| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <h6jeu3yf33p2ngcvaczjrghm3hunkjf5gq462njghryyc2qeph@jdug44kw6tpb> Date: Thu, 30 Oct 2025 08:33:33 +0800 From: Coiby Xu <coxu@...hat.com> To: Mimi Zohar <zohar@...ux.ibm.com>, Roberto Sassu <roberto.sassu@...weicloud.com> Cc: linux-integrity@...r.kernel.org, Dmitry Torokhov <dmitry.torokhov@...il.com>, Karel Srot <ksrot@...hat.com>, Roberto Sassu <roberto.sassu@...wei.com>, Dmitry Kasatkin <dmitry.kasatkin@...il.com>, Eric Snowberg <eric.snowberg@...cle.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, "open list:SECURITY SUBSYSTEM" <linux-security-module@...r.kernel.org>, open list <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] ima: Fall back to default kernel module signature verification On Mon, Oct 20, 2025 at 09:57:19AM -0400, Mimi Zohar wrote: >On Mon, 2025-10-20 at 14:45 +0200, Roberto Sassu wrote: >> On Mon, 2025-10-20 at 08:21 -0400, Mimi Zohar wrote: [...] >> > >> > > >> > > Another thought is to make CPIO support xattr. Today I realize that >> > > ima_policy=secure_boot can also cause failure of loading kdump kernel. >> > > So the issue this patch tries to resolves has much less impact than I >> > > thought. Maybe we can wait until CPIO xattr support is ready? I'll help >> > > review and test Roberto's patches if this is the best way forward. >> > >> > I'm not sure of the status of the CPIO patch set. Roberto? >> >> I haven't had time to look at it recently. I can take the openEuler >> version, address the remaining comments and repost. > >Thank you! +1, I'm looking forward to the reposted patch set! -- Best regards, Coiby
Powered by blists - more mailing lists