
Writing an x86 bootloader in Rust that can launch vmlinux - lukastyrychtr
https://vmm.dev/en/rust/krabs.md
======
m463
I can't help but suspect the first item on the list was the whole reason for
this project. :)

    
    
         Hardware initialization:
    
      ==>  Setting the keyboard repeat rate.
           Disable interrupts and mask all interrupt levels.
           Setting Interrupt descriptor (IDT) and segment descriptor (GDT). As a result,
           all selectors (CS, DS, ES, FS, GS) refer to the 4 Gbyte flat linear address space.
           Change the address bus to 32 bits (Enable A20 line).
           Transition to protected mode.
           If the target is ELF64, set the 4G boot pagetable and transition to long mode.

------
varbhat
Looks nice.

I personally don't use Bootloaders anymore , using UEFI directly to boot my
kernel.

Edit: It doesn't require any manual tinkering/maintainance even when updating.
Also it boots fast.

[https://wiki.archlinux.org/index.php/EFISTUB](https://wiki.archlinux.org/index.php/EFISTUB)

~~~
alias_neo
Does that make kernel updates a more manual process? Are you building your
own? Are you signing and using secure boot?

I'd be interested in giving this a try.

~~~
profsnuggles
That is what I am doing as well. I'm building my own kernel but not using
secure boot.

Kernel upgrades are just copying .config from the old kernel to the new
kernel.

sudo make olddefconfig && sudo make && sudo make modules_install &&
install_kernel

The contents of install_kernel

KERNEL=`readlink /usr/src/linux`

NUMBER=${KERNEL##linux-}

NUMBER=${NUMBER%%-gentoo}

sudo cp arch/x86_64/boot/bzImage /boot/EFI/Gentoo/vmlinuz-${NUMBER}-gentoo.efi

sudo efi bootmgr -c -L "Gentoo ${NUMBER}" -l
"\\\EFI\\\Gentoo\\\vmlinuz-${NUMBER}-gentoo.efi" -d /dev/nvme0n1

~~~
mshook
Don't compile as root, there's no need for that. You should only elevate your
privileges when needed. The only thing you need root for are modules_install
and your install_kernel script.

~~~
londons_explore
People always say this, but if a project is malicious, it can take your SSH
keys and get persistence even without root. It can alias sudo in your bashrc
to get root if it wants too.

Yet if you don't use sudo, some make/compiles fail with random permissions
errors.

I mean I see the reasoning, but in 2020 I think the Linux desktop security
model is sufficiently broken that it doesn't matter.

------
azhenley
For those interested, a colleague of mine wrote a tutorial series on
implementing an OS using Rust that targets RISC-V:
[https://osblog.stephenmarz.com/](https://osblog.stephenmarz.com/)

------
secondcoming
> "Although the slice and the target buf should be the same, the target is
> filled with 255 from some point. "

Doesn't Rust prevent things like overwriting memory?

~~~
zaarn
Not necessarily, there are a bunch of unsafe methods you kinda have to use
going this low level and if you're in unsafe mode, then you can overwrite
memory or do things to corrupt it.

~~~
grayhatter
So all all of rust's issues, and none of it's safety?

~~~
uxp100
Honestly, many of rust’s safety promises don’t help the type of low level code
I write, so I’m skeptical of the “embedded rust” push. But embedded is a huge
field so some people will definitely benefit from what rust makes available.

But yeah, I think for some projects rust brings you a great type system, a
gross syntax, and very little additional safety. But OTOH, on those projects
writing rust will be not that different than writing C. Either language will
still let you forget to sanitize a length value from an external struct that
is put into a DMA engine. And either language will let you create a
dangerous_u32 type that needs to be sanitized before your routines write it
into a peripheral. But rust’s probably would be a little more ergonomic for
the programmers, a little harder to use improperly, and involve pressing every
punctuation mark on your keyboard.

~~~
mlindner
> Honestly, many of rust’s safety promises don’t help the type of low level
> code I write, so I’m skeptical of the “embedded rust” push. But embedded is
> a huge field so some people will definitely benefit from what rust makes
> available.

Why exactly? Once you write an abstraction on top of the raw addresses for
configuring the hardware (usually already provided by a library) you don't
need to use unsafe at all. One of the first things you do in C is write macros
for all the addresses you use, writing safe wrappers isn't that much more
complex than that.

~~~
uxp100
Because nothing the C code is doing would be "unsafe" in rust terms. What is
the advantage rust has for following an SDMMC controller init sequence?

~~~
zaarn
Once you define a safe interface, you only have to audit the implementation of
that interface for errors that aren't guarded for in unsafe code.

The safe interface you can then use without fearing memory corruption or
having to audit that code for unsafety. Any safe code is pretty much only
logic errors.

------
non-entity
Is the site down right now? I can't seem to connect.

~~~
merricksb
Must be swamped with traffic.

Google cache works:

[https://webcache.googleusercontent.com/search?q=cache:QBPnre...](https://webcache.googleusercontent.com/search?q=cache:QBPnreVXSYEJ:https://vmm.dev/en/rust/krabs.md+&cd=1&hl=en&ct=clnk&gl=au)

~~~
cpach
That URL (to Google’s cached version) took about three minutes to load for me.
Does anyone know why Google’s cache is so slow sometimes...?

~~~
gruturo
It was still attempting to load images, which probably caused the slowness -
there is an option in the cached page header to request a text-only version
which will load immediately.

