On 03/10/14 15:46, David Howells wrote: > Dmitry Kasatkin <d.kasat...@samsung.com> wrote: > >> Latest KEYS code change the way keys identified and module >> signing keys are not searchable anymore with original id. >> >> This patch fixes this problem without change module signature >> data. > This isn't sufficient. The key search must also include the signer. >
IMA uses "id:<id>" partial matching.. There is no signer in the signature. It is added as "last resort" It is here... the same but I renamed with finger print.. http://git.kernel.org/cgit/linux/kernel/git/kasatkin/linux-digsig.git/commit/?h=keys-fixes&id=f036bb9a4c1b3c548f315226d3284e6a91d284e7 - Dmitry > David > -- > To unsubscribe from this list: send the line "unsubscribe > linux-security-module" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
