[PATCH V10 1/3] IMA: Define a new hook to measure the kexec boot command line arguments
Mimi Zohar
zohar at linux.ibm.com
Mon Jun 24 12:39:27 UTC 2019
Hi Prakhar,
On Sun, 2019-06-23 at 23:23 -0700, Prakhar Srivastava wrote:
> Currently during soft reboot(kexec_file_load) boot command line
> arguments are not measured. Define hooks needed to measure kexec
> command line arguments during soft reboot(kexec_file_load).
>
> - A new ima hook ima_kexec_cmdline is defined to be called by the
> kexec code.
> - A new function process_buffer_measurement is defined to measure
> the buffer hash into the IMA measurement list.
> - A new func policy KEXEC_CMDLINE is defined to control the
> measurement.[Suggested by Mimi]
>
> Signed-off-by: Prakhar Srivastava <prsriva02 at gmail.com>
Thanks! This patch set is now queued in the next-queued-testing
branch for any last minute comments or Reviews/Acks, before being
staged in the next-integrity branch.
Mimi
More information about the Linux-security-module-archive
mailing list