On Fri, Nov 7, 2025 at 8:30 AM Andrew Morton akpm@linux-foundation.org wrote:
The quilt patch titled Subject: kernel/kexec: fix IMA when allocation happens in CMA area has been removed from the -mm tree. Its filename was kernel-kexec-fix-ima-when-allocation-happens-in-cma-area.patch
This patch was dropped because an updated version will be issued
From: Pingfan Liu piliu@redhat.com Subject: kernel/kexec: fix IMA when allocation happens in CMA area Date: Wed, 5 Nov 2025 21:09:22 +0800
When I tested kexec with the latest kernel, I ran into the following warning:
[ 40.712410] ------------[ cut here ]------------ [ 40.712576] WARNING: CPU: 2 PID: 1562 at kernel/kexec_core.c:1001 kimage_map_segment+0x144/0x198 [...] [ 40.816047] Call trace: [ 40.818498] kimage_map_segment+0x144/0x198 (P) [ 40.823221] ima_kexec_post_load+0x58/0xc0 [ 40.827246] __do_sys_kexec_file_load+0x29c/0x368 [...] [ 40.855423] ---[ end trace 0000000000000000 ]---
This is caused by the fact that kexec allocates the destination directly in the CMA area. In that case, the CMA kernel address should be exported directly to the IMA component, instead of using the vmalloc'd address.
Link: https://lkml.kernel.org/r/20251105130922.13321-2-piliu@redhat.com Fixes: 0091d9241ea2 ("kexec: define functions to map and unmap segments") Signed-off-by: Pingfan Liu piliu@redhat.com Cc: Baoquan He bhe@redhat.com Cc: Mimi Zohar zohar@linux.ibm.com Cc: Roberto Sassu roberto.sassu@huawei.com Cc: Alexander Graf graf@amazon.com Cc: Steven Chen chenste@linux.microsoft.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org
kernel/kexec_core.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)
--- a/kernel/kexec_core.c~kernel-kexec-fix-ima-when-allocation-happens-in-cma-area +++ a/kernel/kexec_core.c @@ -967,6 +967,7 @@ void *kimage_map_segment(struct kimage * kimage_entry_t *ptr, entry; struct page **src_pages; unsigned int npages;
struct page *cma; void *vaddr = NULL; int i;@@ -974,6 +975,9 @@ void *kimage_map_segment(struct kimage * size = image->segment[idx].memsz; eaddr = addr + size;
cma = image->segment_cma[idx];if (cma)return cma;
It should be " return page_address(cma);" as [PATCHv2 2/2] kernel/kexec: Fix IMA when allocation happens in CMA area (https://lore.kernel.org/all/20251106065904.10772-2-piliu@redhat.com/ )
Thanks,
Pingfan