From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f68.google.com (mail-wm1-f68.google.com [209.85.128.68]) by mx.groups.io with SMTP id smtpd.web12.8977.1583314204402836533 for ; Wed, 04 Mar 2020 01:30:04 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=Ec1Og4uQ; spf=pass (domain: linaro.org, ip: 209.85.128.68, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wm1-f68.google.com with SMTP id m3so1089733wmi.0 for ; Wed, 04 Mar 2020 01:30:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2BPevE740m7aup68bVLyKbuq/PaCz1XLDh00rLQYhfQ=; b=Ec1Og4uQaVt5U9yMjJk6SwwriCwIso6j7UvhMm4EwRQ6vvKj04Q4uJkLoVFnDsypMD +wNI2EvLqsh2/1TDklzAN2wm8XUllglRFOOOMReY2Hf8BCOiifzW8A7C60OBG+YSHITy aRS7YaH6dEXIRekxpqqIeXvvHJJ4IVO5YByJzBiCDhI0OcFIRWlfQvzP+7TZmySlgi3S +u3Tm1VzxPAxwEINWs04UoGAzckIMF53emWJM4RoSsy2UZe2GLcTN7eGGbVCE/HN5VWQ 9Fjvihik7Z6jumgKEVsOV25S4CeaR9KNTUT7pmmN8a/kuuDjjU+UwsXRwt5BARMJP2KK cCpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2BPevE740m7aup68bVLyKbuq/PaCz1XLDh00rLQYhfQ=; b=AiTfcLPQB3+rAxaYKzyXLm7hSJBzeUWgymbW2jiOlfVHU9lU72VSBtGaP5o5zVpDQO TqULgI1Zt9HnSLBH2kzOq3k0zINo75bJ/YvRRsHqcSpotAiXLH35LH2rzxqBsy1Pc7bx 7zmnea3UPdR6+f6oviU1RjXOOLmPmVTjiZR4RY4eWHeKiY09wugb2RPGG1gLT1PyPNPK eUS9ulbvJeLSrN/PYaMmPUhbdS72B0Jml3DwTYj7Q/7QERdISM2wnh2fG7MFQifjLlu6 /+Eyg3/td4PMHIFXgfDnKJqXzw+F4vbKAeb9dFZLOpFscdPiCRqfTI1cCxZw8O5WxrQS pHeg== X-Gm-Message-State: ANhLgQ1W6lazfS/wLOXck+5ufQD3vp9UZ6vzOyTQHaL072fDnOXgAypS cCjaxctYnjss7tnn80AjqWzNMyqjfZdsWAkf24avH2i4tHM44A== X-Google-Smtp-Source: ADFU+vuQYK+HyloEY/LyFpw1/O/uI680BbxNY9N6oD3cOnyjt/G4F1B++tff47/8rfZnDPgdJ9oA5KngTDNpaXAJpbM= X-Received: by 2002:a05:600c:24b:: with SMTP id 11mr2705535wmj.1.1583314202476; Wed, 04 Mar 2020 01:30:02 -0800 (PST) MIME-Version: 1.0 References: <20200303140117.7288-1-ard.biesheuvel@linaro.org> In-Reply-To: <20200303140117.7288-1-ard.biesheuvel@linaro.org> From: "Ard Biesheuvel" Date: Wed, 4 Mar 2020 10:29:51 +0100 Message-ID: Subject: Re: [PATCH v4 0/7] OvmfPkg: implement initrd shell command and mixed mode loader To: edk2-devel-groups-io Cc: Laszlo Ersek , Leif Lindholm , Liming Gao Content-Type: text/plain; charset="UTF-8" On Tue, 3 Mar 2020 at 15:01, Ard Biesheuvel wrote: > > This series is part of my effort to define a generic EFI boot protocol for > Linux, i.e,. one that is the same across all different architectures that > are able to boot Linux from EFI, and naturally reused the firmware's > infrastructure for authenticated boot and measured boot. > > Path #1 ... #4 implement the 'initrd' dynamic shell command, which takes a > file and exposes it via the LoadFile2 protocol installed on a vendor media > device path with guid LINUX_EFI_INITRD_MEDIA_GUID. This is a Linux specific, > but arch-agnostic way for the OS loader to load an initial ramdisk, while > leaving the firmware (or bootloader) in charge of where the file contents > are served from. This supersedes the currently existing solutions on Linux, > which are either limited to loading from the same volume that the OS loader > was loaded from, or load the initrd into memory first, and use architecture > specific data structures to pass on the information regarding base and size. > > Patch #5 is an update to the integration of the PE/COFF emulator protocol, > to align it more closely with how LoadImage() and StartImage() behave today: > LoadImage() is not restricted to images that can execute natively on the > platform, but also permits loading of cross-type supported images. This means > that any judgement on whether an image can be *started* needs to be deferred > until StartImage(), which is why the invocation of the RegisterImage() > callback needs to be deferred as well. > > Patch #6 implements the PE/COFF emulator protocol so it can start X64 images > that have been loaded on IA32 firmware. This is needed for Linux's so-called > 'mixed mode', which is an elaborate scheme of on-the-fly translation of data > structures and thunking into 32-bit compat mode, allowing X64 Linux kernels > to be used on X64 capable hardware that shipped with IA32 firmware. This > needs support from the loader, and is currently implemented in GRUB (and > OVMF's command line kernel loader) using the EFI handover protocol, which > relies far too much on knowledge of kernel internal data structures, and > circumvents LoadImage and StartImage entirely. > (Note: mixed mode support is mainly targeted at cheap Atom tablets that > shipped with a [cheaper] 32-bit version of Windows, and so this particular > patch is unlikely to help that use case, but it is useful for validation.) > > Patch #7 is new in v4, and modified the initrd Shell command so it aborts > immediately if the Linux initrd media GUID device path already has the > LoadFile2 protocol installed in the protocol database. > > With these changes in place, we can boot x86 mixed-mode Linux straight from > the UEFI Shell > > Shell>initrd fs0:\initrd.img > Shell>fs0:\bzImage root=/dev/vda2 > > Another benefit of this approach is that we can exit cleanly from the loader > (and back to the shell) using the Exit() boot service if any errors occur, > whereas the EFI handover protocol enters a deadloop upon any error that > occurs during execution of the EFI stub. > > Changes since v3: > - pick up some acks > - update patch #6 to sanity check the contents of the .compat section so > we don't overrun the end of the section looking for a compatible entrypoint > - add patch #7 > > Changes since v2: > - incorporate Laszlo's feedback, and add R-b's - I have incorporated all the > feedback given, except for the structure of the shell command implementation: > it is not my preferred style, but it is correct, and idiomatic for the shell > commands I could find in the tree. > > Changes from v1: > - Use a dynamic UEFI shell command, which is the recommended way of implementing > new shell commands that are not covered by the UEFI shell specification. It > also makes the command more easily usable on existing platforms, since the > driver can be loaded as an ordinary driver. > - split initrd patch into 4, as requested by Laszlo > - add patch to tweak the LoadImage/StartImage behavior wrt the PE/COFF emulator > protocol > - return EFI_UNSUPPORTED from PeCoffEmu::RegisterImage() if the image does not > have the required .compat section > > [0] https://edk2.groups.io/g/devel/topic/rfc_patch_1_1_ovmfpkg_add/71177416 > [1] https://edk2.groups.io/g/devel/topic/patch_1_1_ovmfpkg_ia32_add/71272266 > > v2: https://edk2.groups.io/g/devel/topic/patch_v2_0_6_ovmfpkg/71530294 > v3: https://edk2.groups.io/g/devel/message/54932 > > Cc: lersek@redhat.com > Cc: leif@nuviainc.com > Cc: Liming Gao > > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2564 > > Ard Biesheuvel (7): > OvmfPkg: add definition of LINUX_EFI_INITRD_MEDIA_GUID > OvmfPkg: add 'initrd' shell command to expose Linux initrd via device > path > ArmVirtPkg: add the 'initrd' dynamic shell command > OvmfPkg: add the 'initrd' dynamic shell command > MdeModulePkg/DxeCore: defer PE/COFF emulator registration to > StartImage > OvmfPkg IA32: add support for loading X64 images > OvmfPkg/LinuxInitrdDynamicShellCommand: bail if initrd already exists > Merged as 0980779a9ddc..ecb30848fdc9 (after incorporating Laszlo's final review comments) Thanks all!