From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Michael Ellerman <mpe@ellerman.id.au>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linuxppc-dev@ozlabs.org, linux-kernel@vger.kernel.org,
dyoung@redhat.com, stewart@linux.vnet.ibm.com,
bauerman@linux.vnet.ibm.com
Subject: Re: [PATCH v11 0/8] powerpc: Implement kexec_file_load()
Date: Wed, 30 Nov 2016 08:03:46 -0500 [thread overview]
Message-ID: <1480511026.18110.102.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <87inr5po0n.fsf@concordia.ellerman.id.au>
On Wed, 2016-11-30 at 15:52 +1100, Michael Ellerman wrote:
> Andrew Morton <akpm@linux-foundation.org> writes:
>
> > On Tue, 29 Nov 2016 23:45:46 +1100 Michael Ellerman <mpe@ellerman.id.au> wrote:
> >
> >> This is v11 of the kexec_file_load() for powerpc series.
> >>
> >> I've stripped this down to the minimum we need, so we can get this in for 4.10.
> >> Any additions can come later incrementally.
> >
> > This made a bit of a mess of Mimi's series "ima: carry the
> > measurement list across kexec v10".
>
> Urk, sorry about that. I didn't realise there was a big dependency
> between them, but I guess I should have tried to do the rebase.
>
> > powerpc-ima-get-the-kexec-buffer-passed-by-the-previous-kernel.patch
> > ima-on-soft-reboot-restore-the-measurement-list.patch
> > ima-permit-duplicate-measurement-list-entries.patch
> > ima-maintain-memory-size-needed-for-serializing-the-measurement-list.patch
> > powerpc-ima-send-the-kexec-buffer-to-the-next-kernel.patch
> > ima-on-soft-reboot-save-the-measurement-list.patch
> > ima-store-the-builtin-custom-template-definitions-in-a-list.patch
> > ima-support-restoring-multiple-template-formats.patch
> > ima-define-a-canonical-binary_runtime_measurements-list-format.patch
> > ima-platform-independent-hash-value.patch
> >
> > I made the syntactic fixes but I won't be testing it.
Dmitry Kasatkin's acked-by needs to be included for the IMA patches.
> Thanks.
>
> TBH I don't know how to test the IMA part, I'm relying on Thiago and
> Mimi to do that.
It should be straight forward. Enable CONFIG_IMA_KEXEC to carry the
measurements from one kernel to the next. Use a kexec_file_load version
of kexec to boot the next kernel. On the boot command line add
"ima_tcb" or "ima_policy=ima_tcb".
If the measurements were carried across kexec, the IMA measurement list
<securityfs>/ima/ascii_runtime_measurements should contain an initial
"boot_aggregate", as the first record, and a "boot_aggregate", as a
delimiter, for each subsequent kexec.
> >> If no one objects I'll merge this via the powerpc tree. The three kexec patches
> >> have been acked by Dave Young (since forever), and have been in linux-next (via
> >> akpm's tree) also for a long time.
> >
> > OK, I'll wait for these to appear in -next and I will await advice on
>
> Thanks. I'll let them stew for a few more hours and then put them in my
> next for tomorrows linux-next.
Thaigo tested the patches yesterday. Everything seemed fine. After
cherry picking the kexec_file_load() patches and rebasing the
restore_kexec patches on top of it in my tree, there were some problems.
Perhaps there is some dependencies that I'm missing.
Mimi
next prev parent reply other threads:[~2016-11-30 13:04 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-29 12:45 [PATCH v11 0/8] powerpc: Implement kexec_file_load() Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 1/8] kexec_file: Allow arch-specific memory walking for kexec_add_buffer Michael Ellerman
2016-11-30 19:51 ` [v11, " Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 2/8] kexec_file: Change kexec_add_buffer to take kexec_buf as argument Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 3/8] kexec_file: Factor out kexec_locate_mem_hole from kexec_add_buffer Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 4/8] powerpc: Change places using CONFIG_KEXEC to use CONFIG_KEXEC_CORE instead Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 5/8] powerpc: Add support code for kexec_file_load() Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 6/8] powerpc: Add purgatory for kexec_file_load() implementation Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 7/8] powerpc/kexec: Enable kexec_file_load() syscall Michael Ellerman
2016-11-29 12:45 ` [PATCH v11 8/8] powerpc: Enable CONFIG_KEXEC_FILE in powerpc server defconfigs Michael Ellerman
2016-11-29 21:45 ` [PATCH v11 0/8] powerpc: Implement kexec_file_load() Andrew Morton
2016-11-29 22:17 ` Thiago Jung Bauermann
2016-11-30 4:52 ` Michael Ellerman
2016-11-30 13:03 ` Mimi Zohar [this message]
2016-12-01 1:14 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1480511026.18110.102.camel@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=bauerman@linux.vnet.ibm.com \
--cc=dyoung@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@ozlabs.org \
--cc=mpe@ellerman.id.au \
--cc=stewart@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox