Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp5984567ybe; Tue, 10 Sep 2019 11:44:41 -0700 (PDT) X-Google-Smtp-Source: APXvYqyKpqc9eQwZUgBdhyggv/phQLe4ftSAp0QrCw4U/gsd7fomphwqQL69p8ERdmPeBxHX3Y2I X-Received: by 2002:a17:906:cf85:: with SMTP id um5mr25770010ejb.186.1568141081113; Tue, 10 Sep 2019 11:44:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568141081; cv=none; d=google.com; s=arc-20160816; b=Tn0HkALrUdKsNdf796HDJUBLQ1Rjr1KFiBnzTAKT6O6XdrvFo3TYPz67QSo0XR0ZJR EKLbah6mxUy1fogu2L3Ae8ZbpbOSV18/x4LVMk1iN1rnanK15+ARC6rheWKicy2V9qZ1 TStF2YZcmcx2CYo9DJGBKxlpBM+dUR9aAslrRECc7Y6cpaWPCD4pX1VOdvK0d+2QhLaM QXfHGMddLXQeAFZmJ/aQDdkyvqn8HEvyVAZaxn3CMiZH2lJdKvVEvACN7VPKDnLUFXxi 7V4y1Y+Dm61EfiXBopV5rozRXnR4wLMlTuCHNmaAVIf9Geb/oPjYqkjEPKBFOiBAi0sB 7+Cg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-filter; bh=Ck10hN0ALxc3sSRE3XtIyS5Uu6gzIjAki3xqqRZZhHc=; b=vVo/ijjtFzfbTGt/QvQ0U3c/qTuGw0s9odzS5ezvOsCfmF5XkYTOEkDDBe+z2lYtQU 68jnc9DOjju4FbfsX7JhTSC/3bl67bOMUKTdaQUBfApjUnDw9WGkSvsZ0pcBqOfLrit8 f1jh7Kg9oRXBQZQN5D9jeioue2sl/7/kyallmBz56vdbZomlgwLqvsuWaQ3bT1EQywRH RQ0r6WyY7pKfQTTO41msuTaz/HVq2Xn/xhQ1SN39PyhGivo3/MScCIfurPb5YKq7QZra AdN7FqI/Bvr6VD3RdqV7z/C6LwuYn/PSwwLehbeIx81AU19is8EnkAFaQZk1wInqDccQ nyFw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v24si10952231edq.156.2019.09.10.11.44.16; Tue, 10 Sep 2019 11:44:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731990AbfIIXOR (ORCPT + 99 others); Mon, 9 Sep 2019 19:14:17 -0400 Received: from linux.microsoft.com ([13.77.154.182]:48980 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728818AbfIIXOQ (ORCPT ); Mon, 9 Sep 2019 19:14:16 -0400 Received: from prsriva-Precision-Tower-5810.corp.microsoft.com (unknown [167.220.2.18]) by linux.microsoft.com (Postfix) with ESMTPSA id 27A8F20B7186; Mon, 9 Sep 2019 16:14:16 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 27A8F20B7186 From: Prakhar Srivastava To: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org Cc: arnd@arndb.de, jean-philippe@linaro.org, allison@lohutok.net, kristina.martsenko@arm.org, yamada.masahiro@socionext.com, duwe@lst.de, mark.rutland@arm.com, tglx@linutronix.de, takahiro.akashi@linaro.org, james.morse@arm.org, catalin.marinas@arm.com, sboyd@kernel.org, bauerman@linux.ibm.com, zohar@linux.ibm.com Subject: [RFC PATCH v1 0/1] Add support for arm64 to carry ima measurement log in kexec_file_load Date: Mon, 9 Sep 2019 16:14:08 -0700 Message-Id: <20190909231409.20461-1-prsriva@linux.microsoft.com> X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add support for arm64 to carry ima measurement log to the next kexec'ed session triggered via kexec_file_load. - Top of Linux 5.3-rc6 Currently during kexec the kernel file signatures are/can be validated prior to actual load, the information(PE/ima signature) is not carried to the next session. This lead to loss of information. Carrying forward the ima measurement log to the next kexec'ed session allows a verifying party to get the entire runtime event log since the last full reboot, since that is when PCRs were last reset. Changelog: v1: - add new fdt porperties to mark start and end for ima measurement log. - use fdt_* functions to add/remove fdt properties and memory allocations. - remove additional check for endian-ness as they are checked in fdt_* functions. v0: - Add support to carry ima measurement log in arm64, uses same code as powerpc. Prakhar Srivastava (1): Add support for arm64 to carry ima measurement log in kexec_file_load arch/arm64/Kconfig | 7 + arch/arm64/include/asm/ima.h | 29 ++++ arch/arm64/include/asm/kexec.h | 5 + arch/arm64/kernel/Makefile | 3 +- arch/arm64/kernel/ima_kexec.c | 213 +++++++++++++++++++++++++ arch/arm64/kernel/machine_kexec_file.c | 6 + 6 files changed, 262 insertions(+), 1 deletion(-) create mode 100644 arch/arm64/include/asm/ima.h create mode 100644 arch/arm64/kernel/ima_kexec.c -- 2.17.1