Commit 0935e5f7 authored by Ralf Ramsauer's avatar Ralf Ramsauer Committed by Borislav Petkov

x86/jailhouse: Improve setup data version comparison

Soon, setup_data will contain information on passed-through platform
UARTs. This requires some preparational work for the sanity check of the
header and the check of the version.

Use the following strategy:

  1. Ensure that the header declares at least enough space for the
     version and the compatible_version as it must hold that fields for
     any version. The location and semantics of header+version fields
     will never change.

  2. Copy over data -- as much as as possible. The length is either
     limited by the header length or the length of setup_data.

  3. Things are now in place -- sanity check if the header length
     complies the actual version.

For future versions of the setup_data, only step 3 requires alignment.
Signed-off-by: default avatarRalf Ramsauer <ralf.ramsauer@oth-regensburg.de>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Reviewed-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: jailhouse-dev@googlegroups.com
Cc: Juergen Gross <jgross@suse.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20191010102102.421035-2-ralf.ramsauer@oth-regensburg.de
parent 4fb7d087
...@@ -139,8 +139,11 @@ struct boot_e820_entry { ...@@ -139,8 +139,11 @@ struct boot_e820_entry {
* setup data structure. * setup data structure.
*/ */
struct jailhouse_setup_data { struct jailhouse_setup_data {
struct {
__u16 version; __u16 version;
__u16 compatible_version; __u16 compatible_version;
} __attribute__((packed)) hdr;
struct {
__u16 pm_timer_address; __u16 pm_timer_address;
__u16 num_cpus; __u16 num_cpus;
__u64 pci_mmconfig_base; __u64 pci_mmconfig_base;
...@@ -148,6 +151,7 @@ struct jailhouse_setup_data { ...@@ -148,6 +151,7 @@ struct jailhouse_setup_data {
__u32 apic_khz; __u32 apic_khz;
__u8 standard_ioapic; __u8 standard_ioapic;
__u8 cpu_ids[255]; __u8 cpu_ids[255];
} __attribute__((packed)) v1;
} __attribute__((packed)); } __attribute__((packed));
/* The so-called "zeropage" */ /* The so-called "zeropage" */
......
...@@ -22,6 +22,8 @@ ...@@ -22,6 +22,8 @@
#include <asm/jailhouse_para.h> #include <asm/jailhouse_para.h>
static __initdata struct jailhouse_setup_data setup_data; static __initdata struct jailhouse_setup_data setup_data;
#define SETUP_DATA_V1_LEN (sizeof(setup_data.hdr) + sizeof(setup_data.v1))
static unsigned int precalibrated_tsc_khz; static unsigned int precalibrated_tsc_khz;
static uint32_t jailhouse_cpuid_base(void) static uint32_t jailhouse_cpuid_base(void)
...@@ -45,7 +47,7 @@ static void jailhouse_get_wallclock(struct timespec64 *now) ...@@ -45,7 +47,7 @@ static void jailhouse_get_wallclock(struct timespec64 *now)
static void __init jailhouse_timer_init(void) static void __init jailhouse_timer_init(void)
{ {
lapic_timer_period = setup_data.apic_khz * (1000 / HZ); lapic_timer_period = setup_data.v1.apic_khz * (1000 / HZ);
} }
static unsigned long jailhouse_get_tsc(void) static unsigned long jailhouse_get_tsc(void)
...@@ -88,14 +90,14 @@ static void __init jailhouse_get_smp_config(unsigned int early) ...@@ -88,14 +90,14 @@ static void __init jailhouse_get_smp_config(unsigned int early)
register_lapic_address(0xfee00000); register_lapic_address(0xfee00000);
for (cpu = 0; cpu < setup_data.num_cpus; cpu++) { for (cpu = 0; cpu < setup_data.v1.num_cpus; cpu++) {
generic_processor_info(setup_data.cpu_ids[cpu], generic_processor_info(setup_data.v1.cpu_ids[cpu],
boot_cpu_apic_version); boot_cpu_apic_version);
} }
smp_found_config = 1; smp_found_config = 1;
if (setup_data.standard_ioapic) { if (setup_data.v1.standard_ioapic) {
mp_register_ioapic(0, 0xfec00000, gsi_top, &ioapic_cfg); mp_register_ioapic(0, 0xfec00000, gsi_top, &ioapic_cfg);
/* Register 1:1 mapping for legacy UART IRQs 3 and 4 */ /* Register 1:1 mapping for legacy UART IRQs 3 and 4 */
...@@ -126,9 +128,9 @@ static int __init jailhouse_pci_arch_init(void) ...@@ -126,9 +128,9 @@ static int __init jailhouse_pci_arch_init(void)
pcibios_last_bus = 0xff; pcibios_last_bus = 0xff;
#ifdef CONFIG_PCI_MMCONFIG #ifdef CONFIG_PCI_MMCONFIG
if (setup_data.pci_mmconfig_base) { if (setup_data.v1.pci_mmconfig_base) {
pci_mmconfig_add(0, 0, pcibios_last_bus, pci_mmconfig_add(0, 0, pcibios_last_bus,
setup_data.pci_mmconfig_base); setup_data.v1.pci_mmconfig_base);
pci_mmcfg_arch_init(); pci_mmcfg_arch_init();
} }
#endif #endif
...@@ -139,6 +141,7 @@ static int __init jailhouse_pci_arch_init(void) ...@@ -139,6 +141,7 @@ static int __init jailhouse_pci_arch_init(void)
static void __init jailhouse_init_platform(void) static void __init jailhouse_init_platform(void)
{ {
u64 pa_data = boot_params.hdr.setup_data; u64 pa_data = boot_params.hdr.setup_data;
unsigned long setup_data_len;
struct setup_data header; struct setup_data header;
void *mapping; void *mapping;
...@@ -163,16 +166,8 @@ static void __init jailhouse_init_platform(void) ...@@ -163,16 +166,8 @@ static void __init jailhouse_init_platform(void)
memcpy(&header, mapping, sizeof(header)); memcpy(&header, mapping, sizeof(header));
early_memunmap(mapping, sizeof(header)); early_memunmap(mapping, sizeof(header));
if (header.type == SETUP_JAILHOUSE && if (header.type == SETUP_JAILHOUSE)
header.len >= sizeof(setup_data)) {
pa_data += offsetof(struct setup_data, data);
mapping = early_memremap(pa_data, sizeof(setup_data));
memcpy(&setup_data, mapping, sizeof(setup_data));
early_memunmap(mapping, sizeof(setup_data));
break; break;
}
pa_data = header.next; pa_data = header.next;
} }
...@@ -180,13 +175,27 @@ static void __init jailhouse_init_platform(void) ...@@ -180,13 +175,27 @@ static void __init jailhouse_init_platform(void)
if (!pa_data) if (!pa_data)
panic("Jailhouse: No valid setup data found"); panic("Jailhouse: No valid setup data found");
if (setup_data.compatible_version > JAILHOUSE_SETUP_REQUIRED_VERSION) /* setup data must at least contain the header */
panic("Jailhouse: Unsupported setup data structure"); if (header.len < sizeof(setup_data.hdr))
goto unsupported;
pmtmr_ioport = setup_data.pm_timer_address; pa_data += offsetof(struct setup_data, data);
setup_data_len = min_t(unsigned long, sizeof(setup_data),
(unsigned long)header.len);
mapping = early_memremap(pa_data, setup_data_len);
memcpy(&setup_data, mapping, setup_data_len);
early_memunmap(mapping, setup_data_len);
if (setup_data.hdr.version == 0 ||
setup_data.hdr.compatible_version !=
JAILHOUSE_SETUP_REQUIRED_VERSION ||
(setup_data.hdr.version >= 1 && header.len < SETUP_DATA_V1_LEN))
goto unsupported;
pmtmr_ioport = setup_data.v1.pm_timer_address;
pr_debug("Jailhouse: PM-Timer IO Port: %#x\n", pmtmr_ioport); pr_debug("Jailhouse: PM-Timer IO Port: %#x\n", pmtmr_ioport);
precalibrated_tsc_khz = setup_data.tsc_khz; precalibrated_tsc_khz = setup_data.v1.tsc_khz;
setup_force_cpu_cap(X86_FEATURE_TSC_KNOWN_FREQ); setup_force_cpu_cap(X86_FEATURE_TSC_KNOWN_FREQ);
pci_probe = 0; pci_probe = 0;
...@@ -196,6 +205,10 @@ static void __init jailhouse_init_platform(void) ...@@ -196,6 +205,10 @@ static void __init jailhouse_init_platform(void)
* are none in a non-root cell. * are none in a non-root cell.
*/ */
disable_acpi(); disable_acpi();
return;
unsupported:
panic("Jailhouse: Unsupported setup data structure");
} }
bool jailhouse_paravirt(void) bool jailhouse_paravirt(void)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment