gets rid of kretprobe_trampoline_holder altogether on x86. I believe that
would fix this problem as well, but I don't know enough about kprobes to
know whether kretprobe_trampoline_holder has any use on powerpc.
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/kprobes.c | 4 ++
size (as determined by choose_best_symbol).
With this patch, all vmlinux symbols match /proc/kallsyms and the
testcase passes.
Commit c1c355c gets rid of kretprobe_trampoline_holder altogether on
x86. This commit does the same on powerpc.
Signed-off-by: Thiago Jung Bauermann
---
Notes:
With
Am Montag, 28 März 2016, 17:06:32 schrieb Thiago Jung Bauermann:
> /home/bauermann/src/linux/tools/testing/selftests/ftrace/test.d/kprobe/kp
> robe_ftrace.tc: line 9: echo: write error: Invalid argument
>
> But even without my patch that testcase fails in the same way, so thi
Am Dienstag, 29 März 2016, 10:45:57 schrieb Michael Ellerman:
> On Mon, 2016-03-28 at 17:29 -0300, Thiago Jung Bauermann wrote:
> > If I do s/_do_fork/._do_fork/ in kprobe_ftrace.tc then all ftrace kprobe
> > tests pass:
>
> OK. We fixed that in 'perf probe', bu
Am Dienstag, 29 März 2016, 14:31:34 schrieb Michael Ellerman:
> On Mon, 2016-03-28 at 17:06 -0300, Thiago Jung Bauermann wrote:
> > With this patch, all vmlinux symbols match /proc/kallsyms and the
> > testcase passes.
>
> Have you tested this on an LE system?
No, I was
Am Mittwoch, 30 März 2016, 20:09:36 schrieb Michael Ellerman:
> On Wed, 2016-03-30 at 13:34 +0530, Naveen N. Rao wrote:
> > On 2016/03/29 08:35PM, Thiago Jung Bauermann wrote:
> > > Am Dienstag, 29 März 2016, 14:31:34 schrieb Michael Ellerman:
> > > > On Mon, 2016-03-
ets rid of kretprobe_trampoline_holder
altogether on x86. This commit does the same on powerpc. This change
introduces no regressions on the perf and ftracetest testsuite results.
Cc: Ananth N Mavinakayanahalli
Cc: Michael Ellerman
Reviewed-by: Naveen N. Rao
Signed-off-by: Thiago Jung Bauermann
---
arch/powe
sent
a new patch with your Reviewed-by.
Also thanks for fixing the vmlinux-kallsyms issue in ppc64le. I didn’t
comment on the patches because I’m not very familiar with the code in
question.
--
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center
_
Cc: Michael Ellerman
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/ftrace.h | 9 +
kernel/trace/ftrace.c | 13 +
2 files changed, 22 insertions(+)
diff --git a/arch/powerpc/include/asm/ftrace.h
b/arch/powerpc/include/asm/ftrace.h
index
cc1: all warnings being treated as errors
I forgot to use defined() in the #if expression. Here’s the fixed version.
--
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center
8< 8< 8< 8<
From 27660a3b6c4147f9e1811b103cc47a34a53817c1 Mon Sep 17 00:00:00
Hello,
Am Freitag, 01 April 2016, 18:28:06 schrieb Thiago Jung Bauermann:
> Am Samstag, 02 April 2016, 03:51:21 schrieb kbuild test robot:
> > >> arch/powerpc/include/asm/ftrace.h:62:5: error: "CONFIG_PPC64" is not
> > >> defined [-Werror=undef]
> >
Hello,
People seem to be considering patches for next, so this looks like a good
moment to ping about this one.
--
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center
Am Donnerstag, 31 März 2016, 17:10:40 schrieb Thiago Jung Bauermann:
> Fixes the following testsuite
ftrace_match_adjust(str, search);
> /* use tmp_str and then ignore */
> kfree(str);
If you decide against either of my alternatives for using
arch__compare_symbol_names, I'll change arch_ftrace_match_adjust to work as
you suggested above in the next version of this patch.
> ** Disclaimer **
>
> Note, I just took the red-eye (2 hours of sleep on the plane) and
> waiting for my next flight. My focus may be off in this email.
Ouch. Thanks for having a look at the patch and responding to my ping!
--
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Thiago Jung Bauermann
---
Notes:
Changes from v1 to v2:
- Use __weak mechanism instead of #ifdef.
- Return modified pointer instead of changing it in the argument.
arch/powerpc/kernel/ftrace.c | 10 ++
Hello Gautham,
Thanks for your review.
Gautham R Shenoy writes:
> Hello Thiago,
>
> On Fri, Feb 22, 2019 at 07:57:52PM -0300, Thiago Jung Bauermann wrote:
>> I see two cases that can be causing this race:
>>
>> 1. It's possible that CPU 134 was inactive
atch loops for 20 ms just be sure.
Signed-off-by: Thiago Jung Bauermann
Analyzed-by: Gautham R Shenoy
---
arch/powerpc/platforms/pseries/hotplug-cpu.c | 13 +++--
1 file changed, 11 insertions(+), 2 deletions(-)
I have seen this problem since v4.8. Should this patch go to stable as
wel
Gautham R Shenoy writes:
>> Signed-off-by: Thiago Jung Bauermann
>
> Thanks for this version. I have tested the patch and we no longer see
> the "Querying DEAD? cpu X (Y) shows 2" message.
>
>
> Tested-and-Reviewed-by: Gautham R. Shenoy
Thanks f
Hello Michael,
Sorry for the delay in responding. We had some internal discussions on
this.
Michael S. Tsirkin writes:
> On Mon, Feb 04, 2019 at 04:14:20PM -0200, Thiago Jung Bauermann wrote:
>>
>> Hello Michael,
>>
>> Michael S. Tsirkin writes:
>>
>&g
Michael S. Tsirkin writes:
> On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote:
>> >> Another way of looking at this issue which also explains our reluctance
>> >> is that the only difference between a secure guest and a regular guest
>>
Hello,
Ping?
--
Thiago Jung Bauermann
IBM Linux Technology Center
Thiago Jung Bauermann writes:
> When testing DLPAR CPU add/remove on a system under stress,
> pseries_cpu_die() doesn't wait long enough for a CPU to die:
>
> [ 446.983944] cpu 148 (hwid
Michael S. Tsirkin writes:
> On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote:
>>
>> Michael S. Tsirkin writes:
>>
>> > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote:
>> >> >From what I understand of
David Gibson writes:
> On Sat, Mar 23, 2019 at 05:01:35PM -0400, Michael S. Tsirkin wrote:
>> On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote:
>> > Michael S. Tsirkin writes:
> [snip]
>> > >> > Is there any justification to doing th
Hello Nick,
Thank you very much for reviewing this patch!
Nicholas Piggin writes:
> Thiago Jung Bauermann's on April 11, 2019 9:08 am:
>>
>> Thiago Jung Bauermann writes:
>>
>>> diff --git a/arch/powerpc/platforms/pseries/hotplug-cpu.c
>>> b/
easurement needs to be stored
re-add IMA_MEASURE flag when the modsig is read rather than changing the
if condition when calling ima_store_measurement(). (Suggested by Mimi
Zohar)
- Check whether ima_template has "sig" and "d-sig" fields at
initialization rather than at
() without having to depend on either
CONFIG_MODULE_SIG or CONFIG_MODULES.
Signed-off-by: Thiago Jung Bauermann
Cc: Jessica Yu
---
include/linux/module.h | 3 --
include/linux/module_signature.h | 44 +
init/Kconfig | 6 +++-
kernel/Makefile
IMA will need to verify a PKCS#7 signature which has already been parsed.
For this reason, factor out the code which does that from
verify_pkcs7_signature() into a new function which takes a struct
pkcs7_message instead of a data buffer.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi
work. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann
Cc: David Howells
Cc: He
ost places the array doesn't hold a
digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition, specifically the EVM HMAC code.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi
all struct initializations.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima_api.c | 11 +++
security/integrity/ima/ima_init.c | 4 ++--
2 files changed, 9 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
signature stored in the extended
attribute or an appended signature.
For now, the rule above will behave exactly the same as if
appraise_type=imasig was specified. The actual modsig implementation
will be introduced separately.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
they're now pointers),
and fixing the style of a block comment to appease checkpatch.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima_appraise.c | 141 +++---
1 file changed, 81 insertions(+), 60 deletions(-)
diff --git a/sec
yring.
Because modsig verification needs to convert from an integrity keyring id
to the keyring itself, add an integrity_keyring_from_id() function in
digsig.c so that integrity_modsig_verify() can use it.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/dig
Obtain the modsig and calculate its corresponding hash in
ima_collect_measurement().
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 8 -
security/integrity/ima/ima_api.c | 5 ++-
security/integrity/ima/ima_appraise.c | 2 +-
security/integrity/ima
s as
well as the ones from the "ima-sig" descriptor.
Change ima_store_measurement() to accept a struct modsig * argument so that
it can be passed along to the templates via struct ima_event_data.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
Documentation/securi
at situation and store an additional measurement with
the modsig. This is done by adding an IMA_MEASURE action flag if we read a
modsig and the IMA template contains a modsig field.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 1 +
securit
rder(xive_queue_shift);
> + if (is_secure_guest())
> + uv_unshare_page(PHYS_PFN(__pa(q->qpage)), 1 << alloc_order);
> free_pages((unsigned long)q->qpage, alloc_order);
> q->qpage = NULL;
> }
Same problem here.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Ram Pai writes:
> On Tue, Mar 31, 2020 at 08:53:07PM -0300, Thiago Jung Bauermann wrote:
>>
>> Hi Ram,
>>
>> Ram Pai writes:
>>
>> > diff --git a/arch/powerpc/sysdev/xive/spapr.c
>> > b/arch/powerpc/sysdev/xive/spapr.c
>> > index
werpc/svm: Use SWIOTLB DMA API for all virtio devices
powerpc/svm: Use shared memory for Debug Trace Log (DTL)
powerpc/svm: Use shared memory for LPPACA structures
powerpc/svm: Force the use of bounce buffers
powerpc/svm: Increase SWIOTLB buffer size
Thiago Jung Bauermann (1):
powerpc: Ad
Signed-off-by: Ram Pai
Signed-off-by: Sukadev Bhattiprolu
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kconfig | 11 +++
arch/powerpc/include/asm/reg.h | 3 +++
arch/powerpc/include/asm/svm.h | 22 ++
3 files changed, 36 insertions(+)
diff --git a/arch
platforms with secure
guest support.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kconfig | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index f786c962edf0..90f73d15f58a 100644
--- a/arch/powerpc/Kconfig
, unsigned long npages)
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/svm.h | 3 +++
arch/powerpc/kernel/Makefile | 1 +
arch/powerpc/kernel/svm.c | 33 +
3 files changed, 37 insertions(+)
diff --git a
From: Anshuman Khandual
Hook the shared memory conversion functions into the ARCH_HAS_MEM_ENCRYPT
framework and call swiotlb_update_mem_attributes() to convert SWIOTLB's
buffers to shared memory.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kc
bounce buffering
purpose. Hence retain the allocated buffer by setting ppc_swiotlb_enable
variable for secure guests on Ultravisor platforms.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/svm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch
Jung Bauermann
---
arch/powerpc/platforms/pseries/iommu.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/iommu.c
b/arch/powerpc/platforms/pseries/iommu.c
index 5773bc7eb4bd..56b894d65dba 100644
--- a/arch/powerpc/platforms/pseries/iommu.c
From: Anshuman Khandual
On Ultravisor platform kmem_cache for DTL buffers must use a constructor
function which converts the underlying buddy allocated SLUB cache pages
into shared memory so that they are accessible to the hypervisor.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung
Helps document what the hard-coded number means.
Suggested-by: Alexey Kardashevskiy
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/paca.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/arch/powerpc/kernel/paca.c b/arch/powerpc/kernel/paca.c
index
here.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/paca.c | 34 +-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kernel/paca.c b/arch/powerpc/kernel/paca.c
index 1edf8695019d
ned-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/svm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/powerpc/kernel/svm.c b/arch/powerpc/kernel/svm.c
index 1af5caa955f5..f0576ad65cd0 100644
--- a/arch/powerpc/kernel/svm.c
+++ b/arch/powerpc/kernel/svm.c
@@ -17,6 +17,7 @@ static
/0x4a0 [virtio_blk]
[c007d2a273d0] [c06b5d68] blk_mq_dispatch_rq_list+0x1f8/0x6d0
..
Increase the SWIOTLB size to 1GB on Ultravisor based secure guests.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kconfig | 5 +
kernel
or Debug Trace Log (DTL)
powerpc/svm: Use shared memory for LPPACA structures
powerpc/svm: Force the use of bounce buffers
powerpc/svm: Increase SWIOTLB buffer size
Thiago Jung Bauermann (1):
powerpc: Add and use LPPACA_SIZE constant
arch/powerpc/Kconfig | 22 +++
Signed-off-by: Ram Pai
Signed-off-by: Sukadev Bhattiprolu
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kconfig | 11 +++
arch/powerpc/include/asm/reg.h | 3 +++
arch/powerpc/include/asm/svm.h | 22 ++
3 files changed, 36 insertions(+)
diff --git a/arch
platforms with secure
guest support.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kconfig | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index f786c962edf0..90f73d15f58a 100644
--- a/arch/powerpc/Kconfig
, unsigned long npages)
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/include/asm/svm.h | 3 +++
arch/powerpc/kernel/Makefile | 1 +
arch/powerpc/kernel/svm.c | 33 +
3 files changed, 37 insertions(+)
diff --git a
From: Anshuman Khandual
Hook the shared memory conversion functions into the ARCH_HAS_MEM_ENCRYPT
framework and call swiotlb_update_mem_attributes() to convert SWIOTLB's
buffers to shared memory.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kc
bounce buffering
purpose. Hence retain the allocated buffer by setting ppc_swiotlb_enable
variable for secure guests on Ultravisor platforms.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/svm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch
Jung Bauermann
---
arch/powerpc/platforms/pseries/iommu.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/iommu.c
b/arch/powerpc/platforms/pseries/iommu.c
index 5773bc7eb4bd..56b894d65dba 100644
--- a/arch/powerpc/platforms/pseries/iommu.c
From: Anshuman Khandual
On Ultravisor platform kmem_cache for DTL buffers must use a constructor
function which converts the underlying buddy allocated SLUB cache pages
into shared memory so that they are accessible to the hypervisor.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung
Helps document what the hard-coded number means.
Suggested-by: Alexey Kardashevskiy
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/paca.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/arch/powerpc/kernel/paca.c b/arch/powerpc/kernel/paca.c
index
here.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/paca.c | 34 +-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kernel/paca.c b/arch/powerpc/kernel/paca.c
index 1edf8695019d
ned-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/svm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/powerpc/kernel/svm.c b/arch/powerpc/kernel/svm.c
index 1af5caa955f5..f0576ad65cd0 100644
--- a/arch/powerpc/kernel/svm.c
+++ b/arch/powerpc/kernel/svm.c
@@ -17,6 +17,7 @@ static
/0x4a0 [virtio_blk]
[c007d2a273d0] [c06b5d68] blk_mq_dispatch_rq_list+0x1f8/0x6d0
..
Increase the SWIOTLB size to 1GB on Ultravisor based secure guests.
Signed-off-by: Anshuman Khandual
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/Kconfig | 5 +
kernel
Hello Christoph,
Thanks for your quick review.
Christoph Hellwig writes:
> On Thu, Aug 23, 2018 at 11:59:32PM -0300, Thiago Jung Bauermann wrote:
>> From: Anshuman Khandual
>>
>> SWIOTLB checks range of incoming CPU addresses to be bounced and see if the
>> device
Hello Randy,
Thanks for your quick review.
Randy Dunlap writes:
> On 08/24/2018 09:25 AM, Thiago Jung Bauermann wrote:
>> From: Anshuman Khandual
>>
>> SWIOTLB buffer default size (64MB) is not enough for large sequential write
>> operations which eventually lead
hen a process tries to
allocate the 32nd key, it gets an -EINVAL error instead of -ENOSPC which
would indicate that there aren't any keys available
Fixes: cf43d3b26452 ("powerpc: Enable pkey subsystem")
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/mm/pkeys.c | 2 +-
1 file change
a TEST_ERROR result for a case like this where
an unexpected problem prevented the testcase from exercising the
feature.
If we're to use the an existing result then I vote for SKIP_IF.
For reference, here are the test results that DejaGnu supports (it is
the test harness used by some GNU projects):
https://www.gnu.org/software/dejagnu/manual/Output-States.html
I would say that SKIP_IF corresponds to UNSUPPORTED in DejaGnu.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Breno Leitao writes:
> This patch creates a new macro that skips a test and prints a message to
> stderr. This is useful to give an idea why the tests is being skipped,
> other than just skipping the test blindly.
>
> Signed-off-by: Breno Leitao
Reviewed-by: Thiago
ips this test if it runs without the proper privileges,
> avoiding this undesired failure.
>
> CC: Tyrel Datwyler
> CC: Thiago Jung Bauermann
> Signed-off-by: Breno Leitao
Reviewed-by: Thiago Jung Bauermann
> ---
> tools/testing/selftests/powerpc/ptrace/core-pkey.c
n at
> initialization time (xmon_init()) and just consuming it at crash time.
>
> This would allow xmon to be possible invoked independent of devtree_lock
> being held or not.
>
> Signed-off-by: Breno Leitao
I'm not familiar with xmon code but I was curious, and for what it&
f dealing with xattr
errors in case the modsig verification fails. With this,
process_xattr_error isn't needed anymore.
- Patch "ima: Write modsig to the measurement list"
- Split from patch "ima: Support module-style appended signatures for
appraisal".
- Adde
() without having to depend on
CONFIG_MODULE_SIG.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: Jessica Yu
---
include/linux/module.h | 3 --
include/linux/module_signature.h | 47 ++
init/Kconfig | 6 ++-
kernel/Makefile
message, so add pkcs7_get_message_sig().
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: David Howells
Cc: David Woodhouse
Cc: Herbert Xu
Cc: "David S. Miller"
---
certs/system_keyring.c| 61 ---
crypto/asymmetric_keys/pkcs
work. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
ost places the array doesn't hold a
digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/evm/evm_main.c | 8 +++
IMA will need to obtain the keyring used to verify file signatures so that
it can verify the module-style signature appended to files.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/digsig.c| 28 +---
security/integrity
function.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/digsig_asymmetric.c | 44 +++---
security/integrity/integrity.h | 8 +
2 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/security/integrity
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi
With the introduction of another IMA signature type (modsig), some places
will need to check for both of them. It is cleaner to do that if there's a
helper function to tell whether an xattr_value represents an IMA
signature.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Baue
ima_read_modsig() will need it so that it can show an error message.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_policy.c | 12 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima
signature stored in the extended
attribute or an appended signature.
For now, the rule above will behave exactly the same as if
appraise_type=imasig was specified. The actual modsig implementation
will be introduced separately.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
ff-by: Thiago Jung Bauermann
---
security/integrity/ima/Kconfig| 3 +
security/integrity/ima/ima.h | 36 ++-
security/integrity/ima/ima_appraise.c | 65 ++--
security/integrity/ima/ima_main.c | 17 ++-
security/integrity/ima/ima_modsig.c
Define new "d-sig" template field which holds the digest that is expected
to match the one contained in the modsig.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
Documentation/security/IMA-templates.rst | 5
security/integrity/ima/ima.h
Add modsig support to the "sig" template field, allowing the the contents
of the modsig to be included in the measurement list.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 7 +++
security/integrity/ima/im
nal measurement with
the modsig. This is done by defining the appraise subaction flag
IMA_READ_MEASURE and testing for it in process_measurement().
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_
ldmm pkey state in mm: */
> + mm_pkey_allocation_map(mm) = mm_pkey_allocation_map(oldmm);
> + mm->context.execute_only_pkey = oldmm->context.execute_only_pkey;
> +}
This function is small and perhaps could have been a static inline in
, but arch_dup_mmap() doesn't seem to be in a hot
path so the segregation of implementation details to pkeys.c is nice
from an organization point of view.
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
Hello James,
Thanks for you interest in these patches.
James Morris writes:
> On Fri, 16 Nov 2018, Thiago Jung Bauermann wrote:
>
>> On the OpenPOWER platform, secure boot and trusted boot are being
>> implemented using IMA for taking measurements and verifying signat
ned-off-by: Michael Ellerman
> ---
> arch/powerpc/sysdev/ipic.c | 28
> 1 file changed, 28 deletions(-)
There's also the function prototype in
--
Thiago Jung Bauermann
IBM Linux Technology Center
loop in pseries_cpu_die() a bit fragile. I describe
the race in the patch description.
My solution to make the race less tight is to make the CPU driving the
unplug to only start the busy loop only after the CPU being unplugged is
in the CPU_STATE_OFFLINE state. At that point, we know that it ei
0003a4a84800 (unreliable)
> [c61aba20] [c001e24c] __switch_to+0x2dc/0x430
> [c61aba80] [c0e5fb94] __schedule+0x3d4/0xa20
> [c61abb50] [c0e6022c] schedule+0x4c/0xc0
> [c61abb80] [c0e64ffc] schedule_timeout+0x1dc/0x4e0
> [c61abc80] [c01af40c] rcu_gp_kthread+0xc3c/0x11f0
> [c61abdb0] [c013c7c8] kthread+0x168/0x1b0
> [c61abe20] [c000b658] ret_from_kernel_thread+0x5c/0x64
I don't know what to make of CPU 72. :-) Perhaps it's the one making
the other "rogue" RTAS call interfering with stop-self in CPU 105?
It must be some RTAS call made with rtas_call_unlocked, because CPU 88
is holding the RTAS lock.
-- Thiago Jung Bauermann
IBM Linux Technology Center
#x27;s
just a conjecture.
--
Thiago Jung Bauermann
IBM Linux Technology Center
te modsig to the measurement list"
- Moved some functions from patch "ima: Add functions to read and verify
a modsig signature" into this patch.
- Moved code related to d-sig support to new patch.
- Patch "ima: Store the measurement again when appraisi
() without having to depend on
CONFIG_MODULE_SIG.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: Jessica Yu
---
include/linux/module.h | 3 --
include/linux/module_signature.h | 47 ++
init/Kconfig | 6 ++-
kernel/Makefile
message, so add pkcs7_get_message_sig().
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: David Howells
Cc: David Woodhouse
Cc: Herbert Xu
Cc: "David S. Miller"
---
certs/system_keyring.c| 61 ---
crypto/asymmetric_keys/pkcs
work. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
ost places the array doesn't hold a
digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition, specifically the EVM HMAC code.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
IMA will need to obtain the keyring used to verify file signatures so that
it can verify the module-style signature appended to files.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/digsig.c| 28 +---
security/integrity
function.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/digsig_asymmetric.c | 44 +++---
security/integrity/integrity.h | 8 +
2 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/security/integrity
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi
With the introduction of another IMA signature type (modsig), some places
will need to check for both of them. It is cleaner to do that if there's a
helper function to tell whether an xattr_value represents an IMA
signature.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Baue
ima_read_modsig() will need it so that it can show an error message.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_policy.c | 12 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima
1 - 100 of 817 matches
Mail list logo
