On Tue, 13 Mar 2018, Stefan Berger wrote:
> On 03/11/2018 06:58 PM, James Morris wrote:
> > On Fri, 9 Mar 2018, Stefan Berger wrote:
> >
> > > Yuqiong is publishing a paper in this area. I believe the conference is
> > > only
> > > later this year.
> > >
> > > Our goals are to enable IMA measure
On 03/11/2018 06:58 PM, James Morris wrote:
On Fri, 9 Mar 2018, Stefan Berger wrote:
Yuqiong is publishing a paper in this area. I believe the conference is only
later this year.
Our goals are to enable IMA measurements, appraisal, and auditing inside a
container using namespaces.
This is exc
On Fri, 9 Mar 2018, Stefan Berger wrote:
> Yuqiong is publishing a paper in this area. I believe the conference is only
> later this year.
>
> Our goals are to enable IMA measurements, appraisal, and auditing inside a
> container using namespaces.
This is excellent to have -- can you include th
On 03/08/2018 09:59 PM, Serge E. Hallyn wrote:
On Thu, Mar 08, 2018 at 09:04:52AM -0500, Stefan Berger wrote:
On 07/25/2017 04:46 PM, Serge E. Hallyn wrote:
On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
On 07/25/2017 03:48 PM, Mimi Zohar wrote:
On Tue, 2017-07-25 at 12:08 -07
On Thu, Mar 08, 2018 at 09:04:52AM -0500, Stefan Berger wrote:
> On 07/25/2017 04:46 PM, Serge E. Hallyn wrote:
> >On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
> >>On 07/25/2017 03:48 PM, Mimi Zohar wrote:
> >>>On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
> On Tue
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
> On 03/08/2018 03:19 PM, Serge E. Hallyn wrote:
> >Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
> >>On 07/20/2017 06:50 PM, Mehmet Kayaalp wrote:
> >>>From: Yuqiong Sun
> >>>
> >>>Add new CONFIG_IMA_NS config option. Let clone() create a
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
> On 07/20/2017 06:50 PM, Mehmet Kayaalp wrote:
> >From: Yuqiong Sun
> >
> >Add new CONFIG_IMA_NS config option. Let clone() create a new IMA
> >namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy.
> >ima_ns is allocated and fr
On 07/25/2017 04:46 PM, Serge E. Hallyn wrote:
On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
On 07/25/2017 03:48 PM, Mimi Zohar wrote:
On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
On Tue, Jul 25, 2017 at 1
On 07/20/2017 06:50 PM, Mehmet Kayaalp wrote:
From: Yuqiong Sun
Add new CONFIG_IMA_NS config option. Let clone() create a new IMA
namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy.
ima_ns is allocated and freed upon IMA namespace creation and exit.
Currently, the ima_ns con
On Fri, 2017-07-28 at 14:19 +, Magalhaes, Guilherme (Brazil R&D-
CL) wrote:
> > > Each measurement entry in the list could have new fields to identify
> > > the namespace. Since the namespaces can be reused, a timestamp or
> > > others fields could be added to uniquely identify the namespace id
> > Each measurement entry in the list could have new fields to identify
> > the namespace. Since the namespaces can be reused, a timestamp or
> > others fields could be added to uniquely identify the namespace id.
>
> The more fields included in the measurement list, the more
> measurements will
On 07/27/2017 03:39 PM, Magalhaes, Guilherme (Brazil R&D-CL) wrote:
There's a vTPM proxy driver in the kernel that enables spawning a
frontend /dev/tpm%d and an anonymous backend file descriptor where a
vTPM can listen on for TPM commands. I integrated this with 'swtpm' and
I have been working
oundation.org>; linux-kernel ; David Safford
> ; James Bottomley
> ; linux-security-module security-mod...@vger.kernel.org>; ima-devel de...@lists.sourceforge.net>; Yuqiong Sun
> Subject: Re: [Linux-ima-devel] [RFC PATCH 1/5] ima: extend clone() with IMA
> namespace support
iong Sun
; containers ; linux-kernel ; David Safford
; James Bottomley
; linux-security-module ; ima-devel ; Yuqiong Sun
Subject: Re: [Linux-ima-devel] [RFC PATCH 1/5] ima: extend clone() with IMA
namespace support
On Thu, 2017-07-27 at 12:51 +, Magalhaes, Guilherme (Brazil R&D-
CL) wrote:
On Tue
linux-kernel ; David Safford
> ; James Bottomley
> ; linux-security-module security-mod...@vger.kernel.org>; ima-devel de...@lists.sourceforge.net>; Yuqiong Sun
> Subject: Re: [Linux-ima-devel] [RFC PATCH 1/5] ima: extend clone() with IMA
> namespace support
>
> On Thu, 2017-07
On Thu, 2017-07-27 at 12:51 +, Magalhaes, Guilherme (Brazil R&D-
CL) wrote:
>
>
> > On Tue, 2017-07-25 at 16:08 -0500, Serge E. Hallyn wrote:
> > > On Tue, Jul 25, 2017 at 04:57:57PM -0400, Mimi Zohar wrote:
> > > > On Tue, 2017-07-25 at 15:46 -0500, Serge E. Hallyn wrote:
> > > > > On Tue, J
gt; ; linux-security-module security-mod...@vger.kernel.org>; ima-devel de...@lists.sourceforge.net>; Yuqiong Sun
> Subject: Re: [Linux-ima-devel] [RFC PATCH 1/5] ima: extend clone() with IMA
> namespace support
>
> On Tue, 2017-07-25 at 16:08 -0500, Serge E. Hallyn wrote:
>
On Tue, 2017-07-25 at 16:08 -0500, Serge E. Hallyn wrote:
> On Tue, Jul 25, 2017 at 04:57:57PM -0400, Mimi Zohar wrote:
> > On Tue, 2017-07-25 at 15:46 -0500, Serge E. Hallyn wrote:
> > > On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
> > > > On 07/25/2017 03:48 PM, Mimi Zohar wrote
On 07/25/2017 04:46 PM, Serge E. Hallyn wrote:
On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
On 07/25/2017 03:48 PM, Mimi Zohar wrote:
On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
On Tue, Jul 25, 2017 at 1
On Tue, Jul 25, 2017 at 04:57:57PM -0400, Mimi Zohar wrote:
> On Tue, 2017-07-25 at 15:46 -0500, Serge E. Hallyn wrote:
> > On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
> > > On 07/25/2017 03:48 PM, Mimi Zohar wrote:
> > > >On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
On Tue, 2017-07-25 at 15:46 -0500, Serge E. Hallyn wrote:
> On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
> > On 07/25/2017 03:48 PM, Mimi Zohar wrote:
> > >On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
> > >>On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
> >
On Tue, 2017-07-25 at 13:31 -0700, James Bottomley wrote:
> On Tue, 2017-07-25 at 15:48 -0400, Mimi Zohar wrote:
> > On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
> > >
> > > On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
> > > >
> > > > On Tue, Jul 25, 2017 at 11:49:14AM -
On Tue, Jul 25, 2017 at 04:11:29PM -0400, Stefan Berger wrote:
> On 07/25/2017 03:48 PM, Mimi Zohar wrote:
> >On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
> >>On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
> >>>On Tue, Jul 25, 2017 at 11:49:14AM -0700, James Bottomley wrote:
On Tue, 2017-07-25 at 15:48 -0400, Mimi Zohar wrote:
> On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
> >
> > On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
> > >
> > > On Tue, Jul 25, 2017 at 11:49:14AM -0700, James Bottomley wrote:
> > > >
> > > >
> > > > On Tue, 2017-07
On 07/25/2017 03:48 PM, Mimi Zohar wrote:
On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
On Tue, Jul 25, 2017 at 11:49:14AM -0700, James Bottomley wrote:
On Tue, 2017-07-25 at 12:53 -0500, Serge E. Hallyn wrote:
On Thu, Jul
On Tue, 2017-07-25 at 12:08 -0700, James Bottomley wrote:
> On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
> > On Tue, Jul 25, 2017 at 11:49:14AM -0700, James Bottomley wrote:
> > >
> > > On Tue, 2017-07-25 at 12:53 -0500, Serge E. Hallyn wrote:
> > > >
> > > > On Thu, Jul 20, 2017 at
On Tue, 2017-07-25 at 14:04 -0500, Serge E. Hallyn wrote:
> On Tue, Jul 25, 2017 at 11:49:14AM -0700, James Bottomley wrote:
> >
> > On Tue, 2017-07-25 at 12:53 -0500, Serge E. Hallyn wrote:
> > >
> > > On Thu, Jul 20, 2017 at 06:50:29PM -0400, Mehmet Kayaalp wrote:
> > > >
> > > >
> > > > From
On Tue, Jul 25, 2017 at 11:49:14AM -0700, James Bottomley wrote:
> On Tue, 2017-07-25 at 12:53 -0500, Serge E. Hallyn wrote:
> > On Thu, Jul 20, 2017 at 06:50:29PM -0400, Mehmet Kayaalp wrote:
> > >
> > > From: Yuqiong Sun
> > >
> > > Add new CONFIG_IMA_NS config option. Let clone() create a ne
On Tue, 2017-07-25 at 12:53 -0500, Serge E. Hallyn wrote:
> On Thu, Jul 20, 2017 at 06:50:29PM -0400, Mehmet Kayaalp wrote:
> >
> > From: Yuqiong Sun
> >
> > Add new CONFIG_IMA_NS config option. Let clone() create a new IMA
> > namespace upon CLONE_NEWNS flag. Add ima_ns data structure in
> > n
On Thu, Jul 20, 2017 at 06:50:29PM -0400, Mehmet Kayaalp wrote:
> From: Yuqiong Sun
>
> Add new CONFIG_IMA_NS config option. Let clone() create a new IMA
> namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy.
> ima_ns is allocated and freed upon IMA namespace creation and exit.
From: Yuqiong Sun
Add new CONFIG_IMA_NS config option. Let clone() create a new IMA
namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy.
ima_ns is allocated and freed upon IMA namespace creation and exit.
Currently, the ima_ns contains no useful IMA data but only a dummy
interf
31 matches
Mail list logo
