diff for duplicates of <1557835765.4139.9.camel@linux.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 0230431..0f3f714 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -22,7 +22,7 @@ On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote: > + * known, then try verifying the modsig. > + */ > + if (status != INTEGRITY_PASS && try_modsig && -> + (!xattr_value || rc = -ENOKEY)) +> + (!xattr_value || rc == -ENOKEY)) > + rc = modsig_verify(func, modsig, &status, &cause); EVM protects other security xattrs, not just security.ima, if they diff --git a/a/content_digest b/N1/content_digest index e716bf7..2bbac08 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -2,7 +2,7 @@ "ref\020190418035120.2354-10-bauerman@linux.ibm.com\0" "From\0Mimi Zohar <zohar@linux.ibm.com>\0" "Subject\0Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures\0" - "Date\0Tue, 14 May 2019 12:09:25 +0000\0" + "Date\0Tue, 14 May 2019 08:09:25 -0400\0" "To\0Thiago Jung Bauermann <bauerman@linux.ibm.com>" " linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" @@ -48,7 +48,7 @@ "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240 * known, then try verifying the modsig.\n" "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240 */\n" "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240if (status != INTEGRITY_PASS && try_modsig &&\n" - "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240 (!xattr_value || rc = -ENOKEY))\n" + "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240 (!xattr_value || rc == -ENOKEY))\n" "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240rc = modsig_verify(func, modsig, &status, &cause);\n" "\n" "EVM protects other security xattrs, not just security.ima, if they\n" @@ -62,4 +62,4 @@ "> \302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240/*\n" "> \302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240 * File signatures on some filesystems can not be properly verified." -739ea5c998a79551725c4f2a7c09482c00fd5f6f1d1042042cac469233af257d +9330f04fef55e48a6a4e30da8d6a8fbb67460a68691298822f2422f982b5a300
diff --git a/a/1.txt b/N2/1.txt index 0230431..0f3f714 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -22,7 +22,7 @@ On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote: > + * known, then try verifying the modsig. > + */ > + if (status != INTEGRITY_PASS && try_modsig && -> + (!xattr_value || rc = -ENOKEY)) +> + (!xattr_value || rc == -ENOKEY)) > + rc = modsig_verify(func, modsig, &status, &cause); EVM protects other security xattrs, not just security.ima, if they diff --git a/a/content_digest b/N2/content_digest index e716bf7..f023cf7 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -2,26 +2,26 @@ "ref\020190418035120.2354-10-bauerman@linux.ibm.com\0" "From\0Mimi Zohar <zohar@linux.ibm.com>\0" "Subject\0Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures\0" - "Date\0Tue, 14 May 2019 12:09:25 +0000\0" + "Date\0Tue, 14 May 2019 08:09:25 -0400\0" "To\0Thiago Jung Bauermann <bauerman@linux.ibm.com>" " linux-integrity@vger.kernel.org\0" - "Cc\0linux-security-module@vger.kernel.org" - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org + "Cc\0Herbert Xu <herbert@gondor.apana.org.au>" linux-doc@vger.kernel.org - linux-kernel@vger.kernel.org Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <jmorris@namei.org> - Serge E. Hallyn <serge@hallyn.com> - David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@kernel.org> - Herbert Xu <herbert@gondor.apana.org.au> David S. Miller <davem@davemloft.net> Jonathan Corbet <corbet@lwn.net> + linux-kernel@vger.kernel.org + James Morris <jmorris@namei.org> + David Howells <dhowells@redhat.com> AKASHI - " Takahiro <takahiro.akashi@linaro.org>\0" + Takahiro <takahiro.akashi@linaro.org> + linux-security-module@vger.kernel.org + keyrings@vger.kernel.org + linux-crypto@vger.kernel.org + Jessica Yu <jeyu@kernel.org> + linuxppc-dev@lists.ozlabs.org + David Woodhouse <dwmw2@infradead.org> + " Serge E. Hallyn <serge@hallyn.com>\0" "\00:1\0" "b\0" "Hi Thiago,\n" @@ -48,7 +48,7 @@ "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240 * known, then try verifying the modsig.\n" "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240 */\n" "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240if (status != INTEGRITY_PASS && try_modsig &&\n" - "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240 (!xattr_value || rc = -ENOKEY))\n" + "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240 (!xattr_value || rc == -ENOKEY))\n" "> +\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240rc = modsig_verify(func, modsig, &status, &cause);\n" "\n" "EVM protects other security xattrs, not just security.ima, if they\n" @@ -62,4 +62,4 @@ "> \302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240/*\n" "> \302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240 * File signatures on some filesystems can not be properly verified." -739ea5c998a79551725c4f2a7c09482c00fd5f6f1d1042042cac469233af257d +c97cf150ce18215cf2979a2fbafdfb6e1020ed18b8235156ac5401c09ec0f800
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.