From: jbeulich@suse.com
Subject: allow non-pv-ops kernel to be built as bzImage
Patch-mainline: n/a
This, by enabling the EFI_STUB config option, is a prerequisite for
secure boot.
The XEN_ADVANCED_COMPRESSION part could be merged into the 2.6.30
patch (but is probably better kept here).
--- head.orig/arch/x86/Kconfig 2014-01-07 17:30:58.000000000 +0100
+++ head/arch/x86/Kconfig 2014-01-07 17:31:03.000000000 +0100
@@ -1586,7 +1586,7 @@ config EFI
config EFI_STUB
bool "EFI stub support"
- depends on EFI && !XEN
+ depends on EFI && (!XEN || XEN_BZIMAGE)
select RELOCATABLE
---help---
This kernel feature allows a bzImage to be loaded directly
@@ -1809,6 +1809,34 @@ config PHYSICAL_ALIGN
Don't change this unless you know what you are doing.
+config XEN_BZIMAGE
+ bool "Produce bzImage (rather than ELF) format executable"
+# depends on XEN && (XEN_COMPAT >= (XEN_UNPRIVILEGED_GUEST ? 0x030402 : 0x040000))
+ depends on XEN
+ depends on !XEN_COMPAT_030002_AND_LATER
+ depends on !XEN_COMPAT_030004_AND_LATER
+ depends on !XEN_COMPAT_030100_AND_LATER
+ depends on !XEN_COMPAT_030200_AND_LATER
+ depends on !XEN_COMPAT_030300_AND_LATER
+ depends on !XEN_COMPAT_030400_AND_LATER
+# depends on XEN_UNPRIVILEGED_GUEST || !XEN_COMPAT_030402_AND_LATER
+ select HAVE_KERNEL_BZIP2 if XEN_ADVANCED_COMPRESSION
+ select HAVE_KERNEL_LZMA if XEN_ADVANCED_COMPRESSION
+# select HAVE_KERNEL_XZ if XEN_ADVANCED_COMPRESSION && (XEN_COMPAT > 0x040104)
+ select HAVE_KERNEL_XZ if XEN_ADVANCED_COMPRESSION && !XEN_COMPAT_040000_AND_LATER && !XEN_COMPAT_040100_AND_LATER
+ select HAVE_KERNEL_LZO if XEN_ADVANCED_COMPRESSION && !XEN_COMPAT_040000_AND_LATER
+# select HAVE_KERNEL_LZ4 if XEN_ADVANCED_COMPRESSION && (XEN_COMPAT >= 0x040400)
+ select HAVE_KERNEL_LZ4 if XEN_ADVANCED_COMPRESSION && !XEN_COMPAT_040000_AND_LATER \
+ && !XEN_COMPAT_040100_AND_LATER && !XEN_COMPAT_040200_AND_LATER \
+ && !XEN_COMPAT_040300_AND_LATER
+ ---help---
+ Select whether, at the price of being incompatible with pre-3.4
+ (pre-4.0 for Dom0) hypervisor versions, you want the final image
+ to be in bzImage format, including the option to compress its
+ embedded ELF image with methods better than gzip.
+ Note that this is a prerequiste for building a kernel that can be
+ used for secure boot from UEFI.
+
config HOTPLUG_CPU
bool "Support for hot-pluggable CPUs"
depends on SMP
--- head.orig/arch/x86/Makefile 2013-12-10 10:41:39.000000000 +0100
+++ head/arch/x86/Makefile 2013-12-11 11:57:44.000000000 +0100
@@ -228,7 +228,9 @@ LINUXINCLUDE := -D__XEN_INTERFACE_VERSIO
ifdef CONFIG_X86_64
LDFLAGS_vmlinux := -e startup_64
endif
+endif
+ifeq ($(CONFIG_XEN)-$(CONFIG_XEN_BZIMAGE),y-)
# Default kernel to build
all: vmlinuz
--- head.orig/arch/x86/boot/Makefile 2013-12-02 17:45:43.000000000 +0100
+++ head/arch/x86/boot/Makefile 2013-12-11 11:57:51.000000000 +0100
@@ -35,6 +35,8 @@ setup-y += video-vga.o
setup-y += video-vesa.o
setup-y += video-bios.o
+setup-$(CONFIG_XEN) := header.o version.o
+
targets += $(setup-y)
hostprogs-y := mkcpustr tools/build
@@ -187,7 +189,7 @@ $(obj)/vmlinux-stripped: OBJCOPYFLAGS :=
$(obj)/vmlinux-stripped: vmlinux FORCE
$(call if_changed,objcopy)
-ifndef CONFIG_XEN
+ifneq ($(CONFIG_XEN)-$(CONFIG_XEN_BZIMAGE),y-)
bzImage := bzImage
else
bzImage := vmlinuz
--- head.orig/arch/x86/boot/boot.h 2014-06-08 20:19:54.000000000 +0200
+++ head/arch/x86/boot/boot.h 2014-02-20 15:50:52.000000000 +0100
@@ -23,8 +23,12 @@
#include <stdarg.h>
#include <linux/types.h>
#include <linux/edd.h>
+#ifndef CONFIG_XEN
#include <asm/boot.h>
#include <asm/setup.h>
+#else
+#include <asm/bootparam.h>
+#endif
#include "bitops.h"
#include "ctype.h"
#include "cpuflags.h"
--- head.orig/arch/x86/boot/compressed/Makefile 2014-03-31 05:40:15.000000000 +0200
+++ head/arch/x86/boot/compressed/Makefile 2014-01-07 17:31:06.000000000 +0100
@@ -21,6 +21,9 @@ KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__A
GCOV_PROFILE := n
LDFLAGS := -m elf_$(UTS_MACHINE)
+ifeq ($(CONFIG_XEN),y)
+LDFLAGS += -e 0
+endif
LDFLAGS_vmlinux := -T
hostprogs-y := mkpiggy
@@ -35,6 +38,9 @@ $(obj)/eboot.o: KBUILD_CFLAGS += -fshort
ifeq ($(CONFIG_EFI_STUB), y)
VMLINUX_OBJS += $(obj)/eboot.o $(obj)/efi_stub_$(BITS).o
endif
+ifeq ($(CONFIG_XEN), y)
+ VMLINUX_OBJS = $(obj)/vmlinux.lds $(obj)/piggy.o
+endif
$(obj)/vmlinux: $(VMLINUX_OBJS) FORCE
$(call if_changed,ld)
--- head.orig/arch/x86/boot/header.S 2014-07-29 10:32:13.000000000 +0200
+++ head/arch/x86/boot/header.S 2013-03-25 16:37:43.000000000 +0100
@@ -440,6 +440,9 @@ setup_data: .quad 0 # 64-bit physical
pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr
+#ifdef CONFIG_XEN
+#define ZO_startup_32 0
+#endif
#define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_extract_offset)
#define VO_INIT_SIZE (VO__end - VO__text)
#if ZO_INIT_SIZE > VO_INIT_SIZE
@@ -454,6 +457,7 @@ handover_offset: .long 0 # Filled in b
.section ".entrytext", "ax"
start_of_setup:
+#ifndef CONFIG_XEN
# Force %es = %ds
movw %ds, %ax
movw %ax, %es
@@ -526,3 +530,4 @@ die:
setup_corrupt:
.byte 7
.string "No setup signature found...\n"
+#endif /* CONFIG_XEN */
--- head.orig/arch/x86/boot/tools/build.c 2014-07-29 10:32:13.000000000 +0200
+++ head/arch/x86/boot/tools/build.c 2013-12-11 11:57:53.000000000 +0100
@@ -43,8 +43,10 @@ typedef unsigned int u32;
#define DEFAULT_MINOR_ROOT 0
#define DEFAULT_ROOT_DEV (DEFAULT_MAJOR_ROOT << 8 | DEFAULT_MINOR_ROOT)
+#ifndef CONFIG_XEN
/* Minimal number of setup sectors */
#define SETUP_SECT_MIN 5
+#endif
#define SETUP_SECT_MAX 64
/* This must be large enough to hold the entire setup */
@@ -356,8 +358,8 @@ int main(int argc, char ** argv)
c = fread(buf, 1, sizeof(buf), file);
if (ferror(file))
die("read-error on `setup'");
- if (c < 1024)
- die("The setup must be at least 1024 bytes");
+ if (c <= 512)
+ die("The setup must be more than 512 bytes");
if (get_unaligned_le16(&buf[510]) != 0xAA55)
die("Boot block hasn't got boot flag (0xAA55)");
fclose(file);
@@ -366,8 +368,10 @@ int main(int argc, char ** argv)
/* Pad unused space with zeros */
setup_sectors = (c + 511) / 512;
+#ifdef SETUP_SECT_MIN
if (setup_sectors < SETUP_SECT_MIN)
setup_sectors = SETUP_SECT_MIN;
+#endif
i = setup_sectors*512;
memset(buf+c, 0, i-c);
--- head.orig/drivers/xen/Kconfig 2014-01-30 10:41:54.000000000 +0100
+++ head/drivers/xen/Kconfig 2014-01-30 10:42:09.000000000 +0100
@@ -342,6 +342,17 @@ config XEN_VCPU_INFO_PLACEMENT
This allows faster access to the per-vCPU shared info
structure.
+config XEN_ADVANCED_COMPRESSION
+ def_bool y
+# depends on XEN && (XEN_UNPRIVILEGED_GUEST || X86) && (XEN_COMPAT >= 0x040000)
+ depends on XEN && (XEN_UNPRIVILEGED_GUEST || X86)
+ depends on !XEN_COMPAT_030002_AND_LATER
+ depends on !XEN_COMPAT_030004_AND_LATER
+ depends on !XEN_COMPAT_030100_AND_LATER
+ depends on !XEN_COMPAT_030200_AND_LATER
+ depends on !XEN_COMPAT_030300_AND_LATER
+ depends on !XEN_COMPAT_030400_AND_LATER
+
endmenu
config HAVE_IRQ_IGNORE_UNHANDLED