On 11/19/2017 12:23 AM, Mimi Zohar wrote:
Hi Serge,
On Fri, 2017-11-17 at 22:20 -0600, Serge E. Hallyn wrote:
On Tue, Nov 07, 2017 at 11:37:01AM +0100, Roberto Sassu wrote:
from a predefined position (/etc/ima/digest_lists/metadata), when rootfs
becomes available. Digest lists must be loaded
On 11/9/2017 5:46 PM, Matthew Garrett wrote:
On Thu, Nov 9, 2017 at 11:13 AM, Roberto Sassu <roberto.sa...@huawei.com> wrote:
On 11/9/2017 3:47 PM, Matthew Garrett wrote:
There's no need to have a policy that measures those files, because
they're part of the already-measured initramfs
On 11/9/2017 3:47 PM, Matthew Garrett wrote:
On Thu, Nov 9, 2017 at 4:51 AM, Roberto Sassu <roberto.sa...@huawei.com> wrote:
On 11/8/2017 4:48 PM, Matthew Garrett wrote:
The code doing the parsing is in the initramfs, which has already been
measured at boot time. You can guarantee tha
On 11/8/2017 4:48 PM, Matthew Garrett wrote:
On Wed, Nov 8, 2017 at 7:00 AM, Roberto Sassu <roberto.sa...@huawei.com> wrote:
On 11/7/2017 7:06 PM, Matthew Garrett wrote:
But we're still left in a state where the kernel has to end up
supporting a number of very niche formats, and us
On 11/7/2017 7:06 PM, Matthew Garrett wrote:
On Tue, Nov 7, 2017 at 12:53 PM, Roberto Sassu <roberto.sa...@huawei.com> wrote:
On 11/7/2017 3:49 PM, Matthew Garrett wrote:
RPM's hardly universal, and distributions are in the process of moving
away from using it for distributing no
On 11/7/2017 3:49 PM, Matthew Garrett wrote:
On Tue, Nov 7, 2017 at 2:36 AM, Roberto Sassu <roberto.sa...@huawei.com> wrote:
Finally, digest lists address also the third issue because Linux
distribution vendors already provide the digests of files included in each
RPM package. The diges
On 11/7/2017 2:37 PM, Mimi Zohar wrote:
Hi Roberto,
On Tue, 2017-11-07 at 11:36 +0100, Roberto Sassu wrote:
IMA is a security module with the objective of reporting or enforcing the
integrity of a system, by measuring files accessed with the execve(),
mmap() and open() system calls
This patch renames ima_write_policy() to ima_write_data(). Also, it
determines the kernel_read_file_id from the dentry associated to the file,
and passes it to ima_read_file().
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_fs.
. If the entry ID is COMPACT_DIGEST_MUTABLE, file updates
are permitted.
Changelog
v1:
- Renamed COMPACT_LIST_ID_DIGEST to COMPACT_DIGEST
- Added support for immutable/mutable files
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_digest_list.
is enabled
- Load digest lists when rootfs is available
- Ignore digest lists if no policy is loaded
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
include/linux/fs.h | 2 +
security/integrity/iint.c| 1 +
security/integrity/ima/K
.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
Changelog
v1:
- Deny upload of digest lists if no policy is loaded
---
security/integrity/ima/ima_fs.c | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima_fs.c b/se
policies
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_main.c | 38 +++--
security/integrity/ima/ima_policy.c | 16
3 files changed, 54 insertions(+), 2 del
This patch adds the documentation of digest lists.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
Documentation/security/IMA-digest-lists.txt | 161
1 file changed, 161 insertions(+)
create mode 100644 Documentation/security/IMA-digest-lists.txt
until digest lists include them.
When extended attribute values are available, IMA will check them as the
same as the digest, and will not write security.ima for immutable files if
values are provided for all extended attributes protected by EVM.
Signed-off-by: Roberto Sassu <roberto
are permitted if
appraisal is in enforcing mode).
Changelog
v1:
- Moved parser of file digests outside the first loop
- Added support for immutable/mutable files
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_digest_list.c
the is_mutable field, which indicates if a file with a given digest can be
updated or not.
Finally, this patch introduces functions to lookup and add a digest to the
new ima_digests_htable hash table.
Changelog
v1:
- added support for immutable/mutable files
Signed-off-by: Roberto Sassu <roberto
This patch removes ima_show_htable_violations() and
ima_show_measurements_count(). ima_show_htable_value(), called by those
functions, determines which hash table data should be copied to the buffer
depending on the dentry of the file passed as argument.
Signed-off-by: Roberto Sassu <roberto
Rename ima_read_policy() to ima_read_file(), and add file_id as new
parameter. If file_id is equal to READING_POLICY, ima_read_file() behavior
remains unchanged. ima_read_file() will be used to read digest list
metadata.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
se
regular users.
Changelog
v1:
- added new policy option digest_list to selectively enable digest lookup
- added support for appraisal
- added support for immutable/mutable files
Roberto Sassu (15):
ima: generalize ima_read_policy()
ima: generalize ima_write_policy()
ima: generalize policy file
On 8/10/2017 3:12 PM, Mimi Zohar wrote:
On Wed, 2017-08-09 at 19:18 +0200, Roberto Sassu wrote:
On 8/9/2017 4:30 PM, Mimi Zohar wrote:
On Wed, 2017-08-09 at 11:15 +0200, Roberto Sassu wrote:
On 8/2/2017 9:22 AM, James Morris wrote:
On Tue, 1 Aug 2017, Roberto Sassu wrote:
On 8/1/2017 12:27
On 8/9/2017 10:36 PM, Ken Goldman wrote:
On 7/25/2017 11:44 AM, Roberto Sassu wrote:
Don't report measurements if the file digest has been included in
an uploaded digest list.
The advantage of this solution is that the boot time overhead, when
a TPM is available, is very small because a PCR
On 8/2/2017 9:22 AM, James Morris wrote:
On Tue, 1 Aug 2017, Roberto Sassu wrote:
On 8/1/2017 12:27 PM, Christoph Hellwig wrote:
On Tue, Aug 01, 2017 at 12:20:36PM +0200, Roberto Sassu wrote:
This patch introduces a parser for RPM packages. It extracts the digests
from the RPMTAG_FILEDIGESTS
On 8/2/2017 9:22 AM, James Morris wrote:
On Tue, 1 Aug 2017, Roberto Sassu wrote:
On 8/1/2017 12:27 PM, Christoph Hellwig wrote:
On Tue, Aug 01, 2017 at 12:20:36PM +0200, Roberto Sassu wrote:
This patch introduces a parser for RPM packages. It extracts the digests
from the RPMTAG_FILEDIGESTS
On 8/1/2017 12:27 PM, Christoph Hellwig wrote:
On Tue, Aug 01, 2017 at 12:20:36PM +0200, Roberto Sassu wrote:
This patch introduces a parser for RPM packages. It extracts the digests
from the RPMTAG_FILEDIGESTS header section and converts them to binary data
before adding them to the hash table
by Linux distributions vendors.
RPM headers signatures can be provided as digest list metadata.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_digest_list.c | 86 +++-
1 file changed, 85 insertions(+), 1 deletion(-)
diff
are measured, their digest is added to the hash table
so that IMA does not create a measurement entry for them (which would
affect the performance). The only measurement entry created will be
for the metadata.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
include/linu
This patch adds the documentation of the new IMA feature, to load
and measure file digest lists.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
Documentation/security/IMA-digest-lists.txt | 150
1 file changed, 150 insertions(+)
create mode
which and when files are accessed (they must assume that
the worst case happened, i.e. all files have been accessed).
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_main.c | 8
1 file changed, 8 insertions(+)
diff --git a/security/integri
-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima.h| 1 +
security/integrity/ima/ima_main.c | 15 ++-
security/integrity/ima/ima_policy.c | 1 +
3 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima.h b/se
-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_fs.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index ad3d674..08174c1 100644
--- a/security/integrity/ima/ima_fs.c
are measured, their digest is added to the hash table
so that IMA does not create a measurement entry for them (which would
affect the performance). The only measurement entry created will be
for the metadata.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
include/linu
by Linux distributions vendors.
RPM headers signatures can be provided as digest list metadata.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_digest_list.c | 84 +++-
1 file changed, 83 insertions(+), 1 deletion(-)
diff
ther, their signature
cannot be verified.
Lastly, when a file is accessed, IMA searches the calculated digest in
the hash table. Only if the digest is not found a new entry is added
to the measurement list.
Roberto Sassu (12):
ima: generalize ima_read_policy()
ima: generalize ima_write_policy()
introduces functions to lookup and add a digest to
a hash table, which will be used by the parsers.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima.h | 8
security/integrity/ima/ima_queue.c | 39 ++
2
This patch removes ima_show_htable_violations() and
ima_show_measurements_count(). ima_show_htable_value(), called
by those functions, determines which hash table data should be
copied to the buffer depending on the dentry of the file passed
as argument.
Signed-off-by: Roberto Sassu <roberto
specifically for
the policy, as it might not be cleared at file release. This would prevent
userspace applications from uploading files after a policy has been loaded.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_fs.
This patch renames ima_write_policy() to ima_write_data(). Also,
it determines the kernel_read_file_id from the dentry associated
to the file, and passes it to ima_read_file().
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_fs.
.
Signed-off-by: Roberto Sassu <roberto.sa...@huawei.com>
---
security/integrity/ima/ima_fs.c | 18 --
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index ad491c5..058d3c1 100644
--- a/se
38 matches
Mail list logo