IMA: Define a new hook to measure the kexec boot command line arguments
Currently during soft reboot(kexec_file_load) boot command line arguments are not measured. Define hooks needed to measure kexec command line arguments during soft reboot(kexec_file_load). - A new ima hook ima_kexec_cmdline is defined to be called by the kexec code. - A new function process_buffer_measurement is defined to measure the buffer hash into the IMA measurement list. - A new func policy KEXEC_CMDLINE is defined to control the measurement. Signed-off-by:Prakhar Srivastava <prsriva02@gmail.com> Signed-off-by:
Mimi Zohar <zohar@linux.ibm.com>
Showing
- Documentation/ABI/testing/ima_policy 1 addition, 0 deletionsDocumentation/ABI/testing/ima_policy
- include/linux/ima.h 2 additions, 0 deletionsinclude/linux/ima.h
- security/integrity/ima/ima.h 1 addition, 0 deletionssecurity/integrity/ima/ima.h
- security/integrity/ima/ima_api.c 1 addition, 0 deletionssecurity/integrity/ima/ima_api.c
- security/integrity/ima/ima_main.c 72 additions, 0 deletionssecurity/integrity/ima/ima_main.c
- security/integrity/ima/ima_policy.c 7 additions, 0 deletionssecurity/integrity/ima/ima_policy.c
Loading
Please register or sign in to comment