Re: [PATCH 00/14] EVM

From: Mimi Zohar
Date: Wed Apr 21 2010 - 18:19:12 EST

Next message: Vivek Goyal: "[PATCH] blkio: Fix another BUG_ON() crash due to cfqq movementacross groups"
Previous message: Paul E. McKenney: "Re: [PATCH] RCU: don't turn off lockdep when find suspiciousrcu_dereference_check() usage"
In reply to: Randy Dunlap: "Re: [PATCH 00/14] EVM"
Next in thread: Randy Dunlap: "Re: [PATCH 00/14] EVM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2010-04-21 at 14:58 -0700, Randy Dunlap wrote:
> On Wed, 21 Apr 2010 17:49:40 -0400 Mimi Zohar wrote:
>
> > Extended Verification Module(EVM) detects offline tampering of the
> > security extended attributes (e.g. security.selinux, security.SMACK64,
> > security.ima), which is the basis for LSM permission decisions and,
> > with this set of patches, integrity appraisal decisions. To detect
> > offline tampering of the extended attributes, EVM maintains an
> > HMAC-sha1 across a set of security extended attributes, storing the
> > HMAC as the extended attribute 'security.evm'. To verify the integrity
> > of an extended attribute, EVM exports evm_verifyxattr(), which
> > re-calculates the HMAC and compares it with the version stored in
> > 'security.evm'.
> >
> ...
> >
> > Much appreciation to Dave Hansen, Serge Hallyn, and Matt Helsley for
> > reviewing the patches.
> >
> > Mimi
> >
> > Mimi Zohar (14):
> > integrity: move ima inode integrity data management
> > security: move LSM xattrnames to xattr.h
> > xattr: define vfs_getxattr_alloc and vfs_xattr_cmp
> > evm: re-release
> > ima: move ima_file_free before releasing the file
> > security: imbed evm calls in security hooks
> > evm: inode post removexattr
> > evm: imbed evm_inode_post_setattr
> > evm: inode_post_init
> > fs: add evm_inode_post_init calls
> > ima: integrity appraisal extension
> > ima: appraise default rules
> > ima: inode post_setattr
> > ima: add ima_inode_setxattr and ima_inode_removexattr
> > --
>
> A summary diffstat would be good to see in patch 00/14.
>
> Lacking that, at least each individual patch should have a diffstat summary
> in it. Please read Documentation/SubmittingPatches.
>
> ---
> ~Randy

Only two minor changes from the RFC posting:

0011-ima-integrity-appraisal-extension.patch adds a missing
ima_fix_xattr() call.

Index: security-testing-2.6/security/integrity/ima/ima_appraise.c
===================================================================
--- security-testing-2.6.orig/security/integrity/ima/ima_appraise.c
+++ security-testing-2.6/security/integrity/ima/ima_appraise.c
@@ -92,8 +92,13 @@ int ima_appraise_measurement(struct inte
ima_fix_xattr(dentry, iint);
integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode,
filename, op, cause, 1, 0);
- } else
+ } else {
status = INTEGRITY_PASS;
+
+ if ((status == INTEGRITY_UNKNOWN)
+ && (ima_appraise & IMA_APPRAISE_FIX))
+ ima_fix_xattr(dentry, iint);
+ }
iint->flags |= IMA_APPRAISED;
} else {
if (status == INTEGRITY_NOLABEL)

0012-ima-appraise-default-rules.patch replaces audit_log_format() calls
with ima_log_string(), introduced in Eric's patches.

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vivek Goyal: "[PATCH] blkio: Fix another BUG_ON() crash due to cfqq movementacross groups"
Previous message: Paul E. McKenney: "Re: [PATCH] RCU: don't turn off lockdep when find suspiciousrcu_dereference_check() usage"
In reply to: Randy Dunlap: "Re: [PATCH 00/14] EVM"
Next in thread: Randy Dunlap: "Re: [PATCH 00/14] EVM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]