Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp2852183rwb; Thu, 29 Sep 2022 16:21:42 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5aw6lPwvJ99fWsECkDHSrWzLEExo2zYoDmoE/cH2iCmlddhYzvH0z8D9927b8UAcOa8veF X-Received: by 2002:a17:907:7da9:b0:784:548e:1d43 with SMTP id oz41-20020a1709077da900b00784548e1d43mr4520742ejc.662.1664493702104; Thu, 29 Sep 2022 16:21:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664493702; cv=none; d=google.com; s=arc-20160816; b=LGFxH/mQEpHlru8K6rjrrpiyBKB6dLK96Fb8nfpqIYts/8oDuYEwJRzTQ6v8DMgLFP Am7R2VmVhQXORmoQNNiXZDvdJfFgw6EHIMMt3sQ1Ix2l/tqOOkp0wjnLI7F7UGRCbnj8 4RqXUI8z33LHI/+ToGcWcAVr2e1Sn0m2K6Oqk6+sJ8tZL/zwS6y8Tl6sJPjU8aV4wLzu 8a3+yT78Fe4CRqTz254t+xOeaEBD0hdtxK0I8oMKOLSiQorqYnDyf2vyNoZfsJacuzL4 mcK618l9PJG7+hyllY/FPh+NA3zAuBjutxIjDnDDVHPQfLZknR2a3gXcY1Ts6O0gBioV ccQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=XZWfM4q7thLJRlIL5LnhobWSY3gDTnmsDKZGlT+eoxU=; b=ZSeD62s6VXJOAILuSx8JQzNNvrC6a0CEQMkGW9RT8aKqDvOSe4lhA39Pmw/0V1mAMi J1TBHbdIpfmp05W1gFwo4M1TBg+jeV2kkiydUrtekb/XWl9sqB1z4D3uwqABjzd71v1V 3IQ6xmuvSpE6tuwwDmZTjdtzCMs7h73G2jyxBjo0vW9nV4IjSt1EhRZBf1JvgdSHfDCT lurSYZt0pdYAdZaTGMg8+9tBF9p6lClAlsZkyEMX0Zn1vYAdoqLVk6FgFi4hWbNJEcAX 3rkKbWzqdupQ8uVb9laDNc17D19dkZ6XDeMDRA5IL6je1xRkVHHCRzGOIPJqwHXpG1Vc I+pA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm2 header.b=CDfcAP8w; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=Vl6NCdiZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u9-20020aa7d0c9000000b00458184df601si653550edo.612.2022.09.29.16.21.14; Thu, 29 Sep 2022 16:21:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm2 header.b=CDfcAP8w; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=Vl6NCdiZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229963AbiI2XDG (ORCPT + 99 others); Thu, 29 Sep 2022 19:03:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229952AbiI2XC6 (ORCPT ); Thu, 29 Sep 2022 19:02:58 -0400 Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7E59513570D; Thu, 29 Sep 2022 16:02:52 -0700 (PDT) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id E78175C00D0; Thu, 29 Sep 2022 19:02:51 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Thu, 29 Sep 2022 19:02:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to; s=fm2; t= 1664492571; x=1664578971; bh=XZWfM4q7thLJRlIL5LnhobWSY3gDTnmsDKZ GlT+eoxU=; b=CDfcAP8wxrv+yGaGY/hgh8nOq8xIjHWFytgIF58pO3FJayIaXxB WeYKUZGE7d8fQfMSvaZuSFYKQ8fFxC4IdUIxWnKW9O4/ojiXtmTWTqS24+TzP35I ofRbuBpkds4F0EslcpT0IXbD3wHJB7KN5lSGHt3P5/y17f8RKHyJBG8vWt22dlqC FDmjfp6qqgtvBwDItPyFemGkb3w+xJo7DK2lEw444jsbfKaOoDcst8SEeMRg/Zkt gPst1/tk7hVJ4SRB02ktkYfO1Br0ZR+rxwwUhUIHtl9V4mB8Qrsu9rChOcczf3l2 JkwrCMD+K2cq8kodNdqjD8BLNkWnbf9Gw+w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1664492571; x=1664578971; bh=XZWfM4q7thLJR lIL5LnhobWSY3gDTnmsDKZGlT+eoxU=; b=Vl6NCdiZc+gz2Ku60HaxtUtPNiwBb URRhV82z1PM/85XgMqFqjDLuGhS0OTCzjlkUzFphL515COHxZNNHMUshccNa3vSb LQ5URwP15JvAS5TzO6MlkIFhncp9hoKnRwy8i6IDrRMpGltkqUbAAqlXNfhy7/5k FccgNXMpJAd1A/fffa6p/pZiS+kh1jGAIINf2Uh+bA9UZYaE/3JbKuvjR6awcKgd g3CLbVNm3IdpMRZ8sV4jdbb9Q/6SiIF/vKWk8sJT4qIFidKm+Grlo2b2wJ3JMYHZ T+eQ5xzVkJSNtEku5+wnExs+PqBcH4fPaNNm5AesR/Y1jMQY1dlK1WdkA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeehuddgudeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 29 Sep 2022 19:02:51 -0400 (EDT) From: Demi Marie Obenour To: Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko , Ard Biesheuvel , Kees Cook , Anton Vorontsov , Colin Cross , Tony Luck , =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Cc: Demi Marie Obenour , xen-devel@lists.xenproject.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 2/2] Support ESRT in Xen dom0 Date: Thu, 29 Sep 2022 19:02:04 -0400 Message-Id: <5649176eacda434267f68676f1733d06c572d19e.1664298147.git.demi@invisiblethingslab.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org fwupd requires access to the EFI System Resource Table (ESRT) to discover which firmware can be updated by the OS. Currently, Linux does not expose the ESRT when running as a Xen dom0. Therefore, it is not possible to use fwupd in a Xen dom0, which is a serious problem for e.g. Qubes OS. Before Xen 4.17, this was not fixable due to hypervisor limitations. The UEFI specification requires the ESRT to be in EfiBootServicesData memory, which Xen will use for whatever purposes it likes. Therefore, Linux cannot safely access the ESRT, as Xen may have overwritten it. Starting with Xen 4.17, Xen checks if the ESRT is in EfiBootServicesData or EfiRuntimeServicesData memory. If the ESRT is in EfiBootServicesData memory, Xen replaces the ESRT with a copy in memory that it has reserved. Such memory is currently of type EFI_RUNTIME_SERVICES_DATA, but in the future it will be of type EFI_ACPI_RECLAIM_MEMORY. This ensures that the ESRT can safely be accessed by the OS. When running as a Xen dom0, use the new xen_config_table_memory_region_max() function to determine if Xen has reserved the ESRT and, if so, find the end of the memory region containing it. This allows programs such as fwupd which require the ESRT to run under Xen, and so makes fwupd support in Qubes OS possible. Signed-off-by: Demi Marie Obenour --- drivers/firmware/efi/esrt.c | 43 ++++++++++++++++++++++++++----------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c index 2a2f52b017e736dd995c69e8aeb5fbd7761732e5..a0642bc161b4b1f94f818b8c9f46511fe2424bb2 100644 --- a/drivers/firmware/efi/esrt.c +++ b/drivers/firmware/efi/esrt.c @@ -243,27 +243,44 @@ void __init efi_esrt_init(void) void *va; struct efi_system_resource_table tmpesrt; size_t size, max, entry_size, entries_size; - efi_memory_desc_t md; - int rc; phys_addr_t end; - - if (!efi_enabled(EFI_MEMMAP)) - return; + u32 type; pr_debug("esrt-init: loading.\n"); if (!esrt_table_exists()) return; - rc = efi_mem_desc_lookup(efi.esrt, &md); - if (rc < 0 || - (!(md.attribute & EFI_MEMORY_RUNTIME) && - md.type != EFI_BOOT_SERVICES_DATA && - md.type != EFI_RUNTIME_SERVICES_DATA)) { - pr_warn("ESRT header is not in the memory map.\n"); + if (efi_enabled(EFI_MEMMAP)) { + efi_memory_desc_t md; + + if (efi_mem_desc_lookup(efi.esrt, &md) < 0 || + (!(md.attribute & EFI_MEMORY_RUNTIME) && + md.type != EFI_BOOT_SERVICES_DATA && + md.type != EFI_RUNTIME_SERVICES_DATA)) { + pr_warn("ESRT header is not in the memory map.\n"); + return; + } + + type = md.type; + max = efi_mem_desc_end(&md); +#ifdef CONFIG_XEN_EFI + } else if (efi_enabled(EFI_PARAVIRT)) { + max = xen_config_table_memory_region_max(efi.esrt); + /* + * This might be wrong, but it doesn't matter. + * xen_config_table_memory_region_max() checks the type + * of the memory region, and if it returns 0, the code + * below will fail without looking at the type. Choose + * a value that will not cause * subsequent code to try + * to reserve the memory containing the ESRT, as either + * Xen or the firmware has done so already. + */ + type = EFI_RUNTIME_SERVICES_DATA; +#endif + } else { return; } - max = efi_mem_desc_end(&md); if (max < efi.esrt) { pr_err("EFI memory descriptor is invalid. (esrt: %p max: %p)\n", (void *)efi.esrt, (void *)max); @@ -333,7 +350,7 @@ void __init efi_esrt_init(void) end = esrt_data + size; pr_info("Reserving ESRT space from %pa to %pa.\n", &esrt_data, &end); - if (md.type == EFI_BOOT_SERVICES_DATA) + if (type == EFI_BOOT_SERVICES_DATA) efi_mem_reserve(esrt_data, esrt_data_size); pr_debug("esrt-init: loaded.\n"); -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab