On Wed, 2026-04-29 at 18:03 +0200, Roberto Sassu wrote: > From: Roberto Sassu <[email protected]> > > Refuse to delete staged or active list measurements, if a kexec racing with > the deletion already copied those measurements in the kexec buffer. In this > way, user space becomes aware that those measurements are going to appear > in the secondary kernel, and thus they don't have to be saved twice.
There are two reboot notifiers: one to prevent additional measurements extending the TPM, while the other copies the measurements for kexec. This patch prevents deleting the staged measurements after the latter notifier. Instead of introducing a specific method for detecting whether the measurement list has been copied, rely on one of the two existing reboot notifiers. The simplest method would test "ima_measurements_suspended", which would prevent deleting the staged measurements a bit earlier. Mimi
