xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Jan Beulich <jbeulich@suse.com>
To: Bobby Eshleman <bobbyeshleman@gmail.com>
Cc: "Daniel Kiper" <daniel.kiper@oracle.com>,
	"Andrew Cooper" <andrew.cooper3@citrix.com>,
	"Wei Liu" <wl@xen.org>, "Roger Pau Monné" <roger.pau@citrix.com>,
	Xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v3 3/5] xen/x86: add some addresses to the Multiboot header
Date: Mon, 15 Mar 2021 16:05:21 +0100	[thread overview]
Message-ID: <ded9fa4b-0dc3-ee45-00a1-0e493f5f4231@suse.com> (raw)
In-Reply-To: <0b05bedc32833a2022d2698d4c116cb867a9119c.1611273359.git.bobbyeshleman@gmail.com>

On 22.01.2021 01:51, Bobby Eshleman wrote:
> From: Daniel Kiper <daniel.kiper@oracle.com>
> 
> In comparison to ELF the PE format is not supported by the Multiboot
> protocol. So, if we wish to load xen.mb.efi using this protocol we
> have to put header_addr, load_addr, load_end_addr, bss_end_addr and
> entry_addr data into Multiboot header.
> 
> The Multiboot protocol spec can be found at
>   https://www.gnu.org/software/grub/manual/multiboot/

And because of this spec saying "the boot loader should use them
instead of the fields in the actual executable header to calculate
where to load the OS image" this change will affect the ELF image
as well. For example ...

> --- a/xen/arch/x86/boot/head.S
> +++ b/xen/arch/x86/boot/head.S
> @@ -50,13 +50,24 @@ ENTRY(start)
>          .balign 4
>  multiboot1_header:             /*** MULTIBOOT1 HEADER ****/
>  #define MULTIBOOT_HEADER_FLAGS (MULTIBOOT_HEADER_MODS_ALIGNED | \
> -                                MULTIBOOT_HEADER_WANT_MEMORY)
> +                                MULTIBOOT_HEADER_WANT_MEMORY | \
> +                                MULTIBOOT_HEADER_HAS_ADDR)
>          /* Magic number indicating a Multiboot header. */
>          .long   MULTIBOOT_HEADER_MAGIC
>          /* Flags to bootloader (see Multiboot spec). */
>          .long   MULTIBOOT_HEADER_FLAGS
>          /* Checksum: must be the negated sum of the first two fields. */
>          .long   -(MULTIBOOT_HEADER_MAGIC + MULTIBOOT_HEADER_FLAGS)
> +        /* header_addr */
> +        .long   sym_offs(multiboot1_header)
> +        /* load_addr */
> +        .long   sym_offs(start)
> +        /* load_end_addr */
> +        .long   sym_offs(__bss_start)
> +        /* bss_end_addr */
> +        .long   sym_offs(__2M_rwdata_end)

... the ELF image end at _end, not at __2M_rwdata_end. I realize
that with 2M alignment in use, this may actually be a problem, as
one of the modules (the initrd in particular) could be placed
overlapping the (_end, __2M_rwdata_end) range. Nevertheless I
think you want to specify _end (or __bss_end) here.

As to the initial point made - would it be possible to leave the
flag unset in the EFL image and force it set only in xen.mb.efi?
Yes, this may require yet another post-processing step.

Jan

> +        /* entry_addr */
> +        .long   sym_offs(__start)
>  
>          .size multiboot1_header, . - multiboot1_header
>          .type multiboot1_header, @object
> 



  reply	other threads:[~2021-03-15 15:05 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-22  0:51 [PATCH v3 0/5] Support Secure Boot for multiboot2 Xen Bobby Eshleman
2021-01-22  0:51 ` [PATCH v3 1/5] xen: add XEN_BUILD_POSIX_TIME Bobby Eshleman
2021-01-22 11:27   ` Jan Beulich
2021-01-22 21:57     ` Bobby Eshleman
2021-01-25  8:58       ` Jan Beulich
2021-01-22  0:51 ` [PATCH v3 2/5] xen/x86: manually build xen.mb.efi binary Bobby Eshleman
2021-03-15 13:36   ` Jan Beulich
2021-05-07 20:26     ` Bob Eshleman
2021-05-17  6:48       ` Jan Beulich
2021-05-17 13:20         ` Daniel Kiper
2021-05-17 13:24           ` Jan Beulich
2021-05-18 17:46             ` Daniel Kiper
2021-05-19  9:29               ` Jan Beulich
2021-05-19 12:48                 ` Daniel Kiper
2021-05-19 14:35                   ` Jan Beulich
2021-06-09 13:18                     ` Daniel Kiper
2021-06-09 13:45                       ` Jan Beulich
2021-01-22  0:51 ` [PATCH v3 3/5] xen/x86: add some addresses to the Multiboot header Bobby Eshleman
2021-03-15 15:05   ` Jan Beulich [this message]
2021-01-22  0:51 ` [PATCH v3 4/5] xen/x86: add some addresses to the Multiboot2 header Bobby Eshleman
2021-02-23  9:04   ` Roger Pau Monné
2021-02-23 18:07     ` Bob Eshleman
2021-01-22  0:51 ` [PATCH v3 5/5] xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in efi_multiboot2() Bobby Eshleman
2021-03-16 15:08   ` Jan Beulich
2021-01-22  9:39 ` [PATCH v3 0/5] Support Secure Boot for multiboot2 Xen Jan Beulich
2021-01-22 21:18   ` Bobby Eshleman
2021-01-25  8:52     ` Jan Beulich
2021-02-22 18:04 ` Bobby Eshleman
2021-02-23  7:16   ` Jan Beulich
2021-02-23 18:00     ` Bob Eshleman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ded9fa4b-0dc3-ee45-00a1-0e493f5f4231@suse.com \
    --to=jbeulich@suse.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=bobbyeshleman@gmail.com \
    --cc=daniel.kiper@oracle.com \
    --cc=roger.pau@citrix.com \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).