From: Baoquan He <bhe@redhat.com>
To: Coiby Xu <coxu@redhat.com>
Cc: kexec@lists.infradead.org, "Ondrej Kozina" <okozina@redhat.com>,
"Milan Broz" <gmazyland@gmail.com>,
"Thomas Staudt" <tstaudt@de.ibm.com>,
"Daniel P . Berrangé" <berrange@redhat.com>,
"Kairui Song" <ryncsn@gmail.com>,
"Jan Pazdziora" <jpazdziora@redhat.com>,
"Pingfan Liu" <kernelfans@gmail.com>,
"Dave Young" <dyoung@redhat.com>,
linux-kernel@vger.kernel.org, x86@kernel.org,
"Dave Hansen" <dave.hansen@intel.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>
Subject: Re: [PATCH v4 0/7] Support kdump with LUKS encryption by reusing LUKS volume keys
Date: Fri, 7 Jun 2024 18:06:18 +0800 [thread overview]
Message-ID: <ZmLbmriQYol2JHKe@MiWiFi-R3L-srv> (raw)
In-Reply-To: <20240523050451.788754-1-coxu@redhat.com>
Hi Coiby,
On 05/23/24 at 01:04pm, Coiby Xu wrote:
> LUKS is the standard for Linux disk encryption. Many users choose LUKS
> and in some use cases like Confidential VM it's mandated. With kdump
> enabled, when the 1st kernel crashes, the system could boot into the
> kdump/crash kernel and dump the memory image i.e. /proc/vmcore to a
> specified target. Currently, when dumping vmcore to a LUKS
> encrypted device, there are two problems,
I am done with this round of reviewing. The overall approach looks good
to me, while there are places to improve or fix. I have added comment on
all things I am concerned about, please check. Thanks for the effort.
By the way, do you get confirmation on the solution from encryption/keys
developer of redhat internally or upstream? With my understanding, it
looks good. It may need their confirmation or approval in some ways.
Thanks
Baoquan
next prev parent reply other threads:[~2024-06-07 10:06 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-23 5:04 [PATCH v4 0/7] Support kdump with LUKS encryption by reusing LUKS volume keys Coiby Xu
2024-05-23 5:04 ` [PATCH v4 1/7] kexec_file: allow to place kexec_buf randomly Coiby Xu
2024-06-04 7:41 ` Baoquan He
2024-06-07 12:26 ` Coiby Xu
2024-05-23 5:04 ` [PATCH v4 2/7] crash_dump: make dm crypt keys persist for the kdump kernel Coiby Xu
2024-05-23 7:21 ` Greg KH
2024-05-25 7:57 ` Coiby Xu
2024-06-04 8:51 ` Baoquan He
2024-06-07 12:27 ` Coiby Xu
2024-06-10 2:00 ` Baoquan He
2024-10-18 1:44 ` Coiby Xu
2024-06-05 8:22 ` Baoquan He
2024-06-07 12:27 ` Coiby Xu
2024-06-10 1:18 ` Baoquan He
2024-10-18 1:02 ` Coiby Xu
2024-06-06 3:11 ` Baoquan He
2024-06-07 12:26 ` Coiby Xu
2024-05-23 5:04 ` [PATCH v4 3/7] crash_dump: store dm keys in kdump reserved memory Coiby Xu
2024-05-24 3:17 ` kernel test robot
2024-06-04 13:54 ` Baoquan He
2024-06-07 12:26 ` Coiby Xu
2024-05-23 5:04 ` [PATCH v4 4/7] crash_dump: reuse saved dm crypt keys for CPU/memory hot-plugging Coiby Xu
2024-06-04 13:52 ` Baoquan He
2024-05-23 5:04 ` [PATCH v4 5/7] crash_dump: retrieve dm crypt keys in kdump kernel Coiby Xu
2024-06-07 9:50 ` Baoquan He
2024-06-07 12:27 ` Coiby Xu
2024-05-23 5:04 ` [PATCH v4 6/7] x86/crash: pass dm crypt keys to " Coiby Xu
2024-06-07 9:57 ` Baoquan He
2024-06-07 12:27 ` Coiby Xu
2024-05-23 5:04 ` [PATCH v4 7/7] x86/crash: make the page that stores the dm crypt keys inaccessible Coiby Xu
2024-06-07 10:00 ` Baoquan He
2024-06-07 12:27 ` Coiby Xu
2024-06-07 10:06 ` Baoquan He [this message]
2024-06-07 12:26 ` [PATCH v4 0/7] Support kdump with LUKS encryption by reusing LUKS volume keys Coiby Xu
-- strict thread matches above, loose matches on Subject: below --
2024-06-07 12:26 Coiby Xu
2024-06-08 1:26 ` Coiby Xu
2024-06-08 9:10 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZmLbmriQYol2JHKe@MiWiFi-R3L-srv \
--to=bhe@redhat.com \
--cc=berrange@redhat.com \
--cc=coxu@redhat.com \
--cc=dave.hansen@intel.com \
--cc=dyoung@redhat.com \
--cc=gmazyland@gmail.com \
--cc=jpazdziora@redhat.com \
--cc=kernelfans@gmail.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=okozina@redhat.com \
--cc=ryncsn@gmail.com \
--cc=tstaudt@de.ibm.com \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox