On Mon, Sep 28, 2020 at 5:36 PM David Laight wrote:
>
> From: Dmitry Kasatkin
> > Sent: 28 September 2020 15:03
> >
> > "copy_mount_options" function came to my eyes.
> > It splits copy into 2 pieces - over page boundaries.
> > I wonder what is the re
Hi,
"copy_mount_options" function came to my eyes.
It splits copy into 2 pieces - over page boundaries.
I wonder what is the real reason for doing this?
Original comment was that we need exact bytes and some user memcpy
functions do not return correct number on page fault.
But how would all othe
On 13/03/2019 16:38, gre...@linuxfoundation.org wrote:
On Wed, Mar 13, 2019 at 02:12:30PM +, Dmitry Kasatkin wrote:
From: Sasha Levin
Sent: Tuesday, March 12, 2019 1:16 AM
To: Dmitry Kasatkin
Cc: Al Viro; yuehaibing; linux-kernel@vger.kernel.org;
linux-fsde...@vger.kernel.org
From: Sasha Levin
Sent: Tuesday, March 12, 2019 1:16 AM
To: Dmitry Kasatkin
Cc: Al Viro; yuehaibing; linux-kernel@vger.kernel.org;
linux-fsde...@vger.kernel.org; keesc...@chromium.org; sta...@vger.kernel.org;
gre...@google.com
Subject: Re: [PATCH -next] exec: Fix mem leak in
From: Al Viro on behalf of Al Viro
Sent: Tuesday, February 19, 2019 4:25 AM
To: yuehaibing
Cc: linux-kernel@vger.kernel.org; linux-fsde...@vger.kernel.org; Dmitry
Kasatkin; keesc...@chromium.org
Subject: Re: [PATCH -next] exec: Fix mem leak in kernel_read_file
On Tue, Feb 19, 2019 at 10
Hi,
I will have a look to patches.
Thanks,
Dmitry
On Tue, Aug 14, 2018 at 9:34 PM James Morris wrote:
>
> On Tue, 14 Aug 2018, David Jacobson wrote:
>
> > This patchset introduces evmtest — a stand alone tool for regression
> > testing IMA.
>
> Nice!
>
> I usually run the SELinux testsuite as a
Looks goo, you also updated comments of location of some functions.
Acked-by: Dmitry Kasatkin
Thanks
From: Vasily Averin [v...@virtuozzo.com]
Sent: Friday, June 01, 2018 7:29 PM
To: Andrew Morton; linux-kernel@vger.kernel.org
Cc: Dmitry Kasatkin
Subject
Hi,
Could I ask FS maintainers to test IMA with this patch additionally
and provide ack/tested.
We tested but may be you have and some special testing.
Thanks in advance,
Dmitry
On Tue, Dec 5, 2017 at 9:06 PM, Dmitry Kasatkin
wrote:
> The original design was discussed 3+ years ago, but
the process_measurement()
Signed-off-by: Dmitry Kasatkin
---
security/integrity/iint.c | 2 +
security/integrity/ima/ima_appraise.c | 27 +++---
security/integrity/ima/ima_main.c | 70 ---
security/integrity/integrity.h| 18 +++
On 04/12/17 17:40, Dmitry Kasatkin wrote:
On 04/12/17 15:42, Roberto Sassu wrote:
On 12/4/2017 1:06 PM, Mimi Zohar wrote:
Hi Dmitry,
On Fri, 2017-12-01 at 20:40 +0200, Dmitry Kasatkin wrote:
The original design was discussed 3+ years ago, but was never
completed/upstreamed.
Based on the
On 04/12/17 15:42, Roberto Sassu wrote:
On 12/4/2017 1:06 PM, Mimi Zohar wrote:
Hi Dmitry,
On Fri, 2017-12-01 at 20:40 +0200, Dmitry Kasatkin wrote:
The original design was discussed 3+ years ago, but was never
completed/upstreamed.
Based on the recent discussions with Linus
https
ename attr_flags to atomic_flags
Changes in v2:
* revert taking the i_mutex in integrity_inode_get() so that iint allocation
could be done with i_mutex taken
* move taking the i_mutex from appraisal code to the process_measurement()
Signed-off-by: Dmitry Kasatkin
---
security/integrity/iint.c
On Thu, Nov 10, 2016 at 4:56 PM, Mimi Zohar wrote:
> [Posting with abbreviated Cc list.]
>
> The TPM PCRs are only reset on a hard reboot. In order to validate a
> TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
> of the running kernel must be saved and then restored on t
On Thu, Nov 10, 2016 at 4:56 PM, Mimi Zohar wrote:
> The TPM PCRs are only reset on a hard reboot. In order to validate a
> TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
> of the running kernel must be saved and restored on boot. This patch
> restores the measurement l
On Fri, Oct 21, 2016 at 5:44 AM, Thiago Jung Bauermann
wrote:
> From: Mimi Zohar
>
> The builtin and single custom templates are currently stored in an
> array. In preparation for being able to restore a measurement list
> containing multiple builtin/custom templates, this patch stores the
> bui
On Fri, Oct 21, 2016 at 5:44 AM, Thiago Jung Bauermann
wrote:
> From: Mimi Zohar
>
> In preparation for serializing the binary_runtime_measurements, this patch
> maintains the amount of memory required.
>
> Changelog v5:
> - replace CONFIG_KEXEC_FILE with architecture CONFIG_HAVE_IMA_KEXEC (Thiag
On Fri, Oct 21, 2016 at 5:44 AM, Thiago Jung Bauermann
wrote:
> From: Mimi Zohar
>
> Measurements carried across kexec need to be added to the IMA
> measurement list, but should not prevent measurements of the newly
> booted kernel from being added to the measurement list. This patch
> adds suppo
On Fri, Oct 21, 2016 at 5:44 AM, Thiago Jung Bauermann
wrote:
> From: Mimi Zohar
>
> The TPM PCRs are only reset on a hard reboot. In order to validate a
> TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
> of the running kernel must be saved and restored on boot. This p
Hi,
Yes, please make a patch.
Thanks for noticing,
Dmitry
From: Andreas Ziegler [andreas.zieg...@fau.de]
Sent: Tuesday, January 26, 2016 5:39 PM
To: Dmitry Kasatkin
Cc: David Howells; James Morris; Serge E. Hallyn; linux-kernel@vger.kernel.org
Subject
Hi,
Updated in the patch.
http://git.kernel.org/cgit/linux/kernel/git/kasatkin/linux-digsig.git/log/?h=ima-next
Dmitry
On Fri, Oct 23, 2015 at 9:30 PM, Mimi Zohar wrote:
> On Thu, 2015-10-22 at 21:49 +0300, Dmitry Kasatkin wrote:
>> Crypto HW kernel module can possibly initialize EVM
Hi,
I added error printing to the patch
http://git.kernel.org/cgit/linux/kernel/git/kasatkin/linux-digsig.git/log/?h=ima-next
Dmitry
On Fri, Oct 23, 2015 at 9:31 PM, Mimi Zohar wrote:
> On Thu, 2015-10-22 at 21:49 +0300, Dmitry Kasatkin wrote:
>> In order to enable EVM before start
From: Petko Manolov [pet...@mip-labs.com]
Sent: Friday, October 23, 2015 4:05 PM
To: Dmitry Kasatkin
Cc: zo...@linux.vnet.ibm.com; linux-ima-de...@lists.sourceforge.net;
linux-security-mod...@vger.kernel.org; linux-kernel@vger.kernel.org; Dmitry
Kasatkin
its to enable EVM if key of any type
is loaded.
Changes in v2:
* EVM_STATE_KEY_SET replaced by EVM_INIT_HMAC
* EVM_STATE_X509_SET replaced by EVM_INIT_X509
Signed-off-by: Dmitry Kasatkin
---
security/integrity/evm/evm.h| 3 +++
security/integrity/evm/evm_crypto.c | 2 ++
security/integrity/
signature we may need to re-verify
the signature and update iint->flags that there is EVM
signature.
This patch enables that by resetting evm_status to
INTEGRITY_UKNOWN state.
Changes in v2:
* Flag setting moved to EVM layer
Signed-off-by: Dmitry Kasatkin
---
security/integrity/evm
This patch imposes minimum key size limit.
It declares EVM_MIN_KEY_SIZE and EVM_MAX_KEY_SIZE in public header file.
Signed-off-by: Dmitry Kasatkin
---
include/linux/evm.h | 3 +++
security/integrity/evm/evm_crypto.c | 7 +++
2 files changed, 6 insertions(+), 4 deletions
ity. (Mimi Zohar)
Signed-off-by: Dmitry Kasatkin
---
security/integrity/Kconfig| 11 +++
security/integrity/digsig.c | 14 --
security/integrity/evm/evm_main.c | 8 +---
security/integrity/ima/Kconfig| 5 -
security/integrity/ima/ima.h
g moved to evm_set_key
* EVM_INIT_HMAC moved to evm_set_key
* added bitop to prevent key setting race
Changes in v2:
* use size_t for key size instead of signed int
* provide EVM_MAX_KEY_SIZE macro in
* provide EVM_MIN_KEY_SIZE macro in
Signed-off-by: Dmitry Kasatkin
---
include/l
previously sent for review few months ago. Please refer to the patch
descriptions for details.
BR,
Dmitry
Dmitry Kasatkin (6):
integrity: define '.evm' as a builtin 'trusted' keyring
evm: load x509 certificate from the kernel
evm: enable EVM when X509 certificate is lo
patch changed to /etc/keys
Signed-off-by: Dmitry Kasatkin
---
security/integrity/evm/Kconfig| 17 +
security/integrity/evm/evm_main.c | 7 +++
security/integrity/iint.c | 1 +
security/integrity/integrity.h| 8
4 files changed, 33 insertions
Hi,
Apply this patch, please...
Dmitry
On Thu, Sep 10, 2015 at 10:06 PM, Dmitry Kasatkin
wrote:
> If IMA_LOAD_X509 is enabled either directly or indirectly via
> IMA_APPRAISE_SIGNED_INIT, it enables certificate loading to the IMA trusted
> keyring from the kernel. Due to the
certificate verification result and allowed to load self-signed or
wrongly signed certificates.
This patch just removes this option.
Signed-off-by: Dmitry Kasatkin
Cc: # 3.19+
---
security/integrity/digsig.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security
Hi,
Yes, please.
(in plain text)
- Dmitry
On 26 January 2015 at 22:49, Stephen Rothwell wrote:
> Hi all,
>
> I noticed commit bfd33c4b4b1a ("MAINTAINERS: email update") in the
> integrity tree today. I assume that I should also update the email
> address in my contacts list?
>
> --
> Cheers,
Hello,
Sorry for the ugly typo in MAINTAINERS.
- Dmitry
Dmitry Kasatkin (1):
MAINTAINERS: email update
MAINTAINERS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message
Changed to my private email address as I left Samsung.
Signed-off-by: Dmitry Kasatkin
---
MAINTAINERS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index ccb0fef..0ee6758 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -4655,7 +4655,7 @@ F
Changed to my private email address as I left Samsung.
Signed-off-by: Dmitry Kasatkin
---
MAINTAINERS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index ccb0fef..0ee6758 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -4655,7 +4655,7 @@ F
correct.
Acked-by: Dmitry Kasatkin
Dmitry
On 12 January 2015 at 13:43, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> Ack.
>
> To what email address do I translate that now?
>
> Acked-by: Dmitry Kasatkin
>
> perchance?
>
> David
--
Thanks
Hi,
Thank you. Indeed '-cmp' is much more clear.
Ack.
- Dmitry
On 9 January 2015 at 13:00, David Howells wrote:
> This looks very reasonable. cc'ing Dmitry for his check.
>
> David
> ---
> Rasmus Villemoes wrote:
>
>> The condition preceding 'return 1;' makes my head hurt. At this point,
>>
Hi,
Thank you. It looks correct.
Ack.
- Dmitry
On 9 January 2015 at 12:58, David Howells wrote:
> I think you're right - *adding* the two sizes makes no sense. cc'ing Dmitry
> also for his check.
>
> David
>
>
> Rasmus Villemoes wrote:
>
>> If u and v both represent negative integers and the
On 05/12/14 16:04, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> With just "make all" on Ubuntu.
> What gcc? I don't see any warnings.
>
> David
>
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4
On 05/12/14 12:23, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> sign-file.c produce lots of annoying noise.
> How did you get it to produce that?
>
> David
>
With just "make all" on Ubuntu.
- Dmitry
--
To unsubscribe from this list: send the line &quo
Hi David,
sign-file.c produce lots of annoying noise.
scripts/sign-file.c:153:2: warning: format not a string literal and no
format arguments [-Wformat-security]
ERR(!bd, dest_name);
^
scripts/sign-file.c:179:3: warning: format not a string literal and no
format arguments [-Wformat-security]
On 21/11/14 16:42, Vivek Goyal wrote:
> On Thu, Nov 20, 2014 at 04:54:03PM +, David Howells wrote:
>
> [..]
>> diff --git a/crypto/asymmetric_keys/x509_parser.h
>> b/crypto/asymmetric_keys/x509_parser.h
>> index 3dfe6b5d6f0b..223b72344060 100644
>> --- a/crypto/asymmetric_keys/x509_parser.h
>>
On 26/11/14 16:17, David Howells wrote:
> Extract both parts of the AuthorityKeyIdentifier, not just the keyIdentifier,
> as the second part can be used to match X.509 certificates by issuer and
> serialNumber.
>
> Signed-off-by: David Howells
> ---
>
> crypto/asymmetric_keys/Makefile |
Hello,
Yes, we will pick it up.
Thanks,
Dmitry
On 03/12/14 08:04, Michael Ellerman wrote:
> On powerpc we can end up with IMA=y and PPC_PSERIES=n which leads to:
>
> warning: (IMA) selects TCG_IBMVTPM which has unmet direct dependencies
> (TCG_TPM && PPC_PSERIES)
> tpm_ibmvtpm.c:(.text+0x14
On 20/11/14 18:53, David Howells wrote:
> Here's a set of patches that does the following:
>
> (1) Extracts both parts of an X.509 AuthorityKeyIdentifier (AKID) extension.
> We already extract the bit that can match the subjectKeyIdentifier (SKID)
> of the parent X.509 cert, but we curre
On 21/11/14 14:59, Dmitry Kasatkin wrote:
> Hi David,
>
> Before I go into reviewing the patches just want to let you know that
> Integrity stuff seems to work fine with these changes.
Actually after cleaning the tree and re-signing the modules, I get following
Unrecognized ch
Hi David,
Before I go into reviewing the patches just want to let you know that
Integrity stuff seems to work fine with these changes.
Thanks,
Dmitry
On 20/11/14 18:53, David Howells wrote:
> Here's a set of patches that does the following:
>
> (1) Extracts both parts of an X.509 AuthorityKeyId
Provide the function to load x509 certificates from the kernel into the
integrity kernel keyring.
Changes in v2:
* configuration option removed
* function declared as '__init'
Signed-off-by: Dmitry Kasatkin
---
security/integrity/digsig.c| 37 -
kernel_read(), to integrity_kernel_read().
Changes in v3:
* Patch descriptions improved (Mimi)
Changes in v2:
* configuration option removed
* function declared as '__init'
Signed-off-by: Dmitry Kasatkin
---
security/integrity/iint.c | 78 +
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/Kconfig | 7 +++
security/integrity/ima/ima_policy.c | 5 +
2 files changed, 12 insertions(+)
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 8288edc..31b44b8 100644
--- a/security
; version does not call fsnotify_access(),
add_rchar() and inc_syscr().
* integrity_read_file() moved from digsig.c to iint.c because it is used
by IMA crypto subsystem and should not depend on digsig support being
enabled.
-Dmitry
*** BLURB HERE ***
Dmitry Kasatkin (6):
integrity: define a
integrity_kernel_read() duplicates the file read operations code
in vfs_read(). This patch refactors vfs_read() code creating a
helper function __vfs_read(). It is used by both vfs_read() and
integrity_kernel_read().
Signed-off-by: Dmitry Kasatkin
---
fs/read_write.c | 24
clears ima_policy_flag to disable
appraisal to load key. Use it to skip appraisal rules.
* Key directory path changed to /etc/keys (Mimi)
Changes in v2:
* added '__init'
* use ima_policy_flag to disable appraisal to load keys
Signed-off-by: Dmitry Kasatkin
---
security/integrity/i
ed after defining loading functions
Signed-off-by: Dmitry Kasatkin
---
include/linux/integrity.h | 6 ++
init/main.c | 6 +-
security/integrity/iint.c | 11 +++
3 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/include/linux/integrity.h b/include/linux/
On 29 October 2014 23:22, Andy Lutomirski wrote:
> On Oct 29, 2014 1:20 PM, "Mimi Zohar" wrote:
>>
>> On Wed, 2014-10-29 at 11:51 -0700, Andy Lutomirski wrote:
>> > On Wed, Oct 29, 2014 at 11:36 AM, Dan Carpenter
>> > wrote:
>> > > On Wed, Oct 29, 2014 at 09:23:45AM -0700, Andy Lutomirski wrote:
Sorry, this was the wrong version of the patch.
Please ignore this patch and use what is in the reply to this patch:
[PATCH v3 1/1] evm: check xattr value length and type in
evm_inode_setxattr()
- Dmitry
On 28/10/14 13:31, Dmitry Kasatkin wrote:
> evm_inode_setxattr() can be called with no va
a/0x48
[ 1106.400020] RSP
[ 1106.400020] CR2:
[ 1106.428061] ---[ end trace ae08331628ba3050 ]---
Reported-by: Jan Kara
Signed-off-by: Dmitry Kasatkin
Cc: sta...@vger.kernel.org
---
security/integrity/evm/evm_main.c | 9 ++---
1 file changed, 6 insertions(+), 3 del
a_inode_setxattr+0x3e/0x5a
[ 261.564109] RSP
[ 261.564109] CR2:
[ 261.58] ---[ end trace 39a89a3fc267e652 ]---
Reported-by: Jan Kara
Signed-off-by: Dmitry Kasatkin
Cc: sta...@vger.kernel.org
---
security/integrity/ima/ima_appraise.c | 2 ++
security/integrity/integr
File hashes are automatically set and updated and should not be
manually set. This patch limits file hash setting to fix and log
modes.
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/ima_appraise.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/security
patch fixes the oops and must go to
the stable and the second patch limits setting of file hash to fix
and log modes and may go to the next kernel version via normal process.
- Dmitry
Dmitry Kasatkin (3):
ima: check xattr value length and type in the ima_inode_setxattr()
ima: limit file hash
Signed-off-by: Dmitry Kasatkin
Cc: sta...@vger.kernel.org
---
security/integrity/evm/evm_main.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/security/integrity/evm/evm_main.c
b/security/integrity/evm/evm_main.c
index b392fe6..1384e4b 100644
--- a/security/integri
On 24/10/14 18:00, Dmitry Kasatkin wrote:
> On 24/10/14 17:18, Mimi Zohar wrote:
>> On Fri, 2014-10-24 at 10:07 +0300, Dmitry Kasatkin wrote:
>>> ima_inode_setxattr() can be called with no value. Function does not
>>> check the length so that following command can be
On 24/10/14 17:18, Mimi Zohar wrote:
> On Fri, 2014-10-24 at 10:07 +0300, Dmitry Kasatkin wrote:
>> ima_inode_setxattr() can be called with no value. Function does not
>> check the length so that following command can be used to produce
>> kernel oops: setfattr -n securit
Hi,
At first I did not notice Mimi's email with suggestion to allow
setting hash only in fix mode. Here is a next set with checking
validity of xattr type and allowing setting hash only in permissive
modes such as fix and log.
- Dmitry
Dmitry Kasatkin (2):
ima: check xattr value leng
off-by: Dmitry Kasatkin
---
security/integrity/evm/evm_main.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/security/integrity/evm/evm_main.c
b/security/integrity/evm/evm_main.c
index b392fe6..1384e4b 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/int
trace 39a89a3fc267e652 ]---
Reported-by: Jan Kara
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/ima_appraise.c | 13 +++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/security/integrity/ima/ima_appraise.c
b/security/integrity/ima/ima_appraise.c
index 9226854..e302cbf
On 23 October 2014 18:40, Jan Kara wrote:
> On Thu 23-10-14 16:47:17, Dmitry Kasatkin wrote:
>> ima_inode_setxattr() can be called with no value. Function does not
>> check the length so that following command can be used to produce
>> kernel oops: setfattr -n security.ima
Hi,
Here is couple of patches to fix bugs reported by Jan Kara
to prevent kernel oopses when setxattr() is called without
xattr values.
- Dmitry
Dmitry Kasatkin (2):
ima: check xattr value length in ima_inode_setxattr()
evm: check xattr value length in evm_inode_setxattr()
security
02 74 0d 48 89 de 4c 89 e7 e8 5a fe ff ff eb 03 83
[ 1106.400020] RIP [] evm_inode_setxattr+0x2a/0x48
[ 1106.400020] RSP
[ 1106.400020] CR2:
[ 1106.428061] ---[ end trace ae08331628ba3050 ]---
Reported-by: Jan Kara
Signed-off-by: Dmitry Kasatkin
---
security/integrity/evm/evm_
03 49 8b 7c 24 68 40 0f 94 c6 e8 e1 f9 ff ff 89 d8
[ 261.564109] RIP [] ima_inode_setxattr+0x3e/0x5a
[ 261.564109] RSP
[ 261.564109] CR2:
[ 261.58] ---[ end trace 39a89a3fc267e652 ]---
Reported-by: Jan Kara
Signed-off-by: Dmitry Kasatkin
---
security/integri
On 16/10/14 15:31, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> /tmp/ccgSFKJd.o: In function `display_openssl_errors':
>> sign-file.c:(.text+0x4e): undefined reference to `ERR_peek_error'
>> sign-file.c:(.text+0xa1): undefined reference to `ERR_error_strin
Hi Mimi,
Thanks for reply. I will fix your comments.
I am on LinuxCon EU at the moment.
Fixing as have a time :)
- Dmitry
On 13 October 2014 19:32, Mimi Zohar wrote:
> On Fri, 2014-10-10 at 17:09 +0300, Dmitry Kasatkin wrote:
>> Currently secure IMA/EVM initialization has to be done
ned-off-by: Dmitry Kasatkin
---
include/linux/integrity.h | 6 ++
init/main.c | 6 +-
security/integrity/iint.c | 11 +++
3 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/include/linux/integrity.h b/include/linux/integrity.h
index 83222ce..c2d6082 100644
---
by IMA crypto subsystem and should not depend on digsig support being
enabled.
-Dmitry
Dmitry Kasatkin (6):
integrity: provide integrity_read_file()
integrity: provide x509 certificate loading from the kernel
ima: load x509 certificate from the kernel
integrity: provide hook to load ke
Hello Andrew,
I have just posted updated patchset.
Please check patch description where I discuss your questions and
related changes.
Thanks,
Dmitry
On 30/07/14 00:37, Dmitry Kasatkin wrote:
> On Wed, Jul 23, 2014 at 9:08 PM, Mimi Zohar wrote:
>> On Wed, 2014-07-16 at 23:26 +030
Provide function to load x509 certificates from the kernel into the
integrity kernel keyrings.
Changes in v2:
* configuration option removed
* function declared as '__init'
Signed-off-by: Dmitry Kasatkin
---
security/integrity/digsig.c| 37 -
integrity_kernel_read() duplicates the file read operations code
in vfs_read(). This patch refactors vfs_read() code creating a
helper function __vfs_read(). It is used by both vfs_read() and
integrity_kernel_read().
Signed-off-by: Dmitry Kasatkin
---
fs/read_write.c | 24
initialization
script can initialize EVM key, update the IMA policy and change further
requirement of everything to be signed.
Changes in v2:
* policy change of this patch separated from the key loading patch
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/Kconfig | 7 +++
security
load keys
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/Kconfig| 15 +++
security/integrity/ima/ima_init.c | 17 +
security/integrity/integrity.h| 8
3 files changed, 40 insertions(+)
diff --git a/security/integrity/ima/Kconfig b/security
'__init'
Signed-off-by: Dmitry Kasatkin
---
security/integrity/iint.c | 78 +
security/integrity/ima/ima_crypto.c | 35 ++---
security/integrity/integrity.h | 4 ++
3 files changed, 85 insertions(+), 32 deletions(-)
diff --git
On 7 October 2014 20:17, Christoph Hellwig wrote:
> On Tue, Oct 07, 2014 at 08:11:42PM +0300, Dmitry Kasatkin wrote:
>> If file_set_fowner op is now type of "void", how you can actually
>> return the value?
>> I think compiler must give error. How could you compil
On 4 September 2014 15:38, Jeff Layton wrote:
> security_file_set_fowner always returns 0, so make it f_setown and
> __f_setown void return functions and fix up the error handling in the
> callers.
>
> Cc: linux-security-mod...@vger.kernel.org
> Cc: Christoph Hellwig
> Signed-off-by: Jeff Layton
On 06/10/14 15:44, James Morris wrote:
> On Fri, 3 Oct 2014, David Howells wrote:
>
>> Dmitry Kasatkin wrote:
>>
>>> BTW. But actually why signer is needed to find the key?
>>> Every key has unique fingerprint.
>> The SKID is by no means guaranteed uniqu
Hi David,
I just applied these 3 patches, but got build problems..
sign-file.c cannot be build.
Log attached...
Any ideas?
Thanks
- Dmitry
On 03/10/14 17:30, David Howells wrote:
> Hi Rusty,
>
> In the current module signing code, we try to use the subject and subjKeyId
> fields from X.509 cer
On 03/10/14 16:40, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> BTW. But actually why signer is needed to find the key?
>> Every key has unique fingerprint.
> The SKID is by no means guaranteed unique, is not mandatory and has no defined
> algorithm for generating i
On 03/10/14 15:53, Dmitry Kasatkin wrote:
> On 03/10/14 15:49, Dmitry Kasatkin wrote:
>> On 03/10/14 15:46, David Howells wrote:
>>> Dmitry Kasatkin wrote:
>>>
>>>> Latest KEYS code change the way keys identified and module
>>>> signi
On 03/10/14 15:49, Dmitry Kasatkin wrote:
> On 03/10/14 15:46, David Howells wrote:
>> Dmitry Kasatkin wrote:
>>
>>> Latest KEYS code change the way keys identified and module
>>> signing keys are not searchable anymore with original id.
>>>
>>>
On 03/10/14 15:46, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> Latest KEYS code change the way keys identified and module
>> signing keys are not searchable anymore with original id.
>>
>> This patch fixes this problem without change module signature
>>
On 03/10/14 15:13, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> [ 132.820302] CR2: ffea
> Looks like I leaked an error number somewhere.
>
> David
>
Yes... I found..
Check patches I posted.
Also here
http://git.kernel.org/cgit/linux/kernel/git/kasatkin
On 03/10/14 15:12, David Howells wrote:
> Dmitry Kasatkin wrote:
>
>> Also I noticed that output of 'keyctl show' and 'cat /proc/keys' output
>> also has changed in respect of certificate ids..
>>
>> Those ids does not look any close to my kern
n
* remove sysfs entry as in original design
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/ima_fs.c | 23 ---
security/integrity/ima/ima_policy.c | 23 ++-
2 files changed, 18 insertions(+), 28 deletions(-)
diff --git a/security/integrity/ima/
If rule is a comment, there is no need to allocate entry.
Move checking for comment before allocating entry.
Signed-off-by: Dmitry Kasatkin
---
security/integrity/ima/ima_policy.c | 14 ++
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/security/integrity/ima
Hi,
Here is few policy loading interface improvements.
Refer to the patches descriptions for details.
- Dmitry
Dmitry Kasatkin (4):
ima: report policy load status
ima: no need to allocate entry for comment
ima: ignore empty and with whitespaces policy lines
ima: use atomic bit
Empty policy lines cause parsing failures which is, especially
for new users, hard to spot. This patch prevents it.
It is now possible to 'cat policy > /ima/policy'.
Changes in v2:
* strip leading blanks and tabs in rules to prevent parsing failures
Signed-off-by: Dmitry Kasatkin
Audit messages are rate limited and often policy update info
is not visible. Report policy loading status also using pr_info.
Changes in v2:
* reporting moved to ima_release_policy to notice parsing errors
* reporting both completed and failed status
Signed-off-by: Dmitry Kasatkin
---
security
Hi David,
I slightly update what I posted and added one fix and one suggestion on
the top.
Here is those patches on the top of Jame's tree...
http://git.kernel.org/cgit/linux/kernel/git/kasatkin/linux-digsig.git/log/?h=keys-fixes
- Dmitry
On 03/10/14 12:09, Dmitry Kasatkin wrote:
> I
Latest KEYS code change the way keys identified and module
signing keys are not searchable anymore with original id.
This patch fixes this problem without change module signature
data.
Signed-off-by: Dmitry Kasatkin
---
kernel/module_signing.c | 16 +---
1 file changed, 5
I reported yesterday problems with new KEYS.
Module signature verification is broken, integrity subsystem verification is
broken, kernel oopses.
Here is few fixes.
- Dmitry
Dmitry Kasatkin (4):
KEYS: handle error code encoded in pointer
KEYS: provide pure subject key identifier (fingerprint
] [] ima_appraise_measurement+0x160/0x370
[ 132.820302] [] ? d_absolute_path+0x5b/0x7a
[ 132.820302] [] process_measurement+0x322/0x404
Reported-by: Dmitry Kasatkin
Signed-off-by: Dmitry Kasatkin
---
crypto/asymmetric_keys/asymmetric_type.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff
Latest KEYS code return error if hexadecimal string length id odd.
Fix it.
Signed-off-by: Dmitry Kasatkin
---
security/integrity/digsig_asymmetric.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/digsig_asymmetric.c
b/security/integrity
1 - 100 of 370 matches
Mail list logo
