[PATCH v11 6/9] ima: kexec: move IMA log copy from kexec load to execute

Thu Apr 10 07:15:52 PDT 2025

On 4/8/2025 9:17 AM, Mimi Zohar wrote:
> On Wed, 2025-04-02 at 05:47 -0700, steven chen wrote:
>> ima_dump_measurement_list() is called during kexec 'load', which may
>> result in loss of IMA measurements during kexec soft reboot. Due to
>> missed measurements that only occurred after kexec 'load', this function
>> needs to be called during kexec 'execute'.
> Re-use the motivation from 5/9 (with tweak):
>
> The IMA log is currently copied to the new kernel during kexec 'load' using
> ima_dump_measurement_list(). However, the IMA measurement list copied at kexec
> 'load' may result in loss of IMA measurements records that only occurred after
> the kexec 'load'.
>
> And finish the paragraph with:
> Move the IMA measurement list log copy from kexec 'load' to 'execute'.
>
>> Make the kexec_segment_size variable a local static variable within the
>> file, so it can be accessed during both kexec 'load' and 'execute'.
>>   
>> Implement the kexec_post_load() function to be invoked after the new kernel
>> image has been loaded for kexec. Instead of calling machine_kexec_post_load()
>> directly from the kexec_file_load() syscall, call kexec_post_load(), which in
>> turn calls machine_kexec_post_load() to maintain the original image processing.
> Define kexec_post_load() as a wrapper for calling ima_kexec_post_load() and
> machine_kexec_post_load().  Replace the existing direct call to
> machine_kexec_post_load() with kexec_post_load().
>
>>   
>> Invoke ima_kexec_post_load() within the kexec_post_load() API only for kexec
>> soft reboot scenarios, excluding KEXEC_FILE_ON_CRASH.
> "Don't call ima_kexec_post_load() on KEXEC_FILE_ON_CRASH" would be listed in the
> Changelog if it changed, not here in the patch description.  Please remove.
>
>>   
>> Register a reboot notifier for the ima_update_kexec_buffer() API within
>> ima_kexec_post_load() to ensure it is called upon receiving a reboot
>> notification.
> Registering the reboot notifier was done in "[PATCH v11 5/9] ima: kexec: define
> functions to copy IMA log at soft boot", not here.  Please remove.
>
>>   
>> Move the ima_dump_measurement_list() call from ima_add_kexec_buffer() to
>> ima_update_kexec_buffer() to copy the IMA log at the kexec 'execute' stage.
> This information was already stated in the first paragraph as part of the
> motivation for the patch.  Please remove.
>
>>   
>> When there is insufficient memory to copy all the measurement logs, copy as
>> much of the measurement list as possible.
> Is this comment still applicable to this patch?
>
> Please review your patch descriptions before posting, making sure that
> everything is still applicable.
>
> thanks,
>
> Mimi

Hi Mimi,

Thanks for your comments. I will update in next version.

Steven

>> Signed-off-by: Tushar Sugandhi <tusharsu at linux.microsoft.com>
>> Cc: Eric Biederman <ebiederm at xmission.com>
>> Cc: Baoquan He <bhe at redhat.com>
>> Cc: Vivek Goyal <vgoyal at redhat.com>
>> Cc: Dave Young <dyoung at redhat.com>
>> Signed-off-by: steven chen <chenste at linux.microsoft.com>
>> Reviewed-by: Stefan Berger <stefanb at linux.ibm.com>