Digital signature based IMA-appraisal relies heavily on kernel keyrings.
Eric Snowberg has been involved in adding the machine keyring to allow
the system owner to add their own keys. With this addition,
IMA-appraisal usage can be extended to allow loading local and 3rd party
software keys onto the IMA keyring.
Add Eric as a reviewer.
Signed-off-by: Mimi Zohar <[email protected]>
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index ffaac404d1e0..4dbf1cc238c9 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -10557,6 +10557,7 @@ INTEGRITY MEASUREMENT ARCHITECTURE (IMA)
M: Mimi Zohar <[email protected]>
M: Roberto Sassu <[email protected]>
M: Dmitry Kasatkin <[email protected]>
+R: Eric Snowberg <[email protected]>
L: [email protected]
S: Supported
T: git git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
--
2.39.3
Roberto Sassu has been actively involved in IMA and EVM since 2011.
His first major IMA contribution was IMA template support. He also
contributed extending TPM 2.0 PCRs with properly calculated per TPM
bank digests and included file metadata information in the IMA
measurement list.
Regarding EVM, Roberto contributed to making EVM portable and immutable
signatures more usable. He also prepared the LSM infrastructure to
support EVM as a fully fledged LSM, by ensuring that the latter receives
from the former all xattrs provided by other registered LSMs at inode
creation time, for HMAC calculation.
Roberto is currently working on making IMA and EVM full fledged LSMs.
Add Roberto as an IMA and EVM maintainer.
Signed-off-by: Mimi Zohar <[email protected]>
---
MAINTAINERS | 2 ++
1 file changed, 2 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 012df8ccf34e..ffaac404d1e0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -7977,6 +7977,7 @@ F: include/uapi/linux/ext4.h
Extended Verification Module (EVM)
M: Mimi Zohar <[email protected]>
+M: Roberto Sassu <[email protected]>
L: [email protected]
S: Supported
T: git git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
@@ -10554,6 +10555,7 @@ F: drivers/crypto/inside-secure/
INTEGRITY MEASUREMENT ARCHITECTURE (IMA)
M: Mimi Zohar <[email protected]>
+M: Roberto Sassu <[email protected]>
M: Dmitry Kasatkin <[email protected]>
L: [email protected]
S: Supported
--
2.39.3
> On Dec 12, 2023, at 8:29 AM, Mimi Zohar <[email protected]> wrote:
>
> Digital signature based IMA-appraisal relies heavily on kernel keyrings.
> Eric Snowberg has been involved in adding the machine keyring to allow
> the system owner to add their own keys. With this addition,
> IMA-appraisal usage can be extended to allow loading local and 3rd party
> software keys onto the IMA keyring.
>
> Add Eric as a reviewer.
>
> Signed-off-by: Mimi Zohar <[email protected]>
Acked-by: Eric Snowberg <[email protected] <mailto:[email protected]>>
On 12.12.23 16:29, Mimi Zohar wrote:
> Roberto Sassu has been actively involved in IMA and EVM since 2011.
> His first major IMA contribution was IMA template support. He also
> contributed extending TPM 2.0 PCRs with properly calculated per TPM
> bank digests and included file metadata information in the IMA
> measurement list.
>
> Regarding EVM, Roberto contributed to making EVM portable and immutable
> signatures more usable. He also prepared the LSM infrastructure to
> support EVM as a fully fledged LSM, by ensuring that the latter receives
> from the former all xattrs provided by other registered LSMs at inode
> creation time, for HMAC calculation.
>
> Roberto is currently working on making IMA and EVM full fledged LSMs.
>
> Add Roberto as an IMA and EVM maintainer.
>
> Signed-off-by: Mimi Zohar <[email protected]>
Acked-by: Roberto Sassu <[email protected]>
Thanks
Roberto
> ---
> MAINTAINERS | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 012df8ccf34e..ffaac404d1e0 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -7977,6 +7977,7 @@ F: include/uapi/linux/ext4.h
>
> Extended Verification Module (EVM)
> M: Mimi Zohar <[email protected]>
> +M: Roberto Sassu <[email protected]>
> L: [email protected]
> S: Supported
> T: git git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
> @@ -10554,6 +10555,7 @@ F: drivers/crypto/inside-secure/
>
> INTEGRITY MEASUREMENT ARCHITECTURE (IMA)
> M: Mimi Zohar <[email protected]>
> +M: Roberto Sassu <[email protected]>
> M: Dmitry Kasatkin <[email protected]>
> L: [email protected]
> S: Supported