selftests/ima: kexec_load syscall test - openslx/kernel-qcow2-linux.git

diff options

author	Mimi Zohar	2018-11-14 18:30:19 +0100
committer	Mimi Zohar	2018-12-11 13:19:47 +0100
commit	a802ed0dd9c2607cc219574e881062d43ea3b7e0 (patch)
tree	bae0e40409b10571fb51eeb623799db68de0b419 /security/integrity/digsig.c
parent	ima: don't measure/appraise files on efivarfs (diff)
download	kernel-qcow2-linux-a802ed0dd9c2607cc219574e881062d43ea3b7e0.tar.gz kernel-qcow2-linux-a802ed0dd9c2607cc219574e881062d43ea3b7e0.tar.xz kernel-qcow2-linux-a802ed0dd9c2607cc219574e881062d43ea3b7e0.zip

selftests/ima: kexec_load syscall test

The kernel CONFIG_KEXEC_VERIFY_SIG option is limited to verifying a kernel image's signature, when loaded via the kexec_file_load syscall. There is no method for verifying a kernel image's signature loaded via the kexec_load syscall. This test verifies loading the kernel image via the kexec_load syscall fails when the kernel CONFIG_KEXEC_VERIFY_SIG option is enabled on systems with secureboot enabled[1]. [1] Detecting secureboot enabled is architecture specific. Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Diffstat (limited to 'security/integrity/digsig.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: