diff for duplicates of <1517851901.3736.120.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 978d435..a775ef1 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -1,8 +1,8 @@ On Mon, 2018-01-15 at 09:19 -0800, Christoph Hellwig wrote: > On Mon, Jan 15, 2018 at 11:40:07AM -0500, Mimi Zohar wrote: > > rootfs IS different than other filesystems, as other filesystems -> > uniquely identify the underlying filesystem type. ?rootfs can be a -> > ramfs or tmpfs filesystem. ?Only tmpfs supports xattrs. +> > uniquely identify the underlying filesystem type. rootfs can be a +> > ramfs or tmpfs filesystem. Only tmpfs supports xattrs. > > Tons of filesystems only have xattrs optionally. Check for goddamn > xattrs if that is the requirement and not a name that has absolutely @@ -12,15 +12,10 @@ I should have said the main reason for defining a rootfs policy rule is not to differentiate it from ramfs, but the ability to require file signatures. -Up to now, CPIO did not support xattrs. ?With Taras' proposed CPIO +Up to now, CPIO did not support xattrs. With Taras' proposed CPIO xattr patch set, the initramfs can now be properly labeled with file -signatures. ?Since only some systems will include file signatures in +signatures. Since only some systems will include file signatures in the initramfs, we need to be able to differentiate between those that require file signatures from those that don't. Mimi - --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 59dff93..a9714a4 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -2,17 +2,24 @@ "ref\020180115162726.GB15686@infradead.org\0" "ref\01516034407.6607.26.camel@linux.vnet.ibm.com\0" "ref\020180115171914.GB28088@infradead.org\0" - "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" - "Subject\0[PATCH] ima: define new policy condition based on the filesystem name\0" + "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" + "Subject\0Re: [PATCH] ima: define new policy condition based on the filesystem name\0" "Date\0Mon, 05 Feb 2018 12:31:41 -0500\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Christoph Hellwig <hch@infradead.org>\0" + "Cc\0linux-integrity <linux-integrity@vger.kernel.org>" + linux-security-module <linux-security-module@vger.kernel.org> + linux-fsdevel <linux-fsdevel@vger.kernel.org> + linux-kernel <linux-kernel@vger.kernel.org> + TarasKondratiuk <takondra@cisco.com> + Victor Kamensky <kamensky@cisco.com> + " RobLandley <rob@landley.net>\0" "\00:1\0" "b\0" "On Mon, 2018-01-15 at 09:19 -0800, Christoph Hellwig wrote:\n" "> On Mon, Jan 15, 2018 at 11:40:07AM -0500, Mimi Zohar wrote:\n" "> > rootfs IS different than other filesystems, as other filesystems\n" - "> > uniquely identify the underlying filesystem type. ?rootfs can be a\n" - "> > ramfs or tmpfs filesystem. ?Only tmpfs supports xattrs.\n" + "> > uniquely identify the underlying filesystem type. \302\240rootfs can be a\n" + "> > ramfs or tmpfs filesystem. \302\240Only tmpfs supports xattrs.\n" "> \n" "> Tons of filesystems only have xattrs optionally. Check for goddamn\n" "> xattrs if that is the requirement and not a name that has absolutely\n" @@ -22,17 +29,12 @@ "is not to differentiate it from ramfs, but the ability to require file\n" "signatures.\n" "\n" - "Up to now, CPIO did not support xattrs. ?With Taras' proposed CPIO\n" + "Up to now, CPIO did not support xattrs. \302\240With Taras' proposed CPIO\n" "xattr patch set, the initramfs can now be properly labeled with file\n" - "signatures. ?Since only some systems will include file signatures in\n" + "signatures. \302\240Since only some systems will include file signatures in\n" "the initramfs, we need to be able to differentiate between those that\n" "require file signatures from those that don't.\n" "\n" - "Mimi\n" - "\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Mimi -b0f8e570ae39d49035865c2ed2e7b34987f5140a16a637fcf7e0e1d88671f8ae +911686bef3f17e7b96502c6cc41aac1fbcca00e0ed6986b0488ad0e53349ca7c
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.