Re: [PATCH v3 03/22] ima: use "ima_hooks" enum as function argument

On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > Cleanup the function arguments by using "ima_hooks" enumerator as needed. > > Signed-off-by: Mimi Zohar Acked-by: Dmitry Kasatkin > --- >

Kexec on ARM?

All, After compiling the exec tools from my ubuntu machine to run on an ARMv7 target, 1) I loaded the kernel using : kexec -f uImage --append="$ ( cat /proc/cmdline )" 2) Afterwards, I ran: kexec -e Note: uImage was successfully loaded using u-boot. >From my serial output, I get

Re: [PATCH v3 02/22] ima: refactor ima_policy_show() to display "ima_hooks" rules

On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > Define and call a function to display the "ima_hooks" rules. > > Signed-off-by: Mimi Zohar Acked-by: Dmitry Kasatkin > --- > security/integrity/ima/ima_policy.c

Re: [PATCH v3 10/22] ima: calculate the hash of a buffer using aynchronous hash(ahash)

On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > Setting up ahash has some overhead. Only use ahash to calculate the > hash of a buffer, if the buffer is larger than ima_ahash_minsize. > > Signed-off-by: Mimi Zohar Acked-by: Dmitry

Re: [PATCH v3 21/22] ima: measure and appraise the IMA policy itself

On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > Add support for measuring and appraising the IMA policy itself. > > Signed-off-by: Mimi Zohar Acked-by: Dmitry Kasatkin But from Documentation/CodingStyle if

Re: [PATCH v3 19/22] ima: support for kexec image and initramfs

On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > Add IMA policy support for measuring/appraising the kexec image and > initramfs. > > Moving the enumeration to the vfs layer simplified the patches, allowing > the IMA changes, for the most part, to be separated from

Re: [PATCH v3 11/22] ima: define a new hook to measure and appraise a file already in memory

On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > This patch defines a new IMA hook ima_post_read_file() for measuring > and appraising files read by the kernel. The caller loads the file into > memory before calling this function, which calculates the hash followed by

Re: [PATCH v3 21/22] ima: measure and appraise the IMA policy itself

On Wed, 2016-02-10 at 22:22 +0200, Dmitry Kasatkin wrote: > On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > > Add support for measuring and appraising the IMA policy itself. > > > > Signed-off-by: Mimi Zohar > > Acked-by: Dmitry Kasatkin

Re: [PATCH v3 17/22] ima: remove firmware and module specific cached status info

On Wed, 2016-02-10 at 22:18 +0200, Dmitry Kasatkin wrote: > > diff --git a/security/integrity/ima/ima_appraise.c > > b/security/integrity/ima/ima_appraise.c > > index cb0d0ff..6b4694a 100644 > > --- a/security/integrity/ima/ima_appraise.c > > +++ b/security/integrity/ima/ima_appraise.c > > @@

Re: [PATCH v3 19/22] ima: support for kexec image and initramfs

On Wed, 2016-02-10 at 23:09 +0200, Dmitry Kasatkin wrote: > On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote: > > Add IMA policy support for measuring/appraising the kexec image and > > initramfs. > > > > Moving the enumeration to the vfs layer simplified the patches,

Re: [PATCH v3 19/22] ima: support for kexec image and initramfs

On Thu, 2016-02-11 at 01:55 +0200, Dmitry Kasatkin wrote: > On Feb 11, 2016 1:22 AM, "Mimi Zohar" wrote: > > > > On Wed, 2016-02-10 at 23:09 +0200, Dmitry Kasatkin wrote: > > > On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar > wrote: > > > > > > >