sefltest/ima: support appended signatures (modsig) - linux-dev - Linux kernel development work

diff options

author	Mimi Zohar <zohar@linux.ibm.com>	2019-08-25 09:58:16 -0400
committer	Mimi Zohar <zohar@linux.ibm.com>	2019-08-29 12:45:30 -0400
commit	cbc0425d3dd370a6f0bf23589dc7b6955a53a9ce (patch)
tree	0d3fe5ed0859d442d225a26f6b25550f86f2c686 /security/integrity
parent	ima: Fix use after free in ima_read_modsig() (diff)
download	linux-dev-cbc0425d3dd370a6f0bf23589dc7b6955a53a9ce.tar.xz linux-dev-cbc0425d3dd370a6f0bf23589dc7b6955a53a9ce.zip

sefltest/ima: support appended signatures (modsig)

In addition to the PE/COFF and IMA xattr signatures, the kexec kernel image can be signed with an appended signature, using the same scripts/sign-file tool that is used to sign kernel modules. This patch adds support for detecting a kernel image signed with an appended signature and updates the existing test messages appropriately. Reviewed-by: Petr Vorel <pvorel@suse.cz> Acked-by: Shuah Khan <skhan@linuxfoundation.org> Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Reviewed-by: Jordan Hand <jorhand@linux.microsoft.com> (x86_64 QEMU) Tested-by: Jordan Hand <jorhand@linux.microsoft.com> (x86_64 QEMU) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Diffstat (limited to 'security/integrity')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: