[PATCH v2 2/7] ima: move ima_dump_measurement_list call from kexec load to execute

Tushar Sugandhi tusharsu at linux.microsoft.com
Wed Nov 15 14:30:09 PST 2023



On 11/14/23 14:43, Tushar Sugandhi wrote:
> 
> In addition, this patch moves the function ima_dump_measurement_list()
> to a new function named ima_update_kexec_buffer(), which is never
> called.   The patch set is thus not bisect safe.

BTW, ima_update_kexec_buffer() is part of the notifier_block.
which is part of the same patch 2/7.

+struct notifier_block update_buffer_nb = {
+	.notifier_call = ima_update_kexec_buffer,
+};
+

update_buffer_nb is being registered to the reboot notifiers in patch
3/7 of this series.

So ima_update_kexec_buffer() is being called.

+void ima_kexec_post_load(struct kimage *image)
+{
...
...
+
+	if (!ima_kexec_update_registered) {
+		register_reboot_notifier(&update_buffer_nb);
+		ima_kexec_update_registered = true;
+	}
+}

Maybe you meant 'update_buffer_nb' variable needs to be defined and used
in the same patch and not defined in 2/7 and used in 3/7.

Anyways, I think I took care of the majority of the bisect-safe issues 
from V1->V2 of this series.  But maybe I missed a few. I will look at
this with fresh perspective, to see if I missed anything, when I publish
V3 of the series.

Thanks,
Tushar



More information about the kexec mailing list