[v4,04/14] firmware/makefile: install BIOS blob ...

Message ID	1457978150-27201-5-git-send-email-anthony.perard@citrix.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <xen-devel-bounces@lists.xen.org> From: Anthony PERARD <anthony.perard@citrix.com> To: <xen-devel@lists.xen.org> Date: Mon, 14 Mar 2016 17:55:39 +0000 Message-ID: <1457978150-27201-5-git-send-email-anthony.perard@citrix.com> In-Reply-To: <1457978150-27201-1-git-send-email-anthony.perard@citrix.com> References: <1457978150-27201-1-git-send-email-anthony.perard@citrix.com> MIME-Version: 1.0 Cc: Anthony PERARD <anthony.perard@citrix.com>, Wei Liu <wei.liu2@citrix.com>, Ian Jackson <ian.jackson@eu.citrix.com>, Stefano Stabellini <stefano.stabellini@eu.citrix.com> Subject: [Xen-devel] [PATCH v4 04/14] firmware/makefile: install BIOS blob ... Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>

Anthony PERARD March 14, 2016, 5:55 p.m. UTC

... into the firmware directory, along with hvmloader.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
Change in V4:
- remove install of acpi dsdt table

Change in V3:
- do not check if ROMs file exist before installing, they should exist
- change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
  .aml files without changing temporarly the other dsdt_*.c rules.
---
 tools/firmware/Makefile | 13 +++++++++++++
 1 file changed, 13 insertions(+)

Konrad Rzeszutek Wilk March 16, 2016, 12:26 a.m. UTC | #1

On Mon, Mar 14, 2016 at 05:55:39PM +0000, Anthony PERARD wrote:
> ... into the firmware directory, along with hvmloader.
> 
> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> ---
> Change in V4:
> - remove install of acpi dsdt table
> 
> Change in V3:
> - do not check if ROMs file exist before installing, they should exist
> - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
>   .aml files without changing temporarly the other dsdt_*.c rules.
> ---
>  tools/firmware/Makefile | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> index 6cc86ce..6a37758 100644
> --- a/tools/firmware/Makefile
> +++ b/tools/firmware/Makefile
> @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
>  
>  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
>  
> +SEABIOS_ROM := seabios-dir/out/bios.bin
> +OVMF_ROM := ovmf-dir/ovmf.bin

These will set the variables..
> +
>  ovmf-dir:
>  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
>  	cp ovmf-makefile ovmf-dir/Makefile;
> @@ -45,6 +48,16 @@ endif
>  install: all
>  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
>  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> +ifeq ($(CONFIG_SEABIOS),y)
> +ifeq ($(SEABIOS_PATH),)

But here you check them?

Or should the setting of OVMF_ROM and SEABIOS_ROM be ?= 

> +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
> +endif
> +endif
> +ifeq ($(CONFIG_OVMF),y)
> +ifeq ($(OVMF_PATH),)
> +	$(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
> +endif
> +endif
>  
>  .PHONY: clean
>  clean: subdirs-clean
> -- 
> Anthony PERARD
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel

Dario Faggioli March 16, 2016, 8:54 a.m. UTC | #2

On Tue, 2016-03-15 at 20:26 -0400, Konrad Rzeszutek Wilk wrote:
> On Mon, Mar 14, 2016 at 05:55:39PM +0000, Anthony PERARD wrote:
> > 
> > diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> > index 6cc86ce..6a37758 100644
> > --- a/tools/firmware/Makefile
> > +++ b/tools/firmware/Makefile
> > @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
> >  
> >  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
> >  
> > +SEABIOS_ROM := seabios-dir/out/bios.bin
> > +OVMF_ROM := ovmf-dir/ovmf.bin
> These will set the variables..
> > 
> > +
> >  ovmf-dir:
> >  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh
> > $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
> >  	cp ovmf-makefile ovmf-dir/Makefile;
> > @@ -45,6 +48,16 @@ endif
> >  install: all
> >  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
> >  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET)
> > $(INST_DIR)
> > +ifeq ($(CONFIG_SEABIOS),y)
> > +ifeq ($(SEABIOS_PATH),)
> But here you check them?
> 
> Or should the setting of OVMF_ROM and SEABIOS_ROM be ?= 
> 
I don't speak too much Makefile, TBH (so apologies if I'm talking
nonsense), but it looks to me that what is set above and what is
checked here are indeed _not_the_same_ variables.. isn't that the case?

Regards,
Dario

Konrad Rzeszutek Wilk March 16, 2016, 8:56 a.m. UTC | #3

On Wed, Mar 16, 2016 at 09:54:44AM +0100, Dario Faggioli wrote:
> On Tue, 2016-03-15 at 20:26 -0400, Konrad Rzeszutek Wilk wrote:
> > On Mon, Mar 14, 2016 at 05:55:39PM +0000, Anthony PERARD wrote:
> > > 
> > > diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> > > index 6cc86ce..6a37758 100644
> > > --- a/tools/firmware/Makefile
> > > +++ b/tools/firmware/Makefile
> > > @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
> > >  
> > >  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
> > >  
> > > +SEABIOS_ROM := seabios-dir/out/bios.bin
> > > +OVMF_ROM := ovmf-dir/ovmf.bin
> > These will set the variables..
> > > 
> > > +
> > >  ovmf-dir:
> > >  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh
> > > $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
> > >  	cp ovmf-makefile ovmf-dir/Makefile;
> > > @@ -45,6 +48,16 @@ endif
> > >  install: all
> > >  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
> > >  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET)
> > > $(INST_DIR)
> > > +ifeq ($(CONFIG_SEABIOS),y)
> > > +ifeq ($(SEABIOS_PATH),)
> > But here you check them?
> > 
> > Or should the setting of OVMF_ROM and SEABIOS_ROM be ?= 
> > 
> I don't speak too much Makefile, TBH (so apologies if I'm talking
> nonsense), but it looks to me that what is set above and what is
> checked here are indeed _not_the_same_ variables.. isn't that the case?

<facepalm>
You are right.

Ignore my comment.

Thanks!

Anthony PERARD March 17, 2016, 4:58 p.m. UTC | #4

On Tue, Mar 15, 2016 at 08:26:01PM -0400, Konrad Rzeszutek Wilk wrote:
> On Mon, Mar 14, 2016 at 05:55:39PM +0000, Anthony PERARD wrote:
> > ... into the firmware directory, along with hvmloader.
> > 
> > Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> > ---
> > Change in V4:
> > - remove install of acpi dsdt table
> > 
> > Change in V3:
> > - do not check if ROMs file exist before installing, they should exist
> > - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
> >   .aml files without changing temporarly the other dsdt_*.c rules.
> > ---
> >  tools/firmware/Makefile | 13 +++++++++++++
> >  1 file changed, 13 insertions(+)
> > 
> > diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> > index 6cc86ce..6a37758 100644
> > --- a/tools/firmware/Makefile
> > +++ b/tools/firmware/Makefile
> > @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
> >  
> >  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
> >  
> > +SEABIOS_ROM := seabios-dir/out/bios.bin
> > +OVMF_ROM := ovmf-dir/ovmf.bin
> 
> These will set the variables..
> > +
> >  ovmf-dir:
> >  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
> >  	cp ovmf-makefile ovmf-dir/Makefile;
> > @@ -45,6 +48,16 @@ endif
> >  install: all
> >  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
> >  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> > +ifeq ($(CONFIG_SEABIOS),y)
> > +ifeq ($(SEABIOS_PATH),)
> 
> But here you check them?

What do you mean by check them?

> Or should the setting of OVMF_ROM and SEABIOS_ROM be ?= 

I don't see any reason to change the location of SEABIOS_ROM, it describe
the location to the one we built. I've mostly copy those from
hvmloader/Makefile.

But thinking about it, there is no more reason to have variables, I'll
remove SEABIOS_ROM and OVMF_ROM and hardcode it below.

So that would give for seabios:
	$(INSTALL_DATA) seabios-dir/out/bios.bin $(INST_DIR)/seabios.bin

Would that be better?

> > +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
> > +endif
> > +endif
> > +ifeq ($(CONFIG_OVMF),y)
> > +ifeq ($(OVMF_PATH),)
> > +	$(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
> > +endif
> > +endif
> >  
> >  .PHONY: clean
> >  clean: subdirs-clean
> > -- 
> > Anthony PERARD
> > 
> > 
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xen.org
> > http://lists.xen.org/xen-devel

Douglas Goldstein March 17, 2016, 5:37 p.m. UTC | #5

On 3/14/16 12:55 PM, Anthony PERARD wrote:
> ... into the firmware directory, along with hvmloader.
> 
> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> ---
> Change in V4:
> - remove install of acpi dsdt table
> 
> Change in V3:
> - do not check if ROMs file exist before installing, they should exist
> - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
>   .aml files without changing temporarly the other dsdt_*.c rules.
> ---
>  tools/firmware/Makefile | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> index 6cc86ce..6a37758 100644
> --- a/tools/firmware/Makefile
> +++ b/tools/firmware/Makefile
> @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
>  
>  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
>  
> +SEABIOS_ROM := seabios-dir/out/bios.bin
> +OVMF_ROM := ovmf-dir/ovmf.bin
> +
>  ovmf-dir:
>  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
>  	cp ovmf-makefile ovmf-dir/Makefile;
> @@ -45,6 +48,16 @@ endif
>  install: all
>  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
>  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> +ifeq ($(CONFIG_SEABIOS),y)
> +ifeq ($(SEABIOS_PATH),)
> +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin

Why install this as "seabios.bin" when the default is "bios.bin". Most
distro's packages for SeaBIOS install it as "bios.bin"


> +endif
> +endif
> +ifeq ($(CONFIG_OVMF),y)
> +ifeq ($(OVMF_PATH),)
> +	$(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
> +endif
> +endif
>  
>  .PHONY: clean
>  clean: subdirs-clean
>

Anthony PERARD March 17, 2016, 6:33 p.m. UTC | #6

On Thu, Mar 17, 2016 at 12:37:36PM -0500, Doug Goldstein wrote:
> On 3/14/16 12:55 PM, Anthony PERARD wrote:
> > ... into the firmware directory, along with hvmloader.
> > 
> > Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> > ---
> > Change in V4:
> > - remove install of acpi dsdt table
> > 
> > Change in V3:
> > - do not check if ROMs file exist before installing, they should exist
> > - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
> >   .aml files without changing temporarly the other dsdt_*.c rules.
> > ---
> >  tools/firmware/Makefile | 13 +++++++++++++
> >  1 file changed, 13 insertions(+)
> > 
> > diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> > index 6cc86ce..6a37758 100644
> > --- a/tools/firmware/Makefile
> > +++ b/tools/firmware/Makefile
> > @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
> >  
> >  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
> >  
> > +SEABIOS_ROM := seabios-dir/out/bios.bin
> > +OVMF_ROM := ovmf-dir/ovmf.bin
> > +
> >  ovmf-dir:
> >  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
> >  	cp ovmf-makefile ovmf-dir/Makefile;
> > @@ -45,6 +48,16 @@ endif
> >  install: all
> >  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
> >  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> > +ifeq ($(CONFIG_SEABIOS),y)
> > +ifeq ($(SEABIOS_PATH),)
> > +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
> 
> Why install this as "seabios.bin" when the default is "bios.bin". Most
> distro's packages for SeaBIOS install it as "bios.bin"

No reason. I guess it's fine to keep the same name ("bios.bin"). My distro
install it as "bios-256k.bin", with "bios.bin" been the small version I
guess.

Jim Fehlig March 18, 2016, 9:11 p.m. UTC | #7

On 03/17/2016 12:33 PM, Anthony PERARD wrote:
> On Thu, Mar 17, 2016 at 12:37:36PM -0500, Doug Goldstein wrote:
>> On 3/14/16 12:55 PM, Anthony PERARD wrote:
>>> ... into the firmware directory, along with hvmloader.
>>>
>>> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
>>> ---
>>> Change in V4:
>>> - remove install of acpi dsdt table
>>>
>>> Change in V3:
>>> - do not check if ROMs file exist before installing, they should exist
>>> - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
>>>   .aml files without changing temporarly the other dsdt_*.c rules.
>>> ---
>>>  tools/firmware/Makefile | 13 +++++++++++++
>>>  1 file changed, 13 insertions(+)
>>>
>>> diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
>>> index 6cc86ce..6a37758 100644
>>> --- a/tools/firmware/Makefile
>>> +++ b/tools/firmware/Makefile
>>> @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
>>>  
>>>  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
>>>  
>>> +SEABIOS_ROM := seabios-dir/out/bios.bin
>>> +OVMF_ROM := ovmf-dir/ovmf.bin
>>> +
>>>  ovmf-dir:
>>>  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
>>>  	cp ovmf-makefile ovmf-dir/Makefile;
>>> @@ -45,6 +48,16 @@ endif
>>>  install: all
>>>  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
>>>  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
>>> +ifeq ($(CONFIG_SEABIOS),y)
>>> +ifeq ($(SEABIOS_PATH),)
>>> +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
>> Why install this as "seabios.bin" when the default is "bios.bin". Most
>> distro's packages for SeaBIOS install it as "bios.bin"
> No reason. I guess it's fine to keep the same name ("bios.bin"). My distro
> install it as "bios-256k.bin", with "bios.bin" been the small version I
> guess.

Same with SUSE's SeaBIOS package, which contains bios.bin (sz 131072) and
bios-256k.bin (sz 262144).

Regards,
Jim

Douglas Goldstein March 19, 2016, 12:43 a.m. UTC | #8

On 3/17/16 1:33 PM, Anthony PERARD wrote:
> On Thu, Mar 17, 2016 at 12:37:36PM -0500, Doug Goldstein wrote:
>> On 3/14/16 12:55 PM, Anthony PERARD wrote:
>>> ... into the firmware directory, along with hvmloader.
>>>
>>> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
>>> ---
>>> Change in V4:
>>> - remove install of acpi dsdt table
>>>
>>> Change in V3:
>>> - do not check if ROMs file exist before installing, they should exist
>>> - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
>>>   .aml files without changing temporarly the other dsdt_*.c rules.
>>> ---
>>>  tools/firmware/Makefile | 13 +++++++++++++
>>>  1 file changed, 13 insertions(+)
>>>
>>> diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
>>> index 6cc86ce..6a37758 100644
>>> --- a/tools/firmware/Makefile
>>> +++ b/tools/firmware/Makefile
>>> @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
>>>  
>>>  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
>>>  
>>> +SEABIOS_ROM := seabios-dir/out/bios.bin
>>> +OVMF_ROM := ovmf-dir/ovmf.bin
>>> +
>>>  ovmf-dir:
>>>  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
>>>  	cp ovmf-makefile ovmf-dir/Makefile;
>>> @@ -45,6 +48,16 @@ endif
>>>  install: all
>>>  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
>>>  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
>>> +ifeq ($(CONFIG_SEABIOS),y)
>>> +ifeq ($(SEABIOS_PATH),)
>>> +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
>>
>> Why install this as "seabios.bin" when the default is "bios.bin". Most
>> distro's packages for SeaBIOS install it as "bios.bin"
> 
> No reason. I guess it's fine to keep the same name ("bios.bin"). My distro
> install it as "bios-256k.bin", with "bios.bin" been the small version I
> guess.
> 
> 

Right. All the distros should be doing that now for modern versions of
SeaBIOS. When this work gets packaged up in a distro they'll likely use
one of those two versions instead of using the one that Xen builds, like
they mostly do with QEMU. I'd have to check how Xen builds SeaBIOS to
know which it should point to.

Douglas Goldstein April 18, 2016, 2:31 p.m. UTC | #9

On 3/14/16 5:55 PM, Anthony PERARD wrote:
> ... into the firmware directory, along with hvmloader.
> 
> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> ---
> Change in V4:
> - remove install of acpi dsdt table
> 
> Change in V3:
> - do not check if ROMs file exist before installing, they should exist
> - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
>   .aml files without changing temporarly the other dsdt_*.c rules.
> ---
>  tools/firmware/Makefile | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> index 6cc86ce..6a37758 100644
> --- a/tools/firmware/Makefile
> +++ b/tools/firmware/Makefile
> @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
>  
>  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
>  
> +SEABIOS_ROM := seabios-dir/out/bios.bin
> +OVMF_ROM := ovmf-dir/ovmf.bin
> +
>  ovmf-dir:
>  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
>  	cp ovmf-makefile ovmf-dir/Makefile;
> @@ -45,6 +48,16 @@ endif
>  install: all
>  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
>  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> +ifeq ($(CONFIG_SEABIOS),y)
> +ifeq ($(SEABIOS_PATH),)
> +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
> +endif
> +endif
> +ifeq ($(CONFIG_OVMF),y)
> +ifeq ($(OVMF_PATH),)
> +	$(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
> +endif
> +endif
>  
>  .PHONY: clean
>  clean: subdirs-clean
> 

So I'm going to toss this out there but what if we don't install these
at all? We talked about reducing the scope that the Xen Security team
had to maintain. What if we just state that SeaBIOS and/or OVMF are
dependencies? All the downstream distros don't use the pre-built
binaries from Xen and build it themselves. For plain Xen users we just
add that to the list of dependencies.

I think SeaBIOS and OVMF are a lot more low risk than something like
QEMU since they have a very clear target so they're a lot more likely to
remain stable. SeaBIOS also has a fairly low level of churn, especially
on stable branches.


Just a thought.

Stefano Stabellini April 19, 2016, 1:11 p.m. UTC | #10

On Mon, 18 Apr 2016, Doug Goldstein wrote:
> On 3/14/16 5:55 PM, Anthony PERARD wrote:
> > ... into the firmware directory, along with hvmloader.
> > 
> > Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> > ---
> > Change in V4:
> > - remove install of acpi dsdt table
> > 
> > Change in V3:
> > - do not check if ROMs file exist before installing, they should exist
> > - change rules for dsdt_anycpu_qemu_xen.c in oder to generate both .c and
> >   .aml files without changing temporarly the other dsdt_*.c rules.
> > ---
> >  tools/firmware/Makefile | 13 +++++++++++++
> >  1 file changed, 13 insertions(+)
> > 
> > diff --git a/tools/firmware/Makefile b/tools/firmware/Makefile
> > index 6cc86ce..6a37758 100644
> > --- a/tools/firmware/Makefile
> > +++ b/tools/firmware/Makefile
> > @@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
> >  
> >  LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
> >  
> > +SEABIOS_ROM := seabios-dir/out/bios.bin
> > +OVMF_ROM := ovmf-dir/ovmf.bin
> > +
> >  ovmf-dir:
> >  	GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
> >  	cp ovmf-makefile ovmf-dir/Makefile;
> > @@ -45,6 +48,16 @@ endif
> >  install: all
> >  	[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
> >  	[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
> > +ifeq ($(CONFIG_SEABIOS),y)
> > +ifeq ($(SEABIOS_PATH),)
> > +	$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
> > +endif
> > +endif
> > +ifeq ($(CONFIG_OVMF),y)
> > +ifeq ($(OVMF_PATH),)
> > +	$(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
> > +endif
> > +endif
> >  
> >  .PHONY: clean
> >  clean: subdirs-clean
> > 
> 
> So I'm going to toss this out there but what if we don't install these
> at all? We talked about reducing the scope that the Xen Security team
> had to maintain. What if we just state that SeaBIOS and/or OVMF are
> dependencies? All the downstream distros don't use the pre-built
> binaries from Xen and build it themselves. For plain Xen users we just
> add that to the list of dependencies.
> 
> I think SeaBIOS and OVMF are a lot more low risk than something like
> QEMU since they have a very clear target so they're a lot more likely to
> remain stable. SeaBIOS also has a fairly low level of churn, especially
> on stable branches.
 
Just to add to your argument, Raisin already supports both SeaBIOS and
OVMF. That's another way for users to build them if they want to.

[v4,04/14] firmware/makefile: install BIOS blob ...

Commit Message

Comments

Patch