subject:"\[PATCH v5\] ima\: move APPRAISE_BOOTPARAM dependency on ARCH

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-13 Thread Bruno Meneguele

On Fri, Jul 10, 2020 at 04:25:16PM -0300, Bruno Meneguele wrote: > On Fri, Jul 10, 2020 at 02:54:48PM -0400, Mimi Zohar wrote: > > On Fri, 2020-07-10 at 15:34 -0300, Bruno Meneguele wrote: > > > On Fri, Jul 10, 2020 at 03:03:38PM -0300, Bruno Meneguele wrote: > > > > On Fri, Jul 10, 2020 at 01:23:2

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-10 Thread Bruno Meneguele

On Fri, Jul 10, 2020 at 02:54:48PM -0400, Mimi Zohar wrote: > On Fri, 2020-07-10 at 15:34 -0300, Bruno Meneguele wrote: > > On Fri, Jul 10, 2020 at 03:03:38PM -0300, Bruno Meneguele wrote: > > > On Fri, Jul 10, 2020 at 01:23:24PM -0400, Mimi Zohar wrote: > > > > On Thu, 2020-07-09 at 13:46 -0300, B

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-10 Thread Mimi Zohar

On Fri, 2020-07-10 at 15:34 -0300, Bruno Meneguele wrote: > On Fri, Jul 10, 2020 at 03:03:38PM -0300, Bruno Meneguele wrote: > > On Fri, Jul 10, 2020 at 01:23:24PM -0400, Mimi Zohar wrote: > > > On Thu, 2020-07-09 at 13:46 -0300, Bruno Meneguele wrote: > > > > APPRAISE_BOOTPARAM has been marked as

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-10 Thread Bruno Meneguele

On Fri, Jul 10, 2020 at 03:03:38PM -0300, Bruno Meneguele wrote: > On Fri, Jul 10, 2020 at 01:23:24PM -0400, Mimi Zohar wrote: > > On Thu, 2020-07-09 at 13:46 -0300, Bruno Meneguele wrote: > > > APPRAISE_BOOTPARAM has been marked as dependent on !ARCH_POLICY in compile > > > time, enforcing the app

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-10 Thread Bruno Meneguele

On Fri, Jul 10, 2020 at 01:23:24PM -0400, Mimi Zohar wrote: > On Thu, 2020-07-09 at 13:46 -0300, Bruno Meneguele wrote: > > APPRAISE_BOOTPARAM has been marked as dependent on !ARCH_POLICY in compile > > time, enforcing the appraisal whenever the kernel had the arch policy option > > enabled. > > >

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-10 Thread Mimi Zohar

On Thu, 2020-07-09 at 13:46 -0300, Bruno Meneguele wrote: > APPRAISE_BOOTPARAM has been marked as dependent on !ARCH_POLICY in compile > time, enforcing the appraisal whenever the kernel had the arch policy option > enabled. > However it breaks systems where the option is set but the system didn't

[PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-09 Thread Bruno Meneguele

APPRAISE_BOOTPARAM has been marked as dependent on !ARCH_POLICY in compile time, enforcing the appraisal whenever the kernel had the arch policy option enabled. However it breaks systems where the option is set but the system didn't boot in a "secure boot" platform. In this scenario, anytime an ap

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

[PATCH v5] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

7 matches

Site Navigation

Mail list logo

Footer information