From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lersek@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 34D4681E9E
 for <edk2-devel@ml01.01.org>; Wed, 23 Nov 2016 11:50:20 -0800 (PST)
Received: from int-mx11.intmail.prod.int.phx2.redhat.com
 (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 711DE4E334;
 Wed, 23 Nov 2016 19:50:19 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-97.phx2.redhat.com
 [10.3.116.97])
 by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
 uANJoH28021135; Wed, 23 Nov 2016 14:50:17 -0500
To: Rod Smith <rodsmith@rodsbooks.com>
References: <CAPv3WKerVJ8Q+EZUW1jjAUm93OSBaQcjz+WYgLS0QKRYn1YB7w@mail.gmail.com>
 <2ee033d3-bf24-6710-3f72-14bd0e6dfed9@akeo.ie>
 <b5753147-8662-0fbb-b4de-94b2639dafd9@bluestop.org>
 <CAN9vWDLOhZJDof+K3OdMzamzTqXAS=pTLR1EiCk=Gdw10qVj2w@mail.gmail.com>
 <CAPv3WKfb29xHS2j1akMrPH4u6yevhfW7nNDqKXXRBWHgvhC_ng@mail.gmail.com>
 <c4049fa6-16d2-a73b-ab04-7c770bf86aca@akeo.ie>
 <98271ced-83d5-d4e9-6b8d-416265054906@rodsbooks.com>
Cc: edk2-devel@ml01.01.org, Marcin Wojtas <mw@semihalf.com>,
 Pete Batard <pete@akeo.ie>, Rebecca Cran <rebecca@bluestop.org>,
 Michael Zimmermann <sigmaepsilon92@gmail.com>
From: Laszlo Ersek <lersek@redhat.com>
Message-ID: <eb7a02a8-630c-a60b-90b9-4c527d70bf8f@redhat.com>
Date: Wed, 23 Nov 2016 20:50:16 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.5.0
MIME-Version: 1.0
In-Reply-To: <98271ced-83d5-d4e9-6b8d-416265054906@rodsbooks.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.38]); Wed, 23 Nov 2016 19:50:19 +0000 (UTC)
Subject: Re: EXT FS support
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 19:50:20 -0000
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit

On 11/22/16 22:31, Rod Smith wrote:
> On 11/22/2016 01:25 PM, Pete Batard wrote:
>> On 2016.11.22 17:16, Marcin Wojtas wrote:
>>> There's no GRUB, platform simply boots to the Shell.
>>
>> I think there may be some confusion.
>>
>> All the drivers we linked you to are pure UEFI drivers. It doesn't
>> matter if they were a port from GRUB or something else, the code was
>> converted to work as a standalone UEFI driver. Especially you don't need
>> to have GRUB running or anything. You can just use the "load" command in
>> the shell to load the driver, and then access the file system.
>>
>> I believe you should be able to download any of the ext binary drivers
>> mentioned and use them in your shell right away to access your file
>> system from it.
> 
> Yes, but it sounds like Marcin may want to embed the ext4fs driver in a
> custom EFI build. AFAIK, none of the drivers in question were designed
> with that in mind; however, the VirtualBox project has incorporated
> ISO-9660 and HFS+ drivers, both of which are built on the same framework
> (rEFIt's) as rEFInd's drivers, into its own firmware. Thus, Marcin might
> be able to look at the VirtualBox code and use whatever techniques or
> glue it uses to incorporate something else. (I can't point to specific
> files, though.) The rEFInd drivers might be easiest to build in this
> way, but that's just a guess.

Any valid EFI binary can be built into edk2 platforms easily. As an example, I recommend looking at

  EdkShellBinPkg/FullShell/FullShell.inf

and the following portions from OvmfPkg/OvmfPkgX64.fdf:

INF  RuleOverride = BINARY EdkShellBinPkg/FullShell/FullShell.inf
...

[Rule.Common.UEFI_DRIVER.BINARY]
  FILE DRIVER = $(NAMED_GUID) {
    DXE_DEPEX DXE_DEPEX Optional      |.depex
    PE32      PE32                    |.efi
    UI        STRING="$(MODULE_NAME)" Optional
    VERSION   STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
  }
[Rule.Common.UEFI_APPLICATION.BINARY]
  FILE APPLICATION = $(NAMED_GUID) {
    PE32      PE32                    |.efi
    UI        STRING="$(MODULE_NAME)" Optional
    VERSION   STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
  }

> 
> Note, however, that all of the drivers referenced so far in this thread
> are licensed under the GPL. Thus, building an EFI in this way would
> cause the EFI as a whole to be GPL-licensed.

Yes.

Also, as far as I'm aware, OpenSSL and GPL don't mix, so a firmware binary that combined edk2's OpenSSL-based Secure Boot stack and GPL drivers might be undistributable. (It would be fine for in-house use.)

https://people.gnome.org/~markmc/openssl-and-the-gpl.html

There's another option (and while it requires initial setup on the end-user's side, it doesn't require constant fiddling): copy the stand-alone, GPL-licensed UEFI_DRIVER binary to a small, separate VFAT filesystem, then create a Driver#### option that points to it.

(At least with edk2 and OVMF, the driver options are dispatched between BeforeConsole and AfterConsole, and OVMF's AfterConsole calls EfiBootManagerConnectAll(). The result is that filesystems recognized by the drivers loaded from the small VFAT partition would all be bound, and would become available for booting off of.)

This VFAT + Driver#### setup could even be done by customized OS installers, without user interaction.

Now I understand that the point might be to eliminate a VFAT partition altogether, but after the initial driver installation, it could become read-only from the OS runtime POV as well, and the real boot loader stuff could reside on ext2.

Separately, a small note on ext4 (because you mention it above). I seem to recall a filesystem expert colleague of mine advise *against* using journaled filesystems for booting with e.g. grub2. The argument goes (if I recall right), XFS is considered to be in clean state if the data has made it to the final location *or* the persistent journal. When you cleanly unmount (or remount r/o) and shut down, the journal will be flushed to the final location, so a boot loader that doesn't know about the journal will read consistent data. However, if you crash *without* data loss, then part of the data might be in the journal only, and only clients that can read the journal will see consistent data.

> This might or might not be
> an issue, depending on what the point of the exercise is.
> 
> Of course, a standalone driver might be perfectly acceptable, too. I've
> seen options in some EFIs to load drivers at start time, but I've never
> gotten them to work. (I haven't tried very hard.) If nothing else, a
> small driver-loading program could be written and set as the first boot
> option.

Newer firmware might also support SysPrep#### options for such applications (although firmware that supports SysPrep#### would arguably get Driver#### right as well).

Invoking the same logic / app from a regular boot option, and exiting with success, might or might not chain to the next boot option automatically. For example, in "MdeModulePkg/Universal/BdsDxe/BdsEntry.c", edk2 has 

    //
    // If the boot via Boot#### returns with a status of EFI_SUCCESS, platform firmware
    // supports boot manager menu, and if firmware is configured to boot in an
    // interactive mode, the boot manager will stop processing the BootOrder variable and
    // present a boot manager menu to the user.
    //

I guess invariably exiting with failure could ensure chaining.

> 
> Marcin wrote:
> 
>> I also found this:
>> https://sourceforge.net/p/cloverefiboot/code/HEAD/tree/FileSystems/VBoxFsDxe/
> 
> FWIW, that's a fork of the rEFInd code. I'd not seen it before now; the
> Clover developers haven't bothered to upstream their changes. (I
> maintain rEFInd.)
> 
> It's still not clear to me why you want this driver, Marcin. If you want
> to load a Linux kernel directly, without using GRUB, rEFInd, or some
> other tool, you can simply put the kernel(s) on a FAT filesystem.

Yes, if the kernel was built with the EFI stub, it can be launched as a UEFI application.

Furthermore, arm and arm64 kernels parse the "initrd=..." command line parameter in the EFI stub, and can load the initrd from the same filesystem (using the UEFI drivers) where the kernel image was loaded from. The simplest (maybe only?) use case is to provide just a filename (no pathname separators) with "initrd=", and then the file will be loaded from the same directory as the kernel, IIRC.

This enables a development style where one
- sets up one boot option, pointing to the kernel image (with the EFI stub) as the binary to launch,
- stores "initrd=..." in the boot option's LoadOptions field,
- boots the system, modifies and rebuilds the kernel,
- installs the kernel and the initrd in the exact same spot as before (under the same pathnames on the ESP),
- reboots.

> This
> is a common approach among Arch Linux users; they mount the ESP at /boot
> and it works pretty well. Some distributions assume that /boot supports
> links or other features that aren't available with FAT, though, so maybe
> this wouldn't work as well for you, but it's worth considering.
> 

Thanks
Laszlo