Joerg Roedel
2021-Sep-13  15:55 UTC
[PATCH v2 01/12] kexec: Allow architecture code to opt-out at runtime
From: Joerg Roedel <jroedel at suse.de>
Allow a runtime opt-out of kexec support for architecture code in case
the kernel is running in an environment where kexec is not properly
supported yet.
This will be used on x86 when the kernel is running as an SEV-ES
guest. SEV-ES guests need special handling for kexec to hand over all
CPUs to the new kernel. This requires special hypervisor support and
handling code in the guest which is not yet implemented.
Cc: stable at vger.kernel.org # v5.10+
Signed-off-by: Joerg Roedel <jroedel at suse.de>
---
 include/linux/kexec.h |  1 +
 kernel/kexec.c        | 14 ++++++++++++++
 kernel/kexec_file.c   |  9 +++++++++
 3 files changed, 24 insertions(+)
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index 0c994ae37729..85c30dcd0bdc 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -201,6 +201,7 @@ int arch_kexec_kernel_verify_sig(struct kimage *image, void
*buf,
 				 unsigned long buf_len);
 #endif
 int arch_kexec_locate_mem_hole(struct kexec_buf *kbuf);
+bool arch_kexec_supported(void);
 
 extern int kexec_add_buffer(struct kexec_buf *kbuf);
 int kexec_locate_mem_hole(struct kexec_buf *kbuf);
diff --git a/kernel/kexec.c b/kernel/kexec.c
index b5e40f069768..275cda429380 100644
--- a/kernel/kexec.c
+++ b/kernel/kexec.c
@@ -190,11 +190,25 @@ static int do_kexec_load(unsigned long entry, unsigned
long nr_segments,
  * that to happen you need to do that yourself.
  */
 
+bool __weak arch_kexec_supported(void)
+{
+	return true;
+}
+
 static inline int kexec_load_check(unsigned long nr_segments,
 				   unsigned long flags)
 {
 	int result;
 
+	/*
+	 * The architecture may support kexec in general, but the kernel could
+	 * run in an environment where it is not (yet) possible to execute a new
+	 * kernel. Allow the architecture code to opt-out of kexec support when
+	 * it is running in such an environment.
+	 */
+	if (!arch_kexec_supported())
+		return -ENOSYS;
+
 	/* We only trust the superuser with rebooting the system. */
 	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
 		return -EPERM;
diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
index 33400ff051a8..96d08a512e9c 100644
--- a/kernel/kexec_file.c
+++ b/kernel/kexec_file.c
@@ -358,6 +358,15 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int,
initrd_fd,
 	int ret = 0, i;
 	struct kimage **dest_image, *image;
 
+	/*
+	 * The architecture may support kexec in general, but the kernel could
+	 * run in an environment where it is not (yet) possible to execute a new
+	 * kernel. Allow the architecture code to opt-out of kexec support when
+	 * it is running in such an environment.
+	 */
+	if (!arch_kexec_supported())
+		return -ENOSYS;
+
 	/* We only trust the superuser with rebooting the system. */
 	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
 		return -EPERM;
-- 
2.33.0
Borislav Petkov
2021-Nov-01  16:10 UTC
[PATCH v2 01/12] kexec: Allow architecture code to opt-out at runtime
On Mon, Sep 13, 2021 at 05:55:52PM +0200, Joerg Roedel wrote:> From: Joerg Roedel <jroedel at suse.de> > > Allow a runtime opt-out of kexec support for architecture code in case > the kernel is running in an environment where kexec is not properly > supported yet. > > This will be used on x86 when the kernel is running as an SEV-ES > guest. SEV-ES guests need special handling for kexec to hand over all > CPUs to the new kernel. This requires special hypervisor support and > handling code in the guest which is not yet implemented. > > Cc: stable at vger.kernel.org # v5.10+ > Signed-off-by: Joerg Roedel <jroedel at suse.de> > --- > include/linux/kexec.h | 1 + > kernel/kexec.c | 14 ++++++++++++++ > kernel/kexec_file.c | 9 +++++++++ > 3 files changed, 24 insertions(+)I guess I can take this through the tip tree along with the next one. Eric? -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette