Hi Jonathan, Thank you for taking a look at my patches. On 6/6/22 01:19, Jonathan McDowell wrote:
The main piece that seems to be missing is updating the size of the IMA buffer in the mechanism used to pass its details to the new kernel (so device tree in current mainline [setup_ima_buffer], the setup_data piece in my x86_64 patches). Without that you'll only load the original set of measurements even if the extra data is in the buffer.
Ok. Thanks for the pointer. I will take a look at your patches and get back to you with updates.
I think there's also a potential problem in that you assume an extra page is sufficient for any additional measurements which may or may not be the case - I don't see any check in ima_update_kexec_buffer that the buffer is big enough for the new IMA data.
Agreed. I wanted to solve that problem next. First I wanted to verify at least a few events are getting copied after the kexec soft reboot. But thanks for pointing this out.
J.
Again, appreciate your pointers. Thanks, Tushar _______________________________________________ kexec mailing list kexec@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/kexec
