Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp2931749ybc; Thu, 14 Nov 2019 01:09:29 -0800 (PST) X-Google-Smtp-Source: APXvYqwYvgvnpSh+0IS8wxMuqntmuK3Cq47fRf9xt52ayz+BLz4AQrqbtvYIXXyS2t+JtpuX5XGt X-Received: by 2002:a17:906:e82:: with SMTP id p2mr7157741ejf.237.1573722569864; Thu, 14 Nov 2019 01:09:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573722569; cv=none; d=google.com; s=arc-20160816; b=GKsaVZBuWJ1RvUprJFiUAW8GJlsPeE91rV1aa98smFdDLA3NIUVUZAgKtDqXvfIez/ oHnD0ikmy34PShaR1CoyTy2swGVi72EVy36/wStqABL3+3iTPYjYexwR7zpywC/7bzSP SNE/JDj8JhdwkKAt4pyUt42te7jQo6wjxUDTVgBnQAj3nMQ/w/bZI7kw6tMQBIOkQVvP SUja7vbc59HMgcDoSF0UPGRtPUahM9phO/tGKZNryeqCYELqiHvU+WRzsMPflnoEVbBN 3uCW6ABQHO9c/EHBuJumkmW5AbalBh7ARbWHtB2rshEI1oYFg3Ltvt5lrbB9jnIvZD07 6kJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:date:message-id:subject:cc:from:to :in-reply-to; bh=P/BevhC9XXuMKK0rt4dLrp27cbx03URYlaqypZ6cRt0=; b=PFPVOCvy5PJ7sq4MiYsPfPjw5wWVn/8c4UAzQ0RBpASXi6VbfajjZ+NYs4jzoJZN13 QhoogvA8qx1fAFhF4rw5Jz9wTEUl2HVOtzNI3FxkSNm+NkcnlQXIsXP2deXqBMf+SUXM j/+WRyZY2WgaaTDECgTQd+t2iSLE68PekMlimC9vvPgd2lnCHf6G8K2UQUpj69vUfgMG zLnpqTTAK/3BR/IfTgAxFGmLiM/431SzQ1uGBBOrk1FqEUc1+sVyq/v3r09f4LxhYLBh BiP9Jb4+ZtnQzQwDunPAmOZjh9fVj2opn8SuxLDdpAO0A4w96/djnwN4PDX8IO5jMMcl RJDA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id md8si2900366ejb.386.2019.11.14.01.09.05; Thu, 14 Nov 2019 01:09:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727128AbfKNJII (ORCPT + 99 others); Thu, 14 Nov 2019 04:08:08 -0500 Received: from bilbo.ozlabs.org ([203.11.71.1]:48675 "EHLO ozlabs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726185AbfKNJIG (ORCPT ); Thu, 14 Nov 2019 04:08:06 -0500 Received: by ozlabs.org (Postfix, from userid 1034) id 47DFxv2Jjpz9sRs; Thu, 14 Nov 2019 20:08:02 +1100 (AEDT) X-powerpc-patch-notification: thanks X-powerpc-patch-commit: 4238fad366a660cbc6499ca1ea4be42bd4d1ac5b In-Reply-To: <1572492694-6520-3-git-send-email-zohar@linux.ibm.com> To: Mimi Zohar , linuxppc-dev@ozlabs.org, linux-efi@vger.kernel.org, linux-integrity@vger.kernel.org From: Michael Ellerman Cc: Ard Biesheuvel , Eric Ricther , Nayna Jain , linux-kernel@vger.kernel.org, Mimi Zohar , Paul Mackerras , Jeremy Kerr , Oliver O'Halloran Subject: Re: [PATCH v10 2/9] powerpc/ima: add support to initialize ima policy rules Message-Id: <47DFxv2Jjpz9sRs@ozlabs.org> Date: Thu, 14 Nov 2019 20:08:02 +1100 (AEDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2019-10-31 at 03:31:27 UTC, Mimi Zohar wrote: > From: Nayna Jain > > PowerNV systems use a Linux-based bootloader, which rely on the IMA > subsystem to enforce different secure boot modes. Since the verification > policy may differ based on the secure boot mode of the system, the > policies must be defined at runtime. > > This patch implements arch-specific support to define IMA policy > rules based on the runtime secure boot mode of the system. > > This patch provides arch-specific IMA policies if PPC_SECURE_BOOT > config is enabled. > > Signed-off-by: Nayna Jain > Signed-off-by: Mimi Zohar Applied to powerpc next, thanks. https://git.kernel.org/powerpc/c/4238fad366a660cbc6499ca1ea4be42bd4d1ac5b cheers