On Wed, Jul 20, 2016 at 09:35:30AM +0100, Russell King - ARM Linux wrote:
> On Wed, Jul 20, 2016 at 01:45:42PM +1000, Balbir Singh wrote:
> > > IOW, if your kernel forced signature verification, you should not be
> > > able to do sig_enforce=0. If you kernel did not have
> > > CONFIG_MODULE_SIG_FOR
On Wed, Jul 20, 2016 at 01:45:42PM +1000, Balbir Singh wrote:
> >
> > Command line options are not signed. I thought idea behind secureboot
> > was to execute only trusted code and command line options don't enforce
> > you to execute unsigned code.
> >
> >>
> >> You can set
On Tue, Jul 19, 2016 at 01:47:28PM +0100, Mark Rutland wrote:
> On Tue, Jul 19, 2016 at 08:24:06AM -0400, Vivek Goyal wrote:
> > On Tue, Jul 19, 2016 at 11:52:00AM +0100, Mark Rutland wrote:
> > > Regardless, this extended syscall changes some underlying assumptions
> > >
On Tue, Jul 19, 2016 at 11:52:00AM +0100, Mark Rutland wrote:
> On Tue, Jul 19, 2016 at 08:55:56AM +0800, Dave Young wrote:
> > On 07/18/16 at 11:07am, Mark Rutland wrote:
> > > On Mon, Jul 18, 2016 at 10:30:24AM +0800, Dave Young wrote:
> > > > I do not think it is worth to add another syscall for
On Mon, Jul 18, 2016 at 09:26:29AM -0400, Vivek Goyal wrote:
> On Mon, Jul 18, 2016 at 10:46:04PM +1000, Balbir Singh wrote:
> > On Wed, 2016-07-13 at 14:22 -0400, Vivek Goyal wrote:
> > > On Wed, Jul 13, 2016 at 06:40:10PM +0100, Russell King - ARM Linux wrote:
> > >
On Mon, Jul 18, 2016 at 10:46:04PM +1000, Balbir Singh wrote:
> On Wed, 2016-07-13 at 14:22 -0400, Vivek Goyal wrote:
> > On Wed, Jul 13, 2016 at 06:40:10PM +0100, Russell King - ARM Linux wrote:
> > >
> > > On Wed, Jul 13, 2016 at 09:03:38AM -0400, Vivek Goyal wrote:
&
On Fri, Jul 15, 2016 at 09:31:02AM +0200, Arnd Bergmann wrote:
> On Thursday, July 14, 2016 10:44:14 PM CEST Thiago Jung Bauermann wrote:
> > Am Donnerstag, 14 Juli 2016, 10:29:11 schrieb Arnd Bergmann:
>
> > >
> > > Right, but the question remains whether this helps while you allow the
> > > boo
On Tue, Jul 12, 2016 at 10:42:01AM +0900, AKASHI Takahiro wrote:
[..]
> -SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
> +SYSCALL_DEFINE6(kexec_file_load, int, kernel_fd, int, initrd_fd,
> unsigned long, cmdline_len, const char __user *, cmdline_ptr,
> -
On Fri, Jul 15, 2016 at 09:49:25AM +0100, Russell King - ARM Linux wrote:
> On Wed, Jul 13, 2016 at 03:13:42PM +0200, Arnd Bergmann wrote:
> > On Wednesday, July 13, 2016 10:41:28 AM CEST Mark Rutland wrote:
> > > The big question is whether this is a realistic case on a secure boot
> > > system.
>
On Wed, Jul 13, 2016 at 06:40:10PM +0100, Russell King - ARM Linux wrote:
> On Wed, Jul 13, 2016 at 09:03:38AM -0400, Vivek Goyal wrote:
> > On Wed, Jul 13, 2016 at 09:26:39AM +0100, Russell King - ARM Linux wrote:
> > > Indeed - maybe Eric knows better, but I can't
On Wed, Jul 13, 2016 at 09:45:22AM +1000, Stewart Smith wrote:
> Vivek Goyal writes:
> > On Tue, Jul 12, 2016 at 10:58:09AM -0300, Thiago Jung Bauermann wrote:
> >> Hello Eric,
> >>
> >> Am Dienstag, 12 Juli 2016, 08:25:48 schrieb Eric W. Biede
On Wed, Jul 13, 2016 at 09:41:39AM +1000, Stewart Smith wrote:
> Petr Tesarik writes:
> > On Tue, 12 Jul 2016 13:25:11 -0300
> > Thiago Jung Bauermann wrote:
> >
> >> Hi Eric,
> >>
> >> I'm trying to understand your concerns leading to your nack. I hope you
> >> don't mind expanding your though
On Wed, Jul 13, 2016 at 09:26:39AM +0100, Russell King - ARM Linux wrote:
> On Wed, Jul 13, 2016 at 05:55:33PM +1000, Stewart Smith wrote:
> > Russell King - ARM Linux writes:
> > > On Wed, Jul 13, 2016 at 02:59:51PM +1000, Stewart Smith wrote:
> > >> Russell King - ARM Linux writes:
> > >> > On
On Tue, Jul 12, 2016 at 04:02:46PM +0200, Arnd Bergmann wrote:
> On Tuesday, July 12, 2016 8:25:48 AM CEST Eric W. Biederman wrote:
> > AKASHI Takahiro writes:
> >
> > > Device tree blob must be passed to a second kernel on DTB-capable
> > > archs, like powerpc and arm64, but the current kernel i
On Tue, Jul 12, 2016 at 10:58:09AM -0300, Thiago Jung Bauermann wrote:
> Hello Eric,
>
> Am Dienstag, 12 Juli 2016, 08:25:48 schrieb Eric W. Biederman:
> > AKASHI Takahiro writes:
> > > Device tree blob must be passed to a second kernel on DTB-capable
> > > archs, like powerpc and arm64, but the
On Tue, Jul 14, 2015 at 01:01:12PM -0500, Eric W. Biederman wrote:
> Vivek Goyal writes:
>
> > On Tue, Jul 14, 2015 at 05:29:53PM +, dwal...@fifo99.com wrote:
> >
> > [..]
> >> > >> > If a machine is failing, there are high
On Tue, Jul 14, 2015 at 05:29:53PM +, dwal...@fifo99.com wrote:
[..]
> > >> > If a machine is failing, there are high chance it can't deliver you the
> > >> > notification. Detecting that failure suing some kind of polling
> > >> > mechanism
> > >> > might be more reliable. And it will make e
On Tue, Jul 14, 2015 at 03:48:33PM +, dwal...@fifo99.com wrote:
> On Tue, Jul 14, 2015 at 11:40:40AM -0400, Vivek Goyal wrote:
> > On Tue, Jul 14, 2015 at 03:34:30PM +, dwal...@fifo99.com wrote:
> > > On Tue, Jul 14, 2015 at 11:02:08AM -0400, Vivek Goyal wrote:
> >
On Tue, Jul 14, 2015 at 03:34:30PM +, dwal...@fifo99.com wrote:
> On Tue, Jul 14, 2015 at 11:02:08AM -0400, Vivek Goyal wrote:
> > On Tue, Jul 14, 2015 at 01:59:19PM +, dwal...@fifo99.com wrote:
> > > On Mon, Jul 13, 2015 at 08:19:45PM -0500, Eric W. Biederman wrote:
>
On Tue, Jul 14, 2015 at 01:59:19PM +, dwal...@fifo99.com wrote:
> On Mon, Jul 13, 2015 at 08:19:45PM -0500, Eric W. Biederman wrote:
> > dwal...@fifo99.com writes:
> >
> > > On Fri, Jul 10, 2015 at 08:41:28AM -0500, Eric W. Biederman wrote:
> > >> Hidehiro Kawai writes:
> > >>
> > >> > You c
On Fri, Jul 10, 2015 at 08:33:31PM +0900, Hidehiro Kawai wrote:
> This patch fixes problems reported by Daniel Walker
> (https://lkml.org/lkml/2015/6/24/44), and also replaces the bug fix
> commits 5375b70 and f45d85f.
>
> If "crash_kexec_post_notifiers" boot option is specified,
> other cpus are
On Tue, Jul 14, 2015 at 01:59:19PM +, dwal...@fifo99.com wrote:
> On Mon, Jul 13, 2015 at 08:19:45PM -0500, Eric W. Biederman wrote:
> > dwal...@fifo99.com writes:
> >
> > > On Fri, Jul 10, 2015 at 08:41:28AM -0500, Eric W. Biederman wrote:
> > >> Hidehiro Kawai writes:
> > >>
> > >> > You c
On Tue, Oct 07, 2014 at 12:21:30AM +, Geoff Levand wrote:
> linux/kexec.h now defines an IND_FLAGS macro. Remove the local powerpc
> definition and use the generic one.
>
> Signed-off-by: Geoff Levand
I think this patch should be merged in previous patch. I guess after
applying patch4, seri
On Tue, Aug 26, 2014 at 05:33:28PM -0700, Geoff Levand wrote:
> Hi Vivek,
>
> On Mon, 2014-08-25 at 12:59 -0400, Vivek Goyal wrote:
> > Does arm64 has secureboot? If yes, then it might make sense to
> > enable the new syscall kexec_file_load() on arm64 instead of trying
&g
ec kimage_entry items.
>
> Signed-off-by: Geoff Levand
Acked-by: Vivek Goyal
Vivek
> ---
> include/linux/kexec.h | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/include/linux/kexec.h b/include/linux/kexec.h
> index 8c628ca..a4758f9 100644
> --- a/include/l
te on the kimage entry list. The addition of
> these bit position macros in a common location will avoid duplicate
> definitions
> and the chance that changes to the IND_* flags will not be propagated to
> assembly files.
>
> Signed-off-by: Geoff Levand
Looks good to me.
Acked-by:
change switches the
> order of the conditional check, and cleans up the comments for the
> conditional. There is no functional change to the code.
>
> Signed-off-by: Geoff Levand
This is simple reorganization.
Acked-by: Vivek Goyal
Vivek
> ---
> kernel/kexec.c | 17 ++
On Fri, Aug 22, 2014 at 06:39:47PM +, Geoff Levand wrote:
> Remove the unneded declaration for a kexec_load() routine.
>
> Fixes errors like these when running 'make headers_check':
>
> include/uapi/linux/kexec.h: userspace cannot reference function or variable
> defined in the kernel
>
> S
On Fri, Aug 22, 2014 at 06:39:47PM +, Geoff Levand wrote:
> Hi,
>
> Here are a few minor fixups and enhancements for kexec support.
>
> Patch 3 and 4 that add preprocessor macros for the kimage list flags are
> ones that I use in the arm64 kexec support I am working on, so it would
> be nice
On Fri, Jun 06, 2014 at 06:00:43PM +0530, Srivatsa S. Bhat wrote:
> On 06/04/2014 07:16 PM, Vivek Goyal wrote:
> > On Wed, Jun 04, 2014 at 08:09:25AM +1000, Benjamin Herrenschmidt wrote:
> >> On Wed, 2014-06-04 at 01:58 +0530, Srivatsa S. Bhat wrote:
> >>> Yep, that
On Wed, Jun 04, 2014 at 08:09:25AM +1000, Benjamin Herrenschmidt wrote:
> On Wed, 2014-06-04 at 01:58 +0530, Srivatsa S. Bhat wrote:
> > Yep, that makes sense. But unfortunately I don't have enough insight into
> > why exactly powerpc has to online the CPUs before doing a kexec. I just
> > know fro
On Wed, Jun 04, 2014 at 01:58:40AM +0530, Srivatsa S. Bhat wrote:
> On 05/28/2014 07:01 PM, Vivek Goyal wrote:
> > On Tue, May 27, 2014 at 04:25:34PM +0530, Srivatsa S. Bhat wrote:
> >> If we try to perform a kexec when the machine is in ST (Single-Threaded)
> >> mod
On Tue, May 27, 2014 at 04:25:34PM +0530, Srivatsa S. Bhat wrote:
> If we try to perform a kexec when the machine is in ST (Single-Threaded) mode
> (ppc64_cpu --smt=off), the kexec operation doesn't succeed properly, and we
> get the following messages during boot:
>
> [0.089866] POWER8 perfor
mmand line for elfcorehdr_addr. I
am wondering how does vmcore interface work on sh. Anyway, I am atleast
defining elfcoredhr_addr so that compilation is not broken on sh.
Signed-off-by: Vivek Goyal <[EMAIL PROTECTED]>
Acked-by: "Eric W. Biederman" <[EMAIL PROTECTED]>
On Tue, Jul 29, 2008 at 02:42:43PM +1000, Simon Horman wrote:
> On Mon, Jul 28, 2008 at 05:13:14PM -0400, Vivek Goyal wrote:
> >
> > o Move elfcorehdr_addr definition in arch dependent crash dump file. This is
> > equivalent to defining elfcorehdr_addr under CONFIG_
On Tue, Jul 29, 2008 at 11:22:48AM +1000, Simon Horman wrote:
> On Mon, Jul 28, 2008 at 03:47:41PM -0700, Eric W. Biederman wrote:
> > Vivek Goyal <[EMAIL PROTECTED]> writes:
> >
> > > Hi All,
> > >
> > > How does following series of patches look
ed in
second kernel without KEXEC being enabled.
Signed-off-by: Vivek Goyal <[EMAIL PROTECTED]>
---
fs/proc/vmcore.c |3 ---
include/linux/crash_dump.h | 14 ++
2 files changed, 10 insertions(+), 7 deletions(-)
diff -puN fs/proc/vmcore.c~remove-elfcore-hdr-addr
not.
Signed-off-by: Vivek Goyal <[EMAIL PROTECTED]>
---
arch/powerpc/kernel/crash_dump.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff -puN arch/powerpc/kernel/crash_dump.c~fix-elfcorehdr_addr-parsing-ppc64
arch/powerpc/kernel/crash_dump.c
---
linux-2.6.27-p
not.
Signed-off-by: Vivek Goyal <[EMAIL PROTECTED]>
---
arch/ia64/kernel/setup.c |9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff -puN arch/ia64/kernel/setup.c~fix-elfcorehdr_addr-parsing-ia64
arch/ia64/kernel/setup.c
---
linux-2.6.27-pre-rc1/arch/ia64/kernel/setup
not.
Signed-off-by: Vivek Goyal <[EMAIL PROTECTED]>
---
arch/x86/kernel/crash_dump_32.c |3 +++
arch/x86/kernel/crash_dump_64.c |3 +++
arch/x86/kernel/setup.c |8 +++-
3 files changed, 13 insertions(+), 1 deletion(-)
diff -puN arch/x86/kernel/setup
or
not.
o I don't see sh setup code parsing the command line for elfcorehdr_addr. I
am wondering how does vmcore interface work on sh. Anyway, I am atleast
defining elfcoredhr_addr so that compilation is not broken on sh.
Signed-off-by: Vivek Goyal <[EMAIL PROTECTED]>
---
arc
41 matches
Mail list logo
