On 2023/07/24 13:06, Song Shuai wrote:
> Since RISC-V Linux v6.4, the commit 3335068f8721 ("riscv: Use
> PUD/P4D/PGD pages for the linear mapping") changes the
> phys_ram_base from the kernel_map.phys_addr to the start of DRAM.
>
> The Crash's VTOP() still uses phys_ram_base and
On Thu, 2023-08-03 at 16:01 -0700, Tushar Sugandhi wrote:
> >> +scnprintf(buf, IMA_TPM_UPDATE_CTR_BUF_SIZE, "update_counter=%u;",
> >> + update_counter);
> >> +
> >> +buf_len = strlen(buf);
> >> +
> >> +result = ima_measure_critical_data("tpm_pcr_update_counter",
On Thu, 2023-08-03 at 16:34 -0700, Tushar Sugandhi wrote:
> >> +++ b/security/integrity/ima/ima_init.c
> >> @@ -154,5 +154,8 @@ int __init ima_init(void)
> >> UTS_RELEASE, strlen(UTS_RELEASE), false,
> >> NULL, 0);
> >>
> >> + /*
On 8/3/23 15:15, Mimi Zohar wrote:
On Tue, 2023-08-01 at 11:19 -0700, Tushar Sugandhi wrote:
IMA log entries can be lost due to a variety of causes, such as code bugs
or error conditions, leading to a mismatch between TPM PCRs and
the IMA log. Measuring TPM PCR update counter during ima_init
Thanks for the review Mimi.
On 8/3/23 14:42, Mimi Zohar wrote:
On Tue, 2023-08-01 at 11:19 -0700, Tushar Sugandhi wrote:
Currently TPM update counter is not available external to the system,
for instance, a remote attestation service. It is a problem because
the service cannot easily
On 8/3/23 18:36, Mimi Zohar wrote:
On Thu, 2023-08-03 at 18:09 -0400, Stefan Berger wrote:
I can remove the kexec example if it is causing confusion.> Please let me know.
I am not convinced we need this series ... :-( Your kexec series prevents
further logging and especially PCR
On Thu, 2023-08-03 at 18:09 -0400, Stefan Berger wrote:
> > I can remove the kexec example if it is causing confusion.> Please let me
> > know.
>
> I am not convinced we need this series ... :-( Your kexec series prevents
> further logging and especially PCR extensions after the frozen
On Tue, 2023-08-01 at 11:19 -0700, Tushar Sugandhi wrote:
> IMA log entries can be lost due to a variety of causes, such as code bugs
> or error conditions, leading to a mismatch between TPM PCRs and
> the IMA log. Measuring TPM PCR update counter during ima_init would
> provide a baseline
On 8/3/23 17:30, Tushar Sugandhi wrote:
Thanks Stefan for reviewing this series. Appreciate it.
On 8/3/23 06:37, Stefan Berger wrote:
On 8/1/23 14:19, Tushar Sugandhi wrote:
Entries in IMA log may be lost due to code bugs, certain error conditions
I hope we don't have such bugs. And I
Thanks Stefan for reviewing this series. Appreciate it.
Re-sending this email. I accidentally had some HTML content, the email
bounced back from integrity mailing list.
On 8/3/23 06:37, Stefan Berger wrote:
On 8/1/23 14:19, Tushar Sugandhi wrote:
Entries in IMA log may be lost due to code
On Tue, 2023-08-01 at 11:19 -0700, Tushar Sugandhi wrote:
> Currently TPM update counter is not available external to the system,
> for instance, a remote attestation service. It is a problem because
> the service cannot easily determine if the IMA log entries are missing.
> The IMA functionality
On 8/3/23 01:57, Jarkko Sakkinen wrote:
On Thu Aug 3, 2023 at 4:22 AM EEST, Mimi Zohar wrote:
On Wed, 2023-08-02 at 06:58 +0300, Jarkko Sakkinen wrote:
From long description I see zero motivation to ack this change, except
some heresay about IMA requiring it. Why does IMA need update_cnt and
On 8/3/23 01:43, Jarkko Sakkinen wrote:
On Thu Aug 3, 2023 at 12:04 AM EEST, Tushar Sugandhi wrote:
Btw, the function tpm2_pcr_read is not exposed directly to the other
subsystems (like IMA). It is exposed via tpm_pcr_read.
Do you want to expose tpm2_pcr_read directly,
or do you want me to
On 8/2/23 18:22, Mimi Zohar wrote:
On Wed, 2023-08-02 at 06:58 +0300, Jarkko Sakkinen wrote:
From long description I see zero motivation to ack this change, except
some heresay about IMA requiring it. Why does IMA need update_cnt and
why this is not documented to the long description?
The
On Thu, Aug 03, 2023 at 01:20:28PM -0500, Eric DeVolder wrote:
>
>
> On 7/21/23 11:32, Eric DeVolder wrote:
> >
> >
> > On 7/3/23 11:53, Eric DeVolder wrote:
> > >
> > >
> > > On 7/3/23 08:05, Greg KH wrote:
> > > > On Thu, Jun 29, 2023 at 03:21:10PM -0400, Eric DeVolder wrote:
> > > > > -
On 7/21/23 11:32, Eric DeVolder wrote:
On 7/3/23 11:53, Eric DeVolder wrote:
On 7/3/23 08:05, Greg KH wrote:
On Thu, Jun 29, 2023 at 03:21:10PM -0400, Eric DeVolder wrote:
- the function body of the callback functions are now wrapped with
IS_ENABLED(); as the callback function
On 8/3/2023 5:13 PM, Palmer Dabbelt wrote:
> On Wed, 26 Jul 2023 09:33:49 PDT (-0700), Conor Dooley wrote:
>> On Wed, Jul 26, 2023 at 11:54:00AM +0200, Petr Tesarik wrote:
>>> From: Petr Tesarik
>>>
>>> Linking with this object file makes kexec_file_load(2) fail because of
>>> multiple unknown
On Thu, Aug 03, 2023 at 08:13:48AM -0700, Palmer Dabbelt wrote:
> On Wed, 26 Jul 2023 09:33:49 PDT (-0700), Conor Dooley wrote:
> > On Wed, Jul 26, 2023 at 11:54:00AM +0200, Petr Tesarik wrote:
> > > From: Petr Tesarik
> > >
> > > Linking with this object file makes kexec_file_load(2) fail
On Mon, 24 Jul 2023 18:09:16 +0800, Song Shuai wrote:
> Since RISC-V Linux v6.4, the commit 3335068f8721 ("riscv: Use
> PUD/P4D/PGD pages for the linear mapping") changes phys_ram_base
> from the physical start of the kernel to the actual start of the DRAM.
>
> The Crash-utility's VTOP() still
Hello:
This series was applied to riscv/linux.git (fixes)
by Palmer Dabbelt :
On Mon, 24 Jul 2023 18:09:16 +0800 you wrote:
> Since RISC-V Linux v6.4, the commit 3335068f8721 ("riscv: Use
> PUD/P4D/PGD pages for the linear mapping") changes phys_ram_base
> from the physical start of the kernel
On Wed, 26 Jul 2023 09:33:49 PDT (-0700), Conor Dooley wrote:
On Wed, Jul 26, 2023 at 11:54:00AM +0200, Petr Tesarik wrote:
From: Petr Tesarik
Linking with this object file makes kexec_file_load(2) fail because of
multiple unknown relocation types:
- R_RISCV_ADD16, R_RISCV_SUB16: used by
Hello:
This series was applied to riscv/linux.git (fixes)
by Palmer Dabbelt :
On Wed, 26 Jul 2023 11:53:58 +0200 you wrote:
> From: Petr Tesarik
>
> The kexec_file_load(2) syscall does not work at least in some kernel
> builds. For details see the relevant section in this blog post:
>
>
On Thu, 3 Aug 2023 at 13:11, Ard Biesheuvel wrote:
>
> On Wed, 2 Aug 2023 at 17:52, Borislav Petkov wrote:
> >
> > On Wed, Aug 02, 2023 at 04:55:27PM +0200, Ard Biesheuvel wrote:
> > > ... because now, entering via startup_32 is broken, given that it only
> > > maps the kernel image itself and
On 8/1/23 14:19, Tushar Sugandhi wrote:
Entries in IMA log may be lost due to code bugs, certain error conditions
I hope we don't have such bugs. And I guess the most critical ones would be
between logging and PCR extensions
being met etc. This can result in TPM PCRs getting out of sync
On Wed, 2 Aug 2023 at 17:52, Borislav Petkov wrote:
>
> On Wed, Aug 02, 2023 at 04:55:27PM +0200, Ard Biesheuvel wrote:
> > ... because now, entering via startup_32 is broken, given that it only
> > maps the kernel image itself and relies on the #PF handling for
> > everything else it accesses,
On Thu Aug 3, 2023 at 4:22 AM EEST, Mimi Zohar wrote:
> On Wed, 2023-08-02 at 06:58 +0300, Jarkko Sakkinen wrote:
> >
> > From long description I see zero motivation to ack this change, except
> > some heresay about IMA requiring it. Why does IMA need update_cnt and
> > why this is not documented
Add kexec to the CC list so kexec people can know this.
On Thu, Aug 3, 2023 at 10:55 AM Tao Liu wrote:
>
> Previously no .shutdown() hook is implemented for iwlwifi driver, a
> ETIMEDOUT error will occur during the kexec kernel bootup. As a
> consequence, wifi is unusable after kexec into the
On Thu Aug 3, 2023 at 12:04 AM EEST, Tushar Sugandhi wrote:
> Btw, the function tpm2_pcr_read is not exposed directly to the other
> subsystems (like IMA). It is exposed via tpm_pcr_read.
>
> Do you want to expose tpm2_pcr_read directly,
> or do you want me to update the function signature of
On Thu, Aug 03, 2023 at 10:37:10AM +0800, Pingfan Liu wrote:
> On Wed, Aug 2, 2023 at 8:33 PM Simon Horman wrote:
> >
> > On Wed, Aug 02, 2023 at 02:17:57PM +0200, Simon Horman wrote:
> > > On Wed, Aug 02, 2023 at 02:16:33PM +0200, Simon Horman wrote:
> > > > On Wed, Aug 02, 2023 at 05:53:59PM
29 matches
Mail list logo
