On Thu, 2007-03-22 at 23:19 +, Pavel Machek wrote:
> > There are some papers and related userspace code at
> >http://www.research.ibm.com/gsal/tcpa
> > which describe the architecture in more detail, but basically this
> > integrity provider is designed to complement mandatory access contr
Hi!
> > > > + The Extended Verification Module is an integrity provider.
> > > > + An extensible set of extended attributes, as defined in
> > > > + /etc/evm.conf, are HMAC protected against modification
> > > > + using the TPM's KERNEL ROOT KEY, if configured, or w
On Mon, 2007-03-26 at 13:23 -0500, Serge E. Hallyn wrote:
> Quoting Andrew Morton ([EMAIL PROTECTED]):
> > On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> >
> > > This is a re-release of EVM as an integrity service provider.
> >
> > What a huge set of patches.
> >
> >
Quoting Andrew Morton ([EMAIL PROTECTED]):
> On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
>
> > This is a re-release of EVM as an integrity service provider.
>
> What a huge set of patches.
>
> Frankly, I don't know how we're going to get these reviewed and mergeable
On Sun, 2007-03-25 at 12:13 +, Pavel Machek wrote:
> > > + The Extended Verification Module is an integrity provider.
> > > + An extensible set of extended attributes, as defined in
> > > + /etc/evm.conf, are HMAC protected against modification
> > > + using the TPM's KERNEL ROOT KEY, i
On Sun, 2007-03-25 at 21:28 -0800, Andrew Morton wrote:
> On Sun, 25 Mar 2007 23:13:02 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
>
> > On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
> > > On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> > >
> > > > +++ linux-2
On Sun, 25 Mar 2007 23:13:02 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
> > On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> >
> > > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> > > @@ -0,0 +1,17 @@
> > > +con
On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
> On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
>
> > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> > @@ -0,0 +1,17 @@
> > +config INTEGRITY_EVM
> > + boolean "EVM support"
> > + depends on INTEGRITY && KEYS
>
Hi!
> > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> > @@ -0,0 +1,17 @@
> > +config INTEGRITY_EVM
> > + boolean "EVM support"
> > + depends on INTEGRITY && KEYS
> > + select CRYPTO_HMAC
> > + select CRYPTO_MD5
> > + select CRYPTO_SHA1
> > + default 0
> > + help
> > + The Exten
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> @@ -0,0 +1,17 @@
> +config INTEGRITY_EVM
> + boolean "EVM support"
> + depends on INTEGRITY && KEYS
> + select CRYPTO_HMAC
> + select CRYPTO_MD5
> + select
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> This is a re-release of EVM as an integrity service provider.
What a huge set of patches.
Frankly, I don't know how we're going to get these reviewed and mergeable
and merged - there doesn't seem to be a lot of interest a
This is a re-release of EVM as an integrity service provider. The
initial EVM release was as an LSM module. It has been substantially
rewritten to provide support for the new integrity service framework
API, which permits applications, such as LSM modules, to verify the
integrity of the metadata a
12 matches
Mail list logo