[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load
prakhar srivastava
prsriva02 at gmail.com
Fri Jun 14 17:39:12 UTC 2019
On Thu, Jun 13, 2019 at 1:48 PM Mimi Zohar <zohar at linux.ibm.com> wrote:
>
> On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote:
>
> > The kexec cmdline hash is stored in the "d-ng" field of the template data.
> > and can be verified using
> > sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements |
> > grep kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum
>
> This information should also be included in one of the patches.
>
Noted.
I will add this to the 2/3 patch, since that the one that adds the template.
- Thanks,
Prakhar Srivastava
> Mimi
>
More information about the Linux-security-module-archive
mailing list