subject:"\[PATCH v6\] ima\: move APPRAISE_BOOTPARAM dependency on ARCH

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-21 Thread Bruno Meneguele

On Tue, Jul 21, 2020 at 01:26:16PM -0400, Mimi Zohar wrote: > On Mon, 2020-07-20 at 12:38 -0300, Bruno Meneguele wrote: > > On Mon, Jul 20, 2020 at 10:56:55AM -0400, Mimi Zohar wrote: > > > On Mon, 2020-07-20 at 10:40 -0400, Nayna wrote: > > > > On 7/13/20 12:48 PM, Bruno Meneguele wrote: > > > >

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-21 Thread Mimi Zohar

On Mon, 2020-07-20 at 12:38 -0300, Bruno Meneguele wrote: > On Mon, Jul 20, 2020 at 10:56:55AM -0400, Mimi Zohar wrote: > > On Mon, 2020-07-20 at 10:40 -0400, Nayna wrote: > > > On 7/13/20 12:48 PM, Bruno Meneguele wrote: > > > > The IMA_APPRAISE_BOOTPARAM config allows enabling different > > > >

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-20 Thread Bruno Meneguele

On Mon, Jul 20, 2020 at 10:56:55AM -0400, Mimi Zohar wrote: > On Mon, 2020-07-20 at 10:40 -0400, Nayna wrote: > > On 7/13/20 12:48 PM, Bruno Meneguele wrote: > > > The IMA_APPRAISE_BOOTPARAM config allows enabling different > > > "ima_appraise=" > > > modes - log, fix, enforce - at run time, but

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-20 Thread Mimi Zohar

On Mon, 2020-07-20 at 10:40 -0400, Nayna wrote: > On 7/13/20 12:48 PM, Bruno Meneguele wrote: > > The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise=" > > modes - log, fix, enforce - at run time, but not when IMA architecture > > specific policies are enabled. This prevents

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-20 Thread Nayna

On 7/13/20 12:48 PM, Bruno Meneguele wrote: The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise=" modes - log, fix, enforce - at run time, but not when IMA architecture specific policies are enabled. This prevents properly labeling the filesystem on systems where secure

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-17 Thread Bruno Meneguele

On Mon, Jul 13, 2020 at 01:48:30PM -0300, Bruno Meneguele wrote: > The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise=" > modes - log, fix, enforce - at run time, but not when IMA architecture > specific policies are enabled. This prevents properly labeling the > filesystem

[PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

2020-07-13 Thread Bruno Meneguele

The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise=" modes - log, fix, enforce - at run time, but not when IMA architecture specific policies are enabled. This prevents properly labeling the filesystem on systems where secure boot is supported, but not enabled on the

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

Re: [PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

[PATCH v6] ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime

7 matches

Site Navigation

Mail list logo

Footer information