From: Mimi Zohar <zohar@linux.ibm.com>
To: Prakhar Srivastava <prsriva02@gmail.com>,
linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: roberto.sassu@huawei.com, vgoyal@redhat.com
Subject: Re: [PATCH V10 1/3] IMA: Define a new hook to measure the kexec boot command line arguments
Date: Mon, 24 Jun 2019 08:39:27 -0400 [thread overview]
Message-ID: <1561379967.4340.3.camel@linux.ibm.com> (raw)
In-Reply-To: <20190624062331.388-2-prsriva02@gmail.com>
Hi Prakhar,
On Sun, 2019-06-23 at 23:23 -0700, Prakhar Srivastava wrote:
> Currently during soft reboot(kexec_file_load) boot command line
> arguments are not measured. Define hooks needed to measure kexec
> command line arguments during soft reboot(kexec_file_load).
>
> - A new ima hook ima_kexec_cmdline is defined to be called by the
> kexec code.
> - A new function process_buffer_measurement is defined to measure
> the buffer hash into the IMA measurement list.
> - A new func policy KEXEC_CMDLINE is defined to control the
> measurement.[Suggested by Mimi]
>
> Signed-off-by: Prakhar Srivastava <prsriva02@gmail.com>
Thanks! This patch set is now queued in the next-queued-testing
branch for any last minute comments or Reviews/Acks, before being
staged in the next-integrity branch.
Mimi
next prev parent reply other threads:[~2019-06-24 12:39 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-24 6:23 [PATCH V10 0/3] Add support for measuring the boot command line during kexec_file_load Prakhar Srivastava
2019-06-24 6:23 ` [PATCH V10 1/3] IMA: Define a new hook to measure the kexec boot command line arguments Prakhar Srivastava
2019-06-24 12:39 ` Mimi Zohar [this message]
2019-06-24 6:23 ` [PATCH V10 2/3] IMA: Define a new template field buf Prakhar Srivastava
2019-06-24 22:03 ` Thiago Jung Bauermann
2019-06-27 15:08 ` Mimi Zohar
2019-06-27 23:27 ` Thiago Jung Bauermann
2019-06-24 6:23 ` [PATCH V10 3/3] KEXEC: Call ima_kexec_cmdline to measure the boot command line args Prakhar Srivastava
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1561379967.4340.3.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=prsriva02@gmail.com \
--cc=roberto.sassu@huawei.com \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.