From: Brijesh Singh <brijesh.singh@amd.com>
To: <x86@kernel.org>, <linux-kernel@vger.kernel.org>,
<kvm@vger.kernel.org>, <linux-efi@vger.kernel.org>,
<platform-driver-x86@vger.kernel.org>,
<linux-coco@lists.linux.dev>, <linux-mm@kvack.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
Tom Lendacky <thomas.lendacky@amd.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Ard Biesheuvel <ardb@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
Jim Mattson <jmattson@google.com>,
"Andy Lutomirski" <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Sergio Lopez <slp@redhat.com>, Peter Gonda <pgonda@google.com>,
"Peter Zijlstra" <peterz@infradead.org>,
Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>,
David Rientjes <rientjes@google.com>,
Dov Murik <dovmurik@linux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Borislav Petkov <bp@alien8.de>,
Michael Roth <michael.roth@amd.com>,
Vlastimil Babka <vbabka@suse.cz>,
"Kirill A . Shutemov" <kirill@shutemov.name>,
Andi Kleen <ak@linux.intel.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
<tony.luck@intel.com>, <marcorr@google.com>,
<sathyanarayanan.kuppuswamy@linux.intel.com>,
Brijesh Singh <brijesh.singh@amd.com>
Subject: [PATCH v7 29/45] x86/compressed/acpi: move EFI system table lookup to helper
Date: Wed, 10 Nov 2021 16:07:15 -0600 [thread overview]
Message-ID: <20211110220731.2396491-30-brijesh.singh@amd.com> (raw)
In-Reply-To: <20211110220731.2396491-1-brijesh.singh@amd.com>
From: Michael Roth <michael.roth@amd.com>
Future patches for SEV-SNP-validated CPUID will also require early
parsing of the EFI configuration. Incrementally move the related code
into a set of helpers that can be re-used for that purpose.
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
arch/x86/boot/compressed/Makefile | 1 +
arch/x86/boot/compressed/acpi.c | 60 ++++++++++----------------
arch/x86/boot/compressed/efi.c | 71 +++++++++++++++++++++++++++++++
arch/x86/boot/compressed/misc.h | 14 ++++++
4 files changed, 108 insertions(+), 38 deletions(-)
create mode 100644 arch/x86/boot/compressed/efi.c
diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 431bf7f846c3..d364192c2367 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -100,6 +100,7 @@ endif
vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o
vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o
+vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi.o
efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a
$(obj)/vmlinux: $(vmlinux-objs-y) $(efi-obj-y) FORCE
diff --git a/arch/x86/boot/compressed/acpi.c b/arch/x86/boot/compressed/acpi.c
index 8bcbcee54aa1..9e784bd7b2e6 100644
--- a/arch/x86/boot/compressed/acpi.c
+++ b/arch/x86/boot/compressed/acpi.c
@@ -86,8 +86,8 @@ static acpi_physical_address kexec_get_rsdp_addr(void)
{
efi_system_table_64_t *systab;
struct efi_setup_data *esd;
- struct efi_info *ei;
- char *sig;
+ bool efi_64;
+ int ret;
esd = (struct efi_setup_data *)get_kexec_setup_data_addr();
if (!esd)
@@ -98,18 +98,16 @@ static acpi_physical_address kexec_get_rsdp_addr(void)
return 0;
}
- ei = &boot_params->efi_info;
- sig = (char *)&ei->efi_loader_signature;
- if (strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) {
+ /* Get systab from boot params. */
+ ret = efi_get_system_table(boot_params, (unsigned long *)&systab, &efi_64);
+ if (ret)
+ error("EFI system table not found in kexec boot_params.");
+
+ if (!efi_64) {
debug_putstr("Wrong kexec EFI loader signature.\n");
return 0;
}
- /* Get systab from boot params. */
- systab = (efi_system_table_64_t *) (ei->efi_systab | ((__u64)ei->efi_systab_hi << 32));
- if (!systab)
- error("EFI system table not found in kexec boot_params.");
-
return __efi_get_rsdp_addr((unsigned long)esd->tables, systab->nr_tables, true);
}
#else
@@ -119,45 +117,31 @@ static acpi_physical_address kexec_get_rsdp_addr(void) { return 0; }
static acpi_physical_address efi_get_rsdp_addr(void)
{
#ifdef CONFIG_EFI
- unsigned long systab, config_tables;
+ unsigned long systab_tbl_pa, config_tables;
unsigned int nr_tables;
- struct efi_info *ei;
bool efi_64;
- char *sig;
-
- ei = &boot_params->efi_info;
- sig = (char *)&ei->efi_loader_signature;
-
- if (!strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) {
- efi_64 = true;
- } else if (!strncmp(sig, EFI32_LOADER_SIGNATURE, 4)) {
- efi_64 = false;
- } else {
- debug_putstr("Wrong EFI loader signature.\n");
- return 0;
- }
+ int ret;
- /* Get systab from boot params. */
-#ifdef CONFIG_X86_64
- systab = ei->efi_systab | ((__u64)ei->efi_systab_hi << 32);
-#else
- if (ei->efi_systab_hi || ei->efi_memmap_hi) {
- debug_putstr("Error getting RSDP address: EFI system table located above 4GB.\n");
+ /*
+ * This function is called even for non-EFI BIOSes, and callers expect
+ * failure to locate the EFI system table to result in 0 being returned
+ * as indication that EFI is not available, rather than outright
+ * failure/abort.
+ */
+ ret = efi_get_system_table(boot_params, &systab_tbl_pa, &efi_64);
+ if (ret == -EOPNOTSUPP)
return 0;
- }
- systab = ei->efi_systab;
-#endif
- if (!systab)
- error("EFI system table not found.");
+ if (ret)
+ error("EFI support advertised, but unable to locate system table.");
/* Handle EFI bitness properly */
if (efi_64) {
- efi_system_table_64_t *stbl = (efi_system_table_64_t *)systab;
+ efi_system_table_64_t *stbl = (efi_system_table_64_t *)systab_tbl_pa;
config_tables = stbl->tables;
nr_tables = stbl->nr_tables;
} else {
- efi_system_table_32_t *stbl = (efi_system_table_32_t *)systab;
+ efi_system_table_32_t *stbl = (efi_system_table_32_t *)systab_tbl_pa;
config_tables = stbl->tables;
nr_tables = stbl->nr_tables;
diff --git a/arch/x86/boot/compressed/efi.c b/arch/x86/boot/compressed/efi.c
new file mode 100644
index 000000000000..bcf1d5650e26
--- /dev/null
+++ b/arch/x86/boot/compressed/efi.c
@@ -0,0 +1,71 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Helpers for early access to EFI configuration table
+ *
+ * Copyright (C) 2021 Advanced Micro Devices, Inc.
+ *
+ * Author: Michael Roth <michael.roth@amd.com>
+ */
+
+#include "misc.h"
+#include <linux/efi.h>
+#include <asm/efi.h>
+
+/**
+ * Given boot_params, retrieve the physical address of EFI system table.
+ *
+ * @boot_params: pointer to boot_params
+ * @sys_tbl_pa: location to store physical address of system table
+ * @is_efi_64: location to store whether using 64-bit EFI or not
+ *
+ * Returns 0 on success. On error, return params are left unchanged.
+ *
+ * Note: Existing callers like ACPI will call this unconditionally even for
+ * non-EFI BIOSes. In such cases, those callers may treat cases where
+ * bootparams doesn't indicate that a valid EFI system table is available as
+ * non-fatal errors to allow fall-through to non-EFI alternatives. This
+ * class of errors are reported as EOPNOTSUPP and should be kept in sync with
+ * callers who check for that specific error.
+ */
+int efi_get_system_table(struct boot_params *boot_params, unsigned long *sys_tbl_pa,
+ bool *is_efi_64)
+{
+ unsigned long sys_tbl;
+ struct efi_info *ei;
+ bool efi_64;
+ char *sig;
+
+ if (!sys_tbl_pa || !is_efi_64)
+ return -EINVAL;
+
+ ei = &boot_params->efi_info;
+ sig = (char *)&ei->efi_loader_signature;
+
+ if (!strncmp(sig, EFI64_LOADER_SIGNATURE, 4)) {
+ efi_64 = true;
+ } else if (!strncmp(sig, EFI32_LOADER_SIGNATURE, 4)) {
+ efi_64 = false;
+ } else {
+ debug_putstr("Wrong EFI loader signature.\n");
+ return -EOPNOTSUPP;
+ }
+
+ /* Get systab from boot params. */
+#ifdef CONFIG_X86_64
+ sys_tbl = ei->efi_systab | ((__u64)ei->efi_systab_hi << 32);
+#else
+ if (ei->efi_systab_hi || ei->efi_memmap_hi) {
+ debug_putstr("Error: EFI system table located above 4GB.\n");
+ return -EOPNOTSUPP;
+ }
+ sys_tbl = ei->efi_systab;
+#endif
+ if (!sys_tbl) {
+ debug_putstr("EFI system table not found.");
+ return -ENOENT;
+ }
+
+ *sys_tbl_pa = sys_tbl;
+ *is_efi_64 = efi_64;
+ return 0;
+}
diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
index 01cc13c12059..165640f64b71 100644
--- a/arch/x86/boot/compressed/misc.h
+++ b/arch/x86/boot/compressed/misc.h
@@ -23,6 +23,7 @@
#include <linux/screen_info.h>
#include <linux/elf.h>
#include <linux/io.h>
+#include <linux/efi.h>
#include <asm/page.h>
#include <asm/boot.h>
#include <asm/bootparam.h>
@@ -176,4 +177,17 @@ void boot_stage2_vc(void);
unsigned long sev_verify_cbit(unsigned long cr3);
+#ifdef CONFIG_EFI
+/* helpers for early EFI config table access */
+int efi_get_system_table(struct boot_params *boot_params,
+ unsigned long *sys_tbl_pa, bool *is_efi_64);
+#else
+static inline int
+efi_get_system_table(struct boot_params *boot_params,
+ unsigned long *sys_tbl_pa, bool *is_efi_64)
+{
+ return -ENOENT;
+}
+#endif /* CONFIG_EFI */
+
#endif /* BOOT_COMPRESSED_MISC_H */
--
2.25.1
next prev parent reply other threads:[~2021-11-10 22:09 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-10 22:06 [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 01/45] x86/compressed/64: detect/setup SEV/SME features earlier in boot Brijesh Singh
2021-11-12 16:52 ` Borislav Petkov
2021-11-12 20:30 ` Michael Roth
2021-11-23 21:55 ` Venu Busireddy
2021-11-10 22:06 ` [PATCH v7 02/45] x86/sev: " Brijesh Singh
2021-11-15 19:12 ` Borislav Petkov
2021-11-15 20:17 ` Michael Roth
2021-11-17 13:11 ` Borislav Petkov
2021-12-06 23:47 ` Venu Busireddy
2021-11-10 22:06 ` [PATCH v7 03/45] x86/mm: Extend cc_attr to include AMD SEV-SNP Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 04/45] x86/sev: Shorten GHCB terminate macro names Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 05/45] x86/sev: Get rid of excessive use of defines Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 06/45] x86/head64: Carve out the guest encryption postprocessing into a helper Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 07/45] x86/sev: Remove do_early_exception() forward declarations Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 08/45] x86/sev: Define the Linux specific guest termination reasons Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 09/45] x86/sev: Save the negotiated GHCB version Brijesh Singh
2021-12-07 12:51 ` Tianyu Lan
2021-12-07 13:17 ` Borislav Petkov
2021-12-07 16:58 ` Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 10/45] x86/sev: Add support for hypervisor feature VMGEXIT Brijesh Singh
2021-12-02 17:52 ` Borislav Petkov
2021-12-06 15:15 ` Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 11/45] x86/sev: Check SEV-SNP features support Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 12/45] x86/sev: Add a helper for the PVALIDATE instruction Brijesh Singh
2021-11-10 22:06 ` [PATCH v7 13/45] x86/sev: Check the vmpl level Brijesh Singh
2021-12-06 18:25 ` Borislav Petkov
2021-11-10 22:07 ` [PATCH v7 14/45] x86/compressed: Add helper for validating pages in the decompression stage Brijesh Singh
2021-12-07 11:48 ` Borislav Petkov
2021-12-07 19:21 ` Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 15/45] x86/compressed: Register GHCB memory when SEV-SNP is active Brijesh Singh
2021-11-15 14:05 ` Jörg Rödel
2021-11-10 22:07 ` [PATCH v7 16/45] x86/sev: " Brijesh Singh
2021-12-08 17:41 ` Borislav Petkov
2021-11-10 22:07 ` [PATCH v7 17/45] x86/sev: Add helper for validating pages in early enc attribute changes Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 18/45] x86/kernel: Make the bss.decrypted section shared in RMP table Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 19/45] x86/kernel: Validate rom memory before accessing when SEV-SNP is active Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 20/45] x86/mm: Add support to validate memory when changing C-bit Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 21/45] KVM: SVM: Define sev_features and vmpl field in the VMSA Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 22/45] KVM: SVM: Create a separate mapping for the SEV-ES save area Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 23/45] KVM: SVM: Create a separate mapping for the GHCB " Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 24/45] KVM: SVM: Update the SEV-ES save area mapping Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 25/45] x86/sev: Use SEV-SNP AP creation to start secondary CPUs Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 26/45] x86/head: re-enable stack protection for 32/64-bit builds Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 27/45] x86/sev: move MSR-based VMGEXITs for CPUID to helper Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 28/45] KVM: x86: move lookup of indexed CPUID leafs " Brijesh Singh
2021-11-10 22:07 ` Brijesh Singh [this message]
2021-11-10 22:07 ` [PATCH v7 30/45] x86/compressed/acpi: move EFI config table lookup " Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 31/45] x86/compressed/acpi: move EFI vendor " Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 32/45] x86/boot: Add Confidential Computing type to setup_data Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 33/45] KVM: SEV: Add documentation for SEV-SNP CPUID Enforcement Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 34/45] x86/compressed/64: add support for SEV-SNP CPUID table in #VC handlers Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 35/45] x86/boot: add a pointer to Confidential Computing blob in bootparams Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 36/45] x86/compressed: add SEV-SNP feature detection/setup Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 37/45] x86/compressed: use firmware-validated CPUID for SEV-SNP guests Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 38/45] x86/compressed/64: add identity mapping for Confidential Computing blob Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 39/45] x86/sev: add SEV-SNP feature detection/setup Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 40/45] x86/sev: use firmware-validated CPUID for SEV-SNP guests Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 41/45] x86/sev: Provide support for SNP guest request NAEs Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 42/45] x86/sev: Register SNP guest request platform device Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 43/45] virt: Add SEV-SNP guest driver Brijesh Singh
2021-11-10 22:27 ` Randy Dunlap
2021-11-11 19:27 ` Brijesh Singh
2021-11-11 22:57 ` Randy Dunlap
2021-11-17 23:34 ` Peter Gonda
2021-11-18 17:08 ` Peter Gonda
2021-11-18 17:32 ` Brijesh Singh
2021-11-19 16:16 ` Peter Gonda
2021-11-20 0:28 ` Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 44/45] virt: sevguest: Add support to derive key Brijesh Singh
2021-11-18 16:43 ` Peter Gonda
2021-11-18 17:43 ` Brijesh Singh
2021-11-10 22:07 ` [PATCH v7 45/45] virt: sevguest: Add support to get extended report Brijesh Singh
2021-11-15 15:56 ` [PATCH v7 00/45] Add AMD Secure Nested Paging (SEV-SNP) Guest Support Venu Busireddy
2021-11-15 16:02 ` Brijesh Singh
2021-11-15 16:37 ` Venu Busireddy
2021-11-15 16:45 ` Brijesh Singh
2021-11-15 16:55 ` Venu Busireddy
2021-11-16 15:45 ` Venu Busireddy
2021-11-16 16:03 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211110220731.2396491-30-brijesh.singh@amd.com \
--to=brijesh.singh@amd.com \
--cc=ak@linux.intel.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=jroedel@suse.de \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=marcorr@google.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pgonda@google.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=rientjes@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=slp@redhat.com \
--cc=srinivas.pandruvada@linux.intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tobin@ibm.com \
--cc=tony.luck@intel.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).