Re: [PATCH v3 03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Fri, 2024-02-23 at 12:25 -0500, Stefan Berger wrote:
> To support "portable and immutable signatures" on otherwise unsupported
> filesystems, determine the EVM signature type by the content of a file's
> xattr. If the file has the appropriate signature type then allow it to be
> copied up. All other signature types are discarded as before.
> "Portable and immutable" EVM signatures can be copied up by stacked file-
> system since the metadata their signature covers does not include file-
> system-specific data such as a file's inode number, generation, and UUID.
> Co-developed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>

Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>

[Index of Archives]     [Linux Filesystems Devel]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux