Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp326271rwr; Wed, 19 Apr 2023 23:11:33 -0700 (PDT) X-Google-Smtp-Source: AKy350az24L55fRVRTuNkPfNaFiXsdZj8tmdrg/hbUCNHvnS64YzyeMA2ROr8no4o1tM8SA4sQOz X-Received: by 2002:a05:6a00:1818:b0:634:10a8:538c with SMTP id y24-20020a056a00181800b0063410a8538cmr128427pfa.12.1681971093050; Wed, 19 Apr 2023 23:11:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681971093; cv=none; d=google.com; s=arc-20160816; b=n4d4WR+jEdgcCF9LLc/v5b427TFZqICKIDs97uCp3cd4Y0RhcMu5XPVCo5GYx+Hkgc B+srNsZCQnlIMA6/dGWHlhj8kjQGpU0tCoOp/QtFLIJL/cBadETPeji/WHJntjWIIiLH d3Ww53O1b0KmdKo3cjOLmxAiW1Gda8cIxQhARgsvEfR8qStI20/WPwpJ4X3oh1R0l3HR ec8bt9cRYg9HlP+WpFjA8UGXt0qKXT2atzG8Kxur7fTmElHu4lC1YZLB0oYdSEh3zB29 a5PrjmPVO6QXOkEXye85EKbToZic7Kfff20UTv/TPcniwFSwuZ7e7jmIHjEdkdVftDc1 Bmdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=wSFuSvux7VnCbOpwwSFApJu6KXSS6fzL4QItxFfANDg=; b=v83bq23h/B4YKqOdmPnw/hXIP42yOSv2JnbX1qposMpxdFl3cCCg97Q95BnmT517vt p0F2gfAO+IS/1bklYM3y6p142AG4tguQF2M0FX5Gon3FkqB+4L+7BfDSOoivm2YU2A2J gZa9mtx/mPB/b+o22hsiWjQz8z7RCOq5LtP15lZIEIHpExnV2ZspUOK9ol63suhoJjtA 1RqkKIbTQx5I+rtoSryOkLHwwSjPfqH6/IJOHWkLywlCFyyh/20my3MYl2pd0zOIW/m1 bhnQWMnVXD60ap5UVFmlQfSVNpCQx3f9qo1U+fQicXXCyfUyaTX7j1A+xnn2maztCkFX F7yQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KQi2dS95; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p20-20020a63c154000000b0050300b179f3si710725pgi.444.2023.04.19.23.11.17; Wed, 19 Apr 2023 23:11:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KQi2dS95; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229496AbjDTGIo (ORCPT + 99 others); Thu, 20 Apr 2023 02:08:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57290 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230521AbjDTGIm (ORCPT ); Thu, 20 Apr 2023 02:08:42 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AD224681 for ; Wed, 19 Apr 2023 23:07:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1681970875; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=wSFuSvux7VnCbOpwwSFApJu6KXSS6fzL4QItxFfANDg=; b=KQi2dS95YYbcmpqogjewDwYdeoCz0kh8DK++YDzLn47yJcrr09JOHcb4ZYLOo8ReUjvl7o K6fhUQNeOsWMD41ep84S8uC7b1pO5oahH0FUIWwuNXcJuKHof/YQ/UDLkf5vhZ9GiYhUuT YQ3ucX/bEA6nOe9J4Jq9wd7jF49zqfU= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-609-Q6NMGBi1NumcfzANwCxDWQ-1; Thu, 20 Apr 2023 02:07:52 -0400 X-MC-Unique: Q6NMGBi1NumcfzANwCxDWQ-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 56C01185A78F; Thu, 20 Apr 2023 06:07:51 +0000 (UTC) Received: from sirius.home.kraxel.org (unknown [10.39.192.59]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B727F492B05; Thu, 20 Apr 2023 06:07:50 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 84C6D18009A9; Thu, 20 Apr 2023 08:07:49 +0200 (CEST) Date: Thu, 20 Apr 2023 08:07:49 +0200 From: Gerd Hoffmann To: Ard Biesheuvel Cc: linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, Evgeniy Baskov , Borislav Petkov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Dave Young , Mario Limonciello , Kees Cook , Tom Lendacky , "Kirill A . Shutemov" , Linus Torvalds Subject: Re: [RFC PATCH 0/3] efi: Implement generic zboot support Message-ID: <3zm36sbx4enlqaumxxz2gp3f6etwzhlfotqrqxsus2r6xulwvm@saqniauxenmi> References: <20230416120729.2470762-1-ardb@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, > > Realistically, the second option is unlikely to ever be used on x86, > > > > What would be needed to do so? Teach kexec-tools and grub2 parse and > > load zboot kernels I guess? > > I already implemented this for mach-virt here, so we can load Fedora > kernels without firmware: > > https://gitlab.com/qemu-project/qemu/-/commit/ff11422804cd03494cc98691eecd3909ea09ab6f > > On arm64, this is probably more straight-forward, as the bare metal > image is already intended to be booted directly like that. However, > the x86 uncompressed image requires surprisingly little from all the > boot_params/setup_header cruft to actually boot, so perhaps there it > is easy too. For existing boot loaders like grub I'd expect it being easy to code up, all the setup header code exists already, grub also has support for uncompressing stuff, so it should really be only zboot header parsing and some plumbing to get things going (i.e. have grub boot efi zboot kernels in bios mode). Disclaimer: didn't actually check grub source code. I suspect the bigger problem wrt. grub is that getting patches merged upstream is extremely slow and every distro carries a huge stack of patches ... take care, Gerd