Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp985412iob;
        Fri, 13 May 2022 18:37:05 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxvzPve1XSB/6IrZtM8Np1yugMMOhlKhcn+DnBiwolQTh/oyOIqxoLT3vCYN8pjwwnZ5f+i
X-Received: by 2002:a05:600c:4e86:b0:394:815b:19ec with SMTP id f6-20020a05600c4e8600b00394815b19ecmr7029773wmq.189.1652492225623;
        Fri, 13 May 2022 18:37:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1652492225; cv=none;
        d=google.com; s=arc-20160816;
        b=VgKELld3eWsjFUCN06shSyQBnC81XDpAFMdR+rrvdrDLfy8v87M/JLjmi7LYbNYSxh
         b6FDl16kggg99cAXL441IugC4s5rBhjKDo1XTVPonI4k+dbvpBAzcet9vnhaAsafQ5js
         5QRngGrp/ws9kXBhkV9FchPUA6NJthRtcS8R1afAbZPpGRZNUtXCEZ5cSuIHun5yk8lo
         ieu0uPnUARqgKwabygPkPeG2F+kwcdQRUr1vRQN9b/PknmSwJV712QbPY9NGUOwSAhvX
         VlcXHccpuCkJjZ5Mb75yqCDLxMBnFuaXAeh2L/zq8Ie0rUJ1EpiPClXNYs7+EU5vURH6
         qX5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=9m59m31zWjI88PU/fkJ+2jBtK+MMPKzeFSYoFIaJt9c=;
        b=s+/2W1Xzl/nMHeARKYsQipN8Ew3T2d1RxW6Y8YvQ+2ZbOTFHSYYzY9JVUou276K9XH
         OF7979offZdl8KmY73Gspmru1TeOW6T2SxGv4+2QkY1M/APjQD2XJW3b/LPbMZrtLt/Y
         FTFthEQoJcTjkauTuIhHIhnaiR65hqd76II3Fqy1LAh75b0xllrVVgvswWDm3dfIE29t
         nyretHfMtaH285rLyFBBkZkrg8JpG/xnZdW20I3r5IGj+R+RRlSBYDcJ3aD022dCRqAK
         GB6Tygugubuswi5wY+GR7F+1ybZili5g9DgHJ5nWoIYv56LVmcLinueBq28v4IVgZ/uP
         6ySg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=hFs+QH3V;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19])
        by mx.google.com with ESMTPS id b7-20020a05600018a700b002061075aeafsi5023004wri.31.2022.05.13.18.37.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 13 May 2022 18:37:05 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=hFs+QH3V;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 0D38F414286;
	Fri, 13 May 2022 17:03:54 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345927AbiELEdz (ORCPT <rfc822;stevenley.huang@gmail.com>
        + 99 others); Thu, 12 May 2022 00:33:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50434 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1346463AbiELEdu (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 12 May 2022 00:33:50 -0400
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 1385C218FCE
        for <linux-kernel@vger.kernel.org>; Wed, 11 May 2022 21:33:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1652330018;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=9m59m31zWjI88PU/fkJ+2jBtK+MMPKzeFSYoFIaJt9c=;
        b=hFs+QH3VSLYLL+GcmLe23/y/SpLzyLPJZ5L07aosfy/pP+dWAun4JpNi6wDojZwELAoaSS
        aHh7X6QXmnmVJDwwJmyYs1rAWKf7ra++PJ1iV7TMSz2Jmgnw3tsg7lR663+l1/fnIIWoxE
        kCR6GmUfy2Jr+3/ITsO3Sc5yQmWaJhY=
Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com
 [209.85.210.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-621-X0LD5W0KNH6Ml8ysa-8SJQ-1; Thu, 12 May 2022 00:33:36 -0400
X-MC-Unique: X0LD5W0KNH6Ml8ysa-8SJQ-1
Received: by mail-pf1-f199.google.com with SMTP id u25-20020aa78499000000b0050d328e2f6bso2067100pfn.7
        for <linux-kernel@vger.kernel.org>; Wed, 11 May 2022 21:33:36 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=9m59m31zWjI88PU/fkJ+2jBtK+MMPKzeFSYoFIaJt9c=;
        b=ZULrBOr694FTYN1lOXTxvja1uMAEXzy+Aj7GTZe4XpLkXsGLfIjGihdaOeZIUUyEAd
         kmzgw/raZcj3TgXRyb15dwHGY11ONbqx88hwubRAzNYa3IFDj4OtZg+JcstURA7zvghS
         Z1qYKYbqk55PahuxYhj6jfHU86rQMvSwRA9ZehBe+Jlm/s/VupDHE8ylI98DGcSLvf82
         cTfXUHqiJmeL/3OdyZYhr/s852wMPfIoyi1Jw1HwHjUBxXrCr34M/Mg8s6TcANCIdYRK
         W/G2eLMauFGFecHOQ6aopm555xIi6bYI54fMqPACU0X6V5/9esz71R/he4CbBULMUqjq
         JGAQ==
X-Gm-Message-State: AOAM532//zlBi13kInD3jiiOp7AZI4NXxxIUc2MGqNz6X0FytP4ASOGl
        K82c7PgheciUtNDQFpu0LWmJlXyluUX78VQmEHpqxFEOZ07GtZ+i2lOiwNPNn+DZB47BXl43qu/
        E0vqTGVILFbKWy0YQTut3N7bg
X-Received: by 2002:a17:903:32d0:b0:15e:8cbc:fd39 with SMTP id i16-20020a17090332d000b0015e8cbcfd39mr29480055plr.95.1652330015204;
        Wed, 11 May 2022 21:33:35 -0700 (PDT)
X-Received: by 2002:a17:903:32d0:b0:15e:8cbc:fd39 with SMTP id i16-20020a17090332d000b0015e8cbcfd39mr29480024plr.95.1652330014959;
        Wed, 11 May 2022 21:33:34 -0700 (PDT)
Received: from localhost ([209.132.188.80])
        by smtp.gmail.com with ESMTPSA id p3-20020a170902780300b0015e8d4eb293sm2755119pll.221.2022.05.11.21.33.34
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 11 May 2022 21:33:34 -0700 (PDT)
Date:   Thu, 12 May 2022 12:33:10 +0800
From:   Coiby Xu <coxu@redhat.com>
To:     Baoquan He <bhe@redhat.com>
Cc:     kexec@lists.infradead.org, linux-arm-kernel@lists.infradead.org,
        Michal Suchanek <msuchanek@suse.de>,
        Dave Young <dyoung@redhat.com>, Will Deacon <will@kernel.org>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        Mimi Zohar <zohar@linux.ibm.com>, Chun-Yi Lee <jlee@suse.com>,
        keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
        stable@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@kernel.org>,
        "H. Peter Anvin" <hpa@zytor.com>,
        "open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)" 
        <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v7 2/4] kexec, KEYS: make the code in
 bzImage64_verify_sig generic
Message-ID: <20220512043310.v3e22423ybe4z65e@Rk>
References: <20220512023402.9913-1-coxu@redhat.com>
 <20220512023402.9913-3-coxu@redhat.com>
 <Ynx1DUvDTL1R4Pj5@MiWiFi-R3L-srv>
 <YnyEafqEcSh/wRRN@MiWiFi-R3L-srv>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <YnyEafqEcSh/wRRN@MiWiFi-R3L-srv>
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, May 12, 2022 at 11:52:09AM +0800, Baoquan He wrote:
>On 05/12/22 at 10:46am, Baoquan He wrote:
>> On 05/12/22 at 10:34am, Coiby Xu wrote:
>> > commit 278311e417be ("kexec, KEYS: Make use of platform keyring for
>> > signature verify") adds platform keyring support on x86 kexec but not
>> > arm64.
>> >
>> > The code in bzImage64_verify_sig makes use of system keyrings including
>> > .buitin_trusted_keys, .secondary_trusted_keys and .platform keyring to
>> > verify signed kernel image as PE file. Make it generic so both x86_64
>> > and arm64 can use it.
>> >
>> > Note this patch is needed by a later patch so Cc it to the stable tree
>> > as well.
>>
>> This note should not be added in log.
>>
>> >
>> > Cc: kexec@lists.infradead.org
>> > Cc: keyrings@vger.kernel.org
>> > Cc: linux-security-module@vger.kernel.org
>> > Cc: stable@vger.kernel.org # 34d5960af253: kexec: clean up arch_kexec_kernel_verify_sig
>
>Hold on, should we CC stable when it's not fixing an issue?
>
>Hi Coiby,

Hi Baoquan,

>
>Just to make clear , is this patch fixing an issue, or it's just an
>preparation for later patch's use?
>
>Or I should ask in another way, any problem is solved with this patch?

At least it doesn't fix an issue that satisfy the criteria listed in 
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html

>
>
>> > Reviewed-by: Michal Suchanek <msuchanek@suse.de>
>> > Signed-off-by: Coiby Xu <coxu@redhat.com>
>> > ---
>>
>> You can put the note here, it won't be added to commit log when merged.
>> Maybe it can be removed when merged.

Thanks for the suggestion! Shall I send a version to fix this problem or
can I just bother the maintainer to remove it?


>>
>> Otherwise, LGTM
>>
>> Acked-by: Baoquan He <bhe@redhat.com>
>>
>> >  arch/x86/kernel/kexec-bzimage64.c | 20 +-------------------
>> >  include/linux/kexec.h             |  7 +++++++
>> >  kernel/kexec_file.c               | 17 +++++++++++++++++
>> >  3 files changed, 25 insertions(+), 19 deletions(-)
>> >
>> > diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c
>> > index 170d0fd68b1f..f299b48f9c9f 100644
>> > --- a/arch/x86/kernel/kexec-bzimage64.c
>> > +++ b/arch/x86/kernel/kexec-bzimage64.c
>> > @@ -17,7 +17,6 @@
>> >  #include <linux/kernel.h>
>> >  #include <linux/mm.h>
>> >  #include <linux/efi.h>
>> > -#include <linux/verification.h>
>> >
>> >  #include <asm/bootparam.h>
>> >  #include <asm/setup.h>
>> > @@ -528,28 +527,11 @@ static int bzImage64_cleanup(void *loader_data)
>> >  	return 0;
>> >  }
>> >
>> > -#ifdef CONFIG_KEXEC_BZIMAGE_VERIFY_SIG
>> > -static int bzImage64_verify_sig(const char *kernel, unsigned long kernel_len)
>> > -{
>> > -	int ret;
>> > -
>> > -	ret = verify_pefile_signature(kernel, kernel_len,
>> > -				      VERIFY_USE_SECONDARY_KEYRING,
>> > -				      VERIFYING_KEXEC_PE_SIGNATURE);
>> > -	if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) {
>> > -		ret = verify_pefile_signature(kernel, kernel_len,
>> > -					      VERIFY_USE_PLATFORM_KEYRING,
>> > -					      VERIFYING_KEXEC_PE_SIGNATURE);
>> > -	}
>> > -	return ret;
>> > -}
>> > -#endif
>> > -
>> >  const struct kexec_file_ops kexec_bzImage64_ops = {
>> >  	.probe = bzImage64_probe,
>> >  	.load = bzImage64_load,
>> >  	.cleanup = bzImage64_cleanup,
>> >  #ifdef CONFIG_KEXEC_BZIMAGE_VERIFY_SIG
>> > -	.verify_sig = bzImage64_verify_sig,
>> > +	.verify_sig = kexec_kernel_verify_pe_sig,
>> >  #endif
>> >  };
>> > diff --git a/include/linux/kexec.h b/include/linux/kexec.h
>> > index 413235c6c797..da83abfc628b 100644
>> > --- a/include/linux/kexec.h
>> > +++ b/include/linux/kexec.h
>> > @@ -19,6 +19,7 @@
>> >  #include <asm/io.h>
>> >
>> >  #include <uapi/linux/kexec.h>
>> > +#include <linux/verification.h>
>> >
>> >  /* Location of a reserved region to hold the crash kernel.
>> >   */
>> > @@ -202,6 +203,12 @@ int arch_kexec_apply_relocations(struct purgatory_info *pi,
>> >  				 const Elf_Shdr *relsec,
>> >  				 const Elf_Shdr *symtab);
>> >  int arch_kimage_file_post_load_cleanup(struct kimage *image);
>> > +#ifdef CONFIG_KEXEC_SIG
>> > +#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
>> > +int kexec_kernel_verify_pe_sig(const char *kernel,
>> > +				    unsigned long kernel_len);
>> > +#endif
>> > +#endif
>> >  int arch_kexec_locate_mem_hole(struct kexec_buf *kbuf);
>> >
>> >  extern int kexec_add_buffer(struct kexec_buf *kbuf);
>> > diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
>> > index 3720435807eb..754885b96aab 100644
>> > --- a/kernel/kexec_file.c
>> > +++ b/kernel/kexec_file.c
>> > @@ -165,6 +165,23 @@ void kimage_file_post_load_cleanup(struct kimage *image)
>> >  }
>> >
>> >  #ifdef CONFIG_KEXEC_SIG
>> > +#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
>> > +int kexec_kernel_verify_pe_sig(const char *kernel, unsigned long kernel_len)
>> > +{
>> > +	int ret;
>> > +
>> > +	ret = verify_pefile_signature(kernel, kernel_len,
>> > +				      VERIFY_USE_SECONDARY_KEYRING,
>> > +				      VERIFYING_KEXEC_PE_SIGNATURE);
>> > +	if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) {
>> > +		ret = verify_pefile_signature(kernel, kernel_len,
>> > +					      VERIFY_USE_PLATFORM_KEYRING,
>> > +					      VERIFYING_KEXEC_PE_SIGNATURE);
>> > +	}
>> > +	return ret;
>> > +}
>> > +#endif
>> > +
>> >  static int kexec_image_verify_sig(struct kimage *image, void *buf,
>> >  		unsigned long buf_len)
>> >  {
>> > --
>> > 2.35.3
>> >
>>
>

-- 
Best regards,
Coiby