kernel/linux.git/drivers/of/kexec.c, branch v5.15.208

of: kexec: Mark ima_{free,stable}_kexec_buffer() as __init

2023-09-19T10:22:30+00:00

This commit has no direct upstream equivalent. After commit d48016d74836 ("mm,ima,kexec,of: use memblock_free_late from ima_free_kexec_buffer") in 5.15, there is a modpost warning for certain configurations: WARNING: modpost: vmlinux.o(.text+0xb14064): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late() The function ima_free_kexec_buffer() references the function __init __memblock_free_late(). This is often because ima_free_kexec_buffer lacks a __init annotation or the annotation of __memblock_free_late is wrong. In mainline, there is no issue because ima_free_kexec_buffer() is marked as __init, which was done as part of commit b69a2afd5afc ("x86/kexec: Carry forward IMA measurement log on kexec") in 6.0, which is not suitable for stable. Mark ima_free_kexec_buffer() and its single caller ima_load_kexec_buffer() as __init in 5.15, as ima_load_kexec_buffer() is only called from ima_init(), which is __init, clearing up the warning. Signed-off-by: Nathan Chancellor Acked-by: Rob Herring Signed-off-by: Greg Kroah-Hartman

mm,ima,kexec,of: use memblock_free_late from ima_free_kexec_buffer

2023-08-30T14:18:22+00:00

commit f0362a253606e2031f8d61c74195d4d6556e12a4 upstream. The code calling ima_free_kexec_buffer runs long after the memblock allocator has already been torn down, potentially resulting in a use after free in memblock_isolate_range. With KASAN or KFENCE, this use after free will result in a BUG from the idle task, and a subsequent kernel panic. Switch ima_free_kexec_buffer over to memblock_free_late to avoid that issue. Fixes: fee3ff99bc67 ("powerpc: Move arch independent ima kexec functions to drivers/of/kexec.c") Cc: stable@kernel.org Signed-off-by: Rik van Riel Suggested-by: Mike Rappoport Link: https://lore.kernel.org/r/20230817135759.0888e5ef@imladris.surriel.com Signed-off-by: Rob Herring Signed-off-by: Mike Rappoport (IBM) Signed-off-by: Greg Kroah-Hartman

of/kexec: Fix reading 32-bit "linux,initrd-{start,end}" values

2023-01-12T10:58:53+00:00

commit e553ad8d7957697385e81034bf76db3b2cb2cf27 upstream. "linux,initrd-start" and "linux,initrd-end" can be 32-bit values even on a 64-bit platform. Ideally, the size should be based on '#address-cells', but that has never been enforced in the kernel's FDT boot parsing code (early_init_dt_check_for_initrd()). Bootloader behavior is known to vary. For example, kexec always writes these as 64-bit. The result of incorrectly reading 32-bit values is most likely the reserved memory for the original initrd will still be reserved for the new kernel. The original arm64 equivalent of this code failed to release the initrd reserved memory in *all* cases. Use of_read_number() to mirror the early_init_dt_check_for_initrd() code. Fixes: b30be4dc733e ("of: Add a common kexec FDT setup function") Cc: stable@vger.kernel.org Reported-by: Peter Maydell Link: https://lore.kernel.org/r/20221128202440.1411895-1-robh@kernel.org Signed-off-by: Rob Herring Signed-off-by: Greg Kroah-Hartman

of: check previous kernel's ima-kexec-buffer against memory bounds

2022-08-17T12:23:38+00:00

[ Upstream commit cbf9c4b9617b6767886a913705ca14b7600c77db ] Presently ima_get_kexec_buffer() doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic if the new kernel is booted with 'mem=X' arg and the ima-kexec-buffer was allocated beyond that range by the previous kernel. The panic is usually of the form below: $ sudo kexec --initrd initrd vmlinux --append='mem=16G' BUG: Unable to handle kernel data access on read at 0xc000c01fff7f0000 Faulting instruction address: 0xc000000000837974 Oops: Kernel access of bad area, sig: 11 [#1] NIP [c000000000837974] ima_restore_measurement_list+0x94/0x6c0 LR [c00000000083b55c] ima_load_kexec_buffer+0xac/0x160 Call Trace: [c00000000371fa80] [c00000000083b55c] ima_load_kexec_buffer+0xac/0x160 [c00000000371fb00] [c0000000020512c4] ima_init+0x80/0x108 [c00000000371fb70] [c0000000020514dc] init_ima+0x4c/0x120 [c00000000371fbf0] [c000000000012240] do_one_initcall+0x60/0x2c0 [c00000000371fcc0] [c000000002004ad0] kernel_init_freeable+0x344/0x3ec [c00000000371fda0] [c0000000000128a4] kernel_init+0x34/0x1b0 [c00000000371fe10] [c00000000000ce64] ret_from_kernel_thread+0x5c/0x64 Instruction dump: f92100b8 f92100c0 90e10090 910100a0 4182050c 282a0017 3bc00000 40810330 7c0802a6 fb610198 7c9b2378 f80101d0 2c090001 40820614 e9240010 ---[ end trace 0000000000000000 ]--- Fix this issue by checking returned PFN range of previous kernel's ima-kexec-buffer with page_is_ram() to ensure correct memory bounds. Fixes: 467d27824920 ("powerpc: ima: get the kexec buffer passed by the previous kernel") Cc: Frank Rowand Cc: Prakhar Srivastava Cc: Lakshmi Ramasubramanian Cc: Thiago Jung Bauermann Cc: Rob Herring Cc: Ritesh Harjani Cc: Robin Murphy Signed-off-by: Vaibhav Jain Signed-off-by: Rob Herring Link: https://lore.kernel.org/r/20220531041446.3334259-1-vaibhav@linux.ibm.com Signed-off-by: Sasha Levin

of: Support more than one crash kernel regions for kexec -s

2022-06-09T08:22:36+00:00

[ Upstream commit 8af6b91f58341325bf74ecb0389ddc0039091d84 ] When "crashkernel=X,high" is used, there may be two crash regions: high=crashk_res and low=crashk_low_res. But now the syscall kexec_file_load() only add crashk_res into "linux,usable-memory-range", this may cause the second kernel to have no available dma memory. Fix it like kexec-tools does for option -c, add both 'high' and 'low' regions into the dtb. Signed-off-by: Zhen Lei Acked-by: Rob Herring Acked-by: Baoquan He Link: https://lore.kernel.org/r/20220506114402.365-6-thunder.leizhen@huawei.com Signed-off-by: Catalin Marinas Signed-off-by: Sasha Levin

of: kexec: Remove FDT_PROP_* definitions

2021-07-16T20:05:38+00:00

The FDT_PROP_* definitions make it harder to follow the code. Remove them, and use the actual string literals instead. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/af415c86cd2ba9c8a6bb2eaaf56c3198a24b23d3.1626267092.git.geert+renesas@glider.be Signed-off-by: Rob Herring

kexec: Use fdt_appendprop_addrrange() to add ima buffer to FDT

2021-03-08T19:06:30+00:00

fdt_appendprop_addrrange() function adds a property, with the given name, to the device tree at the given node offset, and also sets the address and size of the property. This function should be used to add "linux,ima-kexec-buffer" property to the device tree and set the address and size of the IMA measurement buffer, instead of using custom function. Use fdt_appendprop_addrrange() to add "linux,ima-kexec-buffer" property to the device tree. This property holds the address and size of the IMA measurement buffer that needs to be passed from the current kernel to the next kernel across kexec system call. Remove custom code that is used in setup_ima_buffer() to add "linux,ima-kexec-buffer" property to the device tree. Co-developed-by: Prakhar Srivastava Signed-off-by: Prakhar Srivastava Signed-off-by: Lakshmi Ramasubramanian Reviewed-by: Thiago Jung Bauermann Signed-off-by: Rob Herring Link: https://lore.kernel.org/r/20210221174930.27324-12-nramas@linux.microsoft.com

powerpc: Move arch independent ima kexec functions to drivers/of/kexec.c

2021-03-08T19:06:29+00:00

The functions defined in "arch/powerpc/kexec/ima.c" handle setting up and freeing the resources required to carry over the IMA measurement list from the current kernel to the next kernel across kexec system call. These functions do not have architecture specific code, but are currently limited to powerpc. Move remove_ima_buffer() and setup_ima_buffer() calls into of_kexec_alloc_and_setup_fdt() defined in "drivers/of/kexec.c". Move the remaining architecture independent functions from "arch/powerpc/kexec/ima.c" to "drivers/of/kexec.c". Delete "arch/powerpc/kexec/ima.c" and "arch/powerpc/include/asm/ima.h". Remove references to the deleted files and functions in powerpc and in ima. Co-developed-by: Prakhar Srivastava Signed-off-by: Prakhar Srivastava Signed-off-by: Lakshmi Ramasubramanian Reviewed-by: Thiago Jung Bauermann Tested-by: Thiago Jung Bauermann Signed-off-by: Rob Herring Link: https://lore.kernel.org/r/20210221174930.27324-11-nramas@linux.microsoft.com

of: Add a common kexec FDT setup function

2021-03-08T19:06:29+00:00

Both arm64 and powerpc do essentially the same FDT /chosen setup for kexec. The differences are either omissions that arm64 should have or additional properties that will be ignored. The setup code can be combined and shared by both powerpc and arm64. The differences relative to the arm64 version: - If /chosen doesn't exist, it will be created (should never happen). - Any old dtb and initrd reserved memory will be released. - The new initrd and elfcorehdr are marked reserved. - "linux,booted-from-kexec" is set. The differences relative to the powerpc version: - "kaslr-seed" and "rng-seed" may be set. - "linux,elfcorehdr" is set. - Any existing "linux,usable-memory-range" is removed. Combine the code for setting up the /chosen node in the FDT and updating the memory reservation for kexec, for powerpc and arm64, in of_kexec_alloc_and_setup_fdt() and move it to "drivers/of/kexec.c". Signed-off-by: Rob Herring Signed-off-by: Lakshmi Ramasubramanian Reviewed-by: Thiago Jung Bauermann Signed-off-by: Rob Herring Link: https://lore.kernel.org/r/20210221174930.27324-6-nramas@linux.microsoft.com