On Thursday, July 07, 2011 04:42:11 PM Mimi Zohar wrote: > On Thu, 2011-07-07 at 16:14 +0200, Roberto Sassu wrote: > > On Thursday, July 07, 2011 03:53:22 PM Mimi Zohar wrote: > > > On Tue, 2011-07-05 at 18:23 +0200, Roberto Sassu wrote: > > > > Hi all > > > > > > > > this patch set introduces three new modules (masterkey, integrity and > > > > ecryptfs) and allows to mount the securityfs filesystem from the initial > > > > ramdisk. > > > > > > > > These patches are based upon the first version sent by Mimi Zohar, which > > > > can be retrieved at the address: > > > > > > > > http://article.gmane.org/gmane.linux.kernel.initramfs/1910 > > > > > > > > Roberto Sassu > > > > > > Nice! Thanks Roberto for updating the modules. They're look really > > > good. > > > > > > One really minor issue is that although the user can override the > > > default masterkey blob filename, using a boot command line option, the > > > default filename is kernel version specific. Until the tools are > > > available to create and seal keys to a set of PCRs, as we discussed, > > > perhaps there should be an additional filename default, without the > > > kernel version appended, as well. > > > > > > > Hi Mimi > > > > thanks. > > I think we can solve this issue by adding a new option, called > > 'MULTIKERNELMODE', which can be used to decide if the kernel > > version should be added to the default masterkey filename or > > not. By default, we can set its value to 'NO'. > > > > Roberto Sassu > > Sounds good. > Ok, i'll wait other comments before reposting patches. Roberto Sassu > thanks, > > Mimi > > -- To unsubscribe from this list: send the line "unsubscribe initramfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
