Xen devel - Sep 2011 - Is xen planning to support hvm guests booting under UEFI?

Pls cc: me as I am not subscribed.
>From
http://www.itworld.com/it-managementstrategy/205255/windows-8-oem-specs-
may-block-linux-booting :

Quote:

Red Hat''s Matthew Garrett was one of the first to notice that according
to the
new logo rules, all Windows 8 machines will need to be have the Unified 
Extensible Firmware Interface (UEFI) instead of the venerable BIOS firmware 
layer. BIOS has been pretty much the sole firmware interface for PCs for a 
long time.

The EFI system has slowly been making headway in recent years, and right now 
EFI firmware is compatible with Windows supporting the GUID Partition Table 
(GPT), OS X/Intel, and Linux 2.6 and beyond machines. EFI is seen as a better 
hardware/software interface than BIOS, since it is platform-agnostic, runs in 
32- or 64-bit mode, and GPT machines can handle boot partitions of up to 9.4 
zettabytes. (That''s 9.5 billion terabytes to you and me.)

EFI, and the later UEFI specification, is not the problem for Linux. The 
problem is Microsoft''s other requirement for any Windows 8-certified
client:
the system must support secure booting. This hardened boot means that "all 
firmware and software in the boot process must be signed by a trusted 
Certificate Authority (CA)," according to slides from a recent presentation
on
the UEFI boot process made by Arie van der Hoeven, Microsoft Principal Lead 
Program Manager.

:End Quote

Putting aside the signing problem for now, the immediate problem is qemu-dm as 
the emulator for hvm guests, since it provides an emulated *bios*. I''ve
always
been curious about this, as I''ve wanted to look forward to the day when
I can
boot an Apple OS/X hvm guest.

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

>From what I know the issue with OS X is not technical, it is simply that
apple''s EULA explicitly forbids their OS on non-apple hardware. I have
seen
a few vmware and virtual box os x images which seemed to work fairly ok, but
no one is really working hard to make it work "well" because of the
legal
issues. I think that it will be a much bigger issue for windows though
especially with windows 8 not too far away hopefully xen will be able to
boot it :)

On Wed, Sep 21, 2011 at 9:06 PM, jim burns <jim_burn@bellsouth.net> wrote:
> Pls cc: me as I am not subscribed.
>
> >From
> http://www.itworld.com/it-managementstrategy/205255/windows-8-oem-specs-
> may-block-linux-booting :
>
> Quote:
>
> Red Hat''s Matthew Garrett was one of the first to notice that
according to
> the
> new logo rules, all Windows 8 machines will need to be have the Unified
> Extensible Firmware Interface (UEFI) instead of the venerable BIOS firmware
> layer. BIOS has been pretty much the sole firmware interface for PCs for a
> long time.
>
> The EFI system has slowly been making headway in recent years, and right
> now
> EFI firmware is compatible with Windows supporting the GUID Partition Table
> (GPT), OS X/Intel, and Linux 2.6 and beyond machines. EFI is seen as a
> better
> hardware/software interface than BIOS, since it is platform-agnostic, runs
> in
> 32- or 64-bit mode, and GPT machines can handle boot partitions of up to
> 9.4
> zettabytes. (That''s 9.5 billion terabytes to you and me.)
>
> EFI, and the later UEFI specification, is not the problem for Linux. The
> problem is Microsoft''s other requirement for any Windows
8-certified
> client:
> the system must support secure booting. This hardened boot means that
"all
> firmware and software in the boot process must be signed by a trusted
> Certificate Authority (CA)," according to slides from a recent
presentation
> on
> the UEFI boot process made by Arie van der Hoeven, Microsoft Principal Lead
> Program Manager.
>
> :End Quote
>
> Putting aside the signing problem for now, the immediate problem is qemu-dm
> as
> the emulator for hvm guests, since it provides an emulated *bios*.
I''ve
> always
> been curious about this, as I''ve wanted to look forward to the day
when I
> can
> boot an Apple OS/X hvm guest.
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
>

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
> Pls cc: me as I am not subscribed.
[...]
> Putting aside the signing problem for now, the immediate problem is qemu-dm
> as  the emulator for hvm guests, since it provides an emulated *bios*.
I''ve
> always been curious about this, as I''ve wanted to look forward to
the day
> when I can boot an Apple OS/X hvm guest.
http://wiki.xensource.com/xenwiki/XenParavirtOps has been reworked recently. 
Not sure if this was there before:

"Add EFI support in Linux pv-ops. Jan Beulich wrote patches to make Xen 
hypervisor be able to compile as an EFI application. "Build xen.efi, write
up
a config file for it to read (most importantly so it knows what Dom0 kernel 
and initrd to use), and you should be good to go (provided the EFI 
implementation isn''t too flawed). This being an EFI application you can
simply
run it from the shell prompt. Parameter for Xen.efi is -cfg <file>, and
<file>
has: kernel=, ramdisk=, options=, video=gfx-x. The Linux pv-ops needs at least 
to parse XEN_VGATYPE_EFI_LFB data, E820 parsed (should be working) and give 
the ACPI subsystem a pointer to the ACPI DSDT without consulting EBDA." 

This doesn''t solve the Windows 8 hvm problem, but at least EFI is being
considered.

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

what windows 8 hvm problem? im running the developer preview as a xen hvm,
it works fine?

On Sat, Sep 24, 2011 at 5:34 PM, jim burns <jim_burn@bellsouth.net> wrote:
> On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
> > Pls cc: me as I am not subscribed.
> [...]
> > Putting aside the signing problem for now, the immediate problem is
> qemu-dm
> > as  the emulator for hvm guests, since it provides an emulated *bios*.
> I''ve
> > always been curious about this, as I''ve wanted to look
forward to the day
> > when I can boot an Apple OS/X hvm guest.
>
> http://wiki.xensource.com/xenwiki/XenParavirtOps has been reworked
> recently.
> Not sure if this was there before:
>
> "Add EFI support in Linux pv-ops. Jan Beulich wrote patches to make
Xen
> hypervisor be able to compile as an EFI application. "Build xen.efi,
write
> up
> a config file for it to read (most importantly so it knows what Dom0 kernel
> and initrd to use), and you should be good to go (provided the EFI
> implementation isn''t too flawed). This being an EFI application
you can
> simply
> run it from the shell prompt. Parameter for Xen.efi is -cfg <file>,
and
> <file>
> has: kernel=, ramdisk=, options=, video=gfx-x. The Linux pv-ops needs at
> least
> to parse XEN_VGATYPE_EFI_LFB data, E820 parsed (should be working) and give
> the ACPI subsystem a pointer to the ACPI DSDT without consulting
EBDA."
>
> This doesn''t solve the Windows 8 hvm problem, but at least EFI is
being
> considered.
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
>

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Sat September 24 2011, 5:37:14 PM, chris wrote:
> what windows 8 hvm problem? im running the developer preview as a xen hvm,
> it works fine?
Go back to the first post in this thread, where I quote an article:

"Red Hat''s Matthew Garrett was one of the first to notice that
according to
the new logo rules, all Windows 8 machines will need to be have the Unified 
Extensible Firmware Interface (UEFI) instead of the venerable BIOS firmware 
layer. BIOS has been pretty much the sole firmware interface for PCs for a 
long time."

And as I said, putting aside the problem mentioned further down in the article 
that the EFI components need to be signed, that means that qemu-dm / hvmloader 
need to support the EFI way of booting.

This is a roadmap requirement of Microsoft, and perhaps doesn''t affect 
"developer preview"s?

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

we will have to see how the official win8 release plays out, but as it is
now it is working with the current preview release of the os and atleast it
looks like there is activity on the xen/efi front

On Sat, Sep 24, 2011 at 5:47 PM, jim burns <jim_burn@bellsouth.net> wrote:
> On Sat September 24 2011, 5:37:14 PM, chris wrote:
> > what windows 8 hvm problem? im running the developer preview as a xen
> hvm,
> > it works fine?
>
> Go back to the first post in this thread, where I quote an article:
>
> "Red Hat''s Matthew Garrett was one of the first to notice
that according to
> the new logo rules, all Windows 8 machines will need to be have the Unified
> Extensible Firmware Interface (UEFI) instead of the venerable BIOS firmware
> layer. BIOS has been pretty much the sole firmware interface for PCs for a
> long time."
>
> And as I said, putting aside the problem mentioned further down in the
> article
> that the EFI components need to be signed, that means that qemu-dm /
> hvmloader
> need to support the EFI way of booting.
>
> This is a roadmap requirement of Microsoft, and perhaps doesn''t
affect
> "developer preview"s?
>

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Sat, Sep 24, 2011 at 5:34 PM, jim burns <jim_burn@bellsouth.net>
wrote:
> On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
>> Pls cc: me as I am not subscribed.
> [...]
> http://wiki.xensource.com/xenwiki/XenParavirtOps has been reworked
recently.
> Not sure if this was there before:
>
> "Add EFI support in Linux pv-ops. Jan Beulich wrote patches to make
Xen
> hypervisor be able to compile as an EFI application. "Build xen.efi,
write up
> a config file for it to read (most importantly so it knows what Dom0 kernel
> and initrd to use), and you should be good to go (provided the EFI
> implementation isn''t too flawed). This being an EFI application
you can simply
> run it from the shell prompt. Parameter for Xen.efi is -cfg <file>,
and <file>
> has: kernel=, ramdisk=, options=, video=gfx-x. The Linux pv-ops needs at
least
> to parse XEN_VGATYPE_EFI_LFB data, E820 parsed (should be working) and give
> the ACPI subsystem a pointer to the ACPI DSDT without consulting
EBDA."
>
> This doesn''t solve the Windows 8 hvm problem, but at least EFI is
being
> considered.
>
There was a google summer of code project around UEFI:
http://code.google.com/p/google-summer-of-code-2011-tianocore/downloads/detail?name=Bei_Guan.tar.gz&can=2&q
I don''t know if it was submitted to xen-devel, but you can follow up
with the xen-devel mailing list if you are interested.

Hope that helps.

Thanks,
Todd

-- 
Todd Deshane
http://www.linkedin.com/in/deshantm
http://www.xen.org/products/cloudxen.html
http://runningxen.com/

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

From: "jim burns" <jim_burn@bellsouth.net>
  Date: Sat, 24 Sep 2011 17:47:16 -0400

  On Sat September 24 2011, 5:37:14 PM, chris wrote:

  > what windows 8 hvm problem? im running the developer
  > preview as a xen hvm, it works fine?

  Go back to the first post in this thread, where I quote an
  article:

  "Red Hat''s Matthew Garrett was one of the first to notice
  that according to the new logo rules, all Windows 8
  machines will need to be have the Unified Extensible
  Firmware Interface (UEFI) instead of the venerable BIOS
  firmware layer. BIOS has been pretty much the sole
  firmware interface for PCs for a long time."

As I understand it, the key word in the above quote is
"logo".  If a hardware company wants to use the Windows 8
branding, i.e. Microsoft''s trademarked logo, they''ve got to
provide a secure UEFI ... which is a reasonable hardening of
the system from a security viewpoint.

I can''t image Microsoft preventing Windows 8 from booting on
older hardware; for one thing, it would drastically slow
down the adoption rate if the people who influence it could
only try it out the final version after buying a new machine.
So I would expect it to have no more or less trouble running
as a DomU as any other Microsoft OS has in times past.

- Harold


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Sat September 24 2011, 6:43:42 PM, Todd Deshane
wrote:
> On Sat, Sep 24, 2011 at 5:34 PM, jim burns <jim_burn@bellsouth.net>
wrote:
> > On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
> >> Pls cc: me as I am not subscribed.
> > 
> > [...]
> > http://wiki.xensource.com/xenwiki/XenParavirtOps has been reworked
> > recently. Not sure if this was there before:
> > 
> > "Add EFI support in Linux pv-ops. Jan Beulich wrote patches to
make Xen
> > hypervisor be able to compile as an EFI application. "Build
xen.efi,
> > write up a config file for it to read (most importantly so it knows
> > what Dom0 kernel and initrd to use), and you should be good to go
> > (provided the EFI implementation isn''t too flawed). This
being an EFI
> > application you can simply run it from the shell prompt. Parameter for
> > Xen.efi is -cfg <file>, and <file> has: kernel=, ramdisk=,
options=,
> > video=gfx-x. The Linux pv-ops needs at least to parse
> > XEN_VGATYPE_EFI_LFB data, E820 parsed (should be working) and give the
> > ACPI subsystem a pointer to the ACPI DSDT without consulting
EBDA."
> > 
> > This doesn''t solve the Windows 8 hvm problem, but at least
EFI is being
> > considered.
> 
> There was a google summer of code project around UEFI:
>
http://code.google.com/p/google-summer-of-code-2011-tianocore/downloads/deta
> il?name=Bei_Guan.tar.gz&can=2&q> 
> I don''t know if it was submitted to xen-devel, but you can follow
up
> with the xen-devel mailing list if you are interested.
> 
> Hope that helps.
The article I quoted was from http://www.itworld.com/it-
managementstrategy/205255/windows-8-oem-specs-
may-block-linux-booting :

"Red Hat''s Matthew Garrett was one of the first to notice that
according to
the new logo rules, all Windows 8 machines will need to be have the Unified 
Extensible Firmware Interface (UEFI) instead of the venerable BIOS firmware 
layer. BIOS has been pretty much the sole firmware interface for PCs for a 
long time.

The EFI system has slowly been making headway in recent years, and right now 
EFI firmware is compatible with Windows supporting the GUID Partition Table 
(GPT), OS X/Intel, and Linux 2.6 and beyond machines. EFI is seen as a better 
hardware/software interface than BIOS, since it is platform-agnostic, runs in 
32- or 64-bit mode, and GPT machines can handle boot partitions of up to 9.4 
zettabytes. (That''s 9.5 billion terabytes to you and me.)

EFI, and the later UEFI specification, is not the problem for Linux. The 
problem is Microsoft''s other requirement for any Windows 8-certified
client:
the system must support secure booting. This hardened boot means that "all 
firmware and software in the boot process must be signed by a trusted 
Certificate Authority (CA)," according to slides from a recent presentation
on
the UEFI boot process made by Arie van der Hoeven, Microsoft Principal Lead 
Program Manager."

Putting aside the signing problem for now, the immediate problem is qemu-dm as 
the emulator for hvm guests, since it provides an emulated *bios*. Or 
hvmloader as the bootloader. The url Todd provides points to a project to 
modify ''ovmf'', an EFI bootloader, to be xen hvm aware. Windows
8 will be a
game changer, if the article is right. Hope plans are being made to 
incorporate some sort of EFI bootloader into xen.

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Since I was at the presentation in question, I asked about requirements for
virtual platforms. I seem to recall the response being that UEFI was not a
requirement for virtual platforms as yet and moreover I don''t believe
hyper-v VMs UEFI boot.
That said I''m not sure about the requirements surrounding trusted boot;
I guess they will become clearer as the HCK requirements are firmed up.

I''d certainly like to see HVM UEFI boot sooner rather than later as I
think it will speed up Windows boot (and not just for Windows 8) quite a lot but
I didn''t see any need to panic just yet.

  Paul 
> -----Original Message-----
> From: xen-devel-bounces@lists.xensource.com [mailto:xen-devel-
> bounces@lists.xensource.com] On Behalf Of jim burns
> Sent: 25 September 2011 03:18
> To: xen-users@lists.xensource.com; xen-devel@lists.xensource.com
> Cc: Todd Deshane
> Subject: [Xen-devel] Re: [Xen-users] Is xen planning to support hvm
> guests booting under UEFI?
> 
> On Sat September 24 2011, 6:43:42 PM, Todd Deshane wrote:
> > On Sat, Sep 24, 2011 at 5:34 PM, jim burns
> <jim_burn@bellsouth.net> wrote:
> > > On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
> > >> Pls cc: me as I am not subscribed.
> > >
> > > [...]
> > > http://wiki.xensource.com/xenwiki/XenParavirtOps has been
> reworked
> > > recently. Not sure if this was there before:
> > >
> > > "Add EFI support in Linux pv-ops. Jan Beulich wrote patches
to
> make
> > > Xen hypervisor be able to compile as an EFI application.
"Build
> > > xen.efi, write up a config file for it to read (most importantly
> so
> > > it knows what Dom0 kernel and initrd to use), and you should be
> good
> > > to go (provided the EFI implementation isn''t too
flawed). This
> being
> > > an EFI application you can simply run it from the shell prompt.
> > > Parameter for Xen.efi is -cfg <file>, and <file> has:
kernel=,
> > > ramdisk=, options=, video=gfx-x. The Linux pv-ops needs at least
> to
> > > parse XEN_VGATYPE_EFI_LFB data, E820 parsed (should be working)
> and
> > > give the ACPI subsystem a pointer to the ACPI DSDT without
> consulting EBDA."
> > >
> > > This doesn''t solve the Windows 8 hvm problem, but at
least EFI
> is
> > > being considered.
> >
> > There was a google summer of code project around UEFI:
> > http://code.google.com/p/google-summer-of-code-2011-
> tianocore/download
> > s/deta
> > il?name=Bei_Guan.tar.gz&can=2&q> >
> > I don''t know if it was submitted to xen-devel, but you can
follow
> up
> > with the xen-devel mailing list if you are interested.
> >
> > Hope that helps.
> 
> The article I quoted was from http://www.itworld.com/it-
> managementstrategy/205255/windows-8-oem-specs-
> may-block-linux-booting :
> 
> "Red Hat''s Matthew Garrett was one of the first to notice
that
> according to the new logo rules, all Windows 8 machines will need to
> be have the Unified Extensible Firmware Interface (UEFI) instead of
> the venerable BIOS firmware layer. BIOS has been pretty much the
> sole firmware interface for PCs for a long time.
> 
> The EFI system has slowly been making headway in recent years, and
> right now EFI firmware is compatible with Windows supporting the
> GUID Partition Table (GPT), OS X/Intel, and Linux 2.6 and beyond
> machines. EFI is seen as a better hardware/software interface than
> BIOS, since it is platform-agnostic, runs in
> 32- or 64-bit mode, and GPT machines can handle boot partitions of
> up to 9.4 zettabytes. (That''s 9.5 billion terabytes to you and
me.)
> 
> EFI, and the later UEFI specification, is not the problem for Linux.
> The problem is Microsoft''s other requirement for any Windows 8-
> certified client:
> the system must support secure booting. This hardened boot means
> that "all firmware and software in the boot process must be signed
> by a trusted Certificate Authority (CA)," according to slides from a
> recent presentation on the UEFI boot process made by Arie van der
> Hoeven, Microsoft Principal Lead Program Manager."
> 
> Putting aside the signing problem for now, the immediate problem is
> qemu-dm as the emulator for hvm guests, since it provides an
> emulated *bios*. Or hvmloader as the bootloader. The url Todd
> provides points to a project to modify ''ovmf'', an EFI
bootloader, to
> be xen hvm aware. Windows 8 will be a game changer, if the article
> is right. Hope plans are being made to incorporate some sort of EFI
> bootloader into xen.
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

The GSOC project student seemed to be making good progress, and there were
others on the OVMF side who were giving him support. I haven''t heard
anything in about a month now, though.


On 25/09/2011 07:12, "Paul Durrant" <Paul.Durrant@citrix.com>
wrote:
> Since I was at the presentation in question, I asked about requirements for
> virtual platforms. I seem to recall the response being that UEFI was not a
> requirement for virtual platforms as yet and moreover I don''t
believe hyper-v
> VMs UEFI boot. 
> That said I''m not sure about the requirements surrounding trusted
boot; I
> guess they will become clearer as the HCK requirements are firmed up.
> 
> I''d certainly like to see HVM UEFI boot sooner rather than later
as I think it
> will speed up Windows boot (and not just for Windows 8) quite a lot but I
> didn''t see any need to panic just yet.
> 
>   Paul 
> 
>> -----Original Message-----
>> From: xen-devel-bounces@lists.xensource.com [mailto:xen-devel-
>> bounces@lists.xensource.com] On Behalf Of jim burns
>> Sent: 25 September 2011 03:18
>> To: xen-users@lists.xensource.com; xen-devel@lists.xensource.com
>> Cc: Todd Deshane
>> Subject: [Xen-devel] Re: [Xen-users] Is xen planning to support hvm
>> guests booting under UEFI?
>> 
>> On Sat September 24 2011, 6:43:42 PM, Todd Deshane wrote:
>>> On Sat, Sep 24, 2011 at 5:34 PM, jim burns
>> <jim_burn@bellsouth.net> wrote:
>>>> On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
>>>>> Pls cc: me as I am not subscribed.
>>>> 
>>>> [...]
>>>> http://wiki.xensource.com/xenwiki/XenParavirtOps has been
>> reworked
>>>> recently. Not sure if this was there before:
>>>> 
>>>> "Add EFI support in Linux pv-ops. Jan Beulich wrote
patches to
>> make
>>>> Xen hypervisor be able to compile as an EFI application.
"Build
>>>> xen.efi, write up a config file for it to read (most
importantly
>> so
>>>> it knows what Dom0 kernel and initrd to use), and you should be
>> good
>>>> to go (provided the EFI implementation isn''t too
flawed). This
>> being
>>>> an EFI application you can simply run it from the shell prompt.
>>>> Parameter for Xen.efi is -cfg <file>, and <file>
has: kernel=,
>>>> ramdisk=, options=, video=gfx-x. The Linux pv-ops needs at
least
>> to
>>>> parse XEN_VGATYPE_EFI_LFB data, E820 parsed (should be working)
>> and
>>>> give the ACPI subsystem a pointer to the ACPI DSDT without
>> consulting EBDA."
>>>> 
>>>> This doesn''t solve the Windows 8 hvm problem, but at
least EFI
>> is
>>>> being considered.
>>> 
>>> There was a google summer of code project around UEFI:
>>> http://code.google.com/p/google-summer-of-code-2011-
>> tianocore/download
>>> s/deta
>>> il?name=Bei_Guan.tar.gz&can=2&q>>> 
>>> I don''t know if it was submitted to xen-devel, but you can
follow
>> up
>>> with the xen-devel mailing list if you are interested.
>>> 
>>> Hope that helps.
>> 
>> The article I quoted was from http://www.itworld.com/it-
>> managementstrategy/205255/windows-8-oem-specs-
>> may-block-linux-booting :
>> 
>> "Red Hat''s Matthew Garrett was one of the first to notice
that
>> according to the new logo rules, all Windows 8 machines will need to
>> be have the Unified Extensible Firmware Interface (UEFI) instead of
>> the venerable BIOS firmware layer. BIOS has been pretty much the
>> sole firmware interface for PCs for a long time.
>> 
>> The EFI system has slowly been making headway in recent years, and
>> right now EFI firmware is compatible with Windows supporting the
>> GUID Partition Table (GPT), OS X/Intel, and Linux 2.6 and beyond
>> machines. EFI is seen as a better hardware/software interface than
>> BIOS, since it is platform-agnostic, runs in
>> 32- or 64-bit mode, and GPT machines can handle boot partitions of
>> up to 9.4 zettabytes. (That''s 9.5 billion terabytes to you and
me.)
>> 
>> EFI, and the later UEFI specification, is not the problem for Linux.
>> The problem is Microsoft''s other requirement for any Windows
8-
>> certified client:
>> the system must support secure booting. This hardened boot means
>> that "all firmware and software in the boot process must be signed
>> by a trusted Certificate Authority (CA)," according to slides from
a
>> recent presentation on the UEFI boot process made by Arie van der
>> Hoeven, Microsoft Principal Lead Program Manager."
>> 
>> Putting aside the signing problem for now, the immediate problem is
>> qemu-dm as the emulator for hvm guests, since it provides an
>> emulated *bios*. Or hvmloader as the bootloader. The url Todd
>> provides points to a project to modify ''ovmf'', an EFI
bootloader, to
>> be xen hvm aware. Windows 8 will be a game changer, if the article
>> is right. Hope plans are being made to incorporate some sort of EFI
>> bootloader into xen.
>> 
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@lists.xensource.com
>> http://lists.xensource.com/xen-devel
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Adding Bei Guan and Andrey Warkentin who I think were student and mentor
respectively. Hi guys!

On Sun, 2011-09-25 at 15:50 +0100, Keir Fraser wrote:
> The GSOC project student seemed to be making good progress, and there were
> others on the OVMF side who were giving him support. I haven''t
heard
> anything in about a month now, though.
It would be very interesting to get an update (or a pointer to one) of
the status/result of this particular project now that the GSoC is over.

Thanks,
Ian.

> 
> 
> On 25/09/2011 07:12, "Paul Durrant"
<Paul.Durrant@citrix.com> wrote:
> 
> > Since I was at the presentation in question, I asked about
requirements for
> > virtual platforms. I seem to recall the response being that UEFI was
not a
> > requirement for virtual platforms as yet and moreover I don''t
believe hyper-v
> > VMs UEFI boot. 
> > That said I''m not sure about the requirements surrounding
trusted boot; I
> > guess they will become clearer as the HCK requirements are firmed up.
> > 
> > I''d certainly like to see HVM UEFI boot sooner rather than
later as I think it
> > will speed up Windows boot (and not just for Windows 8) quite a lot
but I
> > didn''t see any need to panic just yet.
> > 
> >   Paul 
> > 
> >> -----Original Message-----
> >> From: xen-devel-bounces@lists.xensource.com [mailto:xen-devel-
> >> bounces@lists.xensource.com] On Behalf Of jim burns
> >> Sent: 25 September 2011 03:18
> >> To: xen-users@lists.xensource.com; xen-devel@lists.xensource.com
> >> Cc: Todd Deshane
> >> Subject: [Xen-devel] Re: [Xen-users] Is xen planning to support
hvm
> >> guests booting under UEFI?
> >> 
> >> On Sat September 24 2011, 6:43:42 PM, Todd Deshane wrote:
> >>> On Sat, Sep 24, 2011 at 5:34 PM, jim burns
> >> <jim_burn@bellsouth.net> wrote:
> >>>> On Wed September 21 2011, 9:06:38 PM, jim burns wrote:
> >>>>> Pls cc: me as I am not subscribed.
> >>>> 
> >>>> [...]
> >>>> http://wiki.xensource.com/xenwiki/XenParavirtOps has been
> >> reworked
> >>>> recently. Not sure if this was there before:
> >>>> 
> >>>> "Add EFI support in Linux pv-ops. Jan Beulich wrote
patches to
> >> make
> >>>> Xen hypervisor be able to compile as an EFI application.
"Build
> >>>> xen.efi, write up a config file for it to read (most
importantly
> >> so
> >>>> it knows what Dom0 kernel and initrd to use), and you
should be
> >> good
> >>>> to go (provided the EFI implementation isn''t too
flawed). This
> >> being
> >>>> an EFI application you can simply run it from the shell
prompt.
> >>>> Parameter for Xen.efi is -cfg <file>, and
<file> has: kernel=,
> >>>> ramdisk=, options=, video=gfx-x. The Linux pv-ops needs at
least
> >> to
> >>>> parse XEN_VGATYPE_EFI_LFB data, E820 parsed (should be
working)
> >> and
> >>>> give the ACPI subsystem a pointer to the ACPI DSDT without
> >> consulting EBDA."
> >>>> 
> >>>> This doesn''t solve the Windows 8 hvm problem, but
at least EFI
> >> is
> >>>> being considered.
> >>> 
> >>> There was a google summer of code project around UEFI:
> >>> http://code.google.com/p/google-summer-of-code-2011-
> >> tianocore/download
> >>> s/deta
> >>> il?name=Bei_Guan.tar.gz&can=2&q> >>> 
> >>> I don''t know if it was submitted to xen-devel, but
you can follow
> >> up
> >>> with the xen-devel mailing list if you are interested.
> >>> 
> >>> Hope that helps.
> >> 
> >> The article I quoted was from http://www.itworld.com/it-
> >> managementstrategy/205255/windows-8-oem-specs-
> >> may-block-linux-booting :
> >> 
> >> "Red Hat''s Matthew Garrett was one of the first to
notice that
> >> according to the new logo rules, all Windows 8 machines will need
to
> >> be have the Unified Extensible Firmware Interface (UEFI) instead
of
> >> the venerable BIOS firmware layer. BIOS has been pretty much the
> >> sole firmware interface for PCs for a long time.
> >> 
> >> The EFI system has slowly been making headway in recent years, and
> >> right now EFI firmware is compatible with Windows supporting the
> >> GUID Partition Table (GPT), OS X/Intel, and Linux 2.6 and beyond
> >> machines. EFI is seen as a better hardware/software interface than
> >> BIOS, since it is platform-agnostic, runs in
> >> 32- or 64-bit mode, and GPT machines can handle boot partitions of
> >> up to 9.4 zettabytes. (That''s 9.5 billion terabytes to
you and me.)
> >> 
> >> EFI, and the later UEFI specification, is not the problem for
Linux.
> >> The problem is Microsoft''s other requirement for any
Windows 8-
> >> certified client:
> >> the system must support secure booting. This hardened boot means
> >> that "all firmware and software in the boot process must be
signed
> >> by a trusted Certificate Authority (CA)," according to slides
from a
> >> recent presentation on the UEFI boot process made by Arie van der
> >> Hoeven, Microsoft Principal Lead Program Manager."
> >> 
> >> Putting aside the signing problem for now, the immediate problem
is
> >> qemu-dm as the emulator for hvm guests, since it provides an
> >> emulated *bios*. Or hvmloader as the bootloader. The url Todd
> >> provides points to a project to modify ''ovmf'',
an EFI bootloader, to
> >> be xen hvm aware. Windows 8 will be a game changer, if the article
> >> is right. Hope plans are being made to incorporate some sort of
EFI
> >> bootloader into xen.
> >> 
> >> _______________________________________________
> >> Xen-devel mailing list
> >> Xen-devel@lists.xensource.com
> >> http://lists.xensource.com/xen-devel
> > 
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xensource.com
> > http://lists.xensource.com/xen-devel
> 
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Hi Ian, Keir, others -

I was the mentor for the project. We got to the point where OVMF on
Xen was indistinguishable from OVMF on QEMU as far
as emulated device support (Bei can confirm - is this true for
network/PXE boot as well?). ACPI and DMI info published from
the hvmloader is consumed by the firmware and published. I believe we
could boot RedHat. Last I checked Win7 was unbootable under QEMU with
OVMF (so we didn''t check) and I don''t know the status of that
(if I
remember correctly, it BSODs in bootvid.sys (under QEMU) due to low
memory area not being reserved away, or because there is no fake IDT
set up - that seems to match up with the hoops I needed to do doing
similar work on Hyper-V).

OVMF is aware of Xen, and work was being done on a PV block device
(Bei got as far as hypercall support and xenstore). Bei, are you
working on the PV block driver? I want to say we''re pretty close on
that one (PV block not very hard, and neither is the block device
abstraction for EFI).

I/Bei had patches against hvmloader (to support booting OVMF) and Bei
had patches against the management stack as well to expose the
functionality of picking OVMF as the firmware. I believe all of these
were sent to xen development list.

Jordan Justen (Intel) had been working on integrating the OVMF changes
last I checked, but I am not positive (I just changed jobs and
relocated, and still am not on the TianoCore mailing list). I am
adding him to the reply.

A


2011/9/26 Ian Campbell <Ian.Campbell@citrix.com>:
> Adding Bei Guan and Andrey Warkentin who I think were student and mentor
> respectively. Hi guys!
>
> On Sun, 2011-09-25 at 15:50 +0100, Keir Fraser wrote:
>> The GSOC project student seemed to be making good progress, and there
were
>> others on the OVMF side who were giving him support. I haven''t
heard
>> anything in about a month now, though.
>
> It would be very interesting to get an update (or a pointer to one) of
> the status/result of this particular project now that the GSoC is over.
>
> Thanks,
> Ian.
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Mon, 2011-09-26 at 20:18 +0100, Andrei E. Warkentin
wrote:
> Hi Ian, Keir, others -
> 
> I was the mentor for the project. We got to the point where OVMF on
> Xen was indistinguishable from OVMF on QEMU as far
> as emulated device support (Bei can confirm - is this true for
> network/PXE boot as well?). ACPI and DMI info published from
> the hvmloader is consumed by the firmware and published. I believe we
> could boot RedHat. Last I checked Win7 was unbootable under QEMU with
> OVMF (so we didn''t check) and I don''t know the status of
that (if I
> remember correctly, it BSODs in bootvid.sys (under QEMU) due to low
> memory area not being reserved away, or because there is no fake IDT
> set up - that seems to match up with the hoops I needed to do doing
> similar work on Hyper-V).
> 
> OVMF is aware of Xen, and work was being done on a PV block device
> (Bei got as far as hypercall support and xenstore). Bei, are you
> working on the PV block driver? I want to say we''re pretty close
on
> that one (PV block not very hard, and neither is the block device
> abstraction for EFI).
Thanks for the update, it sounds like it''s pretty far along.

The PV enhancements etc sound great but it would be nice if we could tie
up the baseline stuff so that folks can start using it.

Is Bei still working on the project since the end of GSoC? If not is
there an archive of what he accomplished so that we can find someone to
pick up on it if necessary?
> I/Bei had patches against hvmloader (to support booting OVMF) and Bei
> had patches against the management stack as well to expose the
> functionality of picking OVMF as the firmware. I believe all of these
> were sent to xen development list.
I remember these. A bunch got applied after some discussion but IIRC not
all of them were? Bei, are you able to resend the ones which did not?

Is there a wiki page or something somewhere detailing what a user needs
to do (i.e. build steps, guest cfg etc) in order to use the UEFI
support?

Cheers,
Ian.
> 
> Jordan Justen (Intel) had been working on integrating the OVMF changes
> last I checked, but I am not positive (I just changed jobs and
> relocated, and still am not on the TianoCore mailing list). I am
> adding him to the reply.
> 
> A
> 
> 
> 2011/9/26 Ian Campbell <Ian.Campbell@citrix.com>:
> > Adding Bei Guan and Andrey Warkentin who I think were student and
mentor
> > respectively. Hi guys!
> >
> > On Sun, 2011-09-25 at 15:50 +0100, Keir Fraser wrote:
> >> The GSOC project student seemed to be making good progress, and
there were
> >> others on the OVMF side who were giving him support. I
haven''t heard
> >> anything in about a month now, though.
> >
> > It would be very interesting to get an update (or a pointer to one) of
> > the status/result of this particular project now that the GSoC is
over.
> >
> > Thanks,
> > Ian.


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On 27/09/2011 07:41, "Ian Campbell" <Ian.Campbell@eu.citrix.com>
wrote:
>> OVMF is aware of Xen, and work was being done on a PV block device
>> (Bei got as far as hypercall support and xenstore). Bei, are you
>> working on the PV block driver? I want to say we''re pretty
close on
>> that one (PV block not very hard, and neither is the block device
>> abstraction for EFI).
> 
> Thanks for the update, it sounds like it''s pretty far along.
> 
> The PV enhancements etc sound great but it would be nice if we could tie
> up the baseline stuff so that folks can start using it.
Yes, we''d rather get something basically working into the tree, than
wait
for everything to be absolutely perfect.
> Is Bei still working on the project since the end of GSoC? If not is
> there an archive of what he accomplished so that we can find someone to
> pick up on it if necessary?
> 
>> I/Bei had patches against hvmloader (to support booting OVMF) and Bei
>> had patches against the management stack as well to expose the
>> functionality of picking OVMF as the firmware. I believe all of these
>> were sent to xen development list.
> 
> I remember these. A bunch got applied after some discussion but IIRC not
> all of them were? Bei, are you able to resend the ones which did not?
Pretty much all the non-ovmf-specific changes went in (i.e., the most
contentious bits, to existing hvmloader code, should be pretty much checked
in already).

 -- Keir
> Is there a wiki page or something somewhere detailing what a user needs
> to do (i.e. build steps, guest cfg etc) in order to use the UEFI
> support?


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Hi,

2011/9/27 Keir Fraser <keir.xen@gmail.com>:
> On 27/09/2011 07:41, "Ian Campbell"
<Ian.Campbell@eu.citrix.com> wrote:
>
>>> OVMF is aware of Xen, and work was being done on a PV block device
>>> (Bei got as far as hypercall support and xenstore). Bei, are you
>>> working on the PV block driver? I want to say we''re pretty
close on
>>> that one (PV block not very hard, and neither is the block device
>>> abstraction for EFI).
>>
>> Thanks for the update, it sounds like it''s pretty far along.
>>
>> The PV enhancements etc sound great but it would be nice if we could
tie
>> up the baseline stuff so that folks can start using it.
>
> Yes, we''d rather get something basically working into the tree,
than wait
> for everything to be absolutely perfect.
>
>> Is Bei still working on the project since the end of GSoC? If not is
>> there an archive of what he accomplished so that we can find someone to
>> pick up on it if necessary?
>>
>>> I/Bei had patches against hvmloader (to support booting OVMF) and
Bei
>>> had patches against the management stack as well to expose the
>>> functionality of picking OVMF as the firmware. I believe all of
these
>>> were sent to xen development list.
>>
>> I remember these. A bunch got applied after some discussion but IIRC
not
>> all of them were? Bei, are you able to resend the ones which did not?
>
> Pretty much all the non-ovmf-specific changes went in (i.e., the most
> contentious bits, to existing hvmloader code, should be pretty much checked
> in already).
>
This is just a ping to let you know that I''m still on this.
I''ll
update you guys as soon as
I can get Bei''s work on top of latest hg tree building and running.

Thanks,
A

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On Mon, 2011-10-10 at 19:52 +0100, Andrei E. Warkentin
wrote:
> 
> This is just a ping to let you know that I''m still on this.
I''ll
> update you guys as soon as
> I can get Bei''s work on top of latest hg tree building and
running.
Thanks Andrei. If there''s anything I can do to help please let me know.

Ian.



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel