From patchwork Tue Apr 5 13:38:57 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: fu.wei@linaro.org X-Patchwork-Id: 8751791 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 49033C0553 for ; Tue, 5 Apr 2016 13:41:51 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 3D69E2028D for ; Tue, 5 Apr 2016 13:41:50 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 260E120154 for ; Tue, 5 Apr 2016 13:41:49 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1anRCP-0007NJ-Bu; Tue, 05 Apr 2016 13:39:17 +0000 Received: from mail6.bemta6.messagelabs.com ([85.158.143.247]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1anRCN-0007ND-Ao for xen-devel@lists.xensource.com; Tue, 05 Apr 2016 13:39:15 +0000 Received: from [85.158.143.35] by server-3.bemta-6.messagelabs.com id 26/6C-07120-200C3075; Tue, 05 Apr 2016 13:39:14 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrJLMWRWlGSWpSXmKPExsVysWW7jC7jAeZ wg/m7TC3uTXnP7sDosb1vF3sAYxRrZl5SfkUCa8bU/3eZC5ZYVDR/WMTcwLhXp4uRk0NIYDeT xJ2X0l2MXED2cUaJGd9nMoEk2ATEJc50fmUFSYgItDFKPFkxh7mLkYODWSBPYsFyLZAaYQE/i Ufv5zCC2CwCqhI7Lq8Gs3kFHCR2ff/IDGJLCGhLPL8wmR3C7mOUmD6LbQIj1wJGhlWM6sWpRW WpRbqGeklFmekZJbmJmTm6hgZmermpxcWJ6ak5iUnFesn5uZsYgV5kAIIdjDufOx1ilORgUhL l7djOHC7El5SfUpmRWJwRX1Sak1p8iFGGg0NJgjdzP1BOsCg1PbUiLTMHGE4waQkOHiURXi+Q NG9xQWJucWY6ROoUo6KUOK8fSEIAJJFRmgfXBgvhS4yyUsK8jECHCPEUpBblZpagyr9iFOdgV BLmNQOZwpOZVwI3/RXQYiagxfXCTCCLSxIRUlINjJNNd6fMahdSeLA66FqPVY+MhGxl9oXyu6 3/1sme/tO9gOf1/CSG6ydEX+TwB3x+K6//bcfqB0eeGQUsj1OfHW5r7P6GsflFhlBqYnPb2v7 rk99sPyJ8VCvsOLfmm5/lViYnolLMj8TLz93bcofdouQ9828P76zpjLNY9XOel6eU2L46ULgu W4mlOCPRUIu5qDgRAHLFF15cAgAA X-Env-Sender: fu.wei@linaro.org X-Msg-Ref: server-13.tower-21.messagelabs.com!1459863552!7745696!1 X-Originating-IP: [209.132.183.28] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogMjA5LjEzMi4xODMuMjggPT4gNTQwNjQ=\n X-StarScan-Received: X-StarScan-Version: 8.28; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24611 invoked from network); 5 Apr 2016 13:39:13 -0000 Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by server-13.tower-21.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 5 Apr 2016 13:39:13 -0000 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DA2B164457; Tue, 5 Apr 2016 13:39:11 +0000 (UTC) Received: from magi-f22.redhat.com (vpn1-4-12.pek2.redhat.com [10.72.4.12]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u35Dd72S020271; Tue, 5 Apr 2016 09:39:08 -0400 From: fu.wei@linaro.org To: xen-devel@lists.xensource.com, julien.grall@arm.com, sstabellini@kernel.org, dgdegra@tycho.nsa.gov, konrad.wilk@oracle.com Date: Tue, 5 Apr 2016 21:38:57 +0800 Message-Id: <1459863537-8759-1-git-send-email-fu.wei@linaro.org> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 05 Apr 2016 13:39:12 +0000 (UTC) Cc: jcm@redhat.com, Fu Wei , leif.lindholm@linaro.org, linaro-uefi@lists.linaro.org Subject: [Xen-devel] [PATCH v4] xen/arm64: check XSM Magic from the second unknown module. X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Fu Wei This patch adds a has_xsm_magic helper function for detecting XSM from the second unknown module. If Xen can't get the kind of module from compatible, we guess the kind of these unknowns respectively: (1) The first unknown must be kernel. (2) Detect the XSM Magic from the 2nd unknown: a. If it's XSM, set the kind as XSM, and that also means we won't load ramdisk; b. if it's not XSM, set the kind as ramdisk. So if user want to load ramdisk, it must be the 2nd unknown. We also detect the XSM Magic for the following unknowns, then set its kind according to the return value of has_xsm_magic. By this way, arm64 behavior can be compatible to x86 and can simplify multi-arch bootloader such as GRUB. Signed-off-by: Fu Wei --- Changelog: v4: Fix some code style and comments problems. Only check the Magic number. Re-order the code in process_multiboot_node to get the base address first, then the XSM Magic checking function only need to check if the Magic number is valid. Factor the XSM Magic checking code into an helper and re-use it in xsm_dt_policy_init. v3: http://lists.xen.org/archives/html/xen-devel/2016-03/msg03564.html Using memcmp instead of strncmp. Using "return 0;" instead of panic(); Improve some comments. v2: http://lists.xen.org/archives/html/xen-devel/2016-03/msg03543.html Using XEN_MAGIC macro instead of 0xf97cff8c : uint32_t selinux_magic = 0xf97cff8c; --> uint32_t xen_magic = XEN_MAGIC; Comment out the code(return 0 directly), if CONFIG_FLASK is not set. v1: http://lists.xen.org/archives/html/xen-devel/2016-03/msg02430.html The first upstream patch to xen-devel mailing lists. xen/arch/arm/bootfdt.c | 37 +++++++++++++++++++++++++------------ xen/include/xsm/xsm.h | 8 +++++++- xen/xsm/xsm_core.c | 21 +++++++++++++++++++++ xen/xsm/xsm_policy.c | 8 ++------ 4 files changed, 55 insertions(+), 19 deletions(-) diff --git a/xen/arch/arm/bootfdt.c b/xen/arch/arm/bootfdt.c index 8a14015..d130633 100644 --- a/xen/arch/arm/bootfdt.c +++ b/xen/arch/arm/bootfdt.c @@ -14,6 +14,7 @@ #include #include #include +#include #include static bool_t __init device_tree_node_matches(const void *fdt, int node, @@ -175,6 +176,17 @@ static void __init process_multiboot_node(const void *fdt, int node, const char *cmdline; int len; + prop = fdt_get_property(fdt, node, "reg", &len); + if ( !prop ) + panic("node %s missing `reg' property\n", name); + + if ( len < dt_cells_to_size(address_cells + size_cells) ) + panic("fdt: node `%s': `reg` property length is too short\n", + name); + + cell = (const __be32 *)prop->data; + device_tree_get_reg(&cell, address_cells, size_cells, &start, &size); + if ( fdt_node_check_compatible(fdt, node, "xen,linux-zimage") == 0 || fdt_node_check_compatible(fdt, node, "multiboot,kernel") == 0 ) kind = BOOTMOD_KERNEL; @@ -186,7 +198,17 @@ static void __init process_multiboot_node(const void *fdt, int node, else kind = BOOTMOD_UNKNOWN; - /* Guess that first two unknown are kernel and ramdisk respectively. */ + /** + * Guess the kind of these first two unknowns respectively: + * (1) The first unknown must be kernel. + * (2) Detect the XSM Magic from the 2nd unknown: + * a. If it's XSM, set the kind as XSM, and that also means we + * won't load ramdisk; + * b. if it's not XSM, set the kind as ramdisk. + * So if user want to load ramdisk, it must be the 2nd unknown. + * We also detect the XSM Magic for the following unknowns, + * then set its kind according to the return value of has_xsm_magic. + */ if ( kind == BOOTMOD_UNKNOWN ) { switch ( kind_guess++ ) @@ -195,19 +217,10 @@ static void __init process_multiboot_node(const void *fdt, int node, case 1: kind = BOOTMOD_RAMDISK; break; default: break; } + if ( kind_guess > 1 && has_xsm_magic(start) ) + kind = BOOTMOD_XSM; } - prop = fdt_get_property(fdt, node, "reg", &len); - if ( !prop ) - panic("node %s missing `reg' property\n", name); - - if ( len < dt_cells_to_size(address_cells + size_cells) ) - panic("fdt: node `%s': `reg` property length is too short\n", - name); - - cell = (const __be32 *)prop->data; - device_tree_get_reg(&cell, address_cells, size_cells, &start, &size); - prop = fdt_get_property(fdt, node, "bootargs", &len); if ( prop ) { diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 3afed70..803c7ea 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -745,6 +745,7 @@ extern int xsm_multiboot_policy_init(unsigned long *module_map, #ifdef CONFIG_HAS_DEVICE_TREE extern int xsm_dt_init(void); extern int xsm_dt_policy_init(void); +extern bool has_xsm_magic(paddr_t); #endif extern int register_xsm(struct xsm_operations *ops); @@ -771,7 +772,12 @@ static inline int xsm_dt_init(void) { return 0; } -#endif + +static inline bool has_xsm_magic(paddr_t start) +{ + return false; +} +#endif /* CONFIG_HAS_DEVICE_TREE */ #endif /* CONFIG_XSM */ diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c index 5e432de..bdb06c5 100644 --- a/xen/xsm/xsm_core.c +++ b/xen/xsm/xsm_core.c @@ -19,6 +19,8 @@ #ifdef CONFIG_XSM +#include + #define XSM_FRAMEWORK_VERSION "1.0.0" struct xsm_operations *xsm_ops; @@ -109,6 +111,25 @@ int __init xsm_dt_init(void) return ret; } + +/** + * has_xsm_magic - Check XSM Magic of the module header by phy address + * A XSM module has a special header + * ------------------------------------------------ + * uint magic | uint target_len | uchar target[8] | + * 0xf97cff8c | 8 | "XenFlask" | + * ------------------------------------------------ + * 0xf97cff8c is policy magic number (XSM_MAGIC). + * Here we only check the "magic" of the module. + */ +bool __init has_xsm_magic(paddr_t start) +{ + xsm_magic_t magic; + + copy_from_paddr(&magic, start, sizeof(magic) ); + + return ( XSM_MAGIC && magic == XSM_MAGIC ); +} #endif int register_xsm(struct xsm_operations *ops) diff --git a/xen/xsm/xsm_policy.c b/xen/xsm/xsm_policy.c index b60d822..bde8015 100644 --- a/xen/xsm/xsm_policy.c +++ b/xen/xsm/xsm_policy.c @@ -79,7 +79,6 @@ int __init xsm_dt_policy_init(void) { struct bootmodule *mod = boot_module_find_by_kind(BOOTMOD_XSM); paddr_t paddr, len; - xsm_magic_t magic; if ( !mod || !mod->size ) return 0; @@ -87,12 +86,9 @@ int __init xsm_dt_policy_init(void) paddr = mod->start; len = mod->size; - copy_from_paddr(&magic, paddr, sizeof(magic)); - - if ( magic != XSM_MAGIC ) + if ( !has_xsm_magic(paddr) ) { - printk(XENLOG_ERR "xsm: Invalid magic for XSM blob got 0x%x " - "expected 0x%x\n", magic, XSM_MAGIC); + printk(XENLOG_ERR "xsm: Invalid magic for XSM blob\n"); return -EINVAL; }