Mimi Zohar wrote:
> Please feel free to squash this patch with yours of the same name (12/12).
>
> Just replace the .ima_mok keyring with the .secondary_trusted_keys.
>
> Signed-off-by: Mimi Zohar
Okay, I've squashed it and am posting a new
Mimi Zohar wrote:
> Please feel free to squash this patch with yours of the same name (12/12).
>
> Just replace the .ima_mok keyring with the .secondary_trusted_keys.
>
> Signed-off-by: Mimi Zohar
Okay, I've squashed it and am posting a new set. How do you want your changes
attributing to
On Wed, 2016-04-06 at 19:10 +0100, David Howells wrote:
> Mimi Zohar wrote:
>
> > I'm not sure what you're asking. If you're asking if the whole file can
> > be include based on whether this option is enabled, then no.
>
> No - but integrity_init_keyring() just
On Wed, 2016-04-06 at 19:10 +0100, David Howells wrote:
> Mimi Zohar wrote:
>
> > I'm not sure what you're asking. If you're asking if the whole file can
> > be include based on whether this option is enabled, then no.
>
> No - but integrity_init_keyring() just returns if init_keyring is false
Mimi Zohar wrote:
> I'm not sure what you're asking. If you're asking if the whole file can
> be include based on whether this option is enabled, then no.
No - but integrity_init_keyring() just returns if init_keyring is false - but
this is a variable and is assigned
Mimi Zohar wrote:
> I'm not sure what you're asking. If you're asking if the whole file can
> be include based on whether this option is enabled, then no.
No - but integrity_init_keyring() just returns if init_keyring is false - but
this is a variable and is assigned storage, despite the fact
On Wed, 2016-04-06 at 17:24 +0100, David Howells wrote:
> Looking in digsig.c, I see:
>
> #ifdef CONFIG_INTEGRITY_TRUSTED_KEYRING
> static bool init_keyring __initdata = true;
> #else
> static bool init_keyring __initdata;
> #endif
>
> Since this doesn't ever appear
On Wed, 2016-04-06 at 17:24 +0100, David Howells wrote:
> Looking in digsig.c, I see:
>
> #ifdef CONFIG_INTEGRITY_TRUSTED_KEYRING
> static bool init_keyring __initdata = true;
> #else
> static bool init_keyring __initdata;
> #endif
>
> Since this doesn't ever appear
Looking in digsig.c, I see:
#ifdef CONFIG_INTEGRITY_TRUSTED_KEYRING
static bool init_keyring __initdata = true;
#else
static bool init_keyring __initdata;
#endif
Since this doesn't ever appear to be altered, should integrity_init_keyring()
just be made
Looking in digsig.c, I see:
#ifdef CONFIG_INTEGRITY_TRUSTED_KEYRING
static bool init_keyring __initdata = true;
#else
static bool init_keyring __initdata;
#endif
Since this doesn't ever appear to be altered, should integrity_init_keyring()
just be made
Hi David,
Please feel free to squash this patch with yours of the same name (12/12).
Just replace the .ima_mok keyring with the .secondary_trusted_keys.
Signed-off-by: Mimi Zohar
---
include/keys/system_keyring.h| 4 +--
security/integrity/digsig.c | 9
Hi David,
Please feel free to squash this patch with yours of the same name (12/12).
Just replace the .ima_mok keyring with the .secondary_trusted_keys.
Signed-off-by: Mimi Zohar
---
include/keys/system_keyring.h| 4 +--
security/integrity/digsig.c | 9 ++
12 matches
Mail list logo