[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 20/44] x86/boot: convert xsm policy loading to struct boot_module


  • To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jason Andryuk <jason.andryuk@xxxxxxx>
  • Date: Thu, 10 Oct 2024 13:23:51 -0400
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=apertussolutions.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=leP4gX5/SNqQhOp0D9s9bo127bam98/WJ0aUgDJozjY=; b=bdhkQxN1MCdrmkPw3NsTDeFPGc1gHfiX6Vx6GBVJkLhzuXm16vNiBih+y16dO7uuiK+Mvp7AbsuyQB9QRWrOa7dgVLXUfrHPdIKhexz+13UDsIPpNziHV4uJ46EwzOpAQiaqryd+2jFFnlIYUyV9Lnc1qsj0Xx5o8i6oA9dXCZ3n25fpggUvtej+VHyZrkW5yaM074qtN5BYNGbbJ8tqcKP/tp9FeQug/KMiBCRluwwvZ2j6eJEh323tehnuCnVhFma29QnMHeWUEV9aKaoad7AbGeLpZ3rP7kulx0froJnX+NFv/TS3PjN6QlIsDtJHAnWrmadfzRsvztl8d8kaNA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CX1/Uu8k/GQXcNbk3kFbsBCmw1R/iiPjhMBP6Krd8C6XYeQsAZCly5rbVBGauaKG2JYUnDNL/0v8Jso9cDjg4rVgY1AwqX+46iqrTPgC3prjoqKJIyaCEBnDX4dVaa3j5jw3ZiSfImAAL7YELSITCrjPoVUN9f272Wh9e+Ki0ixLT2k+rfOMVpqhlJlLCWLJt9A60AoloUrWzWP/iTisYa1NK714FpEfOa+/kvfe4uKru1jR/t3gjBZP+1OCLX2By895u1Zm8P7f6ji3X+Pa7HLN6Q7sRoNoGFoWNeVQkWIyzrJI+X35cqtf8cLafUnlfzUg4SeA/BchqageM4s+Zw==
  • Cc: <christopher.w.clark@xxxxxxxxx>, <stefano.stabellini@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Thu, 10 Oct 2024 17:24:16 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 2024-10-09 13:21, Daniel P. Smith wrote:
On 10/8/24 12:13, Jason Andryuk wrote:
On 2024-10-06 17:49, Daniel P. Smith wrote:
Iterate through the unclaimed struct boot_module to see if any are an XSM FLASK
policy. If one is located, mark it as an xsm policy.

Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>

@@ -161,6 +162,14 @@ int __init xsm_multiboot_init(
      }
      ret = xsm_core_init(policy_buffer, policy_size);
+    if ( ret == 0 )
+    {
+        int idx = first_boot_module_index(bi, BOOTMOD_XSM_POLICY);
+
+        /* If the policy was loaded from a boot module, mark it consumed */
+        if ( idx >= 0 )
+            bi->mods[idx].flags |= BOOTMOD_FLAG_X86_CONSUMED;
Maybe xsm_multiboot_policy_init() should return the idx used instead of having a second search?  (Also, xsm_multiboot_policy_init() can't fail?)

I was debating on whether to make similar changes because the existing logic just seems sub-optimal. Currently I am looking to just write an independent XSM patch that looks at both this function and the device tree version of the function. Specifically, looking to use the IS_ENABLED() macro instead of #ifdef to reduce code, provide better code coverage, and to refine the logic.

Ok.

+    }
      bootstrap_map(NULL);
      return 0;

The other changes look okay.

R-b then?

Reviewed-by: Jason Andryuk <jason.andryuk@xxxxxxx>

Regards,
Jason



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.