On Tue, 2026-06-02 at 13:14 +0200, Roberto Sassu wrote: > From: Roberto Sassu <[email protected]> > > Add the documentation of exporting and deleting IMA measurements in > Documentation/security/IMA-export-delete.rst. > > Also add the missing Documentation/security/IMA-templates.rst file in > MAINTAINERS. > > Link: https://github.com/linux-integrity/linux/issues/1 > Signed-off-by: Roberto Sassu <[email protected]>
Thanks, Roberto! Other than the section titled "Remote Attestation Agent Workflow", the documentation is well written and flows nicely. More details in the "Remote Attestation Agent Workflow" section. > --- > Documentation/security/IMA-export-delete.rst | 190 +++++++++++++++++++ > Documentation/security/index.rst | 1 + > MAINTAINERS | 2 + > 3 files changed, 193 insertions(+) > create mode 100644 Documentation/security/IMA-export-delete.rst > > diff --git a/Documentation/security/IMA-export-delete.rst > b/Documentation/security/IMA-export-delete.rst > new file mode 100644 > index 000000000000..a9e1d3f8ed47 > --- /dev/null > +++ b/Documentation/security/IMA-export-delete.rst > @@ -0,0 +1,190 @@ > +.. SPDX-License-Identifier: GPL-2.0 > + > +================================== > +IMA Measurements Export and Delete > +================================== > + > + > +Introduction > +============ > + > +The IMA measurements list is currently stored in the kernel memory. Memory > +occupation grows linearly with the number of records, and can become a > +problem especially in environments with reduced resources. > + > +While there is an advantage in keeping the IMA measurements list in kernel > +memory, so that it is always available for reading from the securityfs > +interfaces, storing it elsewhere would make it possible to free precious > +memory for other kernel usage. > + > +The IMA measurements list needs to be retained and safely stored for new > +attestation servers to validate it. Assuming the IMA measurements list is > +properly saved, storing it outside the kernel does not introduce security > +issues, since its integrity is anyway protected by the TPM. > + > +Hence, the new IMA staging mechanism is introduced to export IMA > +measurements to user space and delete them from kernel space. > + > +Staging consists in atomically moving the current measurements list to a > +temporary list, so that measurements can be deleted afterwards. The staging > +operation locks the hot path (racing with addition of new measurements) for > +a very short time, only for swapping the list pointers. Deletion of the > +measurements instead is done locklessly, away from the hot path. > + > +There are two flavors of the staging mechanism. In the staging with prompt, > +all current measurements are staged, read and deleted upon confirmation. In > +the staging and deleting flavor, N measurements are staged from the > +beginning of the current measurements list and immediately deleted without > +confirmation. > + > + > +Management of Staged Measurements > +================================= > + > +Since with the staging mechanism measurement records are removed from the > +kernel, the staged measurements need to be saved in a storage and > +concatenated together, so that they can be presented to remote attestation > +agents as if staging was never done. This task can be accomplished by a > +system service. > + > +Coordination is necessary in the case where there are multiple actors > +requesting measurements to be staged. > + > +In the staging with prompt case, the measurement interfaces can be accessed > +only by one actor (writer) at a time, so the others will get an error until > +the former closes it. Since the actors don't care about N, when they gain > +access to the interface, they will get all the staged measurements at the > +time of their request. > + > +In the case of staging and deleting, coordination is more important, since > +there is the risk that two actors unaware of each other compute the value N > +on the current measurements list and request IMA to stage N twice. > + > + > +Remote Attestation Agent Workflow > +================================= The example below illustrates a narrow use case in which only a single attestation server is present, eliminating the need to retain the measurement list records. The recommended general case, however, involves multiple attestation servers and requires the system service to retain all measurement records since boot, with the ability to respond with records from any specified point onward. Mimi > + > +Users can choose the staging method they find more appropriate for their > +workflow. > + > +If, as an example, a remote attestation agent would like to present to the > +remote attestation server only the measurements that are required to > +verify the TPM quote, its workflow would be the following. > + > +With staging with prompt, the agent stages the current measurements list, > +reads and stores the measurements in a storage and immediately requests > +IMA to delete the staged measurements from kernel memory. Afterwards, it > +calculates N by replaying the PCR extend on the stored measurements until > +the calculated PCRs match the quoted PCRs. It then keeps the measurements > +in excess for the next attestation request. > + > +At the next attestation request, the agent performs the same steps above, > +and concatenates the new measurements to the ones in excess from the > +previous request. Also in this case, the agent replays the PCR extend until > +it matches the currently quoted PCRs, keeps the measurements in excess and > +presents the new N measurement records to the remote attestation server. > + > +With the staging and deleting method, the agent reads the current > +measurements list, calculates N and requests IMA to delete only those. The > +measurements in excess are kept in the IMA measurements list and can be > +retrieved at the next remote attestation request. > + > + > +Usage > +===== > + > +The IMA staging mechanism can be enabled from the kernel configuration with > +the CONFIG_IMA_STAGING option. This option prevents inadvertently removing > +the IMA measurement list on systems which do not properly save it. > + > +If the option is enabled, IMA duplicates the current securityfs > +measurements interfaces (both binary and ASCII), by adding the ``_staged`` > +file suffix. Both the original and the staging interfaces gain the write > +permission for the root user and group, but require the process to have > +CAP_SYS_ADMIN set. > + > +The staging mechanism supports two flavors. > + > + > +Staging with prompt > +~~~~~~~~~~~~~~~~~~~ > + > +The current measurements list is moved to a temporary staging area, > +allowing it to be saved to external storage, before being deleted upon > +confirmation. > + > +This staging process is achieved with the following steps. > + > + 1. ``echo A > <_staged interface>``: the user requests IMA to stage the > + entire measurements list; > + 2. ``cat <_staged interface>``: the user reads the staged measurements; > + 3. ``echo D > <_staged interface>``: the user requests IMA to delete > + staged measurements. > + > + > +Staging and deleting > +~~~~~~~~~~~~~~~~~~~~ > + > +N measurements are staged to a temporary staging area, and immediately > +deleted without further confirmation. > + > +This staging process is achieved with the following steps. > + > + 1. ``cat <original interface>``: the user reads the current measurements > + list and determines what the value N for staging should be; > + 2. ``echo N > <original interface>``: the user requests IMA to delete N > + measurements from the current measurements list. > + > + > +Interface Access > +================ > + > +In order to avoid the IMA measurements list being suddenly truncated by the > +staging mechanism during a read, or having multiple concurrent staging, a > +semaphore-like locking scheme has been implemented on all the measurements > +list interfaces. > + > +Multiple readers can access concurrently the original and staged > +interfaces, and they can be in mutual exclusion with one writer. In order > +to see the same state across all the measurement interfaces, the same > +writer is allowed to open multiple interfaces for write or read/write. > + > +If an illegal access occurs, the open to the measurements list interface is > +denied. > + > + > +Kexec > +===== > + > +In the event a kexec() system call occurs between staging and deleting, the > +staged measurement records are marshalled before the current measurements > +list, so that they are both available when the secondary kernel starts. > + > +If measurement is suspended before requesting to delete staged or current > +measurements, IMA returns an error to user space to let it know that > +marshalling is already in progress, so that it does not save the > +measurements twice. > + > +IMA also disallows staging when suspending measurement, to avoid the > +situation where neither measurements are carried over to the secondary > +kernel, nor they are saved by user space to the storage. > + > + > +Hash table > +========== > + > +By default, the template digest of staged measurement records are kept in > +kernel memory (only template data are freed), to be able to detect > +duplicate records independently of staging. > + > +The new kernel option ``ima_flush_htable`` has been introduced to > +explicitly request a complete deletion of the staged measurements, for > +maximum kernel memory saving. If the option has been specified, duplicate > +records are still avoided on records of the current measurements list, > +but there can be duplicates between different groups of staged > +measurements. > + > +Flushing the hash table is supported only for the staging with prompt > +flavor. For the staging and deleting flavor, it would have been necessary > +to lock the hot path adding new measurements for the time needed to remove > +each selected measurement individually. > diff --git a/Documentation/security/index.rst > b/Documentation/security/index.rst > index 3e0a7114a862..00650dcf38cb 100644 > --- a/Documentation/security/index.rst > +++ b/Documentation/security/index.rst > @@ -8,6 +8,7 @@ Security Documentation > credentials > snp-tdx-threat-model > IMA-templates > + IMA-export-delete > keys/index > lsm > lsm-development > diff --git a/MAINTAINERS b/MAINTAINERS > index 461a3eed6129..70ff6bae3493 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -12752,6 +12752,8 @@ R: Eric Snowberg <[email protected]> > L: [email protected] > S: Supported > T: git > git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git > +F: Documentation/security/IMA-export-delete.rst > +F: Documentation/security/IMA-templates.rst > F: include/linux/secure_boot.h > F: security/integrity/ > F: security/integrity/ima/
