ASSERT(rv == 0 && resp->status == 0);
cmd.pcr = bswap_32(5); // PCR #5 for initrd
- sha1(dom->ramdisk_blob, dom->ramdisk_size, cmd.hash);
+ sha1(dom->modules[0].blob, dom->modules[0].size, cmd.hash);
rv = tpmfront_cmd(tpm, (void*)&cmd, sizeof(cmd), (void*)&resp, &resplen);
ASSERT(rv == 0 && resp->status == 0);
/* We are using guest owned memory, therefore no limits. */
xc_dom_kernel_max_size(dom, 0);
- xc_dom_ramdisk_max_size(dom, 0);
+ xc_dom_module_max_size(dom, 0);
dom->kernel_blob = kernel;
dom->kernel_size = kernel_size;
- dom->ramdisk_blob = module;
- dom->ramdisk_size = module_size;
+ xc_dom_module_mem(dom, module, module_size, NULL);
dom->flags = flags;
dom->console_evtchn = start_info.console.domU.evtchn;
if ( ramdisk )
{
- rv = xc_dom_ramdisk_file(dom, ramdisk);
+ rv = xc_dom_module_file(dom, ramdisk, NULL);
if ( rv )
{
- fprintf(stderr, "xc_dom_ramdisk_file failed\n");
+ fprintf(stderr, "xc_dom_module_file failed\n");
goto err;
}
}
#define INVALID_PFN ((xen_pfn_t)-1)
#define X86_HVM_NR_SPECIAL_PAGES 8
#define X86_HVM_END_SPECIAL_REGION 0xff000u
+#define XG_MAX_MODULES 2
/* --- typedefs and structs ---------------------------------------- */
xen_pfn_t count;
};
+struct xc_dom_module {
+ void *blob;
+ size_t size;
+ void *cmdline;
+ /* If seg.vstart is non zero then the module will be loaded at that
+ * address, otherwise it will automatically placed.
+ *
+ * If automatic placement is used and the module is gzip
+ * compressed then it will be decompressed as it is loaded. If the
+ * module has been explicitly placed then it is loaded as is
+ * otherwise decompressing risks undoing the manual placement.
+ */
+ struct xc_dom_seg seg;
+};
+
struct xc_dom_image {
/* files */
void *kernel_blob;
size_t kernel_size;
- void *ramdisk_blob;
- size_t ramdisk_size;
+ unsigned int num_modules;
+ struct xc_dom_module modules[XG_MAX_MODULES];
void *devicetree_blob;
size_t devicetree_size;
size_t max_kernel_size;
- size_t max_ramdisk_size;
+ size_t max_module_size;
size_t max_devicetree_size;
/* arguments and parameters */
/* memory layout */
struct xc_dom_seg kernel_seg;
- /* If ramdisk_seg.vstart is non zero then the ramdisk will be
- * loaded at that address, otherwise it will automatically placed.
- *
- * If automatic placement is used and the ramdisk is gzip
- * compressed then it will be decompressed as it is loaded. If the
- * ramdisk has been explicitly placed then it is loaded as is
- * otherwise decompressing risks undoing the manual placement.
- */
- struct xc_dom_seg ramdisk_seg;
struct xc_dom_seg p2m_seg;
struct xc_dom_seg pgtables_seg;
struct xc_dom_seg devicetree_seg;
int xc_dom_rambase_init(struct xc_dom_image *dom, uint64_t rambase);
int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb);
-/* Set this larger if you have enormous ramdisks/kernels. Note that
+/* Set this larger if you have enormous modules/kernels. Note that
* you should trust all kernels not to be maliciously large (e.g. to
* exhaust all dom0 memory) if you do this (see CVE-2012-4544 /
* XSA-25). You can also set the default independently for
- * ramdisks/kernels in xc_dom_allocate() or call
- * xc_dom_{kernel,ramdisk}_max_size.
+ * modules/kernels in xc_dom_allocate() or call
+ * xc_dom_{kernel,module}_max_size.
*/
#ifndef XC_DOM_DECOMPRESS_MAX
#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */
int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz);
int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz);
-int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz);
-int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz);
+int xc_dom_module_check_size(struct xc_dom_image *dom, size_t sz);
+int xc_dom_module_max_size(struct xc_dom_image *dom, size_t sz);
int xc_dom_devicetree_max_size(struct xc_dom_image *dom, size_t sz);
int xc_dom_try_gunzip(struct xc_dom_image *dom, void **blob, size_t * size);
int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename);
-int xc_dom_ramdisk_file(struct xc_dom_image *dom, const char *filename);
+int xc_dom_module_file(struct xc_dom_image *dom, const char *filename,
+ const char *cmdline);
int xc_dom_kernel_mem(struct xc_dom_image *dom, const void *mem,
size_t memsize);
-int xc_dom_ramdisk_mem(struct xc_dom_image *dom, const void *mem,
- size_t memsize);
+int xc_dom_module_mem(struct xc_dom_image *dom, const void *mem,
+ size_t memsize, const char *cmdline);
int xc_dom_devicetree_file(struct xc_dom_image *dom, const char *filename);
int xc_dom_devicetree_mem(struct xc_dom_image *dom, const void *mem,
size_t memsize);
if ( (rc = xc_dom_kernel_file(dom, image_name)) != 0 )
goto out;
if ( initrd_name && strlen(initrd_name) &&
- ((rc = xc_dom_ramdisk_file(dom, initrd_name)) != 0) )
+ ((rc = xc_dom_module_file(dom, initrd_name, NULL)) != 0) )
goto out;
dom->flags |= flags;
return 0;
}
-int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz)
+int xc_dom_module_check_size(struct xc_dom_image *dom, size_t sz)
{
/* No limit */
- if ( !dom->max_ramdisk_size )
+ if ( !dom->max_module_size )
return 0;
- if ( sz > dom->max_ramdisk_size )
+ if ( sz > dom->max_module_size )
{
xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
- "ramdisk image too large");
+ "module image too large");
return 1;
}
dom->xch = xch;
dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX;
- dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX;
+ dom->max_module_size = XC_DOM_DECOMPRESS_MAX;
dom->max_devicetree_size = XC_DOM_DECOMPRESS_MAX;
if ( cmdline )
return 0;
}
-int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz)
+int xc_dom_module_max_size(struct xc_dom_image *dom, size_t sz)
{
- DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz);
- dom->max_ramdisk_size = sz;
+ DOMPRINTF("%s: module_max_size=%zx", __FUNCTION__, sz);
+ dom->max_module_size = sz;
return 0;
}
return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size);
}
-int xc_dom_ramdisk_file(struct xc_dom_image *dom, const char *filename)
+int xc_dom_module_file(struct xc_dom_image *dom, const char *filename, const char *cmdline)
{
+ unsigned int mod = dom->num_modules++;
+
DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
- dom->ramdisk_blob =
- xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size,
- dom->max_ramdisk_size);
+ dom->modules[mod].blob =
+ xc_dom_malloc_filemap(dom, filename, &dom->modules[mod].size,
+ dom->max_module_size);
- if ( dom->ramdisk_blob == NULL )
+ if ( dom->modules[mod].blob == NULL )
return -1;
-// return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size);
+
+ if ( cmdline )
+ {
+ dom->modules[mod].cmdline = xc_dom_strdup(dom, cmdline);
+
+ if ( dom->modules[mod].cmdline == NULL )
+ return -1;
+ }
+ else
+ {
+ dom->modules[mod].cmdline = NULL;
+ }
+
return 0;
}
return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size);
}
-int xc_dom_ramdisk_mem(struct xc_dom_image *dom, const void *mem,
- size_t memsize)
+int xc_dom_module_mem(struct xc_dom_image *dom, const void *mem,
+ size_t memsize, const char *cmdline)
{
+ unsigned int mod = dom->num_modules++;
+
DOMPRINTF_CALLED(dom->xch);
- dom->ramdisk_blob = (void *)mem;
- dom->ramdisk_size = memsize;
-// return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size);
+
+ dom->modules[mod].blob = (void *)mem;
+ dom->modules[mod].size = memsize;
+
+ if ( cmdline )
+ {
+ dom->modules[mod].cmdline = xc_dom_strdup(dom, cmdline);
+
+ if ( dom->modules[mod].cmdline == NULL )
+ return -1;
+ }
+ else
+ {
+ dom->modules[mod].cmdline = NULL;
+ }
+
return 0;
}
return 0;
}
-static int xc_dom_build_ramdisk(struct xc_dom_image *dom)
+static int xc_dom_build_module(struct xc_dom_image *dom, unsigned int mod)
{
- size_t unziplen, ramdisklen;
- void *ramdiskmap;
+ size_t unziplen, modulelen;
+ void *modulemap;
+ char name[10];
- if ( !dom->ramdisk_seg.vstart )
+ if ( !dom->modules[mod].seg.vstart )
{
unziplen = xc_dom_check_gzip(dom->xch,
- dom->ramdisk_blob, dom->ramdisk_size);
- if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 )
+ dom->modules[mod].blob, dom->modules[mod].size);
+ if ( xc_dom_module_check_size(dom, unziplen) != 0 )
unziplen = 0;
}
else
unziplen = 0;
- ramdisklen = unziplen ? unziplen : dom->ramdisk_size;
-
- if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk",
- dom->ramdisk_seg.vstart, ramdisklen) != 0 )
+ modulelen = unziplen ? unziplen : dom->modules[mod].size;
+ snprintf(name, sizeof(name), "module%u", mod);
+ if ( xc_dom_alloc_segment(dom, &dom->modules[mod].seg, name,
+ dom->modules[mod].seg.vstart, modulelen) != 0 )
goto err;
- ramdiskmap = xc_dom_seg_to_ptr(dom, &dom->ramdisk_seg);
- if ( ramdiskmap == NULL )
+ modulemap = xc_dom_seg_to_ptr(dom, &dom->modules[mod].seg);
+ if ( modulemap == NULL )
{
- DOMPRINTF("%s: xc_dom_seg_to_ptr(dom, &dom->ramdisk_seg) => NULL",
- __FUNCTION__);
+ DOMPRINTF("%s: xc_dom_seg_to_ptr(dom, &dom->modules[%u].seg) => NULL",
+ __FUNCTION__, mod);
goto err;
}
if ( unziplen )
{
- if ( xc_dom_do_gunzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size,
- ramdiskmap, ramdisklen) == -1 )
+ if ( xc_dom_do_gunzip(dom->xch, dom->modules[mod].blob, dom->modules[mod].size,
+ modulemap, modulelen) == -1 )
goto err;
}
else
- memcpy(ramdiskmap, dom->ramdisk_blob, dom->ramdisk_size);
+ memcpy(modulemap, dom->modules[mod].blob, dom->modules[mod].size);
return 0;
{
unsigned int page_size;
bool unmapped_initrd;
+ unsigned int mod;
DOMPRINTF_CALLED(dom->xch);
if ( dom->kernel_loader->loader(dom) != 0 )
goto err;
- /* Don't load ramdisk now if no initial mapping required. */
- unmapped_initrd = dom->parms.unmapped_initrd && !dom->ramdisk_seg.vstart;
-
- if ( dom->ramdisk_blob && !unmapped_initrd )
+ /* Don't load ramdisk / other modules now if no initial mapping required. */
+ for ( mod = 0; mod < dom->num_modules; mod++ )
{
- if ( xc_dom_build_ramdisk(dom) != 0 )
- goto err;
- dom->initrd_start = dom->ramdisk_seg.vstart;
- dom->initrd_len = dom->ramdisk_seg.vend - dom->ramdisk_seg.vstart;
+ unmapped_initrd = (dom->parms.unmapped_initrd &&
+ !dom->modules[mod].seg.vstart);
+
+ if ( dom->modules[mod].blob && !unmapped_initrd )
+ {
+ if ( xc_dom_build_module(dom, mod) != 0 )
+ goto err;
+
+ if ( mod == 0 )
+ {
+ dom->initrd_start = dom->modules[mod].seg.vstart;
+ dom->initrd_len =
+ dom->modules[mod].seg.vend - dom->modules[mod].seg.vstart;
+ }
+ }
}
/* load devicetree */
if ( dom->virt_pgtab_end && xc_dom_alloc_pad(dom, dom->virt_pgtab_end) )
return -1;
- /* Load ramdisk if no initial mapping required. */
- if ( dom->ramdisk_blob && unmapped_initrd )
+ for ( mod = 0; mod < dom->num_modules; mod++ )
{
- if ( xc_dom_build_ramdisk(dom) != 0 )
- goto err;
- dom->flags |= SIF_MOD_START_PFN;
- dom->initrd_start = dom->ramdisk_seg.pfn;
- dom->initrd_len = page_size * dom->ramdisk_seg.pages;
+ unmapped_initrd = (dom->parms.unmapped_initrd &&
+ !dom->modules[mod].seg.vstart);
+
+ /* Load ramdisk / other modules if no initial mapping required. */
+ if ( dom->modules[mod].blob && unmapped_initrd )
+ {
+ if ( xc_dom_build_module(dom, mod) != 0 )
+ goto err;
+
+ if ( mod == 0 )
+ {
+ dom->flags |= SIF_MOD_START_PFN;
+ dom->initrd_start = dom->modules[mod].seg.pfn;
+ dom->initrd_len = page_size * dom->modules[mod].seg.pages;
+ }
+ }
}
/* Allocate p2m list if outside of initial kernel mapping. */
#define round_up(addr, mask) ((addr) | (mask))
#define round_pg_up(addr) (((addr) + PAGE_SIZE_X86 - 1) & ~(PAGE_SIZE_X86 - 1))
-#define HVMLOADER_MODULE_MAX_COUNT 1
-#define HVMLOADER_MODULE_NAME_SIZE 10
+#define HVMLOADER_MODULE_MAX_COUNT 2
+#define HVMLOADER_MODULE_CMDLINE_SIZE MAX_GUEST_CMDLINE
struct xc_dom_params {
unsigned levels;
xc_hvm_param_set(xch, domid, HVM_PARAM_SHARING_RING_PFN,
special_pfn(SPECIALPAGE_SHARING));
+ start_info_size +=
+ sizeof(struct hvm_modlist_entry) * HVMLOADER_MODULE_MAX_COUNT;
+
+ start_info_size +=
+ HVMLOADER_MODULE_CMDLINE_SIZE * HVMLOADER_MODULE_MAX_COUNT;
+
if ( !dom->device_model )
{
if ( dom->cmdline )
dom->cmdline_size = ROUNDUP(strlen(dom->cmdline) + 1, 8);
start_info_size += dom->cmdline_size;
}
-
- /* Limited to one module. */
- if ( dom->ramdisk_blob )
- start_info_size += sizeof(struct hvm_modlist_entry);
}
else
{
- start_info_size +=
- sizeof(struct hvm_modlist_entry) * HVMLOADER_MODULE_MAX_COUNT;
- /*
- * Add extra space to write modules name.
- * The HVMLOADER_MODULE_NAME_SIZE accounts for NUL byte.
- */
- start_info_size +=
- HVMLOADER_MODULE_NAME_SIZE * HVMLOADER_MODULE_MAX_COUNT;
-
/*
* Allocate and clear additional ioreq server pages. The default
* server will use the IOREQ and BUFIOREQ special pages above.
start_info->console.domU.mfn = xc_dom_p2m(dom, dom->console_pfn);
start_info->console.domU.evtchn = dom->console_evtchn;
- if ( dom->ramdisk_blob )
+ if ( dom->modules[0].blob )
{
start_info->mod_start = dom->initrd_start;
start_info->mod_len = dom->initrd_len;
start_info->console.domU.mfn = xc_dom_p2m(dom, dom->console_pfn);
start_info->console.domU.evtchn = dom->console_evtchn;
- if ( dom->ramdisk_blob )
+ if ( dom->modules[0].blob )
{
start_info->mod_start = dom->initrd_start;
start_info->mod_len = dom->initrd_len;
unsigned long target_pages = dom->target_pages;
unsigned long cur_pages, cur_pfn;
int rc;
- unsigned long stat_normal_pages = 0, stat_2mb_pages = 0,
+ unsigned long stat_normal_pages = 0, stat_2mb_pages = 0,
stat_1gb_pages = 0;
unsigned int memflags = 0;
int claim_enabled = dom->claim_enabled;
p2m_size = 0;
for ( i = 0; i < nr_vmemranges; i++ )
{
+ DOMPRINTF("range: start=0x%"PRIx64" end=0x%"PRIx64, vmemranges[i].start, vmemranges[i].end);
+
total_pages += ((vmemranges[i].end - vmemranges[i].start)
>> PAGE_SHIFT);
p2m_size = p2m_size > (vmemranges[i].end >> PAGE_SHIFT) ?
*/
static void add_module_to_list(struct xc_dom_image *dom,
struct xc_hvm_firmware_module *module,
- const char *name,
+ const char *cmdline,
struct hvm_modlist_entry *modlist,
struct hvm_start_info *start_info)
{
return;
assert(start_info->nr_modules < HVMLOADER_MODULE_MAX_COUNT);
- assert(strnlen(name, HVMLOADER_MODULE_NAME_SIZE)
- < HVMLOADER_MODULE_NAME_SIZE);
modlist[index].paddr = module->guest_addr_out;
modlist[index].size = module->length;
- strncpy(modules_cmdline_start + HVMLOADER_MODULE_NAME_SIZE * index,
- name, HVMLOADER_MODULE_NAME_SIZE);
+ if ( cmdline )
+ {
+ assert(strnlen(cmdline, HVMLOADER_MODULE_CMDLINE_SIZE)
+ < HVMLOADER_MODULE_CMDLINE_SIZE);
+ strncpy(modules_cmdline_start + HVMLOADER_MODULE_CMDLINE_SIZE * index,
+ cmdline, HVMLOADER_MODULE_CMDLINE_SIZE);
+ }
+
modlist[index].cmdline_paddr =
- modules_cmdline_paddr + HVMLOADER_MODULE_NAME_SIZE * index;
+ modules_cmdline_paddr + HVMLOADER_MODULE_CMDLINE_SIZE * index;
start_info->nr_modules++;
}
struct hvm_start_info *start_info;
size_t start_info_size;
struct hvm_modlist_entry *modlist;
+ unsigned int i;
start_info_size = sizeof(*start_info) + dom->cmdline_size;
- if ( dom->ramdisk_blob )
- start_info_size += sizeof(struct hvm_modlist_entry);
+ start_info_size += sizeof(struct hvm_modlist_entry) * dom->num_modules;
if ( start_info_size >
dom->start_info_seg.pages << XC_DOM_PAGE_SHIFT(dom) )
((uintptr_t)cmdline - (uintptr_t)start_info);
}
- if ( dom->ramdisk_blob )
+ for ( i = 0; i < dom->num_modules; i++ )
{
+ struct xc_hvm_firmware_module mod;
+
+ DOMPRINTF("Adding module %u", i);
+ mod.guest_addr_out =
+ dom->modules[i].seg.vstart - dom->parms.virt_base;
+ mod.length =
+ dom->modules[i].seg.vend - dom->modules[i].seg.vstart;
- modlist[0].paddr = dom->ramdisk_seg.vstart - dom->parms.virt_base;
- modlist[0].size = dom->ramdisk_seg.vend - dom->ramdisk_seg.vstart;
- start_info->nr_modules = 1;
+ add_module_to_list(dom, &mod, dom->modules[i].cmdline,
+ modlist, start_info);
}
/* ACPI module 0 is the RSDP */
if ( state->pv_ramdisk.path && strlen(state->pv_ramdisk.path) ) {
if (state->pv_ramdisk.mapped) {
- if ( (ret = xc_dom_ramdisk_mem(dom, state->pv_ramdisk.data, state->pv_ramdisk.size)) != 0 ) {
+ if ( (ret = xc_dom_module_mem(dom, state->pv_ramdisk.data, state->pv_ramdisk.size, NULL)) != 0 ) {
LOGE(ERROR, "xc_dom_ramdisk_mem failed");
goto out;
}
} else {
- if ( (ret = xc_dom_ramdisk_file(dom, state->pv_ramdisk.path)) != 0 ) {
+ if ( (ret = xc_dom_module_file(dom, state->pv_ramdisk.path, NULL)) != 0 ) {
LOGE(ERROR, "xc_dom_ramdisk_file failed");
goto out;
}
if (state->pv_ramdisk.path && strlen(state->pv_ramdisk.path)) {
if (state->pv_ramdisk.mapped) {
- rc = xc_dom_ramdisk_mem(dom, state->pv_ramdisk.data,
- state->pv_ramdisk.size);
+ rc = xc_dom_module_mem(dom, state->pv_ramdisk.data,
+ state->pv_ramdisk.size, NULL);
if (rc) {
LOGE(ERROR, "xc_dom_ramdisk_mem failed");
goto out;
}
} else {
- rc = xc_dom_ramdisk_file(dom, state->pv_ramdisk.path);
+ rc = xc_dom_module_file(dom, state->pv_ramdisk.path, NULL);
if (rc) {
LOGE(ERROR, "xc_dom_ramdisk_file failed");
goto out;
projects / xen.git / commitdiff