Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

stub: load companions #306

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

stub: load companions #306

wants to merge 11 commits into from

Conversation

RaitoBezarius
Copy link
Member

This makes use of the pio library to discover, charge, measures companions.
Depends on the dynamic initrds PR: #305.

@RaitoBezarius
cargo: use git for uefi-rs
85b4ced 
Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
linux-bootloader: take note of the image_device_path in PeInMemory
29d9faa 
As soon as we open in exclusive our own image, we will not be able easily to re-open it
because of the locking mechanism.

Therefore, we should use the opportunity to get information we may be interested in
and avoid us re-opening the loaded image protocol.

This is useful to know from where you were loaded for example, e.g. filesystem path.
@RaitoBezarius RaitoBezarius marked this pull request as ready for review March 1, 2024 15:45
@RaitoBezarius

This comment was marked as outdated.

Sign in to view
@RaitoBezarius RaitoBezarius marked this pull request as draft March 1, 2024 15:47
@RaitoBezarius RaitoBezarius marked this pull request as ready for review March 1, 2024 15:48
@RaitoBezarius RaitoBezarius force-pushed the stub-loads-companions branch 2 times, most recently from 0f463e4 to a47f0c0 Compare March 1, 2024 15:48
nikstur
nikstur approved these changes Mar 1, 2024
View reviewed changes
Copy link
Member

@nikstur nikstur left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally looks fine, didn't look into it in too in depth because it's new functionality. I'll defer the final review to @blitz.

rust/uefi/stub/src/thin.rs Outdated

/// Compute the necessary padding based on the provided length
/// It returns None if no padding is necessary.
fn compute_pad4(len: usize) -> Option<Vec<u8>> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs some more context, for example why is it called pad4?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And it could just return Vec<u8>, because this can already represent not having to add padding by returning an empty vector and thus simplifying calling code.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done for returning just a Vec.

blitz
blitz requested changes Mar 1, 2024
View reviewed changes
Copy link
Member

@blitz blitz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code has lots of panics. Is it possible to have warnings instead and return Err?

Feel free to ignore the code suggestions, if they don't make sense to you or result in too much refactoring.

rust/uefi/Cargo.toml Outdated Show resolved Hide resolved
rust/uefi/linux-bootloader/src/companions.rs
) -> uefi::Result<Vec<PathBuf>> {
let mut results = Vec::new();

for maybe_entry in fs.read_dir(search_path).unwrap() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this propagate the error instead of panicking?

nit: This would be easier to read as read_dir().iter().filter().map().collect()

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So re-encoding the FileSystemError into uefi::Result is quite difficult because the enum is Io, Path or Utf8Encoding and it's probably going to be very unhelpful to eat the low level errors into high level errors that will produce difficult to debug code IMHO. A better solution would be to have ways to propagate the original error up but there's impedence mismatch with our error management here.

rust/uefi/linux-bootloader/src/companions.rs Outdated Show resolved Hide resolved
rust/uefi/linux-bootloader/src/companions.rs Outdated Show resolved Hide resolved
rust/uefi/linux-bootloader/src/companions.rs Outdated Show resolved Hide resolved
rust/uefi/linux-bootloader/src/measure.rs
let mut credentials_measured = 0;
let mut sysext_measured = false;

for initrd in companions {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: If you filter the irrelevant initds from the vector before iterating, you can simplify this a bit. measurements doesn't have to be imperatively computed, but is then just relevant_initrds.len(). Might not be worth it, but maybe there is a way to make this function less C-like and remove the mutable state for easier reading.

rust/uefi/stub/src/main.rs Outdated Show resolved Hide resolved
rust/uefi/stub/src/main.rs Outdated Show resolved Hide resolved
rust/uefi/stub/src/thin.rs Outdated

/// Compute the necessary padding based on the provided length
/// It returns None if no padding is necessary.
fn compute_pad4(len: usize) -> Option<Vec<u8>> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And it could just return Vec<u8>, because this can already represent not having to add padding by returning an empty vector and thus simplifying calling code.

rust/uefi/stub/src/thin.rs Outdated Show resolved Hide resolved
@RaitoBezarius
linux-bootloader: support code for cpio and discovery
65e73de 
- implements discovery of companions
- implements a thin wrapper on the top of `pio` for our packing
  operations
- implements measurements operations on the new entities in this PR
@RaitoBezarius
stub: discover credentials and system extensions and load them
2c222d4
@RaitoBezarius
stub: measure companion initrds
b12a9c5
@RaitoBezarius
stub(thin): align initrds!
0faade2 
And offer a way to debug CPIO representations just with your eyes,

Here's a useful snippet to transform that representation into a proper binary CPIO using Python:

>>> raw = "<insert the string representation with the proper escaping>"
>>> open("/tmp/cpio", "wb").write(bytes(raw.replace("\\x00", "\x00"), "ascii"))

Then, you can poke the cpio using `cpio -t < /tmp/cpio` or extract it and `cpio` should complain
accordingly.
@RaitoBezarius
stub(*): upgrade to uefi 0.28.0
000d93e 
Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
stub: warn about failed device path to text errors
5ef1a1f 
And do not panic upon them.

Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
stub: slay more panics
507adab 
Make the stub even more graceful than ever.

Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
linux-bootloader: slay a panic
b440b57 
And add a warning.

Signed-off-by: Raito Bezarius <[email protected]>
@RaitoBezarius
stub: simplify compute_pad4
ea2c3bf 
Hopefully, compiler optimizations will avoid the vector allocation path
for already-aligned buffers.

Signed-off-by: Raito Bezarius <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blitz blitz blitz requested changes

@nikstur nikstur nikstur approved these changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
review-next
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@RaitoBezarius @blitz @nikstur