From: Joerg Roedel <joro@8bytes.org>
To: x86@kernel.org
Cc: Eric Biederman <ebiederm@xmission.com>,
kexec@lists.infradead.org, Joerg Roedel <jroedel@suse.de>,
stable@vger.kernel.org, hpa@zytor.com,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Jiri Slaby <jslaby@suse.cz>,
Dan Williams <dan.j.williams@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Juergen Gross <jgross@suse.com>,
Kees Cook <keescook@chromium.org>,
David Rientjes <rientjes@google.com>,
Cfir Cohen <cfir@google.com>, Erdem Aktas <erdemaktas@google.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Mike Stunes <mstunes@vmware.com>,
Sean Christopherson <seanjc@google.com>,
Martin Radev <martin.b.radev@gmail.com>,
Arvind Sankar <nivedita@alum.mit.edu>,
Joerg Roedel <joro@8bytes.org>,
linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, virtualization@lists.linux-foundation.org
Subject: [PATCH v2 01/12] kexec: Allow architecture code to opt-out at runtime
Date: Mon, 13 Sep 2021 17:55:52 +0200 [thread overview]
Message-ID: <20210913155603.28383-2-joro@8bytes.org> (raw)
In-Reply-To: <20210913155603.28383-1-joro@8bytes.org>
From: Joerg Roedel <jroedel@suse.de>
Allow a runtime opt-out of kexec support for architecture code in case
the kernel is running in an environment where kexec is not properly
supported yet.
This will be used on x86 when the kernel is running as an SEV-ES
guest. SEV-ES guests need special handling for kexec to hand over all
CPUs to the new kernel. This requires special hypervisor support and
handling code in the guest which is not yet implemented.
Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
include/linux/kexec.h | 1 +
kernel/kexec.c | 14 ++++++++++++++
kernel/kexec_file.c | 9 +++++++++
3 files changed, 24 insertions(+)
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index 0c994ae37729..85c30dcd0bdc 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -201,6 +201,7 @@ int arch_kexec_kernel_verify_sig(struct kimage *image, void *buf,
unsigned long buf_len);
#endif
int arch_kexec_locate_mem_hole(struct kexec_buf *kbuf);
+bool arch_kexec_supported(void);
extern int kexec_add_buffer(struct kexec_buf *kbuf);
int kexec_locate_mem_hole(struct kexec_buf *kbuf);
diff --git a/kernel/kexec.c b/kernel/kexec.c
index b5e40f069768..275cda429380 100644
--- a/kernel/kexec.c
+++ b/kernel/kexec.c
@@ -190,11 +190,25 @@ static int do_kexec_load(unsigned long entry, unsigned long nr_segments,
* that to happen you need to do that yourself.
*/
+bool __weak arch_kexec_supported(void)
+{
+ return true;
+}
+
static inline int kexec_load_check(unsigned long nr_segments,
unsigned long flags)
{
int result;
+ /*
+ * The architecture may support kexec in general, but the kernel could
+ * run in an environment where it is not (yet) possible to execute a new
+ * kernel. Allow the architecture code to opt-out of kexec support when
+ * it is running in such an environment.
+ */
+ if (!arch_kexec_supported())
+ return -ENOSYS;
+
/* We only trust the superuser with rebooting the system. */
if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
return -EPERM;
diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
index 33400ff051a8..96d08a512e9c 100644
--- a/kernel/kexec_file.c
+++ b/kernel/kexec_file.c
@@ -358,6 +358,15 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
int ret = 0, i;
struct kimage **dest_image, *image;
+ /*
+ * The architecture may support kexec in general, but the kernel could
+ * run in an environment where it is not (yet) possible to execute a new
+ * kernel. Allow the architecture code to opt-out of kexec support when
+ * it is running in such an environment.
+ */
+ if (!arch_kexec_supported())
+ return -ENOSYS;
+
/* We only trust the superuser with rebooting the system. */
if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
return -EPERM;
--
2.33.0
next prev parent reply other threads:[~2021-09-13 15:56 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-13 15:55 [PATCH v2 00/12] x86/sev: KEXEC/KDUMP support for SEV-ES guests Joerg Roedel
2021-09-13 15:55 ` Joerg Roedel [this message]
2021-11-01 16:10 ` [PATCH v2 01/12] kexec: Allow architecture code to opt-out at runtime Borislav Petkov
2021-11-01 21:11 ` Eric W. Biederman
2021-11-02 16:37 ` Joerg Roedel
2021-11-02 17:00 ` Joerg Roedel
2021-11-02 18:17 ` Eric W. Biederman
2021-11-02 17:17 ` Borislav Petkov
2021-09-13 15:55 ` [PATCH v2 02/12] x86/kexec/64: Forbid kexec when running as an SEV-ES guest Joerg Roedel
2021-09-13 15:55 ` [PATCH v2 03/12] x86/sev: Save and print negotiated GHCB protocol version Joerg Roedel
2021-11-03 14:27 ` Borislav Petkov
2022-01-26 9:27 ` Joerg Roedel
2021-09-13 15:55 ` [PATCH v2 04/12] x86/sev: Do not hardcode " Joerg Roedel
2021-09-13 15:55 ` [PATCH v2 05/12] x86/sev: Use GHCB protocol version 2 if supported Joerg Roedel
2021-11-03 16:05 ` Borislav Petkov
2021-09-13 15:55 ` [PATCH v2 06/12] x86/sev: Cache AP Jump Table Address Joerg Roedel
2021-11-08 18:14 ` Borislav Petkov
2021-09-13 15:55 ` [PATCH v2 07/12] x86/sev: Setup code to park APs in the AP Jump Table Joerg Roedel
2021-11-10 16:37 ` Borislav Petkov
2022-01-26 14:26 ` Joerg Roedel
2021-09-13 15:55 ` [PATCH v2 08/12] x86/sev: Park APs on AP Jump Table with GHCB protocol version 2 Joerg Roedel
2021-11-12 16:33 ` Borislav Petkov
2022-01-27 9:01 ` Joerg Roedel
2021-09-13 15:56 ` [PATCH v2 09/12] x86/sev: Use AP Jump Table blob to stop CPU Joerg Roedel
2021-11-15 18:44 ` Borislav Petkov
2021-09-13 15:56 ` [PATCH v2 10/12] x86/sev: Add MMIO handling support to boot/compressed/ code Joerg Roedel
2021-09-13 15:56 ` [PATCH v2 11/12] x86/sev: Handle CLFLUSH MMIO events Joerg Roedel
2021-09-13 15:56 ` [PATCH v2 12/12] x86/sev: Support kexec under SEV-ES with AP Jump Table blob Joerg Roedel
2021-09-13 16:02 ` [PATCH v2 00/12] x86/sev: KEXEC/KDUMP support for SEV-ES guests Dave Hansen
2021-09-13 16:14 ` Joerg Roedel
2021-09-13 16:21 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210913155603.28383-2-joro@8bytes.org \
--to=joro@8bytes.org \
--cc=cfir@google.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=ebiederm@xmission.com \
--cc=erdemaktas@google.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=jroedel@suse.de \
--cc=jslaby@suse.cz \
--cc=keescook@chromium.org \
--cc=kexec@lists.infradead.org \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=martin.b.radev@gmail.com \
--cc=mhiramat@kernel.org \
--cc=mstunes@vmware.com \
--cc=nivedita@alum.mit.edu \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=seanjc@google.com \
--cc=stable@vger.kernel.org \
--cc=thomas.lendacky@amd.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).