Re: [PATCH v14 2/6] powerpc: Move arch independent ima kexec functions to drivers/of/kexec.c

[Thiago Jung Bauermann]

Lakshmi Ramasubramanian  writes:

> The functions defined in "arch/powerpc/kexec/ima.c" handle setting up
> and freeing the resources required to carry over the IMA measurement
> list from the current kernel to the next kernel across kexec system call.
> These functions do not have architecture specific code, but are
> currently limited to powerpc.
>
> Move setup_ima_buffer() call into of_kexec_setup_new_fdt() defined in
> "drivers/of/kexec.c".
>
> Move the remaining architecture independent functions from
> "arch/powerpc/kexec/ima.c" to "drivers/of/kexec.c".
> Delete "arch/powerpc/kexec/ima.c" and "arch/powerpc/include/asm/ima.h".
> Remove references to the deleted files in powerpc and in ima.
>
> Co-developed-by: Prakhar Srivastava 
> Signed-off-by: Prakhar Srivastava 
> Signed-off-by: Lakshmi Ramasubramanian 
> ---
>  arch/powerpc/Kconfig   |   2 +-
>  arch/powerpc/include/asm/ima.h |  27 
>  arch/powerpc/kexec/Makefile|   7 -
>  arch/powerpc/kexec/file_load.c |   7 -
>  arch/powerpc/kexec/ima.c   | 202 
>  drivers/of/kexec.c | 240 +
>  include/linux/of.h |   2 +
>  security/integrity/ima/ima.h   |   4 -
>  security/integrity/ima/ima_kexec.c |   1 +
>  9 files changed, 244 insertions(+), 248 deletions(-)
>  delete mode 100644 arch/powerpc/include/asm/ima.h
>  delete mode 100644 arch/powerpc/kexec/ima.c

Reviewed-by: Thiago Jung Bauermann 

-- 
Thiago Jung Bauermann
IBM Linux Technology Center

[PATCH v14 2/6] powerpc: Move arch independent ima kexec functions to drivers/of/kexec.c

[Lakshmi Ramasubramanian]

The functions defined in "arch/powerpc/kexec/ima.c" handle setting up
and freeing the resources required to carry over the IMA measurement
list from the current kernel to the next kernel across kexec system call.
These functions do not have architecture specific code, but are
currently limited to powerpc.

Move setup_ima_buffer() call into of_kexec_setup_new_fdt() defined in
"drivers/of/kexec.c".

Move the remaining architecture independent functions from
"arch/powerpc/kexec/ima.c" to "drivers/of/kexec.c".
Delete "arch/powerpc/kexec/ima.c" and "arch/powerpc/include/asm/ima.h".
Remove references to the deleted files in powerpc and in ima.

Co-developed-by: Prakhar Srivastava 
Signed-off-by: Prakhar Srivastava 
Signed-off-by: Lakshmi Ramasubramanian 
---
 arch/powerpc/Kconfig   |   2 +-
 arch/powerpc/include/asm/ima.h |  27 
 arch/powerpc/kexec/Makefile|   7 -
 arch/powerpc/kexec/file_load.c |   7 -
 arch/powerpc/kexec/ima.c   | 202 
 drivers/of/kexec.c | 240 +
 include/linux/of.h |   2 +
 security/integrity/ima/ima.h   |   4 -
 security/integrity/ima/ima_kexec.c |   1 +
 9 files changed, 244 insertions(+), 248 deletions(-)
 delete mode 100644 arch/powerpc/include/asm/ima.h
 delete mode 100644 arch/powerpc/kexec/ima.c

diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 5181872f9452..7fce3034e44a 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -549,7 +549,7 @@ config KEXEC
 config KEXEC_FILE
bool "kexec file based system call"
select KEXEC_CORE
-   select HAVE_IMA_KEXEC
+   select HAVE_IMA_KEXEC if IMA
select BUILD_BIN2C
select KEXEC_ELF
depends on PPC64
diff --git a/arch/powerpc/include/asm/ima.h b/arch/powerpc/include/asm/ima.h
deleted file mode 100644
index 51f64fd06c19..
--- a/arch/powerpc/include/asm/ima.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0 */
-#ifndef _ASM_POWERPC_IMA_H
-#define _ASM_POWERPC_IMA_H
-
-struct kimage;
-
-int ima_get_kexec_buffer(void **addr, size_t *size);
-int ima_free_kexec_buffer(void);
-
-#ifdef CONFIG_IMA
-void remove_ima_buffer(void *fdt, int chosen_node);
-#else
-static inline void remove_ima_buffer(void *fdt, int chosen_node) {}
-#endif
-
-#ifdef CONFIG_IMA_KEXEC
-int setup_ima_buffer(const struct kimage *image, void *fdt, int chosen_node);
-#else
-static inline int setup_ima_buffer(const struct kimage *image, void *fdt,
-  int chosen_node)
-{
-   remove_ima_buffer(fdt, chosen_node);
-   return 0;
-}
-#endif /* CONFIG_IMA_KEXEC */
-
-#endif /* _ASM_POWERPC_IMA_H */
diff --git a/arch/powerpc/kexec/Makefile b/arch/powerpc/kexec/Makefile
index 4aff6846c772..b6c52608cb49 100644
--- a/arch/powerpc/kexec/Makefile
+++ b/arch/powerpc/kexec/Makefile
@@ -9,13 +9,6 @@ obj-$(CONFIG_PPC32)+= relocate_32.o
 
 obj-$(CONFIG_KEXEC_FILE)   += file_load.o ranges.o file_load_$(BITS).o 
elf_$(BITS).o
 
-ifdef CONFIG_HAVE_IMA_KEXEC
-ifdef CONFIG_IMA
-obj-y  += ima.o
-endif
-endif
-
-
 # Disable GCOV, KCOV & sanitizers in odd or sensitive code
 GCOV_PROFILE_core_$(BITS).o := n
 KCOV_INSTRUMENT_core_$(BITS).o := n
diff --git a/arch/powerpc/kexec/file_load.c b/arch/powerpc/kexec/file_load.c
index 956bcb2d1ec2..9f3ec0b239ef 100644
--- a/arch/powerpc/kexec/file_load.c
+++ b/arch/powerpc/kexec/file_load.c
@@ -20,7 +20,6 @@
 #include 
 #include 
 #include 
-#include 
 
 #define SLAVE_CODE_SIZE256 /* First 0x100 bytes */
 
@@ -163,12 +162,6 @@ int setup_new_fdt(const struct kimage *image, void *fdt,
if (ret)
goto err;
 
-   ret = setup_ima_buffer(image, fdt, fdt_path_offset(fdt, "/chosen"));
-   if (ret) {
-   pr_err("Error setting up the new device tree.\n");
-   return ret;
-   }
-
return 0;
 
 err:
diff --git a/arch/powerpc/kexec/ima.c b/arch/powerpc/kexec/ima.c
deleted file mode 100644
index 7378d59c0c1e..
--- a/arch/powerpc/kexec/ima.c
+++ /dev/null
@@ -1,202 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-/*
- * Copyright (C) 2016 IBM Corporation
- *
- * Authors:
- * Thiago Jung Bauermann 
- */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-
-static int get_addr_size_cells(int *addr_cells, int *size_cells)
-{
-   struct device_node *root;
-
-   root = of_find_node_by_path("/");
-   if (!root)
-   return -EINVAL;
-
-   *addr_cells = of_n_addr_cells(root);
-   *size_cells = of_n_size_cells(root);
-
-   of_node_put(root);
-
-   return 0;
-}
-
-static int do_get_kexec_buffer(const void *prop, int len, unsigned long *addr,
-  size_t *size)
-{
-   int ret, addr_cells, size_cells;
-
-   ret = get_addr_size_cells(_cells, _cells);
-   if (ret)
-   return ret;
-
-   if (len < 4 *