[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v2 0/7] x86/kexec: Secure Boot support

  • To: xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Kevin Lampis <kevin.lampis@xxxxxxxxxx>
  • Date: Tue, 9 Jun 2026 16:45:11 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eRrdUcuadOfoHibR0ucukc4XtiXuGrxKG+qQVPAVGt0=; b=UKOP33xvGXAXDWeFmAueO6nEE6jR8BYG7HosEHG0i4eQtPyLNYOkBO6YIDgvx/ir+7d61Ia1334NecqRbMHw45wnBYel43bX+XDUOSwbAx5e8gzbd7EuOmaVqouhWrN+Cmu3yYDnAUc7EUB9DzDjIPAbJyUBYUE11AM8/mcmeLUZb2Asbj09ApRIXa0X3JWKnLiw66bSIk1Q468x3GxNGZCVCjH+ogRkwA6gUMGEqzrlX+ooc/RGWfeSP7kKZpYUoL6fVQc/ioESb9Q01g2kopNvkNiT/LMwZXIIA/g7px87jtTaD+JARtqI41FNigxs3JRADq2rh+4nbDyJ4PNaBw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=e4x4V4aHBbvqb530XTcsuAK2eaEn6sb5WF6Gz+elxNeWUArv+b5kP5BOVEOnV/R50qjDx+9TJ9UIemIMOiVaiiX5jIh9fALlmNYp2FkGm8Kz8Gm+wl3RXokbhB6CneOF+bEhky5uF7oNefRgVGQNGfeyQY7PoApG399uF5jhHfxZjeLaTBKs2KexhtwQw3S9UubbyPPgvdiUbLHodkweCXWqW6XrA0BFvG+4d07X/JTJk5pHFt0NQAxwuhBPOevhJ8lDw8SvSrLU8tNevKS5OgS+5dav4sGG7eVw7tm0TvPErLZL2EcuZ0DK/nvBbbcSaazNgMaNizgzXYAmX/Bu9Q==
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=citrix.com header.i="@citrix.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: jbeulich@xxxxxxxx, andrew.cooper3@xxxxxxxxxx, roger.pau@xxxxxxxxxx, Kevin Lampis <kevin.lampis@xxxxxxxxxx>
  • Delivery-date: Tue, 09 Jun 2026 15:44:35 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
These changes allow loading and booting an EFI kexec crash kernel.

For this new EFI kexec type, userspace won't provide purgatory code.
Instead Xen jumps directly to the new kernel.

Signature validation is done by the dom0 kernel. Xen then calculates a
digest for all the segments stored in memory. This digest is verified
again during execution. This digest check obviates the need for Xen to
verify Secure Boot signatures directly.

Link to v1: (I should have changed the title and/or version sorry)
https://lore.kernel.org/xen-devel/20260602164911.2684471-1-kevin.lampis@xxxxxxxxxx/

Changes in v2:
- Removed dependency on lockdown mode
- Split work into multiple patches
- Move setup_header to appropriate header file bzimage.h
- Renamed setup_header to less generic name bzimage_header
- I couldn't find a way to use the EFI header instead of setup_header
- Extend digest check to non-EFI crash type
- Do digest check earlier for cleaner failure path
- Print expected vs actual digest on failure
- Swap xen_kexec_segment_t to struct kimage_segment in separate patch
- Plumb boot params into assembly code in separate patch
- Rename rsi parameter to arg
- Remove references to "EFI" in boot params assembly code
- Move %rsi assignment earlier so it is valid for the 32bit path too
- Zero general purpose registers in separate patch
- Zero 32bit version of GPRs for performance and correctness
- Zero GPRs on 32bit kexec path too

Ross Lagerwall (5):
  x86/kexec: add digest checks
  x86/kexec: rename setup_header to bzimage_header
  x86/kexec: add new struct kimage_segment
  x86/kexec: Support non-page-aligned kexec segments
  x86/kexec: Implement new EFI load types

Kevin Lampis (2):
  x86/kexec: Pass boot params directly to new kernel
  x86/kexec: Zero general purpose registers

 xen/arch/x86/bzimage.c                   |  47 +---
 xen/arch/x86/include/asm/bzimage.h       |  44 ++++
 xen/arch/x86/include/asm/machine_kexec.h |   2 +-
 xen/arch/x86/machine_kexec.c             |   3 +-
 xen/arch/x86/x86_64/kexec_reloc.S        |  24 ++
 xen/common/kexec.c                       |  42 +++-
 xen/common/kimage.c                      | 268 +++++++++++++++++++----
 xen/include/public/kexec.h               |  11 +-
 xen/include/xen/kimage.h                 |  23 +-
 9 files changed, 363 insertions(+), 101 deletions(-)

-- 
2.52.0

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.