[PATCH v3] x86/kexec: Carry forward IMA measurement log on kexec

[Mimi Zohar]

Hi Jonathan,

On Wed, 2022-05-11 at 09:59 +0000, Jonathan McDowell wrote:
> On kexec file load Integrity Measurement Architecture (IMA) subsystem
> may verify the IMA signature of the kernel and initramfs, and measure
> it. The command line parameters passed to the kernel in the kexec call
> may also be measured by IMA. A remote attestation service can verify
> a TPM quote based on the TPM event log, the IMA measurement list, and
> the TPM PCR data. This can be achieved only if the IMA measurement log
> is carried over from the current kernel to the next kernel across
> the kexec call.
> 
> powerpc and ARM64 both achieve this using device tree with a
> "linux,ima-kexec-buffer" node. x86 platforms generally don't make use of
> device tree, so use the setup_data mechanism to pass the IMA buffer to
> the new kernel.
> 
> Signed-off-by: Jonathan McDowell <noodles at fb.com>
> ---
> v3:
>  - Rebase on tip/master

This patch doesn't apply to Linus' master branch.  Which tip/master
branch?  In the future, please use the git format-patch "--base=auto"
option.

>  - Pull ima_(free|get)_kexec_buffer into x86 code
>  - Push ifdefs into functions where possible
>  - Reverse fir tree variable declarations
>  - Fix section annotation on ima_free_kexec_buffer (__meminit)
>  - Only allocate ima_setup_data space when IMA_KEXEC is enabled

IMA_KEXEC only controls whether the current measurement list should be
carried across kexec, not restoring the previous measurement list.

> v2:
>  - Fix operation with EFI systems
> ---

> +++ b/include/linux/ima.h
> @@ -140,6 +140,9 @@ static inline int ima_measure_critical_data(const char *event_label,
>  
>  #endif /* CONFIG_IMA */
>  
> +int ima_free_kexec_buffer(void);
> +int ima_get_kexec_buffer(void **addr, size_t *size);

Wouldn't moving these function definitions here imply they are
implemented on all architectures or are using the version in
drivers/of/kexec.c.

thanks,

Mimi