On Fri, 2015-12-25 at 13:33 +0800, Dave Young wrote:
> Hi, Mimi
>
> CCing kexec list, not all kexec people subscribed to IMA list.
> I just subscribed to it since Vivek CCed me last time about the V1 of this
> series.
Thanks!
> On 12/23/15 at 06:55pm, Mimi Zohar wrote:
> &
On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > IMA calculates the file hash, in this case, based on the buffer
> > contents. The hash is calculated once and used for both measurement
> > and appraisal. If the file inte
On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > IMA calculates the file hash, in this case, based on the buffer
> > contents. The hash is calculated once and used for both measurement
> > and appraisal. If the file inte
On Mon, 2015-12-28 at 16:29 +0200, Petko Manolov wrote:
> On 15-12-28 07:51:15, Mimi Zohar wrote:
> > On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> > > On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > > > IMA calculates the file hash, in this case, based on the
On Mon, 2015-12-28 at 16:59 +0200, Petko Manolov wrote:
> On 15-12-28 09:42:22, Mimi Zohar wrote:
> > On Mon, 2015-12-28 at 16:29 +0200, Petko Manolov wrote:
> > >
> > > I kind of wonder isn't it possible to optimize the file read? If the
> > > file
&
On Tue, 2015-12-29 at 16:21 +0800, Dave Young wrote:
> Hi, Mimi
>
> On 12/28/15 at 07:51am, Mimi Zohar wrote:
> > On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote:
> > > On 12/25/15 at 09:45am, Mimi Zohar wrote:
> > > > IMA calculates the file has
On Tue, 2015-12-29 at 07:06 -0500, Mimi Zohar wrote:
> On Tue, 2015-12-29 at 16:21 +0800, Dave Young wrote:
> This policy flexibility is needed at least until all files come from
> software providers with file signatures. (RPM has been modified to
> include file signatures.) Even th
This patch defines kernel_read_file_from_path(), a wrapper for the VFS
common kernel_read_file(), and replaces the integrity_read_file() with
a call to the kernel_read_file_from_path() wrapper.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 21 +
include
security_kernel_module_from_file() function.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4 +++
include/linux/ima.h | 1 +
include/linux/lsm_hooks.h | 8 +
include/linux/security.h | 3 +-
kernel/module.c | 67
security_kernel_fw_from_file() function.
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 51 +--
include/linux/ima.h | 6 -
include/linux/security.h | 8 +-
security/integrity/ima/ima_main.c | 18 ++
security
corresponding security post-read hook and
function.
Changelog:
- Add missing
Signed-off-by: Mimi Zohar
---
fs/exec.c | 56 +++
include/linux/fs.h| 1 +
include/linux/lsm_hooks.h | 11 ++
include/linux/security.h | 9
This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file(), and replaces the kexec copy_file_from_fd()
calls with the kernel_read_file_from_fd() wrapper.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 15 +++
include/linux/fs.h | 1 +
kernel
n of these patches can be found
in the next-kernel-read branch of:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
Mimi Zohar (5):
vfs: define a generic function to read a file from the kernel
firmware: replace call to fw_read_file_contents() with kernel version
kexec: repla
On Fri, 2016-01-08 at 14:21 -0500, Mimi Zohar wrote:
> For a while it was looked down upon to directly read files from Linux.
> These days there exists a few mechanisms in the kernel that do just this
> though to load a file into a local buffer. There are minor but important
> checks
On Fri, 2016-01-08 at 12:26 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar wrote:
> > Replace fw_read_file_contents() for reading a file with the common VFS
> > kernel_read_file() function. Call the existing firmware security hook
> > from security_
On Fri, 2016-01-08 at 12:24 -0800, Kees Cook wrote:
> On Fri, Jan 8, 2016 at 11:22 AM, Mimi Zohar wrote:
> > In order to measure and appraise files being read by the kernel,
> > new module and kexec syscalls were defined which include a file
> > descriptor. Other pla
From: Dmitry Kasatkin
This patch provides convenient buffer hash calculation function.
Changelog:
- rewrite to support loff_t sized buffers - Mimi
(based on Fenguang Wu's testing)
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h
Setting up ahash has some overhead. Only use ahash to calculate the
hash of a buffer, if the buffer is larger than ima_ahash_minsize.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_crypto.c | 75 -
1 file changed, 73 insertions(+), 2 deletions
lgo to the ima_collect_measurement().
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 15 +++
security/integrity/ima/ima_api.c | 15 +++
security/integrity/ima/ima_appraise.c | 25 ++---
security/int
v2:
- Patch description re-written by Luis R. Rodriguez
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
fs/exec.c | 21
include/linux/fs.h | 1 +
include/linux/ima.h | 1 +
security/integrity/ima/im
Instead of ima_read_and_process_file() allocating memory, the caller
allocates and frees the memory.
- Moved the kexec measurement/appraisal call to copy_file_from_fd(). The
same call now measures and appraises both the kexec image and initramfs.
Signed-off-by: Mimi Zohar
---
Documentation/ABI/testing/ima_policy |
memory.
This patch retains the kernel_fw_from_file() hook, which is called from
security_kernel_post_read_file(), but removes the
sercurity_kernel_fw_from_file() function.
Changelog:
- reordered and squashed firmware patches
- fix MAX firmware size (Kees Cook)
Signed-off-by: Mimi Zohar
[1] Taken from Luis Rodriguez's wiki -
http://kernelnewbies.org/KernelProjects/common-kernel-loader
Mimi
Dmitry Kasatkin (3):
ima: separate 'security.ima' reading functionality from collect
ima: provide buffer hash calculation function
ima: load policy using path
Mimi Zohar (8):
security_kernel_module_from_file() function.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4 +++
include/linux/ima.h | 1 +
include/linux/lsm_hooks.h | 8 +
include/linux/security.h | 3 +-
kernel/module.c | 67
tains just the IMA changes. The
kexec and initramfs changes are with the rest of the kexec changes
in "kexec: replace call to copy_file_from_fd() with kernel version".
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4 +--
include/linux/fs.h|
some of these differences.
This patch introduces a common function for reading files from the kernel
with the corresponding security post-read hook and function.
Changelog v1:
- To simplify patch review, re-ordered patches
Signed-off-by: Mimi Zohar
---
fs/exec.c | 53
Require the IMA policy to be signed when additional rules can be added.
Changelog v2:
- add union name "hooks" to fix sparse warning
v1:
- initialize the policy flag
- include IMA_APPRAISE_POLICY in the policy flag
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_po
This patch adds support for measuring and appraising the IMA policy
itself.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h| 1 +
security/integrity/ima/ima_fs.c | 9 -
security/integrity/ima/ima_policy.c | 14 --
3 files changed, 21 insertions(+), 3
On Tue, 2016-01-19 at 16:10 -0800, Kees Cook wrote:
> On Mon, Jan 18, 2016 at 7:11 AM, Mimi Zohar wrote:
> > Replace fw_read_file_contents() for reading a file with the common VFS
> > kernel_read_file() function. A benefit of calling kernel_read_file()
> > to read the firmwa
On Wed, 2016-01-20 at 15:56 -0800, Luis R. Rodriguez wrote:
> On Wed, Jan 20, 2016 at 3:39 PM, Luis R. Rodriguez wrote:
> >> @@ -350,13 +321,18 @@ static int fw_get_filesystem_firmware(struct device
> >> *device,
> >> file = filp_open(path, O_RDONLY, 0);
> >> if (IS_E
On Thu, 2016-01-21 at 01:03 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 18, 2016 at 10:11:23AM -0500, Mimi Zohar wrote:
> > This patch replaces the module copy_module_from_fd() call with the VFS
> > common kernel_read_file_from_fd() function. Instead of reading the
> > kern
On Tue, 2016-01-19 at 21:26 +0200, Dmitry Kasatkin wrote:
> On Mon, Jan 18, 2016 at 5:11 PM, Mimi Zohar wrote:
> > From: Dmitry Kasatkin
> >
> > This patch provides convenient buffer hash calculation function.
> >
> > Changelog:
> > - rewrite to support l
On Tue, 2016-01-19 at 22:00 +0200, Dmitry Kasatkin wrote:
> Hi Mimi,
>
> Please change
>
> Signed-off-by: Dmitry Kasatkin
I'll make the change here and in the other patches as well.
Mimi
___
kexec mailing list
kexec@lists.infradead.org
http://lists
On Wed, 2016-01-20 at 02:09 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 18, 2016 at 10:11:17AM -0500, Mimi Zohar wrote:
> > diff --git a/fs/exec.c b/fs/exec.c
> > index b06623a..6d623c2 100644
> > --- a/fs/exec.c
> > +++ b/fs/exec.c
> > @@ -831,6 +832,58 @@
On Thu, 2016-01-21 at 01:05 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 18, 2016 at 10:11:24AM -0500, Mimi Zohar wrote:
> > --- a/fs/exec.c
> > +++ b/fs/exec.c
> > @@ -903,6 +903,27 @@ out:
> > return ret;
> > }
> >
> > +int kernel_read_file_f
On Thu, 2016-01-21 at 21:16 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 18, 2016 at 10:11:15AM -0500, Mimi Zohar wrote:
> >
> > The latest version of these patches can be found in the next-kernel-read-v2
> > branch of:
> > git://git.kernel.org/pub/scm/linux/kernel/gi
On Thu, 2016-01-21 at 08:56 -0800, Luis R. Rodriguez wrote:
> On Thu, Jan 21, 2016 at 5:12 AM, Mimi Zohar wrote:
> > On Thu, 2016-01-21 at 01:03 +0100, Luis R. Rodriguez wrote:
> >> On Mon, Jan 18, 2016 at 10:11:23AM -0500, Mimi Zohar wrote:
> >> >
On Thu, 2016-01-21 at 10:45 -0500, Paul Moore wrote:
> On Thursday, January 21, 2016 08:12:12 AM Mimi Zohar wrote:
> > Paul, Casey, Kees, Jon, Tetsuo does it make sense to consolidate the
> > module, firmware, and kexec pre and post security hooks and have just
> > one set of
On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> Hi, Mimi
>
> Besides of code issues, I have several thing to be understand:
>
> What is the effect to kexec behavior with this patchset?
> - without IMA enabled (kconfig or kernel cmdline) it will be same as before?
Yes, without IMA config
On Mon, 2016-01-25 at 21:34 +0100, Luis R. Rodriguez wrote:
> On Mon, Jan 25, 2016 at 10:04:18AM -0500, Mimi Zohar wrote:
> > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > Hi, Mimi
> > >
> > > Besides of code issues, I have several thing to be
Hi Dave,
On Tue, 2016-01-26 at 09:20 +0800, Dave Young wrote:
> Hi, Mimi
>
> On 01/25/16 at 10:04am, Mimi Zohar wrote:
> > On Mon, 2016-01-25 at 14:37 +0800, Dave Young wrote:
> > > Hi, Mimi
> > >
> > > Besides of code issues, I have several thing
lgo to the ima_collect_measurement().
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 15 +++
security/integrity/ima/ima_api.c | 15 +++
security/integrity/ima/ima_appraise.c | 25 ++---
security/int
From: Dmitry Kasatkin
This patch provides convenient buffer hash calculation function.
Changelog v3:
- fix while hash calculation - Dmitry
v1:
- rewrite to support loff_t sized buffers - Mimi
(based on Fenguang Wu's testing)
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi
From: "Luis R. Rodriguez"
This will be re-used later through a new extensible interface.
Reviewed-by: Josh Boyer
Signed-off-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
di
firmware: simplify dev_*() print messages for generic helpers
firmware: move completing fw into a helper
Mimi Zohar (16):
ima: refactor ima_policy_show() to display "ima_hooks" rules
ima: use "ima_hooks" enum as function argument
vfs: define a generic function
.
Changelog v3:
- Replace the IMA specific enumeration with a generic one.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4 ++--
include/linux/fs.h| 7 ++-
include/linux/lsm_hooks.h | 4 +++-
include/linux/security.h | 7 +--
security/security.c | 5 +++--
5
a separate patch
v2:
- after re-ordering the patches, replace calling integrity_kernel_read()
to read the file with kernel_read_file_from_path() (Mimi)
- Patch description re-written by Luis R. Rodriguez
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
include/linux/fs.h
Require the IMA policy to be signed when additional rules can be added.
v1:
- initialize the policy flag
- include IMA_APPRAISE_POLICY in the policy flag
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_policy.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/security
The kernel_read_file security hook is called prior to reading the file
into memory.
Signed-off-by: Mimi Zohar
---
fs/exec.c | 4
include/linux/ima.h | 6 ++
include/linux/lsm_hooks.h | 8
include/linux/security.h | 7
{
enum ima_hooks func_id;
enum kernel_read_file_id read_id;
};
};
Option 3: incorportate the ima_hooks enumeration into kernel_read_file_id,
perhaps changing the enumeration name.
For now, duplicate the new READING_KEXEC_IMAGE/INITRAMFS in ima_hooks.
Signed-off-by: Mimi
ocess_file() allocating memory, the caller
allocates and frees the memory.
- Moved the kexec measurement/appraisal call to copy_file_from_fd(). The
same call now measures and appraises both the kexec image and initramfs.
Signed-off-by: Mimi Zohar
---
include/linux/fs.h | 2 ++
kernel/kexec_f
Add support for measuring and appraising the IMA policy itself.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_fs.c | 9 -
security/integrity/ima/ima_main.c | 3 +++
security/integrity/ima/ima_policy.c | 10 +-
4
From: David Howells
We'll be folding in some more checks on fw_read_file_contents(),
this will make the success case easier to follow.
Reviewed-by: Josh Boyer
Signed-off-by: David Howells
Signed-off-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c
module
twice, once for measuring/appraising and again for loading the kernel
module, the signature validation is moved to the kernel_post_read_file()
security hook.
This patch removes the security_kernel_module_from_file() hook and security
call.
Signed-off-by: Mimi Zohar
---
include/linux/fs.h
Cleanup the function arguments by using "ima_hooks" enumerator as needed.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima.h | 25 +
security/integrity/ima/ima_api.c | 6 +++---
security/integrity/ima/ima_appraise.c | 13 +++--
kernel_fw_from_file() hook and security call.
Changelog v3:
- remove kernel_fw_from_file hook
- use kernel_file_read_from_path() - requested by Luis
v2:
- reordered and squashed firmware patches
- fix MAX firmware size (Kees Cook)
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 48
Define and call a function to display the "ima_hooks" rules.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_policy.c | 63 +
1 file changed, 36 insertions(+), 27 deletions(-)
diff --git a/security/integrity/ima/ima_policy.c
b/security
Setting up ahash has some overhead. Only use ahash to calculate the
hash of a buffer, if the buffer is larger than ima_ahash_minsize.
Signed-off-by: Mimi Zohar
---
security/integrity/ima/ima_crypto.c | 75 -
1 file changed, 73 insertions(+), 2 deletions
simplifies adding support for other files read by the kernel.
Signed-off-by: Mimi Zohar
---
security/integrity/iint.c | 4 ++--
security/integrity/ima/ima.h | 3 ++-
security/integrity/ima/ima_appraise.c | 35 ---
security/integrity/ima
the kexec changes
in "kexec: replace call to copy_file_from_fd() with kernel version".
Signed-off-by: Mimi Zohar
---
include/linux/ima.h | 8 +++
include/linux/security.h | 1 +
security/integrity/ima/ima.h | 4 +++-
security/integrity/ima
some of these differences.
This patch introduces a common function for reading files from the kernel
with the corresponding security post-read hook and function.
Changelog v3:
- additional bounds checking - Luis
v2:
- To simplify patch review, re-ordered patches
Signed-off-by: Mimi Zohar
Reviewed
This patch defines kernel_read_file_from_path(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the IMA patch
Signed-off-by: Mimi Zohar
---
fs/exec.c | 22 ++
include/linux/fs.h | 2 ++
2 files changed, 24 insertions(+)
diff --git a
This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the kernel modules patch
Signed-off-by: Mimi Zohar
---
fs/exec.c | 16
include/linux/fs.h | 2 ++
2 files changed, 18 insertions(+)
diff --git
y
Kees Cook.
Cc: Rusty Russell
Cc: Andrew Morton
Cc: Greg Kroah-Hartman
Cc: David Howells
Cc: Kees Cook
Cc: Casey Schaufler
Cc: Ming Lei
Cc: Takashi Iwai
Cc: Vojtěch Pavlík
Cc: Kyle McMartin
Cc: Matthew Garrett
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-of
> > Cc: Josh Boyer
> > Cc: David Howells
> > Cc: Luis R. Rodriguez
> > Cc: Mimi Zohar
>
> Thanks,
>
> Acked-by: Luis R. Rodriguez
>
> > ---
> > Suggested as an alternative to "[PATCH v3 06/22] firmware: fold successful
> > fw read e
On Thu, 2016-02-04 at 10:15 -0800, Kees Cook wrote:
> On Wed, Feb 3, 2016 at 11:06 AM, Mimi Zohar wrote:
> > For a while it was looked down upon to directly read files from Linux.
> > These days there exists a few mechanisms in the kernel that do just this
> > though to loa
On Thu, 2016-02-04 at 20:56 +0100, Luis R. Rodriguez wrote:
> On Wed, Feb 03, 2016 at 02:06:24PM -0500, Mimi Zohar wrote:
> > Replace copy_module_from_fd() with kernel_read_file_from_fd().
> >
> > Although none of the upstreamed LSMs define a kernel_module_from_file
> >
On Mon, 2016-02-08 at 10:45 +, Dmitry Kasatkin wrote:
> > > @@ -286,9 +322,12 @@ static ssize_t ima_write_policy(struct file *file,
> > > const char __user *buf,
> > > result = mutex_lock_interruptible(&ima_write_mutex);
> > > if (result < 0)
> > > goto out_free;
> >
On Sun, 2016-02-07 at 22:10 +0200, Petko Manolov wrote:
> On 16-02-03 14:06:27, Mimi Zohar wrote:
> > Option 3: incorportate the ima_hooks enumeration into kernel_read_file_id,
> > perhaps changing the enumeration name.
> >
> > For now, duplicate the new READI
On Wed, 2016-02-10 at 22:18 +0200, Dmitry Kasatkin wrote:
> > diff --git a/security/integrity/ima/ima_appraise.c
> > b/security/integrity/ima/ima_appraise.c
> > index cb0d0ff..6b4694a 100644
> > --- a/security/integrity/ima/ima_appraise.c
> > +++ b/security/integrity/ima/ima_appraise.c
> > @@ -74
On Wed, 2016-02-10 at 22:22 +0200, Dmitry Kasatkin wrote:
> On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote:
> > Add support for measuring and appraising the IMA policy itself.
> >
> > Signed-off-by: Mimi Zohar
>
> Acked-by: Dmitry Kasatkin
>
> But from
On Wed, 2016-02-10 at 23:09 +0200, Dmitry Kasatkin wrote:
> On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar wrote:
> > Add IMA policy support for measuring/appraising the kexec image and
> > initramfs.
> >
> > Moving the enumeration to the vfs layer simplified the patches, a
On Thu, 2016-02-11 at 01:55 +0200, Dmitry Kasatkin wrote:
> On Feb 11, 2016 1:22 AM, "Mimi Zohar" wrote:
> >
> > On Wed, 2016-02-10 at 23:09 +0200, Dmitry Kasatkin wrote:
> > > On Wed, Feb 3, 2016 at 9:06 PM, Mimi Zohar
> wrote:
> > > >
On Thu, 2016-02-11 at 10:47 +0200, Dmitry Kasatkin wrote:
> On Thu, Feb 11, 2016 at 4:08 AM, Mimi Zohar wrote:
> static int idmap[] = {
> [READING_FIRMWARE] = FIRMWARE_CHECK,
> [READING_MODULE] = MODULE_CHECK,
> ...
> };
That works nicely, even w
On Thu, 2016-02-11 at 08:54 -0800, Casey Schaufler wrote:
> On 2/3/2016 11:06 AM, Mimi Zohar wrote:
> > The kernel_read_file security hook is called prior to reading the file
> > into memory.
> >
> > Signed-off-by: Mimi Zohar
>
> Acked-by: Casey Schaufler
>
On Fri, 2016-02-12 at 20:53 +0800, Dave Young wrote:
> Hi, Mimi
>
> > diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> > index a5d2592..832e62a 100644
> > --- a/security/integrity/ima/ima.h
> > +++ b/security/integrity/ima/ima.h
> > @@ -147,6 +147,8 @@ enum ima_hooks {
>
.
Changelog v3:
- Replace the IMA specific enumeration with a generic one.
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc: Al Viro
---
fs/exec.c | 4 ++--
include/linux/fs.h| 7 ++-
include/linux/lsm_hooks.h | 4 +++-
include/linux
fer hash calculation function
ima: load policy using path
Kees Cook (1):
firmware: clean up filesystem load exit path
Luis R. Rodriguez (2):
firmware: simplify dev_*() print messages for generic helpers
firmware: move completing fw into a helper
Mimi Zohar (14):
vfs: define a generic func
From: Dmitry Kasatkin
This patch provides convenient buffer hash calculation function.
Changelog v3:
- fix while hash calculation - Dmitry
v1:
- rewrite to support loff_t sized buffers - Mimi
(based on Fenguang Wu's testing)
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi
Setting up ahash has some overhead. Only use ahash to calculate the
hash of a buffer, if the buffer is larger than ima_ahash_minsize.
Signed-off-by: Mimi Zohar
Acked-by: Dmitry Kasatkin
---
security/integrity/ima/ima_crypto.c | 75 -
1 file changed, 73
some of these differences.
This patch introduces a common function for reading files from the kernel
with the corresponding security post-read hook and function.
Changelog v3:
- additional bounds checking - Luis
v2:
- To simplify patch review, re-ordered patches
Signed-off-by: Mimi Zohar
Reviewed
ima_hash_and_process_file() to ima_post_read_file()
v1:
- split patch
Signed-off-by: Mimi Zohar
Acked-by: Dmitry Kasatkin
---
include/linux/ima.h | 8 +++
include/linux/security.h | 1 +
security/integrity/ima/ima.h | 4 +++-
security/integrity/ima/ima_api.c
The kernel_read_file security hook is called prior to reading the file
into memory.
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Acked-by: Casey Schaufler
---
fs/exec.c | 4
include/linux/ima.h | 6 ++
include
simplifies adding support for other files read by the kernel.
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry Kasatkin
---
security/integrity/iint.c | 4 ++--
security/integrity/ima/ima.h | 3 ++-
security/integrity/ima/ima_appraise.c | 35
a separate patch
v2:
- after re-ordering the patches, replace calling integrity_kernel_read()
to read the file with kernel_read_file_from_path() (Mimi)
- Patch description re-written by Luis R. Rodriguez
Signed-off-by: Dmitry Kasatkin
Signed-off-by: Mimi Zohar
---
include/linux/fs.h
:
- replaced switch statement with a kernel_read_file_id to an ima_hooks
id mapping array - Dmitry
- renamed ima_hook tokens KEXEC_CHECK and INITRAMFS_CHECK to
KEXEC_KERNEL_CHECK and KEXEC_INITRAMFS_CHECK respectively - Dave Young
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry
This patch defines kernel_read_file_from_fd(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the kernel modules patch
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc: Al Viro
Signed-off-by: Mimi Zohar
---
fs/exec.c | 16
include
This patch defines kernel_read_file_from_path(), a wrapper for the VFS
common kernel_read_file().
Changelog:
- Separated from the IMA patch
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc: Al Viro
---
fs/exec.c | 22 ++
include/linux
module
twice, once for measuring/appraising and again for loading the kernel
module, the signature validation is moved to the kernel_post_read_file()
security hook.
This patch removes the security_kernel_module_from_file() hook and security
call.
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked
, moving copy_file_from_fd() to a separate patch
- split patch, moving IMA changes to a separate patch
v0:
- use kstat file size type loff_t, not size_t
- Calculate the file hash from the in memory buffer - Dave Young
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
Cc
Require the IMA policy to be signed when additional rules can be added.
v1:
- initialize the policy flag
- include IMA_APPRAISE_POLICY in the policy flag
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry Kasatkin
---
security/integrity/ima/ima_policy.c | 7 +++
1 file
From: "Luis R. Rodriguez"
This will be re-used later through a new extensible interface.
Reviewed-by: Josh Boyer
Signed-off-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
---
drivers/base/firmware_class.c | 14 ++
1 file changed, 10 insert
Add support for measuring and appraising the IMA policy itself.
Changelog v4:
- use braces on both if/else branches, even if single line on one of the
branches - Dmitry
- Use the id mapping - Dmitry
Signed-off-by: Mimi Zohar
Acked-by: Petko Manolov
Acked-by: Dmitry Kasatkin
---
security
From: Kees Cook
This makes the error and success paths more readable while trying to
load firmware from the filesystem.
Signed-off-by: Kees Cook
Cc: Josh Boyer
Cc: David Howells
Acked-by: Luis R. Rodriguez
Signed-off-by: Mimi Zohar
---
drivers/base/firmware_class.c | 12 +---
1
kernel_fw_from_file() hook and security call.
Changelog v3:
- remove kernel_fw_from_file hook
- use kernel_file_read_from_path() - requested by Luis
v2:
- reordered and squashed firmware patches
- fix MAX firmware size (Kees Cook)
Signed-off-by: Mimi Zohar
Acked-by: Kees Cook
Acked-by: Luis R. Rodriguez
y
Kees Cook.
Cc: Rusty Russell
Cc: Andrew Morton
Cc: Greg Kroah-Hartman
Cc: David Howells
Cc: Kees Cook
Cc: Casey Schaufler
Cc: Ming Lei
Cc: Takashi Iwai
Cc: Vojtěch Pavlík
Cc: Kyle McMartin
Cc: Matthew Garrett
Cc: linux-ker...@vger.kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-of
Hi Dave,
On Wed, 2016-06-22 at 09:20 +0800, Dave Young wrote:
> On 06/20/16 at 10:44pm, Thiago Jung Bauermann wrote:
> > Hello,
> >
> > This patch series implements a mechanism which allows the kernel to pass on
> > a buffer to the kernel that will be kexec'd. This buffer is passed as a
> > segme
This patch defines the buffer identifier "KEXEC_CMDLINE_CHECK" for
measuring the boot command line.
eg: echo -n -e `cat /proc/cmdline | sed 's/^.*root=/root=/'` | sha256sum
Signed-off-by: Mimi Zohar
---
Documentation/ABI/testing/ima_policy | 1 +
include/linux/ima.h
measure the kexec boot command
line, while the latter could be used for including asymmetric key id
information.
Mimi Zohar (3):
ima: measure other types of data
kexec: measure boot command line
ima: add pre-calculated measurements (experimental)
Documentation/ABI/testing/ima_policy | 1
, buffer length and a buffer identifier.
Signed-off-by: Mimi Zohar
---
include/linux/ima.h | 11 +
security/integrity/ima/Makefile | 2 +-
security/integrity/ima/ima.h| 2 +
security/integrity/ima/ima_buffer.c | 82 +
security
1 - 100 of 518 matches
Mail list logo
