From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B0656C004C0 for ; Fri, 20 Oct 2023 21:50:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:From:References:Cc:To:Subject: MIME-Version:Date:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=PHcrk2KGK2NL/y6+GWjsN7NNRK/9z7D+yD4SWFER7AE=; b=MwW02NtWsYRu9M AR0vMLyJuK0D0CLsswYC/R2/zvlyRRUeKRUPl/tr1LXDdAEs8Izk+LZ9nshvxKvhvbedNnuMhr8rZ GV/nbinUpCrVb7kfH7Vgnw2RiWFjy9tP+rRgwWgJJtrkHONeKpbL5G4t7WVEYOyacj0GWZi9LuWX/ cbFYDoKXdXsOJPjF72l4RykHX0dO6ggXMz9U+VcJ4k/1/cyqBWcqkA5UTF4mfIY31JbvWN4nBxPLM NrwrjGvAPihS0zq+83k8BdowD6hE+SRxD2Ov2dQybP7GuaDMjY7bi6KXiywUCZ1oV+NH7NOC81dCj sUKyn0moDJ5rnYzH/5ew==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qtxNj-0035rR-03; Fri, 20 Oct 2023 21:50:11 +0000 Received: from linux.microsoft.com ([13.77.154.182]) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qtxNb-0035qK-39 for kexec@lists.infradead.org; Fri, 20 Oct 2023 21:50:09 +0000 Received: from [192.168.86.69] (unknown [50.46.228.62]) by linux.microsoft.com (Postfix) with ESMTPSA id E990520B74C0; Fri, 20 Oct 2023 14:50:01 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E990520B74C0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1697838602; bh=cWz2Q33BnG1puqH1h9DLKBeEmDZ1FtFEiqsZ9kfPdNI=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=TyC8VjOI5OX3GhQfXdqkvUDvNiAVYjc5q4SIWpxOwGlS/A1A/KIp0bb7mfq/cYoLV AizKZot4sBoyJTnx6V3XGNiPpuYcsBgl98qBHFYqBF1tEGOjvShzwy6S0d2WbINELj Sr4R45VCLA3HGp+veFduURxAV5oca6KY7SGDF1Ec= Message-ID: <97927bf8-77d3-5117-7e49-41b76f308930@linux.microsoft.com> Date: Fri, 20 Oct 2023 14:50:01 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [PATCH v2 1/7] ima: refactor ima_dump_measurement_list to move memory allocation to a separate function Content-Language: en-US To: Stefan Berger , zohar@linux.ibm.com, ebiederm@xmission.com, noodles@fb.com, bauermann@kolabnow.com, kexec@lists.infradead.org, linux-integrity@vger.kernel.org Cc: code@tyhicks.com, nramas@linux.microsoft.com, paul@paul-moore.com References: <20231005182602.634615-1-tusharsu@linux.microsoft.com> <20231005182602.634615-2-tusharsu@linux.microsoft.com> <2c06f9c5-6f3a-b163-20ca-24178d7cba4e@linux.ibm.com> <9b227c0a-ddb3-b1c3-4ed0-e3e740db7788@linux.microsoft.com> From: Tushar Sugandhi In-Reply-To: X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20231020_145004_192008_FA5ADACA X-CRM114-Status: GOOD ( 29.79 ) X-BeenThere: kexec@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "kexec" Errors-To: kexec-bounces+kexec=archiver.kernel.org@lists.infradead.org CgpPbiAxMC8yMC8yMyAxNDoyMSwgU3RlZmFuIEJlcmdlciB3cm90ZToKPiAKPiBPbiAxMC8yMC8y MyAxNjozMywgVHVzaGFyIFN1Z2FuZGhpIHdyb3RlOgo+PiBUaGFua3MgYSBsb3QgU3RlZmFuIGZv ciByZXZpZXdpbmcgdGhpcyBzZXJpZXMuCj4+IFJlYWxseSBhcHByZWNpYXRlIGl0Lgo+IAo+IAo+ IFlvdSBhcmUgd2VsY29tZS4KPiAKPiBXaGF0IG1heSBiZSBhIGJpdCBwcm9ibGVtYXRpYyBpcyB0 aGUgZmFjdCB0aGF0IGJldHdlZW4gdGhlIHRpbWUgdGhlIAo+IGJ1ZmZlciBmb3IgdGhlIGZsYXR0 ZW5lZCBJTUEgbG9nIGlzIGFsbG9jYXRlZCAoa2V4ZWMgJ2xvYWQnKSBhbmQgdGhlIAo+IHRpbWUg aXQgaXMgZmlsbGVkIChrZXhlYyAnZXhlYycpIHRoYXQgdGhlIGxvZyBtYXkgZ3JvdyBxdWl0ZSBh IGJpdC4gSSAKPiB3b3VsZCBzYXkgdGhhdCB0aGUgc2l6ZSBvZiB0aGUgZ3Jvd3RocyBtYXkgZGVw ZW5kIGEgbG90IG9uIGhvdyBwZW9wbGUgCj4gYXJlIHVzaW5nIHRoZWlyIHN5c3RlbSB0aGF0IHRo ZSBhZGRpdGlvbmFsIGtpbG9ieXRlc8KgIG1heSBvciBtYXkgbm90IGJlIAo+IGVub3VnaC4gU28g YSBkaXN0cm8gd291bGQgcHJvYmFibHkgaGF2ZSB0byBzcGVjaWZ5IGFkZGl0aW9uYWwgYnl0ZXMg dG8gCj4gYWxsb2NhdGUgZm9yIGxpa2UgdGhlIHdvcnN0IGNhc2UuIEJ1dCBob3cgbWFueSBraWxv Ynl0ZXMgaXMgdGhlIHdvcnN0IGNhc2U/Cj4gCj4gIMKgwqAgU3RlZmFuClllcy4gIEl0cyBhIGdl bnVpbmUgY29uY2Vybi4KClRoZSB3aW5kb3cgYmV0d2VlbiBrZXhlYyAnbG9hZCcgYW5kICdleGVj dXRlJyBjb3VsZCBiZSBhcmJpdHJhcmlseSBsb25nLgooaG91cnMsIGRheXMsIG1vbnRocykuICBB bmQgdGhlIGxvZyBjYW4gZ3JvdyBxdWl0ZSBhIGJpdC4gIEFuZCB0aGVyZSBpcwphbHdheXMgYSBw b3NzaWJpbGl0eSB0aGF0IGl0IHdpbGwgcnVuIG91dCBvZiB0aGUgZXh0cmEgYWxsb2NhdGVkIG1l bW9yeS0Kbm8gbWF0dGVyIGhvdyBtdWNoIHdlIGFsbG9jYXRlIGF0IGxvYWQuCgpXZSBjYW4gbmV2 ZXIga25vdyB3aXRoIGNlcnRhaW50eSAtIGhvdyBtYW55IGtpbG9ieXRlcyBpcyB0aGUgd29yc3Qg Y2FzZT8KU28gSSB1c2VkIGFub3RoZXIgYXBwcm9hY2ggdG8gYWRkcmVzcyB0aGlzIGlzc3VlLgoK SSBhZGRyZXNzZWQgdGhpcyBpc3N1ZSBpbiBwYXRjaCA3Lzcgb2YgdGhpcyBzZXJpZXNbMV0gYnkg bWVhc3VyaW5nCmEgbWFya2VyIGV2ZW50ICgia2V4ZWNfZXhlY3V0ZSIpIGp1c3QgYmVmb3JlIGtl eGVjICdleGVjdXRlJy4KQWxzbyBwYXN0aW5nIHRoZSBjb2RlIGZyb20gNy83IGJlbG93WzFdIGZv ciByZWZlcmVuY2UuCgpJZiBJTUEgcnVucyBvdXQgb2YgdGhlIGV4dHJhIGFsbG9jYXRlZCBtZW1v cnkgd2hpbGUgY29weWluZyB0aGUgZXZlbnRzLAp0aGlzIG1hcmtlciBldmVudCAoImtleGVjX2V4 ZWN1dGUiKSB3aWxsIG5vdCBiZSBwcmVzZW50IGluIHRoZSBJTUEgbG9nCndoZW4gdGhlIHN5c3Rl bSBib290cyBpbnRvIHRoZSBuZXcgS2VybmVsLgoKU28gdGhlIGV2ZW50IHNlcXVlbmNlIGluIElN QSBsb2cgd291bGQgYmUgYXMgZm9sbG93czoKCklNQSBsb2cKLS0tLS0tLS0KJ2Jvb3RfYWdncmVn YXRlJyAjIGNsZWFuIGJvb3QKLi4uCi4uLiAjIGV2ZW50cyBiZWZvcmUgbmV3IGtleGVjICdsb2Fk JwouLi4KJ2tleGVjX2xvYWQnCi4uLgouLi4jIGFyYml0cmFyeSBtYW55IG1vcmUgZXZlbnRzCi4u LgouLi4KLi4uCidrZXhlY19leGVjdXRlJwojaWYgdGhpcyAna2V4ZWNfZXhlY3V0ZScgZXZlbnQg aXMgbWlzc2luZyBhZnRlciB0aGUKI3N5c3RlbSBrZXhlYyBzb2Z0IGJvb3RzIGludG8gdGhlIG5l dyBLZXJuZWwsCiNpLmUuIGJldHdlZW4gdGhlIHR3byBib290X2FnZ3JlZ2F0ZSBldmVudHMsCiNp dCBjYW4gYmUgc2FmZWx5IGNvbmNsdWRlZCB0aGF0IHRoZSBJTUEgbG9nCiNyYW4gb3V0IG9mIG1l bW9yeSBpbiBkdXJpbmcga2V4ZWMgcmVib290LAojYW5kIG5vdyBpdCBpcyBvdXQgb2Ygc3luYyB3 aXRoIFBDUiBxdW90ZXMKI2FuZCB0aHVzIHRoZSBzeXN0ZW0gbmVlZHMgdG8gYmUgaGFyZCByZWJv b3RlZC4KCidib290X2FnZ3JlZ2F0ZScgIyBjbGVhbiBib290Ci4uLgouLi4gIyBldmVudHMgYWZ0 ZXIga2V4ZWMgc29mdCBib290Ci4uLgoKVGhpcyBsb2dpYyBjYW4gZWZmZWN0aXZlbHkgY29uY2x1 ZGUgaWYgSU1BIGxvZyBpcyBvdXQgb2YKc3luYyB3aXRoIHRoZSBQQ1IgcXVvdGVzLiAgSWYgaXQg aXMsIHRoZW4gdGhlIHJlbW90ZQphdHRlc3RhdGlvbiBzZXJ2aWNlL2NsaWVudCBjYW4gdGFrZSBh cHByb3ByaWF0ZSBhY3Rpb24Kb24gdGhlIHN5c3RlbSAoY2xlYW4gYm9vdCkgdG8gcmVjb3Zlci4K CgpIb3BlIHRoaXMgYXBwcm9hY2ggbWFrZXMgc2Vuc2UuCgp+VHVzaGFyCgoKWzFdIFt2Miw3Lzdd IGltYTogcmVjb3JkIGxvZyBzaXplIGF0IGtleGVjIGxvYWQgYW5kIGV4ZWN1dGUKaHR0cHM6Ly9w YXRjaHdvcmsua2VybmVsLm9yZy9wcm9qZWN0L2xpbnV4LWludGVncml0eS9wYXRjaC8yMDIzMTAw NTE4MjYwMi42MzQ2MTUtOC10dXNoYXJzdUBsaW51eC5taWNyb3NvZnQuY29tLyAKCgpkaWZmIC0t Z2l0IGEvc2VjdXJpdHkvaW50ZWdyaXR5L2ltYS9pbWFfa2V4ZWMuYyAKYi9zZWN1cml0eS9pbnRl Z3JpdHkvaW1hL2ltYV9rZXhlYy5jCmluZGV4IDZjZDVmNDZhNzIwOC4uMGY5YzQyNGZlODA4IDEw MDY0NAotLS0gYS9zZWN1cml0eS9pbnRlZ3JpdHkvaW1hL2ltYV9rZXhlYy5jCisrKyBiL3NlY3Vy aXR5L2ludGVncml0eS9pbWEvaW1hX2tleGVjLmMKQEAgLTE3LDYgKzE3LDggQEAKICAjaW5jbHVk ZSAiaW1hLmgiCgogICNpZmRlZiBDT05GSUdfSU1BX0tFWEVDCisjZGVmaW5lIElNQV9LRVhFQ19F VkVOVF9MRU4gMTI4CisKICBzdHJ1Y3Qgc2VxX2ZpbGUgaW1hX2tleGVjX2ZpbGU7CiAgc3RydWN0 IGltYV9rZXhlY19oZHIgaW1hX2toZHI7CiAgc3RhdGljIHZvaWQgKmltYV9rZXhlY19idWZmZXI7 CkBAIC0zNCw2ICszNiw4IEBAICB2b2lkIGltYV9jbGVhcl9rZXhlY19maWxlKHZvaWQpCgogIHN0 YXRpYyBpbnQgaW1hX2FsbG9jX2tleGVjX2J1ZihzaXplX3Qga2V4ZWNfc2VnbWVudF9zaXplKQog IHsKKwljaGFyIGltYV9rZXhlY19ldmVudFtJTUFfS0VYRUNfRVZFTlRfTEVOXTsKKwogIAlpZiAo KGtleGVjX3NlZ21lbnRfc2l6ZSA9PSAwKSB8fAogIAkgICAgKGtleGVjX3NlZ21lbnRfc2l6ZSA9 PSBVTE9OR19NQVgpIHx8CiAgCSAgICAoKGtleGVjX3NlZ21lbnRfc2l6ZSA+PiBQQUdFX1NISUZU KSA+IHRvdGFscmFtX3BhZ2VzKCkgLyAyKSkgewpAQCAtNjQsNiArNjgsMTIgQEAgIHN0YXRpYyBp bnQgaW1hX2FsbG9jX2tleGVjX2J1ZihzaXplX3QgCmtleGVjX3NlZ21lbnRfc2l6ZSkKICAJbWVt c2V0KCZpbWFfa2hkciwgMCwgc2l6ZW9mKGltYV9raGRyKSk7CiAgCWltYV9raGRyLnZlcnNpb24g PSAxOwoKKwlzY25wcmludGYoaW1hX2tleGVjX2V2ZW50LCBJTUFfS0VYRUNfRVZFTlRfTEVOLAor CQkgICJrZXhlY19zZWdtZW50X3NpemU9JWx1OyIsIGtleGVjX3NlZ21lbnRfc2l6ZSk7CisKKwlp bWFfbWVhc3VyZV9jcml0aWNhbF9kYXRhKCJpbWFfa2V4ZWMiLCAia2V4ZWNfbG9hZCIsIGltYV9r ZXhlY19ldmVudCwKKwkJCQkgIHN0cmxlbihpbWFfa2V4ZWNfZXZlbnQpLCBmYWxzZSwgTlVMTCwg MCk7CisKICAJcmV0dXJuIDA7CiAgfQoKQEAgLTE5OCw2ICsyMDgsNyBAQCAgdm9pZCBpbWFfYWRk X2tleGVjX2J1ZmZlcihzdHJ1Y3Qga2ltYWdlICppbWFnZSkKICBzdGF0aWMgaW50IGltYV91cGRh dGVfa2V4ZWNfYnVmZmVyKHN0cnVjdCBub3RpZmllcl9ibG9jayAqc2VsZiwKICAJCQkJICAgdW5z aWduZWQgbG9uZyBhY3Rpb24sIHZvaWQgKmRhdGEpCiAgeworCWNoYXIgaW1hX2tleGVjX2V2ZW50 W0lNQV9LRVhFQ19FVkVOVF9MRU5dOwogIAl2b2lkICpidWYgPSBOVUxMOwogIAlzaXplX3QgYnVm X3NpemU7CiAgCWJvb2wgcmVzdW1lID0gZmFsc2U7CkBAIC0yMTMsOSArMjI0LDMxIEBAICBzdGF0 aWMgaW50IGltYV91cGRhdGVfa2V4ZWNfYnVmZmVyKHN0cnVjdCAKbm90aWZpZXJfYmxvY2sgKnNl bGYsCiAgCQlyZXR1cm4gTk9USUZZX09LOwogIAl9CgorCWJ1Zl9zaXplID0gaW1hX2dldF9iaW5h cnlfcnVudGltZV9zaXplKCk7CisJc2NucHJpbnRmKGltYV9rZXhlY19ldmVudCwgSU1BX0tFWEVD X0VWRU5UX0xFTiwKKwkJICAia2V4ZWNfc2VnbWVudF9zaXplPSVsdTtpbWFfYmluYXJ5X3J1bnRp bWVfc2l6ZT0lbHU7IiwKKwkJICBrZXhlY19zZWdtZW50X3NpemUsIGJ1Zl9zaXplKTsKKworCS8q CisJICogVGhpcyBpcyBvbmUgb2YgdGhlIHZlcnkgbGFzdCBldmVudHMgbWVhc3VyZWQgYnkgSU1B IGJlZm9yZSBrZXhlYworCSAqIHNvZnQgcmVib290aW5nIGludG8gdGhlIG5ldyBLZXJuYWwuCisJ ICogVGhpcyBldmVudCBjYW4gYmUgdXNlZCBhcyBhIG1hcmtlciBhZnRlciB0aGUgc3lzdGVtIHNv ZnQgcmVib290cworCSAqIHRvIHRoZSBuZXcgS2VybmVsIHRvIGNoZWNrIGlmIHRoZXJlIHdhcyBz dWZmaWNpZW50IG1lbW9yeSBhbGxvY2F0ZWQKKwkgKiBhdCBrZXhlYyAnbG9hZCcgdG8gY2FwdHVy ZSB0aGUgZXZlbnRzIG1lYXN1cmVkIGJldHdlZW4gdGhlIHdpbmRvdworCSAqIG9mIGtleGVjICds b2FkJyBhbmQgJ2V4ZWN1dGUnLgorCSAqIFRoaXMgZXZlbnQgbmVlZHMgdG8gYmUgcHJlc2VudCBp biB0aGUgSU1BIGxvZywgaW4gYmV0d2VlbiB0aGUgdHdvCisJICogJ2Jvb3RfYWdncmVnYXRlJyBl dmVudHMgdGhhdCBhcmUgbG9nZ2VkIGZvciB0aGUgcHJldmlvdXMgYm9vdCBhbmQKKwkgKiB0aGUg Y3VycmVudCBzb2Z0IHJlYm9vdC4gSWYgaXQgaXMgbm90IHByZXNlbnQgYWZ0ZXIgdGhlIHN5c3Rl bSBzb2Z0CisJICogcmVib290cyBpbnRvIHRoZSBuZXcgS2VybmVsLCBpdCB3b3VsZCBtZWFuIHRo ZSBJTUEgbG9nIGlzIG5vdAorCSAqIGNvbnNpc3RlbnQgd2l0aCB0aGUgVFBNIFBDUiBxdW90ZXMs IGFuZCB0aGUgc3lzdGVtIG5lZWRzIHRvIGJlCisJICogY29sZC1ib290ZWQgZm9yIHRoZSBhdHRl c3RhdGlvbiB0byBzdWNjZWVkIGFnYWluLgorCSAqLworCWltYV9tZWFzdXJlX2NyaXRpY2FsX2Rh dGEoImltYV9rZXhlYyIsICJrZXhlY19leGVjdXRlIiwKKwkJCQkgIGltYV9rZXhlY19ldmVudCwg c3RybGVuKGltYV9rZXhlY19ldmVudCksCisJCQkJICBmYWxzZSwgTlVMTCwgMCk7CisKICAJaW1h X21lYXN1cmVtZW50c19zdXNwZW5kKCk7CgotCWJ1Zl9zaXplID0gaW1hX2dldF9iaW5hcnlfcnVu dGltZV9zaXplKCk7CiAgCXJldCA9IGltYV9kdW1wX21lYXN1cmVtZW50X2xpc3QoJmJ1Zl9zaXpl LCAmYnVmLAogIAkJCQkJa2V4ZWNfc2VnbWVudF9zaXplKTsKCgpfX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fXwprZXhlYyBtYWlsaW5nIGxpc3QKa2V4ZWNAbGlz dHMuaW5mcmFkZWFkLm9yZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3Rp bmZvL2tleGVjCg== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66AFDC0032E for ; Fri, 20 Oct 2023 21:50:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233193AbjJTVuJ (ORCPT ); Fri, 20 Oct 2023 17:50:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35240 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233200AbjJTVuJ (ORCPT ); Fri, 20 Oct 2023 17:50:09 -0400 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id B906A9E for ; Fri, 20 Oct 2023 14:50:02 -0700 (PDT) Received: from [192.168.86.69] (unknown [50.46.228.62]) by linux.microsoft.com (Postfix) with ESMTPSA id E990520B74C0; Fri, 20 Oct 2023 14:50:01 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E990520B74C0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1697838602; bh=cWz2Q33BnG1puqH1h9DLKBeEmDZ1FtFEiqsZ9kfPdNI=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=TyC8VjOI5OX3GhQfXdqkvUDvNiAVYjc5q4SIWpxOwGlS/A1A/KIp0bb7mfq/cYoLV AizKZot4sBoyJTnx6V3XGNiPpuYcsBgl98qBHFYqBF1tEGOjvShzwy6S0d2WbINELj Sr4R45VCLA3HGp+veFduURxAV5oca6KY7SGDF1Ec= Message-ID: <97927bf8-77d3-5117-7e49-41b76f308930@linux.microsoft.com> Date: Fri, 20 Oct 2023 14:50:01 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [PATCH v2 1/7] ima: refactor ima_dump_measurement_list to move memory allocation to a separate function Content-Language: en-US To: Stefan Berger , zohar@linux.ibm.com, ebiederm@xmission.com, noodles@fb.com, bauermann@kolabnow.com, kexec@lists.infradead.org, linux-integrity@vger.kernel.org Cc: code@tyhicks.com, nramas@linux.microsoft.com, paul@paul-moore.com References: <20231005182602.634615-1-tusharsu@linux.microsoft.com> <20231005182602.634615-2-tusharsu@linux.microsoft.com> <2c06f9c5-6f3a-b163-20ca-24178d7cba4e@linux.ibm.com> <9b227c0a-ddb3-b1c3-4ed0-e3e740db7788@linux.microsoft.com> From: Tushar Sugandhi In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org On 10/20/23 14:21, Stefan Berger wrote: > > On 10/20/23 16:33, Tushar Sugandhi wrote: >> Thanks a lot Stefan for reviewing this series. >> Really appreciate it. > > > You are welcome. > > What may be a bit problematic is the fact that between the time the > buffer for the flattened IMA log is allocated (kexec 'load') and the > time it is filled (kexec 'exec') that the log may grow quite a bit. I > would say that the size of the growths may depend a lot on how people > are using their system that the additional kilobytes  may or may not be > enough. So a distro would probably have to specify additional bytes to > allocate for like the worst case. But how many kilobytes is the worst case? > >    Stefan Yes. Its a genuine concern. The window between kexec 'load' and 'execute' could be arbitrarily long. (hours, days, months). And the log can grow quite a bit. And there is always a possibility that it will run out of the extra allocated memory- no matter how much we allocate at load. We can never know with certainty - how many kilobytes is the worst case? So I used another approach to address this issue. I addressed this issue in patch 7/7 of this series[1] by measuring a marker event ("kexec_execute") just before kexec 'execute'. Also pasting the code from 7/7 below[1] for reference. If IMA runs out of the extra allocated memory while copying the events, this marker event ("kexec_execute") will not be present in the IMA log when the system boots into the new Kernel. So the event sequence in IMA log would be as follows: IMA log -------- 'boot_aggregate' # clean boot ... ... # events before new kexec 'load' ... 'kexec_load' ... ...# arbitrary many more events ... ... ... 'kexec_execute' #if this 'kexec_execute' event is missing after the #system kexec soft boots into the new Kernel, #i.e. between the two boot_aggregate events, #it can be safely concluded that the IMA log #ran out of memory in during kexec reboot, #and now it is out of sync with PCR quotes #and thus the system needs to be hard rebooted. 'boot_aggregate' # clean boot ... ... # events after kexec soft boot ... This logic can effectively conclude if IMA log is out of sync with the PCR quotes. If it is, then the remote attestation service/client can take appropriate action on the system (clean boot) to recover. Hope this approach makes sense. ~Tushar [1] [v2,7/7] ima: record log size at kexec load and execute https://patchwork.kernel.org/project/linux-integrity/patch/20231005182602.634615-8-tusharsu@linux.microsoft.com/ diff --git a/security/integrity/ima/ima_kexec.c b/security/integrity/ima/ima_kexec.c index 6cd5f46a7208..0f9c424fe808 100644 --- a/security/integrity/ima/ima_kexec.c +++ b/security/integrity/ima/ima_kexec.c @@ -17,6 +17,8 @@ #include "ima.h" #ifdef CONFIG_IMA_KEXEC +#define IMA_KEXEC_EVENT_LEN 128 + struct seq_file ima_kexec_file; struct ima_kexec_hdr ima_khdr; static void *ima_kexec_buffer; @@ -34,6 +36,8 @@ void ima_clear_kexec_file(void) static int ima_alloc_kexec_buf(size_t kexec_segment_size) { + char ima_kexec_event[IMA_KEXEC_EVENT_LEN]; + if ((kexec_segment_size == 0) || (kexec_segment_size == ULONG_MAX) || ((kexec_segment_size >> PAGE_SHIFT) > totalram_pages() / 2)) { @@ -64,6 +68,12 @@ static int ima_alloc_kexec_buf(size_t kexec_segment_size) memset(&ima_khdr, 0, sizeof(ima_khdr)); ima_khdr.version = 1; + scnprintf(ima_kexec_event, IMA_KEXEC_EVENT_LEN, + "kexec_segment_size=%lu;", kexec_segment_size); + + ima_measure_critical_data("ima_kexec", "kexec_load", ima_kexec_event, + strlen(ima_kexec_event), false, NULL, 0); + return 0; } @@ -198,6 +208,7 @@ void ima_add_kexec_buffer(struct kimage *image) static int ima_update_kexec_buffer(struct notifier_block *self, unsigned long action, void *data) { + char ima_kexec_event[IMA_KEXEC_EVENT_LEN]; void *buf = NULL; size_t buf_size; bool resume = false; @@ -213,9 +224,31 @@ static int ima_update_kexec_buffer(struct notifier_block *self, return NOTIFY_OK; } + buf_size = ima_get_binary_runtime_size(); + scnprintf(ima_kexec_event, IMA_KEXEC_EVENT_LEN, + "kexec_segment_size=%lu;ima_binary_runtime_size=%lu;", + kexec_segment_size, buf_size); + + /* + * This is one of the very last events measured by IMA before kexec + * soft rebooting into the new Kernal. + * This event can be used as a marker after the system soft reboots + * to the new Kernel to check if there was sufficient memory allocated + * at kexec 'load' to capture the events measured between the window + * of kexec 'load' and 'execute'. + * This event needs to be present in the IMA log, in between the two + * 'boot_aggregate' events that are logged for the previous boot and + * the current soft reboot. If it is not present after the system soft + * reboots into the new Kernel, it would mean the IMA log is not + * consistent with the TPM PCR quotes, and the system needs to be + * cold-booted for the attestation to succeed again. + */ + ima_measure_critical_data("ima_kexec", "kexec_execute", + ima_kexec_event, strlen(ima_kexec_event), + false, NULL, 0); + ima_measurements_suspend(); - buf_size = ima_get_binary_runtime_size(); ret = ima_dump_measurement_list(&buf_size, &buf, kexec_segment_size);