XPDS14 - Xen in EFI World - Daniel Kiper, Oracle
Upcoming SlideShare
Loading in...5
×
 

XPDS14 - Xen in EFI World - Daniel Kiper, Oracle

on

  • 165 views

EFI is a very hot topic now because more and more hardware vendors are providing some new systems with it. The long term goal is a total removal of legacy BIOS support. It means that Xen should be ...

EFI is a very hot topic now because more and more hardware vendors are providing some new systems with it. The long term goal is a total removal of legacy BIOS support. It means that Xen should be prepared for that case. Indeed it is mostly ready. During this presentation it will be shown what EFI is in real and how Xen and other required pieces use EFI infrastructure. However, there are still some shortcomings in Xen and they will be described too. There will be also some guidance how to efficiently start Xen on EFI platform. Some guests topics related to EFI also will be covered.

Statistics

Views

Total Views
165
Views on SlideShare
151
Embed Views
14

Actions

Likes
0
Downloads
5
Comments
0

2 Embeds 14

http://www.xenproject.org 8
http://xenproject.org 6

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

XPDS14 - Xen in EFI World - Daniel Kiper, Oracle XPDS14 - Xen in EFI World - Daniel Kiper, Oracle Presentation Transcript

  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Xen in EFI World Daniel Kiper e-mail: daniel.kiper@oracle.com 3
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Presentation agenda •Firmware •PC BIOS •EFI •Xen & EFI •QEMU & Open Virtual Machine Firmware (OVMF) •Documentation •Questions and Answers 4
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | FIRMWARE •The combination of software and data that reside on readonly memory (IEEE 100 The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition) •A program, typically stored in read-only memory, that controls a computer from the time that it is turned on until the time that the primary operating system assumes control of the computer (IEEE 100 The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition) •There are more of them and all of them are not precise •And some of them have a notice: The confusion surrounding this term has led some to suggest that it be avoided altogether  (IEEE 100 The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition) Definitions 5
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | PC Basic Input Output System (BIOS) •PC BIOS/ROM BIOS was only one proprietary thing in original IBM PC (but source code is publicly available, sic!) •It has many implementations (proprietary and open) •De facto standard but with a bunch of deviations •It initializes hardware after power on and tries to load operating system •It hides hardware details and exposes something that is called the Hardware Abstraction Layer (HAL) to a given OS •Due to shortcomings later it was extended by ACPI, SMBIOS and other stuff Properties 6
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | PC BIOS •Very buggy •New hardware with advanced features cannot be handled easily (e.g. new large disks or SSD) •Slow especially without BIOS caching feature •It runs in real mode only •Today used mainly to initialize hardware after power on and to load operating system •New operating systems sometimes use BIOS to get info about hardware configuration •New drivers access hardware directly Shortcomings 7
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | EFI •Initial development was done under the Intel® Boot Initiative program which began in 1998 •New specification was named the Extensible Firmware Interface (EFI) and was targeted to the next generation of IA architecture-based computers •In 2005 the Unified EFI Forum was established and took over work on EFI •Specification was renamed the Unified Extensible Firmware Interface (UEFI) and its development was based on Intel’s EFI 1.10 Specification •Original EFI Specification ends with version 1.10 •Latest UEFI 2.4 Specification was released on July 11, 2013 History 8
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | UEFI •Coherent, scalable platform environment •Abstraction of the OS from the firmware •Reasonable device abstraction free of legacy interfaces •Abstraction of Option ROMs from the firmware •Architecturally shareable system partition •Evolutionary, not revolutionary •Compatibility by design •Simplifies addition of OS-neutral platform value-add •Built on existing investment •Copyright 2006-2013 Unified EFI, Inc. All Rights Reserved. Goals 9
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | UEFI •Copyright 2006-2013 Unified EFI, Inc. All Rights Reserved. Conceptual Overview 10
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | UEFI •Copyright 2006-2013 Unified EFI, Inc. All Rights Reserved. Booting Sequence 11
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Xen hypervisor •EFI support was introduced in Xen 4.2 •Only EFI loader is fully supported now •GRUB/GRUB2 multiboot protocol and Xen do not work on EFI platform •But GRUB2 with fakebios and chainloader can be used to load xen.efi on EFI platform (this option was not tested deeply) •Daniel Kiper from Oracle works on full GRUB2 support •Support for Secure Boot with GRUB2 will not be available at first •GRUB2 requires some changes to support Secure Boot Current state 12
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Dom0 kernels •Upstream Linux Kernel will have Xen dom0 EFI support from 3.17-rc1 •Jan Beulich from SUSE, Liang Tang and Daniel Kiper from Oracle prepared Xen dom0 EFI implementation for x86 •Most of above mentioned code is independent of architecture, so it can be easily used on ARM architecture (and others if needed) Current state 13
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | EFI support in guests •Open Virtual Machine Firmware (OVMF) was added to Xen source some time ago •Wei Liu from Citrix added code which passes memory information from hvmloader to OVMF and fixed some memory layout issues in OVMF •Anthony Perard from Citrix works on getting PV driver to work in OVMF guests •OVMF support is now under tests in OSSTest •OVMF support is considered as experimental in Xen 4.4 Current state 14
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Xen hypervisor •multiboot (v1) protocol has been supported since its beginning •It does not have any knowledge about EFI stuff (e.g. EFI tables) •This protocol is very rigid, i.e. we are not able to easily pass any extra information for which there is no room in multiboot info structure •It means that we are not able to pass EFI data to Xen (e.g. memory layout with EFI attributes) •multiboot2 protocol is a solution to that problem •It uses a list or arguments which can be easily extended but… •There is limited support for EFI stuff (e.g. ACPI RSDP, EFI tables, EFI memory map) multiboot2 protocol support development 15
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Xen hypervisor •GRUB2 calls ExitBootServices() •multiboot2 protocol requires x86 32-bit mode but Xen EFI is 64-bit mode application •How to solve above mentioned issues? multiboot2 protocol support development 16
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Xen hypervisor •To disable ExitBootServices() call by special tag (done) •To leave processor in native EFI mode (in this case 64-bit mode) •To use Boot Services from Xen code to explore platform details (memory map, ACPI, SMBIOS, EDD, and graphic card mode) •To call ExitBootServices() from Xen code •To execute Xen code as usual •What code changes are needed? multiboot2 protocol support development 17
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Xen hypervisor •We introduce third boot protocol to Xen (currently we have mutliboot - v1 - and EFI loader support), so we should… •Remove strong dependency on mutliboot (v1) protocol and introduce Xen boot info structure which will be used to pass all boot arguments from any boot protocol to __start_xen() (done; needs to be posted) •Add EFI support to Xen ELF executable (almost done) •Wrap Xen ELF executable into PE header; needed for Secure Boot support (needs to be done) •Maybe we should consider compressing Xen ELF before packing it into PE, however, it requires more work •Xen ELF before/after compression: ~2 MiB/~900 KiB •Debian experimental /boot/vmlinuz-3.16-rc6-amd64: ~3 MiB multiboot2 protocol support development 18
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Dom0 kernels •EFI stuff is fully owned and controlled by Xen hypervisor •dom0 needs some access to EFI Runtime Services •Hence, all calls from dom0 to EFI must be requested via special hypercall which in turn executes relevant EFI code on behalf of dom0 How it works 19
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Dom0 kernels •When dom0 kernel boots it checks for EFI availability on a machine. •If it is detected then artificial EFI system table is filled •Native EFI calls are replaced by functions which mimics them by calling relevant hypercall •Pointer to EFI system table is passed to standard EFI machinery and it continues EFI subsystem initialization taking into account that there is no direct access to EFI boot services, runtime, tables, structures, etc. •System runs as usual How it works 20
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | How to run Xen on EFI platform •To build xen.efi binary (howto: xen/docs/misc/efi.markdown) •To create xen.cfg file on EFI System partition [global] default=xen-serial [xen-serial] options=com1=115200,8n1 dom0_mem=1g,max:1g console=com1,vga kernel=vmlinuz.efi root=/dev/sda1 ro console=tty1 console=hvc0 ramdisk=initrd.gz •xen.efi, xen.cfg, kernel and ramdisk file should live on EFI System partition •To execute xen.efi binary from EFI loader EFI loader case 21
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Open Virtual Machine Firmware (OVMF) •OVMF is a project to enable support for UEFI within Virtual Machines. It is built upon the EDK II code base. (http://tianocore.sourceforge.net/) •OVMF-X64-r15214.zip and OVMF-IA32-r15214.zip files with OVMF binaries for QEMU are available at TianoCore site •Some companies/individuals (e.g. SUSE) publish own OVMF releases •You can also build your own OVMF binaries •Relevant instructions are available at TianoCore site and http://wiki.ubuntu.com/UEFI/EDK2 or http://www.linux-kvm.org/page/OVMF •But this process is quite complicated UEFI within Virtual Machines 22
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | QEMU •QEMU is a generic and open source machine emulator and virtualizer (http://wiki.qemu.org/Main_Page) •Good to do some arch testing and virtualization (as it is) but also excellent for debugging •# qemu … -pflash <path_to_OVMF.fd> … •# qemu … -bios <path_to_OVMF.fd> … •# qemu … -L <dir_with_your_ovmf_payload> … •<dir_with_your_ovmf_payload> should contain at least bios.bin and keymaps directory but some versions require also kvmvapic.bin, pxe-e1000.rom and vgabios-cirrus.bin How to play with EFI without soldering equipment 23
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Documentation •http://www.classiccomputers.info/manuals.html •http://www.intel.com/ •http://www.uefi.org/ •http://www.xenproject.org/ •http://wiki.qemu.org/Main_Page •http://tianocore.sourceforge.net/ •http://wiki.ubuntu.com/UEFI/EDK2 •http://www.linux-kvm.org/page/OVMF 24
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Documentation •http://www.kraxel.org/repos/ •git://git.code.sf.net/p/tianocore/edk2 •Panda is Xen Project mascot •EPROM pictures were taken by Richard Wheeler (http://www.richardwheeler.net/) 25
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Questions and Answers 26
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 27
  • Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 28