From: "Christophe Leroy (CS GROUP)" <chleroy@kernel.org>
To: Coiby Xu <coxu@redhat.com>,
kexec@lists.infradead.org, linux-arm-kernel@lists.infradead.org,
linuxppc-dev@lists.ozlabs.org, devicetree@vger.kernel.org
Cc: Arnaud Lefebvre <arnaud.lefebvre@clever-cloud.com>,
Baoquan he <bhe@redhat.com>, Dave Young <dyoung@redhat.com>,
Kairui Song <ryncsn@gmail.com>,
Pingfan Liu <kernelfans@gmail.com>,
Andrew Morton <akpm@linux-foundation.org>,
Krzysztof Kozlowski <krzk@kernel.org>,
Rob Herring <robh@kernel.org>, Thomas Staudt <tstaudt@de.ibm.com>,
Sourabh Jain <sourabhjain@linux.ibm.com>,
Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Madhavan Srinivasan <maddy@linux.ibm.com>,
Michael Ellerman <mpe@ellerman.id.au>,
Nicholas Piggin <npiggin@gmail.com>,
Saravana Kannan <saravanak@kernel.org>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v4 2/2] arm64,ppc64le/kdump: pass dm-crypt keys to kdump kernel
Date: Wed, 11 Feb 2026 10:55:17 +0100 [thread overview]
Message-ID: <423a3431-1271-4c35-94fe-8ca880679ed9@kernel.org> (raw)
In-Reply-To: <20260211082401.2407853-3-coxu@redhat.com>
Le 11/02/2026 à 09:24, Coiby Xu a écrit :
> CONFIG_CRASH_DM_CRYPT has been introduced to support LUKS-encrypted
> device dump target by addressing two challenges [1],
> - Kdump kernel may not be able to decrypt the LUKS partition. For some
> machines, a system administrator may not have a chance to enter the
> password to decrypt the device in kdump initramfs after the 1st kernel
> crashes
>
> - LUKS2 by default use the memory-hard Argon2 key derivation function
> which is quite memory-consuming compared to the limited memory reserved
> for kdump.
>
> To also enable this feature for ARM64 and PowerPC, we only need to add
What do you want to say exactly with 'only' ?
> a device tree property dmcryptkeys [2] as similar to elfcorehdr to pass
> the memory address of the stored info of dm-crypt keys to the kdump
> kernel. Since this property is only needed by the kdump kernel, it won't
> be exposed to user space.
>
> [1] https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fall%2F20250502011246.99238-1-coxu%40redhat.com%2F&data=05%7C02%7Cchristophe.leroy%40csgroup.eu%7C0aa5f3b34d694b23b0cc08de6946f66c%7C8b87af7d86474dc78df45f69a2011bb5%7C0%7C0%7C639063950684962054%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=8uCc%2Bg6YNojymf8UpZhmJY19vpWXJCC9KIf3qMyQ3dI%3D&reserved=0
> [2] https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fdevicetree-org%2Fdt-schema%2Fpull%2F181&data=05%7C02%7Cchristophe.leroy%40csgroup.eu%7C0aa5f3b34d694b23b0cc08de6946f66c%7C8b87af7d86474dc78df45f69a2011bb5%7C0%7C0%7C639063950684987003%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=1s5NPHgF1LsXdrDXBhawduFXOqnHPlkbohQHHvolLw4%3D&reserved=0
>
> Cc: Arnaud Lefebvre <arnaud.lefebvre@clever-cloud.com>
> Cc: Baoquan he <bhe@redhat.com>
> Cc: Dave Young <dyoung@redhat.com>
> Cc: Kairui Song <ryncsn@gmail.com>
> Cc: Pingfan Liu <kernelfans@gmail.com>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: Krzysztof Kozlowski <krzk@kernel.org>
> Cc: Rob Herring <robh@kernel.org>
> Cc: Thomas Staudt <tstaudt@de.ibm.com>
> Cc: Sourabh Jain <sourabhjain@linux.ibm.com>
> Cc: Will Deacon <will@kernel.org>
> Signed-off-by: Coiby Xu <coxu@redhat.com>
> ---
> arch/arm64/kernel/machine_kexec_file.c | 4 ++++
> arch/powerpc/kexec/elf_64.c | 4 ++++
> drivers/of/fdt.c | 21 +++++++++++++++++++++
> drivers/of/kexec.c | 19 +++++++++++++++++++
> 4 files changed, 48 insertions(+)
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index 331646d667b9..2967e4aff807 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -866,6 +866,26 @@ static void __init early_init_dt_check_for_elfcorehdr(unsigned long node)
> elfcorehdr_addr, elfcorehdr_size);
> }
>
> +static void __init early_init_dt_check_for_dmcryptkeys(unsigned long node)
> +{
> + const char *prop_name = "linux,dmcryptkeys";
> + const __be32 *prop;
> +
> + if (!IS_ENABLED(CONFIG_CRASH_DM_CRYPT))
> + return;
> +
> + pr_debug("Looking for dmcryptkeys property... ");
> +
> + prop = of_get_flat_dt_prop(node, prop_name, NULL);
> + if (!prop)
> + return;
> +
> + dm_crypt_keys_addr = dt_mem_next_cell(dt_root_addr_cells, &prop);
> +
> + /* Property only accessible to crash dump kernel */
> + fdt_delprop(initial_boot_params, node, prop_name);
Shouldn't this property be deleted regardless of whether kernel is built
with CONFIG_CRASH_DM_CRYPT or without ?
> +}
> +
> static unsigned long chosen_node_offset = -FDT_ERR_NOTFOUND;
>
> /*
> @@ -1097,6 +1117,7 @@ int __init early_init_dt_scan_chosen(char *cmdline)
>
> early_init_dt_check_for_initrd(node);
> early_init_dt_check_for_elfcorehdr(node);
> + early_init_dt_check_for_dmcryptkeys(node);
>
> rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
> if (rng_seed && l > 0) {
next prev parent reply other threads:[~2026-02-11 9:55 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-11 8:23 [PATCH v4 0/2] kdump: Enable LUKS-encrypted dump target support in ARM64 and PowerPC Coiby Xu
2026-02-11 8:23 ` [PATCH v4 1/2] crash_dump/dm-crypt: Don't print in arch-specific code Coiby Xu
2026-02-11 8:24 ` [PATCH v4 2/2] arm64,ppc64le/kdump: pass dm-crypt keys to kdump kernel Coiby Xu
2026-02-11 9:55 ` Christophe Leroy (CS GROUP) [this message]
2026-02-12 2:01 ` Coiby Xu
2026-02-11 22:35 ` kernel test robot
2026-02-12 2:22 ` Coiby Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=423a3431-1271-4c35-94fe-8ca880679ed9@kernel.org \
--to=chleroy@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=arnaud.lefebvre@clever-cloud.com \
--cc=bhe@redhat.com \
--cc=catalin.marinas@arm.com \
--cc=coxu@redhat.com \
--cc=devicetree@vger.kernel.org \
--cc=dyoung@redhat.com \
--cc=kernelfans@gmail.com \
--cc=kexec@lists.infradead.org \
--cc=krzk@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=maddy@linux.ibm.com \
--cc=mpe@ellerman.id.au \
--cc=npiggin@gmail.com \
--cc=robh@kernel.org \
--cc=ryncsn@gmail.com \
--cc=saravanak@kernel.org \
--cc=sourabhjain@linux.ibm.com \
--cc=tstaudt@de.ibm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox