[PATCH v8 6/7] ima: make the kexec extra memory configurable
Mimi Zohar
zohar at linux.ibm.com
Thu Feb 20 21:36:18 UTC 2025
On Tue, 2025-02-18 at 14:55 -0800, steven chen wrote:
> The extra memory allocated for carrying the IMA measurement list across
> kexec is hard-coded as half a PAGE. Make it configurable.
>
> Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to configure the
> extra memory (in kb) to be allocated for IMA measurements added during
> kexec soft reboot. Ensure the default value of the option is set such
> that extra half a page of memory for additional measurements is allocated
> for the additional measurements.
>
> Update ima_add_kexec_buffer() function to allocate memory based on the
> Kconfig option value, rather than the currently hard-coded one.
>
> Suggested-by: Stefan Berger <stefanb at linux.ibm.com>
> Signed-off-by: Tushar Sugandhi <tusharsu at linux.microsoft.com>
> Signed-off-by: steven chen <chenste at linux.microsoft.com>
> Reviewed-by: Stefan Berger <stefanb at linux.ibm.com>
Reviewed-by: Mimi Zohar <zohar at linux.ibm.com>
More information about the Linux-security-module-archive
mailing list