[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 2/2] Support ESRT in Xen dom0

To: Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx>, Peter Jones <pjones@xxxxxxxxxx>
From: Ard Biesheuvel <ardb@xxxxxxxxxx>
Date: Fri, 30 Sep 2022 21:11:19 +0200
Cc: Juergen Gross <jgross@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Anton Vorontsov <anton@xxxxxxxxxx>, Colin Cross <ccross@xxxxxxxxxxx>, Tony Luck <tony.luck@xxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-efi@xxxxxxxxxxxxxxx
Delivery-date: Fri, 30 Sep 2022 19:11:43 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, 30 Sept 2022 at 20:21, Demi Marie Obenour
<demi@xxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Fri, Sep 30, 2022 at 06:36:11PM +0200, Ard Biesheuvel wrote:
> > On Fri, 30 Sept 2022 at 01:02, Demi Marie Obenour
> > <demi@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> > >
> > > fwupd requires access to the EFI System Resource Table (ESRT) to
> > > discover which firmware can be updated by the OS.  Currently, Linux does
> > > not expose the ESRT when running as a Xen dom0.  Therefore, it is not
> > > possible to use fwupd in a Xen dom0, which is a serious problem for e.g.
> > > Qubes OS.
> > >
> > > Before Xen 4.17, this was not fixable due to hypervisor limitations.
> > > The UEFI specification requires the ESRT to be in EfiBootServicesData
> > > memory, which Xen will use for whatever purposes it likes.  Therefore,
> > > Linux cannot safely access the ESRT, as Xen may have overwritten it.
> > >
> > > Starting with Xen 4.17, Xen checks if the ESRT is in EfiBootServicesData
> > > or EfiRuntimeServicesData memory.  If the ESRT is in EfiBootServicesData
> > > memory, Xen replaces the ESRT with a copy in memory that it has
> > > reserved.  Such memory is currently of type EFI_RUNTIME_SERVICES_DATA,
> > > but in the future it will be of type EFI_ACPI_RECLAIM_MEMORY.  This
> > > ensures that the ESRT can safely be accessed by the OS.
> > >
> > > When running as a Xen dom0, use the new
> > > xen_config_table_memory_region_max() function to determine if Xen has
> > > reserved the ESRT and, if so, find the end of the memory region
> > > containing it.  This allows programs such as fwupd which require the
> > > ESRT to run under Xen, and so makes fwupd support in Qubes OS possible.
> > >
> > > Signed-off-by: Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx>
> >
> > Why do we need this patch? I'd expect esrt_table_exists() to return
> > false when patch 1/2 is applied.
>
> efi_enabled(EFI_MEMMAP) is false under Xen, so there needs to be an
> alternative way to get the end of the memory region containing the ESRT.
> That is what this patch provides.

OK. I don't think we need that to be honest. When running under Xen,
we should be able to assume that the ESRT does not span multiple
memory regions arbitrarily, so we can just omit this check if
!efi_enabled(EFI_MEMMAP)

IIRC (and Peter would know), we are trying to filter out descriptors
that are completely bogus here: zero lenght, zero address, etc etc. I
don't think we need that for Xen.

Follow-Ups:
- Re: [PATCH v4 2/2] Support ESRT in Xen dom0
  - From: Demi Marie Obenour

References:
- [PATCH v4 0/2] EFI improvements for Xen dom0
  - From: Demi Marie Obenour
- [PATCH v4 2/2] Support ESRT in Xen dom0
  - From: Demi Marie Obenour
- Re: [PATCH v4 2/2] Support ESRT in Xen dom0
  - From: Ard Biesheuvel
- Re: [PATCH v4 2/2] Support ESRT in Xen dom0
  - From: Demi Marie Obenour

Prev by Date: Re: [PATCH v4 1/2] Avoid using EFI tables Xen may have clobbered
Next by Date: Re: [PATCH v4 2/2] Support ESRT in Xen dom0
Previous by thread: Re: [PATCH v4 2/2] Support ESRT in Xen dom0
Next by thread: Re: [PATCH v4 2/2] Support ESRT in Xen dom0
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.