lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJM55Z_V4S1JDnqb2ACQBn7Z=oFha5QbpurYM6AW_Upo0G8N3A@mail.gmail.com>
Date:   Mon, 16 Oct 2023 01:17:02 -0700
From:   Emil Renner Berthing <emil.renner.berthing@...onical.com>
To:     Song Shuai <songshuaishuai@...ylab.org>,
        Emil Renner Berthing <emil.renner.berthing@...onical.com>,
        paul.walmsley@...ive.com, palmer@...belt.com,
        aou@...s.berkeley.edu, lihuafei1@...wei.com,
        conor.dooley@...rochip.com, liaochang1@...wei.com,
        ajones@...tanamicro.com, alexghiti@...osinc.com, evan@...osinc.com,
        sunilvl@...tanamicro.com, xianting.tian@...ux.alibaba.com,
        samitolvanen@...gle.com, masahiroy@...nel.org,
        apatel@...tanamicro.com, jszhang@...nel.org, duwe@...e.de,
        eric.devolder@...cle.com
Cc:     linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] riscv: kexec_file: Support loading Image binary file

Song Shuai wrote:
>
>
> 在 2023/10/11 18:48, Emil Renner Berthing 写道:
> > Song Shuai wrote:
> >>
> >>
> >> 在 2023/9/14 16:37, Emil Renner Berthing 写道:
> >>> Song Shuai wrote:
> >>>> This patch creates image_kexec_ops to load Image binary file
> >>>> for kexec_file_load() syscall.
> >>>>
> >>>> Signed-off-by: Song Shuai <songshuaishuai@...ylab.org>
> >>>> ---
> >>>>    arch/riscv/include/asm/image.h         |  2 +
> >>>>    arch/riscv/include/asm/kexec.h         |  1 +
> >>>>    arch/riscv/kernel/Makefile             |  2 +-
> >>>>    arch/riscv/kernel/kexec_image.c        | 97 ++++++++++++++++++++++++++
> >>>>    arch/riscv/kernel/machine_kexec_file.c |  1 +
> >>>>    5 files changed, 102 insertions(+), 1 deletion(-)
> >>>>    create mode 100644 arch/riscv/kernel/kexec_image.c
> >>>>
> >>>> diff --git a/arch/riscv/include/asm/image.h b/arch/riscv/include/asm/image.h
> >>>> index e0b319af3681..8927a6ea1127 100644
> >>>> --- a/arch/riscv/include/asm/image.h
> >>>> +++ b/arch/riscv/include/asm/image.h
> >>>> @@ -30,6 +30,8 @@
> >>>>    			      RISCV_HEADER_VERSION_MINOR)
> >>>>
> >>>>    #ifndef __ASSEMBLY__
> >>>> +#define riscv_image_flag_field(flags, field)\
> >>>> +			       (((flags) >> field##_SHIFT) & field##_MASK)
> >>>
> >>> Hi Song,
> >>>
> >>> This macro is almost FIELD_GET from linux/bitfield.h ..
> >>>
> >>>>    /**
> >>>>     * struct riscv_image_header - riscv kernel image header
> >>>>     * @code0:		Executable code
> >>>> diff --git a/arch/riscv/include/asm/kexec.h b/arch/riscv/include/asm/kexec.h
> >>>> index 518825fe4160..b9ee8346cc8c 100644
> >>>> --- a/arch/riscv/include/asm/kexec.h
> >>>> +++ b/arch/riscv/include/asm/kexec.h
> >>>> @@ -56,6 +56,7 @@ extern riscv_kexec_method riscv_kexec_norelocate;
> >>>>
> >>>>    #ifdef CONFIG_KEXEC_FILE
> >>>>    extern const struct kexec_file_ops elf_kexec_ops;
> >>>> +extern const struct kexec_file_ops image_kexec_ops;
> >>>>
> >>>>    struct purgatory_info;
> >>>>    int arch_kexec_apply_relocations_add(struct purgatory_info *pi,
> >>>> diff --git a/arch/riscv/kernel/Makefile b/arch/riscv/kernel/Makefile
> >>>> index 1c62c639e875..9ecba3231a36 100644
> >>>> --- a/arch/riscv/kernel/Makefile
> >>>> +++ b/arch/riscv/kernel/Makefile
> >>>> @@ -86,7 +86,7 @@ endif
> >>>>    obj-$(CONFIG_HOTPLUG_CPU)	+= cpu-hotplug.o
> >>>>    obj-$(CONFIG_KGDB)		+= kgdb.o
> >>>>    obj-$(CONFIG_KEXEC_CORE)	+= kexec_relocate.o crash_save_regs.o machine_kexec.o
> >>>> -obj-$(CONFIG_KEXEC_FILE)	+= kexec_elf.o machine_kexec_file.o
> >>>> +obj-$(CONFIG_KEXEC_FILE)	+= kexec_elf.o kexec_image.o machine_kexec_file.o
> >>>>    obj-$(CONFIG_CRASH_DUMP)	+= crash_dump.o
> >>>>    obj-$(CONFIG_CRASH_CORE)	+= crash_core.o
> >>>>
> >>>> diff --git a/arch/riscv/kernel/kexec_image.c b/arch/riscv/kernel/kexec_image.c
> >>>> new file mode 100644
> >>>> index 000000000000..b6aa7f59bd53
> >>>> --- /dev/null
> >>>> +++ b/arch/riscv/kernel/kexec_image.c
> >>>> @@ -0,0 +1,97 @@
> >>>> +// SPDX-License-Identifier: GPL-2.0
> >>>> +/*
> >>>> + * RISC-V Kexec image loader
> >>>> + *
> >>>> + */
> >>>> +
> >>>> +#define pr_fmt(fmt)	"kexec_file(Image): " fmt
> >>>> +
> >>>> +#include <linux/err.h>
> >>>> +#include <linux/errno.h>
> >>>> +#include <linux/kernel.h>
> >>>> +#include <linux/kexec.h>
> >>>> +#include <linux/pe.h>
> >>>> +#include <linux/string.h>
> >>>> +#include <asm/byteorder.h>
> >>>> +#include <asm/image.h>
> >>>> +
> >>>> +static int image_probe(const char *kernel_buf, unsigned long kernel_len)
> >>>> +{
> >>>> +	const struct riscv_image_header *h =
> >>>> +		(const struct riscv_image_header *)(kernel_buf);
> >>>> +
> >>>> +	if (!h || (kernel_len < sizeof(*h)))
> >>>> +		return -EINVAL;
> >>>> +
> >>>> +	/* According to Documentation/riscv/boot-image-header.rst,
> >>>> +	 * use "magic2" field to check when version >= 0.2.
> >>>> +	 */
> >>>> +
> >>>> +	if (h->version >= RISCV_HEADER_VERSION &&
> >>>> +	    memcmp(&h->magic2, RISCV_IMAGE_MAGIC2, sizeof(h->magic2)))
> >>>> +		return -EINVAL;
> >>>> +
> >>>> +	return 0;
> >>>> +}
> >>>> +
> >>>> +static void *image_load(struct kimage *image,
> >>>> +				char *kernel, unsigned long kernel_len,
> >>>> +				char *initrd, unsigned long initrd_len,
> >>>> +				char *cmdline, unsigned long cmdline_len)
> >>>> +{
> >>>> +	struct riscv_image_header *h;
> >>>> +	u64 flags;
> >>>> +	bool be_image, be_kernel;
> >>>> +	struct kexec_buf kbuf;
> >>>> +	int ret;
> >>>> +
> >>>> +	/* Check Image header */
> >>>> +	h = (struct riscv_image_header *)kernel;
> >>>> +	if (!h->image_size) {
> >>>> +		ret = -EINVAL;
> >>>> +		goto out;
> >>>> +	}
> >>>> +
> >>>> +	/* Check endianness */
> >>>> +	flags = le64_to_cpu(h->flags);
> >>>> +	be_image = riscv_image_flag_field(flags, RISCV_IMAGE_FLAG_BE);
> >>>
> >>> ..but here you're just testing a single bit, so since be_image is a bool it
> >>> could just be
> >>> 	be_image = flags & RISCV_IMAGE_FLAG_BE_MASK;
> >>>
> >>> /Emil
> >> Hi Emil,
> >>
> >> Sorry for the delayed response,
> >>
> >> The `flags` field currently only has bit-0 to indicate the kenrel
> >> endianness, your comment looks good in this case.
> >>
> >> While considering the future extension of the `flags` feild, the
> >> riscv_image_flag_field() is neccessiry to make callers to require the
> >> bits they want.
> >
> > Right, but please don't invent your own FIELD_GET then.
>
> Hi Emil,
>
> I tried to use FIELD_PREP/FIELD_GET to set/get the RISCV_IMAGE_FLAG_BE,
> but using FIELD_PREP to define the __HEAD_FLAGS (used in head.S) emitted
> AS build error and the final .s file looked like:
>
>   883  .dword _end - _start
>   884  .dword (({ ({ do { } while (0); do { } while (0); do { } while
> (0); do { } while (0); do { } while (0); }); ((typeof((((1)) <<
> (0))))(0) << (__builtin_ffsll((((1)) << (0))) - 1)) & ((((1)) << (0))); }))
>
> IIUC the FIELD_PREP can't work well in this asm context, and using
> FILED_GET without FIELD_PREP paired looks not good to me.
>
> The original riscv/*/image.h and the riscv_image_flag_filed() of this
> patch just do what arm64 does, so I still like to keep them.

Hi Song,

Your riscv_image_flag_field macro is already guarded by a #ifndef __ASSEMBLY__
and your patches above doesn't touch any __HEAD_FLAGS macro, so I don't know
what you're trying to do with FIELD_PREP.

What I'm saying is that instead of defining the riscv_image_flag_field macro
you can just do

-be_image = riscv_image_flag_field(flags, RISCV_IMAGE_FLAG_BE);
+be_image = FIELD_GET(RISCV_IMAGE_FLAG_BE, flags);

/Emil

> I also found that Patch1 has a build issue due to my previous uncareful
> cherry-picking,
> V2 will be sent to fix it if you're ok this patch without bitfield armed.
>
> I would like to listen to your advice.
>
> >
> >>
> >> So I prefer to keep this snippet.
> >>>
> >>>> +	be_kernel = IS_ENABLED(CONFIG_CPU_BIG_ENDIAN);
> >>>> +	if (be_image != be_kernel) {
> >>>> +		ret = -EINVAL;
> >>>> +		goto out;
> >>>> +	}
> >>>> +
> >>>> +	/* Load the kernel image */
> >>>> +	kbuf.image = image;
> >>>> +	kbuf.buf_min = 0;
> >>>> +	kbuf.buf_max = ULONG_MAX;
> >>>> +	kbuf.top_down = false;
> >>>> +
> >>>> +	kbuf.buffer = kernel;
> >>>> +	kbuf.bufsz = kernel_len;
> >>>> +	kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
> >>>> +	kbuf.memsz = le64_to_cpu(h->image_size);
> >>>> +	kbuf.buf_align = le64_to_cpu(h->text_offset);
> >>>> +
> >>>> +	ret = kexec_add_buffer(&kbuf);
> >>>> +	if (ret) {
> >>>> +		pr_err("Error add kernel image ret=%d\n", ret);
> >>>> +		goto out;
> >>>> +	}
> >>>> +
> >>>> +	image->start = kbuf.mem;
> >>>> +
> >>>> +	pr_info("Loaded kernel at 0x%lx bufsz=0x%lx memsz=0x%lx\n",
> >>>> +				kbuf.mem, kbuf.bufsz, kbuf.memsz);
> >>>> +
> >>>> +	ret = load_extra_segments(image, kbuf.mem, kbuf.memsz,
> >>>> +				  initrd, initrd_len, cmdline, cmdline_len);
> >>>> +
> >>>> +out:
> >>>> +	return ret ? ERR_PTR(ret) : NULL;
> >>>> +}
> >>>> +
> >>>> +const struct kexec_file_ops image_kexec_ops = {
> >>>> +	.probe = image_probe,
> >>>> +	.load = image_load,
> >>>> +};
> >>>> diff --git a/arch/riscv/kernel/machine_kexec_file.c b/arch/riscv/kernel/machine_kexec_file.c
> >>>> index aedb8c16a283..5dc700834f1e 100644
> >>>> --- a/arch/riscv/kernel/machine_kexec_file.c
> >>>> +++ b/arch/riscv/kernel/machine_kexec_file.c
> >>>> @@ -17,6 +17,7 @@
> >>>>
> >>>>    const struct kexec_file_ops * const kexec_file_loaders[] = {
> >>>>    	&elf_kexec_ops,
> >>>> +	&image_kexec_ops,
> >>>>    	NULL
> >>>>    };
> >>>>
> >>>> --
> >>>> 2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ