Vivek Goyal writes:
> Hi Eric,
>
> So you want a separate purgatory code and that purgatory should be self
> contained and should not share any code with rest of the kernel. No
> inclusion of header files, no linking against kernel libraries? That means
> even re-implementing sha256 functions sep
On Fri, Nov 22, 2013 at 07:23:39PM -0800, Eric W. Biederman wrote:
>
> > [..]
> >> >> There is also a huge missing piece of this in that your purgatory is not
> >> >> checking a hash of the loaded image before jumping too it. Without that
> >> >> this is a huge regression at least for the kexec o
Tested kdump and kexec using --use-kexec2-syscall on kenrel 3.13.0-rc2+,
they work very well.
On 11/20/13 at 12:50pm, Vivek Goyal wrote:
> Current proposed secureboot implementation disables kexec/kdump because
> it can allow unsigned kernel to run on a secureboot platform. Intial
> idea was to s
On Mon, 25 Nov 2013 10:36:20 -0500
Vivek Goyal wrote:
> On Mon, Nov 25, 2013 at 11:04:28AM +0100, Michael Holzheu wrote:
> > On Fri, 22 Nov 2013 05:34:03 -0800
> > ebied...@xmission.com (Eric W. Biederman) wrote:
> >
> > > Vivek Goyal writes:
> >
> > > >> There is also a huge missing piece of
On Mon, Nov 25, 2013 at 11:04:28AM +0100, Michael Holzheu wrote:
> On Fri, 22 Nov 2013 05:34:03 -0800
> ebied...@xmission.com (Eric W. Biederman) wrote:
>
> > Vivek Goyal writes:
>
> > >> There is also a huge missing piece of this in that your purgatory is not
> > >> checking a hash of the loade
On Fri, 22 Nov 2013 05:34:03 -0800
ebied...@xmission.com (Eric W. Biederman) wrote:
> Vivek Goyal writes:
> >> There is also a huge missing piece of this in that your purgatory is not
> >> checking a hash of the loaded image before jumping too it. Without that
> >> this is a huge regression at
Vivek Goyal writes:
> On Fri, Nov 22, 2013 at 05:34:03AM -0800, Eric W. Biederman wrote:
>
> [..]
>> > Why ELF case is so interesting. I have not use kexec to boot ELF
>> > images in years and have not seen others using it too. In fact bzImage
>> > seems to be the most common kernel image format
On Fri, Nov 22, 2013 at 09:19:46AM -0500, Vivek Goyal wrote:
> On Fri, Nov 22, 2013 at 05:34:03AM -0800, Eric W. Biederman wrote:
>
> [..]
> > > Why ELF case is so interesting. I have not use kexec to boot ELF
> > > images in years and have not seen others using it too. In fact bzImage
> > > seems
On Fri, Nov 22, 2013 at 7:33 AM, Vivek Goyal wrote:
> On Fri, Nov 22, 2013 at 02:50:43PM +0100, Jiri Kosina wrote:
>> On Fri, 22 Nov 2013, Vivek Goyal wrote:
>>
>> > > OTOH, does this feature make any sense whatsover on architectures that
>> > > don't support secure boot anyway?
>> >
>> > I guess
On Fri, Nov 22, 2013 at 02:50:43PM +0100, Jiri Kosina wrote:
> On Fri, 22 Nov 2013, Vivek Goyal wrote:
>
> > > OTOH, does this feature make any sense whatsover on architectures that
> > > don't support secure boot anyway?
> >
> > I guess if signed modules makes sense, then being able to kexec si
On Fri, Nov 22, 2013 at 05:04:04PM +0100, Jiri Kosina wrote:
> On Fri, 22 Nov 2013, Eric Paris wrote:
>
> > Consider a cloud provider who gives their customer a machine where
> > they, the cloud provider, is specifying the kernel and initrd. This
> > is a real thing that people do today. Root on
On Fri, 22 Nov 2013, Eric Paris wrote:
> Consider a cloud provider who gives their customer a machine where
> they, the cloud provider, is specifying the kernel and initrd. This
> is a real thing that people do today. Root on the machine has ZERO
> control over the kernel, bootloader, and initrd
On Fri, Nov 22, 2013 at 10:33 AM, Jiri Kosina wrote:
> On Fri, 22 Nov 2013, Geert Uytterhoeven wrote:
>
>> >> Only arm, i386, ppc, ppc64, sh, and x86_64 support zImage.
>> >> It's not clear to me what alpha supports (if it supports anything at
>> >> all?).
>> >
>> > Motiviation behind this patchs
On Fri, 22 Nov 2013, Geert Uytterhoeven wrote:
> >> Only arm, i386, ppc, ppc64, sh, and x86_64 support zImage.
> >> It's not clear to me what alpha supports (if it supports anything at all?).
> >
> > Motiviation behind this patchset is secureboot. That is x86 specific
> > only and bzImage is most
On Fri, Nov 22, 2013 at 2:43 PM, Vivek Goyal wrote:
>> Looking at kexec-tools, all of arm, cris, i386, ia64, m68k, mips, ppc, ppc64,
>> s390, sh, and x86_64 support ELF.
>
> How many of them use ELF to boot in real world? Also one can easily
> add ELF loader. I am just not able to see why ELF load
On Fri, Nov 22, 2013 at 05:34:03AM -0800, Eric W. Biederman wrote:
[..]
> > Why ELF case is so interesting. I have not use kexec to boot ELF
> > images in years and have not seen others using it too. In fact bzImage
> > seems to be the most common kernel image format for x86, most of the distros
>
On Fri, 22 Nov 2013, Vivek Goyal wrote:
> > OTOH, does this feature make any sense whatsover on architectures that
> > don't support secure boot anyway?
>
> I guess if signed modules makes sense, then being able to kexec signed
> kernel images should make sense too, in general.
Well, that's rea
On Fri, Nov 22, 2013 at 02:30:17PM +0100, Jiri Kosina wrote:
> On Fri, 22 Nov 2013, Geert Uytterhoeven wrote:
>
> > > Why ELF case is so interesting. I have not use kexec to boot ELF
> > > images in years and have not seen others using it too. In fact bzImage
> > > seems to be the most common kern
On Fri, Nov 22, 2013 at 10:09:17AM +0100, Geert Uytterhoeven wrote:
> On Fri, Nov 22, 2013 at 2:55 AM, Vivek Goyal wrote:
> >> Before you are done we need an ELF loader. bzImage really is very
> >> uninteresting. To the point I am not at all convinced that an in kernel
> >> loader should support
Vivek Goyal writes:
> On Thu, Nov 21, 2013 at 03:07:04PM -0800, Eric W. Biederman wrote:
>
> [..]
>>
>> Before you are done we need an ELF loader. bzImage really is very
>> uninteresting. To the point I am not at all convinced that an in kernel
>> loader should support it.
>
> Hi Eric,
>
> Why
On Fri, 22 Nov 2013, Geert Uytterhoeven wrote:
> > Why ELF case is so interesting. I have not use kexec to boot ELF
> > images in years and have not seen others using it too. In fact bzImage
> > seems to be the most common kernel image format for x86, most of the distros
> > ship and use.
> >
> >
On Fri, Nov 22, 2013 at 2:55 AM, Vivek Goyal wrote:
>> Before you are done we need an ELF loader. bzImage really is very
>> uninteresting. To the point I am not at all convinced that an in kernel
>> loader should support it.
>
> Hi Eric,
>
> Why ELF case is so interesting. I have not use kexec t
22 matches
Mail list logo