mbox series

[v9,0/4] efi: Unified Xen hypervisor/kernel/initrd images

Message ID 20201002111822.42142-1-hudson@trmm.net (mailing list archive)
Headers show
Series efi: Unified Xen hypervisor/kernel/initrd images | expand

Message

Trammell Hudson Oct. 2, 2020, 11:18 a.m. UTC
This patch series adds support for bundling the xen.efi hypervisor,
the xen.cfg configuration file, the Linux kernel and initrd, as well
as the XSM, and architectural specific files into a single "unified"
EFI executable.  This allows an administrator to update the components
independently without requiring rebuilding xen, as well as to replace
the components in an existing image.

The resulting EFI executable can be invoked directly from the UEFI Boot
Manager, removing the need to use a separate loader like grub as well
as removing dependencies on local filesystem access.  And since it is
a single file, it can be signed and validated by UEFI Secure Boot without
requring the shim protocol.

It is inspired by systemd-boot's unified kernel technique and borrows the
function to locate PE sections from systemd's LGPL'ed code.  During EFI
boot, Xen looks at its own loaded image to locate the PE sections for
the Xen configuration (`.config`), dom0 kernel (`.kernel`), dom0 initrd
(`.ramdisk`), and XSM config (`.xsm`), which are included after building
xen.efi using objcopy to add named sections for each input file.

Trammell Hudson (4):
  efi/boot.c: add file.need_to_free
  efi/boot.c: add handle_file_info()
  efi: Enable booting unified hypervisor/kernel/initrd images
  efi: Do not use command line if unified config is included

 .gitignore                  |   1 +
 docs/misc/efi.pandoc        |  49 ++++++++++++
 xen/arch/arm/efi/efi-boot.h |  36 ++++++---
 xen/arch/x86/efi/Makefile   |   2 +-
 xen/arch/x86/efi/efi-boot.h |  13 ++-
 xen/common/efi/boot.c       | 140 ++++++++++++++++++++++++---------
 xen/common/efi/efi.h        |   3 +
 xen/common/efi/pe.c         | 152 ++++++++++++++++++++++++++++++++++++
 8 files changed, 347 insertions(+), 49 deletions(-)
 create mode 100644 xen/common/efi/pe.c

Comments

Trammell Hudson Oct. 9, 2020, 2:43 p.m. UTC | #1
Any further thoughts on this patch series? Three out of four of
them have been reviewed or acked by at least one reviewer, with
only the last one currently unreviewed.

--
Trammell

On Friday, October 2, 2020 1:18 PM, Trammell Hudson <hudson@trmm.net> wrote:
> This patch series adds support for bundling the xen.efi hypervisor,
> the xen.cfg configuration file, the Linux kernel and initrd, as well
> as the XSM, and architectural specific files into a single "unified"
> EFI executable. This allows an administrator to update the components
> independently without requiring rebuilding xen, as well as to replace
> the components in an existing image.
>
> The resulting EFI executable can be invoked directly from the UEFI Boot
> Manager, removing the need to use a separate loader like grub as well
> as removing dependencies on local filesystem access. And since it is
> a single file, it can be signed and validated by UEFI Secure Boot without
> requring the shim protocol.
>
> It is inspired by systemd-boot's unified kernel technique and borrows the
> function to locate PE sections from systemd's LGPL'ed code. During EFI
> boot, Xen looks at its own loaded image to locate the PE sections for
> the Xen configuration (`.config`), dom0 kernel (`.kernel`), dom0 initrd
> (`.ramdisk`), and XSM config (`.xsm`), which are included after building
> xen.efi using objcopy to add named sections for each input file.
>
> Trammell Hudson (4):
> efi/boot.c: add file.need_to_free
> efi/boot.c: add handle_file_info()
> efi: Enable booting unified hypervisor/kernel/initrd images
> efi: Do not use command line if unified config is included
>
> .gitignore | 1 +
> docs/misc/efi.pandoc | 49 ++++++++++++
> xen/arch/arm/efi/efi-boot.h | 36 ++++++---
> xen/arch/x86/efi/Makefile | 2 +-
> xen/arch/x86/efi/efi-boot.h | 13 ++-
> xen/common/efi/boot.c | 140 ++++++++++++++++++++++++---------
> xen/common/efi/efi.h | 3 +
> xen/common/efi/pe.c | 152 ++++++++++++++++++++++++++++++++++++
> 8 files changed, 347 insertions(+), 49 deletions(-)
> create mode 100644 xen/common/efi/pe.c
>
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> 2.25.1
Jan Beulich Oct. 13, 2020, 12:06 p.m. UTC | #2
On 09.10.2020 16:43, Trammell Hudson wrote:
> Any further thoughts on this patch series? Three out of four of
> them have been reviewed or acked by at least one reviewer, with
> only the last one currently unreviewed.

"unreviewed" isn't correct. I did review it, but I'm opposed to
parts of the resulting behavior.

Jan