Re: [PATCH v6 8/8] selinux: measure state and hash of the policy using IMA

From: James Morris
Date: Fri Nov 20 2020 - 21:05:36 EST

Next message: Zhihao Cheng: "[PATCH] mmc: pxamci: Fix error return code in pxamci_probe"
Previous message: Saravana Kannan: "[PATCH v2 09/17] driver core: Allow only unprobed consumers for SYNC_STATE_ONLY device links"
In reply to: Lakshmi Ramasubramanian: "Re: [PATCH v6 8/8] selinux: measure state and hash of the policy using IMA"
Next in thread: Tushar Sugandhi: "[PATCH v6 1/8] IMA: generalize keyring specific measurement constructs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 19 Nov 2020, Tushar Sugandhi wrote:

> an impact on the security guarantees provided by SELinux. Measuring
> such in-memory data structures through IMA subsystem provides a secure
> way for a remote attestation service to know the state of the system
> and also the runtime changes in the state of the system.

I think we need better clarity on the security model here than just "a
secure way...". Secure how and against what threats?

This looks to me like configuration assurance, i.e. you just want to know
that systems have been configured correctly, not to detect a competent
attack. Is that correct?

--
James Morris
<jmorris@xxxxxxxxx>

Next message: Zhihao Cheng: "[PATCH] mmc: pxamci: Fix error return code in pxamci_probe"
Previous message: Saravana Kannan: "[PATCH v2 09/17] driver core: Allow only unprobed consumers for SYNC_STATE_ONLY device links"
In reply to: Lakshmi Ramasubramanian: "Re: [PATCH v6 8/8] selinux: measure state and hash of the policy using IMA"
Next in thread: Tushar Sugandhi: "[PATCH v6 1/8] IMA: generalize keyring specific measurement constructs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]