ecryptfs-devel team mailing list archive

Thread
Date

Re: [PATCH v2 0/4] new dracut modules

To: Roberto Sassu <roberto.sassu@xxxxxxxxx>
From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Date: Thu, 07 Jul 2011 09:53:22 -0400
Cc: initramfs@xxxxxxxxxxxxxxx, harald.hoyer@xxxxxxxxx, kirkland@xxxxxxxxxxxxx, safford@xxxxxxxxxxxxxx, ecryptfs-devel@xxxxxxxxxxxxxxxxxxx, ramunno@xxxxxxxxx
In-reply-to: <1309882990-2828-1-git-send-email-roberto.sassu@polito.it>

On Tue, 2011-07-05 at 18:23 +0200, Roberto Sassu wrote:
> Hi all
> 
> this patch set introduces three new modules (masterkey, integrity and
> ecryptfs) and allows to mount the securityfs filesystem from the initial
> ramdisk.
> 
> These patches are based upon the first version sent by Mimi Zohar, which
> can be retrieved at the address:
> 
> http://article.gmane.org/gmane.linux.kernel.initramfs/1910
> 
> Roberto Sassu 

Nice!  Thanks Roberto for updating the modules. They're look really
good.

One really minor issue is that although the user can override the
default masterkey blob filename, using a boot command line option, the
default filename is kernel version specific.  Until the tools are
available to create and seal keys to a set of PCRs, as we discussed,
perhaps there should be an additional filename default, without the
kernel version appended, as well.

thanks,  

Mimi