Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp4552176ybg; Mon, 21 Oct 2019 10:40:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqxoDqS8hLxTRL812AHhS9+nHy+cmuNnr3Ga/HVnPiZ7R310bLfACGiYALMQZt9hY/7XoGdE X-Received: by 2002:a17:906:5907:: with SMTP id h7mr22983987ejq.328.1571679654291; Mon, 21 Oct 2019 10:40:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571679654; cv=none; d=google.com; s=arc-20160816; b=pee17aDS9O1WPB6+7SMABgUBLZGPoxMJ7nb5Ty7CFIHfgkH3zpYIcvM3mjIIF09L0k aCZiJ5TiVDG/oQy+bDg6nGLc9UtmfeaSv+GOJEXmAhmIrLRanrdNH934SREmFXwhomPF INAiCQTnPm1TBqRBonuPuYeRqGnZouiWq49/CXZNh28kyFCiOC1ZOZaR0EE10L7q+GiZ C3Bkq1FZk3eBh2q91ifcr6bC0HSJO/8kDvLiKfbzIocSCiRrl7aJPMPlTUD6CzVJrUmn AYWlWNgWrxDFnyvbt3YmOAX+RvcTtLkWIjYlWISF2T0wCj7FTdCKpitFPCa9J1xIsNBj 7JjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature:dkim-filter; bh=OppP3iKDSw2FPx3G6reM8oMns790vjDmP2JsXIZRv10=; b=e0Igu1Z0IgdKm3z/ERPyRaw2B8sI1oCUcw0SEmSLMDRFj4Q0auujr+yxr8tLwNocau /z0yO9XDevZDmyGYdTfdqAb7XrbGIcvUjb/xwrid0JFGWRn4QiMrV1arMfD8jpN76/Lg OthRWQkYSLHLzibbv1KL26IUHw2AYYKxSgByOKXe9NcVXwYTatmualj5WpJmXL7kjc3K l7+y2xiFFUvOewVmcYAb/jmABWkv85zFSeZCKK/7d04qbXqw0NyQ2LIfgskdIrTWr8/Z MO5hoA1WE10I3kHjh4qwh2TePtbl8fuEs12T3J4yZoJXFxhl/TyQxMAxqNIZy95CRRoo godw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=GwxpzdMx; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 4si10146810ejc.382.2019.10.21.10.40.28; Mon, 21 Oct 2019 10:40:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=GwxpzdMx; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728056AbfJURiq (ORCPT + 99 others); Mon, 21 Oct 2019 13:38:46 -0400 Received: from linux.microsoft.com ([13.77.154.182]:55542 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726672AbfJURip (ORCPT ); Mon, 21 Oct 2019 13:38:45 -0400 Received: from [10.137.104.46] (unknown [131.107.174.174]) by linux.microsoft.com (Postfix) with ESMTPSA id AE02B20106BE; Mon, 21 Oct 2019 10:38:44 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com AE02B20106BE DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1571679524; bh=OppP3iKDSw2FPx3G6reM8oMns790vjDmP2JsXIZRv10=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=GwxpzdMx19YB+EITwNb0/yASP6lZVpv7uOVBwfLbkTsMI8lKaRMHq8T3aqp94ZyfQ 1pOpEt6kBoJlE5o+iN+wepjET/nW7/1AwItQl9J0HrOBsfGul2zsQYl2peg2/EVmJi f0QCt6DBCuq00I5V+U+IszHLzNa7Vt1yJ5pq+qy4= Subject: Re: [PATCH V4 0/2] Add support for arm64 to carry ima measurement To: Pavel Tatashin , James Morse Cc: Mark Rutland , jean-philippe@linaro.org, arnd@arndb.de, Masahiro Yamada , sboyd@kernel.org, Catalin Marinas , Ard Biesheuvel , kexec mailing list , LKML , zohar@linux.ibm.com, takahiro.akashi@linaro.org, duwe@lst.de, bauerman@linux.ibm.com, allison@lohutok.net, linux-integrity@vger.kernel.org, Thomas Gleixner , Linux ARM References: <20191011003600.22090-1-prsriva@linux.microsoft.com> <87d92514-e5e4-a79f-467f-f24a4ed279b6@arm.com> <0053eb68-0905-4679-c97a-00c5cb6f1abb@arm.com> From: prsriva Message-ID: <11036cd6-2977-5f78-7fe7-1085ba31f005@linux.microsoft.com> Date: Mon, 21 Oct 2019 10:38:44 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/15/19 11:47 AM, Pavel Tatashin wrote: >> I think the UEFI persistent-memory-reservations thing is a better fit for this [0][1]. > > Hi James, > > Thank you for your thought. As I understand you propose the to use the > existing method as such: > 1. Use the existing kexec ABI to pass reservation from kernel to > kernel using EFI the same as is done for GICv3 tables. > 2. Allow this memory to be reservable only during first Linux boot via > EFI memory reserve > 3. Allow to have this memory pre-reserved by firmware or to be > embedded into device tree. > > A question I have is how to tell that a reserved region is reserved > for IMA use. With GICv3 it is done by reading the registers, finding > the interrupt tables memory, and check that the memory ranges are > indeed pre-reserved. > > Is there a way to name memory with the current ABI that you think is acceptable? > > Thank you, > Pasha > Friendly ping. Thanks, Prakhar Srivastava