On Thu, 2019-06-13 at 16:26 +0800, Dave Young wrote: > On 06/12/19 at 06:31pm, Mimi Zohar wrote: > > [Cc: kexec mailing list] > > > > Hi Eric, Dave, > > > > On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote: > > > During soft reboot(kexec_file_load) boot cmdline args > > > are not measured.Thus the new kernel on load boots with > > > an assumption of cold reboot. > > > > > > This patch makes a call to the ima hook ima_kexec_cmdline, > > > added in "Define a new IMA hook to measure the boot command > > > line arguments" > > > to measure the boot cmdline args into the ima log. > > > > > > - call ima_kexec_cmdline from kexec_file_load. > > > - move the call ima_add_kexec_buffer after the cmdline > > > args have been measured. > > > > > > Signed-off-by: Prakhar Srivastava <prsriva02@xxxxxxxxx> > > Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> > > Cc: Dave Young <dyoung@xxxxxxxxxx> > > > > Any chance we could get some Acks? > > The ima_* is blackbox functions to me, looks like this patch is trying > to measure kexec cmdline buffer and save in some ima logs and then add all the > measure results including those for kernel/initrd to a kexec_buf and pass to 2nd Right, including the new boot command line measurement. > kernel. > > It should be good and only take effect when IMA enabled. If all the > assumptions are right: > > Acked-by: Dave Young <dyoung@xxxxxxxxxx> Thanks, Dave.
