Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Mimi,

I would like to make sure I understood your feedback.



Why duplicate the certificate info on each record in the measurement
list?  Why not add the certificate info once, as the key is loaded
onto the .ima and .platform keyrings?

Mimi
key_create_or_update function in security/keys/key.c is called to add\update a key to a keyring. Are you suggesting that an IMA function be called from here to add the certificate info to the IMA log?
Our requirement is that the key information is available in the IMA log which is TPM backed. 

Thanks,
 -lakshmi
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux