| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 Mar 2024 16:02:26 -0800 From: Randy Dunlap <rdunlap@...radead.org> To: Fan Wu <wufan@...ux.microsoft.com>, corbet@....net, zohar@...ux.ibm.com, jmorris@...ei.org, serge@...lyn.com, tytso@....edu, ebiggers@...nel.org, axboe@...nel.dk, agk@...hat.com, snitzer@...nel.org, eparis@...hat.com, paul@...l-moore.com Cc: linux-doc@...r.kernel.org, linux-integrity@...r.kernel.org, linux-security-module@...r.kernel.org, linux-fscrypt@...r.kernel.org, linux-block@...r.kernel.org, dm-devel@...ts.linux.dev, audit@...r.kernel.org, linux-kernel@...r.kernel.org, Deven Bowers <deven.desai@...ux.microsoft.com> Subject: Re: [RFC PATCH v14 16/19] ipe: enable support for fs-verity as a trust provider On 3/6/24 15:34, Fan Wu wrote: > +config IPE_PROP_FS_VERITY > + bool "Enable property for fs-verity files" > + depends on FS_VERITY && FS_VERITY_BUILTIN_SIGNATURES > + help > + This option enables the usage of properties "fsverity_signature" > + and "fsverity_digest". These properties evaluates to TRUE when evaluate > + a file is fsverity enabled and with a signed digest or its > + digest matches the supplied value in the policy. -- #Randy
Powered by blists - more mailing lists