ACRN vMeet-Up EU 2021 - Boot Process and Secure Boot

1. Boot process and Secure boot Sun Victor <victor.sun@intel.com> Huang Yonghua <yonghua.huang@intel.com> ACRN vMeet-Up Europe 2021

2. Agenda ▹Boot loader and Multiboot protocol ▹ACRN hypervisor and VMs boot ▹ACRN boot components ▹Secure boot

3. Boot loader and Multiboot protocol 5/28/2021 3

4. Boot loader ▹ A bootloader is software that is responsible for booting a computer. ▹ ACRN uses the multiboot/multiboot2 protocol to boot the hypervisor. ▹ Bootloaders supported by ACRN: ❑ GRUB 2.0x ❑ Intel Slim bootloader ❑ Self-designed UEFI-Stub ✓ under implementation for UEFI secure boot; ✓ The old version in ACRN release 2.0 only support sharing mode (industry scenario) 5/28/2021 4

5. Multiboot protocol ▹ Multiboot ▹ https://www.gnu.org/software/grub/manual/multiboot/multiboot.html ▹ Multiboot2 ▹ https://www.gnu.org/software/grub/manual/multiboot2/multiboot.html 5/28/2021 5

6. Multiboot (version 0.6.96) ▹ Support X86 only ▹ No UEFI support ▹ No kernel/module relocation support ▹ OS Image header: ❑ Magic value 0x1BADB002 in header; ❑ The header must be contained completely within the first 8192 bytes of the OS image, and must be longword (32-bit) aligned. ▹ Machine state: ❑ EAX: Must contain the magic value 0x2BADB002; ❑ EBX: 32-bit physical address of the Multiboot information structure; 5/28/2021 6

7. Multiboot2 (version 2.0) ▹ Support more ISA (Instruction Set Architecture) like x86, MIPS, etc. ▹ UEFI support ▹ Kernel support relocation (but not for modules) ▹ OS Image header: ❑ Magic value 0xE85250D6 in header; ❑ The Multiboot2 header must be contained completely within the first 32768 bytes of the OS image, and must be 64-bit aligned. ▹ Machine state(x86): ❑ EAX: Must contain the magic value 0x36d76289; ❑ EBX: 32-bit physical address of the Multiboot2 information structure; 5/28/2021 7

8. Multiboot support in bootloader ▹SBL support multiboot protocol only ▹GRUB 2.x support both multiboot / multiboot2 protocol ❑ “multiboot/module” command pair to support multiboot ❑ “multiboot2/module2” command pair to support multiboot2 ❑ “multiboot” command might fail to boot ACRN on UEFI platform because failed to find ACPI RSDP (it could be put anywhere per UEFI spec) 5/28/2021 8

9. Hypervisor and VMs Boot Sequence 5/28/2021 9

10. HV and Pre-launched VM boot sequence 5/28/2021 10 Native mbi Firmware bootloader ACRN boot init e820 init seed VM boot SBL/GRUB Parse & Save mbi Saved mbi VM Loader VM0 VM1 vm_config VM Power Management get_saved_mbi_cmdline() get_saved_mbi_mod(mod_id) mod_id boot_mode load_type

11. Post-launched User VM boot sequence 5/28/2021 11 SOS DM CSE SBL/UEFI ACRN HV Service VM DM OVMF: Initialization Post-launched VM OVMF: OS Loader

12. ACRN boot components 5/28/2021 12

13. ACRN boot components ▹ Multiboot kernel ❑ HV binary ▹ Multiboot modules ❑ VM kernel image ❑ VM ACPI binary (pre-launched VM only) ❑ VM ramdisk image 5/28/2021 13

14. GRUB config example menuentry 'ACRN Multiboot1 Zephyr + Linux' { load_video insmod gzio insmod part_gpt insmod ext2 multiboot --quirk-modules-after-kernel /boot/acrn.32.out module /boot/bzImage Linux_bzImage module /boot/zephyr.bin Zephyr_RawImage } 5/28/2021 14 menuentry 'ACRN Multiboot2 hybrid_rt' { load_video insmod gzio insmod part_gpt insmod ext2 multiboot2 /boot/acrn.bin module2 /boot/uos_bzImage RT_bzImage module2 /boot/ACPI_VM0.bin ACPI_VM0 module2 /boot/bzImage Linux_bzImage }

15. Secure Boot 5/28/2021 15

16. Verified Boot Sequence with SBL 5/28/2021 16 DM APP2 Android VM 2 CSE SBL ACRN Service VM Kernel Device Model APP1 OVMF: Initialization Guest OS Guest VM 1 OVMF: OS Loader Stitched as one image Safety OS Kernel multiboot • CSE verifies SBL • SBL verifies ACRN & Safety OS kernel (if there is) & Service VM Kernel • Service MV kernel verifies DM & OVMF thru dm-verity • OVMF starts the guest side verification process

17. Verified Boot Sequence with UEFI/GRUB 5/28/2021 17 - CSE verifies UEFI - UEFI verifies Shim/GRUB - GRUB verifies ACRN, Service VM kernel and pre-launched OS kernel - Service VM kernel verifies DM and User VM OVMF through DM-verity - User VM OVMF starts the guest side verified boot process UEFI Multiboot Device Model OVMF ….. CSE Service VM Kernel Safety OS Kernel Shim/ Grub ACRN Service VM DM-Verity

18. Boot Sequence w/o GRUB on UEFI (under development) 5/28/2021 18 - CSE verifies UEFI - UEFI verifies Shim - Shim verifies acrn.efi - acrn.efi run efi-stub code and unpack all ACRN components - Service VM kernel and pre-launched OS kernel - Service VM kernel verifies DM and User VM OVMF through DM-Verity - User VM OVMF starts the guest side verified boot process UEFI Device Model OVMF ….. CSE Service VM Kernel Safety OS Kernel Shim ACRN Service VM DM-Verity EFI- stub acrn.efi Packed ACRN compo nents

ACRN vMeet-Up EU 2021 - Boot Process and Secure Boot

You are reading a preview.

Check these out next

ACRN vMeet-Up EU 2021 - Boot Process and Secure Boot

More Related Content

Slideshows for you (20)

Similar to ACRN vMeet-Up EU 2021 - Boot Process and Secure Boot (20)

More from Project ACRN (8)

Recently uploaded (20)