	}
> +
> +	e->oftree_res.base = mem;
> +	e->oftree_res.size = of_size + CONFIG_FDT_PADDING;
> +
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return 0;
> +
> +free_mem:
> +	efi_free_pages(vmem, of_size);
> +free_file:
> +	if (!from_fit && tmp)
> +		free(tmp);
> +
> +	return ret;
> +}
> +
> +static void efi_unload_fdt(struct efi_image_data *e)
> +{
> +	BS->install_configuration_table(&efi_fdt_guid, NULL);
> +
> +	efi_free_pages(efi_phys_to_virt(e->oftree_res.base),
> +				 e->oftree_res.size);
> +}
> +
> +static int do_bootm_efi_stub(struct image_data *data)
> +{
> +	struct efi_image_data e = {.data = data};
> +	enum filetype type;
> +	int ret = 0;
> +
> +	ret = efi_load_os(&e);
> +	if (ret)
> +		return ret;
> +
> +	ret = efi_load_fdt(&e);
> +	if (ret)
> +		goto unload_os;
> +
> +	ret = efi_load_ramdisk(&e);
> +	if (ret)
> +		goto unload_oftree;
> +
> +	type = file_detect_type(e.loaded_image->image_base, PAGE_SIZE);
> +	ret = efi_execute_image(e.handle, e.loaded_image, type);
> +	if (ret)
> +		goto unload_ramdisk;
> +
> +	return 0;
> +
> +unload_ramdisk:
> +	if (e.initrd_res)
> +		efi_unload_ramdisk(&e);
> +unload_oftree:
> +	efi_unload_fdt(&e);
> +unload_os:
> +	efi_unload_os(&e);
> +	return ret;
> +}
> +
>  static struct image_handler efi_handle_tr = {
>  	.name = "EFI Application",
>  	.bootm = do_bootm_efi,
>  	.filetype = filetype_exe,
>  };
>  
> +static struct image_handler efi_arm64_handle_tr = {
> +	.name = "EFI ARM64 Linux kernel",
> +	.bootm = do_bootm_efi_stub,
> +	.filetype = filetype_arm64_efi_linux_image,
> +};
> +
>  static int efi_execute(struct binfmt_hook *b, char *file, int argc, char **argv)
>  {
> -	return efi_execute_image(b->type, file);
> +	int ret;
> +	efi_handle_t handle;
> +	struct efi_loaded_image *loaded_image;
> +
> +	ret = efi_load_file_image(file, &loaded_image, &handle);
> +	if (ret)
> +		return ret;
> +
> +	return efi_execute_image(handle, loaded_image, b->type);
>  }
>  
>  static struct binfmt_hook binfmt_efi_hook = {
> @@ -360,8 +707,10 @@ static int efi_register_image_handler(void)
>  	if (IS_ENABLED(CONFIG_X86))
>  		register_image_handler(&non_efi_handle_linux_x86);
>  
> -	if (IS_ENABLED(CONFIG_ARM64))
> +	if (IS_ENABLED(CONFIG_ARM64)) {
> +		register_image_handler(&efi_arm64_handle_tr);
>  		binfmt_register(&binfmt_arm64_efi_hook);
> +	}
>  
>  	return 0;
>  }

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

[PATCH 7/7] efi: payload: add options for FDT force and initrd direct install

[chalianis1]

From: Chali Anis <chalianis1@gmail.com>

Signed-off-by: Chali Anis <chalianis1@gmail.com>
---
 efi/Kconfig | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/efi/Kconfig b/efi/Kconfig
index 84f670fd23d3..c3811574920d 100644
--- a/efi/Kconfig
+++ b/efi/Kconfig
@@ -50,4 +50,21 @@ config EFI_PAYLOAD_DEFAULT_PATH
 
 endif
 
+config EFI_FDT_FORCE
+	bool "Force EFI provided FDT"
+	default n
+	help
+	  with this options we keep the fdt passed by EFI in the
+	  system configuration table, EFI has to suppot FDT otherwise
+	  an empty fdt will be generated when linux boots by efi.
+
+config EFI_INITRD_INSTALL
+	bool "Install the initramfs by barebox"
+	default n
+	help
+	  with this option barebox will install the initrd to the
+	  system configuration table, same as what kernel do after
+	  calling read file2 boot services, in this case the initrd
+	  will be read directly by the kernel as an initramfs.
+
 endmenu
-- 
2.34.1

Re: [PATCH 7/7] efi: payload: add options for FDT force and initrd direct install

[Ahmad Fatoum]

Hello Anis,

On 8/31/25 5:55 AM, chalianis1@gmail.com wrote:
> From: Chali Anis <chalianis1@gmail.com>
> 
> Signed-off-by: Chali Anis <chalianis1@gmail.com>
> ---
>  efi/Kconfig | 17 +++++++++++++++++
>  1 file changed, 17 insertions(+)
> 
> diff --git a/efi/Kconfig b/efi/Kconfig
> index 84f670fd23d3..c3811574920d 100644
> --- a/efi/Kconfig
> +++ b/efi/Kconfig
> @@ -50,4 +50,21 @@ config EFI_PAYLOAD_DEFAULT_PATH
>  
>  endif
>  
> +config EFI_FDT_FORCE
> +	bool "Force EFI provided FDT"
> +	default n

n is the default

> +	help
> +	  with this options we keep the fdt passed by EFI in the
> +	  system configuration table, EFI has to suppot FDT otherwise
> +	  an empty fdt will be generated when linux boots by efi.

These things should be runtime configurable and not in Kconfig.
Why can't you take a user-supplied FDT if there is one and otherwise
fall back to of_get_fixed_tree_for_boot() as fallback?

> +config EFI_INITRD_INSTALL
> +	bool "Install the initramfs by barebox"
> +	default n
> +	help
> +	  with this option barebox will install the initrd to the
> +	  system configuration table, same as what kernel do after
> +	  calling read file2 boot services, in this case the initrd
> +	  will be read directly by the kernel as an initramfs.

Same thing, why can't we check for data->initrd and use that?

Cheers,
Ahmad

> +
>  endmenu

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

Re: [PATCH 7/7] efi: payload: add options for FDT force and initrd direct install

[anis chali]

Hello Ahmad,

> > ---
> >  efi/Kconfig | 17 +++++++++++++++++
> >  1 file changed, 17 insertions(+)
> > 
> diff --git a/efi/Kconfig b/efi/Kconfig
> > index 84f670fd23d3..c3811574920d 100644
> > --- a/efi/Kconfig
> > +++ b/efi/Kconfig
> > @@ -50,4 +50,21 @@ config EFI_PAYLOAD_DEFAULT_PATH
> >  
> >  endif
> >  
> > +config EFI_FDT_FORCE
> > +	bool "Force EFI provided FDT"
> > +	default n
> > 
> 
> n is the default
> 
> +	help
> > +	  with this options we keep the fdt passed by EFI in the
> > +	  system configuration table, EFI has to suppot FDT otherwise
> > +	  an empty fdt will be generated when linux boots by efi.
> > 
> 
> These things should be runtime configurable and not in Kconfig.
> Why can't you take a user-supplied FDT if there is one and otherwise
> fall back to of_get_fixed_tree_for_boot() as fallback?

The reason why I ignore a user supplied fdt is the secure boot, in that case
I only accept a signed fit image fdt or keep the efi supplied fdt which is
already in the configuration tables so we can trust it, it is probably signed
and verified by efi. concerning the of_get_fixed_tree_for_boot, I think we can not
use it at least for now because, maybe I'm wrong but we didn't implement any code
to tell barebox to use efi.dtb, we only implemented code to extract the fdt from
configuration tables and write to /efi.dtb.

> +config EFI_INITRD_INSTALL
> > +	bool "Install the initramfs by barebox"
> > +	default n
> > +	help
> > +	  with this option barebox will install the initrd to the
> > +	  system configuration table, same as what kernel do after
> > +	  calling read file2 boot services, in this case the initrd
> > +	  will be read directly by the kernel as an initramfs.
> > 
> 
> Same thing, why can't we check for data->initrd and use that?
to answer your question, the same reason as for fdt, in case of secure boot
we ignore user supplied initrd. I think booti or bootm do the same thing, in
secure boot mode they ignore overrides.

concerning the EFI_INITRD_INSTALL, it is an option to early install the initrd 
in barebox, instead of exposing a boot service protocol to linux, then linux calls back
to barebox to get the initrd data and after that installing it to the system configuration
data, I added this code in the begining to debug and after that I implemented as what did by grub2, u-boot...etc.

Thank you for your support, 

cheers
Anis C.

Re: [PATCH 7/7] efi: payload: add options for FDT force and initrd direct install

[Ahmad Fatoum]

Hi,

On 9/5/25 12:30 AM, anis chali wrote:
> 
> Hello Ahmad,
> 
>>> ---
>>>  efi/Kconfig | 17 +++++++++++++++++
>>>  1 file changed, 17 insertions(+)
>>>
>> diff --git a/efi/Kconfig b/efi/Kconfig
>>> index 84f670fd23d3..c3811574920d 100644
>>> --- a/efi/Kconfig
>>> +++ b/efi/Kconfig
>>> @@ -50,4 +50,21 @@ config EFI_PAYLOAD_DEFAULT_PATH
>>>  
>>>  endif
>>>  
>>> +config EFI_FDT_FORCE
>>> +	bool "Force EFI provided FDT"
>>> +	default n
>>>
>>
>> n is the default
>>
>> +	help
>>> +	  with this options we keep the fdt passed by EFI in the
>>> +	  system configuration table, EFI has to suppot FDT otherwise
>>> +	  an empty fdt will be generated when linux boots by efi.
>>>
>>
>> These things should be runtime configurable and not in Kconfig.
>> Why can't you take a user-supplied FDT if there is one and otherwise
>> fall back to of_get_fixed_tree_for_boot() as fallback?
> 
> The reason why I ignore a user supplied fdt is the secure boot, in that case
> I only accept a signed fit image fdt or keep the efi supplied fdt which is
> already in the configuration tables so we can trust it, it is probably signed
> and verified by efi.

There's CONFIG_BOOTM_FORCE_SIGNED_IMAGES that should be used to disallow
booting unsigned images. If that option is disabled, we should give the
user the runtime choice to select which initrd and which device tree to use.

> concerning the of_get_fixed_tree_for_boot, I think we can not
> use it at least for now because, maybe I'm wrong but we didn't implement any code
> to tell barebox to use efi.dtb, we only implemented code to extract the fdt from
> configuration tables and write to /efi.dtb.

Ah, that's correct of course. Maybe we should just register the EFI dtb
as the barebox device tree... We will need to avoid things like
detecting the memory banks, but apart from that it would be useful to
e.g. probe drivers that are not exposed by the EFI firmware.

Anyways, even without that, of_get_fixed_tree_for_boot() should still be
used, so the user can specify a device tree.

>> +config EFI_INITRD_INSTALL
>>> +	bool "Install the initramfs by barebox"
>>> +	default n
>>> +	help
>>> +	  with this option barebox will install the initrd to the
>>> +	  system configuration table, same as what kernel do after
>>> +	  calling read file2 boot services, in this case the initrd
>>> +	  will be read directly by the kernel as an initramfs.
>>>
>>
>> Same thing, why can't we check for data->initrd and use that?
> to answer your question, the same reason as for fdt, in case of secure boot
> we ignore user supplied initrd. I think booti or bootm do the same thing, in
> secure boot mode they ignore overrides.

Maybe I am missing the big picture here, please apply the review
feedback so far and send a v2, then we can look into this again.

> concerning the EFI_INITRD_INSTALL, it is an option to early install the initrd 
> in barebox, instead of exposing a boot service protocol to linux, then linux calls back
> to barebox to get the initrd data and after that installing it to the system configuration
> data, I added this code in the begining to debug and after that I implemented as what did by grub2, u-boot...etc.

I am not familiar with the EFI protocols. I will read up on it and
compare for v2.

Thanks for your patches!
Ahmad

> 
> Thank you for your support, 
> 
> cheers
> Anis C.
> 

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |