linux-stable/arch/s390/kernel/ima_arch.c
Philipp Rudo 268a784049 s390/kexec_file: Disable kexec_load when IPLed secure
A kernel loaded via kexec_load cannot be verified. Thus disable kexec_load
systemcall in kernels which where IPLed securely. Use the IMA mechanism to
do so.

Signed-off-by: Philipp Rudo <prudo@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2019-04-29 10:44:03 +02:00

14 lines
217 B
C

// SPDX-License-Identifier: GPL-2.0
#include <linux/ima.h>
#include <asm/boot_data.h>
bool arch_ima_get_secureboot(void)
{
return ipl_secure_flag;
}
const char * const *arch_get_ima_policy(void)
{
return NULL;
}