| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2e0baa1902b6f360e542f92906d077d44e53e59e.camel@linux.ibm.com>
Date: Thu, 24 Dec 2020 08:48:35 -0500
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Tushar Sugandhi <tusharsu@...ux.microsoft.com>,
stephen.smalley.work@...il.com, casey@...aufler-ca.com,
agk@...hat.com, snitzer@...hat.com, gmazyland@...il.com,
paul@...l-moore.com
Cc: tyhicks@...ux.microsoft.com, sashal@...nel.org, jmorris@...ei.org,
nramas@...ux.microsoft.com, linux-integrity@...r.kernel.org,
selinux@...r.kernel.org, linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, dm-devel@...hat.com
Subject: Re: [PATCH v9 4/8] IMA: add policy rule to measure critical data
Hi Tushar,
Please update the Subject line as, "Add policy rule support for
measuring critical data".
On Sat, 2020-12-12 at 10:02 -0800, Tushar Sugandhi wrote:
> A new IMA policy rule is needed for the IMA hook
> ima_measure_critical_data() and the corresponding func CRITICAL_DATA for
> measuring the input buffer. The policy rule should ensure the buffer
> would get measured only when the policy rule allows the action. The
> policy rule should also support the necessary constraints (flags etc.)
> for integrity critical buffer data measurements.
>
> Add a policy rule to define the constraints for restricting integrity
> critical data measurements.
>
> Signed-off-by: Tushar Sugandhi <tusharsu@...ux.microsoft.com>
This patch does not restrict measuring critical data, but adds policy
rule support for measuring critical data. please update the patch
description accordingly.
Other than that,
Reviewed-by: Mimi Zohar <zohar@...ux.ibm.com>
Powered by blists - more mailing lists