++++++
> include/linux/of.h | 5 +
> 3 files changed, 276 insertions(+)
> create mode 100644 drivers/of/kexec.c
With that fixed:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
64.c | 2 +-
> arch/x86/kernel/machine_kexec_64.c | 4 ++--
> 4 files changed, 10 insertions(+), 15 deletions(-)
With that fixed:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
nel/kexec-bzimage64.c | 2 +-
> arch/x86/kernel/machine_kexec_64.c | 4 ++--
> 4 files changed, 10 insertions(+), 15 deletions(-)
With that fixed:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
ss.
> Reported-by: kernel test robot
> ---
> arch/powerpc/include/asm/kexec.h | 4
> arch/powerpc/kexec/file_load.c| 6 +++---
> arch/powerpc/kexec/file_load_64.c | 14 +++---
> 3 files changed, 10 insertions(+), 14 deletions(-)
With that fixed:
Reviewed-by
ss.
> Reported-by: kernel test robot
> ---
> arch/arm64/include/asm/kexec.h | 4
> arch/arm64/kernel/machine_kexec_file.c | 18 +-
> 2 files changed, 9 insertions(+), 13 deletions(-)
With that fixed:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
insertions(+)
With that fixed:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
e extra
space needed by the kdump kernel, and change the function name so that it
better reflects what the function is now doing.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Lakshmi Ramasubramanian
---
arch/powerpc/include/asm/kexec.h | 2 +-
arch/powerpc/kexec/elf_64.c | 2 +-
arch/powerp
Lakshmi Ramasubramanian writes:
> On 2/19/21 6:25 AM, Thiago Jung Bauermann wrote:
>
> One small nit in the function header (please see below), but otherwise the
> change looks good.
>
> Reviewed-by: Lakshmi Ramasubramanian
Thanks for your review. I incorporated your sugges
bramanian
>> > > wrote:
>> > >>
>> > >> On 2/18/21 5:13 PM, Thiago Jung Bauermann wrote:
>> > >>>
>> > >>> Lakshmi Ramasubramanian writes:
>> > >>>
>> > >>
e extra
space needed by the kdump kernel, and change the function name so that it
better reflects what the function is now doing.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/kexec.h | 2 +-
arch/powerpc/kexec/elf_64.c | 2 +-
arch/powerpc/kexec/file_load_64.c | 26 -
Lakshmi Ramasubramanian writes:
> On 2/18/21 5:13 PM, Thiago Jung Bauermann wrote:
>> Lakshmi Ramasubramanian writes:
>>
>>> On 2/18/21 4:07 PM, Mimi Zohar wrote:
>>>
>>> Hi Mimi,
>>>
>>>> On Thu, 2021-02-18 at 14:33 -0800, La
ng CONFIG_HAVE_IMA_KEXEC for ppc.
>
> But for arm64, CONFIG_HAVE_IMA_KEXEC is enabled in the final patch in the
> patch
> set (the one for carrying forward IMA log across kexec for arm64). arm64 calls
> of_kexec_alloc_and_setup_fdt() prior to enabling CONFIG_HAVE_IMA_KEXEC and
> hence
> breaks the build for arm64.
One problem is that I believe that this patch won't placate the robot,
because IIUC it generates config files at random and this change still
allows hppa and s390 to enable CONFIG_OF_KEXEC.
Perhaps a new CONFIG_HAVE_KIMAGE_ARCH option? Not having that option
would still allow building kexec.o, but would be used inside kexec.c to
avoid accessing kimage.arch members.
--
Thiago Jung Bauermann
IBM Linux Technology Center
a/ima_kexec.c | 8 ++--
> 5 files changed, 11 insertions(+), 37 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
c/elf_64.c | 30 ---
> arch/powerpc/kexec/file_load.c| 132 +-
> arch/powerpc/kexec/file_load_64.c | 3 +
> 4 files changed, 26 insertions(+), 140 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
> 1 file changed, 8 insertions(+), 172 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
bramanian
> ---
> drivers/of/Makefile | 6 +
> drivers/of/kexec.c | 265 ++++
> include/linux/of.h | 5 +
> 3 files changed, 276 insertions(+)
> create mode 100644 drivers/of/kexec.c
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
for setting up the device tree for
> kexec system call.
>
> Rename elf_headers_mem to elf_load_addr to align with powerpc name so
> common code can use it.
>
> Signed-off-by: Lakshmi Ramasubramanian
> Suggested-by: Thiago Jung Bauermann
> ---
> arch/arm64/include/a
h/powerpc/include/asm/kexec.h | 2 +-
> arch/powerpc/kexec/file_load.c| 4 ++--
> arch/powerpc/kexec/file_load_64.c | 4 ++--
> 3 files changed, 5 insertions(+), 5 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
nian
>>>> wrote:
>>>>>
>>>>> On 2/11/21 5:09 PM, Thiago Jung Bauermann wrote:
>>>>>>
>>>>>> There's actually a complication that I just noticed and needs to be
>>>>>> addressed. More below.
>>
Lakshmi Ramasubramanian writes:
> On 2/11/21 5:09 PM, Thiago Jung Bauermann wrote:
>> There's actually a complication that I just noticed and needs to be
>> addressed. More below.
>>
>
> <...>
>
>>> +
>>> +/*
>>> + * of_kex
won't be enough for crash
kernels on ppc64. The current powerpc code doubles the size of
initial_boot_params (which is normally larger than 4 KB) and even that
isn't enough. A patch was added to powerpc/next today which uses a more
precise (but arch-specific) formula:
https://lore.kernel.org/linuxppc-dev/161243826811.119001.14083048209224609814.stgit@hbathini/
So I believe we need a hook here where architectures can provide their
own specific calculation for the size of the fdt. Perhaps a weakly
defined function providing a default implementation which an
arch-specific file can override (a la arch_kexec_kernel_image_load())?
Then the powerpc specific hook would be the kexec_fdt_totalsize_ppc64()
function from the patch I linked above.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
> Suggested-by: Thiago Jung Bauermann
> ---
> arch/arm64/Kconfig | 1 +
> 1 file changed, 1 insertion(+)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
uot;.
>
> Co-developed-by: Prakhar Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
> ---
> arch/powerpc/include/asm/kexec.h | 1 -
> arch/powerpc/kexec/file_load.c | 32 --------
> 2 files changed,
es changed, 241 insertions(+), 272 deletions(-)
> delete mode 100644 arch/powerpc/include/asm/ima.h
> delete mode 100644 arch/powerpc/kexec/ima.c
Reviewed-by: Thiago Jung Bauermann
Tested-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
, if CONFIG_IMA
> is enabled, to indicate that the IMA measurement log information is
> present in the device tree for powerpc.
>
> Signed-off-by: Lakshmi Ramasubramanian
> Suggested-by: Thiago Jung Bauermann
> ---
> arch/powerpc/Kconfig | 2 +-
> 1 file changed, 1 insertion(+),
initrd_len, cmdline);
> if (!fdt) {
> pr_err("Not enough memory for the device tree.\n");
This error string can be a bit misleading now, since
of_kexec_alloc_and_setup_fdt() can fail for reasons other than lack of
memory. I suggest changing it to the error st
> 1 file changed, 8 insertions(+), 172 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
ramanian
> ---
> drivers/of/Makefile | 6 ++
> drivers/of/kexec.c | 258 ++++++++
> include/linux/of.h | 13 +++
> 3 files changed, 277 insertions(+)
> create mode 100644 drivers/of/kexec.c
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
re and a warning like this one:
Not sure if this is ready for stable yet (including stable branches 4.19
and 5.4), since it seems to uncover latent bugs in x86 early memory
reservation. I asked about this issue here:
https://lore.kernel.org/lkml/87ft26yuwg.fsf@manicouagan.localdomain/
--
Thia
Mike Rapoport writes:
> On Sat, Jan 23, 2021 at 06:09:11PM -0800, Andrew Morton wrote:
>> On Fri, 22 Jan 2021 01:37:14 -0300 Thiago Jung Bauermann
>> wrote:
>>
>> > Mike Rapoport writes:
>> >
>> > > > Signed-off-by: Rom
Joe Perches writes:
> On Thu, 2021-01-28 at 00:52 -0300, Thiago Jung Bauermann wrote:
>> The problem is that this patch implements only part of the suggestion,
>> which isn't useful in itself. So the patch series should either drop
>> this patch or consolidate the F
Christoph Hellwig writes:
> On Thu, Jan 28, 2021 at 05:50:56PM -0300, Thiago Jung Bauermann wrote:
>> > struct module *find_module(const char *name)
>> > {
>> > - module_assert_mutex();
>>
>> Does it make sense to replace the asse
len,
>
> struct module *find_module(const char *name)
> {
> - module_assert_mutex();
Does it make sense to replace the assert above with the warn below (untested)?
RCU_LOCKDEP_WARN(rcu_read_lock_sched_held());
> return find_module_all(name, strlen(name), false);
&g
suggestion by Rob Herring:
> This could be taken a step further and do the allocation of the new
> FDT. The difference is arm64 uses vmalloc and powerpc uses kmalloc. The
> arm64 version also retries with a bigger allocation. That seems
> unnecessary.
in
https://lore.kernel.org/linux-integrity/20201211221006.1052453-3-r...@kernel.org/
The problem is that this patch implements only part of the suggestion,
which isn't useful in itself. So the patch series should either drop
this patch or consolidate the FDT allocation between the arches.
I just tested on powernv and pseries platforms and powerpc can use
vmalloc for the FDT buffer.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Lakshmi Ramasubramanian writes:
> On 1/27/21 7:52 PM, Thiago Jung Bauermann wrote:
>> Will Deacon writes:
>>
>>> On Wed, Jan 27, 2021 at 09:59:38AM -0800, Lakshmi Ramasubramanian wrote:
>>>> On 1/27/21 8:52 AM, Will Deacon wrote:
>>>>
>&g
Mike Rapoport writes:
> On Sat, Jan 23, 2021 at 06:09:11PM -0800, Andrew Morton wrote:
>> On Fri, 22 Jan 2021 01:37:14 -0300 Thiago Jung Bauermann
>> wrote:
>>
>> > Mike Rapoport writes:
>> >
>> > > > Signed-off-by: Rom
Konrad Rzeszutek Wilk writes:
> On Fri, Jan 08, 2021 at 09:27:01PM -0300, Thiago Jung Bauermann wrote:
>>
>> Ram Pai writes:
>>
>> > On Wed, Dec 23, 2020 at 09:06:01PM -0300, Thiago Jung Bauermann wrote:
>> >>
>> >> Hi Ram,
>> >
g the leak in this case. Fortunately, the
current implementations of arch_ima_add_kexec_buffer() are very simple
and cannot fail, so this is a theoretical problem.
--
Thiago Jung Bauermann
IBM Linux Technology Center
> Signed-off-by: Lakshmi Ramasubramanian
> Suggested-by: Tyler Hicks
> Fixes: 7b8589cc29e7 ("ima: on soft reboot, save the measurement list")
Good catch.
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
8fabc623238e ("powerpc: Ensure that swiotlb buffer is allocated from low
memory")
This is because reverting the commit above also solves the problem on the
machines where I've seen this issue.
--
Thiago Jung Bauermann
IBM Linux Technology Center
ch/arm64/Kconfig | 1 +
> arch/arm64/include/asm/kexec.h | 5 +
> 2 files changed, 6 insertions(+)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
> arch/powerpc/include/asm/kexec.h | 4 ---
> arch/powerpc/kexec/file_load.c| 60 ---
> arch/powerpc/kexec/file_load_64.c | 4 ++-
> 3 files changed, 3 insertions(+), 65 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
| 202
> drivers/of/kexec.c | 240 +
> include/linux/of.h | 2 +
> security/integrity/ima/ima.h | 4 -
> security/integrity/ima/ima_kexec.c | 1 +
> 9 files changed, 244 insertions(+), 248 dele
>> allocating the FDT. Then we can further consolidate the DT kexec code.
>>
>> It all needs some acks from arm64 and powerpc maintainers. As far as
>> merging, I think via the integrity tree makes the most sense.
>
> Thanks, Rob. Lakshmi, please update Rob's patches to include patch
> descriptions before re-posting.
Also please update the powerpc mailing list address to
linuxppc-...@lists.ozlabs.org
--
Thiago Jung Bauermann
IBM Linux Technology Center
Ram Pai writes:
> On Wed, Dec 23, 2020 at 09:06:01PM -0300, Thiago Jung Bauermann wrote:
>>
>> Hi Ram,
>>
>> Thanks for reviewing this patch.
>>
>> Ram Pai writes:
>>
>> > On Fri, Dec 18, 2020 at 03:21:03AM -0300, Thiago Jung Bauermann
Hi Ram,
Thanks for reviewing this patch.
Ram Pai writes:
> On Fri, Dec 18, 2020 at 03:21:03AM -0300, Thiago Jung Bauermann wrote:
>> On server-class POWER machines, we don't need the SWIOTLB unless we're a
>> secure VM. Nevertheless, if CONFIG_SWIOTLB is enabled we
Lakshmi Ramasubramanian writes:
> On 12/22/20 4:19 PM, Thiago Jung Bauermann wrote:
>> Lakshmi Ramasubramanian writes:
>>
>>> diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
>>> index 6ebefec616e4..7c3947ad3773 100644
>>> --
ig
> @@ -1094,6 +1094,7 @@ config KEXEC
> config KEXEC_FILE
> bool "kexec file based system call"
> select KEXEC_CORE
> + select HAVE_IMA_KEXEC
> help
> This is new version of kexec system call. This system call is
> file based and takes
ons(+), 1 deletion(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
etions(-)
As I mentioned in the other email, this patch could remove
setup_new_fdt() as well.
I'm a bit ambivalent on whether this patch should be squashed with
patch 2 or left on its own, but I tend toward the latter option because
patch 2 is big enough already.
--
Thiago Jung Bauermann
IBM Linux Technology Center
r Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
> ---
> drivers/of/kexec.c | 57 --
> 1 file changed, 5 insertions(+), 52 deletions(-)
This is a nice improvement, thanks.
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
err:
With this change, setup_new_fdt() is nothing more than a call to
of_kexec_setup_new_fdt(). It should be removed, and its caller should
call of_kexec_setup_new_fdt() directly.
This change could be done in patch 4 of this series, to keep this patch
simpler.
--
Thiago Jung Bauermann
IBM Linux Technology Center
owerpc/kexec/ima.c" to
> "drivers/of/kexec.c" only when CONFIG_HAVE_IMA_KEXEC is enabled.
>
> => Also, compile write_number() and setup_ima_buffer() only when
> CONFIG_IMA_KEXEC is enabled.
Sounds good, with one additional change:
So far, CONFIG_HAVE_IMA_KEXEC was
100644
> --- a/security/integrity/ima/ima_kexec.c
> +++ b/security/integrity/ima/ima_kexec.c
> @@ -10,6 +10,7 @@
> #include
> #include
> #include
> +#include
> #include
> #include "ima.h"
This include isn't necessary.
--
Thiago Jung Bauermann
IBM Linux Technology Center
---
> arch/powerpc/kexec/ima.c | 17 -
> security/integrity/ima/ima_kexec.c | 22 ++
> 3 files changed, 22 insertions(+), 20 deletions(-)
Reviewed-by: Thiago Jung Bauermann
Just one nit below.
Also, I just noticed that this patch series hasn't been cc'd to t
Rob Herring writes:
> Signed-off-by: Rob Herring
> ---
>
> After the IMA changes, delete_fdt_mem_rsv() can also be removed.
>
> arch/powerpc/kexec/file_load.c | 125 ++---
> 1 file changed, 6 insertions(+), 119 deletions(-)
Reviewed-by:
> arm64 version also retries with a bigger allocation. That seems
> unnecessary.
> ---
> drivers/of/Makefile | 1 +
> drivers/of/kexec.c | 228
> include/linux/of.h | 5 +
> 3 files changed, 234 insertions(+)
> create mode 100644 drivers/of/kexec.c
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Rob Herring writes:
> Signed-off-by: Rob Herring
> ---
> arch/arm64/kernel/machine_kexec_file.c | 123 +
> 1 file changed, 3 insertions(+), 120 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
ec/file_load_64.c | 4 ++--
> 3 files changed, 5 insertions(+), 5 deletions(-)
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
WIOTLB in those cases.
Fixes: eae9eec476d1 ("powerpc/pseries/svm: Allocate SWIOTLB buffer anywhere in
memory")
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/mm/mem.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/mem.c b/arch/powerp
c when CONFIG_KEXEC_FILE is enabled is fine. But when
> more functions (such as remove_ima_buffer()) are moved to this file, Makefile
> needs to be updated for other ima kexec related CONFIGs.
IMA kexec is only available if CONFIG_KEXEC_FILE is enabled, so I don't
understand what problem you are seeing.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Lakshmi Ramasubramanian writes:
> On 12/11/20 10:19 AM, Thiago Jung Bauermann wrote:
>> Hi Lakshmi,
>> Lakshmi Ramasubramanian writes:
>>
>>> On 12/6/20 5:50 PM, Lakshmi Ramasubramanian wrote:
>>>
>>> Hi Thiago,
>>>
>>>&
Hi Lakshmi,
Lakshmi Ramasubramanian writes:
> On 12/6/20 5:50 PM, Lakshmi Ramasubramanian wrote:
>
> Hi Thiago,
>
>> On 12/4/20 6:22 PM, Thiago Jung Bauermann wrote
>>>
>>> Hello Lakshmi,
>>>
>>> Lakshmi Ramasubramanian writes:
>>
Update CONFIG_KEXEC_FILE to select CONFIG_HAVE_IMA_KEXEC to indicate
> that the IMA measurement log information is present in the device tree
> for ARM64.
>
> Co-developed-by: Prakhar Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
Revie
pc.
>
> Move arch_ima_add_kexec_buffer() to
> security/integrity/ima/ima_kexec.c so that it is accessible for
> other architectures as well.
>
> Signed-off-by: Lakshmi Ramasubramanian
Not sure if the maintainers will agree with me (see below), but FWIW:
Reviewed-by: Thiago Jung Bauermann
>
NFIG_IMA_KEXEC is enabled and remove "#ifdef CONFIG_IMA_KEXEC"
> in arch/powerpc/kexec/ima.c.
Nice.
> Co-developed-by: Prakhar Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
> Reviewed-by: Mimi Zohar
Reviewed-by: Thiago Jung Bauermann
-by: Lakshmi Ramasubramanian
Looks good. Just minor comments below. Nevertheless:
Reviewed-by: Thiago Jung Bauermann
> ---
> arch/powerpc/include/asm/ima.h | 8 ++--
> arch/powerpc/kexec/ima.c | 26 --
> drivers/of/kexec.c | 29 +++
tava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
Looks good. Thanks!
Reviewed-by: Thiago Jung Bauermann
> ---
> arch/powerpc/kexec/ima.c | 58 +---
> 1 file changed, 7 insertions(+), 51 deletions(-)
>
&
gt; Co-developed-by: Prakhar Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
I'd personally squash this patch with the next one, but I'll leave it
just as a suggestion since maintainers are the ones who know best what
works well in this regard.
The co
.h
> index 9e93bef52968..d0234c4815da 100644
> --- a/include/linux/kexec.h
> +++ b/include/linux/kexec.h
> @@ -407,6 +407,11 @@ static inline int kexec_crash_loaded(void) { return 0; }
> #define kexec_in_progress false
> #endif /* CONFIG_KEXEC_CORE */
>
> +#if defined(CONFIG_OF_FLATTREE)
This would also change to require CONFIG_KEXEC_FILE.
> +extern int delete_fdt_mem_rsv(void *fdt, unsigned long start,
> + unsigned long size);
> +#endif /* CONFIG_OF_FLATTREE */
> +
> #endif /* !defined(__ASSEBMLY__) */
>
> #endif /* LINUX_KEXEC_H */
--
Thiago Jung Bauermann
IBM Linux Technology Center
e_ima_buffer() and arch_ima_add_kexec_buffer().
>
> Co-developed-by: Prakhar Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
> Reviewed-by: Mimi Zohar
These warnings showed up when using `make W=1`, and this patch fixes
them. Thanks!
Revi
> This one is already present in ima and there's no change in that in my
> patches.
>
> 2, The other one is remove_ima_kexec_buffer() called from setup_ima_buffer()
> defined in "arch/powerpc/kexec/ima.c"
>
> This function removes the "ima buffer" node f
ion is present in the device tree
> for ARM64.
>
> Co-developed-by: Prakhar Srivastava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
> + *
> + * Return: 0 on success, or negative errno on error.
> + */
> +int delete_fdt_mem_rsv(void *fdt, unsigned long start, unsigned long size)
This function can't go in an IMA-specific directory, because it's used
in arch/powerpc/kexec/file_load.c even if IMA isn't enabled.
I'm not sure where would be a good place for it. Perhaps a new file
called kernel/kexec_file_fdt.c?
> +{
> + int i, ret, num_rsvs = fdt_num_mem_rsv(fdt);
> +
> + for (i = 0; i < num_rsvs; i++) {
> + uint64_t rsv_start, rsv_size;
> +
> + ret = fdt_get_mem_rsv(fdt, i, _start, _size);
> + if (ret) {
> + pr_err("Malformed device tree.\n");
> + return -EINVAL;
> + }
> +
> + if (rsv_start == start && rsv_size == size) {
> + ret = fdt_del_mem_rsv(fdt, i);
> + if (ret) {
> + pr_err("Error deleting device tree
> reservation.\n");
> + return -EINVAL;
> + }
> +
> + pr_err("Freed the reserved memory at %lu of size %lu\n",
> + start, size);
This isn't an error. You should change it to a pr_debug() or remove it.
> + return 0;
> + }
> + }
> +
> + return -ENOENT;
> +}
--
Thiago Jung Bauermann
IBM Linux Technology Center
remove any existing
FDT_PROP_IMA_KEXEC_BUFFER property and also its corresponding memory
reservation, so that you avoid accumulating stale memory reservations
for non-existing IMA kexec buffers from previous kexecs.
--
Thiago Jung Bauermann
IBM Linux Technology Center
ava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
> Reported-by: kernel test robot warning: no previous
> prototype for 'arch_ima_add_kexec_buffer' [-Wmissing-prototypes]
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
() is still duplicated in generic code and powerpc
code. It's a small and simple function though, so not really a problem.
I think you'll need to move over remove_ima_buffer() if you agree with
the comment I'll make on patch 3, in which case the powerpc-specific
do_get_kexec_buffer() can be r
rwise nothing stops the new kernel from stomping
over it. E.g., powerpc does:
ret = fdt_add_mem_rsv(fdt, image->arch.ima_buffer_addr,
image->arch.ima_buffer_size);
--
Thiago Jung Bauermann
IBM Linux Technology Center
ava
> Signed-off-by: Prakhar Srivastava
> Signed-off-by: Lakshmi Ramasubramanian
Reviewed-by: Thiago Jung Bauermann
IMHO this patch and the next one can be squashed together. Also, a minor
comment below.
> ---
> arch/arm64/include/asm/ima.h | 17 +
>
op->length, , );
> + if (ret)
> + return ret;
> +
> + ret = of_remove_property(of_chosen, prop);
> + if (ret)
> + return ret;
> +
> + return memblock_free(addr, size);
> +
> +}
> +
> #ifdef CONFIG_IMA_KEXEC
> static int ima_dump_me
d-off-by: Lakshmi Ramasubramanian
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
; + if (ret < 0)
> + return ret;
> + addr_cells = ret;
> +
> + ret = fdt_size_cells(fdt, chosen_node);
> + if (ret < 0)
> return ret;
> + size_cells = ret;
>
> entry_size = 4 * (addr_cells + size_cells);
Ditto here.
--
Thiago Jung Bauermann
IBM Linux Technology Center
arch/powerpc/kexec/ima.c.
If you prefer to keep the current order, it's worth mentioning on the
commit log where get_addr_size_cells() and do_get_kexec_buffer() are
coming from.
Regardless:
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Konrad Rzeszutek Wilk writes:
> On Tue, Aug 18, 2020 at 07:11:26PM -0300, Thiago Jung Bauermann wrote:
>> POWER secure guests (i.e., guests which use the Protection Execution
>> Facility) need to use SWIOTLB to be able to do I/O with the hypervisor, but
>> they don't ne
Christoph Hellwig writes:
> On Tue, Aug 18, 2020 at 07:11:26PM -0300, Thiago Jung Bauermann wrote:
>> POWER secure guests (i.e., guests which use the Protection Execution
>> Facility) need to use SWIOTLB to be able to do I/O with the hypervisor, but
>> they don't ne
of memblock_alloc_low().
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/svm.h | 4
arch/powerpc/mm/mem.c| 6 +-
arch/powerpc/platforms/pseries/svm.c | 26 ++
3 files changed, 35 insertions(+), 1 deletion(-)
Changes from v2
Christoph Hellwig writes:
> On Mon, Aug 17, 2020 at 06:46:58PM -0300, Thiago Jung Bauermann wrote:
>> POWER secure guests (i.e., guests which use the Protection Execution
>> Facility) need to use SWIOTLB to be able to do I/O with the hypervisor, but
>> they don't ne
Hello Christoph,
Christoph Hellwig writes:
> On Sat, Aug 15, 2020 at 05:45:36PM -0300, Thiago Jung Bauermann wrote:
>> POWER secure guests (i.e., guests which use the Protection Execution
>> Facility) need to use SWIOTLB to be able to do I/O with the hypervisor, but
>
of memblock_alloc_low().
We also need to add swiotlb_set_no_iotlb_memory() in order to set the
no_iotlb_memory flag if initialization fails.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/svm.h | 4
arch/powerpc/mm/mem.c| 6 +-
arch/powerpc/platforms
initialization problem we are seeing in secure guests
with 128 GB of RAM: they are configured with 4 GB of crashkernel reserved
memory, which leaves no space for SWIOTLB in low addresses.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/mm/mem.c | 7 ++-
include/linux/swiotlb.h | 8
with backup region and
> crashed kernel's memory to avoid kdump kernel from accidentially using
> that memory.
>
> Signed-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
igned-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Bathini
> Tested-by: Pingfan Liu
I liked the new versions of get_node_path_size() and get_node_path().
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hari Bathini writes:
> On 24/07/20 5:36 am, Thiago Jung Bauermann wrote:
>>
>> Hari Bathini writes:
>>
>>> Kdump kernel, used for capturing the kernel core image, is supposed
>>> to use only specific memory regions to avoid corrupting the image to
>&
; being stomped on while booting.
>
> Signed-off-by: Hari Bathini
> Tested-by: Pingfan Liu
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
ackup region and
> crashed kernel's memory to avoid kdump kernel from accidentially
> using that memory.
>
> Reported-by: kernel test robot
> [lkp: In v1, purgatory() declaration was missing]
> Signed-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
Just one minor
..
> + end_char = '\0';
> + while (dn->parent) {
> + path[--idx] = end_char;
.. and in the first ireation, this is writing '\0' at a place which will be
overwritten by the memcpy() below with the last character of
dn->full_name. You need to start idx with len, not len - 1.
> +
different kdump segments.
> Override arch_kexec_locate_mem_hole() to locate a memory hole taking
> these ranges into account.
>
> Signed-off-by: Hari Bathini
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
d-by: Pingfan Liu
Just one comment below, but regardless:
Reviewed-by: Thiago Jung Bauermann
> +/**
> + * add_htab_mem_range - Adds htab range to the given memory ranges list,
> + * if it exists
> + * @mem_ranges: Range list to add the memory r
Hari Bathini writes:
> On 16/07/20 7:19 am, Thiago Jung Bauermann wrote:
>>
>> I didn't forget about this patch. I just wanted to see more of the
>> changes before comenting on it.
>>
>> Hari Bathini writes:
>>
>>> Some of the kexec
1 - 100 of 1092 matches
Mail list logo