Kexec Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Michal Suchanek <msuchanek@suse.de>
To: kexec@lists.infradead.org
Cc: Tony Jones <tonyj@suse.com>, Dave Young <dyoung@redhat.com>,
	Michal Suchanek <msuchanek@suse.de>,
	Petr Tesarik <ptesarik@suse.cz>,
	horms@verge.net.au
Subject: [PATCH] kexec: add option to fall back to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported.
Date: Mon,  5 Mar 2018 13:52:52 +0100	[thread overview]
Message-ID: <20180305125252.4953-1-msuchanek@suse.de> (raw)
In-Reply-To: <3b910afee8763a7fd64358884ce3fd4d43e98675.1519997533.git.msuchanek@suse.de>

Not all architectures implement KEXEC_FILE_LOAD. However, on some
archiectures KEXEC_FILE_LOAD is required when secure boot is enabled in
locked-down mode. Previously users had to select the KEXEC_FILE_LOAD
syscall with undocumented -s option. However, if they did pass the
option kexec would fail on architectures that do not support it.

So add an -a option that tries KEXEC_FILE_LOAD and when it is not
supported tries KEXEC_LOAD.

Signed-off-by: Michal Suchanek <msuchanek@suse.de>
---
 kexec/kexec.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++----
 kexec/kexec.h |  4 +++-
 2 files changed, 50 insertions(+), 5 deletions(-)

diff --git a/kexec/kexec.c b/kexec/kexec.c
index a95cfb473d6b..c7aaf8ac147f 100644
--- a/kexec/kexec.c
+++ b/kexec/kexec.c
@@ -1243,6 +1243,7 @@ int main(int argc, char *argv[])
 	int do_unload = 0;
 	int do_reuse_initrd = 0;
 	int do_kexec_file_syscall = 0;
+	int do_kexec_fallback = 0;
 	int do_status = 0;
 	void *entry = 0;
 	char *type = 0;
@@ -1367,10 +1368,15 @@ int main(int argc, char *argv[])
 			break;
 		case OPT_KEXEC_FILE_SYSCALL:
 			do_kexec_file_syscall = 1;
+			do_kexec_fallback = 0;
 			break;
 		case OPT_KEXEC_SYSCALL:
 			do_kexec_file_syscall = 0;
+			do_kexec_fallback = 0;
 			break;
+		case OPT_KEXEC_SYSCALL_AUTO:
+			do_kexec_file_syscall = 1;
+			do_kexec_fallback = 1;
 		case OPT_STATUS:
 			do_status = 1;
 			break;
@@ -1442,16 +1448,53 @@ int main(int argc, char *argv[])
 		result = k_status(kexec_flags);
 	}
 	if (do_unload) {
-		if (do_kexec_file_syscall)
+		if (do_kexec_file_syscall) {
 			result = kexec_file_unload(kexec_file_flags);
-		else
+			if ((result == -ENOSYS) && do_kexec_fallback)
+				do_kexec_file_syscall = 0;
+		}
+		if (!do_kexec_file_syscall)
 			result = k_unload(kexec_flags);
 	}
 	if (do_load && (result == 0)) {
-		if (do_kexec_file_syscall)
+		if (do_kexec_file_syscall) {
 			result = do_kexec_file_load(fileind, argc, argv,
 						 kexec_file_flags);
-		else
+			if (do_kexec_fallback) switch (result) {
+				/*
+				 * Something failed with signature verification.
+				 * Reject the image.
+				 */
+				case -ELIBBAD:
+				case -EKEYREJECTED:
+				case -ENOPKG:
+				case -ENOKEY:
+				case -EBADMSG:
+				case -EMSGSIZE:
+					/*
+					 * By default reject or do nothing if
+					 * succeded
+					 */
+				default: break;
+					/*
+					 * Parsing image or other options failed
+					 * The image may be invalid or image
+					 * type may not supported by kernel so
+					 * retry parsing in kexec-tools.
+					 */
+				case -EINVAL:
+				case -ENOEXEC:
+					 /*
+					  * ENOTSUPP can be unsupported image
+					  * type or unsupported PE signature
+					  * wrapper type, duh
+					  */
+				case -ENOTSUP:
+					do_kexec_file_syscall = 0;
+					break;
+			}
+		}
+		if (!do_kexec_file_syscall)
 			result = my_load(type, fileind, argc, argv,
 						kexec_flags, entry);
 	}
diff --git a/kexec/kexec.h b/kexec/kexec.h
index 9fd0355eacd0..d445fbe3e486 100644
--- a/kexec/kexec.h
+++ b/kexec/kexec.h
@@ -220,6 +220,7 @@ extern int file_types;
 #define OPT_PANIC		'p'
 #define OPT_KEXEC_FILE_SYSCALL	's'
 #define OPT_KEXEC_SYSCALL	'c'
+#define OPT_KEXEC_SYSCALL_AUTO	'a'
 #define OPT_STATUS		'S'
 #define OPT_MEM_MIN             256
 #define OPT_MEM_MAX             257
@@ -248,11 +249,12 @@ extern int file_types;
 	{ "reuseinitrd",	0, 0, OPT_REUSE_INITRD }, \
 	{ "kexec-file-syscall",	0, 0, OPT_KEXEC_FILE_SYSCALL }, \
 	{ "kexec-syscall",	0, 0, OPT_KEXEC_SYSCALL }, \
+	{ "kexec-syscall-auto",	0, 0, OPT_KEXEC_SYSCALL_AUTO }, \
 	{ "debug",		0, 0, OPT_DEBUG }, \
 	{ "status",		0, 0, OPT_STATUS }, \
 	{ "print-ckr-size",     0, 0, OPT_PRINT_CKR_SIZE }, \
 
-#define KEXEC_OPT_STR "h?vdfxyluet:pscS"
+#define KEXEC_OPT_STR "h?vdfxyluet:pscaS"
 
 extern void dbgprint_mem_range(const char *prefix, struct memory_range *mr, int nr_mr);
 extern void die(const char *fmt, ...)
-- 
2.13.6


_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

  parent reply	other threads:[~2018-03-05 12:53 UTC|newest]

Thread overview: 85+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-02-26 12:00 [PATCH 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Michal Suchanek
2018-02-26 12:00 ` [PATCH 2/5] kexec: do not special-case the -s option Michal Suchanek
2018-03-02 12:36   ` Simon Horman
2018-03-02 13:38     ` Michal Suchánek
2018-03-05  6:38       ` Simon Horman
2018-02-26 12:00 ` [PATCH 3/5] kexec: add option to revert -s Michal Suchanek
2018-02-26 12:00 ` [PATCH 4/5] kexec: fallback to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Michal Suchanek
2018-02-28 13:05   ` Michal Suchánek
2018-03-02  9:17   ` Dave Young
2018-03-05 17:49     ` Michal Suchánek
2018-03-06 13:15     ` [PATCH v4 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Michal Suchanek
2018-03-06 13:15     ` [PATCH v4 2/5] kexec: do not special-case the -s option Michal Suchanek
2018-03-15 10:38       ` Simon Horman
2018-03-15 11:13         ` Michal Suchánek
2018-03-16 11:20           ` Simon Horman
2018-03-16 11:38             ` Michal Suchánek
2018-03-16 11:47               ` Simon Horman
2018-03-06 13:15     ` [PATCH v4 3/5] kexec: add option to revert -s Michal Suchanek
2018-03-06 13:15     ` [PATCH v4 4/5] kexec: add option to fall back to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Michal Suchanek
2018-03-13 17:30       ` Tony Jones
2018-03-14  3:44         ` Dave Young
2018-03-14  3:21       ` Dave Young
2018-03-15 11:06         ` Michal Suchánek
2018-03-16  6:45           ` Dave Young
2018-03-16 11:44             ` Michal Suchánek
2018-03-14  3:22       ` Dave Young
2018-03-14  7:23         ` Michal Suchánek
2018-03-14  7:48           ` Dave Young
2018-03-06 13:15     ` [PATCH v4 5/5] kexec: document -s, -c and -a options Michal Suchanek
2018-03-14  3:41       ` Dave Young
2018-03-14  7:25         ` Michal Suchánek
2018-03-14  7:50           ` Dave Young
2018-03-15 11:44             ` Michal Suchánek
2018-03-16  6:51               ` Dave Young
2018-03-16 16:01                 ` Michal Suchánek
2018-03-14  3:43       ` Dave Young
2018-03-15 11:18         ` Michal Suchánek
2018-03-20 15:56     ` [PATCH v5 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Michal Suchanek
2018-03-26  7:25       ` Simon Horman
2018-03-26  7:53         ` Dave Young
2018-03-26 18:17           ` Michal Suchánek
2018-03-27  9:39             ` Dave Young
2018-03-20 15:56     ` [PATCH v5 2/5] kexec: Fix option checks to take KEXEC_FILE_LOAD into account Michal Suchanek
2018-03-20 15:56     ` [PATCH v5 3/5] kexec: Do not special-case the -s option Michal Suchanek
2018-03-20 15:56     ` [PATCH v5 4/5] kexec: Add option to fall back to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Michal Suchanek
2018-03-26  9:08       ` Dave Young
2018-03-26  9:12         ` Dave Young
2018-03-26 17:38           ` Michal Suchánek
2018-03-26 18:52             ` Thiago Jung Bauermann
2018-03-26 19:07               ` Michal Suchánek
2018-03-27  9:59               ` Dave Young
2018-03-28 13:15                 ` [PATCH v6 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Michal Suchanek
2018-03-28 13:15                   ` [PATCH v6 2/5] kexec: Fix option checks to take KEXEC_FILE_LOAD into account Michal Suchanek
2018-03-28 13:15                   ` [PATCH v6 3/5] kexec: Do not special-case the -s option Michal Suchanek
2018-04-05 11:05                     ` Petr Tesarik
2018-04-09  8:38                       ` Bhupesh Sharma
2018-03-28 13:15                   ` [PATCH v6 4/5] kexec: Add option to revert -s Michal Suchanek
2018-03-28 13:15                   ` [PATCH v6 5/5] kexec: Add option to fall back to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Michal Suchanek
2018-03-28 13:15                   ` [PATCH 6/6] kexec: Document -s, -c and -a options in the man page Michal Suchanek
2018-03-30  6:29                   ` [PATCH v6 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Simon Horman
2018-03-30  8:00                     ` Dave Young
2018-03-30  8:46                       ` Simon Horman
2018-03-27 10:06             ` [PATCH v5 4/5] kexec: Add option to fall back to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Dave Young
2018-03-27 11:01               ` Michal Suchánek
2018-03-27 11:10                 ` Petr Tesarik
2018-03-28  0:53                 ` Dave Young
2018-03-28  7:42                   ` Simon Horman
2018-03-20 15:56     ` [PATCH v5 5/5] kexec: Document -s, -c and -a options Michal Suchanek
2018-03-02  9:24   ` [PATCH 4/5] kexec: fallback to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Dave Young
2018-03-02 12:32     ` Michal Suchánek
2018-03-02 12:46       ` Simon Horman
2018-03-02 13:28         ` Michal Suchánek
2018-03-02 13:32         ` [PATCH v3 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Michal Suchanek
2018-03-02 13:33         ` [PATCH v3 2/5] kexec: do not special-case the -s option Michal Suchanek
2018-03-02 13:33         ` [PATCH v3 3/5] kexec: add option to revert -s Michal Suchanek
2018-03-02 13:33         ` [PATCH v3 4/5] kexec: fallback to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Michal Suchanek
2018-03-02 13:55           ` Michal Suchánek
2018-03-05 12:52           ` Michal Suchanek [this message]
2018-03-02 13:33         ` [PATCH v3 5/5] kexec: document -s, -c and -a options Michal Suchanek
2018-03-05  1:51         ` [PATCH 4/5] kexec: fallback to KEXEC_LOAD when KEXEC_FILE_LOAD is not supported Dave Young
2018-03-02 12:44   ` Simon Horman
2018-03-13 20:43     ` Michal Suchánek
2018-02-26 12:00 ` [PATCH 5/5] kexec: document -s and -c options Michal Suchanek
2018-03-02 12:34 ` [PATCH 1/5] kexec: Return -ENOSYS when kexec does not know how to call KEXEC_FILE_LOAD Simon Horman
2018-03-02 13:44   ` Michal Suchánek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180305125252.4953-1-msuchanek@suse.de \
    --to=msuchanek@suse.de \
    --cc=dyoung@redhat.com \
    --cc=horms@verge.net.au \
    --cc=kexec@lists.infradead.org \
    --cc=ptesarik@suse.cz \
    --cc=tonyj@suse.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox