Re: [PATCH v1] sefltest/ima: support appended signatures (modsig)

From: shuah
Date: Wed Aug 28 2019 - 11:53:19 EST

Next message: Randy Dunlap: "Re: [PATCH v2] kunit: fix failure to build without printk"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 5.2 000/162] 5.2.11-stable review"
In reply to: Mimi Zohar: "[PATCH v1] sefltest/ima: support appended signatures (modsig)"
Next in thread: Mimi Zohar: "Re: [PATCH v1] sefltest/ima: support appended signatures (modsig)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/28/19 9:14 AM, Mimi Zohar wrote:

In addition to the PE/COFF and IMA xattr signatures, the kexec kernel
image can be signed with an appended signature, using the same
scripts/sign-file tool that is used to sign kernel modules.

This patch adds support for detecting a kernel image signed with an
appended signature and updates the existing test messages
appropriately.

Reviewed-by: Petr Vorel <pvorel@xxxxxxx>
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
---

Thanks Mimi. This commit log looks good. My Ack for the patch
to go through the IMA tree.

Acked-by: Shuah Khan <skhan@xxxxxxxxxxxxxxxxxxx>

thanks,
-- Shuah

Next message: Randy Dunlap: "Re: [PATCH v2] kunit: fix failure to build without printk"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 5.2 000/162] 5.2.11-stable review"
In reply to: Mimi Zohar: "[PATCH v1] sefltest/ima: support appended signatures (modsig)"
Next in thread: Mimi Zohar: "Re: [PATCH v1] sefltest/ima: support appended signatures (modsig)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]