Re: [RFC PATCH v2 0/8] Clavis LSM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Eric,

On Thu, 2024-05-30 at 18:39 -0600, Eric Snowberg wrote:
> Introduce a new LSM called Clavis (Latin word meaning key).  The motivation
> behind this LSM is to provide access control for system keys.  Before spending
> more time on this LSM, I am sending this as an RFC to start a discussion to see
> if the current direction taken has a possibility of being accepted in the
> future.
> 
> Today the kernel has the following system keyrings: .builtin_trusted_keyring,
> .secondary_trusted_keyring, and the .machine.  It also has the .platform
> keyring which has limited capabilities; it can only be used to verify a kernel
> for kexec.

Please start the cover letter with the problem description/motivation, not the
solution.


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux