On Fri, Jul 13, 2018 at 11:05 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > In order for LSMs and IMA-appraisal to differentiate between kexec_load > and kexec_file_load syscalls, both the original and new syscalls must > call an LSM hook. This patch adds a call to security_kernel_load_data() > in the original kexec_load syscall. > > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> > Cc: Eric Biederman <ebiederm@xxxxxxxxxxxx> > Cc: Kees Cook <keescook@xxxxxxxxxxxx> > Acked-by: Serge Hallyn <serge@xxxxxxxxxx> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> -Kees -- Kees Cook Pixel Security _______________________________________________ kexec mailing list kexec@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/kexec
