diff for duplicates of <87fuebei68.fsf@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index b637975..9708f37 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -15,7 +15,7 @@ Mimi Zohar <zohar@linux.vnet.ibm.com> writes: >> >> - iint->ima_hash->digest, >> >> - iint->ima_hash->length); >> >> + ->> >> + if (xattr_value->type = EVM_IMA_XATTR_DIGSIG) +>> >> + if (xattr_value->type == EVM_IMA_XATTR_DIGSIG) >> >> + rc = integrity_digsig_verify(INTEGRITY_KEYRING_IMA, >> >> + (const char *)xattr_value, >> >> + rc, iint->ima_hash->digest, @@ -113,7 +113,7 @@ Which is better? > "collect" either the appended signature or the xattr. Maybe something > like this: > -> loop [ appended signature, xattr ] { <= list based on policy flags +> loop [ appended signature, xattr ] { <== list based on policy flags > collect_measurement() > if failure > continue diff --git a/a/content_digest b/N1/content_digest index 0e6ed74..bc61dfc 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -5,7 +5,7 @@ "ref\01498095237.5328.44.camel@linux.vnet.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" "Subject\0Re: [PATCH v2 6/6] ima: Support module-style appended signatures for appraisal\0" - "Date\0Wed, 05 Jul 2017 02:22:55 +0000\0" + "Date\0Tue, 04 Jul 2017 23:22:55 -0300\0" "To\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" "Cc\0linux-security-module@vger.kernel.org" linux-ima-devel@lists.sourceforge.net @@ -22,7 +22,7 @@ Rusty Russell <rusty@rustcorp.com.au> Herbert Xu <herbert@gondor.apana.org.au> David S. Miller <davem@davemloft.net> - AKASHI + " AKASHI\\" " Takahiro <takahiro.akashi@linaro.org>\0" "\00:1\0" "b\0" @@ -43,7 +43,7 @@ ">> >> -\t\t\t\t\t iint->ima_hash->digest,\n" ">> >> -\t\t\t\t\t iint->ima_hash->length);\n" ">> >> +\n" - ">> >> +\t\tif (xattr_value->type = EVM_IMA_XATTR_DIGSIG)\n" + ">> >> +\t\tif (xattr_value->type == EVM_IMA_XATTR_DIGSIG)\n" ">> >> +\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_IMA,\n" ">> >> +\t\t\t\t\t\t (const char *)xattr_value,\n" ">> >> +\t\t\t\t\t\t rc, iint->ima_hash->digest,\n" @@ -141,7 +141,7 @@ "> \"collect\" either the appended signature or the xattr. Maybe something\n" "> like this:\n" ">\n" - "> loop [ appended signature, xattr ] { <= list based on policy flags\n" + "> loop [ appended signature, xattr ] { <== list based on policy flags\n" "> collect_measurement()\n" "> if failure\n" "> continue\n" @@ -160,4 +160,4 @@ "Thiago Jung Bauermann\n" IBM Linux Technology Center -c73c585d86bfa27ce212d865813688861ad10711baaea02853a3bd9bf303b315 +d424c8570baf8c5fcfa872f6c939202a6d6a22392aeba57be1f9a59583fbd86b
diff --git a/a/1.txt b/N2/1.txt index b637975..adc90a9 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -15,7 +15,7 @@ Mimi Zohar <zohar@linux.vnet.ibm.com> writes: >> >> - iint->ima_hash->digest, >> >> - iint->ima_hash->length); >> >> + ->> >> + if (xattr_value->type = EVM_IMA_XATTR_DIGSIG) +>> >> + if (xattr_value->type == EVM_IMA_XATTR_DIGSIG) >> >> + rc = integrity_digsig_verify(INTEGRITY_KEYRING_IMA, >> >> + (const char *)xattr_value, >> >> + rc, iint->ima_hash->digest, @@ -113,7 +113,7 @@ Which is better? > "collect" either the appended signature or the xattr. Maybe something > like this: > -> loop [ appended signature, xattr ] { <= list based on policy flags +> loop [ appended signature, xattr ] { <== list based on policy flags > collect_measurement() > if failure > continue @@ -131,3 +131,8 @@ match the IMA jargon. -- Thiago Jung Bauermann IBM Linux Technology Center + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 0e6ed74..ec56574 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -3,27 +3,10 @@ "ref\01497443972.4287.38.camel@linux.vnet.ibm.com\0" "ref\08760fpck0x.fsf@linux.vnet.ibm.com\0" "ref\01498095237.5328.44.camel@linux.vnet.ibm.com\0" - "From\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" - "Subject\0Re: [PATCH v2 6/6] ima: Support module-style appended signatures for appraisal\0" - "Date\0Wed, 05 Jul 2017 02:22:55 +0000\0" - "To\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Cc\0linux-security-module@vger.kernel.org" - linux-ima-devel@lists.sourceforge.net - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org - linux-kernel@vger.kernel.org - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <james.l.morris@oracle.com> - Serge E. Hallyn <serge@hallyn.com> - David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@redhat.com> - Rusty Russell <rusty@rustcorp.com.au> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - AKASHI - " Takahiro <takahiro.akashi@linaro.org>\0" + "From\0bauerman@linux.vnet.ibm.com (Thiago Jung Bauermann)\0" + "Subject\0[PATCH v2 6/6] ima: Support module-style appended signatures for appraisal\0" + "Date\0Tue, 04 Jul 2017 23:22:55 -0300\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "\n" @@ -43,7 +26,7 @@ ">> >> -\t\t\t\t\t iint->ima_hash->digest,\n" ">> >> -\t\t\t\t\t iint->ima_hash->length);\n" ">> >> +\n" - ">> >> +\t\tif (xattr_value->type = EVM_IMA_XATTR_DIGSIG)\n" + ">> >> +\t\tif (xattr_value->type == EVM_IMA_XATTR_DIGSIG)\n" ">> >> +\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_IMA,\n" ">> >> +\t\t\t\t\t\t (const char *)xattr_value,\n" ">> >> +\t\t\t\t\t\t rc, iint->ima_hash->digest,\n" @@ -141,7 +124,7 @@ "> \"collect\" either the appended signature or the xattr. Maybe something\n" "> like this:\n" ">\n" - "> loop [ appended signature, xattr ] { <= list based on policy flags\n" + "> loop [ appended signature, xattr ] { <== list based on policy flags\n" "> collect_measurement()\n" "> if failure\n" "> continue\n" @@ -158,6 +141,11 @@ "\n" "-- \n" "Thiago Jung Bauermann\n" - IBM Linux Technology Center + "IBM Linux Technology Center\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -c73c585d86bfa27ce212d865813688861ad10711baaea02853a3bd9bf303b315 +7d479809e35747a558fddd114e117d047213bcdc8292d0757f5076419853ea9a
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.