On 26.01.18 20:52, Heinrich Schuchardt wrote:
The appended README explains how U-Boot and iPXE can be used to boot a diskless system from an iSCSI SAN.
The maintainer for README.efi and README.iscsi is set.
Signed-off-by: Heinrich Schuchardt xypron.glpk@gmx.de
v2 mention work on TCP and wget remove VLAN drawing fix reference of EFI service used by Grub
MAINTAINERS | 2 + doc/README.iscsi | 159 ++++++++++++++++++++++++++++++++++++++++++++++ lib/efi_loader/efi_file.c | 9 +++
I'm quite sure you did not mean to send those changes along as well ;).
3 files changed, 170 insertions(+) create mode 100644 doc/README.iscsi
diff --git a/MAINTAINERS b/MAINTAINERS index d459153503..6e94cee5d3 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -286,6 +286,8 @@ EFI PAYLOAD M: Alexander Graf agraf@suse.de S: Maintained T: git git://github.com/agraf/u-boot.git +F: doc/README.efi
Not sure I want to maintain README.efi in its current state. How about we just leave this part to your other patch?
+F: doc/README.iscsi F: include/efi* F: lib/efi*/ F: test/py/tests/test_efi* diff --git a/doc/README.iscsi b/doc/README.iscsi new file mode 100644 index 0000000000..a731c06feb --- /dev/null +++ b/doc/README.iscsi @@ -0,0 +1,159 @@ +# iSCSI booting with U-Boot and iPXE
+## Motivation
+U-Boot has only a reduced set of supported network protocols. The focus for +network booting has been on UDP based protocols. A TCP stack and HTTP support +are expected to be integrated in 2018 together with a wget command.
+For booting a diskless computer this leaves us with BOOTP or DHCP to get the +address of a boot script. TFTP or NFS can be used to load the boot script, the +operating system kernel and the initial file system (initrd).
+These protocols are insecure. The client cannot validate the authenticity +of the contacted servers. And the server cannot verify the identity of the +client.
+Furthermore the services providing the operating system loader or kernel are +not the ones that the operating system typically will use. Especially in a SAN +environment this makes updating the operating system a hassle. After installing +a new kernel version the boot files have to be copied to the TFTP server +directory.
+The HTTPS protocol provides certificate based validation of servers. Sensitive +data like passwords can be securely transmitted.
+The iSCSI protocol is used for connecting storage attached networks. It +provides mutual authentication using the CHAP protocol. It typically runs on +a TCP transport.
+Thus a better solution than DHCP/TFTP/NFS boot would be to load a boot script +via HTTPS and to download any other files needed for booting via iSCSI from the +same target where the operating system is installed.
+An alternative to implementing these protocols in U-Boot is to use an existing +software that can run on top of U-Boot. iPXE is the "swiss army knife" of +network booting. It supports both HTTPS and iSCSI. It has a scripting engine for +fine grained control of the boot process and can provide a command shell.
+iPXE can be built as an EFI application (named snp.efi) which can be loaded and +run by U-Boot.
+## Boot sequence
+U-Boot loads the EFI application iPXE snp.efi using the bootefi command. This +application has network access via the simple network protocol offered by +U-Boot.
+iPXE executes its internal script. This script may optionally chain load a +secondary boot script via HTTPS or open a shell.
+For the further boot process iPXE connects to the iSCSI server. This includes +the mutual authentication using the CHAP protocol. After the authentication iPXE +has access to the iSCSI targets.
+For a selected iSCSI target iPXE sets up a handle with the block IO protocol. It +uses the ConnectController boot service of U-Boot to request U-Boot to connect a +file system driver. U-Boot reads from the iSCSI drive via the block IO protocol +offered by iPXE. It creates the partition handles and installs the simple file +protocol. Now iPXE can call the simple file protocol to load Grub. U-Boot uses +the block IO protocol offered by iPXE to fulfill the request.
+Once Grub is started it uses the same block IO protocol to load Linux. Via +the EFI stub Linux is called as an EFI application.
+```
+--------+ +--------+| | Runs | || U-Boot |=========>| iPXE || EFI | | snp.efi|++--------+ | | DHCP | | +| |<====|********|<=========| | +| DHCP | | | Get IP | | +| Server | | | Adress | | +| |====>|********|=========>| | ++--------+ | | Response | |
| | | || | | |++--------+ | | HTTPS | | +| |<====|********|<=========| | +| HTTPS | | | Load | | +| Server | | | Script | | +| |====>|********|=========>| | ++--------+ | | | |
| | | || | | |++--------+ | | iSCSI | | +| |<====|********|<=========| | +| iSCSI | | | Auth | | +| Server |====>|********|=========>| | +| | | | | | +| | | | Loads | | +| |<====|********|<=========| | +--------+ +| | | | Grub | | Runs | | +| |====>|********|=========>| |=======>| Grub | +| | | | | | | | +| | | | | | | | +| | | | | | Loads | | +| |<====|********|<=========|********|<=======| | +--------+ +| | | | | | Linux | | Runs | | +| |====>|********|=========>|********|=======>| |=====>| Linux | +| | | | | | | | | | ++--------+ +--------+ +--------+ +--------+ | |
| || || ~ ~ ~ ~|+```
+## Security
+The iSCSI protocol is not encrypted. The traffic could be secured using IPsec +but neither U-Boot nor iPXE does not support this. So we should at least
neither ... nor ... <positive expression>
So in your case "... but neither U-Boot nor iPXE support this".
Otherwise LGTM.
Alex