lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <cover.1328122362.git.dmitry.kasatkin@intel.com>
Date:	Wed,  1 Feb 2012 22:25:02 +0200
From:	Dmitry Kasatkin <dmitry.kasatkin@...el.com>
To:	linux-security-module@...r.kernel.org
Cc:	jmorris@...ei.org, linux-kernel@...r.kernel.org,
	zohar@...ux.vnet.ibm.com
Subject: [RFC][PATCH v1 0/2] integrity: module integrity verification

Hi,

Here is another module verification patchset, which is based on the recently
upstreamed digital signature support used by EVM and IMA-appraisal.

The initial module verification code was dependent on IMA-appraisal and
was using security.ima extended attribute to store the signature.
Based on some feeback, it was decided to add the ability to store the
signature in a corresponding module signature file <module>.sig and also
make module checking no longer dependent on IMA-appraisal.
Having signature in a separate <module>.sig file allows to use it on filesystem,
which do not support extended attributes, e.g. network file system,
and also copying modules to target system from build system.

The initial module verification code was dependent on IMA-appraisal and
was using security.ima extended attribute to store the signature.
Based on some feeback it was decided to remove IMA dependency and also
add possibility to store the signature in the corresponding signature
file <module>.sig. It allows to use it on filesystems, which do not support
extended attributes and also allows copying of modules from build system to
the target for testing without extended attribute aware tools.

modprobe and insmod have been modified to read signature either from
extended attribute or signature file and pass it as a kernel module
parameter to load_module system call.

Signature generation is done using the same tool as for EVM/IMA: evm-utils.

These 2 patches are available on the top at #next-ima-module branch at
git://git.kernel.org/pub/scm/linux/kernel/git/kasatkin/linux-digsig.git

evm-utils and module-init-tools are available in linux-ima project GIT:
git://linux-ima.git.sourceforge.net / linux-ima/evm-utils
git://linux-ima.git.sourceforge.net / linux-ima/module-init-tools

- Dmitry

Dmitry Kasatkin (2):
  integrity: add ima_module_check hook
  integrity: verify module integrity based on signature

 Documentation/ABI/testing/securityfs-module-check |   17 ++
 include/linux/integrity.h                         |   10 +
 kernel/module.c                                   |   20 ++-
 security/integrity/Kconfig                        |   11 +
 security/integrity/Makefile                       |    1 +
 security/integrity/module.c                       |  251 +++++++++++++++++++++
 6 files changed, 305 insertions(+), 5 deletions(-)
 create mode 100644 Documentation/ABI/testing/securityfs-module-check
 create mode 100644 security/integrity/module.c

-- 
1.7.5.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ