From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
James Morris <jmorris@namei.org>,
Al Viro <viro@ZenIV.linux.org.uk>,
David Safford <safford@watson.ibm.com>,
Serge Hallyn <serue@linux.vnet.ibm.com>,
Mimi Zohar <zohar@us.ibm.com>
Subject: Re: [PATCH 2/6] integrity: Linux Integrity Module(LIM)
Date: Wed, 03 Dec 2008 17:17:35 -0500 [thread overview]
Message-ID: <1228342655.2821.64.camel@localhost.localdomain> (raw)
In-Reply-To: <20081203182300.GA31203@infradead.org>
On Wed, 2008-12-03 at 13:23 -0500, Christoph Hellwig wrote:
> On Wed, Dec 03, 2008 at 01:18:43PM -0500, Mimi Zohar wrote:
> > IMA originally supported measurement and attestation only for file data.
> > Templates provide an abstraction to add different types of integrity
> > messages to the TPM based measurement list. Each type of integrity code
> > knows how to format/display its own messages, while the TPM measurement
> > list code remains generic.
>
> I have a bit of a problem parsing the above, and it certainly doesn't
> look like a justification for keeping all that unused code around.
The purpose of LIM is to provide an integrity infrastructure to support
different types of integrity data. IMA implements both the LIM
API for it's own internal use, and exports it for others to call.
As Dave Safford pointed out in http://lkml.org/lkml/2008/11/17/362,
there are other projects that want to add differently structured
measurements to the TPM measurement list. The template abstraction is
critical to allowing these differently formatted messages to be added to
the list.
Mimi
next prev parent reply other threads:[~2008-12-03 22:17 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-02 21:47 [PATCH 0/6] integrity Mimi Zohar
2008-12-02 21:47 ` [PATCH 1/6] integrity: TPM internel kernel interface Mimi Zohar
2008-12-02 22:19 ` Dave Hansen
2008-12-04 20:21 ` Rajiv Andrade
2008-12-04 22:31 ` Rajiv Andrade
2008-12-02 22:59 ` Jeff Garzik
2008-12-03 17:22 ` Serge E. Hallyn
2008-12-02 21:47 ` [PATCH 2/6] integrity: Linux Integrity Module(LIM) Mimi Zohar
2008-12-02 22:43 ` Dave Hansen
2008-12-03 18:15 ` Mimi Zohar
2008-12-03 18:25 ` Dave Hansen
2008-12-03 12:30 ` Christoph Hellwig
2008-12-03 18:18 ` Mimi Zohar
2008-12-03 18:23 ` Christoph Hellwig
2008-12-03 22:17 ` Mimi Zohar [this message]
2008-12-04 13:09 ` Christoph Hellwig
2008-12-04 19:24 ` Serge E. Hallyn
2008-12-04 20:53 ` david safford
2008-12-05 1:42 ` James Morris
2008-12-05 12:56 ` david safford
2008-12-05 15:23 ` Serge E. Hallyn
2008-12-05 17:14 ` david safford
2008-12-02 21:47 ` [PATCH 3/6] integrity: IMA as an integrity service provider Mimi Zohar
2008-12-02 23:35 ` Dave Hansen
2008-12-03 13:03 ` Christoph Hellwig
2008-12-03 16:55 ` Dave Hansen
2008-12-03 17:08 ` Christoph Hellwig
2008-12-03 18:24 ` Mimi Zohar
2008-12-03 18:50 ` Dave Hansen
2008-12-04 18:26 ` Mimi Zohar
2008-12-03 18:17 ` Mimi Zohar
2008-12-03 18:31 ` Dave Hansen
2008-12-05 22:33 ` Al Viro
2008-12-03 19:01 ` Len Brown
2008-12-04 15:57 ` Mimi Zohar
2008-12-03 21:10 ` Dave Hansen
2008-12-02 21:47 ` [PATCH 4/6] integrity: IMA display Mimi Zohar
2008-12-02 21:47 ` [PATCH 5/6] integrity: IMA policy Mimi Zohar
2008-12-02 21:48 ` [PATCH 6/6] integrity: replace task uid with cred uid Mimi Zohar
-- strict thread matches above, loose matches on Subject: below --
2008-12-03 20:13 [PATCH 2/6] integrity: Linux Integrity Module(LIM) Serge E. Hallyn
2008-12-03 20:25 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1228342655.2821.64.camel@localhost.localdomain \
--to=zohar@linux.vnet.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=hch@infradead.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=serue@linux.vnet.ibm.com \
--cc=viro@ZenIV.linux.org.uk \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.