Re: [PATCH 00/10] KEYS: Change how keys are determined to be trusted

On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar wrote: > On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote: >> Here's a set of patches that changes how keys are determined to be trusted >> - currently, that's a case of whether a key has KEY_FLAG_TRUSTED set upon >> it.

Re: [PATCH 00/10] KEYS: Change how keys are determined to be trusted

On Wed, Oct 21, 2015 at 2:11 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: > On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote: >> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: >> > On Wed, 2015-10-21 at 16:13 +0100, David How

Re: [PATCH v2 4/5] firmware: generalize reading file contents as a helper

On Thu, Oct 1, 2015 at 1:44 PM, Luis R. Rodriguez wrote: > From: David Howells > > We'll want to reuse this same code later in order to > read two separate types of file contents. This generalizes > fw_read_file() for reading a file rebrands it as

Re: [PATCH 1/4] firmware: generalize "firmware" as "system data" helpers

On Tue, Oct 6, 2015 at 5:08 AM, Greg KH wrote: > Just responding to one thing at the moment: > > On Mon, Oct 05, 2015 at 11:22:22PM +0200, Luis R. Rodriguez wrote: >> * we should phase out the usermode helper from firmware_class long term > > You can "phase out", but

Re: [PATCH v2 4/5] firmware: generalize reading file contents as a helper

On Thu, Oct 8, 2015 at 6:54 PM, Luis R. Rodriguez <mcg...@suse.com> wrote: > On Thu, Oct 08, 2015 at 01:36:53PM -0400, Josh Boyer wrote: >> On Thu, Oct 1, 2015 at 1:44 PM, Luis R. Rodriguez >> <mcg...@do-not-panic.com> wrote: >> > From: David Howells <dh

Re: [PATCH] X.509: Fix the time validation [ver #3]

On Fri, Dec 11, 2015 at 6:13 AM, David Howells wrote: > Greg Kroah-Hartman wrote: > >> David, any reason you didn't put a cc: stable in the commit for it to be >> picked up in the stable releases? > > I did cc it to stable. You had the stable

Re: [PATCH v3 3/5] firmware: fold successful fw read early

d-off-by: David Howells <dhowe...@redhat.com> > Signed-off-by: Luis R. Rodriguez <mcg...@suse.com> Reviewed-by: Josh Boyer <jwbo...@fedoraproject.org> > --- > drivers/base/firmware_class.c | 16 +++- > 1 file changed, 7 insertions(+), 9 deletions(-) &

Re: [PATCH v3 2/5] firmware: move completing fw into a helper

On Wed, Dec 23, 2015 at 4:34 PM, Luis R. Rodriguez <mcg...@do-not-panic.com> wrote: > From: "Luis R. Rodriguez" <mcg...@suse.com> > > This will be re-used later through a new extensible interface. > > Signed-off-by: Luis R. Rodriguez <mcg...@

Re: [PATCH] X.509: Fix determination of self-signedness

On Thu, Dec 17, 2015 at 7:03 PM, David Howells wrote: > Fix determination of whether an X.509 certificate is self-signed or not. > > It is currently assumed that a cert is self-signed if has no > authorityKeyIdentifier or the authorityKeyIdentifier matches the >

Re: [GIT PULL] security: KEYS: Fix handling of stored error in a negatively instantiated user key

On Wed, Nov 25, 2015 at 6:41 PM, James Morris wrote: > Please pull this fix for the keys subsystem, for 4.4, from David Howells. > > Note: this oops is triggerable by non-privileged users. > > The following changes since commit 6ffeba9607343f15303a399bc402a538800d89d9: > >