| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YKaHdWkXfk4DwqwR@kernel.org>
Date: Thu, 20 May 2021 18:59:49 +0300
From: Jarkko Sakkinen <jarkko@...nel.org>
To: Eric Snowberg <eric.snowberg@...cle.com>
Cc: keyrings@...r.kernel.org, linux-integrity@...r.kernel.org,
dhowells@...hat.com, dwmw2@...radead.org,
dmitry.kasatkin@...il.com, jmorris@...ei.org,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org, zohar@...ux.ibm.com,
torvalds@...ux-foundation.org, serge@...lyn.com,
James.Bottomley@...senpartnership.com, pjones@...hat.com,
glin@...e.com
Subject: Re: [RFC PATCH 1/3] keys: Add ability to trust the platform keyring
On Mon, May 17, 2021 at 06:57:12PM -0400, Eric Snowberg wrote:
> Add the ability to allow the secondary_trusted keyring to trust
> keys in the platform keyring. This is done by doing a key_link
What this looks for me doing is to *replace* the secondary
trusted keyring with the platform keyring.
So this should be "Add ability to replace the secondary trusted
keyring with the platform keyring." This is what the code change
is actually doing so it would be nice to say it out loud.
> of the platform_trusted_keys to the secondary_trusted_keys.
> After they are linked, the platform_trusted_keys can be used for
> validation instead of the secondary_trusted_keys if the user
> chooses. This functionality will be used in a follow on patch.
>
> Signed-off-by: Eric Snowberg <eric.snowberg@...cle.com>
/Jarkko
Powered by blists - more mailing lists