kexec-tools: avoid kernel warning

Running command 'kexec -p /path/to/crash-kernel --reuse-cmdline' will give out the following warning: kexec[970]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set Add MFD_NOEXEC_SEAL explicitly to avoid such warning. (From OE-Core rev: c1bcebf4ca0176d69e6dfd589871944352eec449) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-20 18:32:12 +02:00 · 2024-08-06 22:27:13 -07:00
parent 454fcf36c7
commit ae85f8d5a0
2 changed files with 47 additions and 0 deletions
--- a/meta/recipes-kernel/kexec/kexec-tools/0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch
+++ b/meta/recipes-kernel/kexec/kexec-tools/0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch
@@ -0,0 +1,46 @@
+From a6a9e17dfeb5627f3e6f569b66f243f50f8a3645 Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Tue, 6 Aug 2024 21:42:43 -0700
+Subject: [PATCH] kexec.c: add MFD_NOEXEC_SEAL flag explicitly
+
+Add MFD_NOEXEC_SEAL to avoid kernel warning like below:
+
+  kexec[970]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
+
+For old kernels, there will be no MFD_NOEXEC_SEAL definition, so fallback
+to define it to 0.
+
+Upstream-Status: Submitted [https://github.com/horms/kexec-tools/pull/7]
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ kexec/kexec.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/kexec/kexec.c b/kexec/kexec.c
+index 7c614b0..41d285d 100644
+--- a/kexec/kexec.c
+++ b/kexec/kexec.c
+@@ -60,6 +60,10 @@
+ #define KEXEC_LOADED_PATH "/sys/kernel/kexec_loaded"
+ #define KEXEC_CRASH_LOADED_PATH "/sys/kernel/kexec_crash_loaded"
+ 
+#ifndef MFD_NOEXEC_SEAL
+#define MFD_NOEXEC_SEAL 0
+#endif
+
+ unsigned long long mem_min = 0;
+ unsigned long long mem_max = ULONG_MAX;
+ unsigned long elfcorehdrsz = 0;
+@@ -655,7 +659,7 @@ static int copybuf_memfd(const char *kernel_buf, size_t size)
+ {
+ 	int fd, count;
+ 
+-	fd = memfd_create("kernel", MFD_ALLOW_SEALING);
+	fd = memfd_create("kernel", MFD_ALLOW_SEALING | MFD_NOEXEC_SEAL);
+ 	if (fd == -1)
+ 		return fd;
+ 
+-- 
+2.25.1
+
--- a/meta/recipes-kernel/kexec/kexec-tools_2.0.29.bb
+++ b/meta/recipes-kernel/kexec/kexec-tools_2.0.29.bb
@@ -16,6 +16,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/kexec/kexec-tools-${PV}.tar.gz
           file://0002-purgatory-Pass-r-directly-to-linker.patch \
           file://0005-Disable-PIE-during-link.patch \
           file://0001-arm64-kexec-disabled-check-if-kaslr-seed-dtb-propert.patch \
+           file://0001-kexec.c-add-MFD_NOEXEC_SEAL-flag-explicitly.patch \
           "

 SRC_URI[sha256sum] = "0756dd54dab2f2a437e5d4df64b9760c3e6cf6a7d29fb296bdeeeb749f6ea28e"