On Fri, 2020-11-13 at 11:22 -0800, Lakshmi Ramasubramanian wrote:
> Address and size of the buffer containing the IMA measurement log need
> to be passed from the current kernel to the next kernel on kexec.
>
> Add address and size fields to "struct kimage_arch" for ARM64 platform
> to hold the address and size of the IMA measurement log buffer.
> Define an architecture specific function for ARM64 namely
> arch_ima_add_kexec_buffer() that will set the address and size of
> the current kernel's IMA buffer to be passed to the next kernel on kexec.
>
> Co-developed-by: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
> Reviewed-by: Thiago Jung Bauermann <bauerman@xxxxxxxxxxxxx>
> ---
> arch/arm64/include/asm/ima.h | 18 ++++++++++++++++++
> arch/arm64/include/asm/kexec.h | 3 +++
> arch/arm64/kernel/Makefile | 1 +
> arch/arm64/kernel/ima_kexec.c | 34 ++++++++++++++++++++++++++++++++++
> 4 files changed, 56 insertions(+)
> create mode 100644 arch/arm64/include/asm/ima.h
> create mode 100644 arch/arm64/kernel/ima_kexec.c
>
> diff --git a/arch/arm64/include/asm/ima.h b/arch/arm64/include/asm/ima.h
> new file mode 100644
> index 000000000000..507fc94ddaba
> --- /dev/null
> +++ b/arch/arm64/include/asm/ima.h
> @@ -0,0 +1,18 @@
> +/* SPDX-License-Identifier: GPL-2.0-or-later */
> +/*
> + * Copyright (C) 2019 Microsoft Corporation
> + *
> + * Author: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
> + *
> + */
> +#ifndef _ASM_ARCH_IMA_H
> +#define _ASM_ARCH_IMA_H
> +
> +struct kimage;
> +
> +#ifdef CONFIG_IMA_KEXEC
> +int arch_ima_add_kexec_buffer(struct kimage *image, unsigned long load_addr,
> + size_t size);
> +#endif /* CONFIG_IMA_KEXEC */
> +
> +#endif /* _ASM_ARCH_IMA_H */
> diff --git a/arch/arm64/include/asm/kexec.h b/arch/arm64/include/asm/kexec.h
> index d24b527e8c00..7bd60c185ad3 100644
> --- a/arch/arm64/include/asm/kexec.h
> +++ b/arch/arm64/include/asm/kexec.h
> @@ -100,6 +100,9 @@ struct kimage_arch {
> void *elf_headers;
> unsigned long elf_headers_mem;
> unsigned long elf_headers_sz;
> +
> + phys_addr_t ima_buffer_addr;
> + size_t ima_buffer_size;
> };
Any reason these definitions are not conditionally defined based on
CONFIG_IMA_KEXEC, like on powerpc?
>
> diff --git a/arch/arm64/kernel/ima_kexec.c b/arch/arm64/kernel/ima_kexec.c
> new file mode 100644
> index 000000000000..1847f1230710
> --- /dev/null
> +++ b/arch/arm64/kernel/ima_kexec.c
> @@ -0,0 +1,34 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2019 Microsoft Corporation
> + *
> + * Author: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
> + *
> + * File: ima_kexec.c
> + * Defines IMA kexec functions.
> + */
> +
> +#include <linux/kernel.h>
> +#include <linux/kexec.h>
> +#include <linux/types.h>
> +#include <asm/ima.h>
> +
> +/**
> + * arch_ima_add_kexec_buffer - do arch-specific steps to add the IMA buffer
> + *
> + * @image: kimage structure to set ima buffer information in for kexec
> + * @load_addr: Start address of the IMA buffer
> + * @size: size of the IMA buffer
> + *
> + * Architectures should use this function to pass on the IMA buffer
> + * information to the next kernel.
> + *
> + * Return: 0 on success, negative errno on error.
> + */
> +int arch_ima_add_kexec_buffer(struct kimage *image, unsigned long load_addr,
> + size_t size)
> +{
> + image->arch.ima_buffer_addr = load_addr;
> + image->arch.ima_buffer_size = size;
> + return 0;
> +}
This is exactly the same as the powerpc version. Couldn't there be a
common version of this as well?
Mimi
