efi loader: disallow user to configure staging area size less than default

We need to round it up to 2M, for instance.  Having staging area too small
might cause the first resize to use negative size for memmove()/memcpy(),
which kills loader.

Tested by:	Harry Schmalzbauer <freebsd@omnilan.de>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week

1 files changed, 9 insertions, 4 deletions

diff --git a/stand/efi/loader/copy.c b/stand/efi/loader/copy.c
index 65f595c12b11..2552ae86d966 100644
--- a/stand/efi/loader/copy.c
+++ b/stand/efi/loader/copy.c
@@ -178,12 +178,13 @@ out:
 }
 #endif /* __i386__ || __amd64__ */
 
-#ifndef EFI_STAGING_SIZE
 #if defined(__arm__)
-#define	EFI_STAGING_SIZE	32
+#define	DEFAULT_EFI_STAGING_SIZE	32
 #else
-#define	EFI_STAGING_SIZE	64
+#define	DEFAULT_EFI_STAGING_SIZE	64
 #endif
+#ifndef EFI_STAGING_SIZE
+#define	EFI_STAGING_SIZE	DEFAULT_EFI_STAGING_SIZE
 #endif
 
 #if defined(__aarch64__) || defined(__amd64__) || defined(__arm__) || \
@@ -314,8 +315,12 @@ efi_copy_init(void)
 {
 	EFI_STATUS	status;
 	unsigned long nr_pages;
+	vm_offset_t ess;
 
-	nr_pages = EFI_SIZE_TO_PAGES(M(1) * (EFI_STAGING_SIZE));
+	ess = EFI_STAGING_SIZE;
+	if (ess < DEFAULT_EFI_STAGING_SIZE)
+		ess = DEFAULT_EFI_STAGING_SIZE;
+	nr_pages = EFI_SIZE_TO_PAGES(M(1) * ess);
 
 #if defined(__i386__) || defined(__amd64__)
 	/*