| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 6 Dec 2020 17:54:20 -0800
From: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
Cc: zohar@...ux.ibm.com, robh@...nel.org, gregkh@...uxfoundation.org,
james.morse@....com, catalin.marinas@....com, sashal@...nel.org,
will@...nel.org, mpe@...erman.id.au, benh@...nel.crashing.org,
paulus@...ba.org, robh+dt@...nel.org, frowand.list@...il.com,
vincenzo.frascino@....com, mark.rutland@....com,
dmitry.kasatkin@...il.com, jmorris@...ei.org, serge@...lyn.com,
pasha.tatashin@...een.com, allison@...utok.net,
kstewart@...uxfoundation.org, takahiro.akashi@...aro.org,
tglx@...utronix.de, masahiroy@...nel.org, bhsharma@...hat.com,
mbrugger@...e.com, hsinyi@...omium.org, tao.li@...o.com,
christophe.leroy@....fr, linux-integrity@...r.kernel.org,
linux-kernel@...r.kernel.org, devicetree@...r.kernel.org,
prsriva@...ux.microsoft.com, balajib@...ux.microsoft.com
Subject: Re: [PATCH v10 4/8] powerpc: Use ima kexec node functions
On 12/5/20 11:51 AM, Thiago Jung Bauermann wrote:
>
> Lakshmi Ramasubramanian <nramas@...ux.microsoft.com> writes:
>
>> do_get_kexec_buffer() and get_addr_size_cells() are called by
>> ima_get_kexec_buffer(), ima_free_kexec_buffer, and remove_ima_buffer()
>> to retrieve the address and size of the buffer used for carrying
>> forward the IMA measurement log across kexec system call. These
>> functions correctly handle a device tree property that is a child node
>> of the root node, but not anything other than the immediate root
>> child nodes.
>>
>> Use the architecture independent functions get_ima_kexec_buffer()
>> and get_root_addr_size_cells() defined in "drivers/of/ima_kexec.c",
>
> s/ima_kexec.c/kexec.c/
Thanks for catching this. I'll fix it.
>
>> to get the address and size of the IMA measurement log buffer from
>> the device tree. Remove do_get_kexec_buffer() and get_addr_size_cells()
>> since they are not used anymore.
>>
>> Co-developed-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
>> Signed-off-by: Prakhar Srivastava <prsriva@...ux.microsoft.com>
>> Signed-off-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
>
> Looks good. Thanks!
>
> Reviewed-by: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
Thanks Thiago.
-lakshmi
>> ---
>> arch/powerpc/kexec/ima.c | 58 +++++-----------------------------------
>> 1 file changed, 7 insertions(+), 51 deletions(-)
>>
>> diff --git a/arch/powerpc/kexec/ima.c b/arch/powerpc/kexec/ima.c
>> index a36c39db4b1a..906e8212435d 100644
>> --- a/arch/powerpc/kexec/ima.c
>> +++ b/arch/powerpc/kexec/ima.c
>> @@ -13,40 +13,6 @@
>> #include <linux/libfdt.h>
>> #include <asm/ima.h>
>>
>> -static int get_addr_size_cells(int *addr_cells, int *size_cells)
>> -{
>> - struct device_node *root;
>> -
>> - root = of_find_node_by_path("/");
>> - if (!root)
>> - return -EINVAL;
>> -
>> - *addr_cells = of_n_addr_cells(root);
>> - *size_cells = of_n_size_cells(root);
>> -
>> - of_node_put(root);
>> -
>> - return 0;
>> -}
>> -
>> -static int do_get_kexec_buffer(const void *prop, int len, unsigned long *addr,
>> - size_t *size)
>> -{
>> - int ret, addr_cells, size_cells;
>> -
>> - ret = get_addr_size_cells(&addr_cells, &size_cells);
>> - if (ret)
>> - return ret;
>> -
>> - if (len < 4 * (addr_cells + size_cells))
>> - return -ENOENT;
>> -
>> - *addr = of_read_number(prop, addr_cells);
>> - *size = of_read_number(prop + 4 * addr_cells, size_cells);
>> -
>> - return 0;
>> -}
>> -
>> /**
>> * ima_get_kexec_buffer - get IMA buffer from the previous kernel
>> * @addr: On successful return, set to point to the buffer contents.
>> @@ -56,16 +22,11 @@ static int do_get_kexec_buffer(const void *prop, int len, unsigned long *addr,
>> */
>> int ima_get_kexec_buffer(void **addr, size_t *size)
>> {
>> - int ret, len;
>> + int ret;
>> unsigned long tmp_addr;
>> size_t tmp_size;
>> - const void *prop;
>>
>> - prop = of_get_property(of_chosen, "linux,ima-kexec-buffer", &len);
>> - if (!prop)
>> - return -ENOENT;
>> -
>> - ret = do_get_kexec_buffer(prop, len, &tmp_addr, &tmp_size);
>> + ret = get_ima_kexec_buffer(NULL, 0, &tmp_addr, &tmp_size);
>> if (ret)
>> return ret;
>>
>> @@ -89,7 +50,7 @@ int ima_free_kexec_buffer(void)
>> if (!prop)
>> return -ENOENT;
>>
>> - ret = do_get_kexec_buffer(prop->value, prop->length, &addr, &size);
>> + ret = get_ima_kexec_buffer(NULL, 0, &addr, &size);
>> if (ret)
>> return ret;
>>
>> @@ -98,7 +59,6 @@ int ima_free_kexec_buffer(void)
>> return ret;
>>
>> return memblock_free(addr, size);
>> -
>> }
>>
>> /**
>> @@ -112,19 +72,15 @@ int ima_free_kexec_buffer(void)
>> */
>> void remove_ima_buffer(void *fdt, int chosen_node)
>> {
>> - int ret, len;
>> + int ret;
>> unsigned long addr;
>> size_t size;
>> - const void *prop;
>>
>> - prop = fdt_getprop(fdt, chosen_node, "linux,ima-kexec-buffer", &len);
>> - if (!prop)
>> + ret = get_ima_kexec_buffer(fdt, chosen_node, &addr, &size);
>> + if (ret)
>> return;
>>
>> - ret = do_get_kexec_buffer(prop, len, &addr, &size);
>> fdt_delprop(fdt, chosen_node, "linux,ima-kexec-buffer");
>> - if (ret)
>> - return;
>>
>> ret = delete_fdt_mem_rsv(fdt, addr, size);
>> if (!ret)
>> @@ -191,7 +147,7 @@ int setup_ima_buffer(const struct kimage *image, void *fdt, int chosen_node)
>> if (!image->arch.ima_buffer_size)
>> return 0;
>>
>> - ret = get_addr_size_cells(&addr_cells, &size_cells);
>> + ret = get_root_addr_size_cells(&addr_cells, &size_cells);
>> if (ret)
>> return ret;
>
>
Powered by blists - more mailing lists