The configured IMA measurement list template format can be replaced at
runtime on the boot command line, including a custom template format.
This patch adds support for restoring a measuremement list containing
multiple builtin/custom template formats.
Signed-off-by: Mimi Zohar
---
security
On Thu, 2016-09-08 at 23:07 -0500, Eric W. Biederman wrote:
> Thiago Jung Bauermann writes:
>
> > Am Mittwoch, 07 September 2016, 09:19:40 schrieb Eric W. Biederman:
> >> ebied...@xmission.com (Eric W. Biederman) writes:
> >> > Thiago Jung Bauermann writes:
> >> >> Hello,
> >> >>
> >> >> The pu
template per boot.
Changelog v2:
- fix lookup_template_desc() preemption imbalance (kernel test robot)
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 2 ++
security/integrity/ima/ima_main.c | 1 +
security/integrity/ima/ima_template.c | 43
ystems
expecting the binary_runtime_measurements list to be in platform native
format.
Changelog v3:
- restore PCR value properly
Signed-off-by: Mimi Zohar
---
Documentation/kernel-parameters.txt | 4
security/integrity/ima/ima.h | 6 ++
security/integrity/ima/ima
ormat.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_fs.c| 2 +-
security/integrity/ima/ima_kexec.c | 51 ++
3 files changed, 53 insertions(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima.h b/sec
-off-by: Mimi Zohar
---
security/integrity/ima/ima_crypto.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/security/integrity/ima/ima_crypto.c
b/security/integrity/ima/ima_crypto.c
index 38f2ed8..802d5d2 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security
-by: Mimi Zohar
---
include/linux/ima.h| 12 +
kernel/kexec_file.c| 4 ++
security/integrity/ima/ima_kexec.c | 96 ++
3 files changed, 112 insertions(+)
diff --git a/include/linux/ima.h b/include/linux/ima.h
index 0eb7c2e
try is the delimiter between soft
boots.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_queue.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima/ima_queue.c
b/security/integrity/ima/ima_queue.c
index 4b1bb77..12d1b04 100644
---
In preparation for serializing the binary_runtime_measurements, this patch
maintains the amount of memory required.
Changelog v3:
- include the ima_kexec_hdr size in the binary_runtime_measurement size.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/Kconfig | 12 +
security
d in the respective
patch changelog.
Changelog v2:
- Canonical measurement list support added
- Redefined the ima_kexec_hdr struct to use well defined sizes
Mimi
Andreas Steffen (1):
ima: platform-independent hash value
Mimi Zohar (7):
ima: on soft reboot, restore the measurement list
ima
Hi Dave,
On Thu, 2016-09-01 at 09:57 +0800, Dave Young wrote:
> On 08/30/16 at 06:40pm, Mimi Zohar wrote:
> > + * Called during kexec_file_load so that IMA can add a segment to the kexec
> > + * image for the measurement list for the next kernel.
> > + */
> > +void
On Wed, 2016-08-31 at 13:50 -0700, Andrew Morton wrote:
> On Tue, 30 Aug 2016 18:40:02 -0400 Mimi Zohar
> wrote:
>
> > The TPM PCRs are only reset on a hard reboot. In order to validate a
> > TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
-off-by: Mimi Zohar
---
security/integrity/ima/ima_crypto.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/security/integrity/ima/ima_crypto.c
b/security/integrity/ima/ima_crypto.c
index 38f2ed8..38d6f5d 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security
ormat.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_fs.c| 2 +-
security/integrity/ima/ima_kexec.c | 51 ++
3 files changed, 53 insertions(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima.h b/sec
In preparation for serializing the binary_runtime_measurements, this patch
maintains the amount of memory required.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/Kconfig | 12 ++
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_queue.c | 49
template per boot.
Changelog v2:
- fix lookup_template_desc() preemption imbalance (kernel test robot)
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 2 ++
security/integrity/ima/ima_main.c | 1 +
security/integrity/ima/ima_template.c | 43
ystems
expecting the binary_runtime_measurements list to be in platform native
format.
Signed-off-by: Mimi Zohar
---
Documentation/kernel-parameters.txt | 4
security/integrity/ima/ima.h | 6 ++
security/integrity/ima/ima_fs.c | 28 +---
se
ch of:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
Mimi
Andreas Steffen (1):
ima: platform-independent hash value
Mimi Zohar (7):
ima: on soft reboot, restore the measurement list
ima: permit duplicate measurement list entries
ima: maintain memory size needed f
Signed-off-by: Mimi Zohar
---
include/linux/ima.h| 12 ++
kernel/kexec_file.c| 4 ++
security/integrity/ima/ima_kexec.c | 88 ++
3 files changed, 104 insertions(+)
diff --git a/include/linux/ima.h b/include/linux/ima.h
index
try is the delimiter between soft
boots.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_queue.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima/ima_queue.c
b/security/integrity/ima/ima_queue.c
index 4b1bb77..12d1b04 100644
---
On Thu, 2016-08-25 at 19:17 -0300, Thiago Jung Bauermann wrote:
> Am Donnerstag, 25 August 2016, 14:12:43 schrieb Andrew Morton:
> > I grabbed these two patch series. I also merged the "IMA:
> > Demonstration code for kexec buffer passing." demonstration patch just
> > to get things a bit of testi
On Thu, 2016-08-11 at 17:38 +1000, Balbir Singh wrote:
>
> On 09/08/16 22:36, Mimi Zohar wrote:
> > On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote:
> >>
> >> On 04/08/16 22:24, Mimi Zohar wrote:
> >>> The TPM PCRs are only reset on a hard reboot.
On Wed, 2016-08-10 at 19:52 +1000, Michael Ellerman wrote:
> Thiago Jung Bauermann writes:
>
> > Am Mittwoch, 10 August 2016, 13:41:08 schrieb Michael Ellerman:
> >> Thiago Jung Bauermann writes:
> >> > Am Dienstag, 09 August 2016, 09:01:13 schrieb Mimi Zohar:
On Tue, 2016-08-09 at 09:55 -0400, Mimi Zohar wrote:
> On Tue, 2016-08-09 at 10:19 -0300, Thiago Jung Bauermann wrote:
> > Am Dienstag, 09 August 2016, 09:01:13 schrieb Mimi Zohar:
> > > On Tue, 2016-08-09 at 20:59 +1000, Michael Ellerman wrote:
> > > > Mimi Zohar
On Tue, 2016-08-09 at 13:35 +, David Laight wrote:
> Also why '__packed' - guarantees sub-optimal code generation.
> Much better to include explicit padding to align everything.
This patch set does not define a new format, but piggy backs on top of
the existing /ima/binary_runtime_measurement
On Tue, 2016-08-09 at 10:19 -0300, Thiago Jung Bauermann wrote:
> Am Dienstag, 09 August 2016, 09:01:13 schrieb Mimi Zohar:
> > On Tue, 2016-08-09 at 20:59 +1000, Michael Ellerman wrote:
> > > Mimi Zohar writes:
> > > > diff --git a/security/integrity/ima/ima.h
&g
On Tue, 2016-08-09 at 20:59 +1000, Michael Ellerman wrote:
> Mimi Zohar writes:
>
> > diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> > index b5728da..84e8d36 100644
> > --- a/security/integrity/ima/ima.h
> > +++ b/security/integrity/i
On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote:
>
> On 04/08/16 22:24, Mimi Zohar wrote:
> > The TPM PCRs are only reset on a hard reboot. In order to validate a
> > TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
> > of the running
Hi Petko,
Thank you for review!
On Fri, 2016-08-05 at 11:44 +0300, Petko Manolov wrote:
> On 16-08-04 08:24:29, Mimi Zohar wrote:
> > The TPM PCRs are only reset on a hard reboot. In order to validate a
> > TPM's quote after a soft reboot (eg. kexec -e), the IMA measure
template per boot.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 2 ++
security/integrity/ima/ima_main.c | 1 +
security/integrity/ima/ima_template.c | 37 +++
3 files changed, 32 insertions(+), 8 deletions(-)
diff --git a/security
In preparation for serializing the binary_runtime_measurements, this patch
maintains the amount of memory required.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/Kconfig | 12 ++
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_queue.c | 49
Bauermann
Signed-off-by: Mimi Zohar
---
include/linux/ima.h| 15 +++
kernel/kexec_file.c| 3 ++
security/integrity/ima/ima_kexec.c | 83 ++
3 files changed, 101 insertions(+)
diff --git a/include/linux/ima.h b/include/linux/ima.h
rialized measurement list across the kexec.
Mimi
*https://lists.infradead.org/pipermail/kexec/2016-June/016157.html
Mimi Zohar (6):
ima: on soft reboot, restore the measurement list
ima: permit duplicate measurement list entries
ima: maintain memory size needed for serializing the measurement
try is the delimiter between soft
boots.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_queue.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima/ima_queue.c
b/security/integrity/ima/ima_queue.c
index 4b1bb77..12d1b04 100644
---
ormat.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_fs.c| 2 +-
security/integrity/ima/ima_kexec.c | 51 ++
3 files changed, 53 insertions(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima.h b/sec
This patch defines a new IMA hook named ima_add_measurement_check()
for including pre-calculated measurements in the IMA measurement list.
Signed-off-by: Mimi Zohar
---
Documentation/ABI/testing/ima_policy | 2 +-
include/linux/ima.h | 12
security/integrity/ima/Kconfig
, buffer length and a buffer identifier.
Signed-off-by: Mimi Zohar
---
include/linux/ima.h | 11 +
security/integrity/ima/Makefile | 2 +-
security/integrity/ima/ima.h| 2 +
security/integrity/ima/ima_buffer.c | 82 +
security
This patch defines the buffer identifier "KEXEC_CMDLINE_CHECK" for
measuring the boot command line.
eg: echo -n -e `cat /proc/cmdline | sed 's/^.*root=/root=/'` | sha256sum
Signed-off-by: Mimi Zohar
---
Documentation/ABI/testing/ima_policy | 1 +
include/linux/ima.h
measure the kexec boot command
line, while the latter could be used for including asymmetric key id
information.
Mimi Zohar (3):
ima: measure other types of data
kexec: measure boot command line
ima: add pre-calculated measurements (experimental)
Documentation/ABI/testing/ima_policy | 1
Hi Dave,
On Wed, 2016-06-22 at 09:20 +0800, Dave Young wrote:
> On 06/20/16 at 10:44pm, Thiago Jung Bauermann wrote:
> > Hello,
> >
> > This patch series implements a mechanism which allows the kernel to pass on
> > a buffer to the kernel that will be kexec'd. This buffer is passed as a
> > segme
y
Kees Cook.
Cc: Rusty Russell
Cc: Andrew Morton
Cc: Greg Kroah-Hartman
Cc: David Howells
Cc: Kees Cook
Cc: Casey Schaufler
Cc: Ming Lei
Cc: Takashi Iwai
Cc: Vojtěch Pavlík
Cc: Kyle McMartin
Cc: Matthew Garrett
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-of
kernel_fw_from_file() hook and security call.
Changelog v3:
- remove kernel_fw_from_file hook
- use kernel_file_read_from_path() - requested by Luis
v2:
- reordered and squashed firmware patches
- fix MAX firmware size (Kees Cook)
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Add support for measuring and appraising the IMA policy itself.
Changelog v4:
- use braces on both if/else branches, even if single line on one of the
branches - Dmitry
- Use the id mapping - Dmitry
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry Kasatkin
---
security
From: Kees Cook
This makes the error and success paths more readable while trying to
load firmware from the filesystem.
Signed-off-by: Kees Cook
Cc: Josh Boyer
Cc: David Howells
Acked-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 12 +---
1
From: "Luis R. Rodriguez"
This will be re-used later through a new extensible interface.
Reviewed-by: Josh Boyer
Signed-off-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
---
drivers/base/firmware_class.c | 14 ++
1 file changed, 10 insert
Require the IMA policy to be signed when additional rules can be added.
v1:
- initialize the policy flag
- include IMA_APPRAISE_POLICY in the policy flag
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry Kasatkin
---
security/integrity/ima/ima_policy.c | 7 +++
1 file
, moving copy_file_from_fd() to a separate patch
- split patch, moving IMA changes to a separate patch
v0:
- use kstat file size type loff_t, not size_t
- Calculate the file hash from the in memory buffer - Dave Young
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc
module
twice, once for measuring/appraising and again for loading the kernel
module, the signature validation is moved to the kernel_post_read_file()
security hook.
This patch removes the security_kernel_module_from_file() hook and security
call.
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked
This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the kernel modules patch
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc: Al Viro
Signed-off-by: Mimi Zohar
---
fs/exec.c | 16
include
:
- replaced switch statement with a kernel_read_file_id to an ima_hooks
id mapping array - Dmitry
- renamed ima_hook tokens KEXEC_CHECK and INITRAMFS_CHECK to
KEXEC_KERNEL_CHECK and KEXEC_INITRAMFS_CHECK respectively - Dave Young
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry
This patch defines kernel_read_file_from_path(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the IMA patch
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc: Al Viro
---
fs/exec.c | 22 ++
include/linux
simplifies adding support for other files read by the kernel.
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry Kasatkin
---
security/integrity/iint.c | 4 ++--
security/integrity/ima/ima.h | 3 ++-
security/integrity/ima/ima_appraise.c | 35
a separate patch
v2:
- after re-ordering the patches, replace calling integrity_kernel_read()
to read the file with kernel_read_file_from_path() (Mimi)
- Patch description re-written by Luis R. Rodriguez
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
include/linux/fs.h
The kernel_read_file security hook is called prior to reading the file
into memory.
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Acked-by: Casey Schaufler
---
fs/exec.c | 4
include/linux/ima.h | 6 ++
include
some of these differences.
This patch introduces a common function for reading files from the kernel
with the corresponding security post-read hook and function.
Changelog v3:
- additional bounds checking - Luis
v2:
- To simplify patch review, re-ordered patches
Signed-off-by: Mimi Zohar
Reviewed
ima_hash_and_process_file() to ima_post_read_file()
v1:
- split patch
Signed-off-by: Mimi Zohar
Acked-by: Dmitry Kasatkin
---
include/linux/ima.h | 8 +++
include/linux/security.h | 1 +
security/integrity/ima/ima.h | 4 +++-
security/integrity/ima/ima_api.c
fer hash calculation function
ima: load policy using path
Kees Cook (1):
firmware: clean up filesystem load exit path
Luis R. Rodriguez (2):
firmware: simplify dev_*() print messages for generic helpers
firmware: move completing fw into a helper
Mimi Zohar (14):
vfs: define a generic func
.
Changelog v3:
- Replace the IMA specific enumeration with a generic one.
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc: Al Viro
---
fs/exec.c | 4 ++--
include/linux/fs.h| 7 ++-
include/linux/lsm_hooks.h | 4 +++-
include/linux
From: Dmitry Kasatkin
This patch provides convenient buffer hash calculation function.
Changelog v3:
- fix while hash calculation - Dmitry
v1:
- rewrite to support loff_t sized buffers - Mimi
(based on Fenguang Wu's testing)
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi
Setting up ahash has some overhead. Only use ahash to calculate the
hash of a buffer, if the buffer is larger than ima_ahash_minsize.
Signed-off-by: Mimi Zohar
Acked-by: Dmitry Kasatkin
---
security/integrity/ima/ima_crypto.c | 75 -
1 file changed, 73
On Fri, 2016-02-12 at 20:53 +0800, Dave Young wrote:
> Hi, Mimi
>
> > diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> > index a5d2592..832e62a 100644
> > --- a/security/integrity/ima/ima.h
> > +++ b/security/integrity/ima/ima.h
> > @@ -147,6 +147,8 @@ enum ima_hooks {
>
On Thu, 2016-02-11 at 08:54 -0800, Casey Schaufler wrote:
> On 2/3/2016 11:06 AM, Mimi Zohar wrote:
> > The kernel_read_file security hook is called prior to reading the file
> > into memory.
> >
> > Signed-off-by: Mimi Zohar
>
> Acked-by: Casey Schaufler
>
On Thu, 2016-02-11 at 10:47 +0200, Dmitry Kasatkin wrote:
> On Thu, Feb 11, 2016 at 4:08 AM, Mimi Zohar wrote:
> static int idmap[] = {
> [READING_FIRMWARE] = FIRMWARE_CHECK,
> [READING_MODULE] = MODULE_CHECK,
> ...
> };
That works nicely, even w
On Thu, 2016-02-11 at 01:55 +0200, Dmitry Kasatkin wrote:
> On Feb 11, 2016 1:22 AM, "Mimi Zohar" wrote:
> >
> > On Wed, 2016-02-10 at 23:09 +0200, Dmitry Kasatkin wrote:
> > > On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar
> wrote:
> > > >
On Wed, 2016-02-10 at 23:09 +0200, Dmitry Kasatkin wrote:
> On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote:
> > Add IMA policy support for measuring/appraising the kexec image and
> > initramfs.
> >
> > Moving the enumeration to the vfs layer simplified the patches, a
On Wed, 2016-02-10 at 22:22 +0200, Dmitry Kasatkin wrote:
> On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote:
> > Add support for measuring and appraising the IMA policy itself.
> >
> > Signed-off-by: Mimi Zohar
>
> Acked-by: Dmitry Kasatkin
>
> But from
On Wed, 2016-02-10 at 22:18 +0200, Dmitry Kasatkin wrote:
> > diff --git a/security/integrity/ima/ima_appraise.c
> > b/security/integrity/ima/ima_appraise.c
> > index cb0d0ff..6b4694a 100644
> > --- a/security/integrity/ima/ima_appraise.c
> > +++ b/security/integrity/ima/ima_appraise.c
> > @@ -74
On Sun, 2016-02-07 at 22:10 +0200, Petko Manolov wrote:
> On 16-02-03 14:06:27, Mimi Zohar wrote:
> > Option 3: incorportate the ima_hooks enumeration into kernel_read_file_id,
> > perhaps changing the enumeration name.
> >
> > For now, duplicate the new READI
On Mon, 2016-02-08 at 10:45 +, Dmitry Kasatkin wrote:
> > > @@ -286,9 +322,12 @@ static ssize_t ima_write_policy(struct file *file,
> > > const char __user *buf,
> > > result = mutex_lock_interruptible(&ima_write_mutex);
> > > if (result < 0)
> > > goto out_free;
> >
On Thu, 2016-02-04 at 20:56 +0100, Luis R. Rodriguez wrote:
> On Wed, Feb 03, 2016 at 02:06:24PM -0500, Mimi Zohar wrote:
> > Replace copy_module_from_fd() with kernel_read_file_from_fd().
> >
> > Although none of the upstreamed LSMs define a kernel_module_from_file
> >
On Thu, 2016-02-04 at 10:15 -0800, Kees Cook wrote:
> On Wed, Feb 3, 2016 at 11:06 AM, Mimi Zohar wrote:
> > For a while it was looked down upon to directly read files from Linux.
> > These days there exists a few mechanisms in the kernel that do just this
> > though to loa
> > Cc: Josh Boyer
> > Cc: David Howells
> > Cc: Luis R. Rodriguez
> > Cc: Mimi Zohar
>
> Thanks,
>
> Acked-by: Luis R. Rodriguez
>
> > ---
> > Suggested as an alternative to "[PATCH v3 06/22] firmware: fold successful
> > fw read e
y
Kees Cook.
Cc: Rusty Russell
Cc: Andrew Morton
Cc: Greg Kroah-Hartman
Cc: David Howells
Cc: Kees Cook
Cc: Casey Schaufler
Cc: Ming Lei
Cc: Takashi Iwai
Cc: Vojtěch Pavlík
Cc: Kyle McMartin
Cc: Matthew Garrett
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-of
some of these differences.
This patch introduces a common function for reading files from the kernel
with the corresponding security post-read hook and function.
Changelog v3:
- additional bounds checking - Luis
v2:
- To simplify patch review, re-ordered patches
Signed-off-by: Mimi Zohar
Reviewed
This patch defines kernel_read_file_from_path(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the IMA patch
Signed-off-by: Mimi Zohar
---
fs/exec.c | 22 ++
include/linux/fs.h | 2 ++
2 files changed, 24 insertions(+)
diff --git a
This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the kernel modules patch
Signed-off-by: Mimi Zohar
---
fs/exec.c | 16
include/linux/fs.h | 2 ++
2 files changed, 18 insertions(+)
diff --git
the kexec changes
in "kexec: replace call to copy_file_from_fd() with kernel version".
Signed-off-by: Mimi Zohar
---
include/linux/ima.h | 8 +++
include/linux/security.h | 1 +
security/integrity/ima/ima.h | 4 +++-
security/integrity/ima
simplifies adding support for other files read by the kernel.
Signed-off-by: Mimi Zohar
---
security/integrity/iint.c | 4 ++--
security/integrity/ima/ima.h | 3 ++-
security/integrity/ima/ima_appraise.c | 35 ---
security/integrity/ima
Setting up ahash has some overhead. Only use ahash to calculate the
hash of a buffer, if the buffer is larger than ima_ahash_minsize.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_crypto.c | 75 -
1 file changed, 73 insertions(+), 2 deletions
Define and call a function to display the "ima_hooks" rules.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_policy.c | 63 +
1 file changed, 36 insertions(+), 27 deletions(-)
diff --git a/security/integrity/ima/ima_policy.c
b/security
Cleanup the function arguments by using "ima_hooks" enumerator as needed.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 25 +
security/integrity/ima/ima_api.c | 6 +++---
security/integrity/ima/ima_appraise.c | 13 +++--
kernel_fw_from_file() hook and security call.
Changelog v3:
- remove kernel_fw_from_file hook
- use kernel_file_read_from_path() - requested by Luis
v2:
- reordered and squashed firmware patches
- fix MAX firmware size (Kees Cook)
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 48
Add support for measuring and appraising the IMA policy itself.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_fs.c | 9 -
security/integrity/ima/ima_main.c | 3 +++
security/integrity/ima/ima_policy.c | 10 +-
4
From: David Howells
We'll be folding in some more checks on fw_read_file_contents(),
this will make the success case easier to follow.
Reviewed-by: Josh Boyer
Signed-off-by: David Howells
Signed-off-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c
module
twice, once for measuring/appraising and again for loading the kernel
module, the signature validation is moved to the kernel_post_read_file()
security hook.
This patch removes the security_kernel_module_from_file() hook and security
call.
Signed-off-by: Mimi Zohar
---
include/linux/fs.h
ocess_file() allocating memory, the caller
allocates and frees the memory.
- Moved the kexec measurement/appraisal call to copy_file_from_fd(). The
same call now measures and appraises both the kexec image and initramfs.
Signed-off-by: Mimi Zohar
---
include/linux/fs.h | 2 ++
kernel/kexec_f
{
enum ima_hooks func_id;
enum kernel_read_file_id read_id;
};
};
Option 3: incorportate the ima_hooks enumeration into kernel_read_file_id,
perhaps changing the enumeration name.
For now, duplicate the new READING_KEXEC_IMAGE/INITRAMFS in ima_hooks.
Signed-off-by: Mimi
The kernel_read_file security hook is called prior to reading the file
into memory.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4
include/linux/ima.h | 6 ++
include/linux/lsm_hooks.h | 8
include/linux/security.h | 7
a separate patch
v2:
- after re-ordering the patches, replace calling integrity_kernel_read()
to read the file with kernel_read_file_from_path() (Mimi)
- Patch description re-written by Luis R. Rodriguez
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
include/linux/fs.h
Require the IMA policy to be signed when additional rules can be added.
v1:
- initialize the policy flag
- include IMA_APPRAISE_POLICY in the policy flag
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_policy.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/security
.
Changelog v3:
- Replace the IMA specific enumeration with a generic one.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4 ++--
include/linux/fs.h| 7 ++-
include/linux/lsm_hooks.h | 4 +++-
include/linux/security.h | 7 +--
security/security.c | 5 +++--
5
firmware: simplify dev_*() print messages for generic helpers
firmware: move completing fw into a helper
Mimi Zohar (16):
ima: refactor ima_policy_show() to display "ima_hooks" rules
ima: use "ima_hooks" enum as function argument
vfs: define a generic function
From: "Luis R. Rodriguez"
This will be re-used later through a new extensible interface.
Reviewed-by: Josh Boyer
Signed-off-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
di
From: Dmitry Kasatkin
This patch provides convenient buffer hash calculation function.
Changelog v3:
- fix while hash calculation - Dmitry
v1:
- rewrite to support loff_t sized buffers - Mimi
(based on Fenguang Wu's testing)
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi
lgo to the ima_collect_measurement().
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 15 +++
security/integrity/ima/ima_api.c | 15 +++
security/integrity/ima/ima_appraise.c | 25 ++---
security/int
Hi Dave,
On Tue, 2016-01-26 at 09:20 +0800, Dave Young wrote:
> Hi, Mimi
>
> On 01/25/16 at 10:04am, Mimi Zohar wrote:
> > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > Hi, Mimi
> > >
> > > Besides of code issues, I have several thing
On Mon, 2016-01-25 at 21:34 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 25, 2016 at 10:04:18AM -0500, Mimi Zohar wrote:
> > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > Hi, Mimi
> > >
> > > Besides of code issues, I have several thing to be
On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> Hi, Mimi
>
> Besides of code issues, I have several thing to be understand:
>
> What is the effect to kexec behavior with this patchset?
> - without IMA enabled (kconfig or kernel cmdline) it will be same as before?
Yes, without IMA config
On Thu, 2016-01-21 at 10:45 -0500, Paul Moore wrote:
> On Thursday, January 21, 2016 08:12:12 AM Mimi Zohar wrote:
> > Paul, Casey, Kees, Jon, Tetsuo does it make sense to consolidate the
> > module, firmware, and kexec pre and post security hooks and have just
> > one set of
On Thu, 2016-01-21 at 08:56 -0800, Luis R. Rodriguez wrote:
> On Thu, Jan 21, 2016 at 5:12 AM, Mimi Zohar wrote:
> > On Thu, 2016-01-21 at 01:03 +0100, Luis R. Rodriguez wrote:
> >> On Mon, Jan 18, 2016 at 10:11:23AM -0500, Mimi Zohar wrote:
> >> >
301 - 400 of 454 matches
Mail list logo