From: Chen Qi <[email protected]> Running command 'kexec -p /path/to/crash-kernel --reuse-cmdline' will give out the following warning:
kexec[970]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set Add MFD_NOEXEC_SEAL explicitly to avoid such warning. Signed-off-by: Chen Qi <[email protected]> --- ...-add-MFD_NOEXEC_SEAL-flag-explicitly.patch | 36 +++++++++++++++++++ .../kexec/kexec-tools_2.0.28.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-kernel/kexec/kexec-tools/0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch diff --git a/meta/recipes-kernel/kexec/kexec-tools/0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch b/meta/recipes-kernel/kexec/kexec-tools/0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch new file mode 100644 index 0000000000..3b11555a1b --- /dev/null +++ b/meta/recipes-kernel/kexec/kexec-tools/0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch @@ -0,0 +1,36 @@ +From 6436da0b58b59e1b4cd3924bd007108b8ddf73dc Mon Sep 17 00:00:00 2001 +From: Chen Qi <[email protected]> +Date: Tue, 6 Aug 2024 19:41:30 -0700 +Subject: [PATCH] kexec.c: add MFD_NOEXEC_SEAL flag explicitly + +Add MFD_NOEXEC_SEAL to avoid kernel warning like below: + + kexec[970]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set + +As the above two flags are only available in newer kernels, ideally +we need to do some fallback. But we know for sure that OE scarthgap/master +is using >6.6 kernel, so we don't need to do such fallback. + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Chen Qi <[email protected]> +--- + kexec/kexec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kexec/kexec.c b/kexec/kexec.c +index 08edfca..c5f52d4 100644 +--- a/kexec/kexec.c ++++ b/kexec/kexec.c +@@ -655,7 +655,7 @@ static int copybuf_memfd(const char *kernel_buf, size_t size) + { + int fd, count; + +- fd = memfd_create("kernel", MFD_ALLOW_SEALING); ++ fd = memfd_create("kernel", MFD_ALLOW_SEALING | MFD_NOEXEC_SEAL); + if (fd == -1) + return fd; + +-- +2.25.1 + diff --git a/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb b/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb index f0a484f884..830d9ce585 100644 --- a/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb +++ b/meta/recipes-kernel/kexec/kexec-tools_2.0.28.bb @@ -19,6 +19,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/kexec/kexec-tools-${PV}.tar.gz file://0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch \ file://Fix-building-on-x86_64-with-binutils-2.41.patch \ file://0001-x86-linux-setup.c-Use-POSIX-basename-API.patch \ + file://0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch \ " SRC_URI[sha256sum] = "f33d2660b3e38d25a127e87097978e0f7a9a73ab5151a29eb80974d169ff6a29" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#203052): https://lists.openembedded.org/g/openembedded-core/message/203052 Mute This Topic: https://lists.openembedded.org/mt/107763946/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
