Re: [PATCH v6 5/8] ima: based on policy require signed firmware (sysfs fallback)
From: Kees Cook
Date: Sat Jul 14 2018 - 22:27:46 EST
On Fri, Jul 13, 2018 at 11:06 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> With an IMA policy requiring signed firmware, this patch prevents
> the sysfs fallback method of loading firmware.
>
> Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
> Cc: Luis R. Rodriguez <mcgrof@xxxxxxxx>
> Cc: Matthew Garrett <mjg59@xxxxxxxxxx>
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
-Kees
--
Kees Cook
Pixel Security