From patchwork Thu Mar 30 18:56:22 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 745387 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3vvDRD61yvz9s1h for ; Fri, 31 Mar 2017 05:58:00 +1100 (AEDT) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3vvDRD5CzbzDqJV for ; Fri, 31 Mar 2017 05:58:00 +1100 (AEDT) X-Original-To: petitboot@lists.ozlabs.org Delivered-To: petitboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3vvDR20Gl9zDqH4 for ; Fri, 31 Mar 2017 05:57:49 +1100 (AEDT) Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v2UIrfeX158506 for ; Thu, 30 Mar 2017 14:57:36 -0400 Received: from e23smtp06.au.ibm.com (e23smtp06.au.ibm.com [202.81.31.148]) by mx0b-001b2d01.pphosted.com with ESMTP id 29gx335jh5-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 30 Mar 2017 14:57:35 -0400 Received: from localhost by e23smtp06.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 31 Mar 2017 04:57:32 +1000 Received: from d23relay10.au.ibm.com (202.81.31.229) by e23smtp06.au.ibm.com (202.81.31.212) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Fri, 31 Mar 2017 04:57:29 +1000 Received: from d23av01.au.ibm.com (d23av01.au.ibm.com [9.190.234.96]) by d23relay10.au.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v2UIvL2c56885358 for ; Fri, 31 Mar 2017 05:57:29 +1100 Received: from d23av01.au.ibm.com (localhost [127.0.0.1]) by d23av01.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id v2UIuujS030847 for ; Fri, 31 Mar 2017 05:56:57 +1100 Received: from machine.austin.ibm.com ([9.53.92.247]) by d23av01.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id v2UIusQb030755; Fri, 31 Mar 2017 05:56:56 +1100 From: Eric Richter To: petitboot@lists.ozlabs.org Subject: [PATCH v2 1/3] lib: Add system config option to enable kexec_file_load Date: Thu, 30 Mar 2017 13:56:22 -0500 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1490900184-26327-1-git-send-email-erichte@linux.vnet.ibm.com> References: <1490900184-26327-1-git-send-email-erichte@linux.vnet.ibm.com> X-TM-AS-MML: disable x-cbid: 17033018-0040-0000-0000-0000030291B0 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17033018-0041-0000-0000-00000C798CA7 Message-Id: <1490900184-26327-2-git-send-email-erichte@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-30_14:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703300161 X-BeenThere: petitboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Petitboot bootloader development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: petitboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Petitboot" Currently, pb-discover only supports one method (syscall) for loading the next kernel for kexec: kexec_load. This patch adds a system configuration option for toggling between using kexec_load (false), and kexec_file_load (true). When the kernel is running in a secure mode, a regular kexec_load should be disabled by the kernel. To avoid having to set this config option on every single boot, this patch introduces an nvram field for persisting the state of the kexec_file config option across reboots. This will be used in subsequent patches for determining the argument to kexec-lite/kexec-tools, and modified by a menu option. Signed-off-by: Eric Richter --- discover/platform-powerpc.c | 9 +++++++++ lib/pb-protocol/pb-protocol.c | 9 +++++++++ lib/types/types.h | 2 ++ 3 files changed, 20 insertions(+) diff --git a/discover/platform-powerpc.c b/discover/platform-powerpc.c index b5ad682..c0a64c7 100644 --- a/discover/platform-powerpc.c +++ b/discover/platform-powerpc.c @@ -61,6 +61,7 @@ static const char *known_params[] = { "petitboot,console", "petitboot,http_proxy", "petitboot,https_proxy", + "petitboot,fileload?", NULL, }; @@ -550,6 +551,11 @@ static void populate_config(struct platform_powerpc *platform, val = get_param(platform, "petitboot,console"); if (val) config->boot_console = talloc_strdup(config, val); + + val = get_param(platform, "petitboot,fileload?"); + if (val) + config->kexec_file = !!strcmp(val, "false"); + /* If a full path is already set we don't want to override it */ config->manual_console = config->boot_console && !strchr(config->boot_console, '['); @@ -742,6 +748,9 @@ static int update_config(struct platform_powerpc *platform, update_string_config(platform, "petitboot,https_proxy", val); set_proxy_variables(config); + val = config->kexec_file ? "true" : "false"; + update_string_config(platform, "petitboot,fileload?", val); + update_network_config(platform, config); update_bootdev_config(platform, config); diff --git a/lib/pb-protocol/pb-protocol.c b/lib/pb-protocol/pb-protocol.c index 18edf57..1a19619 100644 --- a/lib/pb-protocol/pb-protocol.c +++ b/lib/pb-protocol/pb-protocol.c @@ -322,6 +322,8 @@ int pb_protocol_config_len(const struct config *config) len += 4; /* allow_writes */ + len += 4; /* kexec_file */ + len += 4; /* n_consoles */ for (i = 0; i < config->n_consoles; i++) len += 4 + optional_strlen(config->consoles[i]); @@ -582,6 +584,9 @@ int pb_protocol_serialise_config(const struct config *config, *(uint32_t *)pos = config->allow_writes; pos += 4; + *(uint32_t *)pos = config->kexec_file; + pos += 4; + *(uint32_t *)pos = __cpu_to_be32(config->n_consoles); pos += 4; for (i = 0; i < config->n_consoles; i++) @@ -1121,6 +1126,10 @@ int pb_protocol_deserialise_config(struct config *config, goto out; config->allow_writes = !!tmp; + if (read_u32(&pos, &len, &tmp)) + goto out; + config->kexec_file = !!tmp; + if (read_u32(&pos, &len, &config->n_consoles)) goto out; diff --git a/lib/types/types.h b/lib/types/types.h index 7f4ae1f..132ebd3 100644 --- a/lib/types/types.h +++ b/lib/types/types.h @@ -171,6 +171,8 @@ struct config { bool allow_writes; + bool kexec_file; + char *boot_console; bool manual_console; char *lang;