Merge remote-tracking branch 'upstream/master'

grub-core/lib/arm64/setjmp.S

@@ -50,6 +50,7 @@ FUNCTION(grub_longjmp)
 	ldp	x29, x30, [x0], #16
 	ldr	x2, [x0]
 	mov	sp, x2
+	mov	x0, #1
 	cmp	x1, #0
 	csel	x0, x1, x0, ne
 	ret

grub-core/lib/i386/backtrace.c

@@ -56,11 +56,11 @@ void
 grub_backtrace (void)
 {
 #ifdef __x86_64__
-  asm volatile ("movq %rbp, %rdi\n"
-		"call " EXT_C("grub_backtrace_pointer"));
+  asm volatile ("movq %%rbp, %%rdi\n"
+		"callq *%%rax": :"a"(grub_backtrace_pointer));
 #else
-  asm volatile ("movl %ebp, %eax\n"
-		"call " EXT_C("grub_backtrace_pointer"));
+  asm volatile ("movl %%ebp, %%eax\n"
+		"calll *%%ecx": :"c"(grub_backtrace_pointer));
 #endif
 }
 

grub-core/lib/i386/random.c

@@ -0,0 +1,103 @@
+/*
+ *  GRUB  --  GRand Unified Bootloader
+ *  Copyright (C) 2016 Free Software Foundation, Inc.
+ *
+ *  GRUB is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GRUB is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <grub/random.h>
+#include <grub/i386/io.h>
+#include <grub/i386/tsc.h>
+#include <grub/i386/pmtimer.h>
+#include <grub/acpi.h>
+
+static int have_tsc = -1, have_pmtimer = -1;
+static grub_port_t pmtimer_port;
+
+static int
+detect_pmtimer (void)
+{
+  struct grub_acpi_fadt *fadt;
+  fadt = grub_acpi_find_fadt ();
+  if (!fadt)
+    return 0;
+  pmtimer_port = fadt->pmtimer;
+  if (!pmtimer_port)
+    return 0;
+  return 1;
+}
+
+static int
+pmtimer_tsc_get_random_bit (void)
+{
+  /* It's hard to come up with figures about pmtimer and tsc jitter but
+     50 ppm seems to be typical. So we need 10^6/50 tsc cycles to get drift
+     of one tsc cycle. With TSC at least of 800 MHz it means 1/(50*800)
+     = 1/40000 s or about 3579545 / 40000 = 90 pmtimer ticks.
+     This gives us rate of 40000 bit/s or 5 kB/s.
+   */
+  grub_uint64_t tsc_diff;
+  tsc_diff = grub_pmtimer_wait_count_tsc (pmtimer_port, 90);
+  if (tsc_diff == 0)
+    {
+      have_pmtimer = 0;
+      return -1;
+    }
+  return tsc_diff & 1;
+}
+
+static int
+pmtimer_tsc_get_random_byte (void)
+{
+  grub_uint8_t ret = 0;
+  int i, c;
+  for (i = 0; i < 8; i++)
+    {
+      c = pmtimer_tsc_get_random_bit ();
+      if (c < 0)
+	return -1;
+      ret |= c << i;
+    }
+  return ret;
+}
+
+static int
+pmtimer_fill_buffer (void *buffer, grub_size_t sz)
+{
+  grub_uint8_t *p = buffer;
+  int c;
+  while (sz)
+    {
+      c = pmtimer_tsc_get_random_byte ();
+      if (c < 0)
+	return 0;
+      *p++ = c;
+      sz--;
+    }
+  return 1;
+}
+
+int
+grub_crypto_arch_get_random (void *buffer, grub_size_t sz)
+{
+  if (have_tsc == -1)
+    have_tsc = grub_cpu_is_tsc_supported ();
+  if (!have_tsc)
+    return 0;
+  if (have_pmtimer == -1)
+    have_pmtimer = detect_pmtimer ();
+  if (!have_pmtimer)
+    return 0;
+  return pmtimer_fill_buffer (buffer, sz);
+}

grub-core/lib/i386/relocator64.S

@@ -73,6 +73,14 @@ VARIABLE(grub_relocator64_rsp)
 
 	movq	%rax, %rsp
 
+	/*
+	 * Here is grub_relocator64_efi_start() entry point.
+	 * Following code is shared between grub_relocator64_efi_start()
+	 * and grub_relocator64_start().
+	 *
+	 * Think twice before changing anything below!!!
+	 */
+VARIABLE(grub_relocator64_efi_start)
 	/* mov imm64, %rax */
 	.byte 	0x48
 	.byte	0xb8
@@ -120,6 +128,9 @@ LOCAL(jump_addr):
 VARIABLE(grub_relocator64_rip)
 	.quad	0
 
+	/* Here grub_relocator64_efi_start() ends. Ufff... */
+VARIABLE(grub_relocator64_efi_end)
+
 #ifndef __x86_64__
 	.p2align	4
 LOCAL(gdt):

grub-core/lib/i386/xen/relocator.S

@@ -16,6 +16,8 @@
  *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include <grub/i386/memory.h>
+#include <grub/i386/types.h>
 #include <grub/symbol.h>
 #include <grub/xen.h>
 
@@ -23,78 +25,86 @@
 
 VARIABLE(grub_relocator_xen_remap_start)
 LOCAL(base):
-	/* mov imm32, %ebx */
+	/* Remap the remapper to it's new address. */
+	/* mov imm32, %ebx - %ebx: new virtual address of remapper */
 	.byte	0xbb
 VARIABLE(grub_relocator_xen_remapper_virt)
 	.long	0
 
-	/* mov imm32, %ecx */
+	/* mov imm32, %ecx - %ecx: low part of page table entry */
 	.byte	0xb9
 VARIABLE(grub_relocator_xen_remapper_map)
 	.long	0
 
-	/* mov imm32, %edx */
+	/* mov imm32, %edx  - %edx: high part of page table entry */
 	.byte	0xba
 VARIABLE(grub_relocator_xen_remapper_map_high)
 	.long	0
 
-	movl	%ebx, %ebp
+	movl	%ebx, %ebp	/* %ebx is clobbered by hypercall */
 
-	movl    $2, %esi
+	movl    $UVMF_INVLPG, %esi	/* esi: flags (inv. single entry) */
 	movl    $__HYPERVISOR_update_va_mapping, %eax
 	int     $0x82
 
 	movl	%ebp, %ebx
 	addl   $(LOCAL(cont) - LOCAL(base)), %ebx
 
-	jmp *%ebx
+	jmp *%ebx		/* Continue with new virtual address */
 
 LOCAL(cont):
-	xorl	%eax, %eax
-	movl	%eax, %ebp
+	/* Modify mappings of new page tables to be read-only. */
+	/* mov imm32, %eax */
+	.byte	0xb8
+VARIABLE(grub_relocator_xen_paging_areas_addr)
+	.long	0
+	movl	%eax, %ebx
 1:
+	movl	0(%ebx), %ebp	/* Get start pfn of the current area */
+	movl	GRUB_TARGET_SIZEOF_LONG(%ebx), %ecx	/* Get # of pg tables */
+	testl	%ecx, %ecx	/* 0 -> last area reached */
+	jz	3f
+	addl	$(2 * GRUB_TARGET_SIZEOF_LONG), %ebx
+	movl	%ebx, %esp	/* Save current area pointer */
 
+2:
+	movl	%ecx, %edi
 	/* mov imm32, %eax */
 	.byte	0xb8
 VARIABLE(grub_relocator_xen_mfn_list)
 	.long	0
-	movl	%eax, %edi
-	movl	%ebp, %eax
-	movl    0(%edi, %eax, 4), %ecx
-
-	/* mov imm32, %ebx */
-	.byte	0xbb
-VARIABLE(grub_relocator_xen_paging_start)
-	.long	0
-	shll	$12, %eax
-	addl	%eax, %ebx
+	movl    0(%eax, %ebp, 4), %ecx	/* mfn */
+	movl	%ebp, %ebx
+	shll	$PAGE_SHIFT, %ebx	/* virtual address (1:1 mapping) */
 	movl    %ecx, %edx
-	shll    $12,  %ecx
-	shrl    $20,  %edx
-	orl     $5, %ecx
-	movl    $2, %esi
+	shll    $PAGE_SHIFT,  %ecx	/* prepare pte low part */
+	shrl    $(32 - PAGE_SHIFT),  %edx	/* pte high part */
+	orl     $(GRUB_PAGE_PRESENT | GRUB_PAGE_USER), %ecx	/* pte low */
+	movl    $UVMF_INVLPG, %esi
 	movl    $__HYPERVISOR_update_va_mapping, %eax
-	int     $0x82
+	int     $0x82		/* parameters: eax, ebx, ecx, edx, esi */
 
-	incl	%ebp
-	/* mov imm32, %ecx */
-	.byte	0xb9
-VARIABLE(grub_relocator_xen_paging_size)
-	.long	0
-	cmpl	%ebp, %ecx
+	incl	%ebp		/* next pfn */
+	movl	%edi, %ecx
 
-	ja	1b
+	loop	2b
 
+	mov	%esp, %ebx	/* restore area poniter */
+	jmp	1b
+
+3:
+	/* Switch page tables: pin new L3 pt, load cr3, unpin old L3. */
 	/* mov imm32, %ebx */
 	.byte	0xbb
 VARIABLE(grub_relocator_xen_mmu_op_addr)
 	.long  0
-	movl   $3, %ecx
-	movl   $0, %edx
-	movl   $0x7FF0, %esi
+	movl   $3, %ecx		/* 3 mmu ops */
+	movl   $0, %edx		/* pdone (not used) */
+	movl   $DOMID_SELF, %esi
 	movl   $__HYPERVISOR_mmuext_op, %eax
 	int     $0x82
 
+	/* Continue in virtual kernel mapping. */
 	/* mov imm32, %eax */
 	.byte	0xb8
 VARIABLE(grub_relocator_xen_remap_continue)
@@ -102,6 +112,9 @@ VARIABLE(grub_relocator_xen_remap_continue)
 
 	jmp *%eax
 
+VARIABLE(grub_relocator_xen_paging_areas)
+	.long	0, 0, 0, 0, 0, 0, 0, 0
+
 VARIABLE(grub_relocator_xen_mmu_op)
 	.space 256
 
@@ -109,6 +122,7 @@ VARIABLE(grub_relocator_xen_remap_end)
 
 
 VARIABLE(grub_relocator_xen_start)
+	/* Unmap old remapper area. */
 	/* mov imm32, %eax */
 	.byte	0xb8
 VARIABLE(grub_relocator_xen_remapper_virt2)
@@ -116,14 +130,14 @@ VARIABLE(grub_relocator_xen_remapper_virt2)
 
 	movl    %eax, %edi
 
-	xorl    %ecx, %ecx
+	xorl    %ecx, %ecx	/* Invalid pte */
 	xorl    %edx, %edx
 
-	movl    $2, %esi
+	movl    $UVMF_INVLPG, %esi
 	movl    $__HYPERVISOR_update_va_mapping, %eax
 	int     $0x82
 
-
+	/* Prepare registers for starting kernel. */
 	/* mov imm32, %eax */
 	.byte	0xb8
 VARIABLE(grub_relocator_xen_stack)
@@ -145,6 +159,7 @@ VARIABLE(grub_relocator_xen_start_info)
 VARIABLE(grub_relocator_xen_entry_point)
 	.long	0
 
+	/* Now start the new kernel. */
 	jmp *%eax
 
 VARIABLE(grub_relocator_xen_end)

grub-core/lib/ieee1275/datetime.c

@@ -95,7 +95,7 @@ grub_get_datetime (struct grub_datetime *datetime)
 
   datetime->year = args.year;
   datetime->month = args.month;
-  datetime->day = args.day;
+  datetime->day = args.day + 1;
   datetime->hour = args.hour;
   datetime->minute = args.minute;
   datetime->second = args.second;
@@ -140,7 +140,7 @@ grub_set_datetime (struct grub_datetime *datetime)
 
   args.year = datetime->year;
   args.month = datetime->month;
-  args.day = datetime->day;
+  args.day = datetime->day - 1;
   args.hour = datetime->hour;
   args.minute = datetime->minute;
   args.second = datetime->second;

grub-core/lib/pbkdf2.c

@@ -31,7 +31,6 @@ GRUB_MOD_LICENSE ("GPLv2+");
    desired derived output length DKLEN.  Output buffer is DK which
    must have room for at least DKLEN octets.  The output buffer will
    be filled with the derived data.  */
-#pragma GCC diagnostic ignored "-Wunreachable-code"
 
 gcry_err_code_t
 grub_crypto_pbkdf2 (const struct gcry_md_spec *md,

grub-core/lib/progress.c

@@ -38,11 +38,17 @@ grub_file_progress_hook_real (grub_disk_addr_t sector __attribute__ ((unused)),
   grub_uint64_t now;
   static grub_uint64_t last_progress_update_time;
   grub_file_t file = data;
+  const char *e;
   file->progress_offset += length;
 
   if (call_depth)
     return;
 
+  e = grub_env_get ("enable_progress_indicator");
+  if (e && e[0] == '0') {
+    return;
+  }
+
   call_depth = 1;
   now = grub_get_time_ms ();
 

grub-core/lib/random.c

@@ -0,0 +1,120 @@
+/*
+ *  GRUB  --  GRand Unified Bootloader
+ *  Copyright (C) 2016 Free Software Foundation, Inc.
+ *
+ *  GRUB is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GRUB is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <grub/random.h>
+#include <grub/dl.h>
+#include <grub/lib/hexdump.h>
+#include <grub/command.h>
+#include <grub/mm.h>
+
+GRUB_MOD_LICENSE ("GPLv3+");
+
+grub_err_t
+grub_crypto_get_random (void *buffer, grub_size_t sz)
+{
+  /* This is an arbitrer between different methods.
+     TODO: Add more methods in the future.  */
+  /* TODO: Add some PRNG smartness to reduce damage from bad entropy. */
+  if (grub_crypto_arch_get_random (buffer, sz))
+    return GRUB_ERR_NONE;
+  return grub_error (GRUB_ERR_IO, "no random sources found");
+}
+
+static int
+get_num_digits (int val)
+{
+  int ret = 0;
+  while (val != 0)
+    {
+      ret++;
+      val /= 10;
+    }
+  if (ret == 0)
+    return 1;
+  return ret;
+}
+
+#pragma GCC diagnostic ignored "-Wformat-nonliteral"
+
+static grub_err_t
+grub_cmd_hexdump_random (grub_command_t cmd __attribute__ ((unused)), int argc, char **args)
+{
+  grub_size_t length = 64;
+  grub_err_t err;
+  void *buffer;
+  grub_uint8_t *ptr;
+  int stats[256];
+  int i, digits = 2;
+  char template[10];
+
+  if (argc >= 1)
+    length = grub_strtoull (args[0], 0, 0);
+
+  if (length == 0)
+    return grub_error (GRUB_ERR_BAD_ARGUMENT, "length pust be positive");
+
+  buffer = grub_malloc (length);
+  if (!buffer)
+    return grub_errno;
+
+  err = grub_crypto_get_random (buffer, length);
+  if (err)
+    {
+      grub_free (buffer);
+      return err;
+    }
+
+  hexdump (0, buffer, length);
+  grub_memset(stats, 0, sizeof(stats));
+  for (ptr = buffer; ptr < (grub_uint8_t *) buffer + length; ptr++)
+    stats[*ptr]++;
+  grub_printf ("Statistics:\n");
+  for (i = 0; i < 256; i++)
+    {
+      int z = get_num_digits (stats[i]);
+      if (z > digits)
+	digits = z;
+    }
+
+  grub_snprintf (template, sizeof (template), "%%0%dd ", digits);
+
+  for (i = 0; i < 256; i++)
+    {
+      grub_printf ("%s", template);//, stats[i]);
+      if ((i & 0xf) == 0xf)
+	grub_printf ("\n");
+    }
+
+  grub_free (buffer);
+
+  return 0;
+}
+
+static grub_command_t cmd;
+
+GRUB_MOD_INIT (random)
+{
+  cmd = grub_register_command ("hexdump_random", grub_cmd_hexdump_random,
+			      N_("[LENGTH]"),
+			      N_("Hexdump random data."));
+}
+
+GRUB_MOD_FINI (random)
+{
+  grub_unregister_command (cmd);
+}

grub-core/lib/relocator.c

@@ -736,26 +736,36 @@ malloc_in_range (struct grub_relocator *rel,
 	  }
 	isinsideafter = (!ncollisions && (nstarted || ((nlefto || nstartedfw) 
 						       && !nblockfw)));
-	if (!isinsidebefore && isinsideafter)
-	  starta = from_low_priv ? ALIGN_UP (events[j].pos, align)
-	    : ALIGN_DOWN (events[j].pos - size, align) + size;
-	if (isinsidebefore && !isinsideafter && from_low_priv)
-	  {
-	    target = starta;
-	    if (target < start)
-	      target = start;
-	    if (target + size <= end && target + size <= events[j].pos)
-	      /* Found an usable address.  */
-	      goto found;
-	  }
-	if (isinsidebefore && !isinsideafter && !from_low_priv)
-	  {
-	    target = starta - size;
-	    if (target > end - size)
-	      target = end - size;
-	    if (target >= start && target >= events[j].pos)
-	      goto found;
-	  }
+	if (from_low_priv) {
+	  if (!isinsidebefore && isinsideafter)
+	    starta = ALIGN_UP (events[j].pos, align);
+
+	  if (isinsidebefore && !isinsideafter)
+	    {
+	      target = starta;
+	      if (target < start)
+		target = start;
+	      if (target + size <= end && target + size <= events[j].pos)
+		/* Found an usable address.  */
+		goto found;
+	    }
+	} else {
+	  if (!isinsidebefore && isinsideafter)
+	    {
+	      if (events[j].pos >= size)
+		starta = ALIGN_DOWN (events[j].pos - size, align) + size;
+	      else
+		starta = 0;
+	    }
+	  if (isinsidebefore && !isinsideafter && starta >= size)
+	    {
+	      target = starta - size;
+	      if (target > end - size)
+		target = end - size;
+	      if (target >= start && target >= events[j].pos)
+		goto found;
+	    }
+	}
       }
   }
 

grub-core/lib/x86_64/efi/relocator.c

@@ -0,0 +1,80 @@
+/*
+ *  GRUB  --  GRand Unified Bootloader
+ *  Copyright (C) 2009  Free Software Foundation, Inc.
+ *  Copyright (C) 2016  Oracle and/or its affiliates. All rights reserved.
+ *
+ *  GRUB is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GRUB is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <grub/mm.h>
+#include <grub/misc.h>
+
+#include <grub/types.h>
+#include <grub/err.h>
+
+#include <grub/i386/relocator.h>
+#include <grub/relocator_private.h>
+
+extern grub_uint64_t grub_relocator64_rax;
+extern grub_uint64_t grub_relocator64_rbx;
+extern grub_uint64_t grub_relocator64_rcx;
+extern grub_uint64_t grub_relocator64_rdx;
+extern grub_uint64_t grub_relocator64_rip;
+extern grub_uint64_t grub_relocator64_rsi;
+
+extern grub_uint8_t grub_relocator64_efi_start;
+extern grub_uint8_t grub_relocator64_efi_end;
+
+#define RELOCATOR_SIZEOF(x)	(&grub_relocator##x##_end - &grub_relocator##x##_start)
+
+grub_err_t
+grub_relocator64_efi_boot (struct grub_relocator *rel,
+			   struct grub_relocator64_efi_state state)
+{
+  grub_err_t err;
+  void *relst;
+  grub_relocator_chunk_t ch;
+
+  /*
+   * 64-bit relocator code may live above 4 GiB quite well.
+   * However, I do not want ask for problems. Just in case.
+   */
+  err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
+					  0x100000000 - RELOCATOR_SIZEOF (64_efi),
+					  RELOCATOR_SIZEOF (64_efi), 16,
+					  GRUB_RELOCATOR_PREFERENCE_NONE, 1);
+  if (err)
+    return err;
+
+  /* Do not touch %rsp! It points to EFI created stack. */
+  grub_relocator64_rax = state.rax;
+  grub_relocator64_rbx = state.rbx;
+  grub_relocator64_rcx = state.rcx;
+  grub_relocator64_rdx = state.rdx;
+  grub_relocator64_rip = state.rip;
+  grub_relocator64_rsi = state.rsi;
+
+  grub_memmove (get_virtual_current_address (ch), &grub_relocator64_efi_start,
+		RELOCATOR_SIZEOF (64_efi));
+
+  err = grub_relocator_prepare_relocs (rel, get_physical_target_address (ch),
+				       &relst, NULL);
+  if (err)
+    return err;
+
+  ((void (*) (void)) relst) ();
+
+  /* Not reached.  */
+  return GRUB_ERR_NONE;
+}

grub-core/lib/x86_64/xen/relocator.S

@@ -16,94 +16,85 @@
  *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include <grub/x86_64/memory.h>
+#include <grub/x86_64/types.h>
 #include <grub/symbol.h>
 #include <grub/xen.h>
 
+/* Macro to load an imm64 value stored by the C-part into %rax: */
+#define MOV_IMM64_RAX(var) .byte 0x48, 0xb8; VARIABLE(var); .quad 0
+
 	.p2align	4	/* force 16-byte alignment */
 
 VARIABLE(grub_relocator_xen_remap_start)
 LOCAL(base):
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_remapper_virt)
-	.quad	0
+	/* Remap the remapper to it's new address. */
+	MOV_IMM64_RAX(grub_relocator_xen_remapper_virt)
 
-	movq    %rax, %rdi
-	movq    %rax, %rbx
+	movq    %rax, %rdi	/* %rdi: new virtual address of remapper */
+	movq    %rax, %rbx	/* Remember new virtual address */
 
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_remapper_map)
-	.quad	0
+	MOV_IMM64_RAX(grub_relocator_xen_remapper_map)
 
-	movq    %rax, %rsi
+	movq    %rax, %rsi	/* %rsi: page table entry */
 
-	movq    $2, %rdx
+	movq    $UVMF_INVLPG, %rdx	/* %rdx: flags (inv. single entry) */
 	movq    $__HYPERVISOR_update_va_mapping, %rax
-	syscall
+	syscall			/* Do the remap operation */
 
 	addq   $(LOCAL(cont) - LOCAL(base)), %rbx
 
-	jmp *%rbx
+	jmp *%rbx		/* Continue with new virtual address */
 
 LOCAL(cont):
-	
-	/* mov imm64, %rcx */
-	.byte 	0x48
-	.byte	0xb9
-VARIABLE(grub_relocator_xen_paging_size)
-	.quad	0
+	/* Modify mappings of new page tables to be read-only. */
+	MOV_IMM64_RAX(grub_relocator_xen_mfn_list)
 
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_paging_start)
-	.quad	0
+	movq	%rax, %rbx	/* %rbx is the base of the p2m list */
+	leaq	EXT_C(grub_relocator_xen_paging_areas) (%rip), %r8
 
-	movq	%rax, %r12
-
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_mfn_list)
-	.quad	0
-
-	movq	%rax, %rsi
 1:
+	movq	0(%r8), %r12	/* Get start pfn of the current area */
+	movq	GRUB_TARGET_SIZEOF_LONG(%r8), %rcx	/* Get # of pg tables */
+	testq	%rcx, %rcx	/* 0 -> last area reached */
+	jz	3f
+2:
 	movq	%r12, %rdi
-	movq    %rsi, %rbx
-	movq    0(%rsi), %rsi
-	shlq    $12,  %rsi
-	orq     $5, %rsi
-	movq    $2, %rdx
-	movq    %rcx, %r9
+	shlq	$PAGE_SHIFT, %rdi	/* virtual address (1:1 mapping) */
+	movq    (%rbx, %r12, 8), %rsi	/* mfn */
+	shlq    $PAGE_SHIFT,  %rsi
+	orq     $(GRUB_PAGE_PRESENT | GRUB_PAGE_USER), %rsi	/* Build pte */
+	movq    $UVMF_INVLPG, %rdx
+	movq    %rcx, %r9	/* %rcx clobbered by hypercall */
 	movq    $__HYPERVISOR_update_va_mapping, %rax
 	syscall
 
 	movq    %r9, %rcx
-	addq    $8, %rbx
-	addq    $4096, %r12
-	movq    %rbx, %rsi
+	incq	%r12		/* next pfn */
 
-	loop 1b
+	loop 2b
 
+	addq	$(2 * GRUB_TARGET_SIZEOF_LONG), %r8	/* next pg table area */
+	jmp	1b
+
+3:
+	/* Switch page tables: pin new L4 pt, load cr3, unpin old L4. */
 	leaq   EXT_C(grub_relocator_xen_mmu_op) (%rip), %rdi
-	movq   $3, %rsi
-	movq   $0, %rdx
-	movq   $0x7FF0, %r10
+	movq   $3, %rsi		/* 3 mmu ops */
+	movq   $0, %rdx		/* pdone (not used) */
+	movq   $DOMID_SELF, %r10
 	movq   $__HYPERVISOR_mmuext_op, %rax
 	syscall
 
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_remap_continue)
-	.quad	0
+	/* Continue in virtual kernel mapping. */
+	MOV_IMM64_RAX(grub_relocator_xen_remap_continue)
 
 	jmp *%rax
 
+VARIABLE(grub_relocator_xen_paging_areas)
+	/* array of start, size pairs, size 0 is end marker */
+	.quad	0, 0, 0, 0, 0, 0, 0, 0
+
 VARIABLE(grub_relocator_xen_mmu_op)
 	.space 256
 
@@ -111,46 +102,32 @@ VARIABLE(grub_relocator_xen_remap_end)
 
 
 VARIABLE(grub_relocator_xen_start)
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_remapper_virt2)
-	.quad	0
+	/* Unmap old remapper area. */
+	MOV_IMM64_RAX(grub_relocator_xen_remapper_virt2)
 
 	movq    %rax, %rdi
 
-	xorq    %rax, %rax
+	xorq    %rax, %rax	/* Invalid pte */
 	movq    %rax, %rsi
 
-	movq    $2, %rdx
+	movq    $UVMF_INVLPG, %rdx
 	movq    $__HYPERVISOR_update_va_mapping, %rax
 	syscall
 
-
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_stack)
-	.quad	0
+	/* Prepare registers for starting kernel. */
+	MOV_IMM64_RAX(grub_relocator_xen_stack)
 
 	movq	%rax, %rsp
 
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_start_info)
-	.quad	0
+	MOV_IMM64_RAX(grub_relocator_xen_start_info)
 
 	movq	%rax, %rsi
 
 	cld
 
-	/* mov imm64, %rax */
-	.byte 	0x48
-	.byte	0xb8
-VARIABLE(grub_relocator_xen_entry_point)
-	.quad	0
+	MOV_IMM64_RAX(grub_relocator_xen_entry_point)
 
+	/* Now start the new kernel. */
 	jmp *%rax
 
 VARIABLE(grub_relocator_xen_end)

grub-core/lib/xen/relocator.c

@@ -29,6 +29,11 @@
 
 typedef grub_addr_t grub_xen_reg_t;
 
+struct grub_relocator_xen_paging_area {
+  grub_xen_reg_t start;
+  grub_xen_reg_t size;
+} GRUB_PACKED;
+
 extern grub_uint8_t grub_relocator_xen_start;
 extern grub_uint8_t grub_relocator_xen_end;
 extern grub_uint8_t grub_relocator_xen_remap_start;
@@ -36,15 +41,16 @@ extern grub_uint8_t grub_relocator_xen_remap_end;
 extern grub_xen_reg_t grub_relocator_xen_stack;
 extern grub_xen_reg_t grub_relocator_xen_start_info;
 extern grub_xen_reg_t grub_relocator_xen_entry_point;
-extern grub_xen_reg_t grub_relocator_xen_paging_start;
-extern grub_xen_reg_t grub_relocator_xen_paging_size;
 extern grub_xen_reg_t grub_relocator_xen_remapper_virt;
 extern grub_xen_reg_t grub_relocator_xen_remapper_virt2;
 extern grub_xen_reg_t grub_relocator_xen_remapper_map;
 extern grub_xen_reg_t grub_relocator_xen_mfn_list;
+extern struct grub_relocator_xen_paging_area
+  grub_relocator_xen_paging_areas[XEN_MAX_MAPPINGS];
 extern grub_xen_reg_t grub_relocator_xen_remap_continue;
 #ifdef __i386__
 extern grub_xen_reg_t grub_relocator_xen_mmu_op_addr;
+extern grub_xen_reg_t grub_relocator_xen_paging_areas_addr;
 extern grub_xen_reg_t grub_relocator_xen_remapper_map_high;
 #endif
 extern mmuext_op_t grub_relocator_xen_mmu_op[3];
@@ -61,6 +67,7 @@ grub_relocator_xen_boot (struct grub_relocator *rel,
 {
   grub_err_t err;
   void *relst;
+  int i;
   grub_relocator_chunk_t ch, ch_tramp;
   grub_xen_mfn_t *mfn_list =
     (grub_xen_mfn_t *) grub_xen_start_page_addr->mfn_list;
@@ -77,8 +84,11 @@ grub_relocator_xen_boot (struct grub_relocator *rel,
   grub_relocator_xen_stack = state.stack;
   grub_relocator_xen_start_info = state.start_info;
   grub_relocator_xen_entry_point = state.entry_point;
-  grub_relocator_xen_paging_start = state.paging_start << 12;
-  grub_relocator_xen_paging_size = state.paging_size;
+  for (i = 0; i < XEN_MAX_MAPPINGS; i++)
+    {
+      grub_relocator_xen_paging_areas[i].start = state.paging_start[i];
+      grub_relocator_xen_paging_areas[i].size = state.paging_size[i];
+    }
   grub_relocator_xen_remapper_virt = remapper_virt;
   grub_relocator_xen_remapper_virt2 = remapper_virt;
   grub_relocator_xen_remap_continue = trampoline_virt;
@@ -88,10 +98,12 @@ grub_relocator_xen_boot (struct grub_relocator *rel,
   grub_relocator_xen_remapper_map_high = (mfn_list[remapper_pfn] >> 20);
   grub_relocator_xen_mmu_op_addr = (char *) &grub_relocator_xen_mmu_op
     - (char *) &grub_relocator_xen_remap_start + remapper_virt;
+  grub_relocator_xen_paging_areas_addr =
+    (char *) &grub_relocator_xen_paging_areas
+    - (char *) &grub_relocator_xen_remap_start + remapper_virt;
 #endif
 
-  grub_relocator_xen_mfn_list = state.mfn_list
-    + state.paging_start * sizeof (grub_addr_t);
+  grub_relocator_xen_mfn_list = state.mfn_list;
 
   grub_memset (grub_relocator_xen_mmu_op, 0,
 	       sizeof (grub_relocator_xen_mmu_op));
@@ -100,9 +112,9 @@ grub_relocator_xen_boot (struct grub_relocator *rel,
 #else
   grub_relocator_xen_mmu_op[0].cmd = MMUEXT_PIN_L4_TABLE;
 #endif
-  grub_relocator_xen_mmu_op[0].arg1.mfn = mfn_list[state.paging_start];
+  grub_relocator_xen_mmu_op[0].arg1.mfn = mfn_list[state.paging_start[0]];
   grub_relocator_xen_mmu_op[1].cmd = MMUEXT_NEW_BASEPTR;
-  grub_relocator_xen_mmu_op[1].arg1.mfn = mfn_list[state.paging_start];
+  grub_relocator_xen_mmu_op[1].arg1.mfn = mfn_list[state.paging_start[0]];
   grub_relocator_xen_mmu_op[2].cmd = MMUEXT_UNPIN_TABLE;
   grub_relocator_xen_mmu_op[2].arg1.mfn =
     mfn_list[grub_xen_start_page_addr->pt_base >> 12];