Re: [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure

From: Mimi Zohar
Date: Wed May 06 2020 - 17:10:32 EST

Next message: Tom Zanussi: "[ANNOUNCE] 4.19.120-rt52"
Previous message: Bjorn Helgaas: "Re: [RFC 1/2] PCI/IOV: Introduce pci_iov_sysfs_link() function"
In reply to: Mimi Zohar: "Re: [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure"
Next in thread: Roberto Sassu: "RE: [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2020-05-06 at 15:44 -0400, Mimi Zohar wrote:
> Since copying the EVM HMAC or original signature isn't applicable, I
> would prefer exploring an EVM portable and immutable signature only
> solution.

To prevent copying the EVM xattr, we added "security.evm" to
/etc/xattr.conf. ÂTo support copying just the EVM portable and
immutable signatures will require a different solution.

Mimi

Next message: Tom Zanussi: "[ANNOUNCE] 4.19.120-rt52"
Previous message: Bjorn Helgaas: "Re: [RFC 1/2] PCI/IOV: Introduce pci_iov_sysfs_link() function"
In reply to: Mimi Zohar: "Re: [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure"
Next in thread: Roberto Sassu: "RE: [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]