Received: by 2002:ab2:6309:0:b0:1fb:d597:ff75 with SMTP id s9csp931238lqt; Fri, 7 Jun 2024 03:07:07 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXaG8ApFoQWrTl8YtP9kPtfNT182cDwB2+hJNdSK3TVeaFwDYAX5jXmZIcoiDsSoLHvZ0Xr6mM3R2NEXDFQtUtJiwRV9aCYYH8jO1I80w== X-Google-Smtp-Source: AGHT+IEfs2pU86efzR7xG/TJb+cNKfQP+G8/75mFAwcGyMlFDr8liWEnMmZ74ObwLZOsu/d1x20Y X-Received: by 2002:a1f:7206:0:b0:4eb:2550:ef36 with SMTP id 71dfb90a1353d-4eb562198f2mr2380876e0c.2.1717754827448; Fri, 07 Jun 2024 03:07:07 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717754827; cv=pass; d=google.com; s=arc-20160816; b=v20ptXaizRSF1NgYTyuecC1cv2AHCtTu01M29z9QyM7L2/4taB5Z4rhbqt8QEXD5fa 0WKe2IQbuTmP2jQeSRqkkRfL7MFVt1zwa4Uz2ocokIzjYQwrlj7fTuSjFW6nZh3MbmBm Ylan5CIUO2tLHhzsf8d0kn8MoVMRFEXWeL4Glj3xG/QlYGSYOJC5b8WmrWl4p5oidEm8 YBPT5Bi/PPuR6Vl9CSXpvbLVN71cdmTmu6a0Lu9q5RMYHMLkS58D7PREsD+YXPwQfphM dwYaSGQlSHCZ0GUsqHSfjpf3Bux01DaTSpSWFIHgrJ3bvUo1NVCRIS4RTWrUpWYs6DUA hvLg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=yfXT27/V8eVslu1sjaWJNY2m3Cho9rYaMlS4D6NlPsY=; fh=6VvMWyn3wPZV2vAPnPGgw1kGEYTqZmOHhXvuL+GGUno=; b=QOyrWAyJ1zzJ8M8I9p/8mbWySVoinQR2pQdyQIhY2w1KGonWRXbm1yh1RZBVxE3yMY 2mGZBW/J+HiUqR9BhLNM5evI59leigL1Fj7y9rpoiT+O3fy4gs8RQ64tvdquOqcPJ8D5 zHMQmK249EG5P2ITtEDJ+3IHTK9BeIaalJq14XMsoTlY+7BvlsApaVlcz0YkBDP9O+YT +b57RZWM6bM/nHtX/plWdjm4G+RRV8e2OzaDW6j8rxdLVW+0LsyXdkL20XJvp7vear/n a4VHvt+AQcc1d6C6pfNnttpNSpsoPs4/jYsxree1B3RHso5uvmSscs9bKuVkAb7FBmOn sK3Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KRGZPq5A; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-205788-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-205788-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id 71dfb90a1353d-4eb4ac8e7d3si633744e0c.108.2024.06.07.03.07.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Jun 2024 03:07:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-205788-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KRGZPq5A; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-205788-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-205788-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 297711C20C89 for ; Fri, 7 Jun 2024 10:07:07 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1AA71158214; Fri, 7 Jun 2024 10:06:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="KRGZPq5A" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BFE28157A76 for ; Fri, 7 Jun 2024 10:06:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717754798; cv=none; b=NG4uPKKp181/mCrxPss4UTCOxxH8jj/vGhUtgmmh+T+nZURuiFwlu3WIrgewn3677jnTHF8ftB1rvzMGKdclPyT+MlaDmSvoJ9J+9enaQL84wvb5tHNLzAyrlV8w6oC6HmoO0oW3X0ouSqzQHprTVUHcefBpnRox7hqtxMnvhfE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717754798; c=relaxed/simple; bh=yfXT27/V8eVslu1sjaWJNY2m3Cho9rYaMlS4D6NlPsY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=c2+pJ17gobFs8btwJWWxHs5t7DLhvd46GU8WKYgW02ThRfiBkv0uRzfqJY+y3pb/29Ds+l+Y2TaXgOdy3BDvy/YnROGdIfBN3adv7hytGU3gXFjd/Q2jVYRI6QGVrkJkRwgelzaxZMKqbiHz1A9qVvSL0EOhNXgBiG+1rK3MFEA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=KRGZPq5A; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1717754795; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=yfXT27/V8eVslu1sjaWJNY2m3Cho9rYaMlS4D6NlPsY=; b=KRGZPq5A869TYCTgSyUFtn/i5JqyR/J2XA2tuvVs0FAwH6nbfd1AGxA5Evz01hy8omeOXW umBumk5m5hm0SAb8mdZ6sWheO9fsIeJ/g5qbQQZ8Z7ED8LAoSLemYJLDAYGAxgaQ15umhs EV+TikG2ZeVAg2fBywC3hHbcYznheMk= Received: from mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-54-4sTFOuXlMYqDBJj7T7zW-w-1; Fri, 07 Jun 2024 06:06:31 -0400 X-MC-Unique: 4sTFOuXlMYqDBJj7T7zW-w-1 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id CBBD21955DB5; Fri, 7 Jun 2024 10:06:29 +0000 (UTC) Received: from localhost (unknown [10.72.113.124]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 7725919560AB; Fri, 7 Jun 2024 10:06:23 +0000 (UTC) Date: Fri, 7 Jun 2024 18:06:18 +0800 From: Baoquan He To: Coiby Xu Cc: kexec@lists.infradead.org, Ondrej Kozina , Milan Broz , Thomas Staudt , Daniel P =?iso-8859-1?Q?=2E_Berrang=E9?= , Kairui Song , Jan Pazdziora , Pingfan Liu , Dave Young , linux-kernel@vger.kernel.org, x86@kernel.org, Dave Hansen , Vitaly Kuznetsov Subject: Re: [PATCH v4 0/7] Support kdump with LUKS encryption by reusing LUKS volume keys Message-ID: References: <20240523050451.788754-1-coxu@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240523050451.788754-1-coxu@redhat.com> X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 Hi Coiby, On 05/23/24 at 01:04pm, Coiby Xu wrote: > LUKS is the standard for Linux disk encryption. Many users choose LUKS > and in some use cases like Confidential VM it's mandated. With kdump > enabled, when the 1st kernel crashes, the system could boot into the > kdump/crash kernel and dump the memory image i.e. /proc/vmcore to a > specified target. Currently, when dumping vmcore to a LUKS > encrypted device, there are two problems, I am done with this round of reviewing. The overall approach looks good to me, while there are places to improve or fix. I have added comment on all things I am concerned about, please check. Thanks for the effort. By the way, do you get confirmation on the solution from encryption/keys developer of redhat internally or upstream? With my understanding, it looks good. It may need their confirmation or approval in some ways. Thanks Baoquan