lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7857.1404923329@warthog.procyon.org.uk>
Date:	Wed, 09 Jul 2014 17:28:49 +0100
From:	David Howells <dhowells@...hat.com>
To:	Borislav Petkov <bp@...en8.de>
Cc:	dhowells@...hat.com, Vivek Goyal <vgoyal@...hat.com>,
	keyrings@...ux-nfs.org, linux-security-module@...r.kernel.org,
	kexec@...ts.infradead.org, linux-kernel@...r.kernel.org,
	x86-ml <x86@...nel.org>
Subject: Re: [PATCH 00/17] KEYS: PKCS#7 and PE file signature checking for kexec

Borislav Petkov <bp@...en8.de> wrote:

> let me see if I get this straight:
> 
> this current submission is supposed to replace
> 
> http://lkml.kernel.org/r/20140708131504.28621.61165.stgit@warthog.procyon.org.uk

Yes.  It's an extension of that.  Plus I did it wrong and managed to lose the
actual first patch, I realise.

> and Vivek's one:
> 
> http://lkml.kernel.org/r/1404421641-12691-1-git-send-email-vgoyal@redhat.com
> 
> (which added those parsers to arch/x86/kernel/ - not a good place anyway.)

Yep.

> The kexec bits with the sig verif will come ontop, it seems. What's the
> story guys?

Here's an example of what I think it could look like:

	http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-modsign.git/log/?h=kexec-pefile

I did the following:

 (1) Rebased all but the last of Vivek's patches onto the same base as my
     pkcs7 and pefile patches.

 (2) Substituted on of Andrew Morton's patches for one of Vivek's.

 (3) Stacked a merge of my stuff on top of Vivek's.

 (4) Stacked Vivek's final patch on top of that and fixed it to work with my
     changed stuff.

I'm leaving that to Vivek as to when he wants to push that out, though - and
whether or not he wants to push from my tree or his own.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ