[PATCH 02/11] evm: Load EVM key in ima_load_x509() to avoid appraisal

Mimi Zohar zohar at linux.ibm.com
Mon Aug 31 19:26:52 UTC 2020


On Mon, 2020-08-31 at 09:44 +0000, Roberto Sassu wrote:
> 
> > As much as possible IMA and EVM should remain independent of each
> > other.   Modifying integrity_load_x509() doesn't help.  This looks like
> > a good reason for calling another EVM function from within IMA.
> 
> Can I add your Reviewed-by?

Yes, that's fine.

Mimi



More information about the Linux-security-module-archive mailing list