path() (Mimi)
Changelog v2:
- Patch description re-written by Luis R. Rodriguez
Signed-off-by: Dmitry Kasatkin <d.kasat...@samsung.com>
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c | 21
include/linux/fs.h |
- Instead of ima_read_and_process_file() allocating memory, the caller
allocates and frees the memory.
- Moved the kexec measurement/appraisal call to copy_file_from_fd(). The
same call now measures and appraises both the kexec image and initramfs.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
Documenta
the
security_kernel_module_from_file() function.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c | 4 +++
include/linux/ima.h | 1 +
include/linux/lsm_hooks.h | 8 +
include/linux/security.h | 3 +-
kernel/mo
tains just the IMA changes. The
kexec and initramfs changes are with the rest of the kexec changes
in "kexec: replace call to copy_file_from_fd() with kernel version".
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c |
into memory.
This patch retains the kernel_fw_from_file() hook, which is called from
security_kernel_post_read_file(), but removes the
sercurity_kernel_fw_from_file() function.
Changelog:
- reordered and squashed firmware patches
- fix MAX firmware size (Kees Cook)
Signed-off-by: Mimi Zohar <
[1] Taken from Luis Rodriguez's wiki -
http://kernelnewbies.org/KernelProjects/common-kernel-loader
Mimi
Dmitry Kasatkin (3):
ima: separate 'security.ima' reading functionality from collect
ima: provide buffer hash calculation function
ima: load policy using path
Mimi Zohar (8):
vfs: defin
some of these differences.
This patch introduces a common function for reading files from the kernel
with the corresponding security post-read hook and function.
Changelog v1:
- To simplify patch review, re-ordered patches
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/
Require the IMA policy to be signed when additional rules can be added.
Changelog v2:
- add union name "hooks" to fix sparse warning
v1:
- initialize the policy flag
- include IMA_APPRAISE_POLICY in the policy flag
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
securi
This patch adds support for measuring and appraising the IMA policy
itself.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
security/integrity/ima/ima.h| 1 +
security/integrity/ima/ima_fs.c | 9 -
security/integrity/ima/ima_policy.c | 14 --
3
the
security_kernel_module_from_file() function.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c | 4 +++
include/linux/ima.h | 1 +
include/linux/lsm_hooks.h | 8 +
include/linux/security.h | 3 +-
kernel/mo
the
security_kernel_fw_from_file() function.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
drivers/base/firmware_class.c | 51 +--
include/linux/ima.h | 6 -
include/linux/security.h | 8 +-
security/integrity/ima/ima_main.
with the corresponding security post-read hook and
function.
Changelog:
- Add missing
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c | 56 +++
include/linux/fs.h| 1 +
include/linux/lsm_hooks.
st version of these patches can be found
in the next-kernel-read branch of:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
Mimi Zohar (5):
vfs: define a generic function to read a file from the kernel
firmware: replace call to fw_read_file_contents() with kernel version
kexec: re
This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file(), and replaces the kexec copy_file_from_fd()
calls with the kernel_read_file_from_fd() wrapper.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c | 15 +++
i
This patch defines kernel_read_file_from_path(), a wrapper for the VFS
common kernel_read_file(), and replaces the integrity_read_file() with
a call to the kernel_read_file_from_path() wrapper.
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
fs/exec.c
On Fri, 2016-01-08 at 12:24 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote:
> > In order to measure and appraise files being read by the kernel,
> > new module and kexec syscalls were defined which include a file
> >
On Fri, 2016-01-08 at 14:21 -0500, Mimi Zohar wrote:
> For a while it was looked down upon to directly read files from Linux.
> These days there exists a few mechanisms in the kernel that do just this
> though to load a file into a local buffer. There are minor but important
> checks
On Fri, 2016-01-08 at 12:26 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote:
> > Replace fw_read_file_contents() for reading a file with the common VFS
> > kernel_read_file() function. Call the existing firmware s
On Tue, 2015-12-29 at 16:21 +0800, Dave Young wrote:
> Hi, Mimi
>
> On 12/28/15 at 07:51am, Mimi Zohar wrote:
> > On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> > > On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > > > IMA calculates the file has
On Tue, 2015-12-29 at 07:06 -0500, Mimi Zohar wrote:
> On Tue, 2015-12-29 at 16:21 +0800, Dave Young wrote:
> This policy flexibility is needed at least until all files come from
> software providers with file signatures. (RPM has been modified to
> include file signatures.) Even th
On Mon, 2015-12-28 at 16:29 +0200, Petko Manolov wrote:
> On 15-12-28 07:51:15, Mimi Zohar wrote:
> > On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> > > On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > > > IMA calculates the file hash, in this case, based
On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > IMA calculates the file hash, in this case, based on the buffer
> > contents. The hash is calculated once and used for both measurement
> > and appraisal. If the file inte
On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > IMA calculates the file hash, in this case, based on the buffer
> > contents. The hash is calculated once and used for both measurement
> > and appraisal. If the file inte
On Mon, 2015-12-28 at 16:59 +0200, Petko Manolov wrote:
> On 15-12-28 09:42:22, Mimi Zohar wrote:
> > On Mon, 2015-12-28 at 16:29 +0200, Petko Manolov wrote:
> > >
> > > I kind of wonder isn't it possible to optimize the file read? If the
> > > file
> &
On Fri, 2015-12-25 at 13:33 +0800, Dave Young wrote:
> Hi, Mimi
>
> CCing kexec list, not all kexec people subscribed to IMA list.
> I just subscribed to it since Vivek CCed me last time about the V1 of this
> series.
Thanks!
> On 12/23/15 at 06:55pm, Mimi Zohar wrote:
>
On Tue, 2013-09-10 at 17:44 -0400, Vivek Goyal wrote:
Currently digital signature verification code assumes that it can be
used only with 3 keyrings. IMA, EVM and MODULE keyring. Provide another
variant where one can pass in a pointer to keyring (struct key *), and
integrity code can try to
On Wed, 2013-03-20 at 18:12 +, Matthew Garrett wrote:
On Wed, 2013-03-20 at 14:01 -0400, Mimi Zohar wrote:
Sorry, I'm not sure to which work you're referring. If you're referring
to Dmitry's initramfs with digital signature protection patches, then
we're speaking about enforcing
On Wed, 2012-11-14 at 21:09 -0800, Eric W. Biederman wrote:
Vivek Goyal vgo...@redhat.com writes:
On Thu, Nov 08, 2012 at 01:03:17PM -0800, Eric W. Biederman wrote:
Vivek Goyal vgo...@redhat.com writes:
On Thu, Nov 08, 2012 at 02:40:50PM -0500, Vivek Goyal wrote:
On Tue, Nov 06,
On Thu, 2012-11-08 at 14:40 -0500, Vivek Goyal wrote:
On Tue, Nov 06, 2012 at 03:51:59PM -0800, Eric W. Biederman wrote:
[..]
Thnking more about executable signature verification, I have another question.
While verifyign the signature, we will have to read the whole executable
in
On Fri, 2012-10-26 at 03:39 +0100, Matthew Garrett wrote:
On Thu, Oct 25, 2012 at 09:15:58PM -0400, Mimi Zohar wrote:
On a running system, the package installer, after verifying the package
integrity, would install each file with the associated 'security.ima'
extended attribute
On Fri, 2012-10-26 at 19:19 +0100, Matthew Garrett wrote:
On Fri, Oct 26, 2012 at 01:59:34PM -0400, Mimi Zohar wrote:
On Fri, 2012-10-26 at 03:39 +0100, Matthew Garrett wrote:
and it must be impossible for anything other than
/sbin/kexec to make the kexec system call.
Permission
On Wed, 2012-10-24 at 13:36 -0400, Vivek Goyal wrote:
On Tue, Oct 23, 2012 at 09:19:27AM -0700, Eric W. Biederman wrote:
Vivek Goyal vgo...@redhat.com writes:
On Tue, Oct 23, 2012 at 09:18:54AM -0400, Vivek Goyal wrote:
[..]
There are 3 options for trusting /sbin/kexec. There
On Thu, 2012-10-25 at 10:10 -0400, Vivek Goyal wrote:
On Thu, Oct 25, 2012 at 02:10:01AM -0400, Mimi Zohar wrote:
[..]
IMA-appraisal verifies the integrity of file data, while EVM verifies
the integrity of the file metadata, such as LSM and IMA-appraisal
labels. Both 'security.ima
On Thu, 2012-10-25 at 09:54 -0400, Vivek Goyal wrote:
On Thu, Oct 25, 2012 at 01:43:59AM -0400, Mimi Zohar wrote:
On Wed, 2012-10-24 at 13:19 -0400, Vivek Goyal wrote:
On Tue, Oct 23, 2012 at 09:44:59AM -0700, Eric W. Biederman wrote:
Matthew Garrett m...@redhat.com writes
On Thu, 2012-10-25 at 14:55 -0400, Vivek Goyal wrote:
On Thu, Oct 25, 2012 at 02:40:21PM -0400, Mimi Zohar wrote:
On Thu, 2012-10-25 at 10:10 -0400, Vivek Goyal wrote:
On Thu, Oct 25, 2012 at 02:10:01AM -0400, Mimi Zohar wrote:
[..]
IMA-appraisal verifies the integrity of file
On Wed, 2012-10-24 at 13:19 -0400, Vivek Goyal wrote:
On Tue, Oct 23, 2012 at 09:44:59AM -0700, Eric W. Biederman wrote:
Matthew Garrett m...@redhat.com writes:
On Tue, Oct 23, 2012 at 10:59:20AM -0400, Vivek Goyal wrote:
But what about creation of a new program which can call
401 - 436 of 436 matches
Mail list logo