lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20131022145140.GA18679@phenom.dumpdata.com>
Date:	Tue, 22 Oct 2013 10:51:40 -0400
From:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To:	Ian Campbell <ian.campbell@...rix.com>
Cc:	Jan Beulich <JBeulich@...e.com>, ross.philipson@...rix.com,
	stefano.stabellini@...citrix.com, grub-devel@....org,
	david.woodhouse@...el.com, richard.l.maliszewski@...el.com,
	xen-devel@...ts.xen.org, boris.ostrovsky@...cle.com,
	Daniel Kiper <daniel.kiper@...cle.com>,
	Peter Jones <pjones@...hat.com>, linux-kernel@...r.kernel.org,
	keir@....org
Subject: Re: EFI and multiboot2 devlopment work for Xen

On Tue, Oct 22, 2013 at 03:24:28PM +0100, Ian Campbell wrote:
> On Tue, 2013-10-22 at 10:09 -0400, Konrad Rzeszutek Wilk wrote:
> 
> > So it can be booted the same way as xen.efi. But my understanding is
> > that folks prefer a bootloader instead of loading the bzImage in an
> > NVRAM of a platform with pre-set parameters. Hence that mechanism
> > is not used by the majority of users.
> 
> My understanding is that they prefer a bootloader which can launch Linux
> as a PE/COFF image, i.e. the linuxefi thing.
> 
> > Instead the majority of users would like to use a bootloader, like
> > GRUB2. And there are certain restrictions - if you launch from it
> > an PE/COFF application GRUB2 will call ExitBootServices. But if
> > you launch the Linux image (so using the linuxefi), it WILL NOT
> > call ExitBootServices.
> 
> "linuxefi" won't call ExitBootServices but it will launch as a PE/COFF
> application not as a "Linux image", that's right isn't it? I think that
> is the whole point of it.

No. The linuxefi will parse the payload and verify that it has the
Linux x86/boot protocol. So any PE/COFF image won't do.
(See grub_cmd_linux in grub-core/loader/i386/efi/linux.c)

If you use 'linux' module, it will call ExitBootService.
If you use 'multiboot' module, it will call ExitBootService too.

So if you don't want to the module to call 'grub_efi_finish_boot_services'
you need to use 'linuxefi' :-)


And I still haven't found the module that can launch any PE/COFF
image from GRUB2. Maybe that is a myth.
> 
> The "launch as a Linux image" grub command is called just "linux" (and
> "kernel" may be a synonym).
> 
> > But I say that (about ExitBootServices) - and I can't find it in
> > the GRUB2 code, so perhaps I am mistaken.
> 
> linuxefi isn't in the upstream grub2 tree -- all the distros are
> carrying it as a patch. So if you are grepping upstream you won't find
> it.

Right, I am looking at Fedora 19's GRUB2 sources.
> 
> Ian.
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ