[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load

Mimi Zohar zohar at linux.ibm.com
Thu Jun 13 20:48:18 UTC 2019

On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote:

> The kexec cmdline hash is stored in the "d-ng" field of the template data.
> and can be verified using
> sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements | 
>   grep  kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum

This information should also be included in one of the patches.


More information about the Linux-security-module-archive mailing list