From patchwork Mon Sep 9 14:19:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Maxiwell S. Garcia" X-Patchwork-Id: 1159793 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46Rs3D5L6Rz9sCJ for ; Tue, 10 Sep 2019 01:07:36 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46Rs3D0XyxzDqJf for ; Tue, 10 Sep 2019 01:07:35 +1000 (AEST) X-Original-To: petitboot@lists.ozlabs.org Delivered-To: petitboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=maxiwell@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46Rs2p07T0zDqJW for ; Tue, 10 Sep 2019 01:07:13 +1000 (AEST) Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x89EDBoW022866 for ; Mon, 9 Sep 2019 10:19:23 -0400 Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0b-001b2d01.pphosted.com with ESMTP id 2uwq1vv5m0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 09 Sep 2019 10:19:22 -0400 Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x89EFKFx010278 for ; Mon, 9 Sep 2019 14:19:21 GMT Received: from b03cxnp08026.gho.boulder.ibm.com (b03cxnp08026.gho.boulder.ibm.com [9.17.130.18]) by ppma04wdc.us.ibm.com with ESMTP id 2uv466txdr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 09 Sep 2019 14:19:21 +0000 Received: from b03ledav006.gho.boulder.ibm.com (b03ledav006.gho.boulder.ibm.com [9.17.130.237]) by b03cxnp08026.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x89EJKYZ59834640 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 9 Sep 2019 14:19:20 GMT Received: from b03ledav006.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6666EC6072; Mon, 9 Sep 2019 14:19:20 +0000 (GMT) Received: from b03ledav006.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1A8E6C6067; Mon, 9 Sep 2019 14:19:19 +0000 (GMT) Received: from maxibm.ibmuc.com (unknown [9.80.194.34]) by b03ledav006.gho.boulder.ibm.com (Postfix) with ESMTP; Mon, 9 Sep 2019 14:19:18 +0000 (GMT) From: "Maxiwell S. Garcia" To: petitboot@lists.ozlabs.org Subject: [PATCH 3/3] discover: Check if the kernel image has Ultravisor support Date: Mon, 9 Sep 2019 11:19:08 -0300 Message-Id: <20190909141908.8903-4-maxiwell@linux.ibm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190909141908.8903-1-maxiwell@linux.ibm.com> References: <20190909141908.8903-1-maxiwell@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-09_06:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=907 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1909090144 X-BeenThere: petitboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Petitboot bootloader development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: petitboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Petitboot" The PPC kernel image has an ELF Note 'namespace' called 'PowerPC' to store capabilities and information which can be used by a bootloader or userland. The capabilities can be accessed using the 'type' PPC_ELFNOTE_CAPABILITIES which returns a bitmap as 'descriptor' field. Bit 0 in this bitmap indicates that the powerpc kernel binary knows how to run in an ultravisor-enabled system. So, using this bit, the petitboot can decide to abort the boot if the kernel is incompatible, avoiding the crash later. Signed-off-by: Maxiwell S. Garcia --- discover/boot.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/discover/boot.c b/discover/boot.c index 91fc46d..a36cc33 100644 --- a/discover/boot.c +++ b/discover/boot.c @@ -25,6 +25,7 @@ #include "paths.h" #include "resource.h" #include "platform.h" +#include "elf.h" #include @@ -55,6 +56,26 @@ static void __attribute__((format(__printf__, 4, 5))) update_status( talloc_free(status.message); } +static int validate_kernel_capabilities(const char *filename) +{ + unsigned int *ppc_cap_bitmap = NULL; + ppc_cap_bitmap = elf_getnote_desc(elf_open_image(filename), + POWERPC_ELFNOTE_NAMESPACE, + PPC_ELFNOTE_CAPABILITIES); + + if ((ppc_cap_bitmap) && (*ppc_cap_bitmap & PPCCAP_ULTRAVISOR_BIT)) { + pb_debug("kernel capabilities:" + " ultravisor mode found.\n"); + return 0; + } + + pb_log_fn("kernel capabilities failed:" + " ultravisor mode is required.\n"); + + free(ppc_cap_bitmap); + return -1; +} + /** * kexec_load - kexec load helper. */ @@ -82,7 +103,6 @@ static int kexec_load(struct boot_task *boot_task) pb_log("%s: Aborting kexec due to signature" " verification failure\n", __func__); } - goto abort_kexec; } @@ -131,6 +151,12 @@ static int kexec_load(struct boot_task *boot_task) assert(s_args); *p++ = s_args; /* 6 */ + if (validate_kernel_capabilities(local_image)) { + pb_log("%s: Aborting kexec due to invalid" + " kernel capabilities\n", __func__); + goto abort_kexec; + } + *p++ = local_image; /* 7 */ *p++ = NULL; /* 8 */