Re: [PATCH] X.509: Partially revert patch to add validation against IMA MOK keyring

From: David Howells
Date: Tue Jan 12 2016 - 10:57:09 EST

Next message: Peter Zijlstra: "Re: [RFC PATCH 04/19] cpufreq: bring data structures close to their locks"
Previous message: Philipp Zabel: "Re: [PATCH 1/3] ARM: STi: Add DT defines for co-processor reset lines"
In reply to: Mimi Zohar: "Re: [PATCH] X.509: Partially revert patch to add validation against IMA MOK keyring"
Next in thread: Mimi Zohar: "Re: [PATCH] X.509: Partially revert patch to add validation against IMA MOK keyring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:

> > > The name "restrict_link_by_ima_mok()" doesn't reflect that it is either
> > > the system keyring or the IMA MOK keyring.
> >
> > How about restrict_link_by_ima_trusted()?
>
> Good. restrict_link_by_ima_trusted would only check the IMA MOK keyring
> if it was configured.

And the system keyring?

David

Next message: Peter Zijlstra: "Re: [RFC PATCH 04/19] cpufreq: bring data structures close to their locks"
Previous message: Philipp Zabel: "Re: [PATCH 1/3] ARM: STi: Add DT defines for co-processor reset lines"
In reply to: Mimi Zohar: "Re: [PATCH] X.509: Partially revert patch to add validation against IMA MOK keyring"
Next in thread: Mimi Zohar: "Re: [PATCH] X.509: Partially revert patch to add validation against IMA MOK keyring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]