[RFC 0/3] Add support for kexec_file_load

Samuel Mendoza-Jonas sam at mendozajonas.com
Tue Sep 13 10:47:29 AEST 2016 

On Fri, 2016-09-09 at 14:26 -0500, Eric Richter wrote:
> Secure and trusted boot on POWER relies on the use of kexec_file_load over
> kexec_load, for uses such as kernel/initrd signature verification and
> measurement[1]. This patch set defines a new configuration option for toggling
> which syscall is used, or more specifically, which parameter is passed to
> kexec-{tools,lite}[2].
> 
> This is a preliminary version of the patches, intended to gather feedback and
> thoughts on the location of the configuration option. Currently, the option
> is included as a system-level config option, rather than an individual boot
> option. The thought is to have a top-level "default" option, that could be
> overrided in a per-boot config option.
> 
> Furthermore, there should be some check to ensure that the syscall is available
> in both the running kernel and the kexec binary. Implementations of these
> checks are forthcoming.
> 
> 
> Thanks,
> Eric Richter
> 
> 
> [1] See the following patches for kexec_file_load on POWER:
> https://lists.infradead.org/pipermail/kexec/2016-August/016960.html
> relevant IMA hooks were included in 4.6
> 
> [2] Kexec-tools uses -s for kexec_file_load. Neither upstream -tools nor -lite
> implement this for POWER, though I have an implementation for the latter here:
> https://github.com/erichte-ibm/kexec-lite/tree/kexec-file-load
> 
> Eric Richter (3):
>   lib: Add system config option to enable kexec_file_load
>   boot/pb-discover: Use kexec_method config option to determine kexec
>     syscall
>   ui/ncurses: Add system config checkbox to enable kexec_file load
> 
>  discover/boot.c               |  6 ++++--
>  discover/boot.h               |  1 +
>  lib/pb-protocol/pb-protocol.c |  9 +++++++++
>  lib/types/types.h             |  2 ++
>  ui/ncurses/nc-config.c        | 22 +++++++++++++++++++++-
>  5 files changed, 37 insertions(+), 3 deletions(-)
> 

This all looks fine to me, and can probably go in almost as-is once we get
kexec-{tools,lite} and kernel support.
One thought - do we want normal kexec / kexec_file_load to be an option, or
enforce using it if we're in trusted boot mode?

Sam

More information about the Petitboot mailing list