From nobody Fri Mar 29 15:31:05 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=arm.com Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1633939413963816.0185121333212; Mon, 11 Oct 2021 01:03:33 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.205415.360709 (Exim 4.92) (envelope-from ) id 1mZqHG-0007az-UR; Mon, 11 Oct 2021 08:03:18 +0000 Received: by outflank-mailman (output) from mailman id 205415.360709; Mon, 11 Oct 2021 08:03:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mZqHG-0007as-RT; Mon, 11 Oct 2021 08:03:18 +0000 Received: by outflank-mailman (input) for mailman id 205415; Mon, 11 Oct 2021 08:03:17 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mZqHF-0007Zo-2A for xen-devel@lists.xenproject.org; Mon, 11 Oct 2021 08:03:17 +0000 Received: from foss.arm.com (unknown [217.140.110.172]) by us1-rack-iad1.inumbo.com (Halon) with ESMTP id eb55e371-b339-45e3-a53b-531ce92b187f; Mon, 11 Oct 2021 08:03:14 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D619C11FB; Mon, 11 Oct 2021 01:03:13 -0700 (PDT) Received: from e125770.cambridge.arm.com (e125770.cambridge.arm.com [10.1.195.16]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 366E43F66F; Mon, 11 Oct 2021 01:03:12 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: eb55e371-b339-45e3-a53b-531ce92b187f From: Luca Fancellu To: xen-devel@lists.xenproject.org Cc: bertrand.marquis@arm.com, wei.chen@arm.com, Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu Subject: [PATCH v5 1/2] arm/efi: Use dom0less configuration when using EFI boot Date: Mon, 11 Oct 2021 09:03:01 +0100 Message-Id: <20211011080302.24203-2-luca.fancellu@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211011080302.24203-1-luca.fancellu@arm.com> References: <20211011080302.24203-1-luca.fancellu@arm.com> X-ZM-MESSAGEID: 1633939414927100002 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This patch introduces the support for dom0less configuration when using UEFI boot on ARM, it permits the EFI boot to continue if no dom0 kernel is specified but at least one domU is found. Introduce the new property "xen,uefi-binary" for device tree boot module nodes that are subnode of "xen,domain" compatible nodes. The property holds a string containing the file name of the binary that shall be loaded by the uefi loader from the filesystem. Introduce a new call efi_check_dt_boot(...) called during EFI boot that checks for module to be loaded using device tree. Architectures that don't support device tree don't have to provide this function. Update efi documentation about how to start a dom0less setup using UEFI Signed-off-by: Luca Fancellu Reviewed-by: Bertrand Marquis Reviewed-by: Stefano Stabellini Acked-by: Jan Beulich --- Changes in v5: - Removed unneeded variable initialization - Fixed comment - Fixed error message for the absence of an initial domain kernel - changed efi_arch_check_dt_boot to efi_check_dt_boot and add a stub if CONFIG_HAS_DEVICE_TREE is not declared, updated commit message about the call introduction in the EFI boot flow. Changes in v4: - update uefi,cfg-load to xen,uefi-cfg-load in documentation - fixed comments and code style - changed variable name from dt_module_found to dt_modules_found in boot.c - removed stub efi_arch_check_dt_boot from x86 code because the architecture does not support DT, protected call with #ifdef in the common code. - add comment to explain the result from efi_arch_check_dt_boot just looking the common code - Add space before comment in boot.c - renamed uefi,binary property to xen,uefi-binary Changes in v3: - fixed documentation - fixed name len in strlcpy - fixed some style issues - closed filesystem handle before calling blexit - passed runtime errors up to the stack instead of calling blexit - renamed names and function to make them more general in prevision to load also Dom0 kernel and ramdisk from DT Changes in v2: - remove array of struct file - fixed some int types - Made the code use filesystem even when configuration file is skipped. - add documentation of uefi,binary in booting.txt - add documentation on how to boot all configuration for Xen using UEFI in efi.pandoc --- docs/misc/arm/device-tree/booting.txt | 21 ++ docs/misc/efi.pandoc | 203 +++++++++++++++++ xen/arch/arm/efi/efi-boot.h | 305 +++++++++++++++++++++++++- xen/common/efi/boot.c | 39 +++- 4 files changed, 556 insertions(+), 12 deletions(-) diff --git a/docs/misc/arm/device-tree/booting.txt b/docs/misc/arm/device-t= ree/booting.txt index 352b0ec43a..7258e7e1ec 100644 --- a/docs/misc/arm/device-tree/booting.txt +++ b/docs/misc/arm/device-tree/booting.txt @@ -190,6 +190,13 @@ The kernel sub-node has the following properties: =20 Command line parameters for the guest kernel. =20 +- xen,uefi-binary (UEFI boot only) + + String property that specifies the file name to be loaded by the UEFI = boot + for this module. If this is specified, there is no need to specify the= reg + property because it will be created by the UEFI stub on boot. + This option is needed only when UEFI boot is used. + The ramdisk sub-node has the following properties: =20 - compatible @@ -201,6 +208,13 @@ The ramdisk sub-node has the following properties: Specifies the physical address of the ramdisk in RAM and its length. =20 +- xen,uefi-binary (UEFI boot only) + + String property that specifies the file name to be loaded by the UEFI = boot + for this module. If this is specified, there is no need to specify the= reg + property because it will be created by the UEFI stub on boot. + This option is needed only when UEFI boot is used. + =20 Example =3D=3D=3D=3D=3D=3D=3D @@ -265,6 +279,13 @@ The dtb sub-node should have the following properties: Specifies the physical address of the device tree binary fragment RAM and its length. =20 +- xen,uefi-binary (UEFI boot only) + + String property that specifies the file name to be loaded by the UEFI = boot + for this module. If this is specified, there is no need to specify the= reg + property because it will be created by the UEFI stub on boot. + This option is needed only when UEFI boot is used. + As an example: =20 module@0xc000000 { diff --git a/docs/misc/efi.pandoc b/docs/misc/efi.pandoc index ed85351541..876cd55005 100644 --- a/docs/misc/efi.pandoc +++ b/docs/misc/efi.pandoc @@ -167,3 +167,206 @@ sbsign \ --output xen.signed.efi \ xen.unified.efi ``` + +## UEFI boot and dom0less on ARM + +Dom0less feature is supported by ARM and it is possible to use it when Xen= is +started as an EFI application. +The way to specify the domU domains is by Device Tree as specified in the +[dom0less](dom0less.html) documentation page under the "Device Tree +configuration" section, but instead of declaring the reg property in the b= oot +module, the user must specify the "xen,uefi-binary" property containing th= e name +of the binary file that has to be loaded in memory. +The UEFI stub will load the binary in memory and it will add the reg prope= rty +accordingly. + +An example here: + +domU1 { + #address-cells =3D <1>; + #size-cells =3D <1>; + compatible =3D "xen,domain"; + memory =3D <0 0x20000>; + cpus =3D <1>; + vpl011; + + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "vmlinuz-3.0.31-0.4-xen"; + bootargs =3D "console=3DttyAMA0"; + }; + module@2 { + compatible =3D "multiboot,ramdisk", "multiboot,module"; + xen,uefi-binary =3D "initrd-3.0.31-0.4-xen"; + }; + module@3 { + compatible =3D "multiboot,ramdisk", "multiboot,module"; + xen,uefi-binary =3D "passthrough.dtb"; + }; +}; + +## How to boot different Xen setup using UEFI + +These are the different ways to boot a Xen system from UEFI: + + - Boot Xen and Dom0 (minimum required) + - Boot Xen and DomU(s) (true dom0less, only on ARM) + - Boot Xen, Dom0 and DomU(s) (only on ARM) + +### Boot Xen and Dom0 + +This configuration can be started using the Xen configuration file in the +example above. + +### Boot Xen and DomU(s) + +This configuration needs the domU domain(s) specified in the /chosen node, +examples of how to do that are provided by the documentation about dom0less +and the example above shows how to use the "xen,uefi-binary" property to u= se the +UEFI stub for module loading. +When adding DomU modules to device tree, also add the property +xen,uefi-cfg-load under chosen for Xen to load the Xen config file. +Otherwise, Xen will skip the config file and rely on device tree alone. + +Example 1 of how to boot a true dom0less configuration: + +Xen configuration file: skipped. + +Device tree: + +``` +chosen { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + xen,xen-bootargs =3D "" + + domU1 { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + compatible =3D "xen,domain"; + cpus =3D <0x1>; + memory =3D <0x0 0xc0000>; + vpl011; + + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "Image-domu1.bin"; + bootargs =3D "console=3DttyAMA0 root=3D/dev/ram0 rw"; + }; + }; + domU2 { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + compatible =3D "xen,domain"; + cpus =3D <0x1>; + memory =3D <0x0 0x100000>; + vpl011; + + module@2 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "Image-domu2.bin"; + bootargs =3D "console=3DttyAMA0 root=3D/dev/ram0 rw"; + }; + }; +}; +``` + +Example 2 of how to boot a true dom0less configuration: + +Xen configuration file: + +``` +[global] +default=3Dxen + +[xen] +options=3D +dtb=3D +``` + +Device tree: + +``` +chosen { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + xen,uefi-cfg-load; + + domU1 { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + compatible =3D "xen,domain"; + cpus =3D <0x1>; + memory =3D <0x0 0xc0000>; + vpl011; + + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "Image-domu1.bin"; + bootargs =3D "console=3DttyAMA0 root=3D/dev/ram0 rw"; + }; + }; + domU2 { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + compatible =3D "xen,domain"; + cpus =3D <0x1>; + memory =3D <0x0 0x100000>; + vpl011; + + module@2 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "Image-domu2.bin"; + bootargs =3D "console=3DttyAMA0 root=3D/dev/ram0 rw"; + }; + }; +}; +``` + +### Boot Xen, Dom0 and DomU(s) + +This configuration is a mix of the two configuration above, to boot this o= ne +the configuration file must be processed so the /chosen node must have the +"xen,uefi-cfg-load" property. + +Here an example: + +Xen configuration file: + +``` +[global] +default=3Dxen + +[xen] +options=3D +kernel=3Dvmlinuz-3.0.31-0.4-xen [domain 0 command line options] +ramdisk=3Dinitrd-3.0.31-0.4-xen +dtb=3D +``` + +Device tree: + +``` +chosen { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + xen,uefi-cfg-load; + + domU1 { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + compatible =3D "xen,domain"; + cpus =3D <0x1>; + memory =3D <0x0 0xc0000>; + vpl011; + + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "Image-domu1.bin"; + bootargs =3D "console=3DttyAMA0 root=3D/dev/ram0 rw"; + }; + }; +}; +``` + + diff --git a/xen/arch/arm/efi/efi-boot.h b/xen/arch/arm/efi/efi-boot.h index a3e46453d4..9c1d400fa6 100644 --- a/xen/arch/arm/efi/efi-boot.h +++ b/xen/arch/arm/efi/efi-boot.h @@ -8,9 +8,49 @@ #include #include =20 +typedef struct { + char *name; + unsigned int name_len; + EFI_PHYSICAL_ADDRESS addr; + UINTN size; +} module_name; + +/* + * Binaries will be translated into bootmodules, the maximum number for th= em is + * MAX_MODULES where we should remove a unit for Xen and one for Xen DTB + */ +#define MAX_UEFI_MODULES (MAX_MODULES - 2) +static struct file __initdata module_binary; +static module_name __initdata modules[MAX_UEFI_MODULES]; +static unsigned int __initdata modules_available =3D MAX_UEFI_MODULES; +static unsigned int __initdata modules_idx; + +#define ERROR_BINARY_FILE_NOT_FOUND (-1) +#define ERROR_ALLOC_MODULE_NO_SPACE (-1) +#define ERROR_ALLOC_MODULE_NAME (-2) +#define ERROR_MISSING_DT_PROPERTY (-3) +#define ERROR_RENAME_MODULE_NAME (-4) +#define ERROR_SET_REG_PROPERTY (-5) +#define ERROR_DT_MODULE_DOMU (-1) +#define ERROR_DT_CHOSEN_NODE (-2) + void noreturn efi_xen_start(void *fdt_ptr, uint32_t fdt_size); void __flush_dcache_area(const void *vaddr, unsigned long size); =20 +static int get_module_file_index(const char *name, unsigned int name_len); +static void PrintMessage(const CHAR16 *s); +static int allocate_module_file(EFI_FILE_HANDLE dir_handle, + const char *name, + unsigned int name_len); +static int handle_module_node(EFI_FILE_HANDLE dir_handle, + int module_node_offset, + int reg_addr_cells, + int reg_size_cells); +static bool is_boot_module(int dt_module_offset); +static int handle_dom0less_domain_node(EFI_FILE_HANDLE dir_handle, + int domain_node); +static int efi_check_dt_boot(EFI_FILE_HANDLE dir_handle); + #define DEVICE_TREE_GUID \ {0xb1b621d5, 0xf19c, 0x41a5, {0x83, 0x0b, 0xd9, 0x15, 0x2c, 0x69, 0xaa, 0x= e0}} =20 @@ -552,8 +592,260 @@ static void __init efi_arch_handle_module(const struc= t file *file, kernel.size) < 0 ) blexit(L"Unable to set reg property."); } - else + else if ( file !=3D &module_binary ) + /* + * If file is not a dom0 module file and it's not a domU module, + * stop here. + */ blexit(L"Unknown module type"); + + /* + * modules_available is decremented here because for each dom0 file ad= ded + * from the configuration file, there will be an additional bootmodule, + * so the number of available slots will be decremented because there = is a + * maximum amount of bootmodules that can be loaded. + */ + modules_available--; +} + +/* + * This function checks for a binary previously loaded with a give name, it + * returns the index of the file in the modules array or a negative number= if no + * file with that name is found. + */ +static int __init get_module_file_index(const char *name, + unsigned int name_len) +{ + unsigned int i; + int ret =3D ERROR_BINARY_FILE_NOT_FOUND; + + for ( i =3D 0; i < modules_idx; i++ ) + { + module_name *mod =3D &modules[i]; + if ( (mod->name_len =3D=3D name_len) && + (strncmp(mod->name, name, name_len) =3D=3D 0) ) + { + ret =3D i; + break; + } + } + return ret; +} + +static void __init PrintMessage(const CHAR16 *s) +{ + PrintStr(s); + PrintStr(newline); +} + +/* + * This function allocates a binary and keeps track of its name, it return= s the + * index of the file in the modules array or a negative number on error. + */ +static int __init allocate_module_file(EFI_FILE_HANDLE dir_handle, + const char *name, + unsigned int name_len) +{ + module_name *file_name; + union string module_name; + int ret; + + /* + * Check if there is any space left for a module, the variable + * modules_available is updated each time we use read_file(...) + * successfully. + */ + if ( !modules_available ) + { + PrintMessage(L"No space left for modules"); + return ERROR_ALLOC_MODULE_NO_SPACE; + } + + module_name.cs =3D name; + ret =3D modules_idx; + + /* Save at this index the name of this binary */ + file_name =3D &modules[ret]; + + if ( efi_bs->AllocatePool(EfiLoaderData, (name_len + 1) * sizeof(char), + (void**)&file_name->name) !=3D EFI_SUCCESS ) + { + PrintMessage(L"Error allocating memory for module binary name"); + return ERROR_ALLOC_MODULE_NAME; + } + + /* Save name and length of the binary in the data structure */ + strlcpy(file_name->name, name, name_len + 1); + file_name->name_len =3D name_len; + + /* Load the binary in memory */ + read_file(dir_handle, s2w(&module_name), &module_binary, NULL); + + /* Save address and size */ + file_name->addr =3D module_binary.addr; + file_name->size =3D module_binary.size; + + /* s2w(...) allocates some memory, free it */ + efi_bs->FreePool(module_name.w); + + modules_idx++; + + return ret; +} + +/* + * This function checks for the presence of the xen,uefi-binary property i= n the + * module, if found it loads the binary as module and sets the right addre= ss + * for the reg property into the module DT node. + */ +static int __init handle_module_node(EFI_FILE_HANDLE dir_handle, + int module_node_offset, + int reg_addr_cells, + int reg_size_cells) +{ + const void *uefi_name_prop; + char mod_string[24]; /* Placeholder for module@ + a 64-bit number + \0= */ + int uefi_name_len, file_idx; + module_name *file; + + /* Read xen,uefi-binary property to get the file name. */ + uefi_name_prop =3D fdt_getprop(fdt, module_node_offset, "xen,uefi-bina= ry", + &uefi_name_len); + + if ( !uefi_name_prop ) + /* Property not found */ + return 0; + + file_idx =3D get_module_file_index(uefi_name_prop, uefi_name_len); + if ( file_idx < 0 ) + { + file_idx =3D allocate_module_file(dir_handle, uefi_name_prop, + uefi_name_len); + if ( file_idx < 0 ) + return file_idx; + } + + file =3D &modules[file_idx]; + + snprintf(mod_string, sizeof(mod_string), "module@%"PRIx64, file->addr); + + /* Rename the module to be module@{address} */ + if ( fdt_set_name(fdt, module_node_offset, mod_string) < 0 ) + { + PrintMessage(L"Unable to modify module node name."); + return ERROR_RENAME_MODULE_NAME; + } + + if ( fdt_set_reg(fdt, module_node_offset, reg_addr_cells, reg_size_cel= ls, + file->addr, file->size) < 0 ) + { + PrintMessage(L"Unable to set module reg property."); + return ERROR_SET_REG_PROPERTY; + } + + return 0; +} + +static bool __init is_boot_module(int dt_module_offset) +{ + if ( (fdt_node_check_compatible(fdt, dt_module_offset, + "multiboot,kernel") =3D=3D 0) || + (fdt_node_check_compatible(fdt, dt_module_offset, + "multiboot,ramdisk") =3D=3D 0) || + (fdt_node_check_compatible(fdt, dt_module_offset, + "multiboot,device-tree") =3D=3D 0) ) + return true; + + return false; +} + +/* + * This function checks for boot modules under the domU guest domain node + * in the DT. + * Returns 0 on success, negative number on error. + */ +static int __init handle_dom0less_domain_node(EFI_FILE_HANDLE dir_handle, + int domain_node) +{ + int module_node, addr_cells, size_cells, len; + const struct fdt_property *prop; + + /* Get #address-cells and #size-cells from domain node */ + prop =3D fdt_get_property(fdt, domain_node, "#address-cells", &len); + if ( !prop ) + { + PrintMessage(L"#address-cells not found in domain node."); + return ERROR_MISSING_DT_PROPERTY; + } + + addr_cells =3D fdt32_to_cpu(*((uint32_t *)prop->data)); + + prop =3D fdt_get_property(fdt, domain_node, "#size-cells", &len); + if ( !prop ) + { + PrintMessage(L"#size-cells not found in domain node."); + return ERROR_MISSING_DT_PROPERTY; + } + + size_cells =3D fdt32_to_cpu(*((uint32_t *)prop->data)); + + /* + * Check for nodes compatible with multiboot,{kernel,ramdisk,device-tr= ee} + * inside this node + */ + for ( module_node =3D fdt_first_subnode(fdt, domain_node); + module_node > 0; + module_node =3D fdt_next_subnode(fdt, module_node) ) + if ( is_boot_module(module_node) ) + { + int ret =3D handle_module_node(dir_handle, module_node, addr_c= ells, + size_cells); + if ( ret < 0 ) + return ret; + } + + return 0; +} + +/* + * This function checks for xen domain nodes under the /chosen node for po= ssible + * domU guests to be loaded. + * Returns the number of modules loaded or a negative number for error. + */ +static int __init efi_check_dt_boot(EFI_FILE_HANDLE dir_handle) +{ + int chosen, node, addr_len, size_len; + unsigned int i =3D 0; + + /* Check for the chosen node in the current DTB */ + chosen =3D setup_chosen_node(fdt, &addr_len, &size_len); + if ( chosen < 0 ) + { + PrintMessage(L"Unable to setup chosen node"); + return ERROR_DT_CHOSEN_NODE; + } + + /* Check for nodes compatible with xen,domain under the chosen node */ + for ( node =3D fdt_first_subnode(fdt, chosen); + node > 0; + node =3D fdt_next_subnode(fdt, node) ) + { + if ( !fdt_node_check_compatible(fdt, node, "xen,domain") ) + { + /* Found a node with compatible xen,domain; handle this node. = */ + if ( handle_dom0less_domain_node(dir_handle, node) < 0 ) + return ERROR_DT_MODULE_DOMU; + } + } + + /* Free boot modules file names if any */ + for ( ; i < modules_idx; i++ ) + { + /* Free boot modules binary names */ + efi_bs->FreePool(modules[i].name); + } + + return modules_idx; } =20 static void __init efi_arch_cpu(void) @@ -562,8 +854,19 @@ static void __init efi_arch_cpu(void) =20 static void __init efi_arch_blexit(void) { + unsigned int i =3D 0; + if ( dtbfile.need_to_free ) efi_bs->FreePages(dtbfile.addr, PFN_UP(dtbfile.size)); + /* Free boot modules file names if any */ + for ( ; i < modules_idx; i++ ) + { + /* Free boot modules binary names */ + efi_bs->FreePool(modules[i].name); + /* Free modules binaries */ + efi_bs->FreePages(modules[i].addr, + PFN_UP(modules[i].size)); + } if ( memmap ) efi_bs->FreePool(memmap); } diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c index 758f9d74d2..7879b93f93 100644 --- a/xen/common/efi/boot.c +++ b/xen/common/efi/boot.c @@ -166,6 +166,13 @@ static void __init PrintErr(const CHAR16 *s) StdErr->OutputString(StdErr, (CHAR16 *)s ); } =20 +#ifndef CONFIG_HAS_DEVICE_TREE +static inline int __init efi_check_dt_boot(EFI_FILE_HANDLE dir_handle) +{ + return 0; +} +#endif + /* * Include architecture specific implementation here, which references the * static globals defined above. @@ -1136,6 +1143,8 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *S= ystemTable) bool base_video =3D false; const char *option_str; bool use_cfg_file; + int dt_modules_found; + EFI_FILE_HANDLE dir_handle; =20 __set_bit(EFI_BOOT, &efi_flags); __set_bit(EFI_LOADER, &efi_flags); @@ -1216,9 +1225,11 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *= SystemTable) =20 efi_arch_relocate_image(0); =20 + /* Get the file system interface. */ + dir_handle =3D get_parent_handle(loaded_image, &file_name); + if ( use_cfg_file ) { - EFI_FILE_HANDLE dir_handle; UINTN depth, cols, rows, size; =20 size =3D cols =3D rows =3D depth =3D 0; @@ -1229,9 +1240,6 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *S= ystemTable) =20 gop =3D efi_get_gop(); =20 - /* Get the file system interface. */ - dir_handle =3D get_parent_handle(loaded_image, &file_name); - /* Read and parse the config file. */ if ( read_section(loaded_image, L"config", &cfg, NULL) ) PrintStr(L"Using builtin config file\r\n"); @@ -1285,14 +1293,12 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE = *SystemTable) efi_bs->FreePool(name.w); } =20 - if ( !name.s ) - blexit(L"No Dom0 kernel image specified."); - efi_arch_cfg_file_early(loaded_image, dir_handle, section.s); =20 - option_str =3D split_string(name.s); + option_str =3D name.s ? split_string(name.s) : NULL; =20 - if ( !read_section(loaded_image, L"kernel", &kernel, option_str) ) + if ( !read_section(loaded_image, L"kernel", &kernel, option_str) && + name.s ) { read_file(dir_handle, s2w(&name), &kernel, option_str); efi_bs->FreePool(name.w); @@ -1361,12 +1367,23 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE = *SystemTable) efi_bs->FreePages(cfg.addr, PFN_UP(cfg.size)); cfg.addr =3D 0; =20 - dir_handle->Close(dir_handle); - if ( gop && !base_video ) gop_mode =3D efi_find_gop_mode(gop, cols, rows, depth); } =20 + /* Get the number of boot modules specified on the DT or an error (<0)= */ + dt_modules_found =3D efi_check_dt_boot(dir_handle); + + dir_handle->Close(dir_handle); + + if ( dt_modules_found < 0 ) + /* efi_check_dt_boot throws some error */ + blexit(L"Error processing boot modules on DT."); + + /* Check if at least one of Dom0 or DomU(s) is specified */ + if ( !dt_modules_found && !kernel.ptr ) + blexit(L"No initial domain kernel specified."); + efi_arch_edd(); =20 /* XXX Collect EDID info. */ --=20 2.17.1 From nobody Fri Mar 29 15:31:05 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=arm.com Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1633939417062702.9703993250247; Mon, 11 Oct 2021 01:03:37 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.205416.360720 (Exim 4.92) (envelope-from ) id 1mZqHK-0007uB-CF; Mon, 11 Oct 2021 08:03:22 +0000 Received: by outflank-mailman (output) from mailman id 205416.360720; Mon, 11 Oct 2021 08:03:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mZqHK-0007u0-8w; Mon, 11 Oct 2021 08:03:22 +0000 Received: by outflank-mailman (input) for mailman id 205416; Mon, 11 Oct 2021 08:03:21 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mZqHJ-0007Zo-SI for xen-devel@lists.xenproject.org; Mon, 11 Oct 2021 08:03:21 +0000 Received: from foss.arm.com (unknown [217.140.110.172]) by us1-rack-iad1.inumbo.com (Halon) with ESMTP id 3a2a370b-2c00-4929-ba18-6ff6cb0478ce; Mon, 11 Oct 2021 08:03:15 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8279C1396; Mon, 11 Oct 2021 01:03:15 -0700 (PDT) Received: from e125770.cambridge.arm.com (e125770.cambridge.arm.com [10.1.195.16]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1715A3F66F; Mon, 11 Oct 2021 01:03:13 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 3a2a370b-2c00-4929-ba18-6ff6cb0478ce From: Luca Fancellu To: xen-devel@lists.xenproject.org Cc: bertrand.marquis@arm.com, wei.chen@arm.com, Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu Subject: [PATCH v5 2/2] arm/efi: load dom0 modules from DT using UEFI Date: Mon, 11 Oct 2021 09:03:02 +0100 Message-Id: <20211011080302.24203-3-luca.fancellu@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20211011080302.24203-1-luca.fancellu@arm.com> References: <20211011080302.24203-1-luca.fancellu@arm.com> X-ZM-MESSAGEID: 1633939419092100001 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Add support to load Dom0 boot modules from the device tree using the xen,uefi-binary property. Update documentation about that. Signed-off-by: Luca Fancellu Reviewed-by: Bertrand Marquis Reviewed-by: Stefano Stabellini Acked-by: Jan Beulich --- Changes in v5: - renamed missing uefi,binary string - used kernel.ptr instead of kernel.addr to be consistent to the surrounding code - Changed a comment referring to efi_arch_check_dt_boot that now is efi_check_dt_boot Changes in v4: - Add check to avoid double definition of Dom0 ramdisk from cfg file and DT - Fix if conditions indentation in boot.c - Moved Dom0 kernel verification code after check for presence for Dom0 or DomU(s) - Changed uefi,binary property to xen,uefi-binary Changes in v3: - new patch --- docs/misc/arm/device-tree/booting.txt | 8 ++++ docs/misc/efi.pandoc | 64 +++++++++++++++++++++++++-- xen/arch/arm/efi/efi-boot.h | 47 ++++++++++++++++++-- xen/common/efi/boot.c | 16 ++++--- 4 files changed, 123 insertions(+), 12 deletions(-) diff --git a/docs/misc/arm/device-tree/booting.txt b/docs/misc/arm/device-t= ree/booting.txt index 7258e7e1ec..c6a775f4e8 100644 --- a/docs/misc/arm/device-tree/booting.txt +++ b/docs/misc/arm/device-tree/booting.txt @@ -70,6 +70,14 @@ Each node contains the following properties: priority of this field vs. other mechanisms of specifying the bootargs for the kernel. =20 +- xen,uefi-binary (UEFI boot only) + + String property that specifies the file name to be loaded by the UEFI + boot for this module. If this is specified, there is no need to specify + the reg property because it will be created by the UEFI stub on boot. + This option is needed only when UEFI boot is used, the node needs to be + compatible with multiboot,kernel or multiboot,ramdisk. + Examples =3D=3D=3D=3D=3D=3D=3D=3D =20 diff --git a/docs/misc/efi.pandoc b/docs/misc/efi.pandoc index 876cd55005..4abbb5bb82 100644 --- a/docs/misc/efi.pandoc +++ b/docs/misc/efi.pandoc @@ -167,6 +167,28 @@ sbsign \ --output xen.signed.efi \ xen.unified.efi ``` +## UEFI boot and Dom0 modules on ARM + +When booting using UEFI on ARM, it is possible to specify the Dom0 modules +directly from the device tree without using the Xen configuration file, he= re an +example: + +chosen { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + xen,xen-bootargs =3D "[Xen boot arguments]" + + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "vmlinuz-3.0.31-0.4-xen"; + bootargs =3D "[domain 0 command line options]"; + }; + + module@2 { + compatible =3D "multiboot,ramdisk", "multiboot,module"; + xen,uefi-binary =3D "initrd-3.0.31-0.4-xen"; + }; +} =20 ## UEFI boot and dom0less on ARM =20 @@ -326,10 +348,10 @@ chosen { ### Boot Xen, Dom0 and DomU(s) =20 This configuration is a mix of the two configuration above, to boot this o= ne -the configuration file must be processed so the /chosen node must have the -"xen,uefi-cfg-load" property. +the configuration file can be processed or the Dom0 modules can be read fr= om +the device tree. =20 -Here an example: +Here the first example: =20 Xen configuration file: =20 @@ -369,4 +391,40 @@ chosen { }; ``` =20 +Here the second example: + +Device tree: + +``` +chosen { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + xen,xen-bootargs =3D "[Xen boot arguments]" + + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "vmlinuz-3.0.31-0.4-xen"; + bootargs =3D "[domain 0 command line options]"; + }; + + module@2 { + compatible =3D "multiboot,ramdisk", "multiboot,module"; + xen,uefi-binary =3D "initrd-3.0.31-0.4-xen"; + }; + + domU1 { + #size-cells =3D <0x1>; + #address-cells =3D <0x1>; + compatible =3D "xen,domain"; + cpus =3D <0x1>; + memory =3D <0x0 0xc0000>; + vpl011; =20 + module@1 { + compatible =3D "multiboot,kernel", "multiboot,module"; + xen,uefi-binary =3D "Image-domu1.bin"; + bootargs =3D "console=3DttyAMA0 root=3D/dev/ram0 rw"; + }; + }; +}; +``` diff --git a/xen/arch/arm/efi/efi-boot.h b/xen/arch/arm/efi/efi-boot.h index 9c1d400fa6..7a4ebd4128 100644 --- a/xen/arch/arm/efi/efi-boot.h +++ b/xen/arch/arm/efi/efi-boot.h @@ -31,8 +31,11 @@ static unsigned int __initdata modules_idx; #define ERROR_MISSING_DT_PROPERTY (-3) #define ERROR_RENAME_MODULE_NAME (-4) #define ERROR_SET_REG_PROPERTY (-5) +#define ERROR_DOM0_ALREADY_FOUND (-6) +#define ERROR_DOM0_RAMDISK_FOUND (-7) #define ERROR_DT_MODULE_DOMU (-1) #define ERROR_DT_CHOSEN_NODE (-2) +#define ERROR_DT_MODULE_DOM0 (-3) =20 void noreturn efi_xen_start(void *fdt_ptr, uint32_t fdt_size); void __flush_dcache_area(const void *vaddr, unsigned long size); @@ -45,7 +48,8 @@ static int allocate_module_file(EFI_FILE_HANDLE dir_handl= e, static int handle_module_node(EFI_FILE_HANDLE dir_handle, int module_node_offset, int reg_addr_cells, - int reg_size_cells); + int reg_size_cells, + bool is_domu_module); static bool is_boot_module(int dt_module_offset); static int handle_dom0less_domain_node(EFI_FILE_HANDLE dir_handle, int domain_node); @@ -701,7 +705,8 @@ static int __init allocate_module_file(EFI_FILE_HANDLE = dir_handle, static int __init handle_module_node(EFI_FILE_HANDLE dir_handle, int module_node_offset, int reg_addr_cells, - int reg_size_cells) + int reg_size_cells, + bool is_domu_module) { const void *uefi_name_prop; char mod_string[24]; /* Placeholder for module@ + a 64-bit number + \0= */ @@ -743,6 +748,34 @@ static int __init handle_module_node(EFI_FILE_HANDLE d= ir_handle, return ERROR_SET_REG_PROPERTY; } =20 + if ( !is_domu_module ) + { + if ( (fdt_node_check_compatible(fdt, module_node_offset, + "multiboot,kernel") =3D=3D 0) ) + { + /* + * This is the Dom0 kernel, wire it to the kernel variable beca= use it + * will be verified by the shim lock protocol later in the comm= on + * code. + */ + if ( kernel.addr ) + { + PrintMessage(L"Dom0 kernel already found in cfg file."); + return ERROR_DOM0_ALREADY_FOUND; + } + kernel.need_to_free =3D false; /* Freed using the module array= */ + kernel.addr =3D file->addr; + kernel.size =3D file->size; + } + else if ( ramdisk.addr && + (fdt_node_check_compatible(fdt, module_node_offset, + "multiboot,ramdisk") =3D=3D 0= ) ) + { + PrintMessage(L"Dom0 ramdisk already found in cfg file."); + return ERROR_DOM0_RAMDISK_FOUND; + } + } + return 0; } =20 @@ -799,7 +832,7 @@ static int __init handle_dom0less_domain_node(EFI_FILE_= HANDLE dir_handle, if ( is_boot_module(module_node) ) { int ret =3D handle_module_node(dir_handle, module_node, addr_c= ells, - size_cells); + size_cells, true); if ( ret < 0 ) return ret; } @@ -809,7 +842,7 @@ static int __init handle_dom0less_domain_node(EFI_FILE_= HANDLE dir_handle, =20 /* * This function checks for xen domain nodes under the /chosen node for po= ssible - * domU guests to be loaded. + * dom0 and domU guests to be loaded. * Returns the number of modules loaded or a negative number for error. */ static int __init efi_check_dt_boot(EFI_FILE_HANDLE dir_handle) @@ -836,6 +869,12 @@ static int __init efi_check_dt_boot(EFI_FILE_HANDLE di= r_handle) if ( handle_dom0less_domain_node(dir_handle, node) < 0 ) return ERROR_DT_MODULE_DOMU; } + else if ( is_boot_module(node) ) + { + if ( handle_module_node(dir_handle, node, addr_len, size_len, + false) < 0 ) + return ERROR_DT_MODULE_DOM0; + } } =20 /* Free boot modules file names if any */ diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c index 7879b93f93..531975326f 100644 --- a/xen/common/efi/boot.c +++ b/xen/common/efi/boot.c @@ -1302,11 +1302,6 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *= SystemTable) { read_file(dir_handle, s2w(&name), &kernel, option_str); efi_bs->FreePool(name.w); - - if ( !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL, - (void **)&shim_lock)) && - (status =3D shim_lock->Verify(kernel.ptr, kernel.size)) != =3D EFI_SUCCESS ) - PrintErrMesg(L"Dom0 kernel image could not be verified", s= tatus); } =20 if ( !read_section(loaded_image, L"ramdisk", &ramdisk, NULL) ) @@ -1384,6 +1379,17 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *= SystemTable) if ( !dt_modules_found && !kernel.ptr ) blexit(L"No initial domain kernel specified."); =20 + /* + * The Dom0 kernel can be loaded from the configuration file or by the + * device tree through the efi_check_dt_boot function, in this stage + * verify it. + */ + if ( kernel.ptr && + !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL, + (void **)&shim_lock)) && + (status =3D shim_lock->Verify(kernel.ptr, kernel.size)) !=3D EFI_= SUCCESS ) + PrintErrMesg(L"Dom0 kernel image could not be verified", status); + efi_arch_edd(); =20 /* XXX Collect EDID info. */ --=20 2.17.1