[PATCH 0/6] kexec: A new system call to allow in kernel loading
holzheu at linux.vnet.ibm.com
Mon Nov 25 05:04:28 EST 2013
On Fri, 22 Nov 2013 05:34:03 -0800
ebiederm at xmission.com (Eric W. Biederman) wrote:
> Vivek Goyal <vgoyal at redhat.com> writes:
> >> There is also a huge missing piece of this in that your purgatory is not
> >> checking a hash of the loaded image before jumping too it. Without that
> >> this is a huge regression at least for the kexec on panic case. We
> >> absolutely need to check that the kernel sitting around in memory has
> >> not been corrupted before we let it run very far.
> > Agreed. This should not be hard. It is just a matter of calcualting
> > digest of segments. I will store it in kimge and verify digest again
> > before passing control to control page. Will fix it in next version.
> Nak. The verification needs to happen in purgatory.
> The verification needs to happen in code whose runtime environment is
> does not depend on random parts of the kernel. Anything else is a
> regression in maintainability and reliability.
Just to be sure that you have not forgotten the following s390 detail:
On s390 we first call purgatory with parameter "0" for doing the
checksum test. If this fails, we can have as backup solution our
traditional stand-alone dump. In case tha checksum test was ok,
we call purgatory a second time with parameter "1" which then
Could you please ensure that this mechanism also works after
More information about the kexec