On Thu, 2007-03-22 at 23:19 +, Pavel Machek wrote:
> > There are some papers and related userspace code at
> >http://www.research.ibm.com/gsal/tcpa
> > which describe the architecture in more detail, but basically this
> > integrity provider is designed to complement mandatory access
Hi!
> > > > + The Extended Verification Module is an integrity provider.
> > > > + An extensible set of extended attributes, as defined in
> > > > + /etc/evm.conf, are HMAC protected against modification
> > > > + using the TPM's KERNEL ROOT KEY, if configured, or
Hi!
+ The Extended Verification Module is an integrity provider.
+ An extensible set of extended attributes, as defined in
+ /etc/evm.conf, are HMAC protected against modification
+ using the TPM's KERNEL ROOT KEY, if configured, or with a
+
On Thu, 2007-03-22 at 23:19 +, Pavel Machek wrote:
There are some papers and related userspace code at
http://www.research.ibm.com/gsal/tcpa
which describe the architecture in more detail, but basically this
integrity provider is designed to complement mandatory access control
On Mon, 2007-03-26 at 13:23 -0500, Serge E. Hallyn wrote:
> Quoting Andrew Morton ([EMAIL PROTECTED]):
> > On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> >
> > > This is a re-release of EVM as an integrity service provider.
> >
> > What a huge set of patches.
> >
>
Quoting Andrew Morton ([EMAIL PROTECTED]):
> On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
>
> > This is a re-release of EVM as an integrity service provider.
>
> What a huge set of patches.
>
> Frankly, I don't know how we're going to get these reviewed and mergeable
On Sun, 2007-03-25 at 12:13 +, Pavel Machek wrote:
> > > + The Extended Verification Module is an integrity provider.
> > > + An extensible set of extended attributes, as defined in
> > > + /etc/evm.conf, are HMAC protected against modification
> > > + using the TPM's KERNEL ROOT KEY,
On Sun, 2007-03-25 at 21:28 -0800, Andrew Morton wrote:
> On Sun, 25 Mar 2007 23:13:02 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
>
> > On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
> > > On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> > >
> > > > +++
On Sun, 2007-03-25 at 21:28 -0800, Andrew Morton wrote:
On Sun, 25 Mar 2007 23:13:02 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
+++
On Sun, 2007-03-25 at 12:13 +, Pavel Machek wrote:
+ The Extended Verification Module is an integrity provider.
+ An extensible set of extended attributes, as defined in
+ /etc/evm.conf, are HMAC protected against modification
+ using the TPM's KERNEL ROOT KEY, if
Quoting Andrew Morton ([EMAIL PROTECTED]):
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
This is a re-release of EVM as an integrity service provider.
What a huge set of patches.
Frankly, I don't know how we're going to get these reviewed and mergeable
and
On Mon, 2007-03-26 at 13:23 -0500, Serge E. Hallyn wrote:
Quoting Andrew Morton ([EMAIL PROTECTED]):
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
This is a re-release of EVM as an integrity service provider.
What a huge set of patches.
Frankly, I don't
On Sun, 25 Mar 2007 23:13:02 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
> > On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> >
> > > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> > > @@ -0,0 +1,17 @@
> > >
On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
> On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
>
> > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> > @@ -0,0 +1,17 @@
> > +config INTEGRITY_EVM
> > + boolean "EVM support"
> > + depends on INTEGRITY && KEYS
Hi!
> > +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> > @@ -0,0 +1,17 @@
> > +config INTEGRITY_EVM
> > + boolean "EVM support"
> > + depends on INTEGRITY && KEYS
> > + select CRYPTO_HMAC
> > + select CRYPTO_MD5
> > + select CRYPTO_SHA1
> > + default 0
> > + help
> > + The
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> +++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
> @@ -0,0 +1,17 @@
> +config INTEGRITY_EVM
> + boolean "EVM support"
> + depends on INTEGRITY && KEYS
> + select CRYPTO_HMAC
> + select CRYPTO_MD5
> +
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> This is a re-release of EVM as an integrity service provider.
What a huge set of patches.
Frankly, I don't know how we're going to get these reviewed and mergeable
and merged - there doesn't seem to be a lot of interest
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
This is a re-release of EVM as an integrity service provider.
What a huge set of patches.
Frankly, I don't know how we're going to get these reviewed and mergeable
and merged - there doesn't seem to be a lot of interest and
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
+++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
@@ -0,0 +1,17 @@
+config INTEGRITY_EVM
+ boolean EVM support
+ depends on INTEGRITY KEYS
+ select CRYPTO_HMAC
+ select CRYPTO_MD5
+ select CRYPTO_SHA1
Hi!
+++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
@@ -0,0 +1,17 @@
+config INTEGRITY_EVM
+ boolean EVM support
+ depends on INTEGRITY KEYS
+ select CRYPTO_HMAC
+ select CRYPTO_MD5
+ select CRYPTO_SHA1
+ default 0
+ help
+ The Extended Verification Module
On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
+++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
@@ -0,0 +1,17 @@
+config INTEGRITY_EVM
+ boolean EVM support
+ depends on INTEGRITY KEYS
+ select
On Sun, 25 Mar 2007 23:13:02 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
On Sun, 2007-03-25 at 00:16 -0800, Andrew Morton wrote:
On Fri, 23 Mar 2007 12:09:36 -0400 Mimi Zohar [EMAIL PROTECTED] wrote:
+++ linux-2.6.21-rc4-mm1/security/evm/Kconfig
@@ -0,0 +1,17 @@
+config INTEGRITY_EVM
This is a re-release of EVM as an integrity service provider. The
initial EVM release was as an LSM module. It has been substantially
rewritten to provide support for the new integrity service framework
API, which permits applications, such as LSM modules, to verify the
integrity of the metadata
This is a re-release of EVM as an integrity service provider. The
initial EVM release was as an LSM module. It has been substantially
rewritten to provide support for the new integrity service framework
API, which permits applications, such as LSM modules, to verify the
integrity of the metadata
24 matches
Mail list logo
