Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Mar 2018 21:48:42 +0100
From:      "Thomas Schmitt" <scdbackup@gmx.net>
To:        freebsd-hackers@freebsd.org
Cc:        freebsd-current@freebsd.org
Subject:   Re: Testing requested: Hybrid ISO/USB boot
Message-ID:  <3373772881814803857@scdbackup.webframe.org>
In-Reply-To: <D606FA1E-8E53-4D57-8A3C-2914B92385D6@FreeBSD.org>
References:  <D606FA1E-8E53-4D57-8A3C-2914B92385D6@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi,

Benno Rice wrote:
> I’ve been working on the ability to create hybrid ISO/HDD boot images for
> x86, a la what Linux systems do with ISOHYBRID.

Waving friendly over the fence i feel entitled to give some neighbor's
review.


> The general theory seems to
> be that ISO images have a 32KB hunk of zeroes at the front that they
> generally ignore

It is called System Area. ECMA-119, 6.2.1:
"The System Area shall occupy the Logical Sectors with Logical Sector
 Numbers 0 to 15. The System Area shall be reserved for system use.
 Its content is not specified by this Standard."

I collected some info about possible stuffings in
  https://dev.lovelyhq.com/libburnia/libisofs/raw/master/doc/boot_sectors.txt


> Legacy BIOS with HDD: Sees a DOS MBR [...] sees an active BSD
> slice containing a variant of our BSD boot code that reads from the ISO
> [...] This finds loader in the ISO filesystem

The isohybrid MBRs of SYSLINUX and GRUB expect to get patched-in the block
address of the El Torito no-emulation boot image. To be done by SYSLINUX
program "isohybrid", or xorrisofs options -isohybrid-mbr , --grub2-mbr.

They try to stay small in order to create room for fancy partition tables
GPT and APM. The MBR code even begins by a no-op area where one can put
APM magic numbers which happen to be harmless x86 machine code.


> https://people.freebsd.org/~benno/hybrid-bootonly.iso.xz

This does not look much like it addresses EFI.

  $ xorriso -indev hybrid-bootonly.iso -report_el_torito plain -report_system_area plain
  ...
  El Torito catalog  : 19  1
  El Torito images   :   N  Pltf  B   Emul  Ld_seg  Hdpt  Ldsiz         LBA
  El Torito boot img :   1  BIOS  y   none  0x0000  0x00      4          20
  El Torito boot img :   2  BIOS  y   none  0x0000  0x00   1600          24
  ...
  MBR partition table:   N Status  Type        Start       Blocks
  MBR partition      :   1   0x80  0xa5            1           16

UEFI 2.4, 12.3.2.1, says about El Torito:
"A Platform Id of 0xEF indicates an EFI System Partition."
But entry 2 of this catalog is in a section with Platform Id 0x00 (x86 BIOS).

If byte 38977 (decimal) was 0xef rather than 0x00, then it would be marked
as an El Torito boot image for EFI.

Further: This section begins at byte address 38976 by a byte value 0x90.
According to El Torito specs this means that another section follows.
Correct would be value 0x91, which announces the end of the catalog.
(El Torito 1.0, Figure 4, Offset 0)


On HDD, EFI looks for specially marked partitions in GPT or MBR partition
table.
In MBR partiton table it looks for a partition of type 0xEF.
(UEFI 2.4, 5.2.2)
In GPT it looks for Type GUID C12A7328-F81F-11D2-BA4B-00A0C93EC93B.
(UEFI 2.4, Table 19)

So to mark the EFI partition, hybrid-bootonly.iso should have a MBR
partition number 2 with type 0xEF, start at 512-byte block 24*2048/512 = 96,
size 1600 blocks.
(Strangely El Torito addresses by 2048-byte blocks but counts by 512-byte
 blocks. Size limit is 65535 blocks. But counts 0 and 1 mean to EFI
 "up to end of medium".)


> I’ve tested this image under qemu 

OVMF/SDK-II/Tianocore is too tolerant with the EFI specs and with silently
using BIOS boot equipment. Real iron EFIs insist much more in compliance.


Have a nice day :)

Thomas




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3373772881814803857>