From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6DC33C87FD1 for ; Tue, 5 Aug 2025 04:49:03 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uj9bE-0000d2-Bs; Tue, 05 Aug 2025 00:48:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uj9bD-0000bb-Gg for grub-devel@gnu.org; Tue, 05 Aug 2025 00:48:31 -0400 Received: from mail-il1-x134.google.com ([2607:f8b0:4864:20::134]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1uj9bB-0006nF-Mb for grub-devel@gnu.org; Tue, 05 Aug 2025 00:48:31 -0400 Received: by mail-il1-x134.google.com with SMTP id e9e14a558f8ab-3e3ead8bb17so2750345ab.2 for ; Mon, 04 Aug 2025 21:48:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1754369308; x=1754974108; darn=gnu.org; h=mime-version:message-id:subject:to:from:date:from:to:cc:subject :date:message-id:reply-to; bh=fAeb9X+8AuYEPG8mHnlJ16wIPZcag0txnZ1arZNalQ0=; b=BeClHiJOww9BDjsZbkpl+BZqY6h7GONrQK90BsfDy87nY3IOj7SveAir4wUxMj5ArE tjU/RxLLqDdA7a9tPqRMxdqdg37ojNxma5wTWmJwQcZv5ifi0j34cR7nqYs2zLDIMfWK 3hBcgrGMxufIfy9s+RZCNoW0duUQzF+Z5mY1q76nj0C2sqD0zYShSGLUqTsO72OPjtKn xbcZsORGS8iBvjdqtaEAkuS6IkknrR+2yf4qyAJxJOcq9rTpAZhzD843MfjwFngUoWBn gn03o9Df8W7Fcy9e8I7UREgKLJkBxubNQ9BXauxpu13eCO9clGvJfbBeeXGTWDyny2V+ 5Lww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1754369308; x=1754974108; h=mime-version:message-id:subject:to:from:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=fAeb9X+8AuYEPG8mHnlJ16wIPZcag0txnZ1arZNalQ0=; b=uNR64xlwCB/4cQi9WQvSOj/BEFqVqHmWDpPR1Xrlkb+vjwwBltYyrBdBrXRfdNtOJ5 g+/qhmpchO+NQCjGulqmdPeU5TjzyC15sC7jfp5cn9r3OEt8r0exJvCcPKqCjxSVALZD V75SVeyCD/mVBmNc8i+RtepFl/rOqRO4+m6gHHSdpH0JRZJVI/clz+cRj8vWEbD5JhUf hTE31ri3gNcYWqWGp5YcNis5Uxkx2xL9p3lJquF4RJ68SwmZlig7dcM29O+S9GwupKVh 4aNXidCMGsGi1VZlBtytsDWOu/UIfrbfuEL4ULYFZHWRQWgtl2udnJiL5l1kNsTpLNmx DqAA== X-Gm-Message-State: AOJu0YzSirFyA+TuujF2q8EKB1+VlGPAqXCuZ10EpJxUkBWqd4zMZZNT R5W4hkqNeXUfmIDdzPjcJhSK0jUUvheW7CYQZi+A/j2kL+YpU98ABY1mvxPl9Q== X-Gm-Gg: ASbGncuUEiiFeoiUiS5syYTGbfZe9f83L1z3Eh/RrtCILj/Fn+PI6O07Ouyry1FEFFW lmsBaIRwUgVmKbc/SRXE5fVU3HLjm2Ab1aS/BwnwqJuQGz1h8sWTl1Ld+yr/Oh/5Uj17UOhvdRp bt6to7eTUjvTjg+91VoNufmGdM6F8J6bYD84g8rZ70LAXM+CxFcWY/RkP0WH2m91VV5igYAjwwL q+SznZpcqL7R+cy7+UvNcKRscssxWLRSgOlVymHCzQEcACb6d6sKJGmK17CNQE676dP4P34HQ/0 Rmw42b4ukb4lbp9+gp7sovUHWIrXoxV8+yQi5I7P8us6BMzjCRnOMHhNkDJ/JLLhO9B4dv+TsBA kz208OjZWLc5gvmKmPX6a/jreBqqHxMYUmr2fk1HBcw== X-Google-Smtp-Source: AGHT+IEKeEi/gAby9VnxKw5TgC6XlozkOvfKVx6TrT+v3TIv3VnhHxTOSNY+bluWQN+20xgcwCOhjw== X-Received: by 2002:a05:6e02:2482:b0:3e4:6c1:74a4 with SMTP id e9e14a558f8ab-3e416190916mr55764455ab.3.1754369308047; Mon, 04 Aug 2025 21:48:28 -0700 (PDT) Received: from kf-m2g5 ([2607:fb90:bf84:45ad:2f41:d127:adbe:c0d6]) by smtp.gmail.com with ESMTPSA id e9e14a558f8ab-3e402b34532sm48015065ab.56.2025.08.04.21.48.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Aug 2025 21:48:27 -0700 (PDT) Date: Mon, 4 Aug 2025 23:48:16 -0500 From: Aaron Rainbolt To: grub-devel@gnu.org, xen-devel@lists.xenproject.org Subject: [PATCH v4 0/2] kern/xen: Add Xen command line parsing Message-ID: <20250804234816.3d14f53f@kf-m2g5> X-Mailer: Claws Mail 4.3.1 (GTK 3.24.41; x86_64-pc-linux-gnu) MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::134; envelope-from=arraybolt3@gmail.com; helo=mail-il1-x134.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: The development of GNU GRUB Content-Type: multipart/mixed; boundary="===============4238262301110855811==" Errors-To: grub-devel-bounces+grub-devel=archiver.kernel.org@gnu.org Sender: grub-devel-bounces+grub-devel=archiver.kernel.org@gnu.org --===============4238262301110855811== Content-Type: multipart/signed; boundary="Sig_/xScQGjvbhehxfi4Rs=kQNRS"; protocol="application/pgp-signature"; micalg=pgp-sha512 --Sig_/xScQGjvbhehxfi4Rs=kQNRS Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable The purpose of this patch is to allow the Xen hypervisor to pass extra data to GRUB in the form of a kernel command line, allowing the host to customize the boot process of the guest. The command line from Xen is parsed, and any variables within that start with the string `xen_grub_env_` are exposed as environment variables. The grub.cfg script can then use those environment variables as it sees fit. The main reason for doing this is to allow implementing boot modes in Qubes OS while also using in-VM kernels. For more context on Qubes boot modes, see [1]. In order for this to work with in-VM kernels, it is necessary for dom0 to pass kernel parameters to the guest without modifying the guest's grub.cfg manually. This patch allows this to be done, by allowing dom0 to pass kernel parameters to GRUB, which then provides them to grub.cfg as an environment variable. The grub.cfg script within the VM can then append those variables to the kernel command line. All of the changes from version 3 of the patch are simply refinements after a review from Daniel Kiper (coding style cleanups, avoiding global variables, double-checking NUL-termination after using grub_strncpy, etc.). The patch's functionality is unchanged. Since there are substantial changes since version 3, I've re-run the entire battery of tests that were used against the v3 patch, plus an extra test to ensure an escaped control character won't be accepted in variable values. The test results can be seen at [2]. As previously, the tests were done by booting a patched GRUB in Xen with various different parameters passed to it via the Xen-provided kernel command line. The effects of these parameters on the bootloader's environment were then tested, and then an Arch Linux image was booted to ensure that boot still worked. [1] https://github.com/QubesOS/qubes-linux-pvgrub2/pull/16 [2] https://bpa.st/3SBQ Aaron Rainbolt (2): include/xen: Rename MAX_GUEST_CMDLINE to GRUB_XEN_MAX_GUEST_CMDLINE kern/xen: Add Xen command line parsing docs/grub.texi | 51 +++++ grub-core/Makefile.core.def | 2 + grub-core/kern/i386/xen/pvh.c | 23 +++ grub-core/kern/xen/cmdline.c | 376 ++++++++++++++++++++++++++++++++++ grub-core/kern/xen/init.c | 2 + include/grub/xen.h | 2 + include/xen/xen.h | 4 +- 7 files changed, 458 insertions(+), 2 deletions(-) create mode 100644 grub-core/kern/xen/cmdline.c --=20 2.50.1 --Sig_/xScQGjvbhehxfi4Rs=kQNRS Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEudh48PFXwyPDa0wGpwkWDXPHkQkFAmiRjRAACgkQpwkWDXPH kQmUcQ/+IK73jDnnYdHxMHW5n0qqZPpSkOK1mYaH7o9lzLGngg9ias2SqAML8aw+ Fyi+QQhVd7XRmPjZHe85yyVgEY3NM4WK7+T2PY4LfSAWq5xRKHVtm4mnhSMmXp95 /DPqL4k8Dyj8oVuu861gdSxGk3L8Bq8bW1ttMIxTn9j1A3lKZ7h3//z6aXu+fTgQ MJuACkFJRGVjMnRXT40AKlRCM36KFktCC+C1r+a8Lh7rHhSzLWf6TbF+0A9Nt8vZ foLAvqAGlYfLtyi5nCMPdC88VeOcVc2PjymhzCd2MdTc7Wumxhw/xUFsJcoggaZK Al//2ekOjTjRP/Cirx6KBCe6eId3vk6YOC5HWKrHcFyCdYG3D+4MGXFPL9wQMEyN c1QLWdIPtBtFXXHLjppX1gsd0Wi9Jt47K1Xr1glzLHs7b++Zhlz+/qtoguPHU74i ilvAe8E4XRaCDZyFlxQofrfUVpa2OJOLHsoubS35X7DFpcNc+nHMYesDw4L6Bk0P McjaJ1CAbsxfELJ82ReQajhjTLB10C26EUd+JolR3g6+6fU2L4Aiy+IwQw348Rmc KKV429earA8F8Pu6UkgKEG8JQJlkbTts0wMs94+5pOslM5rqFqrbi/IDNJXV9e/2 fsU01RHTu4HKB6j8ryDi0Mgo5sPqfkJJJplfxQeaiRpeeo7Txj8= =k+GH -----END PGP SIGNATURE----- --Sig_/xScQGjvbhehxfi4Rs=kQNRS-- --===============4238262301110855811== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KR3J1Yi1kZXZl bCBtYWlsaW5nIGxpc3QKR3J1Yi1kZXZlbEBnbnUub3JnCmh0dHBzOi8vbGlzdHMuZ251Lm9yZy9t YWlsbWFuL2xpc3RpbmZvL2dydWItZGV2ZWwK --===============4238262301110855811==--