Xen project Mailing List

Re: [PATCH v2 20/22] x86/slaunch: support EFI boot

To: Demi Marie Obenour <demiobenour@xxxxxxxxx>

From: Sergii Dmytruk <sergii.dmytruk@xxxxxxxxx>

Date: Thu, 15 May 2025 17:39:05 +0300

Authentication-results: garm.ovh; auth=pass (GARM-101G0046098e410-b8c9-4abb-8407-df55a892e50a, 387E45D97A4461B8A9D628297587A76108926964) smtp.auth=sergii.dmytruk@xxxxxxxxx

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Ross Philipson <ross.philipson@xxxxxxxxxx>, trenchboot-devel@xxxxxxxxxxxxxxxx

Delivery-date: Thu, 15 May 2025 14:39:35 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Wed, May 14, 2025 at 11:58:49AM -0400, Demi Marie Obenour wrote: > On 5/14/25 10:24 AM, Sergii Dmytruk wrote: > > On Tue, May 13, 2025 at 09:25:44PM -0400, Demi Marie Obenour wrote: > >> On 5/13/25 1:05 PM, Sergii Dmytruk wrote: > > That sentence in the commit message is worth rewording. GRUB isn't a > > requirement, any TrenchBoot-enabled bootloader (or anything that wants > > to act as a bootloader) can be used. systemd-boot could implement > > Secure Launch specification [0] and start Xen/Linux/something else via > > DRTM. Usage without a real bootloader could be implemented similarly > > via some EFI stub that has binaries embedded into it or that can load > > them from a drive. > > > > Mind that at least Intel and AMD DRTM implementations require a DCE [1] > > binary that depends on a vendor, firmware version or a CPU generation. > > So even embedding all code into every kernel-like software won't produce > > self-contained DRTM-capable images. > > > > [0]: https://trenchboot.org/specifications/Secure_Launch/ > > [1]: > > https://trenchboot.org/theory/Glossary/#dynamic-configuration-environment-dce > > Why is it better for Xen to rely on the bootloader to implement the > specification, instead of xen.efi itself implementing secure launch? > That would make secure launch significantly more usable. For an > initial implementation it makes sense to rely on the bootloader, but > in the future it would be better for xen.efi to have its own > implementation. That specification is not exactly about DRTM, which is specified by CPU vendors. It's about an interface between what starts DRTM (a bootloader in a broad sense) and what uses on it (kernels, hypervisors, etc.). If the whole process is performed by a single entity, there is no need for the specification. What starts DRTM needs to ensure the system supports DRTM and should then put it in a state suitable for DRTM start. What uses DRTM needs to know much less and can heavily rely on the information from a bootloader. Ideally, Xen/Linux would be able to handle DRTM uniformly on different hardware, but the reality is that abstracting away some differences is nearly impossible. > Is the code being added to GRUB for secure launch under a license > that would allow it to be used in Xen as well? GRUB's changes are GPL3-or-later, but that shouldn't be a problem, authors will likely agree to relicense it as GPL2-or-later for Xen. Regards

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.