Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading

From: Greg KH
Date: Thu Nov 21 2013 - 13:58:35 EST

Next message: Greg KH: "Re: [PATCH 1/6] kexec: Export vmcoreinfo note size properly"
Previous message: Stephen Warren: "Re: [PATCHv6+ 01/13] of: introduce of_property_for_earch_phandle_with_args()"
In reply to: Vivek Goyal: "Re: [PATCH 1/6] kexec: Export vmcoreinfo note size properly"
Next in thread: Vivek Goyal: "Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 20, 2013 at 12:50:45PM -0500, Vivek Goyal wrote:
> Current proposed secureboot implementation disables kexec/kdump because
> it can allow unsigned kernel to run on a secureboot platform. Intial
> idea was to sign /sbin/kexec binary and let that binary do the kernel
> signature verification. I had posted RFC patches for this apparoach
> here.
>
> https://lkml.org/lkml/2013/9/10/560
>
> Later we had discussion at Plumbers and most of the people thought
> that signing and trusting /sbin/kexec is becoming complex. So a
> better idea might be let kernel do the signature verification of
> new kernel being loaded. This calls for implementing a new system call
> and moving lot of user space code in kernel.
>
> kexec_load() system call allows loading a kexec/kdump kernel and jump
> to that kernel at right time. Though a lot of processing is done in
> user space which prepares a list of segments/buffers to be loaded and
> kexec_load() works on that list of segments. It does not know what's
> contained in those segments.
>
> Now a new system call kexec_file_load() is implemented which takes
> kernel fd and initrd fd as parameters. Now kernel should be able
> to verify signature of newly loaded kernel.
>
> This is an early RFC patchset. I have not done signature handling
> part yet. This is more of a minimal patch to show how new system
> call and functionality will look like. Right now it can only handle
> bzImage with 64bit entry point on x86_64. No EFI, no x86_32 or any
> other architecture. Rest of the things can be added slowly as need
> arises. In first iteration, I have tried to address most common use case
> for us.

Very good stuff, thanks for working on this. How have you been testing
this on the userspace side? Are there patches to kexec, or are you just
using a small test program with the new syscall?

I'll comment on the patches separately.

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "Re: [PATCH 1/6] kexec: Export vmcoreinfo note size properly"
Previous message: Stephen Warren: "Re: [PATCHv6+ 01/13] of: introduce of_property_for_earch_phandle_with_args()"
In reply to: Vivek Goyal: "Re: [PATCH 1/6] kexec: Export vmcoreinfo note size properly"
Next in thread: Vivek Goyal: "Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]