Hi Steve, Thanks for the ping on this.
Adhemerval, Oliver, are either of you familiar with this stuff https://sourceware.org/bugzilla/show_bug.cgi?id=26206 ? Regards, -- Maxim Kuvyrkov https://www.linaro.org > On 25 Jun 2021, at 15:13, Steve McIntyre <93...@debian.org> wrote: > > Hi folks, > > I'm hoping that I might be able to get some development help with > binutils for aarch64... > > I'm maintaining the UEFI Secure Boot stack in Debian (shim etc.), > including for arm64/aarch64 (as I wanted to make that work too!). UEFI > binaries are awkward for those of used to the Linux and ELF world - > they're PE/COFF format with different calling conventions to match the > Microsoft world. But we've made things work. > > On x86 platforms, the shim build process uses objcopy > --target=efi-app-$(ARCH) to produce the final output binaries. We've > never had similar support for the aarch64 platform, and instead > somebody came up with a method using locally-hacked linker script and > "-O binary" to generate the output binaries. That's worked well > enough for a while, but it's been annoying for various reasons > (particularly debugging problems). > > *However*, recently for security reasons we've tweaked the layout of > Secure Boot binaries [1] and this has caused lots of problems. The > older hacks to hand-build the right sections etc. needed significant > extra work, and we're still dealing with awkward bugs related to > this. Based ont these problems, I recently had to make the painful > decision to drop support for arm64 SB in Debian. I know that other > distributions are feeling similar pain. :-( > > Rather than continuing to hack on things, I think it's (way past) time > that we did things correctly! We need aarch64 binary format support in > binutils so we can just use it like we do on x86. AFAICS, there is > already a bug open asking for this from last year [2]. Could I please > prevail on some friendly neighourhood aarch64 toolchain engineer to > help with that? > > Thanks for considering, > > Steve > > [1] https://github.com/rhboot/shim/blob/main/SBAT.md > [2] https://sourceware.org/bugzilla/show_bug.cgi?id=26206#add_comment > > -- > Steve McIntyre, Cambridge, UK. st...@einval.com > "...In the UNIX world, people tend to interpret `non-technical user' > as meaning someone who's only ever written one device driver." -- Daniel Pead > > _______________________________________________ > linaro-toolchain mailing list > linaro-toolchain@lists.linaro.org > https://lists.linaro.org/mailman/listinfo/linaro-toolchain _______________________________________________ linaro-toolchain mailing list linaro-toolchain@lists.linaro.org https://lists.linaro.org/mailman/listinfo/linaro-toolchain
