[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 0/5] Support Secure Boot for multiboot2 Xen

On 22.01.2021 01:51, Bobby Eshleman wrote:
> This is version 3 for a patch set sent out to the ML in 2018 [1] to
> support UEFI Secure Boot for Xen on multiboot2 platforms.
> 
> A new binary, xen.mb.efi, is built.  It contains the mb2 header as well
> as a hand-crafted PE/COFF header.  The dom0 kernel is verified using the
> shim lock protocol.
> 
> I followed with v2 feedback and attempted to convert the PE/COFF header
> into C instead of ASM.  Unfortunately, this was only possible for the
> first part (Legacy) of the PE/COFF header.  The other parts required
> addresses only available at link time (such as __2M_rwdata_end,
> __pe_SizeOfImage, efi_mb_start address, etc...), which effectively ruled
> out C.

I don't follow the conclusion drawn, so would you mind going into
further detail?

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.