[PATCH v7 11/14] ima: Implement support for module-style appended signatures

Implement the appraise_type=imasig|modsig option, allowing IMA to read and verify modsig signatures. In case both are present in the same file, IMA will first check whether the key used by the xattr signature is present in the kernel keyring. If not, it will try the appended signature. Signed-off

[PATCH v7 12/14] ima: Add new "d-sig" template field

Define new "d-sig" template field which holds the digest that is expected to match the one contained in the modsig. Suggested-by: Mimi Zohar Signed-off-by: Thiago Jung Bauermann --- Documentation/security/IMA-templates.rst | 5 + security/integrity/ima/ima.h | 9 + s

[PATCH v7 14/14] ima: Store the measurement again when appraising a modsig

If the IMA template contains the 'sig' field, then the modsig should be added to the measurement list when the file is appraised, and that is what normally happens. But If a measurement rule caused a file containing a modsig to be measured before a different rule causes it to be appraised, the res

[PATCH v7 13/14] ima: Write modsig to the measurement list

Add modsig support to the "sig" template field, allowing the the contents of the modsig to be included in the measurement list. Suggested-by: Mimi Zohar Signed-off-by: Thiago Jung Bauermann --- security/integrity/ima/ima.h | 7 +++ security/integrity/ima/ima_modsig.c | 1

Re: [RFC v4 2/4] hotplug/drcinfo: Provide parser with callback

See below. On 05/22/2018 04:02 PM, Nathan Fontenot wrote: > On 05/22/2018 11:37 AM, Michael Bringmann wrote: >> This patch provides a common parse function for the ibm,drc-info >> property that can be modified by a callback function. The caller >> provides a pointer to the function and a pointer

Re: [RFC v4 2/4] hotplug/drcinfo: Provide parser with callback

See below. On 05/22/2018 04:23 PM, Nathan Fontenot wrote: > On 05/22/2018 11:37 AM, Michael Bringmann wrote: >> This patch provides a common parse function for the ibm,drc-info >> property that can be modified by a callback function. The caller >> provides a pointer to the function and a pointer

Re: [RFC v4 3/4] hotplug/drcinfo: Fix hot-add CPU issues

See below. On 05/22/2018 04:31 PM, Nathan Fontenot wrote: > On 05/22/2018 11:37 AM, Michael Bringmann wrote: >> This patch applies a common parse function for the ibm,drc-info >> property that can be modified by a callback function to the >> hot-add CPU code. Candidate code is replaced by a call

Re: [RFC v4 4/4] hotplug/drcinfo: Code cleanup for devices

See below. On 05/22/2018 04:39 PM, Nathan Fontenot wrote: > On 05/22/2018 11:37 AM, Michael Bringmann wrote: >> This patch extends the use of a common parse function for the >> ibm,drc-info property that can be modified by a callback function >> to the hotplug device processing. Candidate code is

Re: [PATCH v3 5/7] KVM: PPC: reimplements LOAD_VSX/STORE_VSX instruction mmio emulation with analyse_intr() input

Hi Paul, On Tue, May 22, 2018 at 07:41:51PM +1000, Paul Mackerras wrote: > On Mon, May 21, 2018 at 01:24:24PM +0800, wei.guo.si...@gmail.com wrote: > > From: Simon Guo > > > > This patch reimplements LOAD_VSX/STORE_VSX instruction MMIO emulation with > > analyse_intr() input. It utilizes VSX_FPCO

Re: [PATCH v7 2/3] powerpc/mm: Only read faulting instruction when necessary in do_page_fault()

On Tue, 22 May 2018 16:50:55 +0200 Christophe LEROY wrote: > Le 22/05/2018 à 16:38, Nicholas Piggin a écrit : > > On Tue, 22 May 2018 16:02:56 +0200 (CEST) > > Christophe Leroy wrote: > > > >> Commit a7a9dcd882a67 ("powerpc: Avoid taking a data miss on every > >> userspace instruction miss")

<    1   2