On 2/6/2025 8:49 AM, Mimi Zohar wrote:
Thanks, Steven, for picking up and working on Tushar's patch set.
I normally finish reviewing the patch set, before commenting. In this case, there's
a generic comment that relates to all of the patches. It's also a way of letting you
know that I've started reviewing the patch set. The remaining comments will come
after I finish reviewing the patch set.
On Mon, 2025-02-03 at 15:20 -0800, steven chen wrote:
Carrying the IMA measurement list across kexec requires allocating a
buffer and copying the measurement records. Separate allocating the
buffer and copying the measurement records into separate functions in
order to allocate the buffer at kexec 'load' and copy the measurements
at kexec 'execute'.
This patch includes the following changes:
- Refactor ima_dump_measurement_list() to move the memory allocation
to a separate function ima_alloc_kexec_file_buf() which allocates
buffer of size 'kexec_segment_size' at kexec 'load'.
- Make the local variable ima_kexec_file in ima_dump_measurement_list()
a local static to the file, so that it can be accessed from
ima_alloc_kexec_file_buf(). Compare actual memory required to ensure
there is enough memory for the entire measurement record.
- Copy as many measurement events as possible.
- Make necessary changes to the function ima_add_kexec_buffer() to call
the above two functions.
- Compared the memory size allocated with memory size of the entire
measurement record. If there is not enough memory, it will copy as many
IMA measurement records as possible, and this situation will result
in a failure of remote attestation.
Author: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
I understand you want to credit Tushar for the patch, but the mechanism is described
in Documentation/process/submitting-patches.rst. Refer to the paragraph on "Co-
developed-by". There is no tag named "Author".
Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
Suggested-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
"Suggested-by" goes before the Signed-off-by tag(s). "Reviewed-by" tag goes after
your and/or Tushar's Signed-off-tag.
Signed-off-by: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: steven chen <chenste@xxxxxxxxxxxxxxxxxxx>
Before the "Co-developed-by" tag was defined, it was implied simply by this ordering
of the "Signed-off-by" tags.
For those patches you didn't modify, simply import Tushar's patch with him as the
author and add your Signed-off-by tag after his.
thanks,
Mimi
Thanks Mimi, will update it in next release.
