Re: [RFC PATCH] fw_lockdown: new micro LSM module to prevent loading unsigned firmware

From: Luis R. Rodriguez
Date: Fri Nov 10 2017 - 15:30:37 EST

Next message: SF Markus Elfring: "[PATCH 2/2] KEYS: trusted: Use common error handling code in tpm_unseal()"
Previous message: SF Markus Elfring: "[PATCH 1/2] KEYS: trusted: Use common error handling code in trusted_update()"
In reply to: Mimi Zohar: "Re: [RFC PATCH] fw_lockdown: new micro LSM module to prevent loading unsigned firmware"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Nov 10, 2017 at 12:13 PM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> On Fri, 2017-11-10 at 12:58 -0500, Mimi Zohar wrote:
>>
>> +
>> +static struct security_hook_list fw_lockdown_hooks[] = {
>> + LSM_HOOK_INIT(fw_lockdown_file_check, fw_lockdown_bprm_check)
>
> Sigh, that should have be:
> LSM_HOOK_INIT(kernel_read_file, fw_lockdown_read_file)

Hah, I thought i was going crazy :) That makes much more sense now!

Luis

Next message: SF Markus Elfring: "[PATCH 2/2] KEYS: trusted: Use common error handling code in tpm_unseal()"
Previous message: SF Markus Elfring: "[PATCH 1/2] KEYS: trusted: Use common error handling code in trusted_update()"
In reply to: Mimi Zohar: "Re: [RFC PATCH] fw_lockdown: new micro LSM module to prevent loading unsigned firmware"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]