Received: by 2002:a05:6358:bb9e:b0:b9:5105:a5b4 with SMTP id df30csp2988199rwb; Mon, 5 Sep 2022 04:57:58 -0700 (PDT) X-Google-Smtp-Source: AA6agR6ak8ZVHKtq2gW5biECj2iRHIFrK7l+Yiv59YY03aw4G0iSbPJAKlVyK934cUW+FK/xmoq5 X-Received: by 2002:a17:902:bd49:b0:172:df88:8981 with SMTP id b9-20020a170902bd4900b00172df888981mr48910156plx.120.1662379078026; Mon, 05 Sep 2022 04:57:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1662379078; cv=none; d=google.com; s=arc-20160816; b=BG8iMMGO7paSsZGcTz4UV7J5TtFBBNHdIrphE66mXd4apGKUA0F+mrZflKxb1TeeZk V6zLhULy5QO3+zJ+DjAl1PurIZLgpa/7eNjetjaXXJLlt02p4hsd9iBmF8BvYN2al9Ri CWALvbIrsthPrd3wk+Nc4QzZSzCKU0I3RO65BYiY3CS/hqniUIDb9ym2wW6x9BUs8ewf 4L93TVv/fdFDr3sFepf5raW2Rx6x0oOqj01X7Iu33GtovynthBRksi9on/5N9tg40Ehp ESkHT2AxFU3VWB7QviL0t56m04OHdpgQ4twGiiZYTVsPmrWXNQdaiNID/LnMyNmaTIiW r9wg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=l8T9BdSbybfszjad6e+ZM18dVr2YTrv0ZTuFTygV+bs=; b=X3Ux4a3A2hKNdz9/E1E2IXV7gnff3lmxhaxD94jRLm/RlyOZYodUL2cUuuiEmycKtO 97sKluicmIXxEVv1aUOMs1YlfxDOiB2vA4Y4G9fsqJlzdI7s6txwoHISZ23PPfd/lK/4 Yn45bmPUpVxW0KmE71u813T/ODGrJU9JrfDNByTc3LBhO2VwFbHINlGADb7oqYoSZb/C RRMIrbTrXwig7+mhZDRK8V3Lb6AEwrxD5x2rcnyqP7RHRaQEK58y1ElJlcIp9nNNiKjI pqVhkIvdpc6ufXm1iCSIPyBJnhHNMIoWTMh12A71+q62HitabHvKrHw/QDMFvlgc2T9D sVMA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="VmsO4/rr"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kb1-20020a17090ae7c100b001fdaee0dfa0si12944612pjb.172.2022.09.05.04.57.45; Mon, 05 Sep 2022 04:57:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="VmsO4/rr"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238301AbiIELri (ORCPT + 99 others); Mon, 5 Sep 2022 07:47:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35336 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238324AbiIELrR (ORCPT ); Mon, 5 Sep 2022 07:47:17 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ECDBB5C976; Mon, 5 Sep 2022 04:47:10 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4C09FB81116; Mon, 5 Sep 2022 11:47:09 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E0745C433D6; Mon, 5 Sep 2022 11:47:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1662378427; bh=NHuH20RrQjxRSqiH0mBVZk8zTQuLxuDS7k7p+r4UxA0=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=VmsO4/rrmylf8/u2/pk96SzSMvTQRigqOOVMVv/F+2rcKfVibHN50t5Ci/AkViS2D /1qKssYq733OPSahQv7niTSffy4hTNp4Hh68Y0MUtCwbHm9Bohc3JX/Ve4W3cOBUQq lcrrbCkRo74vijamxAJIG88UIKkbxNsLfXGztX/9fgOaHStHuOKCXU5uy502mSPhFX jsaY/YTxs+e35PkZX26ypa0aixYJ5pivEkDO5he42wLqBcPlp/85obB6sHiBo94qF7 I1XEzbL4Z7EdhBhua8TCf+zRDc4LvGNK4Frar9/jdc1pNW0iOcAK/Z6uoIn3vzq23G Ki1PWLlwSdnIQ== Received: by mail-lj1-f177.google.com with SMTP id x10so8983992ljq.4; Mon, 05 Sep 2022 04:47:07 -0700 (PDT) X-Gm-Message-State: ACgBeo18nHLuScDqVbeWhhGU1ZmeJnskp5VjEOTsn42oaqoOAO1pFqrB aErQBSqXLmbcUnPjjCQ4sQTe5OcHm6HoQ9k+mcg= X-Received: by 2002:a2e:710c:0:b0:264:ed38:e57f with SMTP id m12-20020a2e710c000000b00264ed38e57fmr9678972ljc.189.1662378425797; Mon, 05 Sep 2022 04:47:05 -0700 (PDT) MIME-Version: 1.0 References: <20220828025158.1455-1-demi@invisiblethingslab.com> In-Reply-To: <20220828025158.1455-1-demi@invisiblethingslab.com> From: Ard Biesheuvel Date: Mon, 5 Sep 2022 13:46:54 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] Add support for ESRT loading under Xen To: Demi Marie Obenour Cc: Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, xen-devel@lists.xenproject.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 28 Aug 2022 at 04:52, Demi Marie Obenour wrote: > > This is needed for fwupd to work in Qubes OS. > Please elaborate on: - the current situation - why this is a problem - why your approach is a reasonable solution. > Signed-off-by: Demi Marie Obenour > --- > Changes since v1: > > - Use a different type (struct xen_efi_mem_info) for memory information > provided by Xen, as Xen reports it in a different way than the > standard Linux functions do. > > drivers/firmware/efi/esrt.c | 49 +++++++++++++++++++++++++++---------- > drivers/xen/efi.c | 32 ++++++++++++++++++++++++++ > include/linux/efi.h | 18 ++++++++++++++ > 3 files changed, 86 insertions(+), 13 deletions(-) > > diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c > index 2a2f52b017e736dd995c69e8aeb5fbd7761732e5..c0fc149a838044cc16bb08a374a0c8ea6b7dcbff 100644 > --- a/drivers/firmware/efi/esrt.c > +++ b/drivers/firmware/efi/esrt.c > @@ -243,27 +243,50 @@ void __init efi_esrt_init(void) > void *va; > struct efi_system_resource_table tmpesrt; > size_t size, max, entry_size, entries_size; > - efi_memory_desc_t md; > - int rc; > phys_addr_t end; > - > - if (!efi_enabled(EFI_MEMMAP)) > - return; > + uint32_t type; > > pr_debug("esrt-init: loading.\n"); > if (!esrt_table_exists()) > return; > > - rc = efi_mem_desc_lookup(efi.esrt, &md); > - if (rc < 0 || > - (!(md.attribute & EFI_MEMORY_RUNTIME) && > - md.type != EFI_BOOT_SERVICES_DATA && > - md.type != EFI_RUNTIME_SERVICES_DATA)) { > - pr_warn("ESRT header is not in the memory map.\n"); > + if (efi_enabled(EFI_MEMMAP)) { > + efi_memory_desc_t md; > + > + if (efi_mem_desc_lookup(efi.esrt, &md) < 0 || > + (!(md.attribute & EFI_MEMORY_RUNTIME) && > + md.type != EFI_BOOT_SERVICES_DATA && > + md.type != EFI_RUNTIME_SERVICES_DATA)) { > + pr_warn("ESRT header is not in the memory map.\n"); > + return; > + } > + > + type = md.type; > + max = efi_mem_desc_end(&md); > + } else if (IS_ENABLED(CONFIG_XEN_EFI) && efi_enabled(EFI_PARAVIRT)) { > + struct xen_efi_mem_info info; > + > + if (!xen_efi_mem_info_query(efi.esrt, &info)) { > + pr_warn("Failed to lookup ESRT header in Xen memory map\n"); > + return; > + } > + > + type = info.type; > + max = info.addr + info.size; > + > + /* Recent Xen versions relocate the ESRT to memory of type > + * EfiRuntimeServicesData, which Xen will not reuse. If the ESRT This violates the EFI spec, which spells out very clearly that the ESRT must be in EfiBootServicesData memory. Why are you deviating from this? > + * is not in EfiRuntimeServicesData memory, it has not been reserved > + * by Xen and might be allocated to other guests, so it cannot > + * safely be used. */ > + if (type != EFI_RUNTIME_SERVICES_DATA) { > + pr_warn("Xen did not reserve ESRT, ignoring it\n"); > + return; > + } > + } else { > return; > } > > - max = efi_mem_desc_end(&md); > if (max < efi.esrt) { > pr_err("EFI memory descriptor is invalid. (esrt: %p max: %p)\n", > (void *)efi.esrt, (void *)max); > @@ -333,7 +356,7 @@ void __init efi_esrt_init(void) > > end = esrt_data + size; > pr_info("Reserving ESRT space from %pa to %pa.\n", &esrt_data, &end); > - if (md.type == EFI_BOOT_SERVICES_DATA) > + if (type == EFI_BOOT_SERVICES_DATA) > efi_mem_reserve(esrt_data, esrt_data_size); > > pr_debug("esrt-init: loaded.\n"); > diff --git a/drivers/xen/efi.c b/drivers/xen/efi.c > index d1ff2186ebb48a7c0981ecb6d4afcbbb25ffcea0..b313f213822f0fd5ba6448f6f6f453cfda4c7e23 100644 > --- a/drivers/xen/efi.c > +++ b/drivers/xen/efi.c > @@ -26,6 +26,7 @@ > > #include > #include > +#include > #include > #include > > @@ -40,6 +41,37 @@ > > #define efi_data(op) (op.u.efi_runtime_call) > > +static_assert(XEN_PAGE_SHIFT == EFI_PAGE_SHIFT, > + "Mismatch between EFI_PAGE_SHIFT and XEN_PAGE_SHIFT"); > + > +bool xen_efi_mem_info_query(u64 phys_addr, struct xen_efi_mem_info *md) > +{ > + struct xen_platform_op op = { > + .cmd = XENPF_firmware_info, > + .u.firmware_info = { > + .type = XEN_FW_EFI_INFO, > + .index = XEN_FW_EFI_MEM_INFO, > + .u.efi_info.mem.addr = phys_addr, > + .u.efi_info.mem.size = ((u64)-1ULL) - phys_addr, > + } > + }; > + union xenpf_efi_info *info = &op.u.firmware_info.u.efi_info; > + int rc; > + > + memset(md, 0, sizeof(*md)); /* initialize md even on failure */ > + rc = HYPERVISOR_platform_op(&op); > + if (rc) { > + pr_warn("Could not obtain information on address %llu from Xen: " > + "error %d\n", phys_addr, rc); > + return false; > + } > + md->addr = info->mem.addr; > + md->size = info->mem.size; > + md->attr = info->mem.attr; > + md->type = info->mem.type; > + return true; > +} > + > static efi_status_t xen_efi_get_time(efi_time_t *tm, efi_time_cap_t *tc) > { > struct xen_platform_op op = INIT_EFI_OP(get_time); > diff --git a/include/linux/efi.h b/include/linux/efi.h > index d2b84c2fec39f0268324d1a38a73ed67786973c9..0598869cdc924aef0e2b9cacc4450b728e1a98c7 100644 > --- a/include/linux/efi.h > +++ b/include/linux/efi.h > @@ -1327,1 +1327,19 @@ struct linux_efi_coco_secret_area { > +/* Result of a XEN_FW_EFI_MEM_INFO query */ > +struct xen_efi_mem_info { > + uint64_t addr; /* address queried */ > + uint64_t size; /* remaining bytes in memory region */ > + uint64_t attr; /* attributes */ > + uint32_t type; /* type */ > +}; > + > +#if IS_ENABLED(CONFIG_XEN_EFI) > +extern bool xen_efi_mem_info_query(u64 phys_addr, struct xen_efi_mem_info *out_md); > +#else > +static inline bool xen_efi_mem_info_query(u64 phys_addr, struct xen_efi_mem_info *out_md) > +{ > + BUILD_BUG(); > + return false; > +} > +#endif > + > #endif /* _LINUX_EFI_H */ > -- > Sincerely, > Demi Marie Obenour (she/her/hers) > Invisible Things Lab