James,
On Tue, May 15, 2018 at 05:15:52PM +0100, James Morse wrote:
> Hi Akashi,
>
> On 15/05/18 05:45, AKASHI Takahiro wrote:
> > On Fri, May 11, 2018 at 06:03:49PM +0100, James Morse wrote:
> >> On 07/05/18 06:22, AKASHI Takahiro wrote:
> >>> On Tue, May 01, 2018 at 06:46:06PM +0100, James Mors
Baoquan,
On Fri, May 18, 2018 at 09:37:35AM +0800, Baoquan He wrote:
> On 05/17/18 at 07:04pm, James Morse wrote:
> > Hi Baoquan,
> >
> > On 17/05/18 03:15, Baoquan He wrote:
> > > On 05/17/18 at 10:10am, Baoquan He wrote:
> > >> On 05/07/18 at 02:59pm, AKASHI Takahiro wrote:
> > >>> On Tue, May
Casey Schaufler writes:
> On 5/17/2018 7:48 AM, Mimi Zohar wrote:
>> In order for LSMs and IMA-appraisal to differentiate between the original
>> and new syscalls (eg. kexec, kernel modules, firmware), both the original
>> and new syscalls must call an LSM hook.
>>
>> Commit 2e72d51b4ac3 ("securi
On 05/17/18 at 07:04pm, James Morse wrote:
> Hi Baoquan,
>
> On 17/05/18 03:15, Baoquan He wrote:
> > On 05/17/18 at 10:10am, Baoquan He wrote:
> >> On 05/07/18 at 02:59pm, AKASHI Takahiro wrote:
> >>> On Tue, May 01, 2018 at 06:46:09PM +0100, James Morse wrote:
> On 25/04/18 07:26, AKASHI Ta
On 5/17/2018 7:48 AM, Mimi Zohar wrote:
> In order for LSMs and IMA-appraisal to differentiate between the original
> and new syscalls (eg. kexec, kernel modules, firmware), both the original
> and new syscalls must call an LSM hook.
>
> Commit 2e72d51b4ac3 ("security: introduce kernel_module_from_
Hi Baoquan,
On 17/05/18 03:15, Baoquan He wrote:
> On 05/17/18 at 10:10am, Baoquan He wrote:
>> On 05/07/18 at 02:59pm, AKASHI Takahiro wrote:
>>> On Tue, May 01, 2018 at 06:46:09PM +0100, James Morse wrote:
On 25/04/18 07:26, AKASHI Takahiro wrote:
> We need to prevent firmware-reserved
Don't differentiate between kernel_read_file_id READING_FIRMWARE and
READING_FIRMWARE_PREALLOC_BUFFER enumerations.
Fixes: a098ecd firmware: support loading into a pre-allocated buffer (since 4.8)
Signed-off-by: Mimi Zohar
Cc: Luis R. Rodriguez
Cc: David Howells
Cc: Kees Cook
Cc: Serge E. Hall
In order for LSMs and IMA-appraisal to differentiate between the original
and new syscalls (eg. kexec, kernel modules, firmware), both the original
and new syscalls must call an LSM hook.
Commit 2e72d51b4ac3 ("security: introduce kernel_module_from_file hook")
introduced calling security_kernel_mo
IMA-appraisal is mostly being used in the embedded or single purpose
closed system environments. In these environments, both the Kconfig
options and the userspace tools can be modified appropriately to limit
syscalls. For stock kernels, userspace applications need to continue to
work with older k
In order for LSMs and IMA-appraisal to differentiate between the
original and new syscalls, both the original and new syscalls must call
an LSM hook. This patch adds a call to security_kernel_read_blob() in
the original kexec syscall.
Signed-off-by: Mimi Zohar
Cc: Eric Biederman
Cc: Luis R. Rod
The original kexec_load syscall can not verify file signatures. This
patch differentiates between the kexec_load and kexec_file_load
syscalls.
Signed-off-by: Mimi Zohar
Cc: Eric Biederman
Cc: Luis R. Rodriguez
Cc: Kees Cook
Cc: David Howells
---
security/integrity/ima/ima.h| 1 +
se
Add an LSM hook prior to allowing firmware sysfs fallback loading.
Signed-off-by: Mimi Zohar
Cc: Luis R. Rodriguez
Cc: David Howells
Cc: Kees Cook
Changelog:
- call security_kernel_read_blob()
- rename the READING_FIRMWARE_FALLBACK kernel_read_file_id enumeration to
READING_FIRMWARE_FALLBACK_
Question: can the device access the pre-allocated buffer at any time?
By allowing devices to request firmware be loaded directly into a
pre-allocated buffer, will this allow the device access to the firmware
before the kernel has verified the firmware signature?
Is it dependent on the type of buf
IMA by default does not measure, appraise or audit files, but can be
enabled at runtime by specifying a builtin policy on the boot command line
or by loading a custom policy.
This patch defines a build time policy, which verifies kernel modules,
firmware, kexec image, and/or the IMA policy signatu
With an IMA policy requiring signed firmware, this patch prevents
the sysfs fallback method of loading firmware.
Signed-off-by: Mimi Zohar
Cc: Luis R. Rodriguez
Cc: David Howells
Cc: Matthew Garrett
---
security/integrity/ima/ima_main.c | 10 ++
1 file changed, 10 insertions(+)
diff
As IMA policy rules are added, a mask of the type of rule (eg. kexec
kernel image, firmware, IMA policy) is updated. Based on this mask,
integrity decisions can be made quickly.
Unlike custom IMA policy rules, which replace the original builtin
policy rules and update the mask, the builtin "secur
在 2018年05月15日 21:31, Tom Lendacky 写道:
> On 5/14/2018 8:51 PM, Lianbo Jiang wrote:
>> It is convenient to remap the old memory encrypted to the second kernel by
>> calling ioremap_encrypted().
>>
>> When sme enabled on AMD server, we also need to support kdump. Because
>> the memory is encrypted in
17 matches
Mail list logo