Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk

[PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-09
[PATCH v2 1/3] fs: add ksys_lsetxattr() wrapper · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-09
Re: [PATCH v2 1/3] fs: add ksys_lsetxattr() wrapper · Jann Horn <jannh@google.com> · 2019-05-10
[PATCH v2 2/3] initramfs: set extended attributes · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-09
[PATCH v2 3/3] initramfs: introduce do_readxattrs() · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-09
Re: [PATCH v2 3/3] initramfs: introduce do_readxattrs() · Jann Horn <jannh@google.com> · 2019-05-10
Re: [PATCH v2 3/3] initramfs: introduce do_readxattrs() · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-13
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2019-05-09
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-10
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Mimi Zohar <zohar@linux.ibm.com> · 2019-05-10
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2019-05-10
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Mimi Zohar <zohar@linux.ibm.com> · 2019-05-10
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Andy Lutomirski <luto@kernel.org> · 2019-05-11
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2019-05-12
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2019-05-12
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Dominik Brodowski <linux@dominikbrodowski.net> · 2019-05-12
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · hpa@zytor.com · 2019-05-12
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Mimi Zohar <zohar@linux.ibm.com> · 2019-05-12
Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2019-05-12

From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2019-05-10 11:50:02
Also in: linux-api, linux-fsdevel, linux-integrity, lkml

On Fri, 2019-05-10 at 08:56 +0200, Roberto Sassu wrote:

On 5/9/2019 8:34 PM, Rob Landley wrote:

quoted

On 5/9/19 6:24 AM, Roberto Sassu wrote:

quoted

The difference with another proposal
(https://lore.kernel.org/patchwork/cover/888071/) is that xattrs can be
included in an image without changing the image format, as opposed to
defining a new one. As seen from the discussion, if a new format has to be
defined, it should fix the issues of the existing format, which requires
more time.

So you've explicitly chosen _not_ to address Y2038 while you're there.

Can you be more specific?

Right, this patch set avoids incrementing the CPIO magic number and
the resulting changes required (eg. increasing the timestamp field
size), by including a file with the security xattrs in the CPIO.  In
either case, including the security xattrs in the initramfs header or
as a separate file, the initramfs, itself, needs to be signed.

Mimi

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help