| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <37a62c46-cb43-0e71-ee79-8c497a11e159@linux.microsoft.com>
Date: Thu, 17 Dec 2020 10:29:29 -0800
From: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To: zohar@...ux.ibm.com, bauerman@...ux.ibm.com, robh@...nel.org,
takahiro.akashi@...aro.org, gregkh@...uxfoundation.org,
will@...nel.org, catalin.marinas@....com, mpe@...erman.id.au
Cc: james.morse@....com, sashal@...nel.org, benh@...nel.crashing.org,
paulus@...ba.org, frowand.list@...il.com,
vincenzo.frascino@....com, mark.rutland@....com,
dmitry.kasatkin@...il.com, jmorris@...ei.org, serge@...lyn.com,
pasha.tatashin@...een.com, allison@...utok.net,
masahiroy@...nel.org, bhsharma@...hat.com, mbrugger@...e.com,
hsinyi@...omium.org, tao.li@...o.com, christophe.leroy@....fr,
prsriva@...ux.microsoft.com, balajib@...ux.microsoft.com,
linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org, devicetree@...r.kernel.org
Subject: Re: [PATCH v12 1/4] powerpc: Use fdt_appendprop_addrrange() to add
ima buffer to FDT
On 12/17/20 9:37 AM, Lakshmi Ramasubramanian wrote:
> fdt_appendprop_addrrange() function adds a property, with the given name,
> to the device tree at the given node offset, and also sets the address
> and size of the property. This function should be used to add
> "linux,ima-kexec-buffer" property to the device tree and set the address
> and size of the IMA measurement buffer, instead of using custom function.
>
Typo in the email address of James Morse (ARM.com). Sorry about that.
Adding the correct email address.
-lakshmi
> Use fdt_appendprop_addrrange() to add "linux,ima-kexec-buffer" property
> to the device tree. This property holds the address and size of
> the IMA measurement buffer that needs to be passed from the current
> kernel to the next kernel across kexec system call.
>
> Remove custom code that is used in setup_ima_buffer() to add
> "linux,ima-kexec-buffer" property to the device tree.
>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
> ---
> arch/powerpc/kexec/ima.c | 51 ++++++----------------------------------
> 1 file changed, 7 insertions(+), 44 deletions(-)
>
> diff --git a/arch/powerpc/kexec/ima.c b/arch/powerpc/kexec/ima.c
> index 720e50e490b6..d579d3da4715 100644
> --- a/arch/powerpc/kexec/ima.c
> +++ b/arch/powerpc/kexec/ima.c
> @@ -11,6 +11,7 @@
> #include <linux/of.h>
> #include <linux/memblock.h>
> #include <linux/libfdt.h>
> +#include <asm/ima.h>
>
> static int get_addr_size_cells(int *addr_cells, int *size_cells)
> {
> @@ -145,27 +146,6 @@ int arch_ima_add_kexec_buffer(struct kimage *image, unsigned long load_addr,
> return 0;
> }
>
> -static int write_number(void *p, u64 value, int cells)
> -{
> - if (cells == 1) {
> - u32 tmp;
> -
> - if (value > U32_MAX)
> - return -EINVAL;
> -
> - tmp = cpu_to_be32(value);
> - memcpy(p, &tmp, sizeof(tmp));
> - } else if (cells == 2) {
> - u64 tmp;
> -
> - tmp = cpu_to_be64(value);
> - memcpy(p, &tmp, sizeof(tmp));
> - } else
> - return -EINVAL;
> -
> - return 0;
> -}
> -
> /**
> * setup_ima_buffer - add IMA buffer information to the fdt
> * @image: kexec image being loaded.
> @@ -176,35 +156,18 @@ static int write_number(void *p, u64 value, int cells)
> */
> int setup_ima_buffer(const struct kimage *image, void *fdt, int chosen_node)
> {
> - int ret, addr_cells, size_cells, entry_size;
> - u8 value[16];
> + int ret;
>
> remove_ima_buffer(fdt, chosen_node);
> if (!image->arch.ima_buffer_size)
> return 0;
>
> - ret = get_addr_size_cells(&addr_cells, &size_cells);
> + ret = fdt_appendprop_addrrange(fdt, 0, chosen_node,
> + "linux,ima-kexec-buffer",
> + image->arch.ima_buffer_addr,
> + image->arch.ima_buffer_size);
> if (ret)
> - return ret;
> -
> - entry_size = 4 * (addr_cells + size_cells);
> -
> - if (entry_size > sizeof(value))
> - return -EINVAL;
> -
> - ret = write_number(value, image->arch.ima_buffer_addr, addr_cells);
> - if (ret)
> - return ret;
> -
> - ret = write_number(value + 4 * addr_cells, image->arch.ima_buffer_size,
> - size_cells);
> - if (ret)
> - return ret;
> -
> - ret = fdt_setprop(fdt, chosen_node, "linux,ima-kexec-buffer", value,
> - entry_size);
> - if (ret < 0)
> - return -EINVAL;
> + return (ret == -FDT_ERR_NOSPACE ? -ENOMEM : -EINVAL);
>
> ret = fdt_add_mem_rsv(fdt, image->arch.ima_buffer_addr,
> image->arch.ima_buffer_size);
>
Powered by blists - more mailing lists