[PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args
James Morris
jmorris at namei.org
Thu Jun 13 19:16:59 UTC 2019
On Wed, 12 Jun 2019, Prakhar Srivastava wrote:
> During soft reboot(kexec_file_load) boot cmdline args
> are not measured.Thus the new kernel on load boots with
> an assumption of cold reboot.
>
> This patch makes a call to the ima hook ima_kexec_cmdline,
> added in "Define a new IMA hook to measure the boot command
> line arguments"
> to measure the boot cmdline args into the ima log.
>
> - call ima_kexec_cmdline from kexec_file_load.
> - move the call ima_add_kexec_buffer after the cmdline
> args have been measured.
>
> Signed-off-by: Prakhar Srivastava <prsriva02 at gmail.com>
> ---
> kernel/kexec_file.c | 9 ++++++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
Reviewed-by: James Morris <jamorris at linux.microsoft.com>
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list