[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] docs/sphinx: How Xen Boots on x86


  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Mon, 9 Dec 2019 16:42:42 +0000
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@xxxxxxxxxx; spf=Pass smtp.mailfrom=Andrew.Cooper3@xxxxxxxxxx; spf=None smtp.helo=postmaster@xxxxxxxxxxxxxxx
  • Autocrypt: addr=andrew.cooper3@xxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFLhNn8BEADVhE+Hb8i0GV6mihnnr/uiQQdPF8kUoFzCOPXkf7jQ5sLYeJa0cQi6Penp VtiFYznTairnVsN5J+ujSTIb+OlMSJUWV4opS7WVNnxHbFTPYZVQ3erv7NKc2iVizCRZ2Kxn srM1oPXWRic8BIAdYOKOloF2300SL/bIpeD+x7h3w9B/qez7nOin5NzkxgFoaUeIal12pXSR Q354FKFoy6Vh96gc4VRqte3jw8mPuJQpfws+Pb+swvSf/i1q1+1I4jsRQQh2m6OTADHIqg2E ofTYAEh7R5HfPx0EXoEDMdRjOeKn8+vvkAwhviWXTHlG3R1QkbE5M/oywnZ83udJmi+lxjJ5 YhQ5IzomvJ16H0Bq+TLyVLO/VRksp1VR9HxCzItLNCS8PdpYYz5TC204ViycobYU65WMpzWe LFAGn8jSS25XIpqv0Y9k87dLbctKKA14Ifw2kq5OIVu2FuX+3i446JOa2vpCI9GcjCzi3oHV e00bzYiHMIl0FICrNJU0Kjho8pdo0m2uxkn6SYEpogAy9pnatUlO+erL4LqFUO7GXSdBRbw5 gNt25XTLdSFuZtMxkY3tq8MFss5QnjhehCVPEpE6y9ZjI4XB8ad1G4oBHVGK5LMsvg22PfMJ ISWFSHoF/B5+lHkCKWkFxZ0gZn33ju5n6/FOdEx4B8cMJt+cWwARAQABtClBbmRyZXcgQ29v cGVyIDxhbmRyZXcuY29vcGVyM0BjaXRyaXguY29tPokCOgQTAQgAJAIbAwULCQgHAwUVCgkI CwUWAgMBAAIeAQIXgAUCWKD95wIZAQAKCRBlw/kGpdefoHbdD/9AIoR3k6fKl+RFiFpyAhvO 59ttDFI7nIAnlYngev2XUR3acFElJATHSDO0ju+hqWqAb8kVijXLops0gOfqt3VPZq9cuHlh IMDquatGLzAadfFx2eQYIYT+FYuMoPZy/aTUazmJIDVxP7L383grjIkn+7tAv+qeDfE+txL4 SAm1UHNvmdfgL2/lcmL3xRh7sub3nJilM93RWX1Pe5LBSDXO45uzCGEdst6uSlzYR/MEr+5Z JQQ32JV64zwvf/aKaagSQSQMYNX9JFgfZ3TKWC1KJQbX5ssoX/5hNLqxMcZV3TN7kU8I3kjK mPec9+1nECOjjJSO/h4P0sBZyIUGfguwzhEeGf4sMCuSEM4xjCnwiBwftR17sr0spYcOpqET ZGcAmyYcNjy6CYadNCnfR40vhhWuCfNCBzWnUW0lFoo12wb0YnzoOLjvfD6OL3JjIUJNOmJy RCsJ5IA/Iz33RhSVRmROu+TztwuThClw63g7+hoyewv7BemKyuU6FTVhjjW+XUWmS/FzknSi dAG+insr0746cTPpSkGl3KAXeWDGJzve7/SBBfyznWCMGaf8E2P1oOdIZRxHgWj0zNr1+ooF /PzgLPiCI4OMUttTlEKChgbUTQ+5o0P080JojqfXwbPAyumbaYcQNiH1/xYbJdOFSiBv9rpt TQTBLzDKXok86LkCDQRS4TZ/ARAAkgqudHsp+hd82UVkvgnlqZjzz2vyrYfz7bkPtXaGb9H4 Rfo7mQsEQavEBdWWjbga6eMnDqtu+FC+qeTGYebToxEyp2lKDSoAsvt8w82tIlP/EbmRbDVn 7bhjBlfRcFjVYw8uVDPptT0TV47vpoCVkTwcyb6OltJrvg/QzV9f07DJswuda1JH3/qvYu0p vjPnYvCq4NsqY2XSdAJ02HrdYPFtNyPEntu1n1KK+gJrstjtw7KsZ4ygXYrsm/oCBiVW/OgU g/XIlGErkrxe4vQvJyVwg6YH653YTX5hLLUEL1NS4TCo47RP+wi6y+TnuAL36UtK/uFyEuPy wwrDVcC4cIFhYSfsO0BumEI65yu7a8aHbGfq2lW251UcoU48Z27ZUUZd2Dr6O/n8poQHbaTd 6bJJSjzGGHZVbRP9UQ3lkmkmc0+XCHmj5WhwNNYjgbbmML7y0fsJT5RgvefAIFfHBg7fTY/i kBEimoUsTEQz+N4hbKwo1hULfVxDJStE4sbPhjbsPCrlXf6W9CxSyQ0qmZ2bXsLQYRj2xqd1 bpA+1o1j2N4/au1R/uSiUFjewJdT/LX1EklKDcQwpk06Af/N7VZtSfEJeRV04unbsKVXWZAk uAJyDDKN99ziC0Wz5kcPyVD1HNf8bgaqGDzrv3TfYjwqayRFcMf7xJaL9xXedMcAEQEAAYkC HwQYAQgACQUCUuE2fwIbDAAKCRBlw/kGpdefoG4XEACD1Qf/er8EA7g23HMxYWd3FXHThrVQ HgiGdk5Yh632vjOm9L4sd/GCEACVQKjsu98e8o3ysitFlznEns5EAAXEbITrgKWXDDUWGYxd pnjj2u+GkVdsOAGk0kxczX6s+VRBhpbBI2PWnOsRJgU2n10PZ3mZD4Xu9kU2IXYmuW+e5KCA vTArRUdCrAtIa1k01sPipPPw6dfxx2e5asy21YOytzxuWFfJTGnVxZZSCyLUO83sh6OZhJkk b9rxL9wPmpN/t2IPaEKoAc0FTQZS36wAMOXkBh24PQ9gaLJvfPKpNzGD8XWR5HHF0NLIJhgg 4ZlEXQ2fVp3XrtocHqhu4UZR4koCijgB8sB7Tb0GCpwK+C4UePdFLfhKyRdSXuvY3AHJd4CP 4JzW0Bzq/WXY3XMOzUTYApGQpnUpdOmuQSfpV9MQO+/jo7r6yPbxT7CwRS5dcQPzUiuHLK9i nvjREdh84qycnx0/6dDroYhp0DFv4udxuAvt1h4wGwTPRQZerSm4xaYegEFusyhbZrI0U9tJ B8WrhBLXDiYlyJT6zOV2yZFuW47VrLsjYnHwn27hmxTC/7tvG3euCklmkn9Sl9IAKFu29RSo d5bD8kMSCYsTqtTfT6W4A3qHGvIDta3ptLYpIAOD2sY3GYq2nf3Bbzx81wZK14JdDDHUX2Rs 6+ahAA==
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 09 Dec 2019 16:42:51 +0000
  • Ironport-sdr: kkvdwvbOW6eKqyQGnsXSv60erkIWQNOvErpq0yS6CtRKXd7O5qZFPVIWr9QLj/FVSZI16GDV5m w+lyineNwjCwpw0gPh8w62kuwiZicEHn2OCqP7CL/FFDJPIPLu+fE55/V2cnjRG9TeVrytkw/V uACRuxt/6JsnoTnZkECXvMtS59lV+r98VyUYXc6CYvNuZ/DEy0fBXZuwPJuAfDSijwRqgiIErH 6CcoIL57XpOD5zmGfsH2TEM6sXns0qZOyCDu3b7Eut9bgrcUu8pkusYgJL3SBjux6R0qsQk9sZ /ds=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Openpgp: preference=signencrypt

On 09/12/2019 15:20, Jan Beulich wrote:
> On 06.12.2019 20:34, Andrew Cooper wrote:
>> Begin to document how the x86 build of Xen boots.  It is by no means 
>> complete,
>> but is a start.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> ---
>> CC: Jan Beulich <JBeulich@xxxxxxxx>
>> CC: Wei Liu <wl@xxxxxxx>
>> CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>>
>> This came about while I sat in SFO waiting for a delayed flight, and was 
>> asked
>> a question by the Trenchboot folk.
>>
>> Writing it down like this already highlights some issues, such as the EFI
>> binary having MB1/MB2 headers.
> While at least the MB1 ones aren't really necessary, they also don't
> do any harm, do they?

At least one version of iPXE seems to prefer MB2 over PE, which is why I
was asked "where are Xen's entrypoints?" in the first place.

>
>> --- /dev/null
>> +++ b/docs/hypervisor-guide/x86/how-xen-boots.rst
>> @@ -0,0 +1,101 @@
>> +.. SPDX-License-Identifier: CC-BY-4.0
>> +
>> +How Xen Boots
>> +=============
>> +
>> +This is an at-a-glance reference of Xen's booting capabilities and
>> +expectations.
>> +
>> +
>> +Build
>> +-----
>> +
>> +A build of xen produces ``xen.gz`` and optionally ``xen.efi`` as final
>> +artefacts.
>> +
>> + * For BIOS, Xen supports the Multiboot 1 and 2 protocols.
>> +
>> + * For EFI, Xen supports Multiboot 2 with EFI extensions, and native EFI64.
>> +
>> + * For virtualisation, Xen supports starting directly with the PVH boot
>> +   protocol.
>> +
>> +
>> +Objects
>> +~~~~~~~
>> +
>> +To begin with, most object files are compiled and linked.  This includes the
>> +Multiboot 1 and 2 headers and entrypoints, including the Multiboot 2 tags 
>> for
>> +EFI extensions.  When ``CONFIG_PVH_GUEST`` is selected at build time, this
>> +includes the PVH entrypoint and associated ELF notes.
>> +
>> +Depending on whether the compiler supports ``__attribute__((__ms_abi__))`` 
>> or
>> +not, either an EFI stub is included which nops/fails applicable setup calls,
>> +or full EFI support is included.
> Perhaps also mention that the linker needs to support the necessary
> binary output format? And perhaps "setup and runtime calls"?

Link time behaviour is (deliberately) in a later section.

>
>> +Protocols and entrypoints
>> +~~~~~~~~~~~~~~~~~~~~~~~~~
>> +
>> +All headers and tags are built in ``xen/arch/x86/boot/head.S``
>> +
>> +The Multiboot 1 headers request aligned modules and memory information.  
>> Entry
>> +is via the start of the binary image, which is the ``start`` symbol.  This
>> +entrypoint must be started in 32bit mode.
>> +
>> +The Multiboot 2 headers are more flexible, and in addition request that the
>> +image be loaded as high as possible below the 4G boundary, with 2M 
>> alignment.
>> +Entry is still via the ``start`` symbol as with MB1.
> Perhaps explicitly (re)state this is in 32-bit mode?
>
>> +Headers for the EFI MB2 extensions are also present.  These request that
>> +``ExitBootServices()`` not be called, and register ``__efi_mb2_start`` as an
>> +alternative entrypoint, entered in 64bit mode.
>> +
>> +If ``CONFIG_PVH_GUEST`` was selected at build time, an Elf note is included
>> +which indicates the ability to use the PVH boot protocol, and registers
>> +``__pvh_start`` as the entrypoint, entered in 32bit mode.
>> +
>> +
>> +xen.gz
>> +~~~~~~
>> +
>> +The objects are linked together to form ``xen-syms`` which is an ELF64
>> +executable with full debugging symbols.  ``xen.gz`` is formed by stripping
>> +``xen-syms``, then repackaging the result as an ELF32 object with a single
>> +load section at 2MB, and ``gzip``-ing the result.  Despite the ELF32 having 
>> a
>> +fixed load address, its contents are relocatable.
> This is a little ambiguous I guess - most of the code is PIC and as
> such relocatable, but not in a way a boot loader could arrange for.

I don't follow your concern.

Everything which needs to be is position independent (subject to being
loaded on a 2M boundary IIRC), and this property is requested by the MB2
header.

>
>> +Any bootloader which unzips the binary and follows the ELF headers will 
>> place
>> +it at the 2M boundary and jump to ``start`` which is the identified entry
>> +point.  However, Xen depends on being entered with the MB1 or MB2 protocols,
>> +and will terminate otherwise.
>> +
>> +The MB2+EFI entrypoint depends on being entered with the MB2 protocol, and
>> +will terminate if the entry protocol is wrong, or if EFI details aren't
>> +provided, or if EFI Boot Services are not available.
>> +
>> +
>> +xen.efi
>> +~~~~~~~
>> +
>> +When a PEI-capable toolchain is found, the objects are linked together and a
>> +PE64 binary is created.  It can be run directly from the EFI shell, and has
> I think it's commonly called PE32+, not PE64.

Ok., because by definition, it can stack.

>
> Maybe also mention the "chainloader" grub command it can be used with?
> Or do we consider this uninteresting enough with modern grub?

I wasn't planning to consider chainloading, as it isn't really relevant
to how Xen starts, and can be stacked in many more interesting ways than
usefully be described.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.