| Message ID | 0b05bedc32833a2022d2698d4c116cb867a9119c.1611273359.git.bobbyeshleman@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Support Secure Boot for multiboot2 Xen | expand |
On 22.01.2021 01:51, Bobby Eshleman wrote: > From: Daniel Kiper <daniel.kiper@oracle.com> > > In comparison to ELF the PE format is not supported by the Multiboot > protocol. So, if we wish to load xen.mb.efi using this protocol we > have to put header_addr, load_addr, load_end_addr, bss_end_addr and > entry_addr data into Multiboot header. > > The Multiboot protocol spec can be found at > https://www.gnu.org/software/grub/manual/multiboot/ And because of this spec saying "the boot loader should use them instead of the fields in the actual executable header to calculate where to load the OS image" this change will affect the ELF image as well. For example ... > --- a/xen/arch/x86/boot/head.S > +++ b/xen/arch/x86/boot/head.S > @@ -50,13 +50,24 @@ ENTRY(start) > .balign 4 > multiboot1_header: /*** MULTIBOOT1 HEADER ****/ > #define MULTIBOOT_HEADER_FLAGS (MULTIBOOT_HEADER_MODS_ALIGNED | \ > - MULTIBOOT_HEADER_WANT_MEMORY) > + MULTIBOOT_HEADER_WANT_MEMORY | \ > + MULTIBOOT_HEADER_HAS_ADDR) > /* Magic number indicating a Multiboot header. */ > .long MULTIBOOT_HEADER_MAGIC > /* Flags to bootloader (see Multiboot spec). */ > .long MULTIBOOT_HEADER_FLAGS > /* Checksum: must be the negated sum of the first two fields. */ > .long -(MULTIBOOT_HEADER_MAGIC + MULTIBOOT_HEADER_FLAGS) > + /* header_addr */ > + .long sym_offs(multiboot1_header) > + /* load_addr */ > + .long sym_offs(start) > + /* load_end_addr */ > + .long sym_offs(__bss_start) > + /* bss_end_addr */ > + .long sym_offs(__2M_rwdata_end) ... the ELF image end at _end, not at __2M_rwdata_end. I realize that with 2M alignment in use, this may actually be a problem, as one of the modules (the initrd in particular) could be placed overlapping the (_end, __2M_rwdata_end) range. Nevertheless I think you want to specify _end (or __bss_end) here. As to the initial point made - would it be possible to leave the flag unset in the EFL image and force it set only in xen.mb.efi? Yes, this may require yet another post-processing step. Jan > + /* entry_addr */ > + .long sym_offs(__start) > > .size multiboot1_header, . - multiboot1_header > .type multiboot1_header, @object >
diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S index 2987b4f03a..189d91a872 100644 --- a/xen/arch/x86/boot/head.S +++ b/xen/arch/x86/boot/head.S @@ -50,13 +50,24 @@ ENTRY(start) .balign 4 multiboot1_header: /*** MULTIBOOT1 HEADER ****/ #define MULTIBOOT_HEADER_FLAGS (MULTIBOOT_HEADER_MODS_ALIGNED | \ - MULTIBOOT_HEADER_WANT_MEMORY) + MULTIBOOT_HEADER_WANT_MEMORY | \ + MULTIBOOT_HEADER_HAS_ADDR) /* Magic number indicating a Multiboot header. */ .long MULTIBOOT_HEADER_MAGIC /* Flags to bootloader (see Multiboot spec). */ .long MULTIBOOT_HEADER_FLAGS /* Checksum: must be the negated sum of the first two fields. */ .long -(MULTIBOOT_HEADER_MAGIC + MULTIBOOT_HEADER_FLAGS) + /* header_addr */ + .long sym_offs(multiboot1_header) + /* load_addr */ + .long sym_offs(start) + /* load_end_addr */ + .long sym_offs(__bss_start) + /* bss_end_addr */ + .long sym_offs(__2M_rwdata_end) + /* entry_addr */ + .long sym_offs(__start) .size multiboot1_header, . - multiboot1_header .type multiboot1_header, @object