Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca

From: Mimi Zohar
Date: Thu Sep 09 2021 - 14:20:21 EST

Next message: Mimi Zohar: "Re: [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys"
Previous message: Philip Chen: "Re: [PATCH 2/2] drm/bridge: parade-ps8640: Add support for AUX channel"
In reply to: Eric Snowberg: "Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2021-09-09 at 11:53 -0600, Eric Snowberg wrote:
> > On Sep 9, 2021, at 11:25 AM, Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote:
> >
> > On Tue, 2021-09-07 at 12:01 -0400, Eric Snowberg wrote:
> >> Set the restriction check for INTEGRITY_KEYRING_MACHINE keys to
> >> restrict_link_by_ca. This will only allow CA keys into the machine
> >> keyring.
> >>
> >> Signed-off-by: Eric Snowberg <eric.snowberg@xxxxxxxxxx>
> >
> > Normally the new function, in this case the restriction, and usage
> > should be defined together. Any reason why 3/12 and 4/12 are two
> > separate patches?
>
> I split them since they cross subsystems.

That makes sense.

thanks,

Mimi

Next message: Mimi Zohar: "Re: [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys"
Previous message: Philip Chen: "Re: [PATCH 2/2] drm/bridge: parade-ps8640: Add support for AUX channel"
In reply to: Eric Snowberg: "Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]