| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20070325001605.31ed39e7.akpm@linux-foundation.org> Date: Sun, 25 Mar 2007 00:16:05 -0800 From: Andrew Morton <akpm@...ux-foundation.org> To: Mimi Zohar <zohar@...ux.vnet.ibm.com> Cc: linux-kernel@...r.kernel.org, safford@...son.ibm.com, serue@...ux.vnet.ibm.com, kjhall@...ux.vnet.ibm.com, zohar@...ibm.com Subject: Re: [Patch 3/7] integrity: EVM as an integrity service provider On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote: > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig > @@ -0,0 +1,17 @@ > +config INTEGRITY_EVM > + boolean "EVM support" > + depends on INTEGRITY && KEYS > + select CRYPTO_HMAC > + select CRYPTO_MD5 > + select CRYPTO_SHA1 > + default 0 > + help > + The Extended Verification Module is an integrity provider. > + An extensible set of extended attributes, as defined in > + /etc/evm.conf, are HMAC protected against modification > + using the TPM's KERNEL ROOT KEY, if configured, or with a > + pass-phrase. Possible extended attributes include authenticity, > + integrity, and revision level. > + > + If you are unsure how to answer this question, answer N. > + Is no dependency upon TPM needed? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists