* Re: [PATCH v2] kernel/padata.c: share code between CPU_ONLINE and CPU_DOWN_FAILED, same to CPU_DOWN_PREPARE and CPU_UP_CANCELED
From: Chen Gang @ 2013-08-29 5:22 UTC (permalink / raw)
To: Herbert Xu; +Cc: Steffen Klassert, linux-crypto, linux-kernel@vger.kernel.org
In-Reply-To: <20130829044259.GB25208@gondor.apana.org.au>
On 08/29/2013 12:42 PM, Herbert Xu wrote:
> On Fri, Aug 23, 2013 at 12:44:48PM +0200, Steffen Klassert wrote:
>> On Thu, Aug 22, 2013 at 02:43:37PM +0800, Chen Gang wrote:
>>> Share code between CPU_ONLINE and CPU_DOWN_FAILED, same to
>>> CPU_DOWN_PREPARE and CPU_UP_CANCELED.
>>>
>>> It will fix 2 bugs:
>>>
>>> "not check the return value of __padata_remove_cpu() and __padata_add_cpu()".
>>> "need add 'break' between CPU_UP_CANCELED and CPU_DOWN_FAILED".
>>>
>>>
>>> Signed-off-by: Chen Gang <gang.chen@asianux.com>
>>
>> This looks ok to me, Herbert can you take this one?
>>
>> Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
>
> Patch applied. Thanks!
>
Thank you too.
--
Chen Gang
^ permalink raw reply
* Re: [PATCH v2] kernel/padata.c: share code between CPU_ONLINE and CPU_DOWN_FAILED, same to CPU_DOWN_PREPARE and CPU_UP_CANCELED
From: Herbert Xu @ 2013-08-29 4:42 UTC (permalink / raw)
To: Steffen Klassert; +Cc: Chen Gang, linux-crypto, linux-kernel@vger.kernel.org
In-Reply-To: <20130823104448.GI26773@secunet.com>
On Fri, Aug 23, 2013 at 12:44:48PM +0200, Steffen Klassert wrote:
> On Thu, Aug 22, 2013 at 02:43:37PM +0800, Chen Gang wrote:
> > Share code between CPU_ONLINE and CPU_DOWN_FAILED, same to
> > CPU_DOWN_PREPARE and CPU_UP_CANCELED.
> >
> > It will fix 2 bugs:
> >
> > "not check the return value of __padata_remove_cpu() and __padata_add_cpu()".
> > "need add 'break' between CPU_UP_CANCELED and CPU_DOWN_FAILED".
> >
> >
> > Signed-off-by: Chen Gang <gang.chen@asianux.com>
>
> This looks ok to me, Herbert can you take this one?
>
> Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Patch applied. Thanks!
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH] kernel/padata.c: Register hotcpu notifier after initialization
From: Herbert Xu @ 2013-08-29 4:43 UTC (permalink / raw)
To: Steffen Klassert
Cc: Richard Weinberger, linux-crypto, linux-kernel, gang.chen
In-Reply-To: <20130827093041.GD7660@secunet.com>
On Tue, Aug 27, 2013 at 11:30:41AM +0200, Steffen Klassert wrote:
> On Fri, Aug 23, 2013 at 01:12:33PM +0200, Richard Weinberger wrote:
> > padata_cpu_callback() takes pinst->lock, to avoid taking
> > an uninitialized lock, register the notifier after it's
> > initialization.
> >
> > Signed-off-by: Richard Weinberger <richard@nod.at>
>
> Looks ok,
>
> Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Also applied.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH 03/10] crypto: nx - fix limits to sg lists for AES-CBC
From: Herbert Xu @ 2013-08-29 4:42 UTC (permalink / raw)
To: Marcelo Cerri; +Cc: linux-kernel, linux-crypto, linuxppc-dev
In-Reply-To: <1377288074-18998-4-git-send-email-mhcerri@linux.vnet.ibm.com>
On Fri, Aug 23, 2013 at 05:01:07PM -0300, Marcelo Cerri wrote:
> This patch updates the nx-aes-cbc implementation to perform several
> hyper calls if needed in order to always respect the length limits for
> scatter/gather lists.
>
> Two different limits are considered:
>
> - "ibm,max-sg-len": maximum number of bytes of each scatter/gather
> list.
>
> - "ibm,max-sync-cop":
> - The total number of bytes that a scatter/gather list can hold.
> - The maximum number of elements that a scatter/gather list can have.
>
> Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
> Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
This patch does not apply against the current cryptodev tree.
Please regenerate your pathces.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot
From: joeyli @ 2013-08-29 0:01 UTC (permalink / raw)
To: Florian Weimer
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Pavel Machek, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH, JKosina,
Rusty Russell, Herbert Xu, David S. Miller, H. Peter Anvin,
Michal Marek, Gary Lin, Vivek Goyal
In-Reply-To: <87eh9dzg00.fsf@mid.deneb.enyo.de>
Hi Florian,
Thanks for your response.
於 三,2013-08-28 於 23:01 +0200,Florian Weimer 提到:
> * Chun-Yi Lee:
>
> > + EFI bootloader must generate RSA key-pair when system boot:
I should add more information on this sentence for mention need GenS4Key
runtime variable then re-generate key-pair.
Thanks!
> > - Bootloader store the public key to EFI boottime variable by itself
> > - Bootloader put The private key to S4SignKey EFI variable for forward to
> > kernel.
>
> Is the UEFI NVRAM really suited for such regular updates?
>
Yes, Matthew raised this concern at before. I modified patch to load
private key in efi stub kernel, before ExitBootServices(), that means we
don't need generate key-pair at every system boot. So, the above
procedure of efi bootloader will only run one time.
User can enable SNAPSHOT_REGEN_KEYS kernel config to notify efi
booloader regenerate key-pair for every S4 to improve security if he
want. So, the key-pair re-generate procedure will only launched when S4
resume, not every system boot.
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot
From: joeyli @ 2013-08-29 0:01 UTC (permalink / raw)
To: Florian Weimer
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Pavel Machek, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH, JKosina,
Rusty Russell, Herbert Xu, David S. Miller, H. Peter Anvin,
Michal Marek, Gary Lin, Vivek Goyal
In-Reply-To: <87eh9dzg00.fsf@mid.deneb.enyo.de>
Hi Florian,
Thanks for your response.
於 三,2013-08-28 於 23:01 +0200,Florian Weimer 提到:
> * Chun-Yi Lee:
>
> > + EFI bootloader must generate RSA key-pair when system boot:
I should add more information on this sentence for mention need GenS4Key
runtime variable then re-generate key-pair.
Thanks!
> > - Bootloader store the public key to EFI boottime variable by itself
> > - Bootloader put The private key to S4SignKey EFI variable for forward to
> > kernel.
>
> Is the UEFI NVRAM really suited for such regular updates?
>
Yes, Matthew raised this concern at before. I modified patch to load
private key in efi stub kernel, before ExitBootServices(), that means we
don't need generate key-pair at every system boot. So, the above
procedure of efi bootloader will only run one time.
User can enable SNAPSHOT_REGEN_KEYS kernel config to notify efi
booloader regenerate key-pair for every S4 to improve security if he
want. So, the key-pair re-generate procedure will only launched when S4
resume, not every system boot.
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot
From: joeyli @ 2013-08-29 0:01 UTC (permalink / raw)
To: Florian Weimer
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Pavel Machek,
Josh Boyer, Vojtech Pavlik, Matt Fleming, James Bottomley,
Greg KH, JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu,
David S. Miller, H. Peter Anvin, Michal Marek, Gary Lin,
Vivek Goyal
In-Reply-To: <87eh9dzg00.fsf-ZqZwdwZz9NfTBotR3TxKnbNAH6kLmebB@public.gmane.org>
Hi Florian,
Thanks for your response.
於 三,2013-08-28 於 23:01 +0200,Florian Weimer 提到:
> * Chun-Yi Lee:
>
> > + EFI bootloader must generate RSA key-pair when system boot:
I should add more information on this sentence for mention need GenS4Key
runtime variable then re-generate key-pair.
Thanks!
> > - Bootloader store the public key to EFI boottime variable by itself
> > - Bootloader put The private key to S4SignKey EFI variable for forward to
> > kernel.
>
> Is the UEFI NVRAM really suited for such regular updates?
>
Yes, Matthew raised this concern at before. I modified patch to load
private key in efi stub kernel, before ExitBootServices(), that means we
don't need generate key-pair at every system boot. So, the above
procedure of efi bootloader will only run one time.
User can enable SNAPSHOT_REGEN_KEYS kernel config to notify efi
booloader regenerate key-pair for every S4 to improve security if he
want. So, the key-pair re-generate procedure will only launched when S4
resume, not every system boot.
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot
From: joeyli @ 2013-08-29 0:01 UTC (permalink / raw)
To: Florian Weimer
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Pavel Machek, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH, JKosina,
Rusty Russell, Herbert Xu, David S. Miller, H. Peter Anvin,
Michal Marek, Gary Lin, Vivek Goyal
In-Reply-To: <87eh9dzg00.fsf@mid.deneb.enyo.de>
Hi Florian,
Thanks for your response.
於 三,2013-08-28 於 23:01 +0200,Florian Weimer 提到:
> * Chun-Yi Lee:
>
> > + EFI bootloader must generate RSA key-pair when system boot:
I should add more information on this sentence for mention need GenS4Key
runtime variable then re-generate key-pair.
Thanks!
> > - Bootloader store the public key to EFI boottime variable by itself
> > - Bootloader put The private key to S4SignKey EFI variable for forward to
> > kernel.
>
> Is the UEFI NVRAM really suited for such regular updates?
>
Yes, Matthew raised this concern at before. I modified patch to load
private key in efi stub kernel, before ExitBootServices(), that means we
don't need generate key-pair at every system boot. So, the above
procedure of efi bootloader will only run one time.
User can enable SNAPSHOT_REGEN_KEYS kernel config to notify efi
booloader regenerate key-pair for every S4 to improve security if he
want. So, the key-pair re-generate procedure will only launched when S4
resume, not every system boot.
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot
From: joeyli @ 2013-08-29 0:01 UTC (permalink / raw)
To: Florian Weimer
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Pavel Machek, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH, JKosina,
Rusty Russell, Herbert Xu, David S. Miller, H. Peter Anvin,
Michal Marek, Gary Lin, Vivek Goyal
In-Reply-To: <87eh9dzg00.fsf@mid.deneb.enyo.de>
Hi Florian,
Thanks for your response.
於 三,2013-08-28 於 23:01 +0200,Florian Weimer 提到:
> * Chun-Yi Lee:
>
> > + EFI bootloader must generate RSA key-pair when system boot:
I should add more information on this sentence for mention need GenS4Key
runtime variable then re-generate key-pair.
Thanks!
> > - Bootloader store the public key to EFI boottime variable by itself
> > - Bootloader put The private key to S4SignKey EFI variable for forward to
> > kernel.
>
> Is the UEFI NVRAM really suited for such regular updates?
>
Yes, Matthew raised this concern at before. I modified patch to load
private key in efi stub kernel, before ExitBootServices(), that means we
don't need generate key-pair at every system boot. So, the above
procedure of efi bootloader will only run one time.
User can enable SNAPSHOT_REGEN_KEYS kernel config to notify efi
booloader regenerate key-pair for every S4 to improve security if he
want. So, the key-pair re-generate procedure will only launched when S4
resume, not every system boot.
Thanks a lot!
Joey Lee
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot
From: Florian Weimer @ 2013-08-28 21:01 UTC (permalink / raw)
To: Lee, Chun-Yi
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Pavel Machek,
Josh Boyer, Vojtech Pavlik, Matt Fleming, James Bottomley,
Greg KH, JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu,
David S. Miller, H. Peter Anvin, Michal Marek, Gary Lin,
Vivek Goyal, Lee, Chun-Yi
In-Reply-To: <1377169317-5959-1-git-send-email-jlee-IBi9RG/b67k@public.gmane.org>
* Chun-Yi Lee:
> + EFI bootloader must generate RSA key-pair when system boot:
> - Bootloader store the public key to EFI boottime variable by itself
> - Bootloader put The private key to S4SignKey EFI variable for forward to
> kernel.
Is the UEFI NVRAM really suited for such regular updates?
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: Pavel Machek @ 2013-08-27 14:17 UTC (permalink / raw)
To: Manfred Hollstein, joeyli, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH,
JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu, David S. Miller,
H. Peter Anvin, Michal Marek, Gary Lin, Vivek Goyal,
Takashi Iwai <tiwai
In-Reply-To: <20130827120142.GA4314-FGSgn5mWDzkZXJsbVdw/lG363IjY150HP6IUcbMO39o@public.gmane.org>
On Tue 2013-08-27 14:01:42, Manfred Hollstein wrote:
> On Tue, 27 Aug 2013, 13:29:43 +0200, Pavel Machek wrote:
> > > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > > >
> > > > > setup_efi_pci(boot_params);
> > > > >
> > > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > > + setup_s4_keys(boot_params);
> > > > > +#endif
> > > > > +
> > > >
> > > > Move ifdef inside the function?
> > >
> > > OK, I will define a dummy function for non-verification situation.
> >
> > IIRC you can just put the #ifdef inside the function body.
>
> This is certainly not to be invoked on a frequent basis (and therefore
> not on a hot path), but from a more general angle, wouldn't this leave
> a(nother) plain "jsr... rts" sequence without any effect other than
> burning a few cycles? If the whole function call can be disabled
> (ignored) in a certain configuration, it shouldn't call at all, should
> it?
gcc should be able to deal with optimizing that out.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: joeyli @ 2013-08-27 13:12 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <20130827112943.GA20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:29 +0200,Pavel Machek 提到:
> > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > >
> > > > setup_efi_pci(boot_params);
> > > >
> > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > + setup_s4_keys(boot_params);
> > > > +#endif
> > > > +
> > >
> > > Move ifdef inside the function?
> >
> > OK, I will define a dummy function for non-verification situation.
>
> IIRC you can just put the #ifdef inside the function body.
> Pavel
I want use inline dummy function like saveable_highmem_page() in
snapshot.c, maybe it's better then additional function call?
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: joeyli @ 2013-08-27 13:12 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <20130827112943.GA20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:29 +0200,Pavel Machek 提到:
> > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > >
> > > > setup_efi_pci(boot_params);
> > > >
> > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > + setup_s4_keys(boot_params);
> > > > +#endif
> > > > +
> > >
> > > Move ifdef inside the function?
> >
> > OK, I will define a dummy function for non-verification situation.
>
> IIRC you can just put the #ifdef inside the function body.
> Pavel
I want use inline dummy function like saveable_highmem_page() in
snapshot.c, maybe it's better then additional function call?
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: joeyli @ 2013-08-27 13:12 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH,
JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu, David S. Miller,
H. Peter Anvin, Michal Marek, Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <20130827112943.GA20527-tWAi6jLit6GreWDznjuHag@public.gmane.org>
於 二,2013-08-27 於 13:29 +0200,Pavel Machek 提到:
> > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > >
> > > > setup_efi_pci(boot_params);
> > > >
> > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > + setup_s4_keys(boot_params);
> > > > +#endif
> > > > +
> > >
> > > Move ifdef inside the function?
> >
> > OK, I will define a dummy function for non-verification situation.
>
> IIRC you can just put the #ifdef inside the function body.
> Pavel
I want use inline dummy function like saveable_highmem_page() in
snapshot.c, maybe it's better then additional function call?
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: joeyli @ 2013-08-27 13:12 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <20130827112943.GA20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:29 +0200,Pavel Machek 提到:
> > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > >
> > > > setup_efi_pci(boot_params);
> > > >
> > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > + setup_s4_keys(boot_params);
> > > > +#endif
> > > > +
> > >
> > > Move ifdef inside the function?
> >
> > OK, I will define a dummy function for non-verification situation.
>
> IIRC you can just put the #ifdef inside the function body.
> Pavel
I want use inline dummy function like saveable_highmem_page() in
snapshot.c, maybe it's better then additional function call?
Thanks a lot!
Joey Lee
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: joeyli @ 2013-08-27 13:12 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <20130827112943.GA20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:29 +0200,Pavel Machek 提到:
> > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > >
> > > > setup_efi_pci(boot_params);
> > > >
> > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > + setup_s4_keys(boot_params);
> > > > +#endif
> > > > +
> > >
> > > Move ifdef inside the function?
> >
> > OK, I will define a dummy function for non-verification situation.
>
> IIRC you can just put the #ifdef inside the function body.
> Pavel
I want use inline dummy function like saveable_highmem_page() in
snapshot.c, maybe it's better then additional function call?
Thanks a lot!
Joey Lee
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: joeyli @ 2013-08-27 12:54 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal
In-Reply-To: <20130827113044.GB20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:30 +0200,Pavel Machek 提到:
> On Tue 2013-08-27 18:22:17, joeyli wrote:
> > 於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> > > On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > > hash algorithm will be used during signature generation of snapshot.
> > > >
> > > > v2:
> > > > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > > > declare pkey_hash().
> > > >
> > > > Reviewed-by: Jiri Kosina <jkosina@suse.cz>
> > > > Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
> > > > ---
> > > > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > > > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > > > 2 files changed, 68 insertions(+), 5 deletions(-)
> > > >
> > > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > > > index b592d88..79b34fa 100644
> > > > --- a/kernel/power/Kconfig
> > > > +++ b/kernel/power/Kconfig
> > > > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > > > dependent on UEFI environment. EFI bootloader should generate the
> > > > key-pair.
> > > >
> > > > +choice
> > > > + prompt "Which hash algorithm should snapshot be signed with?"
> > > > + depends on SNAPSHOT_VERIFICATION
> > > > + help
> > > > + This determines which sort of hashing algorithm will be used during
> > > > + signature generation of snapshot. This algorithm _must_ be built into
> > > > + the kernel directly so that signature verification can take place.
> > > > + It is not possible to load a signed snapshot containing the algorithm
> > > > + to check the signature on that module.
> > >
> > > Like if 1000 ifdefs you already added to the code are not enough, you
> > > make some new ones?
> > > Pavel
> > >
> >
> > This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
> > used for generate digest of snapshot. The configuration will captured by
> > a const char* in code:
> >
> > +static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
> > +
> > +static int pkey_hash(void)
> >
> > So, there doesn't have any ifdef block derived from this new config.
>
> I'd say select one hash function, and use it. There's no need to make
> it configurable.
> Pavel
There have better performance when SHA algorithm output shorter hash
result. On the other hand, longer hash result provide better security.
And, on 64-bits system, the SHA512 has better performance then SHA256.
Due to user have different use case and different hardware, why not give
them this option to make decision?
Thanks a lot!
Joey LEe
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: joeyli @ 2013-08-27 12:54 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal
In-Reply-To: <20130827113044.GB20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:30 +0200,Pavel Machek 提到:
> On Tue 2013-08-27 18:22:17, joeyli wrote:
> > 於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> > > On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > > hash algorithm will be used during signature generation of snapshot.
> > > >
> > > > v2:
> > > > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > > > declare pkey_hash().
> > > >
> > > > Reviewed-by: Jiri Kosina <jkosina@suse.cz>
> > > > Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
> > > > ---
> > > > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > > > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > > > 2 files changed, 68 insertions(+), 5 deletions(-)
> > > >
> > > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > > > index b592d88..79b34fa 100644
> > > > --- a/kernel/power/Kconfig
> > > > +++ b/kernel/power/Kconfig
> > > > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > > > dependent on UEFI environment. EFI bootloader should generate the
> > > > key-pair.
> > > >
> > > > +choice
> > > > + prompt "Which hash algorithm should snapshot be signed with?"
> > > > + depends on SNAPSHOT_VERIFICATION
> > > > + help
> > > > + This determines which sort of hashing algorithm will be used during
> > > > + signature generation of snapshot. This algorithm _must_ be built into
> > > > + the kernel directly so that signature verification can take place.
> > > > + It is not possible to load a signed snapshot containing the algorithm
> > > > + to check the signature on that module.
> > >
> > > Like if 1000 ifdefs you already added to the code are not enough, you
> > > make some new ones?
> > > Pavel
> > >
> >
> > This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
> > used for generate digest of snapshot. The configuration will captured by
> > a const char* in code:
> >
> > +static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
> > +
> > +static int pkey_hash(void)
> >
> > So, there doesn't have any ifdef block derived from this new config.
>
> I'd say select one hash function, and use it. There's no need to make
> it configurable.
> Pavel
There have better performance when SHA algorithm output shorter hash
result. On the other hand, longer hash result provide better security.
And, on 64-bits system, the SHA512 has better performance then SHA256.
Due to user have different use case and different hardware, why not give
them this option to make decision?
Thanks a lot!
Joey LEe
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: joeyli @ 2013-08-27 12:54 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal
In-Reply-To: <20130827113044.GB20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:30 +0200,Pavel Machek 提到:
> On Tue 2013-08-27 18:22:17, joeyli wrote:
> > 於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> > > On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > > hash algorithm will be used during signature generation of snapshot.
> > > >
> > > > v2:
> > > > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > > > declare pkey_hash().
> > > >
> > > > Reviewed-by: Jiri Kosina <jkosina@suse.cz>
> > > > Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
> > > > ---
> > > > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > > > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > > > 2 files changed, 68 insertions(+), 5 deletions(-)
> > > >
> > > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > > > index b592d88..79b34fa 100644
> > > > --- a/kernel/power/Kconfig
> > > > +++ b/kernel/power/Kconfig
> > > > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > > > dependent on UEFI environment. EFI bootloader should generate the
> > > > key-pair.
> > > >
> > > > +choice
> > > > + prompt "Which hash algorithm should snapshot be signed with?"
> > > > + depends on SNAPSHOT_VERIFICATION
> > > > + help
> > > > + This determines which sort of hashing algorithm will be used during
> > > > + signature generation of snapshot. This algorithm _must_ be built into
> > > > + the kernel directly so that signature verification can take place.
> > > > + It is not possible to load a signed snapshot containing the algorithm
> > > > + to check the signature on that module.
> > >
> > > Like if 1000 ifdefs you already added to the code are not enough, you
> > > make some new ones?
> > > Pavel
> > >
> >
> > This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
> > used for generate digest of snapshot. The configuration will captured by
> > a const char* in code:
> >
> > +static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
> > +
> > +static int pkey_hash(void)
> >
> > So, there doesn't have any ifdef block derived from this new config.
>
> I'd say select one hash function, and use it. There's no need to make
> it configurable.
> Pavel
There have better performance when SHA algorithm output shorter hash
result. On the other hand, longer hash result provide better security.
And, on 64-bits system, the SHA512 has better performance then SHA256.
Due to user have different use case and different hardware, why not give
them this option to make decision?
Thanks a lot!
Joey LEe
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: joeyli @ 2013-08-27 12:54 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal
In-Reply-To: <20130827113044.GB20527@amd.pavel.ucw.cz>
於 二,2013-08-27 於 13:30 +0200,Pavel Machek 提到:
> On Tue 2013-08-27 18:22:17, joeyli wrote:
> > 於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> > > On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > > hash algorithm will be used during signature generation of snapshot.
> > > >
> > > > v2:
> > > > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > > > declare pkey_hash().
> > > >
> > > > Reviewed-by: Jiri Kosina <jkosina@suse.cz>
> > > > Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
> > > > ---
> > > > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > > > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > > > 2 files changed, 68 insertions(+), 5 deletions(-)
> > > >
> > > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > > > index b592d88..79b34fa 100644
> > > > --- a/kernel/power/Kconfig
> > > > +++ b/kernel/power/Kconfig
> > > > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > > > dependent on UEFI environment. EFI bootloader should generate the
> > > > key-pair.
> > > >
> > > > +choice
> > > > + prompt "Which hash algorithm should snapshot be signed with?"
> > > > + depends on SNAPSHOT_VERIFICATION
> > > > + help
> > > > + This determines which sort of hashing algorithm will be used during
> > > > + signature generation of snapshot. This algorithm _must_ be built into
> > > > + the kernel directly so that signature verification can take place.
> > > > + It is not possible to load a signed snapshot containing the algorithm
> > > > + to check the signature on that module.
> > >
> > > Like if 1000 ifdefs you already added to the code are not enough, you
> > > make some new ones?
> > > Pavel
> > >
> >
> > This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
> > used for generate digest of snapshot. The configuration will captured by
> > a const char* in code:
> >
> > +static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
> > +
> > +static int pkey_hash(void)
> >
> > So, there doesn't have any ifdef block derived from this new config.
>
> I'd say select one hash function, and use it. There's no need to make
> it configurable.
> Pavel
There have better performance when SHA algorithm output shorter hash
result. On the other hand, longer hash result provide better security.
And, on 64-bits system, the SHA512 has better performance then SHA256.
Due to user have different use case and different hardware, why not give
them this option to make decision?
Thanks a lot!
Joey LEe
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: joeyli @ 2013-08-27 12:54 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH,
JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu, David S. Miller,
H. Peter Anvin, Michal Marek, Gary Lin, Vivek Goyal
In-Reply-To: <20130827113044.GB20527-tWAi6jLit6GreWDznjuHag@public.gmane.org>
於 二,2013-08-27 於 13:30 +0200,Pavel Machek 提到:
> On Tue 2013-08-27 18:22:17, joeyli wrote:
> > 於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> > > On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > > hash algorithm will be used during signature generation of snapshot.
> > > >
> > > > v2:
> > > > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > > > declare pkey_hash().
> > > >
> > > > Reviewed-by: Jiri Kosina <jkosina-AlSwsSmVLrQ@public.gmane.org>
> > > > Signed-off-by: Lee, Chun-Yi <jlee-IBi9RG/b67k@public.gmane.org>
> > > > ---
> > > > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > > > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > > > 2 files changed, 68 insertions(+), 5 deletions(-)
> > > >
> > > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > > > index b592d88..79b34fa 100644
> > > > --- a/kernel/power/Kconfig
> > > > +++ b/kernel/power/Kconfig
> > > > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > > > dependent on UEFI environment. EFI bootloader should generate the
> > > > key-pair.
> > > >
> > > > +choice
> > > > + prompt "Which hash algorithm should snapshot be signed with?"
> > > > + depends on SNAPSHOT_VERIFICATION
> > > > + help
> > > > + This determines which sort of hashing algorithm will be used during
> > > > + signature generation of snapshot. This algorithm _must_ be built into
> > > > + the kernel directly so that signature verification can take place.
> > > > + It is not possible to load a signed snapshot containing the algorithm
> > > > + to check the signature on that module.
> > >
> > > Like if 1000 ifdefs you already added to the code are not enough, you
> > > make some new ones?
> > > Pavel
> > >
> >
> > This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
> > used for generate digest of snapshot. The configuration will captured by
> > a const char* in code:
> >
> > +static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
> > +
> > +static int pkey_hash(void)
> >
> > So, there doesn't have any ifdef block derived from this new config.
>
> I'd say select one hash function, and use it. There's no need to make
> it configurable.
> Pavel
There have better performance when SHA algorithm output shorter hash
result. On the other hand, longer hash result provide better security.
And, on 64-bits system, the SHA512 has better performance then SHA256.
Due to user have different use case and different hardware, why not give
them this option to make decision?
Thanks a lot!
Joey LEe
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: Manfred Hollstein @ 2013-08-27 12:01 UTC (permalink / raw)
To: Pavel Machek
Cc: joeyli, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH,
JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu, David S. Miller,
H. Peter Anvin, Michal Marek, Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <20130827112943.GA20527-tWAi6jLit6GreWDznjuHag@public.gmane.org>
On Tue, 27 Aug 2013, 13:29:43 +0200, Pavel Machek wrote:
> > > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > > >
> > > > setup_efi_pci(boot_params);
> > > >
> > > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > > + setup_s4_keys(boot_params);
> > > > +#endif
> > > > +
> > >
> > > Move ifdef inside the function?
> >
> > OK, I will define a dummy function for non-verification situation.
>
> IIRC you can just put the #ifdef inside the function body.
This is certainly not to be invoked on a frequent basis (and therefore
not on a hot path), but from a more general angle, wouldn't this leave
a(nother) plain "jsr... rts" sequence without any effect other than
burning a few cycles? If the whole function call can be disabled
(ignored) in a certain configuration, it shouldn't call at all, should
it?
Cheers.
l8er
manfred
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: Pavel Machek @ 2013-08-27 11:30 UTC (permalink / raw)
To: joeyli
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal
In-Reply-To: <1377598937.20140.12.camel@linux-s257.site>
On Tue 2013-08-27 18:22:17, joeyli wrote:
> 於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> > On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > > hash algorithm will be used during signature generation of snapshot.
> > >
> > > v2:
> > > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > > declare pkey_hash().
> > >
> > > Reviewed-by: Jiri Kosina <jkosina@suse.cz>
> > > Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
> > > ---
> > > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > > 2 files changed, 68 insertions(+), 5 deletions(-)
> > >
> > > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > > index b592d88..79b34fa 100644
> > > --- a/kernel/power/Kconfig
> > > +++ b/kernel/power/Kconfig
> > > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > > dependent on UEFI environment. EFI bootloader should generate the
> > > key-pair.
> > >
> > > +choice
> > > + prompt "Which hash algorithm should snapshot be signed with?"
> > > + depends on SNAPSHOT_VERIFICATION
> > > + help
> > > + This determines which sort of hashing algorithm will be used during
> > > + signature generation of snapshot. This algorithm _must_ be built into
> > > + the kernel directly so that signature verification can take place.
> > > + It is not possible to load a signed snapshot containing the algorithm
> > > + to check the signature on that module.
> >
> > Like if 1000 ifdefs you already added to the code are not enough, you
> > make some new ones?
> > Pavel
> >
>
> This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
> used for generate digest of snapshot. The configuration will captured by
> a const char* in code:
>
> +static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
> +
> +static int pkey_hash(void)
>
> So, there doesn't have any ifdef block derived from this new config.
I'd say select one hash function, and use it. There's no need to make
it configurable.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
^ permalink raw reply
* Re: [PATCH 11/18] Hibernate: introduced RSA key-pair to verify signature of snapshot
From: Pavel Machek @ 2013-08-27 11:29 UTC (permalink / raw)
To: joeyli
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
linux-efi-u79uwXL29TY76Z2rM5mHXA, linux-pm-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
opensuse-kernel-stAJ6ESoqRxg9hUCZPvPmw, David Howells,
Rafael J. Wysocki, Matthew Garrett, Len Brown, Josh Boyer,
Vojtech Pavlik, Matt Fleming, James Bottomley, Greg KH,
JKosina-IBi9RG/b67k, Rusty Russell, Herbert Xu, David S. Miller,
H. Peter Anvin, Michal Marek, Gary Lin, Vivek Goyal, Takashi Iwai
In-Reply-To: <1377594283.20140.3.camel-ONCj+Eqt86TasUa73XJKwA@public.gmane.org>
> > > @@ -1205,6 +1290,10 @@ struct boot_params *efi_main(void *handle, efi_system_table_t *_table,
> > >
> > > setup_efi_pci(boot_params);
> > >
> > > +#ifdef CONFIG_SNAPSHOT_VERIFICATION
> > > + setup_s4_keys(boot_params);
> > > +#endif
> > > +
> >
> > Move ifdef inside the function?
>
> OK, I will define a dummy function for non-verification situation.
IIRC you can just put the #ifdef inside the function body.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
^ permalink raw reply
* Re: [PATCH 17/18] Hibernate: introduced SNAPSHOT_SIG_HASH config for select hash algorithm
From: joeyli @ 2013-08-27 10:22 UTC (permalink / raw)
To: Pavel Machek
Cc: linux-kernel, linux-security-module, linux-efi, linux-pm,
linux-crypto, opensuse-kernel, David Howells, Rafael J. Wysocki,
Matthew Garrett, Len Brown, Josh Boyer, Vojtech Pavlik,
Matt Fleming, James Bottomley, Greg KH, JKosina, Rusty Russell,
Herbert Xu, David S. Miller, H. Peter Anvin, Michal Marek,
Gary Lin, Vivek Goyal
In-Reply-To: <20130825164329.GL5171@amd.pavel.ucw.cz>
於 日,2013-08-25 於 18:43 +0200,Pavel Machek 提到:
> On Thu 2013-08-22 19:01:56, Lee, Chun-Yi wrote:
> > This patch introduced SNAPSHOT_SIG_HASH config for user to select which
> > hash algorithm will be used during signature generation of snapshot.
> >
> > v2:
> > Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
> > declare pkey_hash().
> >
> > Reviewed-by: Jiri Kosina <jkosina@suse.cz>
> > Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
> > ---
> > kernel/power/Kconfig | 46 ++++++++++++++++++++++++++++++++++++++++++++++
> > kernel/power/snapshot.c | 27 ++++++++++++++++++++++-----
> > 2 files changed, 68 insertions(+), 5 deletions(-)
> >
> > diff --git a/kernel/power/Kconfig b/kernel/power/Kconfig
> > index b592d88..79b34fa 100644
> > --- a/kernel/power/Kconfig
> > +++ b/kernel/power/Kconfig
> > @@ -78,6 +78,52 @@ config SNAPSHOT_VERIFICATION
> > dependent on UEFI environment. EFI bootloader should generate the
> > key-pair.
> >
> > +choice
> > + prompt "Which hash algorithm should snapshot be signed with?"
> > + depends on SNAPSHOT_VERIFICATION
> > + help
> > + This determines which sort of hashing algorithm will be used during
> > + signature generation of snapshot. This algorithm _must_ be built into
> > + the kernel directly so that signature verification can take place.
> > + It is not possible to load a signed snapshot containing the algorithm
> > + to check the signature on that module.
>
> Like if 1000 ifdefs you already added to the code are not enough, you
> make some new ones?
> Pavel
>
This SNAPSHOT_SIG_HASH kernel config is to select which SHA algorithms
used for generate digest of snapshot. The configuration will captured by
a const char* in code:
+static const char *snapshot_hash = CONFIG_SNAPSHOT_SIG_HASH;
+
+static int pkey_hash(void)
So, there doesn't have any ifdef block derived from this new config.
Thanks a lot!
Joey Lee
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox