| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZJFhlsFN6DxnWsQE@MiWiFi-R3L-srv>
Date: Tue, 20 Jun 2023 16:21:42 +0800
From: Baoquan He <bhe@...hat.com>
To: Eric DeVolder <eric.devolder@...cle.com>
Cc: linux@...linux.org.uk, catalin.marinas@....com, will@...nel.org,
chenhuacai@...nel.org, geert@...ux-m68k.org,
tsbogend@...ha.franken.de, James.Bottomley@...senpartnership.com,
deller@....de, ysato@...rs.sourceforge.jp, dalias@...c.org,
glaubitz@...sik.fu-berlin.de, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, dave.hansen@...ux.intel.com, x86@...nel.org,
linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
linux-ia64@...r.kernel.org, loongarch@...ts.linux.dev,
linux-m68k@...ts.linux-m68k.org, linux-mips@...r.kernel.org,
linux-parisc@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
linux-riscv@...ts.infradead.org, linux-s390@...r.kernel.org,
linux-sh@...r.kernel.org, kernel@...0n.name, mpe@...erman.id.au,
npiggin@...il.com, christophe.leroy@...roup.eu,
paul.walmsley@...ive.com, palmer@...belt.com,
aou@...s.berkeley.edu, hca@...ux.ibm.com, gor@...ux.ibm.com,
agordeev@...ux.ibm.com, borntraeger@...ux.ibm.com,
svens@...ux.ibm.com, hpa@...or.com, keescook@...omium.org,
paulmck@...nel.org, peterz@...radead.org, frederic@...nel.org,
akpm@...ux-foundation.org, ardb@...nel.org,
samitolvanen@...gle.com, juerg.haefliger@...onical.com,
arnd@...db.de, rmk+kernel@...linux.org.uk,
linus.walleij@...aro.org, sebastian.reichel@...labora.com,
rppt@...nel.org, kirill.shutemov@...ux.intel.com,
anshuman.khandual@....com, ziy@...dia.com, masahiroy@...nel.org,
ndesaulniers@...gle.com, mhiramat@...nel.org, ojeda@...nel.org,
thunder.leizhen@...wei.com, xin3.li@...el.com, tj@...nel.org,
gregkh@...uxfoundation.org, tsi@...oix.net, hbathini@...ux.ibm.com,
sourabhjain@...ux.ibm.com, boris.ostrovsky@...cle.com,
konrad.wilk@...cle.com
Subject: Re: [PATCH v2 02/13] x86/kexec: refactor for kernel/Kconfig.kexec
Hi Eric,
On 06/19/23 at 10:57am, Eric DeVolder wrote:
......
> +config ARCH_SUPPORTS_KEXEC
> + def_bool y
>
> -config ARCH_HAS_KEXEC_PURGATORY
> - def_bool KEXEC_FILE
> +config ARCH_SUPPORTS_KEXEC_FILE
> + def_bool X86_64 && CRYPTO && CRYPTO_SHA256
......
> +config ARCH_SELECTS_KEXEC_FILE
> + def_bool y
> depends on KEXEC_FILE
> - help
I am a little confused about this ARCH_SELECTS_XX adding. Wondering what
limits us defining the ARCH_SUPPORTS_KEXEC_FILE like below? I have limited
knowledge about Kconfig, please correct me if I am wrong. Thanks in
advance.
+config ARCH_SUPPORTS_KEXEC_FILE
+ def_bool y
depends on KEXEC_FILE
depends on X86_64 && CRYPTO && CRYPTO_SHA256
> -
> - This option makes the kexec_file_load() syscall check for a valid
> - signature of the kernel image. The image can still be loaded without
> - a valid signature unless you also enable KEXEC_SIG_FORCE, though if
> - there's a signature that we can check, then it must be valid.
> -
> - In addition to this option, you need to enable signature
> - verification for the corresponding kernel image type being
> - loaded in order for this to work.
> -
Powered by blists - more mailing lists