Unnamed repository
Go to file
Lianbo Jiang 6a20bd5447 kdump-lib: switch to the kexec_file_load() syscall on x86_64 by default
UEFI Secure boot is a signature verification mechanism, designed to
prevent malicious code being loaded and executed at the early boot
stage. This makes sure that code executed is trusted by firmware.

Previously, with kexec_file_load() interface, kernel prevents unsigned
kernel image from being loaded if secure boot is enabled. So kdump will
detect whether secure boot is enabled firstly, then decide which interface
is chosen to execute, kexec_load() or kexec_file_load(). Otherwise unsigned
kernel loading will fail if secure boot enabled, and kexec_file_load() is
entered.

Now, the implementation of kexec_file_load() is adjusted in below commit.
With this change, if CONFIG_KEXEC_SIG_FORCE is not set, unsigned kernel
still has a chance to be allowed to load under some conditions.

commit 99d5cadfde2b ("kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG
and KEXEC_SIG_FORCE")

And in the current Fedora, the CONFIG_KEXEC_SIG_FORCE is not set, only the
CONFIG_KEXEC_SIG and CONFIG_BZIMAGE_VERIFY_SIG are set on x86_64 by default.
It's time to spread kexec_file_load() onto all systems of x86_64, including
Secure-boot platforms and legacy platforms. Please refer to the following
form.

.----------------------------------------------------------------------.
| .                    |     signed kernel     |    unsigned kernel    |
|    .      types      |-----------------------|-----------------------|
|       .              |Secure boot|  Legacy   |Secure boot|  Legacy   |
|          .           |-----------|-----------|-----------|-----------|
| options     .        | prev| now | prev| now |     |     | prev| now |
|                .     |(file|(file|(only|(file| prev| now |(only|(file|
|                    . |load)|load)|load)|load)|     |     |load)|load)|
|----------------------|-----|-----|-----|-----|-----|-----|-----|-----|
|KEXEC_SIG=y           |     |     |     |     |     |     |     |     |
|SIG_FORCE is not set  |succ |succ |succ |succ |  X  |  X  |succ |succ |
|BZIMAGE_VERIFY_SIG=y  |     |     |     |     |     |     |     |     |
|----------------------|-----|-----|-----|-----|-----|-----|-----|-----|
|KEXEC_SIG=y           |     |     |     |     |     |     |     |     |
|SIG_FORCE is not set  |     |     |     |     |     |     |     |     |
|BZIMAGE_VERIFY_SIG is |fail |fail |succ |fail |  X  |  X  |succ |fail |
|not set               |     |     |     |     |     |     |     |     |
|----------------------|-----|-----|-----|-----|-----|-----|-----|-----|
|KEXEC_SIG=y           |     |     |     |     |     |     |     |     |
|SIG_FORCE=y           |succ |succ |succ |fail |  X  |  X  |succ |fail |
|BZIMAGE_VERIFY_SIG=y  |     |     |     |     |     |     |     |     |
|----------------------|-----|-----|-----|-----|-----|-----|-----|-----|
|KEXEC_SIG=y           |     |     |     |     |     |     |     |     |
|SIG_FORCE=y           |     |     |     |     |     |     |     |     |
|BZIMAGE_VERIFY_SIG is |fail |fail |succ |fail |  X  |  X  |succ |fail |
|not set               |     |     |     |     |     |     |     |     |
|----------------------|-----|-----|-----|-----|-----|-----|-----|-----|
|KEXEC_SIG is not set  |     |     |     |     |     |     |     |     |
|SIG_FORCE is not set  |     |     |     |     |     |     |     |     |
|BZIMAGE_VERIFY_SIG is |fail |fail |succ |succ |  X  |  X  |succ |succ |
|not set               |     |     |     |     |     |     |     |     |
 ----------------------------------------------------------------------
Note:
[1] The 'X' indicates that the 1st kernel(unsigned) can not boot when the
    Secure boot is enabled.

Hence, in this patch, if on x86_64, let's use the kexec_file_load() only.
See if anything wrong happened in this case, in Fedora firstly for the
time being.

Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2020-02-06 21:57:14 +08:00
.gitignore .gitignore: Update to make it more generic 2016-05-16 10:15:01 +08:00
98-kexec.rules Make udev reload rules quiet during bootup 2018-12-06 17:44:03 +08:00
98-kexec.rules.ppc64 kexec.rules: create dedicated udev rules for ppc64 2019-05-06 16:22:28 +08:00
dracut-early-kdump-module-setup.sh earlykdump: warn when installed kernel version differs from dracut target 2019-01-10 18:16:58 +08:00
dracut-early-kdump.sh kdump-lib: switch to the kexec_file_load() syscall on x86_64 by default 2020-02-06 21:57:14 +08:00
dracut-kdump-capture.service dracut-kdump-capture.service: Use OnFailureJobMode instead of deprecated OnFailureIsolate 2019-06-14 09:44:09 +08:00
dracut-kdump-emergency.service kdump-emergency: fix "Transaction is destructive" emergency failure 2017-03-31 11:54:30 +08:00
dracut-kdump-emergency.target kdump-emergency: fix "Transaction is destructive" emergency failure 2017-03-31 11:54:30 +08:00
dracut-kdump-error-handler.service kdump-error-handler.service: Remove ExecStopPost 2019-11-28 17:46:00 +08:00
dracut-kdump-error-handler.sh Add failure_action as alias of default and make default obsolete 2019-01-22 17:57:53 +08:00
dracut-kdump-wait-for-target.sh Add a hook to wait for kdump target in initqueue 2020-01-29 08:12:45 +08:00
dracut-kdump.sh Add a hook to wait for kdump target in initqueue 2020-01-29 08:12:45 +08:00
dracut-module-setup.sh Add a hook to wait for kdump target in initqueue 2020-01-29 08:12:45 +08:00
dracut-monitor_dd_progress monitor-dd-progress fix 2013-06-25 16:45:59 +08:00
early-kdump-howto.txt earlykdump: provide a prompt message after the rebuilding of kdump initramfs. 2019-05-20 16:56:19 +08:00
fadump-howto.txt Add final_action option to kdump.conf 2019-01-22 17:58:24 +08:00
kdump-dep-generator.sh kdump-dep-generator: Add kdump service dependencies on the fly 2014-04-17 11:27:31 +08:00
kdump-in-cluster-environment.txt Add fence_kdump support for generic clusters 2014-04-03 14:43:06 +08:00
kdump-lib-initramfs.sh Add a hook to wait for kdump target in initqueue 2020-01-29 08:12:45 +08:00
kdump-lib.sh kdump-lib: switch to the kexec_file_load() syscall on x86_64 by default 2020-02-06 21:57:14 +08:00
kdump-udev-throttler Make udev reload rules quiet during bootup 2018-12-06 17:44:03 +08:00
kdump.conf Add final_action option to kdump.conf 2019-01-22 17:58:24 +08:00
kdump.conf.5 Add final_action option to kdump.conf 2019-01-22 17:58:24 +08:00
kdump.service kdumpctl: Add reload support 2018-11-01 22:31:20 +08:00
kdump.sysconfig Disable device dump by default 2019-09-02 17:06:09 +08:00
kdump.sysconfig.aarch64 Disable device dump by default 2019-09-02 17:06:09 +08:00
kdump.sysconfig.i386 Disable device dump by default 2019-09-02 17:06:09 +08:00
kdump.sysconfig.ppc64 Disable device dump by default 2019-09-02 17:06:09 +08:00
kdump.sysconfig.ppc64le Disable device dump by default 2019-09-02 17:06:09 +08:00
kdump.sysconfig.s390x Disable device dump by default 2019-09-02 17:06:09 +08:00
kdump.sysconfig.x86_64 kdump-lib: switch to the kexec_file_load() syscall on x86_64 by default 2020-02-06 21:57:14 +08:00
kdumpctl kdump-lib: switch to the kexec_file_load() syscall on x86_64 by default 2020-02-06 21:57:14 +08:00
kdumpctl.8 Update man page for new kdumpctl command: reload / rebuild 2019-04-05 02:02:58 +08:00
kexec-kdump-howto.txt kexec-kdump-howto.txt: Add notes about device dump 2019-09-02 17:06:16 +08:00
kexec-tools-2.0.20-eppic-Remove-duplicated-variable-declaration.patch Fix builing failure on Fedora 32 2020-01-29 14:43:47 +08:00
kexec-tools-2.0.20-fix-broken-multiboot2-buliding-for-i386.patch x86: Fix broken multiboot2 buliding for i386 2019-08-02 11:24:03 +08:00
kexec-tools-2.0.20-makedumpfile-Remove-duplicated-variable-declarations.patch Fix builing failure on Fedora 32 2020-01-29 14:43:47 +08:00
kexec-tools-2.0.20-Remove-duplicated-variable-declarations.patch Fix builing failure on Fedora 32 2020-01-29 14:43:47 +08:00
kexec-tools.spec Release 2.0.20-9 2020-01-29 14:44:16 +08:00
live-image-kdump-howto.txt Revert "kdumpctl: filter 'root' kernel parameter when running in live images" 2017-04-11 16:03:12 +08:00
mkdumprd mkdumprd: Fix dracut args parsing 2019-12-27 12:29:43 +08:00
mkdumprd.8 Remove comma which is redundant 2013-02-16 15:19:41 +08:00
README README: Add a README file 2014-04-02 10:45:36 +08:00
sources Update makedumpfile to 1.6.7 2020-01-29 08:47:42 +08:00
zanata-notes.txt Add a notes for zanata process 2012-12-05 01:23:09 -05:00

Adding a patch to kexec-tools
=============================
There is a mailing list kexec@lists.fedoraproject.org where all the dicussion
related to fedora kexec-tools happen. All the patches are posted there for
inclusion and committed to kexec-tools after review.

So if you want your patches to be included in fedora kexec-tools package,
post these to kexec@lists.fedoraproject.org.

One can subscribe to list and browse through archives here.

https://admin.fedoraproject.org/mailman/listinfo/kexec