On Wed, 2023-09-13 at 15:09 +0300, Amir Goldstein wrote:
> On Wed, Sep 13, 2023 at 10:38 AM Amir Goldstein wrote:
> >
> > When storing IMA xattr on an overlayfs inode, the xattr is actually
> > stored in the inode of the underlying (a.k.a real) filesystem, so there
> > is an ambiguity whether this
On Wed, 2023-09-20 at 15:02 -0400, Ken Goldman wrote:
> On 9/13/2023 10:16 AM, Roberto Sassu wrote:
> > I think your document is a good candidate for being put in
> > Documentation/admin-guide/LSM/, once my patch set is upstreamed:
> > https://lore.kernel.org/linux-integrity/20230904133415.179950
On Thu, 2023-09-21 at 11:10 -0400, Jeff Layton wrote:
> On Thu, 2023-09-21 at 10:52 -0400, Mimi Zohar wrote:
> > On Thu, 2023-09-21 at 13:48 +0200, Christian Brauner wrote:
> > > On Thu, Sep 21, 2023 at 07:24:23AM -0400, Mimi Zohar wrote:
> > > > On Thu, 2023-09-
On Thu, 2023-09-21 at 06:32 -0400, Jeff Layton wrote:
> On Wed, 2023-09-20 at 17:52 -0700, Casey Schaufler wrote:
> > On 9/20/2023 5:10 PM, Stefan Berger wrote:
> > >
> > > On 9/20/23 18:09, Stefan Berger wrote:
> > > >
> > > > On 9/20/23 17:16, Jeff Layton wrote:
> > > > > On Wed, 2023-09-20 at
On Thu, 2023-09-21 at 13:48 +0200, Christian Brauner wrote:
> On Thu, Sep 21, 2023 at 07:24:23AM -0400, Mimi Zohar wrote:
> > On Thu, 2023-09-21 at 06:32 -0400, Jeff Layton wrote:
> > > On Wed, 2023-09-20 at 17:52 -0700, Casey Schaufler wrote:
> > > > On 9/20/202
On Thu, 2023-09-21 at 11:39 -0400, Jeff Layton wrote:
> On Thu, 2023-09-21 at 11:19 -0400, Mimi Zohar wrote:
> > On Thu, 2023-09-21 at 11:10 -0400, Jeff Layton wrote:
> > > On Thu, 2023-09-21 at 10:52 -0400, Mimi Zohar wrote:
> > > > On Thu, 2023-09-21 at 13:48
On Thu, 2023-09-21 at 20:01 +0300, Amir Goldstein wrote:
> On Thu, Sep 21, 2023 at 7:31 PM Mimi Zohar wrote:
> >
> > On Thu, 2023-09-21 at 11:39 -0400, Jeff Layton wrote:
> > > On Thu, 2023-09-21 at 11:19 -0400, Mimi Zohar wrote:
> > > > On Thu, 2023-09-
On Mon, 2023-09-25 at 21:20 -0700, Oleksandr Tymoshenko wrote:
> On Wed, Sep 20, 2023 at 11:45 PM Oleksandr Tymoshenko wrote:
> >
> > The removal of IMA_TRUSTED_KEYRING made IMA_LOAD_X509
> > and IMA_BLACKLIST_KEYRING unavailable because the latter
> > two depend on the former. Since IMA_TRUSTED_K
On Wed, 2023-09-27 at 09:22 +0200, Arnd Bergmann wrote:
> From: Arnd Bergmann
>
> Changing the direct dependencies of IMA_BLACKLIST_KEYRING and
> IMA_LOAD_X509 caused them to no longer depend on IMA, but a
> a configuration without IMA results in link failures:
>
> arm-linux-gnueabi-ld: security
On Thu, 2023-10-05 at 16:22 +0300, Amir Goldstein wrote:
> On Thu, Oct 5, 2023 at 4:14 PM Mimi Zohar wrote:
> >
> > On Thu, 2023-10-05 at 13:26 +0300, Amir Goldstein wrote:
> > > On Thu, Oct 5, 2023 at 12:59 PM syzbot
> > > wrote:
> > > >
> >
On Thu, 2023-10-05 at 13:26 +0300, Amir Goldstein wrote:
> On Thu, Oct 5, 2023 at 12:59 PM syzbot
> wrote:
> >
> > Hello,
> >
> > syzbot tried to test the proposed patch but the build/boot failed:
>
> My mistake. Please try again:
>
> #syz test: https://github.com/amir73il/linux ima-ovl-fix
Tha
Hi Linus,
Two additional patches to fix the removal of the deprecated
IMA_TRUSTED_KEYRING Kconfig.
thanks,
Mimi
The following changes since commit 6465e260f48790807eef06b583b38ca9789b6072:
Linux 6.6-rc3 (2023-09-24 14:31:13 -0700)
are available in the Git repository at:
git://git.kernel.
Hi Summit,
On Thu, 2023-10-05 at 19:03 +0530, Sumit Garg wrote:
> Static calls invocations aren't well supported from module __init and
> __exit functions, especially the static call from cleanup_trusted() led
> to a crash on x86 kernel with CONFIG_DEBUG_VIRTUAL=y.
Split the above paragraph into
ence.
> > >
> > > Reported-by: syzbot+a67fc5321ffb4b311...@syzkaller.appspotmail.com
> > > Fixes: db1d1e8b9867 ("IMA: use vfs_getattr_nosec to get the i_version")
> > > Cc: Alexander Viro
> > > Cc: linux-fsde...@vger.kernel.org
> > > Cc: Miklos
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change ima_inode_post_setattr() definition, so that it can be registered as
> implementation of the inode_post_setattr hook.
Please indicate inode_post_settattr() is a new hook. In general it
should be stated on f
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change ima_post_path_mknod() definition, so that it can be registered as
> implementation of the path_post_mknod hook. Since LSMs see a umask-stripped
> mode from security_path_mknod(), pass the same to ima_post_pat
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change ima_file_mprotect() definition, so that it can be registered
> as implementation of the file_mprotect hook.
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Stefan Berger
> ---
> include/linux/ima.h
On Wed, 2023-10-11 at 18:02 +0200, Roberto Sassu wrote:
> On Wed, 2023-10-11 at 10:38 -0400, Mimi Zohar wrote:
> > On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> > > From: Roberto Sassu
> > >
> > > Change ima_post_path_mknod() definit
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change ima_inode_setxattr() definition, so that it can be registered as
> implementation of the inode_setxattr hook.
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Stefan Berger
Reviewed-by: Mimi Zohar
On Wed, 2023-10-11 at 17:43 +0200, Roberto Sassu wrote:
> On Wed, 2023-10-11 at 10:51 -0400, Mimi Zohar wrote:
> > On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> > > From: Roberto Sassu
> > >
> > > Change ima_file_mprotect() definition, s
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change ima_post_read_file() definition, so that it can be registered as
> implementation of the post_read_file hook.
The only change here is making "void *buf" a "char *buf".
thanks,
Mimi
> Signed-off-by: Robert
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change evm_inode_post_setattr() definition, so that it can be registered as
> implementation of the inode_post_setattr hook.
Refer to comments on 1/25.
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Stefan Berg
cked-by: Casey Schaufler
Reviewed-by: Mimi Zohar
On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change evm_inode_post_setxattr() definition, so that it can be registered
> as implementation of the inode_post_setxattr hook.
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Stefan Berge
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Change evm_inode_setxattr() definition, so that it can be registered as
> implementation of the inode_setxattr hook.
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Stefan Berger
Re
could similarly update security xattrs or ...
>
> Signed-off-by: Roberto Sassu
Reviewed-by: Mimi Zohar
The new hook cannot return an error and cannot cause
> the operation to be reverted.
>
> Signed-off-by: Roberto Sassu
Refer to the patch description comments for 12/25.
Otherwise,
Reviewed-by: Mimi Zohar
On Thu, 2023-10-12 at 09:42 +0200, Roberto Sassu wrote:
> On Wed, 2023-10-11 at 20:08 -0400, Mimi Zohar wrote:
> > gOn Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> > > From: Roberto Sassu
> > >
> > > In preparation for moving IMA and EVM to the LSM
On Thu, 2023-10-12 at 09:29 +0200, Roberto Sassu wrote:
> On Wed, 2023-10-11 at 15:01 -0400, Mimi Zohar wrote:
> > On Wed, 2023-10-11 at 18:02 +0200, Roberto Sassu wrote:
> > > On Wed, 2023-10-11 at 10:38 -0400, Mimi Zohar wrote:
> > > > On Mon, 2023-09-04 at 15
On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> In preparation to move IMA and EVM to the LSM infrastructure, introduce the
> file_post_open hook. Also, export security_file_post_open() for NFS.
>
> It is useful for IMA to calculate the dhigest of the file conte
On Thu, 2023-10-12 at 14:19 +0200, Roberto Sassu wrote:
> On Thu, 2023-10-12 at 07:42 -0400, Mimi Zohar wrote:
> > On Thu, 2023-10-12 at 09:29 +0200, Roberto Sassu wrote:
> > > On Wed, 2023-10-11 at 15:01 -0400, Mimi Zohar wrote:
> > > > On Wed, 2023-10-11 at 18
On Thu, 2023-10-12 at 14:45 +0200, Roberto Sassu wrote:
> On Thu, 2023-10-12 at 08:36 -0400, Mimi Zohar wrote:
> > On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> > > From: Roberto Sassu
> > >
> > > In preparation to move IMA and EVM to the LSM
> > > > > We need to make sure that ima_post_path_mknod() has the same
> > > > > parameters
> > > > > as the LSM hook at the time we register it to the LSM infrastructure.
> > > >
> > > > I'm trying to understand why the pre hook parameters and the missing
> > > > IMA parameter are used, as oppos
On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> In preparation for moving IMA and EVM to the LSM infrastructure, introduce
> the path_post_mknod hook.
>
> It is useful for IMA to let new empty files be subsequently opened for
> further modification.
(Please rem
On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> In preparation for moving IMA and EVM to the LSM infrastructure, introduce
> the inode_post_create_tmpfile hook.
>
> It is useful for IMA to mark new temp files as successfully appraised and
> let them be subsequen
On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> In preparation for moving IMA and EVM to the LSM infrastructure, introduce
> the inode_post_set_acl hook.
>
> It is useful for EVM to recalculate the HMAC on the modified POSIX ACL and
> other file metadata, after
On Mon, 2023-09-04 at 15:40 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
> LSMs can benefit from this hook to make their decision on the new or
> successfully updated key content.
Without a good example, writing examples is hard. As this is a void
function, what decision? Please try and
On Mon, 2023-09-04 at 15:34 +0200, Roberto Sassu wrote:
[..]
> It is useful for IMA to calculate the digest of the file content, just
> before a file descriptor is closed, and update the security.ima xattr with
> the new value.
--> before the last file descriptor opened for write is closed
--
t
On Mon, 2023-09-04 at 15:40 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> Remove hardcoded IMA function calls (not for appraisal) from the LSM
> infrastructure, the VFS, NFS and the key subsystem.
>
> Make those functions as static (except for ima_file_check() which is
> exported, and im
On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> IMA and EVM are not effectively LSMs, especially due the fact that in the
> past they could not provide a security blob while there is another LSM
> active.
>
> That changed in the recent years, the LSM stacking fe
may also
be vouched for by a key on the machine keyring.
Prevent loading additional certificates directly onto the secondary
keyring, vouched for by keys on the machine keyring, yet allow these
certificates to be loaded onto other trusted keyrings.
Signed-off-by: Mimi Zohar
---
certs/Kconfig
On Thu, 2023-10-05 at 12:32 +0200, Mickaël Salaün wrote:
> > > > A complementary approach would be to create an
> > > > LSM (or a dedicated interface) to tie certificate properties to a set of
> > > > kernel usages, while still letting users configure these constraints.
> > >
> > > That is an inte
On Tue, 2023-10-17 at 11:45 -0400, Paul Moore wrote:
> On Tue, Oct 17, 2023 at 9:48 AM Mimi Zohar wrote:
> > On Thu, 2023-10-05 at 12:32 +0200, Mickaël Salaün wrote:
> > > > > > A complementary approach would be to create an
> > > > > > LSM (or a dedic
On Tue, 2023-10-17 at 13:29 -0400, Paul Moore wrote:
> On Tue, Oct 17, 2023 at 1:09 PM Mimi Zohar wrote:
> > On Tue, 2023-10-17 at 11:45 -0400, Paul Moore wrote:
> > > On Tue, Oct 17, 2023 at 9:48 AM Mimi Zohar wrote:
> > > > On Thu, 2023-10-05 at 12:
On Wed, 2023-10-18 at 11:31 +0200, Roberto Sassu wrote:
> On Tue, 2023-10-17 at 18:07 +0200, Roberto Sassu wrote:
> > On Tue, 2023-10-17 at 11:58 -0400, Paul Moore wrote:
> > > On Tue, Oct 17, 2023 at 3:01 AM Roberto Sassu
> > > wrote:
> > > > On Mon, 2023-10-16 at 11:06 -0400, Paul Moore wrote:
>
On Wed, 2023-10-18 at 12:35 -0400, Paul Moore wrote:
> On Wed, Oct 18, 2023 at 10:15 AM Roberto Sassu
> wrote:
> > On 10/18/2023 3:09 PM, Mimi Zohar wrote:
>
> ...
>
> > > I agree with Roberto. All three should be defined: LSM_ID_INTEGRITY,
> > > LSM_ID
On Sun, 2023-10-22 at 12:17 +0530, Prasad Pandit wrote:
> From: Prasad Pandit
>
> Fix indentation of config attributes. Attributes are generally
> indented with a leading tab(\t) character.
>
> Signed-off-by: Prasad Pandit
Thanks, applied.
Mimi
verlay file, by comparing the i_version, as stored in the iint,
with the backing file's i_version.
Signed-off-by: Mimi Zohar
---
fs/overlayfs/super.c | 2 +-
security/integrity/ima/ima_api.c | 1 +
security/integrity/ima/ima_main.c | 21 -
3 files changed,
file's metadata. Verifying just the i_version has not changed
is insufficient. In addition save and compare the i_ino and i_rdev
as well.
Signed-off-by: Mimi Zohar
---
Changelog:
- Changes made based on Amir's review: removal of unnecessary overlay
magic test, verify i_version, i_ino and i_r
On Tue, 2023-10-24 at 02:28 +0300, Jarkko Sakkinen wrote:
> On Tue Oct 17, 2023 at 3:25 PM EEST, Mimi Zohar wrote:
> > Originally the secondary trusted keyring provided a keyring to which extra
> > keys may be added, provided those keys were not blacklisted and were
> > vouch
file's metadata. Verifying just the i_version has not changed
is insufficient. In addition save and compare the i_ino and s_dev
as well.
Signed-off-by: Mimi Zohar
---
Changelog:
- Changes made based on Amir's review:
v2: Use s_dev, not i_rdev. Limit setting real_ino, real_dev.
v1: Removal of
On Wed, 2023-10-25 at 08:59 -0600, Raul Rangel wrote:
> On Wed, Oct 25, 2023 at 8:39 AM Mimi Zohar wrote:
> > + if (!IS_I_VERSION(backing_inode) ||
> > + backing_inode->i_sb->s_dev != iint->real_dev ||
> > + backing_
On Wed, 2023-10-25 at 16:27 +, Eric Snowberg wrote:
>
> > On Oct 25, 2023, at 8:39 AM, Mimi Zohar wrote:
> >
> > Commit 18b44bc5a672 ("ovl: Always reevaluate the file signature for
> > IMA") forced signature re-evaulation on every file access.
> &g
avoid lockdep false positive warnings
Mimi Zohar (2):
certs: Only allow certs signed by keys on the builtin keyring
ima: detect changes to the backing overlay file
Prasad Pandit (1):
integrity: fix indentation of config attributes
certs/Kconfig | 16
>
> Signed-off-by: Roberto Sassu
> Reviewed-by: Stefan Berger
Reviewed-by: Mimi Zohar
On Fri, 2023-10-27 at 10:35 +0200, Roberto Sassu wrote:
> diff --git a/security/security.c b/security/security.c
> index 622c24cbfbb6..6ca8fdd1f037 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2406,6 +2406,23 @@ int security_inode_remove_acl(struct mnt_idmap *idmap,
>
On Fri, 2023-10-27 at 10:35 +0200, Roberto Sassu wrote:
> From: Roberto Sassu
>
> IMA and EVM are not effectively LSMs, especially due to the fact that in
> the past they could not provide a security blob while there is another LSM
> active.
>
> That changed in the recent years, the LSM stacking
On Fri, 2023-10-27 at 10:35 +0200, Roberto Sassu wrote:
> diff --git a/security/security.c b/security/security.c
> index 2ee958afaf40..d24a8f92d641 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2947,6 +2947,23 @@ int security_file_open(struct file *file)
> return fsno
Hi Eric,
The subject line is referred to as the 'summary' phrase. As far as I'm
aware the length is still between 70-75 charcaters. Refer to
https://www.kernel.org/doc/Documentation/process/submitting-patches.rst
.
On Thu, 2023-11-02 at 13:06 -0400, Eric Snowberg wrote:
> When the machine keyr
nd commented on the entire patch set.
Reviewed-by: Mimi Zohar h
In preparation for replacing the library global public_keys variable,
which is not concurrency-safe, with a local variable, rename public_keys
to g_public_keys.
Signed-off-by: Mimi Zohar
---
src/libimaevm.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src
ned-off-by: Mimi Zohar
---
src/evmctl.c | 18 +++---
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
index f796edfce5f1..ad4565b3ee52 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1614,7 +1614,7 @@ static int lookup_template_name_
On failure to allocate memory, free the public keys list.
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 1 +
src/libimaevm.c | 17 +
2 files changed, 18 insertions(+)
diff --git a/src/imaevm.h b/src/imaevm.h
index 18d7b0e447e1..828976e52881 100644
--- a/src/imaevm.h
+++ b
Update the static verify_ima() fucntion definition to include "public_keys".
Replace calling init_public_keys() with the init_public_keys2() version.
Similarly replace ima_verify_signature() with the ima_verify_signature2()
version.
Free the local public keys list.
Signed-off-by:
Instead of relying on the "imaevm_params.algo" global variable, which
is not concurrency-safe, define and use a local file hash algorithm
variable.
Update calc_evm_hash(), verify_hash2().
Signed-off-by: Mimi Zohar
---
src/evmctl.c | 19 ++-
1 file changed, 10 insert
Replace calling init_public_keys() with the init_public_keys2() version.
Similarly replace verify_hash() with the verify_hash2() version.
Update the static function verify_evm() definition to include a
"public_keys" parameter.
Free the local public keys list.
Signed-off-by: Mimi Zohar
calc_hash2().
Deprecate ima_calc_hash().
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 1 +
src/libimaevm.c | 12
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index 1ed2c81d510d..81acd8df41cb 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -23
rly update ima_verify_signature2() and ima_calc_hash2() to define
and use a local hash algorithm variable.
Signed-off-by: Mimi Zohar
---
src/libimaevm.c | 40
1 file changed, 24 insertions(+), 16 deletions(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 4c
Instead of relying on the "imaevm_params.keypass" global variable, which
is not concurrency-safe, add keypass as a parameter to the static library
functions definitions. Update function callers.
To avoid library incompatablity, don't remove imaevm_params.keypass
variable.
Sign
) function.
Replace using the library function ima_calc_hash() with ima_calc_hash2().
Signed-off-by: Mimi Zohar
---
src/evmctl.c | 21 +++--
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
index 7ae897d8b8b3..b802eeb1bf15 100644
--- a/src/evmc
key password.
To avoid library incompatability, make the existing functions wrappers
for the new function versions.
Mimi Zohar (12):
Rename "public_keys" to "g_public_keys"
Free public keys list
Update library function definitions to include a "public_keys"
y, make the existing
function verify_hash() a function wrapper for verify_hash2().
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 1 +
src/libimaevm.c | 9 +
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index 146123ba5c42..1ed2c81d510d 10064
ate init_public_keys(), verify_hash(), ima_verify_signature()
functions.
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 2 ++
src/libimaevm.c | 94 +
2 files changed, 74 insertions(+), 22 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index 828976
Hi Stefan,
On Fri, 2023-11-10 at 15:21 -0500, Stefan Berger wrote:
> Address issues raised by shellcheck SC2320:
> "This $? refers to echo/printf, not a previous command.
>Assign to variable to avoid it being overwritten."
>
> Signed-off-by: Stefan Berger
> ---
> tests/Makefile.am
On Wed, 2023-11-22 at 08:37 -0500, Stefan Berger wrote:
>
> On 11/19/23 11:50, Mimi Zohar wrote:
> > Instead of relying on the "imaevm_params.algo" global variable, which
> > is not concurrency-safe, define and use a local variable.
> >
> > Update static
On Wed, 2023-11-22 at 09:33 -0500, Stefan Berger wrote:
>
> On 11/22/23 09:14, Mimi Zohar wrote:
> > On Wed, 2023-11-22 at 08:37 -0500, Stefan Berger wrote:
> >>
>
> >> Now you are passing valid parameters into verify_hash2(). Would it not
> >> be possib
On Wed, 2023-11-22 at 09:22 -0500, Stefan Berger wrote:
>
> On 11/19/23 11:50, Mimi Zohar wrote:
> > Instead of relying on the "imaevm_params.keypass" global variable, which
> > is not concurrency-safe, add keypass as a parameter to the static library
> > funct
A and EVM functions as when they were hardcoded.
> >>>>>>
> >>>>>> Prefer reserving space for a pointer to allocating the
> >>>>>> integrity_iint_cache
> >>>>>> structure directly, as IMA would require
On Mon, 2023-12-04 at 07:35 -0500, James Bottomley wrote:
> On Mon, 2023-12-04 at 04:29 +0200, Jarkko Sakkinen wrote:
> > On Sun Nov 26, 2023 at 5:05 PM EET, James Bottomley wrote:
> > > On Sun, 2023-11-26 at 05:39 +0200, Jarkko Sakkinen wrote:
> > > > One very obvious thing to fix there is the kco
On Mon, 2023-12-04 at 08:53 -0500, James Bottomley wrote:
> On Mon, 2023-12-04 at 08:43 -0500, Mimi Zohar wrote:
> > On Mon, 2023-12-04 at 07:35 -0500, James Bottomley wrote:
> > > On Mon, 2023-12-04 at 04:29 +0200, Jarkko Sakkinen wrote:
> > > > On Sun Nov 26, 2023 a
On Mon, 2023-12-04 at 09:02 -0500, James Bottomley wrote:
> On Mon, 2023-12-04 at 08:59 -0500, Mimi Zohar wrote:
> > On Mon, 2023-12-04 at 08:53 -0500, James Bottomley wrote:
> > > On Mon, 2023-12-04 at 08:43 -0500, Mimi Zohar wrote:
> [...]
> > > > Is there a way
; > > original ordering
> > > > > > > > > of IMA and EVM functions as when they were hardcoded.
> > > > > > > > >
> > > > > > > > > Prefer reserving space for a pointer to allocating the
> > > > > > > > > integrity
On Wed, 2023-12-06 at 14:10 +0100, Roberto Sassu wrote:
> On Mon, 2023-12-04 at 14:26 +0100, Roberto Sassu wrote:
...
> > If the result of this patch set should be that IMA and EVM become
> > proper LSMs without the shared integrity layer, instead of collapsing
> > all changes in this patch set, I
unction is defined as an int. Check the
return value.
- Update sign_{ima,evm} function definitions to include the hash
algorithm as a paramater.
- Added Stefan's "Reviewed-by" tag.
Mimi Zohar (13):
Rename "public_keys" to "g_public_keys"
Free public key
On failure to allocate memory, free the public keys list.
Reviewed-by: Stefan Berger
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 1 +
src/libimaevm.c | 17 +
2 files changed, 18 insertions(+)
diff --git a/src/imaevm.h b/src/imaevm.h
index 18d7b0e447e1..470e8376f2fb 100644
In preparation for replacing the library global public_keys variable,
which is not concurrency-safe, with a local variable, rename public_keys
to g_public_keys.
Reviewed-by: Stefan Berger
Signed-off-by: Mimi Zohar
---
src/libimaevm.c | 12 ++--
1 file changed, 6 insertions(+), 6
calc_hash2().
Deprecate ima_calc_hash().
Reviewed-by: Stefan Berger
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 1 +
src/libimaevm.c | 12
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index 99987140c278..69b6b42806d4 100644
--- a/src/imae
Update the static verify_ima() function definition to include
"public_keys".
Replace calling init_public_keys() with the imaevm_init_public_keys()
version. Similarly replace ima_verify_signature() with the
ima_verify_signature2() version.
Free the local public keys list.
Signed-of
rly update ima_verify_signature2() and ima_calc_hash2() to define
and use a local hash algorithm variable.
Signed-off-by: Mimi Zohar
---
src/libimaevm.c | 48
1 file changed, 28 insertions(+), 20 deletions(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index c1
Replace calling init_public_keys() with the imaevm_init_public_keys()
version. Similarly replace verify_hash() with the imaevm_verify_hash()
version.
Update the static function verify_evm() definition to include a
"public_keys" parameter.
Free the local public keys list.
Signed-of
The library sign_hash() definition already includes a key password as a
parameter, but it isn't passed on to sign_hash_v*() functions. Update
the sign_hash_v*() function definitions and callers.
Signed-off-by: Mimi Zohar
---
src/libimaevm.c | 18 ++
1 file change
versions.
Deprecate init_public_keys(), verify_hash(), ima_verify_signature()
functions.
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 4 +++
src/libimaevm.c | 85 -
2 files changed, 67 insertions(+), 22 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.
Instead of relying on the "imaevm_params.algo" global variable, which
is not concurrency-safe, define and use a local file hash algorithm
variable.
Update calc_evm_hash(), imaevm_verify_hash().
Reviewed-by: Stefan Berger
Signed-off-by: Mimi Zohar
---
src/evmctl.c | 19 ++--
) function.
Replace using the library function ima_calc_hash() with ima_calc_hash2().
Signed-off-by: Mimi Zohar
---
src/evmctl.c | 34 +-
1 file changed, 17 insertions(+), 17 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
index 9e1f4e33bc01..8eb2c46fbff0 100644
Instead of relying on the "imaevm_parrams.keypass" global variable,
which is not concurrency-safe, define and use a file specific variable.
To avoid library incompatibility, don't remove imaevm_params.keypass
variable.
Signed-off-by: Mimi Zohar
---
src/evmctl.c | 17 +-
t.
Signed-off-by: Mimi Zohar
---
src/evmctl.c | 26 ++
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
index 06cdffdd3755..5aea3652c80f 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1625,7 +1625,7 @@ static int lookup_template_
ify_hash()
definition.
Signed-off-by: Mimi Zohar
---
src/imaevm.h| 3 +++
src/libimaevm.c | 13 +++--
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index b29a4745fc77..99987140c278 100644
--- a/src/imaevm.h
+++ b/src/imaevm.
On Fri, 2023-12-01 at 08:31 -0500, Stefan Berger wrote:
> Enable shellcheck for the bash scripts in the tests directory. Fix issues
> on the way that are found when particular checks are enabled. In the end
> all shellcheck v0.9 checks are enabled and shellcheck passes without any
> issues.
>
> Sh
On Tue, 2023-12-12 at 14:13 +0100, Roberto Sassu wrote:
> On 12.12.23 11:44, Amir Goldstein wrote:
> > On Tue, Dec 12, 2023 at 12:25 PM Roberto Sassu
> > wrote:
> >>
> >> On 11.12.23 19:01, Christian Brauner wrote:
> The second problem is that one security.evm is not enough. We need two,
> >>
calculation.
Roberto is currently working on making IMA and EVM full fledged LSMs.
Add Roberto as an IMA and EVM maintainer.
Signed-off-by: Mimi Zohar
---
MAINTAINERS | 2 ++
1 file changed, 2 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 012df8ccf34e..ffaac404d1e0 100644
--- a
1 - 100 of 342 matches
Mail list logo
