Re: [PATCH] security: Fix IMA Kconfig for dependencies on ARM64

From: James Bottomley
Date: Fri Mar 09 2018 - 12:11:07 EST

Next message: Matheus Castello: "Re: [PATCH v4 0/3] pinctrl: bcm2835: Add generic pinctrl support"
Previous message: Mimi Zohar: "Re: [PATCH v2 1/3] certs: define a trusted platform keyring"
In reply to: Mimi Zohar: "Re: [PATCH] security: Fix IMA Kconfig for dependencies on ARM64"
Next in thread: Mimi Zohar: "Re: [PATCH] security: Fix IMA Kconfig for dependencies on ARM64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2018-03-08 at 12:42 -0600, Jiandi An wrote:
[...]
> I'm no expert on IMA and its driver.ÂÂJames, will you be kind enough
> to look into overhauling the IMA driver to not measure until afterÂ
> initrd phase if that's the consensus on resolving this?

I'll add it to my todo list.

Since my TPM 2.0 test environment is a VM with a tpm that has a network
connection to an emulator on my host, it's impossible to set it up so
that it's built in (because you need the network config before you init
the TPM) so I might accelerate if I suddenly need to debug IMA issues
in this configuration.

James

Next message: Matheus Castello: "Re: [PATCH v4 0/3] pinctrl: bcm2835: Add generic pinctrl support"
Previous message: Mimi Zohar: "Re: [PATCH v2 1/3] certs: define a trusted platform keyring"
In reply to: Mimi Zohar: "Re: [PATCH] security: Fix IMA Kconfig for dependencies on ARM64"
Next in thread: Mimi Zohar: "Re: [PATCH] security: Fix IMA Kconfig for dependencies on ARM64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]