Re: [PATCH v13 1/6] ima: Move arch_ima_add_kexec_buffer() to ima
From: Thiago Jung Bauermann
Date: Tue Dec 22 2020 - 17:54:58 EST
Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx> writes:
> arch_ima_add_kexec_buffer() defined in "arch/powerpc/kexec/ima.c"
> sets up the address and size of the IMA measurement list in
> the architecture specific fields in kimage struct. This function does not
> have architecture specific code, but is currently limited to powerpc.
>
> Move arch_ima_add_kexec_buffer() to ima.
>
> Co-developed-by: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Prakhar Srivastava <prsriva@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
> ---
> arch/powerpc/include/asm/ima.h | 3 ---
> arch/powerpc/kexec/ima.c | 17 -----------------
> security/integrity/ima/ima_kexec.c | 22 ++++++++++++++++++++++
> 3 files changed, 22 insertions(+), 20 deletions(-)
Reviewed-by: Thiago Jung Bauermann <bauerman@xxxxxxxxxxxxx>
Just one nit below.
Also, I just noticed that this patch series hasn't been cc'd to the linuxppc-dev
mailing list. You should do that, since it affects powerpc code. The
powerpc maintainers are being copied so at least they've been made aware
of it, but that isn't enough.
> diff --git a/security/integrity/ima/ima_kexec.c b/security/integrity/ima/ima_kexec.c
> index 121de3e04af2..38bcd7543e27 100644
> --- a/security/integrity/ima/ima_kexec.c
> +++ b/security/integrity/ima/ima_kexec.c
> @@ -10,6 +10,7 @@
> #include <linux/seq_file.h>
> #include <linux/vmalloc.h>
> #include <linux/kexec.h>
> +#include <linux/ima.h>
> #include "ima.h"
>
> #ifdef CONFIG_IMA_KEXEC
There's no need to add this include.
--
Thiago Jung Bauermann
IBM Linux Technology Center