From: Lennart Poettering <mzxreary@0pointer.de>
To: Philipp Rudo <prudo@redhat.com>
Cc: Jan Hendrik Farr <kernel@jfarr.cc>,
linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
x86@kernel.org, tglx@linutronix.de, dhowells@redhat.com,
vgoyal@redhat.com, keyrings@vger.kernel.org,
akpm@linux-foundation.org, bhe@redhat.com, bhelgaas@google.com,
bluca@debian.org
Subject: Re: [PATCH v2 0/2] x86/kexec: UKI Support
Date: Thu, 14 Sep 2023 11:32:20 +0200 [thread overview]
Message-ID: <ZQLTJFb3S/xn5CWo@gardel-login> (raw)
In-Reply-To: <20230913160045.40d377f9@rotkaeppchen>
On Mi, 13.09.23 16:00, Philipp Rudo (prudo@redhat.com) wrote:
> For example there are two definitions for the UKI which contradict each other.
> The dedicated one [1] you have cited earlier and the one in the BLS for type #2
> entries [2]. In [1] the .linux and .initrd sections are mandatory and the
> .osrel and .cmdline sections are optional while in [2] it is the other way
> round. Which definition should the kernel follow?
>
> Furthermore, I absolutely don't understand how the spec should be read. All
> the spec does is defining some file formats. There is no word about which
> component in the boot chain is supposed to handle them and what exactly this
> component is supposed to do with it. But that is crucial if we want to add UKI
> support for kexec as the kexec systemcall will replace the stub. So we need to
> know what tasks the stub is supposed to perform. Currently this is only some
> implementation detail of the systemd-stub [3] that can change any moment and I
> strongly oppose to base any uapi on it.
>
> In the end the only benefit this series brings is to extend the signature
> checking on the whole UKI except of just the kernel image. Everything else can
> also be done in user space. Compared to the problems described above this is a
> very small gain for me.
>
> Until the spec got fixed I don't see a chance to add UKI support for kexec.
So that spec is initially just a generalization of what
systemd-stub/systemd-boot/ukify does. The descrepancies between the
cited specs mostly come from the that generalization. If you want to
enumerate kernels and order them the ".osrel" stuff for example is
necessary, hence the boot loader spec really wants it. If you don't
care about the boot loader spec though and just want to register the
kernel UKI PE directly in BootXXX efi vars for example, then there's
no need to include .osrel. That all said we should certainly make the
two specs align better, and clarify the situation. Suggestions/patches
more than welcome.
Ultimately, I think a spec written as description with a single
implementation in mind (i.e. systemd) is a generally a bad spec. Hence
if kexec in the Linux kernel wants to add support for it, that'd be
great but I'd see that as an opportunity to adjust the spec to the
needs of the Linux kernel in this area, so that it reflects well more
than just one backend implementation.
Hence, seeing the spec as set in stone and as inherently low quality
is the wrong way to see it I am sure. Instead, the goal here is to
adjust the spec to make it work really nicely for *both* systemd and
the kernel.
Lennart
--
Lennart Poettering, Berlin
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2023-09-14 9:32 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-11 5:25 [PATCH v2 0/2] x86/kexec: UKI Support Jan Hendrik Farr
2023-09-11 5:25 ` [PATCH v2 1/2] move pefile_parse_binary to its own file Jan Hendrik Farr
2023-09-11 5:25 ` [PATCH v2 2/2] x86/kexec: UKI support Jan Hendrik Farr
2023-09-12 1:03 ` [PATCH v2 0/2] x86/kexec: UKI Support Baoquan He
2023-09-12 19:25 ` Jan Hendrik Farr
2023-09-13 14:00 ` Philipp Rudo
2023-09-13 14:42 ` Jan Hendrik Farr
2023-09-14 19:09 ` Philipp Rudo
2023-09-20 7:43 ` Dave Young
2023-09-20 8:40 ` Dave Young
2023-09-20 10:50 ` Ard Biesheuvel
2023-09-20 12:07 ` Dave Young
2023-09-20 12:18 ` Dave Young
2023-09-21 3:14 ` Dave Young
2023-09-20 22:02 ` Jan Hendrik Farr
2023-09-25 14:36 ` Philipp Rudo
2023-09-14 9:32 ` Lennart Poettering [this message]
2023-09-14 12:26 ` Jarkko Sakkinen
2023-09-14 15:33 ` Jarkko Sakkinen
2023-09-14 16:11 ` Jan Hendrik Farr
2023-09-14 21:14 ` Jarkko Sakkinen
2023-09-14 18:51 ` Philipp Rudo
2023-09-14 21:04 ` Jan Hendrik Farr
2023-09-18 15:36 ` Philipp Rudo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZQLTJFb3S/xn5CWo@gardel-login \
--to=mzxreary@0pointer.de \
--cc=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=bhelgaas@google.com \
--cc=bluca@debian.org \
--cc=dhowells@redhat.com \
--cc=kernel@jfarr.cc \
--cc=kexec@lists.infradead.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=prudo@redhat.com \
--cc=tglx@linutronix.de \
--cc=vgoyal@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).