On Wed, Aug 28, 2019 at 10:36 AM Kees Cook keescook@chromium.org wrote:
On Thu, Aug 22, 2019 at 01:55:22PM -0700, David Abdurachmanov wrote:
This patch was extensively tested on Fedora/RISCV (applied by default on top of 5.2-rc7 kernel for <2 months). The patch was also tested with 5.3-rc on QEMU and SiFive Unleashed board.
Oops, I see the mention of QEMU here. Where's the best place to find instructions on creating a qemu riscv image/environment?
Examples from what I personally use: https://github.com/riscv/meta-riscv https://fedoraproject.org/wiki/Architectures/RISC-V/Installing#Boot_with_lib... (might be outdated)
If you are running machine with a properly working libvirt/QEMU setup:
VIRTBUILDER_IMAGE=fedora-rawhide-developer-20190703n0 FIRMWARE=fw_payload-uboot-qemu-virt-smode.elf wget https://dl.fedoraproject.org/pub/alt/risc-v/disk-images/fedora/rawhide/20190... echo riscv > /tmp/rootpw virt-builder \ --verbose \ --source https://dl.fedoraproject.org/pub/alt/risc-v/repo/virt-builder-images/images/... \ --no-check-signature \ --arch riscv64 \ --size 10G \ --format raw \ --hostname fedora-riscv \ -o disk \ --root-password file:/tmp/rootpw \ ${VIRTBUILDER_IMAGE}
sudo virt-install \ --name fedora-riscv \ --arch riscv64 \ --vcpus 4 \ --memory 3048 \ --import \ --disk path=$PWD/disk \ --boot kernel=$PWD/${FIRMWARE} \ --network network=default \ --graphics none \ --serial log.file=/tmp/fedora-riscv.serial.log \ --noautoconsole
The following does incl. SECCOMP v2 patch on top of 5.2-rc7 kernel.
There is one failing kernel selftest: global.user_notification_signal
This test has been fragile (and is not arch-specific), so as long as everything else is passing, I would call this patch ready to go. :)
Reviewed-by: Kees Cook keescook@chromium.org
-- Kees Cook