| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Nov 2019 20:08:13 +1100 (AEDT)
From: Michael Ellerman <patch-notifications@...erman.id.au>
To: Mimi Zohar <zohar@...ux.ibm.com>, linuxppc-dev@...abs.org,
linux-efi@...r.kernel.org, linux-integrity@...r.kernel.org
Cc: Jessica Yu <jeyu@...nel.org>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Eric Ricther <erichte@...ux.ibm.com>,
Nayna Jain <nayna@...ux.ibm.com>, linux-kernel@...r.kernel.org,
Mimi Zohar <zohar@...ux.ibm.com>,
Paul Mackerras <paulus@...ba.org>, Jeremy Kerr <jk@...abs.org>,
Oliver O'Halloran <oohall@...il.com>
Subject: Re: [RFC PATCH v10 9/9] powerpc/ima: indicate kernel modules appended signatures are enforced
On Thu, 2019-10-31 at 03:31:34 UTC, Mimi Zohar wrote:
> The arch specific kernel module policy rule requires kernel modules to
> be signed, either as an IMA signature, stored as an xattr, or as an
> appended signature. As a result, kernel modules appended signatures
> could be enforced without "sig_enforce" being set or reflected in
> /sys/module/module/parameters/sig_enforce. This patch sets
> "sig_enforce".
>
> Signed-off-by: Mimi Zohar <zohar@...ux.ibm.com>
> Cc: Jessica Yu <jeyu@...nel.org>
Applied to powerpc next, thanks.
https://git.kernel.org/powerpc/c/d72ea4915c7e6fa5e7b9022a34df66e375bfe46c
cheers
Powered by blists - more mailing lists