[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load
zohar at linux.ibm.com
Thu Jun 13 20:48:18 UTC 2019
On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote:
> The kexec cmdline hash is stored in the "d-ng" field of the template data.
> and can be verified using
> sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements |
> grep kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum
This information should also be included in one of the patches.
More information about the Linux-security-module-archive