Xen project Mailing List

Re: [PATCH v4 3/3] arm/efi: load dom0 modules from DT using UEFI

To: Luca Fancellu <luca.fancellu@xxxxxxx>

Date: Fri, 1 Oct 2021 16:24:12 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=i6DXaUMdkvaSJhGgZy3nnIavS2SZ7o5MouOVK78/7VM=; b=GS7ygT4CkPj3GTz731FHsQyyxs1SzUIYqd1HSEhhKwgf0AkMYCCrzhbp56w7zGx2lpRPKqxXlCc3hevUFf+/kuiFsfKHLZRgcRTwPIKcxXOi6mYdXk3WXA+XtGN8hkI6RzVXOGNFUGzdluUY18oJBfopRq0F8PFukO4aLDzX85n/lMOExqRPl/ZefG5e95DD+yOsV6pvMIWNs9H7GJ3HLRntP8W4tFW1GBeTAMbvc9OSj9d/sc8o7JEY6ZWXE8XLUj+xVT+2FNg7i1XsB2s03Mtydr3YLIEm/doRPPakHzymCfmGISbeK1t9BhvxOnl+KONtg/RweEG3E2T1ZcFrQw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Rj8K8KfdNl9olEgPnIxJHmeXSdNCduqItLkemPqYAOf6M8wuILtoVxX0f6Ft3IpKXcUL6g8OBmib6P3e4cGJu7C5uAMGuUAtQvTnC6+/SWJUCqOgHXjmC7Fwpva1Gf1cZj/KxXaDc0dFeDgKjnWgg2ktzMKVVNBM+Oxxh2S8RfelRq2suInW4suAcmnusne8pgIEpBR6sV+LETcOzMJ/Iz/2wL/cNp4SUzdlh3zxR2JTquPlc09uK3A/B02RuodgMzZMhJhS6l2jnkegwwaVbFO45u6qiey+8rZY/M+FRW5P7L8csPjQpRfwrX/JMDrDorXwN9wPWnNCoXy4DtM9Wg==

Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=suse.com;

Cc: Bertrand Marquis <bertrand.marquis@xxxxxxx>, wei.chen@xxxxxxx, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Fri, 01 Oct 2021 14:24:19 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 01.10.2021 16:08, Luca Fancellu wrote: > > >> On 1 Oct 2021, at 12:16, Jan Beulich <jbeulich@xxxxxxxx> wrote: >> >> On 30.09.2021 16:28, Luca Fancellu wrote: >>> Add support to load Dom0 boot modules from >>> the device tree using the xen,uefi-binary property. >>> >>> Update documentation about that. >>> >>> Signed-off-by: Luca Fancellu <luca.fancellu@xxxxxxx> >> >> Acked-by: Jan Beulich <jbeulich@xxxxxxxx> >> despite ... >> >>> @@ -1385,6 +1380,17 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE >>> *SystemTable) >>> if ( !dt_modules_found && !kernel.addr ) >>> blexit(L"No Dom0 kernel image specified."); >>> >>> + /* >>> + * The Dom0 kernel can be loaded from the configuration file or by the >>> + * device tree through the efi_arch_check_dt_boot function, in this >>> stage >>> + * verify it. >>> + */ >>> + if ( kernel.addr && >> >> ... me still being a little unhappy with the inconsistent use of the >> union fields so close together: This one is now consistent with the >> one visible further up in context, but ... >> >>> + !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL,> + >>> (void **)&shim_lock)) && >>> + (status = shim_lock->Verify(kernel.ptr, kernel.size)) != >>> EFI_SUCCESS ) >> >> ... is now inconsistent with this use. But yeah - read_file() is >> even worse in that sense, except that there the different uses are >> for specific reasons, while here the only requirement is to satisfy >> shim_lock->Verify(). >> >> Please feel free to retain my ack in case you decide to use .ptr in >> all three places. > > Hi Jan, > > Sure I will do the modification you suggested, I will fix also my silly > mistake that > Stefano pointed out. > > Just to be sure, I explain what I will do: > > In the second patch I will change: > > if ( !dt_modules_found && !kernel.addr ) > > To > > if ( !dt_modules_found && !kernel.ptr ) > > > And in this patch I will use: > > if ( kernel.ptr && > !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL, > (void **)&shim_lock)) && > (status = shim_lock->Verify(kernel.ptr, kernel.size)) != EFI_SUCCESS > ) > PrintErrMesg(L"Dom0 kernel image could not be verified", status); > > Do you agree on them? Yes and ... > Can I retain your ack to this patch doing these changes? ... as previously said, yes. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.