[RFC PATCH] ima: require secure_boot rules in lockdown mode

Stephen Rothwell sfr at canb.auug.org.au
Wed Nov 8 23:26:35 UTC 2017


Hi Mimi,

On Wed, 08 Nov 2017 16:04:07 -0500 Mimi Zohar <zohar at linux.vnet.ibm.com> wrote:
>
> On Thu, 2017-11-09 at 07:53 +1100, Stephen Rothwell wrote:
> > 
> > On Wed, 08 Nov 2017 15:46:22 -0500 Mimi Zohar <zohar at linux.vnet.ibm.com> wrote:  
> > >
> > > [Cc'ing Stephen Rothwell]
> > > 
> > > On Tue, 2017-10-31 at 14:25 +1100, James Morris wrote:  
> > > > On Mon, 30 Oct 2017, Mimi Zohar wrote:
> > > >     
> > > > > James is staging the subsystem patches independently of each other, in
> > > > > case of a similar problem, so that they can be pulled separately.
> > > > >  There's a new "next-general" branch.    
> > > > 
> > > > If you send me a pull request, I'm combining branches into next-testing, 
> > > > too, which is pulled into -next.    
> > > 
> > > linux-next already has the IMA patches, which might be confusing.  
> > 
> > Not if they are the same *commits* i.e. if the tree/branch that James
> > merges is the same as the one that I already merge of yours
> > (git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity#next)  
> 
> James' security tree is based on -rc3, while the integrity tree is
> based on -rc4.  The rebased integrity patches are now in my security-
> next-integrity branch.

So since those patches are now in James tree, you should drop them from
the integrity tree.

-- 
Cheers,
Stephen Rothwell
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list