[LTP] [RFC PATCH v3 10/10] ima: Print /proc/cmdline and IMA kernel config
Petr Vorel
pvorel@suse.cz
Wed Apr 25 15:16:20 CEST 2018
Hi Michael,
thank you for your comment.
> On Tue, Apr 24, 2018 at 08:35:56PM +0200, Petr Vorel wrote:
> > +print_ima_config()
> > +{
> > + local config="/boot/config-$(uname -r)"
> Just a small remark here: not all distributions have /boot/config-* files
> in place. I don't remember which ones this were.
> Wouldn't it make sense to check this file, if it does not exist check
> if /proc/config.gz is available?
I haven't found any normal distro not having config in place (openSUSE/SLE, Debian/Ubuntu,
CentOS/Red Hat), but there might be some. I guess most of embedded devices don't have
that (it's a question if they have IKCONFIG_PROC=y) but why not to try it.
I wonder if we'd benefit from having these functions in shell API:
is_enabled(CONFIG_FOO)
is_module(CONFIG_FOO)
is_builtin(CONFIG_FOO)
which would do simple grep of either /boot/config-$(uname -r) or /proc/config.gz.
The first three are inspired with kernel macros from include/linux/kconfig.h
> Kind regards,
> Michael
Kind regards,
Petr
More information about the ltp
mailing list