| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z7QLYd5ZFmQuV8Gx@MiWiFi-R3L-srv> Date: Tue, 18 Feb 2025 12:24:01 +0800 From: Baoquan He <bhe@...hat.com> To: Mimi Zohar <zohar@...ux.ibm.com> Cc: steven chen <chenste@...ux.microsoft.com>, stefanb@...ux.ibm.com, roberto.sassu@...weicloud.com, roberto.sassu@...wei.com, eric.snowberg@...cle.com, ebiederm@...ssion.com, paul@...l-moore.com, code@...icks.com, bauermann@...abnow.com, linux-integrity@...r.kernel.org, kexec@...ts.infradead.org, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org, madvenka@...ux.microsoft.com, nramas@...ux.microsoft.com, James.Bottomley@...senpartnership.com Subject: Re: [PATCH v7 2/7] kexec: define functions to map and unmap segments On 02/12/25 at 08:03am, Mimi Zohar wrote: > On Mon, 2025-02-10 at 09:06 -0800, steven chen wrote: > > On 2/7/2025 11:15 AM, Mimi Zohar wrote: > > > Hi Steven, > > > > > > On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote: > > > > Currently, the mechanism to map and unmap segments to the kimage > > > > structure is not available to the subsystems outside of kexec. This > > > > functionality is needed when IMA is allocating the memory segments > > > > during kexec 'load' operation. Implement functions to map and unmap > > > > segments to kimage. > > > > > > > > Implement kimage_map_segment() to enable mapping of IMA buffer source > > > > pages to the kimage structure post kexec 'load'. This function, > > > > accepting a kimage pointer, an address, and a size, will gather the > > > > source pages within the specified address range, create an array of page > > > > pointers, and map these to a contiguous virtual address range. The > > > > function returns the start of this range if successful, or NULL if > > > > unsuccessful. > > > > > > > > Implement kimage_unmap_segment() for unmapping segments > > > > using vunmap(). > > > > > > > > From: Tushar Sugandhi <tusharsu@...ux.microsoft.com> > > > > Author: Tushar Sugandhi <tusharsu@...ux.microsoft.com> > > > > Reviewed-by: Stefan Berger <stefanb@...ux.ibm.com> > > > > Reviewed-by: Mimi Zohar <zohar@...ux.ibm.com> > > > I don't recall previously adding my "Reviewed-by" tag. > > > > > > Eric, I'd appreciate your reviewing this and the subsequent patch "[PATCH v7 3/7] > > > ima: kexec: skip IMA segment validation after kexec soft reboot" in particular. > > Hi Eric, Could you help to review this patch as Mimi mentioned? Thanks! > > > > > > > Signed-off-by: Tushar Sugandhi <tusharsu@...ux.microsoft.com> > > Steven, since these patches impact kdump, before re-posting the patch set, please > include the following tags before your Signed-off-by tag on the kexec patches. Thanks, Mimi. Yes, Steven, please add me in CC when reposting. Thanks in advance. I will check this version to see if there's impact on kexec/kdump from my side. And by the way, kdump should not need IMA, it's better be disabled by default. I will have a look and try disabling it in kdump kernel, while really appreciate it if any IMA expert can do it. Thanks Baoquan
Powered by blists - more mailing lists