From patchwork Thu May 11 14:34:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 13238051 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 94D2DC7EE22 for ; Thu, 11 May 2023 14:35:18 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.533422.830071 (Exim 4.92) (envelope-from ) id 1px7Ne-0002VD-HW; Thu, 11 May 2023 14:34:54 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 533422.830071; Thu, 11 May 2023 14:34:54 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1px7Ne-0002V6-Ek; Thu, 11 May 2023 14:34:54 +0000 Received: by outflank-mailman (input) for mailman id 533422; Thu, 11 May 2023 14:34:53 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1px7Nd-0002UE-6d for xen-devel@lists.xenproject.org; Thu, 11 May 2023 14:34:53 +0000 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20603.outbound.protection.outlook.com [2a01:111:f400:7e1b::603]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id fc673756-f008-11ed-8611-37d641c3527e; Thu, 11 May 2023 16:34:50 +0200 (CEST) Received: from VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) by DBBPR04MB7769.eurprd04.prod.outlook.com (2603:10a6:10:1e0::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.20; Thu, 11 May 2023 14:34:48 +0000 Received: from VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::8e41:82b6:a27f:2e0c]) by VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::8e41:82b6:a27f:2e0c%4]) with mapi id 15.20.6363.033; Thu, 11 May 2023 14:34:48 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: fc673756-f008-11ed-8611-37d641c3527e ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EKJWdoDEgCnkmh1XElHZreqgXaJBhQkBmAaBqD9ZpiUrSJxQ24/PiMeVLbWT95whs68Z/OvYY38JqUo8BKtM9uAPgmltajYdE87/sfPnob7HJqWtweGWZbPYoIpu3Goia67/IOssmkFA/iw8zQXuJ0ICYtNgUlOzWEmd+La1s4gAHPvdigrjzropQw4tl4k/f1k39xImsFgpLo8Iz/Nr3lCuoQZrwWsauNea9kNiXNILAtGqejqgNxmKTrEFJbwYpSU1tAsu9zRJz7bkpDYBrQnfLWWO64ZbSN7h1WFYV8CRipLc0nVP0OFBnUnLSR5dSbNks8FWbxlp2lXkEtE50A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PZtfQKxifRk6kmgzpC/rH44iign0BqEwrPFys6tO/Ug=; b=norvQMP1yau8l4GrzUlCmqyBTuqmBiYro2VVuzoxXnpZx/AbULYRRWz9oLHrIrYJfdMR6dg1nilZ3krkgIVfZZn+UoduCDmDawJmZcuuAJWuQjjMlUBA+4SpamoukHCxupbCLDij0Oe+fPbNCLWQjwuGtAE04xpG7U2sn0SWsfjqTLKOhCKLBXQdsn29cRw//KHeJ1idGvMxqWj3ltP2gIiGj1zLsrSqBfF9Rp+b3PgYnII7Rq+pAqnJdA2KOt4PYHFIyyr70TzDIWLTEaUyFxLLZbgfERgJ5qBlAAkHx7HGMIJDUQTjemwIrrw2X8wJzLPUyR+hw0msxcnNS/7ikA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PZtfQKxifRk6kmgzpC/rH44iign0BqEwrPFys6tO/Ug=; b=GmxCDxjbKfzwVcca7kMFUaqQhoQpfyTLSx5DWoz8ZR8qFFlICBNt3gD69bZIZHI/AVU3RJVtbF39z6e2L89y5mZnna0XWNVKlceiuce9Yx185eKtoHNpjRdWxaaGAuSWlvNizENhvf6hYAZEL4C/lT25uAIcpAoAw9yo2XL0Ks0PUWJZ10QGgnPVG4mxi5lJ+kFB/sTu8VfF+wCFeGhXdJvd9Zuj2Y0chLkg5xJY5/yx4wtw4x1QCNYELYlASZ2uybbLA4Apg0qIpp3+PycqgRUad4qjaF1GqESTBzig5y/DC0L1siCEfIX9NTAXD+pEvrWdU4wRfsnaKI6DB5FmIw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: <82c8ce93-a9a7-9309-2b04-8092ca84e7d6@suse.com> Date: Thu, 11 May 2023 16:34:45 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1 Content-Language: en-US To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , George Dunlap , Julien Grall , Stefano Stabellini , Wei Liu From: Jan Beulich Subject: [PATCH] SUPPORT.md: explicitly mention EFI (secure) boot status X-ClientProxiedBy: FR2P281CA0075.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:9a::17) To VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: VE1PR04MB6560:EE_|DBBPR04MB7769:EE_ X-MS-Office365-Filtering-Correlation-Id: f454d98c-6d97-4b22-d505-08db522cdf06 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: EF8Dh6P/frSamtkFen6aIG0SPJ53woQGIuqfB1jiS6cDa6Ns6UnXGmjmA4u6FPE1lFZ41qomx/9HYMiX48WUXJN5r3pyF72AJ6zWKYrVDRhXVtqwrvgQabid3kUP9w2tLjrObB9AHY/sVbW1U19EBKNKLm4QWzUcQrAvIkV4UrFNcIR9kyHiAASX9mt1FG7eNG0NwVqvegYceThgnzWbdjdpS1vC6A4gAHLgXktPXbd9Odw9nvRZKiKac7H/PHIVBV1Fo1/VU4CmuAu1WxM+hLiava5AE0OxOdtOozHwCUE8r82Z5AGoJgzUxrekc0oOL2Ny3eMOsMvUlqD+uhSo7fAqSUN73HwK55QiqhogNXurwuIm2bYaNVEYkC6YPlGVVy9rrI8b9n0AtM7/s5YFJnWIqbOEjECNCvLwCSsbUwXAZES5ilLVR4AkatjtssIsoxw6zfs6CQq0K8Xz5MbhR8HCf9ilH3x5263NxZnF3HMU2TZpbNYCRoVyCsCZ4SH8IGvQLWS6quaI7YUoQ/WhdYrMtRsm8blYNusZgY2fu6t4NpGFLw58R1jKd4XoOwLjxms/zCvOMicMxDtSJLnUIae7TlWwxZ2l67yy1hErWSfeuk4OIifr6VU5EwddzUFLUdaQyxZNLY2Nb9yBuglIFA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VE1PR04MB6560.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(396003)(346002)(136003)(39860400002)(376002)(366004)(451199021)(41300700001)(26005)(186003)(2906002)(4744005)(6512007)(6506007)(5660300002)(38100700002)(8936002)(31686004)(6916009)(316002)(54906003)(478600001)(83380400001)(2616005)(8676002)(36756003)(6486002)(86362001)(6666004)(66476007)(66556008)(66946007)(4326008)(31696002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?9dkQlMe9ZKmD9dr22O3Biw3KaLy/?= =?utf-8?q?n6lyn991Si1g2abOotYufiEQLdlgoVuubCr1bQ6Qx1b5/FVDxqMpJRp6D4rCPtVCB?= =?utf-8?q?bfSlcGh2N2BLpgAxFeGwqQ+sqTBnBeyLmqOrHc7wmEti3cqvF+fV3X3ir6n1lc3H7?= =?utf-8?q?MdnMTp2FlODIeGJ1PbJIO9ui99mjOwbGnGx7kYnLQp76FqOSMqmzlMsEyx6sCEYQE?= =?utf-8?q?3wCwk08xliTmZJJgcD3uTSi2kAaVLSNB9j6CFyv43eWvkoLQ7sKNtSwMT+QBYoyFK?= =?utf-8?q?cvk4B9mlYJ0P0QpPGYa1umUl6C6q8Gfe9FaDc23syC9MnJtMt01yV4Nt0fgP2m5uQ?= =?utf-8?q?CzYYFXtTRkxjiFercGtEZD3BbmuhyZjSYgErJIqYLNdcD86srMSxXqHBRKtaRx8RZ?= =?utf-8?q?C1xNK/8+peOUBMem0tApIh+VG5mwN4FkKhM28BuD0klrIrnHKO57sfbd/xSy8V+wj?= =?utf-8?q?Lk8KX1tupOmUdUDouRIbgtNm6I6UGOdEokbV+UFhww99StzmaIswe9L7Z6unk/H/W?= =?utf-8?q?RYItwZbsaeXgt57im0zM8HehkuVSz08ePPV1kgptEvVsHfS3qKopJ4XUuSSooPCw2?= =?utf-8?q?m6+sSHXTjFACh1vTBCnUBRuvid19WlR9P1I9Zx+bRqNh2pLseaQ1xnBEyjznT5Ejy?= =?utf-8?q?xRT4zq2sZIB1qABMPtCTwDJmjdSU9Hi/Im8E6uqNQTKnG5p3thyEZzaEt1GIwYwIv?= =?utf-8?q?ojfDAnVC93Y5OGbyrRgUzgW8n9wHOyLH+Qv1cEW+A1pKLKLGM0/0OcL6f+yKnMxWg?= =?utf-8?q?H6hZqH89z3zy1W9D0s//MoB55ZzZTiDDGVN50ibwA7JelB/m4m6GXvdU+TAli98OO?= =?utf-8?q?tOUODQ3X5i+5mBxcsIkDjMtLl2ZQ4Go5zsuYhDicKCcUhnoY9YIvt/xsaGt1E2QD7?= =?utf-8?q?cvxv4vFFQn6FSF2JffnByzW2SeI96PFVZ/ghizjz6PQ/qqL6V4CS++KJa0Gu8btEP?= =?utf-8?q?pWusJSA9+lHR06nVGH0Kr4L3+NaPmZ+5WmqzNseRpl5jrRaRQJcwiOtbDGVgPEfR1?= =?utf-8?q?N3kLMJFvBW2RXz4ahvHynkVv4e8w4yIEM70ED2sHZeZdsxoHvd+eBgy14qJyu695e?= =?utf-8?q?8reUhqeN8kX5Ms/wF0MagBSPq1j/HrTxLcqBbUWmxCWTuuFBFiyzszionlRgBEvb+?= =?utf-8?q?vpagDzA+marST99yjdIHVM9ldbzp7YA2oJ3W8R+hnk4OUlrpxx7FTelWpI86ASCvf?= =?utf-8?q?DuCRyePqkLgi2+deBPkOiR2QAyOVLkay7Ojju+TIvfclmwsXScpU/XIFTG/duajZ7?= =?utf-8?q?QuQAw1SygY6hj67U+SG4UEXj8J4LkkLU8ALj4H2JlTphBErmT2iNHy+VMXrJDaO5A?= =?utf-8?q?YIUCu1EKAk6SoPJ3bzBIhsnKSwaJGbAlsjPCWXlSafgaZRBtW0Qbzq8Om5DY28QlO?= =?utf-8?q?0X1dgMhaBG13DZ49qRiPbvBT1JxiDeebG8L2tR9VHGI7OcJO3/IGkXaWNCvpYOW1P?= =?utf-8?q?5oFZHB8C2NtsUXtTJUalVEP+D1qmSo9d2mBd/eNMvS/Z4j8IpVRxGFNeXMMb8l8k3?= =?utf-8?q?wG87jqUAgzVe?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: f454d98c-6d97-4b22-d505-08db522cdf06 X-MS-Exchange-CrossTenant-AuthSource: VE1PR04MB6560.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2023 14:34:47.7779 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Fnwyy5RIPi9NRhny8qQW3QUuwphZJI5e2qbvFs1dyBlCDJHYQVRm7ox9xoQoRGCojaEDMYzniOJ4BTam4KEWuw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR04MB7769 While normal booting is properly supported on both x86 and Arm64, secure boot reportedly requires quite a bit more work to be actually usable (and providing the intended guarantees). The mere use of the shim protocol for verifying the Dom0 kernel image isn't enough. Signed-off-by: Jan Beulich Reviewed-by: Andrew Cooper Acked-by: Julien Grall --- a/SUPPORT.md +++ b/SUPPORT.md @@ -63,6 +63,16 @@ For the Cortex A57 r0p0 - r1p1, see Erra Status, x86 PV: Supported Status, ARM: Experimental +### Host EFI Boot + + Status, x86: Supported + Status, Arm64: Supported + +### Host EFI Secure Boot + + Status, x86: Experimental + Status, Arm64: Experimental + ### x86/Intel Platform QoS Technologies Status: Tech Preview