From nobody Mon Feb 9 06:00:31 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+96304+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+96304+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1668180447; cv=none; d=zohomail.com; s=zohoarc; b=n7DZ6nwnKdPIe4uhvvj72EYFtyU8JQj5HPmG+6C+UYLJTDMtOeCU4rfjaoUvuO8zyQa2yrq6O8Xs57njxvD933LxZ+YoxKzhvyrHgm/N85400GzKITJRlG0htNqZZXXnZUwhUV0F/pWGnxFGD8Jf0eeFw3KCp/9YtZfCzNuDzjo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1668180447; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ECJnzV9MyRnXxJh7IjyeI4I4UDFiFrd0XoU0KoCLPmY=; b=Oz0sHq8jmDc8gE4waKts8xtmRzVBpUsMypJ63eqNs42DBxFv0C6h/JH+1j1lnRJsPFLosfLGcIKXwfi/xgcoca0eJJ5npX/UCG6ErbOYjUkfrj6y8032EA2RqA9+Y4GJeTlINNsCZ9UOJ840BlUGaVrTtCdDgOAG4KUEosK3tdY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+96304+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1668180447844196.0783166211803; Fri, 11 Nov 2022 07:27:27 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id e3z4YY1788612x651BNG9b0c; Fri, 11 Nov 2022 07:27:26 -0800 X-Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by mx.groups.io with SMTP id smtpd.web09.6694.1668180445341896668 for ; Fri, 11 Nov 2022 07:27:25 -0800 X-SBRS: None X-MesageID: 87190448 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:CrUDUaPQIGCpTjPvrR2fl8FynXyQoLVcMsEvi/4bfWQNrUpz0mBSz TcfDT/XOPeMNjD3KdokbY219U9S6J7Sn4QwTAto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CU6jufQA+KmU4YoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGj9SuvzrRC9H5qyo4mpB5wVmPJingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0vR7B15Xs sYSFGgmNx2mgs7r3JyHaPY506zPLOGzVG8eknRpzDWfBvc6W5HTBa7N4Le03h9p2JoIR6yHI ZNEN3w/N3wsYDUWUrsTIJs4gOevgGi5azBCoUiZjaE2/3LS3Ep6172F3N/9KoPTFJ0JwhbwS mTu/n2jBBECZY2l8XmgyVH9ndHzxin5YddHfFG/3qEz2wDCroAJMzUfT1ex4uW4g0i5UNVFJ mQX9zAooKx081akJvH+RRSorXqspBMQW9NMVeY97WmlyK3O7w+fQGxCTCNadNEgnM4wWTEuk FSOmrvBCTFxvbm9RH6erPGbtzSvITNTLGhqTS0FQBQI5Z/yqYYbjxTTQ9IlG6mw5vX3BDXxz jaivCU4wbIJgqY2O76TpA6dxWj2/96QE1Bztl6/sn+ZAh1RdoKjWJXv01Lntd0ZIaOcYgSdk kQmhJ3LhAwRNq2lmCuISeQLObim4feZLTHR6WJS84kdGyeFoCD6I90JiN1qDAIwa5tfJ2e1C KPGkVkJjKK/KkdGekOej2iZL80xhZbtGt3+Phw/RoofO8MhHONrEcwHWKJx44wPuBJy+U3cE c3BGSpJMZr9IfUP8dZOb71BuYLHPwhnrY4TLLiip/hd7ZKQZWSOVZAOO0aUY+Yy4cus+VuLo 48HapDSkUUECIUShxU7FqZKczg3wYUTX8iq+6S7iMbfSuaZJI3RI6CImu5wE2CUt69Uiv3J7 hmAtrxwkTLCaLyuAVviV02Pn5u/B8oh9ihqYHBE0JTB8yFLXLtDJZw3L/MfFYTLPsQ5pRKoZ 5Hpo/m9P8k= IronPort-HdrOrdr: A9a23:nqbeaaE1xT3xJudVpLqE7seALOsnbusQ8zAXP0AYc3Nom6uj5q eTdZUgpGbJYVkqOU3I9ersBEDEewK/yXcX2/h0AV7BZmnbUQKTRekIh7cKgQeQfhEWntQts5 uIGJIRNDSfNzRHZL7BkWqFL+o= X-IronPort-AV: E=Sophos;i="5.96,156,1665460800"; d="scan'208";a="87190448" From: "Anthony PERARD via groups.io" To: CC: Jiewen Yao , Julien Grall , Jordan Justen , Ard Biesheuvel , Gerd Hoffmann , Anthony PERARD Subject: [edk2-devel] [PATCH 1/3] OvmfPkg: Introduce runtime XenHypercallLib Date: Fri, 11 Nov 2022 15:27:12 +0000 Message-ID: <20221111152714.61331-2-anthony.perard@citrix.com> In-Reply-To: <20221111152714.61331-1-anthony.perard@citrix.com> References: <20221111152714.61331-1-anthony.perard@citrix.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,anthony.perard@citrix.com X-Gm-Message-State: AtKTlpM3CetIW2xT9K2L4CHVx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1668180446; bh=ECJnzV9MyRnXxJh7IjyeI4I4UDFiFrd0XoU0KoCLPmY=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=QhClhqIVMOAW5jqkfrzBjzv7PMUArv3DVq8sar8Cdp7oewMjKbU5Ja2Y0T6NP0oIyr6 paiPEhfpHU4PfaYaHnRLZI3q5DjF804dyLznUesElx4SPW+EvCLDHW7qZnx0Y3P1BVLKK RAPsx0YClS3w5toSccPZQl3ZllKyp7Mm0S0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1668180448973100003 Content-Type: text/plain; charset="utf-8" From: Anthony PERARD We need a way to execute instruction "generated" at runtime from the runtime library. This patch introduce XenHypercallRuntimeLib, which is mostly a copy of XenHypercallLib with a few changes. We reserved some code space with "XenHypercallPage", which we will overwrite to put the xen hypercall code. Then we ask Xen to overwrite the reserved space with the hypercall page via `wrmsr`. Allocation doesn't work, because the memory allocated at run time is always considered to be data instead of code, so once Linux takes over, we can't execute from it. Signed-off-by: Anthony PERARD --- Notes: I've been told that we don't need to ask Xen on how to make hypercall on x86, and that was just an helper to not have to figure out which instruction to use. That would mean that instead of doing write_msr, we would need a way to distinguish between AMD and Intel in order to find out which instruction to use. So if this patch is too weird, that another way to have hypercall in a runtime service. OvmfPkg/OvmfXen.dsc | 1 + .../XenHypercallRuntimeLib.inf | 46 ++++ .../XenHypercallLib/X86RuntimeXenHypercall.c | 210 ++++++++++++++++++ .../X64/RuntimeHypercallPage.nasm | 24 ++ 4 files changed, 281 insertions(+) create mode 100644 OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.= inf create mode 100644 OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c create mode 100644 OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPag= e.nasm diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 58a7c97cddf7..8df173a0ee84 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -312,6 +312,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf + XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.i= nf =20 [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf diff --git a/OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf b/O= vmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf new file mode 100644 index 000000000000..07fdeb612760 --- /dev/null +++ b/OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf @@ -0,0 +1,46 @@ +## @file +# Xen Hypercall abstraction lib for Intel for runtime services +# +# Copyright (c) 2014, Linaro Ltd. All rights reserved.
+# Copyright (c) 2022, Citrix Systems, Inc. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D XenHypercallRuntimeLib + FILE_GUID =3D f657a395-1d2c-40b5-bd34-eedc203899ab + MODULE_TYPE =3D DXE_RUNTIME_DRIVER + VERSION_STRING =3D 1.0 + CONSTRUCTOR =3D XenHypercallRuntimeLibConstruct + +[Defines.IA32, Defines.X64] + LIBRARY_CLASS =3D XenHypercallLib|DXE_RUNTIME_DRIVER + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D X64 +# + +[Sources.X64] + X86RuntimeXenHypercall.c + X64/hypercall.nasm + X64/RuntimeHypercallPage.nasm + +[Sources] + XenHypercall.c + +[Packages] + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + DebugLib + UefiRuntimeLib + +[Guids.X64] + gEfiEventVirtualAddressChangeGuid # ALWAYS_CONSUMED diff --git a/OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c b/Ovm= fPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c new file mode 100644 index 000000000000..d1c097e00f3a --- /dev/null +++ b/OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c @@ -0,0 +1,210 @@ +/** @file + Xen Hypercall Library implementation for Intel architecture + + Copyright (c) 2014, Linaro Ltd. All rights reserved.
+ Copyright (c) 2022, Citrix Systems, Inc. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include +#include +#include + +STATIC VOID *mHyperPage; + +// +// Pointer to reserved page for Xen's hypercall page. +// +extern VOID *XenHypercallPage; + +// +// Virtual Address Change Event +// +// This is needed for runtime variable access. +// +EFI_EVENT mXenHypercallLibAddrChangeEvent =3D NULL; + +RETURN_STATUS +EFIAPI +XenHypercallRuntimeLibConstruct ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + XenHypercallLibInit (); + + // + // We don't fail library construction, since that has catastrophic + // consequences for client modules (whereas those modules may easily be + // running on a non-Xen platform). Instead, XenHypercallIsAvailable() + // will return FALSE. + // + return RETURN_SUCCESS; +} + +/** + Check if the Xen Hypercall library is able to make calls to the Xen + hypervisor. + + Client code should call further functions in this library only if, and a= fter, + this function returns TRUE. + + @retval TRUE Hypercalls are available. + @retval FALSE Hypercalls are not available. +**/ +BOOLEAN +EFIAPI +XenHypercallIsAvailable ( + VOID + ) +{ + return mHyperPage !=3D NULL; +} + +// +// Interface exposed by the ASM implementation of the core hypercall +// +INTN +EFIAPI +__XenHypercall2 ( + IN VOID *HypercallAddr, + IN OUT INTN Arg1, + IN OUT INTN Arg2 + ); + +/** + Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE. + + This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS= _CHANGE event. + It converts pointer to new virtual address. + + @param Event Event whose notification function is being invoked. + @param Context Pointer to the notification function's context. + +**/ +STATIC +VOID +EFIAPI +XenHypercallLibAddrChangeEvent ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + + Status =3D EfiConvertFunctionPointer (0, &mHyperPage); + ASSERT_EFI_ERROR (Status); +} + +STATIC +UINT32 +XenCpuidLeaf ( + VOID + ) +{ + UINT8 Signature[13]; + UINT32 XenLeaf; + + Signature[12] =3D '\0'; + for (XenLeaf =3D 0x40000000; XenLeaf < 0x40010000; XenLeaf +=3D 0x100) { + AsmCpuid ( + XenLeaf, + NULL, + (UINT32 *)&Signature[0], + (UINT32 *)&Signature[4], + (UINT32 *)&Signature[8] + ); + + if (!AsciiStrCmp ((CHAR8 *)Signature, "XenVMMXenVMM")) { + return XenLeaf; + } + } + + return 0; +} + +/** + Library constructor: populate hypercall page. +**/ +RETURN_STATUS +EFIAPI +XenHypercallLibInit ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 TransferReg; + UINT32 TransferPages; + UINT32 XenLeaf; + + XenLeaf =3D XenCpuidLeaf (); + + if (XenLeaf =3D=3D 0) { + return RETURN_UNSUPPORTED; + } + + AsmCpuid (XenLeaf + 2, &TransferPages, &TransferReg, NULL, NULL); + + // + // Only populate the first page of the hypercall even if there's more + // than one, that is even if TransferPages > 1. + // We don't use hypercall id > 127. + // + AsmWriteMsr64 (TransferReg, (UINTN)&XenHypercallPage); + + mHyperPage =3D &XenHypercallPage; + + // + // Register for the virtual address change event + // + Status =3D gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + XenHypercallLibAddrChangeEvent, + NULL, + &gEfiEventVirtualAddressChangeGuid, + &mXenHypercallLibAddrChangeEvent + ); + ASSERT_EFI_ERROR (Status); + + return RETURN_SUCCESS; +} + +/** + This function will put the two arguments in the right place (registers) = and + invoke the hypercall identified by HypercallID. + + @param HypercallID The symbolic ID of the hypercall to be invoked + @param Arg1 First argument. + @param Arg2 Second argument. + + @return Return 0 if success otherwise it return an errno. +**/ +INTN +EFIAPI +XenHypercall2 ( + IN UINTN HypercallID, + IN OUT INTN Arg1, + IN OUT INTN Arg2 + ) +{ + ASSERT (mHyperPage !=3D NULL); + // + // Hypercall must not use code beyong the first hypercall page. + // Only the first page is populated by XenHypercallLibInit () + // + ASSERT (HypercallID < EFI_PAGE_SIZE / 32); + if (HypercallID >=3D EFI_PAGE_SIZE / 32) { + return -38; // -ENOSYS + } + + return __XenHypercall2 ((UINT8 *)mHyperPage + HypercallID * 32, Arg1, Ar= g2); +} diff --git a/OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm = b/OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm new file mode 100644 index 000000000000..f0897c51b31c --- /dev/null +++ b/OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm @@ -0,0 +1,24 @@ +;; @file +; Provide one page of code space to be overwritten at boot and to be used= by +; runtime drivers to make Xen hypercall on x86. +; +; Copyright (c) 2022, Citrix Systems, Inc. +; +; SPDX-License-Identifier: BSD-2-Clause-Patent +;; + +DEFAULT REL +SECTION .text + +; +; Align at page boundary as we need a pointer on a page without offset. +; +ALIGN EFI_PAGE_SIZE + +; +; reserve some .text space to put-in Xen's hypercall instructions in at ru= ntime. +; Poisoned with `ret` +; +global ASM_PFX(XenHypercallPage) +ASM_PFX(XenHypercallPage): + times EFI_PAGE_SIZE ret --=20 Anthony PERARD -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96304): https://edk2.groups.io/g/devel/message/96304 Mute This Topic: https://groups.io/mt/94960818/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-