Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1046964ybl;
        Wed, 28 Aug 2019 08:54:32 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwPX+ExOG3EKJ1rgRDpW7PDEJkCzAcNrsE0H3OUsAFe90/vvGrI5ggWm/z2VAZWyvEmp3qJ
X-Received: by 2002:aa7:908b:: with SMTP id i11mr3159267pfa.199.1567007672247;
        Wed, 28 Aug 2019 08:54:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1567007672; cv=none;
        d=google.com; s=arc-20160816;
        b=A9GYRuEM8Q81E3mFLdx9eKEMqPZmyYlWzUrdJQjrDfaSjVSDBweMB5IfBFOqUDCGWI
         8/IAcNCnV+oP5RDqUf5ppnemKLxy/NF6A+RJpD1iGPI85xE7skKf0q/BSwb0EnJ/sOXz
         V12Zdznjg4OXhEZhTYlc3jMAniWmhc+IkSBpKcCcanIDU3G+1hIbnmgS/7BL6eTnl0pp
         atsRROzsaqV/0L3rPrAxbsJkGdrcBoMUbf+ZefC1PrQzaYPyXQdXBgehsLt91aRq+G7I
         maqm5f8tenx+DiDqBNk6UWQzs7OA75sPVMkXsuQdr4ai2/y1OUoap+x3FdrZg/hgchhR
         ay4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature;
        bh=PBMYn5EGRNHmyPjlzAwQNRZtz0u9ENxtUOGqfiECeL0=;
        b=LRjgKYv5JY8DZrJ43sFnlEaMJox8Ho3BfuR0oIpcOmaf3x4VTMGAl7riwKRs3LJfd7
         suGjXxhm85v5kbZC13zaMn39K1jxPiSvoQffucRf+Hm5Km2n/FHNpvAAx2+HGawUyoDz
         KoiOneoqfdJTU4HAZjzILVTOXeCNhgLbmBw+bSbSWj6KClM7bCOk8hLQdd8W4ocsJgEl
         aO6LrqsKyEd8VmipQOywwJBiVOOQUG0tn4hLhjon02VWjF1vUPFUjKS8OJbZEEeexfUo
         +WhZg5fFC2ba+nAJ3mb/8py0hp/uRm+5Cem9d5DZD9cA8+EenPFTuwxaKh2FZVM9+gez
         SXoA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=InFHVs6M;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q23si2223212pll.430.2019.08.28.08.54.16;
        Wed, 28 Aug 2019 08:54:32 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=InFHVs6M;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726773AbfH1PxR (ORCPT <rfc822;radocaj.bane@gmail.com>
        + 99 others); Wed, 28 Aug 2019 11:53:17 -0400
Received: from mail.kernel.org ([198.145.29.99]:37522 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726368AbfH1PxR (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 28 Aug 2019 11:53:17 -0400
Received: from [192.168.1.112] (c-24-9-64-241.hsd1.co.comcast.net [24.9.64.241])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id D10A22064A;
        Wed, 28 Aug 2019 15:53:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1567007596;
        bh=6/85+MzB1JJmEyPqfvT2XU196VzVe0Da/hn+nwH94WI=;
        h=Subject:To:Cc:References:From:Date:In-Reply-To:From;
        b=InFHVs6MWH1gnWoAc3XBoEGci7TX31v4oYyKXQyASPylb9B/f/f/NKujpijCRB9yq
         HjTQRDEkRzEWeu09eK61jLdk8gHjL+8f9hjsuiCsKEMq2bJqiq8WnI74b34D1FqrK4
         JC/Kvcpz6qgHIa019eKMcbL9hjFJtOnHuSGgbfxA=
Subject: Re: [PATCH v1] sefltest/ima: support appended signatures (modsig)
To:     Mimi Zohar <zohar@linux.ibm.com>, linux-integrity@vger.kernel.org
Cc:     Thiago Jung Bauermann <bauerman@linux.ibm.com>,
        Petr Vorel <pvorel@suse.cz>, Jessica Yu <jeyu@kernel.org>,
        Dave Young <dyoung@redhat.com>,
        linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
        linux-kernel@vger.kernel.org, shuah <shuah@kernel.org>
References: <1567005240-12912-1-git-send-email-zohar@linux.ibm.com>
From:   shuah <shuah@kernel.org>
Message-ID: <4a9f9cd3-c550-98e4-1513-14ef161c34c2@kernel.org>
Date:   Wed, 28 Aug 2019 09:53:14 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <1567005240-12912-1-git-send-email-zohar@linux.ibm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 8/28/19 9:14 AM, Mimi Zohar wrote:
> In addition to the PE/COFF and IMA xattr signatures, the kexec kernel
> image can be signed with an appended signature, using the same
> scripts/sign-file tool that is used to sign kernel modules.
> 
> This patch adds support for detecting a kernel image signed with an
> appended signature and updates the existing test messages
> appropriately.
> 
> Reviewed-by: Petr Vorel <pvorel@suse.cz>
> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
> ---

Thanks Mimi. This commit log looks good. My Ack for the patch
to go through the IMA tree.

Acked-by: Shuah Khan <skhan@linuxfoundation.org>

thanks,
-- Shuah