Re: [PATCH v7 00/16] EVM

From: Mimi Zohar
Date: Thu Jun 30 2011 - 18:38:03 EST

Next message: Dan Carpenter: "Re: [PATCH v2] staging: zcache: support multiple clients, prep forKVM and RAMster"
Previous message: Marc Koschewski: "Re: [REGRESSION] suspend/resume broken on T510"
In reply to: Ryan Ware: "Re: [PATCH v7 00/16] EVM"
Next in thread: Ware, Ryan R: "Re: [PATCH v7 00/16] EVM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2011-06-30 at 14:06 -0700, Ryan Ware wrote:
> Glad to see this going in Mimi! Looking forward to enabling this in our
> MeeGo kernels.
>
> Ryan

I wish. As far as I'm aware, EVM hasn't been upstreamed. The good news
is that the ecryptfs encrypted-key patches are now in the
security-testing tree.

thanks,

Mimi

> On 6/29/11 12:50 PM, "Mimi Zohar" <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>
> >Discretionary Access Control(DAC) and Mandatory Access Control(MAC) can
> >protect the integrity of a running system from unauthorized changes. When
> >these protections are not running, such as when booting a malicious OS,
> >mounting the disk under a different operating system, or physically moving
> >the disk to another system, an "offline" attack is free to read and write
> >file data/metadata.
> >
> >...snip...
>
>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Carpenter: "Re: [PATCH v2] staging: zcache: support multiple clients, prep forKVM and RAMster"
Previous message: Marc Koschewski: "Re: [REGRESSION] suspend/resume broken on T510"
In reply to: Ryan Ware: "Re: [PATCH v7 00/16] EVM"
Next in thread: Ware, Ryan R: "Re: [PATCH v7 00/16] EVM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]