lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 26 Mar 2007 10:18:20 -0800
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	linux-kernel@...r.kernel.org, safford@...son.ibm.com,
	serue@...ux.vnet.ibm.com, kjhall@...ux.vnet.ibm.com,
	zohar@...ibm.com, sailer@...ibm.com
Subject: Re: [Patch 4/7] integrity: IMA integrity_measure() support

On Fri, 23 Mar 2007 12:09:50 -0400 Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:

> This is a re-release of Integrity Measurement Architecture(IMA) as a
> method of providing support for the integrity service framework API
> integrity_measure() call. When integrity_measure() is called, IMA
> submits the measurement (hash) of the file to the TPM chip, for
> inclusion in one of the chip's Platform Configuration Registers (PCR).
> IMA also keeps a list of all file names and hashes that have been
> submitted to the TPM, which can be viewed through securityfs. By
> separately requesting a TPM_Quote from the chip, an application can
> get a chip-signed value of the PCR, which, along with the list of
> measurements from IMA, can be used to attest, or prove to a third
> party, the validity of the hash list.  (The tpm-3.2.1 package includes
> example TPM applications for creating keys, and performing the
> TPM_Quote operation.) 
> 
> IMA can be included or excluded in the kernel configuration. If
> included in the kernel, IMA can also be enabled or disabled on the
> kernel command line with evm_enable_ima=0.

It breaks the ia64 build:

ima_fs_cleanup: discarded in section `.exit.text' from security/built-in.o

it's calling an __exit function from a non-_-exit function.

I'll remove the __exit tag from ima_fs_cleanup(), but that's the wrong fix
- really the caller should be fixed but it's all tangled up in a quite
unnecessary inlined function.

I must say that this code doesn't leave an impression of having sufficient
overall quality.  It needs some caring for. 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ