On 8/23/2022 8:49 AM, Evan Green wrote:
On Wed, Jan 12, 2022 at 1:21 PM Chang S. Bae <[email protected]> wrote:
<snip>
+
+static void __init load_keylocker(void)
I am late to this party by 6 months, but:
load_keylocker() cannot be __init, as it gets called during SMP core onlining.
Yeah, it looks like the case with this patch only.
But the next patch [1] limits the call during boot time only:
if (c == &boot_cpu_data) {
...
load_keylocker();
...
} else {
...
if (!kl_setup.initialized) {
load_keylocker();
} else if (valid_kl) {
rc = copy_keylocker();
...
}
}
kl_setup.initialized is set by native_smp_cpus_done() ->
destroy_keylocker_data() when CPUs are booted. Then load_keylocker() is
not called because the root key (aka IWKey) is no longer available in
memory.
Now this 'valid_kl' flag should be always on unless the root key backup
is corrupted. Then copy_keylocker() loads the root key from the backup
in the platform state.
So I think the onlining CPU won't call it.
Maybe this bit can be much clarified in a separate (new) patch, instead
of being part of another like [1].
Thanks,
Chang
[1]:
https://lore.kernel.org/lkml/[email protected]/
--
dm-devel mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/dm-devel
