Hi Eric,
On Thu, 2024-05-30 at 18:39 -0600, Eric Snowberg wrote:
> Introduce a new LSM called Clavis (Latin word meaning key). The motivation
> behind this LSM is to provide access control for system keys. Before spending
> more time on this LSM, I am sending this as an RFC to start a discussion
Hi Eric,
> diff --git a/certs/system_keyring.c b/certs/system_keyring.c
> index 9de610bf1f4b..b647be49f6e0 100644
> --- a/certs/system_keyring.c
> +++ b/certs/system_keyring.c
> @@ -426,3 +426,32 @@ void __init set_platform_trusted_keys(struct key
> *keyring)
> platform_trusted_keys = keyrin
On Wed, 2021-03-24 at 09:14 -0700, James Bottomley wrote:
> On Tue, 2021-03-23 at 14:07 -0400, Mimi Zohar wrote:
> > On Tue, 2021-03-23 at 17:35 +0100, Ahmad Fatoum wrote:
> > > Hello Horia,
> > >
> > > On 21.03.21 21:48, Horia Geantă wrote:
> > &g
On Tue, 2021-03-23 at 17:35 +0100, Ahmad Fatoum wrote:
> Hello Horia,
>
> On 21.03.21 21:48, Horia Geantă wrote:
> > On 3/16/2021 7:02 PM, Ahmad Fatoum wrote:
> > [...]
> >> +struct trusted_key_ops caam_trusted_key_ops = {
> >> + .migratable = 0, /* non-migratable */
> >> + .init = trusted_caam_
On Sat, 2021-02-27 at 11:35 +0800, yumeng wrote:
> 在 2021/2/26 0:08, Stefan Berger 写道:
> > From: Stefan Berger
> >
>
> > diff --git a/certs/Makefile b/certs/Makefile
> > index 3fe6b73786fa..c487d7021c54 100644
> > --- a/certs/Makefile
> > +++ b/certs/Makefile
> > @@ -69,6 +69,18 @@ else
> > SI
this can be applied to all types of keys, we change the selection
> of the encoding type to be driven by the key's signature scheme rather
> than by the hash type.
>
> Signed-off-by: Stefan Berger
> Reviewed-by: Vitaly Chikunov
> Reviewed-by: Tianjia Zhang
Thanks, Stefan!
Acked-by: Mimi Zohar
On Mon, 2021-02-01 at 09:35 -0500, Stefan Berger wrote:
> On 2/1/21 8:23 AM, David Howells wrote:
> > Stefan Berger wrote:
> >
> >> From: Stefan Berger
> >>
> >> Detect whether a key is an sm2 type of key by its OID in the parameters
> >> array rather than assuming that everything under OID_id_ec
[Cc'ing linux-integrity]
On Wed, 2021-01-27 at 11:46 +, David Howells wrote:
> Jarkko Sakkinen wrote:
>
> > > I suppose a user space tool could be created. But wouldn’t what is
> > > currently done in the kernel in this area need to be removed?
> >
> > Right. I don't think this was a great
Hi Mickaël,
On Thu, 2021-01-14 at 16:19 +0100, Mickaël Salaün wrote:
> From: Mickaël Salaün
>
> Add a kernel option SYSTEM_BLACKLIST_AUTH_UPDATE to enable the root user
> to dynamically add new keys to the blacklist keyring. This enables to
> invalidate new certificates, either from being loade
On Thu, 2020-09-03 at 21:12 +0800, Tianjia Zhang wrote:
> Asymmetric digsig supports SM2-with-SM3 algorithm combination,
> so that IMA can also verify SM2's signature data.
>
> Signed-off-by: Tianjia Zhang
> Tested-by: Xufeng Zhang
Reviewed-by: Mimi Zohar (coding, no
On Mon, 2019-10-07 at 02:52 +0300, Jarkko Sakkinen wrote:
>
> With TEE coming in, TPM is not the only hardware measure anymore sealing
> the keys and we don't want a mess where every hardware asset does their
> own proprietary key generation. The proprietary technology should only
> take care of t
On Fri, 2019-10-04 at 15:11 -0700, James Bottomley wrote:
> +
> +/**
> + * tpm_get_random() - get random bytes influenced by the TPM's RNG
> + * @chip:a &struct tpm_chip instance, %NULL for the default chip
> + * @out: destination buffer for the random bytes
> + * @max: the max number
On Fri, 2019-10-04 at 00:57 +0300, Jarkko Sakkinen wrote:
> On Fri, Oct 04, 2019 at 12:51:25AM +0300, Jarkko Sakkinen wrote:
> > On Thu, Oct 03, 2019 at 02:53:47PM -0400, Mimi Zohar wrote:
> > > [Cc'ing David Safford]
> > >
> > > On Thu, 2019-10
[Cc'ing David Safford]
On Thu, 2019-10-03 at 20:58 +0300, Jarkko Sakkinen wrote:
> On Thu, Oct 03, 2019 at 09:02:32AM -0400, Mimi Zohar wrote:
> > On Thu, 2019-10-03 at 14:41 +0300, Jarkko Sakkinen wrote:
> > > On Wed, Oct 02, 2019 at 10:00:19AM -0400, Mimi Zohar wrote:
>
On Thu, 2019-10-03 at 14:41 +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 02, 2019 at 10:00:19AM -0400, Mimi Zohar wrote:
> > On Thu, 2019-09-26 at 20:16 +0300, Jarkko Sakkinen wrote:
> > > Only the kernel random pool should be used for generating random numbers.
> > > T
On Thu, 2019-09-26 at 20:16 +0300, Jarkko Sakkinen wrote:
> Only the kernel random pool should be used for generating random numbers.
> TPM contributes to that pool among the other sources of entropy. In here it
> is not, agreed, absolutely critical because TPM is what is trusted anyway
> but in or
Hi Jordan,
On Mon, 2019-08-26 at 15:46 -0700, Jordan Hand wrote:
> On 6/27/19 7:19 PM, Thiago Jung Bauermann wrote:
> > On the OpenPOWER platform, secure boot and trusted boot are being
> > implemented using IMA for taking measurements and verifying signatures.
> > Since the kernel image on Power
On Thu, 2019-08-15 at 18:33 +0530, Sumit Garg wrote:
> Hi Mimi,
>
> On Wed, 14 Aug 2019 at 18:54, Mimi Zohar wrote:
> >
> > Hi Sumit,
> >
> > On Tue, 2019-08-13 at 13:22 +0530, Sumit Garg wrote:
> > > This patch-set is an outcome of discussion here [1].
Hi Sumit,
On Tue, 2019-08-13 at 13:22 +0530, Sumit Garg wrote:
> This patch-set is an outcome of discussion here [1]. It has evolved very
> much since v1 to create, consolidate and generalize trusted keys
> subsystem.
>
> This framework has been tested with trusted keys support provided via TEE
>
On Mon, 2019-08-05 at 15:11 +0200, Philipp Rudo wrote:
> Hi Thiago,
>
> > > The patch looks good now.
> >
> > Thanks! Can I add your Reviewed-by?
>
> sorry, for the late answer, but I was on vacation the last two weeks. I hope
> it's not too late now.
>
> Reviewed-by: Philipp Rudo
Thanks!
On Thu, 2019-06-27 at 23:19 -0300, Thiago Jung Bauermann wrote:
> Hello,
>
> This version is essentially identical to the last one.
>
> It is only a rebase on top of today's linux-integrity/next-queued-testing,
> prompted by conflicts with Prakhar Srivastava's patches to measure the
> kernel comm
On Tue, 2019-05-28 at 16:23 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > Hi Thiago,
> >
> >> diff --git a/security/integrity/ima/ima_policy.c
> >> b/security/integrity/ima/ima_policy.c
> >> index fca7a3f23321..a7a20a8c15c1 100644
&
Hi Thiago,
On Thu, 2019-04-18 at 00:51 -0300, Thiago Jung Bauermann wrote:
> If the IMA template contains the "modsig" or "d-modsig" field, then the
> modsig should be added to the measurement list when the file is appraised.
>
> And that is what normally happens, but if a measurement rule caused
Hi Vitaly,
On Sun, 2019-02-24 at 09:08 +0300, Vitaly Chikunov wrote:
> Previous akcipher .verify() just `decrypts' (using RSA encrypt which is
> using public key) signature to uncover message hash, which was then
> compared in upper level public_key_verify_signature() with the expected
> hash valu
> > > diff --git a/security/integrity/digsig_asymmetric.c
> > > b/security/integrity/digsig_asymmetric.c
> > > index d775e03fbbcc..c4a3313e0210 100644
> > > --- a/security/integrity/digsig_asymmetric.c
> > > +++ b/security/integrity/digsig_asymmetric.c
> > > @@ -104,9 +104,14 @@ int asymmetric_v
be used in the places that actually expect that
> definition.
, specifically the EVM HMAC code.
>
> Signed-off-by: Thiago Jung Bauermann
Other than commenting the evm_xattr usage is limited to HMAC before
the structure definition, this looks good.
Reviewed-by: Mimi Zohar
> ---
> s
On Mon, 2018-11-05 at 15:55 +0300, Vitaly Chikunov wrote:
> Mimi,
>
> On Mon, Nov 05, 2018 at 07:48:33AM -0500, Mimi Zohar wrote:
> > On Sat, 2018-11-03 at 08:51 +0300, Vitaly Chikunov wrote:
> > > On Wed, Oct 17, 2018 at 02:08:51PM +0800, Herbert Xu wrote:
> > >
On Sat, 2018-11-03 at 08:51 +0300, Vitaly Chikunov wrote:
> Herbert,
>
> On Wed, Oct 17, 2018 at 02:08:51PM +0800, Herbert Xu wrote:
> > On Fri, Oct 12, 2018 at 09:41:05AM +0300, Vitaly Chikunov wrote:
> > >
> > > It is the first part of attempts to add to the Integrity subsystem
> > > ability of
On Wed, 2018-06-13 at 14:33 +0800, Herbert Xu wrote:
> On Fri, Jun 08, 2018 at 02:57:42PM -0700, Matthew Garrett wrote:
> > When EVM attempts to appraise a file signed with a crypto algorithm the
> > kernel doesn't have support for, it will cause the kernel to trigger a
> > module load. If the EVM
On Mon, 2018-04-09 at 15:10 +0100, Martin Townsend wrote:
> Hi Mimi,
>
> On Mon, Apr 9, 2018 at 1:46 PM, Mimi Zohar wrote:
> > On Mon, 2018-04-09 at 09:41 +0100, Martin Townsend wrote:
> >> Hi,
> >>
> >> I'm trying to get to the bottom of an issu
On Mon, 2018-04-09 at 09:41 +0100, Martin Townsend wrote:
> Hi,
>
> I'm trying to get to the bottom of an issue I'm seeing when enabling
> the CAAM in the kernel with IMA/EVM enabled. I'm using the official
> NXP (imx_4.9.11_1.0.0_ga) vendor Kernel.
>
> Here's the error message I'm getting.
>
>
name. Perhaps something
like has_signature or is_signed() would be preferable.
Mimi
>
> Suggested-by: Mimi Zohar
> Signed-off-by: Thiago Jung Bauermann
> ---
> security/integrity/ima/ima.h | 5 +
> security/integrity/ima/ima_appraise.c | 7 +++---
On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote:
> This patch actually implements the appraise_type=imasig|modsig option,
> allowing IMA to read and verify modsig signatures.
>
> In case both are present in the same file, IMA will first check whether the
> key used by the xattr sign
its usage should be independent of other
changes.
Mimi
>
> Suggested-by: Mimi Zohar
> Signed-off-by: Thiago Jung Bauermann
> ---
> Documentation/security/IMA-templates.rst | 5
> security/integrity/ima/ima_template.c | 4 ++-
> security/integrity/ima/ima_templ
) so sig->digest is always initialized to zero.
>
> Signed-off-by: Thiago Jung Bauermann
> Cc: David Howells
> Cc: Herbert Xu
> Cc: "David S. Miller"
Reviewed-by: Mimi Zohar
> ---
> crypto/asymmetric_keys/pkcs7_verify.c | 25 +
>
to
be refactored. In this case, verify_pkcs7_signature() verifies the
signature using keys on the builtin and secondary keyrings. IMA-
appraisal needs to verify the signature using keys on its keyring.
The patch itself looks good!
Reviewed-by: Mimi Zohar
> Signed-off-by: Thiago Jung Bauermann
> Cc:
ains that
> CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
>
> Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
> ---
> security/integrity/Kconfig | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/integrity/Kconfig b/security/integ
he xattr sig is factored out from
> asymmetric_verify() so that it can be used by the new function.
>
> Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
> ---
> security/integrity/digsig_asymmetric.c | 44
> +-
> securit
On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote:
> IMA will need to obtain the keyring used to verify file signatures so that
> it can verify the module-style signature appended to files.
>
> Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
>
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
Below are a few additional comments.
> @@ -200,18 +239,28 @@ int ima_read_xattr(struct dentry *dentry,
> */
> int ima_appraise_measurement(enum ima_hooks func,
>struct integrity_iint_cache *iint,
> -
On Thu, 2017-10-26 at 20:47 -0200, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> >> IMA will use the module_signature format for append signatures, so export
> >> the relevant definitions
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> Hello,
>
> The main highlight in this version is that it fixes a bug where the modsig
> wasn't being included in the measurement list if the appraised file was
> already measured by another rule. The fix is in the last patch.
>
> A
rify an already parsed PKCS#7 message. For this
> purpose, add function verify_pkcs7_message_signature which takes a struct
> pkcs7_message for verification instead of the raw bytes that
> verify_pkcs7_signature takes.
>
> Signed-off-by: Thiago Jung Bauermann
Reviewed-b
DULE_SIG_FORMAT option so that IMA can select it
> and be able to use validate_module_signature without having to depend on
> CONFIG_MODULE_SIG.
>
> Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
One minor comment below...
> ---
> include/linux/module.h
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> diff --git a/security/integrity/ima/ima_main.c
> b/security/integrity/ima/ima_main.c
> index 6a2d960fbd92..0d3390de7432 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -246,7 +246,35
> diff --git a/security/integrity/ima/ima_appraise.c
> b/security/integrity/ima/ima_appraise.c
> index 87d2b601cf8e..5a244ebc61d9 100644
> --- a/security/integrity/ima/ima_appraise.c
> +++ b/security/integrity/ima/ima_appraise.c
> @@ -190,6 +190,64 @@ int ima_read_xattr(struct dentry *dentry,
>
On Fri, 2017-08-04 at 19:03 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise func=KEXEC_KERNEL
On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote:
> On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote:
> > Mimi Zohar writes:
> > >> @@ -229,8 +251,24 @@ int ima_appraise_measurement(enum ima_hooks func,
> > &
On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> >> --- a/security/integrity/ima/ima_appraise.c
> >> +++ b/security/integrity/ima/ima_appraise.c
On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise func=KEXEC_KERNEL
Hi Thiago,
On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> Even though struct evm_ima_xattr_data includes a fixed-size array to hold a
> SHA1 digest, most of the code ignores the array and uses the struct to mean
> "type indicator followed by data of unspecified size" and tracks
On Tue, 2017-07-04 at 23:22 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote:
> >> Mimi Zohar writes:
> >> > On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote:
> Hello Mimi,
>
> Thanks for your review, and for queuing the other patches in this series.
>
> Mimi Zohar writes:
> > On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> >> This patch in
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> These changes are too small to warrant their own patches:
>
> The keyid and sig_size members of struct signature_v2_hdr are in BE format,
> so use a type that makes this assumption explicit. Also, use beXX_to_cpu
> instead of __beXX
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> If the file doesn't have an xattr, ima_appraise_measurement sets cause to
> "missing-hash" while if there's an xattr but it's a digest instead of a
> signature it sets cause to "IMA-signature-required".
>
> Fix it by setting cause t
e_id_str we can
> use one hooks list for both the enum and the string array, making sure they
> are always in sync (suggested by Mimi Zohar).
>
> Finally, by using the printf pattern for the function token directly
> instead of using the pt macro we can simplify policy_func_show even
Hi Thiago,
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise func=
On Sat, 2017-05-06 at 15:59 +0300, Gilad Ben-Yossef wrote:
> ima starts several async. crypto ops and waits for their completions.
> Move it over to generic code doing the same.
>
> Signed-off-by: Gilad Ben-Yossef
Acked-by: Mimi Zohar
> ---
> security/integrity/ima
Hi Thiago,
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the appended_imasig keyword to the IMA policy syntax
> to specify that a given hook should expect the file to have the IMA
> signature appended to it. Here is how it can be used in a rule:
>
> appr
On Thu, 2017-04-20 at 17:40 -0300, Thiago Jung Bauermann wrote:
> Am Donnerstag, 20. April 2017, 08:13:23 BRT schrieb Mimi Zohar:
> > On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> > > If the func_tokens array uses the same indices as enum ima_hooks,
> >
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> IMA will use the module_signature format for append signatures, so export
> the relevant definitions and factor out the code which verifies that the
> appended signature trailer is valid.
>
> Also, create a CONFIG_MODULE_SIG_FORMAT
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> If the func_tokens array uses the same indices as enum ima_hooks,
> policy_func_show can be a lot simpler, and the func_* enum becomes
> unnecessary.
My main concern with separating the enumeration from the string
definition is that
On Tue, 2016-09-20 at 20:35 +0800, Herbert Xu wrote:
> On Tue, Sep 20, 2016 at 08:11:51AM -0400, Mimi Zohar wrote:
> > Hi Herbert,
> >
> > The initial random iv value, initialized in encrypted_init(), should
> > not be modified. Commit c3917fd "KEYS: Use s
Hi Herbert,
The initial random iv value, initialized in encrypted_init(), should
not be modified. Commit c3917fd "KEYS: Use skcipher", which replaced
the blkcipher with skcipher, modifies the iv in
crypto_skcipher_encrypt()/decrypt().
The following example creates an encrypted key, writes the ke
Hi Herbert,
On Mon, 2016-02-08 at 13:58 +, David Howells wrote:
> Herbert Xu wrote:
>
> > > Hmmm... That means that the crypto branch and the security branch are
> > > going
> > > to conflict.
> >
> > I thought you were OK with it going in now as you said that you'll
> > fix it up later.
On Wed, 2016-01-27 at 11:04 +0100, Steffen Trumtrar wrote:
> Hi!
>
> Mimi Zohar writes:
>
> > On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote:
> >> Hi!
> >>
> >> The RFC Patch attached after this cover letter is mostly for illustration
On Sat, 2015-12-12 at 18:26 -0800, Tadeusz Struk wrote:
> Convert asymmetric_verify to akcipher api.
>
> Signed-off-by: Tadeusz Struk
> ---
> security/integrity/Kconfig |1 +
> security/integrity/digsig_asymmetric.c | 10 +++---
> 2 files changed, 4 insertions(+), 7 deletio
On Thu, 2015-12-10 at 14:37 -0500, Mimi Zohar wrote:
> On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote:
> > Hi Mimi,
> > On 12/10/2015 10:25 AM, Mimi Zohar wrote:
> > >> This patch set converts the module verification and digital signature
> > >> >
On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote:
> Hi Mimi,
> On 12/10/2015 10:25 AM, Mimi Zohar wrote:
> >> This patch set converts the module verification and digital signature
> >> > code to the new akcipher API.
> >> > RSA implementation has been
On Wed, 2015-12-09 at 15:52 -0800, Tadeusz Struk wrote:
> This patch set converts the module verification and digital signature
> code to the new akcipher API.
> RSA implementation has been removed from crypto/asymmetric_keys and the
> new API is used for cryptographic primitives.
> There is no nee
On Sun, 2015-11-22 at 09:41 -0500, Mimi Zohar wrote:
> On Fri, 2015-11-20 at 11:07 +, David Howells wrote:
> >
> > (*) Add Mimi's patches to allow keys/keyrings to be marked undeletable.
> > This
> > is for the purpose of creating black
On Fri, 2015-11-20 at 11:07 +, David Howells wrote:
> Hi Marcel, Mimi, Tadeus,
>
> I want to consider adding or doing the following bits to the keyrings
> facility, aiming for the next merge window:
>
> (*) Bring in the patches that I posted to change how the trust model on a
> keyring
On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote:
> Hi!
>
> The RFC Patch attached after this cover letter is mostly for illustration
> purposes, so please don't waste too much time reviewing the code ;-)
>
> For context I'll try to describe the problem that this patch tries to solve.
>
On Wed, 2015-10-21 at 14:21 -0400, Josh Boyer wrote:
> On Wed, Oct 21, 2015 at 2:11 PM, Mimi Zohar wrote:
> > On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote:
> >> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar
> >> wrote:
> >> > On Wed, 2015-10
On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote:
> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar wrote:
> > On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote:
> >> Here's a set of patches that changes how keys are determined to be trusted
> >> - currently
On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote:
> Here's a set of patches that changes how keys are determined to be trusted
> - currently, that's a case of whether a key has KEY_FLAG_TRUSTED set upon
> it. A keyring can then have a flag set (KEY_FLAG_TRUSTED ONLY) that
> indicates that on
On Mon, 2014-09-08 at 07:25 -0500, Behan Webster wrote:
> On 09/08/14 04:15, Dmitry Kasatkin wrote:
> > On 07/09/14 05:06, Behan Webster wrote:
> >> On 09/06/14 03:11, Thomas Gleixner wrote:
> >>> On Fri, 5 Sep 2014, Behan Webster wrote:
> On 09/05/14 17:18, Thomas Gleixner wrote:
> >> Si
On Mon, 2014-07-07 at 19:11 +0300, Dmitry Kasatkin wrote:
> On 07/07/14 18:44, Mimi Zohar wrote:
> > On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
> >> On 07/07/14 14:56, Mimi Zohar wrote:
> >>> On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
> On 07/07/14 14:56, Mimi Zohar wrote:
> > On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
> >>
> >> +/**
> > This is the kernel-doc delimiter.
> >
> >> + * ima_calc_file_hash
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash c
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> Use of multiple-page collect buffers reduces:
> 1) the number of block IO requests
> 2) the number of asynchronous hash update requests
>
> Second is important for HW accelerated hashing, because significant
> amount of time is spent for
On Wed, 2014-07-02 at 21:21 +0300, Dmitry Kasatkin wrote:
> On 2 July 2014 20:44, Mimi Zohar wrote:
> > On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> >
> >> -/*
> >> - * Calculate the MD5/SHA1 file digest
> >> - */
> >> +static
On Wed, 2014-07-02 at 21:20 +0300, Dmitry Kasatkin wrote:
> On 2 July 2014 19:40, Mimi Zohar wrote:
> > On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> >> Async hash API allows to use HW acceleration for hash calculation.
> >> It may give significant per
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> -/*
> - * Calculate the MD5/SHA1 file digest
> - */
> +static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
> +{
> + struct crypto_ahash *tfm = ima_ahash_tfm;
> + int rc;
> +
> + if ((algo != ima_hash_algo && algo <
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash c
On Mon, 2014-06-30 at 17:58 +0300, Dmitry Kasatkin wrote:
> On 26/06/14 14:54, Mimi Zohar wrote:
> > On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> >> @@ -156,7 +316,7 @@ out:
> >>return rc;
> >> }
> >>
> >> -int ima_ca
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> Asynchronous hash API allows initiate hash calculation and perform
> other tasks while hash is calculated.
>
> This patch introduces usage of double buffering for simultenous
^simul
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash ca
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash c
ely enables it by allowing users to
choose their desired template either from the kernel configuration
and from the kernel command line.
Mimi Zohar
Dmitry Kasatkin (8):
crypto: provide single place for hash algo information
keys: change asymmetric keys to use common hash definitions
ima:
be called only once (Dmitry)
- removed trailing whitespaces (Roberto Sassu)
Signed-off-by: Mimi Zohar
Signed-off-by: Roberto Sassu
---
Documentation/kernel-parameters.txt | 6 +-
security/integrity/ima/Kconfig | 35 +++
security/integrity/ima/ima_mai
lt): its format is 'd-ng|n-ng'
Further details about the new template architecture can be found in
Documentation/security/IMA-templates.txt.
Changelog:
- don't defer calling ima_init_template() - Mimi
- don't define ima_lookup_template_desc() until used - Mimi
- squashed with do
will be performed
by new specific functions (introduced in next patches) and the current IMA
code will not be aware anymore of how data is stored in the entry payload.
Signed-off-by: Roberto Sassu
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 5 +++--
security/integrity/ima
.
Change log:
- hash digest definition in ima_store_template() should be TPM_DIGEST_SIZE
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h| 2 +-
security/integrity/ima/ima_api.c| 2 +-
security/integrity/ima/ima_crypto.c | 4 ++--
security/integrity/ima/ima_fs.c | 10
x27;. remove
prefix to resolve Lindent formatting changes. - Mimi
- abbreviated/removed inline comments - Mimi
Signed-off-by: Roberto Sassu
Signed-off-by: Mimi Zohar
---
security/integrity/ima/Makefile | 2 +-
security/integrity/ima/ima.h | 5 +
security/integrity/i
y.ima' extended
attribute and calculates the appropriate file data hash based on it.
Changelog:
- fix scripts Lindent and checkpatch msgs - Mimi
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
security/integrity/digsig_asymmetric.c | 11 -
security/integrity/ima/ima.h
configuration.
Signed-off-by: Roberto Sassu
Signed-off-by: Mimi Zohar
---
Documentation/kernel-parameters.txt | 5 +
security/integrity/ima/ima_template.c | 31 +++
2 files changed, 36 insertions(+)
diff --git a/Documentation/kernel-parameters.txt
b/Documentation
elog:
- keep 'select CRYPTO_HASH_INFO' in 'config IMA' section (Kconfig)
(Roberto Sassu);
- removed trailing whitespaces (Roberto Sassu).
- Lindent fixes
Signed-off-by: Mimi Zohar
Signed-off-by: Roberto Sassu
---
security/integrity/ima/Kconfig| 25 +
()
(Roberto Sassu);
- pass hash->algo to ima_alloc_tfm() (Roberto Sassu, reported by Dmitry).
- "move hash definition in ima_add_boot_aggregate()" commit hunk to here.
- sparse warning fix - Fengguang Wu
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Roberto Sassu
Signed-off-b
From: Dmitry Kasatkin
ima_calc_buffer_hash will be used with different hash algorithms.
This patch provides support for arbitrary hash algorithms in
ima_calc_buffer_hash.
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_api.c| 3 +++
security
1 - 100 of 184 matches
Mail list logo