[LTP] [PATCH v3 2/2] IMA: Add a test to verify importing a certificate into keyring
Mimi Zohar
zohar@linux.ibm.com
Wed Jun 24 22:02:43 CEST 2020
On Wed, 2020-06-24 at 15:59 -0400, Lachlan Sneff wrote:
>
> >> diff --git a/testcases/kernel/security/integrity/ima/README.md b/testcases/kernel/security/integrity/ima/README.md
> >> index 16a1f48c3..e41f7b570 100644
> >> --- a/testcases/kernel/security/integrity/ima/README.md
> >> +++ b/testcases/kernel/security/integrity/ima/README.md
> >> @@ -16,6 +16,27 @@ CONFIG_INTEGRITY=y
> >> CONFIG_IMA=y
> >> ```
> >>
> >> +IMA Key Import test
> >> +-------------
> >> +
> >> +`ima_keys.sh` requires an x509 key to be generated and placed
> >> +at `/etc/keys/x509_ima.der`.
> > The filename "/etc/keys/x509_ima.der" is configurable. It's based on
> > CONFIG_IMA_X509_PATH Kconfig option. Perhaps extract it from the
> > running kernel's Kconfig?
> I didn't think pulling it from the kernel config. Will try this. I
> assume `grep "..." /boot/config-$(uname -r)` is the right way to grab a
> line from the config?
Try using scripts/extract-ikconfig.
Mimi
More information about the ltp
mailing list