On Fri, 2023-07-21 at 13:38 -0600, Rob Herring wrote:
> On Thu, Jul 20, 2023 at 10:14:31AM -0400, Rik van Riel wrote:
> > The code calling ima_free_kexec_buffer runs long after the memblock
> > allocator has already been torn down, potentially resulting in a
> > use
> > after free in memblock_isolate_range.
> >
> > With KASAN or KFENCE, this use after free will result in a BUG
> > from the idle task, and a subsequent kernel panic.
> >
> > Switch ima_free_kexec_buffer over to memblock_free_late to avoid
> > that issue.
> >
> > Fixes: fee3ff99bc67 ("powerpc: Move arch independent ima kexec
> > functions to drivers/of/kexec.c")
>
> Fixes: b69a2afd5afc ("x86/kexec: Carry forward IMA measurement log on
> kexec")
>
Thank you for digging further back in the history of that code.
> Acked-by: Rob Herring <robh@xxxxxxxxxx>
>
> (I'm assuming someone else is taking this)
I hope so, but I don't know who...
--
All Rights Reversed.
Attachment:
signature.asc
Description: This is a digitally signed message part
