Re: [PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments

[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load · Prakhar Srivastava <hidden> · 2019-06-13
[PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args · Prakhar Srivastava <hidden> · 2019-06-13
Re: [PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-13
Re: [PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args · Dave Young <hidden> · 2019-06-13
Re: [PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-13
Re: [PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args · James Morris <jmorris@namei.org> · 2019-06-13
Re: [PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-13
[PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments · Prakhar Srivastava <hidden> · 2019-06-13
Re: [PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments · James Morris <jmorris@namei.org> · 2019-06-13
Re: [PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-13
Re: [PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments · prakhar srivastava <hidden> · 2019-06-14
[PATCH V8 2/3] Define a new ima template field buf · Prakhar Srivastava <hidden> · 2019-06-13
Re: [PATCH V8 2/3] Define a new ima template field buf · James Morris <jmorris@namei.org> · 2019-06-13
Re: [PATCH V8 2/3] Define a new ima template field buf · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-13
Re: [PATCH V8 2/3] Define a new ima template field buf · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-14
Re: [PATCH V8 2/3] Define a new ima template field buf · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-14
Re: [PATCH V8 2/3] Define a new ima template field buf · prakhar srivastava <hidden> · 2019-06-14
Re: [PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-13
Re: [PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load · prakhar srivastava <hidden> · 2019-06-14

From: James Morris <jmorris@namei.org>
Date: 2019-06-13 19:11:14
Also in: linux-security-module, lkml

On Wed, 12 Jun 2019, Prakhar Srivastava wrote:

This patch adds support in ima to measure kexec cmdline args
during soft reboot(kexec_file_load).

- A new ima hook ima_kexec_cmdline is defined to be called by the
kexec code.
- A new function process_buffer_measurement is defined to measure
the buffer hash into the ima log.
- A new func policy KEXEC_CMDLINE is defined to control the
 measurement.[Suggested by Mimi]

Signed-off-by: Prakhar Srivastava <redacted>

+	struct integrity_iint_cache tmp_iint, *iint = &tmp_iint;
+	struct ima_event_data event_data = {.iint = iint };

Minor nit: looks like this could be simplified to:

	struct integrity_iint_cache iint = {};
	struct ima_event_data event_data = {.iint = &iint };

which also saves the later memset. 'hash' can also be initialized with '= 
{}'.


-- 
James Morris
[off-list ref]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help