lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 22 Oct 2013 12:35:02 -0400
From:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To:	"Woodhouse, David" <david.woodhouse@...el.com>
Cc:	Jan Beulich <JBeulich@...e.com>,
	Ian Campbell <ian.campbell@...rix.com>,
	"ross.philipson@...rix.com" <ross.philipson@...rix.com>,
	"stefano.stabellini@...citrix.com" <stefano.stabellini@...citrix.com>,
	"grub-devel@....org" <grub-devel@....org>,
	"Maliszewski, Richard L" <richard.l.maliszewski@...el.com>,
	"xen-devel@...ts.xen.org" <xen-devel@...ts.xen.org>,
	"boris.ostrovsky@...cle.com" <boris.ostrovsky@...cle.com>,
	Daniel Kiper <daniel.kiper@...cle.com>,
	Peter Jones <pjones@...hat.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"keir@....org" <keir@....org>
Subject: Re: EFI and multiboot2 devlopment work for Xen

On Tue, Oct 22, 2013 at 03:25:39PM +0000, Woodhouse, David wrote:
> On Tue, 2013-10-22 at 10:43 -0400, Konrad Rzeszutek Wilk wrote:
> > 
> > And looking at bit deeper in the x86/linux boot spec:
> > 
> > **** EFI HANDOVER PROTOCOL                                                      
> >                                                                                 
> > This protocol allows boot loaders to defer initialisation to the EFI            
> > boot stub. The boot loader is required to load the kernel/initrd(s)             
> > from the boot media and jump to the EFI handover protocol entry point           
> > which is hdr->handover_offset bytes from the beginning of                       
> > startup_{32,64}.      
> 
> Oh, ignore that. You want the *actual* PE executable entry point, as it
> would get invoked by a real UEFI firmware.

Right. The Xen hypervisor can be built in two images: a standard PE/COFF
that can be executed from the EFI shell, and an multiboot blob that can
be loaded by multiboot compatible boot loaders (like GRUB).

> 
> I thought that's what Grub invoked, for 'linuxefi'. Perhaps I mean a
> chainloader method of some kind instead. Either way, make Grub (or
> whatever bootloader you choose) load it as an EFI executable.

Looks like chainloader was it from Peter's answer. But then you can't
do SecureBoot <sigh>.

> 
> Seriously, forget Grub for now. Grub is mostly just an exercise in
> gratuitously doing things the difficult way and wondering why it's
> fragile.
> 
> Make your code work as an EFI executable when loaded directly from the
> UEFI firmware. Worry about the insanity of grub later.

That has been done by Jan. Now we are at the 'have a shim that launches
GRUB2, now what?'

>   
> 
> -- 
>                    Sent with MeeGo's ActiveSync support.
> 
> David Woodhouse                            Open Source Technology Centre
> David.Woodhouse@...el.com                              Intel Corporation
> 
> 
> 


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ