| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3897c55e-11d2-113a-5cef-db750b33772f@linux.microsoft.com>
Date: Fri, 28 Aug 2020 10:40:58 -0700
From: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
Cc: zohar@...ux.ibm.com, robh@...nel.org, gregkh@...uxfoundation.org,
james.morse@....com, catalin.marinas@....com, sashal@...nel.org,
will@...nel.org, mpe@...erman.id.au, benh@...nel.crashing.org,
paulus@...ba.org, robh+dt@...nel.org, frowand.list@...il.com,
vincenzo.frascino@....com, mark.rutland@....com,
dmitry.kasatkin@...il.com, jmorris@...ei.org, serge@...lyn.com,
pasha.tatashin@...een.com, allison@...utok.net,
kstewart@...uxfoundation.org, takahiro.akashi@...aro.org,
tglx@...utronix.de, masahiroy@...nel.org, bhsharma@...hat.com,
mbrugger@...e.com, hsinyi@...omium.org, tao.li@...o.com,
christophe.leroy@....fr, linux-integrity@...r.kernel.org,
linux-kernel@...r.kernel.org, devicetree@...r.kernel.org,
prsriva@...ux.microsoft.com, balajib@...ux.microsoft.com
Subject: Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch
independent code to IMA
On 8/27/20 4:35 PM, Thiago Jung Bauermann wrote:
>
> Lakshmi Ramasubramanian <nramas@...ux.microsoft.com> writes:
>
>> The functions ima_get_kexec_buffer() and ima_free_kexec_buffer() that
>> handle carrying forward the IMA measurement logs on kexec for powerpc
>> do not have architecture specific code, but they are currently defined
>> for powerpc only.
>>
>> Move these functions to IMA subsystem so that it can be used for other
>> architectures as well. A later patch in this series will use these
>> functions for carrying forward the IMA measurement log for ARM64.
>>
>> Define FDT_PROP_IMA_KEXEC_BUFFER for the chosen node, namely
>> "linux,ima-kexec-buffer", that is added to the DTB to hold
>> the address and the size of the memory reserved to carry
>> the IMA measurement log.
>>
>> Co-developed-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
>> Signed-off-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
>> Signed-off-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
>
> This patch removes two functions from arch/powerpc/kexec/ima.c, but adds
> four to security/integrity/ima/ima_kexec.c. The extra ones are
> get_addr_size_cells() and do_get_kexec_buffer(), which are being copied
> from the powerpc code but can't be removed yet because they're still
> used there by remove_ima_buffer() and setup_ima_buffer().
>
> On the next patch you remove the need for these functions in powerpc
> code and therefore delete them. This confused me at first, so I think it
> would be cleared if you put patch 2 first in the series and then on this
> patch you can simply move the four functions and delete them from
> arch/powerpc/kexec/ima.c.
>
> If you prefer to keep the current order, it's worth mentioning on the
> commit log where get_addr_size_cells() and do_get_kexec_buffer() are
> coming from.
>
> Regardless:
>
> Reviewed-by: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
>
Thanks for reviewing the changes Thiago.
I'll update the commit log to describe the changes related to
get_addr_size_cells() and do_get_kexec_buffer().
-lakshmi
Powered by blists - more mailing lists