lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <1796099.kfo9Nk8t61@hactar>
Date:   Mon, 22 Aug 2016 19:21:09 -0300
From:   Thiago Jung Bauermann <bauerman@...ux.vnet.ibm.com>
To:     Dave Young <dyoung@...hat.com>
Cc:     kexec@...ts.infradead.org,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Balbir Singh <bsingharora@...il.com>,
        Paul Mackerras <paulus@...ba.org>,
        "H. Peter Anvin" <hpa@...or.com>,
        linux-ima-devel@...ts.sourceforge.net,
        Stewart Smith <stewart@...ux.vnet.ibm.com>,
        Baoquan He <bhe@...hat.com>,
        Michael Ellerman <mpe@...erman.id.au>, x86@...nel.org,
        Ingo Molnar <mingo@...hat.com>,
        Mimi Zohar <zohar@...ux.vnet.ibm.com>,
        Vivek Goyal <vgoyal@...hat.com>,
        Petko Manolov <petkan@...-labs.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Eric Richter <erichte@...ux.vnet.ibm.com>,
        linux-kernel@...r.kernel.org,
        linux-security-module@...r.kernel.org,
        David Laight <David.Laight@...lab.com>,
        Eric Biederman <ebiederm@...ssion.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Samuel Mendoza-Jonas <sam@...dozajonas.com>,
        linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH v2 2/6] powerpc: kexec_file: Add buffer hand-over support for the next kernel

Am Montag, 22 August 2016, 15:22:00 schrieb Dave Young:
> On 08/22/16 at 12:38am, Thiago Jung Bauermann wrote:
> > Am Montag, 22 August 2016, 11:21:35 schrieb Dave Young:
> > > On 08/13/16 at 12:18am, Thiago Jung Bauermann wrote:
> > > > diff --git a/arch/powerpc/kernel/machine_kexec_64.c
> > > > b/arch/powerpc/kernel/machine_kexec_64.c index
> > > > a484a6346146..190c652e49b7 100644
> > > > --- a/arch/powerpc/kernel/machine_kexec_64.c
> > > > +++ b/arch/powerpc/kernel/machine_kexec_64.c
> > > > @@ -490,6 +490,60 @@ int arch_kimage_file_post_load_cleanup(struct
> > > > kimage *image)>
> > > > 
> > > >  	return image->fops->cleanup(image->image_loader_data);
> > > >  
> > > >  }
> > > > 
> > > > +bool kexec_can_hand_over_buffer(void)
> > > > +{
> > > > +	return true;
> > > > +}
> > > > +
> > > > +int arch_kexec_add_handover_buffer(struct kimage *image,
> > > > +				   unsigned long load_addr, unsigned 
long
> > 
> > size)
> > 
> > > > +{
> > > > +	image->arch.handover_buffer_addr = load_addr;
> > > > +	image->arch.handover_buffer_size = size;
> > > > +
> > > > +	return 0;
> > > > +}
> > > > +
> > > > +int kexec_get_handover_buffer(void **addr, unsigned long *size)
> > > > +{
> > > > +	int ret;
> > > > +	u64 start_addr, end_addr;
> > > > +
> > > > +	ret = of_property_read_u64(of_chosen,
> > > > +				   "linux,kexec-handover-buffer-
start",
> > > > +				   &start_addr);
> > > > +	if (ret == -EINVAL)
> > > > +		return -ENOENT;
> > > > +	else if (ret)
> > > > +		return -EINVAL;
> > > > +
> > > > +	ret = of_property_read_u64(of_chosen,
> > > > "linux,kexec-handover-buffer-end", +
> > 
> > &end_addr);
> > 
> > > > +	if (ret == -EINVAL)
> > > > +		return -ENOENT;
> > > > +	else if (ret)
> > > > +		return -EINVAL;
> > > > +
> > > > +	*addr =  __va(start_addr);
> > > > +	/* -end is the first address after the buffer. */
> > > > +	*size = end_addr - start_addr;
> > > > +
> > > > +	return 0;
> > > > +}
> > > 
> > > This depends on dtb, so if IMA want to extend it to arches like x86 in
> > > the future you will have to think about other way to pass it.
> > > 
> > > How about think about a general way now?
> > 
> > The only general way I can think of is by adding a kernel command line
> > parameter which the first kernel would pass to the second kernel, but
> > IMHO that is ugly, because such parameter wouldn't be useful to a user,
> > and it would also be something that, from the perspective of the user,
> > would magically appear in the kernel command line of the second
> > kernel...
> Sorry I just brought up the question, actually I have no idea either.
> Maybe we have to do this with arch specific ways..

Actually, I don't think it's possible to avoid arch-specific code because 
the first kernel has to put the buffer memory region in a reserved memory 
map, and that is arch-specific.

On powerpc, this is done by adding it to the device tree memory reservation 
map. On x86, I believe this would be done added to the e820 map.

-- 
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ