From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: Julien Grall <julien.grall@linaro.org>, xen-devel@lists.xenproject.org
Cc: stefano.stabellini@citrix.com, tim@xen.org, ian.campbell@citrix.com
Subject: Re: [RFC 13/14] xen/xsm: Add support for device tree
Date: Thu, 13 Mar 2014 10:47:07 -0400 [thread overview]
Message-ID: <5321C4EB.1070309@tycho.nsa.gov> (raw)
In-Reply-To: <1394640969-25583-14-git-send-email-julien.grall@linaro.org>
On 03/12/2014 12:16 PM, Julien Grall wrote:
> This patch adds a new module "xen,xsm-blob" to allow the user to load the XSM
> policy when Xen is booting.
>
> Signed-off-by: Julien Grall <julien.grall@linaro.org>
> Cc: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> ---
> docs/misc/arm/device-tree/booting.txt | 1 +
> xen/common/device_tree.c | 2 ++
> xen/include/xen/device_tree.h | 3 ++-
> xen/include/xsm/xsm.h | 12 +++++++++++
> xen/xsm/xsm_core.c | 37 +++++++++++++++++++++++++++++++++
> xen/xsm/xsm_policy.c | 37 +++++++++++++++++++++++++++++++++
> 6 files changed, 91 insertions(+), 1 deletion(-)
>
> diff --git a/docs/misc/arm/device-tree/booting.txt b/docs/misc/arm/device-tree/booting.txt
> index 07fde27..85988fb 100644
> --- a/docs/misc/arm/device-tree/booting.txt
> +++ b/docs/misc/arm/device-tree/booting.txt
> @@ -16,6 +16,7 @@ Each node contains the following properties:
>
> - "linux-zimage" -- the dom0 kernel
> - "linux-initrd" -- the dom0 ramdisk
> + - "xsm-blob" -- XSM policy blob
>
> - reg
>
> diff --git a/xen/common/device_tree.c b/xen/common/device_tree.c
> index 55716a8..91146fb 100644
> --- a/xen/common/device_tree.c
> +++ b/xen/common/device_tree.c
> @@ -354,6 +354,8 @@ static void __init process_multiboot_node(const void *fdt, int node,
> nr = MOD_KERNEL;
> else if ( fdt_node_check_compatible(fdt, node, "xen,linux-initrd") == 0)
> nr = MOD_INITRD;
> + else if ( fdt_node_check_compatible(fdt, node, "xen,xsm-blob") == 0 )
> + nr = MOD_XSM;
> else
> early_panic("%s not a known xen multiboot type\n", name);
>
> diff --git a/xen/include/xen/device_tree.h b/xen/include/xen/device_tree.h
> index 9a8c3de..76faf11 100644
> --- a/xen/include/xen/device_tree.h
> +++ b/xen/include/xen/device_tree.h
> @@ -24,7 +24,8 @@
> #define MOD_FDT 1
> #define MOD_KERNEL 2
> #define MOD_INITRD 3
> -#define NR_MODULES 4
> +#define MOD_XSM 4
> +#define NR_MODULES 5
>
> #define MOD_DISCARD_FIRST MOD_FDT
>
> diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
> index 4863e41..2cd3a3b 100644
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -652,6 +652,11 @@ extern int xsm_multiboot_policy_init(unsigned long *module_map,
> void *(*bootstrap_map)(const module_t *));
> #endif
>
> +#ifdef HAS_DEVICE_TREE
> +extern int xsm_dt_init(void);
> +extern int xsm_dt_policy_init(void);
> +#endif
> +
> extern int register_xsm(struct xsm_operations *ops);
> extern int unregister_xsm(struct xsm_operations *ops);
>
> @@ -671,6 +676,13 @@ static inline int xsm_multiboot_init (unsigned long *module_map,
> }
> #endif
>
> +#ifdef HAS_DEVICE_TREE
> +static inline int xsm_dt_init(void)
> +{
> + return 0;
> +}
> +#endif
> +
> #endif /* XSM_ENABLE */
>
> #endif /* __XSM_H */
> diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c
> index 11a9ca7..755a5dd 100644
> --- a/xen/xsm/xsm_core.c
> +++ b/xen/xsm/xsm_core.c
> @@ -79,6 +79,43 @@ int __init xsm_multiboot_init(unsigned long *module_map,
> }
> #endif
>
> +#ifdef HAS_DEVICE_TREE
> +int __init xsm_dt_init(void)
> +{
> + int ret = 0;
> +
> + printk("XSM Framework v" XSM_FRAMEWORK_VERSION " initialized\n");
> +
> + if ( XSM_MAGIC )
> + {
> + ret = xsm_dt_policy_init();
> + if ( ret )
> + {
> + printk("%s: Error initializing policy (rc = %d).\n",
> + __FUNCTION__, ret);
> + return -EINVAL;
> + }
> + }
> +
> + if ( verify(&dummy_xsm_ops) )
> + {
> + printk("%s could not verify dummy_xsm_ops structure.\n",
> + __FUNCTION__);
> + ret = -EIO;
> + goto err;
> + }
> +
> + xsm_ops = &dummy_xsm_ops;
> + do_xsm_initcalls();
> +
> +err:
> + if ( policy_buffer )
> + xfree(policy_buffer);
> +
> + return ret;
> +}
> +#endif
> +
> int register_xsm(struct xsm_operations *ops)
> {
> if ( verify(ops) )
> diff --git a/xen/xsm/xsm_policy.c b/xen/xsm/xsm_policy.c
> index 3d5f66a..a0dee09 100644
> --- a/xen/xsm/xsm_policy.c
> +++ b/xen/xsm/xsm_policy.c
> @@ -23,6 +23,10 @@
> #include <xen/multiboot.h>
> #endif
> #include <xen/bitops.h>
> +#ifdef HAS_DEVICE_TREE
> +# include <asm/setup.h>
> +# include <xen/device_tree.h>
> +#endif
>
> char *__initdata policy_buffer = NULL;
> u32 __initdata policy_size = 0;
> @@ -69,3 +73,36 @@ int __init xsm_multiboot_policy_init(unsigned long *module_map,
> return rc;
> }
> #endif
> +
> +#ifdef HAS_DEVICE_TREE
> +int __init xsm_dt_policy_init(void)
> +{
> + paddr_t paddr = early_info.modules.module[MOD_XSM].start;
> + paddr_t len = early_info.modules.module[MOD_XSM].size;
> + xsm_magic_t magic;
> +
> + if ( !len )
> + return 0;
> +
> + copy_from_paddr(&magic, paddr, sizeof(magic));
> +
> + if ( magic != XSM_MAGIC )
> + {
> + printk(XENLOG_ERR "xsm: Invalid magic for XSM blob got 0x%x "
> + "expected 0x%x\n", magic, XSM_MAGIC);
> + return -EINVAL;
> + }
> +
> + printk("xsm: Policy len = 0x%"PRIpaddr" start at 0x%"PRIpaddr"\n",
> + len, paddr);
> +
> + policy_buffer = xmalloc_bytes(len);
> + if ( !policy_buffer )
> + return -ENOMEM;
> +
> + copy_from_paddr(policy_buffer, paddr, len);
> + policy_size = len;
> +
> + return 0;
> +}
> +#endif
>
--
Daniel De Graaf
National Security Agency
next prev parent reply other threads:[~2014-03-13 14:47 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-12 16:15 [RFC 00/14] xen/arm: Add support for XSM Julien Grall
2014-03-12 16:15 ` [RFC 01/14] xen/arm: kernel: Don't harcode flash address Julien Grall
2014-03-14 17:10 ` Ian Campbell
2014-03-14 17:44 ` Julien Grall
2014-03-12 16:15 ` [RFC 02/14] xen/arm: Remove the parameter "attrindx" in copy_paddr Julien Grall
2014-03-14 17:14 ` Ian Campbell
2014-03-14 18:02 ` Julien Grall
2014-03-17 10:13 ` Ian Campbell
2014-03-17 11:53 ` Julien Grall
2014-03-17 12:02 ` Ian Campbell
2014-03-12 16:15 ` [RFC 03/14] xen/arm: Correctly define size_t Julien Grall
2014-03-14 17:18 ` Ian Campbell
2014-03-12 16:15 ` [RFC 04/14] xen/arm: next_module: Skip module if the size is 0 Julien Grall
2014-03-14 17:19 ` Ian Campbell
2014-03-12 16:16 ` [RFC 05/14] xen/xsm: xsm functions for PCI passthrough is not x86 specific Julien Grall
2014-03-13 14:25 ` Daniel De Graaf
2014-03-14 17:20 ` Ian Campbell
2014-03-12 16:16 ` [RFC 06/14] xen/xsm: xsm_do_mca is " Julien Grall
2014-03-13 14:26 ` Daniel De Graaf
2014-03-14 17:21 ` Ian Campbell
2014-03-12 16:16 ` [RFC 07/14] xen/xsm: flask: Fix compilation when CONFIG_COMPAT=y Julien Grall
2014-03-13 14:26 ` Daniel De Graaf
2014-03-14 17:23 ` Ian Campbell
2014-03-14 18:08 ` Julien Grall
2014-03-17 7:22 ` Jan Beulich
2014-03-17 10:15 ` Ian Campbell
2014-03-17 11:57 ` Julien Grall
2014-03-12 16:16 ` [RFC 08/14] xen/xsm: flask: Rename variable "bool" in "b" Julien Grall
2014-03-12 16:26 ` Andrew Cooper
2014-03-13 13:17 ` Julien Grall
2014-03-13 13:57 ` Jan Beulich
2014-03-13 14:27 ` Daniel De Graaf
2014-03-14 17:24 ` Ian Campbell
2014-03-12 16:16 ` [RFC 09/14] xen/xsm: flask: MSI is PCI specific Julien Grall
2014-03-13 14:34 ` Daniel De Graaf
2014-03-13 14:40 ` Julien Grall
2014-03-14 17:25 ` Ian Campbell
2014-03-14 18:15 ` Julien Grall
2014-03-17 10:13 ` Ian Campbell
2014-03-17 12:05 ` Julien Grall
2014-03-12 16:16 ` [RFC 10/14] xen/xsm: flask: flask_copying_string is taking a XEN_GUEST_HANDLE as first param Julien Grall
2014-03-13 14:34 ` Daniel De Graaf
2014-03-14 17:26 ` Ian Campbell
2014-03-12 16:16 ` [RFC 11/14] xen/xsm: flask: Add missing header in hooks.c Julien Grall
2014-03-13 14:34 ` Daniel De Graaf
2014-03-14 17:26 ` Ian Campbell
2014-03-12 16:16 ` [RFC 12/14] xen/xsm: Don't use multiboot by default to initialize XSM Julien Grall
2014-03-12 16:52 ` Jan Beulich
2014-03-13 14:36 ` Daniel De Graaf
2014-03-14 17:27 ` Ian Campbell
2014-03-12 16:16 ` [RFC 13/14] xen/xsm: Add support for device tree Julien Grall
2014-03-13 14:47 ` Daniel De Graaf [this message]
2014-03-14 17:34 ` Ian Campbell
2014-03-14 18:24 ` Julien Grall
2014-03-17 10:15 ` Ian Campbell
2014-03-12 16:16 ` [RFC 14/14] xen/arm: Add support for XSM Julien Grall
2014-03-14 17:34 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5321C4EB.1070309@tycho.nsa.gov \
--to=dgdegra@tycho.nsa.gov \
--cc=ian.campbell@citrix.com \
--cc=julien.grall@linaro.org \
--cc=stefano.stabellini@citrix.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.