[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1548962339-10681-1-git-send-email-zohar@linux.ibm.com>
Date: Thu, 31 Jan 2019 14:18:58 -0500
From: Mimi Zohar <zohar@...ux.ibm.com>
To: linux-integrity@...r.kernel.org
Cc: linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, Jessica Yu <jeyu@...nel.org>,
Luis Chamberlain <mcgrof@...nel.org>,
David Howells <dhowells@...hat.com>,
Seth Forshee <seth.forshee@...onical.com>,
Justin Forbes <jforbes@...hat.com>,
Matthew Garrett <mjg59@...gle.com>,
Mimi Zohar <zohar@...ux.ibm.com>
Subject: [PATCH] ima: requiring signed kernel modules
The kernel can be configured to verify the appended kernel module
signature, the IMA signature stored as an xattr, both types of
signatures, or none. On systems with secure boot enabled AND the IMA
architecture specific policy enabled, this patch set requires the file
to be signed.
Both methods of loading kernel modules - init_module and finit_module
syscalls - need to either verify the kernel module signature or prevent
the kernel module from being loaded.
"modprobe" first tries loading the kernel module via the finit_module
syscall and falls back to the init_module syscall, making it difficult
to test one syscall and then the other.
Mimi Zohar (1):
x86/ima: require signed kernel modules
arch/x86/kernel/ima_arch.c | 9 ++++++++-
include/linux/module.h | 7 ++++++-
kernel/module.c | 15 +++++++++++----
security/integrity/ima/ima_main.c | 2 +-
4 files changed, 26 insertions(+), 7 deletions(-)
--
2.7.5
Powered by blists - more mailing lists