From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1948434AbdEZRJV (ORCPT ); Fri, 26 May 2017 13:09:21 -0400 Received: from smtp.nue.novell.com ([195.135.221.5]:33260 "EHLO smtp.nue.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1163656AbdEZRJC (ORCPT ); Fri, 26 May 2017 13:09:02 -0400 Date: Sat, 27 May 2017 01:08:18 +0800 From: joeyli To: David Howells Cc: Casey Schaufler , ard.biesheuvel@linaro.org, matthew.garrett@nebula.com, linux-security-module@vger.kernel.org, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 3/5] Add the ability to lock down access to the running kernel image Message-ID: <20170526170818.GF15587@linux-l9pv.suse> References: <80bdc6c9-004b-800f-ffd0-4b5ebf8cdeba@schaufler-ca.com> <149563711758.9419.11406612723056598045.stgit@warthog.procyon.org.uk> <149563714531.9419.16811189348445249219.stgit@warthog.procyon.org.uk> <19783.1495695202@warthog.procyon.org.uk> <22659.1495802592@warthog.procyon.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <22659.1495802592@warthog.procyon.org.uk> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 26, 2017 at 01:43:12PM +0100, David Howells wrote: > Casey Schaufler wrote: > > > You called out five distinct features in 0/5, so how about > > a bit for each of those? > > Actually, there are more than five in that list - there are three in the first > item - and I'm not sure the remaining categories are quite as well defined as > I made it seem. > Do we have a public place (e.g. wiki page) to put the list of lock-down functions? Thanks a lot! Joey Lee From mboxrd@z Thu Jan 1 00:00:00 1970 From: jlee@suse.com (joeyli) Date: Sat, 27 May 2017 01:08:18 +0800 Subject: [PATCH 3/5] Add the ability to lock down access to the running kernel image In-Reply-To: <22659.1495802592@warthog.procyon.org.uk> References: <80bdc6c9-004b-800f-ffd0-4b5ebf8cdeba@schaufler-ca.com> <149563711758.9419.11406612723056598045.stgit@warthog.procyon.org.uk> <149563714531.9419.16811189348445249219.stgit@warthog.procyon.org.uk> <19783.1495695202@warthog.procyon.org.uk> <22659.1495802592@warthog.procyon.org.uk> Message-ID: <20170526170818.GF15587@linux-l9pv.suse> To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org On Fri, May 26, 2017 at 01:43:12PM +0100, David Howells wrote: > Casey Schaufler wrote: > > > You called out five distinct features in 0/5, so how about > > a bit for each of those? > > Actually, there are more than five in that list - there are three in the first > item - and I'm not sure the remaining categories are quite as well defined as > I made it seem. > Do we have a public place (e.g. wiki page) to put the list of lock-down functions? Thanks a lot! Joey Lee -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html