From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: Julien Grall <julien.grall@linaro.org>, xen-devel@lists.xenproject.org
Cc: stefano.stabellini@citrix.com, tim@xen.org, ian.campbell@citrix.com
Subject: Re: [RFC 13/14] xen/xsm: Add support for device tree
Date: Thu, 13 Mar 2014 10:47:07 -0400 [thread overview]
Message-ID: <5321C4EB.1070309@tycho.nsa.gov> (raw)
In-Reply-To: <1394640969-25583-14-git-send-email-julien.grall@linaro.org>
On 03/12/2014 12:16 PM, Julien Grall wrote:
> This patch adds a new module "xen,xsm-blob" to allow the user to load the XSM
> policy when Xen is booting.
>
> Signed-off-by: Julien Grall <julien.grall@linaro.org>
> Cc: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> ---
> docs/misc/arm/device-tree/booting.txt | 1 +
> xen/common/device_tree.c | 2 ++
> xen/include/xen/device_tree.h | 3 ++-
> xen/include/xsm/xsm.h | 12 +++++++++++
> xen/xsm/xsm_core.c | 37 +++++++++++++++++++++++++++++++++
> xen/xsm/xsm_policy.c | 37 +++++++++++++++++++++++++++++++++
> 6 files changed, 91 insertions(+), 1 deletion(-)
>
> diff --git a/docs/misc/arm/device-tree/booting.txt b/docs/misc/arm/device-tree/booting.txt
> index 07fde27..85988fb 100644
> --- a/docs/misc/arm/device-tree/booting.txt
> +++ b/docs/misc/arm/device-tree/booting.txt
> @@ -16,6 +16,7 @@ Each node contains the following properties:
>
> - "linux-zimage" -- the dom0 kernel
> - "linux-initrd" -- the dom0 ramdisk
> + - "xsm-blob" -- XSM policy blob
>
> - reg
>
> diff --git a/xen/common/device_tree.c b/xen/common/device_tree.c
> index 55716a8..91146fb 100644
> --- a/xen/common/device_tree.c
> +++ b/xen/common/device_tree.c
> @@ -354,6 +354,8 @@ static void __init process_multiboot_node(const void *fdt, int node,
> nr = MOD_KERNEL;
> else if ( fdt_node_check_compatible(fdt, node, "xen,linux-initrd") == 0)
> nr = MOD_INITRD;
> + else if ( fdt_node_check_compatible(fdt, node, "xen,xsm-blob") == 0 )
> + nr = MOD_XSM;
> else
> early_panic("%s not a known xen multiboot type\n", name);
>
> diff --git a/xen/include/xen/device_tree.h b/xen/include/xen/device_tree.h
> index 9a8c3de..76faf11 100644
> --- a/xen/include/xen/device_tree.h
> +++ b/xen/include/xen/device_tree.h
> @@ -24,7 +24,8 @@
> #define MOD_FDT 1
> #define MOD_KERNEL 2
> #define MOD_INITRD 3
> -#define NR_MODULES 4
> +#define MOD_XSM 4
> +#define NR_MODULES 5
>
> #define MOD_DISCARD_FIRST MOD_FDT
>
> diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
> index 4863e41..2cd3a3b 100644
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -652,6 +652,11 @@ extern int xsm_multiboot_policy_init(unsigned long *module_map,
> void *(*bootstrap_map)(const module_t *));
> #endif
>
> +#ifdef HAS_DEVICE_TREE
> +extern int xsm_dt_init(void);
> +extern int xsm_dt_policy_init(void);
> +#endif
> +
> extern int register_xsm(struct xsm_operations *ops);
> extern int unregister_xsm(struct xsm_operations *ops);
>
> @@ -671,6 +676,13 @@ static inline int xsm_multiboot_init (unsigned long *module_map,
> }
> #endif
>
> +#ifdef HAS_DEVICE_TREE
> +static inline int xsm_dt_init(void)
> +{
> + return 0;
> +}
> +#endif
> +
> #endif /* XSM_ENABLE */
>
> #endif /* __XSM_H */
> diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c
> index 11a9ca7..755a5dd 100644
> --- a/xen/xsm/xsm_core.c
> +++ b/xen/xsm/xsm_core.c
> @@ -79,6 +79,43 @@ int __init xsm_multiboot_init(unsigned long *module_map,
> }
> #endif
>
> +#ifdef HAS_DEVICE_TREE
> +int __init xsm_dt_init(void)
> +{
> + int ret = 0;
> +
> + printk("XSM Framework v" XSM_FRAMEWORK_VERSION " initialized\n");
> +
> + if ( XSM_MAGIC )
> + {
> + ret = xsm_dt_policy_init();
> + if ( ret )
> + {
> + printk("%s: Error initializing policy (rc = %d).\n",
> + __FUNCTION__, ret);
> + return -EINVAL;
> + }
> + }
> +
> + if ( verify(&dummy_xsm_ops) )
> + {
> + printk("%s could not verify dummy_xsm_ops structure.\n",
> + __FUNCTION__);
> + ret = -EIO;
> + goto err;
> + }
> +
> + xsm_ops = &dummy_xsm_ops;
> + do_xsm_initcalls();
> +
> +err:
> + if ( policy_buffer )
> + xfree(policy_buffer);
> +
> + return ret;
> +}
> +#endif
> +
> int register_xsm(struct xsm_operations *ops)
> {
> if ( verify(ops) )
> diff --git a/xen/xsm/xsm_policy.c b/xen/xsm/xsm_policy.c
> index 3d5f66a..a0dee09 100644
> --- a/xen/xsm/xsm_policy.c
> +++ b/xen/xsm/xsm_policy.c
> @@ -23,6 +23,10 @@
> #include <xen/multiboot.h>
> #endif
> #include <xen/bitops.h>
> +#ifdef HAS_DEVICE_TREE
> +# include <asm/setup.h>
> +# include <xen/device_tree.h>
> +#endif
>
> char *__initdata policy_buffer = NULL;
> u32 __initdata policy_size = 0;
> @@ -69,3 +73,36 @@ int __init xsm_multiboot_policy_init(unsigned long *module_map,
> return rc;
> }
> #endif
> +
> +#ifdef HAS_DEVICE_TREE
> +int __init xsm_dt_policy_init(void)
> +{
> + paddr_t paddr = early_info.modules.module[MOD_XSM].start;
> + paddr_t len = early_info.modules.module[MOD_XSM].size;
> + xsm_magic_t magic;
> +
> + if ( !len )
> + return 0;
> +
> + copy_from_paddr(&magic, paddr, sizeof(magic));
> +
> + if ( magic != XSM_MAGIC )
> + {
> + printk(XENLOG_ERR "xsm: Invalid magic for XSM blob got 0x%x "
> + "expected 0x%x\n", magic, XSM_MAGIC);
> + return -EINVAL;
> + }
> +
> + printk("xsm: Policy len = 0x%"PRIpaddr" start at 0x%"PRIpaddr"\n",
> + len, paddr);
> +
> + policy_buffer = xmalloc_bytes(len);
> + if ( !policy_buffer )
> + return -ENOMEM;
> +
> + copy_from_paddr(policy_buffer, paddr, len);
> + policy_size = len;
> +
> + return 0;
> +}
> +#endif
>
--
Daniel De Graaf
National Security Agency
next prev parent reply other threads:[~2014-03-13 14:47 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-12 16:15 [RFC 00/14] xen/arm: Add support for XSM Julien Grall
2014-03-12 16:15 ` [RFC 01/14] xen/arm: kernel: Don't harcode flash address Julien Grall
2014-03-14 17:10 ` Ian Campbell
2014-03-14 17:44 ` Julien Grall
2014-03-12 16:15 ` [RFC 02/14] xen/arm: Remove the parameter "attrindx" in copy_paddr Julien Grall
2014-03-14 17:14 ` Ian Campbell
2014-03-14 18:02 ` Julien Grall
2014-03-17 10:13 ` Ian Campbell
2014-03-17 11:53 ` Julien Grall
2014-03-17 12:02 ` Ian Campbell
2014-03-12 16:15 ` [RFC 03/14] xen/arm: Correctly define size_t Julien Grall
2014-03-14 17:18 ` Ian Campbell
2014-03-12 16:15 ` [RFC 04/14] xen/arm: next_module: Skip module if the size is 0 Julien Grall
2014-03-14 17:19 ` Ian Campbell
2014-03-12 16:16 ` [RFC 05/14] xen/xsm: xsm functions for PCI passthrough is not x86 specific Julien Grall
2014-03-13 14:25 ` Daniel De Graaf
2014-03-14 17:20 ` Ian Campbell
2014-03-12 16:16 ` [RFC 06/14] xen/xsm: xsm_do_mca is " Julien Grall
2014-03-13 14:26 ` Daniel De Graaf
2014-03-14 17:21 ` Ian Campbell
2014-03-12 16:16 ` [RFC 07/14] xen/xsm: flask: Fix compilation when CONFIG_COMPAT=y Julien Grall
2014-03-13 14:26 ` Daniel De Graaf
2014-03-14 17:23 ` Ian Campbell
2014-03-14 18:08 ` Julien Grall
2014-03-17 7:22 ` Jan Beulich
2014-03-17 10:15 ` Ian Campbell
2014-03-17 11:57 ` Julien Grall
2014-03-12 16:16 ` [RFC 08/14] xen/xsm: flask: Rename variable "bool" in "b" Julien Grall
2014-03-12 16:26 ` Andrew Cooper
2014-03-13 13:17 ` Julien Grall
2014-03-13 13:57 ` Jan Beulich
2014-03-13 14:27 ` Daniel De Graaf
2014-03-14 17:24 ` Ian Campbell
2014-03-12 16:16 ` [RFC 09/14] xen/xsm: flask: MSI is PCI specific Julien Grall
2014-03-13 14:34 ` Daniel De Graaf
2014-03-13 14:40 ` Julien Grall
2014-03-14 17:25 ` Ian Campbell
2014-03-14 18:15 ` Julien Grall
2014-03-17 10:13 ` Ian Campbell
2014-03-17 12:05 ` Julien Grall
2014-03-12 16:16 ` [RFC 10/14] xen/xsm: flask: flask_copying_string is taking a XEN_GUEST_HANDLE as first param Julien Grall
2014-03-13 14:34 ` Daniel De Graaf
2014-03-14 17:26 ` Ian Campbell
2014-03-12 16:16 ` [RFC 11/14] xen/xsm: flask: Add missing header in hooks.c Julien Grall
2014-03-13 14:34 ` Daniel De Graaf
2014-03-14 17:26 ` Ian Campbell
2014-03-12 16:16 ` [RFC 12/14] xen/xsm: Don't use multiboot by default to initialize XSM Julien Grall
2014-03-12 16:52 ` Jan Beulich
2014-03-13 14:36 ` Daniel De Graaf
2014-03-14 17:27 ` Ian Campbell
2014-03-12 16:16 ` [RFC 13/14] xen/xsm: Add support for device tree Julien Grall
2014-03-13 14:47 ` Daniel De Graaf [this message]
2014-03-14 17:34 ` Ian Campbell
2014-03-14 18:24 ` Julien Grall
2014-03-17 10:15 ` Ian Campbell
2014-03-12 16:16 ` [RFC 14/14] xen/arm: Add support for XSM Julien Grall
2014-03-14 17:34 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5321C4EB.1070309@tycho.nsa.gov \
--to=dgdegra@tycho.nsa.gov \
--cc=ian.campbell@citrix.com \
--cc=julien.grall@linaro.org \
--cc=stefano.stabellini@citrix.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).