-
- Downloads
selftests/ima: kexec_load syscall test
The kernel CONFIG_KEXEC_VERIFY_SIG option is limited to verifying a
kernel image's signature, when loaded via the kexec_file_load syscall.
There is no method for verifying a kernel image's signature loaded
via the kexec_load syscall.
This test verifies loading the kernel image via the kexec_load syscall
fails when the kernel CONFIG_KEXEC_VERIFY_SIG option is enabled on
systems with secureboot enabled[1].
[1] Detecting secureboot enabled is architecture specific.
Signed-off-by: 
Mimi Zohar <zohar@linux.ibm.com>
Showing
- tools/testing/selftests/Makefile 1 addition, 0 deletionstools/testing/selftests/Makefile
- tools/testing/selftests/ima/Makefile 11 additions, 0 deletionstools/testing/selftests/ima/Makefile
- tools/testing/selftests/ima/config 4 additions, 0 deletionstools/testing/selftests/ima/config
- tools/testing/selftests/ima/test_kexec_load.sh 54 additions, 0 deletionstools/testing/selftests/ima/test_kexec_load.sh
Loading
Please register or sign in to comment