From: Kees Cook <keescook@chromium.org>
To: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Cc: Christophe Leroy <christophe.leroy@csgroup.eu>,
Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>
Subject: Re: [PATCH v2] lkdtm/bugs: Don't expect thread termination without CONFIG_UBSAN_TRAP
Date: Wed, 13 Apr 2022 14:20:48 -0700 [thread overview]
Message-ID: <202204131405.025EAE89@keescook> (raw)
In-Reply-To: <20220413210131.46tqfxlkwtcayurs@meerkat.local>
On Wed, Apr 13, 2022 at 05:01:31PM -0400, Konstantin Ryabitsev wrote:
> On Wed, Apr 13, 2022 at 06:29:36AM +0000, Christophe Leroy wrote:
> > I have a [patatt] section in .gitconfig which contains:
> > signingkey = ed25519:xxxxxxxx
> > selector = xxxxxxxx (the same value as above)
> >
> > What should I do now for you to get the key ? I don't even know where
> > the key is stored in my computer.
>
> Your key is stored in ~/.local/share/patatt, but you don't really need to do
> anything, Kees can do the following:
>
> b4 kr --show-keys 363b58690e907c677252467a94fe49444c80ea76.1649704381.git.christophe.leroy@csgroup.eu
Ah-ha, excellent.
>
> For now, this just provides instructions on what to do with the key:
>
> christophe.leroy@csgroup.eu: (unknown)
> keytype: ed25519
> pubkey: HIzTzUj91asvincQGOFx6+ZF5AoUuP9GdOtQChs7Mm0=
> krpath: ed25519/csgroup.eu/christophe.leroy/20211009
> fullpath: /home/user/.local/share/b4/keyring/ed25519/csgroup.eu/christophe.leroy/20211009
"fullpath" seems misleading for my config, given:
[patatt]
...
keyringsrc = ~/korg/pgpkeys/.keyring
Shouldn't this report fullpath as:
/home/kees/korg/pgpkeys/.keyring/ed25519/csgroup.eu/christophe.leroy/20211009
And as a side note, should I prefer .local/share/b4/keyring over adding
keys to a branch of the kernel keyring git tree?
> ---
> For ed25519 keys:
> echo [pubkey] > [fullpath]
>
> So, for Kees to start being aware of your key, he needs to do:
>
> mkdir -p /home/user/.local/share/b4/keyring/ed25519/csgroup.eu/christophe.leroy
> echo HIzTzUj91asvincQGOFx6+ZF5AoUuP9GdOtQChs7Mm0= > /home/user/.local/share/b4/keyring/ed25519/csgroup.eu/christophe.leroy/20211009
>
> I know this is awkward and clunky right now. Future versions of b4 will
> streamline keyring management to make it a lot easier, I promise.
Thanks for this walk-through! I think I managed this in the past with
another ed25519 key, but I failed to figure it out this time. ;)
Now it works! :)
✓ [PATCH v2] lkdtm/bugs: Don't expect thread termination without
CONFIG_UBSAN_TRAP
+ Signed-off-by: Kees Cook <keescook@chromium.org>
+ Link: https://lore.kernel.org/r/363b58690e907c677252467a94fe49444c80ea76.1649704381.git.christophe.leroy@csgroup.eu
---
✓ Signed: ed25519/christophe.leroy@csgroup.eu
--
Kees Cook
next prev parent reply other threads:[~2022-04-13 21:21 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-11 19:13 [PATCH v2] lkdtm/bugs: Don't expect thread termination without CONFIG_UBSAN_TRAP Christophe Leroy
2022-04-12 23:06 ` Kees Cook
2022-04-13 6:29 ` Christophe Leroy
2022-04-13 21:01 ` Konstantin Ryabitsev
2022-04-13 21:20 ` Kees Cook [this message]
2022-04-13 20:57 ` Konstantin Ryabitsev
2022-04-13 21:22 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202204131405.025EAE89@keescook \
--to=keescook@chromium.org \
--cc=arnd@arndb.de \
--cc=christophe.leroy@csgroup.eu \
--cc=gregkh@linuxfoundation.org \
--cc=konstantin@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.