Re: [PATCH v5 5/8] ima: kexec: move IMA log copy from kexec load to execute

On Wed, 14 Feb 2024 07:38:24 -0800 Tushar Sugandhi wrote: > ima_dump_measurement_list() is called during kexec 'load', which may > result in loss of IMA measurements during kexec soft reboot. It needs > to be called during kexec 'execute'. > > This patch includes the following changes: > - Cal

Re: [PATCH] fs/proc: fix softlockup in __read_vmcore

Hi, On 05/07/24 at 09:18am, Rik van Riel wrote: > While taking a kernel core dump with makedumpfile on a larger system, > softlockup messages often appear. > > While softlockup warnings can be harmless, they can also interfere > with things like RCU freeing memory, which can be problematic when >

Re: [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers

On Wed, 8 May 2024 10:11:35 -0700 Kees Cook wrote: > > Split this per subsystem, please. > > I've done a few painful API transitions before, and I don't think the > complexity of these changes needs a per-subsystem constification pass. I > think this series is the right approach, but that patch

Re: [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers

On Wed, Apr 24, 2024 at 08:12:34PM -0700, Jakub Kicinski wrote: > On Tue, 23 Apr 2024 09:54:35 +0200 Thomas Weißschuh wrote: > > The series was split from my larger series sysctl-const series [0]. > > It only focusses on the proc_handlers but is an important step to be > > able to move all static d

Re: [PATCHv10 10/18] x86/tdx: Convert shared memory back to private on kexec

On Wed, May 08, 2024 at 02:04:22PM +0200, Borislav Petkov wrote: > On Mon, May 06, 2024 at 06:37:19PM +0300, Kirill A. Shutemov wrote: > > "second kernel" is nomenclature kexec folks are using, but okay. > > And the "third kernel" is the one which got kexec-ed the second time? > > You can make it

Re: [PATCHv10 13/18] x86/acpi: Rename fields in acpi_madt_multiproc_wakeup structure

On Tue, Apr 09, 2024 at 02:30:05PM +0300, Kirill A. Shutemov wrote: > To prepare for the addition of support for MADT wakeup structure version "In order to support... " > 1, it is necessary to provide more appropriate names for the fields in > the structure. > > The field 'mailbox_version' renam

Re: [PATCHv10 11/18] x86/mm: Make e820_end_ram_pfn() cover E820_TYPE_ACPI ranges

On Tue, Apr 09, 2024 at 02:30:03PM +0300, Kirill A. Shutemov wrote: > Subject: Re: [PATCHv10 11/18] x86/mm: Make e820_end_ram_pfn() cover > E820_TYPE_ACPI ranges ^^^ e820__end_of_ram_pfn() > e820__end_of_ram_pfn() is used to calculate max_pfn w

Re: [PATCHv10 10/18] x86/tdx: Convert shared memory back to private on kexec

On Mon, May 06, 2024 at 06:37:19PM +0300, Kirill A. Shutemov wrote: > "second kernel" is nomenclature kexec folks are using, but okay. And the "third kernel" is the one which got kexec-ed the second time? You can make it: "The second, kexec-ed kernel" and then it is perfectly clear. > > > + /* >

Re: [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers

On Fri, May 03, 2024 at 04:09:40PM +0200, Thomas Weißschuh wrote: > Hey Joel, > ... > > # Motivation > > As I read it, the motivation for these constification efforts are: > > 1. It provides increased safety: Having things in .rodata section reduces > > the > >attack surface. This is especial

Re: [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers

Kees Could you comment on the feasibility of this alternative from the Control Flow Integrity perspective. My proposal is to change the proc_handler to void* and back in the same release. So there would not be a kernel released with a void* proc_handler. > > However, there is an alternative way t