From: Vivek Goyal <vgoyal@redhat.com>
To: linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, kexec@lists.infradead.org
Cc: akpm@linux-foundation.org, zohar@linux.vnet.ibm.com,
d.kasatkin@samsung.com, ebiederm@xmission.com, hpa@zytor.com,
matthew.garrett@nebula.com, vgoyal@redhat.com
Subject: [PATCH 15/16] bootparam: Pass acpi_rsdp pointer in bootparam
Date: Tue, 10 Sep 2013 17:44:30 -0400 [thread overview]
Message-ID: <1378849471-10521-16-git-send-email-vgoyal@redhat.com> (raw)
In-Reply-To: <1378849471-10521-1-git-send-email-vgoyal@redhat.com>
Currently kexec does not enables EFI and its tables in second kernel. Hence
acpi rsdp root pointer is passed on command line. But secureboot does not trust
acpi_rsdp on command line as kernel can execute some of the code as retrieved
by following acpi_rsdp and root can modify command line. So in secureboot
mode we ignore acpi_rsdp on command line.
Start passing it in bootparams for the time being. kexec-tools will prepare
the bootparams and put acpi_rsdp pointer there.
Peter Jones suggested that scan all ACPI memory for acpi_rsdp if EFI is
not enabled. This probably is a better fix and most likely this patch will
change and adopt that approach down the line.
In fact if we figure out how to make UEFI run time calls in second kernel,
we will not need acpi_rsdp at all.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
---
arch/x86/include/uapi/asm/bootparam.h | 3 ++-
arch/x86/kernel/acpi/boot.c | 5 +++++
drivers/acpi/osl.c | 10 ++++++++++
include/linux/acpi.h | 1 +
4 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h
index c15ddaf..8a5f7ae 100644
--- a/arch/x86/include/uapi/asm/bootparam.h
+++ b/arch/x86/include/uapi/asm/bootparam.h
@@ -122,7 +122,8 @@ struct boot_params {
__u32 ext_ramdisk_image; /* 0x0c0 */
__u32 ext_ramdisk_size; /* 0x0c4 */
__u32 ext_cmd_line_ptr; /* 0x0c8 */
- __u8 _pad4[116]; /* 0x0cc */
+ __u64 acpi_rsdp_addr; /* 0x0cc */
+ __u8 _pad4[108]; /* 0x0d4 */
struct edid_info edid_info; /* 0x140 */
struct efi_info efi_info; /* 0x1c0 */
__u32 alt_mem_k; /* 0x1e0 */
diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c
index 2627a81..b667d65 100644
--- a/arch/x86/kernel/acpi/boot.c
+++ b/arch/x86/kernel/acpi/boot.c
@@ -43,6 +43,8 @@
#include <asm/io.h>
#include <asm/mpspec.h>
#include <asm/smp.h>
+#include <asm/bootparam.h>
+#include <asm/setup.h>
#include "sleep.h" /* To include x86_acpi_suspend_lowlevel */
static int __initdata acpi_force = 0;
@@ -1518,6 +1520,9 @@ static struct dmi_system_id __initdata acpi_dmi_table_late[] = {
void __init acpi_boot_table_init(void)
{
+ /* Read acpi_rsdp_bootparams from bootparam */
+ acpi_rsdp_bootparam = boot_params.acpi_rsdp_addr;
+
dmi_check_system(acpi_dmi_table);
/*
diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
index 6ab2c35..99e8ca9 100644
--- a/drivers/acpi/osl.c
+++ b/drivers/acpi/osl.c
@@ -242,9 +242,19 @@ static int __init setup_acpi_rsdp(char *arg)
early_param("acpi_rsdp", setup_acpi_rsdp);
#endif
+unsigned long long acpi_rsdp_bootparam;
acpi_physical_address __init acpi_os_get_root_pointer(void)
{
#ifdef CONFIG_KEXEC
+ /*
+ * If bootloader (kexec in this case), has passed, the acpi_rsdp
+ * in boot params, use that. In case of secureboot /sbin/kexec
+ * is signed and verified. That means we can trust acpi_rsdp
+ * as passed in by kexec bootloader
+ */
+ if (acpi_rsdp_bootparam)
+ return acpi_rsdp_bootparam;
+
if (acpi_rsdp)
return acpi_rsdp;
#endif
diff --git a/include/linux/acpi.h b/include/linux/acpi.h
index 6ad72f9..54cc8ab 100644
--- a/include/linux/acpi.h
+++ b/include/linux/acpi.h
@@ -128,6 +128,7 @@ extern u32 acpi_irq_not_handled;
extern int sbf_port;
extern unsigned long acpi_realmode_flags;
+extern unsigned long long acpi_rsdp_bootparam;
int acpi_register_gsi (struct device *dev, u32 gsi, int triggering, int polarity);
int acpi_gsi_to_irq (u32 gsi, unsigned int *irq);
--
1.8.3.1
next prev parent reply other threads:[~2013-09-10 21:47 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-10 21:44 [PATCH 00/16] [RFC PATCH] Signed kexec support Vivek Goyal
2013-09-10 21:44 ` [PATCH 01/16] mm: vm_brk(), align the length to page boundary Vivek Goyal
2013-09-10 21:44 ` [PATCH 02/16] integrity: Add a function to determine digital signature length Vivek Goyal
2013-09-10 21:44 ` [PATCH 03/16] ima: Allow adding more memory locking metadata after digital signature v2 Vivek Goyal
2013-09-10 21:44 ` [PATCH 04/16] integrity: Allow digital signature verification with a given keyring ptr Vivek Goyal
2013-09-11 17:34 ` Mimi Zohar
2013-09-10 21:44 ` [PATCH 05/16] integrity: Export a function to retrieve hash algo used in digital signature Vivek Goyal
2013-09-10 21:44 ` [PATCH 06/16] ima: export new IMA functions for signature verification Vivek Goyal
2013-09-10 21:44 ` [PATCH 07/16] mm: Define a task flag MMF_VM_LOCKED for memlocked tasks and don't allow munlock Vivek Goyal
2013-09-10 21:44 ` [PATCH 08/16] binfmt_elf: Elf executable signature verification Vivek Goyal
2013-09-10 21:44 ` [PATCH 09/16] ima: define functions to appraise memory buffer contents Vivek Goyal
2013-09-10 21:44 ` [PATCH 10/16] keyctl: Introduce a new operation KEYCTL_VERIFY_SIGNATURE Vivek Goyal
2013-09-10 21:44 ` [PATCH 11/16] ptrace: Do not allow ptrace() from unsigned process to signed one Vivek Goyal
2013-09-10 21:44 ` [PATCH 12/16] binfmt_elf: Do not mark process signed if binary has elf interpreter Vivek Goyal
2013-09-10 21:44 ` [PATCH 13/16] kexec: Allow only signed processes to call sys_kexec() in secureboot mode Vivek Goyal
2013-09-10 21:44 ` [PATCH 14/16] kexec: Export sysfs attributes for secureboot and secure modules to user space Vivek Goyal
2013-09-10 22:40 ` Greg KH
2013-09-11 13:44 ` Vivek Goyal
2013-09-10 22:57 ` Josh Boyer
2013-09-11 13:51 ` Vivek Goyal
2013-09-10 21:44 ` Vivek Goyal [this message]
2013-09-10 22:52 ` [PATCH 15/16] bootparam: Pass acpi_rsdp pointer in bootparam H. Peter Anvin
2013-09-11 11:44 ` Borislav Petkov
2013-09-11 13:45 ` Vivek Goyal
2013-09-11 14:32 ` Borislav Petkov
2013-09-12 7:34 ` Dave Young
2013-09-12 12:53 ` Borislav Petkov
[not found] ` <20130912131930.GC28500@redhat.com>
2013-09-12 14:25 ` Borislav Petkov
2013-09-12 14:34 ` Matthew Garrett
2013-09-12 14:42 ` Borislav Petkov
2013-09-13 7:12 ` Dave Young
2013-09-13 11:26 ` Borislav Petkov
2013-09-10 21:44 ` [PATCH 16/16] mount: Add a flag to not follow symlink at the end of mount point Vivek Goyal
2013-09-12 3:40 ` [PATCH 00/16] [RFC PATCH] Signed kexec support Greg KH
2013-09-12 11:43 ` Vivek Goyal
2013-09-12 16:17 ` Greg KH
2013-09-12 18:24 ` Mimi Zohar
[not found] ` <20130916142852.GB20753@redhat.com>
2013-09-18 14:51 ` Andrea Adami
2013-09-23 17:15 ` Vivek Goyal
2013-09-16 14:24 ` Vivek Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1378849471-10521-16-git-send-email-vgoyal@redhat.com \
--to=vgoyal@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=d.kasatkin@samsung.com \
--cc=ebiederm@xmission.com \
--cc=hpa@zytor.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthew.garrett@nebula.com \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).