| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 07 Jan 2020 23:25:32 -0500
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>,
James.Bottomley@...senPartnership.com, arnd@...db.de,
linux-integrity@...r.kernel.org
Cc: dhowells@...hat.com, sashal@...nel.org,
linux-kernel@...r.kernel.org, keyrings@...r.kernel.org,
linux-crypto@...r.kernel.org
Subject: Re: [PATCH] IMA: Defined CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS to
enable IMA hook to measure keys
The subject line is too long. How about "IMA: fix measuring
asymmetric keys Kconfig"?
On Tue, 2020-01-07 at 16:36 -0800, Lakshmi Ramasubramanian wrote:
> CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is a tristate and not a bool.
> If this config is set to "=m", ima_asymmetric_keys.c is built
> as a kernel module when it is actually not.
Simplify the wording by removing the unnecessary "not a bool" and
"when it is actually not".
>
> Defined a new config CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS that is
> defined when CONFIG_IMA and CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> are defined.
How about using James wording - "intermediate boolean config
variable"?
> Asymmetric key structure is defined only when
> CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is defined. Since the IMA hook
> measures asymmetric keys, the IMA hook is defined in
> ima_asymmetric_keys.c which is built only if
> CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS is defined.
>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
Please include a "Suggested-by:" tag for James.
thanks,
Mimi
Powered by blists - more mailing lists