Re: [PATCH v4 00/14] security: digest_cache LSM

From: Roberto Sassu
Date: Tue Apr 16 2024 - 02:57:14 EST

Next message: Daniel Wagner: "Re: [PATCH v6 5/5] nvme-fabrics: handle transient auth failures"
Previous message: Laurent Pinchart: "Re: [syzbot] [media?] WARNING in call_s_stream"
In reply to: Roberto Sassu: "Re: [PATCH v4 00/14] security: digest_cache LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2024-04-15 at 22:18 +0300, Jarkko Sakkinen wrote:
> On Mon Apr 15, 2024 at 5:24 PM EEST, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
> >
> > Integrity detection and protection has long been a desirable feature, to
> > reach a large user base and mitigate the risk of flaws in the software
> > and attacks.
> >
> > However, while solutions exist, they struggle to reach the large user
> > base, due to requiring higher than desired constraints on performance,
> > flexibility and configurability, that only security conscious people are
> > willing to accept.
> >
> > This is where the new digest_cache LSM comes into play, it offers
> > additional support for new and existing integrity solutions, to make
> > them faster and easier to deploy.
>
> Sorry for nitpicking but what are the existing integrity solutions,
> and how does it help with this struggle? I.e. what is the gist here?

No worries... please have a look at patch 14. It should have all the
information.

Thanks

Roberto

Next message: Daniel Wagner: "Re: [PATCH v6 5/5] nvme-fabrics: handle transient auth failures"
Previous message: Laurent Pinchart: "Re: [syzbot] [media?] WARNING in call_s_stream"
In reply to: Roberto Sassu: "Re: [PATCH v4 00/14] security: digest_cache LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]