From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752973AbcGMRi2 (ORCPT ); Wed, 13 Jul 2016 13:38:28 -0400 Received: from mail-pf0-f174.google.com ([209.85.192.174]:35744 "EHLO mail-pf0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751279AbcGMRiS (ORCPT ); Wed, 13 Jul 2016 13:38:18 -0400 Date: Thu, 14 Jul 2016 02:38:06 +0900 From: AKASHI Takahiro To: Mark Rutland Cc: Dave Young , Arnd Bergmann , bhe@redhat.com, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Vivek Goyal , "Eric W. Biederman" , bauerman@linux.vnet.ibm.com, linuxppc-dev@lists.ozlabs.org, linux-arm-kernel@lists.infradead.org Subject: Re: [RFC 0/3] extend kexec_file_load system call Message-ID: <20160713173804.GA25723@porco> Mail-Followup-To: AKASHI Takahiro , Mark Rutland , Dave Young , Arnd Bergmann , bhe@redhat.com, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Vivek Goyal , "Eric W. Biederman" , bauerman@linux.vnet.ibm.com, linuxppc-dev@lists.ozlabs.org, linux-arm-kernel@lists.infradead.org References: <20160712014201.11456-1-takahiro.akashi@linaro.org> <1911992.H2WpLRr2Fi@wuerfel> <20160712141810.GB30181@redhat.com> <293705810.hBL93OOmOz@wuerfel> <20160712145010.GA8447@leverpostej> <20160713023614.GB3222@dhcp-128-65.nay.redhat.com> <20160713093432.GB14522@leverpostej> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Content-Disposition: inline In-Reply-To: <20160713093432.GB14522@leverpostej> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Apologies for the slow response. I'm attending LinuxCon this week. On Wed, Jul 13, 2016 at 10:34:47AM +0100, Mark Rutland wrote: > On Wed, Jul 13, 2016 at 10:36:14AM +0800, Dave Young wrote: > > But consider we can kexec to a different kernel and a different initrd so there > > will be use cases to pass a total different dtb as well. > > It depends on what you mean by "a different kernel", and what this > implies for the DTB. > > I expect future arm64 Linux kernels to function with today's DTBs, and > the existing boot protocol. The kexec_file_load syscall already has > enough information for the kernel to inject the initrd and bootargs > properties into a DTB. > > In practice on x86 today, kexec_file_load only supports booting to a > Linux kernel, because the in-kernel purgatory only implements the x86 > Linux boot protocol. Analagously, for arm64 I think that the first > kernel should use its internal copy of the boot DTB, with /chosen fixed > up appropriately, assuming the next kernel is an arm64 Linux image. > > If booting another OS, the only parts of the DTB I would expect to > change are the properties under chosen, as everything else *should* be > OS-independent. However the other OS may have a completely different > boot protocol, might not even take a DTB, and will likely need a > compeltely different purgatory implementation. So just allowing the DTB > to be altered isn't sufficient for that case. > > There might be cases where we want a different DTB, but as far as I can > tell we have nothing analagous on x86 today. If we do need this, we > should have an idea of what real case(s) were trying to solve. What I had in my mind was: - Kdump As Russel said, we definitely need to modify dtb. In addition to bootargs and initrd proerties (FYI, in my arm64 implementation for arm64, eflcorehdr info is also passed as DT property), we may want to remove unnecessary devices and even add a dedicated storage device for storing a core dump image. - Say, booting BE kernel on ACPI LE kernel In this case, there is no useful dtb in the kernel. Have said that, as Mark said, we may be able to use normal kexec_load system call if we don't need a "secure" kexec. BTW, why doesn't the current kexec_load have ability of verifying a signature of initramfs image? Is IMA/EVM expected to be used at runtime? Thanks, -Takahiro AKASHI > Thanks, > Mark.