The Kconfig is refactored to consolidate KEXEC and CRASH options from
various arch/<arch>/Kconfig files into new file kernel/Kconfig.kexec.
The Kconfig.kexec is now a submenu titled "Kexec and crash features"
located under "General Setup".
The following options are impacted:
- KEXEC
- KEXEC_FILE
- KEXEC_SIG
- KEXEC_SIG_FORCE
- KEXEC_BZIMAGE_VERIFY_SIG
- KEXEC_JUMP
- CRASH_DUMP
Over time, these options have been copied between Kconfig files and
are very similar to one another, but with slight differences.
The following architectures are impacted by the refactor (because of
use of one or more KEXEC/CRASH options):
- arm
- arm64
- ia64
- loongarch
- m68k
- mips
- parisc
- powerpc
- riscv
- s390
- sh
- x86
More information:
In the patch series "crash: Kernel handling of CPU and memory hot
un/plug"
https://lore.kernel.org/lkml/[email protected]/
the new kernel feature introduces the config option CRASH_HOTPLUG.
In reviewing, Thomas Gleixner requested that the new config option
not be placed in x86 Kconfig. Rather the option needs a generic/common
home. To Thomas' point, the KEXEC and CRASH options have largely been
duplicated in the various arch/<arch>/Kconfig files, with minor
differences. This kind of proliferation is to be avoid/stopped.
https://lore.kernel.org/lkml/875y91yv63.ffs@tglx/
To that end, I have refactored the arch Kconfigs so as to consolidate
the various KEXEC and CRASH options. Generally speaking, this work has
the following themes:
- KEXEC and CRASH options are moved into new file kernel/Kconfig.kexec
- These items from arch/Kconfig:
CRASH_CORE KEXEC_CORE KEXEC_ELF HAVE_IMA_KEXEC
- These items from arch/x86/Kconfig form the common options:
KEXEC KEXEC_FILE KEXEC_SIG KEXEC_SIG_FORCE
KEXEC_BZIMAGE_VERIFY_SIG KEXEC_JUMP CRASH_DUMP
- The crash hotplug series appends CRASH_HOTPLUG to Kconfig.kexec
NOTE: PHYSICAL_START could be argued to be included in this series.
- The Kconfig.kexec is now a submenu titled "Kexec and crash features"
- The Kconfig.kexec is now listed in "General Setup" submenu from
init/Kconfig
- To control the main common options, new options ARCH_HAS_KEXEC,
ARCH_HAS_KEXEC_FILE and ARCH_HAS_CRASH_DUMP are introduced.
NOTE: I went with ARCH_HAS_ due to the existing ARCH_HAS_KEXEC_PURGATORY.
- To account for the slight differences, new options ARCH_SUPPORTS_KEXEC,
ARCH_SUPPORTS_KEXEC_FILE and ARCH_SUPPORTS_CRASH_DUMP are used to
elicit the same side effects as the original arch/<arch>/Kconfig
files for KEXEC and CRASH options.
NOTE: I'm open to a better name than 'ARCH_SUPPORTS', perhaps
ARCH_CUSTOMIZE ?
An example, 'make menuconfig' illustrating the submenu:
> General setup > Kexec and crash features
[*] Enable kexec system call
[*] Enable kexec file based system call
[*] Verify kernel signature during kexec_file_load() syscall
[ ] Require a valid signature in kexec_file_load() syscall
[ ] Enable bzImage signature verification support
[*] kexec jump
[*] kernel crash dumps
[*] Update the crash elfcorehdr on system configuration changes
The three main options are KEXEC, KEXEC_FILE and CRASH_DUMP. In the
process of consolidating these options, I encountered slight differences
in the coding of these options in several of the architectures. As a
result, I settled on the following solution:
- Each of three main options has a 'depends on ARCH_HAS_<option>'
statement: ARCH_HAS_KEXEC, ARCH_HAS_KEXEC_FILE, ARCH_HAS_CRASH_DUMP.
For example, the KEXEC_FILE option has a 'depends on
ARCH_HAS_KEXEC_FILE' statement.
- The boolean ARCH_HAS_<option> in effect allows the arch to determine
when the feature is allowed. Archs which don't have the feature
simply do not provide the corresponding ARCH_HAS_<option>.
For each arch, where there previously were KEXEC and/or CRASH
options, these have been replaced with the corresponding boolean
ARCH_HAS_<option>, and an appropriate def_bool statement.
For example, if the arch supports KEXEC_FILE, then the
ARCH_HAS_KEXEC_FILE simply has a 'def_bool y'. This permits the
KEXEC_FILE option to be available.
If the arch has a 'depends on' statement in its original coding
of the option, then that expression becomes part of the def_bool
expression. For example, arm64 had:
config KEXEC
depends on PM_SLEEP_SMP
and in this solution, this converts to:
config ARCH_HAS_KEXEC
def_bool PM_SLEEP_SMP
- In order to account for the differences in the config coding for
the three common options, the ARCH_SUPPORTS_<option> is used.
This options has a 'depends on <option>' statement to couple it
to the main option, and from there can insert the differences
from the common option and the arch original coding of that option.
For example, a few archs enable CRYPTO and CRYTPO_SHA256 for
KEXEC_FILE. These require a ARCH_SUPPORTS_KEXEC_FILE and
'select CRYPTO' and 'select CRYPTO_SHA256' statements.
Illustrating the option relationships:
For KEXEC:
ARCH_HAS_KEXEC <- KEXEC <- ARCH_SUPPORTS_KEXEC
KEXEC # in Kconfig.kexec
ARCH_HAS_KEXEC # in arch/<arch>/Kconfig, as needed
ARCH_SUPPORTS_KEXEC # in arch/<arch>/Kconfig, as needed
For KEXEC_FILE:
ARCH_HAS_KEXEC_FILE <- KEXEC_FILE <- ARCH_SUPPORTS_KEXEC_FILE
KEXEC_FILE # in Kconfig.kexec
ARCH_HAS_KEXEC_FILE # in arch/<arch>/Kconfig, as needed
ARCH_SUPPORTS_KEXEC_FILE # in arch/<arch>/Kconfig, as needed
For CRASH:
ARCH_HAS_CRASH_DUMP <- CRASH_DUMP <- ARCH_SUPPORTS_CRASH_DUMP
CRASH_DUMP # in Kconfig.kexec
ARCH_HAS_CRASH_DUMP # in arch/<arch>/Kconfig, as needed
ARCH_SUPPORTS_CRASH_DUMP # in arch/<arch>/Kconfig, as needed
To summarize, the ARCH_HAS_<option> permits the <option> to be
enabled, and the ARCH_SUPPORTS_<option> handles side effects (ie.
select statements).
Examples:
A few examples to show the new strategy in action:
===== x86 (minus the help section) =====
Original:
config KEXEC
bool "kexec system call"
select KEXEC_CORE
config KEXEC_FILE
bool "kexec file based system call"
select KEXEC_CORE
select HAVE_IMA_KEXEC if IMA
depends on X86_64
depends on CRYPTO=y
depends on CRYPTO_SHA256=y
config ARCH_HAS_KEXEC_PURGATORY
def_bool KEXEC_FILE
config KEXEC_SIG
bool "Verify kernel signature during kexec_file_load() syscall"
depends on KEXEC_FILE
config KEXEC_SIG_FORCE
bool "Require a valid signature in kexec_file_load() syscall"
depends on KEXEC_SIG
config KEXEC_BZIMAGE_VERIFY_SIG
bool "Enable bzImage signature verification support"
depends on KEXEC_SIG
depends on SIGNED_PE_FILE_VERIFICATION
select SYSTEM_TRUSTED_KEYRING
config CRASH_DUMP
bool "kernel crash dumps"
depends on X86_64 || (X86_32 && HIGHMEM)
config KEXEC_JUMP
bool "kexec jump"
depends on KEXEC && HIBERNATION
help
becomes...
New:
config ARCH_HAS_KEXEC
def_bool y
config ARCH_HAS_KEXEC_FILE
def_bool X86_64 && CRYPTO && CRYPTO_SHA256
config ARCH_SUPPORTS_KEXEC_FILE
def_bool y
depends on KEXEC_FILE
select HAVE_IMA_KEXEC if IMA
config ARCH_HAS_KEXEC_PURGATORY
def_bool KEXEC_FILE
config ARCH_HAS_KEXEC_JUMP
def_bool y
config ARCH_HAS_CRASH_DUMP
def_bool X86_64 || (X86_32 && HIGHMEM)
===== powerpc (minus the help section) =====
Original:
config KEXEC
bool "kexec system call"
depends on PPC_BOOK3S || PPC_E500 || (44x && !SMP)
select KEXEC_CORE
config KEXEC_FILE
bool "kexec file based system call"
select KEXEC_CORE
select HAVE_IMA_KEXEC if IMA
select KEXEC_ELF
depends on PPC64
depends on CRYPTO=y
depends on CRYPTO_SHA256=y
config ARCH_HAS_KEXEC_PURGATORY
def_bool KEXEC_FILE
config CRASH_DUMP
bool "Build a dump capture kernel"
depends on PPC64 || PPC_BOOK3S_32 || PPC_85xx || (44x && !SMP)
select RELOCATABLE if PPC64 || 44x || PPC_85xx
becomes...
New:
config ARCH_HAS_KEXEC
def_bool PPC_BOOK3S || PPC_E500 || (44x && !SMP)
config ARCH_HAS_KEXEC_FILE
def_bool PPC64 && CRYPTO && CRYPTO_SHA256
config ARCH_HAS_KEXEC_PURGATORY
def_bool KEXEC_FILE
config ARCH_SUPPORTS_KEXEC_FILE
def_bool y
depends on KEXEC_FILE
select KEXEC_ELF
select HAVE_IMA_KEXEC if IMA
config ARCH_HAS_CRASH_DUMP
def_bool PPC64 || PPC_BOOK3S_32 || PPC_85xx || (44x && !SMP)
config ARCH_SUPPORTS_CRASH_DUMP
def_bool y
depends on CRASH_DUMP
select RELOCATABLE if PPC64 || 44x || PPC_85xx
Testing Approach and Results
There are 388 config files in the arch/<arch>/configs directories.
For each of these config files, a .config is generated both before and
after this Kconfig series, and checked for equivalence. This approach
allows for a rather rapid check of all architectures and a wide
variety of configs wrt/ KEXEC and CRASH, and avoids requiring
compiling for all architectures and running kernels and run-time
testing.
As such, I developed the following script to compare the before and
after of 'make olddefconfig'. The new symbols introduced by this
series are filtered out, but otherwise the config files are PASS
only if they were equivalent, and FAIL otherwise.
The script performs the test by doing the following:
# Obtain the "golden" .config output for given config file
# Reset test sandbox
git checkout master
git branch -D test_Kconfig
git checkout -B test_Kconfig master
make distclean
# Write out updated config
cp -f <config file> .config
make ARCH=<arch> olddefconfig
# Track each item in .config, LHSB is "golden"
scoreboard .config
# Obtain the "changed" .config output for given config file
# Reset test sandbox
make distclean
# Apply this Kconfig series
git am <this Kconfig series>
# Write out updated config
cp -f <config file> .config
make ARCH=<arch> olddefconfig
# Track each item in .config, RHSB is "changed"
scoreboard .config
# Determine test result
# Filter-out new symbols introduced by this series
# Filter-out symbol=n which not in either scoreboard
# Compare LHSB "golden" and RHSB "changed" scoreboards and issue PASS/FAIL
The script was instrumental during the refactoring of Kconfig as it
continually revealed problems. The end result being that the solution
presented in this series passes all configs as checked by the script.
Regards,
eric
---
v1: 12jun2023
- Initial
- Based on 6.4.0-rc6
---
Eric DeVolder (21):
kexec: consolidate kexec and crash options into kernel/Kconfig.kexec
x86/kexec: refactor for kernel/Kconfig.kexec
arm/kexec: refactor for kernel/Kconfig.kexec
ia64/kexec: refactor for kernel/Kconfig.kexec
arm64/kexec: refactor for kernel/Kconfig.kexec
loongarch/kexec: refactor for kernel/Kconfig.kexec
m68k/kexec: refactor for kernel/Kconfig.kexec
mips/kexec: refactor for kernel/Kconfig.kexec
parisc/kexec: refactor for kernel/Kconfig.kexec
powerpc/kexec: refactor for kernel/Kconfig.kexec
riscv/kexec: refactor for kernel/Kconfig.kexec
s390/kexec: refactor for kernel/Kconfig.kexec
sh/kexec: refactor for kernel/Kconfig.kexec
crash: move a few code bits to setup support of crash hotplug
crash: add generic infrastructure for crash hotplug support
kexec: exclude elfcorehdr from the segment digest
crash: memory and CPU hotplug sysfs attributes
x86/crash: add x86 crash hotplug support
crash: hotplug support for kexec_load()
crash: change crash_prepare_elf64_headers() to for_each_possible_cpu()
x86/crash: optimize CPU changes
.../admin-guide/mm/memory-hotplug.rst | 8 +
Documentation/core-api/cpu_hotplug.rst | 18 +
arch/Kconfig | 13 -
arch/arm/Kconfig | 29 +-
arch/arm64/Kconfig | 61 +--
arch/ia64/Kconfig | 28 +-
arch/loongarch/Kconfig | 26 +-
arch/m68k/Kconfig | 19 +-
arch/mips/Kconfig | 32 +-
arch/parisc/Kconfig | 34 +-
arch/powerpc/Kconfig | 55 +--
arch/riscv/Kconfig | 48 +--
arch/s390/Kconfig | 65 +---
arch/sh/Kconfig | 46 +--
arch/x86/Kconfig | 90 +----
arch/x86/include/asm/kexec.h | 18 +
arch/x86/kernel/crash.c | 140 ++++++-
drivers/base/cpu.c | 14 +
drivers/base/memory.c | 13 +
include/linux/crash_core.h | 9 +
include/linux/kexec.h | 63 +++-
include/uapi/linux/kexec.h | 1 +
init/Kconfig | 2 +
kernel/Kconfig.kexec | 134 +++++++
kernel/crash_core.c | 355 ++++++++++++++++++
kernel/kexec.c | 5 +
kernel/kexec_core.c | 6 +
kernel/kexec_file.c | 187 +--------
kernel/ksysfs.c | 15 +
29 files changed, 900 insertions(+), 634 deletions(-)
create mode 100644 kernel/Kconfig.kexec
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/m68k/Kconfig | 19 ++-----------------
1 file changed, 2 insertions(+), 17 deletions(-)
diff --git a/arch/m68k/Kconfig b/arch/m68k/Kconfig
index 40198a1ebe27..ec71199e75b4 100644
--- a/arch/m68k/Kconfig
+++ b/arch/m68k/Kconfig
@@ -88,23 +88,8 @@ config MMU_SUN3
bool
depends on MMU && !MMU_MOTOROLA && !MMU_COLDFIRE
-config KEXEC
- bool "kexec system call"
- depends on M68KCLASSIC && MMU
- select KEXEC_CORE
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
- The name comes from the similarity to the exec system call.
-
- It is an ongoing process to be certain the hardware in a machine
- is properly shutdown, so do not be surprised if this code does not
- initially work for you. As of this writing the exact hardware
- interface is strongly in flux, so no good recommendation can be
- made.
+config ARCH_HAS_KEXEC
+ def_bool M68KCLASSIC && MMU
config BOOTINFO_PROC
bool "Export bootinfo in procfs"
--
2.31.1
The config options for kexec and crash features are consolidated
into new file kernel/Kconfig.kexec. Under the "General Setup" submenu
is a new submenu "Kexec and crash handling" where all the kexec and
crash options that were once in the arch-dependent submenu "Processor
type and features" are now consolidated.
The following options are impacted:
- KEXEC
- KEXEC_FILE
- KEXEC_SIG
- KEXEC_SIG_FORCE
- KEXEC_BZIMAGE_VERIFY_SIG
- KEXEC_JUMP
- CRASH_DUMP
The three main options are KEXEC, KEXEC_FILE and CRASH_DUMP.
Architectures specify support of certain KEXEC and CRASH features with
similarly named new ARCH_HAS_<option> config options.
Architectures can utilize the new ARCH_SUPPORTS_<option> config
options to specify additional components when <option> is enabled.
To summarize, the ARCH_HAS_<option> permits the <option> to be
enabled, and the ARCH_SUPPORTS_<option> handles side effects (ie.
select statements).
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/Kconfig | 13 ------
init/Kconfig | 2 +
kernel/Kconfig.kexec | 103 +++++++++++++++++++++++++++++++++++++++++++
3 files changed, 105 insertions(+), 13 deletions(-)
create mode 100644 kernel/Kconfig.kexec
diff --git a/arch/Kconfig b/arch/Kconfig
index 205fd23e0cad..a37730679730 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -11,19 +11,6 @@ source "arch/$(SRCARCH)/Kconfig"
menu "General architecture-dependent options"
-config CRASH_CORE
- bool
-
-config KEXEC_CORE
- select CRASH_CORE
- bool
-
-config KEXEC_ELF
- bool
-
-config HAVE_IMA_KEXEC
- bool
-
config ARCH_HAS_SUBPAGE_FAULTS
bool
help
diff --git a/init/Kconfig b/init/Kconfig
index 32c24950c4ce..4424447e23a5 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1917,6 +1917,8 @@ config BINDGEN_VERSION_TEXT
config TRACEPOINTS
bool
+source "kernel/Kconfig.kexec"
+
endmenu # General setup
source "arch/Kconfig"
diff --git a/kernel/Kconfig.kexec b/kernel/Kconfig.kexec
new file mode 100644
index 000000000000..660048099865
--- /dev/null
+++ b/kernel/Kconfig.kexec
@@ -0,0 +1,103 @@
+# SPDX-License-Identifier: GPL-2.0-only
+
+menu "Kexec and crash features"
+
+config CRASH_CORE
+ bool
+
+config KEXEC_CORE
+ select CRASH_CORE
+ bool
+
+config KEXEC_ELF
+ bool
+
+config HAVE_IMA_KEXEC
+ bool
+
+config KEXEC
+ bool "Enable kexec system call"
+ default ARCH_DEFAULT_KEXEC
+ depends on ARCH_HAS_KEXEC
+ select KEXEC_CORE
+ help
+ kexec is a system call that implements the ability to shutdown your
+ current kernel, and to start another kernel. It is like a reboot
+ but it is independent of the system firmware. And like a reboot
+ you can start any kernel with it, not just Linux.
+
+ The name comes from the similarity to the exec system call.
+
+ It is an ongoing process to be certain the hardware in a machine
+ is properly shutdown, so do not be surprised if this code does not
+ initially work for you. As of this writing the exact hardware
+ interface is strongly in flux, so no good recommendation can be
+ made.
+
+config KEXEC_FILE
+ bool "Enable kexec file based system call"
+ depends on ARCH_HAS_KEXEC_FILE
+ select KEXEC_CORE
+ help
+ This is new version of kexec system call. This system call is
+ file based and takes file descriptors as system call argument
+ for kernel and initramfs as opposed to list of segments as
+ accepted by previous system call.
+
+config KEXEC_SIG
+ bool "Verify kernel signature during kexec_file_load() syscall"
+ depends on KEXEC_FILE && MODULE_SIG_FORMAT
+ help
+
+ This option makes the kexec_file_load() syscall check for a valid
+ signature of the kernel image. The image can still be loaded without
+ a valid signature unless you also enable KEXEC_SIG_FORCE, though if
+ there's a signature that we can check, then it must be valid.
+
+ In addition to this option, you need to enable signature
+ verification for the corresponding kernel image type being
+ loaded in order for this to work.
+
+config KEXEC_SIG_FORCE
+ bool "Require a valid signature in kexec_file_load() syscall"
+ depends on KEXEC_SIG
+ help
+ This option makes kernel signature verification mandatory for
+ the kexec_file_load() syscall.
+
+config KEXEC_BZIMAGE_VERIFY_SIG
+ bool "Enable bzImage signature verification support"
+ depends on KEXEC_SIG
+ depends on SIGNED_PE_FILE_VERIFICATION
+ select SYSTEM_TRUSTED_KEYRING
+ help
+ Enable bzImage signature verification support.
+
+config KEXEC_JUMP
+ bool "kexec jump"
+ depends on KEXEC && HIBERNATION
+ depends on ARCH_HAS_KEXEC_JUMP
+ help
+ Jump between original kernel and kexeced kernel and invoke
+ code in physical address mode via KEXEC
+
+config CRASH_DUMP
+ bool "kernel crash dumps"
+ depends on ARCH_HAS_CRASH_DUMP
+ select KEXEC_CORE
+ select CRASH_CORE
+ help
+ Generate crash dump after being started by kexec.
+ This should be normally only set in special crash dump kernels
+ which are loaded in the main kernel with kexec-tools into
+ a specially reserved region and then later executed after
+ a crash by kdump/kexec. The crash dump kernel must be compiled
+ to a memory address not used by the main kernel or BIOS using
+ PHYSICAL_START, or it must be built as a relocatable image
+ (CONFIG_RELOCATABLE=y).
+ For more details see Documentation/admin-guide/kdump/kdump.rst
+
+ For s390, this option also enables zfcpdump.
+ See also <file:Documentation/s390/zfcpdump.rst>
+
+endmenu
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
Reviewed-by: Sourabh Jain <[email protected]>
---
arch/powerpc/Kconfig | 55 ++++++++++++++------------------------------
1 file changed, 17 insertions(+), 38 deletions(-)
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index bff5820b7cda..36f2fe0cc8a5 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -588,41 +588,21 @@ config PPC64_SUPPORTS_MEMORY_FAILURE
default "y" if PPC_POWERNV
select ARCH_SUPPORTS_MEMORY_FAILURE
-config KEXEC
- bool "kexec system call"
- depends on PPC_BOOK3S || PPC_E500 || (44x && !SMP)
- select KEXEC_CORE
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
- The name comes from the similarity to the exec system call.
-
- It is an ongoing process to be certain the hardware in a machine
- is properly shutdown, so do not be surprised if this code does not
- initially work for you. As of this writing the exact hardware
- interface is strongly in flux, so no good recommendation can be
- made.
-
-config KEXEC_FILE
- bool "kexec file based system call"
- select KEXEC_CORE
- select HAVE_IMA_KEXEC if IMA
- select KEXEC_ELF
- depends on PPC64
- depends on CRYPTO=y
- depends on CRYPTO_SHA256=y
- help
- This is a new version of the kexec system call. This call is
- file based and takes in file descriptors as system call arguments
- for kernel and initramfs as opposed to a list of segments as is the
- case for the older kexec call.
+config ARCH_HAS_KEXEC
+ def_bool PPC_BOOK3S || PPC_E500 || (44x && !SMP)
+
+config ARCH_HAS_KEXEC_FILE
+ def_bool PPC64 && CRYPTO && CRYPTO_SHA256
config ARCH_HAS_KEXEC_PURGATORY
def_bool KEXEC_FILE
+config ARCH_SUPPORTS_KEXEC_FILE
+ def_bool y
+ depends on KEXEC_FILE
+ select KEXEC_ELF
+ select HAVE_IMA_KEXEC if IMA
+
config PPC64_BIG_ENDIAN_ELF_ABI_V2
bool "Build big-endian kernel using ELF ABI V2 (EXPERIMENTAL)"
depends on PPC64 && CPU_BIG_ENDIAN
@@ -682,14 +662,13 @@ config RELOCATABLE_TEST
loaded at, which tends to be non-zero and therefore test the
relocation code.
-config CRASH_DUMP
- bool "Build a dump capture kernel"
- depends on PPC64 || PPC_BOOK3S_32 || PPC_85xx || (44x && !SMP)
+config ARCH_HAS_CRASH_DUMP
+ def_bool PPC64 || PPC_BOOK3S_32 || PPC_85xx || (44x && !SMP)
+
+config ARCH_SUPPORTS_CRASH_DUMP
+ def_bool y
+ depends on CRASH_DUMP
select RELOCATABLE if PPC64 || 44x || PPC_85xx
- help
- Build a kernel suitable for use as a dump capture kernel.
- The same kernel binary can be used as production kernel and dump
- capture kernel.
config FA_DUMP
bool "Firmware-assisted dump"
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/x86/Kconfig | 89 +++++++-----------------------------------------
1 file changed, 13 insertions(+), 76 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 53bab123a8ee..7dff2481abe0 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2043,88 +2043,25 @@ config EFI_RUNTIME_MAP
source "kernel/Kconfig.hz"
-config KEXEC
- bool "kexec system call"
- select KEXEC_CORE
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
- The name comes from the similarity to the exec system call.
-
- It is an ongoing process to be certain the hardware in a machine
- is properly shutdown, so do not be surprised if this code does not
- initially work for you. As of this writing the exact hardware
- interface is strongly in flux, so no good recommendation can be
- made.
-
-config KEXEC_FILE
- bool "kexec file based system call"
- select KEXEC_CORE
- select HAVE_IMA_KEXEC if IMA
- depends on X86_64
- depends on CRYPTO=y
- depends on CRYPTO_SHA256=y
- help
- This is new version of kexec system call. This system call is
- file based and takes file descriptors as system call argument
- for kernel and initramfs as opposed to list of segments as
- accepted by previous system call.
+config ARCH_HAS_KEXEC
+ def_bool y
-config ARCH_HAS_KEXEC_PURGATORY
- def_bool KEXEC_FILE
+config ARCH_HAS_KEXEC_FILE
+ def_bool X86_64 && CRYPTO && CRYPTO_SHA256
-config KEXEC_SIG
- bool "Verify kernel signature during kexec_file_load() syscall"
+config ARCH_SUPPORTS_KEXEC_FILE
+ def_bool y
depends on KEXEC_FILE
- help
-
- This option makes the kexec_file_load() syscall check for a valid
- signature of the kernel image. The image can still be loaded without
- a valid signature unless you also enable KEXEC_SIG_FORCE, though if
- there's a signature that we can check, then it must be valid.
-
- In addition to this option, you need to enable signature
- verification for the corresponding kernel image type being
- loaded in order for this to work.
-
-config KEXEC_SIG_FORCE
- bool "Require a valid signature in kexec_file_load() syscall"
- depends on KEXEC_SIG
- help
- This option makes kernel signature verification mandatory for
- the kexec_file_load() syscall.
+ select HAVE_IMA_KEXEC if IMA
-config KEXEC_BZIMAGE_VERIFY_SIG
- bool "Enable bzImage signature verification support"
- depends on KEXEC_SIG
- depends on SIGNED_PE_FILE_VERIFICATION
- select SYSTEM_TRUSTED_KEYRING
- help
- Enable bzImage signature verification support.
+config ARCH_HAS_KEXEC_PURGATORY
+ def_bool KEXEC_FILE
-config CRASH_DUMP
- bool "kernel crash dumps"
- depends on X86_64 || (X86_32 && HIGHMEM)
- help
- Generate crash dump after being started by kexec.
- This should be normally only set in special crash dump kernels
- which are loaded in the main kernel with kexec-tools into
- a specially reserved region and then later executed after
- a crash by kdump/kexec. The crash dump kernel must be compiled
- to a memory address not used by the main kernel or BIOS using
- PHYSICAL_START, or it must be built as a relocatable image
- (CONFIG_RELOCATABLE=y).
- For more details see Documentation/admin-guide/kdump/kdump.rst
+config ARCH_HAS_KEXEC_JUMP
+ def_bool y
-config KEXEC_JUMP
- bool "kexec jump"
- depends on KEXEC && HIBERNATION
- help
- Jump between original kernel and kexeced kernel and invoke
- code in physical address mode via KEXEC
+config ARCH_HAS_CRASH_DUMP
+ def_bool X86_64 || (X86_32 && HIGHMEM)
config PHYSICAL_START
hex "Physical address where the kernel is loaded" if (EXPERT || CRASH_DUMP)
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/arm64/Kconfig | 61 ++++++++--------------------------------------
1 file changed, 10 insertions(+), 51 deletions(-)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 343e1e1cae10..33552476a877 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1433,60 +1433,19 @@ config PARAVIRT_TIME_ACCOUNTING
If in doubt, say N here.
-config KEXEC
- depends on PM_SLEEP_SMP
- select KEXEC_CORE
- bool "kexec system call"
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
-config KEXEC_FILE
- bool "kexec file based system call"
- select KEXEC_CORE
- select HAVE_IMA_KEXEC if IMA
- help
- This is new version of kexec system call. This system call is
- file based and takes file descriptors as system call argument
- for kernel and initramfs as opposed to list of segments as
- accepted by previous system call.
-
-config KEXEC_SIG
- bool "Verify kernel signature during kexec_file_load() syscall"
- depends on KEXEC_FILE
- help
- Select this option to verify a signature with loaded kernel
- image. If configured, any attempt of loading a image without
- valid signature will fail.
-
- In addition to that option, you need to enable signature
- verification for the corresponding kernel image type being
- loaded in order for this to work.
+config ARCH_HAS_KEXEC
+ def_bool PM_SLEEP_SMP
-config KEXEC_IMAGE_VERIFY_SIG
- bool "Enable Image signature verification support"
- default y
- depends on KEXEC_SIG
- depends on EFI && SIGNED_PE_FILE_VERIFICATION
- help
- Enable Image signature verification support.
-
-comment "Support for PE file signature verification disabled"
- depends on KEXEC_SIG
- depends on !EFI || !SIGNED_PE_FILE_VERIFICATION
+config ARCH_HAS_KEXEC_FILE
+ def_bool y
-config CRASH_DUMP
- bool "Build kdump crash kernel"
- help
- Generate crash dump after being started by kexec. This should
- be normally only set in special crash dump kernels which are
- loaded in the main kernel with kexec-tools into a specially
- reserved region and then later executed after a crash by
- kdump/kexec.
+config ARCH_SUPPORTS_KEXEC_FILE
+ def_bool y
+ depends on KEXEC_FILE
+ select HAVE_IMA_KEXEC if IMA
- For more details see Documentation/admin-guide/kdump/kdump.rst
+config ARCH_HAS_CRASH_DUMP
+ def_bool y
config TRANS_TABLE
def_bool y
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/ia64/Kconfig | 28 +++++-----------------------
1 file changed, 5 insertions(+), 23 deletions(-)
diff --git a/arch/ia64/Kconfig b/arch/ia64/Kconfig
index 21fa63ce5ffc..dbef97452839 100644
--- a/arch/ia64/Kconfig
+++ b/arch/ia64/Kconfig
@@ -360,31 +360,13 @@ config IA64_HP_AML_NFW
the "force" module parameter, e.g., with the "aml_nfw.force"
kernel command line option.
-config KEXEC
- bool "kexec system call"
- depends on !SMP || HOTPLUG_CPU
- select KEXEC_CORE
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
- The name comes from the similarity to the exec system call.
-
- It is an ongoing process to be certain the hardware in a machine
- is properly shutdown, so do not be surprised if this code does not
- initially work for you. As of this writing the exact hardware
- interface is strongly in flux, so no good recommendation can be
- made.
+endmenu
-config CRASH_DUMP
- bool "kernel crash dumps"
- depends on IA64_MCA_RECOVERY && (!SMP || HOTPLUG_CPU)
- help
- Generate crash dump after being started by kexec.
+config ARCH_HAS_KEXEC
+ def_bool !SMP || HOTPLUG_CPU
-endmenu
+config ARCH_HAS_CRASH_DUMP
+ def_bool IA64_MCA_RECOVERY && (!SMP || HOTPLUG_CPU)
menu "Power management and ACPI options"
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/mips/Kconfig | 32 +++++---------------------------
1 file changed, 5 insertions(+), 27 deletions(-)
diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig
index 675a8660cb85..fcf4d8b0775e 100644
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -2873,33 +2873,11 @@ config HZ
config SCHED_HRTICK
def_bool HIGH_RES_TIMERS
-config KEXEC
- bool "Kexec system call"
- select KEXEC_CORE
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
- The name comes from the similarity to the exec system call.
-
- It is an ongoing process to be certain the hardware in a machine
- is properly shutdown, so do not be surprised if this code does not
- initially work for you. As of this writing the exact hardware
- interface is strongly in flux, so no good recommendation can be
- made.
-
-config CRASH_DUMP
- bool "Kernel crash dumps"
- help
- Generate crash dump after being started by kexec.
- This should be normally only set in special crash dump kernels
- which are loaded in the main kernel with kexec-tools into
- a specially reserved region and then later executed after
- a crash by kdump/kexec. The crash dump kernel must be compiled
- to a memory address not used by the main kernel or firmware using
- PHYSICAL_START.
+config ARCH_HAS_KEXEC
+ def_bool y
+
+config ARCH_HAS_CRASH_DUMP
+ def_bool y
config PHYSICAL_START
hex "Physical address where the kernel is loaded"
--
2.31.1
The kexec and crash kernel options are provided in the common
kernel/Kconfig.kexec. Utilize the common options and provide
the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
equivalent set of KEXEC and CRASH options.
Signed-off-by: Eric DeVolder <[email protected]>
---
arch/parisc/Kconfig | 34 +++++++++++-----------------------
1 file changed, 11 insertions(+), 23 deletions(-)
diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig
index 967bde65dd0e..36c139ce9f5a 100644
--- a/arch/parisc/Kconfig
+++ b/arch/parisc/Kconfig
@@ -348,29 +348,17 @@ config NR_CPUS
default "4" if 64BIT
default "16"
-config KEXEC
- bool "Kexec system call"
- select KEXEC_CORE
- help
- kexec is a system call that implements the ability to shutdown your
- current kernel, and to start another kernel. It is like a reboot
- but it is independent of the system firmware. And like a reboot
- you can start any kernel with it, not just Linux.
-
- It is an ongoing process to be certain the hardware in a machine
- shutdown, so do not be surprised if this code does not
- initially work for you.
-
-config KEXEC_FILE
- bool "kexec file based system call"
- select KEXEC_CORE
- select KEXEC_ELF
- help
- This enables the kexec_file_load() System call. This is
- file based and takes file descriptors as system call argument
- for kernel and initramfs as opposed to list of segments as
- accepted by previous system call.
-
endmenu
+config ARCH_HAS_KEXEC
+ def_bool y
+
+config ARCH_HAS_KEXEC_FILE
+ def_bool y
+
+config ARCH_SUPPORTS_KEXEC_FILE
+ def_bool y
+ depends on KEXEC_FILE
+ select KEXEC_ELF
+
source "drivers/parisc/Kconfig"
--
2.31.1
My apologies, but this patch series is 13 patches, not 21. The last patch is "PATCH v1 13/21
sh/kexec: refactor for kernel/Kconfig.kexec"
I'll correct for v2.
eric
On 6/12/23 12:27, Eric DeVolder wrote:
> The Kconfig is refactored to consolidate KEXEC and CRASH options from
> various arch/<arch>/Kconfig files into new file kernel/Kconfig.kexec.
>
> The Kconfig.kexec is now a submenu titled "Kexec and crash features"
> located under "General Setup".
>
> The following options are impacted:
>
> - KEXEC
> - KEXEC_FILE
> - KEXEC_SIG
> - KEXEC_SIG_FORCE
> - KEXEC_BZIMAGE_VERIFY_SIG
> - KEXEC_JUMP
> - CRASH_DUMP
>
> Over time, these options have been copied between Kconfig files and
> are very similar to one another, but with slight differences.
>
> The following architectures are impacted by the refactor (because of
> use of one or more KEXEC/CRASH options):
>
> - arm
> - arm64
> - ia64
> - loongarch
> - m68k
> - mips
> - parisc
> - powerpc
> - riscv
> - s390
> - sh
> - x86
>
> More information:
>
> In the patch series "crash: Kernel handling of CPU and memory hot
> un/plug"
>
> https://lore.kernel.org/lkml/[email protected]/
>
> the new kernel feature introduces the config option CRASH_HOTPLUG.
>
> In reviewing, Thomas Gleixner requested that the new config option
> not be placed in x86 Kconfig. Rather the option needs a generic/common
> home. To Thomas' point, the KEXEC and CRASH options have largely been
> duplicated in the various arch/<arch>/Kconfig files, with minor
> differences. This kind of proliferation is to be avoid/stopped.
>
> https://lore.kernel.org/lkml/875y91yv63.ffs@tglx/
>
> To that end, I have refactored the arch Kconfigs so as to consolidate
> the various KEXEC and CRASH options. Generally speaking, this work has
> the following themes:
>
> - KEXEC and CRASH options are moved into new file kernel/Kconfig.kexec
> - These items from arch/Kconfig:
> CRASH_CORE KEXEC_CORE KEXEC_ELF HAVE_IMA_KEXEC
> - These items from arch/x86/Kconfig form the common options:
> KEXEC KEXEC_FILE KEXEC_SIG KEXEC_SIG_FORCE
> KEXEC_BZIMAGE_VERIFY_SIG KEXEC_JUMP CRASH_DUMP
> - The crash hotplug series appends CRASH_HOTPLUG to Kconfig.kexec
> NOTE: PHYSICAL_START could be argued to be included in this series.
> - The Kconfig.kexec is now a submenu titled "Kexec and crash features"
> - The Kconfig.kexec is now listed in "General Setup" submenu from
> init/Kconfig
> - To control the main common options, new options ARCH_HAS_KEXEC,
> ARCH_HAS_KEXEC_FILE and ARCH_HAS_CRASH_DUMP are introduced.
> NOTE: I went with ARCH_HAS_ due to the existing ARCH_HAS_KEXEC_PURGATORY.
> - To account for the slight differences, new options ARCH_SUPPORTS_KEXEC,
> ARCH_SUPPORTS_KEXEC_FILE and ARCH_SUPPORTS_CRASH_DUMP are used to
> elicit the same side effects as the original arch/<arch>/Kconfig
> files for KEXEC and CRASH options.
> NOTE: I'm open to a better name than 'ARCH_SUPPORTS', perhaps
> ARCH_CUSTOMIZE ?
>
> An example, 'make menuconfig' illustrating the submenu:
>
> > General setup > Kexec and crash features
> [*] Enable kexec system call
> [*] Enable kexec file based system call
> [*] Verify kernel signature during kexec_file_load() syscall
> [ ] Require a valid signature in kexec_file_load() syscall
> [ ] Enable bzImage signature verification support
> [*] kexec jump
> [*] kernel crash dumps
> [*] Update the crash elfcorehdr on system configuration changes
>
> The three main options are KEXEC, KEXEC_FILE and CRASH_DUMP. In the
> process of consolidating these options, I encountered slight differences
> in the coding of these options in several of the architectures. As a
> result, I settled on the following solution:
>
> - Each of three main options has a 'depends on ARCH_HAS_<option>'
> statement: ARCH_HAS_KEXEC, ARCH_HAS_KEXEC_FILE, ARCH_HAS_CRASH_DUMP.
>
> For example, the KEXEC_FILE option has a 'depends on
> ARCH_HAS_KEXEC_FILE' statement.
>
> - The boolean ARCH_HAS_<option> in effect allows the arch to determine
> when the feature is allowed. Archs which don't have the feature
> simply do not provide the corresponding ARCH_HAS_<option>.
> For each arch, where there previously were KEXEC and/or CRASH
> options, these have been replaced with the corresponding boolean
> ARCH_HAS_<option>, and an appropriate def_bool statement.
>
> For example, if the arch supports KEXEC_FILE, then the
> ARCH_HAS_KEXEC_FILE simply has a 'def_bool y'. This permits the
> KEXEC_FILE option to be available.
>
> If the arch has a 'depends on' statement in its original coding
> of the option, then that expression becomes part of the def_bool
> expression. For example, arm64 had:
>
> config KEXEC
> depends on PM_SLEEP_SMP
>
> and in this solution, this converts to:
>
> config ARCH_HAS_KEXEC
> def_bool PM_SLEEP_SMP
>
>
> - In order to account for the differences in the config coding for
> the three common options, the ARCH_SUPPORTS_<option> is used.
> This options has a 'depends on <option>' statement to couple it
> to the main option, and from there can insert the differences
> from the common option and the arch original coding of that option.
>
> For example, a few archs enable CRYPTO and CRYTPO_SHA256 for
> KEXEC_FILE. These require a ARCH_SUPPORTS_KEXEC_FILE and
> 'select CRYPTO' and 'select CRYPTO_SHA256' statements.
>
> Illustrating the option relationships:
>
> For KEXEC:
> ARCH_HAS_KEXEC <- KEXEC <- ARCH_SUPPORTS_KEXEC
>
> KEXEC # in Kconfig.kexec
> ARCH_HAS_KEXEC # in arch/<arch>/Kconfig, as needed
> ARCH_SUPPORTS_KEXEC # in arch/<arch>/Kconfig, as needed
>
>
> For KEXEC_FILE:
> ARCH_HAS_KEXEC_FILE <- KEXEC_FILE <- ARCH_SUPPORTS_KEXEC_FILE
>
> KEXEC_FILE # in Kconfig.kexec
> ARCH_HAS_KEXEC_FILE # in arch/<arch>/Kconfig, as needed
> ARCH_SUPPORTS_KEXEC_FILE # in arch/<arch>/Kconfig, as needed
>
>
> For CRASH:
> ARCH_HAS_CRASH_DUMP <- CRASH_DUMP <- ARCH_SUPPORTS_CRASH_DUMP
>
> CRASH_DUMP # in Kconfig.kexec
> ARCH_HAS_CRASH_DUMP # in arch/<arch>/Kconfig, as needed
> ARCH_SUPPORTS_CRASH_DUMP # in arch/<arch>/Kconfig, as needed
>
> To summarize, the ARCH_HAS_<option> permits the <option> to be
> enabled, and the ARCH_SUPPORTS_<option> handles side effects (ie.
> select statements).
>
> Examples:
> A few examples to show the new strategy in action:
>
> ===== x86 (minus the help section) =====
> Original:
> config KEXEC
> bool "kexec system call"
> select KEXEC_CORE
>
> config KEXEC_FILE
> bool "kexec file based system call"
> select KEXEC_CORE
> select HAVE_IMA_KEXEC if IMA
> depends on X86_64
> depends on CRYPTO=y
> depends on CRYPTO_SHA256=y
>
> config ARCH_HAS_KEXEC_PURGATORY
> def_bool KEXEC_FILE
>
> config KEXEC_SIG
> bool "Verify kernel signature during kexec_file_load() syscall"
> depends on KEXEC_FILE
>
> config KEXEC_SIG_FORCE
> bool "Require a valid signature in kexec_file_load() syscall"
> depends on KEXEC_SIG
>
> config KEXEC_BZIMAGE_VERIFY_SIG
> bool "Enable bzImage signature verification support"
> depends on KEXEC_SIG
> depends on SIGNED_PE_FILE_VERIFICATION
> select SYSTEM_TRUSTED_KEYRING
>
> config CRASH_DUMP
> bool "kernel crash dumps"
> depends on X86_64 || (X86_32 && HIGHMEM)
>
> config KEXEC_JUMP
> bool "kexec jump"
> depends on KEXEC && HIBERNATION
> help
>
> becomes...
> New:
> config ARCH_HAS_KEXEC
> def_bool y
>
> config ARCH_HAS_KEXEC_FILE
> def_bool X86_64 && CRYPTO && CRYPTO_SHA256
>
> config ARCH_SUPPORTS_KEXEC_FILE
> def_bool y
> depends on KEXEC_FILE
> select HAVE_IMA_KEXEC if IMA
>
> config ARCH_HAS_KEXEC_PURGATORY
> def_bool KEXEC_FILE
>
> config ARCH_HAS_KEXEC_JUMP
> def_bool y
>
> config ARCH_HAS_CRASH_DUMP
> def_bool X86_64 || (X86_32 && HIGHMEM)
>
>
> ===== powerpc (minus the help section) =====
> Original:
> config KEXEC
> bool "kexec system call"
> depends on PPC_BOOK3S || PPC_E500 || (44x && !SMP)
> select KEXEC_CORE
>
> config KEXEC_FILE
> bool "kexec file based system call"
> select KEXEC_CORE
> select HAVE_IMA_KEXEC if IMA
> select KEXEC_ELF
> depends on PPC64
> depends on CRYPTO=y
> depends on CRYPTO_SHA256=y
>
> config ARCH_HAS_KEXEC_PURGATORY
> def_bool KEXEC_FILE
>
> config CRASH_DUMP
> bool "Build a dump capture kernel"
> depends on PPC64 || PPC_BOOK3S_32 || PPC_85xx || (44x && !SMP)
> select RELOCATABLE if PPC64 || 44x || PPC_85xx
>
> becomes...
> New:
> config ARCH_HAS_KEXEC
> def_bool PPC_BOOK3S || PPC_E500 || (44x && !SMP)
>
> config ARCH_HAS_KEXEC_FILE
> def_bool PPC64 && CRYPTO && CRYPTO_SHA256
>
> config ARCH_HAS_KEXEC_PURGATORY
> def_bool KEXEC_FILE
>
> config ARCH_SUPPORTS_KEXEC_FILE
> def_bool y
> depends on KEXEC_FILE
> select KEXEC_ELF
> select HAVE_IMA_KEXEC if IMA
>
> config ARCH_HAS_CRASH_DUMP
> def_bool PPC64 || PPC_BOOK3S_32 || PPC_85xx || (44x && !SMP)
>
> config ARCH_SUPPORTS_CRASH_DUMP
> def_bool y
> depends on CRASH_DUMP
> select RELOCATABLE if PPC64 || 44x || PPC_85xx
>
>
> Testing Approach and Results
>
> There are 388 config files in the arch/<arch>/configs directories.
> For each of these config files, a .config is generated both before and
> after this Kconfig series, and checked for equivalence. This approach
> allows for a rather rapid check of all architectures and a wide
> variety of configs wrt/ KEXEC and CRASH, and avoids requiring
> compiling for all architectures and running kernels and run-time
> testing.
>
> As such, I developed the following script to compare the before and
> after of 'make olddefconfig'. The new symbols introduced by this
> series are filtered out, but otherwise the config files are PASS
> only if they were equivalent, and FAIL otherwise.
>
> The script performs the test by doing the following:
>
> # Obtain the "golden" .config output for given config file
> # Reset test sandbox
> git checkout master
> git branch -D test_Kconfig
> git checkout -B test_Kconfig master
> make distclean
> # Write out updated config
> cp -f <config file> .config
> make ARCH=<arch> olddefconfig
> # Track each item in .config, LHSB is "golden"
> scoreboard .config
>
> # Obtain the "changed" .config output for given config file
> # Reset test sandbox
> make distclean
> # Apply this Kconfig series
> git am <this Kconfig series>
> # Write out updated config
> cp -f <config file> .config
> make ARCH=<arch> olddefconfig
> # Track each item in .config, RHSB is "changed"
> scoreboard .config
>
> # Determine test result
> # Filter-out new symbols introduced by this series
> # Filter-out symbol=n which not in either scoreboard
> # Compare LHSB "golden" and RHSB "changed" scoreboards and issue PASS/FAIL
>
> The script was instrumental during the refactoring of Kconfig as it
> continually revealed problems. The end result being that the solution
> presented in this series passes all configs as checked by the script.
>
> Regards,
> eric
>
>
> ---
> v1: 12jun2023
> - Initial
> - Based on 6.4.0-rc6
>
> ---
> Eric DeVolder (21):
> kexec: consolidate kexec and crash options into kernel/Kconfig.kexec
> x86/kexec: refactor for kernel/Kconfig.kexec
> arm/kexec: refactor for kernel/Kconfig.kexec
> ia64/kexec: refactor for kernel/Kconfig.kexec
> arm64/kexec: refactor for kernel/Kconfig.kexec
> loongarch/kexec: refactor for kernel/Kconfig.kexec
> m68k/kexec: refactor for kernel/Kconfig.kexec
> mips/kexec: refactor for kernel/Kconfig.kexec
> parisc/kexec: refactor for kernel/Kconfig.kexec
> powerpc/kexec: refactor for kernel/Kconfig.kexec
> riscv/kexec: refactor for kernel/Kconfig.kexec
> s390/kexec: refactor for kernel/Kconfig.kexec
> sh/kexec: refactor for kernel/Kconfig.kexec
> crash: move a few code bits to setup support of crash hotplug
> crash: add generic infrastructure for crash hotplug support
> kexec: exclude elfcorehdr from the segment digest
> crash: memory and CPU hotplug sysfs attributes
> x86/crash: add x86 crash hotplug support
> crash: hotplug support for kexec_load()
> crash: change crash_prepare_elf64_headers() to for_each_possible_cpu()
> x86/crash: optimize CPU changes
>
> .../admin-guide/mm/memory-hotplug.rst | 8 +
> Documentation/core-api/cpu_hotplug.rst | 18 +
> arch/Kconfig | 13 -
> arch/arm/Kconfig | 29 +-
> arch/arm64/Kconfig | 61 +--
> arch/ia64/Kconfig | 28 +-
> arch/loongarch/Kconfig | 26 +-
> arch/m68k/Kconfig | 19 +-
> arch/mips/Kconfig | 32 +-
> arch/parisc/Kconfig | 34 +-
> arch/powerpc/Kconfig | 55 +--
> arch/riscv/Kconfig | 48 +--
> arch/s390/Kconfig | 65 +---
> arch/sh/Kconfig | 46 +--
> arch/x86/Kconfig | 90 +----
> arch/x86/include/asm/kexec.h | 18 +
> arch/x86/kernel/crash.c | 140 ++++++-
> drivers/base/cpu.c | 14 +
> drivers/base/memory.c | 13 +
> include/linux/crash_core.h | 9 +
> include/linux/kexec.h | 63 +++-
> include/uapi/linux/kexec.h | 1 +
> init/Kconfig | 2 +
> kernel/Kconfig.kexec | 134 +++++++
> kernel/crash_core.c | 355 ++++++++++++++++++
> kernel/kexec.c | 5 +
> kernel/kexec_core.c | 6 +
> kernel/kexec_file.c | 187 +--------
> kernel/ksysfs.c | 15 +
> 29 files changed, 900 insertions(+), 634 deletions(-)
> create mode 100644 kernel/Kconfig.kexec
>
On Mon, Jun 12, 2023 at 7:29 PM Eric DeVolder <[email protected]> wrote:
> The kexec and crash kernel options are provided in the common
> kernel/Kconfig.kexec. Utilize the common options and provide
> the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
> equivalent set of KEXEC and CRASH options.
>
> Signed-off-by: Eric DeVolder <[email protected]>
Reviewed-by: Geert Uytterhoeven <[email protected]>
Acked-by: Geert Uytterhoeven <[email protected]>
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
On Mon, Jun 12, 2023 at 01:27:52PM -0400, Eric DeVolder wrote:
> The Kconfig is refactored to consolidate KEXEC and CRASH options from
> various arch/<arch>/Kconfig files into new file kernel/Kconfig.kexec.
This looks very nice!
> [...]
> - The boolean ARCH_HAS_<option> in effect allows the arch to determine
> when the feature is allowed. Archs which don't have the feature
> simply do not provide the corresponding ARCH_HAS_<option>.
> For each arch, where there previously were KEXEC and/or CRASH
> options, these have been replaced with the corresponding boolean
> ARCH_HAS_<option>, and an appropriate def_bool statement.
>
> For example, if the arch supports KEXEC_FILE, then the
> ARCH_HAS_KEXEC_FILE simply has a 'def_bool y'. This permits the
> KEXEC_FILE option to be available.
>
> If the arch has a 'depends on' statement in its original coding
> of the option, then that expression becomes part of the def_bool
> expression. For example, arm64 had:
>
> config KEXEC
> depends on PM_SLEEP_SMP
>
> and in this solution, this converts to:
>
> config ARCH_HAS_KEXEC
> def_bool PM_SLEEP_SMP
>
>
> - In order to account for the differences in the config coding for
> the three common options, the ARCH_SUPPORTS_<option> is used.
> This options has a 'depends on <option>' statement to couple it
> to the main option, and from there can insert the differences
> from the common option and the arch original coding of that option.
>
> For example, a few archs enable CRYPTO and CRYTPO_SHA256 for
> KEXEC_FILE. These require a ARCH_SUPPORTS_KEXEC_FILE and
> 'select CRYPTO' and 'select CRYPTO_SHA256' statements.
Naming nit: "HAS" and "SUPPORTS" feel very similar, and looking at
existing configs, "ARCH_SUPPORTS_..." is already used for doing this
kind of bare "bool" management. e.g. see ARCH_SUPPORTS_INT128
It looks like you need to split "depends" and "select" so the options
can be chosen separately from the "selectable" configs.
How about naming this ARCH_SELECTS_<option>, since that's what it's
there for?
-Kees
--
Kees Cook
On 6/12/23 14:38, Geert Uytterhoeven wrote:
> On Mon, Jun 12, 2023 at 7:29 PM Eric DeVolder <[email protected]> wrote:
>> The kexec and crash kernel options are provided in the common
>> kernel/Kconfig.kexec. Utilize the common options and provide
>> the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
>> equivalent set of KEXEC and CRASH options.
>>
>> Signed-off-by: Eric DeVolder <[email protected]>
>
> Reviewed-by: Geert Uytterhoeven <[email protected]>
> Acked-by: Geert Uytterhoeven <[email protected]>
>
> Gr{oetje,eeting}s,
>
> Geert
>
Thank you Geert!
eric
On 6/13/23 20:22, Leizhen (ThunderTown) wrote:
>
>
> On 2023/6/13 1:27, Eric DeVolder wrote:
>> The kexec and crash kernel options are provided in the common
>> kernel/Kconfig.kexec. Utilize the common options and provide
>> the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
>> equivalent set of KEXEC and CRASH options.
>>
>> Signed-off-by: Eric DeVolder <[email protected]>
>> ---
>> arch/arm64/Kconfig | 61 ++++++++--------------------------------------
>> 1 file changed, 10 insertions(+), 51 deletions(-)
>>
>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>> index 343e1e1cae10..33552476a877 100644
>> --- a/arch/arm64/Kconfig
>> +++ b/arch/arm64/Kconfig
>> @@ -1433,60 +1433,19 @@ config PARAVIRT_TIME_ACCOUNTING
>>
>> If in doubt, say N here.
>>
>> -config KEXEC
>> - depends on PM_SLEEP_SMP
>> - select KEXEC_CORE
>> - bool "kexec system call"
>> - help
>> - kexec is a system call that implements the ability to shutdown your
>> - current kernel, and to start another kernel. It is like a reboot
>> - but it is independent of the system firmware. And like a reboot
>> - you can start any kernel with it, not just Linux.
>> -
>> -config KEXEC_FILE
>> - bool "kexec file based system call"
>> - select KEXEC_CORE
>> - select HAVE_IMA_KEXEC if IMA
>> - help
>> - This is new version of kexec system call. This system call is
>> - file based and takes file descriptors as system call argument
>> - for kernel and initramfs as opposed to list of segments as
>> - accepted by previous system call.
>> -
>> -config KEXEC_SIG
>> - bool "Verify kernel signature during kexec_file_load() syscall"
>> - depends on KEXEC_FILE
>> - help
>> - Select this option to verify a signature with loaded kernel
>> - image. If configured, any attempt of loading a image without
>> - valid signature will fail.
>> -
>> - In addition to that option, you need to enable signature
>> - verification for the corresponding kernel image type being
>> - loaded in order for this to work.
>> +config ARCH_HAS_KEXEC
>> + def_bool PM_SLEEP_SMP
>>
>> -config KEXEC_IMAGE_VERIFY_SIG
>> - bool "Enable Image signature verification support"
>> - default y
>> - depends on KEXEC_SIG
>> - depends on EFI && SIGNED_PE_FILE_VERIFICATION
>> - help
>> - Enable Image signature verification support.
>
> I don't see an alternative to this option. It's used in
> arch/arm64/kernel/kexec_image.c:135
>
Good catch! I will move this into the common options.
Thank you Zhen!
eric
>> -
>> -comment "Support for PE file signature verification disabled"
>> - depends on KEXEC_SIG
>> - depends on !EFI || !SIGNED_PE_FILE_VERIFICATION
>> +config ARCH_HAS_KEXEC_FILE
>> + def_bool y
>>
>> -config CRASH_DUMP
>> - bool "Build kdump crash kernel"
>> - help
>> - Generate crash dump after being started by kexec. This should
>> - be normally only set in special crash dump kernels which are
>> - loaded in the main kernel with kexec-tools into a specially
>> - reserved region and then later executed after a crash by
>> - kdump/kexec.
>> +config ARCH_SUPPORTS_KEXEC_FILE
>> + def_bool y
>> + depends on KEXEC_FILE
>> + select HAVE_IMA_KEXEC if IMA
>>
>> - For more details see Documentation/admin-guide/kdump/kdump.rst
>> +config ARCH_HAS_CRASH_DUMP
>> + def_bool y
>>
>> config TRANS_TABLE
>> def_bool y
>>
>
On 6/13/23 20:19, Leizhen (ThunderTown) wrote:
>
>
> On 2023/6/13 1:27, Eric DeVolder wrote:
>> The config options for kexec and crash features are consolidated
>> into new file kernel/Kconfig.kexec. Under the "General Setup" submenu
>> is a new submenu "Kexec and crash handling" where all the kexec and
>> crash options that were once in the arch-dependent submenu "Processor
>> type and features" are now consolidated.
>>
>> The following options are impacted:
>>
>> - KEXEC
>> - KEXEC_FILE
>> - KEXEC_SIG
>> - KEXEC_SIG_FORCE
>> - KEXEC_BZIMAGE_VERIFY_SIG
>> - KEXEC_JUMP
>> - CRASH_DUMP
>>
>> The three main options are KEXEC, KEXEC_FILE and CRASH_DUMP.
>>
>> Architectures specify support of certain KEXEC and CRASH features with
>> similarly named new ARCH_HAS_<option> config options.
>>
>> Architectures can utilize the new ARCH_SUPPORTS_<option> config
>> options to specify additional components when <option> is enabled.
>>
>> To summarize, the ARCH_HAS_<option> permits the <option> to be
>> enabled, and the ARCH_SUPPORTS_<option> handles side effects (ie.
>> select statements).
>>
>> Signed-off-by: Eric DeVolder <[email protected]>
>> ---
>> arch/Kconfig | 13 ------
>> init/Kconfig | 2 +
>> kernel/Kconfig.kexec | 103 +++++++++++++++++++++++++++++++++++++++++++
>> 3 files changed, 105 insertions(+), 13 deletions(-)
>> create mode 100644 kernel/Kconfig.kexec
>>
>> diff --git a/arch/Kconfig b/arch/Kconfig
>> index 205fd23e0cad..a37730679730 100644
>> --- a/arch/Kconfig
>> +++ b/arch/Kconfig
>> @@ -11,19 +11,6 @@ source "arch/$(SRCARCH)/Kconfig"
>>
>> menu "General architecture-dependent options"
>>
>> -config CRASH_CORE
>> - bool
>> -
>> -config KEXEC_CORE
>> - select CRASH_CORE
>> - bool
>> -
>> -config KEXEC_ELF
>> - bool
>> -
>> -config HAVE_IMA_KEXEC
>> - bool
>> -
>> config ARCH_HAS_SUBPAGE_FAULTS
>> bool
>> help
>> diff --git a/init/Kconfig b/init/Kconfig
>> index 32c24950c4ce..4424447e23a5 100644
>> --- a/init/Kconfig
>> +++ b/init/Kconfig
>> @@ -1917,6 +1917,8 @@ config BINDGEN_VERSION_TEXT
>> config TRACEPOINTS
>> bool
>>
>> +source "kernel/Kconfig.kexec"
>> +
>> endmenu # General setup
>>
>> source "arch/Kconfig"
>> diff --git a/kernel/Kconfig.kexec b/kernel/Kconfig.kexec
>> new file mode 100644
>> index 000000000000..660048099865
>> --- /dev/null
>> +++ b/kernel/Kconfig.kexec
>> @@ -0,0 +1,103 @@
>> +# SPDX-License-Identifier: GPL-2.0-only
>> +
>> +menu "Kexec and crash features"
>> +
>> +config CRASH_CORE
>> + bool
>> +
>> +config KEXEC_CORE
>> + select CRASH_CORE
>> + bool
>> +
>> +config KEXEC_ELF
>> + bool
>> +
>> +config HAVE_IMA_KEXEC
>> + bool
>> +
>> +config KEXEC
>> + bool "Enable kexec system call"
>> + default ARCH_DEFAULT_KEXEC
>> + depends on ARCH_HAS_KEXEC
>> + select KEXEC_CORE
>> + help
>> + kexec is a system call that implements the ability to shutdown your
>> + current kernel, and to start another kernel. It is like a reboot
>> + but it is independent of the system firmware. And like a reboot
>> + you can start any kernel with it, not just Linux.
>
> "kernel. It is like", "firmware. And like"
>
> A few more spaces, I don't know the original author's intention, perhaps can be removed.
>
I'll remove the extra spaces.
>> +
>> + The name comes from the similarity to the exec system call.
>> +
>> + It is an ongoing process to be certain the hardware in a machine
>> + is properly shutdown, so do not be surprised if this code does not
>> + initially work for you. As of this writing the exact hardware
>> + interface is strongly in flux, so no good recommendation can be
>> + made.
>> +
>> +config KEXEC_FILE
>> + bool "Enable kexec file based system call"
>> + depends on ARCH_HAS_KEXEC_FILE
>> + select KEXEC_CORE
>> + help
>> + This is new version of kexec system call. This system call is
>> + file based and takes file descriptors as system call argument
>> + for kernel and initramfs as opposed to list of segments as
>> + accepted by previous system call.
>> +
>> +config KEXEC_SIG
>> + bool "Verify kernel signature during kexec_file_load() syscall"
>> + depends on KEXEC_FILE && MODULE_SIG_FORMAT
>
> I see that there is no "depends on MODULE_SIG_FORMAT" on x86 and arm64.
>
Good catch, I'll remove MODULE_SIG_FORMAT and place it on just s390 (which is the only arch that had
it this way).
>> + help
>> +
>
> This blank line can be deleted.
>
I will remove it.
Thank you, Zhen!
eric
>> + This option makes the kexec_file_load() syscall check for a valid
>> + signature of the kernel image. The image can still be loaded without
>> + a valid signature unless you also enable KEXEC_SIG_FORCE, though if
>> + there's a signature that we can check, then it must be valid.
>> +
>> + In addition to this option, you need to enable signature
>> + verification for the corresponding kernel image type being
>> + loaded in order for this to work.
>> +
>> +config KEXEC_SIG_FORCE
>> + bool "Require a valid signature in kexec_file_load() syscall"
>> + depends on KEXEC_SIG
>> + help
>> + This option makes kernel signature verification mandatory for
>> + the kexec_file_load() syscall.
>> +
>> +config KEXEC_BZIMAGE_VERIFY_SIG
>> + bool "Enable bzImage signature verification support"
>> + depends on KEXEC_SIG
>> + depends on SIGNED_PE_FILE_VERIFICATION
>> + select SYSTEM_TRUSTED_KEYRING
>> + help
>> + Enable bzImage signature verification support.
>> +
>> +config KEXEC_JUMP
>> + bool "kexec jump"
>> + depends on KEXEC && HIBERNATION
>> + depends on ARCH_HAS_KEXEC_JUMP
>> + help
>> + Jump between original kernel and kexeced kernel and invoke
>> + code in physical address mode via KEXEC
>> +
>> +config CRASH_DUMP
>> + bool "kernel crash dumps"
>> + depends on ARCH_HAS_CRASH_DUMP
>> + select KEXEC_CORE
>> + select CRASH_CORE
>> + help
>> + Generate crash dump after being started by kexec.
>> + This should be normally only set in special crash dump kernels
>> + which are loaded in the main kernel with kexec-tools into
>> + a specially reserved region and then later executed after
>> + a crash by kdump/kexec. The crash dump kernel must be compiled
>> + to a memory address not used by the main kernel or BIOS using
>> + PHYSICAL_START, or it must be built as a relocatable image
>> + (CONFIG_RELOCATABLE=y).
>> + For more details see Documentation/admin-guide/kdump/kdump.rst
>> +
>> + For s390, this option also enables zfcpdump.
>> + See also <file:Documentation/s390/zfcpdump.rst>
>> +
>> +endmenu
>>
>
On 6/13/23 15:21, Kees Cook wrote:
> On Mon, Jun 12, 2023 at 01:27:52PM -0400, Eric DeVolder wrote:
>> The Kconfig is refactored to consolidate KEXEC and CRASH options from
>> various arch/<arch>/Kconfig files into new file kernel/Kconfig.kexec.
>
> This looks very nice!
>
Thank you Kees!
>> [...]
>> - The boolean ARCH_HAS_<option> in effect allows the arch to determine
>> when the feature is allowed. Archs which don't have the feature
>> simply do not provide the corresponding ARCH_HAS_<option>.
>> For each arch, where there previously were KEXEC and/or CRASH
>> options, these have been replaced with the corresponding boolean
>> ARCH_HAS_<option>, and an appropriate def_bool statement.
>>
>> For example, if the arch supports KEXEC_FILE, then the
>> ARCH_HAS_KEXEC_FILE simply has a 'def_bool y'. This permits the
>> KEXEC_FILE option to be available.
>>
>> If the arch has a 'depends on' statement in its original coding
>> of the option, then that expression becomes part of the def_bool
>> expression. For example, arm64 had:
>>
>> config KEXEC
>> depends on PM_SLEEP_SMP
>>
>> and in this solution, this converts to:
>>
>> config ARCH_HAS_KEXEC
>> def_bool PM_SLEEP_SMP
>>
>>
>> - In order to account for the differences in the config coding for
>> the three common options, the ARCH_SUPPORTS_<option> is used.
>> This options has a 'depends on <option>' statement to couple it
>> to the main option, and from there can insert the differences
>> from the common option and the arch original coding of that option.
>>
>> For example, a few archs enable CRYPTO and CRYTPO_SHA256 for
>> KEXEC_FILE. These require a ARCH_SUPPORTS_KEXEC_FILE and
>> 'select CRYPTO' and 'select CRYPTO_SHA256' statements.
>
> Naming nit: "HAS" and "SUPPORTS" feel very similar, and looking at
> existing configs, "ARCH_SUPPORTS_..." is already used for doing this
> kind of bare "bool" management. e.g. see ARCH_SUPPORTS_INT128
>
> It looks like you need to split "depends" and "select" so the options
> can be chosen separately from the "selectable" configs.
>
> How about naming this ARCH_SELECTS_<option>, since that's what it's
> there for?
>
I'm OK with this. Let's see if others agree?
Thank you!
eric
> -Kees
>
On Mon, Jun 12, 2023 at 01:27:53PM -0400, Eric DeVolder wrote:
...
> +config KEXEC_FILE
> + bool "Enable kexec file based system call"
> + depends on ARCH_HAS_KEXEC_FILE
> + select KEXEC_CORE
> + help
> + This is new version of kexec system call. This system call is
> + file based and takes file descriptors as system call argument
> + for kernel and initramfs as opposed to list of segments as
> + accepted by previous system call.
Which "previous"? I guess, "by kexec system call" would sound clear.
Thanks!
On 6/14/23 10:24, Alexander Gordeev wrote:
> On Mon, Jun 12, 2023 at 01:27:53PM -0400, Eric DeVolder wrote:
> ...
>> +config KEXEC_FILE
>> + bool "Enable kexec file based system call"
>> + depends on ARCH_HAS_KEXEC_FILE
>> + select KEXEC_CORE
>> + help
>> + This is new version of kexec system call. This system call is
>> + file based and takes file descriptors as system call argument
>> + for kernel and initramfs as opposed to list of segments as
>> + accepted by previous system call.
>
> Which "previous"? I guess, "by kexec system call" would sound clear.
>
> Thanks!
OK, will make that change!
eric
Eric DeVolder <[email protected]> writes:
> On 6/13/23 15:21, Kees Cook wrote:
>> On Mon, Jun 12, 2023 at 01:27:52PM -0400, Eric DeVolder wrote:
>>> The Kconfig is refactored to consolidate KEXEC and CRASH options from
>>> various arch/<arch>/Kconfig files into new file kernel/Kconfig.kexec.
>>
>> This looks very nice!
>>
> Thank you Kees!
>
>>> [...]
>>> - The boolean ARCH_HAS_<option> in effect allows the arch to determine
>>> when the feature is allowed. Archs which don't have the feature
>>> simply do not provide the corresponding ARCH_HAS_<option>.
>>> For each arch, where there previously were KEXEC and/or CRASH
>>> options, these have been replaced with the corresponding boolean
>>> ARCH_HAS_<option>, and an appropriate def_bool statement.
>>>
>>> For example, if the arch supports KEXEC_FILE, then the
>>> ARCH_HAS_KEXEC_FILE simply has a 'def_bool y'. This permits the
>>> KEXEC_FILE option to be available.
>>>
>>> If the arch has a 'depends on' statement in its original coding
>>> of the option, then that expression becomes part of the def_bool
>>> expression. For example, arm64 had:
>>>
>>> config KEXEC
>>> depends on PM_SLEEP_SMP
>>>
>>> and in this solution, this converts to:
>>>
>>> config ARCH_HAS_KEXEC
>>> def_bool PM_SLEEP_SMP
>>>
>>>
>>> - In order to account for the differences in the config coding for
>>> the three common options, the ARCH_SUPPORTS_<option> is used.
>>> This options has a 'depends on <option>' statement to couple it
>>> to the main option, and from there can insert the differences
>>> from the common option and the arch original coding of that option.
>>>
>>> For example, a few archs enable CRYPTO and CRYTPO_SHA256 for
>>> KEXEC_FILE. These require a ARCH_SUPPORTS_KEXEC_FILE and
>>> 'select CRYPTO' and 'select CRYPTO_SHA256' statements.
>>
>> Naming nit: "HAS" and "SUPPORTS" feel very similar, and looking at
>> existing configs, "ARCH_SUPPORTS_..." is already used for doing this
>> kind of bare "bool" management. e.g. see ARCH_SUPPORTS_INT128
>>
>> It looks like you need to split "depends" and "select" so the options
>> can be chosen separately from the "selectable" configs.
>>
>> How about naming this ARCH_SELECTS_<option>, since that's what it's
>> there for?
>>
> I'm OK with this. Let's see if others agree?
Yeah please rename one or both of them. At a glance the difference
between HAS and SUPPORTS is very non-obvious.
I like Kees' suggestion to use ARCH_SUPPORTS and ARCH_SELECTS.
cheers
Eric DeVolder <[email protected]> writes:
> The kexec and crash kernel options are provided in the common
> kernel/Kconfig.kexec. Utilize the common options and provide
> the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
> equivalent set of KEXEC and CRASH options.
>
> Signed-off-by: Eric DeVolder <[email protected]>
> Reviewed-by: Sourabh Jain <[email protected]>
> ---
> arch/powerpc/Kconfig | 55 ++++++++++++++------------------------------
> 1 file changed, 17 insertions(+), 38 deletions(-)
>
> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> index bff5820b7cda..36f2fe0cc8a5 100644
> --- a/arch/powerpc/Kconfig
> +++ b/arch/powerpc/Kconfig
> @@ -588,41 +588,21 @@ config PPC64_SUPPORTS_MEMORY_FAILURE
> default "y" if PPC_POWERNV
> select ARCH_SUPPORTS_MEMORY_FAILURE
>
> -config KEXEC
> - bool "kexec system call"
> - depends on PPC_BOOK3S || PPC_E500 || (44x && !SMP)
> - select KEXEC_CORE
> - help
> - kexec is a system call that implements the ability to shutdown your
> - current kernel, and to start another kernel. It is like a reboot
> - but it is independent of the system firmware. And like a reboot
> - you can start any kernel with it, not just Linux.
> -
> - The name comes from the similarity to the exec system call.
> -
> - It is an ongoing process to be certain the hardware in a machine
> - is properly shutdown, so do not be surprised if this code does not
> - initially work for you. As of this writing the exact hardware
> - interface is strongly in flux, so no good recommendation can be
> - made.
> -
> -config KEXEC_FILE
> - bool "kexec file based system call"
> - select KEXEC_CORE
> - select HAVE_IMA_KEXEC if IMA
> - select KEXEC_ELF
> - depends on PPC64
> - depends on CRYPTO=y
> - depends on CRYPTO_SHA256=y
...
> +
> +config ARCH_HAS_KEXEC_FILE
> + def_bool PPC64 && CRYPTO && CRYPTO_SHA256
The =y's got lost here.
I think they were both meaningful, because both options are tristate. So
this previously required them to be built-in (=y), whereas after your
patch it will allow them to be modules.
I don't know for sure that those options need to be built-in, but that's
what the code does now, so this patch shouldn't change it, at least
without an explanation.
cheers
On 6/14/23 22:26, Michael Ellerman wrote:
> Eric DeVolder <[email protected]> writes:
>> On 6/13/23 15:21, Kees Cook wrote:
>>> On Mon, Jun 12, 2023 at 01:27:52PM -0400, Eric DeVolder wrote:
>>>> The Kconfig is refactored to consolidate KEXEC and CRASH options from
>>>> various arch/<arch>/Kconfig files into new file kernel/Kconfig.kexec.
>>>
>>> This looks very nice!
>>>
>> Thank you Kees!
>>
>>>> [...]
>>>> - The boolean ARCH_HAS_<option> in effect allows the arch to determine
>>>> when the feature is allowed. Archs which don't have the feature
>>>> simply do not provide the corresponding ARCH_HAS_<option>.
>>>> For each arch, where there previously were KEXEC and/or CRASH
>>>> options, these have been replaced with the corresponding boolean
>>>> ARCH_HAS_<option>, and an appropriate def_bool statement.
>>>>
>>>> For example, if the arch supports KEXEC_FILE, then the
>>>> ARCH_HAS_KEXEC_FILE simply has a 'def_bool y'. This permits the
>>>> KEXEC_FILE option to be available.
>>>>
>>>> If the arch has a 'depends on' statement in its original coding
>>>> of the option, then that expression becomes part of the def_bool
>>>> expression. For example, arm64 had:
>>>>
>>>> config KEXEC
>>>> depends on PM_SLEEP_SMP
>>>>
>>>> and in this solution, this converts to:
>>>>
>>>> config ARCH_HAS_KEXEC
>>>> def_bool PM_SLEEP_SMP
>>>>
>>>>
>>>> - In order to account for the differences in the config coding for
>>>> the three common options, the ARCH_SUPPORTS_<option> is used.
>>>> This options has a 'depends on <option>' statement to couple it
>>>> to the main option, and from there can insert the differences
>>>> from the common option and the arch original coding of that option.
>>>>
>>>> For example, a few archs enable CRYPTO and CRYTPO_SHA256 for
>>>> KEXEC_FILE. These require a ARCH_SUPPORTS_KEXEC_FILE and
>>>> 'select CRYPTO' and 'select CRYPTO_SHA256' statements.
>>>
>>> Naming nit: "HAS" and "SUPPORTS" feel very similar, and looking at
>>> existing configs, "ARCH_SUPPORTS_..." is already used for doing this
>>> kind of bare "bool" management. e.g. see ARCH_SUPPORTS_INT128
>>>
>>> It looks like you need to split "depends" and "select" so the options
>>> can be chosen separately from the "selectable" configs.
>>>
>>> How about naming this ARCH_SELECTS_<option>, since that's what it's
>>> there for?
>>>
>> I'm OK with this. Let's see if others agree?
>
> Yeah please rename one or both of them. At a glance the difference
> between HAS and SUPPORTS is very non-obvious.
>
> I like Kees' suggestion to use ARCH_SUPPORTS and ARCH_SELECTS.
>
> cheers
Michael, ok thanks!
eric
On 6/14/23 22:34, Michael Ellerman wrote:
> Eric DeVolder <[email protected]> writes:
>
>> The kexec and crash kernel options are provided in the common
>> kernel/Kconfig.kexec. Utilize the common options and provide
>> the ARCH_HAS_ and ARCH_SUPPORTS_ entries to recreate the
>> equivalent set of KEXEC and CRASH options.
>>
>> Signed-off-by: Eric DeVolder <[email protected]>
>> Reviewed-by: Sourabh Jain <[email protected]>
>> ---
>> arch/powerpc/Kconfig | 55 ++++++++++++++------------------------------
>> 1 file changed, 17 insertions(+), 38 deletions(-)
>>
>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
>> index bff5820b7cda..36f2fe0cc8a5 100644
>> --- a/arch/powerpc/Kconfig
>> +++ b/arch/powerpc/Kconfig
>> @@ -588,41 +588,21 @@ config PPC64_SUPPORTS_MEMORY_FAILURE
>> default "y" if PPC_POWERNV
>> select ARCH_SUPPORTS_MEMORY_FAILURE
>>
>> -config KEXEC
>> - bool "kexec system call"
>> - depends on PPC_BOOK3S || PPC_E500 || (44x && !SMP)
>> - select KEXEC_CORE
>> - help
>> - kexec is a system call that implements the ability to shutdown your
>> - current kernel, and to start another kernel. It is like a reboot
>> - but it is independent of the system firmware. And like a reboot
>> - you can start any kernel with it, not just Linux.
>> -
>> - The name comes from the similarity to the exec system call.
>> -
>> - It is an ongoing process to be certain the hardware in a machine
>> - is properly shutdown, so do not be surprised if this code does not
>> - initially work for you. As of this writing the exact hardware
>> - interface is strongly in flux, so no good recommendation can be
>> - made.
>> -
>> -config KEXEC_FILE
>> - bool "kexec file based system call"
>> - select KEXEC_CORE
>> - select HAVE_IMA_KEXEC if IMA
>> - select KEXEC_ELF
>> - depends on PPC64
>> - depends on CRYPTO=y
>> - depends on CRYPTO_SHA256=y
> ...
>> +
>> +config ARCH_HAS_KEXEC_FILE
>> + def_bool PPC64 && CRYPTO && CRYPTO_SHA256
>
> The =y's got lost here.
>
> I think they were both meaningful, because both options are tristate. So
> this previously required them to be built-in (=y), whereas after your
> patch it will allow them to be modules.
>
> I don't know for sure that those options need to be built-in, but that's
> what the code does now, so this patch shouldn't change it, at least
> without an explanation.
>
> cheers
Thanks Michael, I've applied =y's. Good catch!
eric
On Thu, Jun 15, 2023 at 01:34:25PM +1000, Michael Ellerman wrote:
> Eric DeVolder <[email protected]> writes:
> > -config KEXEC_FILE
> > - bool "kexec file based system call"
> > - select KEXEC_CORE
> > - select HAVE_IMA_KEXEC if IMA
> > - select KEXEC_ELF
> > - depends on PPC64
> > - depends on CRYPTO=y
> > - depends on CRYPTO_SHA256=y
> ...
> > +
> > +config ARCH_HAS_KEXEC_FILE
> > + def_bool PPC64 && CRYPTO && CRYPTO_SHA256
>
> The =y's got lost here.
>
> I think they were both meaningful, because both options are tristate. So
> this previously required them to be built-in (=y), whereas after your
> patch it will allow them to be modules.
>
> I don't know for sure that those options need to be built-in, but that's
> what the code does now, so this patch shouldn't change it, at least
> without an explanation.
This patch shouldn't change it at all, period. If you want to change it
(and that sounds like a good idea, if it is possible anyway), that
should be a separate patch.
Segher