Re: [PATCH v8 6/7] ima: make the kexec extra memory configurable

From: Mimi Zohar
Date: Thu Feb 20 2025 - 16:36:58 EST

Next message: Dionna Amalie Glaze: "Re: [PATCH v4 2/7] crypto: ccp: Ensure implicit SEV/SNP init and shutdown in ioctls"
Previous message: Jarkko Sakkinen: "Re: [PATCH v5 2/5] tpm_crb: clean-up and refactor check for idle support"
In reply to: steven chen: "[PATCH v8 6/7] ima: make the kexec extra memory configurable"
Next in thread: steven chen: "[PATCH v8 5/7] ima: kexec: move IMA log copy from kexec load to execute"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2025-02-18 at 14:55 -0800, steven chen wrote:
> The extra memory allocated for carrying the IMA measurement list across
> kexec is hard-coded as half a PAGE. Make it configurable.
>
> Define a Kconfig option, IMA_KEXEC_EXTRA_MEMORY_KB, to configure the
> extra memory (in kb) to be allocated for IMA measurements added during
> kexec soft reboot. Ensure the default value of the option is set such
> that extra half a page of memory for additional measurements is allocated
> for the additional measurements.
>
> Update ima_add_kexec_buffer() function to allocate memory based on the
> Kconfig option value, rather than the currently hard-coded one.
>
> Suggested-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> Signed-off-by: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: steven chen <chenste@xxxxxxxxxxxxxxxxxxx>
> Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>

Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>

Next message: Dionna Amalie Glaze: "Re: [PATCH v4 2/7] crypto: ccp: Ensure implicit SEV/SNP init and shutdown in ioctls"
Previous message: Jarkko Sakkinen: "Re: [PATCH v5 2/5] tpm_crb: clean-up and refactor check for idle support"
In reply to: steven chen: "[PATCH v8 6/7] ima: make the kexec extra memory configurable"
Next in thread: steven chen: "[PATCH v8 5/7] ima: kexec: move IMA log copy from kexec load to execute"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]