[PATCH 0/3] Assorted kexec fixes

  • Done
  • quality assurance status badge
Details
2 participants
  • Ludovic Courtès
  • Tomas Volf
Owner
unassigned
Submitted by
Ludovic Courtès
Severity
normal

Debbugs page

L
L
Ludovic Courtès wrote 4 days ago
(address . guix-patches@gnu.org)(name . Ludovic Courtès)(address . ludo@gnu.org)
cover.1736168030.git.ludo@gnu.org
Hello,

Here’s a bunch of kexec-related fixes for bugs that have been reported
over the past week.

I checked the ‘kexec_file_load’ binding on i686 and aarch64 this time:
it’s definitely missing on i686, and alright on aarch64.

I’d like to commit it within a couple of days at most. Feedback welcome!

Ludo’.

Ludovic Courtès (3):
reconfigure: Do not pass KEXEC_FILE_DEBUG.
syscalls: Remove wrong syscall ID for ‘kexec_load_file’ on i686.
reconfigure: Make ‘load-system-for-kexec’ errors non-fatal.

guix/build/syscalls.scm | 6 ++---
guix/scripts/system/reconfigure.scm | 38 +++++++++++++++++++++++------
tests/syscalls.scm | 8 +++---
3 files changed, 38 insertions(+), 14 deletions(-)


base-commit: 6cb47c374469f7c26775520540e1ed79a8bff674
--
2.47.1
L
L
Ludovic Courtès wrote 4 days ago
[PATCH 1/3] reconfigure: Do not pass KEXEC_FILE_DEBUG.
(address . 75402@debbugs.gnu.org)
5c693e7d8bec42c1430bf9de00b8b408f38c6d39.1736168030.git.ludo@gnu.org
This flag is unsupported in Linux 6.6 and causes ‘kexec_file_load’ to
fail with EINVAL.


* guix/scripts/system/reconfigure.scm (kexec-loading-program): Remove
KEXEC_FILE_DEBUG.
* guix/build/syscalls.scm (KEXEC_FILE_DEBUG): Add comment.

Suggested-by: nathan <nathan_mail@nborghese.com>
Reported-by: Simen Endsjø <contact@simendsjo.me>
Change-Id: Ia48be7f4cfa9c6352908e4bea6472cd648f866ed
---
guix/build/syscalls.scm | 4 ++--
guix/scripts/system/reconfigure.scm | 5 ++---
2 files changed, 4 insertions(+), 5 deletions(-)

Toggle diff (43 lines)
diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm
index 960339e8bf..0f8927844b 100644
--- a/guix/build/syscalls.scm
+++ b/guix/build/syscalls.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014-2024 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014-2025 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
@@ -783,7 +783,7 @@ (define (string->utf-8/nul-terminated str)
(define KEXEC_FILE_UNLOAD #x00000001)
(define KEXEC_FILE_ON_CRASH #x00000002)
(define KEXEC_FILE_NO_INITRAMFS #x00000004)
-(define KEXEC_FILE_DEBUG #x00000008)
+(define KEXEC_FILE_DEBUG #x00000008) ;missing from Linux 6.6
(define kexec-load-file
(let* ((proc (syscall->procedure int "syscall"
diff --git a/guix/scripts/system/reconfigure.scm b/guix/scripts/system/reconfigure.scm
index e9e16e3422..96e5bff351 100644
--- a/guix/scripts/system/reconfigure.scm
+++ b/guix/scripts/system/reconfigure.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014-2022, 2024 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014-2022, 2024-2025 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;;; Copyright © 2016, 2017, 2018 Chris Marusich <cmmarusich@gmail.com>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
@@ -198,8 +198,7 @@ (define (kexec-loading-program os)
(kexec-load-file kernel initrd
(string-join
(list #$@(operating-system-kernel-arguments
- os root-device)))
- KEXEC_FILE_DEBUG)))))))
+ os root-device))))))))))
(define* (upgrade-shepherd-services eval os)
"Using EVAL, a monadic procedure taking a single G-Expression as an argument,
--
2.47.1
L
L
Ludovic Courtès wrote 4 days ago
[PATCH 2/3] syscalls: Remove wrong syscall ID for ‘kexec_load_file’ on i686.
(address . 75402@debbugs.gnu.org)
6062eaed018a8c738577dbb699d7e0324a4f8746.1736168031.git.ludo@gnu.org

* guix/build/syscalls.scm (kexec-load-file): Remove syscall ID for i686.
* tests/syscalls.scm ("kexec-load-file"): Accept ENOSYS in addition to
EPERM.

Reported-by: Dariqq <dariqq@posteo.net>
Change-Id: I83fe25636addb57533ed88cbfb40107d265b13a7
---
guix/build/syscalls.scm | 2 +-
tests/syscalls.scm | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)

Toggle diff (46 lines)
diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm
index 0f8927844b..7e16452462 100644
--- a/guix/build/syscalls.scm
+++ b/guix/build/syscalls.scm
@@ -794,8 +794,8 @@ (define kexec-load-file
'* ;cmdline
unsigned-long))) ;flags
(syscall-id (match (utsname:machine (uname))
- ("i686" 320)
("x86_64" 320)
+ ;; unsupported on i686
("armv7l" 401)
("aarch64" 294)
("ppc64le" 382)
diff --git a/tests/syscalls.scm b/tests/syscalls.scm
index eef864d097..d2848879d7 100644
--- a/tests/syscalls.scm
+++ b/tests/syscalls.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014-2021, 2024 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014-2021, 2024-2025 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2020 Simon South <simon@simonsouth.net>
;;; Copyright © 2020 Mathieu Othacehe <m.othacehe@gmail.com>
@@ -682,15 +682,15 @@ (define perform-container-tests?
(when (or (zero? (getuid))
(not (string-contains %host-type "linux")))
(test-skip 1))
-(test-equal "kexec-load-file"
- EPERM
+(test-assert "kexec-load-file"
(catch 'system-error
(lambda ()
(let ((fd1 (open-fdes "/dev/null" O_RDONLY))
(fd2 (open-fdes "/dev/null" O_RDONLY)))
(kexec-load-file fd1 fd2 "gnu.repl=yes")))
(lambda args
- (system-error-errno args))))
+ (member (system-error-errno args)
+ (list EPERM ENOSYS)))))
(test-end)
--
2.47.1
L
L
Ludovic Courtès wrote 4 days ago
[PATCH 3/3] reconfigure: Make ‘load-system- for-kexec’ errors non-fatal.
(address . 75402@debbugs.gnu.org)
7b6998df5bf49154493079c304e2362eb102b57c.1736168031.git.ludo@gnu.org

* guix/scripts/system/reconfigure.scm (load-system-for-kexec): Catch
exceptions in the gexp. Report them outside.

Reported-by: Luis Guilherme Coelho <lgcoelho@disroot.org>
Change-Id: Iebcdc92e29b8623a55967d58a4f353abab01631a
---
guix/scripts/system/reconfigure.scm | 33 +++++++++++++++++++++++++----
1 file changed, 29 insertions(+), 4 deletions(-)

Toggle diff (46 lines)
diff --git a/guix/scripts/system/reconfigure.scm b/guix/scripts/system/reconfigure.scm
index 96e5bff351..d35980590d 100644
--- a/guix/scripts/system/reconfigure.scm
+++ b/guix/scripts/system/reconfigure.scm
@@ -230,10 +230,35 @@ (define* (upgrade-shepherd-services eval os)
to-restart)))))))
(define (load-system-for-kexec eval os)
- "Load OS so that it can be rebooted into via kexec, if supported. Return
-true on success."
- (eval #~(and (string-contains %host-type "-linux")
- (primitive-load #$(kexec-loading-program os)))))
+ "Load OS so that it can be rebooted into via kexec, if supported. Print a
+warning in case of failure."
+ (mlet %store-monad
+ ((result (eval
+ #~(and (string-contains %host-type "-linux")
+ (with-exception-handler
+ (lambda (c)
+ (define kind-and-args?
+ (exception-predicate &exception-with-kind-and-args))
+
+ (list 'exception
+ (if (kind-and-args? c)
+ (call-with-output-string
+ (lambda (port)
+ (print-exception port #f
+ (exception-kind c)
+ (exception-args c))))
+ (object->string c))))
+ (lambda ()
+ (primitive-load #$(kexec-loading-program os))
+ 'success)
+ #:unwind? #t)))))
+ (match result
+ ('success
+ (return #t))
+ (('exception message)
+ (warning (G_ "failed to load operating system for kexec: ~a~%")
+ message)
+ (return #f)))))
;;;
--
2.47.1
T
T
Tomas Volf wrote 3 days ago
Re: [bug#75402] [PATCH 0/3] Assorted kexec fixes
(name . Ludovic Courtès)(address . ludo@gnu.org)
87cygyucrc.fsf@wolfsden.cz
Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (11 lines)
> Hello,
>
> Here’s a bunch of kexec-related fixes for bugs that have been reported
> over the past week.
>
> I checked the ‘kexec_file_load’ binding on i686 and aarch64 this time:
> it’s definitely missing on i686, and alright on aarch64.
>
> I’d like to commit it within a couple of days at most. Feedback
> welcome!

While I am hardly an expert here, the changes look reasonable. One
feature request though. I think it would be nice to get --no-kexec for
guix-deploy as well :)

Toggle quote (16 lines)
>
> Ludo’.
>
> Ludovic Courtès (3):
> reconfigure: Do not pass KEXEC_FILE_DEBUG.
> syscalls: Remove wrong syscall ID for ‘kexec_load_file’ on i686.
> reconfigure: Make ‘load-system-for-kexec’ errors non-fatal.
>
> guix/build/syscalls.scm | 6 ++---
> guix/scripts/system/reconfigure.scm | 38 +++++++++++++++++++++++------
> tests/syscalls.scm | 8 +++---
> 3 files changed, 38 insertions(+), 14 deletions(-)
>
>
> base-commit: 6cb47c374469f7c26775520540e1ed79a8bff674

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmd9BOcOHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wanS+A/8CFuYSw7yihIJ/x4Qa2UT7lNWNcDnGPjAw6CB
mbC3/ab43IqvENPdWj51VBi1wAfwsy8P9SSOfvrPUPqItYchvXSVNGU7aTXEVFak
lb+LTOqZroS/3j8ljGAOuyB4M+cpVIPZiMEDxm7mS3rsv/3d4hcg/bYuxVKYhNJV
fLUQA418hn6/CJDBWv3aSxjiKOzAamSolpPwS0JzhIpaegUHFgwrr7sO+B8GhIYO
wAWHlrGrrVO0psBIxR0hQ6AO0PSqm2M1CN2EqFgpJDZN97Ix2Y/C6Ty8bXx1sSNX
RDjphHrK0rcmcXEVXY+rgSJfmL2BkEOumSJ9I2QnVaZBn+2s5IeiG75s5stg3ahz
4ivkMrMLcXMijpUD5cLQSAYjTD2UTBGeZTLzysNueGfSm0i1wus5mtw4TKnop0lD
1j6yu0UOMUv20imodhWkkS5BZZQsgl+cTfy/tzAGxtv60G7tlZGHo5ILhFtez7Ui
oszx24Hn3qXO9+PnaeYdtxsbFQspIjhdSYByI7O2rgSt0JNulhDiwlZRPvw4tf1x
TtJQ6z1nV1PHrNhGGmaCbMTJ9DkzoZPjpgajtqrwLy35MG5iwS7Z3mC+8Rr6uBcK
uPoaEg9GdkDOWLevTQwrfd+V00u0GYKNCQgzGOiMzczUKn6y+CdgQtzTrT6WBD0R
qx5gek8=
=SI76
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote 3 days ago
(name . Tomas Volf)(address . ~@wolfsden.cz)
87r05e293h.fsf@gnu.org
Tomas Volf <~@wolfsden.cz> skribis:

Toggle quote (15 lines)
> Ludovic Courtès <ludo@gnu.org> writes:
>
>> Hello,
>>
>> Here’s a bunch of kexec-related fixes for bugs that have been reported
>> over the past week.
>>
>> I checked the ‘kexec_file_load’ binding on i686 and aarch64 this time:
>> it’s definitely missing on i686, and alright on aarch64.
>>
>> I’d like to commit it within a couple of days at most. Feedback
>> welcome!
>
> While I am hardly an expert here, the changes look reasonable.

Cool.

Toggle quote (3 lines)
> One feature request though. I think it would be nice to get
> --no-kexec for guix-deploy as well :)

Good point. I’m not sure where to put it though. In
<machine-ssh-configuration>?

Thanks!

Ludo’.
T
T
Tomas Volf wrote 3 days ago
(name . Ludovic Courtès)(address . ludo@gnu.org)
874j2auc05.fsf@wolfsden.cz
Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (25 lines)
> Tomas Volf <~@wolfsden.cz> skribis:
>
>> Ludovic Courtès <ludo@gnu.org> writes:
>>
>>> Hello,
>>>
>>> Here’s a bunch of kexec-related fixes for bugs that have been reported
>>> over the past week.
>>>
>>> I checked the ‘kexec_file_load’ binding on i686 and aarch64 this time:
>>> it’s definitely missing on i686, and alright on aarch64.
>>>
>>> I’d like to commit it within a couple of days at most. Feedback
>>> welcome!
>>
>> While I am hardly an expert here, the changes look reasonable.
>
> Cool.
>
>> One feature request though. I think it would be nice to get
>> --no-kexec for guix-deploy as well :)
>
> Good point. I’m not sure where to put it though. In
> <machine-ssh-configuration>?

I am asking for a command line argument. Not sure if that does answer
the question. I am not familiar enough with this part to suggest how to
wire the option through the program flow.

On a separate note, if we would want to disable the kexec in the
definition, I feel like operating-system would be the most fitting
place. Reason being that either I want to kexec the specific system or
I do not want to kexec it. But I would expect that to rarely correlate
with the deployment method. Sometimes I reconfigure the system via
guix-deploy, sometimes (when I break the networking) via
guix-system-reconfigure from USB drive, and it would seem to make sense
to have kexec behave the same way for both of the approaches.

Toggle quote (5 lines)
>
> Thanks!
>
> Ludo’.

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmd9CLoOHH5Ad29sZnNk
ZW4uY3oACgkQL7/ufbZ/wamTuRAAs/D2aRXocKxWM25vuf2kUMiJb4Xx5Y7WVG5N
lfSpqYM9GgaPS/+e4/HIGc0K+TFYv211WjgyDuuqfMJ4iEg5xRPhpa27qQmdl2qt
UdDQCuyKnUGwossviuyQlrLogsXi3qDefrPumPU6zzqTZVoCK6UtUlHBWk8Secb4
UjPhirDRHLJu/cvCHbFhz3d2EG6GsGAlnqjGv4OmD5pnL0BJp8hkakOIE1sAL0pu
vQwmzRpRbmbVxEnWC2qjj2g/1920b9h/2qA8eSBlByYtZm28EIq4mNmC+Q9cluSd
oH8anS/BfAPbDTPxki5OZWOclqFfqwd5o+PRJ9nFy2uWNAQveXMk7/pMEgyYELOl
RgyO5ucdPxkXtkeZftXQXwQXzyyBe9BPrbmwrFb0mGwnhMD17fIQfBIC9jda3mF0
uzSOFPTpGqZI6ZTveJz8cJ6M3RyoDWkWnUcnhBp1y2gtssL2Fhj/WTjYhvOCAdJE
06SQYeF3ZXpR+Ftx72pTCpik2SoyVkVIcxNHd5JC6TdGdO/MP0GbUnUcnDOl6byP
4ISKqQn9Vo11j085rkFdV2KwRda19tp5MFFPzcAi/ZjAJjnw2q4+l9pd+SDFKqKN
K44WmJ0uAlsm0WioF4041c9tYWxAYCZAqm0se4UNvqLwEmxjtE+t5Td9BdVB1Lj2
SCKWCsE=
=b23K
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote 3 days ago
(name . Tomas Volf)(address . ~@wolfsden.cz)
875xmqzeci.fsf@gnu.org
Pushed:

a6642650a7 * reconfigure: Make ‘load-system-for-kexec’ errors non-fatal.
410a359d4a * syscalls: Remove wrong syscall ID for ‘kexec_load_file’ on i686.
d8b7259197 * reconfigure: Do not pass KEXEC_FILE_DEBUG.

Ludo’.
Closed
L
L
Ludovic Courtès wrote 3 days ago
(name . Tomas Volf)(address . ~@wolfsden.cz)
87v7uqxzl0.fsf@gnu.org
Hi,

Tomas Volf <~@wolfsden.cz> skribis:

Toggle quote (10 lines)
>>> One feature request though. I think it would be nice to get
>>> --no-kexec for guix-deploy as well :)
>>
>> Good point. I’m not sure where to put it though. In
>> <machine-ssh-configuration>?
>
> I am asking for a command line argument. Not sure if that does answer
> the question. I am not familiar enough with this part to suggest how to
> wire the option through the program flow.

The reason I was suggesting this is that authorize?, allow-downgrades?,
safety-checks? are already part of <machine-ssh-configuration>. These
cannot really be a command-line option… for reasons that escape me right
now. :-) But anyway, I thought we’d be in the same situation here.

Toggle quote (9 lines)
> On a separate note, if we would want to disable the kexec in the
> definition, I feel like operating-system would be the most fitting
> place. Reason being that either I want to kexec the specific system or
> I do not want to kexec it. But I would expect that to rarely correlate
> with the deployment method. Sometimes I reconfigure the system via
> guix-deploy, sometimes (when I break the networking) via
> guix-system-reconfigure from USB drive, and it would seem to make sense
> to have kexec behave the same way for both of the approaches.

Hmm I see. The way I saw it, kexec loading is a bonus that doesn’t cost
much, which is why it’s opt-out. It didn’t occur to me that one would
really want to control that to the level you describe.

Ludo’.
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 75402@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 75402
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch