* [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime
@ 2022-09-06 11:59 Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 1/3] OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver load Ard Biesheuvel
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2022-09-06 11:59 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Yuan Yu, Laszlo Ersek, Gerd Hoffmann,
Pawel Polawski, Oliver Steffen, Jiewen Yao, Brian J . Johnson
Add some generic plumbing and wire it up for the QEMU based Ovmf
platform so that IPv4 and/or IPv6 networking can be turned off from the
QEMU command line.
This is a follow-up to Yuan's patch '[PATCH v1 0/2] Add support to
disable VirtIo net at runtime' which only targeted the virtio network
driver specifically.i
Changes since v2:
- implement Gerd's suggestion to use a DSC include file for network
component overrides
- add Laszlo's ack to patch #1
Changes since v1:
- instead of a NULL class library that calls the Exit() boot service
from its constructor, use a replacement for the UefiDriverEntryPoint
library
Cc: Yuan Yu <yuanyu@google.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Pawel Polawski <ppolawsk@redhat.com>
Cc: Oliver Steffen <osteffen@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Brian J. Johnson <brian.johnson@hpe.com>
Ard Biesheuvel (3):
OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver
load
OvmfPkg: gather common NetworkComponents overrides in .dsc.inc file
OvmfPkg: Allow runtime control of IPv4 and IPv6 support on QEMU
OvmfPkg/CloudHv/CloudHvX64.dsc | 12 +-
OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.c | 147 ++++++++++++++++++++
OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf | 57 ++++++++
OvmfPkg/Microvm/MicrovmX64.dsc | 12 +-
OvmfPkg/NetworkComponents.dsc.inc | 35 +++++
OvmfPkg/OvmfPkg.dec | 4 +
OvmfPkg/OvmfPkgIa32.dsc | 12 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 12 +-
OvmfPkg/OvmfPkgX64.dsc | 12 +-
9 files changed, 248 insertions(+), 55 deletions(-)
create mode 100644 OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.c
create mode 100644 OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf
create mode 100644 OvmfPkg/NetworkComponents.dsc.inc
--
2.35.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v3 1/3] OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver load
2022-09-06 11:59 [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Ard Biesheuvel
@ 2022-09-06 11:59 ` Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 2/3] OvmfPkg: gather common NetworkComponents overrides in .dsc.inc file Ard Biesheuvel
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2022-09-06 11:59 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Yuan Yu, Laszlo Ersek, Gerd Hoffmann,
Pawel Polawski, Oliver Steffen, Jiewen Yao, Brian J . Johnson
Add a new library that can be incorporated into any driver built from
source, and which permits loading of the driver to be inhibited based on
the value of a QEMU fw_cfg boolean variable. This will be used in a
subsequent patch to allow dispatch of the IPv4 and IPv6 network protocol
driver to be controlled from the QEMU command line.
This approach is based on the notion that all UEFI and DXE drivers share
a single UefiDriverEntryPoint implementation, which we can easily swap
out at build time with one that will abort execution based on the value
of some QEMU fw_cfg variable.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.c | 147 ++++++++++++++++++++
OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf | 57 ++++++++
OvmfPkg/OvmfPkg.dec | 4 +
3 files changed, 208 insertions(+)
diff --git a/OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.c b/OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.c
new file mode 100644
index 000000000000..6eaf0cfd16ad
--- /dev/null
+++ b/OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.c
@@ -0,0 +1,147 @@
+/** @file
+ Entry point to a EFI/DXE driver. This version is specific to QEMU, and ties
+ dispatch of the driver in question on the value of a QEMU fw_cfg boolean
+ variable which is referenced by name via a fixed pointer PCD.
+
+Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Uefi.h>
+
+#include <Protocol/LoadedImage.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/QemuFwCfgSimpleParserLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiDriverEntryPoint.h>
+
+/**
+ Unloads an image from memory.
+
+ This function is a callback that a driver registers to do cleanup
+ when the UnloadImage boot service function is called.
+
+ @param ImageHandle The handle to the image to unload.
+
+ @return Status returned by all unload().
+
+**/
+STATIC
+EFI_STATUS
+EFIAPI
+_DriverUnloadHandler (
+ EFI_HANDLE ImageHandle
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // If an UnloadImage() handler is specified, then call it
+ //
+ Status = ProcessModuleUnloadList (ImageHandle);
+
+ //
+ // If the driver specific unload handler does not return an error, then call
+ // all of the library destructors. If the unload handler returned an error,
+ // then the driver can not be unloaded, and the library destructors should
+ // not be called
+ //
+ if (!EFI_ERROR (Status)) {
+ ProcessLibraryDestructorList (ImageHandle, gST);
+ }
+
+ //
+ // Return the status from the driver specific unload handler
+ //
+ return Status;
+}
+
+/**
+ The entry point of PE/COFF Image for a DXE Driver, DXE Runtime Driver, or
+ UEFI Driver.
+
+ @param ImageHandle The image handle of the DXE Driver, DXE
+ Runtime Driver, or UEFI Driver.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The DXE Driver, DXE Runtime Driver, or
+ UEFI Driver exited normally.
+ @retval EFI_INCOMPATIBLE_VERSION _gUefiDriverRevision is greater than
+ SystemTable->Hdr.Revision.
+ @retval Other Return value from
+ ProcessModuleEntryPointList().
+
+**/
+EFI_STATUS
+EFIAPI
+_ModuleEntryPoint (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+ EFI_LOADED_IMAGE_PROTOCOL *LoadedImage;
+ RETURN_STATUS RetStatus;
+ BOOLEAN Enabled;
+
+ if (_gUefiDriverRevision != 0) {
+ //
+ // Make sure that the EFI/UEFI spec revision of the platform is >= EFI/UEFI
+ // spec revision of the driver
+ //
+ if (SystemTable->Hdr.Revision < _gUefiDriverRevision) {
+ return EFI_INCOMPATIBLE_VERSION;
+ }
+ }
+
+ //
+ // Call constructor for all libraries
+ //
+ ProcessLibraryConstructorList (ImageHandle, SystemTable);
+
+ //
+ // Install unload handler...
+ //
+ if (_gDriverUnloadImageCount != 0) {
+ Status = gBS->HandleProtocol (
+ ImageHandle,
+ &gEfiLoadedImageProtocolGuid,
+ (VOID **)&LoadedImage
+ );
+ ASSERT_EFI_ERROR (Status);
+ LoadedImage->Unload = _DriverUnloadHandler;
+ }
+
+ RetStatus = QemuFwCfgParseBool (
+ FixedPcdGetPtr (PcdEntryPointOverrideFwCfgVarName),
+ &Enabled);
+ if (!RETURN_ERROR (RetStatus) && !Enabled) {
+ //
+ // The QEMU fw_cfg variable tells us not to load this image. So abort.
+ //
+ Status = EFI_ABORTED;
+ } else {
+ //
+ // Call the driver entry point
+ //
+ Status = ProcessModuleEntryPointList (ImageHandle, SystemTable);
+ }
+
+ //
+ // If all of the drivers returned errors, or we if are aborting, then invoke
+ // all of the library destructors
+ //
+ if (EFI_ERROR (Status)) {
+ ProcessLibraryDestructorList (ImageHandle, SystemTable);
+ }
+
+ //
+ // Return the cumulative return status code from all of the driver entry
+ // points
+ //
+ return Status;
+}
diff --git a/OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf b/OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf
new file mode 100644
index 000000000000..263e00ceef66
--- /dev/null
+++ b/OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf
@@ -0,0 +1,57 @@
+## @file
+# Entry point to a EFI/DXE driver. This version is specific to QEMU, and ties
+# dispatch of the driver in question on the value of a QEMU fw_cfg boolean
+# variable which is referenced by name via a fixed pointer PCD.
+#
+# Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 1.29
+ BASE_NAME = UefiDriverEntryPointFwCfgOverrideLib
+ FILE_GUID = 73349b79-f148-43b8-b24e-9098a6f3e1db
+ MODULE_TYPE = UEFI_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = UefiDriverEntryPoint|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_DRIVER
+
+[Sources]
+ UefiDriverEntryPointFwCfgOverrideLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ DebugLib
+ QemuFwCfgSimpleParserLib
+ UefiBootServicesTableLib
+
+[Protocols]
+ gEfiLoadedImageProtocolGuid ## SOMETIMES_CONSUMES
+
+[FixedPcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdEntryPointOverrideFwCfgVarName
+
+#
+# For UEFI drivers, these architectural protocols defined in PI 1.0 spec need
+# to be appended and merged to the final dependency section.
+#
+[Depex.common.UEFI_DRIVER]
+ gEfiBdsArchProtocolGuid AND
+ gEfiCpuArchProtocolGuid AND
+ gEfiMetronomeArchProtocolGuid AND
+ gEfiMonotonicCounterArchProtocolGuid AND
+ gEfiRealTimeClockArchProtocolGuid AND
+ gEfiResetArchProtocolGuid AND
+ gEfiRuntimeArchProtocolGuid AND
+ gEfiSecurityArchProtocolGuid AND
+ gEfiTimerArchProtocolGuid AND
+ gEfiVariableWriteArchProtocolGuid AND
+ gEfiVariableArchProtocolGuid AND
+ gEfiWatchdogTimerArchProtocolGuid
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 5af76a540529..9816aa41377d 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -399,6 +399,10 @@ [PcdsFixedAtBuild]
## The Tdx accept page size. 0x1000(4k),0x200000(2M)
gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptPageSize|0x200000|UINT32|0x65
+ ## The QEMU fw_cfg variable that UefiDriverEntryPointFwCfgOverrideLib will
+ # check to decide whether to abort dispatch of the driver it is linked into.
+ gUefiOvmfPkgTokenSpaceGuid.PcdEntryPointOverrideFwCfgVarName|""|VOID*|0x68
+
[PcdsDynamic, PcdsDynamicEx]
gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
--
2.35.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v3 2/3] OvmfPkg: gather common NetworkComponents overrides in .dsc.inc file
2022-09-06 11:59 [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 1/3] OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver load Ard Biesheuvel
@ 2022-09-06 11:59 ` Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 3/3] OvmfPkg: Allow runtime control of IPv4 and IPv6 support on QEMU Ard Biesheuvel
2022-09-07 5:46 ` [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Gerd Hoffmann
3 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2022-09-06 11:59 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Yuan Yu, Laszlo Ersek, Gerd Hoffmann,
Pawel Polawski, Oliver Steffen, Jiewen Yao, Brian J . Johnson
All QEMU based OVMF platforms override the same set of network
components, to specify NULL library class resolutions that modify the
behavior of those components in a QEMU specific way.
Before adding more occurrences of that, let's drop those definitions in
a common include file.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
OvmfPkg/CloudHv/CloudHvX64.dsc | 12 +-----------
OvmfPkg/Microvm/MicrovmX64.dsc | 12 +-----------
OvmfPkg/NetworkComponents.dsc.inc | 17 +++++++++++++++++
OvmfPkg/OvmfPkgIa32.dsc | 12 +-----------
OvmfPkg/OvmfPkgIa32X64.dsc | 12 +-----------
OvmfPkg/OvmfPkgX64.dsc | 12 +-----------
6 files changed, 22 insertions(+), 55 deletions(-)
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index 0f0fc9a1de73..10b16104acd7 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -827,18 +827,8 @@ [Components]
# Network Support
#
!include NetworkPkg/NetworkComponents.dsc.inc
+!include OvmfPkg/NetworkComponents.dsc.inc
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf
- }
-
-!if $(NETWORK_TLS_ENABLE) == TRUE
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
- }
-!endif
OvmfPkg/VirtioNetDxe/VirtioNet.inf
!if $(TOOL_CHAIN_TAG) != "XCODE5"
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 52498bbe90a8..33d68a5493de 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -793,18 +793,8 @@ [Components]
# Network Support
#
!include NetworkPkg/NetworkComponents.dsc.inc
+!include OvmfPkg/NetworkComponents.dsc.inc
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf
- }
-
-!if $(NETWORK_TLS_ENABLE) == TRUE
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
- }
-!endif
OvmfPkg/VirtioNetDxe/VirtioNet.inf
#
diff --git a/OvmfPkg/NetworkComponents.dsc.inc b/OvmfPkg/NetworkComponents.dsc.inc
new file mode 100644
index 000000000000..85a165391655
--- /dev/null
+++ b/OvmfPkg/NetworkComponents.dsc.inc
@@ -0,0 +1,17 @@
+##
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+!if $(NETWORK_ENABLE) == TRUE
+ NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {
+ <LibraryClasses>
+ NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf
+ }
+
+ !if $(NETWORK_TLS_ENABLE) == TRUE
+ NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
+ <LibraryClasses>
+ NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
+ }
+ !endif
+!endif
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 367ddeb2da5f..55283b19738b 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -879,18 +879,8 @@ [Components]
# Network Support
#
!include NetworkPkg/NetworkComponents.dsc.inc
+!include OvmfPkg/NetworkComponents.dsc.inc
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf
- }
-
-!if $(NETWORK_TLS_ENABLE) == TRUE
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
- }
-!endif
OvmfPkg/VirtioNetDxe/VirtioNet.inf
#
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 37c4c2fadca4..daf08e5fd172 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -893,18 +893,8 @@ [Components.X64]
# Network Support
#
!include NetworkPkg/NetworkComponents.dsc.inc
+!include OvmfPkg/NetworkComponents.dsc.inc
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf
- }
-
-!if $(NETWORK_TLS_ENABLE) == TRUE
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
- }
-!endif
OvmfPkg/VirtioNetDxe/VirtioNet.inf
#
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index bd1a104608ca..f3fe4babbff1 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -961,18 +961,8 @@ [Components]
# Network Support
#
!include NetworkPkg/NetworkComponents.dsc.inc
+!include OvmfPkg/NetworkComponents.dsc.inc
- NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/PxeBcPcdProducerLib/PxeBcPcdProducerLib.inf
- }
-
-!if $(NETWORK_TLS_ENABLE) == TRUE
- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
- <LibraryClasses>
- NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
- }
-!endif
OvmfPkg/VirtioNetDxe/VirtioNet.inf
#
--
2.35.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v3 3/3] OvmfPkg: Allow runtime control of IPv4 and IPv6 support on QEMU
2022-09-06 11:59 [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 1/3] OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver load Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 2/3] OvmfPkg: gather common NetworkComponents overrides in .dsc.inc file Ard Biesheuvel
@ 2022-09-06 11:59 ` Ard Biesheuvel
2022-09-07 5:46 ` [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Gerd Hoffmann
3 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2022-09-06 11:59 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Yuan Yu, Laszlo Ersek, Gerd Hoffmann,
Pawel Polawski, Oliver Steffen, Jiewen Yao, Brian J . Johnson
Wire up the newly added UefiDriverEntrypoint in a way that ties dispatch
of the Ip4Dxe and Ip6Dxe drivers to QEMU fw_cfg variables
'opt/org.tianocore/IPv4Support' and 'opt/org.tianocore/IPv6Support'
respectively.
Setting both variables to 'n' disables IP based networking entirely,
without the need for additional code changes at the NIC driver or
network boot protocol level.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
OvmfPkg/NetworkComponents.dsc.inc | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/OvmfPkg/NetworkComponents.dsc.inc b/OvmfPkg/NetworkComponents.dsc.inc
index 85a165391655..713eec7dd1ce 100644
--- a/OvmfPkg/NetworkComponents.dsc.inc
+++ b/OvmfPkg/NetworkComponents.dsc.inc
@@ -14,4 +14,22 @@
NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
}
!endif
+
+ !if $(NETWORK_IP4_ENABLE) == TRUE
+ NetworkPkg/Ip4Dxe/Ip4Dxe.inf {
+ <LibraryClasses>
+ UefiDriverEntryPoint|OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf
+ <PcdsFixedAtBuild>
+ gUefiOvmfPkgTokenSpaceGuid.PcdEntryPointOverrideFwCfgVarName|"opt/org.tianocore/IPv4Support"
+ }
+ !endif
+
+ !if $(NETWORK_IP6_ENABLE) == TRUE
+ NetworkPkg/Ip6Dxe/Ip6Dxe.inf {
+ <LibraryClasses>
+ UefiDriverEntryPoint|OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf
+ <PcdsFixedAtBuild>
+ gUefiOvmfPkgTokenSpaceGuid.PcdEntryPointOverrideFwCfgVarName|"opt/org.tianocore/IPv6Support"
+ }
+ !endif
!endif
--
2.35.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime
2022-09-06 11:59 [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Ard Biesheuvel
` (2 preceding siblings ...)
2022-09-06 11:59 ` [PATCH v3 3/3] OvmfPkg: Allow runtime control of IPv4 and IPv6 support on QEMU Ard Biesheuvel
@ 2022-09-07 5:46 ` Gerd Hoffmann
2022-09-08 11:31 ` Laszlo Ersek
3 siblings, 1 reply; 6+ messages in thread
From: Gerd Hoffmann @ 2022-09-07 5:46 UTC (permalink / raw)
To: Ard Biesheuvel
Cc: devel, Yuan Yu, Laszlo Ersek, Pawel Polawski, Oliver Steffen,
Jiewen Yao, Brian J . Johnson
On Tue, Sep 06, 2022 at 01:59:23PM +0200, Ard Biesheuvel wrote:
> Add some generic plumbing and wire it up for the QEMU based Ovmf
> platform so that IPv4 and/or IPv6 networking can be turned off from the
> QEMU command line.
>
> This is a follow-up to Yuan's patch '[PATCH v1 0/2] Add support to
> disable VirtIo net at runtime' which only targeted the virtio network
> driver specifically.i
>
> Changes since v2:
> - implement Gerd's suggestion to use a DSC include file for network
> component overrides
> - add Laszlo's ack to patch #1
>
> Changes since v1:
> - instead of a NULL class library that calls the Exit() boot service
> from its constructor, use a replacement for the UefiDriverEntryPoint
> library
>
> Cc: Yuan Yu <yuanyu@google.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Pawel Polawski <ppolawsk@redhat.com>
> Cc: Oliver Steffen <osteffen@redhat.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Brian J. Johnson <brian.johnson@hpe.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
take care,
Gerd
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime
2022-09-07 5:46 ` [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Gerd Hoffmann
@ 2022-09-08 11:31 ` Laszlo Ersek
0 siblings, 0 replies; 6+ messages in thread
From: Laszlo Ersek @ 2022-09-08 11:31 UTC (permalink / raw)
To: Gerd Hoffmann, Ard Biesheuvel
Cc: devel, Yuan Yu, Pawel Polawski, Oliver Steffen, Jiewen Yao,
Brian J . Johnson
On 09/07/22 07:46, Gerd Hoffmann wrote:
> On Tue, Sep 06, 2022 at 01:59:23PM +0200, Ard Biesheuvel wrote:
>> Add some generic plumbing and wire it up for the QEMU based Ovmf
>> platform so that IPv4 and/or IPv6 networking can be turned off from the
>> QEMU command line.
>>
>> This is a follow-up to Yuan's patch '[PATCH v1 0/2] Add support to
>> disable VirtIo net at runtime' which only targeted the virtio network
>> driver specifically.i
>>
>> Changes since v2:
>> - implement Gerd's suggestion to use a DSC include file for network
>> component overrides
>> - add Laszlo's ack to patch #1
>>
>> Changes since v1:
>> - instead of a NULL class library that calls the Exit() boot service
>> from its constructor, use a replacement for the UefiDriverEntryPoint
>> library
>>
>> Cc: Yuan Yu <yuanyu@google.com>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Cc: Pawel Polawski <ppolawsk@redhat.com>
>> Cc: Oliver Steffen <osteffen@redhat.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Brian J. Johnson <brian.johnson@hpe.com>
>
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
I'm happy to defer to Gerd on the DSC management :)
Laszo
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-09-08 11:32 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-09-06 11:59 [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 1/3] OvmfPkg: Introduce alternate UefiDriverEntrypoint to inhibit driver load Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 2/3] OvmfPkg: gather common NetworkComponents overrides in .dsc.inc file Ard Biesheuvel
2022-09-06 11:59 ` [PATCH v3 3/3] OvmfPkg: Allow runtime control of IPv4 and IPv6 support on QEMU Ard Biesheuvel
2022-09-07 5:46 ` [PATCH v3 0/3] Ovmf: Allow IPv4 and IPv6 to be disabled at runtime Gerd Hoffmann
2022-09-08 11:31 ` Laszlo Ersek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox