From mboxrd@z Thu Jan 1 00:00:00 1970 From: Cristian Ciocaltea Date: Mon, 5 Oct 2020 02:41:26 +0300 Subject: Fit images and EFI_LOAD_FILE2_PROTOCOL In-Reply-To: <951b8fca-da6b-c4bb-8e5a-fc96646f7f07@gmx.de> References: <951b8fca-da6b-c4bb-8e5a-fc96646f7f07@gmx.de> Message-ID: <20201004234126.GA37678@ubuntu2004> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hello Heinrich, On Sat, Oct 03, 2020 at 10:51:24AM +0200, Heinrich Schuchardt wrote: > Hello Ilias, hello Christian, > > with commit ec80b4735a59 ("efi_loader: Implement FileLoad2 for initramfs > loading") Ilias provided the possibility to specify a device path > (CONFIG_EFI_INITRD_FILESPEC) from which an initial RAM disk can be > served via the EFI_FILE_LOAD2_PROTOCOL. > > Ard extended the Linux EFI stub to allow loading the initial RAM disk > via the EFI_FILE_LOAD2_PROTOCOL with the utmost priority. Thanks for sharing this information, I was not aware of the work related to the EFI_FILE_LOAD2_PROTOCOL, neither in the Linux kernel nor in U-Boot. > With commit ecc7fdaa9ef1 ("bootm: Add a bootm command for type > IH_OS_EFI") Cristian enabled signed FIT images that contain a device > tree and a UEFI binary (enabled by CONFIG_BOOTM_EFI=y). > > In the DTE calls we have discussed that it is unfortunate that we do not > have a method to validate initial RAM images in the UEFI context. > > To me it would look like a good path forward to combine the two ideas: > > * Let the signed FIT image (of type IH_OS_EFI) contain a RAM disk > * Pass location and size to the UEFI subsystem and serve them via > the EFI_FILE_LOAD2_PROTOCOL. > > We could also extend the bootefi command to be callable as > > bootefi $kernel_addr_r $ramdisk_addr_r:$filesize $fdt_addr_r > > like the booti command to serve an initial RAM disk. > > What are your thoughts? I think having initial RAM disk support in UEFI FIT images would be a great improvement. For the moment I had to put on hold my experiments around bootefi and verified boot scenarios, but I will do my best to resume this work in the foreseeable future. > Best regards > > Heinrich Kind regards, Cristi