lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <69810007161e689ac817099fb1c6df21962963e4.camel@linux.ibm.com>
Date:   Wed, 05 Aug 2020 13:03:28 -0400
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     Tyler Hicks <tyhicks@...ux.microsoft.com>,
        Casey Schaufler <casey@...aufler-ca.com>
Cc:     Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>,
        stephen.smalley.work@...il.com, sashal@...nel.org,
        jmorris@...ei.org, linux-integrity@...r.kernel.org,
        selinux@...r.kernel.org, linux-security-module@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v6 0/4] LSM: Measure security module data

On Wed, 2020-08-05 at 10:45 -0500, Tyler Hicks wrote:

> In addition to SELINUX_STATE and SELINUX_POLICY, we should also consider
> the proposed LSM_STATE and LSM_POLICY func values but require an "lsm"
> rule conditional.
> 
> So the current proposed rules:
> 
>  measure func=LSM_STATE
>  measure func=LSM_POLICY
> 
> Would become:
> 
>  measure func=LSM_STATE lsm=selinux
>  measure func=LSM_POLICY lsm=selinux
> 
> The following rules would be rejected:
> 
>  measure func=LSM_STATE
>  measure func=LSM_POLICY
>  measure func=LSM_STATE lsm=apparmor
>  measure func=LSM_POLICY lsm=smack

Kees is cleaning up the firmware code which differentiated between how
firmware was loaded.   There will be a single firmware enumeration.

Similarly, the new IMA hook to measure critical state may be placed in
multiple places.  Is there really a need from a policy perspective for
differentiating the source of the critical state being measurind?   The
data being measured should include some identifying information.

I think moving away from the idea that measuring "critical" data should
be limited to LSMs, will clarify this.

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ