diff options
author | Coiby Xu <coxu@redhat.com> | 2022-07-13 15:21:11 +0800 |
---|---|---|
committer | Mimi Zohar <zohar@linux.ibm.com> | 2022-07-13 10:13:41 -0400 |
commit | af16df54b89dee72df253abc5e7b5e8a6d16c11c (patch) | |
tree | d236aeb2c9b99d9e452b6382f016d3e1bc92fc8f /security/integrity | |
parent | d2ee2cfc4aa85ff6a2a3b198a3a524ec54e3d999 (diff) | |
download | lwn-af16df54b89dee72df253abc5e7b5e8a6d16c11c.tar.gz lwn-af16df54b89dee72df253abc5e7b5e8a6d16c11c.zip |
ima: force signature verification when CONFIG_KEXEC_SIG is configured
Currently, an unsigned kernel could be kexec'ed when IMA arch specific
policy is configured unless lockdown is enabled. Enforce kernel
signature verification check in the kexec_file_load syscall when IMA
arch specific policy is configured.
Fixes: 99d5cadfde2b ("kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE")
Reported-and-suggested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r-- | security/integrity/ima/ima_efi.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_efi.c b/security/integrity/ima/ima_efi.c index 71786d01946f..9db66fe310d4 100644 --- a/security/integrity/ima/ima_efi.c +++ b/security/integrity/ima/ima_efi.c @@ -67,6 +67,8 @@ const char * const *arch_get_ima_policy(void) if (IS_ENABLED(CONFIG_IMA_ARCH_POLICY) && arch_ima_get_secureboot()) { if (IS_ENABLED(CONFIG_MODULE_SIG)) set_module_sig_enforced(); + if (IS_ENABLED(CONFIG_KEXEC_SIG)) + set_kexec_sig_enforced(); return sb_arch_rules; } return NULL; |