Re: [PATCH v5 0/2] IMA: Deferred measurement of keys

From: Lakshmi Ramasubramanian
Date: Fri Dec 20 2019 - 15:50:44 EST

Next message: Yu-cheng Yu: "Re: [PATCH v2 3/3] x86/fpu/xstate: Invalidate fpregs when __fpu_restore_sig() fails"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH] libbpf: Fix build on read-only filesystems"
In reply to: Mimi Zohar: "Re: [PATCH v5 0/2] IMA: Deferred measurement of keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/20/19 11:36 AM, Mimi Zohar wrote:

Shall I create a new patch set to address that and have that be reviewed
independent of this patch set?

If it is just a single additional patch, feel free to post it without
a cover letter.

Sure

Like you'd suggested earlier, we can wait for a certain time, after IMA
is initialized, and free the queue if a custom policy was not loaded.

Different types of systems vary in boot time, but perhaps a certain
amount of time after IMA is initialized would be consistent. ÂThis
would need to work for IoT devices/sensors to servers.

Mimi

Yes - I agree.

thanks,
-lakshmi

Next message: Yu-cheng Yu: "Re: [PATCH v2 3/3] x86/fpu/xstate: Invalidate fpregs when __fpu_restore_sig() fails"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH] libbpf: Fix build on read-only filesystems"
In reply to: Mimi Zohar: "Re: [PATCH v5 0/2] IMA: Deferred measurement of keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]