Hello,
On Sat, 24 Feb 2018 10:19:09 +0800
Baoquan He wrote:
> Hi Petr,
>
> On 02/23/18 at 09:29am, Petr Tesarik wrote:
> > Hi Baoquan,
> >
> > On Fri, 23 Feb 2018 07:20:43 +0800
> > Baoquan He wrote:
> >
> > > Hi Michal,
> > >
> > > On 02/22/18 at
On Fri, 23 Feb 2018 07:20:43 +0800
Baoquan He wrote:
> Hi Michal,
>
> On 02/22/18 at 11:24pm, Michal Suchanek wrote:
> > The new KEXEC_FILE_LOAD is preferred in the case the platform
> > supports it because it allows kexec in locked down secure boot mode.
> >
> > However, some
On Fri, 2 Mar 2018 13:44:58 +0100
Simon Horman wrote:
> On Mon, Feb 26, 2018 at 01:00:37PM +0100, Michal Suchanek wrote:
> > Not all architectures implement KEXEC_FILE_LOAD. However, on some
> > archiectures KEXEC_FILE_LOAD is required when secure boot is
> > enabled in
On Wed, 14 Mar 2018 11:41:30 +0800
Dave Young wrote:
> On 03/06/18 at 02:15pm, Michal Suchanek wrote:
> > Signed-off-by: Michal Suchanek
> > ---
> > kexec/kexec.8 | 15 +++
> > 1 file changed, 15 insertions(+)
> >
> > diff --git
On Wed, 14 Mar 2018 11:22:40 +0800
Dave Young wrote:
> On 03/06/18 at 02:15pm, Michal Suchanek wrote:
> > Not all architectures implement KEXEC_FILE_LOAD. However, on some
> > archiectures KEXEC_FILE_LOAD is required when secure boot is
> > enabled in locked-down mode.
On Thu, 15 Mar 2018 11:38:30 +0100
Simon Horman wrote:
> On Tue, Mar 06, 2018 at 02:15:53PM +0100, Michal Suchanek wrote:
> > It is parsed separately to save a few CPU cycles when setting up
> > other options but it just complicates the code. So fold it back and
> > set up
On Wed, 14 Mar 2018 11:43:55 +0800
Dave Young wrote:
> On 03/06/18 at 02:15pm, Michal Suchanek wrote:
> > Signed-off-by: Michal Suchanek
> > ---
> > kexec/kexec.8 | 15 +++
> > 1 file changed, 15 insertions(+)
> >
> > diff --git
On Wed, 14 Mar 2018 15:50:31 +0800
Dave Young <dyo...@redhat.com> wrote:
> On 03/14/18 at 08:25am, Michal Suchánek wrote:
> > On Wed, 14 Mar 2018 11:41:30 +0800
> > Dave Young <dyo...@redhat.com> wrote:
> >
> > > On 03/06/18 at 02:15pm, Michal Sucha
Hello,
while looking at the code I noticed --status always uses kexec_load. So
with kernels that implement only kexec_file_load this option will not
work. It has been pointed out that this configuration is possible to
select in Kconfig.
Thanks
Michal
On Tue, 27 Mar 2018 18:06:19 +0800
Dave Young <dyo...@redhat.com> wrote:
> On 03/26/18 at 07:38pm, Michal Suchánek wrote:
> > On Mon, 26 Mar 2018 17:12:10 +0800
> > Dave Young <dyo...@redhat.com> wrote:
> >
> > > On 03/26/18 at 05:08pm, Dave You
On Mon, 26 Mar 2018 17:12:10 +0800
Dave Young wrote:
> On 03/26/18 at 05:08pm, Dave Young wrote:
> > On 03/20/18 at 04:56pm, Michal Suchanek wrote:
> > > Not all architectures implement KEXEC_FILE_LOAD. However, on some
> > > archiectures KEXEC_FILE_LOAD is required when
On Mon, 26 Mar 2018 15:52:39 -0300
Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> wrote:
> Michal Suchánek <msucha...@suse.de> writes:
>
> > On Mon, 26 Mar 2018 17:12:10 +0800
> > Dave Young <dyo...@redhat.com> wrote:
> >
> >> On 03/26/18
On Mon, 26 Mar 2018 15:53:24 +0800
Dave Young wrote:
> Hi Simon
> On 03/26/18 at 09:25am, Simon Horman wrote:
> > Hi Michal, thanks for the updated patches.
> >
> > Dave, are you planning to review this series?
> >
>
> I have same concern as I commented in last versioni,
On Fri, 16 Mar 2018 14:51:14 +0800
Dave Young <dyo...@redhat.com> wrote:
> On 03/15/18 at 12:44pm, Michal Suchánek wrote:
> > On Wed, 14 Mar 2018 15:50:31 +0800
> > Dave Young <dyo...@redhat.com> wrote:
> >
> > > On 03/14/18 at 08:25am, Michal Suchán
On Fri, 16 Mar 2018 12:20:25 +0100
Simon Horman <ho...@verge.net.au> wrote:
> On Thu, Mar 15, 2018 at 12:13:18PM +0100, Michal Suchánek wrote:
> > On Thu, 15 Mar 2018 11:38:30 +0100
> > Simon Horman <ho...@verge.net.au> wrote:
> > >
> > &g
On Fri, 16 Mar 2018 14:45:02 +0800
Dave Young <dyo...@redhat.com> wrote:
> On 03/15/18 at 12:06pm, Michal Suchánek wrote:
> > On Wed, 14 Mar 2018 11:21:59 +0800
> > Dave Young <dyo...@redhat.com> wrote:
> >
> > > It looks to me it is enough only c
On Fri, 2 Mar 2018 17:17:06 +0800
Dave Young wrote:
> On 02/26/18 at 01:00pm, Michal Suchanek wrote:
> > Not all architectures implement KEXEC_FILE_LOAD. However, on some
> > archiectures KEXEC_FILE_LOAD is required when secure boot is
> > enabled in locked-down mode.
> > >
> > > > On 02/26/18 at 01:08pm, Michal Suchánek wrote:
> > > > > On Mon, 26 Feb 2018 09:45:15 +0800
> > > > > Dave Young <dyo...@redhat.com> wrote:
> > > > >
> > > > > > On 02/24/18 at 05:
On Mon, 26 Feb 2018 13:00:37 +0100
Michal Suchanek wrote:
> Not all architectures implement KEXEC_FILE_LOAD. However, on some
> archiectures KEXEC_FILE_LOAD is required when secure boot is enabled
> in locked-down mode. Previously users had to select the
> KEXEC_FILE_LOAD
On Fri, 2 Mar 2018 14:33:02 +0100
Michal Suchanek wrote:
> Not all architectures implement KEXEC_FILE_LOAD. However, on some
> archiectures KEXEC_FILE_LOAD is required when secure boot is enabled
> in locked-down mode. Previously users had to select the
> KEXEC_FILE_LOAD
On Fri, 2 Mar 2018 13:46:10 +0100
Simon Horman <ho...@verge.net.au> wrote:
> On Fri, Mar 02, 2018 at 01:32:52PM +0100, Michal Suchánek wrote:
> > On Fri, 2 Mar 2018 17:24:19 +0800
> > Dave Young <dyo...@redhat.com> wrote:
> >
> > > On
On Fri, 2 Mar 2018 13:36:16 +0100
Simon Horman wrote:
> On Mon, Feb 26, 2018 at 01:00:35PM +0100, Michal Suchanek wrote:
> > It is parsed separately to save a few CPU cycles when setting up
> > other options but it just complicates the code. So fold it back and
> > set up all
On Fri, 2 Mar 2018 13:34:45 +0100
Simon Horman wrote:
> On Mon, Feb 26, 2018 at 01:00:34PM +0100, Michal Suchanek wrote:
> > When the kernel does not know a syscall number it returns -ENOSYS
> > but when kexec does not know a syscall number it returns -1. Return
> > -ENOSYS
On Tue, Mar 17, 2020 at 02:14:22PM +, HAGIO KAZUHITO(萩尾 一仁) wrote:
> Hi Michal,
>
> Thank you for the patch.
>
> > -Original Message-
> > Reportedly on some arm64 systems makedumpfile loops forever exhausting
> > all memory when filtering kernel core. It turns out the reason is it
>
On Wed, Mar 18, 2020 at 01:49:05AM +0530, Bhupesh Sharma wrote:
> On Wed, Mar 18, 2020 at 1:05 AM Michal Suchánek wrote:
> >
> > On Tue, Mar 17, 2020 at 02:14:22PM +, HAGIO KAZUHITO(萩尾 一仁) wrote:
> > > Hi Michal,
> > >
> > > Thank you for the
Hello,
On Wed, Apr 14, 2021 at 11:08:19AM +0800, Pingfan Liu wrote:
> On Sat, Apr 10, 2021 at 12:33 AM Michal Suchánek wrote:
> >
> > Hello,
> >
> > On Fri, Aug 28, 2020 at 04:10:09PM +0800, Pingfan Liu wrote:
> > > On Thu, Aug 27, 2020 at 3:53 PM Laurent Dufo
Hello,
On Fri, Aug 28, 2020 at 04:10:09PM +0800, Pingfan Liu wrote:
> On Thu, Aug 27, 2020 at 3:53 PM Laurent Dufour wrote:
> >
> > Le 10/08/2020 à 10:52, Pingfan Liu a écrit :
> > > A bug is observed on pseries by taking the following steps on rhel:
> > > -1. drmgr -c mem -r -q 5
> > > -2. echo
Hello,
On Wed, Dec 01, 2021 at 10:37:47AM +0800, Baoquan He wrote:
> Hi,
>
> On 11/25/21 at 07:02pm, Michal Suchanek wrote:
> > Hello,
> >
> > This is resend of the KEXEC_SIG patchset.
> >
> > The first patch is new because it'a a cleanup that does not require any
> > change to the module
Hello,
On Wed, Dec 08, 2021 at 08:50:54PM -0500, Nayna wrote:
>
> On 11/25/21 13:02, Michal Suchanek wrote:
> > Hello,
>
> Hi Michael,
>
> >
> > This is resend of the KEXEC_SIG patchset.
> >
> > The first patch is new because it'a a cleanup that does not require any
> > change to the module
On Tue, Dec 07, 2021 at 05:10:14PM +0100, Philipp Rudo wrote:
> Hi Michal,
>
> i finally had the time to take a closer look at the series. Except for
> the nit in patch 4 and my personal preference in patch 6 the code looks
> good to me.
>
> What I don't like are the commit messages on the first
Hello,
On Tue, Dec 07, 2021 at 05:10:34PM +0100, Philipp Rudo wrote:
> Hi Michal,
>
> On Thu, 25 Nov 2021 19:02:44 +0100
> Michal Suchanek wrote:
>
> > Multiple users of mod_check_sig check for the marker, then call
> > mod_check_sig, extract signature length, and remove the signature.
> >
>
Hello,
On Sun, Dec 12, 2021 at 07:46:53PM -0500, Nayna wrote:
>
> On 11/25/21 13:02, Michal Suchanek wrote:
> > Copy the code from s390x
> >
> > Signed-off-by: Michal Suchanek
> > ---
> > arch/powerpc/Kconfig| 11 +++
> > arch/powerpc/kexec/elf_64.c | 36
Hello,
On Wed, Dec 08, 2021 at 08:51:47PM -0500, Nayna wrote:
>
> On 11/25/21 13:02, Michal Suchanek wrote:
> > Copy the code from s390x
> >
> > Signed-off-by: Michal Suchanek
> > ---
> > arch/powerpc/Kconfig| 11 +++
> > arch/powerpc/kexec/elf_64.c | 36
Hello,
On Mon, Feb 14, 2022 at 10:14:16AM -0500, Mimi Zohar wrote:
> Hi Michal,
>
> On Sun, 2022-02-13 at 21:59 -0500, Mimi Zohar wrote:
>
> >
> > On Tue, 2022-01-11 at 12:37 +0100, Michal Suchanek wrote:
> > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> > > index
Hello,
thanks for the review.
On Tue, Jan 25, 2022 at 12:15:56PM -0800, Luis Chamberlain wrote:
> On Tue, Jan 11, 2022 at 12:37:45PM +0100, Michal Suchanek wrote:
> > diff --git a/include/linux/verification.h b/include/linux/verification.h
> > index a655923335ae..32db9287a7b0 100644
> > ---
Hello,
On Wed, Feb 09, 2022 at 07:44:15AM +0100, Paul Menzel wrote:
> Dear Michal,
>
>
> Thank you for the patch.
>
>
> Am 11.01.22 um 12:37 schrieb Michal Suchanek:
>
> Could you please remove the dot/period at the end of the git commit message
> summary?
Sure
> > Copy the code from s390x
On Mon, Apr 11, 2022 at 09:52:18AM +0800, Coiby Xu wrote:
> On Mon, Apr 11, 2022 at 09:13:32AM +0800, Baoquan He wrote:
> > On 04/08/22 at 10:59am, Michal Suchánek wrote:
> > > On Fri, Apr 08, 2022 at 03:17:19PM +0800, Baoquan He wrote:
> > > > Hi Coiby,
> >
On Fri, Apr 01, 2022 at 09:31:17AM +0800, Coiby Xu wrote:
> The code in bzImage64_verify_sig could make use of system keyrings
s/could make/makes/
> including .buitin_trusted_keys, .secondary_trusted_keys and .platform
> keyring to verify signed kernel image as PE file. Make it generic so
> both
On Fri, Apr 01, 2022 at 09:31:16AM +0800, Coiby Xu wrote:
> Currently there is no arch-specific implementation of
> arch_kexec_kernel_verify_sig. Even if we want to add an implementation
> for an architecture in the future, we can simply use "(struct
> kexec_file_ops*)->verify_sig". So clean it
On Fri, Apr 01, 2022 at 09:31:18AM +0800, Coiby Xu wrote:
> Currently, a problem faced by arm64 is if a kernel image is signed by a
> MOK key, loading it via the kexec_file_load() system call would be
> rejected with the error "Lockdown: kexec: kexec of unsigned images is
> restricted; see man
On Fri, Apr 08, 2022 at 03:17:19PM +0800, Baoquan He wrote:
> Hi Coiby,
>
> On 04/01/22 at 09:31am, Coiby Xu wrote:
> > Currently, a problem faced by arm64 is if a kernel image is signed by a
> > MOK key, loading it via the kexec_file_load() system call would be
> > rejected with the error
On Fri, Apr 08, 2022 at 03:47:04PM +0800, Coiby Xu wrote:
> Hi Michal,
>
> As mentioned by Baoquan, I have a patch set "[PATCH v5 0/3] use more
> system keyrings to verify arm64 kdump kernel image signature" [1]. The
> differences between your patch set and mine are as follows, - my patch set
>
On Thu, May 19, 2022 at 10:22:15PM +0800, Baoquan He wrote:
> On 05/19/22 at 07:56am, Mimi Zohar wrote:
> > [Cc'ing Jarkko, linux-integrity]
> >
> > On Thu, 2022-05-19 at 08:39 +0800, Baoquan He wrote:
> > > On 05/18/22 at 01:29pm, Heiko Carstens wrote:
> > > > On Thu, May 12, 2022 at 03:01:23PM
Hello,
On Thu, Jun 09, 2022 at 07:15:27PM -0400, Mimi Zohar wrote:
> On Thu, 2022-05-12 at 15:01 +0800, Coiby Xu wrote:
> > Currently, a problem faced by arm64 is if a kernel image is signed by a
> > MOK key, loading it via the kexec_file_load() system call would be
> > rejected with the error
On Tue, Sep 27, 2022 at 11:39:52AM +0900, AKASHI Takahiro wrote:
> On Mon, Sep 26, 2022 at 09:40:25AM +0200, Michal Such??nek wrote:
> > On Mon, Sep 26, 2022 at 08:47:32AM +0200, Greg Kroah-Hartman wrote:
> > > On Sat, Sep 24, 2022 at 01:55:23PM +0200, Michal Suchánek wrote:
>
On Mon, Sep 26, 2022 at 08:47:32AM +0200, Greg Kroah-Hartman wrote:
> On Sat, Sep 24, 2022 at 01:55:23PM +0200, Michal Suchánek wrote:
> > On Sat, Sep 24, 2022 at 12:13:34PM +0200, Greg Kroah-Hartman wrote:
> > > On Sat, Sep 24, 2022 at 11:45:21AM +0200, Michal Suchánek wrote:
&
Hello,
On Fri, Sep 23, 2022 at 03:03:36PM -0400, Mimi Zohar wrote:
> On Fri, 2022-09-23 at 19:10 +0200, Michal Suchanek wrote:
> > Hello,
> >
> > this is backport of commit 0d519cadf751
> > ("arm64: kexec_file: use more system keyrings to verify kernel image
> > signature")
> > to table 5.15
On Sat, Sep 24, 2022 at 12:13:34PM +0200, Greg Kroah-Hartman wrote:
> On Sat, Sep 24, 2022 at 11:45:21AM +0200, Michal Suchánek wrote:
> > On Sat, Sep 24, 2022 at 11:19:19AM +0200, Greg Kroah-Hartman wrote:
> > > On Fri, Sep 23, 2022 at 07:10:28PM +0200, Michal Suchanek wr
On Sat, Sep 24, 2022 at 11:19:19AM +0200, Greg Kroah-Hartman wrote:
> On Fri, Sep 23, 2022 at 07:10:28PM +0200, Michal Suchanek wrote:
> > Hello,
> >
> > this is backport of commit 0d519cadf751
> > ("arm64: kexec_file: use more system keyrings to verify kernel image
> > signature")
> > to table
On Fri, Sep 23, 2022 at 09:16:50PM +0200, Michal Suchánek wrote:
> Hello,
>
> On Fri, Sep 23, 2022 at 03:03:36PM -0400, Mimi Zohar wrote:
> > On Fri, 2022-09-23 at 19:10 +0200, Michal Suchanek wrote:
> > > Hello,
> > >
> > > this is backport of commit 0
50 matches
Mail list logo