Add `EFI` stub support #909

mogasergiu · 2023-05-25T12:31:13Z

Prerequisite checklist

Read the contribution guidelines regarding submitting new changes to the project;
Tested your changes against relevant architectures and platforms;
Ran the checkpatch.pl on your commit series before opening this PR;
Updated relevant documentation.

Base target

Architecture(s): x86_64, arm64
Platform(s): kvm
Application(s): N/A

Additional configuration

Description of changes

Add support for EFI stub, so that we can boot from an EFI environment without a bootloader as well as have access to EFI structures. Furthermore, add corresponding configurations, as well as a QEMU Virt specific configuration to distinguish, in the case of Aarch64 between the two booting methods.

This PR depends on #907 #772 #848 and #908, therefore it includes them.

NOTE

This is part of a larger set of Pull Requests. To make things easier and to ensure that things build as expected, it is recommended that testing is done based on #912, which includes everything. The splitting has been done to ease the review process.

If `CONFIG_EFI_STUB` is enabled, add to the build system the fake PE header, the architecture generic EFI stub, and the x86 specific post-EFI stub that applies finishing touches to the platform initialization. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

Implements the small ARM specific UEFI entry point which will call the early self relocator, and jump to the architecture generic EFI stub. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

Implement a stub that comes after the architecture generic EFI stub calls the routine that exits `Boot Services`. This is supposed to finish the architecture specific setupin order to be able to have a Unikraft valid initial environment state before `_libkvmplat_start` is execited. Thus, the interrupt flags are masked, the data cache is invalidated in the range of this image's instance and then default, warm reset values are placed into the system registers that EFI would have otherwise left modified. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

If `CONFIG_EFI_STUB` is enabled, add to the build system the ARM UEFI entry stub and the ARM specific post-EFI stub that applies finishing touches to the platform initialization. Add a configuration entry `KVM_BOOT_QEMU_VIRT` to explicitly indicate that we are booting from the default `QEMU virt` environment. This will help us differentiate between UEFI and non-UEFI ARM builds. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

Preferably, a UEFI system is also an ACPI system and thus these functionalities should be implemented through ACPI methods. But for now, make use of UEFI's Runtime Services for resetting the system, since they are more reliable than what we have at the moment. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

Add `Trusted Computing Group`'s `Reset Attack Mitigation` mechanism. Whenever a machine shuts down or reboots, due to lack of electric charge, the contents of RAM may dissipate after a short amount of time. However this may be enough for an attacker to quickly boot again into a custom program and dump memory contents. Thus, by using this, the OS instructs POST BIOS to overwrite memory contents before continuing to boot into the rest of the BIOS code. Since this is not really implemented in `OVMF`'s `NVRAM` variables we disable this by default. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

unikraft-bot · 2023-08-11T10:27:44Z

❗ Checkpatch failed

Beep boop! I ran Unikraft's checkpatch.pl support script on your pull request but it encountered errors:

SHA	commit	checkpatch
`9efe743`	plat/kvm: Add initial UEFI definitions	❌
`a0a787f`	plat/kvm: Expand `KVM_BOOT_PROTO_MULTIBOOT` configuration entry	✅
`743a199`	plat/kvm: Expand `KVM_BOOT_PROTO_LXBOOT` configuration entry	✅
`f8d38ca`	plat/kvm: Add `EFI_STUB` configuration entry	✅
`abb1af9`	plat/kvm: Implement architecture generic EFI stub	⚠️
`b870e8f`	plat/kvm/efi.h: Add EFI File I/O protocols related definitions	❌
`b51309c`	plat/kvm/efi.c: Add command-line arguments support	⚠️
`a012ed5`	plat/kvm/efi.c: Add support for initial RAM disk file	⚠️
`d575edf`	plat/kvm/efi.c: Add support for Devicetree Blob file	✅
`d61e89f`	support/scripts: Add `python3` script to patch fake PE header	✅
`eb13952`	plat/kvm/x86: Add UEFI entry stub	✅
`d87f4e5`	plat/kvm/x86: Add architecture specific post-EFI stub	❌
`735fa95`	plat/kvm/x86: Enable the Unikernel to be built as an UEFI application	✅
`b3d3239`	plat/kvm/arm: Add UEFI entry stub	✅
`e3e3dd5`	plat/kvm/arm: Add architecture specific post-EFI stub	❌
`6cc4cdc`	plat/kvm/arm: Enable the Unikernel to be built as an UEFI application	✅
`ff4e07e`	plat/kvm/shutdown.c: If on a `UEFI` system, rely on Runtime Services	✅
`ec56b2e`	plat/common/efi: Add support for `TCG`'s `Reset Attack Mitigation`	⚠️

Truncated logs starting from first error 9efe743:

WARNING:SPACING: space prohibited before semicolon
#152: FILE: plat/kvm/include/kvm/efi.h:132:
+} ;

WARNING:LINE_SPACING: Missing a blank line after declarations
#177: FILE: plat/kvm/include/kvm/efi.h:157:
+	struct uk_efi_tbl_hdr hdr;
+	uk_efi_tpl_t

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#178: FILE: plat/kvm/include/kvm/efi.h:158:
+	(__uk_efi_api *raise_tpl)(uk_efi_tpl_t new_tpl);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#180: FILE: plat/kvm/include/kvm/efi.h:160:
+	(__uk_efi_api *restore_tpl)(uk_efi_tpl_t old_tpl);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#182: FILE: plat/kvm/include/kvm/efi.h:162:
+	(__uk_efi_api *allocate_pages)(enum uk_efi_alloc_type a_type,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#187: FILE: plat/kvm/include/kvm/efi.h:167:
+	(__uk_efi_api *free_pages)(uk_efi_paddr_t paddr,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#190: FILE: plat/kvm/include/kvm/efi.h:170:
+	(__uk_efi_api *get_memory_map)(uk_efi_uintn_t *map_sz,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#196: FILE: plat/kvm/include/kvm/efi.h:176:
+	(__uk_efi_api *allocate_pool)(enum uk_efi_mem_type type,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#200: FILE: plat/kvm/include/kvm/efi.h:180:
+	(__uk_efi_api *free_pool)(void *buf);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#202: FILE: plat/kvm/include/kvm/efi.h:182:
+	(__uk_efi_api *create_event)(__u32 type,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#209: FILE: plat/kvm/include/kvm/efi.h:189:
+	(__uk_efi_api *set_timer)(uk_efi_event_t event,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#213: FILE: plat/kvm/include/kvm/efi.h:193:
+	(__uk_efi_api *wait_for_event)(uk_efi_uintn_t num_events,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#217: FILE: plat/kvm/include/kvm/efi.h:197:
+	(__uk_efi_api *signal_event)(uk_efi_event_t event);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#219: FILE: plat/kvm/include/kvm/efi.h:199:
+	(__uk_efi_api *close_event)(uk_efi_event_t event);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#221: FILE: plat/kvm/include/kvm/efi.h:201:
+	(__uk_efi_api *check_event)(uk_efi_event_t event);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#223: FILE: plat/kvm/include/kvm/efi.h:203:
+	(__uk_efi_api *install_protocol_interface)(uk_efi_hndl_t hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#228: FILE: plat/kvm/include/kvm/efi.h:208:
+	(__uk_efi_api *reinstall_protocol_interface)(uk_efi_hndl_t hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#232: FILE: plat/kvm/include/kvm/efi.h:212:
+	(__uk_efi_api *uninstall_protocol_interface)(uk_efi_hndl_t hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#236: FILE: plat/kvm/include/kvm/efi.h:216:
+	(__uk_efi_api *handle_protocol)(uk_efi_hndl_t hndl,
 	              ^

WARNING:LINE_SPACING: Missing a blank line after declarations
#241: FILE: plat/kvm/include/kvm/efi.h:221:
+	void *reserved;
+	uk_efi_status_t

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#242: FILE: plat/kvm/include/kvm/efi.h:222:
+	(__uk_efi_api *register_protocol_notify)(struct uk_efi_guid *proto,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#246: FILE: plat/kvm/include/kvm/efi.h:226:
+	(__uk_efi_api *locate_handle)(enum uk_efi_locate_search_type type,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#252: FILE: plat/kvm/include/kvm/efi.h:232:
+	(__uk_efi_api *locate_device_path)(struct uk_efi_guid *proto,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#253: FILE: plat/kvm/include/kvm/efi.h:233:
+					   struct uk_efi_dev_path_proto **dev_path,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#256: FILE: plat/kvm/include/kvm/efi.h:236:
+	(__uk_efi_api *install_configuration_table)(struct uk_efi_guid *guid,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#259: FILE: plat/kvm/include/kvm/efi.h:239:
+	(__uk_efi_api *load_image)(bool boot_policy,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#266: FILE: plat/kvm/include/kvm/efi.h:246:
+	(__uk_efi_api *start_image)(uk_efi_hndl_t img_hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#270: FILE: plat/kvm/include/kvm/efi.h:250:
+	(__uk_efi_api *exit)(uk_efi_hndl_t img_hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#275: FILE: plat/kvm/include/kvm/efi.h:255:
+	(__uk_efi_api *unload_image)(uk_efi_hndl_t img_hndl);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#277: FILE: plat/kvm/include/kvm/efi.h:257:
+	(__uk_efi_api *exit_boot_services)(uk_efi_hndl_t img_hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#280: FILE: plat/kvm/include/kvm/efi.h:260:
+	(__uk_efi_api *get_next_monotonic_count)(__u64 *count);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#282: FILE: plat/kvm/include/kvm/efi.h:262:
+	(__uk_efi_api *stall)(uk_efi_uintn_t ms);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#284: FILE: plat/kvm/include/kvm/efi.h:264:
+	(__uk_efi_api *set_watchdog_timer)(uk_efi_uintn_t timeout,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#289: FILE: plat/kvm/include/kvm/efi.h:269:
+	(__uk_efi_api *connect_controller)(uk_efi_hndl_t ctlr_hndl,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#291: FILE: plat/kvm/include/kvm/efi.h:271:
+					   struct uk_efi_dev_path_proto *rem_dev_path,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#294: FILE: plat/kvm/include/kvm/efi.h:274:
+	(__uk_efi_api *disconnect_controller)(uk_efi_hndl_t ctlr_hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#298: FILE: plat/kvm/include/kvm/efi.h:278:
+	(__uk_efi_api *open_protocol)(uk_efi_hndl_t hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#305: FILE: plat/kvm/include/kvm/efi.h:285:
+	(__uk_efi_api *close_protocol)(uk_efi_hndl_t hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#310: FILE: plat/kvm/include/kvm/efi.h:290:
+	(__uk_efi_api *open_protocol_information)(uk_efi_hndl_t hndl,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#312: FILE: plat/kvm/include/kvm/efi.h:292:
+						  struct uk_efi_open_proto_info_entry *buf,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#315: FILE: plat/kvm/include/kvm/efi.h:295:
+	(__uk_efi_api *protocols_per_handle)(uk_efi_hndl_t hndl,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#319: FILE: plat/kvm/include/kvm/efi.h:299:
+	(__uk_efi_api *locate_handle_buffer)(enum uk_efi_locate_search_type type,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#319: FILE: plat/kvm/include/kvm/efi.h:299:
+	(__uk_efi_api *locate_handle_buffer)(enum uk_efi_locate_search_type type,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#325: FILE: plat/kvm/include/kvm/efi.h:305:
+	(__uk_efi_api *locate_protocol)(struct uk_efi_guid *proto,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#329: FILE: plat/kvm/include/kvm/efi.h:309:
+	(__uk_efi_api *install_multiple_protocol_interfaces)(uk_efi_hndl_t *hndl,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#329: FILE: plat/kvm/include/kvm/efi.h:309:
+	(__uk_efi_api *install_multiple_protocol_interfaces)(uk_efi_hndl_t *hndl,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#332: FILE: plat/kvm/include/kvm/efi.h:312:
+	(__uk_efi_api *uninstall_multiple_protocol_interfaces)(uk_efi_hndl_t *hndl,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#332: FILE: plat/kvm/include/kvm/efi.h:312:
+	(__uk_efi_api *uninstall_multiple_protocol_interfaces)(uk_efi_hndl_t *hndl,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#335: FILE: plat/kvm/include/kvm/efi.h:315:
+	(__uk_efi_api *calculate_crc32)(void *data,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#340: FILE: plat/kvm/include/kvm/efi.h:320:
+	(__uk_efi_api *copy_mem)(void *dest,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#345: FILE: plat/kvm/include/kvm/efi.h:325:
+	(__uk_efi_api *set_mem)(void *buf,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#350: FILE: plat/kvm/include/kvm/efi.h:330:
+	(__uk_efi_api *create_event_ex)(__u32 type,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#352: FILE: plat/kvm/include/kvm/efi.h:332:
+					void (*notify_func)(uk_efi_event_t event,

WARNING:LINE_SPACING: Missing a blank line after declarations
#396: FILE: plat/kvm/include/kvm/efi.h:376:
+	struct uk_efi_tbl_hdr hdr;
+	uk_efi_status_t

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#397: FILE: plat/kvm/include/kvm/efi.h:377:
+	(__uk_efi_api *get_time)(struct uk_efi_time *time,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#400: FILE: plat/kvm/include/kvm/efi.h:380:
+	(__uk_efi_api *set_time)(struct uk_efi_time *time);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#402: FILE: plat/kvm/include/kvm/efi.h:382:
+	(__uk_efi_api *get_wakeup_time)(bool *enabled,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#406: FILE: plat/kvm/include/kvm/efi.h:386:
+	(__uk_efi_api *set_wakeup_time)(bool enabled,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#409: FILE: plat/kvm/include/kvm/efi.h:389:
+	(__uk_efi_api *set_virtual_address_map)(uk_efi_uintn_t mem_map_sz,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#414: FILE: plat/kvm/include/kvm/efi.h:394:
+	(__uk_efi_api *convert_pointer)(uk_efi_uintn_t dbg_disposition,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#417: FILE: plat/kvm/include/kvm/efi.h:397:
+	(__uk_efi_api *get_variable)(__s16 *var_name,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#423: FILE: plat/kvm/include/kvm/efi.h:403:
+	(__uk_efi_api *get_next_variable_name)(uk_efi_uintn_t *var_name_sz,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#427: FILE: plat/kvm/include/kvm/efi.h:407:
+	(__uk_efi_api *set_variable)(__s16 *var_name,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#434: FILE: plat/kvm/include/kvm/efi.h:414:
+	(__uk_efi_api *get_next_high_monotonic_count)(__u32 *hi_count);
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#437: FILE: plat/kvm/include/kvm/efi.h:417:
+	(__uk_efi_api *reset_system)(enum uk_efi_reset_type type,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#443: FILE: plat/kvm/include/kvm/efi.h:423:
+	(__uk_efi_api *update_capsule)(struct uk_efi_capsule_hdr **caps_hdr_arr,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#448: FILE: plat/kvm/include/kvm/efi.h:428:
+	(__uk_efi_api *query_capsule_capabilities)(struct uk_efi_capsule_hdr **caps_hdr_arr,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#448: FILE: plat/kvm/include/kvm/efi.h:428:
+	(__uk_efi_api *query_capsule_capabilities)(struct uk_efi_capsule_hdr **caps_hdr_arr,
 	              ^

WARNING:LONG_LINE: line over 80 characters
#451: FILE: plat/kvm/include/kvm/efi.h:431:
+						   enum uk_efi_reset_type *rst_type);

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#461: FILE: plat/kvm/include/kvm/efi.h:441:
+	(__uk_efi_api *reset)(struct uk_efi_simple_txt_in_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#464: FILE: plat/kvm/include/kvm/efi.h:444:
+	(__uk_efi_api *read_key_stroke)(struct uk_efi_simple_txt_in_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#481: FILE: plat/kvm/include/kvm/efi.h:461:
+	(__uk_efi_api *reset)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#484: FILE: plat/kvm/include/kvm/efi.h:464:
+	(__uk_efi_api *output_string)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#487: FILE: plat/kvm/include/kvm/efi.h:467:
+	(__uk_efi_api *test_string)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#490: FILE: plat/kvm/include/kvm/efi.h:470:
+	(__uk_efi_api *query_mode)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#495: FILE: plat/kvm/include/kvm/efi.h:475:
+	(__uk_efi_api *set_mode)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#498: FILE: plat/kvm/include/kvm/efi.h:478:
+	(__uk_efi_api *set_attribute)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#501: FILE: plat/kvm/include/kvm/efi.h:481:
+	(__uk_efi_api *clear_screen)(struct uk_efi_simple_txt_out_proto *this);
 	              ^

WARNING:LONG_LINE: line over 80 characters
#503: FILE: plat/kvm/include/kvm/efi.h:483:
+	(__uk_efi_api *set_cursor_position)(struct uk_efi_simple_txt_out_proto *this,

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#503: FILE: plat/kvm/include/kvm/efi.h:483:
+	(__uk_efi_api *set_cursor_position)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#507: FILE: plat/kvm/include/kvm/efi.h:487:
+	(__uk_efi_api *enable_cursor)(struct uk_efi_simple_txt_out_proto *this,
 	              ^

WARNING:LINE_SPACING: Missing a blank line after declarations
#572: FILE: plat/kvm/include/kvm/efi.h:552:
+	enum uk_efi_mem_type image_data_type;
+	uk_efi_status_t	(__uk_efi_api *unload)(uk_efi_hndl_t img_hndl);

ERROR:SPACING: need consistent spacing around '*' (ctx:WxV)
#572: FILE: plat/kvm/include/kvm/efi.h:552:
+	uk_efi_status_t	(__uk_efi_api *unload)(uk_efi_hndl_t img_hndl);
 	               	              ^

total: 68 errors, 15 warnings, 555 lines checked

NOTE: For some of the reported defects, checkpatch may be able to
      mechanically convert to the typical style using --fix or --fix-inplace.

/tmp/build/a53d4c5b/patches/0001-plat-kvm-Add-initial-UEFI-definitions.patch has style problems, please review.

NOTE: Ignored message types: ASSIGN_IN_IF FILE_PATH_CHANGES NEW_TYPEDEFS OBSOLETE

NOTE: If any of the errors are false positives, please report
      them to the maintainer, see CHECKPATCH in MAINTAINERS.

View complete logs | Learn more about Unikraft's coding style and contribution guidelines.

michpappas

Reviewed-by: Michalis Pappas michalis@unikraft.io

razvand

Approved-by: Razvan Deaconescu razvand@unikraft.io

Add a description and proper dependencies for the `KVM_BOOT_PROTO_MULTIBOOT` configuration entry. Since `Firecracker` only supports the `Linux` 64-bit boot protocol and `Multiboot` is x86 specific (not taking into consideration the `Multiboot` ported to `ARM` for `Xen`), make the configuration entry reflect that. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Add a description and proper dependencies for the `KVM_BOOT_PROTO_LXBOOT` configuration entry. Since `Firecracker` only supports the `Linux` 64-bit boot protocol and we do not yet support booting through it on `QEMU`, make the dependencies reflect that. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Add a configuration option to build the Unikernel as a valid, loadable UEFI application. Make it depend on `ACPI` and, obviously, on not having `PLAT_LINUXU` enabled. Furthermore, remove default selection of the Multiboot boot protocol if QEMU VMM is selected, now that a QEMU image can also be an EFI image. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Add an architecture generic EFI stub that sets up a `struct ukplat_bootinfo`'s memory region descriptors, `bootloader` and `bootprotocol` fields. Furthermore, the memory region descriptors corresponding to the UEFI `Runtime Services` are gathered separately, through UEFI's `Memory Attribute Table`, since they have to be treated differently, in order for the `Runtime Services` to be used properly after `exit_boot_services`. At the end, the stub calls `uk_efi_jmp_to_kern` which each architecture is supposed to independently implement the remaining setup for its platform. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Define the minimum subset of EFI definitions required to be able to do file I/O in an UEFI environment. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Implement support to pass command-line arguments through Unikraft's `struct ukplat_bootinfo`. This can be done in two ways: 1. Through the UEFI Shell when launching the image or through `qemu`'s `-append` option. 2. Through the filesystem of the same partition (the EFI System Partition) that the image was launched from. The loader will look for a file with the name configured through the `UK_EFI_STUB_CMDLINE_FNAME` in the `\EFI\BOOT' directory. The first way, if applicable, takes priority over the second. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

This enables the EFI stub to load an initial RAM disk file from the same filesystem that the Unikraft image was loaded from (the EFI System Partition) and register it as a `Memory Region Descriptor`. The name of the `initrd` file is given through the `CONFIG_UK_EFI_STUB_INITRD_FNAME` configuration entry and it tells the loader the name of the file to load from the `\EFI\BOOT` directory of the EFI System Partition. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

This enables the EFI stub to load a Devicetree Blob file from the same filesystem that the Unikraft image was loaded from (the EFI System Partition) and register it as a `Memory Region Descriptor`. The name of the `dtb` file is given through the `CONFIG_UK_EFI_STUB_DTB_FNAME` configuration entry and it tells the loader the name of the file to load from the `\EFI\BOOT` directory of the EFI System Partition. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

This script allows patching of the architecture specific fake PE headers. It only fills in the fields that UEFI firmware looks for when validating and loading the image. Specifically, it does the following: - Write MS-DOS signature in the first bytes of the binary - Write at the standard MS-DOS file offset `0x3c` the offset to the beginning in file of the fake PE header - Append the original ELF file that also contains the PE header - Fill in the following fields of the Optional Header: SizeOfCode, AddressOfEntryPoint, BaseOfCode, SizeOfImage - Fill in the dummy PE sections, as PE, unlike ELF, is loaded by sections: - dummy .reloc section pointing to itsel with all fields zeroed out except the VirtualAddress and PointerToRawData fields which point to the section itself, to fool UEFI into thinking this is a valid relocation. - All PT_LOAD ELF Program Headers will be encapsulated into PE sections with all permissions enabled (RWX) For these sections, only the following fields are required to be filed in: VirtualSize, VirtualAddress, SizeOfRawData, PointerToRawData. Thus, the script fills in the bare-minimum fields, according to EDKII, the most complete and official UEFI implementation, that are required by an UEFI application's PE header to be considered valid and loadable. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Implements the small x86 specific UEFI entry point which will call the early self relocator, adjust the initially unaligned stack and finally jump to the architecture generic EFI stub. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Implement a stub that comes after the architecture generic EFI stub calls the routine that exits `Boot Services`. This is supposed to finish the architecture specific setupin order to be able to have a Unikraft valid initial environment state before `_ukplat_entry` is execited. Thus, begin by disabling the `Interrupt Flag`, updating the root of the page tables with our in-image static page tables, unmask the legacy `8259 PIC`, since, at this point, we do not have `I/O APIC` support, disable the `LAPIC Timer` initially setup by `UEFI`, set the legacy shared PCI IRQ's as level triggered since UEFI does not do it for us (unless we boot in `CSM`) and we do not, at this moment have a proper IRQ subsystem and, finally, jump to `lcpu_start64` with the entry function as `_ukplat_entry` and a statically allocated page-sized stack. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

If `CONFIG_EFI_STUB` is enabled, add to the build system the fake PE header, the architecture generic EFI stub, and the x86 specific post-EFI stub that applies finishing touches to the platform initialization. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Implements the small ARM specific UEFI entry point which will call the early self relocator, and jump to the architecture generic EFI stub. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Implement a stub that comes after the architecture generic EFI stub calls the routine that exits `Boot Services`. This is supposed to finish the architecture specific setupin order to be able to have a Unikraft valid initial environment state before `_libkvmplat_start` is execited. Thus, the interrupt flags are masked, the data cache is invalidated in the range of this image's instance and then default, warm reset values are placed into the system registers that EFI would have otherwise left modified. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

If `CONFIG_EFI_STUB` is enabled, add to the build system the ARM UEFI entry stub and the ARM specific post-EFI stub that applies finishing touches to the platform initialization. Add a configuration entry `KVM_BOOT_QEMU_VIRT` to explicitly indicate that we are booting from the default `QEMU virt` environment. This will help us differentiate between UEFI and non-UEFI ARM builds. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Preferably, a UEFI system is also an ACPI system and thus these functionalities should be implemented through ACPI methods. But for now, make use of UEFI's Runtime Services for resetting the system, since they are more reliable than what we have at the moment. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

Add `Trusted Computing Group`'s `Reset Attack Mitigation` mechanism. Whenever a machine shuts down or reboots, due to lack of electric charge, the contents of RAM may dissipate after a short amount of time. However this may be enough for an attacker to quickly boot again into a custom program and dump memory contents. Thus, by using this, the OS instructs POST BIOS to overwrite memory contents before continuing to boot into the rest of the BIOS code. Since this is not really implemented in `OVMF`'s `NVRAM` variables we disable this by default. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com> Reviewed-by: Michalis Pappas <michalis@unikraft.io> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #909

mogasergiu requested review from a team as code owners May 25, 2023 12:31

This was referenced May 25, 2023

Add the ability to build EFI ISO and DISK images. #910

Closed

Refactor the ACPI code and change its location. #911

Closed

Add support for setting up SMP on ARM64 through ACPI #912

Closed

unikraft-bot assigned vladandrew May 25, 2023

razvand removed the request for review from a team May 31, 2023 04:44

mogasergiu added 6 commits August 11, 2023 13:22

plat/kvm/arm: Add UEFI entry stub

b3d3239

Implements the small ARM specific UEFI entry point which will call the early self relocator, and jump to the architecture generic EFI stub. Signed-off-by: Sergiu Moga <sergiu.moga@protonmail.com>

mogasergiu force-pushed the efi-stub branch from 0411597 to ec56b2e Compare August 11, 2023 10:24

michpappas approved these changes Aug 11, 2023

View reviewed changes

razvand approved these changes Aug 11, 2023

View reviewed changes

unikraft-bot closed this in 809d09c Aug 11, 2023

unikraft-bot added the ci/merged Merged by CI label Aug 11, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add `EFI` stub support #909

Add `EFI` stub support #909

mogasergiu commented May 25, 2023 •

edited

Loading

unikraft-bot commented Aug 11, 2023

michpappas left a comment

razvand left a comment

Add EFI stub support #909

Add EFI stub support #909

Conversation

mogasergiu commented May 25, 2023 • edited Loading

Prerequisite checklist

Base target

Additional configuration

Description of changes

NOTE

unikraft-bot commented Aug 11, 2023

michpappas left a comment

Choose a reason for hiding this comment

razvand left a comment

Choose a reason for hiding this comment

Add `EFI` stub support #909

Add `EFI` stub support #909

mogasergiu commented May 25, 2023 •

edited

Loading