lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 12 May 2019 17:21:17 -0700
To:     Mimi Zohar <>,
        Dominik Brodowski <>
CC:     Roberto Sassu <>,,,,,,,,,,,,,,,
Subject: Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk

On May 12, 2019 5:02:30 PM PDT, Mimi Zohar <> wrote:
>On Sun, 2019-05-12 at 17:31 +0200, Dominik Brodowski wrote:
>> On Sun, May 12, 2019 at 08:52:47AM -0400, Mimi Zohar wrote:
>> > It's too late.  The /init itself should be signed and verified.
>> Could you elaborate a bit more about the threat model, and why
>> this to the initramfs is too late?
>The IMA policy defines a number of different methods of identifying
>which files to measure, appraise, audit.[1]  Without xattrs, the
>granularity of the policy rules is severely limited.  Without xattrs,
>a filesystem is either in policy, or not.
>With an IMA policy rule requiring rootfs (tmpfs) files to be verified,
>then /init needs to be properly labeled, otherwise /init will fail to
>[1] Documentation/ABI/testing/ima_policy

And the question is what is the sense in that, especially if /init is provided as play of the kernel itself.
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Powered by blists - more mailing lists