Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp5244311iob; Mon, 9 May 2022 11:48:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxXeZryHoFvHuhXhbO9PH/0GBWZnVPad0w9cCmxoV/M6H/Ai5MPxR8p95ArGtWlZwSNXHhL X-Received: by 2002:a05:6a00:1a86:b0:50f:f4fd:c9a7 with SMTP id e6-20020a056a001a8600b0050ff4fdc9a7mr17333643pfv.46.1652122133890; Mon, 09 May 2022 11:48:53 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1652122133; cv=pass; d=google.com; s=arc-20160816; b=KQqbg6qijVmHgGGmO9oDyRg9GaKH6gr0RlvdzJS+pvYzBbzRfLaRnNP/nmio5wgBX5 yObNTcZU1eHpiT/MKfXy0agO8KoRp1emkt3vrLiF2YY6JZ4Epu4vhyutN/hNHVG0mYoq d+tE3LZRPvK51f0zIc/dnxsreX5diwT51SoyqcPP79QecjAVM8rjLV0IJQabECsjtnf6 xM3Ibbg1jx1ONUmnkn2HPsBjR0xWEvqOBeiHPHbXNjDj8FLSL5n+wYxaq5RY4wixkCND DpZuIN9RkgJGktMMHeFL/cFDDRuzctG6cgU+K+HDcy2YFDXU+c/hZaYYyn638Vv8fG+8 2HqQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-id:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from:dkim-signature; bh=usv8kPMXl4+KtapWLjLP2/jr4O1xV5aahUPWZCD+RQw=; b=eGGSQco293l4YmXuvChEDtooaPie6EocvMQoWMvyOKrBUgZOFqMhm0XNgqut5FZ+YL 4E4Uu+dg05IuhTYeFhfHC56u6ZGYIKFxavbNCs9tD96ri3Va2a5oGaFsKEMCMY3tYqyl +hlbdThTJtmyMKoCG1J5qF7skVQP64/Fn+HaaA2YaOyLC9ITCj7rNIl8nXhC9VmGMn2R FXX5Dbpux3ELS+3aagIABAMK2uqCbU+hPEPPEb9FebRM3pqk8wSuIR/Wg8kMLexiJLwc tIIuJejOq24bzJ2VtC9GIOtH62tCJXkDMSAeVICoqm/Mh5OLtb/TH3idlkyBEhLpdax7 4Asw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@fb.com header.s=facebook header.b="pl/0UGbY"; arc=pass (i=1 spf=pass spfdomain=fb.com dkim=pass dkdomain=fb.com dmarc=pass fromdomain=fb.com); spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=fb.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id o21-20020a17090ac71500b001c654567133si9194pjt.186.2022.05.09.11.48.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 May 2022 11:48:53 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@fb.com header.s=facebook header.b="pl/0UGbY"; arc=pass (i=1 spf=pass spfdomain=fb.com dkim=pass dkdomain=fb.com dmarc=pass fromdomain=fb.com); spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=fb.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id A920F16D5EC; Mon, 9 May 2022 11:41:50 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240274AbiEISpW (ORCPT + 99 others); Mon, 9 May 2022 14:45:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240279AbiEISpS (ORCPT ); Mon, 9 May 2022 14:45:18 -0400 Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 95F951595AC; Mon, 9 May 2022 11:41:21 -0700 (PDT) Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 249ILb2G026338; Mon, 9 May 2022 11:41:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : mime-version; s=facebook; bh=usv8kPMXl4+KtapWLjLP2/jr4O1xV5aahUPWZCD+RQw=; b=pl/0UGbY/ZR4LqXcKHlhQXpQFWA6+VO/89Hy5XeCzbNVzzbTncYMKxNJdeAeXyH+lDqA XE/hayKjEovVMRdmFX33/XmNMYcBVgw7xSwQYLBNkEYA3hlfkMt2gKUrLqY9AUAFA0IT piLD3DqulIivbTb5nUUFSFuLXY/1QPU1NMI= Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2170.outbound.protection.outlook.com [104.47.57.170]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3fwr33jgkx-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 09 May 2022 11:41:20 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l/tGT0mg2kQaRkB10WNCnGzSf4cWMIGVOW9OOG++xsGw82sjxg7VzRRxAuNgtguYrNCb72Vnk2jS+1y2AWqCQ5uO9Ce6q9BE8/VyeLEO6QKeI535ru06Oazd80rJouVLxgmmHH45IbE5iBEdADDa/d+zRNxuhc3Mf/AMvw1CNc1ig5sxJCODqIUDusMdEiaS7tmOktOnEuVX+xFcsTJ3/SdCInMCao1jav7eBNe6fB60fN02poslEXcGGk4DUSVNEzyqSUaJKcKTAfg+MFJwOI8+IGDUtR65RMDUUQfVwUsFFReDq8R9UEVzVWEZBmVSP/gPSRkbIWOH0gbqNS85nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=usv8kPMXl4+KtapWLjLP2/jr4O1xV5aahUPWZCD+RQw=; b=Cppt4++Bl8jlzNw9qvnzsFglXNzfFv9diKwvXJZMEB9cb2v71gl3brfUM0VRDDsfCslLU45H4xqdX+jLBEDRtkkffFSnBljvsVaqlugU4uDlu24k4lsPydOjn6A6M+HtkH1v9pBYmxkyXgoyKpHxebFe0j4CHN8+aEmm5pBG6AsETI1y8nydGyRnUaYFm8KkWn7kLEYZDzjnxfgh9RsUe/k1dYCvyWPtd9cGp2DA/5F5smK6bG6KiL0uoHEnIutpbBPbWx5NIZ3a2662rIAuXKPIn0UxE/dLAMiz2qypETMR+GRbS6oLiD461pZ8BDXDXZdY5bOvgIEYau/0zxnl9w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fb.com; dmarc=pass action=none header.from=fb.com; dkim=pass header.d=fb.com; arc=none Received: from SJ0PR15MB4552.namprd15.prod.outlook.com (2603:10b6:a03:379::12) by PH7PR15MB5426.namprd15.prod.outlook.com (2603:10b6:510:1fe::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.20; Mon, 9 May 2022 18:41:17 +0000 Received: from SJ0PR15MB4552.namprd15.prod.outlook.com ([fe80::af:a5d5:458b:4f4e]) by SJ0PR15MB4552.namprd15.prod.outlook.com ([fe80::af:a5d5:458b:4f4e%9]) with mapi id 15.20.5227.023; Mon, 9 May 2022 18:41:17 +0000 From: Jonathan McDowell To: Borislav Petkov CC: Thomas Gleixner , James Morris , Ingo Molnar , Dave Hansen , "H. Peter Anvin" , Dmitry Kasatkin , "x86@kernel.org" , Mimi Zohar , "Serge E. Hallyn" , "linux-kernel@vger.kernel.org" , "linux-integrity@vger.kernel.org" , "linux-security-module@vger.kernel.org" Subject: Re: [PATCH v2] Carry forward IMA measurement log on kexec on x86_64 Thread-Topic: [PATCH v2] Carry forward IMA measurement log on kexec on x86_64 Thread-Index: AQHYWY4yqojcPM99qUKBDg6v3vLzMa0WbyIAgAAMsgCAAGptgIAABpuAgAAIwgA= Date: Mon, 9 May 2022 18:41:17 +0000 Message-ID: References: <0960C132-581C-4881-8948-C566657C3998@alien8.de> In-Reply-To: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1b5fcfeb-adb7-487e-ab4f-08da31eb80ca x-ms-traffictypediagnostic: PH7PR15MB5426:EE_ x-microsoft-antispam-prvs: x-fb-source: Internal x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: vKZJZCoKkIfXpkAU7MfvYeK17fGsbZ4/nqpuidRDuqbt3rc4RgIEKIqaTxiQ3r5GNHqqs6HUZ2k51z+hiImtURrOiZYWlQdVA1kxb5Wr9FPWeId61UJbzpCMGo1knDi+RV44frDi3IJi9FYlXWoOEBaujNuGnkfS3QPaKH4MAw2LZMn6sLuo2zJme7uRGr1hySb/KojQEJmO2fB+d5aFCVOu4Qt65nTiXpHiMWsCRXUG7AiAXxikCbRtaFBEcAC0ipHAhMr7fEyIIPuJQFzC26v48eoNe3qW8TWqu6MGhARmEmQhpxRJhxQk7DfZ09uNB7EIVxxoPvZg5c/DKzBNWKiKSrfaL8uCIyH09PAUNe5LrVVTsUHvS2mW0khyZGTrAvA3yvEU8y5rZOMqhgk5Au1ZvQvy+VXSWRsHfyO8FblwddHArA0O36vf8Zo+0GibkHJs2XZnzAXDYfjIyNIP00GW8i2XveAoiHRnEEQxRuPvHu+J3G25E1GB0p0VW305s+oF7WkJD2S6x2SLnOcTZqiPAqOEMHVRH8WDSiuasBU/VN65DLFRUNOgxConB7GFgBzPZrVAdmAuFsYUKf7/lAticO/wAsfklgybjXFG5nVeEVxB6pSEtM8bXrmnYHxfWXN+CKMrGBBNOX5dLcbPBKpV6lH6NTDilG01WVgVHu6NFTsuTMzGwd+IOdBmSC5XtM3WkYXnsU2kG9yk1Qy7fg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR15MB4552.namprd15.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(5660300002)(7416002)(508600001)(66946007)(38070700005)(54906003)(6916009)(316002)(8936002)(6506007)(9686003)(26005)(6512007)(8676002)(83380400001)(4326008)(64756008)(86362001)(6486002)(76116006)(66446008)(38100700002)(186003)(66476007)(91956017)(66556008)(122000001)(2906002)(71200400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?F83e/CRYUWYsuQNxqsLu/92bc+iqFA8PBXTukXbiC8SZ5MkfbOn3jZYx7gvz?= =?us-ascii?Q?LPjofqmgcveDSvpFU8S25D7A23CfNvhO24rJgRUqVo3M2L1d/GETjvgd1k+k?= =?us-ascii?Q?TKIcyv3nFYNNVKJ0LijemwC42NuZ29Cu1Bt55Nz2D3WHj0Kg0PIp0oC07A5N?= =?us-ascii?Q?2SAAE86L5bgfQB3+I5tob7MlVIssrbaEZukzelISSwX6pm9owsaWTI301Wn4?= =?us-ascii?Q?BRF0P/ELq6m8iRiPauMbxZv0U656T8qWDaiJhPHKC1p1NfCJT9wnB1j1cM7+?= =?us-ascii?Q?8CycA5Kv0hMvVZB+cRHT1lzv8Sbh7HzP1Z383swYJgb6d5eO/hQUz9aRQyNj?= =?us-ascii?Q?Bd0LOCXDi3Xb/khhAivvpp4eU3MxpT7rqIaYKp1vhyc+7jwsAQOxGSRaS7q8?= =?us-ascii?Q?IjNiIxTQ5/o9tRrLYK7ijigkz9XDReZhXvK2w+9MBazUR6d7Zn9eBIh5qIXk?= =?us-ascii?Q?FZmv+hAVBX/WPj2F39gSJvtTdUWM+rxnnarPA7dZ74hBZgri8qKBu8zAg3fO?= =?us-ascii?Q?0R/+LUlL23orirDmjFy8nMlq2/8ot6Ax05pqc29vg58/DhqlWsQcGjFYXdz0?= =?us-ascii?Q?MDeD9TkqMi43ZMqHoq7rj6zgcVumd6VhcQE28N24vMsHgHR6RJeI57W6X4li?= =?us-ascii?Q?8yD/qiOhn8siOyPKGHMgT8KAS3tvE5yWzhvlnkFtFgSGcHrAbF9cTNEquaoC?= =?us-ascii?Q?Fh4aPVfZDJ7T/G5Sg6hGj+jEvE5twVhLjzDzxX31Ykx6aOJiCrZVtni8Q2dr?= =?us-ascii?Q?uhk6rCiNW9kD4VO3XIWuYHDcEyBL92BslyCNQjnJop5qSUtnuayo2sBBzSrD?= =?us-ascii?Q?NcBHVVkzZdQHfupf4mw9YxhbHdlfbf446J0sb65FqxU8ZQVZtKCyvaUtPJ10?= =?us-ascii?Q?yAwxx1MnehFo2NctrZWFHtO3Pi4JaUZIXzxsK760GLf209sSPVqEP+yUYqTU?= =?us-ascii?Q?tuMaOx05Vy9TBdW0q9j8WEvrpEIw8DJPghLwEHSF7FU83bpsOfukJoOwKFKb?= =?us-ascii?Q?5jeNo4sIhx6u7/xWSrmBUvthvGw+jpdL44r2t/hOfjhgCMwoc4+Xw3WNzyat?= =?us-ascii?Q?uRedmTnhSQYg7JK6caB7AYc7nlE+DdEFVNlVl7xSC7nmWIkBZ2LOMcVpap2I?= =?us-ascii?Q?MX+wLl3mztnCQdkMll0meUe4J9v7QSgLRLKzox9/uKkrJWAFaxy1IkN3O/hj?= =?us-ascii?Q?mfrOUGgcw0AzmLklN6VpntEj0LYZwcBhU5VvReWkgPyNk/rw0e8DcloaSWKc?= =?us-ascii?Q?BOrqZxAEisDK1hQv5jdNd0t3T31gnXv8F6WJcctWxPpgvUUCdeu/DHhuXL5l?= =?us-ascii?Q?fcqFkxUs6kqL+0JZR4eO63uK60BrcWueMMUF7dGE+b87vm5n/0+L2X+LJdCf?= =?us-ascii?Q?JKGybf/jEIhMDg+hNSPu9LXtCVVVVbjGSmnwIgQ89xlDUMXN4cEbE0D2H9ym?= =?us-ascii?Q?xvHHTZVX4eaBT1yuzscUdv1WNGm35ExZsnwWR5leXvzYho0McDPOuhXKqPok?= =?us-ascii?Q?SM8Y77+c62T1b5jMfe+J7Ls+35UsF0WhGAlc4uLMClaz27ySOOZKgHLqtS7A?= =?us-ascii?Q?mfVnCl54hqsKCqRGC0o4Y2e9JWyGzoKwNfSGNeu02otONbykkpgrjHBWSdzW?= =?us-ascii?Q?uhFkredvK9qq/CSC1ZuO/0k616NcmoXYcq8p8dRv9yAmS7+4pVbVpWq9X9XT?= =?us-ascii?Q?EnLywF8lLHtENX4iALR4o5F3uNevNxRXt4kL8CRBAuFGWCpviHvsD3aW1Riz?= =?us-ascii?Q?/V0ADYCAlw=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-ID: MIME-Version: 1.0 X-OriginatorOrg: fb.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ0PR15MB4552.namprd15.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1b5fcfeb-adb7-487e-ab4f-08da31eb80ca X-MS-Exchange-CrossTenant-originalarrivaltime: 09 May 2022 18:41:17.3719 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: POBNxfyilzTr3Wq8TvcVdtsEJ8+gey8CctdgoK1fCsGRGyGrL0nWNpYBGMxF0yfm X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR15MB5426 X-Proofpoint-ORIG-GUID: f5D-41B5BCmoZZAX118l_4MyvJ5nDA_1 X-Proofpoint-GUID: f5D-41B5BCmoZZAX118l_4MyvJ5nDA_1 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.858,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-09_05,2022-05-09_02,2022-02-23_01 X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 09, 2022 at 08:09:55PM +0200, Borislav Petkov wrote: > On Mon, May 09, 2022 at 05:46:22PM +0000, Jonathan McDowell wrote: > > Device tree on x86 doesn't seem to be a thing; > > Not a thing? What does that even mean? Let me rephrase more verbosely. Device tree on x86 seems to be a rarely enabled config option that is only required on a couple of platforms and lacks the same level of integration with the x86 boot process (compared to PowerPC and ARM64) such that a) there's a lot more code that would need to be written to even get to the point that it could be used in the same manner for passing the IMA buffer as on other platforms and b) I'm not sure whether or not it might introduce other issues due to this lack of use/testing. > We have arch/x86/kernel/devicetree.c which adds some minimal devicetree > support. > > > none of the distros I regularly use enable CONFIG_OF for x86, I can > > only find 2 32-bit x86 platforms that actually select it and none of > > the plumbing for kexec on x86 ties in device tree. > > And? That can get changed and enabled and so on. > > > I agree for platforms that make active use of device tree that's the > > appropriate path, but it doesn't seem to be the case for x86. > > I'm not sure what you're aim here is? > > You want to pass that IMA measurement to the kexec kernel with minimal > changes, i.e., change only the kernel? I'd like to be able to take an internal kernel buffer and pass it to the newly kexeced kernel, yes. I'd like that to be possible with the kexec_file_load() path, which allows for things like kernel signing, which I believe precludes providing the data from user space. > Why can't distros be also changed to use devicetree for the IMA > measurement, like the other arches do? Why does x86 need to do it > differently? > We also pass info to the kexec kernel by reading it from sysfs > and having kexec tools pass it to the kexec-ed kernel, see > Documentation/ABI/testing/sysfs-firmware-efi-runtime-map AFAICT kexec passes EFI details using SETUP_EFI, which is what I modelled the SETUP_IMA support on (1fec0533693cd74f2d1a46edd29449cfee429df0). In the old syscall variant the kexec tools do read /sys/firmware/efi/runtime-map and create a setup_data entry of type SETUP_EFI, in the new file based kexec that is done inside the kernel in a similar fashion to what I've done with SETUP_IMA. > So is there any particular reason/pressing need to pass the measurement > with setup_data? I'm not tied to setup_data but given the concerns I raise above with device tree on x86 and the need to handle this in the kernel it seemed like a reasonable first approach. You seem to be saying it's not and either adding the device tree infrastructure or doing a command line hack would be preferable? J.