From patchwork Sat Jul  8 21:53:21 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Daniel Kiper <daniel.kiper@oracle.com>
X-Patchwork-Id: 9831549
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	3C866603B5 for <patchwork-xen-devel@patchwork.kernel.org>;
	Sat,  8 Jul 2017 21:56:34 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2ECD227C2D
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Sat,  8 Jul 2017 21:56:34 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 23ACB27F91; Sat,  8 Jul 2017 21:56:34 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id A6C6327E5A
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Sat,  8 Jul 2017 21:56:33 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1dTxfo-0004Ai-Rn; Sat, 08 Jul 2017 21:53:56 +0000
Received: from mail6.bemta6.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <daniel.kiper@oracle.com>) id 1dTxfo-0004Ac-7W
	for xen-devel@lists.xenproject.org; Sat, 08 Jul 2017 21:53:56 +0000
Received: from [85.158.143.35] by server-6.bemta-6.messagelabs.com id
	8E/62-03937-37451695; Sat, 08 Jul 2017 21:53:55 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprFIsWRWlGSWpSXmKPExsUyZ7p8oG5RSGK
	kwfHp6hbft0xmcmD0OPzhCksAYxRrZl5SfkUCa0bbxi6mgsMqFYcnbGBsYDwq3cXIxSEkMIFJ
	om9WIyuE84dRomtPNzuEs4FR4s7DXiaoMkaJR692MHYxcnKwCehIXPzykB3EFhFQkri3ajITi
	M0s4CHx/sssoDgHh7BAisSdxgqQMIuAqsSCRddZQWxeAXeJ5Sc/go2REFCU6H42gQ3E5gRqbW
	j/BWYLAdU8fnqGGaLGUOLzxqXMExj5FjAyrGLUKE4tKkst0jU00EsqykzPKMlNzMwB8sz0clO
	LixPTU3MSk4r1kvNzNzECQ4UBCHYw3lsWcIhRkoNJSZRXrDchUogvKT+lMiOxOCO+qDQntfgQ
	owYHh8DmtasvMEqx5OXnpSpJ8PIEJ0YKCRalpqdWpGXmAIMZplSCg0dJhNfqK9AY3uKCxNziz
	HSI1ClGY447fRu+MHG8mvD/G5MQ2CQpcd7uIKBJAiClGaV5cINgUXaJUVZKmJcR6EwhnoLUot
	zMElT5V4ziHIxKwrytIFN4MvNK4Pa9AjqFCegUtjqwU0oSEVJSDYwi4ctEPmvqXq9d/3PbRF3
	XvWWTt3bwTflRclLceHZYj5K5rZjx+98uGjI3TwZvvi0qtLQvX/rrhqmpK5w4nmXvfbjQ64+T
	xt9/nfHzOzRePTxUtaTWPneOwHXhTi1FLdcVt19zn4kylgjVmzn5ecw2ge2x5wr/8tgs3vh1k
	t7tyvwNZ0/sdV6oxFKckWioxVxUnAgAnBEJN60CAAA=
X-Env-Sender: daniel.kiper@oracle.com
X-Msg-Ref: server-5.tower-21.messagelabs.com!1499550832!64331985!1
X-Originating-IP: [156.151.31.81]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogMTU2LjE1MS4zMS44MSA9PiAyODgzMzk=\n
X-StarScan-Received: 
X-StarScan-Version: 9.4.25; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 4123 invoked from network); 8 Jul 2017 21:53:54 -0000
Received: from userp1040.oracle.com (HELO userp1040.oracle.com)
	(156.151.31.81)
	by server-5.tower-21.messagelabs.com with DHE-RSA-AES256-GCM-SHA384
	encrypted SMTP; 8 Jul 2017 21:53:54 -0000
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74])
	by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with
	ESMTP id v68LrnQl027241
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
	verify=OK); Sat, 8 Jul 2017 21:53:50 GMT
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236])
	by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id
	v68LrnDs015126
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256
	verify=OK); Sat, 8 Jul 2017 21:53:49 GMT
Received: from abhmp0006.oracle.com (abhmp0006.oracle.com [141.146.116.12])
	by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id
	v68LrncS019326; Sat, 8 Jul 2017 21:53:49 GMT
Received: from olila.local.net-space.pl (/10.175.230.11)
	by default (Oracle Beehive Gateway v4.0)
	with ESMTP ; Sat, 08 Jul 2017 14:53:48 -0700
From: Daniel Kiper <daniel.kiper@oracle.com>
To: xen-devel@lists.xenproject.org
Date: Sat,  8 Jul 2017 23:53:21 +0200
Message-Id: <1499550803-25664-7-git-send-email-daniel.kiper@oracle.com>
X-Mailer: git-send-email 1.7.10.4
In-Reply-To: <1499550803-25664-1-git-send-email-daniel.kiper@oracle.com>
References: <1499550803-25664-1-git-send-email-daniel.kiper@oracle.com>
X-Source-IP: userv0022.oracle.com [156.151.31.74]
Cc: andrew.cooper3@citrix.com, jbeulich@suse.com
Subject: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with
	SHIM_LOCK protocol in efi_multiboot2()
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 xen/arch/x86/boot/head.S    |   20 ++++++++++++++++++--
 xen/arch/x86/efi/efi-boot.h |   12 +++++++++++-
 xen/arch/x86/efi/stub.c     |    5 ++++-
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S
index 90db661..65b3358 100644
--- a/xen/arch/x86/boot/head.S
+++ b/xen/arch/x86/boot/head.S
@@ -383,9 +383,13 @@ __efi64_mb2_start:
         jmp     x86_32_switch
 
 .Lefi_multiboot2_proto:
-        /* Zero EFI SystemTable and EFI ImageHandle addresses. */
+        /*
+         * Zero EFI SystemTable, EFI ImageHandle and
+         * dom0 kernel module struct addresses.
+         */
         xor     %esi,%esi
         xor     %edi,%edi
+        xor     %r14d,%r14d
 
         /* Skip Multiboot2 information fixed part. */
         lea     (MB2_fixed_sizeof+MULTIBOOT2_TAG_ALIGN-1)(%rbx),%ecx
@@ -423,6 +427,15 @@ __efi64_mb2_start:
         cmove   MB2_efi64_ih(%rcx),%rdi
         je      .Lefi_mb2_next_tag
 
+        /* Get dom0 kernel module struct address from Multiboot2 information. */
+        cmpl    $MULTIBOOT2_TAG_TYPE_MODULE,MB2_tag_type(%rcx)
+        jne     .Lefi_mb2_end
+
+        test    %r14d,%r14d
+        cmovz   %ecx,%r14d
+        jmp     .Lefi_mb2_next_tag
+
+.Lefi_mb2_end:
         /* Is it the end of Multiboot2 information? */
         cmpl    $MULTIBOOT2_TAG_TYPE_END,MB2_tag_type(%rcx)
         je      .Lrun_bs
@@ -484,9 +497,12 @@ __efi64_mb2_start:
         /* Keep the stack aligned. Do not pop a single item off it. */
         mov     (%rsp),%rdi
 
+        mov     %r14d,%edx
+
         /*
          * efi_multiboot2() is called according to System V AMD64 ABI:
-         *   - IN:  %rdi - EFI ImageHandle, %rsi - EFI SystemTable.
+         *   - IN: %rdi - EFI ImageHandle, %rsi - EFI SystemTable,
+         *         %rdx - dom0 kernel module struct address.
          */
         call    efi_multiboot2
 
diff --git a/xen/arch/x86/efi/efi-boot.h b/xen/arch/x86/efi/efi-boot.h
index bedac5c..6813196 100644
--- a/xen/arch/x86/efi/efi-boot.h
+++ b/xen/arch/x86/efi/efi-boot.h
@@ -3,6 +3,8 @@
  * is intended to be included by common/efi/boot.c _only_, and
  * therefore can define arch specific global variables.
  */
+#include <xen/types.h>
+#include <xen/multiboot2.h>
 #include <xen/vga.h>
 #include <asm/e820.h>
 #include <asm/edd.h>
@@ -47,6 +49,7 @@ extern const struct pe_base_relocs {
 
 static void __init efi_arch_relocate_image(unsigned long delta)
 {
+#if 0
     const struct pe_base_relocs *base_relocs;
 
     for ( base_relocs = __base_relocs_start; base_relocs < __base_relocs_end; )
@@ -95,6 +98,7 @@ static void __init efi_arch_relocate_image(unsigned long delta)
         }
         base_relocs = (const void *)(base_relocs->entries + i + (i & 1));
     }
+#endif
 }
 
 extern const s32 __trampoline_rel_start[], __trampoline_rel_stop[];
@@ -669,7 +673,9 @@ static bool __init efi_arch_use_config_file(EFI_SYSTEM_TABLE *SystemTable)
 
 static void efi_arch_flush_dcache_area(const void *vaddr, UINTN size) { }
 
-void __init efi_multiboot2(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
+void __init efi_multiboot2(EFI_HANDLE ImageHandle,
+                           EFI_SYSTEM_TABLE *SystemTable,
+                           multiboot2_tag_module_t *dom0_kernel)
 {
     EFI_GRAPHICS_OUTPUT_PROTOCOL *gop;
     UINTN cols, gop_mode = ~0, rows;
@@ -687,6 +693,10 @@ void __init efi_multiboot2(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable
 
     gop = efi_get_gop();
 
+    if ( dom0_kernel && dom0_kernel->mod_end > dom0_kernel->mod_start )
+        efi_shim_lock((VOID *)(unsigned long)dom0_kernel->mod_start,
+                      dom0_kernel->mod_end - dom0_kernel->mod_start);
+
     if ( gop )
         gop_mode = efi_find_gop_mode(gop, 0, 0, 0);
 
diff --git a/xen/arch/x86/efi/stub.c b/xen/arch/x86/efi/stub.c
index 0c481e3..d0cba1d 100644
--- a/xen/arch/x86/efi/stub.c
+++ b/xen/arch/x86/efi/stub.c
@@ -1,7 +1,9 @@
+#include <xen/types.h>
 #include <xen/efi.h>
 #include <xen/errno.h>
 #include <xen/init.h>
 #include <xen/lib.h>
+#include <xen/multiboot2.h>
 #include <asm/page.h>
 #include <asm/efibind.h>
 #include <efi/efidef.h>
@@ -18,7 +20,8 @@
  */
 
 void __init noreturn efi_multiboot2(EFI_HANDLE ImageHandle,
-                                    EFI_SYSTEM_TABLE *SystemTable)
+                                    EFI_SYSTEM_TABLE *SystemTable,
+                                    multiboot2_tag_module_t *dom0_kernel)
 {
     static const CHAR16 __initconst err[] =
         L"Xen does not have EFI code build in!\r\nSystem halted!\r\n";