sprout/src/actions/chainload.rs

use crate::context::SproutContext;
use crate::utils;
use anyhow::{Context, Result, bail};
use log::info;
use serde::{Deserialize, Serialize};
use std::rc::Rc;
use uefi::CString16;
use uefi::proto::device_path::LoadedImageDevicePath;
use uefi::proto::loaded_image::LoadedImage;

#[derive(Serialize, Deserialize, Default, Clone)]
pub struct ChainloadConfiguration {
    pub path: String,
    #[serde(default)]
    pub options: Vec<String>,
}

pub fn chainload(context: Rc<SproutContext>, configuration: &ChainloadConfiguration) -> Result<()> {
    let sprout_image = uefi::boot::image_handle();
    let image_device_path_protocol =
        uefi::boot::open_protocol_exclusive::<LoadedImageDevicePath>(sprout_image)
            .context("unable to open loaded image device path protocol")?;

    let mut full_path = utils::device_path_root(&image_device_path_protocol)?;

    full_path.push_str(&context.stamp(&configuration.path));

    info!("path: {}", full_path);

    let device_path = utils::text_to_device_path(&full_path)?;

    let image = uefi::boot::load_image(
        sprout_image,
        uefi::boot::LoadImageSource::FromDevicePath {
            device_path: &device_path,
            boot_policy: uefi::proto::BootPolicy::ExactMatch,
        },
    )
    .context("failed to load image")?;

    let mut loaded_image_protocol = uefi::boot::open_protocol_exclusive::<LoadedImage>(image)
        .context("unable to open loaded image protocol")?;

    let options = configuration
        .options
        .iter()
        .map(|item| context.stamp(item))
        .collect::<Vec<_>>()
        .join(" ");
    if !options.is_empty() {
        let options = Box::new(
            CString16::try_from(&options[..])
                .context("unable to convert chainloader options to CString16")?,
        );
        info!("options: {}", options);

        // TODO(azenla): Free this memory, if possible.
        // The lifetime of the pointer needs ot outlive start_image.
        // Maybe consider moving this up.
        let options = Box::leak(options);

        if options.num_bytes() > u32::MAX as usize {
            bail!("chainloader options too large");
        }

        // SAFETY: options size is checked to validate it is safe to pass.
        // Additionally, the pointer is allocated and retained on the heap which makes
        // passing the options pointer safe to the next image.
        unsafe {
            loaded_image_protocol
                .set_load_options(options.as_ptr() as *const u8, options.num_bytes() as u32);
        }
    }

    let (base, size) = loaded_image_protocol.info();
    info!("loaded image: base={:#x} size={:#x}", base.addr(), size);
    uefi::boot::start_image(image).context("failed to start image")?;
    Ok(())
}
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`use crate::context::SproutContext;`
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00			`use crate::utils;`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`use anyhow::{Context, Result, bail};`
swap to uefi logger 2025-10-01 19:15:42 -07:00			`use log::info;`
rearrange configuration to be closer to where it's consumed 2025-10-11 14:11:31 -07:00			`use serde::{Deserialize, Serialize};`
initial actions, entries, generators mechanism! 2025-10-04 23:12:01 -07:00			`use std::rc::Rc;`
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00			`use uefi::CString16;`
			`use uefi::proto::device_path::LoadedImageDevicePath;`
move some code to utils and move around functions 2025-10-01 21:30:43 -07:00			`use uefi::proto::loaded_image::LoadedImage;`
initial commit 2025-10-01 16:45:04 -07:00
rearrange configuration to be closer to where it's consumed 2025-10-11 14:11:31 -07:00			`#[derive(Serialize, Deserialize, Default, Clone)]`
			`pub struct ChainloadConfiguration {`
			`pub path: String,`
			`#[serde(default)]`
			`pub options: Vec<String>,`
			`}`

introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`pub fn chainload(context: Rc<SproutContext>, configuration: &ChainloadConfiguration) -> Result<()> {`
initial commit 2025-10-01 16:45:04 -07:00			`let sprout_image = uefi::boot::image_handle();`
			`let image_device_path_protocol =`
			`uefi::boot::open_protocol_exclusive::<LoadedImageDevicePath>(sprout_image)`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`.context("unable to open loaded image device path protocol")?;`
initial commit 2025-10-01 16:45:04 -07:00
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`let mut full_path = utils::device_path_root(&image_device_path_protocol)?;`
initial actions, entries, generators mechanism! 2025-10-04 23:12:01 -07:00
			`full_path.push_str(&context.stamp(&configuration.path));`
initial commit 2025-10-01 16:45:04 -07:00
leak chainload options and bump kernel 2025-10-12 17:45:16 -07:00			`info!("path: {}", full_path);`
initial commit 2025-10-01 16:45:04 -07:00
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`let device_path = utils::text_to_device_path(&full_path)?;`
initial commit 2025-10-01 16:45:04 -07:00
			`let image = uefi::boot::load_image(`
			`sprout_image,`
			`uefi::boot::LoadImageSource::FromDevicePath {`
			`device_path: &device_path,`
			`boot_policy: uefi::proto::BootPolicy::ExactMatch,`
			`},`
			`)`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`.context("failed to load image")?;`
swap to uefi logger 2025-10-01 19:15:42 -07:00
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00			`let mut loaded_image_protocol = uefi::boot::open_protocol_exclusive::<LoadedImage>(image)`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`.context("unable to open loaded image protocol")?;`
swap to uefi logger 2025-10-01 19:15:42 -07:00
initial actions, entries, generators mechanism! 2025-10-04 23:12:01 -07:00			`let options = configuration`
			`.options`
			`.iter()`
			`.map(\|item\| context.stamp(item))`
			`.collect::<Vec<_>>()`
			`.join(" ");`
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00			`if !options.is_empty() {`
			`let options = Box::new(`
			`CString16::try_from(&options[..])`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`.context("unable to convert chainloader options to CString16")?,`
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00			`);`
leak chainload options and bump kernel 2025-10-12 17:45:16 -07:00			`info!("options: {}", options);`

			`// TODO(azenla): Free this memory, if possible.`
			`// The lifetime of the pointer needs ot outlive start_image.`
			`// Maybe consider moving this up.`
			`let options = Box::leak(options);`
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00
			`if options.num_bytes() > u32::MAX as usize {`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`bail!("chainloader options too large");`
add efi shell so that chainloading multiple items can be tested 2025-10-02 00:24:19 -07:00			`}`

			`// SAFETY: options size is checked to validate it is safe to pass.`
			`// Additionally, the pointer is allocated and retained on the heap which makes`
			`// passing the options pointer safe to the next image.`
			`unsafe {`
			`loaded_image_protocol`
			`.set_load_options(options.as_ptr() as *const u8, options.num_bytes() as u32);`
			`}`
			`}`

			`let (base, size) = loaded_image_protocol.info();`
leak chainload options and bump kernel 2025-10-12 17:45:16 -07:00			`info!("loaded image: base={:#x} size={:#x}", base.addr(), size);`
introduce the use of anyhow to no longer use panic 2025-10-11 14:35:29 -07:00			`uefi::boot::start_image(image).context("failed to start image")?;`
			`Ok(())`
initial commit 2025-10-01 16:45:04 -07:00			`}`