Thread (49 messages) 49 messages, 7 authors, 2022-11-10

Re: [PATCH v8 04/17] integrity: Do not allow machine keyring updates following init

From: Jarkko Sakkinen <jarkko@kernel.org>
Date: 2021-11-27 00:44:18
Also in: keyrings, linux-crypto, linux-efi, linux-integrity, lkml 

On Tue, 2021-11-23 at 23:41 -0500, Eric Snowberg wrote:
The machine keyring is setup during init.  No additional keys should be
allowed to be added afterwards.  Leave the permission as read only.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
For completeness (even if stating the obvious) it would be nice to
say explicitly why no additional keys are not allowed after the init.

/Jarkko
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help