From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751046AbcDOKGL (ORCPT ); Fri, 15 Apr 2016 06:06:11 -0400 Received: from foss.arm.com ([217.140.101.70]:48379 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750765AbcDOKGJ (ORCPT ); Fri, 15 Apr 2016 06:06:09 -0400 Subject: Re: [Xen-devel] HVMLite / PVHv2 - using x86 EFI boot entry To: "Luis R. Rodriguez" , Konrad Rzeszutek Wilk References: <20160408204032.GR1990@wotan.suse.de> <570B3228.90400@suse.com> <20160413182951.GW1990@wotan.suse.de> <20160413185629.GA7501@char.us.oracle.com> <20160413204055.GD1990@wotan.suse.de> <20160413210801.GC5962@char.us.oracle.com> <20160413222317.GH1990@wotan.suse.de> <20160414010131.GA21510@localhost.localdomain> <20160414184048.GM1990@wotan.suse.de> <20160414195652.GC20459@localhost.localdomain> <20160414205619.GR1990@wotan.suse.de> Cc: Juergen Gross , Matt Fleming , Michael Chang , linux-kernel@vger.kernel.org, Jim Fehlig , Jan Beulich , "H. Peter Anvin" , Daniel Kiper , x86@kernel.org, =?UTF-8?Q?Vojt=c4=9bch_Pavl=c3=adk?= , Gary Lin , xen-devel@lists.xenproject.org, Jeffrey Cheung , Stefano Stabellini , joeyli , Borislav Petkov , Boris Ostrovsky , Charles Arndol , Andrew Cooper , Andy Lutomirski , David Vrabel , Linus Torvalds , =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= , Josh Triplett , Kees Cook , Vitaly Kuznetsov From: Julien Grall Message-ID: <5710BD0B.2070306@arm.com> Date: Fri, 15 Apr 2016 11:06:03 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <20160414205619.GR1990@wotan.suse.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello Luis, On 14/04/16 21:56, Luis R. Rodriguez wrote: > On Thu, Apr 14, 2016 at 03:56:53PM -0400, Konrad Rzeszutek Wilk wrote: >> On Thu, Apr 14, 2016 at 08:40:48PM +0200, Luis R. Rodriguez wrote: >>> On Wed, Apr 13, 2016 at 09:01:32PM -0400, Konrad Rzeszutek Wilk wrote: >>>> On Thu, Apr 14, 2016 at 12:23:17AM +0200, Luis R. Rodriguez wrote: >>> PV support from the kernel (not the hypervisor) and require hardware >>> virtualization 5 years from now on the Linux kernel, it doesn't seem >>> to me far fetched to at the very least consider using an EFI entry >>> instead, specially since all it does is set boot params and we can >>> make re-use this for HVMLite too. >> >> But to make that work you have to emulate EFI firmware in the >> hypervisor. Is that work you are signing up for? > > I'll do what is needed, as I have done before. If EFI is on the long > term roadmap for ARM perhaps there are a few birds to knock with one > stone here. If there is also interest to support other OSes through > EFI standard means this also should help make that easier. We already have a working solution for EFI on ARM which does not require to emulate the firmware in the hypervisor. On ARM, the EFI stub is communicating with the kernel using device-tree [1]. Once the EFI stub has ended, the native path (i.e non-UEFI) will be executed normally and it won't be possible to use BootServices anymore. For the guest, we provide a full support of EFI using OVMF. For DOM0, Xen will craft the UEFI system table and the UEFI memory map. The locations of those tables will be passed to DOM0 using a tiny device-tree [1] and the kernel will boot using the native path. The runtime services for DOM0 will be provided via hypercall. The DOM0 approach has been discussed for a long time (see [3]) and I believe this is better than emulating UEFI firmware in Xen. We want to keep Xen on ARM tiny. Adding any sort of emulation will increase the attack surface and require more maintenance from our side. Regards, [1] Documentation/arm/uefi.txt in Linux. [2] http://xenbits.xen.org/docs/unstable-staging/misc/arm/device-tree/guest.txt [3] http://www.gossamer-threads.com/lists/xen/devel/397349 -- Julien Grall