From patchwork Wed Dec 7 01:49:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A. Shutemov" X-Patchwork-Id: 30593 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp3157561wrr; Tue, 6 Dec 2022 17:54:08 -0800 (PST) X-Google-Smtp-Source: AA0mqf4J/U1OqsNTnqCktiqg48OPMJ3X1YFTGy7CKItlxVp8WsEUh+Qheu6uNxvpCNmmi2tShz+W X-Received: by 2002:a17:906:f108:b0:7c0:fd18:ebe1 with SMTP id gv8-20020a170906f10800b007c0fd18ebe1mr7358829ejb.592.1670378047889; Tue, 06 Dec 2022 17:54:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670378047; cv=none; d=google.com; s=arc-20160816; b=OQbqM+XSc5bnu/02mB4cS/n4TvbULuYb521oJ0iCjVBIFbGf+oxeq0Iwo2ZEftN6+G Sf2ozrOIMpCD6pz9gSx/qHJ8GlUdcHqOuSgU9m7TjUSNsHBe/qR3eRlXYnqgZ+bIS2Od 5ljV8Dbi8l/4i1i/C42A9ALdQSsjdQuD8CmAkDZFpf40l8bWr14Gdm2J4GZ3ZIe/q/SS P2NalgyHOlY1tsciisbU6gpJvp7XBxLwXpw4vDYzIdGyN7DRwizhmKJ5Gw/ypr4tyT60 0/q6xGBGx21QD51nKmH7n6Cjx1IL0orxoVm4QGH/hn2gwlBcoQeMtaIa3ti+LhyC3CKj KkVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=wEx2e5BFTypQruktgveotPG4xgTAKVo5RG9TIHHowI4=; b=Qs6C1/tdktFVw0W4ephCQLmQEWKSNOC9BLCxaQNoSRVaBFhlB4zz11lLlDBDfGYqRZ f4UYmNs+EaOFs49lPCJ+asmvP7VoaeAZ+QR6KAXFAS9IB2/woyIk13+9htOtbFXYp8FO uSb/dhKbk76kcJhgUS8zXraX2z9gyXccgC7s21MfXJjV5XeOMkYU4HkRnPVCmAd9LKjQ 6IFxLpyNqqot/TON/lZlqzPmp2l1w8CaXnCZre/+bVjl5aexnVHxUrdmV54FhktWa54Z jPMhTAX74kBs77qU8Nhr2J91iOzsLAaULPgNbXBhW5uAMGe2yOhwxItPZvoC+JVQD0H/ 6azQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=b+tzc5iW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f14-20020a0564021e8e00b00469274348b5si3653659edf.263.2022.12.06.17.53.44; Tue, 06 Dec 2022 17:54:07 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=b+tzc5iW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229997AbiLGBuX (ORCPT + 99 others); Tue, 6 Dec 2022 20:50:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60804 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229967AbiLGBuS (ORCPT ); Tue, 6 Dec 2022 20:50:18 -0500 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 847B4532C9; Tue, 6 Dec 2022 17:50:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670377801; x=1701913801; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4ZWHE8KNs9LD2gK29L+GSS8ovmdLBSodlS7K4yGoZwg=; b=b+tzc5iWH+w2K98w/pM61E3YYVoOZb81+1vo73SQNiZ2yMGzTmfuHtd/ Pn14Ce8FY1LUUvp8GRDS0BdlZ7pDYz5bnTvb5LQ54kmiowrpC2Zf4seQE jCAFW+E7m44jf3j3ejGHBn1WLC6IsTd8qGHJhUqHUfnB/F/XpjsoaFaZG 8f9reMzXbNLKAS5ZxzCI+UPaJMVokJYRQr4GbdSNE7M3poobqJtE14+bv 7lQBfa2WwubxGmfH8Uc7aB4JxCJnn2rfdzCHdaf+yqnFv7MyfP/kHEAiP apo2GaSaOhALmu6Ppeud5in7vrCLyHGXK1HSeAfWCb8PtJrijWnYa6U5r Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10553"; a="316794452" X-IronPort-AV: E=Sophos;i="5.96,223,1665471600"; d="scan'208";a="316794452" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Dec 2022 17:50:01 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10553"; a="640082289" X-IronPort-AV: E=Sophos;i="5.96,223,1665471600"; d="scan'208";a="640082289" Received: from puneets1-mobl.ger.corp.intel.com (HELO box.shutemov.name) ([10.252.38.123]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Dec 2022 17:49:53 -0800 Received: by box.shutemov.name (Postfix, from userid 1000) id A268A109C8F; Wed, 7 Dec 2022 04:49:39 +0300 (+03) From: "Kirill A. Shutemov" To: Borislav Petkov , Andy Lutomirski , Sean Christopherson , Andrew Morton , Joerg Roedel , Ard Biesheuvel Cc: Andi Kleen , Kuppuswamy Sathyanarayanan , David Rientjes , Vlastimil Babka , Tom Lendacky , Thomas Gleixner , Peter Zijlstra , Paolo Bonzini , Ingo Molnar , Dario Faggioli , Dave Hansen , Mike Rapoport , David Hildenbrand , Mel Gorman , marcelo.cerri@canonical.com, tim.gardner@canonical.com, khalid.elmously@canonical.com, philip.cox@canonical.com, aarcange@redhat.com, peterx@redhat.com, x86@kernel.org, linux-mm@kvack.org, linux-coco@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv8 11/14] x86: Disable kexec if system has unaccepted memory Date: Wed, 7 Dec 2022 04:49:30 +0300 Message-Id: <20221207014933.8435-12-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.38.0 In-Reply-To: <20221207014933.8435-1-kirill.shutemov@linux.intel.com> References: <20221207014933.8435-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1751518331657366666?= X-GMAIL-MSGID: =?utf-8?q?1751518331657366666?= On kexec, the target kernel has to know what memory has been accepted. Information in EFI map is out of date and cannot be used. boot_params.unaccepted_memory can be used to pass the bitmap between two kernels on kexec, but the use-case is not yet implemented. Disable kexec on machines with unaccepted memory for now. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/kexec.h | 5 +++++ arch/x86/mm/unaccepted_memory.c | 16 ++++++++++++++++ include/linux/kexec.h | 7 +++++++ kernel/kexec.c | 4 ++++ kernel/kexec_file.c | 4 ++++ 5 files changed, 36 insertions(+) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index a3760ca796aa..87abab578154 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -189,6 +189,11 @@ extern void arch_kexec_pre_free_pages(void *vaddr, unsigned int pages); void arch_kexec_protect_crashkres(void); #define arch_kexec_protect_crashkres arch_kexec_protect_crashkres +#ifdef CONFIG_UNACCEPTED_MEMORY +int arch_kexec_load(void); +#define arch_kexec_load arch_kexec_load +#endif + void arch_kexec_unprotect_crashkres(void); #define arch_kexec_unprotect_crashkres arch_kexec_unprotect_crashkres diff --git a/arch/x86/mm/unaccepted_memory.c b/arch/x86/mm/unaccepted_memory.c index a0a58486eb74..1745e6a65024 100644 --- a/arch/x86/mm/unaccepted_memory.c +++ b/arch/x86/mm/unaccepted_memory.c @@ -1,4 +1,5 @@ // SPDX-License-Identifier: GPL-2.0-only +#include #include #include #include @@ -98,3 +99,18 @@ bool range_contains_unaccepted_memory(phys_addr_t start, phys_addr_t end) return ret; } + +#ifdef CONFIG_KEXEC_CORE +int arch_kexec_load(void) +{ + if (!boot_params.unaccepted_memory) + return 0; + + /* + * TODO: Information on memory acceptance status has to be communicated + * between kernel. + */ + pr_warn_once("Disable kexec: not yet supported on systems with unaccepted memory\n"); + return -EOPNOTSUPP; +} +#endif diff --git a/include/linux/kexec.h b/include/linux/kexec.h index 41a686996aaa..6b75051d5271 100644 --- a/include/linux/kexec.h +++ b/include/linux/kexec.h @@ -444,6 +444,13 @@ static inline void arch_kexec_protect_crashkres(void) { } static inline void arch_kexec_unprotect_crashkres(void) { } #endif +#ifndef arch_kexec_load +static inline int arch_kexec_load(void) +{ + return 0; +} +#endif + #ifndef page_to_boot_pfn static inline unsigned long page_to_boot_pfn(struct page *page) { diff --git a/kernel/kexec.c b/kernel/kexec.c index cb8e6e6f983c..65dff44b487f 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c @@ -192,6 +192,10 @@ static inline int kexec_load_check(unsigned long nr_segments, { int result; + result = arch_kexec_load(); + if (result) + return result; + /* We only trust the superuser with rebooting the system. */ if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) return -EPERM; diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 45637511e0de..8f1454c3776a 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -329,6 +329,10 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, int ret = 0, i; struct kimage **dest_image, *image; + ret = arch_kexec_load(); + if (ret) + return ret; + /* We only trust the superuser with rebooting the system. */ if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) return -EPERM;