Adding Eric to cc.
On 7/7/23 05:28, Stefan Berger wrote:
On 7/3/23 17:57, Tushar Sugandhi wrote:
Currently, there's no mechanism to map and unmap segments to the kimage
structure. This functionality is needed when dealing with memory
segments
in the context of a kexec operation.
The patch adds two new functions: kimage_map_segment() and
kimage_unmap_segment().
Implement kimage_map_segment() which takes a kimage pointer, an address,
and a size. Ensures that the entire segment is being mapped by
comparing
the given address and size to each segment in the kimage's segment
array.
Collect the source pages that correspond to the given address range,
allocate an array of pointers to these pages, and map them to a
contiguous
range of virtual addresses. If the mapping operation is successful, the
function returns the start of this range. Otherwise, it frees the page
pointer array and returns NULL.
Implement kimage_unmap_segment() that takes a pointer to a segment
buffer
and unmaps it using vunmap().
Finally, move for_each_kimage_entry() macro to kexec.h.
Note: Use kimage_map_segment() and kimage_unmap_segment() carefully to
avoid memory leaks and ensure that all mapped segments are properly
unmapped when they're no longer needed.
Signed-off-by: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
+
+ i = 0;
+ for_each_kimage_entry(image, ptr, entry) {
+ if (entry & IND_DESTINATION)
+ dest_page_addr = entry & PAGE_MASK;
+ else if (entry & IND_SOURCE) {
+ if (dest_page_addr >= addr && dest_page_addr < eaddr) {
+ src_page_addr = entry & PAGE_MASK;
+ src_pages[i++] = phys_to_page(src_page_addr);
Since phys_to_page is not defined on many/most architectures I change
it for ppc64 and have successfully used the following:
+ src_pages[i++] =
virt_to_page(__va(src_page_addr))
After several kexecs the following check still works:
# evmctl ima_measurement --ignore-violations
/sys/kernel/security/ima/binary_runtime_measurements
Matched per TPM bank calculated digest(s).
Stefan
Thank you so much Stefan for reviewing this series, and catching this
issue. Are you suggesting I should use virt_to_page on all architectures
unconditionally, or use it only when phys_to_page is not available?
~Tushar