Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp8841126rwd; Tue, 20 Jun 2023 22:44:43 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6NqGNf1VPSjwAf/gphIUIVI0jq0ZQ/V3ZH8YUtT6RbaK12SRsZw4ZWGpwxMdlGOt5p8hWU X-Received: by 2002:a05:6214:238f:b0:626:3afa:e196 with SMTP id fw15-20020a056214238f00b006263afae196mr16068447qvb.3.1687326283500; Tue, 20 Jun 2023 22:44:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1687326283; cv=none; d=google.com; s=arc-20160816; b=VnKTqD+mfuuiufapSFF5PNcswyyqEXULfYn0euVHBEydM4j4EY0qumZ15OcrERU8kN nrB4VrnPpi6D6qVvKWzaVFnxCChhHaHXU+asXnWvPo+tLvpJbUyvLko9veV+WyYKAFMp 9D0Irx5rE/I2BUBe9ETaqw/7ngy7lH+idhwV5kjaQXinPZCcfTKeyzZRDGxAd3rVEREO qgSDKOLnUSgliJ1U8H+I8Cg/Rzy3vffhLk0H98+xxlrhlv+xMyPaXtQR6N9r4aBRapCD JKmfa0O6Q63UG/w5Keh5KfPyuAt0Rm94nyxflKyjBKjkys/Ch8i6abS8xQAAeKskJY8Z /Ivg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:in-reply-to:content-disposition :references:message-id:subject:cc:to:from:date:dkim-signature; bh=kKqaLyNJce361zibCoiA0gBnI6xOEyoycLhuJOf/Gs0=; b=VxJGZXz4rF6R10gSJ4IirJyfHQCrViyyYXkdrm8lokuFl9SRZiMTCsq6qQkpq08B0L g5FC8V0RsPxjOnWbsb9iG3YUZhkVQ5to6WZ1b7pipOQbBWC8GO9RXA5lsjK6oCQXNOwZ TL9ylek6AbkEy5QFXY1/yYw50PhFc5d8NNMinafA/NEUPTNwhN2jB2cMu9cMyAWDY9sg CtpT0lTXPac8ZIL0ildUfcmGP4FXiw4tYFlbyqpQePBsJV5Mw97u9ILKBHjyy2YiyrZy hO6PgibUs2/0GRiAbOqML8fpb5CYK5HfHBBul/eYWx1n0FjBka3iON2TAkLX7zcaAWlg 7pAw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="QN/q8bhM"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e23-20020a63db17000000b0053f0d8ac4b0si3143467pgg.825.2023.06.20.22.44.28; Tue, 20 Jun 2023 22:44:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="QN/q8bhM"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230096AbjFUFCh (ORCPT + 99 others); Wed, 21 Jun 2023 01:02:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35956 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229521AbjFUFCf (ORCPT ); Wed, 21 Jun 2023 01:02:35 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E740010DA; Tue, 20 Jun 2023 22:02:33 -0700 (PDT) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 35L4eTwW029028; Wed, 21 Jun 2023 05:00:43 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=date : from : to : cc : subject : message-id : references : content-type : in-reply-to : mime-version; s=pp1; bh=kKqaLyNJce361zibCoiA0gBnI6xOEyoycLhuJOf/Gs0=; b=QN/q8bhMangxR7YTXy17HLyVi6/G1O7RNdNZBb/bGnXShwTIrm3uq7g7V0v/E0gGS6oC ipI27Nxw7pzEr3aNT2HsXYuzE6icYzB1rc+7R55wU63rcAOKuhXA7cN+ly8V2XEOMBue sJaQ29GB8j/TuOdaXepdQte42inmADlTGFtXg6+GhUY3KPRIndINHhrQNTUWfbBbJRvP QYtfDqVgSlHEWMjV33/fRx8HSJ0eLM+wj75ExrcizEX21KJXyyOhXqPRa1y3juKnYN5t r9QwprUvf32vp14SNunpN4zkiyVUulSSmUOWse6qzimyjbTlhUsXr0vjEVhXN/bk9g7p hA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3rbskk1177-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Jun 2023 05:00:42 +0000 Received: from m0353726.ppops.net (m0353726.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 35L4g54N001282; Wed, 21 Jun 2023 05:00:41 GMT Received: from ppma03ams.nl.ibm.com (62.31.33a9.ip4.static.sl-reverse.com [169.51.49.98]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3rbskk114e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Jun 2023 05:00:41 +0000 Received: from pps.filterd (ppma03ams.nl.ibm.com [127.0.0.1]) by ppma03ams.nl.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 35KMdnEw011075; Wed, 21 Jun 2023 05:00:37 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma03ams.nl.ibm.com (PPS) with ESMTPS id 3r94f52hx0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Jun 2023 05:00:36 +0000 Received: from smtpav01.fra02v.mail.ibm.com (smtpav01.fra02v.mail.ibm.com [10.20.54.100]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 35L50Xkp51511760 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 21 Jun 2023 05:00:33 GMT Received: from smtpav01.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 52AF520040; Wed, 21 Jun 2023 05:00:33 +0000 (GMT) Received: from smtpav01.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E24BF20043; Wed, 21 Jun 2023 05:00:28 +0000 (GMT) Received: from li-008a6a4c-3549-11b2-a85c-c5cc2836eea2.ibm.com (unknown [9.171.35.125]) by smtpav01.fra02v.mail.ibm.com (Postfix) with ESMTPS; Wed, 21 Jun 2023 05:00:28 +0000 (GMT) Date: Wed, 21 Jun 2023 07:00:27 +0200 From: Alexander Gordeev To: Eric DeVolder , Mimi Zohar Cc: linux@armlinux.org.uk, catalin.marinas@arm.com, will@kernel.org, chenhuacai@kernel.org, geert@linux-m68k.org, tsbogend@alpha.franken.de, James.Bottomley@hansenpartnership.com, deller@gmx.de, ysato@users.sourceforge.jp, dalias@libc.org, glaubitz@physik.fu-berlin.de, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, loongarch@lists.linux.dev, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, kernel@xen0n.name, mpe@ellerman.id.au, npiggin@gmail.com, christophe.leroy@csgroup.eu, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, hca@linux.ibm.com, gor@linux.ibm.com, borntraeger@linux.ibm.com, svens@linux.ibm.com, hpa@zytor.com, keescook@chromium.org, paulmck@kernel.org, peterz@infradead.org, frederic@kernel.org, akpm@linux-foundation.org, ardb@kernel.org, samitolvanen@google.com, juerg.haefliger@canonical.com, arnd@arndb.de, rmk+kernel@armlinux.org.uk, linus.walleij@linaro.org, sebastian.reichel@collabora.com, rppt@kernel.org, kirill.shutemov@linux.intel.com, anshuman.khandual@arm.com, ziy@nvidia.com, masahiroy@kernel.org, ndesaulniers@google.com, mhiramat@kernel.org, ojeda@kernel.org, thunder.leizhen@huawei.com, xin3.li@intel.com, tj@kernel.org, gregkh@linuxfoundation.org, tsi@tuyoix.net, bhe@redhat.com, hbathini@linux.ibm.com, sourabhjain@linux.ibm.com, boris.ostrovsky@oracle.com, konrad.wilk@oracle.com Subject: Re: [PATCH v2 12/13] s390/kexec: refactor for kernel/Kconfig.kexec Message-ID: References: <20230619145801.1064716-1-eric.devolder@oracle.com> <20230619145801.1064716-13-eric.devolder@oracle.com> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230619145801.1064716-13-eric.devolder@oracle.com> X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 3XxZUnG0tiAtapczX7p05vIqAJoPa-f- X-Proofpoint-GUID: I-zaEuvbTS6JyBDC0PeGxtax3HbIXcwx X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-06-21_03,2023-06-16_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1011 lowpriorityscore=0 suspectscore=0 mlxlogscore=999 mlxscore=0 impostorscore=0 bulkscore=0 priorityscore=1501 adultscore=0 phishscore=0 malwarescore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2305260000 definitions=main-2306210039 X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 19, 2023 at 10:58:00AM -0400, Eric DeVolder wrote: Hi Eric, > The kexec and crash kernel options are provided in the common > kernel/Kconfig.kexec. Utilize the common options and provide > the ARCH_SUPPORTS_ and ARCH_SELECTS_ entries to recreate the > equivalent set of KEXEC and CRASH options. > > NOTE: The original Kconfig has a KEXEC_SIG which depends on > MODULE_SIG_FORMAT. However, attempts to keep the MODULE_SIG_FORMAT > dependency (using the strategy outlined in this series, and other > techniques) results in 'error: recursive dependency detected' > on CRYPTO. This occurs due to any path through KEXEC_SIG > attempting to select CRYPTO is ultimately dependent upon CRYPTO: > > CRYPTO > <- ARCH_SUPPORTS_KEXEC_FILE > <- KEXEC_FILE > <- KEXEC_SIG > > Therefore, the solution is to drop the MODULE_SIG_FORMAT dependency > for KEXEC_SIG. In practice, however, MODULE_SIG_FORMAT is still > configured-in as the use of KEXEC_SIG is in step with the use of > SYSTEM_DATA_VERIFICATION, which does select MODULE_SIG_FORMAT. No, it is actually the other way around. Could you please provide the correct explanation? AFAICT the MODULE_SIG_FORMAT dependency was introduced with commit c8424e776b09 ("MODSIGN: Export module signature definitions") and in fact was not necessary, since s390 did/does not use mod_check_sig() anyway. So the SYSTEM_DATA_VERIFICATION could have left intact. However, the original SYSTEM_DATA_VERIFICATION seems sane and I do not understand why other architectures do not have it also? May be Mimi Zohar (putting on CC) could explain that? It looks like such dependency actually exists in implicit form (which you picked from x86): In addition to this option, you need to enable signature verification for the corresponding kernel image type being loaded in order for this to work. Does it mean that if an architecture did not enable the signature verification type explicitly the linker could fail - both before and after you series? Thanks! > Not ideal, but results in equivalent .config files for s390. > > Signed-off-by: Eric DeVolder > --- > arch/s390/Kconfig | 65 ++++++++++++++--------------------------------- > 1 file changed, 19 insertions(+), 46 deletions(-) > > diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig > index 6dab9c1be508..58dc124433ca 100644 > --- a/arch/s390/Kconfig > +++ b/arch/s390/Kconfig > @@ -243,6 +243,25 @@ config PGTABLE_LEVELS > > source "kernel/livepatch/Kconfig" > > +config ARCH_DEFAULT_KEXEC > + def_bool y > + > +config ARCH_SUPPORTS_KEXEC > + def_bool y > + > +config ARCH_SUPPORTS_KEXEC_FILE > + def_bool CRYPTO && CRYPTO_SHA256 && CRYPTO_SHA256_S390 > + > +config ARCH_HAS_KEXEC_PURGATORY > + def_bool KEXEC_FILE > + > +config ARCH_SUPPORTS_CRASH_DUMP > + def_bool y > + help > + Refer to for more details on this. > + This option also enables s390 zfcpdump. > + See also > + > menu "Processor type and features" > > config HAVE_MARCH_Z10_FEATURES > @@ -481,36 +500,6 @@ config SCHED_TOPOLOGY > > source "kernel/Kconfig.hz" > > -config KEXEC > - def_bool y > - select KEXEC_CORE > - > -config KEXEC_FILE > - bool "kexec file based system call" > - select KEXEC_CORE > - depends on CRYPTO > - depends on CRYPTO_SHA256 > - depends on CRYPTO_SHA256_S390 > - help > - Enable the kexec file based system call. In contrast to the normal > - kexec system call this system call takes file descriptors for the > - kernel and initramfs as arguments. > - > -config ARCH_HAS_KEXEC_PURGATORY > - def_bool y > - depends on KEXEC_FILE > - > -config KEXEC_SIG > - bool "Verify kernel signature during kexec_file_load() syscall" > - depends on KEXEC_FILE && MODULE_SIG_FORMAT > - help > - This option makes kernel signature verification mandatory for > - the kexec_file_load() syscall. > - > - In addition to that option, you need to enable signature > - verification for the corresponding kernel image type being > - loaded in order for this to work. > - > config KERNEL_NOBP > def_bool n > prompt "Enable modified branch prediction for the kernel by default" > @@ -732,22 +721,6 @@ config VFIO_AP > > endmenu > > -menu "Dump support" > - > -config CRASH_DUMP > - bool "kernel crash dumps" > - select KEXEC > - help > - Generate crash dump after being started by kexec. > - Crash dump kernels are loaded in the main kernel with kexec-tools > - into a specially reserved region and then later executed after > - a crash by kdump/kexec. > - Refer to for more details on this. > - This option also enables s390 zfcpdump. > - See also > - > -endmenu > - > config CCW > def_bool y > > -- > 2.31.1 >