On 2/3/2025 10:42 AM, steven chen wrote:
The current kernel behavior is IMA measurements snapshot is taken at
kexec 'load' and not at kexec 'execute'. IMA log is then carried
over to the new kernel after kexec 'execute'.
New events can be measured during/after
aint, rather than just bailing out.
- Introduced two new events to be measured by IMA during kexec, to
help diagnose if the IMA log was copied fully or partially from the
current Kernel to the next.
- Refactored patches to ensure no warnings during individual patch
compilation.
- Used virt_to
: Mimi Zohar
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/kexec.h | 7 ++
kernel/kexec_core.c | 54 +++
2 files changed, 61 insertions(+)
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index f0e9f8eda7a3.
sence of 'kexec_execute' event
after kexec soft reboot implies missing events in that window which
results in inconsistency with TPM PCR quotes, necessitating a cold boot
for a successful remote attestation.
Reviewed-by: Stefan Berger
Author: Tushar Sugandhi
Signed-off-by:
hor: Tushar Sugandhi
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/kexec.h | 3 +++
kernel/kexec_file.c| 23 +++
security/integrity/ima/ima_kexec.c | 3 +++
3 files changed, 29 insertions(+)
diff --git a/include/lin
ger
Suggested-by: Mimi Zohar
Reviewed-by: "Petr Tesařík"
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 46 ++
2 files changed, 49 insertions(+)
diff --git a/i
: Tushar Sugandhi
Author: Tushar Sugandhi
Suggested-by: Stefan Berger
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
security/integrity/ima/Kconfig | 10 ++
security/integrity/ima/ima_kexec.c | 16 ++--
2 files changed, 20 insertions(+), 6 deletions(-)
diff
ger
Suggested-by: Mimi Zohar
Reviewed-by: "Petr Tesařík"
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 46 ++
2 files changed, 49 insertions(+)
diff --git a/i
situation will result
in a failure of remote attestation.
Author: Tushar Sugandhi
Reviewed-by: Stefan Berger
Suggested-by: Mimi Zohar
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_kexec.c | 105 +
On 2/3/2025 4:50 PM, Mimi Zohar wrote:
On Mon, 2025-02-03 at 15:25 -0800, steven chen wrote:
Hi all,
The below is the correct version for review.
[PATCH v7 0/7] ima: kexec: measure events between kexec load and excute
<
https://lore.kernel.org/linux-integrity/20250203232033.64123-1-chen
buffer().
- Remove ima_reset_kexec_file() call from ima_add_kexec_buffer(), now
that the buffer is being copied at kexec 'execute', and resetting the
file at kexec 'load' will corrupt the buffer.
Author: Tushar Sugandhi
Reviewed-by: Tyler Hicks
Signed-off-by: Tushar Su
ger
Suggested-by: Mimi Zohar
Reviewed-by: "Petr Tesařík"
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 46 ++
2 files changed, 49 insertions(+)
diff --git a/i
: Mimi Zohar
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/kexec.h | 7 ++
kernel/kexec_core.c | 54 +++
2 files changed, 61 insertions(+)
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index f0e9f8eda7a3.
: Tushar Sugandhi
Author: Tushar Sugandhi
Suggested-by: Stefan Berger
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
security/integrity/ima/Kconfig | 10 ++
security/integrity/ima/ima_kexec.c | 16 ++--
2 files changed, 20 insertions(+), 6 deletions(-)
diff
sence of 'kexec_execute' event
after kexec soft reboot implies missing events in that window which
results in inconsistency with TPM PCR quotes, necessitating a cold boot
for a successful remote attestation.
Reviewed-by: Stefan Berger
Author: Tushar Sugandhi
Signed-off-by:
aint, rather than just bailing out.
- Introduced two new events to be measured by IMA during kexec, to
help diagnose if the IMA log was copied fully or partially from the
current Kernel to the next.
- Refactored patches to ensure no warnings during individual patch
compilation.
- Used virt_to
hor: Tushar Sugandhi
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/kexec.h | 3 +++
kernel/kexec_file.c| 23 +++
security/integrity/ima/ima_kexec.c | 3 +++
3 files changed, 29 insertions(+)
diff --git a/include/lin
ger
Suggested-by: Mimi Zohar
Reviewed-by: "Petr Tesařík"
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 46 ++
2 files changed, 49 insertions(+)
diff --git a/i
situation will result
in a failure of remote attestation.
Author: Tushar Sugandhi
Reviewed-by: Stefan Berger
Suggested-by: Mimi Zohar
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_kexec.c | 105 +
On 2/3/2025 10:45 AM, steven chen wrote:
The current kernel behavior is IMA measurements snapshot is taken at
kexec 'load' and not at kexec 'execute'. IMA log is then carried
over to the new kernel after kexec 'execute'.
New events can be measured during/after
situation will result
in a failure of remote attestation.
Author: Tushar Sugandhi
Reviewed-by: Stefan Berger
Suggested-by: Mimi Zohar
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_kexec.c | 105 +
aint, rather than just bailing out.
- Introduced two new events to be measured by IMA during kexec, to
help diagnose if the IMA log was copied fully or partially from the
current Kernel to the next.
- Refactored patches to ensure no warnings during individual patch
compilation.
- Used virt_to
: Mimi Zohar
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/kexec.h | 7 ++
kernel/kexec_core.c | 54 +++
2 files changed, 61 insertions(+)
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index f0e9f8eda7a3.
hor: Tushar Sugandhi
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/kexec.h | 3 +++
kernel/kexec_file.c| 23 +++
security/integrity/ima/ima_kexec.c | 3 +++
3 files changed, 29 insertions(+)
diff --git a/include/lin
ger
Suggested-by: Mimi Zohar
Reviewed-by: "Petr Tesařík"
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 46 ++
2 files changed, 49 insertions(+)
diff --git a/i
sence of 'kexec_execute' event
after kexec soft reboot implies missing events in that window which
results in inconsistency with TPM PCR quotes, necessitating a cold boot
for a successful remote attestation.
Reviewed-by: Stefan Berger
Author: Tushar Sugandhi
Signed-off-by:
ger
Suggested-by: Mimi Zohar
Reviewed-by: "Petr Tesařík"
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 46 ++
2 files changed, 49 insertions(+)
diff --git a/i
: Tushar Sugandhi
Author: Tushar Sugandhi
Suggested-by: Stefan Berger
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
security/integrity/ima/Kconfig | 10 ++
security/integrity/ima/ima_kexec.c | 16 ++--
2 files changed, 20 insertions(+), 6 deletions(-)
diff
On 2/4/2025 11:39 AM, Stefan Berger wrote:
On 2/3/25 6:20 PM, steven chen wrote:
kexec_calculate_store_digests() calculates and stores the digest of the
segment at kexec_file_load syscall where the IMA segment is also
allocated. With this series, the IMA segment will be updated with the
know that I've started reviewing the patch set. The remaining comments will
come
after I finish reviewing the patch set.
On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:
Carrying the IMA measurement list across kexec requires allocating a
buffer and copying the measurement records. Sep
On 2/7/2025 11:10 AM, Mimi Zohar wrote:
On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:
Carrying the IMA measurement list across kexec requires allocating a
buffer and copying the measurement records. Separate allocating the
buffer and copying the measurement records into separate
On 2/4/2025 11:39 AM, Stefan Berger wrote:
On 2/3/25 6:20 PM, steven chen wrote:
kexec_calculate_store_digests() calculates and stores the digest of the
segment at kexec_file_load syscall where the IMA segment is also
allocated. With this series, the IMA segment will be updated with the
On 2/7/2025 9:48 AM, Stefan Berger wrote:
On 2/7/25 12:06 PM, Mimi Zohar wrote:
On Fri, 2025-02-07 at 10:16 -0500, Mimi Zohar wrote:
On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:
The amount of memory allocated at kexec load, even with the extra
memory
allocated, might not be large
On 2/7/2025 11:15 AM, Mimi Zohar wrote:
Hi Steven,
On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:
Currently, the mechanism to map and unmap segments to the kimage
structure is not available to the subsystems outside of kexec. This
functionality is needed when IMA is allocating the
On 3/19/2025 1:53 PM, Mimi Zohar wrote:
On Mon, 2025-03-17 at 18:04 -0700, steven chen wrote:
ima_dump_measurement_list() is called during kexec 'load', which may
result in loss of IMA measurements during kexec soft reboot. Due to
missed measurements that only occurred after kexec &#
On 3/19/2025 7:52 PM, Baoquan He wrote:
On 03/17/25 at 06:04pm, steven chen wrote:
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make it configurable.
Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to configure the
extra
On 3/19/2025 7:06 PM, Baoquan He wrote:
On 03/17/25 at 06:04pm, steven chen wrote:
...snip...
---
kernel/kexec_file.c| 10 ++
security/integrity/ima/ima_kexec.c | 51 ++
2 files changed, 40 insertions(+), 21 deletions(-)
diff --git a/kernel
On 3/19/2025 6:42 AM, Mimi Zohar wrote:
Fix spelling: set_file
On Mon, 2025-03-17 at 18:04 -0700, steven chen wrote:
The name of the local variable "file" of type seq_file defined in the
ima_dump_measurement_list function is too generic. To better reflect the
purpose of the variab
On 3/18/2025 7:43 PM, Baoquan He wrote:
On 03/18/25 at 11:10am, Stefan Berger wrote:
On 3/17/25 9:04 PM, steven chen wrote:
The name of the local variable "file" of type seq_file defined in the
ima_dump_measurement_list function is too generic. To better reflect the
purpose of th
On 3/20/2025 6:06 AM, Mimi Zohar wrote:
On Thu, 2025-03-20 at 09:51 +0800, Baoquan He wrote:
diff --git a/security/integrity/ima/ima_kexec.c
b/security/integrity/ima/ima_kexec.c
index 8567619889d1..45170e283272 100644
--- a/security/integrity/ima/ima_kexec.c
+++ b/security/integrity/ima/ima_kex
On 3/19/2025 7:59 PM, Mimi Zohar wrote:
On Mon, 2025-03-17 at 18:04 -0700, steven chen wrote:
The amount of memory allocated at kexec load, even with the extra memory
allocated, might not be large enough for the entire measurement list. The
indeterminate interval between kexec 'load
-by: Stefan Berger
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
Reviewed-by: Stefan Berger
Reviewed-by: Mimi Zohar
---
security/integrity/ima/Kconfig | 10 ++
security/integrity/ima/ima_kexec.c | 16 +++-
2 files changed, 21 insertions(+), 5 deletions
y in case of kexec soft
reboot, and not on kexec crash.
- Updated the logic to copy as many IMA events as possible in case of
memory constraint, rather than just bailing out.
- Introduced two new events to be measured by IMA during kexec, to
help diagnose if the IMA log was copied fully
ake the local variable ima_kexec_file in ima_dump_measurement_list()
a local static to the file, so that it can be accessed from
ima_alloc_kexec_file_buf().
- Make necessary changes to the function ima_add_kexec_buffer() to call
the above two functions.
Signed-off-by: Tushar Sugandhi
Signed-off-by:
ha_regions',
no change is needed in verify_sha256_digest() in this context.
With this change, the IMA segment is not included in the digest
calculation, storage, and verification.
Signed-off-by: Tushar Sugandhi
Cc: Eric Biederman
Cc: Baoquan He
Cc: Vivek Goyal
Cc: Dave Young
Signed-
memory, it copies all IMA measurement records;
otherwise, it does not copy any records, which would result in a failure
of remote attestation.
Suggested-by: Mimi Zohar
Signed-off-by: steven chen
---
security/integrity/ima/ima_kexec.c | 39 ++
1 file changed, 24 insertions(
us virtual address range. The
function returns the start virtual address of this range if successful,
or NULL on failure.
Implement kimage_unmap_segment() for unmapping segments using vunmap().
From: Tushar Sugandhi
Signed-off-by: Tushar Sugandhi
Cc: Eric Biederman
Cc: Baoquan He
Cc: Vivek
setting the
file at kexec 'load' would corrupt the buffer.
Signed-off-by: Tushar Sugandhi
Cc: Eric Biederman
Cc: Baoquan He
Cc: Vivek Goyal
Cc: Dave Young
Signed-off-by: steven chen
Reviewed-by: Stefan Berger
---
kernel/kexec_file.c| 10 ++
security/integrity/im
'.
Signed-off-by: Tushar Sugandhi
Cc: Eric Biederman
Cc: Baoquan He
Cc: Vivek Goyal
Cc: Dave Young
Signed-off-by: steven chen
Reviewed-by: Stefan Berger
Signed-off-by: steven chen
---
include/linux/ima.h| 3 ++
security/integrity/ima/ima_kexec.c | 47 +
xxd -r -p | sha256sum
To verify the 'kexec_execute' data hash:
sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements
| grep kexec_execute | cut -d' ' -f 6 | xxd -r -p | sha256sum
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
Reviewed-by: Stefan Be
ng out.
- Introduced two new events to be measured by IMA during kexec, to
help diagnose if the IMA log was copied fully or partially from the
current Kernel to the next.
- Refactored patches to ensure no warnings during individual patch
compilation.
- Used virt_to_page instead of phys
kexec 'load' may be called multiple times. Free and realloc the buffer
only if the segment_size is changed from the previous kexec 'load' call.
Signed-off-by: steven chen
---
security/integrity/ima/ima_kexec.c | 10 ++
1 file changed, 10 insertions(+)
diff --git
On 3/24/2025 4:00 AM, Baoquan He wrote:
On 03/21/25 at 09:23am, steven chen wrote:
On 3/19/2025 7:06 PM, Baoquan He wrote:
On 03/17/25 at 06:04pm, steven chen wrote:
...snip...
---
kernel/kexec_file.c| 10 ++
security/integrity/ima/ima_kexec.c | 51
On 3/25/2025 7:27 PM, Baoquan He wrote:
On 03/25/25 at 03:27pm, steven chen wrote:
On 3/24/2025 4:00 AM, Baoquan He wrote:
On 03/21/25 at 09:23am, steven chen wrote:
On 3/19/2025 7:06 PM, Baoquan He wrote:
On 03/17/25 at 06:04pm, steven chen wrote:
...snip...
---
kernel/kexec_file.c
On 4/7/2025 8:10 PM, Baoquan He wrote:
On 04/02/25 at 05:47am, steven chen wrote:
Currently, the kernel behavior during kexec load is to fetch the IMA
measurements logs and store logs in kernel memory. When a kexec reboot is
triggered, these stored logs in the kernel memory are carried over to
On 4/8/2025 7:21 AM, Mimi Zohar wrote:
On Wed, 2025-04-02 at 05:47 -0700, steven chen wrote:
The IMA log is currently copied to the new kernel during kexec 'load'
using ima_dump_measurement_list(). However, the log copied at kexec
'load' may result in loss of IMA measurement
On 4/8/2025 9:17 AM, Mimi Zohar wrote:
On Wed, 2025-04-02 at 05:47 -0700, steven chen wrote:
ima_dump_measurement_list() is called during kexec 'load', which may
result in loss of IMA measurements during kexec soft reboot. Due to
missed measurements that only occurred after kexec &#
On 4/7/2025 8:17 PM, Baoquan He wrote:
On 04/02/25 at 05:47am, steven chen wrote:
The kexec_calculate_store_digests() function calculates and stores the
digest of the segment during the kexec_file_load syscall, where the
IMA segment is also allocated.
With this series, the IMA segment will be
On 4/10/2025 2:54 AM, Baoquan He wrote:
On 04/02/25 at 05:47am, steven chen wrote:
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make it configurable.
Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to configure the
extra
On 4/10/2025 11:04 AM, Mimi Zohar wrote:
On Thu, 2025-04-10 at 09:59 -0700, steven chen wrote:
On 4/10/2025 2:54 AM, Baoquan He wrote:
On 04/02/25 at 05:47am, steven chen wrote:
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make
On 3/5/2025 4:24 AM, Baoquan He wrote:
On 03/04/25 at 04:55pm, steven chen wrote:
On 3/4/2025 2:23 PM, Jarkko Sakkinen wrote:
On Tue, Mar 04, 2025 at 11:03:46AM -0800, steven chen wrote:
The content of memory segments carried over to the new kernel during the
kexec systemcall can be changed
On 4/16/2025 6:09 PM, Stefan Berger wrote:
On 4/15/25 10:10 PM, steven chen wrote:
From: Steven Chen
The current kernel behavior is IMA measurements snapshot is taken at
kexec 'load' and not at kexec 'execute'. IMA log is then carried
over to the new kernel
On 4/17/2025 9:33 PM, Baoquan He wrote:
Hi Steven,
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
In the current implementation, the ima_dump_measurement_list() API is
called during the kexec "load" phase, where a buffer is allocated and
the measurement records are c
On 4/17/2025 9:36 PM, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
^^
Implement kimage_map_segment() to enable IMA to map the measurement log
list to the kimage structure during the kexec 'load' stage. This function
gathers the source pages
On 4/18/2025 12:37 AM, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
Currently, the function kexec_calculate_store_digests() calculates and
stores the digest of the segment during the kexec_file_load syscall,
where the IMA segment is also allocated.
Later
On 4/18/2025 12:40 AM, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
The IMA log is currently copied to the new kernel during kexec 'load'
using ima_dump_measurement_list(). However, the log copied at kexec
'load' may result in loss of I
On 4/18/2025 1:14 AM, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make it configurable.
Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to
On 4/18/2025 2:08 AM, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
The amount of memory allocated at kexec load, even with the extra memory
allocated, might not be large enough for the entire measurement list. The
indeterminate interval between kexec '
On 4/22/2025 5:29 PM, Mimi Zohar wrote:
On Mon, 2025-04-21 at 15:25 -0700, steven chen wrote:
From: Steven Chen
Implement kimage_map_segment() to enable IMA to map the measurement log
list to the kimage structure during the kexec 'load' stage. This function
gathers the source pages
On 4/29/2025 12:06 PM, Stefan Berger wrote:
On 4/21/25 6:25 PM, steven chen wrote:
From: Steven Chen
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make it configurable.
Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to
From: Steven Chen
Kdump kernel doesn't need IMA to do integrity measurement.
Hence the measurement list in 1st kernel doesn't need to be copied to
kdump kenrel.
Here skip allocating buffer for measurement list copying if loading
kdump kernel. Then there won't be the later hand
On 4/24/2025 7:37 AM, Baoquan He wrote:
Hi Steven,
Could you test below code and post a formal patch to not copy
measurement list buffer to kdump kernel? Below log is just for your
reference, please feel free to modify or rephrase.
===
Kdump kernel doesn't need IMA to do integrity measurement.
From: Steven Chen
Before making the function local seq_file "file" variable file static
global, rename it to "ima_kexec_file".
Signed-off-by: Steven Chen
---
security/integrity/ima/ima_kexec.c | 31 +++---
1 file changed, 16 insertions(+), 15 deleti
From: Steven Chen
The current kernel behavior is IMA measurements snapshot is taken at
kexec 'load' and not at kexec 'execute'. IMA log is then carried
over to the new kernel after kexec 'execute'.
Currently, the kernel behavior during kexec load is to fetch the
From: Steven Chen
The IMA log is currently copied to the new kernel during kexec 'load'
using ima_dump_measurement_list(). However, the log copied at kexec
'load' may result in loss of IMA measurements that only occurred after
kexec "load'. Setup the needed infr
From: Steven Chen
Currently, the function kexec_calculate_store_digests() calculates and
stores the digest of the segment during the kexec_file_load syscall,
where the IMA segment is also allocated.
Later, the IMA segment will be updated with the measurement log at the
kexec execute stage when
From: Steven Chen
Implement kimage_map_segment() to enable IMA to map the measurement log
list to the kimage structure during the kexec 'load' stage. This function
gathers the source pages within the specified address range, and maps them
to a contiguous virtual address range.
From: Steven Chen
In the current implementation, the ima_dump_measurement_list() API is
called during the kexec "load" phase, where a buffer is allocated and
the measurement records are copied. Due to this, new events added after
kexec load but before kexec execute are not carried o
From: Steven Chen
The amount of memory allocated at kexec load, even with the extra memory
allocated, might not be large enough for the entire measurement list. The
indeterminate interval between kexec 'load' and 'execute' could exacerbate
this problem.
Define two new IMA
From: Steven Chen
The IMA log is currently copied to the new kernel during kexec 'load' using
ima_dump_measurement_list(). However, the IMA measurement list copied at
kexec 'load' may result in loss of IMA measurements records that only
occurred after the kexec 'load&#
From: Steven Chen
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make it configurable.
Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to configure the
extra memory (in kb) to be allocated for IMA measurements added during
kexec
From: Steven Chen
kexec 'load' may be called multiple times. Free and realloc the buffer
only if the segment_size is changed from the previous kexec 'load' call.
Signed-off-by: Steven Chen
Acked-by: Baoquan He
Reviewed-by: Mimi Zohar
---
security/integrity/ima/ima_kexec.
On 4/24/2025 7:37 AM, Baoquan He wrote:
Hi Steven,
Could you test below code and post a formal patch to not copy
measurement list buffer to kdump kernel? Below log is just for your
reference, please feel free to modify or rephrase.
===
Kdump kernel doesn't need IMA to do integrity measurement.
On 4/21/2025 7:18 AM, Mimi Zohar wrote:
On Mon, 2025-04-21 at 09:51 -0400, Mimi Zohar wrote:
On Fri, 2025-04-18 at 12:36 +0800, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From: Steven Chen
^^
As James Bottomley previously explained[1], if you haven't mad
On 4/21/2025 2:35 PM, Mimi Zohar wrote:
On Mon, 2025-04-21 at 13:40 -0700, steven chen wrote:
On 4/21/2025 7:18 AM, Mimi Zohar wrote:
On Mon, 2025-04-21 at 09:51 -0400, Mimi Zohar wrote:
On Fri, 2025-04-18 at 12:36 +0800, Baoquan He wrote:
On 04/15/25 at 07:10pm, steven chen wrote:
From
From: Steven Chen
The current kernel behavior is IMA measurements snapshot is taken at
kexec 'load' and not at kexec 'execute'. IMA log is then carried
over to the new kernel after kexec 'execute'.
Currently, the kernel behavior during kexec load is to fetch the
From: Steven Chen
In the current implementation, the ima_dump_measurement_list() API is
called during the kexec "load" phase, where a buffer is allocated and
the measurement records are copied. Due to this, new events added after
kexec load but before kexec execute are not carried o
From: Steven Chen
Before making the function local seq_file "file" variable file static
global, rename it to "ima_kexec_file".
Signed-off-by: Steven Chen
Acked-by: Baoquan He
---
security/integrity/ima/ima_kexec.c | 31 +++---
1 file changed,
From: Steven Chen
The amount of memory allocated at kexec load, even with the extra memory
allocated, might not be large enough for the entire measurement list. The
indeterminate interval between kexec 'load' and 'execute' could exacerbate
this problem.
Define two new IMA
From: Steven Chen
The extra memory allocated for carrying the IMA measurement list across
kexec is hard-coded as half a PAGE. Make it configurable.
Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to configure the
extra memory (in kb) to be allocated for IMA measurements added during
kexec
From: Steven Chen
The IMA log is currently copied to the new kernel during kexec 'load'
using ima_dump_measurement_list(). However, the log copied at kexec
'load' may result in loss of IMA measurements that only occurred after
kexec "load'. Setup the needed infr
From: Steven Chen
The IMA log is currently copied to the new kernel during kexec 'load' using
ima_dump_measurement_list(). However, the IMA measurement list copied at
kexec 'load' may result in loss of IMA measurements records that only
occurred after the kexec 'load&#
From: Steven Chen
kexec 'load' may be called multiple times. Free and realloc the buffer
only if the segment_size is changed from the previous kexec 'load' call.
Signed-off-by: Steven Chen
Acked-by: Baoquan He
Reviewed-by: Mimi Zohar
---
security/integrity/ima/ima_kexec.
From: Steven Chen
Currently, the function kexec_calculate_store_digests() calculates and
stores the digest of the segment during the kexec_file_load syscall,
where the IMA segment is also allocated.
Later, the IMA segment will be updated with the measurement log at the
kexec execute stage when
From: Steven Chen
Implement kimage_map_segment() to enable IMA to map the measurement log
list to the kimage structure during the kexec 'load' stage. This function
gathers the source pages within the specified address range, and maps them
to a contiguous virtual address range.
buffer().
- Remove ima_reset_kexec_file() call from ima_add_kexec_buffer(), now
that the buffer is being copied at kexec 'execute', and resetting the
file at kexec 'load' will corrupt the buffer.
Signed-off-by: Tushar Sugandhi
Signed-off-by: steven chen
---
kernel/kex
nvoked after the new
Kernel image has been loaded for kexec. ima_kexec_post_load() maps the
IMA buffer to a segment in the newly loaded Kernel. It also registers
the reboot notifier_block to trigger ima_update_kexec_buffer() at
exec 'execute'.
Signed-off-by: Tushar Sugandhi
Signed-off-by:
igned-off-by: Tushar Sugandhi
Signed-off-by: steven chen
Reviewed-by: Stefan Berger
---
include/linux/kexec.h | 3 +++
kernel/kexec_file.c| 22 ++
security/integrity/ima/ima_kexec.c | 3 +++
3 files changed, 28 insertions(+)
diff --git a/include/lin
, and map these to a contiguous virtual address range. The
function returns the start of this range if successful, or NULL if
unsuccessful.
Implement kimage_unmap_segment() for unmapping segments
using vunmap().
From: Tushar Sugandhi
Author: Tushar Sugandhi
Signed-off-by: Tushar Sugandhi
Signed
of kexec soft
reboot, and not on kexec crash.
- Updated the logic to copy as many IMA events as possible in case of
memory constraint, rather than just bailing out.
- Introduced two new events to be measured by IMA during kexec, to
help diagnose if the IMA log was copied fully or partial
1 - 100 of 144 matches
Mail list logo
