Re: [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

From: Pavel Machek
Date: Sun Aug 02 2020 - 07:55:56 EST

Next message: Pavel Machek: "Re: [PATCH v1 0/4] [RFC] Implement Trampoline File Descriptor"
Previous message: Pavel Machek: "Re: [PATCH v18 3/3] Input: new da7280 haptic driver"
Next in thread: Sasha Levin: "Re: [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> IPE is a Linux Security Module which allows for a configurable
> policy to enforce integrity requirements on the whole system. It
> attempts to solve the issue of Code Integrity: that any code being
> executed (or files being read), are identical to the version that
> was built by a trusted source.

How is that different from security/integrity/ima?

Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Next message: Pavel Machek: "Re: [PATCH v1 0/4] [RFC] Implement Trampoline File Descriptor"
Previous message: Pavel Machek: "Re: [PATCH v18 3/3] Input: new da7280 haptic driver"
Next in thread: Sasha Levin: "Re: [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]