From: Michael Casadevall <michael.casadevall@linaro.org>
To: Paolo Bonzini <pbonzini@redhat.com>,
Robie Basak <robie.basak@canonical.com>,
Grant Likely <grant.likely@linaro.org>
Cc: Christoffer Dall <christoffer.dall@linaro.org>,
cross-distro@lists.linaro.org,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"kvmarm@lists.cs.columbia.edu" <kvmarm@lists.cs.columbia.edu>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
xen-devel@lists.xen.org, Rob Herring <rob.herring@linaro.org>,
Peter Maydell <peter.maydell@linaro.org>,
"marc.zyngier@arm.com" <marc.zyngier@arm.com>,
Leif Lindholm <leif.lindholm@linaro.org>,
Stefano Stabellini <stefano.stabellini@citrix.com>,
Ian Campbell <ian.campbell@citrix.com>,
Laszlo Ersek <lersek@redhat.com>,
Jordan Justen <jljusten@gmail.com>
Subject: Re: [RFC] ARM VM System Sepcification
Date: Sat, 08 Mar 2014 19:41:08 +0800 [thread overview]
Message-ID: <531B01D4.10806@linaro.org> (raw)
In-Reply-To: <531843EE.8040102@redhat.com>
On 03/06/2014 05:46 PM, Paolo Bonzini wrote:
> Il 06/03/2014 09:52, Robie Basak ha scritto:
>> On Sat, Mar 01, 2014 at 03:27:56PM +0000, Grant Likely wrote:
>>> I would also reference section 3.3 (Boot Option Variables Default Boot
>>> Behavior) and 3.4.1.1 (Removable Media Boot Behavior) here. It's
>>> fine to
>>> restate the meaning of the requirement in this spec, but the UEFI spec
>>> is the authoritative source. Distributed VM disk images fall under the
>>> same scenario as the firmware not having any valid boot variables.
>>
>> What happens when the VM is first booted without boot variables, but
>> then the OS expects to be able to set boot variables and see them on
>> next boot?
>
> UEFI scans the devices; looks for an EFI system partition on the
> disks; and builds a default boot order.
>
>> If possible, I would prefer to mandate that the host implementation is
>> permitted to no-op (or otherwise disable) boot variable write operations
>> altogether to avoid having to deal with this. In the common case, I
>> don't see why an OS installation shipped via a VM disk image would need
>> to write boot variables anyway.
>>
>> Would there be any adverse consequences to doing this?
>
> Given the experience on x86 UEFI, no.
>
> Unlike bare metal, it is common to run UEFI VMs without persistent
> flash storage. In this case the boot variables and boot order are
> rebuilt on the fly on every boot, and it just works for both Windows
> and Linux; there's no reason why it should be any different for ARM.
>
While I realize in the real world, we can live with non-persistent boot
variables, this is a *direct* violation of the UEFI spec; we can't call
our VMs UEFI-compatible if we do this.
However, I've been looking at the spec, and I think we're within spec if
we save the variables on the HDD itself. There's some support for this
already (Firmware Block Volume Device), but its possible we could
implement boot variables as a file on system partition (UEFI's default
search order can be used to figure out which variable file to use, or
some sorta fingerprinting system). The biggest trick though is that
UEFI's Runtime Services will need to be able to write this file, which
may require us move a large chunk of UEFI to runtime services so the FAT
filesystem stuff can stick around. If we give it a proper partition,
then we can just do raw block read/writes. This however would require us
mandating that said partition exists, and making sure there aren't any
hidden gotchas in invoking this.
Obviously this isn't ideal, but this might be the middle road solution
we need here. I can dig through Tiano to get a realistic idea of how
hard this will be in reality if we want to seriously look at this option.
>> My reason is that this would save us from blocking a general OpenStack
>> implementation on ARM by requiring that these pieces are implemented
>> further up the stack first, when it would bring actual gain to doing so.
>>
>> This would not preclude host implementations from implementing writeable
>> variables, or guests from using them. Just that for a _portable VM disk
>> image_, the OS on it cannot assume that this functionality is present.
>
> This is already the case for most OSes. Otherwise you wouldn't be
> able to move a hard disk from a (physical) machine to another.
>
> I strongly suggest that you take a look at the work done in Tiano
> Core's OvmfPkg, which has support for almost every QEMU feature thanks
> to the work of Laszlo Ersek and Jordan Justen.
>
> In particular, OvmfPkg has support for specifying a boot order in the
> VM configuration (which maps to the "-boot" option in QEMU). In this
> case, the UEFI boot order is overridden by a variable that is placed
> in some architecture-specific firmware configuration mechanism (on x86
> we have one called fw_cfg, on ARM you could look at the fdt). This
> predates UEFI and is not a UEFI variable; in fact is is a list of
> OpenFirmware device paths. UEFI will match the OF paths to UEFI
> paths, and use the result to build a UEFI boot order.
>
This lines up with work to make Tiano itself run on FDT to handle
varying boot configurations. Is this behaviour and the DT nodes codified
anywhere?
> Paolo
WARNING: multiple messages have this Message-ID (diff)
From: michael.casadevall@linaro.org (Michael Casadevall)
To: linux-arm-kernel@lists.infradead.org
Subject: [RFC] ARM VM System Sepcification
Date: Sat, 08 Mar 2014 19:41:08 +0800 [thread overview]
Message-ID: <531B01D4.10806@linaro.org> (raw)
In-Reply-To: <531843EE.8040102@redhat.com>
On 03/06/2014 05:46 PM, Paolo Bonzini wrote:
> Il 06/03/2014 09:52, Robie Basak ha scritto:
>> On Sat, Mar 01, 2014 at 03:27:56PM +0000, Grant Likely wrote:
>>> I would also reference section 3.3 (Boot Option Variables Default Boot
>>> Behavior) and 3.4.1.1 (Removable Media Boot Behavior) here. It's
>>> fine to
>>> restate the meaning of the requirement in this spec, but the UEFI spec
>>> is the authoritative source. Distributed VM disk images fall under the
>>> same scenario as the firmware not having any valid boot variables.
>>
>> What happens when the VM is first booted without boot variables, but
>> then the OS expects to be able to set boot variables and see them on
>> next boot?
>
> UEFI scans the devices; looks for an EFI system partition on the
> disks; and builds a default boot order.
>
>> If possible, I would prefer to mandate that the host implementation is
>> permitted to no-op (or otherwise disable) boot variable write operations
>> altogether to avoid having to deal with this. In the common case, I
>> don't see why an OS installation shipped via a VM disk image would need
>> to write boot variables anyway.
>>
>> Would there be any adverse consequences to doing this?
>
> Given the experience on x86 UEFI, no.
>
> Unlike bare metal, it is common to run UEFI VMs without persistent
> flash storage. In this case the boot variables and boot order are
> rebuilt on the fly on every boot, and it just works for both Windows
> and Linux; there's no reason why it should be any different for ARM.
>
While I realize in the real world, we can live with non-persistent boot
variables, this is a *direct* violation of the UEFI spec; we can't call
our VMs UEFI-compatible if we do this.
However, I've been looking at the spec, and I think we're within spec if
we save the variables on the HDD itself. There's some support for this
already (Firmware Block Volume Device), but its possible we could
implement boot variables as a file on system partition (UEFI's default
search order can be used to figure out which variable file to use, or
some sorta fingerprinting system). The biggest trick though is that
UEFI's Runtime Services will need to be able to write this file, which
may require us move a large chunk of UEFI to runtime services so the FAT
filesystem stuff can stick around. If we give it a proper partition,
then we can just do raw block read/writes. This however would require us
mandating that said partition exists, and making sure there aren't any
hidden gotchas in invoking this.
Obviously this isn't ideal, but this might be the middle road solution
we need here. I can dig through Tiano to get a realistic idea of how
hard this will be in reality if we want to seriously look at this option.
>> My reason is that this would save us from blocking a general OpenStack
>> implementation on ARM by requiring that these pieces are implemented
>> further up the stack first, when it would bring actual gain to doing so.
>>
>> This would not preclude host implementations from implementing writeable
>> variables, or guests from using them. Just that for a _portable VM disk
>> image_, the OS on it cannot assume that this functionality is present.
>
> This is already the case for most OSes. Otherwise you wouldn't be
> able to move a hard disk from a (physical) machine to another.
>
> I strongly suggest that you take a look at the work done in Tiano
> Core's OvmfPkg, which has support for almost every QEMU feature thanks
> to the work of Laszlo Ersek and Jordan Justen.
>
> In particular, OvmfPkg has support for specifying a boot order in the
> VM configuration (which maps to the "-boot" option in QEMU). In this
> case, the UEFI boot order is overridden by a variable that is placed
> in some architecture-specific firmware configuration mechanism (on x86
> we have one called fw_cfg, on ARM you could look at the fdt). This
> predates UEFI and is not a UEFI variable; in fact is is a list of
> OpenFirmware device paths. UEFI will match the OF paths to UEFI
> paths, and use the result to build a UEFI boot order.
>
This lines up with work to make Tiano itself run on FDT to handle
varying boot configurations. Is this behaviour and the DT nodes codified
anywhere?
> Paolo
next prev parent reply other threads:[~2014-03-08 11:41 UTC|newest]
Thread overview: 222+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-26 18:34 [RFC] ARM VM System Sepcification Christoffer Dall
2014-02-26 18:34 ` Christoffer Dall
2014-02-26 19:27 ` Christopher Covington
2014-02-26 19:27 ` Christopher Covington
2014-02-26 19:51 ` Christoffer Dall
2014-02-26 19:51 ` Christoffer Dall
2014-02-26 19:51 ` Christoffer Dall
2014-02-27 13:12 ` Christopher Covington
2014-02-27 13:12 ` Christopher Covington
2014-02-27 13:12 ` Christopher Covington
2014-02-27 16:02 ` Christoffer Dall
2014-02-27 16:02 ` Christoffer Dall
2014-02-27 16:02 ` Christoffer Dall
2014-03-01 15:41 ` Grant Likely
2014-03-01 15:41 ` Grant Likely
2014-02-26 19:27 ` Christopher Covington
2014-02-26 19:55 ` Arnd Bergmann
2014-02-26 19:55 ` Arnd Bergmann
2014-02-26 20:05 ` Christoffer Dall
2014-02-26 20:05 ` Christoffer Dall
2014-02-26 20:22 ` Arnd Bergmann
2014-02-26 20:22 ` Arnd Bergmann
[not found] ` < CABGGisxHOVqLcG7hVAuAzdeic41KWSLLBSjQLSJQcjTXLhNCow@mail.gmail.com>
2014-02-26 21:56 ` Rob Herring
2014-02-26 21:56 ` Rob Herring
2014-02-26 21:56 ` Rob Herring
2014-02-26 22:21 ` Christoffer Dall
2014-02-26 22:21 ` Christoffer Dall
2014-02-26 22:21 ` Christoffer Dall
2014-02-27 7:30 ` Arnd Bergmann
2014-02-27 7:30 ` Arnd Bergmann
2014-02-27 7:30 ` Arnd Bergmann
2014-02-27 10:05 ` Paolo Bonzini
2014-02-27 10:05 ` Paolo Bonzini
2014-02-27 10:05 ` Paolo Bonzini
2014-03-01 19:12 ` Grant Likely
2014-03-01 19:12 ` Grant Likely
2014-03-01 19:12 ` Grant Likely
2014-02-26 20:22 ` Arnd Bergmann
2014-02-27 9:35 ` Catalin Marinas
2014-02-27 9:35 ` Catalin Marinas
2014-02-27 9:35 ` Catalin Marinas
2014-02-26 20:05 ` Christoffer Dall
2014-02-26 20:19 ` Paolo Bonzini
2014-02-26 20:19 ` Paolo Bonzini
2014-02-26 20:19 ` Paolo Bonzini
2014-02-26 20:20 ` Peter Maydell
2014-02-26 20:20 ` Peter Maydell
2014-02-26 20:20 ` Peter Maydell
2014-02-26 21:48 ` Leif Lindholm
2014-02-26 21:48 ` Leif Lindholm
2014-02-26 22:25 ` Christoffer Dall
2014-02-26 22:25 ` Christoffer Dall
2014-03-01 19:20 ` Grant Likely
2014-03-01 19:20 ` Grant Likely
2014-03-01 19:20 ` Grant Likely
2014-02-26 22:25 ` Christoffer Dall
2014-02-27 12:31 ` Stefano Stabellini
2014-02-27 12:31 ` Stefano Stabellini
2014-02-27 14:00 ` Arnd Bergmann
2014-02-27 14:00 ` Arnd Bergmann
2014-02-27 14:24 ` Alexander Graf
2014-02-27 14:24 ` Alexander Graf
2014-02-27 19:56 ` Arnd Bergmann
2014-02-27 19:56 ` Arnd Bergmann
2014-02-27 19:56 ` Arnd Bergmann
2014-02-28 0:05 ` Alexander Graf
2014-02-28 0:05 ` Alexander Graf
2014-02-28 0:05 ` Alexander Graf
2014-02-28 10:01 ` Arnd Bergmann
[not found] ` <CB7DBE07-42BD-4588-AC9E-CB0BF95A811A-l3A5Bk7waGM@public.gmane.org>
2014-02-28 10:01 ` Arnd Bergmann
2014-02-28 10:01 ` Arnd Bergmann
2014-02-28 13:38 ` Riku Voipio
2014-02-28 13:38 ` Riku Voipio
2014-02-28 14:44 ` Stefano Stabellini
2014-02-28 14:44 ` Stefano Stabellini
2014-02-28 14:44 ` Stefano Stabellini
2014-02-27 14:24 ` Alexander Graf
2014-03-01 19:25 ` Grant Likely
2014-03-01 19:25 ` Grant Likely
2014-03-01 19:25 ` Grant Likely
2014-02-27 14:00 ` Arnd Bergmann
2014-02-27 12:31 ` Stefano Stabellini
2014-02-26 21:48 ` Leif Lindholm
2014-02-26 22:49 ` Rob Herring
2014-02-26 22:49 ` Rob Herring
2014-02-26 22:54 ` Peter Maydell
2014-02-26 22:54 ` Peter Maydell
2014-02-26 23:08 ` Rob Herring
2014-02-26 23:08 ` Rob Herring
2014-02-26 23:08 ` Rob Herring
2014-02-26 23:14 ` Peter Maydell
2014-02-26 23:14 ` Peter Maydell
2014-02-27 4:06 ` Nicolas Pitre
2014-02-27 4:06 ` Nicolas Pitre
2014-02-27 4:06 ` Nicolas Pitre
2014-02-26 23:14 ` Peter Maydell
2014-02-27 11:36 ` Robie Basak
2014-02-27 11:36 ` Robie Basak
2014-02-27 11:36 ` Robie Basak
2014-02-26 22:54 ` Peter Maydell
2014-02-26 23:13 ` Christopher Covington
2014-02-26 23:13 ` Christopher Covington
2014-02-26 23:13 ` Christopher Covington
2014-02-26 22:49 ` Rob Herring
2014-02-26 19:55 ` Arnd Bergmann
2014-02-26 21:05 ` Michael Hudson-Doyle
2014-02-26 21:05 ` Michael Hudson-Doyle
2014-02-26 21:05 ` Michael Hudson-Doyle
2014-02-26 21:08 ` Christoffer Dall
2014-02-26 21:08 ` Christoffer Dall
2014-02-26 21:08 ` Christoffer Dall
2014-02-26 22:35 ` Grant Likely
2014-02-26 22:47 ` Christoffer Dall
2014-02-26 22:47 ` Christoffer Dall
2014-02-26 22:47 ` Christoffer Dall
2014-02-27 12:27 ` Stefano Stabellini
2014-02-27 12:27 ` Stefano Stabellini
2014-02-27 12:27 ` Stefano Stabellini
2014-03-01 19:54 ` Grant Likely
2014-02-27 12:55 ` Peter Maydell
2014-02-27 12:55 ` Peter Maydell
2014-02-27 12:55 ` Peter Maydell
2014-02-26 22:35 ` Grant Likely
2014-02-27 0:41 ` Blibbet
2014-02-27 0:41 ` Blibbet
2014-02-27 0:41 ` Blibbet
[not found] ` <20140226134251.0436294e@anubis.ausil.us>
[not found] ` <CAMJs5B9bCs8Oz2Zg4UK--A3H4AaZRPMwy7SpxYom-1--_=qhBQ@mail.gmail.com>
[not found] ` <20140226151536.58154704@anubis.ausil.us>
2014-02-27 17:34 ` Grant Likely
2014-02-27 17:34 ` Grant Likely
2014-02-27 17:34 ` Grant Likely
2014-03-01 15:27 ` Grant Likely
2014-03-01 15:27 ` Grant Likely
2014-03-03 1:13 ` Christoffer Dall
2014-03-03 1:13 ` Christoffer Dall
2014-03-03 1:13 ` Christoffer Dall
2014-03-06 8:52 ` Robie Basak
2014-03-06 8:52 ` Robie Basak
2014-03-06 8:52 ` Robie Basak
2014-03-06 9:46 ` Paolo Bonzini
2014-03-06 9:46 ` Paolo Bonzini
2014-03-06 11:44 ` Laszlo Ersek
2014-03-06 11:44 ` Laszlo Ersek
2014-03-06 11:44 ` Laszlo Ersek
2014-03-06 12:04 ` Robie Basak
2014-03-06 12:04 ` Robie Basak
2014-03-06 12:10 ` Paolo Bonzini
2014-03-06 12:10 ` Paolo Bonzini
2014-03-06 12:10 ` Paolo Bonzini
2014-03-07 12:24 ` Grant Likely
2014-03-06 12:04 ` Robie Basak
[not found] ` <20140306120449.GA29916@ mal.justgohome.co.uk>
[not found] ` <20140306120449.GA29916-TaX3GuEuUBUVRcMIguc0yNBc4/FLrbF6@public.gmane.org>
2014-03-07 12:24 ` Grant Likely
2014-03-07 12:24 ` Grant Likely
[not found] ` < 20140322010206.GF25519@cbox>
2014-03-22 2:29 ` Christoffer Dall
2014-03-22 2:29 ` Christoffer Dall
2014-03-22 2:29 ` Christoffer Dall
2014-03-22 8:08 ` Paolo Bonzini
2014-03-22 8:08 ` Paolo Bonzini
2014-03-22 8:08 ` Paolo Bonzini
2014-03-23 3:19 ` Christoffer Dall
2014-03-23 3:19 ` Christoffer Dall
2014-03-23 3:29 ` Christoffer Dall
2014-03-23 3:29 ` Christoffer Dall
2014-03-23 3:29 ` Christoffer Dall
2014-03-24 9:57 ` Robie Basak
2014-03-24 9:57 ` Robie Basak
2014-03-24 10:46 ` Paolo Bonzini
2014-03-24 10:46 ` Paolo Bonzini
2014-03-24 10:46 ` Paolo Bonzini
2014-03-24 9:57 ` Robie Basak
2014-03-23 3:19 ` Christoffer Dall
2014-03-22 12:23 ` Grant Likely
2014-03-22 12:23 ` Grant Likely
2014-03-22 19:57 ` Paolo Bonzini
2014-03-22 19:57 ` Paolo Bonzini
2014-03-22 22:35 ` Grant Likely
2014-03-22 22:35 ` Grant Likely
2014-03-22 22:35 ` Grant Likely
2014-03-22 23:38 ` Michael Casadevall
2014-03-22 23:38 ` Michael Casadevall
2014-03-22 23:38 ` Michael Casadevall
2014-03-23 0:33 ` Laszlo Ersek
2014-03-23 0:33 ` Laszlo Ersek
2014-03-23 0:33 ` Laszlo Ersek
2014-03-22 19:57 ` Paolo Bonzini
2014-03-23 3:23 ` Christoffer Dall
2014-03-23 3:23 ` Christoffer Dall
2014-03-23 3:23 ` Christoffer Dall
2014-03-24 9:03 ` Ian Campbell
2014-03-24 9:03 ` Ian Campbell
2014-03-24 9:03 ` Ian Campbell
2014-03-24 10:41 ` Paolo Bonzini
2014-03-24 10:41 ` Paolo Bonzini
2014-03-24 10:41 ` Paolo Bonzini
2014-03-24 10:47 ` Ian Campbell
2014-03-24 10:47 ` Ian Campbell
2014-03-24 10:47 ` Ian Campbell
2014-03-24 12:13 ` Grant Likely
2014-03-24 12:13 ` Grant Likely
2014-03-24 12:13 ` Grant Likely
2014-03-24 12:16 ` Ian Campbell
2014-03-24 12:16 ` Ian Campbell
2014-03-24 12:16 ` Ian Campbell
2014-03-22 12:23 ` Grant Likely
2014-03-07 12:19 ` Grant Likely
2014-03-08 11:41 ` Michael Casadevall [this message]
2014-03-08 11:41 ` Michael Casadevall
2014-03-08 20:41 ` Laszlo Ersek
2014-03-08 20:41 ` Laszlo Ersek
2014-03-08 20:41 ` Laszlo Ersek
2014-03-08 11:41 ` Michael Casadevall
2014-03-06 9:46 ` Paolo Bonzini
2014-03-07 12:09 ` Grant Likely
2014-03-07 12:09 ` Grant Likely
2014-03-07 12:09 ` Grant Likely
[not found] ` <531843EE. 8040102@redhat.com>
[not found] ` <531843EE.8040102-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-03-07 12:19 ` Grant Likely
2014-03-07 12:19 ` Grant Likely
2014-03-01 15:27 ` Grant Likely
[not found] ` < CACxGe6tjuytsYAn6Hadf0AK+REzHgRydgbHPafL8+Sdtd_tMUA@mail.gmail.com>
[not found] ` <alpine .DEB.2.02.1402271216040.31489@kaball.uk.xensource.com>
[not found] ` <alpine.DEB.2.02.1402271216040.31489-7Z66fg9igcxYtxbxJUhB2Dgeux46jI+i@public.gmane.org>
2014-03-01 19:54 ` Grant Likely
2014-03-01 19:54 ` Grant Likely
2014-03-02 9:29 ` Peter Maydell
2014-03-02 9:29 ` Peter Maydell
2014-03-02 9:29 ` Peter Maydell
-- strict thread matches above, loose matches on Subject: below --
2014-02-26 18:34 Christoffer Dall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=531B01D4.10806@linaro.org \
--to=michael.casadevall@linaro.org \
--cc=christoffer.dall@linaro.org \
--cc=cross-distro@lists.linaro.org \
--cc=grant.likely@linaro.org \
--cc=ian.campbell@citrix.com \
--cc=jljusten@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=leif.lindholm@linaro.org \
--cc=lersek@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=marc.zyngier@arm.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=rob.herring@linaro.org \
--cc=robie.basak@canonical.com \
--cc=stefano.stabellini@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.