• Mimi Zohar's avatar
    ima: define a canonical binary_runtime_measurements list format · d68a6fe9
    Mimi Zohar authored
    The IMA binary_runtime_measurements list is currently in platform native
    format.
    
    To allow restoring a measurement list carried across kexec with a
    different endianness than the targeted kernel, this patch defines
    little-endian as the canonical format.  For big endian systems wanting
    to save/restore the measurement list from a system with a different
    endianness, a new boot command line parameter named "ima_canonical_fmt"
    is defined.
    
    Considerations: use of the "ima_canonical_fmt" boot command line option
    will break existing userspace applications on big endian systems
    expecting the binary_runtime_measurements list to be in platform native
    format.
    
    Link: http://lkml.kernel.org/r/1480554346-29071-10-git-send-email-zohar@linux.vnet.ibm.comSigned-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
    Acked-by: default avatarDmitry Kasatkin <dmitry.kasatkin@gmail.com>
    Cc: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
    Cc: "Eric W. Biederman" <ebiederm@xmission.com>
    Cc: Andreas Steffen <andreas.steffen@strongswan.org>
    Cc: Josh Sklar <sklar@linux.vnet.ibm.com>
    Cc: Dave Young <dyoung@redhat.com>
    Cc: Vivek Goyal <vgoyal@redhat.com>
    Cc: Baoquan He <bhe@redhat.com>
    Cc: Michael Ellerman <mpe@ellerman.id.au>
    Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
    Cc: Paul Mackerras <paulus@samba.org>
    Cc: Stewart Smith <stewart@linux.vnet.ibm.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    d68a6fe9
ima_kexec.c 4.22 KB