[U-Boot] [PATCH v2 1/1] efi_loader: add a README.iscsi describing booting via iSCSI

Alexander Graf agraf at suse.de
Sat Jan 27 20:14:17 UTC 2018



On 26.01.18 20:52, Heinrich Schuchardt wrote:
> The appended README explains how U-Boot and iPXE can be used
> to boot a diskless system from an iSCSI SAN.
> 
> The maintainer for README.efi and README.iscsi is set.
> 
> Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
> ---
> v2
> 	mention work on TCP and wget
> 	remove VLAN drawing
> 	fix reference of EFI service used by Grub
> ---
>  MAINTAINERS               |   2 +
>  doc/README.iscsi          | 159 ++++++++++++++++++++++++++++++++++++++++++++++
>  lib/efi_loader/efi_file.c |   9 +++

I'm quite sure you did not mean to send those changes along as well ;).

>  3 files changed, 170 insertions(+)
>  create mode 100644 doc/README.iscsi
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index d459153503..6e94cee5d3 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -286,6 +286,8 @@ EFI PAYLOAD
>  M:	Alexander Graf <agraf at suse.de>
>  S:	Maintained
>  T:	git git://github.com/agraf/u-boot.git
> +F:	doc/README.efi

Not sure I want to maintain README.efi in its current state. How about
we just leave this part to your other patch?

> +F:	doc/README.iscsi
>  F:	include/efi*
>  F:	lib/efi*/
>  F:	test/py/tests/test_efi*
> diff --git a/doc/README.iscsi b/doc/README.iscsi
> new file mode 100644
> index 0000000000..a731c06feb
> --- /dev/null
> +++ b/doc/README.iscsi
> @@ -0,0 +1,159 @@
> +# iSCSI booting with U-Boot and iPXE
> +
> +## Motivation
> +
> +U-Boot has only a reduced set of supported network protocols. The focus for
> +network booting has been on UDP based protocols. A TCP stack and HTTP support
> +are expected to be integrated in 2018 together with a wget command.
> +
> +For booting a diskless computer this leaves us with BOOTP or DHCP to get the
> +address of a boot script. TFTP or NFS can be used to load the boot script, the
> +operating system kernel and the initial file system (initrd).
> +
> +These protocols are insecure. The client cannot validate the authenticity
> +of the contacted servers. And the server cannot verify the identity of the
> +client.
> +
> +Furthermore the services providing the operating system loader or kernel are
> +not the ones that the operating system typically will use. Especially in a SAN
> +environment this makes updating the operating system a hassle. After installing
> +a new kernel version the boot files have to be copied to the TFTP server
> +directory.
> +
> +The HTTPS protocol provides certificate based validation of servers. Sensitive
> +data like passwords can be securely transmitted.
> +
> +The iSCSI protocol is used for connecting storage attached networks. It
> +provides mutual authentication using the CHAP protocol. It typically runs on
> +a TCP transport.
> +
> +Thus a better solution than DHCP/TFTP/NFS boot would be to load a boot script
> +via HTTPS and to download any other files needed for booting via iSCSI from the
> +same target where the operating system is installed.
> +
> +An alternative to implementing these protocols in U-Boot is to use an existing
> +software that can run on top of U-Boot. iPXE is the "swiss army knife" of
> +network booting. It supports both HTTPS and iSCSI. It has a scripting engine for
> +fine grained control of the boot process and can provide a command shell.
> +
> +iPXE can be built as an EFI application (named snp.efi) which can be loaded and
> +run by U-Boot.
> +
> +## Boot sequence
> +
> +U-Boot loads the EFI application iPXE snp.efi using the bootefi command. This
> +application has network access via the simple network protocol offered by
> +U-Boot.
> +
> +iPXE executes its internal script. This script may optionally chain load a
> +secondary boot script via HTTPS or open a shell.
> +
> +For the further boot process iPXE connects to the iSCSI server. This includes
> +the mutual authentication using the CHAP protocol. After the authentication iPXE
> +has access to the iSCSI targets.
> +
> +For a selected iSCSI target iPXE sets up a handle with the block IO protocol. It
> +uses the ConnectController boot service of U-Boot to request U-Boot to connect a
> +file system driver. U-Boot reads from the iSCSI drive via the block IO protocol
> +offered by iPXE. It creates the partition handles and installs the simple file
> +protocol. Now iPXE can call the simple file protocol to load Grub. U-Boot uses
> +the block IO protocol offered by iPXE to fulfill the request.
> +
> +Once Grub is started it uses the same block IO protocol to load Linux. Via
> +the EFI stub Linux is called as an EFI application.
> +
> +```
> +               +--------+          +--------+
> +               |        | Runs     |        |
> +               | U-Boot |=========>| iPXE   |
> +               | EFI    |          | snp.efi|
> ++--------+     |        | DHCP     |        |
> +|        |<====|********|<=========|        |
> +| DHCP   |     |        | Get IP   |        |
> +| Server |     |        | Adress   |        |
> +|        |====>|********|=========>|        |
> ++--------+     |        | Response |        |
> +               |        |          |        |
> +               |        |          |        |
> ++--------+     |        | HTTPS    |        |
> +|        |<====|********|<=========|        |
> +| HTTPS  |     |        | Load     |        |
> +| Server |     |        | Script   |        |
> +|        |====>|********|=========>|        |
> ++--------+     |        |          |        |
> +               |        |          |        |
> +               |        |          |        |
> ++--------+     |        | iSCSI    |        |
> +|        |<====|********|<=========|        |
> +| iSCSI  |     |        | Auth     |        |
> +| Server |====>|********|=========>|        |
> +|        |     |        |          |        |
> +|        |     |        | Loads    |        |
> +|        |<====|********|<=========|        |        +--------+
> +|        |     |        | Grub     |        | Runs   |        |
> +|        |====>|********|=========>|        |=======>| Grub   |
> +|        |     |        |          |        |        |        |
> +|        |     |        |          |        |        |        |
> +|        |     |        |          |        | Loads  |        |
> +|        |<====|********|<=========|********|<=======|        |      +--------+
> +|        |     |        |          |        | Linux  |        | Runs |        |
> +|        |====>|********|=========>|********|=======>|        |=====>| Linux  |
> +|        |     |        |          |        |        |        |      |        |
> ++--------+     +--------+          +--------+        +--------+      |        |
> +                                                                     |        |
> +                                                                     |        |
> +                                                                     | ~ ~ ~ ~|
> +```
> +
> +## Security
> +
> +The iSCSI protocol is not encrypted. The traffic could be secured using IPsec
> +but neither U-Boot nor iPXE does not support this. So we should at least

neither ... nor ... <positive expression>

So in your case "... but neither U-Boot nor iPXE support this".


Otherwise LGTM.

Alex


More information about the U-Boot mailing list