Re: [GIT PULL] Security subsystem updates for 4.14

From: Christoph Hellwig
Date: Mon Sep 11 2017 - 02:38:54 EST

Next message: Henning Schild: "Re: [PATCH] docs: fix location of document that got moved"
Previous message: Vlastimil Babka: "Re: [patch 1/2] mm, compaction: kcompactd should not ignore pageblock skip"
In reply to: Mimi Zohar: "Re: [GIT PULL] Security subsystem updates for 4.14"
Next in thread: Mimi Zohar: "Re: [GIT PULL] Security subsystem updates for 4.14"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Sep 10, 2017 at 10:02:42AM -0400, Mimi Zohar wrote:
> We need to differentiate between policies and x509 certificates. In
> the policy case, they need to be signed and appraised, while in the
> x509 certificate case, the certificate itself is signed so the file
> doesn't need to be signed or verified.

How about you take this sketch over - I don't know much about the
integrity code, and it seems like you actually wrote
kernel_read_file_from_path as well - so you're at least 3 times as
qualified as I am in this area..

Next message: Henning Schild: "Re: [PATCH] docs: fix location of document that got moved"
Previous message: Vlastimil Babka: "Re: [patch 1/2] mm, compaction: kcompactd should not ignore pageblock skip"
In reply to: Mimi Zohar: "Re: [GIT PULL] Security subsystem updates for 4.14"
Next in thread: Mimi Zohar: "Re: [GIT PULL] Security subsystem updates for 4.14"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]