Received: by 10.223.185.116 with SMTP id b49csp8283528wrg; Thu, 1 Mar 2018 22:00:11 -0800 (PST) X-Google-Smtp-Source: AG47ELv2WlcbheWSSCZDBXlaUpqLRM+86W1X1jHa5ExrCYpLzgQxlZwPmUeHvw+UxNMxcT6Ziqvj X-Received: by 2002:a17:902:bc41:: with SMTP id t1-v6mr4326261plz.436.1519970411860; Thu, 01 Mar 2018 22:00:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519970411; cv=none; d=google.com; s=arc-20160816; b=0pdhh2iQbZRd182AyKwQHeXzIiN4F3pFgOVscSqxp81o5XNf0jdMqWDN1jK5BCuqlK 8l7ZT6dT4SrAKfPYmD11N5HX5RBZ9fmEMqXWFClkPhCndSz/CrUBeROnLaaTrnaElnbL WvsMkhI18XQn/zeiyNeT+sZogwYLSui8jyNBdUxf22uJakI+ofHfDpGS7QfIXvTIIHtm ykOMKXQcpUaUC0tvVQi4b5a+ge2u/P6wnkGJfTaMCE51TOPXpVAkQRTXM/Xk3MKzlnUd wAe6X3q8YAbJNmMkZd4QA+dVMv8u8wPEAbTczZHGJO4jPbRL/N2LPZsGto12blrWCAyl beBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=KeN/N8wofCmfnr8U+gjdCewO1doBOPgNruvHykuuVLw=; b=kUDhCKWxMXrZJRo5y40RhfyxBtBBDsAdAgx4If9Xjy7UgcFX+mL3Ukeu2L8YI8+jVC w2OFI7OkjiPfSIvOD+6EnKotv4czjNb+PqP6IpIgSJh1lRUyD17+JCw4i3ZT9QizzdbI 3p+R60UIYw/zLRuWcRjz4rQ3YBTBOCgSh0Uu6/XEn+mG4JgfMGGWB9w/T2yYoWp30RXs sYe78ErgWj2f0DzHi+WNy6w3D02sK9USY8jNDxWcVy0oPDvnKevSOkgwy63/uQL8gS2O iYvnFZyZv0ZRayWflIcDfvIJ+7MBzwkY87EPTiEmEkzMsh4E6SwDdZ0nDMnry0DezlfN O9VQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z66si4304582pfk.135.2018.03.01.21.59.55; Thu, 01 Mar 2018 22:00:11 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935865AbeCBF7M (ORCPT + 99 others); Fri, 2 Mar 2018 00:59:12 -0500 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:56256 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932309AbeCBF7J (ORCPT ); Fri, 2 Mar 2018 00:59:09 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 41930404084B; Fri, 2 Mar 2018 05:59:09 +0000 (UTC) Received: from dhcp-128-65.nay.redhat.com (ovpn-12-90.pek2.redhat.com [10.72.12.90]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 92FB410EE979; Fri, 2 Mar 2018 05:59:03 +0000 (UTC) Date: Fri, 2 Mar 2018 13:58:59 +0800 From: Dave Young To: AKASHI Takahiro Cc: vgoyal@redhat.com, bhe@redhat.com, mpe@ellerman.id.au, bauerman@linux.vnet.ibm.com, prudo@linux.vnet.ibm.com, kexec@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org Subject: Re: [PATCH 1/7] kexec_file: make an use of purgatory optional Message-ID: <20180302055859.GB15422@dhcp-128-65.nay.redhat.com> References: <20180227044814.24808-1-takahiro.akashi@linaro.org> <20180227044814.24808-2-takahiro.akashi@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180227044814.24808-2-takahiro.akashi@linaro.org> User-Agent: Mutt/1.9.1 (2017-09-22) X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Fri, 02 Mar 2018 05:59:09 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Fri, 02 Mar 2018 05:59:09 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'dyoung@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 02/27/18 at 01:48pm, AKASHI Takahiro wrote: > On arm64, crash dump kernel's usable memory is protected by > *unmapping* it from kernel virtual space unlike other architectures > where the region is just made read-only. It is highly unlikely that > the region is accidentally corrupted and this observation rationalizes > that digest check code can also be dropped from purgatory. > The resulting code is so simple as it doesn't require a bit ugly > re-linking/relocation stuff, i.e. arch_kexec_apply_relocations_add(). > > Please see: > http://lists.infradead.org/pipermail/linux-arm-kernel/2017-December/545428.html > All that the purgatory does is to shuffle arguments and jump into a new > kernel, while we still need to have some space for a hash value > (purgatory_sha256_digest) which is never checked against. > > As such, it doesn't make sense to have trampline code between old kernel > and new kernel on arm64. > > This patch introduces a new configuration, ARCH_HAS_KEXEC_PURGATORY, and > allows related code to be compiled in only if necessary. > > Signed-off-by: AKASHI Takahiro > Cc: Dave Young > Cc: Vivek Goyal > Cc: Baoquan He > --- > arch/powerpc/Kconfig | 3 +++ > arch/x86/Kconfig | 3 +++ > kernel/kexec_file.c | 6 ++++++ > 3 files changed, 12 insertions(+) > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > index 73ce5dd07642..c32a181a7cbb 100644 > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -552,6 +552,9 @@ config KEXEC_FILE > for kernel and initramfs as opposed to a list of segments as is the > case for the older kexec call. > > +config ARCH_HAS_KEXEC_PURGATORY > + def_bool KEXEC_FILE > + > config RELOCATABLE > bool "Build a relocatable kernel" > depends on PPC64 || (FLATMEM && (44x || FSL_BOOKE)) > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index c1236b187824..f031c3efe47e 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -2019,6 +2019,9 @@ config KEXEC_FILE > for kernel and initramfs as opposed to list of segments as > accepted by previous system call. > > +config ARCH_HAS_KEXEC_PURGATORY > + def_bool KEXEC_FILE > + > config KEXEC_VERIFY_SIG > bool "Verify kernel signature during kexec_file_load() syscall" > depends on KEXEC_FILE > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c > index e5bcd94c1efb..990adae52151 100644 > --- a/kernel/kexec_file.c > +++ b/kernel/kexec_file.c > @@ -26,7 +26,11 @@ > #include > #include "kexec_internal.h" > > +#ifdef CONFIG_ARCH_HAS_KEXEC_PURGATORY > static int kexec_calculate_store_digests(struct kimage *image); > +#else > +static int kexec_calculate_store_digests(struct kimage *image) { return 0; }; > +#endif > > /* Architectures can provide this probe function */ > int __weak arch_kexec_kernel_image_probe(struct kimage *image, void *buf, > @@ -520,6 +524,7 @@ int kexec_add_buffer(struct kexec_buf *kbuf) > return 0; > } > > +#ifdef CONFIG_ARCH_HAS_KEXEC_PURGATORY > /* Calculate and store the digest of segments */ > static int kexec_calculate_store_digests(struct kimage *image) > { > @@ -1022,3 +1027,4 @@ int kexec_purgatory_get_set_symbol(struct kimage *image, const char *name, > > return 0; > } > +#endif /* CONFIG_ARCH_HAS_KEXEC_PURGATORY */ > -- > 2.16.2 > For this one, I think purgatory digest verification is still good to have, but I do not insist since this is arch specific. If nobody else objects then I think I can ack the series after some testing passed. Thanks Dave