From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
Subject: Re: [PATCH v5 00/21] EVM
Date: Thu, 19 May 2011 21:07:06 -0400
Message-ID: <1305853626.2528.50.camel@localhost.localdomain>
References: <1305557115-15652-1-git-send-email-zohar@linux.vnet.ibm.com>
	 <20110518172552.6d482c7a.akpm@linux-foundation.org>
	 <1305769890.3304.90.camel@localhost.localdomain>
	 <alpine.LRH.2.00.1105201041000.28923@tundra.namei.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: Andrew Morton <akpm@linux-foundation.org>,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	David Safford <safford@watson.ibm.com>,
	Greg KH <greg@kroah.com>,
	Dmitry Kasatkin <dmitry.kasatkin@nokia.com>,
	Arjan van de Ven <arjan@infradead.org>
To: James Morris <jmorris@namei.org>
Return-path: <linux-security-module-owner@vger.kernel.org>
In-Reply-To: <alpine.LRH.2.00.1105201041000.28923@tundra.namei.org>
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Fri, 2011-05-20 at 10:51 +1000, James Morris wrote:
> On Wed, 18 May 2011, Mimi Zohar wrote:
> 
> > > Once we have a better understanding of what the feature does and why it
> > > does it and how it interfaces with the user, we can start looking at
> > > the implementation.
> > 
> > Much appreciated!
> 
> What is the status of potential users of the feature?
> 
> I recall that MeeGo were planning to use EVM, but they've since changed 
> their security plans.  Do they still plan to use it?  Are any other users 
> committing to use EVM?
> 
> Also -- this was raised some time back, but I can't find the discussion -- 
> what does IMA/EVM provide over disk encryption as a protection against 
> offline attacks?
> 
> - James

Dave Safford's whitepaper discusses this.
http://downloads.sf.net/project/linux-ima/linux-ima/Integrity_overview.pdf

Mimi


Mimi