[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 07 Jun 2009 01:43:12 +0530
From: Sachin Sant <sachinp@...ibm.com>
To: Mimi Zohar <zohar@...ibm.com>
CC: linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [IMA] 2.6.30-rc8 : Bug while trying to launch a KVM guest
Mimi Zohar wrote:
> This bug has been addressed in linux-next. Please refer to:
>
> f06dd16a03f6f7f72fab4db03be36e28c28c6fd6 : IMA: Handle dentry_open
> failures
> 1a62e958fa4aaeeb752311b4f5e16b2a86737b23 : IMA: open all files O_LARGEFILE
> 04288f42033607099cebf5ca15ce8dcec3a9688b : integrity: ima audit
> dentry_open failure
>
> The default policy in 2.6.30 measures all files open for read by root.
> (So starting the VM as root will cause it to be read.) This linux-next
> patch changes the default behavior so that nothing is measured.
>
> 5789ba3bd0a3cd20df5980ebf03358f2eb44fd67 : IMA: Minimal IMA policy and
> boot param for TCB IMA policy
>
I am able to boot the kvm guest after applying the following two patches.
commit f06dd16a03f6f7f72fab4db03be36e28c28c6fd6
commit 1a62e958fa4aaeeb752311b4f5e16b2a86737b23
Thanks Mimi for the help.
Regards
-Sachin
--
---------------------------------
Sachin Sant
IBM Linux Technology Center
India Systems and Technology Labs
Bangalore, India
---------------------------------
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists