Re: [PATCH 04/14] evm: re-release

From: Stephen Smalley
Date: Fri Jun 04 2010 - 11:20:17 EST

Next message: Nick Bowler: "Re: Commit cfecde435dda78248d6fcdc424bed68d5db6be0b turns screenblank"
Previous message: Maxim Levitsky: "Re: [linux-pm] Is it supposed to be ok to call del_gendisk whileuserspace is frozen?"
In reply to: Mimi Zohar: "Re: [PATCH 04/14] evm: re-release"
Next in thread: David Safford: "Re: [PATCH 04/14] evm: re-release"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2010-06-04 at 10:53 -0400, Mimi Zohar wrote:
> On Fri, 2010-06-04 at 10:28 -0400, Stephen Smalley wrote:
> > On Wed, 2010-04-21 at 17:49 -0400, Mimi Zohar wrote:
> > > EVM protects a file's security extended attributes against integrity
> > > attacks. It maintains an HMAC-sha1 value across the extended attributes,
> > > storing the value as the extended attribute 'security.evm'. EVM has gone
> > > through a number of iterations, initially as an LSM module, subsequently
> > > as a LIM integrity provider, and now, when co-located with a security_
> > > hook, embedded directly in the security_ hook, similar to IMA.
> > >
> > > This is the first part of a local file integrity verification system.
> > > While this part does authenticate the selected extended attributes, and
> > > cryptographically bind them to the inode, coming extensions will bind
> > > other directory and inode metadata for more complete protection. The
> > > set of protected security extended attributes is configured at compile.
> > >
> > > EVM depends on the Kernel Key Retention System to provide it with the
> > > kernel master key for the HMAC operation. The kernel master key is
> > > securely loaded onto the root's keyring, typically by 'loadkernkey',
> > > which either uses the TPM sealed secret key, if available, or a
> > > password requested from the console. To signal EVM, that the key has
> > > been loaded onto the keyring, 'echo 1 > <securityfs>/evm'. This is
> > > normally done in the initrd, which has already been measured as part
> > > of the trusted boot. (Refer to http://linux-ima.sourceforge.net/#EVM.)
> >
> > I don't remember this dependency on the kernel key system in prior
> > incarnations of EVM. Can you explain the rationale for using it, and
> > the implications?
>
> This changed very early on, so that people without a TPM could 'play'
> with it.

The last time EVM was posted to lsm list (2005, AFAICS) prior to this
year's round, David Safford said:
"Since the kernel master key is unsealed by the hardware TPM only as a
result of a valid trusted boot, and the key is never visible outside the
kernel, the EVM HMAC attribute cannot be forged in an offline attack."

So that seemed to be an important property to you at the time. I
understand providing alternatives for TPM-less systems, but that doesn't
necessarily mean changing the properties on systems with TPMs.

--
Stephen Smalley
National Security Agency

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nick Bowler: "Re: Commit cfecde435dda78248d6fcdc424bed68d5db6be0b turns screenblank"
Previous message: Maxim Levitsky: "Re: [linux-pm] Is it supposed to be ok to call del_gendisk whileuserspace is frozen?"
In reply to: Mimi Zohar: "Re: [PATCH 04/14] evm: re-release"
Next in thread: David Safford: "Re: [PATCH 04/14] evm: re-release"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]