| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <883d61fcbaf173759ca5674173c6b80ecd7d0b69.camel@linux.ibm.com>
Date: Thu, 03 Jun 2021 10:30:29 -0400
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Roberto Sassu <roberto.sassu@...wei.com>, mjg59@...f.ucam.org
Cc: linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RESEND][PATCH v2 6/7] ima: Define new template evm-sig
On Thu, 2021-06-03 at 15:17 +0200, Roberto Sassu wrote:
> With the recent introduction of the evmsig template field, remote verifiers
> can obtain the EVM portable signature instead of the IMA signature, to
> verify file metadata.
>
> After introducing the new fields to include file metadata in the
> measurement list, this patch finally defines the evm-sig template, whose
> format is:
>
> d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode
>
> xattrnames, xattrlengths and xattrvalues are populated only from defined
> EVM protected xattrs, i.e. the ones that EVM considers to verify the
> portable signature. xattrnames and xattrlengths are populated only if the
> xattr is present.
>
> xattrnames and xattrlengths are not necessary for verifying the EVM
> portable signature, but they are included for completeness of information,
> if a remote verifier wants to infer more from file metadata.
>
> Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
> Signed-off-by: Mimi Zohar <zohar@...ux.ibm.com>
> ---
> Documentation/security/IMA-templates.rst | 1 +
> security/integrity/ima/ima_template.c | 5 ++++-
> 2 files changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst
> index 6a58760a0a35..5adc22f99496 100644
> --- a/Documentation/security/IMA-templates.rst
> +++ b/Documentation/security/IMA-templates.rst
> @@ -91,6 +91,7 @@ Below, there is the list of defined template descriptors:
> - "ima-sig": its format is ``d-ng|n-ng|sig``;
> - "ima-buf": its format is ``d-ng|n-ng|buf``;
> - "ima-modsig": its format is ``d-ng|n-ng|sig|d-modsig|modsig``;
> + - "evm-sig": its format is ``d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode``;
>
>
> Use
> diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
> index 159a31d2fcdf..a85963853a91 100644
> --- a/security/integrity/ima/ima_template.c
> +++ b/security/integrity/ima/ima_template.c
> @@ -22,6 +22,8 @@ static struct ima_template_desc builtin_templates[] = {
> {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"},
> {.name = "ima-buf", .fmt = "d-ng|n-ng|buf"},
> {.name = "ima-modsig", .fmt = "d-ng|n-ng|sig|d-modsig|modsig"},
> + {.name = "evm-sig",
> + .fmt = "d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode"},
> {.name = "", .fmt = ""}, /* placeholder for a custom format */
> };
>
> @@ -69,7 +71,8 @@ static const struct ima_template_field supported_fields[] = {
> * need to be accounted for since they shouldn't be defined in the same template
> * description as 'd-ng' and 'n-ng' respectively.
> */
> -#define MAX_TEMPLATE_NAME_LEN sizeof("d-ng|n-ng|sig|buf|d-modisg|modsig")
> +#define MAX_TEMPLATE_NAME_LEN \
> + sizeof("d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode")
>
> static struct ima_template_desc *ima_template;
> static struct ima_template_desc *ima_buf_template;
Thanks, Roberto.
Updated and merged next-integrity-testing, next-integrity branches.
thanks,
Mimi
Powered by blists - more mailing lists