lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jan 2021 12:12:58 -0800 From: Tushar Sugandhi <tusharsu@...ux.microsoft.com> To: Mimi Zohar <zohar@...ux.ibm.com>, stephen.smalley.work@...il.com, casey@...aufler-ca.com, agk@...hat.com, snitzer@...hat.com, gmazyland@...il.com, paul@...l-moore.com Cc: tyhicks@...ux.microsoft.com, sashal@...nel.org, jmorris@...ei.org, nramas@...ux.microsoft.com, linux-integrity@...r.kernel.org, selinux@...r.kernel.org, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org, dm-devel@...hat.com Subject: Re: [PATCH v9 4/8] IMA: add policy rule to measure critical data On 2020-12-24 5:48 a.m., Mimi Zohar wrote: > Hi Tushar, > > Please update the Subject line as, "Add policy rule support for > measuring critical data". > > On Sat, 2020-12-12 at 10:02 -0800, Tushar Sugandhi wrote: >> A new IMA policy rule is needed for the IMA hook >> ima_measure_critical_data() and the corresponding func CRITICAL_DATA for >> measuring the input buffer. The policy rule should ensure the buffer >> would get measured only when the policy rule allows the action. The >> policy rule should also support the necessary constraints (flags etc.) >> for integrity critical buffer data measurements. >> >> Add a policy rule to define the constraints for restricting integrity >> critical data measurements. >> >> Signed-off-by: Tushar Sugandhi <tusharsu@...ux.microsoft.com> > > This patch does not restrict measuring critical data, but adds policy > rule support for measuring critical data. please update the patch > description accordingly. > Will do. Will update the patch description accordingly. > Other than that, > > Reviewed-by: Mimi Zohar <zohar@...ux.ibm.com> > Thanks a lot for the Reviewed-by tag. :)
Powered by blists - more mailing lists