linux-kernel - Re: [PATCH 2/2] ima: Fail rule parsing when asymmetric key measurement isn't supportable

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <b9dc379d-0529-692e-9b7d-dce5ad893eb7@linux.microsoft.com>
Date:   Tue, 28 Jul 2020 07:14:16 -0700
From:   Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To:     Tyler Hicks <tyhicks@...ux.microsoft.com>,
        Mimi Zohar <zohar@...ux.ibm.com>,
        Dmitry Kasatkin <dmitry.kasatkin@...il.com>
Cc:     James Morris <jmorris@...ei.org>,
        "Serge E . Hallyn" <serge@...lyn.com>,
        Tushar Sugandhi <tusharsu@...ux.microsoft.com>,
        Nayna Jain <nayna@...ux.ibm.com>, linux-kernel@...r.kernel.org,
        linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH 2/2] ima: Fail rule parsing when asymmetric key
 measurement isn't supportable

On 7/27/20 7:08 AM, Tyler Hicks wrote:
> Measuring keys is currently only supported for asymmetric keys. In the
> future, this might change.
> 
> For now, the "func=KEY_CHECK" and "keyrings=" options are only
> appropriate when CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS is enabled. Make
> this clear at policy load so that IMA policy authors don't assume that
> these policy language constructs are supported.
> 
> Fixes: 2b60c0ecedf8 ("IMA: Read keyrings= option from the IMA policy")
> Fixes: 5808611cccb2 ("IMA: Add KEY_CHECK func to measure keys")
> Suggested-by: Nayna Jain <nayna@...ux.ibm.com>
> Signed-off-by: Tyler Hicks <tyhicks@...ux.microsoft.com>
> ---
>   security/integrity/ima/ima_policy.c | 6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
> index c328cfa0fc49..05f012fd3dca 100644
> --- a/security/integrity/ima/ima_policy.c
> +++ b/security/integrity/ima/ima_policy.c
> @@ -1233,7 +1233,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
>   				entry->func = POLICY_CHECK;
>   			else if (strcmp(args[0].from, "KEXEC_CMDLINE") == 0)
>   				entry->func = KEXEC_CMDLINE;
> -			else if (strcmp(args[0].from, "KEY_CHECK") == 0)
> +			else if (IS_ENABLED(CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS) &&
> +				 strcmp(args[0].from, "KEY_CHECK") == 0)
>   				entry->func = KEY_CHECK;
>   			else
>   				result = -EINVAL;
> @@ -1290,7 +1291,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
>   		case Opt_keyrings:
>   			ima_log_string(ab, "keyrings", args[0].from);
>   
> -			if (entry->keyrings) {
> +			if (!IS_ENABLED(CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS) ||
> +			    entry->keyrings) {
>   				result = -EINVAL;
>   				break;
>   			}
> 

Reviewed-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>