From: Doug Goldstein <cardoe@cardoe.com>
To: Anthony PERARD <anthony.perard@citrix.com>, xen-devel@lists.xen.org
Cc: Ian Jackson <ian.jackson@eu.citrix.com>,
Wei Liu <wei.liu2@citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Subject: Re: [PATCH v4 04/14] firmware/makefile: install BIOS blob ...
Date: Mon, 18 Apr 2016 15:31:27 +0100 [thread overview]
Message-ID: <5714EFBF.2000806@cardoe.com> (raw)
In-Reply-To: <1457978150-27201-5-git-send-email-anthony.perard@citrix.com>
[-- Attachment #1.1.1: Type: text/plain, Size: 2250 bytes --]
On 3/14/16 5:55 PM, Anthony PERARD wrote:
> ... into the firmware directory, along with hvmloader.
>
> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> ---
> Change in V4:
> - remove install of acpi dsdt table
>
> Change in V3:
> - do not check if ROMs file exist before installing, they should exist
> - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
> .aml files without changing temporarly the other dsdt_*.c rules.
> ---
> tools/firmware/Makefile | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> index 6cc86ce..6a37758 100644
> --- a/tools/firmware/Makefile
> +++ b/tools/firmware/Makefile
> @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
>
> LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
>
> +SEABIOS_ROM := seabios-dir/out/bios.bin
> +OVMF_ROM := ovmf-dir/ovmf.bin
> +
> ovmf-dir:
> GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
> cp ovmf-makefile ovmf-dir/Makefile;
> @@ -45,6 +48,16 @@ endif
> install: all
> [ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
> [ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> +ifeq ($(CONFIG_SEABIOS),y)
> +ifeq ($(SEABIOS_PATH),)
> + $(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
> +endif
> +endif
> +ifeq ($(CONFIG_OVMF),y)
> +ifeq ($(OVMF_PATH),)
> + $(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
> +endif
> +endif
>
> .PHONY: clean
> clean: subdirs-clean
>
So I'm going to toss this out there but what if we don't install these
at all? We talked about reducing the scope that the Xen Security team
had to maintain. What if we just state that SeaBIOS and/or OVMF are
dependencies? All the downstream distros don't use the pre-built
binaries from Xen and build it themselves. For plain Xen users we just
add that to the list of dependencies.
I think SeaBIOS and OVMF are a lot more low risk than something like
QEMU since they have a very clear target so they're a lot more likely to
remain stable. SeaBIOS also has a fairly low level of churn, especially
on stable branches.
Just a thought.
--
Doug Goldstein
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 959 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-18 14:31 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-14 17:55 [PATCH v4 00/14] Load BIOS via toolstack instead of been embedded in hvmloader Anthony PERARD
2016-03-14 17:55 ` [PATCH v4 01/14] libxc: Rework extra module initialisation Anthony PERARD
2016-03-16 0:06 ` Konrad Rzeszutek Wilk
2016-03-17 16:24 ` Anthony PERARD
2016-03-14 17:55 ` [PATCH v4 02/14] libxc: Prepare a start info structure for hvmloader Anthony PERARD
2016-03-16 0:18 ` Konrad Rzeszutek Wilk
2016-03-16 18:01 ` Boris Ostrovsky
2016-03-17 16:48 ` Anthony PERARD
2016-03-17 16:28 ` Anthony PERARD
2016-03-14 17:55 ` [PATCH v4 03/14] configure: #define SEABIOS_PATH and OVMF_PATH Anthony PERARD
2016-03-16 0:20 ` Konrad Rzeszutek Wilk
2016-04-08 13:38 ` Wei Liu
2016-03-14 17:55 ` [PATCH v4 04/14] firmware/makefile: install BIOS blob Anthony PERARD
2016-03-16 0:26 ` Konrad Rzeszutek Wilk
2016-03-16 8:54 ` Dario Faggioli
2016-03-16 8:56 ` Konrad Rzeszutek Wilk
2016-03-17 16:58 ` Anthony PERARD
2016-03-17 17:37 ` Doug Goldstein
2016-03-17 18:33 ` Anthony PERARD
2016-03-18 21:11 ` Jim Fehlig
2016-03-19 0:43 ` Doug Goldstein
2016-04-18 14:31 ` Doug Goldstein [this message]
2016-04-19 13:11 ` Stefano Stabellini
2016-03-14 17:55 ` [PATCH v4 05/14] libxl: Load guest BIOS from file Anthony PERARD
2016-03-16 0:53 ` Konrad Rzeszutek Wilk
2016-03-16 9:27 ` Dario Faggioli
2016-03-17 17:24 ` Anthony PERARD
2016-03-14 17:55 ` [PATCH v4 06/14] xen: Move the hvm_start_info C representation from libxc to public/xen.h Anthony PERARD
2016-03-15 8:09 ` Jan Beulich
2016-03-16 0:59 ` Konrad Rzeszutek Wilk
2016-03-16 1:00 ` Konrad Rzeszutek Wilk
2016-03-16 8:32 ` Jan Beulich
2016-03-21 17:04 ` Roger Pau Monné
2016-03-21 17:21 ` Jan Beulich
2016-03-14 17:55 ` [PATCH v4 07/14] hvmloader: Grab the hvm_start_info pointer Anthony PERARD
2016-03-16 1:07 ` Konrad Rzeszutek Wilk
2016-04-05 12:43 ` Jan Beulich
2016-03-14 17:55 ` [PATCH v4 08/14] hvmloader: Locate the BIOS blob Anthony PERARD
2016-03-16 1:14 ` Konrad Rzeszutek Wilk
2016-03-17 17:46 ` Anthony PERARD
2016-03-17 17:57 ` Konrad Rzeszutek Wilk
2016-03-18 7:34 ` Jan Beulich
2016-04-05 12:59 ` Jan Beulich
2016-04-05 14:05 ` Roger Pau Monné
2016-04-05 14:23 ` Jan Beulich
2016-04-07 15:10 ` Anthony PERARD
2016-04-07 15:30 ` Jan Beulich
2016-03-14 17:55 ` [PATCH v4 09/14] hvmloader: Check modules whereabouts in perform_tests Anthony PERARD
2016-03-16 1:23 ` Konrad Rzeszutek Wilk
2016-03-17 18:08 ` Anthony PERARD
2016-04-05 13:07 ` Jan Beulich
2016-03-14 17:55 ` [PATCH v4 10/14] hvmloader: Load SeaBIOS from hvm_start_info modules Anthony PERARD
2016-03-16 1:27 ` Konrad Rzeszutek Wilk
2016-03-16 1:27 ` Konrad Rzeszutek Wilk
2016-04-05 13:11 ` Jan Beulich
2016-03-14 17:55 ` [PATCH v4 11/14] hvmloader: Load OVMF from modules Anthony PERARD
2016-03-16 1:36 ` Konrad Rzeszutek Wilk
2016-04-05 13:16 ` Jan Beulich
2016-03-14 17:55 ` [PATCH v4 12/14] hvmloader: Specific bios_load function required Anthony PERARD
2016-03-16 1:38 ` Konrad Rzeszutek Wilk
2016-03-17 18:25 ` Anthony PERARD
2016-03-14 17:55 ` [PATCH v4 13/14] hvmloader: Always build-in SeaBIOS and OVMF loader Anthony PERARD
2016-03-14 17:55 ` [PATCH v4 14/14] configure: do not depend on SEABIOS_PATH or OVMF_PATH Anthony PERARD
2016-03-16 1:40 ` Konrad Rzeszutek Wilk
2016-04-08 13:38 ` Wei Liu
2016-03-24 17:55 ` [PATCH v4 00/14] Load BIOS via toolstack instead of been embedded in hvmloader Jim Fehlig
2016-03-30 17:22 ` Jim Fehlig
2016-03-31 7:20 ` Jan Beulich
[not found] ` <56FCEBCD02000078000E19BF@suse.com>
2016-03-31 14:36 ` Jim Fehlig
2016-03-31 16:49 ` George Dunlap
2016-04-01 9:12 ` George Dunlap
2016-04-01 14:24 ` Konrad Rzeszutek Wilk
2016-04-01 20:06 ` Jim Fehlig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5714EFBF.2000806@cardoe.com \
--to=cardoe@cardoe.com \
--cc=anthony.perard@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).