All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Michal Suchánek" <msuchanek@suse.de>
To: Dave Young <dyoung@redhat.com>
Cc: Tony Jones <tonyj@suse.com>,
	horms@verge.net.au, Petr Tesarik <ptesarik@suse.cz>,
	kexec@lists.infradead.org, Baoquan He <bhe@redhat.com>
Subject: Re: [PATCH] kexec: do KEXEC_FILE_LOAD and fallback to KEXEC_LOAD if not supported.
Date: Mon, 26 Feb 2018 13:08:58 +0100	[thread overview]
Message-ID: <20180226130858.6c0a8d09@naga.suse.cz> (raw)
In-Reply-To: <20180226014515.GA2862@dhcp-128-65.nay.redhat.com>

On Mon, 26 Feb 2018 09:45:15 +0800
Dave Young <dyoung@redhat.com> wrote:

> On 02/24/18 at 05:34pm, Petr Tesarik wrote:
> > On Sat, 24 Feb 2018 09:43:42 +0800
> > Dave Young <dyoung@redhat.com> wrote:
> >   
> > > On 02/23/18 at 09:29am, Petr Tesarik wrote:  
> > > > Hi Baoquan,
> > > > 
> > > > On Fri, 23 Feb 2018 07:20:43 +0800
> > > > Baoquan He <bhe@redhat.com> wrote:
> > > >     
> > > > > Hi Michal,
> > > > > 
> > > > > On 02/22/18 at 11:24pm, Michal Suchanek wrote:    
> > > > > > The new KEXEC_FILE_LOAD is preferred in the case the
> > > > > > platform supports it because it allows kexec in locked down
> > > > > > secure boot mode.
> > > > > > 
> > > > > > However, some platforms do not support it so fall back to
> > > > > > the old syscall there.      
> > > > > 
> > > > > I didn't read code change, just from patch log, I tend to not
> > > > > agree. There are two options KEXEC_FILE_LOAD and KEXEC_LOAD,
> > > > > some platforms do not support, why does some platforms not
> > > > > choose KEXEC_LOAD, the working one? Why bother to make change
> > > > > in code? I believe there's returned message telling if
> > > > > KEXEC_FILE_LOAD works or not.    
> > > > 
> > > > Well... let me give a bit of background. As you have probably
> > > > noticed, this syscall was originally available only for x86_64,
> > > > but more and more architectures are also adding it now.
> > > > 
> > > > Next, kexec is actually called by a script (which locates a
> > > > suitable kernel and initrd, constructs the kernel command line,
> > > > etc.). The script must either:
> > > > 
> > > >   A. know somehow if the currently running kernel implements
> > > >      kexec_file_load(2), or
> > > > 
> > > >   B. try one method first, and if it fails, retry with the
> > > > other.
> > > > 
> > > > I agree that kexec(1) should probably allow the user to force a
> > > > specific method, but I don't see the benefit of implementing
> > > > fallback in an external script and not in kexec-tools itself.
> > > > 
> > > > OTOH if you want to push the fallback logic out of kexec-tools,
> > > > then I would like to get better diagnostic at least. Letting my
> > > > script parse kexec output is, um, suboptimal.    
> > > 
> > > In Fedora/RHEL we use this in scripts by checking the arch first,
> > > for distribution it is enough?  
> > 
> > No.
> > 
> > First, you would also have to check the kernel version (and
> > maintain an ugly mapping of which kernel version introduced
> > kexec_file_load on which architecture).  
> 
> The kernel version update is rare for these new syscall added, but
> it is indeed needed to match with them
> 
> > 
> > Second, it's not just the architecture. kexec_load(2) will fail if
> > SecureBoot is active. OTOH kexec_file_load(2) will fail if the
> > kernel is not signed. For kernel hackers who don't use SecureBoot,
> > signing self-built kernels is just overkill. So, you should also
> > check the state of SecureBoot, possibly also whether the kernel
> > image is signed with a valid key, repeating a bit too much of the
> > kernel logic, and quite likely introducing subtle differences...  
> 
> Hmm, I did not say the exact details, yes, we checked the Secure Boot
> state and only use kexec_file_load for that special case.
> 
> kexec_file and kexec_file_load is not exactly same so if one want to
> use one instead of another for a specific functionality it seems not
> good to automatically switch to another if one failed. For example
> which one should be the first choice, it is hard to say.

Hard to say indeed, However, I would assume that architectures that
implement kexec_file_load do so because it is required in some case and
hence it will be actively maintained when available. However, some
architectures may not require it and will be slow to implement it. So
using kexec_file_load when available sounds like the right thing.
Technically the implementation details are different but for most users
this does not matter.

For those that do care I provide option to select one or the other.

Thanks

Michal

_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

  reply	other threads:[~2018-02-26 12:09 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-02-22 22:24 [PATCH] kexec: do KEXEC_FILE_LOAD and fallback to KEXEC_LOAD if not supported Michal Suchanek
2018-02-22 23:20 ` Baoquan He
2018-02-23  8:29   ` Petr Tesarik
2018-02-24  1:43     ` Dave Young
2018-02-24 16:34       ` Petr Tesarik
2018-02-26  1:45         ` Dave Young
2018-02-26 12:08           ` Michal Suchánek [this message]
2018-02-27  1:15             ` Dave Young
2018-02-27  8:39               ` Petr Tesarik
2018-02-27  9:09                 ` Dave Young
2018-02-27  9:14                   ` Dave Young
2018-02-27  9:49                     ` Michal Suchánek
2018-02-24 20:02       ` Michal Suchánek
2018-02-24  2:19     ` Baoquan He
2018-02-23 19:21   ` Michal Suchánek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180226130858.6c0a8d09@naga.suse.cz \
    --to=msuchanek@suse.de \
    --cc=bhe@redhat.com \
    --cc=dyoung@redhat.com \
    --cc=horms@verge.net.au \
    --cc=kexec@lists.infradead.org \
    --cc=ptesarik@suse.cz \
    --cc=tonyj@suse.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.