Re: [PATCH v7 2/7] kexec: define functions to map and unmap segments

[PATCH v7 0/7] ima: kexec: measure events between kexec load and excute · steven chen <hidden> · 2025-02-03
[PATCH v7 3/7] ima: kexec: skip IMA segment validation after kexec soft reboot · steven chen <hidden> · 2025-02-03
Re: [PATCH v7 3/7] ima: kexec: skip IMA segment validation after kexec soft reboot · Stefan Berger <stefanb@linux.ibm.com> · 2025-02-04
Re: [PATCH v7 3/7] ima: kexec: skip IMA segment validation after kexec soft reboot · steven chen <hidden> · 2025-02-04
Re: [PATCH v7 3/7] ima: kexec: skip IMA segment validation after kexec soft reboot · Stefan Berger <stefanb@linux.ibm.com> · 2025-02-04
Re: [PATCH v7 3/7] ima: kexec: skip IMA segment validation after kexec soft reboot · steven chen <hidden> · 2025-02-07
[PATCH v7 4/7] ima: kexec: define functions to copy IMA log at soft boot · steven chen <hidden> · 2025-02-03
[PATCH v7 2/7] kexec: define functions to map and unmap segments · steven chen <hidden> · 2025-02-03
Re: [PATCH v7 2/7] kexec: define functions to map and unmap segments · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-07
Re: [PATCH v7 2/7] kexec: define functions to map and unmap segments · steven chen <hidden> · 2025-02-10
Re: [PATCH v7 2/7] kexec: define functions to map and unmap segments · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-12
Re: [PATCH v7 2/7] kexec: define functions to map and unmap segments · Baoquan He <hidden> · 2025-02-18
[PATCH v7 1/7] ima: define and call ima_alloc_kexec_file_buf · steven chen <hidden> · 2025-02-03
Re: [PATCH v7 1/7] ima: define and call ima_alloc_kexec_file_buf · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-06
Re: [PATCH v7 1/7] ima: define and call ima_alloc_kexec_file_buf · steven chen <hidden> · 2025-02-07
Re: [PATCH v7 1/7] ima: define and call ima_alloc_kexec_file_buf · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-07
Re: [PATCH v7 1/7] ima: define and call ima_alloc_kexec_file_buf · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-07
Re: [PATCH v7 1/7] ima: define and call ima_alloc_kexec_file_buf · steven chen <hidden> · 2025-02-07
[PATCH v7 7/7] ima: measure kexec load and exec events as critical data · steven chen <hidden> · 2025-02-03
Re: [PATCH v7 7/7] ima: measure kexec load and exec events as critical data · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-07
Re: [PATCH v7 7/7] ima: measure kexec load and exec events as critical data · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-07
Re: [PATCH v7 7/7] ima: measure kexec load and exec events as critical data · Stefan Berger <stefanb@linux.ibm.com> · 2025-02-07
Re: [PATCH v7 7/7] ima: measure kexec load and exec events as critical data · steven chen <hidden> · 2025-02-07
[PATCH v7 6/7] ima: make the kexec extra memory configurable · steven chen <hidden> · 2025-02-03
Re: [PATCH v7 6/7] ima: make the kexec extra memory configurable · Mimi Zohar <zohar@linux.ibm.com> · 2025-02-07
[PATCH v7 5/7] ima: kexec: move IMA log copy from kexec load to execute · steven chen <hidden> · 2025-02-03
[PATCH v7 4/7] ima: kexec: define functions to copy IMA log at soft boot · steven chen <hidden> · 2025-02-03

From: Baoquan He <hidden>
Date: 2025-02-18 04:24:16
Also in: kexec, linux-integrity, lkml

On 02/12/25 at 08:03am, Mimi Zohar wrote:

On Mon, 2025-02-10 at 09:06 -0800, steven chen wrote:

quoted

On 2/7/2025 11:15 AM, Mimi Zohar wrote:

quoted

Hi Steven,

On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:

quoted

Currently, the mechanism to map and unmap segments to the kimage
structure is not available to the subsystems outside of kexec.  This
functionality is needed when IMA is allocating the memory segments
during kexec 'load' operation.  Implement functions to map and unmap
segments to kimage.

Implement kimage_map_segment() to enable mapping of IMA buffer source
pages to the kimage structure post kexec 'load'.  This function,
accepting a kimage pointer, an address, and a size, will gather the
source pages within the specified address range, create an array of page
pointers, and map these to a contiguous virtual address range.  The
function returns the start of this range if successful, or NULL if
unsuccessful.

Implement kimage_unmap_segment() for unmapping segments
using vunmap().

From: Tushar Sugandhi <redacted>
Author: Tushar Sugandhi [off-list ref]
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

I don't recall previously adding my "Reviewed-by" tag.

Eric, I'd appreciate your reviewing this and the subsequent patch "[PATCH v7 3/7]
ima: kexec: skip IMA segment validation after kexec soft reboot" in particular.

Hi Eric, Could you help to review this patch as Mimi mentioned? Thanks!

quoted

Signed-off-by: Tushar Sugandhi <redacted>

Steven, since these patches impact kdump, before re-posting the patch set, please
include the following tags before your Signed-off-by tag on the kexec patches.

Thanks, Mimi.

Yes, Steven, please add me in CC when reposting. Thanks in advance.

I will check this version to see if there's impact on kexec/kdump
from my side.

And by the way, kdump should not need IMA, it's better be disabled by
default. I will have a look and try disabling it in kdump kernel, while
really appreciate it if any IMA expert can do it.

Thanks
Baoquan

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help