Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux: Kernel

[Patch 0/7] integrity service framework and provider

  

 
Linux kernel RSS feed   Index | Next | Previous | View Threaded


zohar at linux

Mar 23, 2007, 9:08 AM

Post #1 of 2 (657 views)
Permalink
[Patch 0/7] integrity service framework and provider
We have addressed the issues raised in the previous RFC postings and
are now submitting these for your consideration.

This is a set of updates to the integrity service framework, previously
accepted into -mm, EVM a new integrity service provider, and a new LSM
module called Integrity Based Access Control(IBAC), a sample consumer of
the integrity framework API.

A corresponding userspace utility package is available at
http://www.research.ibm.com/gsal/tcpa

Patch 1/7 integrity:new hooks
Patch 2/7 integrity:fs hook placement
Patch 3/7 integrity:EVM as an integrity service provider
Patch 4/7 integrity:IMA integrity_measure() support
Patch 5/7 integrity:mtime patch for mmap files
Patch 6/7 integrity:TPM internal kernel interface
Patch 7/7 integrity:Integrity Based Access Control(IBAC)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo [at] vger
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/


akpm at linux-foundation

Mar 26, 2007, 3:27 AM

Post #2 of 2 (597 views)
Permalink
Re: [Patch 0/7] integrity service framework and provider [In reply to]
On Fri, 23 Mar 2007 12:08:59 -0400 Mimi Zohar <zohar [at] linux> wrote:

> This is a set of updates to the integrity service framework, previously
> accepted into -mm, EVM a new integrity service provider, and a new LSM
> module called Integrity Based Access Control(IBAC), a sample consumer of
> the integrity framework API.

I'll fix this:

security/integrity_dummy.c: In function 'dummy_inode_setxattr':
security/integrity_dummy.c:94: warning: implicit declaration of function 'capable'
security/integrity_dummy.c:94: error: 'CAP_SYS_ADMIN' undeclared (first use in this function)
security/integrity_dummy.c:94: error: (Each undeclared identifier is reported only once
security/integrity_dummy.c:94: error: for each function it appears in.)

Then I'll ask you to fix these, some of which are real bugs:

security/integrity_dummy.c: In function 'dummy_verify_metadata':
security/integrity_dummy.c:30: warning: 'error' may be used uninitialized in this function
security/integrity_dummy.c:28: warning: 'value' may be used uninitialized in this function
security/integrity_dummy.c:29: warning: 'size' may be used uninitialized in this function

And then I'll probably end up fixing some of this lot too:

security/evm/evm_main.c: In function 'evm_verify_xattr':
security/evm/evm_main.c:165: warning: format '%d' expects type 'int', but argument 5 has type 'ssize_t'
security/evm/evm_crypto.c: In function 'update_link_hash':
security/evm/evm_crypto.c:94: warning: implicit declaration of function 'kernel_readlink'
security/evm/evm_crypto.c: In function 'evm_init_integrity':
security/evm/evm_crypto.c:187: warning: format '%d' expects type 'int', but argument 4 has type 'size_t'
security/evm/evm_main.c: In function 'init_evm':
security/evm/evm_main.c:903: warning: control may reach end of non-void function 'evm_ima_init' being inlined


How does stuff like this get through? It's just x86_64 allmodconfig.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo [at] vger
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Linux kernel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.