From: Ross Lagerwall <ross.lagerwall@citrix.com>
To: grub-devel@gnu.org
Cc: xen-devel@lists.xenproject.org,
"Ross Lagerwall" <ross.lagerwall@citrix.com>,
"Daniel Kiper" <daniel.kiper@oracle.com>,
"Daniel Kiper" <dkiper@net-space.pl>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>,
"Jan Beulich" <jbeulich@suse.com>
Subject: [PATCH v2 1/3] multiboot2: Add support for the PE binary type
Date: Thu, 28 Mar 2024 15:13:00 +0000 [thread overview]
Message-ID: <20240328151302.1451158-2-ross.lagerwall@citrix.com> (raw)
In-Reply-To: <20240328151302.1451158-1-ross.lagerwall@citrix.com>
Currently, multiboot2-compatible bootloaders can load ELF binaries and
a.out binaries. The presence of the address header tag determines
how the bootloader tries to interpret the binary (a.out if the address
tag is present else ELF).
In addition to the existing address and ELF load types, specify that
boot loaders may optionally support PE binaries as well. This new type
is a useful addition since PE binaries can be signed and verified (i.e.
used with Secure Boot). Boot loaders can distinguish between ELF and PE
binaries using magic numbers since it is not possible for a binary to be
both an ELF and PE binary at the same time.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
---
doc/multiboot.texi | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/doc/multiboot.texi b/doc/multiboot.texi
index df8a0d056e76..d26c35b54cd4 100644
--- a/doc/multiboot.texi
+++ b/doc/multiboot.texi
@@ -510,12 +510,15 @@ assumes that no bss segment is present.
@end table
Note: This information does not need to be provided if the kernel image
-is in @sc{elf} format, but it must be provided if the image is in a.out
-format or in some other format. When the address tag is present it must
-be used in order to load the image, regardless of whether an @sc{elf}
-header is also present. Compliant boot loaders must be able to load
-images that are either in @sc{elf} format or contain the address tag
-embedded in the Multiboot2 header.
+is in @sc{elf} or @sc{PE} format, but it must be provided if the image
+is in a.out format or in some other format. When the address tag is
+present it must be used in order to load the image, regardless of
+whether an @sc{elf} or @sc{PE} header is also present. Compliant boot
+loaders must be able to load images that are either in @sc{elf} format
+or contain the address tag embedded in the Multiboot2 header. Compliant
+boot loaders may optionally support loading images in @sc{PE} format.
+When the address tag is not present, the boot loader should use magic
+numbers to identify the type of the image to determine how to load it.
@subsection The entry address tag of Multiboot2 header
@@ -565,7 +568,7 @@ start running EFI i386 compatible operating system code.
This tag is taken into account only on EFI i386 platforms
when Multiboot2 image header contains EFI boot services tag.
-Then entry point specified in ELF header and the entry address
+Then entry point specified in ELF or PE header and the entry address
tag of Multiboot2 header are ignored.
@subsection EFI amd64 entry address tag of Multiboot2 header
@@ -597,7 +600,7 @@ start running EFI amd64 compatible operating system code.
This tag is taken into account only on EFI amd64 platforms
when Multiboot2 image header contains EFI boot services tag.
-Then entry point specified in ELF header and the entry address
+Then entry point specified in ELF or PE header and the entry address
tag of Multiboot2 header are ignored.
@node Console header tags
--
2.43.0
WARNING: multiple messages have this Message-ID (diff)
From: Ross Lagerwall via Grub-devel <grub-devel@gnu.org>
To: grub-devel@gnu.org
Cc: "Ross Lagerwall" <ross.lagerwall@citrix.com>,
xen-devel@lists.xenproject.org,
"Daniel Kiper" <daniel.kiper@oracle.com>,
"Daniel Kiper" <dkiper@net-space.pl>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>,
"Jan Beulich" <jbeulich@suse.com>
Subject: [PATCH v2 1/3] multiboot2: Add support for the PE binary type
Date: Thu, 28 Mar 2024 15:13:00 +0000 [thread overview]
Message-ID: <20240328151302.1451158-2-ross.lagerwall@citrix.com> (raw)
In-Reply-To: <20240328151302.1451158-1-ross.lagerwall@citrix.com>
Currently, multiboot2-compatible bootloaders can load ELF binaries and
a.out binaries. The presence of the address header tag determines
how the bootloader tries to interpret the binary (a.out if the address
tag is present else ELF).
In addition to the existing address and ELF load types, specify that
boot loaders may optionally support PE binaries as well. This new type
is a useful addition since PE binaries can be signed and verified (i.e.
used with Secure Boot). Boot loaders can distinguish between ELF and PE
binaries using magic numbers since it is not possible for a binary to be
both an ELF and PE binary at the same time.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
---
doc/multiboot.texi | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/doc/multiboot.texi b/doc/multiboot.texi
index df8a0d056e76..d26c35b54cd4 100644
--- a/doc/multiboot.texi
+++ b/doc/multiboot.texi
@@ -510,12 +510,15 @@ assumes that no bss segment is present.
@end table
Note: This information does not need to be provided if the kernel image
-is in @sc{elf} format, but it must be provided if the image is in a.out
-format or in some other format. When the address tag is present it must
-be used in order to load the image, regardless of whether an @sc{elf}
-header is also present. Compliant boot loaders must be able to load
-images that are either in @sc{elf} format or contain the address tag
-embedded in the Multiboot2 header.
+is in @sc{elf} or @sc{PE} format, but it must be provided if the image
+is in a.out format or in some other format. When the address tag is
+present it must be used in order to load the image, regardless of
+whether an @sc{elf} or @sc{PE} header is also present. Compliant boot
+loaders must be able to load images that are either in @sc{elf} format
+or contain the address tag embedded in the Multiboot2 header. Compliant
+boot loaders may optionally support loading images in @sc{PE} format.
+When the address tag is not present, the boot loader should use magic
+numbers to identify the type of the image to determine how to load it.
@subsection The entry address tag of Multiboot2 header
@@ -565,7 +568,7 @@ start running EFI i386 compatible operating system code.
This tag is taken into account only on EFI i386 platforms
when Multiboot2 image header contains EFI boot services tag.
-Then entry point specified in ELF header and the entry address
+Then entry point specified in ELF or PE header and the entry address
tag of Multiboot2 header are ignored.
@subsection EFI amd64 entry address tag of Multiboot2 header
@@ -597,7 +600,7 @@ start running EFI amd64 compatible operating system code.
This tag is taken into account only on EFI amd64 platforms
when Multiboot2 image header contains EFI boot services tag.
-Then entry point specified in ELF header and the entry address
+Then entry point specified in ELF or PE header and the entry address
tag of Multiboot2 header are ignored.
@node Console header tags
--
2.43.0
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
next prev parent reply other threads:[~2024-03-28 15:11 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-28 15:12 [PATCH v2 0/3] GRUB: Supporting Secure Boot of xen Ross Lagerwall
2024-03-28 15:12 ` Ross Lagerwall via Grub-devel
2024-03-28 15:13 ` Ross Lagerwall [this message]
2024-03-28 15:13 ` [PATCH v2 1/3] multiboot2: Add support for the PE binary type Ross Lagerwall via Grub-devel
2024-03-28 15:13 ` [PATCH v2 2/3] multiboot2: Add PE load support Ross Lagerwall
2024-03-28 15:13 ` Ross Lagerwall via Grub-devel
2024-03-28 15:13 ` [PATCH v2 3/3] efi: Allow loading multiboot modules without verification Ross Lagerwall
2024-03-28 15:13 ` Ross Lagerwall via Grub-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240328151302.1451158-2-ross.lagerwall@citrix.com \
--to=ross.lagerwall@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=daniel.kiper@oracle.com \
--cc=dkiper@net-space.pl \
--cc=grub-devel@gnu.org \
--cc=jbeulich@suse.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.