[PATCH 3/3] discover: Check if the kernel image has Ultravisor support

Maxiwell S. Garcia maxiwell at linux.ibm.com
Tue Sep 10 00:19:08 AEST 2019 

The PPC kernel image has an ELF Note 'namespace' called 'PowerPC'
to store capabilities and information which can be used by a
bootloader or userland. The capabilities can be accessed using
the 'type' PPC_ELFNOTE_CAPABILITIES which returns a bitmap
as 'descriptor' field.

Bit 0 in this bitmap indicates that the powerpc kernel binary
knows how to run in an ultravisor-enabled system. So, using this
bit, the petitboot can decide to abort the boot if the kernel is
incompatible, avoiding the crash later.

Signed-off-by: Maxiwell S. Garcia <maxiwell at linux.ibm.com>
---
 discover/boot.c | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/discover/boot.c b/discover/boot.c
index 91fc46d..a36cc33 100644
--- a/discover/boot.c
+++ b/discover/boot.c
@@ -25,6 +25,7 @@
 #include "paths.h"
 #include "resource.h"
 #include "platform.h"
+#include "elf.h"
 
 #include <security/security.h>
 
@@ -55,6 +56,26 @@ static void __attribute__((format(__printf__, 4, 5))) update_status(
 	talloc_free(status.message);
 }
 
+static int validate_kernel_capabilities(const char *filename)
+{
+	unsigned int *ppc_cap_bitmap = NULL;
+	ppc_cap_bitmap = elf_getnote_desc(elf_open_image(filename),
+					POWERPC_ELFNOTE_NAMESPACE,
+					PPC_ELFNOTE_CAPABILITIES);
+
+	if ((ppc_cap_bitmap) && (*ppc_cap_bitmap & PPCCAP_ULTRAVISOR_BIT)) {
+		pb_debug("kernel capabilities:"
+			" ultravisor mode found.\n");
+		return 0;
+	}
+
+	pb_log_fn("kernel capabilities failed:"
+		" ultravisor mode is required.\n");
+
+	free(ppc_cap_bitmap);
+	return -1;
+}
+
 /**
  * kexec_load - kexec load helper.
  */
@@ -82,7 +103,6 @@ static int kexec_load(struct boot_task *boot_task)
 			pb_log("%s: Aborting kexec due to signature"
 				" verification failure\n", __func__);
 		}
-
 		goto abort_kexec;
 	}
 
@@ -131,6 +151,12 @@ static int kexec_load(struct boot_task *boot_task)
 	assert(s_args);
 	*p++ = s_args;			/* 6 */
 
+	if (validate_kernel_capabilities(local_image)) {
+		pb_log("%s: Aborting kexec due to invalid"
+			" kernel capabilities\n", __func__);
+		goto abort_kexec;
+	}
+
 	*p++ = local_image;		/* 7 */
 	*p++ = NULL;			/* 8 */
 
-- 
2.20.1

More information about the Petitboot mailing list