From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.2 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48B8BC432BE for ; Thu, 26 Aug 2021 13:00:25 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 66A0F60F5C for ; Thu, 26 Aug 2021 13:00:24 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 66A0F60F5C Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=konsulko.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 42B6482C87; Thu, 26 Aug 2021 15:00:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=konsulko.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=konsulko.com header.i=@konsulko.com header.b="jJD3vW77"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D7FE882F4D; Thu, 26 Aug 2021 15:00:17 +0200 (CEST) Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com [IPv6:2607:f8b0:4864:20::72f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 31A0082C87 for ; Thu, 26 Aug 2021 15:00:06 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=konsulko.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=trini@konsulko.com Received: by mail-qk1-x72f.google.com with SMTP id a66so3223296qkc.1 for ; Thu, 26 Aug 2021 06:00:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=26XJPSlV8dRaU6fdwXZQFu5sg/fAUdtoPx9BZWM0PAY=; b=jJD3vW7737H9sJoFNKWOsL2VNihv06NwujBa5Yq7xaK+BE8ZAioXn6yOI8AobsxYrp RtlqT9o60/9SrvLa8qt12++b68q+DcG6TYtpdHmykE84yjQBuKNoxZGa0iid0oFKozSA x19zpcMJEler9e4BBxwrm4IU93zsXqvsQx3Gg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=26XJPSlV8dRaU6fdwXZQFu5sg/fAUdtoPx9BZWM0PAY=; b=WUTxi6x+dR4mtUr5P9aGMznEFXoHRHP/j2lkLrzFTnO4HAAwqXEXjHTBtyXdLemGzx bhYPseraMjyiencyyqPQgo+fpfZ+GFHQ4Urifhxg6QADYAhr66LjbkuwBbLrnBGthkh+ 6JB2W4HucWimt8A1Io0vQTuIqTiNS64o1C7SYdD5oU81ztsR2tX3r1wVItecHqEHv8F5 53xEX/s8s4UdD6kOkRqW0abGzPYmFxm/rax0lfbr6E/NZ0vWUfBb33hOx/P6UVnClMO2 l3qmW+FEDQV6Zfe409sw8emOoCaoYzh8l97/BZrb/iCyzrVVKdao9IpzSSMmO4UCUOK2 tHyw== X-Gm-Message-State: AOAM532XBIQ2AeFflrq3+jMQptrCmIQVKyAwlHto1nQTqdMqsOU7bRKs TYoqyMFsu3pYP6uj1yKzb7WYjg== X-Google-Smtp-Source: ABdhPJyqlM616MLcq1BiARH2i5o3DsPuitai45CFNdeD/poD3hKnEH+Il9sRuXA6w9U98PFsJ/US3Q== X-Received: by 2002:a05:620a:702:: with SMTP id 2mr3560030qkc.7.1629982804603; Thu, 26 Aug 2021 06:00:04 -0700 (PDT) Received: from bill-the-cat (2603-6081-7b01-cbda-519a-4843-2801-9790.res6.spectrum.com. [2603:6081:7b01:cbda:519a:4843:2801:9790]) by smtp.gmail.com with ESMTPSA id s10sm2387839qko.134.2021.08.26.06.00.03 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 26 Aug 2021 06:00:03 -0700 (PDT) Date: Thu, 26 Aug 2021 09:00:01 -0400 From: Tom Rini To: Mark Kettenis Cc: takahiro.akashi@linaro.org, sjg@chromium.org, manu@bidouilliste.com, u-boot@lists.denx.de, ilias.apalodimas@linaro.org, jaeckel-floss@eyet-services.de, michal.simek@xilinx.com, dennis@ausil.us, daniel.schwierzeck@gmail.com, lukas.auer@aisec.fraunhofer.de, jh80.chung@samsung.com, mbrugger@suse.com, peng.fan@nxp.com, swarren@nvidia.com, swarren@wwwdotorg.org Subject: Re: [PATCH 00/28] Initial implementation of bootmethod/bootflow Message-ID: <20210826130001.GI858@bill-the-cat> References: <20210823200146.GG858@bill-the-cat> <561412964a77c660@bloch.sibelius.xs4all.nl> <20210825124523.abf62a19a25e7491a4b4dae1@bidouilliste.com> <20210825144251.GB89209@laputa> <20210825145635.GV858@bill-the-cat> <56141a22c6ddf02a@bloch.sibelius.xs4all.nl> <20210825220605.GB858@bill-the-cat> <56141bba1eb99517@bloch.sibelius.xs4all.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7GPv+BXP4SHH9ttj" Content-Disposition: inline In-Reply-To: <56141bba1eb99517@bloch.sibelius.xs4all.nl> X-Clacks-Overhead: GNU Terry Pratchett User-Agent: Mutt/1.9.4 (2018-02-28) X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean --7GPv+BXP4SHH9ttj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 26, 2021 at 02:01:07PM +0200, Mark Kettenis wrote: > > Date: Wed, 25 Aug 2021 18:06:05 -0400 > > From: Tom Rini > >=20 > > On Wed, Aug 25, 2021 at 11:54:58PM +0200, Mark Kettenis wrote: > > > > Date: Wed, 25 Aug 2021 10:56:35 -0400 > > > > From: Tom Rini > > > >=20 > > > > On Wed, Aug 25, 2021 at 11:42:51PM +0900, AKASHI Takahiro wrote: > > > > > Simon, > > > > >=20 > > > > > On Wed, Aug 25, 2021 at 07:11:44AM -0600, Simon Glass wrote: > > > > > > Hi, > > > > > >=20 > > > > > > On Wed, 25 Aug 2021 at 04:45, Emmanuel Vadot wrote: > > > > > > > > > > > > > > On Tue, 24 Aug 2021 12:22:42 +0200 (CEST) > > > > > > > Mark Kettenis wrote: > > > > > > > > > > > > > > > > Date: Mon, 23 Aug 2021 16:01:46 -0400 > > > > > > > > > From: Tom Rini > > > > > > > > > > > > > > > > > > On Mon, Aug 23, 2021 at 11:25:42AM -0600, Simon Glass wro= te: > > > > > > > > > > Hi Mark, > > > > > > > > > > > > > > > > > > > > On Mon, 23 Aug 2021 at 05:54, Mark Kettenis wrote: > > > > > > > > > > > > > > > > > > > > > > > From: Simon Glass > > > > > > > > > > > > Date: Wed, 18 Aug 2021 21:45:33 -0600 > > > > > > > > > > > > > > > > > > > > > > > > Bootmethod and bootflow provide a built-in way for = U-Boot to automatically boot > > > > > > > > > > > > an Operating System without custom scripting and ot= her customisation: > > > > > > > > > > > > > > > > > > > > > > > > - bootmethod - a method to scan a device to find = bootflows (owned by U-Boot) > > > > > > > > > > > > - bootflow - a description of how to boot (owned = by the distro) > > > > > > > > > > > > > > > > > > > > > > > > This series provides an initial implementation of t= hese, enable to scan > > > > > > > > > > > > for bootflows from MMC and Ethernet. The only bootf= low supported is > > > > > > > > > > > > distro boot, i.e. an extlinux.conf file included on= a filesystem or > > > > > > > > > > > > tftp server. It works similiarly to the existing sc= ript-based approach, > > > > > > > > > > > > but is native to U-Boot. > > > > > > > > > > > > > > > > > > > > > > > > With this we can boot on a Raspberry Pi 3 with just= one command: > > > > > > > > > > > > > > > > > > > > > > > > bootflow scan -lb > > > > > > > > > > > > > > > > > > > > > > > > which means to scan, listing (-l) each bootflow and= trying to boot each > > > > > > > > > > > > one (-b). The final patch shows this. > > > > > > > > > > > > > > > > > > > > > > > > It is intended that this approach be expanded to su= pport mechanisms other > > > > > > > > > > > > than distro boot, including EFI-related ones. With = a standard way to > > > > > > > > > > > > identify boot devices, these features become easier= =2E It also should > > > > > > > > > > > > support U-Boot scripts, for backwards compatibility= only. > > > > > > > > > > > > > > > > > > > > > > > > The first patch of this series moves boot-related c= ode out of common/ and > > > > > > > > > > > > into a new boot/ directory. This helps to collect t= hese related files > > > > > > > > > > > > in one place, as common/ is quite large. > > > > > > > > > > > > > > > > > > > > > > > > Like sysboot, this feature makes use of the existin= g PXE implementation. > > > > > > > > > > > > Much of this series consists of cleaning up that co= de and refactoring it > > > > > > > > > > > > into something closer to a module that can be calle= d, teasing apart its > > > > > > > > > > > > reliance on the command-line interpreter to access = filesystems and the > > > > > > > > > > > > like. Also it now uses function arguments and its o= wn context struct > > > > > > > > > > > > internally rather than environment variables, which= is very hard to > > > > > > > > > > > > follow. No core functional change is included in th= e included PXE patches. > > > > > > > > > > > > > > > > > > > > > > > > For documentation, see the 'doc' patch. > > > > > > > > > > > > > > > > > > > > > > > > There is quite a long list of future work included = in the documentation. > > > > > > > > > > > > One question is the choice of naming. Since this is= a bootloader, should > > > > > > > > > > > > we just call this a 'method' and a 'flow' ? The 'bo= ot' prefix is already > > > > > > > > > > > > shared by other commands like bootm, booti, etc. > > > > > > > > > > > > > > > > > > > > > > > > The design is described here: > > > > > > > > > > > > > > > > > > > > > > > > https://drive.google.com/file/d/1ggW0KJpUOR__vBkj3l= 61L2dav4ZkNC12/view?usp=3Dsharing > > > > > > > > > > > > > > > > > > > > > > > > The series is available at u-boot-dm/bmea-working > > > > > > > > > > > > > > > > > > > > > > How does the user control the order in which devices = are scanned/booted? > > > > > > > > > > > > > > > > > > > > That is not supported in distroboot at present, at leas= t so far as I > > > > > > > > > > can see. For Fedora it seems to happen in grub. Do I ha= ve that right? > > > > > > > > > > > > > > > > > > Well, there's "find the next stage", which is boot_target= s environment > > > > > > > > > variable, and then "where that next stage looks for stuff= " which is > > > > > > > > > OS-dependent. Sometimes the ESP grub.cfg file is just en= ough to tell > > > > > > > > > grub to find the full grub.cfg file elsewhere, and someti= mes it's a full > > > > > > > > > grub.cfg file. I think Mark is talking about the former,= and you've > > > > > > > > > said it's not part of this series, yet, but on the TODO l= ist. > > > > > > > > > > > > > > > > Right. With the current distroboot code the order of the d= evices that > > > > > > > > appears in boot_targets is determined by per-board/SOC/mach= ine config > > > > > > > > files and the order isn't the same for all of them. Users = can change > > > > > > > > the order if necessary by modifying the environment variabl= e and > > > > > > > > saving the environment. And for a one-off boot from a diff= erent > > > > > > > > device they can simply run an appropriate boot command. The > > > > > > > > boot_targets variable in particular is documented in variou= s install > > > > > > > > documents so it would probably be good of the new "bootmeth= od" code > > > > > > > > would respect this variable. > > > > > > > > > > > > > > > > For OpenBSD I'm not really interested in the bootflow part.= As I > > > > > > > > explained in the past, that part of the problem is solved i= n a > > > > > > > > (mostly) uniform way across platforms by the OpenBSD bootlo= ader which > > > > > > > > can read an /etc/boot.conf that allows bootflow customizati= on. So as > > > > > > > > long as the default of the new code still results in > > > > > > > > \EFI\BOOT\BOOT{machine type short-name}.EFI being loaded an= d run if > > > > > > > > there is no U-Boot specific bootflow configured, I'm happy. > > > > > > > > > > > > > > Mostly the same for FreeBSD, as long as the efi boot.e= fi is > > > > > > > loaded and run by default (respecting the boot_targets order)= we will > > > > > > > be fine. > > > > > >=20 > > > > > > OK thanks for the info. My expectation is that bootmethod/bootf= low can > > > > > > support this easily enough (it is actually simpler than distro = boot). > > > > > >=20 > > > > > > > > > > > > > > > I can't speak for the other BSDs, but my impression is that= they are > > > > > > > > pretty much in the same position. The FreeBSD bootloader f= or example > > > > > > > > supports a high-degree of "bootflow" customization and I do= ubt that > > > > > > > > taking it out of the loop is a viable option for most users. > > > > > >=20 > > > > > > I think the same may happen with grub. E.g. with Ubuntu I see q= uite a > > > > > > bit of code in the grub.cfg file and it's not clear to me that = it can > > > > > > be replaced with a 'data instead of code' approach. Still, a va= lid > > > > > > bootflow is simply to jump to an EFI app, which seems to be wha= t is > > > > > > happening here. The bootflow side is really just about describi= ng what > > > > > > to do, and this case is no different. For now I see three types= of > > > > > > bootflow, PXE/syslinux, EFI boot manager and EFI app. > > > > >=20 > > > > > By "EFI app", do you mean a way of booting "/efi/boot/bootXX.efi" > > > > > (default file name in case that no image path is specified)? > > > > >=20 > > > > > In fact, this behavior, or removable media support, is defined > > > > > as part of UEFI boot manager in UEFI specification. (See section = 3.5) > > > > > What this means is that the boot order, including a removable med= ia > > > > > case and user-provided BootXXXX cases, should be controlled solely > > > > > by "BootOrder" variable. > > > > > So the current combination of distro_bootcmd + UEFI boot manger d= oesn't > > > > > fully comply with the specification. > > > > >=20 > > > > > Even if those two cases are integrated, I don't know how "BootOrd= er" > > > > > semantics can be preserved in your approach. > > > >=20 > > > > I think the high level answer is that whereas today part of > > > > distro_bootcmd (and so iterating over boot_targets) "bootefi bootmg= r" > > > > gets run, with what Simon is proposing we would have an easier / qu= icker > > > > way to get over to just running that. Perhaps a clean-up to just u= se > > > > that, even? Or are we not to the point yet where we could remove t= he > > > > direct fall-back to /efi/boot/bootXX.efi ? > > >=20 > > > I think "bootefi bootmgr" only works if the BootOrder variable is > > > defined, and currently that isn't the case. > > >=20 > > > The boot manager behaviour as specified in the UEFI specification is > > > somewhat problematic to implement in U-Boot because of the limitations > > > in how variables can be set at runtime. This is one of the reasons > > > OpenBSD doesn't actually bother with setting the variables and simple > > > relies on the "removable media" support mentioned above. All my > > > OpenBSD systems that use U-Boot print the follwing lines: > > >=20 > > > BootOrder not defined > > > EFI boot manager: Cannot load any image > > > Found EFI removable media binary efi/boot/bootaa64.efi > > >=20 > > > But maybe that last step can be intgrated into bootefi bootmgr at some > > > point? > > >=20 > > > Also note that manually manipulating the EFI variables to change the > > > boot order is quite cumbersome; it isn't a matter of just changed the > > > aforementioned BootOrder variable. That's why I think boot_targets is > > > the preferable way to define the order in which devices should be > > > booted. I don't think that violates the UEFI specification. It > > > merely is the way U-Boot implements the boot device selection that > > > more traditional UEFI implementations implement using a menu. > >=20 > > As I don't want to side-track Simon's thread even further, I would like > > to see a bit more detailed explanation of why U-Boot cannot support EFI > > variables, or if it's just a matter of someone doing the work, and it's > > not been a priority yet. >=20 > U-Boot has some support for EFI variables, but there are some > fundamental problems that make "full" support for them hard or even > impossible. >=20 > Some non-volatile storage is necessary for these variables such that > they can be persistent across boots. Obviously this very much applies > to the BootOrder variable. EFI defines calls to manipulate variables > as part of its runtime services. This means that the NV storage has > to implemented in a way that doesn't interfere with normal OS usage of > the hardware. That pretty much means that you need dedicated hardware > for this, which most devices supported by U-Boot simply don't have. > Having the EFI variables in the U-Boot environment on a reserved part > of a uSD card isn't going to work if the OS assumes it has full > control over the uSD controller. >=20 > Recent versions of the UEFI have made the implementation of some of > the runtime services optional (more or less at the request of the EBBR > folks) and allow certain calls (e.g. the SetVariable() call) to fail. > This poses a bit of a problem though, which I'll try to sketch here: >=20 > The way things typically work on a x86 EFI system is that you boot > your OS installer from removable media. The OS installer does its > thing (partitions the disk, creates filesystems, installs the OS > kernel, etc.) and at the end creates a boot option for the boot > manager by creating an apropriate Boot#### variable and possibly > modifying the BootOrder variable to include the newly created boot > option. A typical x86 Linux distro will create a Boot#### variable > that is effectively a devicepath pointing at grub.efi. Unfortunately > that won't work if the SetVariable() EFI runtime interface doesn't > work. >=20 > I'm not sure how the EBBR folks envisaged the OS installation user > experience on these systems. Maybe Takahiro can explain. But as long > as you don't really care about booting multiple OSes on a system, > relying on the default removable media boot path works fine in most > cases in that it automatically boots into the installed OS when you > reboot after removing the installation media. Ah right, run-time variables are where it gets tricky. I would think that when ENV_IS_IN_MMC/etc, where it's a hard location on something, and not a file (which would be hard to share since it's likely mounted via the OS) would let us get past that. --=20 Tom --7GPv+BXP4SHH9ttj Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmEnkE4ACgkQFHw5/5Y0 tyz1FQwAjYIgRgrMPS3w/eVklnFRtvyB5piAQl0LqycGw+qmUX//yrIJdVzG577R XwzO/GjH/wSEGjc8BVrsbRj1uFS/5KHJHf4jBtSZpGDReZnjn6P/6Rsgy0/ve34n X83WXpurrVtIsSCASNNOJixRIa6jxBPytBFbIa67LrEwHFQPLdSqatchUA+fOlgE wiwXfRR/ebDRtEzacOO0JfZZ/lrdjbiQur52kW6LONWwdkyuG/JUb/b+eQ0wSF1P x3remPVAVl+jMJKcIFGl+UZ1diA2gQeGc0U2tUQ5A7ofK4esfqgBT5w76Rv1K5Mj J3IBhWTaVt6O3IHCoi54qixoWykmSG9Ms69YV2pZabb4F4WtyWO+KKmmd5S7ZIY/ 8TO4D+ayow2gjXrWecappJxN5cIWmx1hu3XDnZu8UWcEhNV2VCvN0vJJCCUGZa7c 9g9fBzwc6yiy+Ly5eI5+XweC9c7B0msjfP9d8w+x8qJW8aIloHN/ovwHwQjhsdVn ygIXQIX3 =6nJU -----END PGP SIGNATURE----- --7GPv+BXP4SHH9ttj--