Re: [PATCH 0/4] KEYS fixes

From: Mimi Zohar
Date: Fri Oct 03 2014 - 10:19:41 EST


On Fri, 2014-10-03 at 12:09 +0300, Dmitry Kasatkin wrote:
> I reported yesterday problems with new KEYS.
> Module signature verification is broken, integrity subsystem verification is
> broken, kernel oopses.
>
> Here is few fixes.

Thanks, Dmitry! with these patch fixes, I'm now able to boot normally
with IMA-appraisal enabled in enforcing mode.

David, these two commits broke IMA-appraisal. Either these patches need
to be reverted or the partial match needs to be re-introduced. Dmitry's
patches do the latter.

757932e PKCS#7: Handle PKCS#7 messages that contain no X.509 certs
46963b7 KEYS: Overhaul key identification when searching for asymmetric
keys

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/