From: Anthony PERARD <anthony.per...@citrix.com> We need a way to execute instruction "generated" at runtime from the runtime library.
This patch introduce XenHypercallRuntimeLib, which is mostly a copy of XenHypercallLib with a few changes. We reserved some code space with "XenHypercallPage", which we will overwrite to put the xen hypercall code. Then we ask Xen to overwrite the reserved space with the hypercall page via `wrmsr`. Allocation doesn't work, because the memory allocated at run time is always considered to be data instead of code, so once Linux takes over, we can't execute from it. Signed-off-by: Anthony PERARD <anthony.per...@citrix.com> --- Notes: I've been told that we don't need to ask Xen on how to make hypercall on x86, and that was just an helper to not have to figure out which instruction to use. That would mean that instead of doing write_msr, we would need a way to distinguish between AMD and Intel in order to find out which instruction to use. So if this patch is too weird, that another way to have hypercall in a runtime service. OvmfPkg/OvmfXen.dsc | 1 + .../XenHypercallRuntimeLib.inf | 46 ++++ .../XenHypercallLib/X86RuntimeXenHypercall.c | 210 ++++++++++++++++++ .../X64/RuntimeHypercallPage.nasm | 24 ++ 4 files changed, 281 insertions(+) create mode 100644 OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf create mode 100644 OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c create mode 100644 OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 58a7c97cddf7..8df173a0ee84 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -312,6 +312,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf + XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf diff --git a/OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf b/OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf new file mode 100644 index 000000000000..07fdeb612760 --- /dev/null +++ b/OvmfPkg/Library/XenHypercallLib/XenHypercallRuntimeLib.inf @@ -0,0 +1,46 @@ +## @file +# Xen Hypercall abstraction lib for Intel for runtime services +# +# Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR> +# Copyright (c) 2022, Citrix Systems, Inc. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = XenHypercallRuntimeLib + FILE_GUID = f657a395-1d2c-40b5-bd34-eedc203899ab + MODULE_TYPE = DXE_RUNTIME_DRIVER + VERSION_STRING = 1.0 + CONSTRUCTOR = XenHypercallRuntimeLibConstruct + +[Defines.IA32, Defines.X64] + LIBRARY_CLASS = XenHypercallLib|DXE_RUNTIME_DRIVER + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = X64 +# + +[Sources.X64] + X86RuntimeXenHypercall.c + X64/hypercall.nasm + X64/RuntimeHypercallPage.nasm + +[Sources] + XenHypercall.c + +[Packages] + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + DebugLib + UefiRuntimeLib + +[Guids.X64] + gEfiEventVirtualAddressChangeGuid # ALWAYS_CONSUMED diff --git a/OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c b/OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c new file mode 100644 index 000000000000..d1c097e00f3a --- /dev/null +++ b/OvmfPkg/Library/XenHypercallLib/X86RuntimeXenHypercall.c @@ -0,0 +1,210 @@ +/** @file + Xen Hypercall Library implementation for Intel architecture + + Copyright (c) 2014, Linaro Ltd. All rights reserved.<BR> + Copyright (c) 2022, Citrix Systems, Inc. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include <PiDxe.h> + +#include <Guid/EventGroup.h> +#include <Library/BaseLib.h> +#include <Library/BaseMemoryLib.h> +#include <Library/DebugLib.h> +#include <Library/UefiBootServicesTableLib.h> +#include <Library/UefiRuntimeLib.h> +#include <Library/XenHypercallLib.h> + +STATIC VOID *mHyperPage; + +// +// Pointer to reserved page for Xen's hypercall page. +// +extern VOID *XenHypercallPage; + +// +// Virtual Address Change Event +// +// This is needed for runtime variable access. +// +EFI_EVENT mXenHypercallLibAddrChangeEvent = NULL; + +RETURN_STATUS +EFIAPI +XenHypercallRuntimeLibConstruct ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + XenHypercallLibInit (); + + // + // We don't fail library construction, since that has catastrophic + // consequences for client modules (whereas those modules may easily be + // running on a non-Xen platform). Instead, XenHypercallIsAvailable() + // will return FALSE. + // + return RETURN_SUCCESS; +} + +/** + Check if the Xen Hypercall library is able to make calls to the Xen + hypervisor. + + Client code should call further functions in this library only if, and after, + this function returns TRUE. + + @retval TRUE Hypercalls are available. + @retval FALSE Hypercalls are not available. +**/ +BOOLEAN +EFIAPI +XenHypercallIsAvailable ( + VOID + ) +{ + return mHyperPage != NULL; +} + +// +// Interface exposed by the ASM implementation of the core hypercall +// +INTN +EFIAPI +__XenHypercall2 ( + IN VOID *HypercallAddr, + IN OUT INTN Arg1, + IN OUT INTN Arg2 + ); + +/** + Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE. + + This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. + It converts pointer to new virtual address. + + @param Event Event whose notification function is being invoked. + @param Context Pointer to the notification function's context. + +**/ +STATIC +VOID +EFIAPI +XenHypercallLibAddrChangeEvent ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + + Status = EfiConvertFunctionPointer (0, &mHyperPage); + ASSERT_EFI_ERROR (Status); +} + +STATIC +UINT32 +XenCpuidLeaf ( + VOID + ) +{ + UINT8 Signature[13]; + UINT32 XenLeaf; + + Signature[12] = '\0'; + for (XenLeaf = 0x40000000; XenLeaf < 0x40010000; XenLeaf += 0x100) { + AsmCpuid ( + XenLeaf, + NULL, + (UINT32 *)&Signature[0], + (UINT32 *)&Signature[4], + (UINT32 *)&Signature[8] + ); + + if (!AsciiStrCmp ((CHAR8 *)Signature, "XenVMMXenVMM")) { + return XenLeaf; + } + } + + return 0; +} + +/** + Library constructor: populate hypercall page. +**/ +RETURN_STATUS +EFIAPI +XenHypercallLibInit ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 TransferReg; + UINT32 TransferPages; + UINT32 XenLeaf; + + XenLeaf = XenCpuidLeaf (); + + if (XenLeaf == 0) { + return RETURN_UNSUPPORTED; + } + + AsmCpuid (XenLeaf + 2, &TransferPages, &TransferReg, NULL, NULL); + + // + // Only populate the first page of the hypercall even if there's more + // than one, that is even if TransferPages > 1. + // We don't use hypercall id > 127. + // + AsmWriteMsr64 (TransferReg, (UINTN)&XenHypercallPage); + + mHyperPage = &XenHypercallPage; + + // + // Register for the virtual address change event + // + Status = gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + XenHypercallLibAddrChangeEvent, + NULL, + &gEfiEventVirtualAddressChangeGuid, + &mXenHypercallLibAddrChangeEvent + ); + ASSERT_EFI_ERROR (Status); + + return RETURN_SUCCESS; +} + +/** + This function will put the two arguments in the right place (registers) and + invoke the hypercall identified by HypercallID. + + @param HypercallID The symbolic ID of the hypercall to be invoked + @param Arg1 First argument. + @param Arg2 Second argument. + + @return Return 0 if success otherwise it return an errno. +**/ +INTN +EFIAPI +XenHypercall2 ( + IN UINTN HypercallID, + IN OUT INTN Arg1, + IN OUT INTN Arg2 + ) +{ + ASSERT (mHyperPage != NULL); + // + // Hypercall must not use code beyong the first hypercall page. + // Only the first page is populated by XenHypercallLibInit () + // + ASSERT (HypercallID < EFI_PAGE_SIZE / 32); + if (HypercallID >= EFI_PAGE_SIZE / 32) { + return -38; // -ENOSYS + } + + return __XenHypercall2 ((UINT8 *)mHyperPage + HypercallID * 32, Arg1, Arg2); +} diff --git a/OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm b/OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm new file mode 100644 index 000000000000..f0897c51b31c --- /dev/null +++ b/OvmfPkg/Library/XenHypercallLib/X64/RuntimeHypercallPage.nasm @@ -0,0 +1,24 @@ +;; @file +; Provide one page of code space to be overwritten at boot and to be used by +; runtime drivers to make Xen hypercall on x86. +; +; Copyright (c) 2022, Citrix Systems, Inc. +; +; SPDX-License-Identifier: BSD-2-Clause-Patent +;; + +DEFAULT REL +SECTION .text + +; +; Align at page boundary as we need a pointer on a page without offset. +; +ALIGN EFI_PAGE_SIZE + +; +; reserve some .text space to put-in Xen's hypercall instructions in at runtime. +; Poisoned with `ret` +; +global ASM_PFX(XenHypercallPage) +ASM_PFX(XenHypercallPage): + times EFI_PAGE_SIZE ret -- Anthony PERARD -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96304): https://edk2.groups.io/g/devel/message/96304 Mute This Topic: https://groups.io/mt/94960818/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-