Hi Steven,
On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:
> Currently, the mechanism to map and unmap segments to the kimage
> structure is not available to the subsystems outside of kexec. This
> functionality is needed when IMA is allocating the memory segments
> during kexec 'load' operation. Implement functions to map and unmap
> segments to kimage.
>
> Implement kimage_map_segment() to enable mapping of IMA buffer source
> pages to the kimage structure post kexec 'load'. This function,
> accepting a kimage pointer, an address, and a size, will gather the
> source pages within the specified address range, create an array of page
> pointers, and map these to a contiguous virtual address range. The
> function returns the start of this range if successful, or NULL if
> unsuccessful.
>
> Implement kimage_unmap_segment() for unmapping segments
> using vunmap().
>
> From: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
> Author: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
> Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
I don't recall previously adding my "Reviewed-by" tag.
Eric, I'd appreciate your reviewing this and the subsequent patch "[PATCH v7 3/7]
ima: kexec: skip IMA segment validation after kexec soft reboot" in particular.
> Signed-off-by: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: steven chen <chenste@xxxxxxxxxxxxxxxxxxx>
> ---
> include/linux/kexec.h | 7 ++++++
> kernel/kexec_core.c | 54 +++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 61 insertions(+)
>
> diff --git a/include/linux/kexec.h b/include/linux/kexec.h
> index f0e9f8eda7a3..f8413ea5c8c8 100644
> --- a/include/linux/kexec.h
> +++ b/include/linux/kexec.h
> @@ -467,6 +467,9 @@ extern bool kexec_file_dbg_print;
> #define kexec_dprintk(fmt, arg...) \
> do { if (kexec_file_dbg_print) pr_info(fmt, ##arg); } while (0)
>
> +extern void *kimage_map_segment(struct kimage *image,
> + unsigned long addr, unsigned long size);
scripts/Checkpatch.pl complains about the parenthesis alignment here and elsewhere.
Mimi
> +extern void kimage_unmap_segment(void *buffer);
> #else /* !CONFIG_KEXEC_CORE */
> struct pt_regs;
> struct task_struct;
> @@ -474,6 +477,10 @@ static inline void __crash_kexec(struct pt_regs *regs) { }
> static inline void crash_kexec(struct pt_regs *regs) { }
> static inline int kexec_should_crash(struct task_struct *p) { return 0; }
> static inline int kexec_crash_loaded(void) { return 0; }
> +static inline void *kimage_map_segment(struct kimage *image,
> + unsigned long addr, unsigned long size)
> +{ return NULL; }
> +static inline void kimage_unmap_segment(void *buffer) { }
> #define kexec_in_progress false
> #endif /* CONFIG_KEXEC_CORE */
>
