[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fwupd support under Xen - firmware updates with the UEFI capsule

To: Jan Beulich <jbeulich@xxxxxxxx>, Norbert Kaminski <norbert.kaminski@xxxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Tue, 28 Jul 2020 22:01:33 +0100
Authentication-results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Maciej Pijanowski <maciej.pijanowski@xxxxxxxxx>, piotr.krol@xxxxxxxxx, marmarek@xxxxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 28 Jul 2020 21:02:05 +0000
Ironport-sdr: dOjogrFoiwK0EjOIQEmM6WCIhV55c7wkfHSZGRm/eaHMRWvh0soA2pC+3y3CAg22U0klhsKdMH uQk509QW63fTAAbAmn4XVoiM/bp6nkpeuLceasB1H6nQt1SQWCFw4SSYnCAhxXdgVuqy8J9bcE SJsTdHddQkpn/0W1KlsB2WovVYkaLuy2rycJOOq9GXXyhLiMMGIRdHpeFPOI18EJDuGjkX9VQA CHN5YwjN+yl4T26SknO1gBNeG93X6/7c9hJ0Mrm0+Ey4P/ZmmNrOBs9nu+y++5Y3t+SWt2pzNq dXw=
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 28/07/2020 21:00, Jan Beulich wrote:
> On 28.07.2020 09:41, Norbert Kaminski wrote:
>> I'm trying to add support for the firmware updates with the UEFI
>> capsule in
>> Qubes OS. I've got the troubles with reading ESRT (EFI System
>> Resource Table)
>> in the dom0, which is based on the EFI memory map. The EFI_MEMMAP is not
>> enabled despite the loaded drivers (CONFIG_EFI, CONFIG_EFI_ESRT) and
>> kernel
>> cmdline parameters (add_efi_memmap):
>>
>> ```
>> [    3.451249] efi: EFI_MEMMAP is not enabled.
>> ```
>
> It is, according to my understanding, a layering violation to expose
> the EFI memory map to Dom0. It's not supposed to make use of this
> information in any way. Hence any functionality depending on its use
> also needs to be implemented in the hypervisor, with Dom0 making a
> suitable hypercall to access this functionality. (And I find it
> quite natural to expect that Xen gets involved in an update of the
> firmware of a system.)

ERST is a table (read only by the looks of things) which is a catalogue
of various bits of firmware in the system, including GUIDs for
identification, and version information.

It is the kind of data which the hardware domain should have access to,
and AFAICT, behaves just like a static ACPI table.

Presumably it wants to an E820 reserved region so dom0 gets indent
access, and something in the EFI subsystem needs extending to pass the
ERST address to dom0.

~Andrew

Follow-Ups:
- Re: fwupd support under Xen - firmware updates with the UEFI capsule
  - From: Jan Beulich
- Re: fwupd support under Xen - firmware updates with the UEFI capsule
  - From: Marek Marczykowski-Górecki

References:
- fwupd support under Xen - firmware updates with the UEFI capsule
  - From: Norbert Kaminski
- Re: fwupd support under Xen - firmware updates with the UEFI capsule
  - From: Jan Beulich

Prev by Date: Re: fwupd support under Xen - firmware updates with the UEFI capsule
Next by Date: [linux-linus test] 152246: regressions - FAIL
Previous by thread: Re: fwupd support under Xen - firmware updates with the UEFI capsule
Next by thread: Re: fwupd support under Xen - firmware updates with the UEFI capsule
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.