Re: [PATCH v2 00/12] IMA/EVM fixes

From: Mimi Zohar
Date: Thu Sep 17 2020 - 11:54:55 EST


Hi Roberto,

On Wed, 2020-09-16 at 12:14 -0400, Mimi Zohar wrote:
> On Fri, 2020-09-04 at 11:23 +0200, Roberto Sassu wrote:
> > This patch set includes various fixes for IMA and EVM.
> >
> > Patches 1-3 are trivial fixes.
>
> I've queued these patches in the next-integrity-testing branch for now.
> When reposting this patch set please replace the cover letter subject
> line with a more appropriate one.
>
> > The remaining improve support and usability
> > of EVM portable signatures. In particular patch 4 allows EVM to be used
> > without an HMAC key.
>
> EVM already supports using EVM portable and immutable sigatures without
> an HMAC key.
>
> I was able to apply this patch set, but patch 10/12 does not apply
> cleanly due to the "fallthrough" line. Please hold off on reposting,
> until I've finished reviewing the entire patch set.

Done. Other than the one issue of clearing the EVM_RESET_STATUS in
evm_verifyxattr(), the remaining changes are straight forward.

thanks,

Mimi