From patchwork Mon Apr 25 10:46:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 12825572 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B7EE2C433F5 for ; Mon, 25 Apr 2022 10:46:58 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.312744.530087 (Exim 4.92) (envelope-from ) id 1niwEd-0003zC-HP; Mon, 25 Apr 2022 10:46:27 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 312744.530087; Mon, 25 Apr 2022 10:46:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1niwEd-0003z5-EP; Mon, 25 Apr 2022 10:46:27 +0000 Received: by outflank-mailman (input) for mailman id 312744; Mon, 25 Apr 2022 10:46:25 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1niwEb-0003yz-OO for xen-devel@lists.xenproject.org; Mon, 25 Apr 2022 10:46:25 +0000 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id f36575da-c484-11ec-a405-831a346695d4; Mon, 25 Apr 2022 12:46:24 +0200 (CEST) Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04lp2058.outbound.protection.outlook.com [104.47.14.58]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-35-7QKDvqdEMmiiX_QwcYCRbg-1; Mon, 25 Apr 2022 12:46:21 +0200 Received: from DU2PR04MB8616.eurprd04.prod.outlook.com (2603:10a6:10:2db::16) by DB7PR04MB4377.eurprd04.prod.outlook.com (2603:10a6:5:37::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.20; Mon, 25 Apr 2022 10:46:19 +0000 Received: from DU2PR04MB8616.eurprd04.prod.outlook.com ([fe80::5cb0:5195:4203:7c2f]) by DU2PR04MB8616.eurprd04.prod.outlook.com ([fe80::5cb0:5195:4203:7c2f%9]) with mapi id 15.20.5186.021; Mon, 25 Apr 2022 10:46:19 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: f36575da-c484-11ec-a405-831a346695d4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1650883583; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2IyVjbV4+UozLbWszz088eBp53KB5rBQs/D2spIZ4Eg=; b=S+4rPD4YwsHRfcYM/HWoVLiVdt3O0LnoigR3LWy2KXou26kCg4WWeQwJHvnGGVnB9xAIxc hJv0dTRXSvwtyw7gSCAZX/e6pOgsrSlzwxknHs85Ds6Wz5sam0U0vaI6EYgRX3j2zO4102 fULuD5MhAkFN6riU21imipkiBcjlwPw= X-MC-Unique: 7QKDvqdEMmiiX_QwcYCRbg-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JdJZk4Jev86q83corYMJ/iAju7wV01Br4x78DBxCJXMYVKoRnt6q6tOONR7bCouk5tCZnWIXn3s+YhofZSpkMa+UgPEHCoKvZ4UcY0SatLArbWaLEvKSpjNpUxQAjUzMU+xC3lG1Sts9YzfCjsaxhcBcEA6EqPozf/R1JFFIBEU4Y3wsx5QzeJM6i2ncjSZfbj9NuUYTxB3Mwa6dEwrliX48MhkFTJzXS3rTpeFN+wdpDaCvlTfc3bbrodxUCxT/+9EnEb9+bGZibl9C7iF2O0AsJO3DoFRkiBK/c5GslpfiKyHOk6tbhZHji0c2XwIEMLzKrKndOAcXIqITxr01nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2IyVjbV4+UozLbWszz088eBp53KB5rBQs/D2spIZ4Eg=; b=eO9qSrNSnd4/KvbjVNYnnCPT5LzFQ+dBfkx3B97mDuKif8S2wRSEJ7E06Q8ZnalAbO9581NRkrpd46oSDEEU+fOuEgx8pzkJzXSnZJYDT7Mz7AFS7buNAeGmB+tldbo06+aZV+8NW++TzZqlmffaHhWE8tF4BlqypHqS7djChMNkfedkCb5/HH7YHqloWc77gzcYwkydJi+NVXQLSVJKBX3qpx7pZCOoXpL9kjE6zsfsG0k4V2AUuuiFuntd+Goyv08Jwnn87758AbECCpDIkBivJseH2aR74Qm+Dx7OT3SRGEIgk3JIgc4cAN1FMuZHrSsYlzDh3vSpLvqAPhc/jw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: <394c1b94-beaf-bdcb-c333-65dd9987be54@suse.com> Date: Mon, 25 Apr 2022 12:46:17 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 Content-Language: en-US To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , George Dunlap , Julien Grall , Stefano Stabellini , Wei Liu From: Jan Beulich Subject: [PATCH RFC] EFI: strip xen.efi when putting it on the EFI partition X-ClientProxiedBy: AM6P191CA0088.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:8a::29) To DU2PR04MB8616.eurprd04.prod.outlook.com (2603:10a6:10:2db::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0ea2bb26-9a84-4b51-0a8e-08da26a8d4d6 X-MS-TrafficTypeDiagnostic: DB7PR04MB4377:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: RBr1rDrryuCt/uQz9VSJSsOdT1yt02oXVMO6iBJ9FjIxIOdt/vA60URIWRxYwT5U6kcslcYlol/aWhIbihEB+xQCFcL1YRFTQc1Oexw55QlqsK23bIWjNGdyeRxwATK237JkhPQKDoi6Ue6OBapHDPUaajBzZgJ27mCwfj2bDXYpM/R+YW4Azq1QmBGRM1DmD00Uc4vb1/pw6dgln5uO/ZPKLZO0FmkV0kLfhXgc+SizeUDZByJdc08vi2oCbDg1QM1TO3wPFmskRRRcxqa1VFsNOa8YfD/usBgqldWF8JXj+ToLRktIVJj1BnMxfHVEup0+BF5EFGUoEQyYPqkwPL7lk+fE6h58XiSOD/2tjqa3soSlOrv+kFTrNQmRjdQq2U3nao1zhcG1mAYcl39Xkho4ItOhy1i8TpCPUDCngxUTFVepcrT+H9K2/AH0fjXYNR0D47kaSWmbpGKYtRf4krNxVPdCxtnliU6rPDgjtD5kFvSR6wy1tw5tpUfH+H0eeMP4GUaTHVNDA4Iqv7yvudx3PlzxdDIr5FxiPYeaZwS1FGd/ynfgIXNu2KnP0olvl65zJpPHqQnm5T1atkeofCQe9cU11wArAuBp4HNFNw3v2FO4oeuzN+w8trCCuJQ+DcK/KkoeVN54bGTOeqMWZy4+RVcpd5SUp6RJ9z5N6g0+nGpG1ZQGtliwnhdSnTDKqwv8Prc99JnIfE1W8XfyP05ptN2k0qL268zOP1ue2EA= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU2PR04MB8616.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(4326008)(26005)(66556008)(5660300002)(186003)(6486002)(66476007)(8676002)(54906003)(36756003)(6916009)(31686004)(8936002)(66946007)(6512007)(316002)(508600001)(6506007)(83380400001)(2616005)(86362001)(38100700002)(31696002)(2906002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?iVXj0u6+0qMEDqPrBhJv9Zo7o8Gp?= =?utf-8?q?bzNm0D2Ps6LV9BCcLgjWC/SiUccye4kB3vcbmVPPqHCOqGnAutmEafZQZfMVHB8Yn?= =?utf-8?q?mMmxwaqPfCnDt2DRjraRqLQdlZCdpFh5szdI0Xn6+h4lxuUSM3sFx95WbOTvYf1KT?= =?utf-8?q?8ecqCdk2fl30DDnlmBueHVnAEcUTnGvQO1QbnFGjBu6Q6Jj/5pMQbKrsvvTepMGxI?= =?utf-8?q?/GS1oZ3vHx6YpJl3NCWsrcfK3uvga5ix4OLfA6OBPNvzNbGBQ50+ZbTq7SUExZl5W?= =?utf-8?q?yH1yXk80incgb34SSqzXiKq8BV6UfS7bcP4vyWi1/M8hrMIblI+4IQy2JSy+yaOpe?= =?utf-8?q?Jub6P9HQV1Z4Q4A1vIXMZqVUwVHcrQn8j19/y+oEIBFzdWC9ubRoIN4AamH4Sl/CO?= =?utf-8?q?yvxrX+HX5Vkq5wbdOg8MyI13v1fgKwc7cx7NCl3DFvNpC4G0k/Xb3r6J2cMdzVmsu?= =?utf-8?q?3ifOB6zmPWZ9lF1LyW7r6JvpyZOR9Qb8YVcwDIQJs1xjC/LSGXyhukNXmltyKzox/?= =?utf-8?q?D6JPHtW5iSTHD0nwx70XRENaPGuHlSY4mBJX0m16xzzyu9ntQM3MeFLk+zYdZThyI?= =?utf-8?q?2EP0Gg3TLgUXdNuMsQMzC06JOoqlrsYycWCHJl6aQhbIUPy0ZjgenzHW1LaGn83zn?= =?utf-8?q?LfYF+Zat13Kjuvj19P9pFaKaE5BAkZZHYuEju5dilHK23Oon1Dx8JpQikTlc+1o/Z?= =?utf-8?q?U+pM2a9S5OmGdsEBxMvPQbp5MmqlVgWKgVMq+uAdTNS2vt4Tr7Afl2qV4pSFKcfOd?= =?utf-8?q?SKI02J6bbM39d6t8wCR3NJesDxcvUY3dvlAfrATS5+cWbmdKaIlw0E9XPAWejJn9n?= =?utf-8?q?Tk41BzXHDUPHMBLjsINi9LR6HatC7CVpmvPJoT09zQn2BcgLRvG2auuIeBGxpuE80?= =?utf-8?q?02vOOgiR7Ls9qFskaG6yIvYiVC0tgPco/BH4/AgFK+Up5GTe1rEfYrZhrBX4wacCq?= =?utf-8?q?qT0scpxOyWrZygp9h1944rcLQqHSb4o0bts2NnY9NUITtiVFS+RmR2VBIz2csXw1g?= =?utf-8?q?6J3WNi90B0twrhc4sCYHqXObmehN5t1A5lhcrMlhDFnOyejLluw5aWHPooWdgvzzL?= =?utf-8?q?YsO3RfpXfnHsWZlNoPuvZGHgHsLFcqpBMS43W95qsX1cqTwla7FWZ35PmtX71wCSD?= =?utf-8?q?RyXLrtbCDSWCiR2Bd/lVCVMvSTELPyP9gABn+8LqhdtLp0X1KOmPr7b73r1F2IOTi?= =?utf-8?q?XypYaXrH68JzXUyymPKZCy7peqQE2R8dxjKifkz/B2Seqfd+6FBeezBeEqI28uT0D?= =?utf-8?q?jJZaiJyBONCFmcmg7DnoyaAceIgPexcX5bBvkGoSyBS8RC3g5rxkwaQj6bDQ7QMTh?= =?utf-8?q?DLQwu30nIW3vMPS9B0bX6vWC1q1h4JnFIQN48TO7xfL+HQ79utGAHStcITGI6c02v?= =?utf-8?q?122W/tKksuLXmBm7mksEVXu/kz0TRi44lbE4BO15FCJrQ2XyhMyYMBIdrBH+0nH1H?= =?utf-8?q?AniFLD4V1gGTRLN+YjhXOUXRwqiOfV6c9vS02VHKj/LFavgWJRtr0GzvPbLyXqppI?= =?utf-8?q?0ylp1AoLvYOh7DclXtgKlj6eHu5jxRjblT/RHJWj4dvmJFbC6M8atOlgql2l0avlv?= =?utf-8?q?IAUY8B2JFpfvKspPyVLntTOUIFTHh90aGO1VtuXmifSk6GcRpI0VlZw19uVXCSZDc?= =?utf-8?q?Xjx0QG23BOhomirb1xSpaWc5nG7deQZA=3D=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0ea2bb26-9a84-4b51-0a8e-08da26a8d4d6 X-MS-Exchange-CrossTenant-AuthSource: DU2PR04MB8616.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2022 10:46:19.4754 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DsQEmnazSdp3T2NTiKal4fkGQfSRx7XLPYFBG/3HEMstIecCe1SuCpNQLsBNPNCx2R1lG1ZCNS667kxcAvCTOQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR04MB4377 With debug info retained, xen.efi can be quite large. Unlike for xen.gz there's no intermediate step (mkelf32 there) involved which would strip debug info kind of as a side effect. While the installing of xen.efi on the EFI partition is an optional step (intended to be a courtesy to the developer), adjust it also for the purpose of documenting what distros would be expected to do during boot loader configuration (which is what would normally put xen.efi into the EFI partition). Model the control over stripping after Linux'es module installation, except that the stripped executable is constructed in the build area instead of in the destination location. This is to conserve on space used there - EFI partitions tend to be only a few hundred Mb in size. Signed-off-by: Jan Beulich --- RFC: GNU strip 2.38 appears to have issues when acting on a PE binary: - the new file positions of the sections do not respect the file alignment specified by the header (a resulting looks to work on one EFI implementation where I did actually try it, but I don't think we can rely on that), - file name symbols are also stripped; while there is a separate --keep-file-symbols option (which I would have thought to be on by default anyway), its use makes no difference. Older GNU strip (observed with 2.35.1) doesn't work at all ("Data Directory size (1c) exceeds space left in section (8)"). --- a/xen/Makefile +++ b/xen/Makefile @@ -461,6 +461,22 @@ endif .PHONY: _build _build: $(TARGET)$(CONFIG_XEN_INSTALL_SUFFIX) +# Strip +# +# INSTALL_EFI_STRIP, if defined, will cause xen.efi to be stripped before it +# is installed. If INSTALL_EFI_STRIP is '1', then the default option +# --strip-debug will be used. Otherwise, INSTALL_EFI_STRIP value will be used +# as the option(s) to the strip command. +ifdef INSTALL_EFI_STRIP + +ifeq ($(INSTALL_EFI_STRIP),1) +efi-strip-opt := --strip-debug +else +efi-strip-opt := $(INSTALL_EFI_STRIP) +endif + +endif + .PHONY: _install _install: D=$(DESTDIR) _install: T=$(notdir $(TARGET)) @@ -485,6 +501,9 @@ _install: $(TARGET)$(CONFIG_XEN_INSTALL_ ln -sf $(T)-$(XEN_FULLVERSION).efi $(D)$(EFI_DIR)/$(T)-$(XEN_VERSION).efi; \ ln -sf $(T)-$(XEN_FULLVERSION).efi $(D)$(EFI_DIR)/$(T).efi; \ if [ -n '$(EFI_MOUNTPOINT)' -a -n '$(EFI_VENDOR)' ]; then \ + $(if $(efi-strip-opt), \ + $(STRIP) $(efi-strip-opt) -p -o $(TARGET).efi.stripped $(TARGET).efi && \ + $(INSTALL_DATA) $(TARGET).efi.stripped $(D)$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi ||) \ $(INSTALL_DATA) $(TARGET).efi $(D)$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi; \ elif [ "$(D)" = "$(patsubst $(shell cd $(XEN_ROOT) && pwd)/%,%,$(D))" ]; then \ echo 'EFI installation only partially done (EFI_VENDOR not set)' >&2; \