Secureboot and securemodules don't trust a pointer to executable code as
passed on command line as it is modifiable by root. So pass this info in
bootparams.
Signed-off-by: Vivek Goyal <vgoyal(a)redhat.com>
---
include/x86/x86-linux.h | 3 ++-
kexec/arch/i386/x86-linux-setup.c | 26 ++++++++++++++++++++++++++
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/include/x86/x86-linux.h b/include/x86/x86-linux.h
index bf4f8bb..416bb1b 100644
--- a/include/x86/x86-linux.h
+++ b/include/x86/x86-linux.h
@@ -115,7 +115,8 @@ struct x86_linux_param_header {
uint32_t ext_ramdisk_image; /* 0xc0 */
uint32_t ext_ramdisk_size; /* 0xc4 */
uint32_t ext_cmd_line_ptr; /* 0xc8 */
- uint8_t reserved4_1[0x1e0 - 0xcc]; /* 0xcc */
+ uint64_t acpi_rsdp_addr; /* 0xcc */
+ uint8_t reserved4_1[0x1e0 - 0xd4]; /* 0xd4 */
uint32_t alt_mem_k; /* 0x1e0 */
uint8_t reserved5[4]; /* 0x1e4 */
uint8_t e820_map_nr; /* 0x1e8 */
diff --git a/kexec/arch/i386/x86-linux-setup.c b/kexec/arch/i386/x86-linux-setup.c
index e244821..6dec787 100644
--- a/kexec/arch/i386/x86-linux-setup.c
+++ b/kexec/arch/i386/x86-linux-setup.c
@@ -47,6 +47,31 @@ void init_linux_parameters(struct x86_linux_param_header *real_mode)
real_mode->cmdline_size = COMMAND_LINE_SIZE;
}
+static void setup_acpi_rsdp_bootparam(struct x86_linux_param_header *real_mode)
+{
+ FILE *fp;
+ char line[MAX_LINE], *s;
+ unsigned long long acpi_rsdp_addr = 0;
+
+ fp = fopen("/sys/firmware/efi/systab", "r");
+ if (!fp)
+ return;
+
+ while(fgets(line, sizeof(line), fp) != 0) {
+ /* ACPI20= always goes before ACPI= */
+ if ((strstr(line, "ACPI20=")) || (strstr(line, "ACPI="))) {
+ line[strlen(line) - 1] = '\0';
+ s = strchr(line, '=');
+ s += 1;
+ acpi_rsdp_addr = strtoull(s, NULL, 16);
+ break;
+ }
+ }
+
+ fclose(fp);
+ real_mode->acpi_rsdp_addr = acpi_rsdp_addr;
+}
+
void setup_linux_bootloader_parameters_high(
struct kexec_info *info, struct x86_linux_param_header *real_mode,
unsigned long real_mode_base, unsigned long cmdline_offset,
@@ -121,6 +146,7 @@ void setup_linux_bootloader_parameters_high(
memcpy(cmdline_ptr, cmdline, cmdline_len);
cmdline_ptr[cmdline_len - 1] = '\0';
real_mode->secure_boot = is_secureboot_enabled();
+ setup_acpi_rsdp_bootparam(real_mode);
}
int setup_linux_vesafb(struct x86_linux_param_header *real_mode)
--
1.8.3.1