[PATCH v2] powerpc/kexec_file: Restore FDT size estimation for kdump kernel

e extra space needed by the kdump kernel, and change the function name so that it better reflects what the function is now doing. Signed-off-by: Thiago Jung Bauermann Reviewed-by: Lakshmi Ramasubramanian --- arch/powerpc/include/asm/kexec.h | 2 +- arch/powerpc/kexec/elf_64.c | 2 +- arch/powerp

Re: [PATCH] powerpc/kexec_file: Restore FDT size estimation for kdump kernel

Lakshmi Ramasubramanian writes: > On 2/19/21 6:25 AM, Thiago Jung Bauermann wrote: > > One small nit in the function header (please see below), but otherwise the > change looks good. > > Reviewed-by: Lakshmi Ramasubramanian Thanks for your review. I incorporated your sugges

[PATCH] powerpc/kexec_file: Restore FDT size estimation for kdump kernel

e extra space needed by the kdump kernel, and change the function name so that it better reflects what the function is now doing. Signed-off-by: Thiago Jung Bauermann --- arch/powerpc/include/asm/kexec.h | 2 +- arch/powerpc/kexec/elf_64.c | 2 +- arch/powerpc/kexec/file_load_64.c | 26 -

Re: [RESEND PATCH v5 08/11] ppc64/kexec_file: setup backup region for kdump kernel

with backup region and > crashed kernel's memory to avoid kdump kernel from accidentially using > that memory. > > Signed-off-by: Hari Bathini Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___

Re: [RESEND PATCH v5 07/11] ppc64/kexec_file: enable early kernel's OPAL calls

igned-off-by: Hari Bathini Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec

Re: [RESEND PATCH v5 06/11] ppc64/kexec_file: restrict memory usage of kdump kernel

Bathini > Tested-by: Pingfan Liu I liked the new versions of get_node_path_size() and get_node_path(). Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org h

Re: [PATCH v4 06/12] ppc64/kexec_file: restrict memory usage of kdump kernel

Hari Bathini writes: > On 24/07/20 5:36 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> >>> Kdump kernel, used for capturing the kernel core image, is supposed >>> to use only specific memory regions to avoid corrupting the image to >&

Re: [PATCH v4 10/12] ppc64/kexec_file: prepare elfcore header for crashing kernel

; being stomped on while booting. > > Signed-off-by: Hari Bathini > Tested-by: Pingfan Liu Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lis

Re: [PATCH v4 09/12] ppc64/kexec_file: setup backup region for kdump kernel

ackup region and > crashed kernel's memory to avoid kdump kernel from accidentially > using that memory. > > Reported-by: kernel test robot > [lkp: In v1, purgatory() declaration was missing] > Signed-off-by: Hari Bathini Reviewed-by: Thiago Jung Bauermann Just one minor

Re: [PATCH v4 06/12] ppc64/kexec_file: restrict memory usage of kdump kernel

.. > + end_char = '\0'; > + while (dn->parent) { > + path[--idx] = end_char; .. and in the first ireation, this is writing '\0' at a place which will be overwritten by the memcpy() below with the last character of dn->full_name. You need to start idx with len, not len - 1. > +

Re: [PATCH v4 04/12] ppc64/kexec_file: avoid stomping memory used by special regions

different kdump segments. > Override arch_kexec_locate_mem_hole() to locate a memory hole taking > these ranges into account. > > Signed-off-by: Hari Bathini Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center _

Re: [PATCH v4 03/12] powerpc/kexec_file: add helper functions for getting memory ranges

d-by: Pingfan Liu Just one comment below, but regardless: Reviewed-by: Thiago Jung Bauermann > +/** > + * add_htab_mem_range - Adds htab range to the given memory ranges list, > + * if it exists > + * @mem_ranges: Range list to add the memory r

Re: [PATCH v3 07/12] ppc64/kexec_file: add support to relocate purgatory

Hari Bathini writes: > On 16/07/20 5:50 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> >>> So, add support to relocate purgatory in kexec_file_load system call >>> by setting up TOC pointer and applying RELA relocations as needed. &g

Re: [PATCH v3 09/12] ppc64/kexec_file: setup backup region for kdump kernel

Hari Bathini writes: > On 16/07/20 7:08 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> >>> @@ -968,7 +1040,7 @@ int setup_new_fdt_ppc64(const struct kimage *image, >>> void *fdt, >>> >>> /* >>> * Rest

Re: [PATCH v3 06/12] ppc64/kexec_file: restrict memory usage of kdump kernel

Hari Bathini writes: > On 16/07/20 4:22 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> > > > >>> +/** >>> + * get_node_path - Get the full path of the given node. >>> + * @dn:Node. >&

Re: [PATCH v3 05/12] powerpc/drmem: make lmb walk a bit more flexible

Hari Bathini writes: > On 15/07/20 9:20 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> >>> @@ -534,7 +537,7 @@ static int __init >>> early_init_dt_scan_memory_ppc(unsigned long node, >>> #ifdef CONFIG_PPC_PSERIES >>

Re: [PATCH v3 04/12] ppc64/kexec_file: avoid stomping memory used by special regions

Hari Bathini writes: > On 15/07/20 8:09 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> > > > >>> +/** >>> + * __locate_mem_hole_top_down - Looks top down for a large enough memory >>> hole >>> + *

Re: [PATCH v3 10/12] ppc64/kexec_file: prepare elfcore header for crashing kernel

Hari Bathini writes: > On 16/07/20 7:52 am, Thiago Jung Bauermann wrote: >> >> Hari Bathini writes: >> >>> /** >>> + * get_crash_memory_ranges - Get crash memory ranges. This list includes >>> + *

Re: [PATCH v3 04/12] ppc64/kexec_file: avoid stomping memory used by special regions

Thiago Jung Bauermann writes: > Hari Bathini writes: > >> diff --git a/arch/powerpc/include/asm/crashdump-ppc64.h >> b/arch/powerpc/include/asm/crashdump-ppc64.h >> new file mode 100644 >> index 000..90deb46 >> --- /dev/null >> +++ b/arch/powerp

Re: [PATCH v3 12/12] ppc64/kexec_file: fix kexec load failure with lack of memory hole

e same time, it's not a problem if both plan to use the same region of memory. > > Signed-off-by: Hari Bathini > Tested-by: Pingfan Liu Reviewed-by: Thiago Jung Bauermann > --- > > v2 -> v3: > * Unchanged. Added Tested-by tag from Pingfan. > > v1 -> v2: >

Re: [PATCH v3 11/12] ppc64/kexec_file: add appropriate regions for memory reserve map

aim likewise. > > Signed-off-by: Hari Bathini > Tested-by: Pingfan Liu Reviewed-by: Thiago Jung Bauermann Just one oinor nit below. > --- > > v2 -> v3: > * Unchanged. Added Tested-by tag from Pingfan. > > v1 -> v2: > * Updated add_rtas_mem_range() & add_opal_

Re: [PATCH v3 10/12] ppc64/kexec_file: prepare elfcore header for crashing kernel

mage, cmem, , _sz); > + if (ret) { > + pr_err("Failed to prepare elf headers for the core\n"); > + goto out; > + } > + > + kbuf->buffer = headers; > + kbuf->mem = KEXEC_BUF_MEM_UNKNOWN; > + kbuf->bufsz =

Re: [PATCH v3 02/12] powerpc/kexec_file: mark PPC64 specific code

mpoline.S to purgatory/trampoline_64.S in the > same spirit. There's only a 64 bit implementation of kexec_file_load() so this is a somewhat theoretical exercise, but there's no harm in getting the code organized, so: Reviewed-by: Thiago Jung Bauermann I have just one question below. > Sign

Re: [PATCH v3 08/12] ppc64/kexec_file: setup the stack for purgatory

ry-address", ); > + ret = kexec_purgatory_get_set_symbol(image, "opal_entry", , > + sizeof(val), false); You need to call of_node_put(dn) here and in the if (ret) case above. > + } > out: >

Re: [PATCH v3 09/12] ppc64/kexec_file: setup backup region for kdump kernel

rc = (void *)BACKUP_SRC_START; > + if (backup_start) { > + dest = (void *)backup_start; > + __memcpy(dest, src, BACKUP_SRC_SIZE); > + } > +} In general I'm in favor of using C code over assembly, but having to bring in that relocation support just for the above makes me wonder if it's worth it in this case. -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH v3 08/12] ppc64/kexec_file: setup the stack for purgatory

igned-off-by: Hari Bathini > Tested-by: Pingfan Liu Reviewed-by: Thiago Jung Bauermann > --- > > v2 -> v3: > * Unchanged. Added Tested-by tag from Pingfan. > > v1 -> v2: > * Setting up opal base & entry values in r8 & r9 for early OPAL debug. > > >

Re: [PATCH v3 07/12] ppc64/kexec_file: add support to relocate purgatory

d by lkp. lkp report for reference: > - https://lore.kernel.org/patchwork/patch/1264421/ > > > arch/powerpc/kexec/file_load_64.c | 337 > > arch/powerpc/purgatory/trampoline_64.S |8 + >

Re: [PATCH v3 06/12] ppc64/kexec_file: restrict memory usage of kdump kernel

prop += n_mem_addr_cells; > + end = base + of_read_number(prop, n_mem_size_cells) - 1; You need to `prop += n_mem_size_cells` here. > + > + ret = add_usable_mem(um_info, base, end, ); > + if (ret) { > + ret = ret;

Re: [PATCH v3 05/12] powerpc/drmem: make lmb walk a bit more flexible

walk_drmem_lmbs(memory, NULL, numa_setup_drmem_lmb); Similarly here. Now that this call can fail, should parse_numa_properties() handle or propagate the failure? > of_node_put(memory); > } > -- Thiago Jung Bauermann IBM Linux Technology Center

Re: [PATCH v3 04/12] ppc64/kexec_file: avoid stomping memory used by special regions

ound */ > + if (start > buf_max) > + break; > + > + /* Adjust memory region based on the given range */ > + if (start < buf_min) > + start = buf_min; > + if (end > buf_max) > + end

Re: [PATCH v3 03/12] powerpc/kexec_file: add helper functions for getting memory ranges

return ret; > +} > + > +/** > + * sort_memory_ranges - Sorts the given memory ranges list. > + * @mem_ranges: Range list to sort. > + * @merge: If true, merge the list after sorting. > + * > + * Returns nothing. > + */ > +void sort_memory_ranges(struct crash_m

Re: [PATCH v3 01/12] kexec_file: allow archs to handle special regions while locating memory hole

, arch_kimage_file_post_load_cleanup() declaration was missing] > Signed-off-by: Hari Bathini > Acked-by: Dave Young > Tested-by: Pingfan Liu Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexe

Re: [RFC PATCH v1 1/1] Add support for arm64 to carry ima measurement log in kexec_file_load

Hello, prsriva writes: > On 9/19/19 8:07 PM, Thiago Jung Bauermann wrote: >> Hello Prakhar, >> >> Prakhar Srivastava writes: >> >>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig >>> index 3adcec05b1f6..f39b12dbf9e8 100644 >>>

Re: [RFC PATCH v1 1/1] Add support for arm64 to carry ima measurement log in kexec_file_load

ly equivalent code in the two architectures? Actually, there's one change that is significant: instead of a single linux,ima-kexec-buffer property holding the start address and size of the buffer, ARM64 is now using two properties (linux,ima-kexec-buffer and linux,ima-kexec-buffer-end) for the start and end addresses. In my opinion, unless there's a good reason for it Linux should be consistent accross architectures when possible. -- Thiago Jung Bauermann IBM Linux Technology Center

Re: [RFC PATCH v1 1/1] Add support for arm64 to carry ima measurement log in kexec_file_load

>> There seems to be quite a bit of code duplication in this function and >> in ima_get_kexec_buffer(). It could probably be cleaned up with some >> refactoring. > > Sorry, my mistake. One calls of_get_property(), while the other calls > of_find_property(). of_get_property() is a thin wrapper around of_find_property(), so if that's the only difference I think they can still be merged. -- Thiago Jung Bauermann IBM Linux Technology Center

Re: [PATCH v5 0/7] kexec: add generic support for elf kernel images

Helge Deller writes: > On 06.09.19 23:47, Thiago Jung Bauermann wrote: >> Helge Deller writes: >>> This kexec patch series is the groundwork for kexec on the parisc >>> architecture. >>> Since we want kexec on parisc, I've applied it to my for-next-k

Re: [PATCH v5 0/7] kexec: add generic support for elf kernel images

+- >> include/linux/kexec.h | 23 + >> kernel/Makefile | 1 + >> .../kexec_elf_64.c => kernel/kexec_elf.c | 394 +++-- >> 6 files changed, 115 insertions(+), 852 deletions(-) >

Re: [PATCH v4 1/7] kexec: add KEXEC_ELF

Thiago Jung Bauermann writes: >> diff --git a/arch/powerpc/kernel/kexec_elf_64.c b/kernel/kexec_elf.c >> similarity index 71% >> copy from arch/powerpc/kernel/kexec_elf_64.c >> copy to kernel/kexec_elf.c >> index ba4f18a43ee8..6e9f52171ede 100644 >> ---

Re: [PATCH v4 4/7] kexec_elf: remove PURGATORY_STACK_SIZE

Thiago Jung Bauermann writes: > Sven Schnelle writes: > >> It's not used anywhere so just drop it. >> >> Signed-off-by: Sven Schnelle >> --- >> kernel/kexec_elf.c | 2 -- >> 1 file changed, 2 deletions(-) >> >> diff --git a/kernel/

Re: [PATCH v4 0/7] kexec: add generic support for elf kernel images

nels, and also in ppc64 kexecing to both big-endian and little-endian kernels so: Tested-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH v4 1/7] kexec: add KEXEC_ELF

Hello Sven, Just a few small comments below. Regardless of them: Reviewed-by: Thiago Jung Bauermann Sven Schnelle writes: > Right now powerpc provides an implementation to read elf files > with the kexec_file() syscall. Make that available as a public Nit: the syscall is kexec_fil

Re: [PATCH v4 7/7] kexec_elf: support 32 bit ELF files

Sven Schnelle writes: > The powerpc version only supported 64 bit. Add some > code to switch decoding of fields during runtime so > we can kexec a 32 bit kernel from a 64 bit kernel and > vice versa. > > Signed-off-by: Sven Schnelle Reviewed-by: Thiago Jung Bauermann

Re: [PATCH v4 6/7] kexec_elf: remove unused variable in kexec_elf_load()

fer(kbuf); > if (ret) > goto out; > @@ -382,9 +382,6 @@ int kexec_elf_load(struct kimage *image, struct elfhdr > *ehdr, > lowest_addr = load_addr; > } > > - /* Update entry point to reflect new load address.

Re: [PATCH v4 5/7] kexec_elf: remove Elf_Rel macro

; static inline bool elf_is_elf_file(const struct elfhdr *ehdr) > { > return memcmp(ehdr->e_ident, ELFMAG, SELFMAG) == 0; Could you remove this one from the file in arch/powerpc as well? Perhaps this and the previous patch could be placed before patch 1, so that this change can be done only

Re: [PATCH v4 3/7] kexec_elf: remove parsing of section headers

Sven Schnelle writes: > We're not using them, so we can drop the parsing. > > Signed-off-by: Sven Schnelle Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infr

Re: [PATCH v4 2/7] kexec_elf: change order of elf_*_to_cpu() functions

Sven Schnelle writes: > Change the order to have a 64/32/16 order, no functional change. > > Signed-off-by: Sven Schnelle Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing l

Re: [PATCH] powerpc: Fix loading of kernel + initramfs with kexec_file_load()

Michael Ellerman writes: > On Wed, 2019-05-22 at 22:01:58 UTC, Thiago Jung Bauermann wrote: >> Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()") >> changed kexec_add_buffer() to skip searching for a memory location if >> kexec_buf.mem is a

Re: [PATCH] powerpc: Fix loading of kernel + initramfs with kexec_file_load()

Dave Young writes: > On 05/22/19 at 07:01pm, Thiago Jung Bauermann wrote: >> Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()") >> changed kexec_add_buffer() to skip searching for a memory location if >> kexec_buf.mem is a

[PATCH] powerpc: Fix loading of kernel + initramfs with kexec_file_load()

t Setting the mem field before every call to kexec_add_buffer() fixes this regression. Fixes: b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()") Signed-off-by: Thiago Jung Bauermann --- arch/powerpc/kernel/kexec_elf_64.c | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-

Re: [PATCH v2 7/7] ima: Support platform keyring for kernel appraisal

INTEGRITY_KEYRING_IMA for readability > > security/integrity/ima/ima_appraise.c | 13 +++-- > 1 file changed, 11 insertions(+), 2 deletions(-) With the change to only access the platform keyring when it is enabled: Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Techno

Re: [PATCH v2 2/7] integrity: Load certs to the platform keyring

changed, 90 insertions(+), 24 deletions(-) Reviewed-by: Thiago Jung Bauermann -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH v2 1/7] integrity: Define a trusted platform keyring

ty/integrity/digsig.c| 48 > +++--- > security/integrity/integrity.h | 3 +- > .../integrity/platform_certs/platform_keyring.c| 35 > 5 files changed, 83 insertions(+), 15 deletions(-) > create mode 1

Re: [PATCH v2 7/7] ima: Support platform keyring for kernel appraisal

the audit message of failed signature verifications for KEXEC_KERNEL will always log the same rc value, which is whatever request_key() returns when asked to look for an inexistent keyring. Here is a patch which only performs the second try if the platform keyring is enabled. >From d5fb94ab9

[PATCH] powerpc: kexec_file: Fix error code when trying to load kdump kernel

not supported Fixes: a0458284f062 ("powerpc: Add support code for kexec_file_load()") Reported-by: Dave Young <dyo...@redhat.com> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/kernel/machine_kexec_file_64.c | 2 +- 1 file changed, 1 in

Re: [PATCH v5 4/5] kexec: Add option to fall back to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported

in latest version. kernel does not return >> > such error number, I might not say clearly previously. Please >> > check the kernel code, the only one place I know is because no >> > kdump support in power kexec_file: >> > arch/powerpc/kernel/machine_kexec_file_64.c >> > >> > /* We don't support crash kernels yet. */ >> > if (image->type == KEXEC_TYPE_CRASH) >> > return -ENOTSUPP; >> > >> > So I suggest not checking this as well since -ENOTSUPP is not >> > populated in userspace headers, and -ENOTSUP is not used at all. >> > >> > Also as I mentioned in another reply -EINVAL and -ENOEXEC is also >> > not ncessary. >> > >> > For -ENOTSUP, maybe someone can submit a patch to switch to >> > -ENOTSUPP so that userspace can check it. >> > Ccing Thiago and Hari for the -ENOTSUPP errno issue. >> >> Oops for the hurry reply, I means -ENOTSUPP might be able to replaced >> with -EOPNOTSUPP, a similar change like this: >> https://patchwork.kernel.org/patch/8490791/ > > Thanks for catching this. In Linux ENOTSUPP with extra P is different > from EOPNOTSUPP and ENOTSUP (single P). Since we are talking to the > kernel and it returns the double P ENOTSUPP we need to define it in > kexec as well. And we should check ENOTSUP with single P in case > somebody some day thinks that returning undefined error codes to > userspace is not nice like in the patch above. I wasn't aware that ENOTSUPP was an in-kernel only errno. Should I submit a patch for the kernel so that powerpc returns -EOPNOTSUPP in case of trying to load kdump kernel with kexec_file_load()? -- Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] kexec/ppc64: leverage kexec_file_load support

(+) Thanks for implementing this! Looks good to me, just one nit below. Regardless of that: Reviewed-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> > diff --git a/kexec/arch/ppc64/kexec-elf-ppc64.c > b/kexec/arch/ppc64/kexec-elf-ppc64.c > index ddd3de8..2742cd6 100644 &

Re: [PATCH v2 2/7] kexec_file, x86, powerpc: factor out kexec_file_ops functions

Baoquan He <b...@redhat.com> >> Cc: Michael Ellerman <m...@ellerman.id.au> >> Cc: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> >> --- >> arch/powerpc/include/asm/kexec.h| 2 +- >> arch/powerpc/kernel/kexec_elf_64.c | 2

Re: [PATCH 14/14] arm64: kexec_file: add vmlinux format support

esystems nowadays, with the notable exception of FAT-based filesystems. evmctl, the IMA userspace tool, also support signatures stored in a separate file as well ("sidecar" signatures), but the kernel can only verify them if they are copied into an xattr (which I believe

Re: [PATCH 08/14] arm64: kexec_file: create purgatory

ocation types. > Otherwise, why can't the purgatory code be written in assembly? AFAICT, > the only complex part is the hashing code, which I don't beleive is > strictly necessary. When I posted a similar series for powerpc with similar changes to handle a pa

Re: [PATCH] kexec: allocate buffer in top-down, if specified, correctly

Am Freitag, 28. April 2017, 09:51:39 BRT schrieb AKASHI Takahiro: > On Thu, Apr 27, 2017 at 07:00:04PM -0300, Thiago Jung Bauermann wrote: > > Hello, > > > > Am Mittwoch, 26. April 2017, 17:22:09 BRT schrieb AKASHI Takahiro: > > > The current kexec_locate_mem_

Re: [PATCH v10 04/10] kexec_file: Add support for purgatory built as PIE.

Am Mittwoch, 23. November 2016, 09:32:58 BRST schrieb Dave Young: > On 11/22/16 at 11:44am, Thiago Jung Bauermann wrote: > > Am Dienstag, 22. November 2016, 17:01:10 BRST schrieb Michael Ellerman: > > > Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes: > >

Re: [PATCH v10 04/10] kexec_file: Add support for purgatory built as PIE.

Am Dienstag, 22. November 2016, 17:01:10 BRST schrieb Michael Ellerman: > Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes: > > Am Sonntag, 20. November 2016, 10:45:46 BRST schrieb Dave Young: > >> On 11/10/16 at 01:27am, Thiago Jung Bauermann wrote: > >>

Re: [PATCH v10 04/10] kexec_file: Add support for purgatory built as PIE.

Hello Dave, Thanks for your review. Am Sonntag, 20. November 2016, 10:45:46 BRST schrieb Dave Young: > On 11/10/16 at 01:27am, Thiago Jung Bauermann wrote: > > powerpc's purgatory.ro has 12 relocation types when built as > > a relocatable object. To implement support fo

[PATCH v10 06/10] powerpc: Implement kexec_file_load.

Add arch-specific functions needed by the generic kexec_file code. Signed-off-by: Josh Sklar <sk...@linux.vnet.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/Kconfig| 14 ++ arch/powerpc/include/asm/systbl.h

[PATCH v10 08/10] powerpc: Add support for loading ELF kernels with kexec_file_load.

: coding-style fixes] Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Signed-off-by: Andrew Morton <a...@linux-foundation.org> --- arch/powerpc/include/asm/kexec.h| 12 ++ arch/powerpc/kernel/Makefile| 3 +- arch/powerpc/kernel/ke

[PATCH v10 10/10] powerpc: Enable CONFIG_KEXEC_FILE in powerpc server defconfigs.

Enable CONFIG_KEXEC_FILE in powernv_defconfig, ppc64_defconfig and pseries_defconfig. It depends on CONFIG_CRYPTO_SHA256=y, so add that as well. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/configs/powernv_defconfig | 2 ++ arch/powerpc/c

[PATCH v10 05/10] powerpc: Change places using CONFIG_KEXEC to use CONFIG_KEXEC_CORE instead.

RE instead, since kexec_file_load also needs that code compiled in. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/Kconfig | 2 +- arch/powerpc/include/asm/debug.h | 2 +- arch/powerpc/include/asm/kexec.h

[PATCH v10 07/10] powerpc: Add functions to read ELF files of any endianness.

the ELF structs. These functions will be used in the next patch in the series. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/include/asm/elf_util.h | 43 arch/powerpc/kernel/Makefile| 2 +- arch/powerpc/kernel/elf_util.c

[PATCH v10 09/10] powerpc: Add purgatory for kexec_file_load implementation.

nitialized to zero. It doesn't matter what their initial value is, because they will be set by the kernel when preparing the kexec image. Finally, some checkpatch.pl warnings were fixed. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/

[PATCH v10 03/10] kexec_file: Factor out kexec_locate_mem_hole from kexec_add_buffer.

kexec_locate_mem_hole will be used by the PowerPC kexec_file_load implementation to find free memory for the purgatory stack. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: Dave Young <dyo...@redhat.com> --- include/linux/kexec.h | 1 + kernel/kexec_f

[PATCH v10 02/10] kexec_file: Change kexec_add_buffer to take kexec_buf as argument.

existing casts to char * in the code. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: Dave Young <dyo...@redhat.com> Acked-by: Balbir Singh <bsinghar...@gmail.com> --- arch/x86/kernel/crash.c | 37 arch/x86/kernel/kexe

[PATCH v10 04/10] kexec_file: Add support for purgatory built as PIE.

Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/Kconfig | 11 ++ include/linux/kexec.h | 4 + kernel/kexec_file.c | 314 ++ 3 files changed, 253 insertions(+), 76 deletions(-) diff --git a/arch/Kconfig b/arch/K

[PATCH v10 01/10] kexec_file: Allow arch-specific memory walking for kexec_add_buffer

Allow architectures to specify a different memory walking function for kexec_add_buffer. x86 uses iomem to track reserved memory ranges, but PowerPC uses the memblock subsystem. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: Dave Young <dyo...@redhat.c

Re: [RFC] kexec_file: Add support for purgatory built as PIE

Hello Eric, Am Freitag, 4. November 2016, 10:13:39 BRST schrieb Eric W. Biederman: > Baoquan He <b...@redhat.com> writes: > > On 11/02/16 at 04:00am, Thiago Jung Bauermann wrote: > >> Hello, > >> > >> The kexec_file code currently builds the purgatory a

Re: [RFC] kexec_file: Add support for purgatory built as PIE

Hello Baoquan, Am Freitag, 4. November 2016, 15:38:40 BRST schrieb Baoquan He: > On 11/02/16 at 04:00am, Thiago Jung Bauermann wrote: > > Hello, > > > > The kexec_file code currently builds the purgatory as a partially linked > > object (using ld -r). Is there

[RFC] kexec_file: Add support for purgatory built as PIE

be refined a bit. Would you accept a change along these lines? Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/Kconfig| 3 + kernel/kexec_file.c | 159 ++-- kernel/kexec_internal.h | 26 3

[PATCH v9 06/10] powerpc: Implement kexec_file_load.

address of the relocation in memory. We also add more relocation types that are used by the purgatory. Signed-off-by: Josh Sklar <sk...@linux.vnet.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/Kconfig| 13 ++ arch/pow

[PATCH v6 08/10] ima: support restoring multiple template formats

From: Mimi Zohar The configured IMA measurement list template format can be replaced at runtime on the boot command line, including a custom template format. This patch adds support for restoring a measuremement list containing multiple builtin/custom template formats.

[PATCH v6 06/10] ima: on soft reboot, save the measurement list

ot notifier once Changelog v1: - updated to call IMA functions (Mimi) - move code from ima_template.c to ima_kexec.c (Mimi) Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com> Acked-by: "Eric W. Biederman"

[PATCH v6 07/10] ima: store the builtin/custom template definitions in a list

From: Mimi Zohar The builtin and single custom templates are currently stored in an array. In preparation for being able to restore a measurement list containing multiple builtin/custom templates, this patch stores the builtin and custom templates as a linked list.

[PATCH v6 09/10] ima: define a canonical binary_runtime_measurements list format

From: Mimi Zohar The IMA binary_runtime_measurements list is currently in platform native format. To allow restoring a measurement list carried across kexec with a different endianness than the targeted kernel, this patch defines little-endian as the canonical format.

[PATCH v6 10/10] ima: platform-independent hash value

From: Andreas Steffen For remote attestion it is important for the ima measurement values to be platform-independent. Therefore integer fields to be hashed must be converted to canonical format. Changelog: - Define canonical format as little endian (Mimi)

[PATCH v6 02/10] ima: on soft reboot, restore the measurement list

e9747 --- /dev/null +++ b/security/integrity/ima/ima_kexec.c @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2016 IBM Corporation + * + * Authors: + * Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> + * Mimi Zohar <zo...@linux.vnet.ibm.com> + * + * This program is free software; you can redis

[PATCH v6 01/10] powerpc: ima: Get the kexec buffer passed by the previous kernel

}. - Use #address-cells and #size-cells to read the DT property. - Use size_t instead of unsigned long for size arguments. - Always remove linux,ima-kexec-buffer and its memory reservation when preparing a device tree for kexec_file_load. Signed-off-by: Thiago Jung Bauermann <ba

[PATCH v6 05/10] powerpc: ima: Send the kexec buffer to the next kernel

CONFIG_IMA_KEXEC to build this code only when necessary. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: "Eric W. Biederman" <ebied...@xmission.com> --- arch/powerpc/include/asm/ima.h | 16 + arch/powerpc/include/asm/kexec.h

[PATCH v6 03/10] ima: permit duplicate measurement list entries

From: Mimi Zohar Measurements carried across kexec need to be added to the IMA measurement list, but should not prevent measurements of the newly booted kernel from being added to the measurement list. This patch adds support for allowing duplicate measurements. The

[PATCH v6 00/10] ima: carry the measurement list across kexec

g the measurement list ima: on soft reboot, save the measurement list ima: store the builtin/custom template definitions in a list ima: support restoring multiple template formats ima: define a canonical binary_runtime_measurements list format Thiago Jung Bauermann (2): powerpc: ima:

[PATCH v9 10/10] powerpc: Enable CONFIG_KEXEC_FILE in powerpc server defconfigs.

Enable CONFIG_KEXEC_FILE in powernv_defconfig, ppc64_defconfig and pseries_defconfig. It depends on CONFIG_CRYPTO_SHA256=y, so add that as well. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/configs/powernv_defconfig | 2 ++ arch/powerpc/c

[PATCH v9 04/10] powerpc: Change places using CONFIG_KEXEC to use CONFIG_KEXEC_CORE instead.

RE instead, since kexec_file_load also needs that code compiled in. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/Kconfig | 2 +- arch/powerpc/include/asm/debug.h | 2 +- arch/powerpc/include/asm/kexec.h

[PATCH v9 09/10] powerpc: Add purgatory for kexec_file_load implementation.

the kexec image. Also, since we don't support loading a crashdump kernel via kexec_file_load yet, the code related to that functionality has been removed. Finally, some checkpatch.pl warnings were fixed. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/Ma

[PATCH v9 08/10] powerpc: Add support for loading ELF kernels with kexec_file_load.

: coding-style fixes] Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Signed-off-by: Andrew Morton <a...@linux-foundation.org> --- arch/powerpc/include/asm/kexec.h| 12 + arch/powerpc/kernel/Makefile| 3 +- arch/powerpc/kernel/kexec_elf_64.c

[PATCH v9 03/10] kexec_file: Factor out kexec_locate_mem_hole from kexec_add_buffer.

kexec_locate_mem_hole will be used by the PowerPC kexec_file_load implementation to find free memory for the purgatory stack. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: Dave Young <dyo...@redhat.com> --- include/linux/kexec.h | 1 + kernel/kexec_f

[PATCH v9 05/10] powerpc: Factor out relocation code in module_64.c

t;m...@ellerman.id.au> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> --- arch/powerpc/kernel/module_64.c | 344 +--- 1 file changed, 182 insertions(+), 162 deletions(-) diff --git a/arch/powerpc/kernel/module_64.c b/arch/powerpc/kern

[PATCH v9 01/10] kexec_file: Allow arch-specific memory walking for kexec_add_buffer

Allow architectures to specify a different memory walking function for kexec_add_buffer. x86 uses iomem to track reserved memory ranges, but PowerPC uses the memblock subsystem. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: Dave Young <dyo...@redhat.c

[PATCH v9 02/10] kexec_file: Change kexec_add_buffer to take kexec_buf as argument.

existing casts to char * in the code. Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Acked-by: Dave Young <dyo...@redhat.com> Acked-by: Balbir Singh <bsinghar...@gmail.com> --- arch/x86/kernel/crash.c | 37 arch/x86/kernel/kexe

[PATCH v9 00/10] kexec_file_load implementation for PowerPC

code adapting the device tree for booting the new kernel was moved out of elf64_load to setup_new_fdt. - Patch "powerpc: Allow userspace to set device tree properties in kexec_file_load" - New patch. - The code in this patch didn't exist in v4. - This is the only

Re: [PATHC v2 0/9] ima: carry the measurement list across kexec

Am Donnerstag, 29 September 2016, 16:43:08 schrieb Eric W. Biederman: > Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes: > > Hello Eric, > > > > Am Dienstag, 20 September 2016, 11:07:29 schrieb Eric W. Biederman: > >> A semi-generic con

Re: [PATHC v2 0/9] ima: carry the measurement list across kexec

Hello Eric, Am Dienstag, 20 September 2016, 11:07:29 schrieb Eric W. Biederman: > Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes: > > Am Samstag, 17 September 2016, 00:17:37 schrieb Eric W. Biederman: > >> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.co

Re: [PATHC v2 0/9] ima: carry the measurement list across kexec

Am Samstag, 17 September 2016, 00:17:37 schrieb Eric W. Biederman: > Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes: > > Hello Eric, > > > > Am Freitag, 16 September 2016, 14:47:13 schrieb Eric W. Biederman: > >> I can see tracking to see if the

Re: [PATHC v2 0/9] ima: carry the measurement list across kexec

e it will be useful to us in the future for the case of an arbitrary number of kexecs (and thus not only a bootloader but also multiple full-blown distros may be involved in the chain). But you are right that for the use case for which we currently need this feature it's feasible to measure everything upfront. We can cross the other bridge when we get there. > If there is anyway we can start small and not with this big scary > infrastructure change I would very much prefer it. Sounds good. If we pre-measure everything then the following patches from my buffer hand-over series are enough: [PATCH v5 2/5] kexec_file: Add buffer hand-over support for the next kernel [PATCH v5 3/5] powerpc: kexec_file: Add buffer hand-over support for the next kernel Would you consider including those two? And like I mentioned in the cover letter, patch 1/5 is an interesting improvement that is worth considering. -- []'s Thiago Jung Bauermann IBM Linux Technology Center ___ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec

  1   2   3   >