Re: [PATCH V3 1/2] evm: Don't deadlock if a crypto algorithm is unavailable

On Wed, 2018-06-13 at 14:33 +0800, Herbert Xu wrote: > On Fri, Jun 08, 2018 at 02:57:42PM -0700, Matthew Garrett wrote: > > When EVM attempts to appraise a file signed with a crypto algorithm the > > kernel doesn't have support for, it will cause the kernel to trigger a > > module load. If the EVM

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

On Mon, 2018-04-09 at 15:10 +0100, Martin Townsend wrote: > Hi Mimi, > > On Mon, Apr 9, 2018 at 1:46 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: > > On Mon, 2018-04-09 at 09:41 +0100, Martin Townsend wrote: > >> Hi, > >> > >> I'm trying

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

On Mon, 2018-04-09 at 09:41 +0100, Martin Townsend wrote: > Hi, > > I'm trying to get to the bottom of an issue I'm seeing when enabling > the CAAM in the kernel with IMA/EVM enabled. I'm using the official > NXP (imx_4.9.11_1.0.0_ga) vendor Kernel. > > Here's the error message I'm getting. >

Re: [PATCH v6 04/12] ima: Introduce is_ima_sig()

signature or is_signed() would be preferable. Mimi > > Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com> > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> > --- > security/integrity/ima/ima.h | 5 + > security/integrity/ima/ima_

Re: [PATCH v6 11/12] ima: Implement support for module-style appended signatures

On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote: > This patch actually implements the appraise_type=imasig|modsig option, > allowing IMA to read and verify modsig signatures. > > In case both are present in the same file, IMA will first check whether the > key used by the xattr

Re: [PATCH v6 12/12] ima: Write modsig to the measurement list

sage should be independent of other changes. Mimi > > Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com> > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> > --- > Documentation/security/IMA-templates.rst | 5 > security/integrity/ima/ima_template

Re: [PATCH v6 03/12] PKCS#7: Introduce pkcs7_get_digest()

gt;digest is always initialized to zero. > > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> > Cc: David Howells <dhowe...@redhat.com> > Cc: Herbert Xu <herb...@gondor.apana.org.au> > Cc: "David S. Miller" <da...@davemloft.net&

Re: [PATCH v6 02/12] PKCS#7: Introduce pkcs7_get_message_sig() and verify_pkcs7_message_sig()

to be refactored.  In this case, verify_pkcs7_signature() verifies the signature using keys on the builtin and secondary keyrings.  IMA- appraisal needs to verify the signature using keys on its keyring. The patch itself looks good! Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com> > Sig

Re: [PATCH v6 07/12] integrity: Select CONFIG_KEYS instead of depending on it

complains that > CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS. > > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com> > --- > security/integrity/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > &

Re: [PATCH v6 06/12] integrity: Introduce asymmetric_sig_has_known_key()

n the xattr sig is factored out from > asymmetric_verify() so that it can be used by the new function. > > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com> > --- > s

Re: [PATCH v6 05/12] integrity: Introduce integrity_keyring_from_id()

On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote: > IMA will need to obtain the keyring used to verify file signatures so that > it can verify the module-style signature appended to files. > > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> S

Re: [PATCH v5 17/18] ima: Implement support for module-style appended signatures

On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: Below are a few additional comments. > @@ -200,18 +239,28 @@ int ima_read_xattr(struct dentry *dentry, > */ > int ima_appraise_measurement(enum ima_hooks func, >struct integrity_iint_cache *iint, > -

Re: [PATCH v5 12/18] MODSIGN: Export module signature definitions

On Thu, 2017-10-26 at 20:47 -0200, Thiago Jung Bauermann wrote: > Mimi Zohar <zo...@linux.vnet.ibm.com> writes: > > > On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: > >> IMA will use the module_signature format for append signatures, so export &g

Re: [PATCH v5 00/18] Appended signatures support for IMA appraisal

On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: > Hello, > > The main highlight in this version is that it fixes a bug where the modsig > wasn't being included in the measurement list if the appraised file was > already measured by another rule. The fix is in the last patch. > >

Re: [PATCH v5 13/18] PKCS#7: Introduce pkcs7_get_message_sig and verify_pkcs7_message_sig

rify an already parsed PKCS#7 message. For this > purpose, add function verify_pkcs7_message_signature which takes a struct > pkcs7_message for verification instead of the raw bytes that > verify_pkcs7_signature takes. > > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.

Re: [PATCH v5 12/18] MODSIGN: Export module signature definitions

DULE_SIG_FORMAT option so that IMA can select it > and be able to use validate_module_signature without having to depend on > CONFIG_MODULE_SIG. > > Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com> One m

Re: [PATCH v5 18/18] ima: Write modsig to the measurement list

On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: > diff --git a/security/integrity/ima/ima_main.c > b/security/integrity/ima/ima_main.c > index 6a2d960fbd92..0d3390de7432 100644 > --- a/security/integrity/ima/ima_main.c > +++ b/security/integrity/ima/ima_main.c > @@ -246,7 +246,35

Re: [PATCH v4 7/7] ima: Support module-style appended signatures for appraisal

On Fri, 2017-08-04 at 19:03 -0300, Thiago Jung Bauermann wrote: > This patch introduces the modsig keyword to the IMA policy syntax to > specify that a given hook should expect the file to have the IMA signature > appended to it. Here is how it can be used in a rule: > > appraise

Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal

On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote: > On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote: > > Mimi Zohar <zo...@linux.vnet.ibm.com> writes: > > >> @@ -229,8 +251,24 @@ int ima_appraise_measurement(enum ima_hooks func, >

Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal

On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote: > Mimi Zohar <zo...@linux.vnet.ibm.com> writes: > > > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote: > >> --- a/security/integrity/ima/ima_appraise.c > >> +++ b/security/integrit

Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal

On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote: > This patch introduces the modsig keyword to the IMA policy syntax to > specify that a given hook should expect the file to have the IMA signature > appended to it. Here is how it can be used in a rule: > > appraise

Re: [PATCH v3 1/7] integrity: Introduce struct evm_hmac_xattr

Hi Thiago, On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote: > Even though struct evm_ima_xattr_data includes a fixed-size array to hold a > SHA1 digest, most of the code ignores the array and uses the struct to mean > "type indicator followed by data of unspecified size" and tracks

Re: [PATCH v2 6/6] ima: Support module-style appended signatures for appraisal

On Tue, 2017-07-04 at 23:22 -0300, Thiago Jung Bauermann wrote: > Mimi Zohar <zo...@linux.vnet.ibm.com> writes: > > > On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote: > >> Mimi Zohar <zo...@linux.vnet.ibm.com> writes: > >> > On Wed, 201

Re: [PATCH v2 6/6] ima: Support module-style appended signatures for appraisal

On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote: > Hello Mimi, > > Thanks for your review, and for queuing the other patches in this series. > > Mimi Zohar <zo...@linux.vnet.ibm.com> writes: > > On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauer

Re: [PATCH v2 1/6] integrity: Small code improvements

On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote: > These changes are too small to warrant their own patches: > > The keyid and sig_size members of struct signature_v2_hdr are in BE format, > so use a type that makes this assumption explicit. Also, use beXX_to_cpu > instead of

Re: [PATCH v2 3/6] ima: Log the same audit cause whenever a file has no signature

On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote: > If the file doesn't have an xattr, ima_appraise_measurement sets cause to > "missing-hash" while if there's an xattr but it's a digest instead of a > signature it sets cause to "IMA-signature-required". > > Fix it by setting cause

Re: [PATCH v2 2/6] ima: Simplify policy_func_show.

e_id_str we can > use one hooks list for both the enum and the string array, making sure they > are always in sync (suggested by Mimi Zohar). > > Finally, by using the printf pattern for the function token directly > instead of using the pt macro we can simplify policy_func_show ev

Re: [PATCH v2 6/6] ima: Support module-style appended signatures for appraisal

Hi Thiago, On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote: > This patch introduces the modsig keyword to the IMA policy syntax to > specify that a given hook should expect the file to have the IMA signature > appended to it. Here is how it can be used in a rule: > > appraise

Re: [RFC 09/10] ima: move to generic async completion

On Sat, 2017-05-06 at 15:59 +0300, Gilad Ben-Yossef wrote: > ima starts several async. crypto ops and waits for their completions. > Move it over to generic code doing the same. > > Signed-off-by: Gilad Ben-Yossef <gi...@benyossef.com> Acked-by: Mimi Zohar <zo.

Re: [PATCH 6/6] ima: Support appended signatures for appraisal

Hi Thiago, On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote: > This patch introduces the appended_imasig keyword to the IMA policy syntax > to specify that a given hook should expect the file to have the IMA > signature appended to it. Here is how it can be used in a rule: > >

Re: [PATCH 3/6] ima: Simplify policy_func_show.

On Thu, 2017-04-20 at 17:40 -0300, Thiago Jung Bauermann wrote: > Am Donnerstag, 20. April 2017, 08:13:23 BRT schrieb Mimi Zohar: > > On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote: > > > If the func_tokens array uses the same indices as enum ima_hooks, > >

Re: [PATCH 5/6] MODSIGN: Export module signature definitions.

On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote: > IMA will use the module_signature format for append signatures, so export > the relevant definitions and factor out the code which verifies that the > appended signature trailer is valid. > > Also, create a CONFIG_MODULE_SIG_FORMAT

Re: [PATCH 3/6] ima: Simplify policy_func_show.

On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote: > If the func_tokens array uses the same indices as enum ima_hooks, > policy_func_show can be a lot simpler, and the func_* enum becomes > unnecessary. My main concern with separating the enumeration from the string definition is

Re: [PATCH] trusted-keys: skcipher bug info

On Tue, 2016-09-20 at 20:35 +0800, Herbert Xu wrote: > On Tue, Sep 20, 2016 at 08:11:51AM -0400, Mimi Zohar wrote: > > Hi Herbert, > > > > The initial random iv value, initialized in encrypted_init(), should > > not be modified. Commit c3917fd "KEY

[PATCH] trusted-keys: skcipher bug info

Hi Herbert, The initial random iv value, initialized in encrypted_init(), should not be modified. Commit c3917fd "KEYS: Use skcipher", which replaced the blkcipher with skcipher, modifies the iv in crypto_skcipher_encrypt()/decrypt(). The following example creates an encrypted key, writes the

Re: Transferring applied X.509 patches from crypto/next to security/next

Hi Herbert, On Mon, 2016-02-08 at 13:58 +, David Howells wrote: > Herbert Xu wrote: > > > > Hmmm... That means that the crypto branch and the security branch are > > > going > > > to conflict. > > > > I thought you were OK with it going in now as you said

Re: [Linux-ima-user] [RFC] i.MX6 CAAM blob generator for IMA/EVM initialization

On Wed, 2016-01-27 at 11:04 +0100, Steffen Trumtrar wrote: > Hi! > > Mimi Zohar writes: > > > On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote: > >> Hi! > >> > >> The RFC Patch attached after this cover letter is mostly for illustration

Re: [PATCH v2 2/2] integrity: convert digsig to akcipher api

On Sat, 2015-12-12 at 18:26 -0800, Tadeusz Struk wrote: > Convert asymmetric_verify to akcipher api. > > Signed-off-by: Tadeusz Struk > --- > security/integrity/Kconfig |1 + > security/integrity/digsig_asymmetric.c | 10 +++--- > 2 files changed,

Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api

On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote: > Hi Mimi, > On 12/10/2015 10:25 AM, Mimi Zohar wrote: > >> This patch set converts the module verification and digital signature > >> > code to the new akcipher API. > >> > RSA implementation has b

Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api

On Thu, 2015-12-10 at 14:37 -0500, Mimi Zohar wrote: > On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote: > > Hi Mimi, > > On 12/10/2015 10:25 AM, Mimi Zohar wrote: > > >> This patch set converts the module verification and digital signature > > >> >

Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api

On Wed, 2015-12-09 at 15:52 -0800, Tadeusz Struk wrote: > This patch set converts the module verification and digital signature > code to the new akcipher API. > RSA implementation has been removed from crypto/asymmetric_keys and the > new API is used for cryptographic primitives. > There is no

Re: [RFC] KEYS: Exposing {a,}symmetric key ops to userspace and other bits

On Sun, 2015-11-22 at 09:41 -0500, Mimi Zohar wrote: > On Fri, 2015-11-20 at 11:07 +, David Howells wrote: > > > > (*) Add Mimi's patches to allow keys/keyrings to be marked undeletable. > > This > > is for the purpose of creating blacklists

Re: [RFC] KEYS: Exposing {a,}symmetric key ops to userspace and other bits

On Fri, 2015-11-20 at 11:07 +, David Howells wrote: > Hi Marcel, Mimi, Tadeus, > > I want to consider adding or doing the following bits to the keyrings > facility, aiming for the next merge window: > > (*) Bring in the patches that I posted to change how the trust model on a > keyring

Re: [Linux-ima-user] [RFC] i.MX6 CAAM blob generator for IMA/EVM initialization

On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote: > Hi! > > The RFC Patch attached after this cover letter is mostly for illustration > purposes, so please don't waste too much time reviewing the code ;-) > > For context I'll try to describe the problem that this patch tries to solve. >

Re: [PATCH 00/10] KEYS: Change how keys are determined to be trusted

On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote: > Here's a set of patches that changes how keys are determined to be trusted > - currently, that's a case of whether a key has KEY_FLAG_TRUSTED set upon > it. A keyring can then have a flag set (KEY_FLAG_TRUSTED ONLY) that > indicates that

Re: [PATCH 00/10] KEYS: Change how keys are determined to be trusted

On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote: > On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: > > On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote: > >> Here's a set of patches that changes how keys are determined to be trusted

Re: [PATCH 00/10] KEYS: Change how keys are determined to be trusted

On Wed, 2015-10-21 at 14:21 -0400, Josh Boyer wrote: > On Wed, Oct 21, 2015 at 2:11 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: > > On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote: > >> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> &

Re: [PATCH v3 1/3] ima: use ahash API for file hash calculation

On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote: Async hash API allows to use HW acceleration for hash calculation. It may give significant performance gain or/and reduce power consumption, which might be very beneficial for battery powered devices. This patch introduces hash

Re: [PATCH v3 1/3] ima: use ahash API for file hash calculation

On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote: On 07/07/14 14:56, Mimi Zohar wrote: On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote: +/** This is the kernel-doc delimiter. + * ima_calc_file_hash - calculae file hash + * Missing kernel-doc argument

Re: [PATCH v3 1/3] ima: use ahash API for file hash calculation

On Mon, 2014-07-07 at 19:11 +0300, Dmitry Kasatkin wrote: On 07/07/14 18:44, Mimi Zohar wrote: On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote: On 07/07/14 14:56, Mimi Zohar wrote: On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote: +/** This is the kernel-doc

Re: [PATCH v2 1/3] ima: use ahash API for file hash calculation

On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote: Async hash API allows to use HW acceleration for hash calculation. It may give significant performance gain or/and reduce power consumption, which might be very beneficial for battery powered devices. This patch introduces hash

Re: [PATCH v2 1/3] ima: use ahash API for file hash calculation

On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote: -/* - * Calculate the MD5/SHA1 file digest - */ +static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo) +{ + struct crypto_ahash *tfm = ima_ahash_tfm; + int rc; + + if ((algo != ima_hash_algo algo

Re: [PATCH v2 1/3] ima: use ahash API for file hash calculation

On Wed, 2014-07-02 at 21:20 +0300, Dmitry Kasatkin wrote: On 2 July 2014 19:40, Mimi Zohar zo...@linux.vnet.ibm.com wrote: On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote: Async hash API allows to use HW acceleration for hash calculation. It may give significant performance gain

Re: [PATCH v2 1/3] ima: use ahash API for file hash calculation

On Wed, 2014-07-02 at 21:21 +0300, Dmitry Kasatkin wrote: On 2 July 2014 20:44, Mimi Zohar zo...@linux.vnet.ibm.com wrote: On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote: -/* - * Calculate the MD5/SHA1 file digest - */ +static struct crypto_ahash *ima_alloc_atfm(enum

Re: [PATCH v2 2/3] ima: introduce multi-page collect buffers

On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote: Use of multiple-page collect buffers reduces: 1) the number of block IO requests 2) the number of asynchronous hash update requests Second is important for HW accelerated hashing, because significant amount of time is spent for

Re: [PATCH v1 1/3] ima: use ahash API for file hash calculation

On Mon, 2014-06-30 at 17:58 +0300, Dmitry Kasatkin wrote: On 26/06/14 14:54, Mimi Zohar wrote: On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote: @@ -156,7 +316,7 @@ out: return rc; } -int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash) +static int

Re: [PATCH v1 1/3] ima: use ahash API for file hash calculation

On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote: Async hash API allows to use HW acceleration for hash calculation. It may give significant performance gain or/and reduce power consumption, which might be very beneficial for battery powered devices. This patch introduces hash

Re: [PATCH v1 3/3] ima: provide double buffering for hash calculation

On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote: Asynchronous hash API allows initiate hash calculation and perform other tasks while hash is calculated. This patch introduces usage of double buffering for simultenous

[RFC][PATCH 02/20] keys: change asymmetric keys to use common hash definitions

From: Dmitry Kasatkin dmitry.kasat...@gmail.com This patch makes use of the newly defined common hash algorithm info, replacing, for example, PKEY_HASH with HASH_ALGO. Changelog: - Lindent fixes - Mimi Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com Signed-off-by: Mimi Zohar zo

[RFC][PATCH 03/20] ima: provide support for arbitrary hash algorithms

-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity/ima/Kconfig| 1 + security/integrity/ima/ima.h | 7 ++--- security/integrity/ima/ima_api.c | 32 +-- security/integrity/ima/ima_appraise.c | 20 -- security/integrity/ima

[RFC][PATCH 01/20] crypto: provide single place for hash algo information

for userspace signing functions. Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- crypto/Kconfig | 3 +++ crypto/Makefile| 1 + crypto/hash_info.c | 56 ++ include

[RFC][PATCH 15/20] ima: define new template ima-ng and template fields d-ng and n-ng

algorithim, when displaying the new larger digest sizes. Change log: - scripts/Lindent fixes - Mimi - always true comparison - reported by Fengguang Wu, resolved Dmitry Signed-off-by: Roberto Sassu roberto.sa...@polito.it Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity

[RFC][PATCH 18/20] ima: add Kconfig default measurement list template

CRYPTO_HASH_INFO' in 'config IMA' section (Kconfig) (Roberto Sassu); - removed trailing whitespaces (Roberto Sassu). - Lindent fixes Signed-off-by: Mimi Zohar zo...@us.ibm.com Signed-off-by: Roberto Sassu roberto.sa...@polito.it --- security/integrity/ima/Kconfig| 25

[RFC][PATCH 09/20] ima: ima_calc_boot_agregate must use SHA1

-by: Roberto Sassu roberto.sa...@polito.it Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity/ima/ima.h| 2 +- security/integrity/ima/ima_crypto.c | 24 +--- security/integrity/ima/ima_init.c | 10 +- 3 files changed, 31 insertions(+), 5

[RFC][PATCH 08/20] ima: support arbitrary hash algorithms in ima_calc_buffer_hash

From: Dmitry Kasatkin dmitry.kasat...@gmail.com ima_calc_buffer_hash will be used with different hash algorithms. This patch provides support for arbitrary hash algorithms in ima_calc_buffer_hash. Signed-off-by: Dmitry Kasatkin dmitry.kasat...@gmail.com Signed-off-by: Mimi Zohar zo

[RFC][PATCH 07/20] ima: provide dedicated hash algo allocation function

From: Dmitry Kasatkin d.kasat...@samsung.com This patch provides dedicated hash algo allocation and deallocation function which can be used by different clients. Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity/ima

[RFC][PATCH 05/20] ima: use dynamically allocated hash storage

, this patch dynamically allocates the needed hash storage. Changelog: - fix krealloc bug Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity/iint.c | 2 ++ security/integrity/ima/ima_api.c | 57

[RFC][PATCH 16/20] ima: switch to new template management mechanism

. Also, if the template descriptor used to generate a measurement entry is not 'ima', the whole length of field data stored for an entry is provided before the data itself through the binary_runtime_measurement interface. Changelog: - unnecessary to use strncmp() (Mimi Zohar) - create new variable

[RFC][PATCH 12/20] ima: define new function ima_alloc_init_template() to API

case - Mimi - conform to expectation for 'iint' to be defined as a pointer. - Mimi - add missing 'file' dependency for recalculating file hash. - Mimi Signed-off-by: Roberto Sassu roberto.sa...@polito.it Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity/ima/ima.h | 3

[RFC][PATCH 11/20] ima: pass the filename argument up to ima_add_template_entry()

of a new measurement entry will be performed by new specific functions (introduced in next patches) and the current IMA code will not be aware anymore of how data is stored in the entry payload. Signed-off-by: Roberto Sassu roberto.sa...@polito.it Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com

[RFC][PATCH 06/20] ima: differentiate between template hash and file data hash sizes

. Change log: - hash digest definition in ima_store_template() should be TPM_DIGEST_SIZE Signed-off-by: Mimi Zohar zo...@us.ibm.com --- security/integrity/ima/ima.h| 2 +- security/integrity/ima/ima_api.c| 2 +- security/integrity/ima/ima_crypto.c | 4 ++-- security/integrity/ima/ima_fs.c

[RFC][PATCH 14/20] ima: define template fields library and new helpers

to resolve Lindent formatting changes. - Mimi - abbreviated/removed inline comments - Mimi Signed-off-by: Roberto Sassu roberto.sa...@polito.it Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity/ima/Makefile | 2 +- security/integrity/ima/ima.h | 5

[RFC][PATCH 04/20] ima: read and use signature hash algorithm

the 'security.ima' extended attribute and calculates the appropriate file data hash based on it. Changelog: - fix scripts Lindent and checkpatch msgs - Mimi Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- security/integrity

[RFC][PATCH 19/20] ima: define kernel parameter 'ima_template=' to change configured default

set in the kernel configuration. Signed-off-by: Roberto Sassu roberto.sa...@polito.it Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- Documentation/kernel-parameters.txt | 5 + security/integrity/ima/ima_template.c | 31 +++ 2 files changed, 36 insertions

[RFC][PATCH 13/20] ima: new templates management mechanism

Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com --- Documentation/security/00-INDEX | 2 + Documentation/security/IMA-templates.txt | 87 security/integrity/ima/Makefile | 2 +- security/integrity/ima/ima.h | 29 security

Re: [RFC 1/1] ima: digital signature verification using asymmetric keys

On Tue, 2013-01-29 at 15:10 -0500, Vivek Goyal wrote: On Tue, Jan 29, 2013 at 03:01:13PM -0500, Mimi Zohar wrote: [..] Hi Mimi, Can we add another field to ima_rule_entry, say .enforcement to control the behavior of .action. Possible values of .enforcement could be, say

Re: [RFC 1/1] ima: digital signature verification using asymmetric keys

On Mon, 2013-01-28 at 13:52 -0500, Vivek Goyal wrote: On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote: [..] Ok. I am hoping that it will be more than the kernel command line we support. In the sense that for digital signatures one needs to parse the signature, look at

Re: [RFC 1/1] ima: digital signature verification using asymmetric keys

On Mon, 2013-01-28 at 13:56 -0500, Vivek Goyal wrote: On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote: [..] Ok. I am hoping that it will be more than the kernel command line we support. In the sense that for digital signatures one needs to parse the signature, look at

Re: [RFC 1/1] ima: digital signature verification using asymmetric keys

On Mon, 2013-01-28 at 15:13 -0500, Vivek Goyal wrote: On Mon, Jan 28, 2013 at 02:51:34PM -0500, Mimi Zohar wrote: On Mon, 2013-01-28 at 13:52 -0500, Vivek Goyal wrote: On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote: [..] Ok. I am hoping that it will be more than

Re: [RFC 1/1] ima: digital signature verification using asymmetric keys

On Mon, 2013-01-28 at 15:22 -0500, Vivek Goyal wrote: On Mon, Jan 28, 2013 at 03:15:49PM -0500, Mimi Zohar wrote: On Mon, 2013-01-28 at 13:56 -0500, Vivek Goyal wrote: On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote: [..] Ok. I am hoping that it will be more than

Re: [RFC 1/1] ima: digital signature verification using asymmetric keys

On Tue, 2013-01-15 at 12:34 +0200, Dmitry Kasatkin wrote: Asymmetric keys were introduced in linux-3.7 to verify the signature on signed kernel modules. The asymmetric keys infrastructure abstracts the signature verification from the crypto details. This patch adds IMA/EVM signature

Re: [RFC 0/1] ima/evm: signature verification support using asymmetric keys

On Thu, 2013-01-17 at 18:03 +, David Howells wrote: I would also like to have a look at altering your trusted key type[*] to be a subtype of asymmetric keys so that the asymmetric key type can cover keys from more sources: - Compiled-in keys. - Keys from UEFI db. -

Re: [PATCH 1/3] KEYS: Load *.x509 files into kernel keyring

On Thu, 2013-01-17 at 18:03 +, David Howells wrote: Load all the files matching the pattern *.x509 that are to be found in kernel base source dir and base build dir into the module signing keyring. Do we really want certificates cluttering up the base source tree? Any reason not to define

Re: [GIT PULL] Asymmetric keys and module signing

On Wed, 2012-09-26 at 13:16 +0930, Rusty Russell wrote: David Howells dhowe...@redhat.com writes: The module signing patches provide: - Some fixes to Rusty's patch. Also an additional patch to extend the policy handling for modules signed with an unknown key and to handle FIPS

Re: [PATCH 07/21] KEYS: Create a key type that can be used for general cryptographic operations [ver #3]

type to its own directory. Acked-by: Mimi Zohar zo...@us.ibm.com thanks, Mimi --- Documentation/security/keys-crypto.txt | 181 + include/keys/crypto-subtype.h | 56 include/keys/crypto-type.h | 25 +++ security/keys/Kconfig

Re: [RFC][PATCH 00/21] Crypto keys and module signing [ver #3]

On Fri, 2011-12-02 at 18:42 +, David Howells wrote: Here are a set of patches that create a framework for using cryptographic keys within the kernel. The patches can also be found at:

Re: [PATCH v2.2 6/7] integrity: digital signature verification using multiple keyrings

that the keyrings are only used for the digital signatures. Acked-by: Mimi Zohar zo...@us.ibm.com --- security/integrity/Kconfig | 14 +++ security/integrity/Makefile|1 + security/integrity/digsig.c| 48 security/integrity

Re: [RFC v2.1 0/6] evm: digital signature verification extension

On Tue, 2011-09-13 at 17:20 +0300, Dmitry Kasatkin wrote: Hello, Changes to version 2.0: - MPI patch has been split to smaller in order to go to mailing lists. First 2 patches include only source and header files which are needed to build ksign verification. Headers and sources are

Re: [PATCH v1.5 5/5] keys: add new key-type encrypted

On Fri, 2010-12-03 at 13:42 +, David Howells wrote: Mimi Zohar zo...@linux.vnet.ibm.com wrote: +#define KEY_TRUSTED_PREFIX trusted: +#define KEY_TRUSTED_PREFIX_LEN (sizeof (KEY_TRUSTED_PREFIX) - 1) +#define KEY_USER_PREFIX user: +#define KEY_USER_PREFIX_LEN (sizeof (KEY_USER_PREFIX

[PATCH v1.5 5/5] keys: add new key-type encrypted

and negative on failure, remove unnecessary tests. - Replaced kzalloc() with kmalloc() Signed-off-by: Mimi Zohar zo...@us.ibm.com Signed-off-by: David Safford saff...@watson.ibm.com Reviewed-by: Roberto Sassu roberto.sa...@polito.it --- include/keys/encrypted-type.h | 29 ++ security/Kconfig

crypto_shash_digest API

Hi! Am having problems finding any shash API documentation. Could someone tell me if 'out' needs to be zeroed before calling crypto_shash_digest? int crypto_shash_digest(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *out) thanks, Mimi -- To unsubscribe

[PATCH v1.5 0/5] keys: trusted and encrypted keys

against boot and offline attacks. Other uses for trusted and encrypted keys, such as for disk and file encryption are anticipated. Mimi Zohar David Safford Mimi Zohar (5): lib: hex2bin converts ascii hexadecimal string to binary tpm: add module_put wrapper key: add tpm_send command keys: add

[PATCH v1.5 2/5] tpm: add module_put wrapper

For readability, define a tpm_chip_put() wrapper to call module_put(). Replace existing module_put() calls with the wrapper. (Change based on trusted/encrypted patchset review by David Howells.) Signed-off-by: Mimi Zohar zo...@us.ibm.com Signed-off-by: David Safford saff...@watson.ibm.com Acked

[PATCH v1.5 4/5] keys: add new trusted key-type

by Roberto Sassu) - Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion) - Replaced kzalloc() with kmalloc() (reported by Serge Hallyn) Signed-off-by: David Safford saff...@watson.ibm.com Signed-off-by: Mimi Zohar zo...@us.ibm.com --- Documentation/keys-trusted-encrypted.txt

[PATCH v1.5 1/5] lib: hex2bin converts ascii hexadecimal string to binary

Howell's comment) Signed-off-by: Mimi Zohar zo...@us.ibm.com Acked-by: Serge E. Hallyn se...@hallyn.com Acked-by: David Howells dhowe...@redhat.com --- include/linux/kernel.h |1 + lib/hexdump.c | 16 2 files changed, 17 insertions(+), 0 deletions(-) diff --git

[PATCH v1.5 3/5] key: add tpm_send command

...@watson.ibm.com Signed-off-by: Mimi Zohar zo...@us.ibm.com Acked-by: David Howells dhowe...@redhat.com --- drivers/char/tpm/tpm.c | 16 include/linux/tpm.h|4 2 files changed, 20 insertions(+), 0 deletions(-) diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c index

Re: [PATCH v1.4 5/5] keys: add new key-type encrypted

On Fri, 2010-11-19 at 16:43 +, David Howells wrote: Mimi Zohar zo...@linux.vnet.ibm.com wrote: +static int datablob_format(char __user *buffer, + struct encrypted_key_payload *epayload, + int asciiblob_len) size_t? There are other

Re: [PATCH v1.3 4/4] keys: add new key-type encrypted

On Tue, 2010-11-16 at 14:08 +, David Howells wrote: Mimi Zohar zo...@linux.vnet.ibm.com wrote: Am assuming you mean something like this: keyctl add encrypted name new trusted:master-key-name keylen ring keyctl add encrypted name new user:master-key-name keylen ring

[PATCH v1.4 0/5] keys: trusted and encrypted keys

, protects against boot and offline attacks. Other uses for trusted and encrypted keys, such as for disk and file encryption are anticipated. Mimi Zohar David Safford Mimi Zohar (5): lib: hex2bin converts ascii hexadecimal string to binary tpm: add module_put wrapper key: add tpm_send

[PATCH v1.4 1/5] lib: hex2bin converts ascii hexadecimal string to binary

Howell's comment) Signed-off-by: Mimi Zohar zo...@us.ibm.com Acked-by: Serge E. Hallyn se...@hallyn.com --- include/linux/kernel.h |1 + lib/hexdump.c | 16 2 files changed, 17 insertions(+), 0 deletions(-) diff --git a/include/linux/kernel.h b/include/linux

  1   2   >