From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41])
 by mx.groups.io with SMTP id smtpd.web11.11030.1583134183801204287
 for <devel@edk2.groups.io>;
 Sun, 01 Mar 2020 23:29:44 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=qY4OeD/9;
 spf=pass (domain: linaro.org, ip: 209.85.221.41, mailfrom: ard.biesheuvel@linaro.org)
Received: by mail-wr1-f41.google.com with SMTP id l5so11140074wrx.4
        for <devel@edk2.groups.io>; Sun, 01 Mar 2020 23:29:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=from:to:cc:subject:date:message-id;
        bh=INLx8XL6Iykd9EPwTyEVg6weZSbJiYauMf2pKq9jxNk=;
        b=qY4OeD/9xZoZjfJ8nPgaP1bewDtlOoiW0BbrDEXOAAfIrANPPR3mxON4MJvdBZA3TO
         zUvAYozM91vEblUH17Yk0G/dLejo+DQAszSqSDbii3muYiLreHwBagbUqQFHDSTqRFzt
         XrHUrgr+X+cGViLdWAOW2GmaFu60IXgtGzDkCF8bo8FCokJse7NffSnelulBQHJeyd6H
         gVKQImTAK/YxJXyvHcReVQwUkVKJXDbkAmEtihXAoQ5cgtEfQKhiYncYyMYpS2+p2NAv
         L4I6kHAHRRznu9qhVnvtWodbiDO4Anf1OVznqlSks8so/fd3qt7uYCoD/xP0uK8fIpwv
         Sh4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=INLx8XL6Iykd9EPwTyEVg6weZSbJiYauMf2pKq9jxNk=;
        b=RV6DElMdN/D6n1YzCTCHShib84D/oFrlHH7d1yBVXEpYr5XFbr8YpaEEYFogSVcA9T
         BMafBpC4AyD1CrXYBYeBzzVFk53SUAsSSzpgZPq/pgTQDT7psSwgLSpObmomzfRAbo4P
         iyjFEekGSeapzjoI7GUD3DvfFeggpwxzk1w9LqfGUGOwvs97/+a6Aoyz4CBdSy4ZbZyz
         KXjER7T7ROTuKPqvypKLnkYpAhmCAj4artOkcjWL2VWb50WDjxmdydir7/PjaTYeYOJe
         xGLv0Yx1g2KWxKupjPHMi5kEJJZt/LePushaUTpd6UNtgv3j6uWgcJmdRoIS9Q0AQk/F
         35FQ==
X-Gm-Message-State: ANhLgQ0Mx9/rGYhuyaHs3BE0+iFOyYjADk//K5JHFPaBlsGR/+BBQWr0
	0uog9TvNhj4w2rDAZukwOkV1zANbgxx23g==
X-Google-Smtp-Source: ADFU+vvBb44a4YMyqkj5bITH06rvvby8xPaOUzwWAL+rPOxnLlN4q0fkB0oFygxSe6JsKnmqxgxMRQ==
X-Received: by 2002:adf:ea87:: with SMTP id s7mr11982486wrm.12.1583134181839;
        Sun, 01 Mar 2020 23:29:41 -0800 (PST)
Return-Path: <ard.biesheuvel@linaro.org>
Received: from e123331-lin.home ([2a01:cb1d:112:6f00:816e:ff0d:fb69:f613])
        by smtp.gmail.com with ESMTPSA id z131sm6347153wmg.25.2020.03.01.23.29.40
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 01 Mar 2020 23:29:40 -0800 (PST)
From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
To: devel@edk2.groups.io
Cc: lersek@redhat.com,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Arvind Sankar <nivedita@alum.mit.edu>
Subject: [PATCH 00/13] Ovmf: use LoadImage/StartImage for loading command line images
Date: Mon,  2 Mar 2020 08:29:23 +0100
Message-Id: <20200302072936.29221-1-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.17.1

On ArmVirtQemu, we require the kernel passed via the QEMU -kernel option
to have a PE/COFF header and an EFI stub, so that it can be loaded and
started using the LoadImage and StartImage boot services, respectively.
This means that, on builds that enable secure boot or measured boot, the
kernel image gets authenticated and/or measured as well.

On X86, for historical reasons, we never use LoadImage or StartImage, which
means that:
- kernel images are never authenticated or measured,
- calling Exit() from within the boot stub will attempt tp terminate the
  calling image, which is likely to end badly.

So instead, split and generalize the code that exists today for ArmVirtQemu,
and wire it up for x86 so that LoadImage and StartImage are used unless
there is a true need for the special Linux boot protocol.

The first 6 patches are only intended to be a refactoring of the existing
code, and should not result in any functional changes for either ArmVirtQemu
or OVMF.

Patch #12 adds the new Linux specific initrd loadfile2 protocol that aims
to simplify initrd loading from Linux when booting via the PE stub.

Patch #13 is optional, and disables the Linux loader fallback on builds that
have secure boot enabled.

Code can be found here:
https://github.com/ardbiesheuvel/edk2/tree/ovmf-loadimage-startimage-v1

Cc: Arvind Sankar <nivedita@alum.mit.edu>

Ard Biesheuvel (13):
  OvmfPkg: add GUID for the QEMU kernel loader fs media device path
  OvmfPkg: export abstract QEMU blob filesystem in standalone driver
  OvmfPkg: introduce QemuLoadImageLib library class
  OvmfPkg: provide a generic implementation of QemuLoadImageLib
  ArmVirtPkg: incorporate the new QEMU kernel loader driver and library
  ArmVirtPkg/PlatformBootManagerLib: switch to separate QEMU loader
  OvmfPkg/QemuKernelLoaderFsDxe: don't expose kernel command line
  OvmfPkg/QemuKernelLoaderFsDxe: add support for the kernel setup block
  OvmfPkg: implement QEMU loader library for X86 with legacy fallback
  OvmfPkg: add new QEMU kernel image loader components
  OvmfPkg/PlatformBootManagerLib: switch to QemuLoadImageLib
  OvmfPkg/QemuKernelLoaderFsDxe: add support for new Linux initrd device
    path
  OvmfPkg: use generic QEMU image loader for secure boot enabled builds

 ArmVirtPkg/ArmVirtQemu.dsc                    |    2 +
 ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc          |    1 +
 ArmVirtPkg/ArmVirtQemuKernel.dsc              |    2 +
 .../PlatformBootManagerLib.inf                |    8 +-
 .../PlatformBootManagerLib/QemuKernel.c       | 1052 +----------------
 .../Include/Guid/QemuKernelLoaderFsMedia.h    |   18 +
 OvmfPkg/Include/Library/QemuLoadImageLib.h    |   78 ++
 .../GenericQemuLoadImageLib.c                 |  253 ++++
 .../GenericQemuLoadImageLib.inf               |   39 +
 .../PlatformBootManagerLib.inf                |    2 +-
 .../PlatformBootManagerLib/QemuKernel.c       |  157 +--
 .../X86QemuLoadImageLib/X86QemuLoadImageLib.c |  562 +++++++++
 .../X86QemuLoadImageLib.inf                   |   42 +
 OvmfPkg/OvmfPkg.dec                           |    7 +
 OvmfPkg/OvmfPkgIa32.dsc                       |    6 +
 OvmfPkg/OvmfPkgIa32.fdf                       |    1 +
 OvmfPkg/OvmfPkgIa32X64.dsc                    |    6 +
 OvmfPkg/OvmfPkgIa32X64.fdf                    |    1 +
 OvmfPkg/OvmfPkgX64.dsc                        |    6 +
 OvmfPkg/OvmfPkgX64.fdf                        |    1 +
 .../QemuKernelLoaderFsDxe.c                   |  362 +++---
 .../QemuKernelLoaderFsDxe.inf                 |   50 +
 22 files changed, 1268 insertions(+), 1388 deletions(-)
 create mode 100644 OvmfPkg/Include/Guid/QemuKernelLoaderFsMedia.h
 create mode 100644 OvmfPkg/Include/Library/QemuLoadImageLib.h
 create mode 100644 OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
 create mode 100644 OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf
 create mode 100644 OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
 create mode 100644 OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
 copy ArmVirtPkg/Library/PlatformBootManagerLib/QemuKernel.c => OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c (77%)
 create mode 100644 OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf

-- 
2.17.1