diff for duplicates of <20170407084242.GB11402@dhcp-128-65.nay.redhat.com>
diff --git a/a/1.txt b/N1/1.txt
index 7b16042..44c802f 100644
--- a/a/1.txt
+++ b/N1/1.txt
@@ -1,7 +1,7 @@
On 04/07/17 at 04:28am, Mimi Zohar wrote:
> On Fri, 2017-04-07 at 15:41 +0800, Dave Young wrote:
> > On 04/07/17 at 08:07am, David Howells wrote:
-> > > Dave Young <dyoung@redhat.com> wrote:
+> > > Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote:
> > >
> > > > > > > + /* Don't permit images to be loaded into trusted kernels if we're not
> > > > > > > + * going to verify the signature on them
diff --git a/a/content_digest b/N1/content_digest
index a7eb28d..22b01b0 100644
--- a/a/content_digest
+++ b/N1/content_digest
@@ -23,7 +23,10 @@
"ref\0001491553688.4184.73.camel\@linux.vnet.ibm.com\0"
]
[
- "From\0Dave Young <dyoung\@redhat.com>\0"
+ "ref\0001491553688.4184.73.camel-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8\@public.gmane.org\0"
+]
+[
+ "From\0Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA\@public.gmane.org>\0"
]
[
"Subject\0Re: [PATCH 09/24] kexec_file: Disable at runtime if securelevel has been set\0"
@@ -32,20 +35,20 @@
"Date\0Fri, 7 Apr 2017 16:42:42 +0800\0"
]
[
- "To\0Mimi Zohar <zohar\@linux.vnet.ibm.com>\0"
+ "To\0Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8\@public.gmane.org>\0"
]
[
- "Cc\0David Howells <dhowells\@redhat.com>",
- " linux-kernel\@vger.kernel.org",
- " Matthew Garrett <mjg59\@srcf.ucam.org>",
- " linux-efi\@vger.kernel.org",
- " gnomes\@lxorguk.ukuu.org.uk",
- " Chun-Yi Lee <jlee\@suse.com>",
- " gregkh\@linuxfoundation.org",
- " kexec\@lists.infradead.org",
- " linux-security-module\@vger.kernel.org",
- " keyrings\@vger.kernel.org",
- " matthew.garrett\@nebula.com\0"
+ "Cc\0David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA\@public.gmane.org>",
+ " linux-kernel-u79uwXL29TY76Z2rM5mHXA\@public.gmane.org",
+ " Matthew Garrett <mjg59-1xO5oi07KQx4cg9Nei1l7Q\@public.gmane.org>",
+ " linux-efi-u79uwXL29TY76Z2rM5mHXA\@public.gmane.org",
+ " gnomes-qBU/x9rampVanCEyBjwyrvXRex20P6io\@public.gmane.org",
+ " Chun-Yi Lee <jlee-IBi9RG/b67k\@public.gmane.org>",
+ " gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r\@public.gmane.org",
+ " kexec-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r\@public.gmane.org",
+ " linux-security-module-u79uwXL29TY76Z2rM5mHXA\@public.gmane.org",
+ " keyrings-u79uwXL29TY76Z2rM5mHXA\@public.gmane.org",
+ " matthew.garrett-05XSO3Yj/JvQT0dZR+AlfA\@public.gmane.org\0"
]
[
"\0000:1\0"
@@ -57,7 +60,7 @@
"On 04/07/17 at 04:28am, Mimi Zohar wrote:\n",
"> On Fri, 2017-04-07 at 15:41 +0800, Dave Young wrote:\n",
"> > On 04/07/17 at 08:07am, David Howells wrote:\n",
- "> > > Dave Young <dyoung\@redhat.com> wrote:\n",
+ "> > > Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA\@public.gmane.org> wrote:\n",
"> > > \n",
"> > > > > > > +\t/* Don't permit images to be loaded into trusted kernels if we're not\n",
"> > > > > > > +\t * going to verify the signature on them\n",
@@ -107,4 +110,4 @@
"Dave"
]
-3b625d1be795b18ccb106ecd02526964690f7778494d51e558eaea7cb5140c12
+b298941da8d30fac0d96e4772bb6f5b5e663e9cdb0129d5a2b3ba07927d731c6
diff --git a/a/1.txt b/N2/1.txt
index 7b16042..adddf8a 100644
--- a/a/1.txt
+++ b/N2/1.txt
@@ -12,7 +12,7 @@ On 04/07/17 at 04:28am, Mimi Zohar wrote:
> > > > > > >
> > > > >
> > > > > IMA can be used to verify file signatures too, based on the LSM hooks
-> > > > > in kernel_read_file_from_fd(). CONFIG_KEXEC_VERIFY_SIG should not be
+> > > > > in ?kernel_read_file_from_fd(). ?CONFIG_KEXEC_VERIFY_SIG should not be
> > > > > required.
> > > >
> > > > Mimi, I remember we talked somthing before about the two signature
@@ -37,15 +37,19 @@ checking. But if there is some fine grained checking to ensure kernel
signature verification it should be fine.
>
> To answer your question, the rule for requiring the policy to be
-> signed is: appraise func=POLICY_CHECK appraise_type=imasig
+> signed is: ?appraise func=POLICY_CHECK appraise_type=imasig
>
> When the ability to append rules is Kconfig enabled, the builtin
> policy requires the new policy or additional rules to be signed.
-> Unfortunately, always requiring the policy to be signed, would have
+> ?Unfortunately, always requiring the policy to be signed, would have
> broken userspace.
>
> Mimi
>
Thanks
-Dave
\ No newline at end of file
+Dave
+--
+To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
+the body of a message to majordomo at vger.kernel.org
+More majordomo info at http://vger.kernel.org/majordomo-info.html
\ No newline at end of file
diff --git a/a/content_digest b/N2/content_digest
index a7eb28d..18808b8 100644
--- a/a/content_digest
+++ b/N2/content_digest
@@ -23,29 +23,16 @@
"ref\0001491553688.4184.73.camel\@linux.vnet.ibm.com\0"
]
[
- "From\0Dave Young <dyoung\@redhat.com>\0"
+ "From\0dyoung\@redhat.com (Dave Young)\0"
]
[
- "Subject\0Re: [PATCH 09/24] kexec_file: Disable at runtime if securelevel has been set\0"
+ "Subject\0[PATCH 09/24] kexec_file: Disable at runtime if securelevel has been set\0"
]
[
"Date\0Fri, 7 Apr 2017 16:42:42 +0800\0"
]
[
- "To\0Mimi Zohar <zohar\@linux.vnet.ibm.com>\0"
-]
-[
- "Cc\0David Howells <dhowells\@redhat.com>",
- " linux-kernel\@vger.kernel.org",
- " Matthew Garrett <mjg59\@srcf.ucam.org>",
- " linux-efi\@vger.kernel.org",
- " gnomes\@lxorguk.ukuu.org.uk",
- " Chun-Yi Lee <jlee\@suse.com>",
- " gregkh\@linuxfoundation.org",
- " kexec\@lists.infradead.org",
- " linux-security-module\@vger.kernel.org",
- " keyrings\@vger.kernel.org",
- " matthew.garrett\@nebula.com\0"
+ "To\0linux-security-module\@vger.kernel.org\0"
]
[
"\0000:1\0"
@@ -68,7 +55,7 @@
"> > > > > > > \n",
"> > > > > \n",
"> > > > > IMA can be used to verify file signatures too, based on the LSM hooks\n",
- "> > > > > in \302\240kernel_read_file_from_fd(). \302\240CONFIG_KEXEC_VERIFY_SIG should not be\n",
+ "> > > > > in ?kernel_read_file_from_fd(). ?CONFIG_KEXEC_VERIFY_SIG should not be\n",
"> > > > > required.\n",
"> > > > \n",
"> > > > Mimi, I remember we talked somthing before about the two signature \n",
@@ -93,18 +80,22 @@
"signature verification it should be fine.\n",
"> \n",
"> To answer your question, the rule for requiring the policy to be\n",
- "> signed is: \302\240appraise func=POLICY_CHECK appraise_type=imasig\n",
+ "> signed is: ?appraise func=POLICY_CHECK appraise_type=imasig\n",
"> \n",
"> When the ability to append rules is Kconfig enabled, the builtin\n",
"> policy requires the new policy or additional rules to be signed.\n",
- "> \302\240Unfortunately, always requiring the policy to be signed, would have\n",
+ "> ?Unfortunately, always requiring the policy to be signed, would have\n",
"> broken userspace.\n",
"> \n",
"> Mimi\n",
"> \n",
"\n",
"Thanks\n",
- "Dave"
+ "Dave\n",
+ "--\n",
+ "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n",
+ "the body of a message to majordomo at vger.kernel.org\n",
+ "More majordomo info at http://vger.kernel.org/majordomo-info.html"
]
-3b625d1be795b18ccb106ecd02526964690f7778494d51e558eaea7cb5140c12
+0d83c9a1cd959d4dc217752effe96ffaf6b2f421da163ea20f7fe3a5168cf038
diff --git a/a/1.txt b/N3/1.txt
index 7b16042..78c31dc 100644
--- a/a/1.txt
+++ b/N3/1.txt
@@ -48,4 +48,9 @@ signature verification it should be fine.
>
Thanks
-Dave
\ No newline at end of file
+Dave
+
+_______________________________________________
+kexec mailing list
+kexec@lists.infradead.org
+http://lists.infradead.org/mailman/listinfo/kexec
\ No newline at end of file
diff --git a/a/content_digest b/N3/content_digest
index a7eb28d..5bf961f 100644
--- a/a/content_digest
+++ b/N3/content_digest
@@ -35,14 +35,14 @@
"To\0Mimi Zohar <zohar\@linux.vnet.ibm.com>\0"
]
[
- "Cc\0David Howells <dhowells\@redhat.com>",
- " linux-kernel\@vger.kernel.org",
- " Matthew Garrett <mjg59\@srcf.ucam.org>",
+ "Cc\0Matthew Garrett <mjg59\@srcf.ucam.org>",
" linux-efi\@vger.kernel.org",
" gnomes\@lxorguk.ukuu.org.uk",
" Chun-Yi Lee <jlee\@suse.com>",
" gregkh\@linuxfoundation.org",
" kexec\@lists.infradead.org",
+ " linux-kernel\@vger.kernel.org",
+ " David Howells <dhowells\@redhat.com>",
" linux-security-module\@vger.kernel.org",
" keyrings\@vger.kernel.org",
" matthew.garrett\@nebula.com\0"
@@ -104,7 +104,12 @@
"> \n",
"\n",
"Thanks\n",
- "Dave"
+ "Dave\n",
+ "\n",
+ "_______________________________________________\n",
+ "kexec mailing list\n",
+ "kexec\@lists.infradead.org\n",
+ "http://lists.infradead.org/mailman/listinfo/kexec"
]
-3b625d1be795b18ccb106ecd02526964690f7778494d51e558eaea7cb5140c12
+f3402d930cdf21cf6782d375a51c21cfb9178d3d932e5c58fbc384ad5a3ab634
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.