Re: [dm-devel] [PATCH v3 2/3] LoadPin: Enable loading from trusted dm-verity devices

On May 4, 2022 12:54:18 PM PDT, Matthias Kaehlcke wrote: >Extend LoadPin to allow loading of kernel files from trusted dm-verity [1] >devices. > >This change adds the concept of trusted verity devices to LoadPin. LoadPin >maintains a list of root digests of verity devices it considers trusted.

Re: [dm-devel] [PATCH v3 1/3] dm: Add verity helpers for LoadPin

On May 4, 2022 12:54:17 PM PDT, Matthias Kaehlcke wrote: >LoadPin limits loading of kernel modules, firmware and certain >other files to a 'pinned' file system (typically a read-only >rootfs). To provide more flexibility LoadPin is being extended >to also allow loading these files from trusted

[PATCH v11 4/7] dax: introduce DAX_RECOVERY_WRITE dax access mode

From: Jane Chu Up till now, dax_direct_access() is used implicitly for normal access, but for the purpose of recovery write, dax range with poison is requested. To make the interface clear, introduce enum dax_access_mode { DAX_ACCESS, DAX_RECOVERY_WRITE,

Re: [PATCH v10 4/7] dax: introduce DAX_RECOVERY_WRITE dax access mode

On Fri, May 13, 2022 at 2:56 PM Dan Williams wrote: > > From: Jane Chu > > Up till now, dax_direct_access() is used implicitly for normal > access, but for the purpose of recovery write, dax range with > poison is requested. To make the interface clear, introduce > enum dax_access_mode

[PATCH v10 4/7] dax: introduce DAX_RECOVERY_WRITE dax access mode

From: Jane Chu Up till now, dax_direct_access() is used implicitly for normal access, but for the purpose of recovery write, dax range with poison is requested. To make the interface clear, introduce enum dax_access_mode { DAX_ACCESS, DAX_RECOVERY_WRITE,

Re: [dm-devel] [PATCH v3 2/3] LoadPin: Enable loading from trusted dm-verity devices

On May 13, 2022 9:32:12 AM PDT, Mike Snitzer wrote: >On Wed, May 04 2022 at 3:54P -0400, >Matthias Kaehlcke wrote: > >> Extend LoadPin to allow loading of kernel files from trusted dm-verity [1] >> devices. >> >> This change adds the concept of trusted verity devices to LoadPin. LoadPin >>

Re: [dm-devel] [PATCH v3 2/3] LoadPin: Enable loading from trusted dm-verity devices

On Fri, May 13, 2022 at 12:32:12PM -0400, Mike Snitzer wrote: > On Wed, May 04 2022 at 3:54P -0400, > Matthias Kaehlcke wrote: > > > Extend LoadPin to allow loading of kernel files from trusted dm-verity [1] > > devices. > > > > This change adds the concept of trusted verity devices to

Re: [dm-devel] [PATCH v3 1/3] dm: Add verity helpers for LoadPin

On Fri, May 13, 2022 at 12:29:29PM -0400, Mike Snitzer wrote: > On Thu, May 12 2022 at 4:44P -0400, > Matthias Kaehlcke wrote: > > > On Thu, May 12, 2022 at 01:19:12PM -0400, Mike Snitzer wrote: > > > On Wed, May 11 2022 at 4:54P -0400, > > > Matthias Kaehlcke wrote: > > > > > > >

Re: [dm-devel] [PATCH v3 2/3] LoadPin: Enable loading from trusted dm-verity devices

On Wed, May 04 2022 at 3:54P -0400, Matthias Kaehlcke wrote: > Extend LoadPin to allow loading of kernel files from trusted dm-verity [1] > devices. > > This change adds the concept of trusted verity devices to LoadPin. LoadPin > maintains a list of root digests of verity devices it considers

Re: [dm-devel] [PATCH v3 1/3] dm: Add verity helpers for LoadPin

On Thu, May 12 2022 at 4:44P -0400, Matthias Kaehlcke wrote: > On Thu, May 12, 2022 at 01:19:12PM -0400, Mike Snitzer wrote: > > On Wed, May 11 2022 at 4:54P -0400, > > Matthias Kaehlcke wrote: > > > > > Alasdar/Mike, I'd be interested in your take on adding these functions > > > to