> From: Eric Biggers [mailto:ebigg...@kernel.org]
> Sent: Friday, October 15, 2021 10:11 PM
> On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> >
> > On 10/13/2021 12:24 PM, Eric Biggers wrote:
> > > On Wed, Oct 13, 2021 at 12:06:31PM -0700,
> deven.de...@linux.microsoft.com wrote:
>
> From: Roberto Sassu [mailto:roberto.sa...@huawei.com]
> Sent: Wednesday, October 20, 2021 5:09 PM
> > From: Eric Biggers [mailto:ebigg...@kernel.org]
> > Sent: Friday, October 15, 2021 10:11 PM
> > On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> >
> From: deven.de...@linux.microsoft.com
> [mailto:deven.de...@linux.microsoft.com]
> From: Deven Bowers
>
> Overview:
> -
>
> IPE is a Linux Security Module which takes a complimentary approach to
> access control. Whereas existing systems approach use labels or paths
> which control acc
> From: deven.de...@linux.microsoft.com
> [mailto:deven.de...@linux.microsoft.com]
> From: Deven Bowers
>
> IPE's initial goal is to control both execution and the loading of
> kernel modules based on the system's definition of trust. It
> accomplishes this by plugging into the security hooks for
> From: Deven Bowers [mailto:deven.de...@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/25/2021 4:30 AM, Roberto Sassu wrote:
> >> From:deven.de...@linux.microsoft.com
> >> [mailto:deven.de...@linux.microsoft.com]
> >> F
> From: Deven Bowers [mailto:deven.de...@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/22/2021 9:31 AM, Roberto Sassu wrote:
> >> From: Roberto Sassu [mailto:roberto.sa...@huawei.com]
> >> Sent: Wednesday, October 20, 2021 5:09 PM
> >&g
> From: Deven Bowers [mailto:deven.de...@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/25/2021 5:22 AM, Roberto Sassu wrote:
> >> From:deven.de...@linux.microsoft.com
> >> [mailto:deven.de...@linux.microsoft.com]
> >> From: Deven Bower
> From: Deven Bowers [mailto:deven.de...@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/15/2021 1:11 PM, Eric Biggers wrote:
>
> > On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> >> On 10/13/2021 12:24 PM, Eric Biggers wrote:
> >>> On Wed, Oct 13, 2021 at 12
> From: deven.de...@linux.microsoft.com
> [mailto:deven.de...@linux.microsoft.com]
> From: Deven Bowers
>
> As is typical with LSMs, IPE uses securityfs as its interface with
> userspace. for a complete list of the interfaces and the respective
> inputs/outputs, please see the documentation under
> From: Deven Bowers [mailto:deven.de...@linux.microsoft.com]
> Sent: Friday, October 15, 2021 9:26 PM
> On 10/13/2021 12:24 PM, Eric Biggers wrote:
> > On Wed, Oct 13, 2021 at 12:06:31PM -0700,
> deven.de...@linux.microsoft.com wrote:
> >> From: Fan Wu
> >>
> >> Add security_inode_setsecurity to
> From: deven.de...@linux.microsoft.com
> [mailto:deven.de...@linux.microsoft.com]
> From: Deven Bowers
>
> Enables an IPE policy to be enforced from kernel start, enabling access
> control based on trust from kernel startup. This is accomplished by
> transforming an IPE policy indicated by CONFI
> From: Roberto Sassu [mailto:roberto.sa...@huawei.com]
> Sent: Wednesday, November 3, 2021 5:43 PM
> > From: deven.de...@linux.microsoft.com
> > [mailto:deven.de...@linux.microsoft.com]
> > From: Deven Bowers
> >
> > Enables an IPE policy to be enforce
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> As is typical with LSMs, IPE uses securityfs as its interface with
> userspace. for a complete list of the interfaces and the respective
> inputs/outputs, please see the documentation under
> admin-guide/LSM/ipe.rst
>
> Si
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> IPE must have a centralized function to evaluate incoming callers
> against IPE's policy. This iteration of the policy against the rules
> for that specific caller is known as the evaluation loop.
>
> In addition, IPE is d
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> dm-verity provides a strong guarantee of a block device's integrity. As
> a generic way to check the integrity of a block device, it provides
> those integrity guarantees to its higher layers, including the filesystem
> lev
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> Enable IPE policy authors to indicate trust for a singular fsverity
> file, identified by the digest information, through "fsverity_digest"
> and all files using fsverity's builtin signatures via
> "fsverity_signature".
>
> This enables file-level
* Move patch 01/12 to [14/16] of the series
> * Split up patch 02/12 into four parts:
> 1. context creation [01/16]
> 2. audit [07/16]
> 3. evaluation loop [03/16]
> 4. access control hooks [05/16]
> 5. permissive mode [08/16]
> * Split up patch 03
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> IPE's initial goal is to control both execution and the loading of
> kernel modules based on the system's definition of trust. It
> accomplishes this by plugging into the security hooks for
> bprm_check_security, file_mprot
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> IPE's interpretation of the what the user trusts is accomplished through
> its policy. IPE's design is to not provide support for a single trust
> provider, but to support multiple providers to enable the end-user to
> choo
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> Users of IPE require a way to identify when and why an operation fails,
> allowing them to both respond to violations of policy and be notified
> of potentially malicious actions on their systens with respect to IPE
> itsel
On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers
>
> IPE must have a centralized function to evaluate incoming callers
> against IPE's policy. This iteration of the policy against the rules
> for that specific caller is known as the evaluation loop.
Not sure if you check the
On Wed, 2023-02-01 at 15:50 -0800, Fan Wu wrote:
> On Tue, Jan 31, 2023 at 03:00:08PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > +/**
> > > + * evaluate_fsv_sig_false - Analyze @ctx against a fsv sig false
> > >
On Tue, 2023-01-31 at 16:48 -0800, Fan Wu wrote:
> On Tue, Jan 31, 2023 at 03:22:05PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > IPE has two known gaps:
> > >
> > > 1. IPE cannot verify the integrity of anonymous ex
On Wed, 2023-02-01 at 15:26 -0800, Fan Wu wrote:
> On Tue, Jan 31, 2023 at 02:22:01PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > From: Deven Bowers
> > >
> > > dm-verity provides a strong guarantee of a block device
24 matches
Mail list logo
