Ticket 794: Support for EFI boot
52 views
Skip to first unread message
Eric Shelton
Apr 5, 2014, 10:25:19 AM4/5/14
to qubes...@googlegroups.com
I have successfully gotten Xen to boot directly under EFI, and the changes needed to make it happen are minor. The biggest obstacle is that the Xen added support to build the xen.efi target in 4.2, and Qubes R2 is based on Xen 4.1.
Three things need to be done:
1) Linux kernel patch
The main change that needs to be made is getting the Linux kernel to make the appropriate hypercalls when booting under xen.efi. Patches are readily available:
a) Patches against 3.9.3 can be found here:
http://lists.xen.org/archives/html/xen-devel/2013-05/msg02303.html
b) A slightly newer patch (might have been against 3.10 or 3.11) can be found here:
http://lists.xen.org/archives/html/xen-devel/2013-08/msg01505.html
c) The most recent patches, which are being run through LKML, are here:
http://lkml.org/lkml/2014/3/25/444
I imagine the patches will be formally incorporated into the Linux kernel in the near future; the code is good, and simply needs to be refactored to meet the maintainers' architectural goals.
2) Add PEP target support to binutils
If binutils is built with "--enable-targets=x86_64-pep", the Xen makefiles will automatically build xen.efi
https://bbs.archlinux.org/viewtopic.php?id=174226 touches on some of this.
3) Modify the install process to install the EFI-related files
I am not particularly familiar with the Fedora stuff, so I can't offer much advice. For the most part, I believe you need to create a FAT32 filesystem that will be recognized by the EFI BIOS, create a /EFI directory, and copy xen.efi, linux-kernel.efi, and xen.cfg into it.
[NOTE: Qubes' continued reliance on Xen 4.1 - now 3 years old - has been an ongoing obstacle for my use of Qubes; there are a number of features added to Xen since 4.1 that I have either needed or wanted to make use of. I understand the transition to XL in 4.2 presented a big problem for Qubes due to its use of xend. However, you already overcame this a year or so ago via the Odyssey HAL. Given this has been done, any effort I might make to get Qubes to work with XL would be wasted effort. It is somewhat frustrating that Odyssey and the more modern developments in Xen have for some time remained unavailable pending completion of Qubes R2. It's now well over a year out from the release of R2 Beta 2, the version that was released at the time you announced Odyssey and its intended release plan, with no sign of RC 1 getting out of the "it will be ready when it's ready" stage, let alone the final R2.
Back in October (https://groups.google.com/d/msg/qubes-devel/pZ5Jzrnoff0/H-VQnEjKvmgJ), you expected the Odyssey source code would be released "around New Year, or early [this] year." I don't know if this was based on an overly optimistic timeline for R2, but regardless of that, could Odyssey please be released soon? At least in my case, this makes a significant difference as to whether I can contribute to the project.]
Back in October (https://groups.google.com/d/msg/qubes-devel/pZ5Jzrnoff0/H-VQnEjKvmgJ), you expected the Odyssey source code would be released "around New Year, or early [this] year." I don't know if this was based on an overly optimistic timeline for R2, but regardless of that, could Odyssey please be released soon? At least in my case, this makes a significant difference as to whether I can contribute to the project.]
Three things need to be done:
1) Linux kernel patch
The main change that needs to be made is getting the Linux kernel to make the appropriate hypercalls when booting under xen.efi. Patches are readily available:
a) Patches against 3.9.3 can be found here:
http://lists.xen.org/archives/html/xen-devel/2013-05/msg02303.html
b) A slightly newer patch (might have been against 3.10 or 3.11) can be found here:
http://lists.xen.org/archives/html/xen-devel/2013-08/msg01505.html
c) The most recent patches, which are being run through LKML, are here:
http://lkml.org/lkml/2014/3/25/444
I imagine the patches will be formally incorporated into the Linux kernel in the near future; the code is good, and simply needs to be refactored to meet the maintainers' architectural goals.
2) Add PEP target support to binutils
If binutils is built with "--enable-targets=x86_64-pep", the Xen makefiles will automatically build xen.efi
https://bbs.archlinux.org/viewtopic.php?id=174226 touches on some of this.
3) Modify the install process to install the EFI-related files
I am not particularly familiar with the Fedora stuff, so I can't offer much advice. For the most part, I believe you need to create a FAT32 filesystem that will be recognized by the EFI BIOS, create a /EFI directory, and copy xen.efi, linux-kernel.efi, and xen.cfg into it.
Joanna Rutkowska
Apr 5, 2014, 11:43:28 AM4/5/14
to Eric Shelton, qubes...@googlegroups.com
On 04/05/14 16:25, Eric Shelton wrote:
> I have successfully gotten Xen to boot directly under EFI, and the changes
> needed to make it happen are minor. The biggest obstacle is that the Xen
> added support to build the xen.efi target in 4.2, and Qubes R2 is based on
> Xen 4.1.
>
>
>
>
> *[NOTE: Qubes' continued reliance on Xen 4.1 - now 3 years old - has been
> I have successfully gotten Xen to boot directly under EFI, and the changes
> needed to make it happen are minor. The biggest obstacle is that the Xen
> added support to build the xen.efi target in 4.2, and Qubes R2 is based on
> Xen 4.1.
>
>
>
>
> an ongoing obstacle for my use of Qubes; there are a number of features
> added to Xen since 4.1 that I have either needed or wanted to make use of.
> I understand the transition to XL in 4.2 presented a big problem for Qubes
> due to its use of xend. However, you already overcame this a year or so
> ago via the Odyssey HAL. Given this has been done, any effort I might make
> to get Qubes to work with XL would be wasted effort. It is somewhat
> frustrating that Odyssey and the more modern developments in Xen have for
> some time remained unavailable pending completion of Qubes R2. It's now
> well over a year out from the release of R2 Beta 2, the version that was
> released at the time you announced Odyssey and its intended release plan,
> with no sign of RC 1 getting out of the "it will be ready when it's ready"
> stage, let alone the final R2.Back in October
> added to Xen since 4.1 that I have either needed or wanted to make use of.
> I understand the transition to XL in 4.2 presented a big problem for Qubes
> due to its use of xend. However, you already overcame this a year or so
> ago via the Odyssey HAL. Given this has been done, any effort I might make
> to get Qubes to work with XL would be wasted effort. It is somewhat
> frustrating that Odyssey and the more modern developments in Xen have for
> some time remained unavailable pending completion of Qubes R2. It's now
> well over a year out from the release of R2 Beta 2, the version that was
> released at the time you announced Odyssey and its intended release plan,
> with no sign of RC 1 getting out of the "it will be ready when it's ready"
> (https://groups.google.com/d/msg/qubes-devel/pZ5Jzrnoff0/H-VQnEjKvmgJ), you
> expected the Odyssey source code would be released "around New Year, or
> early [this] year." I don't know if this was based on an overly optimistic
> timeline for R2, but regardless of that, could Odyssey please be released
> soon? At least in my case, this makes a significant difference as to
> whether I can contribute to the project.]*
> expected the Odyssey source code would be released "around New Year, or
> early [this] year." I don't know if this was based on an overly optimistic
> timeline for R2, but regardless of that, could Odyssey please be released
> soon? At least in my case, this makes a significant difference as to
>
Odyssey Framework will be released as soon as its ready for release.
> Three things need to be done:
>
> 1) Linux kernel patch
> The main change that needs to be made is getting the Linux kernel to make
> the appropriate hypercalls when booting under xen.efi. Patches are readily
> available:
>
> a) Patches against 3.9.3 can be found here:
> http://lists.xen.org/archives/html/xen-devel/2013-05/msg02303.html
>
> b) A slightly newer patch (might have been against 3.10 or 3.11) can be
> found here:
> http://lists.xen.org/archives/html/xen-devel/2013-08/msg01505.html
>
> c) The most recent patches, which are being run through LKML, are here:
> http://lkml.org/lkml/2014/3/25/444
>
> I imagine the patches will be formally incorporated into the Linux kernel
> in the near future; the code is good, and simply needs to be refactored to
> meet the maintainers' architectural goals.
>
> 2) Add PEP target support to binutils
> If binutils is built with "--enable-targets=x86_64-pep", the Xen makefiles
> will automatically build xen.efi
>
> https://bbs.archlinux.org/viewtopic.php?id=174226 touches on some of this.
>
> 3) Modify the install process to install the EFI-related files
> I am not particularly familiar with the Fedora stuff, so I can't offer much
> advice. For the most part, I believe you need to create a FAT32 filesystem
> that will be recognized by the EFI BIOS, create a /EFI directory, and copy
> xen.efi, linux-kernel.efi, and xen.cfg into it.
>
going to introduce any such changes. We might consider further updates
to Qubes R2 (after R2 gets released). In any case, if you wanted such
changes to be implemented, the proper way to handle this would be to
send us patches (not just instructions). That should not be interpreted
as statement that we will accept all the patches sent, of course.
joanna.
Reply all
Reply to author
Forward
0 new messages