From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from e23smtp01.au.ibm.com ([202.81.31.143]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1aDXHs-0005Qm-49 for kexec@lists.infradead.org; Mon, 28 Dec 2015 12:52:32 +0000 Received: from localhost by e23smtp01.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 28 Dec 2015 22:52:09 +1000 Received: from d23relay07.au.ibm.com (d23relay07.au.ibm.com [9.190.26.37]) by d23dlp01.au.ibm.com (Postfix) with ESMTP id 9FCB32CE8050 for ; Mon, 28 Dec 2015 23:52:07 +1100 (EST) Received: from d23av01.au.ibm.com (d23av01.au.ibm.com [9.190.234.96]) by d23relay07.au.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id tBSCq1wE33816634 for ; Mon, 28 Dec 2015 23:52:09 +1100 Received: from d23av01.au.ibm.com (localhost [127.0.0.1]) by d23av01.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id tBSCpZJ7029857 for ; Mon, 28 Dec 2015 23:51:35 +1100 Message-ID: <1451307075.3289.224.camel@linux.vnet.ibm.com> Subject: Re: [Linux-ima-devel] [PATCH v2 4/7] ima: measure and appraise kexec image and initramfs From: Mimi Zohar Date: Mon, 28 Dec 2015 07:51:15 -0500 In-Reply-To: <20151228020829.GB2980@dhcp-128-65.nay.redhat.com> References: <1450914903-5793-1-git-send-email-zohar@linux.vnet.ibm.com> <1450914903-5793-5-git-send-email-zohar@linux.vnet.ibm.com> <20151225053356.GA3398@dhcp-128-65.nay.redhat.com> <1451054749.3289.131.camel@linux.vnet.ibm.com> <20151228020829.GB2980@dhcp-128-65.nay.redhat.com> Mime-Version: 1.0 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Dave Young Cc: "Luis R. Rodriguez" , kexec@lists.infradead.org, David Howells , linux-security-module@vger.kernel.org, linux-ima-devel@lists.sourceforge.net, David Woodhouse , Vivek Goyal On Mon, 2015-12-28 at 10:08 +0800, Dave Young wrote: > On 12/25/15 at 09:45am, Mimi Zohar wrote: > > IMA calculates the file hash, in this case, based on the buffer > > contents. The hash is calculated once and used for both measurement > > and appraisal. If the file integrity appraisal fails (eg. hash > > comparison or signature failure), IMA prevents the kexec files from > > being used. > > > > Ok, thanks for the explanatioin. But I have another question, why do we > need a special hook for KEXEC? Shouldn't all files use same way to do the > measurement and appraisal? "By all files" are you referring to all files read by the kernel or all files opened, executed or mmapped by the system? Currently IMA allocates a page sized buffer, reads a file a page chunk at a time calculating the file hash as it does so, and then frees the buffer before returning to the caller. This method of calculating the file hash is used for measuring and appraising files opened (FILE_CHECK), executed (BPRM_CHECK) or mmapped (MMAP_CHECK) by the system. This patch set addresses files being read by kernel. A single new generic hook named ima_hash_and_process_file() is defined to not only measure and appraise the kexec image and initramfs, but firmware and the IMA policy. As we identify other places that the kernel is reading files, this hook would be called in those places as well. Mimi _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec