lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LRH.2.21.1910160914090.11167@namei.org>
Date:   Wed, 16 Oct 2019 09:15:39 +1100 (AEDT)
From:   James Morris <jmorris@...ei.org>
To:     James Morse <james.morse@....com>
cc:     prsriva <prsriva@...ux.microsoft.com>,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        linux-integrity@...r.kernel.org, kexec@...ts.infradead.org,
        mark.rutland@....com, jean-philippe@...aro.org, arnd@...db.de,
        takahiro.akashi@...aro.org, sboyd@...nel.org,
        catalin.marinas@....com, zohar@...ux.ibm.com,
        yamada.masahiro@...ionext.com, duwe@....de, bauerman@...ux.ibm.com,
        tglx@...utronix.de, allison@...utok.net, ard.biesheuvel@...aro.org
Subject: Re: [PATCH V4 0/2] Add support for arm64 to carry ima measurement

On Tue, 15 Oct 2019, James Morse wrote:

> > The IMA logs are event logs for module load time signature validation(based on policies)
> > which are backed by the TPM. No SecureBoot information is present in the log other than
> > the boot aggregate.
> 
> Okay, so SecureBoot is optional with this thing.

Correct. Verified boot is one alternative.


-- 
James Morris
<jmorris@...ei.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ