u-boot.lists.denx.de archive mirror
 help / color / mirror / Atom feed
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Bin Meng <bmeng.cn@gmail.com>
Cc: "François Ozog" <francois.ozog@linaro.org>,
	"Heinrich Schuchardt" <xypron.glpk@gmx.de>,
	"Simon Glass" <sjg@chromium.org>,
	"U-Boot Mailing List" <u-boot@lists.denx.de>
Subject: Re: Driver model at UEFI runtime
Date: Thu, 30 Sep 2021 09:46:30 +0300	[thread overview]
Message-ID: <CAC_iWjLvnE-heFspkpeZam8-KOB20Kb9hRffDEGft8pwUjBXwQ@mail.gmail.com> (raw)
In-Reply-To: <CAEUhbmX0oa_rS-KjoJkSbgnxFRBXnUQUX+MX7xiQq=2_1zGSFw@mail.gmail.com>

On Thu, 30 Sept 2021 at 09:38, Bin Meng <bmeng.cn@gmail.com> wrote:
>
> On Thu, Sep 30, 2021 at 2:23 PM François Ozog <francois.ozog@linaro.org> wrote:
>>
>>
>>
>> Le jeu. 30 sept. 2021 à 07:12, Bin Meng <bmeng.cn@gmail.com> a écrit :
>>>
>>> Hi Heinrich,
>>>
>>> On Thu, Sep 9, 2021 at 7:16 PM Heinrich Schuchardt <xypron.glpk@gmx.de> wrote:
>>> >
>>> > Hello Simon,
>>> >
>>> > The EBBR specification requires that the UEFI SystemReset() runtime
>>> > service is available to the operating system.
>>> >
>>> > Up to now this has been implemented by overriding function
>>> > efi_reset_system() which is marked as __efi_runtime.
>>> >
>>> > Both ARM and RISC-V support generic interfaces for reset. PSCI for ARM
>>> > and the System Reset Extension for SBI on RISC-V. This has kept the
>>> > number of implementations low. The only exceptions are:
>>> >
>>> > * arch/arm/cpu/armv8/fsl-layerscape/cpu.c
>>> > * arch/arm/mach-bcm283x/reset.c for the Raspberry PIs
>>> > * arch/sandbox/cpu/start.c
>>> >
>>> > Bin has suggested in
>>> > https://lists.denx.de/pipermail/u-boot/2021-September/459865.html to use
>>> > reset drivers based on the driver model.
>>> >
>>> > Currently after ExitBootServices() the driver model does not exist anymore.
>>> >
>>> > When evaluating Bin's suggestion one has to keep in mind that after
>>> > invoking ExitBootServices() most operating systems call
>>> > SetVirtualAddressMap(). Due to the change of the address map all
>>> > pointers used by U-Boot afterwards must be updated to match the new
>>> > memory map.
>>> >
>>>
>>> Yeah, this was discussed 3 years ago:
>>> https://u-boot.denx.narkive.com/mA8xIbLk/efi-loader-runtime-services-implementation-broken
>>>
>>> > The impression that Ilias and I have is that keeping the driver model
>>> > alive after SetVirtualAddressMap() would incur:
>>> >
>>> > * a high development effort
>>> > * a significant code size increase
>>> > * an enlarged attack surface
>>> >
>>> > For RISC-V it has been clarified in the platform specification that the
>>> > SBI must implement the system reset extension. For ARMv8 using TF-A and
>>> > PSCI is what ARM suggests.
>>> >
>>> > So for these architectures we do not expect a growth in the number of
>>> > drivers needed.
>>> >
>>> > Ilias and my favorite would be keeping the design as is.
>>> >
>>> > What is your view on this?
>>>
>>> Is U-Boot's UEFI loader implementation supposed to be the recommended
>>> UEFI firmware on ARM and RISC-V on a production / deployment system?
>>
>> For Arm: yes, that is SystemReady spec.
>
>
> How about EDK II? Is EDK II supposed to be used in the server environment where UEFI + ACPI is the way to go?
>

Yes ACPI pretty much means EDK2.  Specifically for Arm
SystemReady-ES/SR (embedded server ready and server ready), require
ACPI.  Boards passing that certification today use EDK2.

> Does any board that ships EDK II with UEFI + DTB?

The Socionext SynQuacer box is the only board I know off, that works
with EDK2 and can use either DT or ACPI.

> Can we safely assume that U-Boot's UEFI loader is the reference implementation for UEFI + DTB on Arm?

There's even more to that. EDK2 is bound to the PI spec as well as the
UEFI spec.  U-Boot is a UEFI implementation that doesn't need to
adhere to that.

Regards
/Ilias
>>>
>>>
>>> Do we expect bootefi to boot a kernel with CONFIG_EFI_STUB, or do we
>>> expect to load grub.efi which chain-loads a kernel without
>>> CONFIG_EFI_STUB?
>>
>> all paths should be possible , and the shim.efi is to be supported too. With UEFI, I always see that UEFI is kept down to OS for SecureBoot. In other words I don’t see grub.efi booting a non config_efi_stub.
>>>
>>> What do distributions normally do?
>>
>> At least Red Hat made it clear at multiple Linaro Connect that they want standards, and SystemReady is one that makes the life of embedded distros easy.
>> Distros boot shim.efi, grub.efi, Linux.efi to benefit from UEFi SecureBoot.
>>>
>>> What's our
>>> position when compared to EDK II?
>>
>> the typical distro boot flow is not the most efficient and drags concept dating where the Microsoft certs had to be part of the picture. A direct U-Boot Linux.efi is my preferred; avoids yet another OS in the boot path (grub), avoids convoluted platform cert management (shim) and just enhance security and boot time. Note: Since kernel 5.10, initrd can be measured (with TPM) when loaded by efi-stub.
>
>
> Regards,
> Bin

  parent reply	other threads:[~2021-09-30  6:47 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-09 11:16 Driver model at UEFI runtime Heinrich Schuchardt
2021-09-09 20:00 ` Simon Glass
2021-09-10 14:14   ` Heinrich Schuchardt
2021-09-30  4:08     ` Simon Glass
2021-09-30 11:13       ` Mark Kettenis
2021-09-30 11:49         ` Heinrich Schuchardt
2021-09-30  5:11 ` Bin Meng
2021-09-30  6:23   ` François Ozog
2021-09-30  6:38     ` Bin Meng
2021-09-30  6:45       ` François Ozog
2021-09-30  6:46       ` Ilias Apalodimas [this message]
2021-09-30 11:40         ` Mark Kettenis
2021-09-30  6:56     ` Heinrich Schuchardt
2021-09-30  9:53       ` Michael Walle
2021-09-30 10:50         ` Heinrich Schuchardt
2021-09-30 12:07           ` Michael Walle
2021-09-30 13:24             ` Heinrich Schuchardt
2021-09-30 13:56             ` François Ozog
2021-09-30 15:12               ` Michael Walle
2021-09-30 15:47                 ` François Ozog
2021-09-30 16:25                   ` Michael Walle
2021-09-30 16:53                     ` François Ozog
2021-09-30 22:00                       ` Michael Walle
2021-09-30 22:20                         ` François Ozog
2021-09-30 22:54                           ` Michael Walle
2021-09-30 11:31     ` Mark Kettenis
2021-09-30 12:03       ` Heinrich Schuchardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAC_iWjLvnE-heFspkpeZam8-KOB20Kb9hRffDEGft8pwUjBXwQ@mail.gmail.com \
    --to=ilias.apalodimas@linaro.org \
    --cc=bmeng.cn@gmail.com \
    --cc=francois.ozog@linaro.org \
    --cc=sjg@chromium.org \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).