diff options
Diffstat (limited to 'meta/recipes-kernel/kexec')
8 files changed, 108 insertions, 134 deletions
diff --git a/meta/recipes-kernel/kexec/kexec-tools/0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch b/meta/recipes-kernel/kexec/kexec-tools/0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch new file mode 100644 index 0000000000..c2301e711d --- /dev/null +++ b/meta/recipes-kernel/kexec/kexec-tools/0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch @@ -0,0 +1,67 @@ +From d48ec5e1a5fb7907520dee71b1d94045486a0c29 Mon Sep 17 00:00:00 2001 +From: Alexander Kamensky <alexander.kamensky42@gmail.com> +Date: Thu, 12 Nov 2020 12:56:46 -0800 +Subject: [PATCH] arm64: kexec: disabled check if kaslr-seed dtb property was + wiped + +Kexec when loading arm64 kernel checks if chosen/kaslr-seed dtb property is +wiped. It's a good assertion to verify proper behavior of kernel. However, +if bootloader creates and fills kaslr-seed property and kernel is not +configured with CONFIG_RANDOMIZE_BASE then logic of reading and wiping +kaslr-seed does not run. As a result kaslr-seed property is not zero and when +kexec tries to load secondary kernel it fails with the following message: + +setup_2nd_dtb: kaslr-seed is not wiped to 0. +kexec: setup_2nd_dtb failed. +kexec: load failed. + +This was observed on Yocto Project on qemuarm64 machine with 5.8 kernel, +qemu 5.1.0. Qemu created kaslr-seed property but kernel was not configured +with CONFIG_RANDOMIZE_BASE. + +Although check has some value, there is a use-case where it breaks kexec, +this patch removes it. + +Note in described use-case the fact that kaslr-seed is not wiped and user +readable through /sys/firmware/fdt or +/sys/firmware/devicetree/base/chosen/kaslr-seed is not a security problem +as kaslr is disabled anyway. + +Signed-off-by: Alexander Kamensky <alexander.kamensky42@gmail.com> +Upstream-Status: Submitted [http://lists.infradead.org/pipermail/kexec/2020-November/021740.html] +--- + kexec/arch/arm64/kexec-arm64.c | 14 +------------- + 1 file changed, 1 insertion(+), 13 deletions(-) + +Index: kexec-tools-2.0.20/kexec/arch/arm64/kexec-arm64.c +=================================================================== +--- kexec-tools-2.0.20.orig/kexec/arch/arm64/kexec-arm64.c ++++ kexec-tools-2.0.20/kexec/arch/arm64/kexec-arm64.c +@@ -428,7 +428,7 @@ static int setup_2nd_dtb(struct dtb *dtb + int len, range_len; + int nodeoffset; + int new_size; +- int result, kaslr_seed; ++ int result; + + result = fdt_check_header(dtb->buf); + +@@ -499,18 +499,6 @@ static int setup_2nd_dtb(struct dtb *dtb + return result; + } + } else { +- kaslr_seed = fdt64_to_cpu(*prop); +- +- /* kaslr_seed must be wiped clean by primary +- * kernel during boot +- */ +- if (kaslr_seed != 0) { +- dbgprintf("%s: kaslr-seed is not wiped to 0.\n", +- __func__); +- result = -EINVAL; +- goto on_error; +- } +- + /* + * Invoke the getrandom system call with + * GRND_NONBLOCK, to make sure we diff --git a/meta/recipes-kernel/kexec/kexec-tools/0002-powerpc-change-the-memory-size-limit.patch b/meta/recipes-kernel/kexec/kexec-tools/0001-powerpc-change-the-memory-size-limit.patch index dc97d930e9..029650f35c 100644 --- a/meta/recipes-kernel/kexec/kexec-tools/0002-powerpc-change-the-memory-size-limit.patch +++ b/meta/recipes-kernel/kexec/kexec-tools/0001-powerpc-change-the-memory-size-limit.patch @@ -1,4 +1,4 @@ -From b19b68eab567aa534cf8dec79fe18e3dc0e14043 Mon Sep 17 00:00:00 2001 +From 211cae4b6a02a4d9d37bfcd76f3702696e095fc3 Mon Sep 17 00:00:00 2001 From: Quanyang Wang <quanyang.wang@windriver.com> Date: Tue, 16 Jun 2015 12:59:57 +0800 Subject: [PATCH] powerpc: change the memory size limit @@ -20,11 +20,11 @@ Signed-off-by: Quanyang Wang <quanyang.wang@windriver.com> kexec/arch/ppc/kexec-ppc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: kexec-tools-2.0.10/kexec/arch/ppc/kexec-ppc.h -=================================================================== ---- kexec-tools-2.0.10.orig/kexec/arch/ppc/kexec-ppc.h -+++ kexec-tools-2.0.10/kexec/arch/ppc/kexec-ppc.h -@@ -42,7 +42,7 @@ void dol_ppc_usage(void); +diff --git a/kexec/arch/ppc/kexec-ppc.h b/kexec/arch/ppc/kexec-ppc.h +index 04e728e..6bae9ec 100644 +--- a/kexec/arch/ppc/kexec-ppc.h ++++ b/kexec/arch/ppc/kexec-ppc.h +@@ -44,7 +44,7 @@ void dol_ppc_usage(void); * During inital setup the kernel does not map the whole memory but a part of * it. On Book-E that is 64MiB, 601 24MiB or 256MiB (if possible). */ diff --git a/meta/recipes-kernel/kexec/kexec-tools/0001-purgatory-Pass-r-directly-to-linker.patch b/meta/recipes-kernel/kexec/kexec-tools/0002-purgatory-Pass-r-directly-to-linker.patch index bfd077daf0..363d5da4ae 100644 --- a/meta/recipes-kernel/kexec/kexec-tools/0001-purgatory-Pass-r-directly-to-linker.patch +++ b/meta/recipes-kernel/kexec/kexec-tools/0002-purgatory-Pass-r-directly-to-linker.patch @@ -1,4 +1,4 @@ -From a1135b3170963ba956f2364c1283864c35541295 Mon Sep 17 00:00:00 2001 +From a04bcf8f683c1a5a7d015920124457ad56fb7cf0 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Mon, 7 Sep 2015 07:59:45 +0000 Subject: [PATCH] purgatory: Pass -r directly to linker @@ -8,17 +8,17 @@ where as gcc knows how to deal with it and passes it down to linker unfiltered Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- -Upstream-Status: Pending +Upstream-Status: Pending +--- purgatory/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/purgatory/Makefile b/purgatory/Makefile -index 2b5c061..b251353 100644 +index 2dd6c47..416e6b9 100644 --- a/purgatory/Makefile +++ b/purgatory/Makefile -@@ -61,7 +61,7 @@ $(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \ +@@ -60,7 +60,7 @@ $(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \ -I$(shell $(CC) -print-file-name=include) $(PURGATORY): LDFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS)\ -Wl,--no-undefined -nostartfiles -nostdlib \ @@ -27,6 +27,3 @@ index 2b5c061..b251353 100644 -Wl,-Map=$(PURGATORY_MAP) $(PURGATORY): $(PURGATORY_OBJS) --- -2.5.1 - diff --git a/meta/recipes-kernel/kexec/kexec-tools/0010-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch b/meta/recipes-kernel/kexec/kexec-tools/0003-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch index 6c6c66d885..832fe67716 100644 --- a/meta/recipes-kernel/kexec/kexec-tools/0010-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch +++ b/meta/recipes-kernel/kexec/kexec-tools/0003-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch @@ -1,4 +1,4 @@ -From 78e497fb69950665e639cfab8f4fb50cc404a1eb Mon Sep 17 00:00:00 2001 +From 55e583d20651e829afbbc8dba0f8ec3017cda2d5 Mon Sep 17 00:00:00 2001 From: Haiqing Bai <Haiqing.Bai@windriver.com> Date: Mon, 9 Jan 2017 15:26:29 +0800 Subject: [PATCH] kexec: ARM: Fix add_buffer_phys_virt() align issue @@ -17,7 +17,7 @@ Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/kexec/arch/arm/crashdump-arm.c b/kexec/arch/arm/crashdump-arm.c -index 245c21a..12139c3 100644 +index daa4788..3f72b38 100644 --- a/kexec/arch/arm/crashdump-arm.c +++ b/kexec/arch/arm/crashdump-arm.c @@ -240,6 +240,7 @@ int load_crashdump_segments(struct kexec_info *info, char *mod_cmdline) @@ -47,6 +47,3 @@ index 245c21a..12139c3 100644 crash_kernel_mem.start, crash_kernel_mem.end, -1, 0); --- -1.9.1 - diff --git a/meta/recipes-kernel/kexec/kexec-tools/0001-Disable-PIE-during-link.patch b/meta/recipes-kernel/kexec/kexec-tools/0005-Disable-PIE-during-link.patch index 3f2f85e337..7a4b8548ca 100644 --- a/meta/recipes-kernel/kexec/kexec-tools/0001-Disable-PIE-during-link.patch +++ b/meta/recipes-kernel/kexec/kexec-tools/0005-Disable-PIE-during-link.patch @@ -1,4 +1,4 @@ -From ea7be6d71b85880e8e8a2c8a4f49a696c5f31ae4 Mon Sep 17 00:00:00 2001 +From c54488ad5fd657e0f154d76d7456d9080be24836 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Sat, 10 Jun 2017 11:18:49 -0700 Subject: [PATCH] Disable PIE during link @@ -14,7 +14,7 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/purgatory/Makefile b/purgatory/Makefile -index 564bdb7..a08e41f 100644 +index 416e6b9..f00edb4 100644 --- a/purgatory/Makefile +++ b/purgatory/Makefile @@ -59,7 +59,7 @@ $(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \ @@ -26,6 +26,3 @@ index 564bdb7..a08e41f 100644 -nodefaultlibs -e purgatory_start -Wl,-r \ -Wl,-Map=$(PURGATORY_MAP) --- -2.13.1 - diff --git a/meta/recipes-kernel/kexec/kexec-tools/kdump.service b/meta/recipes-kernel/kexec/kexec-tools/kdump.service index 4e65a46ac4..b4a2c0611d 100644 --- a/meta/recipes-kernel/kexec/kexec-tools/kdump.service +++ b/meta/recipes-kernel/kexec/kexec-tools/kdump.service @@ -1,6 +1,8 @@ [Unit] Description=Reboot and dump vmcore via kexec DefaultDependencies=no +Requires=sysinit.target +After=sysinit.target [Service] Type=oneshot diff --git a/meta/recipes-kernel/kexec/kexec-tools/kexec-x32.patch b/meta/recipes-kernel/kexec/kexec-tools/kexec-x32.patch deleted file mode 100644 index 26d18eb6fe..0000000000 --- a/meta/recipes-kernel/kexec/kexec-tools/kexec-x32.patch +++ /dev/null @@ -1,88 +0,0 @@ -x86_64: Add support to build kexec-tools with x32 ABI - -Summary of changes, - -configure.ac: Add test for detect x32 ABI. -purgatory/arch/x86_64/Makefile: Not use mcmodel large when - x32 ABI is set. -kexec/arch/x86_64/kexec-elf-rel-x86_64.c: When x32 ABI is set - use ELFCLASS32 instead of ELFCLASS64. -kexec/kexec-syscall.h: Add correct syscall number for x32 ABI. - -Upstream-Status: Submitted - -Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> -Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> - ---- - configure.ac | 9 +++++++++ - kexec/arch/x86_64/kexec-elf-rel-x86_64.c | 4 ++++ - kexec/kexec-syscall.h | 4 ++++ - purgatory/arch/x86_64/Makefile | 4 +++- - 4 files changed, 20 insertions(+), 1 deletion(-) - -Index: kexec-tools-2.0.10/configure.ac -=================================================================== ---- kexec-tools-2.0.10.orig/configure.ac -+++ kexec-tools-2.0.10/configure.ac -@@ -56,6 +56,15 @@ case $target_cpu in - ;; - ia64|x86_64|alpha|m68k ) - ARCH="$target_cpu" -+ -+ dnl ---Test for x32 ABI in x86_64 -+ if test "x$ARCH" = "xx86_64" ; then -+ AC_EGREP_CPP(x32_test, -+ [#if defined(__x86_64__) && defined (__ILP32__) -+ x32_test -+ #endif -+ ], SUBARCH='x32', SUBARCH='64') -+ fi - ;; - * ) - AC_MSG_ERROR([unsupported architecture $target_cpu]) -Index: kexec-tools-2.0.10/kexec/arch/x86_64/kexec-elf-rel-x86_64.c -=================================================================== ---- kexec-tools-2.0.10.orig/kexec/arch/x86_64/kexec-elf-rel-x86_64.c -+++ kexec-tools-2.0.10/kexec/arch/x86_64/kexec-elf-rel-x86_64.c -@@ -8,7 +8,11 @@ int machine_verify_elf_rel(struct mem_eh - if (ehdr->ei_data != ELFDATA2LSB) { - return 0; - } -+#ifdef __ILP32__ -+ if (ehdr->ei_class != ELFCLASS32) { -+#else - if (ehdr->ei_class != ELFCLASS64) { -+#endif - return 0; - } - if (ehdr->e_machine != EM_X86_64) { -Index: kexec-tools-2.0.10/kexec/kexec-syscall.h -=================================================================== ---- kexec-tools-2.0.10.orig/kexec/kexec-syscall.h -+++ kexec-tools-2.0.10/kexec/kexec-syscall.h -@@ -31,8 +31,12 @@ - #define __NR_kexec_load 268 - #endif - #ifdef __x86_64__ -+#ifdef __ILP32__ -+#define __NR_kexec_load 528 -+#else - #define __NR_kexec_load 246 - #endif -+#endif - #ifdef __s390x__ - #define __NR_kexec_load 277 - #endif -Index: kexec-tools-2.0.10/purgatory/arch/x86_64/Makefile -=================================================================== ---- kexec-tools-2.0.10.orig/purgatory/arch/x86_64/Makefile -+++ kexec-tools-2.0.10/purgatory/arch/x86_64/Makefile -@@ -23,4 +23,6 @@ x86_64_PURGATORY_SRCS += purgatory/arch/ - x86_64_PURGATORY_SRCS += purgatory/arch/i386/vga.c - x86_64_PURGATORY_SRCS += purgatory/arch/i386/pic.c - --x86_64_PURGATORY_EXTRA_CFLAGS = -mcmodel=large -+ifeq ($(SUBARCH),64) -+ x86_64_PURGATORY_EXTRA_CFLAGS = -mcmodel=large -+endif diff --git a/meta/recipes-kernel/kexec/kexec-tools_2.0.17.bb b/meta/recipes-kernel/kexec/kexec-tools_2.0.23.bb index f4ec5865e3..4e58a5acbd 100644 --- a/meta/recipes-kernel/kexec/kexec-tools_2.0.17.bb +++ b/meta/recipes-kernel/kexec/kexec-tools_2.0.23.bb @@ -4,7 +4,7 @@ DESCRIPTION = "Kexec is a fast reboot feature that lets you reboot to a new Linu AUTHOR = "Eric Biederman" HOMEPAGE = "http://kernel.org/pub/linux/utils/kernel/kexec/" SECTION = "kernel/userland" -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=ea5bed2f60d357618ca161ad539f7c0a \ file://kexec/kexec.c;beginline=1;endline=20;md5=af10f6ae4a8715965e648aa687ad3e09" DEPENDS = "zlib xz" @@ -13,22 +13,21 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/kexec/kexec-tools-${PV}.tar.gz file://kdump \ file://kdump.conf \ file://kdump.service \ - file://0002-powerpc-change-the-memory-size-limit.patch \ - file://0001-purgatory-Pass-r-directly-to-linker.patch \ - file://0010-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch \ - file://kexec-x32.patch \ - file://0001-Disable-PIE-during-link.patch \ + file://0001-powerpc-change-the-memory-size-limit.patch \ + file://0002-purgatory-Pass-r-directly-to-linker.patch \ + file://0003-kexec-ARM-Fix-add_buffer_phys_virt-align-issue.patch \ + file://0005-Disable-PIE-during-link.patch \ + file://0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch \ " -SRC_URI[md5sum] = "8e071ca473694a71e4ae60ed7ef6f377" -SRC_URI[sha256sum] = "450c87ba048641eb05f9717f5567aca57f063c266149ae663b58a34e5852deaf" +SRC_URI[sha256sum] = "c7dcc59f5b66004d9d91264324e20e0387ea263dbb449708fbf84a4e5ff7decc" inherit autotools update-rc.d systemd export LDFLAGS = "-L${STAGING_LIBDIR}" EXTRA_OECONF = " --with-zlib=yes" -do_compile_prepend() { +do_compile:prepend() { # Remove the prepackaged config.h from the source tree as it overrides # the same file generated by configure and placed in the build tree rm -f ${S}/include/config.h @@ -43,7 +42,7 @@ do_compile_prepend() { done } -do_install_append () { +do_install:append () { install -d ${D}${sysconfdir}/sysconfig install -m 0644 ${WORKDIR}/kdump.conf ${D}${sysconfdir}/sysconfig @@ -53,32 +52,35 @@ do_install_append () { if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -D -m 0755 ${WORKDIR}/kdump ${D}${libexecdir}/kdump-helper - install -D -m 0644 ${WORKDIR}/kdump.service ${D}${systemd_unitdir}/system/kdump.service - sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' ${D}${systemd_unitdir}/system/kdump.service + install -D -m 0644 ${WORKDIR}/kdump.service ${D}${systemd_system_unitdir}/kdump.service + sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' ${D}${systemd_system_unitdir}/kdump.service fi } PACKAGES =+ "kexec kdump vmcore-dmesg" -ALLOW_EMPTY_${PN} = "1" -RRECOMMENDS_${PN} = "kexec kdump vmcore-dmesg" +ALLOW_EMPTY:${PN} = "1" +RRECOMMENDS:${PN} = "kexec kdump vmcore-dmesg" -FILES_kexec = "${sbindir}/kexec" -FILES_kdump = "${sbindir}/kdump \ +FILES:kexec = "${sbindir}/kexec" +FILES:kdump = "${sbindir}/kdump \ ${sysconfdir}/sysconfig/kdump.conf \ ${sysconfdir}/init.d/kdump \ ${libexecdir}/kdump-helper \ - ${systemd_unitdir}/system/kdump.service \ + ${systemd_system_unitdir}/kdump.service \ " -FILES_vmcore-dmesg = "${sbindir}/vmcore-dmesg" +FILES:vmcore-dmesg = "${sbindir}/vmcore-dmesg" INITSCRIPT_PACKAGES = "kdump" -INITSCRIPT_NAME_kdump = "kdump" -INITSCRIPT_PARAMS_kdump = "start 56 2 3 4 5 . stop 56 0 1 6 ." +INITSCRIPT_NAME:kdump = "kdump" +INITSCRIPT_PARAMS:kdump = "start 56 2 3 4 5 . stop 56 0 1 6 ." -SECURITY_PIE_CFLAGS_remove = "-fPIE -pie" +SYSTEMD_PACKAGES = "kdump" +SYSTEMD_SERVICE:kdump = "kdump.service" + +SECURITY_PIE_CFLAGS:remove = "-fPIE -pie" COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*|powerpc.*|mips.*)-(linux|freebsd.*)' -INSANE_SKIP_${PN} = "arch" +INSANE_SKIP:${PN} = "arch" |