lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230105005838.GA1772817@paulmck-ThinkPad-P17-Gen-1>
Date:   Wed, 4 Jan 2023 16:58:38 -0800
From:   "Paul E. McKenney" <paulmck@...nel.org>
To:     linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org
Cc:     mhiramat@...nel.org, corbet@....net, akpm@...ux-foundation.org,
        ndesaulniers@...gle.com, vbabka@...e.cz, hannes@...xchg.org,
        joel@...lfernandes.org, quic_neeraju@...cinc.com, urezki@...il.com
Subject: [PATCH RFC bootconfig] Allow forcing unconditional bootconfig
 processing

The BOOT_CONFIG family of Kconfig options allows a bootconfig file
containing kernel boot parameters to be embedded into an initrd or into
the kernel itself.  This can be extremely useful when deploying kernels
in cases where some of the boot parameters depend on the kernel version
rather than on the server hardware, firmware, or workload.

Unfortunately, the "bootconfig" kernel parameter must be specified in
order to cause the kernel to look for the embedded bootconfig file,
and it clearly does not help to embed this "bootconfig" kernel parameter
into that file.

Therefore, provide a new BOOT_CONFIG_FORCE Kconfig option that causes the
kernel to act as if the "bootconfig" kernel parameter had been specified.
In other words, kernels built with CONFIG_BOOT_CONFIG_FORCE=y will look
for the embedded bootconfig file even when the "bootconfig" kernel
parameter is omitted.  This permits kernel-version-dependent kernel
boot parameters to be embedded into the kernel image without the need to
(for example) update large numbers of boot loaders.

Signed-off-by: Paul E. McKenney <paulmck@...nel.org>
Cc: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Jonathan Corbet <corbet@....net>
Cc: Andrew Morton <akpm@...ux-foundation.org>
Cc: Nick Desaulniers <ndesaulniers@...gle.com>
Cc: Vlastimil Babka <vbabka@...e.cz>
Cc: Johannes Weiner <hannes@...xchg.org>
Cc: <linux-doc@...r.kernel.org>

diff --git a/Documentation/admin-guide/bootconfig.rst b/Documentation/admin-guide/bootconfig.rst
index 9355c525fbe0a..91339efdcb541 100644
--- a/Documentation/admin-guide/bootconfig.rst
+++ b/Documentation/admin-guide/bootconfig.rst
@@ -201,6 +201,8 @@ To remove the config from the image, you can use -d option as below::
 
 Then add "bootconfig" on the normal kernel command line to tell the
 kernel to look for the bootconfig at the end of the initrd file.
+Alternatively, build your kernel with the ``CONFIG_BOOT_CONFIG_FORCE``
+Kconfig option selected.
 
 Embedding a Boot Config into Kernel
 -----------------------------------
@@ -217,7 +219,9 @@ path to the bootconfig file from source tree or object tree.
 The kernel will embed it as the default bootconfig.
 
 Just as when attaching the bootconfig to the initrd, you need ``bootconfig``
-option on the kernel command line to enable the embedded bootconfig.
+option on the kernel command line to enable the embedded bootconfig, or,
+alternatively, build your kernel with the ``CONFIG_BOOT_CONFIG_FORCE``
+Kconfig option selected.
 
 Note that even if you set this option, you can override the embedded
 bootconfig by another bootconfig which attached to the initrd.
diff --git a/init/Kconfig b/init/Kconfig
index 7e5c3ddc341de..f894fb004bad4 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1376,6 +1376,18 @@ config BOOT_CONFIG
 
 	  If unsure, say Y.
 
+config BOOT_CONFIG_FORCE
+	bool "Force unconditional bootconfig processing"
+	depends on BOOT_CONFIG
+	help
+	  With this Kconfig option set, BOOT_CONFIG processing is carried
+	  out even when the "bootconfig" kernel-boot parameter is omitted.
+	  In fact, with this Kconfig option set, there is no way to
+	  make the kernel ignore the BOOT_CONFIG-supplied kernel-boot
+	  parameters.
+
+	  If unsure, say N.
+
 config BOOT_CONFIG_EMBED
 	bool "Embed bootconfig file in the kernel"
 	depends on BOOT_CONFIG
diff --git a/init/main.c b/init/main.c
index e1c3911d7c707..669cb892e6c17 100644
--- a/init/main.c
+++ b/init/main.c
@@ -156,7 +156,7 @@ static char *extra_init_args;
 
 #ifdef CONFIG_BOOT_CONFIG
 /* Is bootconfig on command line? */
-static bool bootconfig_found;
+static bool bootconfig_found = IS_ENABLED(CONFIG_BOOT_CONFIG_FORCE);
 static size_t initargs_offs;
 #else
 # define bootconfig_found false

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ