Xen project Mailing List

Re: [PATCH 1/3] x86/EFI: Fix detection of buildid

From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>

Date: Thu, 5 Jun 2025 15:34:59 +0200

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Daniel P . Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 05 Jun 2025 13:35:13 +0000

Feedback-id: i1568416f:Fastmail

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Jun 05, 2025 at 03:08:07PM +0200, Jan Beulich wrote: > On 05.06.2025 14:20, Marek Marczykowski-Górecki wrote: > > On Thu, Jun 05, 2025 at 02:02:21PM +0200, Jan Beulich wrote: > >> On 05.06.2025 13:16, Andrew Cooper wrote: > >>> The format of the buildid is a property of the binary, not a property of > >>> how > >>> it was loaded. This fixes buildid recognition when starting xen.efi from > >>> it's > >>> MB2 entrypoint. > >>> > >>> Suggested-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx> > >>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > >> > >> I'll pick this up without a Fixes: tag, but I think it ought to have one. > >> (I > >> didn't check whether MB2 or build-id support came later, hence introducing > >> the > >> issue.) > >> > >>> --- a/xen/common/version.c > >>> +++ b/xen/common/version.c > >>> @@ -203,8 +203,11 @@ void __init xen_build_init(void) > >>> rc = xen_build_id_check(n, sz, &build_id_p, &build_id_len); > >>> > >>> #ifdef CONFIG_X86 > >>> - /* Alternatively we may have a CodeView record from an EFI build. */ > >>> - if ( rc && efi_enabled(EFI_LOADER) ) > >>> + /* > >>> + * xen.efi built with a new enough toolchain will have a CodeView > >>> record, > >>> + * not an ELF note. > >>> + */ > >>> + if ( rc ) > >> > >> Instead of dropping the efi_enabled(), I think you want to replace > >> EFI_LOADER > >> by EFI_BOOT. > > > > Part of the motivation for MB2 entry point in xen.efi is using the > > same binary in all boot modes, including legacy boot - in which case > > none of EFI_* checks would be appropriate here. The grub series adds > > support for loading PE binaries, and IIUC it isn't tied to booting via > > EFI. > > "The grub series" being which one? https://lists.gnu.org/archive/html/grub-devel/2024-03/msg00080.html | This patch series implements support for loading and verifying a signed | xen binary. This would allow the same xen binary to be used for BIOS | boot, UEFI boot, and UEFI boot with Secure Boot verification. | There is an accompanying Xen patch series. > I didn't know xen.efi's non-EFI MB2 entry > point could be used; instead I was under the impression that someone was > having (half?) a patch eliminating the MB data from xen.efi, as being dead > code. See also https://lore.kernel.org/xen-devel/CAG7k0EroeA=cRRDWnJqzH8esoaSmtg8-xjTwc-01og5R9JwPzg@xxxxxxxxxxxxxx/ for some extra context. -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.