lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 28 Aug 2020 10:40:58 -0700
From:   Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To:     Thiago Jung Bauermann <bauerman@...ux.ibm.com>
Cc:     zohar@...ux.ibm.com, robh@...nel.org, gregkh@...uxfoundation.org,
        james.morse@....com, catalin.marinas@....com, sashal@...nel.org,
        will@...nel.org, mpe@...erman.id.au, benh@...nel.crashing.org,
        paulus@...ba.org, robh+dt@...nel.org, frowand.list@...il.com,
        vincenzo.frascino@....com, mark.rutland@....com,
        dmitry.kasatkin@...il.com, jmorris@...ei.org, serge@...lyn.com,
        pasha.tatashin@...een.com, allison@...utok.net,
        kstewart@...uxfoundation.org, takahiro.akashi@...aro.org,
        tglx@...utronix.de, masahiroy@...nel.org, bhsharma@...hat.com,
        mbrugger@...e.com, hsinyi@...omium.org, tao.li@...o.com,
        christophe.leroy@....fr, linux-integrity@...r.kernel.org,
        linux-kernel@...r.kernel.org, devicetree@...r.kernel.org,
        prsriva@...ux.microsoft.com, balajib@...ux.microsoft.com
Subject: Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch
 independent code to IMA

On 8/27/20 4:35 PM, Thiago Jung Bauermann wrote:
> 
> Lakshmi Ramasubramanian <nramas@...ux.microsoft.com> writes:
> 
>> The functions ima_get_kexec_buffer() and ima_free_kexec_buffer() that
>> handle carrying forward the IMA measurement logs on kexec for powerpc
>> do not have architecture specific code, but they are currently defined
>> for powerpc only.
>>
>> Move these functions to IMA subsystem so that it can be used for other
>> architectures as well. A later patch in this series will use these
>> functions for carrying forward the IMA measurement log for ARM64.
>>
>> Define FDT_PROP_IMA_KEXEC_BUFFER for the chosen node, namely
>> "linux,ima-kexec-buffer", that is added to the DTB to hold
>> the address and the size of the memory reserved to carry
>> the IMA measurement log.
>>
>> Co-developed-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
>> Signed-off-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
>> Signed-off-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
> 
> This patch removes two functions from arch/powerpc/kexec/ima.c, but adds
> four to security/integrity/ima/ima_kexec.c. The extra ones are
> get_addr_size_cells() and do_get_kexec_buffer(), which are being copied
> from the powerpc code but can't be removed yet because they're still
> used there by remove_ima_buffer() and setup_ima_buffer().
> 
> On the next patch you remove the need for these functions in powerpc
> code and therefore delete them. This confused me at first, so I think it
> would be cleared if you put patch 2 first in the series and then on this
> patch you can simply move the four functions and delete them from
> arch/powerpc/kexec/ima.c.
> 
> If you prefer to keep the current order, it's worth mentioning on the
> commit log where get_addr_size_cells() and do_get_kexec_buffer() are
> coming from.
> 
> Regardless:
> 
> Reviewed-by: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
> 

Thanks for reviewing the changes Thiago.

I'll update the commit log to describe the changes related to 
get_addr_size_cells() and do_get_kexec_buffer().

  -lakshmi

Powered by blists - more mailing lists