e extra
space needed by the kdump kernel, and change the function name so that it
better reflects what the function is now doing.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Lakshmi Ramasubramanian
---
arch/powerpc/include/asm/kexec.h | 2 +-
arch/powerpc/kexec/elf_64.c | 2 +-
arch/powerp
Lakshmi Ramasubramanian writes:
> On 2/19/21 6:25 AM, Thiago Jung Bauermann wrote:
>
> One small nit in the function header (please see below), but otherwise the
> change looks good.
>
> Reviewed-by: Lakshmi Ramasubramanian
Thanks for your review. I incorporated your sugges
e extra
space needed by the kdump kernel, and change the function name so that it
better reflects what the function is now doing.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/kexec.h | 2 +-
arch/powerpc/kexec/elf_64.c | 2 +-
arch/powerpc/kexec/file_load_64.c | 26 -
with backup region and
> crashed kernel's memory to avoid kdump kernel from accidentially using
> that memory.
>
> Signed-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
igned-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
Bathini
> Tested-by: Pingfan Liu
I liked the new versions of get_node_path_size() and get_node_path().
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
h
Hari Bathini writes:
> On 24/07/20 5:36 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>>> Kdump kernel, used for capturing the kernel core image, is supposed
>>> to use only specific memory regions to avoid corrupting the image to
>&
; being stomped on while booting.
>
> Signed-off-by: Hari Bathini
> Tested-by: Pingfan Liu
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lis
ackup region and
> crashed kernel's memory to avoid kdump kernel from accidentially
> using that memory.
>
> Reported-by: kernel test robot
> [lkp: In v1, purgatory() declaration was missing]
> Signed-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
Just one minor
..
> + end_char = '\0';
> + while (dn->parent) {
> + path[--idx] = end_char;
.. and in the first ireation, this is writing '\0' at a place which will be
overwritten by the memcpy() below with the last character of
dn->full_name. You need to start idx with len, not len - 1.
> +
different kdump segments.
> Override arch_kexec_locate_mem_hole() to locate a memory hole taking
> these ranges into account.
>
> Signed-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
_
d-by: Pingfan Liu
Just one comment below, but regardless:
Reviewed-by: Thiago Jung Bauermann
> +/**
> + * add_htab_mem_range - Adds htab range to the given memory ranges list,
> + * if it exists
> + * @mem_ranges: Range list to add the memory r
Hari Bathini writes:
> On 16/07/20 5:50 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>>> So, add support to relocate purgatory in kexec_file_load system call
>>> by setting up TOC pointer and applying RELA relocations as needed.
&g
Hari Bathini writes:
> On 16/07/20 7:08 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>>> @@ -968,7 +1040,7 @@ int setup_new_fdt_ppc64(const struct kimage *image,
>>> void *fdt,
>>>
>>> /*
>>> * Rest
Hari Bathini writes:
> On 16/07/20 4:22 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>
>
>
>>> +/**
>>> + * get_node_path - Get the full path of the given node.
>>> + * @dn:Node.
>&
Hari Bathini writes:
> On 15/07/20 9:20 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>>> @@ -534,7 +537,7 @@ static int __init
>>> early_init_dt_scan_memory_ppc(unsigned long node,
>>> #ifdef CONFIG_PPC_PSERIES
>>
Hari Bathini writes:
> On 15/07/20 8:09 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>
>
>
>>> +/**
>>> + * __locate_mem_hole_top_down - Looks top down for a large enough memory
>>> hole
>>> + *
Hari Bathini writes:
> On 16/07/20 7:52 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>>> /**
>>> + * get_crash_memory_ranges - Get crash memory ranges. This list includes
>>> + *
Thiago Jung Bauermann writes:
> Hari Bathini writes:
>
>> diff --git a/arch/powerpc/include/asm/crashdump-ppc64.h
>> b/arch/powerpc/include/asm/crashdump-ppc64.h
>> new file mode 100644
>> index 000..90deb46
>> --- /dev/null
>> +++ b/arch/powerp
e same time, it's not a problem if both plan to use the same
region of memory.
>
> Signed-off-by: Hari Bathini
> Tested-by: Pingfan Liu
Reviewed-by: Thiago Jung Bauermann
> ---
>
> v2 -> v3:
> * Unchanged. Added Tested-by tag from Pingfan.
>
> v1 -> v2:
>
aim likewise.
>
> Signed-off-by: Hari Bathini
> Tested-by: Pingfan Liu
Reviewed-by: Thiago Jung Bauermann
Just one oinor nit below.
> ---
>
> v2 -> v3:
> * Unchanged. Added Tested-by tag from Pingfan.
>
> v1 -> v2:
> * Updated add_rtas_mem_range() & add_opal_
mage, cmem, , _sz);
> + if (ret) {
> + pr_err("Failed to prepare elf headers for the core\n");
> + goto out;
> + }
> +
> + kbuf->buffer = headers;
> + kbuf->mem = KEXEC_BUF_MEM_UNKNOWN;
> + kbuf->bufsz =
mpoline.S to purgatory/trampoline_64.S in the
> same spirit.
There's only a 64 bit implementation of kexec_file_load() so this is a
somewhat theoretical exercise, but there's no harm in getting the code
organized, so:
Reviewed-by: Thiago Jung Bauermann
I have just one question below.
> Sign
ry-address", );
> + ret = kexec_purgatory_get_set_symbol(image, "opal_entry", ,
> + sizeof(val), false);
You need to call of_node_put(dn) here and in the if (ret) case above.
> + }
> out:
>
rc = (void *)BACKUP_SRC_START;
> + if (backup_start) {
> + dest = (void *)backup_start;
> + __memcpy(dest, src, BACKUP_SRC_SIZE);
> + }
> +}
In general I'm in favor of using C code over assembly, but having to
bring in that relocation support just for the above makes me wonder if
it's worth it in this case.
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
igned-off-by: Hari Bathini
> Tested-by: Pingfan Liu
Reviewed-by: Thiago Jung Bauermann
> ---
>
> v2 -> v3:
> * Unchanged. Added Tested-by tag from Pingfan.
>
> v1 -> v2:
> * Setting up opal base & entry values in r8 & r9 for early OPAL debug.
>
>
>
d by lkp. lkp report for reference:
> - https://lore.kernel.org/patchwork/patch/1264421/
>
>
> arch/powerpc/kexec/file_load_64.c | 337
>
> arch/powerpc/purgatory/trampoline_64.S |8 +
>
prop += n_mem_addr_cells;
> + end = base + of_read_number(prop, n_mem_size_cells) - 1;
You need to `prop += n_mem_size_cells` here.
> +
> + ret = add_usable_mem(um_info, base, end, );
> + if (ret) {
> + ret = ret;
walk_drmem_lmbs(memory, NULL, numa_setup_drmem_lmb);
Similarly here. Now that this call can fail, should
parse_numa_properties() handle or propagate the failure?
> of_node_put(memory);
> }
>
--
Thiago Jung Bauermann
IBM Linux Technology Center
ound */
> + if (start > buf_max)
> + break;
> +
> + /* Adjust memory region based on the given range */
> + if (start < buf_min)
> + start = buf_min;
> + if (end > buf_max)
> + end
return ret;
> +}
> +
> +/**
> + * sort_memory_ranges - Sorts the given memory ranges list.
> + * @mem_ranges: Range list to sort.
> + * @merge: If true, merge the list after sorting.
> + *
> + * Returns nothing.
> + */
> +void sort_memory_ranges(struct crash_m
, arch_kimage_file_post_load_cleanup() declaration was missing]
> Signed-off-by: Hari Bathini
> Acked-by: Dave Young
> Tested-by: Pingfan Liu
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexe
Hello,
prsriva writes:
> On 9/19/19 8:07 PM, Thiago Jung Bauermann wrote:
>> Hello Prakhar,
>>
>> Prakhar Srivastava writes:
>>
>>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>>> index 3adcec05b1f6..f39b12dbf9e8 100644
>>>
ly equivalent
code in the two architectures?
Actually, there's one change that is significant: instead of a single
linux,ima-kexec-buffer property holding the start address and size of
the buffer, ARM64 is now using two properties (linux,ima-kexec-buffer
and linux,ima-kexec-buffer-end) for the start and end addresses. In my
opinion, unless there's a good reason for it Linux should be consistent
accross architectures when possible.
--
Thiago Jung Bauermann
IBM Linux Technology Center
>> There seems to be quite a bit of code duplication in this function and
>> in ima_get_kexec_buffer(). It could probably be cleaned up with some
>> refactoring.
>
> Sorry, my mistake. One calls of_get_property(), while the other calls
> of_find_property().
of_get_property() is a thin wrapper around of_find_property(), so if
that's the only difference I think they can still be merged.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Helge Deller writes:
> On 06.09.19 23:47, Thiago Jung Bauermann wrote:
>> Helge Deller writes:
>>> This kexec patch series is the groundwork for kexec on the parisc
>>> architecture.
>>> Since we want kexec on parisc, I've applied it to my for-next-k
+-
>> include/linux/kexec.h | 23 +
>> kernel/Makefile | 1 +
>> .../kexec_elf_64.c => kernel/kexec_elf.c | 394 +++--
>> 6 files changed, 115 insertions(+), 852 deletions(-)
>
Thiago Jung Bauermann writes:
>> diff --git a/arch/powerpc/kernel/kexec_elf_64.c b/kernel/kexec_elf.c
>> similarity index 71%
>> copy from arch/powerpc/kernel/kexec_elf_64.c
>> copy to kernel/kexec_elf.c
>> index ba4f18a43ee8..6e9f52171ede 100644
>> ---
Thiago Jung Bauermann writes:
> Sven Schnelle writes:
>
>> It's not used anywhere so just drop it.
>>
>> Signed-off-by: Sven Schnelle
>> ---
>> kernel/kexec_elf.c | 2 --
>> 1 file changed, 2 deletions(-)
>>
>> diff --git a/kernel/
nels, and also in ppc64 kexecing to both big-endian and
little-endian kernels so:
Tested-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
Hello Sven,
Just a few small comments below. Regardless of them:
Reviewed-by: Thiago Jung Bauermann
Sven Schnelle writes:
> Right now powerpc provides an implementation to read elf files
> with the kexec_file() syscall. Make that available as a public
Nit: the syscall is kexec_fil
Sven Schnelle writes:
> The powerpc version only supported 64 bit. Add some
> code to switch decoding of fields during runtime so
> we can kexec a 32 bit kernel from a 64 bit kernel and
> vice versa.
>
> Signed-off-by: Sven Schnelle
Reviewed-by: Thiago Jung Bauermann
fer(kbuf);
> if (ret)
> goto out;
> @@ -382,9 +382,6 @@ int kexec_elf_load(struct kimage *image, struct elfhdr
> *ehdr,
> lowest_addr = load_addr;
> }
>
> - /* Update entry point to reflect new load address.
; static inline bool elf_is_elf_file(const struct elfhdr *ehdr)
> {
> return memcmp(ehdr->e_ident, ELFMAG, SELFMAG) == 0;
Could you remove this one from the file in arch/powerpc as well? Perhaps
this and the previous patch could be placed before patch 1, so that this
change can be done only
Sven Schnelle writes:
> We're not using them, so we can drop the parsing.
>
> Signed-off-by: Sven Schnelle
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infr
Sven Schnelle writes:
> Change the order to have a 64/32/16 order, no functional change.
>
> Signed-off-by: Sven Schnelle
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing l
Michael Ellerman writes:
> On Wed, 2019-05-22 at 22:01:58 UTC, Thiago Jung Bauermann wrote:
>> Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
>> changed kexec_add_buffer() to skip searching for a memory location if
>> kexec_buf.mem is a
Dave Young writes:
> On 05/22/19 at 07:01pm, Thiago Jung Bauermann wrote:
>> Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
>> changed kexec_add_buffer() to skip searching for a memory location if
>> kexec_buf.mem is a
t
Setting the mem field before every call to kexec_add_buffer() fixes this
regression.
Fixes: b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/kexec_elf_64.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-
INTEGRITY_KEYRING_IMA for readability
>
> security/integrity/ima/ima_appraise.c | 13 +++--
> 1 file changed, 11 insertions(+), 2 deletions(-)
With the change to only access the platform keyring when it is enabled:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Techno
changed, 90 insertions(+), 24 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
ty/integrity/digsig.c| 48
> +++---
> security/integrity/integrity.h | 3 +-
> .../integrity/platform_certs/platform_keyring.c| 35
> 5 files changed, 83 insertions(+), 15 deletions(-)
> create mode 1
the audit message
of failed signature verifications for KEXEC_KERNEL will always log the
same rc value, which is whatever request_key() returns when asked to
look for an inexistent keyring.
Here is a patch which only performs the second try if the platform
keyring is enabled.
>From d5fb94ab9
not supported
Fixes: a0458284f062 ("powerpc: Add support code for kexec_file_load()")
Reported-by: Dave Young <dyo...@redhat.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/kernel/machine_kexec_file_64.c | 2 +-
1 file changed, 1 in
in latest version. kernel does not return
>> > such error number, I might not say clearly previously. Please
>> > check the kernel code, the only one place I know is because no
>> > kdump support in power kexec_file:
>> > arch/powerpc/kernel/machine_kexec_file_64.c
>> >
>> > /* We don't support crash kernels yet. */
>> > if (image->type == KEXEC_TYPE_CRASH)
>> > return -ENOTSUPP;
>> >
>> > So I suggest not checking this as well since -ENOTSUPP is not
>> > populated in userspace headers, and -ENOTSUP is not used at all.
>> >
>> > Also as I mentioned in another reply -EINVAL and -ENOEXEC is also
>> > not ncessary.
>> >
>> > For -ENOTSUP, maybe someone can submit a patch to switch to
>> > -ENOTSUPP so that userspace can check it.
>> > Ccing Thiago and Hari for the -ENOTSUPP errno issue.
>>
>> Oops for the hurry reply, I means -ENOTSUPP might be able to replaced
>> with -EOPNOTSUPP, a similar change like this:
>> https://patchwork.kernel.org/patch/8490791/
>
> Thanks for catching this. In Linux ENOTSUPP with extra P is different
> from EOPNOTSUPP and ENOTSUP (single P). Since we are talking to the
> kernel and it returns the double P ENOTSUPP we need to define it in
> kexec as well. And we should check ENOTSUP with single P in case
> somebody some day thinks that returning undefined error codes to
> userspace is not nice like in the patch above.
I wasn't aware that ENOTSUPP was an in-kernel only errno. Should I
submit a patch for the kernel so that powerpc returns -EOPNOTSUPP in
case of trying to load kdump kernel with kexec_file_load()?
--
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
(+)
Thanks for implementing this! Looks good to me, just one nit below.
Regardless of that:
Reviewed-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
> diff --git a/kexec/arch/ppc64/kexec-elf-ppc64.c
> b/kexec/arch/ppc64/kexec-elf-ppc64.c
> index ddd3de8..2742cd6 100644
&
Baoquan He <b...@redhat.com>
>> Cc: Michael Ellerman <m...@ellerman.id.au>
>> Cc: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
>> ---
>> arch/powerpc/include/asm/kexec.h| 2 +-
>> arch/powerpc/kernel/kexec_elf_64.c | 2
esystems nowadays, with the notable exception of FAT-based
filesystems.
evmctl, the IMA userspace tool, also support signatures stored in a
separate file as well ("sidecar" signatures), but the kernel can only
verify them if they are copied into an xattr (which I believe
ocation types.
> Otherwise, why can't the purgatory code be written in assembly? AFAICT,
> the only complex part is the hashing code, which I don't beleive is
> strictly necessary.
When I posted a similar series for powerpc with similar changes to
handle a pa
Am Freitag, 28. April 2017, 09:51:39 BRT schrieb AKASHI Takahiro:
> On Thu, Apr 27, 2017 at 07:00:04PM -0300, Thiago Jung Bauermann wrote:
> > Hello,
> >
> > Am Mittwoch, 26. April 2017, 17:22:09 BRT schrieb AKASHI Takahiro:
> > > The current kexec_locate_mem_
Am Mittwoch, 23. November 2016, 09:32:58 BRST schrieb Dave Young:
> On 11/22/16 at 11:44am, Thiago Jung Bauermann wrote:
> > Am Dienstag, 22. November 2016, 17:01:10 BRST schrieb Michael Ellerman:
> > > Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
> >
Am Dienstag, 22. November 2016, 17:01:10 BRST schrieb Michael Ellerman:
> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
> > Am Sonntag, 20. November 2016, 10:45:46 BRST schrieb Dave Young:
> >> On 11/10/16 at 01:27am, Thiago Jung Bauermann wrote:
> >>
Hello Dave,
Thanks for your review.
Am Sonntag, 20. November 2016, 10:45:46 BRST schrieb Dave Young:
> On 11/10/16 at 01:27am, Thiago Jung Bauermann wrote:
> > powerpc's purgatory.ro has 12 relocation types when built as
> > a relocatable object. To implement support fo
Add arch-specific functions needed by the generic kexec_file code.
Signed-off-by: Josh Sklar <sk...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/Kconfig| 14 ++
arch/powerpc/include/asm/systbl.h
: coding-style fixes]
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
---
arch/powerpc/include/asm/kexec.h| 12 ++
arch/powerpc/kernel/Makefile| 3 +-
arch/powerpc/kernel/ke
Enable CONFIG_KEXEC_FILE in powernv_defconfig, ppc64_defconfig and
pseries_defconfig.
It depends on CONFIG_CRYPTO_SHA256=y, so add that as well.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/configs/powernv_defconfig | 2 ++
arch/powerpc/c
RE instead, since
kexec_file_load also needs that code compiled in.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/Kconfig | 2 +-
arch/powerpc/include/asm/debug.h | 2 +-
arch/powerpc/include/asm/kexec.h
the ELF structs. These functions will be used in the next
patch in the series.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/include/asm/elf_util.h | 43
arch/powerpc/kernel/Makefile| 2 +-
arch/powerpc/kernel/elf_util.c
nitialized to zero. It doesn't matter what their initial value is,
because they will be set by the kernel when preparing the kexec image.
Finally, some checkpatch.pl warnings were fixed.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/
kexec_locate_mem_hole will be used by the PowerPC kexec_file_load
implementation to find free memory for the purgatory stack.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: Dave Young <dyo...@redhat.com>
---
include/linux/kexec.h | 1 +
kernel/kexec_f
existing casts to char * in the code.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: Dave Young <dyo...@redhat.com>
Acked-by: Balbir Singh <bsinghar...@gmail.com>
---
arch/x86/kernel/crash.c | 37
arch/x86/kernel/kexe
Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/Kconfig | 11 ++
include/linux/kexec.h | 4 +
kernel/kexec_file.c | 314 ++
3 files changed, 253 insertions(+), 76 deletions(-)
diff --git a/arch/Kconfig b/arch/K
Allow architectures to specify a different memory walking function for
kexec_add_buffer. x86 uses iomem to track reserved memory ranges, but
PowerPC uses the memblock subsystem.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: Dave Young <dyo...@redhat.c
Hello Eric,
Am Freitag, 4. November 2016, 10:13:39 BRST schrieb Eric W. Biederman:
> Baoquan He <b...@redhat.com> writes:
> > On 11/02/16 at 04:00am, Thiago Jung Bauermann wrote:
> >> Hello,
> >>
> >> The kexec_file code currently builds the purgatory a
Hello Baoquan,
Am Freitag, 4. November 2016, 15:38:40 BRST schrieb Baoquan He:
> On 11/02/16 at 04:00am, Thiago Jung Bauermann wrote:
> > Hello,
> >
> > The kexec_file code currently builds the purgatory as a partially linked
> > object (using ld -r). Is there
be refined a bit. Would you accept a change along these lines?
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/Kconfig| 3 +
kernel/kexec_file.c | 159 ++--
kernel/kexec_internal.h | 26
3
address of the relocation in memory. We also add
more relocation types that are used by the purgatory.
Signed-off-by: Josh Sklar <sk...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/Kconfig| 13 ++
arch/pow
From: Mimi Zohar
The configured IMA measurement list template format can be replaced at
runtime on the boot command line, including a custom template format.
This patch adds support for restoring a measuremement list containing
multiple builtin/custom template formats.
ot notifier once
Changelog v1:
- updated to call IMA functions (Mimi)
- move code from ima_template.c to ima_kexec.c (Mimi)
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Acked-by: "Eric W. Biederman"
From: Mimi Zohar
The builtin and single custom templates are currently stored in an
array. In preparation for being able to restore a measurement list
containing multiple builtin/custom templates, this patch stores the
builtin and custom templates as a linked list.
From: Mimi Zohar
The IMA binary_runtime_measurements list is currently in platform native
format.
To allow restoring a measurement list carried across kexec with a
different endianness than the targeted kernel, this patch defines
little-endian as the canonical format.
From: Andreas Steffen
For remote attestion it is important for the ima measurement values
to be platform-independent. Therefore integer fields to be hashed
must be converted to canonical format.
Changelog:
- Define canonical format as little endian (Mimi)
e9747
--- /dev/null
+++ b/security/integrity/ima/ima_kexec.c
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2016 IBM Corporation
+ *
+ * Authors:
+ * Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
+ * Mimi Zohar <zo...@linux.vnet.ibm.com>
+ *
+ * This program is free software; you can redis
}.
- Use #address-cells and #size-cells to read the DT property.
- Use size_t instead of unsigned long for size arguments.
- Always remove linux,ima-kexec-buffer and its memory reservation
when preparing a device tree for kexec_file_load.
Signed-off-by: Thiago Jung Bauermann <ba
CONFIG_IMA_KEXEC to build this code only when necessary.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: "Eric W. Biederman" <ebied...@xmission.com>
---
arch/powerpc/include/asm/ima.h | 16 +
arch/powerpc/include/asm/kexec.h
From: Mimi Zohar
Measurements carried across kexec need to be added to the IMA
measurement list, but should not prevent measurements of the newly
booted kernel from being added to the measurement list. This patch
adds support for allowing duplicate measurements.
The
g the measurement list
ima: on soft reboot, save the measurement list
ima: store the builtin/custom template definitions in a list
ima: support restoring multiple template formats
ima: define a canonical binary_runtime_measurements list format
Thiago Jung Bauermann (2):
powerpc: ima:
Enable CONFIG_KEXEC_FILE in powernv_defconfig, ppc64_defconfig and
pseries_defconfig.
It depends on CONFIG_CRYPTO_SHA256=y, so add that as well.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/configs/powernv_defconfig | 2 ++
arch/powerpc/c
RE instead, since
kexec_file_load also needs that code compiled in.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/Kconfig | 2 +-
arch/powerpc/include/asm/debug.h | 2 +-
arch/powerpc/include/asm/kexec.h
the kexec image.
Also, since we don't support loading a crashdump kernel via
kexec_file_load yet, the code related to that functionality has been
removed.
Finally, some checkpatch.pl warnings were fixed.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/Ma
: coding-style fixes]
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
---
arch/powerpc/include/asm/kexec.h| 12 +
arch/powerpc/kernel/Makefile| 3 +-
arch/powerpc/kernel/kexec_elf_64.c
kexec_locate_mem_hole will be used by the PowerPC kexec_file_load
implementation to find free memory for the purgatory stack.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: Dave Young <dyo...@redhat.com>
---
include/linux/kexec.h | 1 +
kernel/kexec_f
t;m...@ellerman.id.au>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/kernel/module_64.c | 344 +---
1 file changed, 182 insertions(+), 162 deletions(-)
diff --git a/arch/powerpc/kernel/module_64.c b/arch/powerpc/kern
Allow architectures to specify a different memory walking function for
kexec_add_buffer. x86 uses iomem to track reserved memory ranges, but
PowerPC uses the memblock subsystem.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: Dave Young <dyo...@redhat.c
existing casts to char * in the code.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Acked-by: Dave Young <dyo...@redhat.com>
Acked-by: Balbir Singh <bsinghar...@gmail.com>
---
arch/x86/kernel/crash.c | 37
arch/x86/kernel/kexe
code adapting the device tree for booting the new kernel was moved
out of elf64_load to setup_new_fdt.
- Patch "powerpc: Allow userspace to set device tree properties in
kexec_file_load"
- New patch.
- The code in this patch didn't exist in v4.
- This is the only
Am Donnerstag, 29 September 2016, 16:43:08 schrieb Eric W. Biederman:
> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
> > Hello Eric,
> >
> > Am Dienstag, 20 September 2016, 11:07:29 schrieb Eric W. Biederman:
> >> A semi-generic con
Hello Eric,
Am Dienstag, 20 September 2016, 11:07:29 schrieb Eric W. Biederman:
> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
> > Am Samstag, 17 September 2016, 00:17:37 schrieb Eric W. Biederman:
> >> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.co
Am Samstag, 17 September 2016, 00:17:37 schrieb Eric W. Biederman:
> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
> > Hello Eric,
> >
> > Am Freitag, 16 September 2016, 14:47:13 schrieb Eric W. Biederman:
> >> I can see tracking to see if the
e it will be
useful to us in the future for the case of an arbitrary number of kexecs
(and thus not only a bootloader but also multiple full-blown distros may be
involved in the chain).
But you are right that for the use case for which we currently need this
feature it's feasible to measure everything upfront. We can cross the other
bridge when we get there.
> If there is anyway we can start small and not with this big scary
> infrastructure change I would very much prefer it.
Sounds good. If we pre-measure everything then the following patches from my
buffer hand-over series are enough:
[PATCH v5 2/5] kexec_file: Add buffer hand-over support for the next kernel
[PATCH v5 3/5] powerpc: kexec_file: Add buffer hand-over support for the
next kernel
Would you consider including those two?
And like I mentioned in the cover letter, patch 1/5 is an interesting
improvement that is worth considering.
--
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
1 - 100 of 287 matches
Mail list logo