(pv)?grub and PVHv2

(pv)?grub and PVHv2

[Marek Marczykowski-Górecki]

[-- Attachment #1.1: Type: text/plain, Size: 355 bytes --]

Hi,

Is there any method to boot PVHv2 domain using a kernel fetched from
that domain's disk image, _without_ mounting it in dom0? Something like
pvgrub was for PV.

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 473 bytes --]

[-- Attachment #2: Type: text/plain, Size: 127 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[Roger Pau Monné]

On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
> Hi,
> 
> Is there any method to boot PVHv2 domain using a kernel fetched from
> that domain's disk image, _without_ mounting it in dom0? Something like
> pvgrub was for PV.

Hello,

Anthony (Cced) is working on an OVMF port, so it can be used as
firmware for PVHv2 guests.

I cannot seem to be able to find the original cover-letter of that
patch series, this is the best I could find:

https://lists.01.org/pipermail/edk2-devel/2017-January/006148.html

Anthony will hopefully be able to provide more info on this.

Roger.

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[Anthony PERARD]

On Fri, Jun 02, 2017 at 10:58:54AM +0100, Roger Pau Monné wrote:
> On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
> > Hi,
> > 
> > Is there any method to boot PVHv2 domain using a kernel fetched from
> > that domain's disk image, _without_ mounting it in dom0? Something like
> > pvgrub was for PV.
> 
> Hello,
> 
> Anthony (Cced) is working on an OVMF port, so it can be used as
> firmware for PVHv2 guests.
> 
> I cannot seem to be able to find the original cover-letter of that
> patch series, this is the best I could find:
> 
> https://lists.01.org/pipermail/edk2-devel/2017-January/006148.html

Here for the cover-letter:
https://lists.xenproject.org/archives/html/xen-devel/2016-12/msg00953.html

But that a UEFI firmware, so I guess the guest would need UEFI support
backed into the disk image.

> Anthony will hopefully be able to provide more info on this.
> 
> Roger.

-- 
Anthony PERARD

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[Marek Marczykowski-Górecki]

[-- Attachment #1.1: Type: text/plain, Size: 1245 bytes --]

On Fri, Jun 02, 2017 at 12:16:06PM +0100, Anthony PERARD wrote:
> On Fri, Jun 02, 2017 at 10:58:54AM +0100, Roger Pau Monné wrote:
> > On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
> > > Hi,
> > > 
> > > Is there any method to boot PVHv2 domain using a kernel fetched from
> > > that domain's disk image, _without_ mounting it in dom0? Something like
> > > pvgrub was for PV.
> > 
> > Hello,
> > 
> > Anthony (Cced) is working on an OVMF port, so it can be used as
> > firmware for PVHv2 guests.
> > 
> > I cannot seem to be able to find the original cover-letter of that
> > patch series, this is the best I could find:
> > 
> > https://lists.01.org/pipermail/edk2-devel/2017-January/006148.html
> 
> Here for the cover-letter:
> https://lists.xenproject.org/archives/html/xen-devel/2016-12/msg00953.html

Thanks!

> But that a UEFI firmware, so I guess the guest would need UEFI support
> backed into the disk image.

That's totally ok. I assume it should point at linux.efi, not grub.efi,
right?

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 473 bytes --]

[-- Attachment #2: Type: text/plain, Size: 127 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[George Dunlap]

On Fri, Jun 2, 2017 at 10:58 AM, Roger Pau Monné <roger.pau@citrix.com> wrote:
> On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
>> Hi,
>>
>> Is there any method to boot PVHv2 domain using a kernel fetched from
>> that domain's disk image, _without_ mounting it in dom0? Something like
>> pvgrub was for PV.
>
> Hello,
>
> Anthony (Cced) is working on an OVMF port, so it can be used as
> firmware for PVHv2 guests.

I think in theory it shouldn't be too hard to port the pvgrub2 code to
boot into PVH, since it already boots in PV, right?

Is this something we should try to encourage, or do you think it would
be better to route everyone through EFI?

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[Andrew Cooper]

On 05/06/17 11:55, George Dunlap wrote:
> On Fri, Jun 2, 2017 at 10:58 AM, Roger Pau Monné <roger.pau@citrix.com> wrote:
>> On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
>>> Hi,
>>>
>>> Is there any method to boot PVHv2 domain using a kernel fetched from
>>> that domain's disk image, _without_ mounting it in dom0? Something like
>>> pvgrub was for PV.
>> Hello,
>>
>> Anthony (Cced) is working on an OVMF port, so it can be used as
>> firmware for PVHv2 guests.
> I think in theory it shouldn't be too hard to port the pvgrub2 code to
> boot into PVH, since it already boots in PV, right?
>
> Is this something we should try to encourage, or do you think it would
> be better to route everyone through EFI?

Even a PVH pvgrub still suffers the a priori problem which makes booting
PV guests extremely difficult.  You don't know ahead-of-time which
bootloader the guest is using without peering at its disks, which opens
a massive attack surface in dom0.

Using things like EFI allows any compatible OS to function, not just
ones which use grub.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[George Dunlap]

On Mon, Jun 5, 2017 at 1:08 PM, Andrew Cooper <andrew.cooper3@citrix.com> wrote:
> On 05/06/17 11:55, George Dunlap wrote:
>> On Fri, Jun 2, 2017 at 10:58 AM, Roger Pau Monné <roger.pau@citrix.com> wrote:
>>> On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
>>>> Hi,
>>>>
>>>> Is there any method to boot PVHv2 domain using a kernel fetched from
>>>> that domain's disk image, _without_ mounting it in dom0? Something like
>>>> pvgrub was for PV.
>>> Hello,
>>>
>>> Anthony (Cced) is working on an OVMF port, so it can be used as
>>> firmware for PVHv2 guests.
>> I think in theory it shouldn't be too hard to port the pvgrub2 code to
>> boot into PVH, since it already boots in PV, right?
>>
>> Is this something we should try to encourage, or do you think it would
>> be better to route everyone through EFI?
>
> Even a PVH pvgrub still suffers the a priori problem which makes booting
> PV guests extremely difficult.  You don't know ahead-of-time which
> bootloader the guest is using without peering at its disks, which opens
> a massive attack surface in dom0.
>
> Using things like EFI allows any compatible OS to function, not just
> ones which use grub.

I wasn't suggesting loading the grub bootloader off the disk image; I
was suggesting using a fixed pvgrub supplied by the host.  That's what
happens for PV guests using pvgrub at the moment.

Using pvgrub allows any grub-compatible OS to function; using EFI
allows any EFI-compatible OS to function.  There are many which would
be one but not the other.  (But I suppose, there would not be many
that were both PVH compatible and not EFI compatible.)

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[Marek Marczykowski-Górecki]

[-- Attachment #1.1: Type: text/plain, Size: 1123 bytes --]

On Mon, Jun 05, 2017 at 11:55:24AM +0100, George Dunlap wrote:
> On Fri, Jun 2, 2017 at 10:58 AM, Roger Pau Monné <roger.pau@citrix.com> wrote:
> > On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
> >> Hi,
> >>
> >> Is there any method to boot PVHv2 domain using a kernel fetched from
> >> that domain's disk image, _without_ mounting it in dom0? Something like
> >> pvgrub was for PV.
> >
> > Hello,
> >
> > Anthony (Cced) is working on an OVMF port, so it can be used as
> > firmware for PVHv2 guests.
> 
> I think in theory it shouldn't be too hard to port the pvgrub2 code to
> boot into PVH, since it already boots in PV, right?
> 
> Is this something we should try to encourage, or do you think it would
> be better to route everyone through EFI?

For Qubes OS I think EFI is good enough here. Any system supporting
PVHv2 also support EFI (right?), so it shouldn't limit anything.

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 473 bytes --]

[-- Attachment #2: Type: text/plain, Size: 127 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: (pv)?grub and PVHv2

[Jan Beulich]

>>> On 05.06.17 at 14:08, <andrew.cooper3@citrix.com> wrote:
> On 05/06/17 11:55, George Dunlap wrote:
>> On Fri, Jun 2, 2017 at 10:58 AM, Roger Pau Monné <roger.pau@citrix.com> wrote:
>>> On Fri, Jun 02, 2017 at 11:33:50AM +0200, Marek Marczykowski-Górecki wrote:
>>>> Hi,
>>>>
>>>> Is there any method to boot PVHv2 domain using a kernel fetched from
>>>> that domain's disk image, _without_ mounting it in dom0? Something like
>>>> pvgrub was for PV.
>>> Hello,
>>>
>>> Anthony (Cced) is working on an OVMF port, so it can be used as
>>> firmware for PVHv2 guests.
>> I think in theory it shouldn't be too hard to port the pvgrub2 code to
>> boot into PVH, since it already boots in PV, right?
>>
>> Is this something we should try to encourage, or do you think it would
>> be better to route everyone through EFI?
> 
> Even a PVH pvgrub still suffers the a priori problem which makes booting
> PV guests extremely difficult.  You don't know ahead-of-time which
> bootloader the guest is using without peering at its disks, which opens
> a massive attack surface in dom0.
> 
> Using things like EFI allows any compatible OS to function, not just
> ones which use grub.

This is certainly valid to say when considering only 64-bit OSes, but
as soon as you look at a mix of 32- and 64-bit ones there are
complications again resulting from possibly mixed bitness between
EFI and OS.

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel