Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp10095105rwb; Fri, 25 Nov 2022 00:36:19 -0800 (PST) X-Google-Smtp-Source: AA0mqf6CBw2yyN867ijJWt5ZfaNZdCyrN/l5NYDSVAXW2oscNAlpKnr2LaenkuTEd9xUjILR3lCh X-Received: by 2002:a62:648a:0:b0:572:76dd:3756 with SMTP id y132-20020a62648a000000b0057276dd3756mr18146351pfb.9.1669365379605; Fri, 25 Nov 2022 00:36:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669365379; cv=none; d=google.com; s=arc-20160816; b=t+o5AB+f6JniDf504mXspNrtNEwfvFbfK9m/k1mmLTzacjgffdJE85mq3akvgFUguJ s/+11hPcFrlfW3R1zg8/8z49qkJAaeuYceOcmJxkGbbk/rXSY+g0eZ4hBmEYFHdP3YQe ZBbcvsHEXZoJ74N4pOydMDzgkf1VoL9I1gdYtDRhhCbao8/5KV2q5QQynjBWKTNmoY2T 1CS9HxeHKuB1FkXFIKw9E2TT8EIUhokmuPDx/S8s+vMKpcAPZLimJIePyNrkGlmZz6lf sOB+mM9FHO4r6m6o9RprID8V4oL1hNqetcypeTLQAnNtPSKk52iduO5W9w3eQjBNzBpg bQpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=1aJL8yY2AvWtZ/kybolPnYAS/Vk3EAt7eDYyCnF3Z9c=; b=paYtDGJuDAROizxC4xyFtUWwAY/xCuBxqqZOPqPB2Kp1V8QjCywnJksNzkPH4oGjLB cICPfALh7ozlbzpvb5gGzJUm4Pze31QjtVCcem7agLU8nic+MN5ZF//BYb/Qqfj3Iq4A djD3EEc6V1h7Ptbi4PtKaIdkkhhO3MMa54tZkkZkicRj5x0tj+nGCa3PBs0vs/gknkDK CmSobMmWXBj1vKmqdlhz2aCNz3Kk5LQOT6jURh3UrvTnrsO2vsfkFUleKBcwhsdMBlhc KOf0tSVrBuU3/ID5nxAxS2tSSe5NuNBbbcn3TF3dy1YGd5gyzZOA/MQ93WMjVTNd1XV+ 1ogA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=crOjfeCh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 125-20020a630283000000b00477b7f8d5a4si2912941pgc.620.2022.11.25.00.36.07; Fri, 25 Nov 2022 00:36:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=crOjfeCh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229724AbiKYHqE (ORCPT + 87 others); Fri, 25 Nov 2022 02:46:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35968 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229569AbiKYHqB (ORCPT ); Fri, 25 Nov 2022 02:46:01 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A470D2ED4E for ; Thu, 24 Nov 2022 23:45:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1669362304; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=1aJL8yY2AvWtZ/kybolPnYAS/Vk3EAt7eDYyCnF3Z9c=; b=crOjfeChTxp5nHmL/TcRt6Jet2Kdf1u+ujg9v4DcwrhUPzSM3J+ukn0fGbuJLBwkEdK2Fn maKZL392apAN7zzGxhS+fE9n9h2Skp9jbLAfy2R7fd7Sm4no64OoQED6oGDboCUfHO9gB5 jH0rMCn652cz8izMQ5y7joUN2aA5+Oc= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-518-OQo6rHxFM5W_JOoxCdjI4A-1; Fri, 25 Nov 2022 02:45:01 -0500 X-MC-Unique: OQo6rHxFM5W_JOoxCdjI4A-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id ED3E03C0CD48; Fri, 25 Nov 2022 07:45:00 +0000 (UTC) Received: from localhost (ovpn-12-208.pek2.redhat.com [10.72.12.208]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C8C58492B1F; Fri, 25 Nov 2022 07:44:59 +0000 (UTC) Date: Fri, 25 Nov 2022 15:44:55 +0800 From: Baoquan He To: Ricardo Ribalda Cc: Eric Biederman , Philipp Rudo , Sergey Senozhatsky , Ross Zwisler , kexec@lists.infradead.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] kexec: Enable runtime allocation of crash_image Message-ID: References: <20221124-kexec-noalloc-v1-0-d78361e99aec@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/25/22 at 08:26am, Ricardo Ribalda wrote: > Hi Baoquan > > On Fri, 25 Nov 2022 at 08:15, Baoquan He wrote: > > > > On 11/25/22 at 06:52am, Ricardo Ribalda wrote: > > > Hi Baoquan > > > > > > Thanks for your review! > > > > > > On Fri, 25 Nov 2022 at 03:58, Baoquan He wrote: > > > > > > > > On 11/24/22 at 11:23pm, Ricardo Ribalda wrote: > > > > > Usually crash_image is defined statically via the crashkernel parameter > > > > > or DT. > > > > > > > > > > But if the crash kernel is not used, or is smaller than then > > > > > area pre-allocated that memory is wasted. > > > > > > > > > > Also, if the crash kernel was not defined at bootime, there is no way to > > > > > use the crash kernel. > > > > > > > > > > Enable runtime allocation of the crash_image if the crash_image is not > > > > > defined statically. Following the same memory allocation/validation path > > > > > that for the reboot kexec kernel. > > > > > > > > We don't check if the crashkernel memory region is valid in kernel, but > > > > we do have done the check in kexec-tools utility. Since both kexec_load and > > > > kexec_file_load need go through path of kexec-tools loading, we haven't > > > > got problem with lack of the checking in kernel. > > > > > > Not sure if I follow you. > > > > > > We currently check if the crash kernel is in the right place at > > > sanity_check_segment_list() > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/kexec_core.c#n239 > > > > Please check below code in kexec-tools utility, currently we have to use > > kexec -p to enter into kexec_load or kexec_file_load system call. Before > > entering system call, we have below code: > > So your concern is that the current kexec-tools does not let you pass > a crashkernel unless there is memory reserved for it? No, my concern is why we have to do the check in kernel if we have done that in kexec-tools utility. You didn't say your kexec-lite need this until now. I think it's fine to add the check in kernel if you prefer to do the check in kernel, but not in kexec-lite. The motivation or reason you want to make the change is very important. > > Once the changes land in the kernel I can make a patch for that. I am > currently using this to test the code: > > https://chromium-review.googlesource.com/c/chromiumos/platform2/+/3953579/4/kexec-lite/kexec-lite.c > > > > > https://kernel.googlesource.com/pub/scm/utils/kernel/kexec/kexec-tools.git/+/refs/heads/master/kexec/kexec.c > > > > int main(int argc, char *argv[]) > > { > > ...... > > if (do_load && > > ((kexec_flags & KEXEC_ON_CRASH) || > > (kexec_file_flags & KEXEC_FILE_ON_CRASH)) && > > !is_crashkernel_mem_reserved()) { > > die("Memory for crashkernel is not reserved\n" > > "Please reserve memory by passing" > > "\"crashkernel=Y@X\" parameter to kernel\n" > > "Then try to loading kdump kernel\n"); > > } > > > > ...... > > } > > > > > > > > > > > > > > > > However, even though we want to do the check, doing like below is much > > > > easier and more reasonable. > > > > > > > > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c > > > > index 45637511e0de..4d1339bd2ccf 100644 > > > > --- a/kernel/kexec_file.c > > > > +++ b/kernel/kexec_file.c > > > > @@ -344,6 +344,8 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, > > > > > > > > dest_image = &kexec_image; > > > > if (flags & KEXEC_FILE_ON_CRASH) { > > > > + if (!crash_memory_valid()) > > > > + return -EINVAL; > > > > dest_image = &kexec_crash_image; > > > > if (kexec_crash_image) > > > > arch_kexec_unprotect_crashkres(); > > > > > > > > So, I am wondering if there is an issue encountered if we don't do the > > > > check in kernel. > > > > > > > > Thanks > > > > Baoquan > > > > > > > > > > > > > > --- > > > > > > > > > > To: Eric Biederman > > > > > Cc: kexec@lists.infradead.org > > > > > Cc: linux-kernel@vger.kernel.org > > > > > Cc: Sergey Senozhatsky > > > > > Cc: linux-kernel@vger.kernel.org > > > > > Cc: Ross Zwisler > > > > > Cc: Philipp Rudo > > > > > Cc: Baoquan He > > > > > --- > > > > > include/linux/kexec.h | 1 + > > > > > kernel/kexec.c | 9 +++++---- > > > > > kernel/kexec_core.c | 5 +++++ > > > > > kernel/kexec_file.c | 7 ++++--- > > > > > 4 files changed, 15 insertions(+), 7 deletions(-) > > > > > > > > > > diff --git a/include/linux/kexec.h b/include/linux/kexec.h > > > > > index 41a686996aaa..98ca9a32bc8e 100644 > > > > > --- a/include/linux/kexec.h > > > > > +++ b/include/linux/kexec.h > > > > > @@ -427,6 +427,7 @@ extern int kexec_load_disabled; > > > > > extern bool kexec_in_progress; > > > > > > > > > > int crash_shrink_memory(unsigned long new_size); > > > > > +bool __crash_memory_valid(void); > > > > > ssize_t crash_get_memory_size(void); > > > > > > > > > > #ifndef arch_kexec_protect_crashkres > > > > > diff --git a/kernel/kexec.c b/kernel/kexec.c > > > > > index cb8e6e6f983c..b5c17db25e88 100644 > > > > > --- a/kernel/kexec.c > > > > > +++ b/kernel/kexec.c > > > > > @@ -28,7 +28,7 @@ static int kimage_alloc_init(struct kimage **rimage, unsigned long entry, > > > > > struct kimage *image; > > > > > bool kexec_on_panic = flags & KEXEC_ON_CRASH; > > > > > > > > > > - if (kexec_on_panic) { > > > > > + if (kexec_on_panic && __crash_memory_valid()) { > > > > > /* Verify we have a valid entry point */ > > > > > if ((entry < phys_to_boot_phys(crashk_res.start)) || > > > > > (entry > phys_to_boot_phys(crashk_res.end))) > > > > > @@ -44,7 +44,7 @@ static int kimage_alloc_init(struct kimage **rimage, unsigned long entry, > > > > > image->nr_segments = nr_segments; > > > > > memcpy(image->segment, segments, nr_segments * sizeof(*segments)); > > > > > > > > > > - if (kexec_on_panic) { > > > > > + if (kexec_on_panic && __crash_memory_valid()) { > > > > > /* Enable special crash kernel control page alloc policy. */ > > > > > image->control_page = crashk_res.start; > > > > > image->type = KEXEC_TYPE_CRASH; > > > > > @@ -101,7 +101,7 @@ static int do_kexec_load(unsigned long entry, unsigned long nr_segments, > > > > > > > > > > if (flags & KEXEC_ON_CRASH) { > > > > > dest_image = &kexec_crash_image; > > > > > - if (kexec_crash_image) > > > > > + if (kexec_crash_image && __crash_memory_valid()) > > > > > arch_kexec_unprotect_crashkres(); > > > > > } else { > > > > > dest_image = &kexec_image; > > > > > @@ -157,7 +157,8 @@ static int do_kexec_load(unsigned long entry, unsigned long nr_segments, > > > > > image = xchg(dest_image, image); > > > > > > > > > > out: > > > > > - if ((flags & KEXEC_ON_CRASH) && kexec_crash_image) > > > > > + if ((flags & KEXEC_ON_CRASH) && kexec_crash_image && > > > > > + __crash_memory_valid()) > > > > > arch_kexec_protect_crashkres(); > > > > > > > > > > kimage_free(image); > > > > > diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c > > > > > index ca2743f9c634..77083c9760fb 100644 > > > > > --- a/kernel/kexec_core.c > > > > > +++ b/kernel/kexec_core.c > > > > > @@ -1004,6 +1004,11 @@ void crash_kexec(struct pt_regs *regs) > > > > > } > > > > > } > > > > > > > > > > +bool __crash_memory_valid(void) > > > > > +{ > > > > > + return crashk_res.end != crashk_res.start; > > > > > +} > > > > > + > > > > > ssize_t crash_get_memory_size(void) > > > > > { > > > > > ssize_t size = 0; > > > > > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c > > > > > index 45637511e0de..0671f4f370ff 100644 > > > > > --- a/kernel/kexec_file.c > > > > > +++ b/kernel/kexec_file.c > > > > > @@ -280,7 +280,7 @@ kimage_file_alloc_init(struct kimage **rimage, int kernel_fd, > > > > > > > > > > image->file_mode = 1; > > > > > > > > > > - if (kexec_on_panic) { > > > > > + if (kexec_on_panic && __crash_memory_valid()) { > > > > > /* Enable special crash kernel control page alloc policy. */ > > > > > image->control_page = crashk_res.start; > > > > > image->type = KEXEC_TYPE_CRASH; > > > > > @@ -345,7 +345,7 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, > > > > > dest_image = &kexec_image; > > > > > if (flags & KEXEC_FILE_ON_CRASH) { > > > > > dest_image = &kexec_crash_image; > > > > > - if (kexec_crash_image) > > > > > + if (kexec_crash_image && __crash_memory_valid()) > > > > > arch_kexec_unprotect_crashkres(); > > > > > } > > > > > > > > > > @@ -408,7 +408,8 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, > > > > > exchange: > > > > > image = xchg(dest_image, image); > > > > > out: > > > > > - if ((flags & KEXEC_FILE_ON_CRASH) && kexec_crash_image) > > > > > + if ((flags & KEXEC_FILE_ON_CRASH) && kexec_crash_image && > > > > > + __crash_memory_valid()) > > > > > arch_kexec_protect_crashkres(); > > > > > > > > > > kexec_unlock(); > > > > > > > > > > --- > > > > > base-commit: 4312098baf37ee17a8350725e6e0d0e8590252d4 > > > > > change-id: 20221124-kexec-noalloc-3cab3cbe000f > > > > > > > > > > Best regards, > > > > > -- > > > > > Ricardo Ribalda > > > > > > > > > > > > > > > > > > -- > > > Ricardo Ribalda > > > > > > > > -- > Ricardo Ribalda >