lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Sep 2013 15:40:09 -0700 From: Greg KH <greg@...ah.com> To: Vivek Goyal <vgoyal@...hat.com> Cc: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, kexec@...ts.infradead.org, akpm@...ux-foundation.org, zohar@...ux.vnet.ibm.com, d.kasatkin@...sung.com, ebiederm@...ssion.com, hpa@...or.com, matthew.garrett@...ula.com Subject: Re: [PATCH 14/16] kexec: Export sysfs attributes for secureboot and secure modules to user space On Tue, Sep 10, 2013 at 05:44:29PM -0400, Vivek Goyal wrote: > User space kexec-tools need to know whether to verify signature of kernel > image being loaded. This patch exports two knobs to user space. One is > for knowing if secureboot is enabled, this knob will be set to 1 if secure > boot is enabled. Other knob is secure_module_enabled. This knob will be set > to 1 if secure modules is one. > > kexec-tools will verify signature of kernel image if either secureboot is > enabled or secure modules is enabled. The only difference between two is > that kexec-tools will set secureboot on in bootparams being passed to > second kernel if secureboot is on in first kernel. > > Signed-off-by: Vivek Goyal <vgoyal@...hat.com> > --- > kernel/ksysfs.c | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) Minor nit, if you add/modify/delete sysfs files, you also have to update Documentation/ABI/ with the information about those files. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists