Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp178326ybl; Wed, 21 Aug 2019 17:08:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqyToVFRTSq1N0yXX2JIbrp5bMHFt9WB8ZZ4W1GbyCLdGHRessDCkbjRRMZw3zyeu9f/YdLL X-Received: by 2002:aa7:939c:: with SMTP id t28mr29756556pfe.111.1566432494972; Wed, 21 Aug 2019 17:08:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566432494; cv=none; d=google.com; s=arc-20160816; b=NbCUoRV9nmUDZ64RJaXARNbKO6Ay40HB5FZq0lgT885InQrqFbet+x4LGZTT6VAi5m 9clXP5EZFnSfSZRESPO6ngHj2H14/KvyCUa4Engmos3NicKv42W5C3VfRe8ayXJXJty6 FAltoiI5ZvM2/VMYy0IYcuT5VuSt55W/CU/Zl9ToipJBKMXClI7qEZwBZBKr9tv3VyuO pSDMSaeOCeADezJpt7q3eLVKqV2bSSjzW3lSz470KISadvmGTfUtd245yqnzPS/v3BjH 3rqrh9B39LylAVSQZqhk50q6paEhBmgNl9kZ6Ig45zEKycBxzmSQ2To0FCn78IXLUpg6 doeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=Li3UBe8fI+pi64qmfeKTwbTPteH9HIZjUzvyj3UoeFw=; b=upYQU9/Q3a+CjLCMWmd1WS0t2bEm4UXZvRIA5+nzWPBQyxNl6wk19NjLRiFt4Z3gS8 B097+PJb8/4Ll6ojDu8HW9j1njM93jP3uChgoKkTE0rxdFk9YEKZ/E6woqyEJO//0MAm iG4ahn75ij+usKS1+843tMdoTslLBkh6gNjE9r2ySY3+8JSwuqW/6hrDL3eeAhZ/Ybyd vRhDg54hUpmnJUBUnWauAq7VbQEgtaZns34fVfINmzTijpj1gyzmdSzC8CcO++XF0EhJ zkTG4zKc2zPserTdTXu5Am3r6BwcSrS5Bj2zgCnimxVaCGKcNbmjf/pS/pViObW2U1L9 u7rw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sifive.com header.s=google header.b=MGLD5jrw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d18si1064741pjz.58.2019.08.21.17.07.57; Wed, 21 Aug 2019 17:08:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@sifive.com header.s=google header.b=MGLD5jrw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729804AbfHUXdC (ORCPT + 99 others); Wed, 21 Aug 2019 19:33:02 -0400 Received: from mail-pl1-f194.google.com ([209.85.214.194]:35579 "EHLO mail-pl1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726828AbfHUXdB (ORCPT ); Wed, 21 Aug 2019 19:33:01 -0400 Received: by mail-pl1-f194.google.com with SMTP id gn20so2233903plb.2 for ; Wed, 21 Aug 2019 16:33:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Li3UBe8fI+pi64qmfeKTwbTPteH9HIZjUzvyj3UoeFw=; b=MGLD5jrwG4bvu8DWnmzQYJzFS1/EptZ8wSe5Rt8mD73XH/bMx6G8SQefQZ+UmpmiMG CTQgRYdud9d65PvEcTExXMizP0qA0bUbNsERbQG05wRcQMmI9kt+KPCv+d8LXuklTlCQ 8GdNTGObeP6PNG8DMgihfBMa4URCLFOAvPzmXgmoZrYIcWwrYtYUYuwzfrmG7SEf0N+1 LGr19VM9K0uNGpsCiGs3qBZhAXZbkSJ58M64j4gwnj3BDo1aeybhF+sW4J38W0New54k EkAHZqQpYZz/F5wlE1PMOrBjVBPSqbrhBNx7puf/2TZluyPMnPTwslzrP8BanY137KAx c/kw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Li3UBe8fI+pi64qmfeKTwbTPteH9HIZjUzvyj3UoeFw=; b=Vl4q8Rpdti5CwyKMwJyZxNG7qzcvU39+93DaNBpm/QLz19pv8QMXrvalx63a5Atdje 3heQYE4JJmjCHzlOeKJ2oXyXlvmiAZoHSrFXbeOczBzge2hVqxnrFDpJ7SG4SITuLA4X nDni8POVoTbh56gDvDJOlQwF9cfojO07Kpaj9ltnPzxPFshQMW3PJVOJ91aDrrCoS7Xb R+VsQDNpVjnuIQLPnfVpdUoZAe7X+/GKThGZiq3xeuP6QBwrf6CBtI/ny0rab7l7Y7Bn DGZb5bvW6DK3b/65sgMSYOtK2obe4wLJwV+fR4pz72XPd2qwOQKjXc2l5pY/uubyLdOR EMTA== X-Gm-Message-State: APjAAAVUf3aPSI9nX2T/yqCH/gznhlaeUhMqqbMW+Hj8iaOTXMkBKGCO m+la1bERkdp0awp5Pd34u8nW6g== X-Received: by 2002:a17:902:24b:: with SMTP id 69mr34895534plc.250.1566430380557; Wed, 21 Aug 2019 16:33:00 -0700 (PDT) Received: from [10.17.0.244] ([12.206.222.5]) by smtp.gmail.com with ESMTPSA id w11sm25303530pfi.105.2019.08.21.16.32.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Aug 2019 16:32:59 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: Re: [PATCH 15/15] riscv: disable the EFI PECOFF header for M-mode From: Troy Benjegerdes In-Reply-To: Date: Wed, 21 Aug 2019 16:32:58 -0700 Cc: Atish Patra , "hch@lst.de" , "paul.walmsley@sifive.com" , "linux-riscv@lists.infradead.org" , Damien Le Moal , "linux-kernel@vger.kernel.org" , "palmer@sifive.com" Content-Transfer-Encoding: quoted-printable Message-Id: References: <20190813154747.24256-1-hch@lst.de> <20190813154747.24256-16-hch@lst.de> <3BF39A0F-558D-40E0-880D-27829486F9F0@sifive.com> <4f1677e24a5fcdfd2fda714cdd66f4dbe7817284.camel@wdc.com> To: Anup Patel X-Mailer: Apple Mail (2.3445.9.1) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Aug 21, 2019, at 4:02 PM, Anup Patel wrote: >=20 >=20 >=20 >> -----Original Message----- >> From: linux-kernel-owner@vger.kernel.org > owner@vger.kernel.org> On Behalf Of Troy Benjegerdes >> Sent: Wednesday, August 21, 2019 11:25 PM >> To: Atish Patra >> Cc: hch@lst.de; paul.walmsley@sifive.com; = linux-riscv@lists.infradead.org; >> Damien Le Moal ; linux- >> kernel@vger.kernel.org; palmer@sifive.com >> Subject: Re: [PATCH 15/15] riscv: disable the EFI PECOFF header for = M-mode >>=20 >>=20 >>=20 >>> On Aug 21, 2019, at 10:31 AM, Atish Patra = wrote: >>>=20 >>> On Tue, 2019-08-20 at 21:14 -0700, Troy Benjegerdes wrote: >>>>> On Aug 13, 2019, at 8:47 AM, Christoph Hellwig wrote: >>>>>=20 >>>>> No point in bloating the kernel image with a bootloader header if = we >>>>> run bare metal. >>>>=20 >>>> I would say the same for S-mode. EFI booting should be an option, = not >>>> a requirement. >>>=20 >>> EFI booting is never a requirement on any board. When EFI stub will = be >>> added for kernel, it will be enabled with CONFIG_EFI_STUB only. >>>=20 >>> The current additional header is only 64 bytes and also required for >>> booti in U-boot. So it shouldn't disabled for S-mode. >>>=20 >>> Disabling it for M-Mode Linux is okay because of memory constraint = and >>> M-Mode linux won't use U-boot anyways. >>>=20 >>>> I have M-mode U-boot working with bootelf to start BBL, and at some >>>> point, I=E2=80=99m hoping we can have a M-mode linux kernel be the = SBI >>>> provider for S-mode kernels, >>>=20 >>> Why do you want bloat a M-Mode software with Linux just for SBI >>> implementation? >>>=20 >>> Using Linux as a last stage boot loader i.e. LinuxBoot may make = sense >>> though. >>>=20 >>=20 >> Boot time, and ease of development, and simplified system management. >>=20 >> Having M-mode linux as a supervisor/boot kernel can get us to = responding to >> HTTPS/SSH/etc requests within seconds of power-on, while the = =E2=80=98boot=E2=80=99 >> kernel can be loading guest S-mode kernels from things like NVME = flash >> drives that are going to be a lot more code and development to = support in U- >> boot or any other non-linux dedicated boot loader. >=20 > I don't see why these things cannot be achieved in existing = open-source > bootloaders. In fact, U-boot already has "Falcon" mode for fast = booting. >=20 >>=20 >> There=E2=80=99s also a very strong security argument, as Linux is = going to get the >> largest and broadest security review, and will likely get software = updates a >> lot faster than dedicated boot firmwares will. >=20 > For security, we have to get SW certified with various something like = ISO2626 > standard. This is very common practice in Automotive industry. To = achieve such > a certification for any SW, the size of code base is very very = important. >=20 > Due to this reason, even today Linux (and other big open-source = project) > are very difficult to be security certified. There=E2=80=99s security certified, and then there=E2=80=99s what I = personally consider secure. The second category is code that I know is widely audited by lots of = people, and gets quickly updated when there is a problem. I like U-boot, and I = think its a great solution for industry, it=E2=80=99s just not the only = solution that could be=20 used. >=20 >>=20 >> Another reason would be sharing the same kernel binary (elf file) for = both >> M-mode, and S-mode, and using the device tree passed to each to = specify >> which mode it should be running it. There are probably a bunch of = gotchas >> with this idea, and even so I suspect someone will decide to go ahead = and >> just do it eventually because it could make testing, validation, and = security >> updates a lot easier from an operational/deployment point of view. >>=20 >> Linuxbios convinced me that if you want to do a really large cluster, = you can >> build, manage, and run such a thing with fewer people and engineering = cost >> than if you have all these extra layers of boot firmware that require = some >> company to have firmware engineers and lots of extra system testing = on the >> firmware. >=20 > I don't by this last argument. These days it's just very few folks = doing firmware, > bootloader, and Linux porting for any new SOC (any architecture). Most = of > the things are already there in various open-source project so same = person > can easily contribute to various projects. >=20 > Regards, > Anup What I see though is we=E2=80=99re duplicating code and work between = bootloaders and kernel, for example the SPI-NOR code, and if it was all linux, it = would be one driver model to learn/remember/track, and one place to fix things. U-boot is great because you can boot other !linux things (like FreeBSD), however if I was purpose building a linux cluster, I would want to be = running linux as early as possible so I can use linux scripting in = bash/go/python and talk to the queue/workload manager over a native high performance = network instead of the extremely limited =E2=80=98hush=E2=80=99 shell and having = to discover which user image to boot with something old and slow like dhcp/tftp/etc.=