xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Daniel Kiper <daniel.kiper@oracle.com>
To: xen-devel@lists.xenproject.org
Cc: sstabellini@kernel.org, wei.liu2@citrix.com,
	george.dunlap@eu.citrix.com, andrew.cooper3@citrix.com,
	ian.jackson@eu.citrix.com, tim@xen.org, julien.grall@arm.com,
	jbeulich@suse.com, tamas.k.lengyel@gmail.com
Subject: [PATCH v2 7/8] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()
Date: Tue, 19 Jun 2018 16:35:45 +0200	[thread overview]
Message-ID: <1529418946-30114-8-git-send-email-daniel.kiper@oracle.com> (raw)
In-Reply-To: <1529418946-30114-1-git-send-email-daniel.kiper@oracle.com>

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
---
v2 - suggestions/fixes:
   - add const to *dom0_kernel efi_multiboot2() argument,
     (suggested by Jan Beulich),
   - improve comments
     (suggested by Konrad Rzeszutek Wilk).
---
 xen/arch/x86/boot/head.S    |   23 +++++++++++++++++++++--
 xen/arch/x86/efi/efi-boot.h |   10 +++++++++-
 xen/arch/x86/efi/stub.c     |    6 +++++-
 3 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S
index 582dc51..48f1b00 100644
--- a/xen/arch/x86/boot/head.S
+++ b/xen/arch/x86/boot/head.S
@@ -395,9 +395,13 @@ __efi64_mb2_start:
         jmp     x86_32_switch
 
 .Lefi_multiboot2_proto:
-        /* Zero EFI SystemTable and EFI ImageHandle addresses. */
+        /*
+         * Zero EFI SystemTable, EFI ImageHandle and
+         * dom0 kernel module struct addresses.
+         */
         xor     %esi,%esi
         xor     %edi,%edi
+        xor     %r14d,%r14d
 
         /* Skip Multiboot2 information fixed part. */
         lea     (MB2_fixed_sizeof+MULTIBOOT2_TAG_ALIGN-1)(%rbx),%ecx
@@ -435,6 +439,18 @@ __efi64_mb2_start:
         cmove   MB2_efi64_ih(%rcx),%rdi
         je      .Lefi_mb2_next_tag
 
+        /*
+         * Get dom0 kernel module struct address from Multiboot2
+         * information and ignore the rest of modules.
+         */
+        cmpl    $MULTIBOOT2_TAG_TYPE_MODULE,MB2_tag_type(%rcx)
+        jne     .Lefi_mb2_end
+
+        test    %r14d,%r14d
+        cmovz   %ecx,%r14d
+        jmp     .Lefi_mb2_next_tag
+
+.Lefi_mb2_end:
         /* Is it the end of Multiboot2 information? */
         cmpl    $MULTIBOOT2_TAG_TYPE_END,MB2_tag_type(%rcx)
         je      .Lrun_bs
@@ -496,9 +512,12 @@ __efi64_mb2_start:
         /* Keep the stack aligned. Do not pop a single item off it. */
         mov     (%rsp),%rdi
 
+        mov     %r14d,%edx
+
         /*
          * efi_multiboot2() is called according to System V AMD64 ABI:
-         *   - IN:  %rdi - EFI ImageHandle, %rsi - EFI SystemTable.
+         *   - IN: %rdi - EFI ImageHandle, %rsi - EFI SystemTable,
+         *         %rdx - if passed, dom0 kernel module struct address.
          */
         call    efi_multiboot2
 
diff --git a/xen/arch/x86/efi/efi-boot.h b/xen/arch/x86/efi/efi-boot.h
index 5f0e821..f8aaa37 100644
--- a/xen/arch/x86/efi/efi-boot.h
+++ b/xen/arch/x86/efi/efi-boot.h
@@ -3,6 +3,8 @@
  * is intended to be included by common/efi/boot.c _only_, and
  * therefore can define arch specific global variables.
  */
+#include <xen/types.h>
+#include <xen/multiboot2.h>
 #include <xen/vga.h>
 #include <asm/e820.h>
 #include <asm/edd.h>
@@ -694,7 +696,9 @@ efi_mb_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
     efi_start(ImageHandle, SystemTable);
 }
 
-void __init efi_multiboot2(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
+void __init efi_multiboot2(EFI_HANDLE ImageHandle,
+                           EFI_SYSTEM_TABLE *SystemTable,
+                           const multiboot2_tag_module_t *dom0_kernel)
 {
     EFI_GRAPHICS_OUTPUT_PROTOCOL *gop;
     UINTN cols, gop_mode = ~0, rows;
@@ -710,6 +714,10 @@ void __init efi_multiboot2(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable
                            &cols, &rows) == EFI_SUCCESS )
         efi_arch_console_init(cols, rows);
 
+    if ( dom0_kernel && dom0_kernel->mod_end > dom0_kernel->mod_start )
+        efi_shim_lock((VOID *)(unsigned long)dom0_kernel->mod_start,
+                      dom0_kernel->mod_end - dom0_kernel->mod_start);
+
     gop = efi_get_gop();
 
     if ( gop )
diff --git a/xen/arch/x86/efi/stub.c b/xen/arch/x86/efi/stub.c
index 2142932..5918536 100644
--- a/xen/arch/x86/efi/stub.c
+++ b/xen/arch/x86/efi/stub.c
@@ -1,7 +1,9 @@
+#include <xen/types.h>
 #include <xen/efi.h>
 #include <xen/errno.h>
 #include <xen/init.h>
 #include <xen/lib.h>
+#include <xen/multiboot2.h>
 #include <asm/page.h>
 #include <asm/efibind.h>
 #include <efi/efidef.h>
@@ -24,11 +26,13 @@ asm (
     "efi_mb_start:                     \n"
     "    mov    %rcx,%rdi              \n"
     "    mov    %rdx,%rsi              \n"
+    "    xor    %rdx,%rdx              \n"
     "    call   efi_multiboot2         \n"
     );
 
 void __init noreturn efi_multiboot2(EFI_HANDLE ImageHandle,
-                                    EFI_SYSTEM_TABLE *SystemTable)
+                                    EFI_SYSTEM_TABLE *SystemTable,
+                                    const multiboot2_tag_module_t *dom0_kernel)
 {
     static const CHAR16 __initconst err[] =
         L"Xen does not have EFI code build in!\r\nSystem halted!\r\n";
-- 
1.7.10.4


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

  parent reply	other threads:[~2018-06-19 14:36 UTC|newest]

Thread overview: 50+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-06-19 14:35 [PATCH v2 0/8] Change xen.efi build and add SHIM_LOCK verification into efi_multiboot2() Daniel Kiper
2018-06-19 14:35 ` [PATCH v2 1/8] xen: calculate XEN_BUILD_TIME using XEN_BUILD_DATE value Daniel Kiper
2018-06-25 13:48   ` Jan Beulich
2018-07-04 12:06     ` Daniel Kiper
2018-07-04 13:58       ` Ian Jackson
2018-07-04 14:39         ` Daniel Kiper
2018-07-04 15:41           ` Ian Jackson
2018-07-04 15:51             ` Roger Pau Monné
2018-07-04 16:07             ` Daniel Kiper
2018-07-04 16:30               ` Ian Jackson
2018-07-04 16:55                 ` Daniel Kiper
2018-06-19 14:35 ` [PATCH v2 2/8] xen: introduce XEN_COMPILE_POSIX_TIME Daniel Kiper
2018-06-25 13:54   ` Jan Beulich
2018-06-25 14:00     ` Andrew Cooper
2018-07-04 12:19       ` Daniel Kiper
2018-06-19 14:35 ` [PATCH v2 3/8] xen/x86: manually build xen.mb.efi binary Daniel Kiper
2018-06-25 15:36   ` Jan Beulich
2018-07-04 14:01     ` Daniel Kiper
2018-07-04 15:27       ` Jan Beulich
2018-07-04 16:35         ` Daniel Kiper
2018-07-05  8:18           ` Jan Beulich
2018-07-06 14:02             ` Daniel Kiper
2018-07-06 15:08               ` Jan Beulich
2018-07-10 10:48                 ` Daniel Kiper
2018-07-10 13:54                   ` Jan Beulich
2018-07-11 11:41                     ` Daniel Kiper
     [not found]                       ` <5B45ECF8020000FA04BD1FEB@prv1-mh.provo.novell.com>
2018-07-11 12:26                         ` Jan Beulich
2018-07-12 10:52                           ` Daniel Kiper
     [not found]                             ` <5B4733110200007F03CC3F14@prv1-mh.provo.novell.com>
2018-07-12 11:50                               ` Jan Beulich
2018-06-19 14:35 ` [PATCH v2 4/8] xen/x86: add some addresses to the Multiboot header Daniel Kiper
2018-06-28 13:41   ` Jan Beulich
2018-06-19 14:35 ` [PATCH v2 5/8] xen/x86: add some addresses to the Multiboot2 header Daniel Kiper
2018-06-28 13:42   ` Jan Beulich
2018-06-19 14:35 ` [PATCH v2 6/8] efi: split out efi_shim_lock() Daniel Kiper
2018-06-28 13:43   ` Jan Beulich
2018-06-19 14:35 ` Daniel Kiper [this message]
2018-06-28 13:48   ` [PATCH v2 7/8] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2() Jan Beulich
2018-06-19 14:35 ` [PATCH v2 8/8] efi: drop original xen.efi code and build mechanism Daniel Kiper
2018-06-28 13:51   ` Jan Beulich
2018-07-04 14:25     ` Daniel Kiper
2018-07-04 15:34       ` Jan Beulich
2018-07-04 16:48         ` Daniel Kiper
2018-07-05  8:35           ` Jan Beulich
2018-07-06 14:46             ` Daniel Kiper
2018-07-06 15:16               ` Jan Beulich
2018-07-10 11:35                 ` Daniel Kiper
2018-07-10 14:05                   ` Jan Beulich
2018-07-11 11:57                     ` Daniel Kiper
     [not found]                       ` <5B45F0CD0200007F03CB4495@prv1-mh.provo.novell.com>
2018-07-11 12:33                         ` Jan Beulich
2018-07-12 10:57                           ` Daniel Kiper

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1529418946-30114-8-git-send-email-daniel.kiper@oracle.com \
    --to=daniel.kiper@oracle.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=george.dunlap@eu.citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jbeulich@suse.com \
    --cc=julien.grall@arm.com \
    --cc=sstabellini@kernel.org \
    --cc=tamas.k.lengyel@gmail.com \
    --cc=tim@xen.org \
    --cc=wei.liu2@citrix.com \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).