[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [RFC 13/14] xen/xsm: Add support for device tree
On 03/12/2014 12:16 PM, Julien Grall wrote: This patch adds a new module "xen,xsm-blob" to allow the user to load the XSM policy when Xen is booting. Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx> Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> --- docs/misc/arm/device-tree/booting.txt | 1 + xen/common/device_tree.c | 2 ++ xen/include/xen/device_tree.h | 3 ++- xen/include/xsm/xsm.h | 12 +++++++++++ xen/xsm/xsm_core.c | 37 +++++++++++++++++++++++++++++++++ xen/xsm/xsm_policy.c | 37 +++++++++++++++++++++++++++++++++ 6 files changed, 91 insertions(+), 1 deletion(-) diff --git a/docs/misc/arm/device-tree/booting.txt b/docs/misc/arm/device-tree/booting.txt index 07fde27..85988fb 100644 --- a/docs/misc/arm/device-tree/booting.txt +++ b/docs/misc/arm/device-tree/booting.txt @@ -16,6 +16,7 @@ Each node contains the following properties: - "linux-zimage" -- the dom0 kernel - "linux-initrd" -- the dom0 ramdisk + - "xsm-blob" -- XSM policy blob - reg diff --git a/xen/common/device_tree.c b/xen/common/device_tree.c index 55716a8..91146fb 100644 --- a/xen/common/device_tree.c +++ b/xen/common/device_tree.c @@ -354,6 +354,8 @@ static void __init process_multiboot_node(const void *fdt, int node, nr = MOD_KERNEL; else if ( fdt_node_check_compatible(fdt, node, "xen,linux-initrd") == 0) nr = MOD_INITRD; + else if ( fdt_node_check_compatible(fdt, node, "xen,xsm-blob") == 0 ) + nr = MOD_XSM; else early_panic("%s not a known xen multiboot type\n", name); diff --git a/xen/include/xen/device_tree.h b/xen/include/xen/device_tree.h index 9a8c3de..76faf11 100644 --- a/xen/include/xen/device_tree.h +++ b/xen/include/xen/device_tree.h @@ -24,7 +24,8 @@ #define MOD_FDT 1 #define MOD_KERNEL 2 #define MOD_INITRD 3 -#define NR_MODULES 4 +#define MOD_XSM 4 +#define NR_MODULES 5 #define MOD_DISCARD_FIRST MOD_FDT diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 4863e41..2cd3a3b 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -652,6 +652,11 @@ extern int xsm_multiboot_policy_init(unsigned long *module_map, void *(*bootstrap_map)(const module_t *)); #endif +#ifdef HAS_DEVICE_TREE +extern int xsm_dt_init(void); +extern int xsm_dt_policy_init(void); +#endif + extern int register_xsm(struct xsm_operations *ops); extern int unregister_xsm(struct xsm_operations *ops); @@ -671,6 +676,13 @@ static inline int xsm_multiboot_init (unsigned long *module_map, } #endif +#ifdef HAS_DEVICE_TREE +static inline int xsm_dt_init(void) +{ + return 0; +} +#endif + #endif /* XSM_ENABLE */ #endif /* __XSM_H */ diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c index 11a9ca7..755a5dd 100644 --- a/xen/xsm/xsm_core.c +++ b/xen/xsm/xsm_core.c @@ -79,6 +79,43 @@ int __init xsm_multiboot_init(unsigned long *module_map, } #endif +#ifdef HAS_DEVICE_TREE +int __init xsm_dt_init(void) +{ + int ret = 0; + + printk("XSM Framework v" XSM_FRAMEWORK_VERSION " initialized\n"); + + if ( XSM_MAGIC ) + { + ret = xsm_dt_policy_init(); + if ( ret ) + { + printk("%s: Error initializing policy (rc = %d).\n", + __FUNCTION__, ret); + return -EINVAL; + } + } + + if ( verify(&dummy_xsm_ops) ) + { + printk("%s could not verify dummy_xsm_ops structure.\n", + __FUNCTION__); + ret = -EIO; + goto err; + } + + xsm_ops = &dummy_xsm_ops; + do_xsm_initcalls(); + +err: + if ( policy_buffer ) + xfree(policy_buffer); + + return ret; +} +#endif + int register_xsm(struct xsm_operations *ops) { if ( verify(ops) ) diff --git a/xen/xsm/xsm_policy.c b/xen/xsm/xsm_policy.c index 3d5f66a..a0dee09 100644 --- a/xen/xsm/xsm_policy.c +++ b/xen/xsm/xsm_policy.c @@ -23,6 +23,10 @@ #include <xen/multiboot.h> #endif #include <xen/bitops.h> +#ifdef HAS_DEVICE_TREE +# include <asm/setup.h> +# include <xen/device_tree.h> +#endif char *__initdata policy_buffer = NULL; u32 __initdata policy_size = 0; @@ -69,3 +73,36 @@ int __init xsm_multiboot_policy_init(unsigned long *module_map, return rc; } #endif + +#ifdef HAS_DEVICE_TREE +int __init xsm_dt_policy_init(void) +{ + paddr_t paddr = early_info.modules.module[MOD_XSM].start; + paddr_t len = early_info.modules.module[MOD_XSM].size; + xsm_magic_t magic; + + if ( !len ) + return 0; + + copy_from_paddr(&magic, paddr, sizeof(magic)); + + if ( magic != XSM_MAGIC ) + { + printk(XENLOG_ERR "xsm: Invalid magic for XSM blob got 0x%x " + "expected 0x%x\n", magic, XSM_MAGIC); + return -EINVAL; + } + + printk("xsm: Policy len = 0x%"PRIpaddr" start at 0x%"PRIpaddr"\n", + len, paddr); + + policy_buffer = xmalloc_bytes(len); + if ( !policy_buffer ) + return -ENOMEM; + + copy_from_paddr(policy_buffer, paddr, len); + policy_size = len; + + return 0; +} +#endif -- Daniel De Graaf National Security Agency _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |