doc: remove UEFI/de-privilege boot mode from docs

Also clear Linux is no longer supported either as SOS or post-launched VM kernel. - When it mentions clear Linux, mostly replaced by Ubuntu. - remove all contents re/lated to "UEFI boot". - remove the term de-privilege mode, and direct mode as well. Tracked-On: #5197 Signed-off-by: Zide Chen <zide.chen@intel.com>
2025-09-07 11:50:30 +00:00 · 2020-08-21 10:45:07 -07:00
parent 75ecc0e3b1
commit f945fe27ab
12 changed files with 24 additions and 127 deletions
--- a/doc/developer-guides/hld/hld-devicemodel.rst
+++ b/doc/developer-guides/hld/hld-devicemodel.rst
@@ -115,7 +115,7 @@ Here's an example showing how to run a VM with:
     -s 0:0,hostbridge \
     -s 1:0,lpc -l com1,stdio \
     -s 5,virtio-console,@pty:pty_port \
-     -s 3,virtio-blk,b,/data/clearlinux/clearlinux.img \
+     -s 3,virtio-blk,b,/home/acrn/uos.img \
     -s 4,virtio-net,tap_LaaG --vsbl /usr/share/acrn/bios/VSBL.bin \
     --acpidev_pt MSFT0101 \
     --intr_monitor 10000,10,1,100 \
@@ -769,7 +769,7 @@ example:
     -s 0:0,hostbridge \
     -s 1:0,lpc -l com1,stdio \
     -s 5,virtio-console,@pty:pty_port \
-     -s 3,virtio-blk,b,/data/clearlinux/clearlinux.img \
+     -s 3,virtio-blk,b,/home/acrn/uos.img \
     -s 4,virtio-net,tap_LaaG --vsbl /usr/share/acrn/bios/VSBL.bin \
     -B "root=/dev/vda2 rw rootwait maxcpus=3 nohpet console=hvc0 \
     console=ttyS0 no_timer_check ignore_loglevel log_buf_len=16M \
@@ -789,9 +789,6 @@ the bus hierarchy would be:
   00:04.0 Ethernet controller: Red Hat, Inc. Virtio network device
   00:05.0 Serial controller: Red Hat, Inc. Virtio console

-.. note:: For Clear Linux OS, the ``lspci`` command can be installed
-   from the "sysadmin-basic" bundle.
-
 ACPI Virtualization
 *******************

--- a/doc/developer-guides/hld/hld-overview.rst
+++ b/doc/developer-guides/hld/hld-overview.rst
@@ -42,7 +42,7 @@ A typical In-Vehicle Infotainment (IVI) system supports:
  - connection to IVI front system and mobile devices (cloud
    connectivity)

-ACRN supports guest OSes of Clear Linux OS and Android. OEMs can use the ACRN
+ACRN supports guest OSes of Linux and Android. OEMs can use the ACRN
 hypervisor and the Linux or Android guest OS reference code to implement their own
 VMs for a customized IC/IVI/RSE.

@@ -88,8 +88,8 @@ ACRN is a type-I hypervisor that runs on top of bare metal. It supports
 Intel APL & KBL platforms and can be easily extended to support future
 platforms. ACRN implements a hybrid VMM architecture, using a privileged
 service VM to manage I/O devices and
-provide I/O mediation. Multiple user VMs can be supported, running Clear
-Linux OS or Android OS as the User VM.
+provide I/O mediation. Multiple user VMs can be supported, running Ubuntu
+or Android OS as the User VM.

 ACRN 1.0
 ========
--- a/doc/developer-guides/hld/hld-security.rst
+++ b/doc/developer-guides/hld/hld-security.rst
@@ -255,7 +255,7 @@ In ACRN, User VM Secure Boot can be enabled by below steps.
 Service VM Hardening
 --------------------

-In the ACRN project, the reference Service VM is based on the Clear Linux OS.
+In the ACRN project, the reference Service VM is based on Ubuntu.
 Customers may choose to use different open source OSes or their own
 proprietary OS systems. To minimize the attack surfaces and achieve the
 goal of "defense in depth", there are many common guidelines to ensure the
--- a/doc/developer-guides/hld/hostbridge-virt-hld.rst
+++ b/doc/developer-guides/hld/hostbridge-virt-hld.rst
@@ -17,7 +17,7 @@ There is PCI host bridge emulation in DM. The bus hierarchy is determined by ``a
        -s 2,pci-gvt -G "$2" \
        -s 5,virtio-console,@stdio:stdio_port \
        -s 6,virtio-hyper_dmabuf \
-        -s 3,virtio-blk,/home/clear/uos/uos.img \
+        -s 3,virtio-blk,/home/acrn/uos.img \
        -s 4,virtio-net,tap0 \
        -s 7,virtio-rnd \
        --ovmf /usr/share/acrn/bios/OVMF.fd \
@@ -38,5 +38,3 @@ the bus hierarchy would be:
   00:06.0 RAM memory: Intel Corporation Device 8606
   00:08.0 Network and computing encryption device: Red Hat, Inc. Virtio RNG
   00:09.0 Ethernet controller: Red Hat, Inc. Virtio network device
-
-.. note:: For Clear Linux OS, the ``lspci`` command can be installed from the ``sysadmin-basic`` bundle.
--- a/doc/developer-guides/hld/hv-startup.rst
+++ b/doc/developer-guides/hld/hv-startup.rst
@@ -6,7 +6,7 @@ Hypervisor Startup
 This section is an overview of the ACRN hypervisor startup.
 The ACRN hypervisor
 compiles to a 32-bit multiboot-compliant ELF file.
-The bootloader (ABL/SBL or UEFI) loads the hypervisor according to the
+The bootloader (ABL/SBL or GRUB) loads the hypervisor according to the
 addresses specified in the ELF header. The BSP starts the hypervisor
 with an initial state compliant to multiboot 1 specification, after the
 bootloader prepares full configurations including ACPI, E820, etc.
@@ -158,14 +158,10 @@ The main steps include:
 -  **SW Load:** Prepares for each VM's SW configuration according to guest OS
   requirement, which may include kernel entry address, ramdisk address,
   bootargs, or zero page for launching bzImage etc.
-   This is done by the hypervisor for pre-launched or Service VM, while by DM
-   for post-launched User VMs.
-   Meanwhile, there are two kinds of boot modes - de-privilege and direct boot
-   mode. The de-privilege boot mode is combined with ACRN UEFI-stub, and only
-   applies to the Service VM, which ensures that the native UEFI environment could be restored
-   and keep running in the Service VM. The direct boot mode is applied to both the
-   pre-launched and Service VM. In this mode, the VM will start from the standard
-   real or protected mode which is not related to the native environment.
+   This is done by the hypervisor for pre-launched or Service VM, and the VM will
+   start from the standard real or protected mode which is not related to the
+   native environment. For post-launched VMs, the VM's SW configuration is done
+   by DM.

 -  **Start VM:** The vBSP of vCPUs in this VM is kick to do schedule.

--- a/doc/developer-guides/hld/ivshmem-hld.rst
+++ b/doc/developer-guides/hld/ivshmem-hld.rst
@@ -138,7 +138,7 @@ post-launched VMs (VM1 and VM2).
         -s 2,pci-gvt -G "$2" \
         -s 5,virtio-console,@stdio:stdio_port \
         -s 6,virtio-hyper_dmabuf \
-         -s 3,virtio-blk,/home/clear/uos/uos1.img \
+         -s 3,virtio-blk,/home/acrn/uos1.img \
         -s 4,virtio-net,tap0 \
         -s 6,ivshmem,test,4096 \
         -s 7,virtio-rnd \
@@ -153,7 +153,7 @@ post-launched VMs (VM1 and VM2).

        acrn-dm -A -m $mem_size -s 0:0,hostbridge \
         -s 2,pci-gvt -G "$2" \
-         -s 3,virtio-blk,/home/clear/uos/uos2.img \
+         -s 3,virtio-blk,/home/acrn/uos2.img \
         -s 4,virtio-net,tap0 \
         -s 5,ivshmem,test,4096 \
         --ovmf /usr/share/acrn/bios/OVMF.fd \
@@ -247,7 +247,7 @@ architecture and threat model for your application.

   - The previously highlighted technologies rely on the kernel, as a secure component, to enforce such policies. Because of this, we strongly recommend enabling secure boot for the Service VM, and extend the secureboot chain to any post-launched VM kernels.
   - To ensure no malicious software is introduced or persists, utilize the filesystem (FS) verification methods on every boot to extend the secure boot chain for post-launch VMs (kernel/FS).
-   - Reference: ACRN secure boot extension guide (`ClearLinux <https://projectacrn.github.io/latest/tutorials/enable_laag_secure_boot.html?highlight=secure%20boot>`_, `Windows <https://projectacrn.github.io/latest/tutorials/waag-secure-boot.html>`_)
+   - Reference: :ref:`how-to-enable-secure-boot-for-windows`
   - Reference Stack:  `dm-verity <https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/verity.html>`_

 .. note:: All the mentioned hardening techniques might require minor extra development efforts.
--- a/doc/developer-guides/sw_design_guidelines.rst
+++ b/doc/developer-guides/sw_design_guidelines.rst
@@ -177,7 +177,7 @@ shown in :numref:`rules_arch_level` below.
   | External resource  | Invalid E820 table or   | Yes          | The hypervisor shall      | Invalid E820 table or   |
   | provided by        | invalid boot information|              | panic during platform     | invalid boot information|
   | bootloader         |                         |              | initialization            |                         |
-   | (UEFI or SBL)      |                         |              |                           |                         |
+   | (GRUB or SBL)      |                         |              |                           |                         |
   +--------------------+-------------------------+--------------+---------------------------+-------------------------+
   | Physical resource  | 1GB page is not         | Yes          | The hypervisor shall      | 1GB page is not         |
   | used by the        | available on the        |              | panic during platform     | available on the        |
@@ -574,7 +574,6 @@ The following table shows some use cases of module level configuration design:
   * - Configuration data provided by firmware
     - This module is used to interact with firmware (UEFI or SBL), and the
       configuration data is provided by firmware.
-       For example, UP2 uses SBL and KBL NUC uses UEFI.
     - If a function pointer is used, the prerequisite is
       "hv_operation_mode != DETECT".