| Message ID | 20241029055223.210039-4-coxu@redhat.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | None | expand |
Hi Coiby, kernel test robot noticed the following build errors: [auto build test ERROR on e42b1a9a2557aa94fee47f078633677198386a52] url: https://github.com/intel-lab-lkp/linux/commits/Coiby-Xu/kexec_file-allow-to-place-kexec_buf-randomly/20241029-135449 base: e42b1a9a2557aa94fee47f078633677198386a52 patch link: https://lore.kernel.org/r/20241029055223.210039-4-coxu%40redhat.com patch subject: [PATCH v6 3/7] crash_dump: store dm crypt keys in kdump reserved memory config: loongarch-allmodconfig (https://download.01.org/0day-ci/archive/20241029/202410292237.HA9vMqbC-lkp@intel.com/config) compiler: loongarch64-linux-gcc (GCC) 14.1.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241029/202410292237.HA9vMqbC-lkp@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp@intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202410292237.HA9vMqbC-lkp@intel.com/ All error/warnings (new ones prefixed by >>): kernel/crash_dump_dm_crypt.c: In function 'crash_load_dm_crypt_keys': >> kernel/crash_dump_dm_crypt.c:221:16: error: variable 'kbuf' has initializer but incomplete type 221 | struct kexec_buf kbuf = { | ^~~~~~~~~ >> kernel/crash_dump_dm_crypt.c:222:18: error: 'struct kexec_buf' has no member named 'image' 222 | .image = image, | ^~~~~ >> kernel/crash_dump_dm_crypt.c:222:26: warning: excess elements in struct initializer 222 | .image = image, | ^~~~~ kernel/crash_dump_dm_crypt.c:222:26: note: (near initialization for 'kbuf') >> kernel/crash_dump_dm_crypt.c:223:18: error: 'struct kexec_buf' has no member named 'buf_min' 223 | .buf_min = 0, | ^~~~~~~ kernel/crash_dump_dm_crypt.c:223:28: warning: excess elements in struct initializer 223 | .buf_min = 0, | ^ kernel/crash_dump_dm_crypt.c:223:28: note: (near initialization for 'kbuf') >> kernel/crash_dump_dm_crypt.c:224:18: error: 'struct kexec_buf' has no member named 'buf_max' 224 | .buf_max = ULONG_MAX, | ^~~~~~~ In file included from include/linux/limits.h:7, from include/linux/thread_info.h:12, from include/asm-generic/preempt.h:5, from ./arch/loongarch/include/generated/asm/preempt.h:1, from include/linux/preempt.h:79, from include/linux/rcupdate.h:27, from include/linux/rbtree.h:24, from include/linux/key.h:15, from kernel/crash_dump_dm_crypt.c:2: >> include/vdso/limits.h:13:25: warning: excess elements in struct initializer 13 | #define ULONG_MAX (~0UL) | ^ kernel/crash_dump_dm_crypt.c:224:28: note: in expansion of macro 'ULONG_MAX' 224 | .buf_max = ULONG_MAX, | ^~~~~~~~~ include/vdso/limits.h:13:25: note: (near initialization for 'kbuf') 13 | #define ULONG_MAX (~0UL) | ^ kernel/crash_dump_dm_crypt.c:224:28: note: in expansion of macro 'ULONG_MAX' 224 | .buf_max = ULONG_MAX, | ^~~~~~~~~ >> kernel/crash_dump_dm_crypt.c:225:18: error: 'struct kexec_buf' has no member named 'top_down' 225 | .top_down = false, | ^~~~~~~~ kernel/crash_dump_dm_crypt.c:225:29: warning: excess elements in struct initializer 225 | .top_down = false, | ^~~~~ kernel/crash_dump_dm_crypt.c:225:29: note: (near initialization for 'kbuf') >> kernel/crash_dump_dm_crypt.c:226:18: error: 'struct kexec_buf' has no member named 'random' 226 | .random = true, | ^~~~~~ kernel/crash_dump_dm_crypt.c:226:27: warning: excess elements in struct initializer 226 | .random = true, | ^~~~ kernel/crash_dump_dm_crypt.c:226:27: note: (near initialization for 'kbuf') >> kernel/crash_dump_dm_crypt.c:221:26: error: storage size of 'kbuf' isn't known 221 | struct kexec_buf kbuf = { | ^~~~ >> kernel/crash_dump_dm_crypt.c:246:20: error: 'KEXEC_BUF_MEM_UNKNOWN' undeclared (first use in this function) 246 | kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; | ^~~~~~~~~~~~~~~~~~~~~ kernel/crash_dump_dm_crypt.c:246:20: note: each undeclared identifier is reported only once for each function it appears in >> kernel/crash_dump_dm_crypt.c:247:13: error: implicit declaration of function 'kexec_add_buffer' [-Wimplicit-function-declaration] 247 | r = kexec_add_buffer(&kbuf); | ^~~~~~~~~~~~~~~~ >> kernel/crash_dump_dm_crypt.c:221:26: warning: unused variable 'kbuf' [-Wunused-variable] 221 | struct kexec_buf kbuf = { | ^~~~ vim +/kbuf +221 kernel/crash_dump_dm_crypt.c 218 219 int crash_load_dm_crypt_keys(struct kimage *image) 220 { > 221 struct kexec_buf kbuf = { > 222 .image = image, > 223 .buf_min = 0, > 224 .buf_max = ULONG_MAX, > 225 .top_down = false, > 226 .random = true, 227 }; 228 int r; 229 230 231 if (key_count <= 0) { 232 kexec_dprintk("No dm-crypt keys\n"); 233 return -EINVAL; 234 } 235 236 image->dm_crypt_keys_addr = 0; 237 r = build_keys_header(); 238 if (r) 239 return r; 240 241 kbuf.buffer = keys_header; 242 kbuf.bufsz = get_keys_header_size(key_count); 243 244 kbuf.memsz = kbuf.bufsz; 245 kbuf.buf_align = ELF_CORE_HEADER_ALIGN; > 246 kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; > 247 r = kexec_add_buffer(&kbuf); 248 if (r) { 249 kvfree((void *)kbuf.buffer); 250 return r; 251 } 252 image->dm_crypt_keys_addr = kbuf.mem; 253 image->dm_crypt_keys_sz = kbuf.bufsz; 254 kexec_dprintk( 255 "Loaded dm crypt keys to kexec_buffer bufsz=0x%lx memsz=0x%lx\n", 256 kbuf.bufsz, kbuf.bufsz); 257 258 return r; 259 } 260
On Tue, Oct 29, 2024 at 10:41:50PM +0800, kernel test robot wrote: >Hi Coiby, > >kernel test robot noticed the following build errors: > >[auto build test ERROR on e42b1a9a2557aa94fee47f078633677198386a52] > >url: https://github.com/intel-lab-lkp/linux/commits/Coiby-Xu/kexec_file-allow-to-place-kexec_buf-randomly/20241029-135449 >base: e42b1a9a2557aa94fee47f078633677198386a52 >patch link: https://lore.kernel.org/r/20241029055223.210039-4-coxu%40redhat.com >patch subject: [PATCH v6 3/7] crash_dump: store dm crypt keys in kdump reserved memory >config: loongarch-allmodconfig (https://download.01.org/0day-ci/archive/20241029/202410292237.HA9vMqbC-lkp@intel.com/config) >compiler: loongarch64-linux-gcc (GCC) 14.1.0 >reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241029/202410292237.HA9vMqbC-lkp@intel.com/reproduce) > >If you fix the issue in a separate patch/commit (i.e. not just a new version of >the same patch/commit), kindly add following tags >| Reported-by: kernel test robot <lkp@intel.com> >| Closes: https://lore.kernel.org/oe-kbuild-all/202410292237.HA9vMqbC-lkp@intel.com/ > >All error/warnings (new ones prefixed by >>): > > kernel/crash_dump_dm_crypt.c: In function 'crash_load_dm_crypt_keys': >>> kernel/crash_dump_dm_crypt.c:221:16: error: variable 'kbuf' has initializer but incomplete type > 221 | struct kexec_buf kbuf = { > | ^~~~~~~~~ >>> kernel/crash_dump_dm_crypt.c:222:18: error: 'struct kexec_buf' has no member named 'image' > 222 | .image = image, > | ^~~~~ >>> kernel/crash_dump_dm_crypt.c:222:26: warning: excess elements in struct initializer > 222 | .image = image, > | ^~~~~ > kernel/crash_dump_dm_crypt.c:222:26: note: (near initialization for 'kbuf') >>> kernel/crash_dump_dm_crypt.c:223:18: error: 'struct kexec_buf' has no member named 'buf_min' > 223 | .buf_min = 0, > | ^~~~~~~ > kernel/crash_dump_dm_crypt.c:223:28: warning: excess elements in struct initializer > 223 | .buf_min = 0, > | ^ > kernel/crash_dump_dm_crypt.c:223:28: note: (near initialization for 'kbuf') >>> kernel/crash_dump_dm_crypt.c:224:18: error: 'struct kexec_buf' has no member named 'buf_max' > 224 | .buf_max = ULONG_MAX, > | ^~~~~~~ > In file included from include/linux/limits.h:7, > from include/linux/thread_info.h:12, > from include/asm-generic/preempt.h:5, > from ./arch/loongarch/include/generated/asm/preempt.h:1, > from include/linux/preempt.h:79, > from include/linux/rcupdate.h:27, > from include/linux/rbtree.h:24, > from include/linux/key.h:15, > from kernel/crash_dump_dm_crypt.c:2: >>> include/vdso/limits.h:13:25: warning: excess elements in struct initializer > 13 | #define ULONG_MAX (~0UL) > | ^ > kernel/crash_dump_dm_crypt.c:224:28: note: in expansion of macro 'ULONG_MAX' > 224 | .buf_max = ULONG_MAX, > | ^~~~~~~~~ > include/vdso/limits.h:13:25: note: (near initialization for 'kbuf') > 13 | #define ULONG_MAX (~0UL) > | ^ > kernel/crash_dump_dm_crypt.c:224:28: note: in expansion of macro 'ULONG_MAX' > 224 | .buf_max = ULONG_MAX, > | ^~~~~~~~~ >>> kernel/crash_dump_dm_crypt.c:225:18: error: 'struct kexec_buf' has no member named 'top_down' > 225 | .top_down = false, > | ^~~~~~~~ > kernel/crash_dump_dm_crypt.c:225:29: warning: excess elements in struct initializer > 225 | .top_down = false, > | ^~~~~ > kernel/crash_dump_dm_crypt.c:225:29: note: (near initialization for 'kbuf') >>> kernel/crash_dump_dm_crypt.c:226:18: error: 'struct kexec_buf' has no member named 'random' > 226 | .random = true, > | ^~~~~~ > kernel/crash_dump_dm_crypt.c:226:27: warning: excess elements in struct initializer > 226 | .random = true, > | ^~~~ > kernel/crash_dump_dm_crypt.c:226:27: note: (near initialization for 'kbuf') >>> kernel/crash_dump_dm_crypt.c:221:26: error: storage size of 'kbuf' isn't known > 221 | struct kexec_buf kbuf = { > | ^~~~ >>> kernel/crash_dump_dm_crypt.c:246:20: error: 'KEXEC_BUF_MEM_UNKNOWN' undeclared (first use in this function) > 246 | kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; > | ^~~~~~~~~~~~~~~~~~~~~ > kernel/crash_dump_dm_crypt.c:246:20: note: each undeclared identifier is reported only once for each function it appears in >>> kernel/crash_dump_dm_crypt.c:247:13: error: implicit declaration of function 'kexec_add_buffer' [-Wimplicit-function-declaration] > 247 | r = kexec_add_buffer(&kbuf); > | ^~~~~~~~~~~~~~~~ >>> kernel/crash_dump_dm_crypt.c:221:26: warning: unused variable 'kbuf' [-Wunused-variable] > 221 | struct kexec_buf kbuf = { > | ^~~~ > > >vim +/kbuf +221 kernel/crash_dump_dm_crypt.c > > 218 > 219 int crash_load_dm_crypt_keys(struct kimage *image) > 220 { > > 221 struct kexec_buf kbuf = { > > 222 .image = image, > > 223 .buf_min = 0, > > 224 .buf_max = ULONG_MAX, > > 225 .top_down = false, > > 226 .random = true, > 227 }; > 228 int r; > 229 > 230 > 231 if (key_count <= 0) { > 232 kexec_dprintk("No dm-crypt keys\n"); > 233 return -EINVAL; > 234 } > 235 > 236 image->dm_crypt_keys_addr = 0; > 237 r = build_keys_header(); > 238 if (r) > 239 return r; > 240 > 241 kbuf.buffer = keys_header; > 242 kbuf.bufsz = get_keys_header_size(key_count); > 243 > 244 kbuf.memsz = kbuf.bufsz; > 245 kbuf.buf_align = ELF_CORE_HEADER_ALIGN; > > 246 kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; > > 247 r = kexec_add_buffer(&kbuf); > 248 if (r) { > 249 kvfree((void *)kbuf.buffer); > 250 return r; > 251 } > 252 image->dm_crypt_keys_addr = kbuf.mem; > 253 image->dm_crypt_keys_sz = kbuf.bufsz; > 254 kexec_dprintk( > 255 "Loaded dm crypt keys to kexec_buffer bufsz=0x%lx memsz=0x%lx\n", > 256 kbuf.bufsz, kbuf.bufsz); > 257 > 258 return r; > 259 } > 260 > >-- >0-DAY CI Kernel Test Service >https://github.com/intel/lkp-tests/wiki Thanks for reporting this issue. I'll make CRASH_DM_CRYPT depend on KEXEC_FILE to fix it in new version of patch set! >_______________________________________________ >kexec mailing list >kexec@lists.infradead.org >http://lists.infradead.org/mailman/listinfo/kexec >
On 10/29/24 at 01:52pm, Coiby Xu wrote: ...... > +int crash_load_dm_crypt_keys(struct kimage *image) > +{ > + struct kexec_buf kbuf = { > + .image = image, > + .buf_min = 0, > + .buf_max = ULONG_MAX, > + .top_down = false, > + .random = true, > + }; > + int r; > + > + > + if (key_count <= 0) { > + kexec_dprintk("No dm-crypt keys\n"); > + return -EINVAL; > + } > + > + image->dm_crypt_keys_addr = 0; > + r = build_keys_header(); > + if (r) > + return r; > + > + kbuf.buffer = keys_header; > + kbuf.bufsz = get_keys_header_size(key_count); > + > + kbuf.memsz = kbuf.bufsz; > + kbuf.buf_align = ELF_CORE_HEADER_ALIGN; > + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; > + r = kexec_add_buffer(&kbuf); > + if (r) { > + kvfree((void *)kbuf.buffer); > + return r; > + } > + image->dm_crypt_keys_addr = kbuf.mem; > + image->dm_crypt_keys_sz = kbuf.bufsz; Wondering why not assigning kbuf.memsz, but bufsz. > + kexec_dprintk( > + "Loaded dm crypt keys to kexec_buffer bufsz=0x%lx memsz=0x%lx\n", > + kbuf.bufsz, kbuf.bufsz); > + > + return r; > +} > + > + > static int __init configfs_dmcrypt_keys_init(void) > { > int ret; > -- > 2.47.0 >
On Wed, Dec 11, 2024 at 08:58:27PM +0800, Baoquan He wrote: >On 10/29/24 at 01:52pm, Coiby Xu wrote: >...... >> +int crash_load_dm_crypt_keys(struct kimage *image) >> +{ >> + struct kexec_buf kbuf = { >> + .image = image, >> + .buf_min = 0, >> + .buf_max = ULONG_MAX, >> + .top_down = false, >> + .random = true, >> + }; >> + int r; >> + >> + >> + if (key_count <= 0) { >> + kexec_dprintk("No dm-crypt keys\n"); >> + return -EINVAL; >> + } >> + >> + image->dm_crypt_keys_addr = 0; >> + r = build_keys_header(); >> + if (r) >> + return r; >> + >> + kbuf.buffer = keys_header; >> + kbuf.bufsz = get_keys_header_size(key_count); >> + >> + kbuf.memsz = kbuf.bufsz; >> + kbuf.buf_align = ELF_CORE_HEADER_ALIGN; >> + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; >> + r = kexec_add_buffer(&kbuf); >> + if (r) { >> + kvfree((void *)kbuf.buffer); >> + return r; >> + } >> + image->dm_crypt_keys_addr = kbuf.mem; >> + image->dm_crypt_keys_sz = kbuf.bufsz; > >Wondering why not assigning kbuf.memsz, but bufsz. Thanks for the question! I think there is no need to use kbuf.memsz after reading the code on setting image->elf_headers_sz. Currently all arches except for x86 CONFIG_CRASH_HOTPLUG assigns kbuf.bufsz to image->elf_headers_sz. For x86 CONFIG_CRASH_HOTPLUG, if I understand it correctly, it assigns kbuf.memsz to kbuf.memsz because elfcorehdr changes when there is memory/CPU hot-plugging. For dm crypt keys, there is no so such concern, so assigning kbuf.bufsz shall be OK.
diff --git a/include/linux/crash_core.h b/include/linux/crash_core.h index 44305336314e..2e6782239034 100644 --- a/include/linux/crash_core.h +++ b/include/linux/crash_core.h @@ -34,7 +34,11 @@ static inline void arch_kexec_protect_crashkres(void) { } static inline void arch_kexec_unprotect_crashkres(void) { } #endif - +#ifdef CONFIG_CRASH_DM_CRYPT +int crash_load_dm_crypt_keys(struct kimage *image); +#else +static inline int crash_load_dm_crypt_keys(struct kimage *image) {return 0; } +#endif #ifndef arch_crash_handle_hotplug_event static inline void arch_crash_handle_hotplug_event(struct kimage *image, void *arg) { } diff --git a/include/linux/kexec.h b/include/linux/kexec.h index 0dc66ca2506a..5bda0978bab3 100644 --- a/include/linux/kexec.h +++ b/include/linux/kexec.h @@ -396,6 +396,10 @@ struct kimage { void *elf_headers; unsigned long elf_headers_sz; unsigned long elf_load_addr; + + /* dm crypt keys buffer */ + unsigned long dm_crypt_keys_addr; + unsigned long dm_crypt_keys_sz; }; /* kexec interface functions */ diff --git a/kernel/crash_dump_dm_crypt.c b/kernel/crash_dump_dm_crypt.c index 62a3c47d8b3b..ec2ec2967242 100644 --- a/kernel/crash_dump_dm_crypt.c +++ b/kernel/crash_dump_dm_crypt.c @@ -1,14 +1,62 @@ // SPDX-License-Identifier: GPL-2.0-only +#include <linux/key.h> +#include <linux/keyctl.h> #include <keys/user-type.h> #include <linux/crash_dump.h> #include <linux/configfs.h> #include <linux/module.h> #define KEY_NUM_MAX 128 /* maximum dm crypt keys */ +#define KEY_SIZE_MAX 256 /* maximum dm crypt key size */ #define KEY_DESC_MAX_LEN 128 /* maximum dm crypt key description size */ static unsigned int key_count; +struct dm_crypt_key { + unsigned int key_size; + char key_desc[KEY_DESC_MAX_LEN]; + u8 data[KEY_SIZE_MAX]; +}; + +static struct keys_header { + unsigned int total_keys; + struct dm_crypt_key keys[] __counted_by(total_keys); +} *keys_header; + +static size_t get_keys_header_size(size_t total_keys) +{ + return struct_size(keys_header, keys, total_keys); +} + +static int read_key_from_user_keying(struct dm_crypt_key *dm_key) +{ + const struct user_key_payload *ukp; + struct key *key; + + kexec_dprintk("Requesting key %s", dm_key->key_desc); + key = request_key(&key_type_logon, dm_key->key_desc, NULL); + + if (IS_ERR(key)) { + pr_warn("No such key %s\n", dm_key->key_desc); + return PTR_ERR(key); + } + + ukp = user_key_payload_locked(key); + if (!ukp) + return -EKEYREVOKED; + + if (ukp->datalen > KEY_SIZE_MAX) { + pr_err("Key size %u exceeds maximum (%u)\n", ukp->datalen, KEY_SIZE_MAX); + return -EINVAL; + } + + memcpy(dm_key->data, ukp->data, ukp->datalen); + dm_key->key_size = ukp->datalen; + kexec_dprintk("Get dm crypt key (size=%u) %s: %8ph\n", dm_key->key_size, + dm_key->key_desc, dm_key->data); + return 0; +} + struct config_key { struct config_item item; const char *description; @@ -130,6 +178,87 @@ static struct configfs_subsystem config_keys_subsys = { }, }; +static int build_keys_header(void) +{ + struct config_item *item = NULL; + struct config_key *key; + int i, r; + + if (keys_header != NULL) + kvfree(keys_header); + + keys_header = kzalloc(get_keys_header_size(key_count), GFP_KERNEL); + if (!keys_header) + return -ENOMEM; + + keys_header->total_keys = key_count; + + i = 0; + list_for_each_entry(item, &config_keys_subsys.su_group.cg_children, + ci_entry) { + if (item->ci_type != &config_key_type) + continue; + + key = to_config_key(item); + + strscpy(keys_header->keys[i].key_desc, key->description, + KEY_DESC_MAX_LEN); + r = read_key_from_user_keying(&keys_header->keys[i]); + if (r != 0) { + kexec_dprintk("Failed to read key %s\n", + keys_header->keys[i].key_desc); + return r; + } + i++; + kexec_dprintk("Found key: %s\n", item->ci_name); + } + + return 0; +} + +int crash_load_dm_crypt_keys(struct kimage *image) +{ + struct kexec_buf kbuf = { + .image = image, + .buf_min = 0, + .buf_max = ULONG_MAX, + .top_down = false, + .random = true, + }; + int r; + + + if (key_count <= 0) { + kexec_dprintk("No dm-crypt keys\n"); + return -EINVAL; + } + + image->dm_crypt_keys_addr = 0; + r = build_keys_header(); + if (r) + return r; + + kbuf.buffer = keys_header; + kbuf.bufsz = get_keys_header_size(key_count); + + kbuf.memsz = kbuf.bufsz; + kbuf.buf_align = ELF_CORE_HEADER_ALIGN; + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; + r = kexec_add_buffer(&kbuf); + if (r) { + kvfree((void *)kbuf.buffer); + return r; + } + image->dm_crypt_keys_addr = kbuf.mem; + image->dm_crypt_keys_sz = kbuf.bufsz; + kexec_dprintk( + "Loaded dm crypt keys to kexec_buffer bufsz=0x%lx memsz=0x%lx\n", + kbuf.bufsz, kbuf.bufsz); + + return r; +} + + static int __init configfs_dmcrypt_keys_init(void) { int ret;
When the kdump kernel image and initrd are loaded, the dm crypts keys will be read from keyring and then stored in kdump reserved memory. Assume a key won't exceed 256 bytes thus MAX_KEY_SIZE=256 according to "cryptsetup benchmark". Signed-off-by: Coiby Xu <coxu@redhat.com> --- include/linux/crash_core.h | 6 +- include/linux/kexec.h | 4 ++ kernel/crash_dump_dm_crypt.c | 129 +++++++++++++++++++++++++++++++++++ 3 files changed, 138 insertions(+), 1 deletion(-)