[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1377592432.27967.80.camel@linux-s257.site>
Date: Tue, 27 Aug 2013 16:33:52 +0800
From: joeyli <jlee@...e.com>
To: Pavel Machek <pavel@....cz>
Cc: linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org, linux-efi@...r.kernel.org,
linux-pm@...r.kernel.org, linux-crypto@...r.kernel.org,
opensuse-kernel@...nsuse.org, David Howells <dhowells@...hat.com>,
"Rafael J. Wysocki" <rjw@...k.pl>,
Matthew Garrett <mjg59@...f.ucam.org>,
Len Brown <len.brown@...el.com>,
Josh Boyer <jwboyer@...hat.com>,
Vojtech Pavlik <vojtech@...e.cz>,
Matt Fleming <matt.fleming@...el.com>,
James Bottomley <james.bottomley@...senpartnership.com>,
Greg KH <gregkh@...uxfoundation.org>, JKosina@...e.com,
Rusty Russell <rusty@...tcorp.com.au>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
"H. Peter Anvin" <hpa@...or.com>, Michal Marek <mmarek@...e.cz>,
Gary Lin <GLin@...e.com>, Vivek Goyal <vgoyal@...hat.com>
Subject: Re: [PATCH 13/18] Hibernate: Avoid S4 sign key data included in
snapshot image
於 日,2013-08-25 於 18:39 +0200,Pavel Machek 提到:
> On Thu 2013-08-22 19:01:52, Lee, Chun-Yi wrote:
> > This patch add swsusp_page_is_sign_key() method to hibernate_key.c and
> > check the page is S4 sign key data when collect saveable page in
> > snapshot.c to avoid sign key data included in snapshot image.
> >
> > Reviewed-by: Jiri Kosina <jkosina@...e.cz>
> > Signed-off-by: Lee, Chun-Yi <jlee@...e.com>
> > ---
> > kernel/power/snapshot.c | 6 ++++++
> > 1 files changed, 6 insertions(+), 0 deletions(-)
> >
> > diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c
> > index 72e2911..9e4c94b 100644
> > --- a/kernel/power/snapshot.c
> > +++ b/kernel/power/snapshot.c
> > @@ -860,6 +860,9 @@ static struct page *saveable_highmem_page(struct zone *zone, unsigned long pfn)
> >
> > BUG_ON(!PageHighMem(page));
> >
> > + if (swsusp_page_is_sign_key(page))
> > + return NULL;
> > +
> > if (swsusp_page_is_forbidden(page) || swsusp_page_is_free(page) ||
> > PageReserved(page))
> > return NULL;
>
> Just do set_page_forbidden() on your page?
Before call swsusp_unset_page_forbidden(), we need make sure the
create_basic_memory_bitmaps() function already called to initial
forbidden_pages_map. That means need careful the timing, otherwise the
page of private key will not register to forbidden pages map.
So, I choice to refuse the page of private key when snapshot finding
which page is saveable. It has clearer code and we don't need worry the
future change of hibernate.c or user.c for when they call
create_basic_memory_bitmaps() and when the code clear forbidden pages
map.
Thanks a lot!
Joey Lee
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists