lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1560458898.4805.76.camel@linux.ibm.com>
Date:   Thu, 13 Jun 2019 16:48:18 -0400
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     Prakhar Srivastava <prsriva02@...il.com>,
        linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     roberto.sassu@...wei.com, vgoyal@...hat.com
Subject: Re: [PATCH V8 0/3] Add support for measuring the boot command line
 during kexec_file_load

On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote:

> The kexec cmdline hash is stored in the "d-ng" field of the template data.
> and can be verified using
> sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements | 
>   grep  kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum

This information should also be included in one of the patches.

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ