lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 13 Nov 2020 11:22:40 -0800
From:   Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To:     zohar@...ux.ibm.com, bauerman@...ux.ibm.com, robh@...nel.org,
        gregkh@...uxfoundation.org, james.morse@....com,
        catalin.marinas@....com, sashal@...nel.org, will@...nel.org,
        mpe@...erman.id.au, benh@...nel.crashing.org, paulus@...ba.org,
        robh+dt@...nel.org, frowand.list@...il.com,
        vincenzo.frascino@....com, mark.rutland@....com,
        dmitry.kasatkin@...il.com, jmorris@...ei.org, serge@...lyn.com,
        pasha.tatashin@...een.com, allison@...utok.net,
        kstewart@...uxfoundation.org, takahiro.akashi@...aro.org,
        tglx@...utronix.de, masahiroy@...nel.org, bhsharma@...hat.com,
        mbrugger@...e.com, hsinyi@...omium.org, tao.li@...o.com,
        christophe.leroy@....fr
Cc:     linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
        devicetree@...r.kernel.org, prsriva@...ux.microsoft.com,
        balajib@...ux.microsoft.com
Subject: [PATCH v9 5/8] powerpc: Move remove_ima_buffer() to drivers/of

remove_ima_buffer() removes the chosen node, namely
"linux,ima-kexec-buffer", from the device tree and frees the memory
reserved for carrying forward the IMA measurement logs on kexec.
This function does not have architecture specific code, but is currently
limited to powerpc.

Move remove_ima_buffer() to "drivers/of/ima_kexec.c" so that it is
accessible for other architectures as well.

Co-developed-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
Signed-off-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
Signed-off-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
---
 arch/powerpc/include/asm/ima.h |  8 ++------
 arch/powerpc/kexec/ima.c       | 26 --------------------------
 drivers/of/ima_kexec.c         | 26 ++++++++++++++++++++++++++
 include/linux/kexec.h          |  2 ++
 4 files changed, 30 insertions(+), 32 deletions(-)

diff --git a/arch/powerpc/include/asm/ima.h b/arch/powerpc/include/asm/ima.h
index ead488cf3981..a2fc71bc3b23 100644
--- a/arch/powerpc/include/asm/ima.h
+++ b/arch/powerpc/include/asm/ima.h
@@ -2,17 +2,13 @@
 #ifndef _ASM_POWERPC_IMA_H
 #define _ASM_POWERPC_IMA_H
 
+#include <linux/kexec.h>
+
 struct kimage;
 
 int ima_get_kexec_buffer(void **addr, size_t *size);
 int ima_free_kexec_buffer(void);
 
-#ifdef CONFIG_IMA
-void remove_ima_buffer(void *fdt, int chosen_node);
-#else
-static inline void remove_ima_buffer(void *fdt, int chosen_node) {}
-#endif
-
 #ifdef CONFIG_IMA_KEXEC
 int arch_ima_add_kexec_buffer(struct kimage *image, unsigned long load_addr,
 			      size_t size);
diff --git a/arch/powerpc/kexec/ima.c b/arch/powerpc/kexec/ima.c
index df491fab5d4b..baa95d1a8304 100644
--- a/arch/powerpc/kexec/ima.c
+++ b/arch/powerpc/kexec/ima.c
@@ -61,32 +61,6 @@ int ima_free_kexec_buffer(void)
 	return memblock_free(addr, size);
 }
 
-/**
- * remove_ima_buffer - remove the IMA buffer property and reservation from @fdt
- *
- * @fdt: Flattened Device Tree to update
- * @chosen_node: Offset to the chosen node in the device tree
- *
- * The IMA measurement buffer is of no use to a subsequent kernel, so we always
- * remove it from the device tree.
- */
-void remove_ima_buffer(void *fdt, int chosen_node)
-{
-	int ret;
-	unsigned long addr;
-	size_t size;
-
-	ret = get_ima_kexec_buffer(fdt, chosen_node, &addr, &size);
-	if (ret)
-		return;
-
-	fdt_delprop(fdt, chosen_node, "linux,ima-kexec-buffer");
-
-	ret = delete_fdt_mem_rsv(fdt, addr, size);
-	if (!ret)
-		pr_debug("Removed old IMA buffer reservation.\n");
-}
-
 #ifdef CONFIG_IMA_KEXEC
 static int get_addr_size_cells(int *addr_cells, int *size_cells)
 {
diff --git a/drivers/of/ima_kexec.c b/drivers/of/ima_kexec.c
index 9c14777404f2..a063a8b4dcb4 100644
--- a/drivers/of/ima_kexec.c
+++ b/drivers/of/ima_kexec.c
@@ -63,3 +63,29 @@ int get_ima_kexec_buffer(void *fdt, int chosen_node,
 
 	return 0;
 }
+
+/**
+ * remove_ima_buffer - remove the IMA buffer property and reservation from @fdt
+ *
+ * @fdt: Flattened Device Tree to update
+ * @chosen_node: Offset to the chosen node in the device tree
+ *
+ * The IMA measurement buffer is of no use to a subsequent kernel, so we always
+ * remove it from the device tree.
+ */
+void remove_ima_buffer(void *fdt, int chosen_node)
+{
+	int ret;
+	unsigned long addr;
+	size_t size;
+
+	ret = get_ima_kexec_buffer(fdt, chosen_node, &addr, &size);
+	if (ret)
+		return;
+
+	fdt_delprop(fdt, chosen_node, "linux,ima-kexec-buffer");
+
+	ret = delete_fdt_mem_rsv(fdt, addr, size);
+	if (!ret)
+		pr_debug("Removed old IMA buffer reservation.\n");
+}
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index a4f248caa483..152e5a56bb35 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -410,12 +410,14 @@ static inline int kexec_crash_loaded(void) { return 0; }
 #if defined(CONFIG_OF_FLATTREE) && defined(CONFIG_HAVE_IMA_KEXEC)
 extern int get_ima_kexec_buffer(void *fdt, int chosen_node,
 				unsigned long *addr, size_t *size);
+extern void remove_ima_buffer(void *fdt, int chosen_node);
 #else
 static inline int get_ima_kexec_buffer(void *fdt, int chosen_node,
 				       unsigned long *addr, size_t *size)
 {
 	return -EOPNOTSUPP;
 }
+static inline void remove_ima_buffer(void *fdt, int chosen_node) {}
 #endif /* CONFIG_OF_FLATTREE && CONFIG_HAVE_IMA_KEXEC */
 
 #if defined(CONFIG_OF_FLATTREE) && defined(CONFIG_KEXEC_FILE)
-- 
2.29.2

Powered by blists - more mailing lists