diff for duplicates of <1510746597.3711.268.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index d28efb8..c5e047a 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -8,15 +8,20 @@ On Tue, 2017-11-14 at 21:50 +0100, Luis R. Rodriguez wrote: > > [0] https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=90a53e4432b12288316efaa5f308adafb8d304b0 -Johannes was tired of waiting? Commit 5a9196d "ima: add support for +Johannes was tired of waiting? ?Commit 5a9196d "ima: add support for measuring and appraising firmware" has been in the kernel since linux- 3.17. The original firmware hook for verifying firmware signatures were replaced with the common LSM pre and post kernel_read_file() hooks -in linux-4.6.y. +in?linux-4.6.y. Even if you wanted to support firmware signature verification without IMA-appraisal, it should be using the LSM hooks. Mimi + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 5f68b99..d05b652 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -9,26 +9,10 @@ "ref\0CACdnJuvP=0AHGtfGJ5+cT+kHRy3fU4BLjwkvzP0rLO6q5ejAQQ@mail.gmail.com\0" "ref\0CA+55aFxeLwgwxh2iJTf6Dz0T_a_TZfTdhBw5TkcSsCmjt2N5pw@mail.gmail.com\0" "ref\020171114205014.GJ729@wotan.suse.de\0" - "ref\020171114205014.GJ729-B4tOwbsTzaBolqkO4TVVkw@public.gmane.org\0" - "From\0Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0" - "Subject\0Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown\0" "Date\0Wed, 15 Nov 2017 06:49:57 -0500\0" - "To\0Luis R. Rodriguez <mcgrof-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>" - Linus Torvalds <torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org> - " Johannes Berg <johannes-cdvu00un1VgdHxzADdlk8Q@public.gmane.org>\0" - "Cc\0Matthew Garrett <mjg59-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>" - David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> - Alan Cox <gnomes-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org> - AKASHI - Takahiro <takahiro.akashi-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> - Greg Kroah-Hartman <gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org> - Jan Blunck <jblunck-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org> - Julia Lawall <julia.lawall-L2FTfq7BK8M@public.gmane.org> - Marcus Meissner <meissner-l3A5Bk7waGM@public.gmane.org> - Gary Lin <GLin-IBi9RG/b67k@public.gmane.org> - LSM List <linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org> - linux-efi <linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org> - " Linux Kernel Mailing List <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Tue, 2017-11-14 at 21:50 +0100, Luis R. Rodriguez wrote:\n" @@ -41,17 +25,22 @@ "> \n" "> [0] https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=90a53e4432b12288316efaa5f308adafb8d304b0\n" "\n" - "Johannes was tired of waiting? \302\240Commit 5a9196d \"ima: add support for\n" + "Johannes was tired of waiting? ?Commit 5a9196d \"ima: add support for\n" "measuring and appraising firmware\" has been in the kernel since linux-\n" "3.17.\n" "\n" "The original firmware hook for verifying firmware signatures were\n" "replaced with the common LSM pre and post kernel_read_file() hooks\n" - "in\302\240linux-4.6.y.\n" + "in?linux-4.6.y.\n" "\n" "Even if you wanted to support firmware signature verification without\n" "IMA-appraisal, it should be using the LSM hooks.\n" "\n" - Mimi + "Mimi\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -31a10863ff48c72729a989ed2f82d67a9e804b6f19ee712a53932d11493e227e +520aadf808ef192cd82edfacaf9e2a7fe875db889c47c388b98c78330264a834
diff --git a/a/content_digest b/N2/content_digest index 5f68b99..019179b 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -9,26 +9,25 @@ "ref\0CACdnJuvP=0AHGtfGJ5+cT+kHRy3fU4BLjwkvzP0rLO6q5ejAQQ@mail.gmail.com\0" "ref\0CA+55aFxeLwgwxh2iJTf6Dz0T_a_TZfTdhBw5TkcSsCmjt2N5pw@mail.gmail.com\0" "ref\020171114205014.GJ729@wotan.suse.de\0" - "ref\020171114205014.GJ729-B4tOwbsTzaBolqkO4TVVkw@public.gmane.org\0" - "From\0Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0" + "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" "Subject\0Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown\0" "Date\0Wed, 15 Nov 2017 06:49:57 -0500\0" - "To\0Luis R. Rodriguez <mcgrof-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>" - Linus Torvalds <torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org> - " Johannes Berg <johannes-cdvu00un1VgdHxzADdlk8Q@public.gmane.org>\0" - "Cc\0Matthew Garrett <mjg59-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>" - David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> - Alan Cox <gnomes-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org> + "To\0Luis R. Rodriguez <mcgrof@kernel.org>" + Linus Torvalds <torvalds@linux-foundation.org> + " Johannes Berg <johannes@sipsolutions.net>\0" + "Cc\0Matthew Garrett <mjg59@google.com>" + David Howells <dhowells@redhat.com> + Alan Cox <gnomes@lxorguk.ukuu.org.uk> AKASHI - Takahiro <takahiro.akashi-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> - Greg Kroah-Hartman <gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org> - Jan Blunck <jblunck-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org> - Julia Lawall <julia.lawall-L2FTfq7BK8M@public.gmane.org> - Marcus Meissner <meissner-l3A5Bk7waGM@public.gmane.org> - Gary Lin <GLin-IBi9RG/b67k@public.gmane.org> - LSM List <linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org> - linux-efi <linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org> - " Linux Kernel Mailing List <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>\0" + Takahiro <takahiro.akashi@linaro.org> + Greg Kroah-Hartman <gregkh@linuxfoundation.org> + Jan Blunck <jblunck@infradead.org> + Julia Lawall <julia.lawall@lip6.fr> + Marcus Meissner <meissner@suse.de> + Gary Lin <GLin@suse.com> + LSM List <linux-security-module@vger.kernel.org> + linux-efi <linux-efi@vger.kernel.org> + " Linux Kernel Mailing List <linux-kernel@vger.kernel.org>\0" "\00:1\0" "b\0" "On Tue, 2017-11-14 at 21:50 +0100, Luis R. Rodriguez wrote:\n" @@ -54,4 +53,4 @@ "\n" Mimi -31a10863ff48c72729a989ed2f82d67a9e804b6f19ee712a53932d11493e227e +f44e8bd465a477e247085b43f134fdbc44214830613d84219d12556558decfb2
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.