[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()

To: "Daniel Kiper" <daniel.kiper@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Mon, 14 May 2018 04:43:13 -0600
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 14 May 2018 10:43:22 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 08.05.18 at 15:09, <daniel.kiper@xxxxxxxxxx> wrote:
> On Fri, May 04, 2018 at 09:46:33AM -0600, Jan Beulich wrote:
>> >>> On 08.07.17 at 23:53, <daniel.kiper@xxxxxxxxxx> wrote:
>> > --- a/xen/arch/x86/boot/head.S
>> > +++ b/xen/arch/x86/boot/head.S
>> > @@ -383,9 +383,13 @@ __efi64_mb2_start:
>> >          jmp     x86_32_switch
>> >
>> >  .Lefi_multiboot2_proto:
>> > -        /* Zero EFI SystemTable and EFI ImageHandle addresses. */
>> > +        /*
>> > +         * Zero EFI SystemTable, EFI ImageHandle and
>> > +         * dom0 kernel module struct addresses.
>> > +         */
>> >          xor     %esi,%esi
>> >          xor     %edi,%edi
>> > +        xor     %r14d,%r14d
>> >
>> >          /* Skip Multiboot2 information fixed part. */
>> >          lea     (MB2_fixed_sizeof+MULTIBOOT2_TAG_ALIGN-1)(%rbx),%ecx
>> > @@ -423,6 +427,15 @@ __efi64_mb2_start:
>> >          cmove   MB2_efi64_ih(%rcx),%rdi
>> >          je      .Lefi_mb2_next_tag
>> >
>> > +        /* Get dom0 kernel module struct address from Multiboot2 
>> > information. */
>> > +        cmpl    $MULTIBOOT2_TAG_TYPE_MODULE,MB2_tag_type(%rcx)
>> > +        jne     .Lefi_mb2_end
>> > +
>> > +        test    %r14d,%r14d
>> > +        cmovz   %ecx,%r14d
>> > +        jmp     .Lefi_mb2_next_tag
>> > +
>> > +.Lefi_mb2_end:
>> >          /* Is it the end of Multiboot2 information? */
>> >          cmpl    $MULTIBOOT2_TAG_TYPE_END,MB2_tag_type(%rcx)
>> >          je      .Lrun_bs
>> > @@ -484,9 +497,12 @@ __efi64_mb2_start:
>> >          /* Keep the stack aligned. Do not pop a single item off it. */
>> >          mov     (%rsp),%rdi
>> >
>> > +        mov     %r14d,%edx
>> > +
>> >          /*
>> >           * efi_multiboot2() is called according to System V AMD64 ABI:
>> > -         *   - IN:  %rdi - EFI ImageHandle, %rsi - EFI SystemTable.
>> > +         *   - IN: %rdi - EFI ImageHandle, %rsi - EFI SystemTable,
>> > +         *         %rdx - dom0 kernel module struct address.
>>
>> How come everything further up treats this as a 32-bit quantity only?
> 
> According to the Multiboot2 spec the bootloader is not allowed to
> put the kernel (xen.gz) and the modules above 4 GiB boundary.

Interesting - how would they load a 1Gb initrd on a system with just 1Gb
RAM below 4Gb? Not to speak of a 4Gb initrd ...

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()
  - From: Daniel Kiper

References:
- Re: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()
  - From: Daniel Kiper

Prev by Date: Re: [Xen-devel] [PATCH RFC 2/7] xen/x86: Manually build PE header
Next by Date: [Xen-devel] [PATCH] x86/shutdown: use ACPI reboot method for Dell PowerEdge R540
Previous by thread: Re: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()
Next by thread: Re: [Xen-devel] [PATCH RFC 6/7] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.