Re: [RFC PATCH] ima: require secure_boot rules in lockdown mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2017-11-10 at 00:28 +1100, James Morris wrote:
> On Wed, 8 Nov 2017, Mimi Zohar wrote:
> 
> > > So since those patches are now in James tree, you should drop them from
> > > the integrity tree.
> > 
> > Ok, I had been planning on sending an independent pull request to
> > Linus, as requested.
> 
> That was not requested.  Linus wants separate branches to pull from, but 
> this does not mean separate trees.  The x86 and some other subsystems use 
> separate branches in the same tree, which is the model we're now using 
> generally with the security subsystem.
> 
> It's _also_ possible to send pull requests independently (which is what 
> the SELinux and AppArmor maintainers decided to do), although that was not 
> what Linus was asking for.
> 
> It's up to you if you want to send pull requests directly to Linus or 
> continue to merge via the security tree.

Thank you for the clarification (and patience).  There are a lot of
interactions between the integrity subsystem and the other security
subsystems, especially the TPM.  Assuming it is acceptable, as you
said, I'd really prefer continuing to have the integrity subsystem
merged via the security tree.

Mimi




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux