From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67])
 by mx.groups.io with SMTP id smtpd.web12.1192.1582746228971129793
 for <devel@edk2.groups.io>;
 Wed, 26 Feb 2020 11:43:49 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=ivEMfe37;
 spf=pass (domain: linaro.org, ip: 209.85.128.67, mailfrom: ard.biesheuvel@linaro.org)
Received: by mail-wm1-f67.google.com with SMTP id p17so601827wma.1
        for <devel@edk2.groups.io>; Wed, 26 Feb 2020 11:43:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=from:to:cc:subject:date:message-id;
        bh=GDDXGvbgDLR3ZFRnax/BCJJhaGT2oPV/afP9k+2LMEo=;
        b=ivEMfe37iVe8eB9rF/gC4CdDtTL4BfBJhL2N+tbkW9eAIgd5jWCYmU8X08fFxqvhpN
         WSSr08K+PUdJjDhgPDCD1MbzPljW0jWZtwcsXWyEilrjU13RyPEvgGMBEA1/5h6kbopU
         n2LlrVciKoDP+uB1f7295dRbTDoSzdUz+oDhWxYZrNCGlSv++1oQBSTVaEoNusvRRbKL
         8nZHVlwj7o9QZRLVnygtEJ2f0aVX7Kn25X6+u/w1jeZ2NuwlUEVsjfzluV1kPhlWZy2M
         Js0yWh6mFKmLLUSoauhU59EB4shvKlDD49nT2RonFCYdGzyiAs2iwqSUUtxipr8HQDdY
         goYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=GDDXGvbgDLR3ZFRnax/BCJJhaGT2oPV/afP9k+2LMEo=;
        b=ojTRmodUCOzp7cA8dcpyDkYp7ylYLpke4Kfzq9WgyzCtGV2XeRkKVSUhuKvrm5zdqO
         /tNcDSLuYYHpHbbp0xHV7XhgkfNaCnNy8Ajj0YbkwX+gEb/tS/RpTAsJpYylvOVdwloW
         /AoiZWA8/uX20Sn+9WSBzPZZVeWq4vGWCbFvAOXdeZkxJx+0LKs7BcK7oTKYWWfAr3tG
         bHdzOCXugb1sHgkWPTuPjAixJ3uEOVK7UzH1s96txw6YDfv+4TrbhXDT6dpAIYsJW26V
         qWCiDyU1khhUbgU5fOtSLkN4zfYQH5PL5rN9Ei+0N9aS/OK3rema68Jo7gsbgVvghieE
         nzFg==
X-Gm-Message-State: APjAAAW6C/Uu5zr2InFU4bKQ8Wsr4qpG8eJsIh0nJo3p1AsUyOL2DL7Y
	PfClUGSQcZSimd3BegtE6/CiD8DxvD2jBA==
X-Google-Smtp-Source: APXvYqwdkOOCbaXA8MXvHXO6eib2ZRX8igZ5zA0qygR0zD/RAoOIl2Z55DEGW+x8LpAPpQLOdC6PuQ==
X-Received: by 2002:a1c:dfd6:: with SMTP id w205mr471999wmg.151.1582746227034;
        Wed, 26 Feb 2020 11:43:47 -0800 (PST)
Return-Path: <ard.biesheuvel@linaro.org>
Received: from e123331-lin.home ([2a01:cb1d:112:6f00:816e:ff0d:fb69:f613])
        by smtp.gmail.com with ESMTPSA id c9sm4235162wmc.47.2020.02.26.11.43.45
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 26 Feb 2020 11:43:46 -0800 (PST)
From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	lersek@redhat.com,
	leif@nuviainc.com,
	michael.d.kinney@intel.com,
	jian.j.wang@intel.com,
	hao.a.wu@intel.com,
	ray.ni@intel.com,
	zhichao.gao@intel.com
Subject: [PATCH v3 0/6] OvmfPkg: implement initrd shell command and mixed mode loader
Date: Wed, 26 Feb 2020 20:43:37 +0100
Message-Id: <20200226194343.2985-1-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.17.1

This is tagged as a v2 since it is a followup to a couple of patches [0][1]
that have already been sent to the list.

This series is part of my effort to define a generic EFI boot protocol for
Linux, i.e,. one that is the same across all different architectures that
are able to boot Linux from EFI, and naturally reused the firmware's
infrastructure for authenticated boot and measured boot.

Path #1 ... #4 implement the 'initrd' dynamic shell command, which takes a
file and exposes it via the LoadFile2 protocol installed on a vendor media
device path with guid LINUX_EFI_INITRD_MEDIA_GUID. This is a Linux specific,
but arch-agnostic way for the OS loader to load an initial ramdisk, while
leaving the firmware (or bootloader) in charge of where the file contents
are served from. This supersedes the currently existing solutions on Linux,
which are either limited to loading from the same volume that the OS loader
was loaded from, or load the initrd into memory first, and use architecture
specific data structures to pass on the information regarding base and size.

Patch #5 is an update to the integration of the PE/COFF emulator protocol,
to align it more closely with how LoadImage() and StartImage() behave today:
LoadImage() is not restricted to images that can execute natively on the
platform, but also permits loading of cross-type supported images. This means
that any judgement on whether an image can be *started* needs to be deferred
until StartImage(), which is why the invocation of the RegisterImage()
callback needs to be deferred as well.

Patch #6 implements the PE/COFF emulator protocol so it can start X64 images
that have been loaded on IA32 firmware. This is needed for Linux's so-called
'mixed mode', which is an elaborate scheme of on-the-fly translation of data
structures and thunking into 32-bit compat mode, allowing X64 Linux kernels
to be used on X64 capable hardware that shipped with IA32 firmware. This
needs support from the loader, and is currently implemented in GRUB (and
OVMF's command line kernel loader) using the EFI handover protocol, which
relies far too much on knowledge of kernel internal data structures, and
circumvents LoadImage and StartImage entirely.
(Note: mixed mode support is mainly targeted at cheap Atom tablets that
shipped with a [cheaper] 32-bit version of Windows, and so this particular
patch is unlikely to help that use case, but it is useful for validation.)

With these changes in place, we can boot x86 mixed-mode Linux straight from
the UEFI Shell

Shell>initrd fs0:\initrd.img
Shell>fs0:\bzImage root=/dev/vda2

Another benefit of this approach is that we can exit cleanly from the loader
(and back to the shell) using the Exit() boot service if any errors occur,
whereas the EFI handover protocol enters a deadloop upon any error that
occurs during execution of the EFI stub.

Changes since v2:
- incorporate Laszlo's feedback, and add R-b's - I have incorporated all the
  feedback given, except for the structure of the shell command implementation:
  it is not my preferred style, but it is correct, and idiomatic for the shell
  commands I could find in the tree.

Changes from v1:
- Use a dynamic UEFI shell command, which is the recommended way of implementing
  new shell commands that are not covered by the UEFI shell specification. It
  also makes the command more easily usable on existing platforms, since the
  driver can be loaded as an ordinary driver.
- split initrd patch into 4, as requested by Laszlo
- add patch to tweak the LoadImage/StartImage behavior wrt the PE/COFF emulator
  protocol
- return EFI_UNSUPPORTED from PeCoffEmu::RegisterImage() if the image does not
  have the required .compat section

[0] https://edk2.groups.io/g/devel/topic/rfc_patch_1_1_ovmfpkg_add/71177416
[1] https://edk2.groups.io/g/devel/topic/patch_1_1_ovmfpkg_ia32_add/71272266

v2: https://edk2.groups.io/g/devel/topic/patch_v2_0_6_ovmfpkg/71530294

Cc: lersek@redhat.com
Cc: leif@nuviainc.com
Cc: michael.d.kinney@intel.com
Cc: jian.j.wang@intel.com
Cc: hao.a.wu@intel.com
Cc: ray.ni@intel.com
Cc: zhichao.gao@intel.com

Ard Biesheuvel (6):
  OvmfPkg: add definition of LINUX_EFI_INITRD_MEDIA_GUID
  OvmfPkg: add 'initrd' shell command to expose Linux initrd via device
    path
  ArmVirtPkg: add the 'initrd' dynamic shell command
  OvmfPkg: add the 'initrd' dynamic shell command
  MdeModulePkg/DxeCore: defer PE/COFF emulator registration to
    StartImage
  OvmfPkg IA32: add support for loading X64 images

 ArmVirtPkg/ArmVirt.dsc.inc                    |   4 +
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc          |   1 +
 ArmVirtPkg/ArmVirtXen.fdf                     |   1 +
 MdeModulePkg/Core/Dxe/Image/Image.c           |  24 +-
 .../CompatImageLoaderDxe.c                    | 139 ++++++
 .../CompatImageLoaderDxe.inf                  |  36 ++
 OvmfPkg/Include/Guid/LinuxEfiInitrdMedia.h    |  17 +
 .../LinuxInitrdDynamicShellCommand.c          | 429 ++++++++++++++++++
 .../LinuxInitrdDynamicShellCommand.inf        |  53 +++
 .../LinuxInitrdDynamicShellCommand.uni        |  49 ++
 OvmfPkg/OvmfPkg.dec                           |   1 +
 OvmfPkg/OvmfPkgIa32.dsc                       |   9 +
 OvmfPkg/OvmfPkgIa32.fdf                       |   5 +
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   4 +
 OvmfPkg/OvmfPkgIa32X64.fdf                    |   1 +
 OvmfPkg/OvmfPkgX64.dsc                        |   4 +
 OvmfPkg/OvmfPkgX64.fdf                        |   1 +
 OvmfPkg/OvmfXen.dsc                           |   4 +
 OvmfPkg/OvmfXen.fdf                           |   1 +
 19 files changed, 772 insertions(+), 11 deletions(-)
 create mode 100644 OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.c
 create mode 100644 OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf
 create mode 100644 OvmfPkg/Include/Guid/LinuxEfiInitrdMedia.h
 create mode 100644 OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.c
 create mode 100644 OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
 create mode 100644 OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.uni

-- 
2.17.1