Received: by 10.192.165.148 with SMTP id m20csp2768832imm; Mon, 7 May 2018 00:21:28 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrJeNskDt5d+08rqcRI7x5Xez/se31fv/U4UTjgBJcAU8tUGaXw+twWunDAE7Zr7fN3M45w X-Received: by 10.98.118.130 with SMTP id r124mr35521571pfc.80.1525677688176; Mon, 07 May 2018 00:21:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525677688; cv=none; d=google.com; s=arc-20160816; b=qAVmTtBS5mC/k4jSd8g10m31td/h/iVfdQuFILStN6AV4w/G3pv4D5Kiwc/tAr35sQ FZjlVOpKZbPRBxK5852UNDMmvtbC8kwttTvlDfrMe7VBZXPFIvEGMQgbibS8ftPb7bVc eaigmIqs/EGEJNKxi0mdSldzJeJ9F7jIBJjIVD8LcyPAlT2pY+spN0muCKzGVW1MJoQu x/fTS5Ymfkbls9TGRrq+808N9GdEY68PA94aG+oLp471GJPqWc+PdWqcCrWIbh9pRXg3 3iV7GtHXMYGtouXCCFD6RkNUBzmtQ5Qv03b+SmC2j5F9KfLU1SjAfSyRRIeaG3dpBh8w 8gWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=YM2e1z2sBQymB/EFLALPPorIT74M4pHBIPXKtRn7qpc=; b=bCY/2ccYog8wALMHff9StH3i26babackSGBERO7anpJRQYAAoH8vdVPChH5YBo+F4V bACj334b87ch69nnqZETbt9WDADS34e5fJNGrqUFogDCPejHCNX5WN6BFbjOJml5K/yf xGDRlC47F/5DzKaaO6Xo2K5pOwh/rqr0lYMS1yb8XdtOh97KtDvaCgcchvM+e4ip8/EW t6Rr6wfdOAJWcnqI2tECnmYHfxC/XNSUWL507HMESRZUV9BaC+RWTYUc7TGeoYJ0JHnV yFoKS6t/EWcz1XcjgVR7OKBxvBrJ2G90efQAPVd/q+XasTCkbAbsZEP4GmRCxCF5gg64 +V+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SlwhrbzB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u128-v6si17373977pgc.247.2018.05.07.00.21.13; Mon, 07 May 2018 00:21:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SlwhrbzB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751962AbeEGHU5 (ORCPT + 99 others); Mon, 7 May 2018 03:20:57 -0400 Received: from mail-io0-f194.google.com ([209.85.223.194]:37705 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750964AbeEGHUz (ORCPT ); Mon, 7 May 2018 03:20:55 -0400 Received: by mail-io0-f194.google.com with SMTP id e20-v6so32503303iof.4 for ; Mon, 07 May 2018 00:20:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=YM2e1z2sBQymB/EFLALPPorIT74M4pHBIPXKtRn7qpc=; b=SlwhrbzBM0yKumP8M/Pkuwjb/gDFA0AcsoOgrRZxcAmc5zlcV3QkE7wnlo4icDn1ak jY2rZwFLGQT5I8m7YUkhP6Sx2oNazm3VCnEiWKFFr17EXh2ZCjUFSO06w/zgW8s+VApU U00peUYCst1kbdLrkQ1UMUpSI05F2NY2m3msw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=YM2e1z2sBQymB/EFLALPPorIT74M4pHBIPXKtRn7qpc=; b=YltPODpIcGbGcfjVKgVjNxPHaL7LtJeo6Aws2lEZACdE9vPPv2uwd3oU0RL93MGwxc iH5dt+5Qtlz0VH7pn1amSbhJfDkF0olNbThUmS4ckM7feslPeQOH8vq0qqW3AEeiKIXC Ube3wX3gDovJUL5DnQ1kOe0jlCv7In5KgYYvBjmysrHomrqiBA1UI7KrWEddG48uctpk g5owhIrE8N/McG7U0Q+Hqt5xGE56qquEAPK8JPXtfxhC5ed0Tc/ksVVZc0dYwcxA9yla ZPQD58C+5f9hKJ7eX/aaJ97oPkE2/EMf5F7hVn2Lt44Wk5lZ4kCxPXoSxf69vD4M9Ton n/tg== X-Gm-Message-State: ALQs6tDmT8mczu06/tLpmpa9t4Vl9mBYlmduksvXogyb4YkE2kA1bGZV g2qAwvIh465RALDhfRTM23Pdpg== X-Received: by 2002:a6b:3a1:: with SMTP id e33-v6mr40174694ioi.51.1525677654993; Mon, 07 May 2018 00:20:54 -0700 (PDT) Received: from linaro.org ([121.95.100.191]) by smtp.googlemail.com with ESMTPSA id m38-v6sm11550494ioi.30.2018.05.07.00.20.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 May 2018 00:20:54 -0700 (PDT) Date: Mon, 7 May 2018 16:21:41 +0900 From: AKASHI Takahiro To: James Morse Cc: catalin.marinas@arm.com, will.deacon@arm.com, dhowells@redhat.com, vgoyal@redhat.com, herbert@gondor.apana.org.au, davem@davemloft.net, dyoung@redhat.com, bhe@redhat.com, arnd@arndb.de, ard.biesheuvel@linaro.org, bhsharma@redhat.com, kexec@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v9 06/11] arm64: kexec_file: allow for loading Image-format kernel Message-ID: <20180507072139.GF11326@linaro.org> Mail-Followup-To: AKASHI Takahiro , James Morse , catalin.marinas@arm.com, will.deacon@arm.com, dhowells@redhat.com, vgoyal@redhat.com, herbert@gondor.apana.org.au, davem@davemloft.net, dyoung@redhat.com, bhe@redhat.com, arnd@arndb.de, ard.biesheuvel@linaro.org, bhsharma@redhat.com, kexec@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org References: <20180425062629.29404-1-takahiro.akashi@linaro.org> <20180425062629.29404-7-takahiro.akashi@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org James, On Tue, May 01, 2018 at 06:46:11PM +0100, James Morse wrote: > Hi Akashi, > > On 25/04/18 07:26, AKASHI Takahiro wrote: > > This patch provides kexec_file_ops for "Image"-format kernel. In this > > implementation, a binary is always loaded with a fixed offset identified > > in text_offset field of its header. > > > > diff --git a/arch/arm64/include/asm/kexec.h b/arch/arm64/include/asm/kexec.h > > index e4de1223715f..3cba4161818a 100644 > > --- a/arch/arm64/include/asm/kexec.h > > +++ b/arch/arm64/include/asm/kexec.h > > @@ -102,6 +102,56 @@ struct kimage_arch { > > void *dtb_buf; > > }; > > > > +/** > > + * struct arm64_image_header - arm64 kernel image header > > + * > > + * @pe_sig: Optional PE format 'MZ' signature > > + * @branch_code: Instruction to branch to stext > > + * @text_offset: Image load offset, little endian > > + * @image_size: Effective image size, little endian > > + * @flags: > > + * Bit 0: Kernel endianness. 0=little endian, 1=big endian > > Page size? What about 'phys_base'?, (whatever that is...) > Probably best to refer to Documentation/arm64/booting.txt here, its the > authoritative source of what these fields mean. While we don't care other bit fields for now, I will add the reference to the Documentation file. > > > + * @reserved: Reserved > > + * @magic: Magic number, "ARM\x64" > > + * @pe_header: Optional offset to a PE format header > > + **/ > > + > > +struct arm64_image_header { > > + u8 pe_sig[2]; > > + u8 pad[2]; > > + u32 branch_code; > > + u64 text_offset; > > + u64 image_size; > > + u64 flags; > > __le64 as appropriate here would let tools like sparse catch any missing endian > conversion bugs. OK. > > > + u64 reserved[3]; > > + u8 magic[4]; > > + u32 pe_header; > > +}; > > I'm surprised we don't have a definition for this already, I guess its always > done in asm. We have kernel/image.h that holds some of this stuff, if we are > going to validate the flags, is it worth adding the code there, (and moving it > to include/asm)? A comment at the beginning of this file says, #ifndef LINKER_SCRIPT #error This file should only be included in vmlinux.lds.S #endif Let me think about. > > > +static const u8 arm64_image_magic[4] = {'A', 'R', 'M', 0x64U}; > > Any chance this magic could be a pre-processor symbol shared with head.S? OK. > > > + > > +/** > > + * arm64_header_check_magic - Helper to check the arm64 image header. > > + * > > + * Returns non-zero if header is OK. > > + */ > > + > > +static inline int arm64_header_check_magic(const struct arm64_image_header *h) > > +{ > > + if (!h) > > + return 0; > > + > > + if (!h->text_offset) > > + return 0; > > + > > + return (h->magic[0] == arm64_image_magic[0] > > + && h->magic[1] == arm64_image_magic[1] > > + && h->magic[2] == arm64_image_magic[2] > > + && h->magic[3] == arm64_image_magic[3]); > > memcmp()? Or just define it as a 32bit value? OK. As you know, I always tried to keep the code not diverted from kexec-tools for maintainability reason. > I guess you skip the MZ prefix as its not present for !EFI? CONFIG_KEXEC_IMAGE_VERIFY_SIG depends on the fact that the file format is PE (that is, EFI is enabled). > Could we check branch_code is non-zero, and text-offset points within image-size? We could do it, but I don't think this check is very useful. > > We could check that this platform supports the page-size/endian config that this > Image was built with... We get a message from the EFI stub if the page-size > can't be supported, it would be nice to do the same here (as we can). There is no restriction on page-size or endianness for kexec. What will be the purpose of this check? > (no idea if kexec-tool checks this stuff, it probably can't get at the id > registers to know) > > > > diff --git a/arch/arm64/kernel/kexec_image.c b/arch/arm64/kernel/kexec_image.c > > new file mode 100644 > > index 000000000000..4dd524ad6611 > > --- /dev/null > > +++ b/arch/arm64/kernel/kexec_image.c > > @@ -0,0 +1,79 @@ > > > +static void *image_load(struct kimage *image, > > + char *kernel, unsigned long kernel_len, > > + char *initrd, unsigned long initrd_len, > > + char *cmdline, unsigned long cmdline_len) > > +{ > > + struct kexec_buf kbuf; > > + struct arm64_image_header *h = (struct arm64_image_header *)kernel; > > + unsigned long text_offset; > > + int ret; > > + > > + /* Load the kernel */ > > + kbuf.image = image; > > + kbuf.buf_min = 0; > > + kbuf.buf_max = ULONG_MAX; > > + kbuf.top_down = false; > > + > > + kbuf.buffer = kernel; > > + kbuf.bufsz = kernel_len; > > + kbuf.memsz = le64_to_cpu(h->image_size); > > + text_offset = le64_to_cpu(h->text_offset); > > + kbuf.buf_align = SZ_2M; > > > + /* Adjust kernel segment with TEXT_OFFSET */ > > + kbuf.memsz += text_offset; > > + > > + ret = kexec_add_buffer(&kbuf); > > + if (ret) > > + goto out; > > + > > + image->arch.kern_segment = image->nr_segments - 1; > > You only seem to use kern_segment here, and in load_other_segments() called > below. Could it not be a local variable passed in? Instead of arch-specific data > we keep forever? No, kern_segment is also used in load_other_segments() in machine_kexec_file.c. To optimize memory hole allocation logic in locate_mem_hole_callback(), we need to know the exact range of kernel image (start and end). (Known drawback in this code is that Image only occupies one segment, but once vmlinux might be supported, it would occupy two segments for text and data.) > > > + image->segment[image->arch.kern_segment].mem += text_offset; > > + image->segment[image->arch.kern_segment].memsz -= text_offset; > > + image->start = image->segment[image->arch.kern_segment].mem; > > + > > + pr_debug("Loaded kernel at 0x%lx bufsz=0x%lx memsz=0x%lx\n", > > + image->segment[image->arch.kern_segment].mem, > > + kbuf.bufsz, kbuf.memsz); > > + > > + /* Load additional data */ > > + ret = load_other_segments(image, initrd, initrd_len, > > + cmdline, cmdline_len); > > + > > +out: > > + return ERR_PTR(ret); > > +} > Looks good, Thank you for thorough review. -Takahiro AKASHI > Thanks, > > James