- linux-morello - op-lists.linaro.org

[PATCH v2] module: Enable module loading for PCuABI kernels

by Kristina Martsenko

On some architectures, modules (and the kernel itself) may have different ELF properties than native userspace executables. On arm64 hybrid PCuABI kernels, userspace executables have the purecap EF_AARCH64_CHERI_PURECAP ELF flag, while modules do not. This means that elf_check_arch() cannot be used for modules. For the time being, work around this by skipping elf_check_arch() for modules when CONFIG_CHERI_PURECAP_UABI=y, and do the entire ELF check in module_elf_check_arch(). This enables modules to be loaded on a PCuABI kernel. Signed-off-by: Kristina Martsenko <kristina.martsenko(a)arm.com> --- Changes in v2: - Use ARCH_MODULE_SKIP_ELF_CHECK to work around changes in the 6.4 kernel - v1: https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org… arch/arm64/include/asm/elf.h | 9 +-------- arch/arm64/kernel/module.c | 8 ++++++++ kernel/module/main.c | 2 ++ 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h index 6189c8614dd6..f01f1f99cf03 100644 --- a/arch/arm64/include/asm/elf.h +++ b/arch/arm64/include/asm/elf.h @@ -95,16 +95,9 @@ * This is used to ensure we don't load something for the wrong architecture. */ #ifdef CONFIG_CHERI_PURECAP_UABI -/* - * TODO [PCuABI] - elf_check_arch() is also used by the kernel module loader to - * verify the ELF headers. However, kernel modules, just like the kernel, are - * currently hybrid binaries and therefore do not have the - * EF_AARCH64_CHERI_PURECAP flag. As a result elf_check_arch() currently fails - * for kernel modules. This could be solved by introducing a new macro to check - * kernel modules. - */ #define elf_check_arch(x) ((x)->e_machine == EM_AARCH64 && \ (x)->e_flags & EF_AARCH64_CHERI_PURECAP) +#define ARCH_MODULE_SKIP_ELF_CHECK #else #define elf_check_arch(x) ((x)->e_machine == EM_AARCH64) #endif diff --git a/arch/arm64/kernel/module.c b/arch/arm64/kernel/module.c index 5af4975caeb5..46f5f161fc0a 100644 --- a/arch/arm64/kernel/module.c +++ b/arch/arm64/kernel/module.c @@ -22,6 +22,14 @@ #include <asm/scs.h> #include <asm/sections.h> +#ifdef CONFIG_CHERI_PURECAP_UABI +bool module_elf_check_arch(Elf_Ehdr *hdr) +{ + return hdr->e_machine == EM_AARCH64 && + !(hdr->e_flags & EF_AARCH64_CHERI_PURECAP); +} +#endif + void *module_alloc(unsigned long size) { u64 module_alloc_end = module_alloc_base + MODULES_VSIZE; diff --git a/kernel/module/main.c b/kernel/module/main.c index 4e2cf784cf8c..076ba5f21ac9 100644 --- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -1688,11 +1688,13 @@ static int elf_validity_cache_copy(struct load_info *info, int flags) info->hdr->e_type, ET_REL); goto no_exec; } +#ifndef ARCH_MODULE_SKIP_ELF_CHECK if (!elf_check_arch(info->hdr)) { pr_err("Invalid architecture in ELF header: %u\n", info->hdr->e_machine); goto no_exec; } +#endif if (!module_elf_check_arch(info->hdr)) { pr_err("Invalid module architecture in ELF header: %u\n", info->hdr->e_machine); -- 2.30.2

1 year, 4 months

2
1
0 0

Fwd: [linux-morello-distros] Morello kernel development - Ask for help

by Menna Mahmoud

---------- Forwarded message --------- From: Menna Mahmoud <eng.mennamahmoud.mm(a)gmail.com> Date: Sun, 2 Jul 2023 at 02:23 Subject: Re: [linux-morello-distros] Morello kernel development - Ask for help To: Kevin Brodsky <kevin.brodsky(a)arm.com> Hi Kevin, On Thu, 29 Jun 2023 at 14:53, Kevin Brodsky <kevin.brodsky(a)arm.com> wrote: > On 26/06/2023 12:06, Menna Mahmoud wrote: > > Hi All, > > > > I am Menna, a Linux kernel intern- Outreahy internship. I worked on a > > project related to the Morello kernel. I checked the user guides and > > followed this: https://git.morello-project.org/morello/morello-linux, > > but I have a problem I couldn't create my own FVP kernel image and run > > it, I want to develop the kernel and update the FVP image and run it > > but I don't know how to do that. > > > > Could you please help me? > > Hi Menna, > > Welcome to Morello! I apologise for getting back to you only now. We'll > be happy to help you get started. > > I understand that you have already managed to build the kernel using the > SDK [1]. Running it on FVP using the environment provided in [2] is > unfortunately not as straightforward at the moment. That said, we have > put together some instructions that should allow you to do this fairly > easily. > > Assuming you already have an SDK environment looking like this (with the > kernel built under workspace/linux-out): > |-> workspace/ > |-> linux/ > |-> linux-out/ > |-> docker-compose.yml > > You can combine this with the morello-linux environment by adding it to > docker-compose.yml; for reference I copied the docker-compose.yml I used > at the end of this email. > > You should then be able to use the following instructions: > > 1. Start the containers: > > $ docker-compose up -d > > 2. Still on the host, download this package for later use: > > $ curl -O --output-dir workspace > > http://deb.debian.org/debian/pool/main/k/kexec-tools/kexec-tools_2.0.20-2.1… I got an error with this, so I downloaded `kexec-tools_2.0.20-2.1_arm64.deb <http://deb.debian.org/debian/pool/main/k/kexec-tools/kexec-tools_2.0.20-2.1…>` in the workspace directory, Is it right? > > 3. Enter the morello-linux container: > > $ docker exec -it -u 1000 morello-linux /bin/bash > > 4. Using an editor like vim, open /usr/bin/morello and append on the > last line "-v /morello", it should now look like this: > > morello-run.sh -f distro -i > /usr/share/morello/images/morello-fvp/morello-fvp.img -v /morello > > (This specifies that /morello should be made available to be mounted as > a 9P filesystem in FVP, see step 6.) > > 5. Start FVP: > > # morello > > 6. Once FVP has booted, mount the 9P filesystem to access the /morello > directory in the container: > > # mkdir /mnt/9p > # mount -t 9p -o trans=virtio,version=9p2000.L FM /mnt/9p > > 7. Install the previously downloaded kexec-tools package: > > # dpkg -i /mnt/9p/kexec-tools_2.0.20-2.1_arm64.deb > > 8. You should now be able to boot your own kernel image using kexec [3]: > > # kexec -l /mnt/9p/linux-out/arch/arm64/boot/Image --reuse-cmdline > I got this after this step: ``` root@morello:~# kexec -l /mnt/9p/linux-out/arch/arm64/boot/Image --reuse-cmdline Can't open (/proc/kcore). Can't open (/proc/kcore). ``` any advise, please? > # systemctl kexec > > The system will shut down and then reboot using the provided image. To > make development easier, you could automate the mounting of the 9P > filesystem, for instance by adding it to /etc/fstab. > > I hope this will work well for you, let us know otherwise. We are > working on improving the environments to remove the need for some of the > steps above, and generally make it easier to run custom kernels. > > Do not hesitate to ask any further question on the linux-morello list - > this is the best place for any question related to Morello kernel > development. > > Cheers, > Kevin > > [1] https://sdk.morello-project.org/docs/linux/ > [2] https://linux.morello-project.org/docs/intro/ > [3] https://man7.org/linux/man-pages/man8/kexec.8.html > > ------8<------ > > docker-compose.yml > > # Docker composer file for Morello Linux > version: '3.8' > services: > linux-morello-sdk: > image: > "git.morello-project.org:5050/morello/morello-sdk/morello-sdk:latest" > container_name: "linux-morello-sdk" > volumes: > - ./workspace:/home/morello/workspace > tty: true > restart: unless-stopped > morello-linux: > image: > "git.morello-project.org:5050/morello/morello-linux/morello-linux:latest" > container_name: "morello-linux" > environment: > - UID=1000 > - GID=1000 > volumes: > - ./workspace:/morello > tty: true > restart: unless-stopped > > Thanks in advance, Menna

1 year, 4 months

2
3
0 0

[PATCH v2 0/5] Alter fcntl to handle int arguments correctly

by Luca Vizzarro

According to the documentation of fcntl, some commands take an int as argument. In practice not all of them enforce this behaviour, as they instead accept a more permissive long and in most cases not even a range check is performed. An issue could possibly arise from a combination of the handling of the varargs in user space and the ABI rules of the target, which may result in the top bits of an int argument being non-zero. This issue was originally raised and detailed in the following thread: https://lore.kernel.org/linux-api/Y1%2FDS6uoWP7OSkmd@arm.com/ And was discovered during the porting of Linux to Morello [1]. This series modifies the interested commands so that they explicitly take an int argument. It also propagates this change down to helper and related functions as necessary. This series is also available on my fork at: https://git.morello-project.org/Sevenarth/linux/-/commits/fcntl-int-handlin… Best regards, Luca Vizzarro [1] https://git.morello-project.org/morello/kernel/linux Luca Vizzarro (5): fcntl: Cast commands with int args explicitly fs: Pass argument to fcntl_setlease as int pipe: Pass argument of pipe_fcntl as int memfd: Pass argument of memfd_fcntl as int dnotify: Pass argument of fcntl_dirnotify as int fs/cifs/cifsfs.c | 2 +- fs/fcntl.c | 29 +++++++++++++++-------------- fs/libfs.c | 2 +- fs/locks.c | 20 ++++++++++---------- fs/nfs/nfs4_fs.h | 2 +- fs/nfs/nfs4file.c | 2 +- fs/nfs/nfs4proc.c | 4 ++-- fs/notify/dnotify/dnotify.c | 4 ++-- fs/pipe.c | 6 +++--- include/linux/dnotify.h | 4 ++-- include/linux/filelock.h | 12 ++++++------ include/linux/fs.h | 6 +++--- include/linux/memfd.h | 4 ++-- include/linux/pipe_fs_i.h | 4 ++-- mm/memfd.c | 6 +----- 15 files changed, 52 insertions(+), 55 deletions(-) -- 2.34.1

1 year, 5 months

4
9
0 0

Morello kernel development - Ask for help

by Menna Mahmoud

Hi All, I am Menna, a Linux kernel intern- Outreahy internship. I worked on a project related to the Morello kernel. I checked the user guides and followed this: https://git.morello-project.org/morello/morello-linux, but I have a problem I couldn't create my own FVP kernel image and run it, I want to develop the kernel and update the FVP image and run it but I don't know how to do that. Could you please help me? Thanks in advance, Menna

1 year, 5 months

2
4
0 0

[PATCH] arch: Do not enable COMPAT_32BIT_TIME in compat64

by Kevin Brodsky

Syscalls provided by CONFIG_COMPAT_32BIT_TIME are not required in 64-bit compat. Only enable this option by default if CONFIG_COMPAT32 is selected. Note that this is a non-functional change on arm64 as since commit "arm64: compat: handle time in compat64 syscalls", syscall handlers provided by CONFIG_COMPAT_32BIT_TIME are unused in compat64. Signed-off-by: Kevin Brodsky <kevin.brodsky(a)arm.com> --- I discovered this by chance when looking at Tudor's AIO patches, as some AIO syscalls have such 32-bit time variants. This patch makes things slightly more consistent and avoids including syscall handlers that end up completely unused in compat64. Kevin arch/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/Kconfig b/arch/Kconfig index 143825c4d3af..e0b819abd16c 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -1137,7 +1137,7 @@ config COMPAT_OLD_SIGACTION config COMPAT_32BIT_TIME bool "Provide system calls for 32-bit time_t" - default !64BIT || COMPAT + default !64BIT || COMPAT32 help This enables 32 bit time_t support in addition to 64 bit time_t support. This is relevant on all 32-bit architectures, and 64-bit architectures -- 2.38.1

1 year, 5 months

2
2
0 0

[PATCH v2 0/9] New user_ptr helpers for uaccess

by Kevin Brodsky

Hi, This is a small update to the series, for more info see the original cover letter [1]. Following various discussions, the interface remains broadly unchanged, with a separate function for each permission set (read/write/RW). Luca's work on explicit checking however exposed that check_user_ptr_read() should clearly take a pointer to const. The write/RW variants still take a non-const pointer; accordingly fault_in_safe_writeable() will be changed to take a non-const pointer too [2], which feels more logical. For symmetry, make_user_ptr_for_read_uaccess() now returns a pointer to const. A few patches are modified accordingly; the additional changes are minimal. A nice side-effect is that this reduces the risks of misuse at compile time, since copy_to_user(uptr, ...) will trigger a warning if uptr is a pointer to const. v1..v2: - Patch 1: made check_user_ptr_read() and make_user_ptr_for_read_uaccess() take/return a pointer to const. - Patch 3, 4, 9: made variables pointers to const when using make_user_ptr_for_read_uaccess(). Review branch: https://git.morello-project.org/kbrodsky-arm/linux/-/commits/morello/user_p… Thanks, Kevin [1] https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org… [2] https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org… Kevin Brodsky (9): linux/user_ptr.h: Introduce uaccess-related helpers fs/binfmt_elf: Create appropriate user pointer for uaccess coredump: Create appropriate user pointer for uaccess mm/memory: Create appropriate user pointer for uaccess Revert "mm/hugetlb: Use appropriate user pointer conversions" Revert "mm/shmem: Use appropriate user pointer conversions" audit: Create appropriate user pointer for uaccess perf: Avoid uaddr_to_user_ptr_safe() for arbitrary user address arm64: Create appropriate user pointer for uaccess Documentation/core-api/user_ptr.rst | 100 ++++++++++++++++++---------- arch/arm64/kernel/debug-monitors.c | 3 +- arch/arm64/kernel/traps.c | 3 +- fs/binfmt_elf.c | 14 ++-- fs/coredump.c | 4 +- include/linux/user_ptr.h | 86 ++++++++++++++++++++++-- kernel/auditsc.c | 3 +- kernel/events/internal.h | 2 +- lib/user_ptr.c | 46 +++++++++++++ mm/hugetlb.c | 2 +- mm/memory.c | 4 +- mm/shmem.c | 2 +- 12 files changed, 218 insertions(+), 51 deletions(-) -- 2.38.1

1 year, 5 months

2
11
0 0

[PATCH v3 0/7] Support aio shared memory usage in the Purecap apps

by Tudor Cretu

This series makes it possible for purecap apps to use the aio_ring shared memory region to bypass the io_getevents syscall's overhead. This functionality is also used in libaio. With these patches, all io_* LTP tests pass in both Purecap and plain AArch64 modes. Note that the LTP tests only address the basic functionality of the aio system and a significant portion of the functionality is untested in LTP. For a more comprehensive testing, libaio has been updated with the new uAPI and ported. All the tests in libaio pass accordingly, in both Purecap and plain AArch64 modes. v3..v2: - Improve the commit messages - Revert a few unrelated changes - Change compat_aio_context_t to compat_uptr_t - Remove io_events_compat union member - Improve code formatting - Add copy_to_user_with_ptr in copy_io_events_to_user - Split copy_from_user_with_ptr for struct __aio_sigset into a different patch v2..v1: - Add Patch 1 that fixes a parameter type for the compat handler - Split the change the types to user pointers into two patches: one for aio_context_t, and the other for io_event struct fields. - vmap all the ring pages at the beginning and cache them in the ctx - Don't remap the pages while allowing tag access to the shared memory. Setting the VM flags is enough. - Change aio_context_t to a void __user *. - Improve commit messages. - Refactor some of the functions for compat handling. - Create valid user pointers ctx_id when received from a compat task Gitlab issue: https://git.morello-project.org/morello/kernel/linux/-/issues/49 Review branch: https://git.morello-project.org/tudcre01/linux/-/commits/morello/aio_v3 Tudor Cretu (7): aio: Fix type of nr parameter in compat handler of io_submit aio: Use copy_from_user_with_ptr for struct __aio_sigset aio: vmap entire aio_ring instead of kmapping each page aio: Implement compat handling for the io_event struct aio: Allow capability tag access on the shared memory aio: Change aio_context_t to a user pointer aio: Use user pointer type in the io_event struct fs/aio.c | 284 +++++++++++++++++++++-------------- include/asm-generic/compat.h | 3 +- include/uapi/linux/aio_abi.h | 12 +- 3 files changed, 180 insertions(+), 119 deletions(-) -- 2.34.1

1 year, 5 months

2
17
0 0

[PATCH v2 0/6] Support aio shared memory usage in the Purecap apps

by Tudor Cretu

This series makes it possible for purecap apps to use the aio_ring shared memory region to bypass the io_getevents syscall's overhead. This functionality is also used in libaio. With these patches, all io_* LTP tests pass in both Purecap and plain AArch64 modes. Note that the LTP tests only address the basic functionality of the aio system and a significant portion of the functionality is untested in LTP. For a more comprehensive testing, libaio has been updated with the new uAPI and ported. All the tests in libaio pass accordingly, in both Purecap and plain AArch64 modes. v2..v1: - Add Patch 1 that fixes a parameter type for the compat handler - Split the change the types to user pointers into two patches: one for aio_context_t, and the other for io_event struct fields. - vmap all the ring pages at the beginning and cache them in the ctx - Don't remap the pages while allowing tag access to the shared memory. Setting the VM flags is enough. - Change aio_context_t to a void __user *. - Improve commit messages. - Refactor some of the functions for compat handling. - Create valid user pointers ctx_id when received from a compat task Gitlab issue: https://git.morello-project.org/morello/kernel/linux/-/issues/49 Review branch: https://git.morello-project.org/tudcre01/linux/-/commits/morello/aio_v2 Tudor Cretu (6): aio: Fix type of nr parameter in compat handler of io_submit aio: vmap entire aio_ring instead of kmapping each page aio: Implement compat handling for the io_event struct aio: Allow capability tag access on the shared memory aio: Change aio_context_t to a user pointer aio: Use user pointer type in the io_event struct fs/aio.c | 306 ++++++++++++++++++++++------------- include/uapi/linux/aio_abi.h | 12 +- 2 files changed, 198 insertions(+), 120 deletions(-) -- 2.34.1

1 year, 5 months

2
16
0 0

[PATCH 0/4] Support aio shared memory usage in the Purecap apps

by Tudor Cretu

This series makes it possible for purecap apps to use the aio_ring shared memory region to bypass the io_getevents syscall's overhead. This functionality is also used in libaio. With these patches, all io_* LTP tests pass in both Purecap and plain AArch64 modes. Note that the LTP tests only address the basic functionality of the aio system and a significant portion of the functionality is untested in LTP. For a more comprehensive testing, libaio has been updated with the new uAPI and ported. All the tests in libaio pass accordingly, in both Purecap and plain AArch64 modes. Gitlab issue: https://git.morello-project.org/morello/kernel/linux/-/issues/49 Review branch: https://git.morello-project.org/tudcre01/linux/-/commits/morello/aio_v1 Tudor Cretu (4): aio: Fix the relationship between ctx pages and io_events array aio: Implement compat handling for the io_event struct aio: Allow capability tag access on the shared memory aio: Use user pointer type in the io_event struct and aio_context_t fs/aio.c | 197 ++++++++++++++++++++++++++--------- include/uapi/linux/aio_abi.h | 12 +-- 2 files changed, 153 insertions(+), 56 deletions(-) -- 2.34.1

1 year, 5 months

2
15
0 0

[PATCH 0/3] Fix module loading for PCuABI kernels

by Kristina Martsenko

Hi, Here are a few small patches to fix kernel module loading in the PCuABI kernel [1]. (Sorry about the delay!) There are some notes on testing in the third patch. Thanks, Kristina [1] https://git.morello-project.org/morello/kernel/linux/-/issues/41 Kristina Martsenko (3): module: Allow arch overrides for ELF arch check arm64: elf: Enable module loading for PCuABI kernels arm64: morello: Add test modules to defconfig .../configs/morello_transitional_pcuabi_defconfig | 6 ++++++ arch/arm64/include/asm/elf.h | 10 ++-------- include/linux/moduleloader.h | 4 ++++ kernel/module/main.c | 2 +- 4 files changed, 13 insertions(+), 9 deletions(-) base-commit: 7f84d159d4eb989bf2f42d2e3b27a204cb3c1ec4 -- 2.25.1

1 year, 5 months

3
6
0 0

2024

2023

2022

linux-morello