mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-31 16:38:12 +00:00
268a784049
A kernel loaded via kexec_load cannot be verified. Thus disable kexec_load systemcall in kernels which where IPLed securely. Use the IMA mechanism to do so. Signed-off-by: Philipp Rudo <prudo@linux.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
14 lines
217 B
C
14 lines
217 B
C
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
#include <linux/ima.h>
|
|
#include <asm/boot_data.h>
|
|
|
|
bool arch_ima_get_secureboot(void)
|
|
{
|
|
return ipl_secure_flag;
|
|
}
|
|
|
|
const char * const *arch_get_ima_policy(void)
|
|
{
|
|
return NULL;
|
|
}
|