Re: [PATCH v4 00/14] security: digest_cache LSM
From: Roberto Sassu
Date: Tue Apr 16 2024 - 02:57:14 EST
On Mon, 2024-04-15 at 22:18 +0300, Jarkko Sakkinen wrote:
> On Mon Apr 15, 2024 at 5:24 PM EEST, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
> >
> > Integrity detection and protection has long been a desirable feature, to
> > reach a large user base and mitigate the risk of flaws in the software
> > and attacks.
> >
> > However, while solutions exist, they struggle to reach the large user
> > base, due to requiring higher than desired constraints on performance,
> > flexibility and configurability, that only security conscious people are
> > willing to accept.
> >
> > This is where the new digest_cache LSM comes into play, it offers
> > additional support for new and existing integrity solutions, to make
> > them faster and easier to deploy.
>
> Sorry for nitpicking but what are the existing integrity solutions,
> and how does it help with this struggle? I.e. what is the gist here?
No worries... please have a look at patch 14. It should have all the
information.
Thanks
Roberto