IMA-appraisal is mostly being used in the embedded or single purpose closed system environments. In these environments, both the Kconfig options and the userspace tools can be modified appropriately to limit syscalls. For stock kernels, userspace applications need to continue to work with older kernels as well as with newer kernels. In this environment, the customer needs the ability to define a system wide IMA runtime policy, such as requiring all kexec'ed images (or firmware) to be signed, without being dependent on either the Kconfig options or the userspace tools. This patch set allows the customer to define a policy which requires kexec'ed kernels to be signed. Mimi Zohar (3): ima: based on the "secure_boot" policy limit syscalls kexec: call LSM hook for kexec_load syscall ima: based on policy require signed kexec kernel images include/linux/security.h | 6 ++++++ kernel/kexec.c | 11 +++++++++++ security/integrity/ima/ima.h | 1 + security/integrity/ima/ima_main.c | 9 +++++++++ security/integrity/ima/ima_policy.c | 27 ++++++++++++++++++++------- security/security.c | 6 ++++++ 6 files changed, 53 insertions(+), 7 deletions(-) -- 2.7.5
