Re: [RFC PATCH v3 08/13] clavis: Introduce new LSM called clavis

2025-01-05 Thread Mimi Zohar
On Fri, 2025-01-03 at 23:32 +, Eric Snowberg wrote: > > > On Dec 24, 2024, at 10:43 AM, Mimi Zohar wrote: > > > > On Thu, 2024-10-17 at 09:55 -0600, Eric Snowberg wrote: > > > Introduce a new LSM called clavis. The motivation behind this LSM is to > > > provide access control for system key

Re: [RFC PATCH v3 08/13] clavis: Introduce new LSM called clavis

2025-01-03 Thread Eric Snowberg
> On Dec 24, 2024, at 10:43 AM, Mimi Zohar wrote: > > On Thu, 2024-10-17 at 09:55 -0600, Eric Snowberg wrote: >> Introduce a new LSM called clavis. The motivation behind this LSM is to >> provide access control for system keys. The access control list is >> contained within a keyring call .cl

Re: [RFC PATCH v3 08/13] clavis: Introduce new LSM called clavis

2024-12-24 Thread Mimi Zohar
On Thu, 2024-10-17 at 09:55 -0600, Eric Snowberg wrote: > Introduce a new LSM called clavis. The motivation behind this LSM is to > provide access control for system keys. The access control list is > contained within a keyring call .clavis. During boot if the clavis= boot > arg is supplied with

Re: [RFC PATCH v3 08/13] clavis: Introduce new LSM called clavis

2024-10-24 Thread sergeh
On Wed, Oct 23, 2024 at 07:25:21PM +, Eric Snowberg wrote: > > On Oct 22, 2024, at 8:25 PM, ser...@kernel.org wrote: > > > > On Thu, Oct 17, 2024 at 09:55:11AM -0600, Eric Snowberg wrote: > >> > >> +The Clavis LSM contains a system keyring call .clavis. It contains a > >> single > > > > s/

Re: [RFC PATCH v3 08/13] clavis: Introduce new LSM called clavis

2024-10-23 Thread Eric Snowberg
> On Oct 22, 2024, at 8:25 PM, ser...@kernel.org wrote: > > On Thu, Oct 17, 2024 at 09:55:11AM -0600, Eric Snowberg wrote: >> >> +The Clavis LSM contains a system keyring call .clavis. It contains a single > > s/call/called/ I will change that, thanks. >> +asymmetric key that is used to val

Re: [RFC PATCH v3 08/13] clavis: Introduce new LSM called clavis

2024-10-22 Thread sergeh
On Thu, Oct 17, 2024 at 09:55:11AM -0600, Eric Snowberg wrote: > Introduce a new LSM called clavis. The motivation behind this LSM is to > provide access control for system keys. The access control list is > contained within a keyring call .clavis. During boot if the clavis= boot > arg is suppli