@@ -25,6 +25,7 @@
#include "paths.h"
#include "resource.h"
#include "platform.h"
+#include "elf.h"
#include <security/security.h>
@@ -55,6 +56,26 @@ static void __attribute__((format(__printf__, 4, 5))) update_status(
talloc_free(status.message);
}
+static int validate_kernel_capabilities(const char *filename)
+{
+ unsigned int *ppc_cap_bitmap = NULL;
+ ppc_cap_bitmap = elf_getnote_desc(elf_open_image(filename),
+ POWERPC_ELFNOTE_NAMESPACE,
+ PPC_ELFNOTE_CAPABILITIES);
+
+ if ((ppc_cap_bitmap) && (*ppc_cap_bitmap & PPCCAP_ULTRAVISOR_BIT)) {
+ pb_debug("kernel capabilities:"
+ " ultravisor mode found.\n");
+ return 0;
+ }
+
+ pb_log_fn("kernel capabilities failed:"
+ " ultravisor mode is required.\n");
+
+ free(ppc_cap_bitmap);
+ return -1;
+}
+
/**
* kexec_load - kexec load helper.
*/
@@ -82,7 +103,6 @@ static int kexec_load(struct boot_task *boot_task)
pb_log("%s: Aborting kexec due to signature"
" verification failure\n", __func__);
}
-
goto abort_kexec;
}
@@ -131,6 +151,12 @@ static int kexec_load(struct boot_task *boot_task)
assert(s_args);
*p++ = s_args; /* 6 */
+ if (validate_kernel_capabilities(local_image)) {
+ pb_log("%s: Aborting kexec due to invalid"
+ " kernel capabilities\n", __func__);
+ goto abort_kexec;
+ }
+
*p++ = local_image; /* 7 */
*p++ = NULL; /* 8 */
The PPC kernel image has an ELF Note 'namespace' called 'PowerPC' to store capabilities and information which can be used by a bootloader or userland. The capabilities can be accessed using the 'type' PPC_ELFNOTE_CAPABILITIES which returns a bitmap as 'descriptor' field. Bit 0 in this bitmap indicates that the powerpc kernel binary knows how to run in an ultravisor-enabled system. So, using this bit, the petitboot can decide to abort the boot if the kernel is incompatible, avoiding the crash later. Signed-off-by: Maxiwell S. Garcia <maxiwell@linux.ibm.com> --- discover/boot.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-)