From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: catalin.marinas@arm.com, will@kernel.org,
Ard Biesheuvel <ardb@kernel.org>,
"James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>,
Matthew Garrett <mjg59@srcf.ucam.org>,
Peter Jones <pjones@redhat.com>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Heinrich Schuchardt <heinrich.schuchardt@canonical.com>,
AKASHI Takahiro <takahiro.akashi@linaro.org>,
Palmer Dabbelt <palmer@dabbelt.com>,
Atish Patra <atishp@atishpatra.org>,
Arnd Bergmann <arnd@arndb.de>,
Huacai Chen <chenhuacai@loongson.cn>,
Lennart Poettering <lennart@poettering.net>
Subject: [PATCH v2 0/6] efi: implement generic compressed boot support
Date: Tue, 9 Aug 2022 10:09:38 +0200 [thread overview]
Message-ID: <20220809080944.1119654-1-ardb@kernel.org> (raw)
Relatively modern architectures such as arm64 or RISC-V don't implement
a self-decompressing kernel, and leave it up to the bootloader to
decompress the compressed image before executing it. For bare metal
boot, this policy makes sense, as a self-decompressing image essentially
duplicates a lot of fiddly preparation work to create a 1:1 mapping and
set up the C runtime, and to discover or infer where DRAM lives from
device trees or other firmware tables.
For EFI boot, the situation is a bit different: the EFI entrypoint is
called with a 1:1 cached mapping covering all of DRAM already active,
and with a stack, a heap, a memory map and boot services to load and
start images. This means it is rather trivial to implement a
self-decompressing wrapper for EFI boot in a generic manner, and reuse
it across architectures that implement EFI boot.
The only slight downside is that when UEFI secure boot is enabled, the
generic LoadImage/StartImage only allow signed images to be loaded and
started, and we prefer to avoid the need to sign both the inner and
outer PE/COFF images. This series adopts the EFI shim approach, i.e., to
override an internal UEFI/PI protocol that is used by the image loader,
to allow the inner image to be booted after decompression. This has been
tested to work with Tianocore based EFI implementations on arm64, but
u-boot will need some interoperability tweaks as well, ideally just a
protocol that exposes a LoadImage/StartImage combo that the decompresor
can use directly to circumvent the signature check. (Note that EFI apps
have full control over the CPU, page tables, etc. so having code that
circumvents authentication checks is not as crazy as it sounds, given
that the app can do anything it pleases already.)
The code is wired up for arm64 and RISC-V. The latter was build tested
only.
Cc: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
Cc: Matthew Garrett <mjg59@srcf.ucam.org>
Cc: Peter Jones <pjones@redhat.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Atish Patra <atishp@atishpatra.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Huacai Chen <chenhuacai@loongson.cn>
Cc: Lennart Poettering <lennart@poettering.net>
Ard Biesheuvel (6):
efi: stub: add some missing boot service prototypes
efi: stub: split off printk() routines
efi: stub: move efi_system_table global var into separate object
efi: stub: implement generic EFI zboot
arm64: efi: enable generic EFI compressed boot
riscv: efi: enable generic EFI compressed boot
arch/arm64/Makefile | 5 +
arch/arm64/boot/Makefile | 12 ++
arch/riscv/Makefile | 5 +
arch/riscv/boot/Makefile | 14 ++
drivers/firmware/efi/Kconfig | 9 +
drivers/firmware/efi/libstub/Makefile | 7 +-
drivers/firmware/efi/libstub/Makefile.zboot | 30 +++
drivers/firmware/efi/libstub/efi-stub-helper.c | 141 ---------------
drivers/firmware/efi/libstub/efi-stub.c | 2 -
drivers/firmware/efi/libstub/efistub.h | 12 +-
drivers/firmware/efi/libstub/printk.c | 158 ++++++++++++++++
drivers/firmware/efi/libstub/systable.c | 8 +
drivers/firmware/efi/libstub/zboot-header.S | 144 +++++++++++++++
drivers/firmware/efi/libstub/zboot.c | 191 ++++++++++++++++++++
drivers/firmware/efi/libstub/zboot.lds | 41 +++++
include/linux/efi.h | 2 +
16 files changed, 633 insertions(+), 148 deletions(-)
create mode 100644 drivers/firmware/efi/libstub/Makefile.zboot
create mode 100644 drivers/firmware/efi/libstub/printk.c
create mode 100644 drivers/firmware/efi/libstub/systable.c
create mode 100644 drivers/firmware/efi/libstub/zboot-header.S
create mode 100644 drivers/firmware/efi/libstub/zboot.c
create mode 100644 drivers/firmware/efi/libstub/zboot.lds
--
2.35.1
next reply other threads:[~2022-08-09 8:10 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-09 8:09 Ard Biesheuvel [this message]
2022-08-09 8:09 ` [PATCH v2 1/6] efi: stub: add some missing boot service prototypes Ard Biesheuvel
2022-08-09 8:42 ` Heinrich Schuchardt
2022-08-09 8:09 ` [PATCH v2 2/6] efi: stub: split off printk() routines Ard Biesheuvel
2022-08-09 8:09 ` [PATCH v2 3/6] efi: stub: move efi_system_table global var into separate object Ard Biesheuvel
2022-08-09 8:09 ` [PATCH v2 4/6] efi: stub: implement generic EFI zboot Ard Biesheuvel
2022-08-09 8:09 ` [PATCH v2 5/6] arm64: efi: enable generic EFI compressed boot Ard Biesheuvel
2022-08-09 8:09 ` [PATCH v2 6/6] riscv: " Ard Biesheuvel
2022-09-12 14:26 ` Palmer Dabbelt
2022-08-09 8:38 ` [PATCH v2 0/6] efi: implement generic compressed boot support Heinrich Schuchardt
2022-08-09 8:46 ` Ard Biesheuvel
2022-08-09 9:03 ` Heinrich Schuchardt
2022-08-09 9:10 ` Ard Biesheuvel
2022-08-09 8:47 ` Matthew Garrett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220809080944.1119654-1-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=arnd@arndb.de \
--cc=atishp@atishpatra.org \
--cc=catalin.marinas@arm.com \
--cc=chenhuacai@loongson.cn \
--cc=heinrich.schuchardt@canonical.com \
--cc=ilias.apalodimas@linaro.org \
--cc=lennart@poettering.net \
--cc=linux-efi@vger.kernel.org \
--cc=mjg59@srcf.ucam.org \
--cc=palmer@dabbelt.com \
--cc=pjones@redhat.com \
--cc=takahiro.akashi@linaro.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox