From: Petr Vorel <pvorel@suse.cz>
To: ltp@lists.linux.it
Cc: Petr Vorel <pvorel@suse.cz>,
Lachlan Sneff <t-josne@linux.microsoft.com>,
Lakshmi Ramasubramanian <nramas@linux.microsoft.com>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
linux-integrity@vger.kernel.org
Subject: [PATCH v2 0/4] IMA: verify measurement of certificate imported into a keyring
Date: Fri, 7 Aug 2020 22:46:48 +0200 [thread overview]
Message-ID: <20200807204652.5928-1-pvorel@suse.cz> (raw)
Hi,
sending enhanced Lachlan's version.
I haven't tested this patchset, could please anybody test it?
Kind regards,
Petr
Lachlan Sneff (1):
IMA: Add a test to verify measurement of certificate imported into a
keyring
Petr Vorel (3):
IMA/ima_keys.sh Fix policy content check usage
IMA: Refactor datafiles directory
IMA/ima_keys.sh: Enhance policy checks
.../kernel/security/integrity/ima/README.md | 12 ++-
.../security/integrity/ima/datafiles/Makefile | 10 +-
.../ima/datafiles/ima_kexec/Makefile | 11 ++
.../datafiles/{ => ima_kexec}/kexec.policy | 0
.../integrity/ima/datafiles/ima_keys/Makefile | 11 ++
.../datafiles/{ => ima_keys}/keycheck.policy | 2 +-
.../ima/datafiles/ima_keys/x509_ima.der | Bin 0 -> 650 bytes
.../ima/datafiles/ima_policy/Makefile | 11 ++
.../datafiles/{ => ima_policy}/measure.policy | 0
.../{ => ima_policy}/measure.policy-invalid | 0
.../security/integrity/ima/tests/ima_keys.sh | 96 +++++++++++++++---
11 files changed, 129 insertions(+), 24 deletions(-)
create mode 100644 testcases/kernel/security/integrity/ima/datafiles/ima_kexec/Makefile
rename testcases/kernel/security/integrity/ima/datafiles/{ => ima_kexec}/kexec.policy (100%)
create mode 100644 testcases/kernel/security/integrity/ima/datafiles/ima_keys/Makefile
rename testcases/kernel/security/integrity/ima/datafiles/{ => ima_keys}/keycheck.policy (59%)
create mode 100644 testcases/kernel/security/integrity/ima/datafiles/ima_keys/x509_ima.der
create mode 100644 testcases/kernel/security/integrity/ima/datafiles/ima_policy/Makefile
rename testcases/kernel/security/integrity/ima/datafiles/{ => ima_policy}/measure.policy (100%)
rename testcases/kernel/security/integrity/ima/datafiles/{ => ima_policy}/measure.policy-invalid (100%)
--
2.28.0
next reply other threads:[~2020-08-07 20:47 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-07 20:46 Petr Vorel [this message]
2020-08-07 20:46 ` [PATCH v2 1/4] IMA/ima_keys.sh Fix policy content check usage Petr Vorel
2020-08-07 20:46 ` [PATCH v2 2/4] IMA: Refactor datafiles directory Petr Vorel
2020-08-07 20:46 ` [PATCH v2 3/4] IMA: Add a test to verify measurement of certificate imported into a keyring Petr Vorel
2020-08-07 21:12 ` Lakshmi Ramasubramanian
2020-08-17 3:21 ` Mimi Zohar
2020-08-17 5:13 ` Lakshmi Ramasubramanian
2020-08-17 11:09 ` Petr Vorel
2020-08-07 20:46 ` [PATCH v2 4/4] IMA/ima_keys.sh: Enhance policy checks Petr Vorel
2020-08-12 13:35 ` [PATCH v2 0/4] IMA: verify measurement of certificate imported into a keyring Petr Vorel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200807204652.5928-1-pvorel@suse.cz \
--to=pvorel@suse.cz \
--cc=linux-integrity@vger.kernel.org \
--cc=ltp@lists.linux.it \
--cc=nramas@linux.microsoft.com \
--cc=t-josne@linux.microsoft.com \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox