-----Original Message----- From: Guohanjun (Hanjun Guo) Sent: Tuesday, July 28, 2020 9:58 AM To: Roberto Sassu roberto.sassu@huawei.com; kernel@openeuler.org Cc: Silviu Vlasceanu Silviu.Vlasceanu@huawei.com Subject: Re: [PATCH 01/23] ima: Use buffer large enough to store fake IMA xattr for appraisal
On 2020/7/28 15:40, Roberto Sassu wrote:
hulk inclusion category: feature feature: digest-lists
A fake IMA xattr is created to perform EVM verification even if security.ima is not present. Appraisal could succeed if EVM status is unknown and the file digest is found in a digest list.
This patch allocates a larger buffer to store fake IMA xattrs (struct evm_ima_xattr_data can be used only for SHA1 digests).
Signed-off-by: Roberto Sassu roberto.sassu@huawei.com
Hi Roberto, would you mind adding a cover letter to describe why we need this patch set? and what's the relationship with your previous IMA patch set?
Hi Hanjun
ok, will send it.
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Li Jian, Shi Yanli
Thanks Hanjun