[PATCH V3 6/6] Add the property used for carrying forward the IMA measurement logs and update the code to use the defined property string.

Signed-off-by: Prakhar Srivastava --- arch/arm64/kernel/machine_kexec_file.c | 19 ++- arch/powerpc/kexec/ima.c | 8 +--- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/arch/arm64/kernel/machine_kexec_file.c b/arch/arm64/kernel

[PATCH V3 5/6] Update the Kconfig to support carrying forward the IMA Measurement log and and update the setup_dtb call to add the linux,ima-kexec-buffer property to the DTB.

Signed-off-by: Prakhar Srivastava --- arch/arm64/Kconfig | 1 + arch/arm64/kernel/machine_kexec_file.c | 11 +++ 2 files changed, 12 insertions(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 66dc41fd49f2..ece34b8ca648 100644 --- a/arch/arm64/Kconfig

[PATCH V3 3/6] Update function do_get_kexec_buffer to use of_* functions, and reducing wrapper functions.

Signed-off-by: Prakhar Srivastava --- security/integrity/ima/ima_kexec.c | 20 +--- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/security/integrity/ima/ima_kexec.c b/security/integrity/ima/ima_kexec.c index 2fe2d3bf7bda..e47982e9bb67 100644 --- a/security

[PATCH V3 2/6] Update remove_ima_buffer code to use functions from libfdt reducing wrappers functions.

Signed-off-by: Prakhar Srivastava --- arch/powerpc/kexec/ima.c | 63 1 file changed, 25 insertions(+), 38 deletions(-) diff --git a/arch/powerpc/kexec/ima.c b/arch/powerpc/kexec/ima.c index 563313703756..a9e4e9f04273 100644 --- a/arch/powerpc/kexec/ima.c

[PATCH V3 4/6] Add support in arm64 to store the memory information of the IMA measurement log in the kimage used for kexec.

Store the phyical address and size of the IMA measurement logs that get picked up by the setup_dtb during kexec. Signed-off-by: Prakhar Srivastava --- arch/arm64/include/asm/ima.h | 17 + arch/arm64/include/asm/kexec.h | 3 +++ arch/arm64/kernel

[PATCH V3 0/6] Add support to carry forward the IMA measurement logs

the arch sepcific code path in kexec file load to store the ima buffer in the reserved memory. The same reserved memory is read on kexec or cold boot. Prakhar Srivastava (6): Refactoring powerpc code to be made available to other architectures Update remove_ima_buffer code to use

[PATCH V3 1/6] Refactoring powerpc code to be made available to other architectures

Existing code in arch/powerpc can be used for carrying forward the IMA measurement logs by other architectures. Moving non architecture specific code to security/intergrity, to be made available to other architectures Signed-off-by: Prakhar Srivastava --- arch/powerpc/include/asm/ima.h

Re: [V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer

On 6/19/20 5:41 PM, Thiago Jung Bauermann wrote: Prakhar Srivastava writes: Integrity measurement architecture(IMA) validates if files have been accidentally or maliciously altered, both remotely and locally, appraise a file's measurement against a "good" value stored as a

Re: [V2 PATCH 1/3] Refactoring powerpc code for carrying over IMA measurement logs, to move non architecture specific code to security/ima.

On 6/19/20 5:19 PM, Thiago Jung Bauermann wrote: Prakhar Srivastava writes: Powerpc has support to carry over the IMA measurement logs. Refatoring the non-architecture specific code out of arch/powerpc and into security/ima. The code adds support for reserving and freeing up of memory

[V2 PATCH 0/3] Adding support for carrying IMA measurement logs

or cold boot. Prakhar Srivastava (3): Refactoring powerpc code for carrying over IMA measurement logs, to move non architecture specific code to security/ima. dt-bindings: chosen: Document ima-kexec-buffer carrying over IMA measuremnt logs over kexec. Add support for arm64 to carry over IMA

[V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer

Integrity measurement architecture(IMA) validates if files have been accidentally or maliciously altered, both remotely and locally, appraise a file's measurement against a "good" value stored as an extended attribute, and enforce local file integrity. IMA also measures singatures of kernel and

[V2 PATCH 3/3] Add support for arm64 to carry over IMA measurement logs

Add support for arm64 to carry over IMA measurement logs. Update arm64 code to call into functions made available in patch 1/3. --- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/ima.h | 17 ++ arch/arm64/include/asm/kexec.h | 3 ++

[V2 PATCH 1/3] Refactoring powerpc code for carrying over IMA measurement logs, to move non architecture specific code to security/ima.

Powerpc has support to carry over the IMA measurement logs. Refatoring the non-architecture specific code out of arch/powerpc and into security/ima. The code adds support for reserving and freeing up of memory for IMA measurement logs. --- arch/powerpc/include/asm/ima.h | 10 ---

[v1 PATCH 0/2] Adding support to carry IMA measurement logs

IMA during kexec(kexec file load) verifies the kernel signature and measures the signature of the kernel. The signature in the logs can be used to verfiy the authenticity of the kernel. The logs don not get carried over kexec and thus remote attesation cannot verify the signature of the running

[v1 PATCH 2/2] Add Documentation regarding the ima-kexec-buffer node in the chosen node documentation

Add Documentation regarding the ima-kexec-buffer node in the chosen node documentation Signed-off-by: Prakhar Srivastava --- Documentation/devicetree/bindings/chosen.txt | 17 + 1 file changed, 17 insertions(+) diff --git a/Documentation/devicetree/bindings/chosen.txt b

[v1 PATCH 1/2] Refactoring carrying over IMA measuremnet logs over Kexec.

This patch moves the non-architecture specific code out of powerpc and adds to security/ima. Update the arm64 and powerpc kexec file load paths to carry the IMA measurement logs. Signed-off-by: Prakhar Srivastava --- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/ima.h

Re: [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass

On 5/22/20 9:08 PM, Thiago Jung Bauermann wrote: Hello Prakhar, Prakhar Srivastava writes: On 5/12/20 4:05 PM, Rob Herring wrote: On Wed, May 06, 2020 at 10:50:04PM -0700, Prakhar Srivastava wrote: Hi Mark, Please don't top post. This patch set currently only address the Pure DT

Re: [RFC][PATCH 1/2] Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass.

On 5/12/20 4:09 PM, Rob Herring wrote: On Mon, May 04, 2020 at 01:38:28PM -0700, Prakhar Srivastava wrote: Introduce a device tree layer for to read and store ima buffer from the reserved memory section of a device tree. But why do I need 'a layer of abstraction'? I don't like them

Re: [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass

On 5/12/20 4:05 PM, Rob Herring wrote: On Wed, May 06, 2020 at 10:50:04PM -0700, Prakhar Srivastava wrote: Hi Mark, Please don't top post. This patch set currently only address the Pure DT implementation. EFI and ACPI implementations will be posted in subsequent patchsets. The logs

Re: [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass

changes the node information but memory still is reserved via reserved-memory section. On 5/5/20 2:59 AM, Mark Rutland wrote: Hi Prakhar, On Mon, May 04, 2020 at 01:38:27PM -0700, Prakhar Srivastava wrote: IMA during kexec(kexec file load) verifies the kernel signature and measures the signature

[RFC][PATCH 1/2] Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass.

Introduce a device tree layer for to read and store ima buffer from the reserved memory section of a device tree. Signed-off-by: Prakhar Srivastava --- drivers/of/Kconfig | 6 ++ drivers/of/Makefile | 1 + drivers/of/of_ima.c | 165 include

[RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass

on: arm64 with Uboot Prakhar Srivastava (2): Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass. Add support for ima buffer pass using reserved memory for arm64 kexec. Update the arch sepcific code path in kexec file load to store the ima buffer

[RFC][PATCH 2/2] Add support for ima buffer pass using reserved memory arm64

Add support for ima buffer pass using reserved memory for arm64 kexec. Update the arch sepcific code path in kexec file load to store the ima buffer in the reserved memory. The same reserved memory is read on kexec or cold boot. Signed-off-by: Prakhar Srivastava --- arch/arm64/Kconfig

[RFC]{PATCH 1/2] Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass.

Introduce a device tree layer for to read and store ima buffer from the reserved memory section of a device tree. Signed-off-by: Prakhar Srivastava --- drivers/of/Kconfig | 6 ++ drivers/of/Makefile | 1 + drivers/of/of_ima.c | 165 include

[RFC][PATCH 2/2] Add support for ima buffer pass using reserved memory arm64

Add support for ima buffer pass using reserved memory for arm64 kexec. Update the arch sepcific code path in kexec file load to store the ima buffer in the reserved memory. The same reserved memory is read on kexec or cold boot. Signed-off-by: Prakhar Srivastava --- arch/arm64/Kconfig

[RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass

on: arm64 with Uboot Prakhar Srivastava (2): Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass. Add support for ima buffer pass using reserved memory for arm64 kexec. Update the arch sepcific code path in kexec file load to store the ima buffer

[PATCH v2 2/2] update powerpc implementation to call into of_ima*

update powerpc ima buffer pass implementationt to call into of_ima* for a cross architecture support. Signed-off-by: Prakhar Srivastava --- arch/powerpc/include/asm/ima.h | 6 -- arch/powerpc/kernel/Makefile| 8 +- arch/powerpc/kernel/ima_kexec.c | 170

[RFC PATCH v1 0/1] Add support for arm64 to carry ima measurement log in kexec_file_load

and end for ima measurement log. - use fdt_* functions to add/remove fdt properties and memory allocations. - remove additional check for endian-ness as they are checked in fdt_* functions. v0: - Add support to carry ima measurement log in arm64, uses same code as powerpc. Prakhar

[RFC PATCH v1 1/1] Add support for arm64 to carry ima measurement log in kexec_file_load

During kexec_file_load, carrying forward the ima measurement log allows a verifying party to get the entire runtime event log since the last full reboot since that is when PCRs were last reset. Signed-off-by: Prakhar Srivastava --- arch/arm64/Kconfig | 7 + arch/arm64

[RFC][PATCH v1 1/1] Add support for arm64 to carry ima measurement log in kexec_file_load

During kexec_file_load, carrying forward the ima measurement log allows a verifying party to get the entire runtime event log since the last full reboot since that is when PCRs were last reset. Signed-off-by: Prakhar Srivastava --- arch/arm64/Kconfig | 7 + arch/arm64

[RFC][PATCH v1 0/1] Add support for arm64 to carry ima measurement log in kexec_file_load

. This lead to loss of information. Carrying forward the ima measurement log to the next kexec'ed session. This allows a verifying party to get the entire runtime event log since the last full reboot since that is when PCRs were last reset. Prakhar Srivastava (1): Add support for arm64 to carry

[RFC][PATCH v1 0/1] Carry ima measurement log for arm64 via kexec_file_load

is in most part same as powerpc, i want to get feedback as to how/correct way to refactor the code so that cross architecture partial helpers can be put in a common place. Prakhar Srivastava (1): Carry ima measurement log for arm64 via kexec_file_load arch/arm64/Kconfig | 7

[RFC][PATCH 1/1] Carry ima measurement log for arm64 via kexec_file_load

-by: Prakhar Srivastava --- arch/arm64/Kconfig | 7 + arch/arm64/include/asm/ima.h | 31 arch/arm64/include/asm/kexec.h | 4 + arch/arm64/kernel/Makefile | 1 + arch/arm64/kernel/ima_kexec.c | 219 + arch

[PATCH V10 2/3] IMA: Define a new template field buf

easure the boot command line arguments" - Add a new template policy name ima-buf to represent 'd-ng|n-ng|buf' Signed-off-by: Prakhar Srivastava Reviewed-by: Roberto Sassu Reviewed-by: James Morris --- Documentation/security/IMA-templates.rst | 7 --- security/integrity/ima/ima

[PATCH V10 0/3] Add support for measuring the boot command line during kexec_file_load

uggestd by Mimi Zohar] - use the IMA_XATTR to add buffer instead of sig template v1: -Add kconfigs to control the ima_buffer_check -measure the cmdline args suffixed with the kernel file name -add the buffer to the template sig field. Prakhar Srivastava (3): Add a new ima hook ima_kexec_cmdline to me

[PATCH V10 3/3] KEXEC: Call ima_kexec_cmdline to measure the boot command line args

been measured. Signed-off-by: Prakhar Srivastava Reviewed-by: James Morris Acked-by: Dave Young --- kernel/kexec_file.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 072b6ee55e3f..b0c724e5d86c 100644 --- a/kernel

[PATCH V10 1/3] IMA: Define a new hook to measure the kexec boot command line arguments

process_buffer_measurement is defined to measure the buffer hash into the IMA measurement list. - A new func policy KEXEC_CMDLINE is defined to control the measurement.[Suggested by Mimi] Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h

Re: [PATCH 2/3] IMA:Define a new template field buf

> > if (iint->measured_pcrs & (0x1 << pcr)) > > diff --git a/security/integrity/ima/ima_init.c > > b/security/integrity/ima/ima_init.c > > index 993d0f1915ff..c8591406c0e2 100644 > > --- a/security/integrity/ima/ima_init.c > > +++ b/security/integrity/ima/ima_init.c > > @@ -50,7 +50,7 @@

Re: [PATCH V9 1/3] IMA:Define a new hook to measure the kexec boot command line arguments

On Mon, Jun 17, 2019 at 11:37 AM Prakhar Srivastava wrote: > > Currently during soft reboot(kexec_file_load) boot command line > arguments are not measured. Define hooks needed to measure kexec > command line arguments during soft reboot(kexec_file_load). > > - A new ima hook

[PATCH V9 1/3] IMA:Define a new hook to measure the kexec boot command line arguments

process_buffer_measurement is defined to measure the buffer hash into the IMA measurement list. - A new func policy KEXEC_CMDLINE is defined to control the measurement.[Suggested by Mimi] Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h

[PATCH V9 3/3] KEXEC:Call ima_kexec_cmdline to measure the boot command line args

been measured. Signed-off-by: Prakhar Srivastava Reviewed-by: James Morris Acked-by: Dave Young --- kernel/kexec_file.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 072b6ee55e3f..b0c724e5d86c 100644 --- a/kernel

[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load

template v1: -Add kconfigs to control the ima_buffer_check -measure the cmdline args suffixed with the kernel file name -add the buffer to the template sig field. Prakhar Srivastava (3): Add a new ima hook ima_kexec_cmdline to measure cmdline args add a new ima template field buf cal

[PATCH V9 2/3] IMA:Define a new template field buf

easure the boot command line arguments" - Add a new template policy name ima-buf to represent 'd-ng|n-ng|buf' Signed-off-by: Prakhar Srivastava Reviewed-by: Roberto Sassu Reviewed-by: James Morris --- Documentation/security/IMA-templates.rst | 7 --- security/integrity/ima/ima

[PATCH 2/3] IMA:Define a new template field buf

easure the boot command line arguments" - Add a new template policy name ima-buf to represent 'd-ng|n-ng|buf' Signed-off-by: Prakhar Srivastava Reviewed-by: Roberto Sassu Reviewed-by: James Morris --- Documentation/security/IMA-templates.rst | 7 --- security/integrity/ima/ima

[PATCH 1/3] IMA:Define a new hook to measure the kexec boot command line arguments

process_buffer_measurement is defined to measure the buffer hash into the IMA measurement list. - A new func policy KEXEC_CMDLINE is defined to control the measurement.[Suggested by Mimi] Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h

[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load

template v1: -Add kconfigs to control the ima_buffer_check -measure the cmdline args suffixed with the kernel file name -add the buffer to the template sig field. Prakhar Srivastava (3): Add a new ima hook ima_kexec_cmdline to measure cmdline args add a new ima template field buf cal

[PATCH 3/3] KEXEC:Call ima_kexec_cmdline to measure the boot command line args

been measured. Signed-off-by: Prakhar Srivastava Reviewed-by: James Morris Acked-by: Dave Young --- kernel/kexec_file.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 072b6ee55e3f..b0c724e5d86c 100644 --- a/kernel

Re: [PATCH V8 2/3] Define a new ima template field buf

gt; My mistake. I should have picked up Thaigo's "ima: Use designated > > initializers for struct ima_event_data". Please drop these changes > > instead. > > Sorry for the confusion. I just pushed out Thiago's patch. > Just to clarify: - no split up of patch is needed. - only formatting needs to cleaned up. Apologies for the formatting issues, my editor switches back to tab as 4 chars. Thanks, Prakhar Srivastava > thanks, > > Mimi >

Re: [PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments

On Thu, Jun 13, 2019 at 12:22 PM Mimi Zohar wrote: > > Hi Prakhar, > > Patches titles in the subject line need to be prefixed with the > subsystem, in this case "ima: ". > > On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote: > > This patch adds su

Re: [PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load

On Thu, Jun 13, 2019 at 1:48 PM Mimi Zohar wrote: > > On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote: > > > The kexec cmdline hash is stored in the "d-ng" field of the template data. > > and can be verified using > > sudo c

[PATCH V8 2/3] Define a new ima template field buf

. process_buffer_measurement added in "Define a new IMA hook to measure the boot command line arguments" - Add a new template policy name ima-buf to represent 'd-ng|n-ng|buf' Signed-off-by: Prakhar Srivastava Reviewed-by: Roberto Sassu --- Documentation/security/IMA-templates.rst | 7 --- security/int

[PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments

KEXEC_CMDLINE is defined to control the measurement.[Suggested by Mimi] Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h | 2 + security/integrity/ima/ima.h | 1 + security/integrity/ima/ima_api.c | 1

[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load

o control the ima_buffer_check -measure the cmdline args suffixed with the kernel file name -add the buffer to the template sig field. Prakhar Srivastava (3): Add a new ima hook ima_kexec_cmdline to measure cmdline args add a new ima template field buf call ima_kexec_cmdline to measure the cm

[PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args

e the boot cmdline args into the ima log. - call ima_kexec_cmdline from kexec_file_load. - move the call ima_add_kexec_buffer after the cmdline args have been measured. Signed-off-by: Prakhar Srivastava --- kernel/kexec_file.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-)

Re: [PATCH v7 0/3] add new ima hook ima_kexec_cmdline to measure kexec boot cmdline args

nd line". > Similarly, the first patch in this patch set could be named "Define a > new IMA hook to measure the boot command line arguments". > > On Thu, 2019-06-06 at 17:23 -0700, Prakhar Srivastava wrote: > > The motive behind the patch series is to measure t

[PATCH v7 0/3] add new ima hook ima_kexec_cmdline to measure kexec boot cmdline args

the buffer to the template sig field. Prakhar Srivastava (3): Add a new ima hook ima_kexec_cmdline to measure cmdline args add a new ima template field buf call ima_kexec_cmdline to measure the cmdline args Documentation/ABI/testing/ima_policy | 1 + Documentation/security/IMA

[PATCH v7 2/3] add a new ima template field buf

. process_buffer_measurement added in "Add a new ima hook ima_kexec_cmdline to measure cmdline args" Signed-off-by: Prakhar Srivastava Reviewed-by: Roberto Sassu --- Documentation/security/IMA-templates.rst | 4 ++-- security/integrity/ima/ima.h | 2 ++ security/integrity/ima/ima_api.c

[PATCH v7 1/3] Add a new ima hook ima_kexec_cmdline to measure cmdline args

KEXEC_CMDLINE is defined to control the measurement.[Suggested by Mimi] Hash computation can be tested using sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements | grep kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum Signed-off-by: Prakhar Srivastava --- Documentation

[PATCH v7 3/3] call ima_kexec_cmdline to measure the cmdline args

e the boot cmdline args into the ima log. - call ima_kexec_cmdline from kexec_file_load. - move the call ima_add_kexec_buffer after the cmdline args have been measured. Signed-off-by: Prakhar Srivastava --- kernel/kexec_file.c | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --gi

Re: Re:

3d3120 696d615f706f6c6963793d74636220696d615f61707072616973653d666 97820696d615f74656d706c6174655f666d743d6e2d6e677c642d6e677c 7369677c62756620696d615f686173683d736861323536 echo -n -e $VAL | xxd -r -p | sha256sum 0d0b891bb730120d9593799cba1a7b3febf68f2bb81fb1304b0c963f95f6bc58 - I will run it through the code as well, but the shell command should work. Thanks, Prakhar Srivastava

[PATCH v6 3/3] call ima_kexec_cmdline to measure the cmdline args

e the boot cmdline args into the ima log. - call ima_kexec_cmdline from kexec_file_load. - move the call ima_add_kexec_buffer after the cmdline args have been measured. Signed-off-by: Prakhar Srivastava --- kernel/kexec_file.c | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --gi

[PATCH v6 1/3] Add a new ima hook ima_kexec_cmdline to measure cmdline args

ima_kexec_cmdline is defined to be called by the kexec code. - A new function process_buffer_measurement is defined to measure the buffer hash into the ima log. - A new func policy KEXEC_CMDLINE is defined to control the measurement. Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing

[PATCH v6 2/3] add a new ima template field buf

the buffer data. - Added two new fields to ima_event_data to hold the buf and buf_len [Suggested by Roberto] -Updated process_buffer_meaurement to add the buffer to ima_event_data Signed-off-by: Prakhar Srivastava --- Documentation/security/IMA-templates.rst | 2 +- security/integrity

[PATCH v6 0/3] add new ima hook ima_kexec_cmdline to measure kexec boot cmdline args

-measure the cmdline args suffixed with the kernel file name -add the buffer to the template sig field. Prakhar Srivastava (3): Add a new ima hook ima_kexec_cmdline to measure cmdline args add a new ima template field buf call ima_kexec_cmdline to measure the cmdline args Documentation/A

Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer

On Tue, May 14, 2019 at 6:22 AM Roberto Sassu wrote: > > On 5/14/2019 7:07 AM, prakhar srivastava wrote: > > On Mon, May 13, 2019 at 6:48 AM Roberto Sassu > > wrote: > >> > >> On 5/11/2019 12:37 AM, Prakhar Srivastava wrote: > >>> From: Prakhar

Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer

On Mon, May 13, 2019 at 6:48 AM Roberto Sassu wrote: > > On 5/11/2019 12:37 AM, Prakhar Srivastava wrote: > > From: Prakhar Srivastava > > > > The buffer(cmdline args) added to the ima log cannot be attested > > without having the actual buffer. Thus to make the

Re: [PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline

On Mon, May 13, 2019 at 9:56 AM Mimi Zohar wrote: > > On Fri, 2019-05-10 at 15:37 -0700, Prakhar Srivastava wrote: > > > +/* > > + * process_buffer_measurement - Measure the buffer passed to ima log. > > "passed to ima log" is unnecessary. > > > + *

[PATCH 0/3 v5] Kexec cmdline bufffer measure

From: Prakhar Srivastava The motive behind the patch series is to measure the cmdline args used for soft reboot/kexec case. For secure boot attestation, it is necessary to measure the kernel command line and the kernel version. For cold boot, the boot loader can be enhanced to measure

[PATCH 2/3 v5] add a new template field buf to contain the buffer

From: Prakhar Srivastava The buffer(cmdline args) added to the ima log cannot be attested without having the actual buffer. Thus to make the measured buffer available to stroe/read a new ima temaplate (buf) is added. The cmdline args used for soft reboot can then be read and attested later

[PATCH 3/3 v5] call ima_kexec_cmdline from kexec_file_load path

From: Prakhar Srivastava To measure the cmldine args used in case of soft reboot. Call the ima hook defined in [PATCH 1/3 v5]:"add a new ima hook and policy to measure the cmdline" Signed-off-by: Prakhar Srivastava --- kernel/kexec_file.c | 2 ++ 1 file changed, 2 insertions(+)

[PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline

From: Prakhar Srivastava For secure boot attestation, it is necessary to measure the kernel command line and the kernel version. For cold boot, the boot loader can be enhanced to measure these parameters. However, for attestation across soft reboot boundary, these values also need to be measured

[PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline

From: Prakhar Srivastava For this reason, this patch adds support for measuring these parameters during kexec. To achive this, a new ima policy and hook id, defined KEXEC_CMDLINE and ima_kexec_cmdline respectively, are added. Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing

[PATCH 2/3 v5] add a new template field buf to contain the buffer

From: Prakhar Srivastava The buffer(cmdline args) added to the ima log cannot be attested without having the actual buffer. Thus to make the measured buffer available to stroe/read a new ima temaplate (buf) is added. The cmdline args used for soft reboot can then be read and attested later

[PATCH 0/3 v5] Kexec cmdline bufffer measure

From: Prakhar Srivastava For secure boot attestation, it is necessary to measure the kernel command line and the kernel version. For cold boot, the boot loader can be enhanced to measure these parameters. (https://mjg59.dreamwidth.org/48897.html) However, for attestation across soft reboot

[PATCH 3/3 v5] call ima_kexec_cmdline from kexec_file_load path

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- kernel/kexec_file.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index f1d0e00a3971..e779bcf674a0 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -241,6 +241,8

[PATCH 1/5 v4] added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima

From: Prakhar Srivastava This change adds a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima log. Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h | 5 ++ security/integrity/ima/ima.h

[PATCH 5/5 v4] removed the LSM hook made available, and renamed the ima_policy to be KEXEC_CMDLINE

From: Prakhar Srivastava Per suggestions from the community, removed the LSM hook. and renamed the buffer_check func and policy to kexec_cmdline [suggested by: Mimi Zohar] Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 2 +- include/linux/ima.h

[PATCH 3/5 v4] add kexec_cmdline used to ima

From: Prakhar Srivastava prepend the kernel file name to the cmdline args to avoid conflicrts in case of multiple kexec. Pass the new generated buffer to ima for measurmenet. Signed-off-by: Prakhar Srivastava --- kernel/kexec_core.c | 57 + kernel

[PATCH 0/5 v4] Kexec cmdline bufffer measure

From: Prakhar Srivastava For Kexec scenario(kexec_file_load) cmdline args are passed to the next kerenel. These cmldine args used to load the next kernel can have undesired/unwanted configs. To guard against any unwanted cmdline args being passed to the next kernel. The current kernel should

[PATCH 4/5 v4] added LSM hook to call ima_buffer_check

From: Prakhar Srivastava add a LAM hook for kexec_cmldine args to be made available to other LSMs. Signed-off-by: Prakhar Srivastava --- include/linux/lsm_hooks.h | 3 +++ include/linux/security.h | 3 +++ kernel/kexec_internal.h | 4 +++- security/security.c | 6 ++ 4 files

[PATCH 2/5 v4] add the buffer to the xattr

From: Prakhar Srivastava This change adds the buffer passed in to the xattr used for template entries. Signed-off-by: Prakhar Srivastava --- security/integrity/ima/ima_main.c | 37 --- security/integrity/ima/ima_template_lib.c | 3 +- security/integrity

[PATCH v3 1/4] added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima

From: Prakhar Srivastava added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima logs. Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h | 5 ++ security/integrity/ima/ima.h | 1

[PATCH v3 2/4] add the buffer to the xattr

From: Prakhar Srivastava add the buffer to the xattr for a buffer case Signed-off-by: Prakhar Srivastava --- security/integrity/ima/ima_main.c | 37 --- security/integrity/ima/ima_template_lib.c | 3 +- security/integrity/integrity.h| 1 + 3 files

[PATCH v3 4/4] added LSM hook to call ima_buffer_check

From: Prakhar Srivastava added LSM hook to call ima_buffer_check Signed-off-by: Prakhar Srivastava --- include/linux/lsm_hooks.h | 3 +++ include/linux/security.h | 3 +++ kernel/kexec_internal.h | 4 +++- security/security.c | 6 ++ 4 files changed, 15 insertions(+), 1 deletion

[PATCH v3 0/4] Add a new ima_hook buffer_check to measure buffers critical for attestation

From: Prakhar Srivastava For Kexec scenario(kexec_file_load) cmdline args are passed to the next kerenel. These cmldine args used to load the next kernel can have undesired/unwanted configs. To guard against any unwanted cmdline args being passed to the next kernel. The current kernel should

[PATCH v3 3/4] add kexec_cmdline used to ima

From: Prakhar Srivastava prepend the kernel file name to kexec_cmdline before measuring the buffer. Signed-off-by: Prakhar Srivastava --- kernel/kexec_core.c | 57 + kernel/kexec_file.c | 14 +++ 2 files changed, 71 insertions(+) diff

[PATCH v2 3/5 RFC] since cmdline args can be same for multiple kexec, log entry hash will collide. Prepend the kernel file name to the cmdline args to distinguish between cmdline args passed to subseq

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCH v2 2/5 RFC] use event name instead of enum to make the call generic

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCH v2 5/5 RFC] add the buffer to the event data in ima free entry data if store_template failed added check in templates for buffer

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCH v2 4/5 RFC] added a buffer_check LSM hook

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCH v2 1/5 RFC] added ima hook for buffer, being enabled as a policy

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

Re: [PATCH] kexec_buffer measure

are doing both the command line and kernel version measurement in IMA. Can you please elaborate on how this can be used outside of the scenario? That will help me come back with a better design and code. I am neutral about this. I greatly appreciate the time and your feedback. -Prakhar Srivastava

[PATCH v2 1/3 RFC] added ima hook for buffer, being enabled as a policy

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCH v2 2/3 RFC] use event name instead of enum to make the call generic

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCH v2 3/3 RFC] since cmdline args can be same for multiple kexec, log entry hash will collide. Prepend the kernel file name to the cmdline args to distinguish between cmdline args passed to subseq

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader

[PATCHv2] use event name instead of enum to make the call generic

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- remove enaums to control type of buffers entries, instead pass the event name to be used. include/linux/ima.h | 10 ++ kernel/kexec_file.c | 3 +++ security/integrity/ima/ima.h | 2

[PATCHv2] added ima hook for buffer, being enabled as a policy

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- This adds a new ima hook ima_buffer_check and a policy entry BUFFER_CHECK. This enables buffer has measurements into ima log Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h | 13 +++- security

[PATCHv2] since cmdline args can be same for multiple kexec, log entry hash will collide. Prepend the kernel file name to the cmdline args to distinguish between cmdline args passed to subsequent kexe

From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- since cmdline args can be same for multiple kexec, log entry hash will collide. Prepend the kernel file name to the cmdline args to distinguish between cmdline args passed to subsequent kexec calls kernel/kexec_core.c | 57

Adding cmldine args measure to ima

. To account for the cmdline passed, we are looking at using IMA to measure and pass the buffer so that it can be attested. Do you have any alternate solutions/concerns with this approach? Thanks, Prakhar Srivastava