Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch independent code to IMA

From: Lakshmi Ramasubramanian
Date: Fri Aug 28 2020 - 13:41:08 EST

Next message: Alexandru Elisei: "[PATCH] iio: adc: rockchip_saradc: Select IIO_TRIGGERED_BUFFER"
Previous message: Arnd Bergmann: "Re: [PATCH v8 3/4] mm/madvise: introduce process_madvise() syscall: an external memory hinting API"
In reply to: Thiago Jung Bauermann: "Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch independent code to IMA"
Next in thread: Thiago Jung Bauermann: "Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch independent code to IMA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/27/20 4:35 PM, Thiago Jung Bauermann wrote:

Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx> writes:

The functions ima_get_kexec_buffer() and ima_free_kexec_buffer() that
handle carrying forward the IMA measurement logs on kexec for powerpc
do not have architecture specific code, but they are currently defined
for powerpc only.

Move these functions to IMA subsystem so that it can be used for other
architectures as well. A later patch in this series will use these
functions for carrying forward the IMA measurement log for ARM64.

Define FDT_PROP_IMA_KEXEC_BUFFER for the chosen node, namely
"linux,ima-kexec-buffer", that is added to the DTB to hold
the address and the size of the memory reserved to carry
the IMA measurement log.

Co-developed-by: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>

This patch removes two functions from arch/powerpc/kexec/ima.c, but adds
four to security/integrity/ima/ima_kexec.c. The extra ones are
get_addr_size_cells() and do_get_kexec_buffer(), which are being copied
from the powerpc code but can't be removed yet because they're still
used there by remove_ima_buffer() and setup_ima_buffer().

On the next patch you remove the need for these functions in powerpc
code and therefore delete them. This confused me at first, so I think it
would be cleared if you put patch 2 first in the series and then on this
patch you can simply move the four functions and delete them from
arch/powerpc/kexec/ima.c.

If you prefer to keep the current order, it's worth mentioning on the
commit log where get_addr_size_cells() and do_get_kexec_buffer() are
coming from.

Regardless:

Reviewed-by: Thiago Jung Bauermann <bauerman@xxxxxxxxxxxxx>

Thanks for reviewing the changes Thiago.

I'll update the commit log to describe the changes related to get_addr_size_cells() and do_get_kexec_buffer().

-lakshmi

Next message: Alexandru Elisei: "[PATCH] iio: adc: rockchip_saradc: Select IIO_TRIGGERED_BUFFER"
Previous message: Arnd Bergmann: "Re: [PATCH v8 3/4] mm/madvise: introduce process_madvise() syscall: an external memory hinting API"
In reply to: Thiago Jung Bauermann: "Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch independent code to IMA"
Next in thread: Thiago Jung Bauermann: "Re: [PATCH v4 1/5] powerpc: Refactor kexec functions to move arch independent code to IMA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]