Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp2450262rwb; Sat, 8 Oct 2022 08:03:14 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4x7WfGWGhVgPZmne8b3EXA91XQxNYvFPKGWFCmeB9S2S9EwlHeIYbzU4ZYq0WoBhoShCvY X-Received: by 2002:a17:907:2e0b:b0:78d:387d:1579 with SMTP id ig11-20020a1709072e0b00b0078d387d1579mr7853706ejc.761.1665241393746; Sat, 08 Oct 2022 08:03:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665241393; cv=none; d=google.com; s=arc-20160816; b=zJ3ZzjgLMtwCQjOyOrvO6RkMniisc2uQ3C+kWVJKGDk+XPluD0UD6e1fRRaNIxfe5/ VGkojO/qiw4FDK6Nmzc3ew6fJd3i3IaaZfYkJHRE8kl65COxM8V4gJjR8NTqe7CXiFNS pgOqkdzHfmqR7bBSoS5ybYrtr7gx9/cohke5F50SfUSHFTfgBvwmo/UPXa0W3lGluANh WgIodpERvgxQaX2qlSB7KCK9crh/oyNW0A3aHBesHkgyJ/sRvPV5eLCkl5/io2wUIvub mExLJ1GKZ8pHJxot5a7OC+Eh9b+z5+KwsSEle78SAaE/3Id38jGn908vF4jLYrLiXuXk SSWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=gzxjyBK9Q/UjuOE0iJjf/g3i6ZX6Y8Nq+z1WQ+83Uyo=; b=UC2kAOWz0RnFiaeP1fQhvEfvBLgc3p4FaOUQ2M1qz9oz2axPQtP4Ob8lAV0MQKmvLc O/t+IdF/WwaFcG7pUlJJFh7oyNa5sdKekbDdBzbxtqBJ258MEmUId1Ufe6khCzVSgG3d DUT3eM+vlrUQCyA19HMhidzIGUbNLb5nxZ6fOtnFTfiorTu4/FDAIVd3mogHgT7FwzXH 5Q9Ak/4bsvuQTi6pOOHHHe6lW0/aZiPQ3qLOCu47kCB+qeHtd6I1WE5bgEAfSpw2VkQz RNJBVJ6Fb8f0xkSPxqw4R7+dx8tualh99jXl9Xi7vM36rpbNMIcp/R5wGmfPSa9raI/7 Exqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=gOtTmpSi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o24-20020a1709064f9800b00783d5a873dcsi4588266eju.341.2022.10.08.08.02.45; Sat, 08 Oct 2022 08:03:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=gOtTmpSi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229683AbiJHOvM (ORCPT + 99 others); Sat, 8 Oct 2022 10:51:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48578 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229602AbiJHOvK (ORCPT ); Sat, 8 Oct 2022 10:51:10 -0400 Received: from mail.skyhub.de (mail.skyhub.de [5.9.137.197]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 98A504DB08; Sat, 8 Oct 2022 07:51:08 -0700 (PDT) Received: from nazgul.tnic (unknown [46.183.103.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id EDA941EC0432; Sat, 8 Oct 2022 16:51:02 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1665240663; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=gzxjyBK9Q/UjuOE0iJjf/g3i6ZX6Y8Nq+z1WQ+83Uyo=; b=gOtTmpSigCUq8gf4Pca0lcVR2vP+iOd5khO9+zByVM4nuK02dCZfdmYOpf8iciVtZMORWn ZVGJ88CW46ErTCIFzL9KB5gqxrJuxRbbuiuGP5G7XiDVS0P3yQOTxlXwT8hkH70Ml+dXgI VtinO09v6mUu+H6i01uatw95ltd/Zo4= Date: Sat, 8 Oct 2022 16:51:05 +0200 From: Borislav Petkov To: Ard Biesheuvel Cc: linux-efi@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] efi: x86: Make the deprecated EFI handover protocol optional Message-ID: References: <20221007172918.3131811-1-ardb@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20221007172918.3131811-1-ardb@kernel.org> X-Spam-Status: No, score=1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_SBL_CSS,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 07, 2022 at 07:29:18PM +0200, Ard Biesheuvel wrote: > Given that loaders such as GRUB already carried the bootparams handling > in order to implement non-EFI boot, retaining that code and just passing > bootparams to the EFI stub was a reasonable choice (although defining an > alternate entrypoint could have been avoided.) However, the GRUB side > changes never made it upstream, and are only shipped by some of the ^^^^^^^^^^^^^^^^^^^^^^^ > distros in their downstream versions. Gotta love that bit particularly. :-( > In the meantime, EFI support has been added to other Linux architecture > ports, as well as to U-boot and systemd, including arch-agnostic methods > for passing initrd images in memory [1], and for doing mixed mode boot > [2], none of them requiring anything like the EFI handover protocol. So > given that only out-of-tree distro GRUB relies on this, let's permit it > to be omitted from the build, in preparation for retiring it completely > at a later date. (Note that systemd-boot does have an implementation as > well, but only uses it as a fallback for booting images that do not > implement the LoadFile2 based initrd loading method, i.e., v5.8 or older) > > [0] https://lore.kernel.org/all/20220927085842.2860715-1-ardb@kernel.org/ > [1] ec93fc371f01 ("efi/libstub: Add support for loading the initrd ...") > [2] 97aa276579b2 ("efi/x86: Add true mixed mode entry point into ...") > > Signed-off-by: Ard Biesheuvel > --- > arch/x86/Kconfig | 12 ++++++++++++ > arch/x86/boot/compressed/head_64.S | 4 +++- > arch/x86/boot/header.S | 2 +- > arch/x86/boot/tools/build.c | 2 ++ > 4 files changed, 18 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index f9920f1341c8..0c8fcb090232 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -1964,6 +1964,18 @@ config EFI_STUB > > See Documentation/admin-guide/efi-stub.rst for more information. > > +config EFI_HANDOVER_PROTOCOL > + bool "EFI handover protocol (DEPRECATED)" > + depends on EFI_STUB > + default y I'd say "default n" here. > + help > + Whether to include support for the deprecated EFI handover protocol, "Select this in order to include..." > + which defines alternative entry points into the EFI stub. This is a > + practice that has no basis in the UEFI specification, and requires > + a priori knowledge on the part of the bootloader about Linux/x86 > + specific ways of passing the command line and initrd, and where in > + memory those assets may be loaded. "If in doubt, say N. This option and accompanying code will disappear in some future kernel as the corresponding GRUB support is not even present in upstream GRUB but only in some distros' versions." > + > config EFI_MIXED > bool "EFI mixed-mode support" > depends on EFI_STUB && X86_64 > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > index 6ba2c2142c33..7bcc50c6cdcc 100644 > --- a/arch/x86/boot/compressed/head_64.S > +++ b/arch/x86/boot/compressed/head_64.S > @@ -286,7 +286,7 @@ SYM_FUNC_START(startup_32) > lret > SYM_FUNC_END(startup_32) > > -#ifdef CONFIG_EFI_MIXED > +#if defined(CONFIG_EFI_MIXED) && defined(CONFIG_EFI_HANDOVER_PROTOCOL) ... Can we use IS_ENABLED() in all that instead, in order to improve readability? In any case, looks good. I'm thinking I'll take it into tip after -rc1 and see who cries and why... Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette