[v2,0/5] Support EFI multiboot loading using PE binary

Message ID	20240814083428.3012-1-frediano.ziglio@cloud.com (mailing list archive)
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Frediano Ziglio <frediano.ziglio@cloud.com> To: xen-devel@lists.xenproject.org Cc: Frediano Ziglio <frediano.ziglio@cloud.com>, Jan Beulich <jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>, =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>, "Daniel P. Smith" <dpsmith@apertussolutions.com>, =?utf-8?q?Marek_Marczykow?= =?utf-8?q?ski-G=C3=B3recki?= <marmarek@invisiblethingslab.com> Subject: [PATCH v2 0/5] Support EFI multiboot loading using PE binary Date: Wed, 14 Aug 2024 09:34:09 +0100 Message-ID: <20240814083428.3012-1-frediano.ziglio@cloud.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	Support EFI multiboot loading using PE binary \| expand [v2,0/5] Support EFI multiboot loading using PE binary [v2,1/5] x86: Put trampoline in .init.data section [v2,2/5] x86: Set xen_phys_start and trampoline_xen_phys_start earlier [v2,3/5] x86: Force proper gdt_boot_base setting [v2,4/5] x86: Compensate relocation in case of EFI [v2,5/5] x86: Rollback relocation in case of EFI multiboot

Message ID

20240814083428.3012-1-frediano.ziglio@cloud.com (mailing list archive)

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Frediano Ziglio <frediano.ziglio@cloud.com>
To: xen-devel@lists.xenproject.org
Cc: Frediano Ziglio <frediano.ziglio@cloud.com>,
 Jan Beulich <jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>,
	=?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>,
 "Daniel P. Smith" <dpsmith@apertussolutions.com>, =?utf-8?q?Marek_Marczykow?=
	=?utf-8?q?ski-G=C3=B3recki?= <marmarek@invisiblethingslab.com>
Subject: [PATCH v2 0/5] Support EFI multiboot loading using PE binary
Date: Wed, 14 Aug 2024 09:34:09 +0100
Message-ID: <20240814083428.3012-1-frediano.ziglio@cloud.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

Support EFI multiboot loading using PE binary | expand

Message

Frediano Ziglio Aug. 14, 2024, 8:34 a.m. UTC

Testing this feature in preparation for UEFI CA memory mitigation
requirements I found some issues causing the loading to fail and
other minor issues.
Details in series commit messages.
This is adding an additional way to boot Xen, using GrUB2+EFI
(xen.efi:__efi64_mb2_start).

Changes since v1:
- Changed title, apparently this is a kind of new mode;
- address lot of comments (see "Changes" in other messages).

Frediano Ziglio (5):
  x86: Put trampoline in .init.data section
  x86: Set xen_phys_start and trampoline_xen_phys_start earlier
  x86: Force proper gdt_boot_base setting
  x86: Compensate relocation in case of EFI
  x86: Rollback relocation in case of EFI multiboot

 xen/arch/x86/boot/Makefile          |  2 +-
 xen/arch/x86/boot/efi-reloc-image.c | 40 ++++++++++++++
 xen/arch/x86/boot/efi-reloc-image.h | 85 +++++++++++++++++++++++++++++
 xen/arch/x86/boot/head.S            | 72 ++++++++++++++++++------
 xen/arch/x86/efi/efi-boot.h         | 64 ++--------------------
 5 files changed, 187 insertions(+), 76 deletions(-)
 create mode 100644 xen/arch/x86/boot/efi-reloc-image.c
 create mode 100644 xen/arch/x86/boot/efi-reloc-image.h

Comments

Andrew Cooper Aug. 14, 2024, 9:31 p.m. UTC | #1

On 14/08/2024 9:34 am, Frediano Ziglio wrote:
> Testing this feature in preparation for UEFI CA memory mitigation
> requirements I found some issues causing the loading to fail and
> other minor issues.
> Details in series commit messages.
> This is adding an additional way to boot Xen, using GrUB2+EFI
> (xen.efi:__efi64_mb2_start).
>
> Changes since v1:
> - Changed title, apparently this is a kind of new mode;
> - address lot of comments (see "Changes" in other messages).
>
> Frediano Ziglio (5):
>   x86: Put trampoline in .init.data section
>   x86: Set xen_phys_start and trampoline_xen_phys_start earlier
>   x86: Force proper gdt_boot_base setting
>   x86: Compensate relocation in case of EFI
>   x86: Rollback relocation in case of EFI multiboot

Patch 1 is one part of supporting NX_COMPAT in the PE header, which is a
requirement from Microsoft in order to be signed.

It has nothing to do with the rest of the series, which is about making
the EFI+MB2 entry point work.

It would have helped a lot to not have mixed these together in a series
claiming to only be about the latter.

Now, as indicated in our documentation (yes - this is one of the very
few I have managed to get committed),
https://xenbits.xen.org/docs/latest/hypervisor-guide/x86/how-xen-boots.html#xen-efi

The MB2 tags existing in xen.efi is a known thing but came as a surprise
to some.  It exists because xen.efi is a strict superset of xen.gz,
including head.S which contains the MB1/MB2 tags.

Nevertheless, if we want to make EFI+MB2 work, that's fine, but the
final patch in the series needs to be one updating the docs to reflect
the new behaviour of Xen.

~Andrew

Jan Beulich Aug. 15, 2024, 8:47 a.m. UTC | #2

On 14.08.2024 23:31, Andrew Cooper wrote:
> On 14/08/2024 9:34 am, Frediano Ziglio wrote:
>> Testing this feature in preparation for UEFI CA memory mitigation
>> requirements I found some issues causing the loading to fail and
>> other minor issues.
>> Details in series commit messages.
>> This is adding an additional way to boot Xen, using GrUB2+EFI
>> (xen.efi:__efi64_mb2_start).
>>
>> Changes since v1:
>> - Changed title, apparently this is a kind of new mode;
>> - address lot of comments (see "Changes" in other messages).
>>
>> Frediano Ziglio (5):
>>   x86: Put trampoline in .init.data section
>>   x86: Set xen_phys_start and trampoline_xen_phys_start earlier
>>   x86: Force proper gdt_boot_base setting
>>   x86: Compensate relocation in case of EFI
>>   x86: Rollback relocation in case of EFI multiboot
> 
> Patch 1 is one part of supporting NX_COMPAT in the PE header, which is a
> requirement from Microsoft in order to be signed.
> 
> It has nothing to do with the rest of the series, which is about making
> the EFI+MB2 entry point work.
> 
> It would have helped a lot to not have mixed these together in a series
> claiming to only be about the latter.
> 
> 
> Now, as indicated in our documentation (yes - this is one of the very
> few I have managed to get committed),
> https://xenbits.xen.org/docs/latest/hypervisor-guide/x86/how-xen-boots.html#xen-efi
> 
> The MB2 tags existing in xen.efi is a known thing but came as a surprise
> to some.  It exists because xen.efi is a strict superset of xen.gz,
> including head.S which contains the MB1/MB2 tags.

Which in turn so far was just to keep build machinery as uniform as possible.
IOW I'd rather call the tags being there a side effect, not something that
was intentional. And for MB1 I don't think that's going to change with the
effort made now.

Jan

Jan Beulich Aug. 20, 2024, 1:35 p.m. UTC | #3

On 14.08.2024 10:34, Frediano Ziglio wrote:
> Testing this feature in preparation for UEFI CA memory mitigation
> requirements I found some issues causing the loading to fail and
> other minor issues.
> Details in series commit messages.
> This is adding an additional way to boot Xen, using GrUB2+EFI
> (xen.efi:__efi64_mb2_start).
> 
> Changes since v1:
> - Changed title, apparently this is a kind of new mode;
> - address lot of comments (see "Changes" in other messages).
> 
> Frediano Ziglio (5):
>   x86: Put trampoline in .init.data section
>   x86: Set xen_phys_start and trampoline_xen_phys_start earlier
>   x86: Force proper gdt_boot_base setting
>   x86: Compensate relocation in case of EFI
>   x86: Rollback relocation in case of EFI multiboot

What I'm missing throughout the series (maybe with patch 1 excluded, which
- as Andrew clarified - is really dealing with an independent aspect) is
discussion / clarification of the individual changes not affecting any of
the existing boot modes, first and foremost the EFI+MB2 one using xen.gz.

Jan