stuartl/linux-mainline
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux synced 2025-10-08 15:25:43 +10:00
Code Issues Releases Wiki Activity

kexec: clean up arch_kexec_kernel_verify_sig

Browse Source 
Before commit 105e10e2cf1c ("kexec_file: drop weak attribute from
functions"), there was already no arch-specific implementation
of arch_kexec_kernel_verify_sig. With weak attribute dropped by that
commit, arch_kexec_kernel_verify_sig is completely useless. So clean it
up.

Note later patches are dependent on this patch so it should be backported
to the stable tree as well.

Cc: stable@vger.kernel.org
Suggested-by: Eric W. Biederman <ebiederm@xmission.com>
Reviewed-by: Michal Suchanek <msuchanek@suse.de>
Acked-by: Baoquan He <bhe@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
[zohar@linux.ibm.com: reworded patch description "Note"]
Link: https://lore.kernel.org/linux-integrity/20220714134027.394370-1-coxu@redhat.com/
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Coiby Xu 2022-07-14 21:40:24 +08:00 committed by Mimi Zohar
parent 0738eceb62
commit 689a71493b
2 changed files with 13 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
include/linux/kexec.h
View File

@ -212,11 +212,6 @@ static inline void *arch_kexec_kernel_image_load(struct kimage *image)
} }
#endif #endif
#ifdef CONFIG_KEXEC_SIG
int arch_kexec_kernel_verify_sig(struct kimage *image, void *buf,
unsigned long buf_len);
#endif
extern int kexec_add_buffer(struct kexec_buf *kbuf); extern int kexec_add_buffer(struct kexec_buf *kbuf);
int kexec_locate_mem_hole(struct kexec_buf *kbuf); int kexec_locate_mem_hole(struct kexec_buf *kbuf);

31
kernel/kexec_file.c
View File

@ -81,24 +81,6 @@ int kexec_image_post_load_cleanup_default(struct kimage *image)
return image->fops->cleanup(image->image_loader_data); return image->fops->cleanup(image->image_loader_data);
} }
#ifdef CONFIG_KEXEC_SIG
static int kexec_image_verify_sig_default(struct kimage *image, void *buf,
unsigned long buf_len)
{
if (!image->fops || !image->fops->verify_sig) {
pr_debug("kernel loader does not support signature verification.\n");
return -EKEYREJECTED;
}
return image->fops->verify_sig(buf, buf_len);
}
int arch_kexec_kernel_verify_sig(struct kimage *image, void *buf, unsigned long buf_len)
{
return kexec_image_verify_sig_default(image, buf, buf_len);
}
#endif
/* /*
* Free up memory used by kernel, initrd, and command line. This is temporary * Free up memory used by kernel, initrd, and command line. This is temporary
* memory allocation which is not needed any more after these buffers have * memory allocation which is not needed any more after these buffers have
@ -141,12 +123,23 @@ void kimage_file_post_load_cleanup(struct kimage *image)
} }
#ifdef CONFIG_KEXEC_SIG #ifdef CONFIG_KEXEC_SIG
static int kexec_image_verify_sig(struct kimage *image, void *buf,
unsigned long buf_len)
{
if (!image->fops || !image->fops->verify_sig) {
pr_debug("kernel loader does not support signature verification.\n");
return -EKEYREJECTED;
}
return image->fops->verify_sig(buf, buf_len);
}
static int static int
kimage_validate_signature(struct kimage *image) kimage_validate_signature(struct kimage *image)
{ {
int ret; int ret;
ret = arch_kexec_kernel_verify_sig(image, image->kernel_buf, ret = kexec_image_verify_sig(image, image->kernel_buf,
image->kernel_buf_len); image->kernel_buf_len);
if (ret) { if (ret) {