lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 15 Sep 2023 00:14:04 +0300
From:   "Jarkko Sakkinen" <jarkko@...nel.org>
To:     "Jan Hendrik Farr" <kernel@...rr.cc>,
        "Lennart Poettering" <mzxreary@...inter.de>,
        "Philipp Rudo" <prudo@...hat.com>
Cc:     <linux-kernel@...r.kernel.org>, <kexec@...ts.infradead.org>,
        <x86@...nel.org>, <tglx@...utronix.de>, <dhowells@...hat.com>,
        <vgoyal@...hat.com>, <keyrings@...r.kernel.org>,
        <akpm@...ux-foundation.org>, "Baoquan He" <bhe@...hat.com>,
        <bhelgaas@...gle.com>, "Luca Boccassi" <bluca@...ian.org>,
        <mjg59@...gle.com>, <James.Bottomley@...senPartnership.com>
Subject: Re: [PATCH v2 0/2] x86/kexec: UKI Support

On Thu Sep 14, 2023 at 7:11 PM EEST, Jan Hendrik Farr wrote:
> > BTW, would not be a bad idea to extend CC list to at least Matthew and
> > James Bottomley on this patch.
>
> Sure. Added Matthew and James in CC
>
> Also, I already made some minor changes. cmdline is now used from the
> syscall if there is no .cmdline section included in the UKI.
> find_section now returns the section_header as an ERR_PTR. You can
> find them in the uki-v3-wip branch at
> https://github.com/Cydox/linux/commits/uki-v3-wip

Hey, I discussed about IKU at the Linux Linux security module
maintainers monthly meeting and we concluded that it would be nice if
this had a spread to linux-integrity and linux-security-module mailing
lists.

It is x86 feature at this point but obviously that will work as
reference model to other architectures too.  So it would be nice
if those mailing lists would be also included to the loop.

I do not have time to check if this is relevant but this I think
the last version seen of encrypted hibernate:

https://lore.kernel.org/linux-integrity/20221111231636.3748636-1-evgreen@chromium.org/

Just adding it as a reference since I mentioned it earlier.

I'm on holiday for the next week but will look forward to the next
version after I'm back.

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ