This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file(), and replaces the kexec copy_file_from_fd()
calls with the kernel_read_file_from_fd() wrapper.
Two new IMA policy identifiers named KEXEC_CHECK and INITRAMFS_CHECK
are defined for measuring, appraising o
On 01/18/16 at 10:11am, Mimi Zohar wrote:
> diff --git a/fs/exec.c b/fs/exec.c
> index 211b81c..a5ae51e 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -884,6 +884,21 @@ out:
> }
> EXPORT_SYMBOL_GPL(kernel_read_file);
>
> +int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t
>
On Mon, Jan 18, 2016 at 10:11:21AM -0500, Mimi Zohar wrote:
> diff --git a/fs/exec.c b/fs/exec.c
> index 211b81c..a5ae51e 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -884,6 +884,21 @@ out:
> }
> EXPORT_SYMBOL_GPL(kernel_read_file);
>
> +int kernel_read_file_from_fd(int fd, void **buf, loff_
On Thu, Jan 21, 2016 at 12:12:40AM +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 18, 2016 at 10:11:21AM -0500, Mimi Zohar wrote:
> > diff --git a/security/integrity/ima/ima_appraise.c
> > b/security/integrity/ima/ima_appraise.c
> > index 4edf47f..3adf937 100644
> > --- a/security/integrity/ima/ima
Hi, Mimi
Besides of code issues, I have several thing to be understand:
What is the effect to kexec behavior with this patchset?
- without IMA enabled (kconfig or kernel cmdline) it will be same as before?
- with IMA enabled for kernel bzImage, kexec_file_load will check both ima
signatur
> > diff --git a/fs/exec.c b/fs/exec.c
> > index 211b81c..a5ae51e 100644
> > --- a/fs/exec.c
> > +++ b/fs/exec.c
> > @@ -884,6 +884,21 @@ out:
> > }
> > EXPORT_SYMBOL_GPL(kernel_read_file);
> >
> > +int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t
> > max_size,
> > +
On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> Hi, Mimi
>
> Besides of code issues, I have several thing to be understand:
>
> What is the effect to kexec behavior with this patchset?
> - without IMA enabled (kconfig or kernel cmdline) it will be same as before?
Yes, without IMA config
On Mon, Jan 25, 2016 at 10:04:18AM -0500, Mimi Zohar wrote:
> On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > Hi, Mimi
> >
> > Besides of code issues, I have several thing to be understand:
> >
> > What is the effect to kexec behavior with this patchset?
> > - without IMA enabled (kcon
On Mon, 2016-01-25 at 21:34 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 25, 2016 at 10:04:18AM -0500, Mimi Zohar wrote:
> > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > Hi, Mimi
> > >
> > > Besides of code issues, I have several thing to be understand:
> > >
> > > What is the effe
Hi, Mimi
On 01/25/16 at 10:04am, Mimi Zohar wrote:
> On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > Hi, Mimi
> >
> > Besides of code issues, I have several thing to be understand:
> >
> > What is the effect to kexec behavior with this patchset?
> > - without IMA enabled (kconfig or k
Hi Dave,
On Tue, 2016-01-26 at 09:20 +0800, Dave Young wrote:
> Hi, Mimi
>
> On 01/25/16 at 10:04am, Mimi Zohar wrote:
> > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > Hi, Mimi
> > >
> > > Besides of code issues, I have several thing to be understand:
> > >
> > > What is the effec
On Mon, Jan 25, 2016 at 06:48:12PM -0500, Mimi Zohar wrote:
> On Mon, 2016-01-25 at 21:34 +0100, Luis R. Rodriguez wrote:
> > On Mon, Jan 25, 2016 at 10:04:18AM -0500, Mimi Zohar wrote:
> > > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > > Hi, Mimi
> > > >
> > > > Besides of code issu
On 01/26/16 at 11:40am, Mimi Zohar wrote:
> Hi Dave,
>
> On Tue, 2016-01-26 at 09:20 +0800, Dave Young wrote:
> > Hi, Mimi
> >
> > On 01/25/16 at 10:04am, Mimi Zohar wrote:
> > > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > > Hi, Mimi
> > > >
> > > > Besides of code issues, I have
13 matches
Mail list logo
