diff options
author | Mimi Zohar <zohar@linux.ibm.com> | 2018-11-14 20:30:19 +0300 |
---|---|---|
committer | Mimi Zohar <zohar@linux.ibm.com> | 2018-12-11 15:19:47 +0300 |
commit | a802ed0dd9c2607cc219574e881062d43ea3b7e0 (patch) | |
tree | bae0e40409b10571fb51eeb623799db68de0b419 /security/integrity | |
parent | 060190fbe676268a04a80d5f4b426fc3db9c2401 (diff) | |
download | linux-a802ed0dd9c2607cc219574e881062d43ea3b7e0.tar.xz |
selftests/ima: kexec_load syscall test
The kernel CONFIG_KEXEC_VERIFY_SIG option is limited to verifying a
kernel image's signature, when loaded via the kexec_file_load syscall.
There is no method for verifying a kernel image's signature loaded
via the kexec_load syscall.
This test verifies loading the kernel image via the kexec_load syscall
fails when the kernel CONFIG_KEXEC_VERIFY_SIG option is enabled on
systems with secureboot enabled[1].
[1] Detecting secureboot enabled is architecture specific.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity')
0 files changed, 0 insertions, 0 deletions