Skip to content
Permalink
Browse files
[hyperv] Do not steal ownership from the Gen 2 UEFI firmware
We must not steal ownership from the Gen 2 UEFI firmware, since doing
so will cause an immediate system crash (most likely in the form of a
reboot).

This problem was masked before commit a0f6e75 ("[hyperv] Do not fail
if guest OS ID MSR is already set"), since prior to that commit we
would always fail if we found any non-zero guest OS identity.  We now
accept a non-zero previous guest OS identity in order to allow for
situations such as chainloading from iPXE to another iPXE, and as a
prerequisite for commit b91cc98 ("[hyperv] Cope with Windows Server
2016 enlightenments").

A proper fix would be to reverse engineer the UEFI protocols exposed
within the Hyper-V Gen 2 firmware and use these to bind to the VMBus
device representing the network connection, (with the native Hyper-V
driver moved to become a BIOS-only feature).

As an interim solution, fail to initialise the native Hyper-V driver
if we detect the guest OS identity known to be used by the Gen 2 UEFI
firmware.  This will cause the standard all-drivers build (ipxe.efi)
to fall back to using the SNP driver.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
  • Loading branch information
mcb30 committed Jul 28, 2017
1 parent 51a7973 commit 936657832f2262ad04bdf16b9229ce0b1d1c174f
Showing 2 changed files with 35 additions and 0 deletions.
@@ -220,6 +220,29 @@ static int hv_check_features ( struct hv_hypervisor *hv ) {
return 0;
}

/**
* Check that Gen 2 UEFI firmware is not running
*
* @v hv Hyper-V hypervisor
* @ret rc Return status code
*
* We must not steal ownership from the Gen 2 UEFI firmware, since
* doing so will cause an immediate crash. Avoid this by checking for
* the guest OS identity known to be used by the Gen 2 UEFI firmware.
*/
static int hv_check_uefi ( struct hv_hypervisor *hv ) {
uint64_t guest_os_id;

/* Check for UEFI firmware's guest OS identity */
guest_os_id = rdmsr ( HV_X64_MSR_GUEST_OS_ID );
if ( guest_os_id == HV_GUEST_OS_ID_UEFI ) {
DBGC ( hv, "HV %p is owned by UEFI firmware\n", hv );
return -ENOTSUP;
}

return 0;
}

/**
* Map hypercall page
*
@@ -556,6 +579,10 @@ static int hv_probe ( struct root_device *rootdev ) {
if ( ( rc = hv_check_features ( hv ) ) != 0 )
goto err_check_features;

/* Check that Gen 2 UEFI firmware is not running */
if ( ( rc = hv_check_uefi ( hv ) ) != 0 )
goto err_check_uefi;

/* Allocate pages */
if ( ( rc = hv_alloc_pages ( hv, &hv->hypercall, &hv->synic.message,
&hv->synic.event, NULL ) ) != 0 )
@@ -587,6 +614,7 @@ static int hv_probe ( struct root_device *rootdev ) {
hv_free_pages ( hv, hv->hypercall, hv->synic.message, hv->synic.event,
NULL );
err_alloc_pages:
err_check_uefi:
err_check_features:
free ( hv );
err_alloc:
@@ -37,6 +37,13 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
*/
#define HV_GUEST_OS_ID_IPXE ( ( 1ULL << 63 ) | ( 0x18aeULL << 48 ) )

/** Guest OS identity for Gen 2 UEFI firmware
*
* This does not conform to the documented structure for guest OS
* identities.
*/
#define HV_GUEST_OS_ID_UEFI ( 1ULL << 40 )

/** Enable hypercall page */
#define HV_HYPERCALL_ENABLE 0x00000001UL

0 comments on commit 9366578

Please sign in to comment.