Re: [PATCH v2 11/11] ima: Support additional conditionals in the KEXEC_CMDLINE hook function

On 2020-07-01 16:04:16, Dave Young wrote: > Hi, > On 06/26/20 at 05:39pm, Tyler Hicks wrote: > > Take the properties of the kexec kernel's inode and the current task > > ownership into consideration when matching a KEXEC_CMDLINE operation to > > the rules in the IMA policy. This allows for some

Re: [PATCH v2 11/11] ima: Support additional conditionals in the KEXEC_CMDLINE hook function

Hi, On 06/26/20 at 05:39pm, Tyler Hicks wrote: > Take the properties of the kexec kernel's inode and the current task > ownership into consideration when matching a KEXEC_CMDLINE operation to > the rules in the IMA policy. This allows for some uniformity when > writing IMA policy rules for

Re: [PATCH v2 11/11] ima: Support additional conditionals in the KEXEC_CMDLINE hook function

On 6/26/20 3:39 PM, Tyler Hicks wrote: Take the properties of the kexec kernel's inode and the current task ownership into consideration when matching a KEXEC_CMDLINE operation to the rules in the IMA policy. This allows for some uniformity when writing IMA policy rules for KEXEC_KERNEL_CHECK,

[PATCH v2 11/11] ima: Support additional conditionals in the KEXEC_CMDLINE hook function

Take the properties of the kexec kernel's inode and the current task ownership into consideration when matching a KEXEC_CMDLINE operation to the rules in the IMA policy. This allows for some uniformity when writing IMA policy rules for KEXEC_KERNEL_CHECK, KEXEC_INITRAMFS_CHECK, and KEXEC_CMDLINE