Thread (15 messages) 15 messages, 2 authors, 2020-08-28

Re: [PATCH v4 4/5] arm64: Store IMA log information in kimage used for kexec

From: Thiago Jung Bauermann <hidden>
Date: 2020-08-28 20:51:08
Also in: linux-integrity, lkml 

Lakshmi Ramasubramanian [off-list ref] writes:

Address and size of the buffer containing the IMA measurement log need
to be passed from the current kernel to the next kernel on kexec.

Add address and size fields to "struct kimage_arch" for ARM64 platform
to hold the address and size of the IMA measurement log buffer.
Define an architecture specific function for ARM64 namely
arch_ima_add_kexec_buffer() that will set the address and size of
the current kernel's IMA buffer to be passed to the next kernel on kexec.

Co-developed-by: Prakhar Srivastava <redacted>
Signed-off-by: Prakhar Srivastava <redacted>
Signed-off-by: Lakshmi Ramasubramanian <redacted>
Reviewed-by: Thiago Jung Bauermann <redacted>

IMHO this patch and the next one can be squashed together. Also, a minor
comment below.
quoted hunk ↗ jump to hunk
---
 arch/arm64/include/asm/ima.h           | 17 +++++++++++++++++
 arch/arm64/include/asm/kexec.h         |  3 +++
 arch/arm64/kernel/machine_kexec_file.c | 17 +++++++++++++++++
 3 files changed, 37 insertions(+)
 create mode 100644 arch/arm64/include/asm/ima.h

diff --git a/arch/arm64/include/asm/ima.h b/arch/arm64/include/asm/ima.h
new file mode 100644
index 000000000000..70ac39b74607
--- /dev/null
+++ b/arch/arm64/include/asm/ima.h
@@ -0,0 +1,17 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _ASM_ARCH_IMA_H
+#define _ASM_ARCH_IMA_H
+
+struct kimage;
+
+#ifdef CONFIG_IMA_KEXEC
+int arch_ima_add_kexec_buffer(struct kimage *image, unsigned long load_addr,
+			      size_t size);
+#else
+static inline int arch_ima_add_kexec_buffer(struct kimage *image,
+			unsigned long load_addr, size_t size)
+{
+	return 0;
+}
There's no need to define arch_ima_add_kexec_buffer() if
CONFIG_IMA_KEXEC isn't set because in that case, the code which calls
this function in ima_add_kexec_buffer() won't be part of the build.

+#endif /* CONFIG_IMA_KEXEC */
+#endif /* _ASM_ARCH_IMA_H */
-- 
Thiago Jung Bauermann
IBM Linux Technology Center
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help