lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 Jan 2022 07:18:32 -0500
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     "Guozihua (Scott)" <guozihua@...wei.com>,
        Roberto Sassu <roberto.sassu@...wei.com>,
        Jonathan Corbet <corbet@....net>
Cc:     "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        wangweiyang <wangweiyang2@...wei.com>,
        Xiujianfeng <xiujianfeng@...wei.com>,
        "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>
Subject: Re: [RESEND][PATCH] Documentation: added order requirement for
 ima_hash=

On Thu, 2022-01-27 at 14:35 +0800, Guozihua (Scott) wrote:
> 
> On 2022/1/26 22:43, Roberto Sassu wrote:
> >> From: Mimi Zohar [mailto:zohar@...ux.ibm.com]
> >> Sent: Wednesday, January 26, 2022 3:35 PM
> >> On Wed, 2022-01-26 at 13:24 +0000, Roberto Sassu wrote:
> >>>> From: Mimi Zohar [mailto:zohar@...ux.ibm.com]
> >>>> Sent: Wednesday, January 26, 2022 1:48 PM
> >>>> On Wed, 2022-01-26 at 15:41 +0800, Guozihua (Scott) wrote:
> >>>>>
> >>>>>
> >>>>> The main issue lies in ima_template_desc_current called by hash_setup,
> >>>>> which does not just read ima_template global variable, but also tries to
> >>>>> set it if that hasn't been done already. Causing ima_template_setup to quit.
> >>>>
> >>>> Right, which calls ima_init_template_list().  So part of the solution
> >>>> could be to conditionally call ima_init_template_list()
> >>>> in ima_template_setup().
> >>>>
> >>>> -       if (ima_template)
> >>>> -               return 1;
> >>>> -
> >>>> -       ima_init_template_list();
> >>>> +       if (!ima_template
> >>>> +               ima_init_template_list();
> >>>>
> >>>> Roberto, what do you think?
> >>>
> >>> Hi Mimi
> >>>
> >>> I think we wanted to prevent to set a digest algorithm
> >>> incompatible with the chosen template.
> >>>
> >>> If we have in the kernel command line:
> >>>
> >>> ima_template=ima ima_hash=sha256
> >>>
> >>> ima_hash_algo would be set to HASH_ALGO_SHA1 despite
> >>> the user choice and the template would be set to 'ima'.
> >>>
> >>> In the opposite case:
> >>>
> >>> ima_hash=sha256 ima_template=ima
> >>>
> >>> if the default template is 'ima', then ima_hash_algo would be
> >>> set to HASH_ALGO_SHA1. Otherwise, it would be
> >>> HASH_ALGO_SHA256. If we allow the template to be set after
> >>> the digest algorithm is evaluated, the template selection will
> >>> be rejected if the algorithm is incompatible with the template.
> >>
> >> The only time that would occur is in the unlikely case that the
> >> template is being set to "ima".   That sounds reasonable.  In fact we
> >> should consider preventing the template format being set to "ima".
> > 
> > Ok.

< snip >

> 
> I understand that the solution proposed here is to decommission template 
> "ima" and potentially removing related algo checks altogether?

Eventually we might decide to do that, but right now we just want to
address not being able to set "ima_template" after setting "ima_hash".

thanks,

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ