From: Michael Ellerman <mpe@ellerman.id.au>
To: Ignat Korchagin <ignat@cloudflare.com>, eric.devolder@oracle.com
Cc: linux@armlinux.org.uk, catalin.marinas@arm.com, will@kernel.org,
chenhuacai@kernel.org, geert@linux-m68k.org,
tsbogend@alpha.franken.de,
James Bottomley <James.Bottomley@hansenpartnership.com>,
deller@gmx.de, ysato@users.sourceforge.jp, dalias@libc.org,
glaubitz@physik.fu-berlin.de,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
dave.hansen@linux.intel.com, x86@kernel.org,
linux-kernel <linux-kernel@vger.kernel.org>,
linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org,
loongarch@lists.linux.dev, linux-m68k@lists.linux-m68k.org,
linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org,
linux-s390@vger.kernel.org, linux-sh@vger.kernel.org,
kernel@xen0n.name, npiggin@gmail.com,
christophe.leroy@csgroup.eu, paul.walmsley@sifive.com,
palmer@dabbelt.com, aou@eecs.berkeley.edu, hca@linux.ibm.com,
gor@linux.ibm.com, agordeev@linux.ibm.com,
borntraeger@linux.ibm.com, svens@linux.ibm.com, hpa@zytor.com,
keescook@chromium.org, paulmck@kernel.org,
Peter Zijlstra <peterz@infradead.org>,
frederic@kernel.org, Andrew Morton <akpm@linux-foundation.org>,
Ard Biesheuvel <ardb@kernel.org>,
samitolvanen@google.com, juerg.haefliger@canonical.com,
arnd@arndb.de, rmk+kernel@armlinux.org.uk,
linus.walleij@linaro.org, sebastian.reichel@collabora.com,
rppt@kernel.org, kirill.shutemov@linux.intel.com,
anshuman.khandual@arm.com, ziy@nvidia.com, masahiroy@kernel.org,
ndesaulniers@google.com, mhiramat@kernel.org, ojeda@kernel.org,
thunder.leizhen@huawei.com, xin3.li@intel.com, tj@kernel.org,
Greg KH <gregkh@linuxfoundation.org>,
tsi@tuyoix.net, bhe@redhat.com, hbathini@linux.ibm.com,
sourabhjain@linux.ibm.com, boris.ostrovsky@oracle.com,
konrad.wilk@oracle.com, kernel-team <kernel-team@cloudflare.com>
Subject: Re: Potential config regression after 89cde455 ("kexec: consolidate kexec and crash options into kernel/Kconfig.kexec")
Date: Tue, 21 Nov 2023 12:05:59 +1100 [thread overview]
Message-ID: <87y1er6hl4.fsf@mail.lhotse> (raw)
In-Reply-To: <CALrw=nHpRQQaQTP_jZfREgrQEMpS8jBF8JQCv4ygqXycE-StaA@mail.gmail.com>
Ignat Korchagin <ignat@cloudflare.com> writes:
> Good day!
>
> We have recently started to evaluate Linux 6.6 and noticed that we
> cannot disable CONFIG_KEXEC anymore, but keep CONFIG_CRASH_DUMP
> enabled. It seems to be related to commit 89cde455 ("kexec:
> consolidate kexec and crash options into kernel/Kconfig.kexec"), where
> a CONFIG_KEXEC dependency was added to CONFIG_CRASH_DUMP.
>
> In our current kernel (Linux 6.1) we only enable CONFIG_KEXEC_FILE
> with enforced signature check to support the kernel crash dumping
> functionality and would like to keep CONFIG_KEXEC disabled for
> security reasons [1].
>
> I was reading the long commit message, but the reason for adding
> CONFIG_KEXEC as a dependency for CONFIG_CRASH_DUMP evaded me. And I
> believe from the implementation perspective CONFIG_KEXEC_FILE should
> suffice here (as we successfully used it for crashdumps on Linux 6.1).
>
> Is there a reason for adding this dependency or is it just an
> oversight? Would some solution of requiring either CONFIG_KEXEC or
> CONFIG_KEXEC_FILE work here?
I don't actually see any reason for CRASH_DUMP to depend on KEXEC or
KEXEC_FILE.
None of the old CRASH_DUMP symbols depended on KEXEC AFAICS. Using
something like:
$ git diff 89cde455..95d1fef5 | grep -A 3 "^-.*config CRASH_DUMP"
It's reasonable to want to build a kernel that supports CRASH_DUMP (ie.
can be a dump kernel), but doesn't support kexec and requires a regular
reboot. Though I doubt anyone does that in practice?
cheers
WARNING: multiple messages have this Message-ID (diff)
From: Michael Ellerman <mpe@ellerman.id.au>
To: Ignat Korchagin <ignat@cloudflare.com>, eric.devolder@oracle.com
Cc: linux@armlinux.org.uk, catalin.marinas@arm.com, will@kernel.org,
chenhuacai@kernel.org, geert@linux-m68k.org,
tsbogend@alpha.franken.de,
James Bottomley <James.Bottomley@hansenpartnership.com>,
deller@gmx.de, ysato@users.sourceforge.jp, dalias@libc.org,
glaubitz@physik.fu-berlin.de,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
dave.hansen@linux.intel.com, x86@kernel.org,
linux-kernel <linux-kernel@vger.kernel.org>,
linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org,
loongarch@lists.linux.dev, linux-m68k@lists.linux-m68k.org,
linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org,
linux-s390@vger.kernel.org, linux-sh@vger.kernel.org,
kernel@xen0n.name, npiggin@gmail.com,
christophe.leroy@csgroup.eu, paul.walmsley@sifive.com,
palmer@dabbelt.com, aou@eecs.berkeley.edu, hca@linux.ibm.com,
gor@linux.ibm.com, agordeev@linux.ibm.com,
borntraeger@linux.ibm.com, svens@linux.ibm.com, hpa@zytor.com,
keescook@chromium.org, paulmck@kernel.org,
Peter Zijlstra <peterz@infradead.org>,
frederic@kernel.org, Andrew Morton <akpm@linux-foundation.org>,
Ard Biesheuvel <ardb@kernel.org>,
samitolvanen@google.com, juerg.haefliger@canonical.com,
arnd@arndb.de, rmk+kernel@armlinux.org.uk,
linus.walleij@linaro.org, sebastian.reichel@collabora.com,
rppt@kernel.org, kirill.shutemov@linux.intel.com,
anshuman.khandual@arm.com, ziy@nvidia.com, masahiroy@kernel.org,
ndesaulniers@google.com, mhiramat@kernel.org, ojeda@kernel.org,
thunder.leizhen@huawei.com, xin3.li@intel.com, tj@kernel.org,
Greg KH <gregkh@linuxfoundation.org>,
tsi@tuyoix.net, bhe@redhat.com, hbathini@linux.ibm.com,
sourabhjain@linux.ibm.com, boris.ostrovsky@oracle.com,
konrad.wilk@oracle.com, kernel-team <kernel-team@cloudflare.com>
Subject: Re: Potential config regression after 89cde455 ("kexec: consolidate kexec and crash options into kernel/Kconfig.kexec")
Date: Tue, 21 Nov 2023 12:05:59 +1100 [thread overview]
Message-ID: <87y1er6hl4.fsf@mail.lhotse> (raw)
In-Reply-To: <CALrw=nHpRQQaQTP_jZfREgrQEMpS8jBF8JQCv4ygqXycE-StaA@mail.gmail.com>
Ignat Korchagin <ignat@cloudflare.com> writes:
> Good day!
>
> We have recently started to evaluate Linux 6.6 and noticed that we
> cannot disable CONFIG_KEXEC anymore, but keep CONFIG_CRASH_DUMP
> enabled. It seems to be related to commit 89cde455 ("kexec:
> consolidate kexec and crash options into kernel/Kconfig.kexec"), where
> a CONFIG_KEXEC dependency was added to CONFIG_CRASH_DUMP.
>
> In our current kernel (Linux 6.1) we only enable CONFIG_KEXEC_FILE
> with enforced signature check to support the kernel crash dumping
> functionality and would like to keep CONFIG_KEXEC disabled for
> security reasons [1].
>
> I was reading the long commit message, but the reason for adding
> CONFIG_KEXEC as a dependency for CONFIG_CRASH_DUMP evaded me. And I
> believe from the implementation perspective CONFIG_KEXEC_FILE should
> suffice here (as we successfully used it for crashdumps on Linux 6.1).
>
> Is there a reason for adding this dependency or is it just an
> oversight? Would some solution of requiring either CONFIG_KEXEC or
> CONFIG_KEXEC_FILE work here?
I don't actually see any reason for CRASH_DUMP to depend on KEXEC or
KEXEC_FILE.
None of the old CRASH_DUMP symbols depended on KEXEC AFAICS. Using
something like:
$ git diff 89cde455..95d1fef5 | grep -A 3 "^-.*config CRASH_DUMP"
It's reasonable to want to build a kernel that supports CRASH_DUMP (ie.
can be a dump kernel), but doesn't support kexec and requires a regular
reboot. Though I doubt anyone does that in practice?
cheers
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
WARNING: multiple messages have this Message-ID (diff)
From: Michael Ellerman <mpe@ellerman.id.au>
To: Ignat Korchagin <ignat@cloudflare.com>, eric.devolder@oracle.com
Cc: chenhuacai@kernel.org, linux-ia64@vger.kernel.org,
linux-sh@vger.kernel.org, Peter Zijlstra <peterz@infradead.org>,
catalin.marinas@arm.com, linus.walleij@linaro.org,
dave.hansen@linux.intel.com, linux-mips@vger.kernel.org,
James Bottomley <James.Bottomley@hansenpartnership.com>,
dalias@libc.org, hpa@zytor.com, linux-riscv@lists.infradead.org,
will@kernel.org, kernel@xen0n.name, tsi@tuyoix.net,
linux-s390@vger.kernel.org, agordeev@linux.ibm.com,
rmk+kernel@armlinux.org.uk, paulmck@kernel.org,
ysato@users.sourceforge.jp,
kernel-team <kernel-team@cloudflare.com>,
deller@gmx.de, x86@kernel.org, linux@armlinux.org.uk,
paul.walmsley@sifive.com, Ingo Molnar <mingo@redhat.com>,
geert@linux-m68k.org, hbathini@linux.ibm.com,
samitolvanen@google.com, ojeda@kernel.org,
juerg.haefliger@canonical.com, borntraeger@linux.ibm.com,
frederic@kernel.org, arnd@arndb.de, mhiramat@kernel.org,
Ard Biesheuvel <ardb@kernel.org>,
thunder.leizhen@huawei.com, aou@eecs.berkeley.edu,
keescook@chromium.org, go r@linux.ibm.com,
anshuman.khandual@arm.com, hca@linux.ibm.com, xin3.li@intel.com,
npiggin@gmail.com, konrad.wilk@oracle.com,
linux-m68k@lists.linux-m68k.org, Borislav Petkov <bp@alien8.de>,
loongarch@lists.linux.dev, glaubitz@physik.fu-berlin.de,
Thomas Gleixner <tglx@linutronix.de>,
ziy@nvidia.com, linux-arm-kernel@lists.infradead.org,
boris.ostrovsky@oracle.com, tsbogend@alpha.franken.de,
sebastian.reichel@collabora.com, bhe@redhat.com,
linux-parisc@vger.kernel.org,
Greg KH <gregkh@linuxfoundation.org>,
kirill.shutemov@linux.intel.com, ndesaulniers@google.com,
linux-kernel <linux-kernel@vger.kernel.org>,
sourabhjain@linux.ibm.com, palmer@dabbelt.com,
svens@linux.ibm.com, tj@kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
linuxppc-dev@lists.ozlabs.org, masahiroy@kernel.org,
rppt@kernel.org
Subject: Re: Potential config regression after 89cde455 ("kexec: consolidate kexec and crash options into kernel/Kconfig.kexec")
Date: Tue, 21 Nov 2023 12:05:59 +1100 [thread overview]
Message-ID: <87y1er6hl4.fsf@mail.lhotse> (raw)
In-Reply-To: <CALrw=nHpRQQaQTP_jZfREgrQEMpS8jBF8JQCv4ygqXycE-StaA@mail.gmail.com>
Ignat Korchagin <ignat@cloudflare.com> writes:
> Good day!
>
> We have recently started to evaluate Linux 6.6 and noticed that we
> cannot disable CONFIG_KEXEC anymore, but keep CONFIG_CRASH_DUMP
> enabled. It seems to be related to commit 89cde455 ("kexec:
> consolidate kexec and crash options into kernel/Kconfig.kexec"), where
> a CONFIG_KEXEC dependency was added to CONFIG_CRASH_DUMP.
>
> In our current kernel (Linux 6.1) we only enable CONFIG_KEXEC_FILE
> with enforced signature check to support the kernel crash dumping
> functionality and would like to keep CONFIG_KEXEC disabled for
> security reasons [1].
>
> I was reading the long commit message, but the reason for adding
> CONFIG_KEXEC as a dependency for CONFIG_CRASH_DUMP evaded me. And I
> believe from the implementation perspective CONFIG_KEXEC_FILE should
> suffice here (as we successfully used it for crashdumps on Linux 6.1).
>
> Is there a reason for adding this dependency or is it just an
> oversight? Would some solution of requiring either CONFIG_KEXEC or
> CONFIG_KEXEC_FILE work here?
I don't actually see any reason for CRASH_DUMP to depend on KEXEC or
KEXEC_FILE.
None of the old CRASH_DUMP symbols depended on KEXEC AFAICS. Using
something like:
$ git diff 89cde455..95d1fef5 | grep -A 3 "^-.*config CRASH_DUMP"
It's reasonable to want to build a kernel that supports CRASH_DUMP (ie.
can be a dump kernel), but doesn't support kexec and requires a regular
reboot. Though I doubt anyone does that in practice?
cheers
next prev parent reply other threads:[~2023-11-21 1:06 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-20 22:52 Potential config regression after 89cde455 ("kexec: consolidate kexec and crash options into kernel/Kconfig.kexec") Ignat Korchagin
2023-11-20 22:52 ` Ignat Korchagin
2023-11-20 22:52 ` Ignat Korchagin
2023-11-21 1:05 ` Michael Ellerman [this message]
2023-11-21 1:05 ` Michael Ellerman
2023-11-21 1:05 ` Michael Ellerman
2023-11-21 1:50 ` Baoquan He
2023-11-21 1:50 ` Baoquan He
2023-11-21 1:50 ` Baoquan He
2023-11-21 7:53 ` Ignat Korchagin
2023-11-21 7:53 ` Ignat Korchagin
2023-11-21 7:53 ` Ignat Korchagin
2023-11-21 9:43 ` Ignat Korchagin
2023-11-21 9:43 ` Ignat Korchagin
2023-11-21 9:43 ` Ignat Korchagin
2023-11-22 9:34 ` Baoquan He
2023-11-22 9:34 ` Baoquan He
2023-11-22 9:34 ` Baoquan He
2023-11-22 9:47 ` Ignat Korchagin
2023-11-22 9:47 ` Ignat Korchagin
2023-11-22 9:47 ` Ignat Korchagin
2023-11-23 8:27 ` Baoquan He
2023-11-23 8:27 ` Baoquan He
2023-11-23 8:27 ` Baoquan He
2023-11-21 9:56 ` Baoquan He
2023-11-21 9:56 ` Baoquan He
2023-11-21 9:56 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y1er6hl4.fsf@mail.lhotse \
--to=mpe@ellerman.id.au \
--cc=James.Bottomley@hansenpartnership.com \
--cc=agordeev@linux.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=anshuman.khandual@arm.com \
--cc=aou@eecs.berkeley.edu \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bhe@redhat.com \
--cc=boris.ostrovsky@oracle.com \
--cc=borntraeger@linux.ibm.com \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=chenhuacai@kernel.org \
--cc=christophe.leroy@csgroup.eu \
--cc=dalias@libc.org \
--cc=dave.hansen@linux.intel.com \
--cc=deller@gmx.de \
--cc=eric.devolder@oracle.com \
--cc=frederic@kernel.org \
--cc=geert@linux-m68k.org \
--cc=glaubitz@physik.fu-berlin.de \
--cc=gor@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=hbathini@linux.ibm.com \
--cc=hca@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=ignat@cloudflare.com \
--cc=juerg.haefliger@canonical.com \
--cc=keescook@chromium.org \
--cc=kernel-team@cloudflare.com \
--cc=kernel@xen0n.name \
--cc=kirill.shutemov@linux.intel.com \
--cc=konrad.wilk@oracle.com \
--cc=linus.walleij@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-ia64@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=loongarch@lists.linux.dev \
--cc=masahiroy@kernel.org \
--cc=mhiramat@kernel.org \
--cc=mingo@redhat.com \
--cc=ndesaulniers@google.com \
--cc=npiggin@gmail.com \
--cc=ojeda@kernel.org \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rmk+kernel@armlinux.org.uk \
--cc=rppt@kernel.org \
--cc=samitolvanen@google.com \
--cc=sebastian.reichel@collabora.com \
--cc=sourabhjain@linux.ibm.com \
--cc=svens@linux.ibm.com \
--cc=tglx@linutronix.de \
--cc=thunder.leizhen@huawei.com \
--cc=tj@kernel.org \
--cc=tsbogend@alpha.franken.de \
--cc=tsi@tuyoix.net \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=xin3.li@intel.com \
--cc=ysato@users.sourceforge.jp \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.