From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.3 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 03F3AC433DF for ; Thu, 18 Jun 2020 07:11:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D736821532 for ; Thu, 18 Jun 2020 07:11:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="ixHKZ/xQ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728057AbgFRHLN (ORCPT ); Thu, 18 Jun 2020 03:11:13 -0400 Received: from linux.microsoft.com ([13.77.154.182]:60676 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728034AbgFRHLL (ORCPT ); Thu, 18 Jun 2020 03:11:11 -0400 Received: from prsriva-linux.hsd1.wa.comcast.net (c-24-19-135-168.hsd1.wa.comcast.net [24.19.135.168]) by linux.microsoft.com (Postfix) with ESMTPSA id 2CB7A20B4783; Thu, 18 Jun 2020 00:11:10 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 2CB7A20B4783 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1592464270; bh=A0GiQILHZ8uuNOX7+rBVoRsb1esS85HaWBTuDqTUAM4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ixHKZ/xQIYNcJIA9BE4KrIbjwT0LdW+G2r+zYBqwNbWNH109H6oJwoZ55KK/1rHMF zDbf30HMELw5TZ3FWiLSdBVIQVNopsycaccVcaHl3PXGOOTza1ZjU7noxo4fAsdRFh sPyrgvlID5Gdj2Adjaje8Sum1mYYaHoWYTjZWerE= From: Prakhar Srivastava To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, devicetree@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Cc: catalin.marinas@arm.com, will@kernel.org, mpe@ellerman.id.au, benh@kernel.crashing.org, paulus@samba.org, robh+dt@kernel.org, frowand.list@gmail.com, zohar@linux.ibm.com, dmitry.kasatkin@gmail.com, jmorris@namei.org, serge@hallyn.com, pasha.tatashin@soleen.com, allison@lohutok.net, kstewart@linuxfoundation.org, takahiro.akashi@linaro.org, tglx@linutronix.de, vincenzo.frascino@arm.com, mark.rutland@arm.com, masahiroy@kernel.org, james.morse@arm.com, bhsharma@redhat.com, mbrugger@suse.com, hsinyi@chromium.org, tao.li@vivo.com, christophe.leroy@c-s.fr, gregkh@linuxfoundation.org, nramas@linux.microsoft.com, prsriva@linux.microsoft.com, tusharsu@linux.microsoft.com, balajib@linux.microsoft.com Subject: [V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer Date: Thu, 18 Jun 2020 00:10:44 -0700 Message-Id: <20200618071045.471131-3-prsriva@linux.microsoft.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200618071045.471131-1-prsriva@linux.microsoft.com> References: <20200618071045.471131-1-prsriva@linux.microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Integrity measurement architecture(IMA) validates if files have been accidentally or maliciously altered, both remotely and locally, appraise a file's measurement against a "good" value stored as an extended attribute, and enforce local file integrity. IMA also measures singatures of kernel and initrd during kexec along with the command line used for kexec. These measurements are critical to verify the seccurity posture of the OS. Resering memory and adding the memory information to a device tree node acts as the mechanism to carry over IMA measurement logs. Update devicetree documentation to reflect the addition of new property under the chosen node. --- Documentation/devicetree/bindings/chosen.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt index 45e79172a646..a15f70c007ef 100644 --- a/Documentation/devicetree/bindings/chosen.txt +++ b/Documentation/devicetree/bindings/chosen.txt @@ -135,3 +135,20 @@ e.g. linux,initrd-end = <0x82800000>; }; }; + +linux,ima-kexec-buffer +---------------------- + +This property(currently used by powerpc, arm64) holds the memory range, +the address and the size, of the IMA measurement logs that are being carried +over to the kexec session. + +/ { + chosen { + linux,ima-kexec-buffer = <0x9 0x82000000 0x0 0x00008000>; + }; +}; + +This porperty does not represent real hardware, but the memory allocated for +carrying the IMA measurement logs. The address and the suze are expressed in +#address-cells and #size-cells, respectively of the root node. -- 2.25.1 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.5 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A4AD9C433DF for ; Thu, 18 Jun 2020 07:16:18 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 52DBE21532 for ; Thu, 18 Jun 2020 07:16:18 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="ixHKZ/xQ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 52DBE21532 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 49nYBm04b0zDrCX for ; Thu, 18 Jun 2020 17:16:16 +1000 (AEST) Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.microsoft.com (client-ip=13.77.154.182; helo=linux.microsoft.com; envelope-from=prsriva@linux.microsoft.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: lists.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.a=rsa-sha256 header.s=default header.b=ixHKZ/xQ; dkim-atps=neutral Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lists.ozlabs.org (Postfix) with ESMTP id 49nY4w008jzDrCJ for ; Thu, 18 Jun 2020 17:11:11 +1000 (AEST) Received: from prsriva-linux.hsd1.wa.comcast.net (c-24-19-135-168.hsd1.wa.comcast.net [24.19.135.168]) by linux.microsoft.com (Postfix) with ESMTPSA id 2CB7A20B4783; Thu, 18 Jun 2020 00:11:10 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 2CB7A20B4783 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1592464270; bh=A0GiQILHZ8uuNOX7+rBVoRsb1esS85HaWBTuDqTUAM4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ixHKZ/xQIYNcJIA9BE4KrIbjwT0LdW+G2r+zYBqwNbWNH109H6oJwoZ55KK/1rHMF zDbf30HMELw5TZ3FWiLSdBVIQVNopsycaccVcaHl3PXGOOTza1ZjU7noxo4fAsdRFh sPyrgvlID5Gdj2Adjaje8Sum1mYYaHoWYTjZWerE= From: Prakhar Srivastava To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, devicetree@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer Date: Thu, 18 Jun 2020 00:10:44 -0700 Message-Id: <20200618071045.471131-3-prsriva@linux.microsoft.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200618071045.471131-1-prsriva@linux.microsoft.com> References: <20200618071045.471131-1-prsriva@linux.microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kstewart@linuxfoundation.org, mark.rutland@arm.com, catalin.marinas@arm.com, bhsharma@redhat.com, tao.li@vivo.com, zohar@linux.ibm.com, paulus@samba.org, vincenzo.frascino@arm.com, frowand.list@gmail.com, nramas@linux.microsoft.com, masahiroy@kernel.org, jmorris@namei.org, takahiro.akashi@linaro.org, serge@hallyn.com, pasha.tatashin@soleen.com, will@kernel.org, prsriva@linux.microsoft.com, robh+dt@kernel.org, hsinyi@chromium.org, tusharsu@linux.microsoft.com, tglx@linutronix.de, allison@lohutok.net, christophe.leroy@c-s.fr, mbrugger@suse.com, balajib@linux.microsoft.com, dmitry.kasatkin@gmail.com, james.morse@arm.com, gregkh@linuxfoundation.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" Integrity measurement architecture(IMA) validates if files have been accidentally or maliciously altered, both remotely and locally, appraise a file's measurement against a "good" value stored as an extended attribute, and enforce local file integrity. IMA also measures singatures of kernel and initrd during kexec along with the command line used for kexec. These measurements are critical to verify the seccurity posture of the OS. Resering memory and adding the memory information to a device tree node acts as the mechanism to carry over IMA measurement logs. Update devicetree documentation to reflect the addition of new property under the chosen node. --- Documentation/devicetree/bindings/chosen.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt index 45e79172a646..a15f70c007ef 100644 --- a/Documentation/devicetree/bindings/chosen.txt +++ b/Documentation/devicetree/bindings/chosen.txt @@ -135,3 +135,20 @@ e.g. linux,initrd-end = <0x82800000>; }; }; + +linux,ima-kexec-buffer +---------------------- + +This property(currently used by powerpc, arm64) holds the memory range, +the address and the size, of the IMA measurement logs that are being carried +over to the kexec session. + +/ { + chosen { + linux,ima-kexec-buffer = <0x9 0x82000000 0x0 0x00008000>; + }; +}; + +This porperty does not represent real hardware, but the memory allocated for +carrying the IMA measurement logs. The address and the suze are expressed in +#address-cells and #size-cells, respectively of the root node. -- 2.25.1 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A3BDC433E0 for ; Thu, 18 Jun 2020 07:11:21 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4E54A21924 for ; Thu, 18 Jun 2020 07:11:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="J361gtBo"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="ixHKZ/xQ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4E54A21924 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=yUY6mK+PpgnBFQnKivRUVOXUNvEapQgqNXXxwaWR45Q=; b=J361gtBo6o8YvI pvDWNbAdKV8HYfwStp7Inpq29D+mHVfVABGwgJxp65N+VDtiSlPOl1FKE2Rq1r1cjNQyMyl2+lne0 WwU2KvLDmrkGOCz4Xnu0SFqfXXvpJBaUjQ9SX+Ohs9ON8Mx+eqTOVrd2fhx110zD65AIzZHraLixX nR2JW3w4vlPiD6WeXerHQBMSNLeMp6o0ocEKnSZ8O+FrWGRv0s5EPobb3MPtmO7X7g943MCtBJn+m 2pCUdtX7LlqN/8pQmSAmxXoHiXLmd8oYiBuoFNjfoQGgNxuE8oOrprqbZHlOgeWjF3XteN9C8MOrg h9DjrbpHyX6QTVURkiEA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jlohg-0001vj-85; Thu, 18 Jun 2020 07:11:16 +0000 Received: from linux.microsoft.com ([13.77.154.182]) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jlohc-0001uT-UN for linux-arm-kernel@lists.infradead.org; Thu, 18 Jun 2020 07:11:14 +0000 Received: from prsriva-linux.hsd1.wa.comcast.net (c-24-19-135-168.hsd1.wa.comcast.net [24.19.135.168]) by linux.microsoft.com (Postfix) with ESMTPSA id 2CB7A20B4783; Thu, 18 Jun 2020 00:11:10 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 2CB7A20B4783 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1592464270; bh=A0GiQILHZ8uuNOX7+rBVoRsb1esS85HaWBTuDqTUAM4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ixHKZ/xQIYNcJIA9BE4KrIbjwT0LdW+G2r+zYBqwNbWNH109H6oJwoZ55KK/1rHMF zDbf30HMELw5TZ3FWiLSdBVIQVNopsycaccVcaHl3PXGOOTza1ZjU7noxo4fAsdRFh sPyrgvlID5Gdj2Adjaje8Sum1mYYaHoWYTjZWerE= From: Prakhar Srivastava To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, devicetree@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer Date: Thu, 18 Jun 2020 00:10:44 -0700 Message-Id: <20200618071045.471131-3-prsriva@linux.microsoft.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200618071045.471131-1-prsriva@linux.microsoft.com> References: <20200618071045.471131-1-prsriva@linux.microsoft.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200618_001113_034327_69561B2D X-CRM114-Status: UNSURE ( 8.27 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kstewart@linuxfoundation.org, mark.rutland@arm.com, catalin.marinas@arm.com, bhsharma@redhat.com, tao.li@vivo.com, zohar@linux.ibm.com, paulus@samba.org, vincenzo.frascino@arm.com, frowand.list@gmail.com, nramas@linux.microsoft.com, mpe@ellerman.id.au, masahiroy@kernel.org, jmorris@namei.org, takahiro.akashi@linaro.org, benh@kernel.crashing.org, serge@hallyn.com, pasha.tatashin@soleen.com, will@kernel.org, prsriva@linux.microsoft.com, robh+dt@kernel.org, hsinyi@chromium.org, tusharsu@linux.microsoft.com, tglx@linutronix.de, allison@lohutok.net, christophe.leroy@c-s.fr, mbrugger@suse.com, balajib@linux.microsoft.com, dmitry.kasatkin@gmail.com, james.morse@arm.com, gregkh@linuxfoundation.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org Integrity measurement architecture(IMA) validates if files have been accidentally or maliciously altered, both remotely and locally, appraise a file's measurement against a "good" value stored as an extended attribute, and enforce local file integrity. IMA also measures singatures of kernel and initrd during kexec along with the command line used for kexec. These measurements are critical to verify the seccurity posture of the OS. Resering memory and adding the memory information to a device tree node acts as the mechanism to carry over IMA measurement logs. Update devicetree documentation to reflect the addition of new property under the chosen node. --- Documentation/devicetree/bindings/chosen.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt index 45e79172a646..a15f70c007ef 100644 --- a/Documentation/devicetree/bindings/chosen.txt +++ b/Documentation/devicetree/bindings/chosen.txt @@ -135,3 +135,20 @@ e.g. linux,initrd-end = <0x82800000>; }; }; + +linux,ima-kexec-buffer +---------------------- + +This property(currently used by powerpc, arm64) holds the memory range, +the address and the size, of the IMA measurement logs that are being carried +over to the kexec session. + +/ { + chosen { + linux,ima-kexec-buffer = <0x9 0x82000000 0x0 0x00008000>; + }; +}; + +This porperty does not represent real hardware, but the memory allocated for +carrying the IMA measurement logs. The address and the suze are expressed in +#address-cells and #size-cells, respectively of the root node. -- 2.25.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel