[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1271888338.2650.13.camel@localhost.localdomain>
Date: Wed, 21 Apr 2010 18:18:58 -0400
From: Mimi Zohar <zohar@...ux.vnet.ibm.com>
To: Randy Dunlap <randy.dunlap@...cle.com>
Cc: linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
James Morris <jmorris@...ei.org>,
David Safford <safford@...son.ibm.com>,
Dave Hansen <dave@...ux.vnet.ibm.com>
Subject: Re: [PATCH 00/14] EVM
On Wed, 2010-04-21 at 14:58 -0700, Randy Dunlap wrote:
> On Wed, 21 Apr 2010 17:49:40 -0400 Mimi Zohar wrote:
>
> > Extended Verification Module(EVM) detects offline tampering of the
> > security extended attributes (e.g. security.selinux, security.SMACK64,
> > security.ima), which is the basis for LSM permission decisions and,
> > with this set of patches, integrity appraisal decisions. To detect
> > offline tampering of the extended attributes, EVM maintains an
> > HMAC-sha1 across a set of security extended attributes, storing the
> > HMAC as the extended attribute 'security.evm'. To verify the integrity
> > of an extended attribute, EVM exports evm_verifyxattr(), which
> > re-calculates the HMAC and compares it with the version stored in
> > 'security.evm'.
> >
> ...
> >
> > Much appreciation to Dave Hansen, Serge Hallyn, and Matt Helsley for
> > reviewing the patches.
> >
> > Mimi
> >
> > Mimi Zohar (14):
> > integrity: move ima inode integrity data management
> > security: move LSM xattrnames to xattr.h
> > xattr: define vfs_getxattr_alloc and vfs_xattr_cmp
> > evm: re-release
> > ima: move ima_file_free before releasing the file
> > security: imbed evm calls in security hooks
> > evm: inode post removexattr
> > evm: imbed evm_inode_post_setattr
> > evm: inode_post_init
> > fs: add evm_inode_post_init calls
> > ima: integrity appraisal extension
> > ima: appraise default rules
> > ima: inode post_setattr
> > ima: add ima_inode_setxattr and ima_inode_removexattr
> > --
>
> A summary diffstat would be good to see in patch 00/14.
>
> Lacking that, at least each individual patch should have a diffstat summary
> in it. Please read Documentation/SubmittingPatches.
>
> ---
> ~Randy
Only two minor changes from the RFC posting:
0011-ima-integrity-appraisal-extension.patch adds a missing
ima_fix_xattr() call.
Index: security-testing-2.6/security/integrity/ima/ima_appraise.c
===================================================================
--- security-testing-2.6.orig/security/integrity/ima/ima_appraise.c
+++ security-testing-2.6/security/integrity/ima/ima_appraise.c
@@ -92,8 +92,13 @@ int ima_appraise_measurement(struct inte
ima_fix_xattr(dentry, iint);
integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode,
filename, op, cause, 1, 0);
- } else
+ } else {
status = INTEGRITY_PASS;
+
+ if ((status == INTEGRITY_UNKNOWN)
+ && (ima_appraise & IMA_APPRAISE_FIX))
+ ima_fix_xattr(dentry, iint);
+ }
iint->flags |= IMA_APPRAISED;
} else {
if (status == INTEGRITY_NOLABEL)
0012-ima-appraise-default-rules.patch replaces audit_log_format() calls
with ima_log_string(), introduced in Eric's patches.
Mimi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists