On Thu, Oct 25, 2012 at 08:14:58PM -0700, Eric W. Biederman wrote:
[..]
I see that bit 21 in second doubleword is 0. IIUC, that means that we
will switch to compatibility mode. If yes, we are still continuing to
use 64bit instructions and continue to access registers (rip, r8-15)
which
On Fri, Oct 26, 2012 at 03:39:16AM +0100, Matthew Garrett wrote:
On Thu, Oct 25, 2012 at 09:15:58PM -0400, Mimi Zohar wrote:
On a running system, the package installer, after verifying the package
integrity, would install each file with the associated 'security.ima'
extended attribute.
On Fri, 2012-10-26 at 03:39 +0100, Matthew Garrett wrote:
On Thu, Oct 25, 2012 at 09:15:58PM -0400, Mimi Zohar wrote:
On a running system, the package installer, after verifying the package
integrity, would install each file with the associated 'security.ima'
extended attribute. The
On Fri, 2012-10-26 at 19:19 +0100, Matthew Garrett wrote:
On Fri, Oct 26, 2012 at 01:59:34PM -0400, Mimi Zohar wrote:
On Fri, 2012-10-26 at 03:39 +0100, Matthew Garrett wrote:
and it must be impossible for anything other than
/sbin/kexec to make the kexec system call.
Permission is