diff for duplicates of <1509048454.5886.108.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 6869650..7a68eb7 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -48,7 +48,7 @@ measurement list. I don't see the problem here. > + if ((action & IMA_MEASURE) || ((iint->flags & IMA_MEASURE) && > + xattr_value && -> + xattr_value->type = IMA_MODSIG && +> + xattr_value->type == IMA_MODSIG && > + ima_current_template_has_sig())) Like the clean up you did elsewhere, this new set of tests should be diff --git a/a/content_digest b/N1/content_digest index c2863e5..a8ebf6f 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -2,7 +2,7 @@ "ref\020171018005331.2688-19-bauerman@linux.vnet.ibm.com\0" "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" "Subject\0Re: [PATCH v5 18/18] ima: Write modsig to the measurement list\0" - "Date\0Thu, 26 Oct 2017 20:07:34 +0000\0" + "Date\0Thu, 26 Oct 2017 16:07:34 -0400\0" "To\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>" " linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" @@ -73,7 +73,7 @@ "\n" "> +\tif ((action & IMA_MEASURE) || ((iint->flags & IMA_MEASURE) &&\n" "> +\t\t\t\t xattr_value &&\n" - "> +\t\t\t\t xattr_value->type = IMA_MODSIG &&\n" + "> +\t\t\t\t xattr_value->type == IMA_MODSIG &&\n" "> +\t\t\t\t ima_current_template_has_sig()))\n" "\n" "Like the clean up you did elsewhere, this new set of tests should be\n" @@ -87,4 +87,4 @@ "> \tif (action & IMA_AUDIT)\n" > -4a91941eba18523b136208ffa24e27585f4db1ac32056bd525e224d0754542fe +3d23e37caad1b40d96fcd3e32664a30eba4008576d35bc46b08aab57243ec246
diff --git a/a/1.txt b/N2/1.txt index 6869650..5b6dd9b 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -29,7 +29,7 @@ On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: > + * signature. Yes, all true, but this long comment doesn't belong here in the middle -of process_measurement(). +of process_measurement(). > + * With the opposite ordering (the appraise rule triggering before the > + * measurement rule) there is the same problem but it's not possible to @@ -39,20 +39,20 @@ of process_measurement(). > + */ With the template format "ima-sig", the verified file signature needs -to be included in the measurement list. Based on this file signature, +to be included in the measurement list. Based on this file signature, the attestation server can validate the signature. In this case, where the appraisal comes first followed by the measurement, the appraised file signature is included in the -measurement list. I don't see the problem here. +measurement list. I don't see the problem here. > + if ((action & IMA_MEASURE) || ((iint->flags & IMA_MEASURE) && > + xattr_value && -> + xattr_value->type = IMA_MODSIG && +> + xattr_value->type == IMA_MODSIG && > + ima_current_template_has_sig())) Like the clean up you did elsewhere, this new set of tests should be -made into a function. The comment could placed along with the new +made into a function. The comment could placed along with the new function. Mimi diff --git a/a/content_digest b/N2/content_digest index c2863e5..5c080a3 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -2,7 +2,7 @@ "ref\020171018005331.2688-19-bauerman@linux.vnet.ibm.com\0" "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" "Subject\0Re: [PATCH v5 18/18] ima: Write modsig to the measurement list\0" - "Date\0Thu, 26 Oct 2017 20:07:34 +0000\0" + "Date\0Thu, 26 Oct 2017 16:07:34 -0400\0" "To\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>" " linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" @@ -54,7 +54,7 @@ "> +\t * signature.\n" "\n" "Yes, all true, but this long comment doesn't belong here in the middle\n" - "of process_measurement().\302\240\n" + "of process_measurement(). \n" "\n" "> +\t * With the opposite ordering (the appraise rule triggering before the\n" "> +\t * measurement rule) there is the same problem but it's not possible to\n" @@ -64,20 +64,20 @@ "> +\t */\n" "\n" "With the template format \"ima-sig\", the verified file signature needs\n" - "to be included in the measurement list. \302\240Based on this file signature,\n" + "to be included in the measurement list. Based on this file signature,\n" "the attestation server can validate the signature.\n" "\n" "In this case, where the appraisal comes first followed by the\n" "measurement, the appraised file signature is included in the\n" - "measurement list. \302\240I don't see the problem here.\n" + "measurement list. I don't see the problem here.\n" "\n" "> +\tif ((action & IMA_MEASURE) || ((iint->flags & IMA_MEASURE) &&\n" "> +\t\t\t\t xattr_value &&\n" - "> +\t\t\t\t xattr_value->type = IMA_MODSIG &&\n" + "> +\t\t\t\t xattr_value->type == IMA_MODSIG &&\n" "> +\t\t\t\t ima_current_template_has_sig()))\n" "\n" "Like the clean up you did elsewhere, this new set of tests should be\n" - "made into a function. \302\240The comment could placed along with the new\n" + "made into a function. The comment could placed along with the new\n" "function.\n" "\n" "Mimi\n" @@ -87,4 +87,4 @@ "> \tif (action & IMA_AUDIT)\n" > -4a91941eba18523b136208ffa24e27585f4db1ac32056bd525e224d0754542fe +ff7171478ac97ed065eb6d7bcf28886592bb9ef5aed2af17dba68dbb4fb80bf5
diff --git a/a/1.txt b/N3/1.txt index 6869650..37635bc 100644 --- a/a/1.txt +++ b/N3/1.txt @@ -29,7 +29,7 @@ On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: > + * signature. Yes, all true, but this long comment doesn't belong here in the middle -of process_measurement(). +of process_measurement().? > + * With the opposite ordering (the appraise rule triggering before the > + * measurement rule) there is the same problem but it's not possible to @@ -39,20 +39,20 @@ of process_measurement(). > + */ With the template format "ima-sig", the verified file signature needs -to be included in the measurement list. Based on this file signature, +to be included in the measurement list. ?Based on this file signature, the attestation server can validate the signature. In this case, where the appraisal comes first followed by the measurement, the appraised file signature is included in the -measurement list. I don't see the problem here. +measurement list. ?I don't see the problem here. > + if ((action & IMA_MEASURE) || ((iint->flags & IMA_MEASURE) && > + xattr_value && -> + xattr_value->type = IMA_MODSIG && +> + xattr_value->type == IMA_MODSIG && > + ima_current_template_has_sig())) Like the clean up you did elsewhere, this new set of tests should be -made into a function. The comment could placed along with the new +made into a function. ?The comment could placed along with the new function. Mimi @@ -60,4 +60,9 @@ Mimi > ima_store_measurement(iint, file, pathname, > xattr_value, xattr_len, pcr); > if (action & IMA_AUDIT) -> +> + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N3/content_digest index c2863e5..507f03b 100644 --- a/a/content_digest +++ b/N3/content_digest @@ -1,26 +1,9 @@ "ref\020171018005331.2688-1-bauerman@linux.vnet.ibm.com\0" "ref\020171018005331.2688-19-bauerman@linux.vnet.ibm.com\0" - "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Subject\0Re: [PATCH v5 18/18] ima: Write modsig to the measurement list\0" - "Date\0Thu, 26 Oct 2017 20:07:34 +0000\0" - "To\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>" - " linux-integrity@vger.kernel.org\0" - "Cc\0linux-security-module@vger.kernel.org" - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org - linux-kernel@vger.kernel.org - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <james.l.morris@oracle.com> - Serge E. Hallyn <serge@hallyn.com> - David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@redhat.com> - Rusty Russell <rusty@rustcorp.com.au> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - AKASHI - " Takahiro <takahiro.akashi@linaro.org>\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0[PATCH v5 18/18] ima: Write modsig to the measurement list\0" + "Date\0Thu, 26 Oct 2017 16:07:34 -0400\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:\n" @@ -54,7 +37,7 @@ "> +\t * signature.\n" "\n" "Yes, all true, but this long comment doesn't belong here in the middle\n" - "of process_measurement().\302\240\n" + "of process_measurement().?\n" "\n" "> +\t * With the opposite ordering (the appraise rule triggering before the\n" "> +\t * measurement rule) there is the same problem but it's not possible to\n" @@ -64,20 +47,20 @@ "> +\t */\n" "\n" "With the template format \"ima-sig\", the verified file signature needs\n" - "to be included in the measurement list. \302\240Based on this file signature,\n" + "to be included in the measurement list. ?Based on this file signature,\n" "the attestation server can validate the signature.\n" "\n" "In this case, where the appraisal comes first followed by the\n" "measurement, the appraised file signature is included in the\n" - "measurement list. \302\240I don't see the problem here.\n" + "measurement list. ?I don't see the problem here.\n" "\n" "> +\tif ((action & IMA_MEASURE) || ((iint->flags & IMA_MEASURE) &&\n" "> +\t\t\t\t xattr_value &&\n" - "> +\t\t\t\t xattr_value->type = IMA_MODSIG &&\n" + "> +\t\t\t\t xattr_value->type == IMA_MODSIG &&\n" "> +\t\t\t\t ima_current_template_has_sig()))\n" "\n" "Like the clean up you did elsewhere, this new set of tests should be\n" - "made into a function. \302\240The comment could placed along with the new\n" + "made into a function. ?The comment could placed along with the new\n" "function.\n" "\n" "Mimi\n" @@ -85,6 +68,11 @@ "> \t\tima_store_measurement(iint, file, pathname,\n" "> \t\t\t\t xattr_value, xattr_len, pcr);\n" "> \tif (action & IMA_AUDIT)\n" - > + "> \n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -4a91941eba18523b136208ffa24e27585f4db1ac32056bd525e224d0754542fe +ea8d7b71ebd3b4280767815210ddece2aee6fb33c69512f9bb95ed9ad37ab2c6
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.