On Tue, 2023-09-12 at 17:11 +, Eric Snowberg wrote:
>
> > On Sep 12, 2023, at 5:54 AM, Mimi Zohar wrote:
> >
> > On Tue, 2023-09-12 at 02:00 +, Eric Snowberg wrote:
> >>
> >>> On Sep 11, 2023, at 5:08 PM, Mimi Zohar wrote:
> >>>
On Tue, 2023-09-12 at 22:32 +0300, Jarkko Sakkinen wrote:
> On Tue Sep 12, 2023 at 10:22 PM EEST, Mimi Zohar wrote:
> > On Tue, 2023-09-12 at 12:49 +0300, Jarkko Sakkinen wrote:
> > > On Tue Sep 12, 2023 at 10:41 AM EEST, Michal Suchánek wrote:
> > > > On Mon, Se
On Tue, 2023-09-12 at 12:49 +0300, Jarkko Sakkinen wrote:
> On Tue Sep 12, 2023 at 10:41 AM EEST, Michal Suchánek wrote:
> > On Mon, Sep 11, 2023 at 11:39:38PM -0400, Nayna wrote:
> > >
> > > On 9/7/23 13:32, Michal Suchánek wrote:
> > > > Adding more CC's from the original patch, looks like get_m
On Tue, 2023-09-12 at 02:00 +, Eric Snowberg wrote:
>
> > On Sep 11, 2023, at 5:08 PM, Mimi Zohar wrote:
> >
> > On Mon, 2023-09-11 at 22:17 +, Eric Snowberg wrote:
> >>
> >>> On Sep 11, 2023, at 10:51 AM, Mickaël Salaün wrote:
> >&g
On Mon, 2023-09-11 at 22:17 +, Eric Snowberg wrote:
>
> > On Sep 11, 2023, at 10:51 AM, Mickaël Salaün wrote:
> >
> > On Mon, Sep 11, 2023 at 09:29:07AM -0400, Mimi Zohar wrote:
> >> Hi Eric,
> >>
> >> On Fri, 2023-09-08 at 17:34 -040
Hi Eric,
On Fri, 2023-09-08 at 17:34 -0400, Eric Snowberg wrote:
> Currently root can dynamically update the blacklist keyring if the hash
> being added is signed and vouched for by the builtin trusted keyring.
> Currently keys in the secondary trusted keyring can not be used.
>
> Keys within the
Hi Gustavo,
On Tue, 2021-04-20 at 15:28 -0500, Gustavo A. R. Silva wrote:
> Hi all,
>
> Friendly ping: who can take this, please?
Thank you for the reminder.
>
> On 11/20/20 12:25, Gustavo A. R. Silva wrote:
> > In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple
> > warnin
Hi Jiele,
On Wed, 2021-04-07 at 01:44 +, Jiele Zhao wrote:
> init_once is a callback to kmem_cache_create. The parameter
> type of this function is void *, so it's better to give a
> explicit cast here.
>
> Signed-off-by: Jiele Zhao
> ---
> security/integrity/iint.c | 2 +-
> securi
On Tue, 2021-04-06 at 02:12 +, Jiele Zhao wrote:
> The original function name was ima_path_check(). The policy parsing
> still supports PATH_CHECK. Commit 9bbb6cad0173 ("ima: rename
> ima_path_check to ima_file_check") renamed the function to
> ima_file_check(), but missed modifying the func
On Fri, 2021-04-09 at 10:35 -0400, Nayna Jain wrote:
> Kernel modules are currently only signed when CONFIG_MODULE_SIG is enabled.
> The kernel module signing key is a self-signed CA only loaded onto the
> .builtin_trusted_key keyring. On secure boot enabled systems with an arch
> specific IMA pol
On Thu, 2021-04-08 at 15:19 -0400, Stefan Berger wrote:
> On 4/8/21 1:15 PM, Mimi Zohar wrote:
> > On Thu, 2021-04-08 at 11:24 -0400, Stefan Berger wrote:
> >> Address a kbuild issue where a developer created an ECDSA key for signing
> >> kernel modules and then bui
fail signature verification.
>
> Signed-off-by: Stefan Berger
Thanks, Stefan.
Reviewed-by: Mimi Zohar
gt; Trigger the creation of an RSA module signing key if it is not an RSA key.
>
> Fixes: cfc411e7fff3 ("Move certificate handling to its own directory")
> Signed-off-by: Stefan Berger
Thanks, Stefan.
Reviewed-by: Mimi Zohar
On Wed, 2021-04-07 at 18:53 +0300, Jarkko Sakkinen wrote:
> On Tue, Apr 06, 2021 at 02:53:38PM -0400, Stefan Berger wrote:
> > This series adds support for ECDSA-signed kernel modules.
> >
> > The first patch in this series attempts to address the issue where a
> > developer created an ECDSA key f
Hi Jiele,
On Tue, 2021-03-23 at 01:33 +, Jiele Zhao wrote:
> init_once is a callback to kmem_cache_create. The parameter
> type of this function is void *, so it's better to give a
> explicit cast here.
>
> Signed-off-by: Jiele Zhao
Please remove the "ima" in the Subject line and re-post Cc
-0400)
integrity-v5.12-fix
Mimi Zohar (1):
integrity: double check iint_cache was initialized
security/integrity/iint.c | 8
1 file changed, 8 insertions(+)
On Wed, 2021-03-24 at 09:00 +, Roberto Sassu wrote:
> > From: lihuafei
> > Sent: Tuesday, March 23, 2021 2:41 PM
> > ping. :-)
> >
> > On 2021/3/3 11:28, Li Huafei wrote:
> > > In ima_restore_measurement_list(), hdr[HDR_PCR].data is pointing to a
> > > buffer of type u8, which contains the dum
On Wed, 2021-03-24 at 09:14 -0700, James Bottomley wrote:
> On Tue, 2021-03-23 at 14:07 -0400, Mimi Zohar wrote:
> > On Tue, 2021-03-23 at 17:35 +0100, Ahmad Fatoum wrote:
> > > Hello Horia,
> > >
> > > On 21.03.21 21:48, Horia Geantă wrote:
> > &g
On Wed, 2021-03-24 at 12:58 +0100, Dmitry Vyukov wrote:
> On Wed, Mar 24, 2021 at 12:49 PM Mimi Zohar wrote:
> >
> > On Wed, 2021-03-24 at 12:37 +0100, Dmitry Vyukov wrote:
> > > On Wed, Mar 24, 2021 at 12:21 PM Tetsuo Handa
> > > wrote:
> > > >
On Wed, 2021-03-24 at 12:37 +0100, Dmitry Vyukov wrote:
> On Wed, Mar 24, 2021 at 12:21 PM Tetsuo Handa
> wrote:
> >
> > On 2021/03/24 20:10, Mimi Zohar wrote:
> > > On Wed, 2021-03-24 at 19:10 +0900, Tetsuo Handa wrote:
> > >> On 2021/03/24 1:13, Mimi Zoh
On Wed, 2021-03-24 at 19:10 +0900, Tetsuo Handa wrote:
> On 2021/03/24 1:13, Mimi Zohar wrote:
> > On Wed, 2021-03-24 at 00:14 +0900, Tetsuo Handa wrote:
> >> On 2021/03/23 23:47, Mimi Zohar wrote:
> >>> Initially I also questioned making "integrity" an LSM
On Tue, 2021-03-23 at 17:35 +0100, Ahmad Fatoum wrote:
> Hello Horia,
>
> On 21.03.21 21:48, Horia Geantă wrote:
> > On 3/16/2021 7:02 PM, Ahmad Fatoum wrote:
> > [...]
> >> +struct trusted_key_ops caam_trusted_key_ops = {
> >> + .migratable = 0, /* non-migratable */
> >> + .init = trusted_caam_
On Wed, 2021-03-24 at 00:14 +0900, Tetsuo Handa wrote:
> On 2021/03/23 23:47, Mimi Zohar wrote:
> > Initially I also questioned making "integrity" an LSM. Perhaps it's
> > time to reconsider. For now, it makes sense to just fix the NULL
> > pointer dereferen
On Tue, 2021-03-23 at 23:01 +0900, Tetsuo Handa wrote:
> On 2021/03/23 22:37, Tetsuo Handa wrote:
> > On 2021/03/23 21:09, Mimi Zohar wrote:
> >> Please take a look at the newer version of this patch. Do you want to
> >> add any tags?
> >
> > Oh, I didn
On Tue, 2021-03-23 at 10:46 +0900, Tetsuo Handa wrote:
> On 2021/03/20 5:03, Mimi Zohar wrote:
> > The integrity's "iint_cache" is initialized at security_init(). Only
> > after an IMA policy is loaded, which is initialized at late_initcall,
> > is a f
On Mon, 2021-03-22 at 09:52 -0700, Eric Biggers wrote:
> On Mon, Mar 22, 2021 at 11:42:07AM -0400, Mimi Zohar wrote:
> >
> > Reported-by: Dmitry Vyukov
> > Fixes: 79f7865d844c ("LSM: Introduce "lsm=" for boottime LSM selection")
> > Signed-off-by:
On Mon, 2021-03-22 at 09:51 -0700, Eric Biggers wrote:
> On Mon, Mar 22, 2021 at 11:42:06AM -0400, Mimi Zohar wrote:
> > Only after an IMA policy is loaded, check, save, or update the cached
> > file's integrity status.
> >
> > Signed-off-by: Mimi Zohar
>
>
Only after an IMA policy is loaded, check, save, or update the cached
file's integrity status.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_main.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/security/integrity/ima/ima_main.c
b/security/integrity/ima/ima_main.c
led at
run time, panic the system if "integrity" was not initialized before use.
Reported-by: Dmitry Vyukov
Fixes: 79f7865d844c ("LSM: Introduce "lsm=" for boottime LSM selection")
Signed-off-by: Mimi Zohar
---
security/integrity/iint.c | 8
1 file changed,
On Thu, 2021-03-18 at 07:53 +0100, Dmitry Vyukov wrote:
> On Thu, Mar 18, 2021 at 3:18 AM Mimi Zohar wrote:
> >
> > Hi Dmitry,
> >
> > On Mon, 2021-03-15 at 14:07 +0100, Dmitry Vyukov wrote:
> > > On Mon, Mar 15, 2021 at 1:41 PM Mimi Zohar wrote:
> > >
c:1477
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294
Modules linked in:
CR2: 001c
---[ end trace 22d601a500de7d79 ]---
Before calling kmem_cache_alloc(), check that the iint_cache has
been initialized.
Reported-by: Dmitry Vyukov
Signed-off-by: Mimi Zohar
---
security/int
From: Test
Only after an IMA policy is loaded, check, save, or update the cached
file's integrity status.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_main.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/security/integrity/ima/ima_main.c
b/security/integrit
Hi Dmitry,
On Mon, 2021-03-15 at 14:07 +0100, Dmitry Vyukov wrote:
> On Mon, Mar 15, 2021 at 1:41 PM Mimi Zohar wrote:
> >
> > On Mon, 2021-03-15 at 11:58 +0100, Dmitry Vyukov wrote:
> > > Hi,
> > >
> > > I am trying to boot 5.12-rc3 with this config:
Hi Dmitry,
On Mon, 2021-03-15 at 11:58 +0100, Dmitry Vyukov wrote:
> Hi,
>
> I am trying to boot 5.12-rc3 with this config:
> https://github.com/google/syzkaller/blob/cc1cff8f1e1a585894796d6eae8c51eef98037e6/dashboard/config/linux/upstream-smack-kasan.config
>
> in qemu:
> qemu-system-x86_64
ded strings. The generic reason
for replacing strlcpy with strscpy doesn't seem applicable; however,
the additonal warning is appropriate.
(User-visible strings are not bound to the 80 column length. Breaking
up the line like this is fine, but unnecessary.)
Acked-by: Mimi Zohar
thanks,
ls
> evm_load_x509() inside ima_load_x509() if CONFIG_IMA_LOAD_X509 is defined.
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Mimi Zohar
> ---
> security/integrity/iint.c | 2 ++
> security/integrity/ima/ima_init.c | 4
> 2 files changed, 6 insertions(+)
>
On Sat, 2021-02-27 at 11:35 +0800, yumeng wrote:
> 在 2021/2/26 0:08, Stefan Berger 写道:
> > From: Stefan Berger
> >
>
> > diff --git a/certs/Makefile b/certs/Makefile
> > index 3fe6b73786fa..c487d7021c54 100644
> > --- a/certs/Makefile
> > +++ b/certs/Makefile
> > @@ -69,6 +69,18 @@ else
> > SI
On Mon, 2021-02-22 at 15:45 -0800, Casey Schaufler wrote:
> On 2/14/2021 10:21 AM, Mimi Zohar wrote:
>
> Would these changes match your suggestion?
>
> security/integrity/ima/ima_policy.c | 24
> 1 file changed, 12 insertions(+), 12 deletions(-)
On Thu, 2021-02-18 at 14:05 -0800, Tushar Sugandhi wrote:
> On 2021-02-17 12:49 p.m., Tushar Sugandhi wrote:
> > On 2021-02-17 12:39 p.m., Mimi Zohar wrote:
> >> On Wed, 2021-02-17 at 10:53 -0800, Tushar Sugandhi wrote:
> >>> Thanks for the feedback Mimi.
> >&
>>
> > >> On 2/18/21 5:13 PM, Thiago Jung Bauermann wrote:
> > >>>
> > >>> Lakshmi Ramasubramanian writes:
> > >>>
> > >>>> On 2/18/21 4:07 PM, Mimi Zohar wrote:
> > >>>>
> > >>>> Hi Mim
erger
Thanks, Stefan!
Tested with this patch applied on top of "[PATCH v8 0/4] Add support
for x509 certs with NIST p256 and p192" and "[PATCH v2 0/5] ima: kernel
build support for loading the kernel module" patch sets.
Tested-by: Mimi Zohar
Reviewed-by: Mimi Zohar
On Fri, 2021-02-19 at 11:08 -0300, Thiago Jung Bauermann wrote:
> Lakshmi Ramasubramanian writes:
>
> > On 2/18/21 5:13 PM, Thiago Jung Bauermann wrote:
> >> Lakshmi Ramasubramanian writes:
> >>
> >>> On 2/18/21 4:07 PM, Mimi Zohar wrote:
> >>
On Thu, 2021-02-18 at 14:33 -0800, Lakshmi Ramasubramanian wrote:
> of_kexec_alloc_and_setup_fdt() defined in drivers/of/kexec.c builds
> a new device tree object that includes architecture specific data
> for kexec system call. This should be defined only if the architecture
> being built defines
RAISE_MODSIG config respectively; and loads the CA kernel
> key onto the builtin trusted keyring.
>
> Signed-off-by: Nayna Jain
Always having a CA key would simplify the code. Otherwise for the
patch set,
Reviewed-by: Mimi Zohar
On Wed, 2021-02-17 at 10:53 -0800, Tushar Sugandhi wrote:
> Thanks for the feedback Mimi.
> Appreciate it.
>
> On 2021-02-17 7:03 a.m., Mimi Zohar wrote:
> > Hi Tushar,
> >
> > The Subject line could be improved. Perhaps something like - "IMA:
> >
Hi Tushar,
The Subject line could be improved. Perhaps something like - "IMA:
support for duplicate measurement records"
On Tue, 2021-02-16 at 18:46 -0800, Tushar Sugandhi wrote:
> IMA does not measure duplicate data since TPM extend is a very expensive
> operation. However, in some cases, the
ima: Free IMA measurement buffer on error
ima: Free IMA measurement buffer after kexec syscall
Mimi Zohar (2):
Merge branch 'measure-critical-data' into next-integrity
Merge branch 'ima-kexec-fixes' into next-integrity
Raphael Gianotti (1):
IMA: M
Hi Michael,
On Mon, 2021-02-15 at 11:23 +0100, Michael Weiß wrote:
> 'ima-modsig' was not in the list of selectable templates in Kconfig.
> The missing Kconfig options were added to support the ima-modsig
> template as default template.
>
> Signed-off-by: Michael Weiß
Since 'ima-modsig' is only
nks, Casey.
(This patch description line length seems short.)
>
> Signed-off-by: Casey Schaufler
> To: Mimi Zohar
> To: linux-integr...@vger.kernel.org
> ---
> Documentation/ABI/testing/ima_policy | 8 +++-
> security/integrity/ima/ima_policy.c | 64 ++--
On Thu, 2021-02-11 at 17:13 -0500, Stefan Berger wrote:
> On 2/11/21 2:54 PM, Nayna Jain wrote:
> > Certificates being loaded onto the IMA trusted keyring must be signed by
> > a key on either the builtin and secondary trusted keyring.
> >
> > This patch creates and includes in the kernel image an
On Wed, 2021-02-10 at 15:55 -0500, Mimi Zohar wrote:
> On Wed, 2021-02-10 at 14:42 -0600, Rob Herring wrote:
> > On Wed, Feb 10, 2021 at 11:33 AM Lakshmi Ramasubramanian
>
> > Ideally, we don't apply the same patch in 2 branches. It looks like
> > there's a conf
On Wed, 2021-02-10 at 14:42 -0600, Rob Herring wrote:
> On Wed, Feb 10, 2021 at 11:33 AM Lakshmi Ramasubramanian
> wrote:
> >
> > On 2/10/21 9:15 AM, Rob Herring wrote:
> > > On Tue, Feb 09, 2021 at 10:21:50AM -0800, Lakshmi Ramasubramanian wrote:
> > >> On kexec file load Integrity Measurement Ar
On Tue, 2021-02-09 at 10:23 -0800, Tushar Sugandhi wrote:
> > On Mon, 2021-02-08 at 15:22 -0500, Mimi Zohar wrote:
> >> On Fri, 2021-01-29 at 16:45 -0800, Tushar Sugandhi wrote:
> >>> IMA does not measure duplicate buffer data since TPM extend is a very
> >>>
On Mon, 2021-02-08 at 15:38 +0100, Jan Lübbe wrote:
> As it seems that this feature would not be appropriate for all use-cases and
> threat models, I wonder if making it optional would be acceptable. Something
> like:
>
> config TRUSTED_KEYS_IMPORT
To me "IMPORT" implies from a trusted source, w
Hi Tushar,
On Mon, 2021-02-08 at 15:22 -0500, Mimi Zohar wrote:
> On Fri, 2021-01-29 at 16:45 -0800, Tushar Sugandhi wrote:
> > IMA does not measure duplicate buffer data since TPM extend is a very
> > expensive operation. However, in some cases for integrity critical
> >
Hi Tushar,
On Fri, 2021-01-29 at 16:45 -0800, Tushar Sugandhi wrote:
> IMA needs to support duplicate measurements of integrity
> critical data to accurately determine the current state of that data
> on the system. Further, since measurement of duplicate data is not
> required for all the use ca
Hi Tushar,
On Fri, 2021-01-29 at 16:45 -0800, Tushar Sugandhi wrote:
> IMA does not measure duplicate buffer data since TPM extend is a very
> expensive operation. However, in some cases for integrity critical
> data, the measurement of duplicate data is necessary to accurately
> determine the cu
Hi Tushar,
On Fri, 2021-01-29 at 16:45 -0800, Tushar Sugandhi wrote:
> diff --git a/security/integrity/ima/ima_queue.c
> b/security/integrity/ima/ima_queue.c
>
> index c096ef8945c7..fbf359495fa8 100644
> --- a/security/integrity/ima/ima_queue.c
> +++ b/security/integrity/ima/ima_queue.c
> @@ -1
On Fri, 2021-02-05 at 09:39 -0800, Lakshmi Ramasubramanian wrote:
> On 2/5/21 2:05 AM, Greg KH wrote:
> > On Thu, Feb 04, 2021 at 09:49:50AM -0800, Lakshmi Ramasubramanian wrote:
> >> IMA allocates kernel virtual memory to carry forward the measurement
> >> list, from the current kernel to the next
this can be applied to all types of keys, we change the selection
> of the encoding type to be driven by the key's signature scheme rather
> than by the hash type.
>
> Signed-off-by: Stefan Berger
> Reviewed-by: Vitaly Chikunov
> Reviewed-by: Tianjia Zhang
Thanks, Stefan!
Acked-by: Mimi Zohar
On Mon, 2021-02-01 at 17:38 +0100, Jan Lübbe wrote:
> On Mon, 2021-02-01 at 11:11 -0500, Mimi Zohar wrote:
> > On Mon, 2021-02-01 at 16:31 +0100, Jan Lübbe wrote:
> > > On Sun, 2021-01-31 at 09:29 -0500, Mimi Zohar wrote:
>
> > > > Usage::
> > > >
On Mon, 2021-02-01 at 16:31 +0100, Jan Lübbe wrote:
> On Sun, 2021-01-31 at 09:29 -0500, Mimi Zohar wrote:
> > On Sun, 2021-01-31 at 15:14 +0100, Jan Lübbe wrote:
> > > On Sun, 2021-01-31 at 07:09 -0500, Mimi Zohar wrote:
> >
> >
> >
> > > >
&
On Mon, 2021-02-01 at 09:35 -0500, Stefan Berger wrote:
> On 2/1/21 8:23 AM, David Howells wrote:
> > Stefan Berger wrote:
> >
> >> From: Stefan Berger
> >>
> >> Detect whether a key is an sm2 type of key by its OID in the parameters
> >> array rather than assuming that everything under OID_id_ec
On Sun, 2021-01-31 at 15:14 +0100, Jan Lübbe wrote:
> On Sun, 2021-01-31 at 07:09 -0500, Mimi Zohar wrote:
> >
> > [1] The ima-evm-utils README contains EVM examples of "trusted" and
> > "user" based "encrypted" keys.
>
> I assume y
On Sat, 2021-01-30 at 19:53 +0200, Jarkko Sakkinen wrote:
> On Thu, 2021-01-28 at 18:31 +0100, Ahmad Fatoum wrote:
> > Hello,
> >
> > I've been looking into how a migration to using trusted/encrypted keys
> > would look like (particularly with dm-crypt).
> >
> > Currently, it seems the the only w
On Thu, 2021-01-28 at 10:27 -0500, Mimi Zohar wrote:
> Hi David,
>
> On Thu, 2021-01-28 at 15:16 +, David Howells wrote:
> > Which tree do you envision this going through? EFI or keyrings - or are you
> > going to ask Linus to pull it directly? I can pull it if it s
Hi David,
On Thu, 2021-01-28 at 15:16 +, David Howells wrote:
> Which tree do you envision this going through? EFI or keyrings - or are you
> going to ask Linus to pull it directly? I can pull it if it should go through
> the keyrings tree.
There's one more patch, yet to be posted, which up
On Wed, 2021-01-27 at 10:24 -0800, Lakshmi Ramasubramanian wrote:
> On 1/27/21 10:02 AM, Will Deacon wrote:
> > On Wed, Jan 27, 2021 at 09:56:53AM -0800, Lakshmi Ramasubramanian wrote:
> >> On 1/27/21 8:54 AM, Will Deacon wrote:
> >>> On Fri, Jan 15, 2021 at 09:30:17AM -0800, Lakshmi Ramasubramania
[Cc'ing linux-integrity]
On Wed, 2021-01-27 at 11:46 +, David Howells wrote:
> Jarkko Sakkinen wrote:
>
> > > I suppose a user space tool could be created. But wouldn’t what is
> > > currently done in the kernel in this area need to be removed?
> >
> > Right. I don't think this was a great
bove hex-ascii string corresponds to the kernel version
(e.g. xxd -r -p):
>
> 5.11.0-rc3-16187-gedb64fe78244-dirty
>
> Signed-off-by: Raphael Gianotti
Assuming the above or similar change,
Signed-off-by: Mimi Zohar
On Fri, 2021-01-22 at 15:28 -0800, Raphael Gianotti wrote:
> The integrity of a kernel can be verified by the boot loader on cold
> boot, and during kexec, by the current running kernel, before it is
> loaded. However, it is still possible that the new kernel being
> loaded is older than the curren
On Fri, 2021-01-22 at 15:24 -0500, Paul Moore wrote:
> On Thu, Jan 14, 2021 at 2:15 PM Lakshmi Ramasubramanian
> wrote:
> >
> > SELinux stores the active policy in memory, so the changes to this data
> > at runtime would have an impact on the security guarantees provided
> > by SELinux. Measuring
Hi Ard,
On Fri, 2021-01-15 at 09:30 -0800, Lakshmi Ramasubramanian wrote:
> create_dtb() function allocates kernel virtual memory for
> the device tree blob (DTB). This is not consistent with other
> architectures, such as powerpc, which calls kmalloc() for allocating
> memory for the DTB.
>
> C
Hi Mickaël,
On Thu, 2021-01-14 at 16:19 +0100, Mickaël Salaün wrote:
> From: Mickaël Salaün
>
> Add a kernel option SYSTEM_BLACKLIST_AUTH_UPDATE to enable the root user
> to dynamically add new keys to the blacklist keyring. This enables to
> invalidate new certificates, either from being loade
On Thu, 2021-01-07 at 20:07 -0800, Tushar Sugandhi wrote:
> IMA measures files and buffer data such as keys, command-line arguments
> passed to the kernel on kexec system call, etc. While these measurements
> are necessary for monitoring and validating the integrity of the system,
> they are not s
On Thu, 2021-01-14 at 11:44 -0500, Mimi Zohar wrote:
> [Cc'ing Sasha]
>
> Hi Lakshmi,
>
> On Thu, 2021-01-14 at 08:22 -0800, Lakshmi Ramasubramanian wrote:
> > On 1/13/21 6:49 PM, Mimi Zohar wrote:
>
> > >>> Lakshmi is trying to address the situation
[Cc'ing Sasha]
Hi Lakshmi,
On Thu, 2021-01-14 at 08:22 -0800, Lakshmi Ramasubramanian wrote:
> On 1/13/21 6:49 PM, Mimi Zohar wrote:
> >>> Lakshmi is trying to address the situation where an event changes a
> >>> value, but then is restored to the o
On Wed, 2021-01-13 at 21:40 -0500, Paul Moore wrote:
> On Wed, Jan 13, 2021 at 6:11 PM Mimi Zohar wrote:
> > On Wed, 2021-01-13 at 17:10 -0500, Paul Moore wrote:
> > > On Wed, Jan 13, 2021 at 4:11 PM Mimi Zohar wrote:
> > > > On Wed, 2021-01-13 at 14:19 -0500, Paul
On Wed, 2021-01-13 at 14:19 -0500, Paul Moore wrote:
> On Wed, Jan 13, 2021 at 2:13 PM Mimi Zohar wrote:
> > On Tue, 2021-01-12 at 11:27 -0500, Paul Moore wrote:
> > > On Thu, Jan 7, 2021 at 11:07 PM Tushar Sugandhi
> > > wrote:
> > > > From: Lakshmi R
On Thu, 2021-01-07 at 20:07 -0800, Tushar Sugandhi wrote:
> Integrity critical data may belong to a single subsystem or it may
> arise from cross subsystem interaction. Currently there is no mechanism
> to group or limit the data based on certain label. Limiting and
> grouping critical data based
On Wed, 2021-01-13 at 17:10 -0500, Paul Moore wrote:
> On Wed, Jan 13, 2021 at 4:11 PM Mimi Zohar wrote:
> > On Wed, 2021-01-13 at 14:19 -0500, Paul Moore wrote:
> > > On Wed, Jan 13, 2021 at 2:13 PM Mimi Zohar wrote:
> > > > On Tue, 2021-01-12 at 11:27 -0500, Paul
On Tue, 2021-01-12 at 11:27 -0500, Paul Moore wrote:
> On Thu, Jan 7, 2021 at 11:07 PM Tushar Sugandhi
> wrote:
> > From: Lakshmi Ramasubramanian
> >
> > SELinux stores the active policy in memory, so the changes to this data
> > at runtime would have an impact on the security guarantees provided
Hi Dinghao,
On Sun, 2021-01-10 at 16:02 +0800, Dinghao Liu wrote:
> When kmalloc() fails, tmp_tfm allocated by
> crypto_alloc_shash() has not been freed, which
> leads to memleak.
>
> Fixes: d46eb3699502b ("evm: crypto hash replaced by shash")
> Signed-off-by: Dinghao Liu
This patch is now queu
Hi Lakshmi,
On Mon, 2021-01-04 at 11:26 -0800, Lakshmi Ramasubramanian wrote:
> diff --git a/arch/powerpc/kexec/file_load_64.c
> b/arch/powerpc/kexec/file_load_64.c
> index a05c19b3cc60..3cab318aa3b9 100644
> --- a/arch/powerpc/kexec/file_load_64.c
> +++ b/arch/powerpc/kexec/file_load_64.c
> @@
Hi Lakshmi,
On Mon, 2021-01-04 at 11:26 -0800, Lakshmi Ramasubramanian wrote:
> Address and size of the buffer containing the IMA measurement log need
> to be passed from the current kernel to the next kernel on kexec.
>
> Any existing "linux,ima-kexec-buffer" property in the device tree
> needs
On Tue, 2021-01-12 at 08:42 -0600, Rob Herring wrote:
> On Mon, Jan 04, 2021 at 11:25:56AM -0800, Lakshmi Ramasubramanian wrote:
> > On kexec file load Integrity Measurement Architecture (IMA) subsystem
> > may verify the IMA signature of the kernel and initramfs, and measure
> > it. The command li
Hi Tyler,
On Tue, 2021-01-12 at 09:35 -0600, Tyler Hicks wrote:
> On 2020-12-14 10:42:24, Tyler Hicks wrote:
> > On 2020-12-11 06:01:54, Mimi Zohar wrote:
> > > On Thu, 2020-12-10 at 21:10 -0600, Tyler Hicks wrote:
> > > > On 2020-11-29 08:17:38, Mimi Z
Hi Dinghao,
On Sun, 2021-01-10 at 11:50 +0100, Markus Elfring wrote:
> > When kmalloc() fails, tmp_tfm allocated by
> > crypto_alloc_shash() has not been freed, which
> > leads to memleak.
In the future, please conform to Documentation/process/submitting-
patches.rst:
- The body of the explan
On Tue, 2021-01-05 at 12:01 -0800, Tushar Sugandhi wrote:
>
> >> data. However, various data structures, policies, and states
> >
> > Here and everywhere else, there are two blanks after a period.
> >
> I checked this patch file in multiple text editors, but couldn’t find
> any instance of perio
On Tue, 2020-12-29 at 10:46 -0800, Casey Schaufler wrote:
> >> -int security_audit_rule_match(u32 secid, u32 field, u32 op, void
> >> *lsmrule)
> >> +int security_audit_rule_match(u32 secid, u32 field, u32 op, void
> >> **lsmrule)
> >> {
> >> - return call_int_hook(
On Mon, 2020-12-28 at 20:53 -0500, Mimi Zohar wrote:
> On Mon, 2020-12-28 at 15:20 -0800, Casey Schaufler wrote:
> > On 12/28/2020 2:14 PM, Mimi Zohar wrote:
> > > On Mon, 2020-12-28 at 12:06 -0800, Casey Schaufler wrote:
> > >> On 12/28/2020 11:24 AM, Mi
On Mon, 2020-12-28 at 14:28 -0500, Ken Goldman wrote:
> On 12/12/2020 9:22 PM, Mimi Zohar wrote:
> > Ok. Going forward, it sounds like we need to define a new
> > "boot_aggregate" record. One that contains a version number and PCR
> > mask.
>
> Just BTW,
On Mon, 2020-12-28 at 15:20 -0800, Casey Schaufler wrote:
> On 12/28/2020 2:14 PM, Mimi Zohar wrote:
> > On Mon, 2020-12-28 at 12:06 -0800, Casey Schaufler wrote:
> >> On 12/28/2020 11:24 AM, Mimi Zohar wrote:
> >>> Hi Casey,
> >>>
> >>> On
On Mon, 2020-12-28 at 11:22 -0800, Casey Schaufler wrote:
> On 12/28/2020 9:54 AM, Mimi Zohar wrote:
> > Hi Casey,
> >
> > On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
> >> When more than one security module is exporting data to
> >> audit and
On Mon, 2020-12-28 at 12:06 -0800, Casey Schaufler wrote:
> On 12/28/2020 11:24 AM, Mimi Zohar wrote:
> > Hi Casey,
> >
> > On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
> >> diff --git a/security/security.c b/security/security.c
> >> index 5da8b
Hi Casey,
On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
> diff --git a/security/security.c b/security/security.c
> index 5da8b3643680..d01363cb0082 100644
> --- a/security/security.c
> +++ b/security/security.c
>
> @@ -2510,7 +2526,24 @@ int security_key_getsecurity(struct key *key, c
Hi Casey,
On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
> When more than one security module is exporting data to
> audit and networking sub-systems a single 32 bit integer
> is no longer sufficient to represent the data. Add a
> structure to be used instead.
>
> The lsmblob structure
A rules if the kernel command line
> contains "ima_policy=critical_data".
This sentence isn't really necessary.
>
> Update the documentation on kernel parameters to document
> the new critical data builtin policy.
>
> Signed-off-by: Lakshmi Ramasubramanian
>
Hi Tushar,
On Sat, 2020-12-12 at 10:02 -0800, Tushar Sugandhi wrote:
> System administrators should be able to limit which kernel subsystems
> they want to measure the critical data for. To enable that, an IMA policy
> condition to choose specific kernel subsystems is needed. This policy
> conditi
t; Add a policy rule to define the constraints for restricting integrity
> critical data measurements.
>
> Signed-off-by: Tushar Sugandhi
This patch does not restrict measuring critical data, but adds policy
rule support for measuring critical data. please update the patch
description accord
1 - 100 of 1001 matches
Mail list logo