sefltest/ima: support appended signatures (modsig) - kernel/linux.git

diff options

author	Mimi Zohar <zohar@linux.ibm.com>	2019-08-25 16:58:16 +0300
committer	Mimi Zohar <zohar@linux.ibm.com>	2019-08-29 19:45:30 +0300
commit	cbc0425d3dd370a6f0bf23589dc7b6955a53a9ce (patch)
tree	0d3fe5ed0859d442d225a26f6b25550f86f2c686 /security
parent	556d971bdae643de4cd7e2976e14f70ca2a3061d (diff)
download	linux-cbc0425d3dd370a6f0bf23589dc7b6955a53a9ce.tar.xz

sefltest/ima: support appended signatures (modsig)

In addition to the PE/COFF and IMA xattr signatures, the kexec kernel image can be signed with an appended signature, using the same scripts/sign-file tool that is used to sign kernel modules. This patch adds support for detecting a kernel image signed with an appended signature and updates the existing test messages appropriately. Reviewed-by: Petr Vorel <pvorel@suse.cz> Acked-by: Shuah Khan <skhan@linuxfoundation.org> Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Reviewed-by: Jordan Hand <jorhand@linux.microsoft.com> (x86_64 QEMU) Tested-by: Jordan Hand <jorhand@linux.microsoft.com> (x86_64 QEMU) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Diffstat (limited to 'security')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: