| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Aug 2023 08:32:57 +0200
From: Michal Suchánek <msuchanek@...e.de>
To: "Leizhen (ThunderTown)" <thunder.leizhen@...wei.com>
Cc: Eric DeVolder <eric.devolder@...cle.com>, linux@...linux.org.uk,
catalin.marinas@....com, will@...nel.org, chenhuacai@...nel.org,
geert@...ux-m68k.org, tsbogend@...ha.franken.de,
James.Bottomley@...senpartnership.com, deller@....de,
ysato@...rs.sourceforge.jp, dalias@...c.org,
glaubitz@...sik.fu-berlin.de, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, dave.hansen@...ux.intel.com, x86@...nel.org,
linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
linux-ia64@...r.kernel.org, loongarch@...ts.linux.dev,
linux-m68k@...ts.linux-m68k.org, linux-mips@...r.kernel.org,
linux-parisc@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
linux-riscv@...ts.infradead.org, linux-s390@...r.kernel.org,
linux-sh@...r.kernel.org, peterz@...radead.org,
linus.walleij@...aro.org, hpa@...or.com, kernel@...0n.name,
ardb@...nel.org, tsi@...oix.net, agordeev@...ux.ibm.com,
paulmck@...nel.org, bhe@...hat.com, masahiroy@...nel.org,
konrad.wilk@...cle.com, sebastian.reichel@...labora.com,
samitolvanen@...gle.com, ojeda@...nel.org,
juerg.haefliger@...onical.com, borntraeger@...ux.ibm.com,
frederic@...nel.org, arnd@...db.de, mhiramat@...nel.org,
aou@...s.berkeley.edu, keescook@...omium.org, gor@...ux.ibm.com,
anshuman.khandual@....com, hca@...ux.ibm.com, xin3.li@...el.com,
npiggin@...il.com, rmk+kernel@...linux.org.uk,
paul.walmsley@...ive.com, boris.ostrovsky@...cle.com,
ziy@...dia.com, hbathini@...ux.ibm.com, gregkh@...uxfoundation.org,
kirill.shutemov@...ux.intel.com, ndesaulniers@...gle.com,
sourabhjain@...ux.ibm.com, palmer@...belt.com, svens@...ux.ibm.com,
tj@...nel.org, akpm@...ux-foundation.org, rppt@...nel.org
Subject: Re: [PATCH v6 02/14] x86/kexec: refactor for kernel/Kconfig.kexec
Hello,
On Thu, Jul 13, 2023 at 07:13:57PM +0800, Leizhen (ThunderTown) wrote:
>
>
> On 2023/7/13 0:15, Eric DeVolder wrote:
> > The kexec and crash kernel options are provided in the common
> > kernel/Kconfig.kexec. Utilize the common options and provide
> > the ARCH_SUPPORTS_ and ARCH_SELECTS_ entries to recreate the
> > equivalent set of KEXEC and CRASH options.
> >
> > Signed-off-by: Eric DeVolder <eric.devolder@...cle.com>
> > ---
> > arch/x86/Kconfig | 92 ++++++++++--------------------------------------
> > 1 file changed, 19 insertions(+), 73 deletions(-)
> >
> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > index 7422db409770..9767a343f7c2 100644
> > --- a/arch/x86/Kconfig
> > +++ b/arch/x86/Kconfig
> > @@ -2040,88 +2040,34 @@ config EFI_RUNTIME_MAP
> >
> > source "kernel/Kconfig.hz"
> >
> > -config KEXEC
> > - bool "kexec system call"
> > - select KEXEC_CORE
> > - help
> > - kexec is a system call that implements the ability to shutdown your
> > - current kernel, and to start another kernel. It is like a reboot
> > - but it is independent of the system firmware. And like a reboot
> > - you can start any kernel with it, not just Linux.
> > -
> > - The name comes from the similarity to the exec system call.
> > -
> > - It is an ongoing process to be certain the hardware in a machine
> > - is properly shutdown, so do not be surprised if this code does not
> > - initially work for you. As of this writing the exact hardware
> > - interface is strongly in flux, so no good recommendation can be
> > - made.
> > -
> > -config KEXEC_FILE
> > - bool "kexec file based system call"
> > - select KEXEC_CORE
> > - select HAVE_IMA_KEXEC if IMA
> > - depends on X86_64
> > - depends on CRYPTO=y
> > - depends on CRYPTO_SHA256=y
> > - help
> > - This is new version of kexec system call. This system call is
> > - file based and takes file descriptors as system call argument
> > - for kernel and initramfs as opposed to list of segments as
> > - accepted by previous system call.
> > +config ARCH_SUPPORTS_KEXEC
> > + def_bool y
>
> In v5, Joel Fernandes seems to suggest you change it to the following form:
It's unfortunate that the suggestion did not make it to the mailinglist.
> In arch/Kconfig:
> +config ARCH_SUPPORTS_KEXEC
> + bool
>
> In arch/x86/Kconfig:
> config X86
> ... ...
> + select ARCH_SUPPORTS_KEXEC
>
> In arch/arm64/Kconfig:
> config ARM64
> ... ...
> + select ARCH_SUPPORTS_KEXEC if PM_SLEEP_SMP
Which might work for this case
>
> etc..
>
> You can refer to ARCH_HAS_DEBUG_VIRTUAL.
>
> >
> > -config ARCH_HAS_KEXEC_PURGATORY
> > - def_bool KEXEC_FILE
> > +config ARCH_SUPPORTS_KEXEC_FILE
> > + def_bool X86_64 && CRYPTO && CRYPTO_SHA256
> >
> > -config KEXEC_SIG
> > - bool "Verify kernel signature during kexec_file_load() syscall"
> > +config ARCH_SELECTS_KEXEC_FILE
> > + def_bool y
> > depends on KEXEC_FILE
> > - help
> > + select HAVE_IMA_KEXEC if IMA
but not this case, at least not this trivially.
Than for consistency it looks better to keep as is.
Thanks
Michal
> >
> > - This option makes the kexec_file_load() syscall check for a valid
> > - signature of the kernel image. The image can still be loaded without
> > - a valid signature unless you also enable KEXEC_SIG_FORCE, though if
> > - there's a signature that we can check, then it must be valid.
> > +config ARCH_HAS_KEXEC_PURGATORY
> > + def_bool KEXEC_FILE
> >
> > - In addition to this option, you need to enable signature
> > - verification for the corresponding kernel image type being
> > - loaded in order for this to work.
> > +config ARCH_SUPPORTS_KEXEC_SIG
> > + def_bool y
> >
> > -config KEXEC_SIG_FORCE
> > - bool "Require a valid signature in kexec_file_load() syscall"
> > - depends on KEXEC_SIG
> > - help
> > - This option makes kernel signature verification mandatory for
> > - the kexec_file_load() syscall.
> > +config ARCH_SUPPORTS_KEXEC_SIG_FORCE
> > + def_bool y
> >
> > -config KEXEC_BZIMAGE_VERIFY_SIG
> > - bool "Enable bzImage signature verification support"
> > - depends on KEXEC_SIG
> > - depends on SIGNED_PE_FILE_VERIFICATION
> > - select SYSTEM_TRUSTED_KEYRING
> > - help
> > - Enable bzImage signature verification support.
> > +config ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG
> > + def_bool y
> >
> > -config CRASH_DUMP
> > - bool "kernel crash dumps"
> > - depends on X86_64 || (X86_32 && HIGHMEM)
> > - help
> > - Generate crash dump after being started by kexec.
> > - This should be normally only set in special crash dump kernels
> > - which are loaded in the main kernel with kexec-tools into
> > - a specially reserved region and then later executed after
> > - a crash by kdump/kexec. The crash dump kernel must be compiled
> > - to a memory address not used by the main kernel or BIOS using
> > - PHYSICAL_START, or it must be built as a relocatable image
> > - (CONFIG_RELOCATABLE=y).
> > - For more details see Documentation/admin-guide/kdump/kdump.rst
> > +config ARCH_SUPPORTS_KEXEC_JUMP
> > + def_bool y
> >
> > -config KEXEC_JUMP
> > - bool "kexec jump"
> > - depends on KEXEC && HIBERNATION
> > - help
> > - Jump between original kernel and kexeced kernel and invoke
> > - code in physical address mode via KEXEC
> > +config ARCH_SUPPORTS_CRASH_DUMP
> > + def_bool X86_64 || (X86_32 && HIGHMEM)
> >
> > config PHYSICAL_START
> > hex "Physical address where the kernel is loaded" if (EXPERT || CRASH_DUMP)
> >
>
> --
> Regards,
> Zhen Lei
Powered by blists - more mailing lists