Re: [systemd-devel] [PATCHv6 02/13] kexec_file: Move signature validation ahead

Thu, 26 Feb 2026 18:33:57 -0800 

On Thu, Feb 26, 2026 at 9:37 PM Philipp Rudo <[email protected]> wrote:
>
> Hi Pingfan,
>
> On Mon, 19 Jan 2026 11:24:13 +0800
> Pingfan Liu <[email protected]> wrote:
>
> > Move the signature validation at the head of the function, so the image
> > can be unfold and handled later.
>
> besides what the bpf-bot already mentioned.
>
> What do you want to achieve by moving signature verification in front
> of probing the image? Do you want to avoid calling
> arch_kexec_kernel_image_probe twice? It would be great if you could add
> the reasoning why the change is needed to the commit message in the
> future. Not only to make review easier but also to document it for the
> future.
>
Here I made a mistake. I think the UKI case and the convention case
should be handled separately. For the UKI case, signature verification
should be applied to the UKI envelope but skipped for the unpacked
kernel image since it has no signature.


Thanks,

Pingfan

> Thanks
> Philipp
>
> > Signed-off-by: Pingfan Liu <[email protected]>
> > Cc: Baoquan He <[email protected]>
> > Cc: Dave Young <[email protected]>
> > Cc: Andrew Morton <[email protected]>
> > Cc: Philipp Rudo <[email protected]>
> > To: [email protected]
> > ---
> >  kernel/kexec_file.c | 13 +++++++------
> >  1 file changed, 7 insertions(+), 6 deletions(-)
> >
> > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
> > index eb62a97942428..0222d17072d40 100644
> > --- a/kernel/kexec_file.c
> > +++ b/kernel/kexec_file.c
> > @@ -231,18 +231,19 @@ kimage_file_prepare_segments(struct kimage *image, 
> > int kernel_fd, int initrd_fd,
> >       kexec_dprintk("kernel: %p kernel_size: %#lx\n",
> >                     image->kernel_buf, image->kernel_buf_len);
> >
> > -     /* Call arch image probe handlers */
> > -     ret = arch_kexec_kernel_image_probe(image, image->kernel_buf,
> > -                                         image->kernel_buf_len);
> > -     if (ret)
> > -             goto out;
> > -
> >  #ifdef CONFIG_KEXEC_SIG
> >       ret = kimage_validate_signature(image);
> >
> >       if (ret)
> >               goto out;
> >  #endif
> > +
> > +     /* Call arch image probe handlers */
> > +     ret = arch_kexec_kernel_image_probe(image, image->kernel_buf,
> > +                                         image->kernel_buf_len);
> > +     if (ret)
> > +             goto out;
> > +
> >       /* It is possible that there no initramfs is being loaded */
> >       if (!(flags & KEXEC_FILE_NO_INITRAMFS)) {
> >               ret = kernel_read_file_from_fd(initrd_fd, 0, 
> > &image->initrd_buf,
>

Reply via email to