| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LRH.2.21.1906140501300.14107@namei.org>
Date: Fri, 14 Jun 2019 05:10:48 +1000 (AEST)
From: James Morris <jmorris@...ei.org>
To: Prakhar Srivastava <prsriva02@...il.com>
cc: linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, zohar@...ux.ibm.com,
roberto.sassu@...wei.com, vgoyal@...hat.com
Subject: Re: [PATCH V8 1/3] Define a new IMA hook to measure the boot command
line arguments
On Wed, 12 Jun 2019, Prakhar Srivastava wrote:
> This patch adds support in ima to measure kexec cmdline args
> during soft reboot(kexec_file_load).
>
> - A new ima hook ima_kexec_cmdline is defined to be called by the
> kexec code.
> - A new function process_buffer_measurement is defined to measure
> the buffer hash into the ima log.
> - A new func policy KEXEC_CMDLINE is defined to control the
> measurement.[Suggested by Mimi]
>
> Signed-off-by: Prakhar Srivastava <prsriva02@...il.com>
> + struct integrity_iint_cache tmp_iint, *iint = &tmp_iint;
> + struct ima_event_data event_data = {.iint = iint };
Minor nit: looks like this could be simplified to:
struct integrity_iint_cache iint = {};
struct ima_event_data event_data = {.iint = &iint };
which also saves the later memset. 'hash' can also be initialized with '=
{}'.
--
James Morris
<jmorris@...ei.org>
Powered by blists - more mailing lists