On Tue, Sep 8, 2020 at 12:44 AM Lakshmi Ramasubramanian
wrote:
>
> On 9/7/20 3:32 PM, Stephen Smalley wrote:
>
> >> Signed-off-by: Lakshmi Ramasubramanian
> >> Suggested-by: Stephen Smalley
> >> Reported-by: kernel test robot # error: implicit
> >> declaration of function 'vfree'
> >>
On Tue, Sep 8, 2020 at 8:28 AM Stephen Smalley
wrote:
>
> On Mon, Sep 7, 2020 at 5:39 PM Lakshmi Ramasubramanian
> wrote:
> >
> > Critical data structures of security modules are currently not measured.
> > Therefore an attestation service, for instance, would not be able to
> > attest whether
On 9/8/20 4:58 AM, Stephen Smalley wrote:
On Tue, Sep 8, 2020 at 12:44 AM Lakshmi Ramasubramanian
wrote:
On 9/7/20 3:32 PM, Stephen Smalley wrote:
Signed-off-by: Lakshmi Ramasubramanian
Suggested-by: Stephen Smalley
Reported-by: kernel test robot # error: implicit declaration
of
On Mon, Sep 7, 2020 at 5:39 PM Lakshmi Ramasubramanian
wrote:
>
> Critical data structures of security modules are currently not measured.
> Therefore an attestation service, for instance, would not be able to
> attest whether the security modules are always operating with the policies
> and
On Tue, Sep 8, 2020 at 2:37 PM Stephen Smalley
wrote:
> On Mon, Sep 7, 2020 at 5:39 PM Lakshmi Ramasubramanian
> wrote:
> > diff --git a/security/selinux/measure.c b/security/selinux/measure.c
> > new file mode 100644
> > index ..caf9107937d9
> > --- /dev/null
> > +++
On 9/7/20 3:32 PM, Stephen Smalley wrote:
Signed-off-by: Lakshmi Ramasubramanian
Suggested-by: Stephen Smalley
Reported-by: kernel test robot # error: implicit declaration
of function 'vfree'
Reported-by: kernel test robot # error: implicit declaration
of function 'crypto_alloc_shash'
On Mon, Sep 7, 2020 at 5:39 PM Lakshmi Ramasubramanian
wrote:
>
> Critical data structures of security modules are currently not measured.
> Therefore an attestation service, for instance, would not be able to
> attest whether the security modules are always operating with the policies
> and
Critical data structures of security modules are currently not measured.
Therefore an attestation service, for instance, would not be able to
attest whether the security modules are always operating with the policies
and configuration that the system administrator had setup. The policies
and
On 8/31/20 7:47 AM, Stephen Smalley wrote:
Could you please let me know when the current set of changes in SELinux
next branch would be completed and be ready to take new changes?
I mean, roughly - would it be a month from now or you expect that to
take longer?
I can't speak for Paul but
On Wed, Aug 26, 2020 at 8:51 AM Stephen Smalley
wrote:
>
> On Tue, Aug 25, 2020 at 4:49 PM Lakshmi Ramasubramanian
> wrote:
> >
> > On 8/24/20 3:18 PM, Paul Moore wrote:
> >
> > Hi Paul,
> >
> > > Is Ondrej's re-try approach I need to use to workaround policy reload
> > > issue?
> >
On Tue, Aug 25, 2020 at 4:49 PM Lakshmi Ramasubramanian
wrote:
>
> On 8/24/20 3:18 PM, Paul Moore wrote:
>
> Hi Paul,
>
> > Is Ondrej's re-try approach I need to use to workaround policy reload
> > issue?
>
> No, I think perhaps we should move the mutex to selinux_state instead
On 8/24/20 3:18 PM, Paul Moore wrote:
Hi Paul,
Is Ondrej's re-try approach I need to use to workaround policy reload issue?
No, I think perhaps we should move the mutex to selinux_state instead
of selinux_fs_info. selinux_fs_info has a pointer to selinux_state so
it can then use it
On Mon, Aug 24, 2020 at 5:29 PM Lakshmi Ramasubramanian
wrote:
> On 8/24/20 1:01 PM, Ondrej Mosnacek wrote:
> > On Mon, Aug 24, 2020 at 9:30 PM Stephen Smalley
> > wrote:
> >> On Mon, Aug 24, 2020 at 2:13 PM Lakshmi Ramasubramanian
> >> wrote:
> >>> On 8/24/20 7:00 AM, Stephen Smalley wrote:
On 8/24/20 1:01 PM, Ondrej Mosnacek wrote:
On Mon, Aug 24, 2020 at 9:30 PM Stephen Smalley
wrote:
On Mon, Aug 24, 2020 at 2:13 PM Lakshmi Ramasubramanian
wrote:
On 8/24/20 7:00 AM, Stephen Smalley wrote:
+int security_read_policy_kernel(struct selinux_state *state,
+
On Mon, Aug 24, 2020 at 9:30 PM Stephen Smalley
wrote:
> On Mon, Aug 24, 2020 at 2:13 PM Lakshmi Ramasubramanian
> wrote:
> >
> > On 8/24/20 7:00 AM, Stephen Smalley wrote:
> >
> > >> +int security_read_policy_kernel(struct selinux_state *state,
> > >> + void
On Mon, Aug 24, 2020 at 2:13 PM Lakshmi Ramasubramanian
wrote:
>
> On 8/24/20 7:00 AM, Stephen Smalley wrote:
>
> >> +int security_read_policy_kernel(struct selinux_state *state,
> >> + void **data, size_t *len)
> >> +{
> >> + int rc;
> >> +
> >> + rc =
On 8/24/20 7:00 AM, Stephen Smalley wrote:
+int security_read_policy_kernel(struct selinux_state *state,
+ void **data, size_t *len)
+{
+ int rc;
+
+ rc = security_read_policy_len(state, len);
+ if (rc)
+ return rc;
+
+ *data =
On 8/24/20 7:00 AM, Stephen Smalley wrote:
On Fri, Aug 21, 2020 at 9:00 PM Lakshmi Ramasubramanian
+int security_read_policy_kernel(struct selinux_state *state,
+ void **data, size_t *len)
+{
+ int rc;
+
+ rc = security_read_policy_len(state, len);
On Fri, Aug 21, 2020 at 9:00 PM Lakshmi Ramasubramanian
wrote:
>
> Critical data structures of security modules are currently not measured.
> Therefore an attestation service, for instance, would not be able to
> attest whether the security modules are always operating with the policies
> and
Critical data structures of security modules are currently not measured.
Therefore an attestation service, for instance, would not be able to
attest whether the security modules are always operating with the policies
and configuration that the system administrator had setup. The policies
and
20 matches
Mail list logo
