Re: [PATCH v8 5/8] ima: make process_buffer_measurement() generic

On Sat, 2019-10-19 at 14:06 -0400, Nayna Jain wrote: > process_buffer_measurement() is limited to measuring the kexec boot > command line. This patch makes process_buffer_measurement() more > generic, allowing it to measure other types of buffer data (e.g. > blacklisted binary hashes or key hashes)

Re: [PATCH v8 7/8] ima: check against blacklisted hashes for files with modsig

On Sat, 2019-10-19 at 14:06 -0400, Nayna Jain wrote: > diff --git a/Documentation/ABI/testing/ima_policy > b/Documentation/ABI/testing/ima_policy > index 29ebe9afdac4..4c97afcc0f3c 100644 > --- a/Documentation/ABI/testing/ima_policy > +++ b/Documentation/ABI/testing/ima_policy > @@ -25,6 +25,7 @@

Re: [PATCH v8 2/8] powerpc/ima: add support to initialize ima policy rules

On Sat, 2019-10-19 at 14:06 -0400, Nayna Jain wrote: > index ..65d82ee74ea4 > --- /dev/null > +++ b/arch/powerpc/kernel/ima_arch.c > @@ -0,0 +1,39 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (C) 2019 IBM Corporation > + * Author: Nayna Jain > + */ > + > +#include >

Re: [PATCH v8 4/8] powerpc/ima: add measurement rules to ima arch specific policy

On Sat, 2019-10-19 at 14:06 -0400, Nayna Jain wrote: > This patch adds the measurement rules to the arch specific policies on > trusted boot enabled systems. This version does not add rules to the existing arch specific policy, but defines an arch specific trusted boot only policy and a combined s

Re: [PATCH v7 7/8] ima: check against blacklisted hashes for files with modsig

Hi Mimi, On 10/11/2019 09:19 AM, Mimi Zohar wrote: On Mon, 2019-10-07 at 21:14 -0400, Nayna Jain wrote: Asymmetric private keys are used to sign multiple files. The kernel currently support checking against the blacklisted keys. However, if the public key is blacklisted, any file signed by the

Re: [PATCH v7 4/8] powerpc/ima: add measurement rules to ima arch specific policy

Hi Michael, On 10/15/2019 07:29 AM, Michael Ellerman wrote: Nayna Jain writes: This patch adds the measurement rules to the arch specific policies on trusted boot enabled systems. Signed-off-by: Nayna Jain Reviewed-by: Mimi Zohar --- arch/powerpc/kernel/ima_arch.c | 45 ++

[PATCH v8 3/8] powerpc: detect the trusted boot state of the system

While secure boot permits only properly verified signed kernels to be booted, trusted boot takes a measurement of the kernel image prior to boot that can be subsequently compared against good known values via attestation services. This patch reads the trusted boot state of a PowerNV system. The st

[PATCH v8 5/8] ima: make process_buffer_measurement() generic

process_buffer_measurement() is limited to measuring the kexec boot command line. This patch makes process_buffer_measurement() more generic, allowing it to measure other types of buffer data (e.g. blacklisted binary hashes or key hashes). This patch modifies the function to conditionally retrieve

[PATCH v8 1/8] powerpc: detect the secure boot mode of the system

This patch defines a function to detect the secure boot state of a PowerNV system. The PPC_SECURE_BOOT config represents the base enablement of secure boot for powerpc. Signed-off-by: Nayna Jain --- arch/powerpc/Kconfig | 10 + arch/powerpc/include/asm/secure_boot.h |

[PATCH v8 4/8] powerpc/ima: add measurement rules to ima arch specific policy

This patch adds the measurement rules to the arch specific policies on trusted boot enabled systems. Signed-off-by: Nayna Jain --- arch/powerpc/kernel/ima_arch.c | 34 +- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/kernel/ima_arch.c

[PATCH v8 0/8] powerpc: Enabling IMA arch specific secure boot policies

This patchset extends the previous version[1] by adding support for checking against a blacklist of binary hashes. The IMA subsystem supports custom, built-in, arch-specific policies to define the files to be measured and appraised. These policies are honored based on priority, where arch-specific

[PATCH v8 2/8] powerpc/ima: add support to initialize ima policy rules

PowerNV system use a Linux-based bootloader, which relies on the IMA subsystem to enforce different secure boot modes. Since the verification policy may differ based on the secure boot mode of the system, the policies must be defined at runtime. This patch implements arch-specific support to defin

[PATCH v8 8/8] powerpc/ima: update ima arch policy to check for blacklist

This patch updates the arch-specific policies for PowerNV system to make sure that the binary hash is not blacklisted. Signed-off-by: Nayna Jain Reviewed-by: Mimi Zohar --- arch/powerpc/kernel/ima_arch.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/powerpc/ke

[PATCH v8 6/8] certs: add wrapper function to check blacklisted binary hash

The -EKEYREJECTED error returned by existing is_hash_blacklisted() is misleading when called for checking against blacklisted hash of a binary. This patch adds a wrapper function is_binary_blacklisted() to return -EPERM error if binary is blacklisted. Signed-off-by: Nayna Jain Reviewed-by: Mimi

[PATCH v8 7/8] ima: check against blacklisted hashes for files with modsig

Asymmetric private keys are used to sign multiple files. The kernel currently support checking against blacklisted keys. However, if the public key is blacklisted, any file signed by the blacklisted key will automatically fail signature verification. We might not want to blacklist all the files sig