diff for duplicates of <1501771065.27872.63.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 8cd0537..b8af422 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -22,7 +22,7 @@ On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote: > > >> + > > >> + status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value_evm, > > >> + xattr_len_evm, iint); -> > >> + if (appraising_modsig && status = INTEGRITY_FAIL) { +> > >> + if (appraising_modsig && status == INTEGRITY_FAIL) { > > >> + cause = "invalid-HMAC"; > > >> + goto out; > > > diff --git a/a/content_digest b/N1/content_digest index 86bd800..75b0cb8 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -5,7 +5,7 @@ "ref\01501714334.27872.38.camel@linux.vnet.ibm.com\0" "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" "Subject\0Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal\0" - "Date\0Thu, 03 Aug 2017 14:37:45 +0000\0" + "Date\0Thu, 03 Aug 2017 10:37:45 -0400\0" "To\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" "Cc\0linux-security-module@vger.kernel.org" linux-ima-devel@lists.sourceforge.net @@ -50,7 +50,7 @@ "> > >> +\n" "> > >> +\tstatus = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value_evm,\n" "> > >> +\t\t\t\t xattr_len_evm, iint);\n" - "> > >> +\tif (appraising_modsig && status = INTEGRITY_FAIL) {\n" + "> > >> +\tif (appraising_modsig && status == INTEGRITY_FAIL) {\n" "> > >> +\t\tcause = \"invalid-HMAC\";\n" "> > >> +\t\tgoto out;\n" "> > >\n" @@ -100,4 +100,4 @@ "\n" Mimi -e5feb5d9cc559baa644f2022b15ed00b624e048860aef0a3bdd0f54798dee409 +4ba5733a537d9f1fa03199eaac88e450e698b376f49610d8a0492fd89ed4825a
diff --git a/a/1.txt b/N2/1.txt index 8cd0537..91fc71b 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -22,7 +22,7 @@ On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote: > > >> + > > >> + status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value_evm, > > >> + xattr_len_evm, iint); -> > >> + if (appraising_modsig && status = INTEGRITY_FAIL) { +> > >> + if (appraising_modsig && status == INTEGRITY_FAIL) { > > >> + cause = "invalid-HMAC"; > > >> + goto out; > > > @@ -40,34 +40,39 @@ On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote: There is one major difference. EVM verifies a file's metadata has not been modified based on either -an HMAC or signature stored as security.evm. Prior to the appended +an HMAC or signature stored as security.evm. ?Prior to the appended signatures patch set, all files in policy required a security.evm xattr. With IMA enabled we could guarantee that at least one security -xattr existed. The only exception were new files, which hadn't yet -been labeled. +xattr existed. ?The only exception were new files, which hadn't yet +been labeled.? With appended signatures, there is now no guarantee that at least one security xattr exists. Perhaps the code snippet below will help clarify the meaning of the -integrity_status results. +integrity_status results.? - switch (status) { - case INTEGRITY_PASS: - case INTEGRITY_UNKNOWN: - break; - case INTEGRITY_NOXATTRS: /* no EVM protected xattrs */ - if (appraising_modsig) - break; - case INTEGRITY_NOLABEL: /* no security.evm xattr */ - cause = "missing-HMAC"; - fail = 1; - break; - case INTEGRITY_FAIL: /* invalid HMAC/signature */ - default: - cause = "invalid-HMAC"; - fail = 1; - break; - } +? ? ? ? switch (status) { +????????case INTEGRITY_PASS: +????????case INTEGRITY_UNKNOWN: ? ? ? +? ? ? ? ? ? ? break; +? ? ? ? case INTEGRITY_NOXATTRS:????????/* no EVM protected xattrs */ +????????????????if (appraising_modsig) +????????????????????????break; +????????case INTEGRITY_NOLABEL:?????????/* no security.evm xattr */ +????????????????cause = "missing-HMAC"; +????????????????fail = 1; +????????????????break; +????????case INTEGRITY_FAIL:????????????/* invalid HMAC/signature */ +????????default: +????????????????cause = "invalid-HMAC"; +????????????????fail = 1; +????????????????break; +????????} Mimi + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 86bd800..ab2df1f 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -3,27 +3,10 @@ "ref\01501424988.9230.67.camel@linux.vnet.ibm.com\0" "ref\087fud9yig8.fsf@linux.vnet.ibm.com\0" "ref\01501714334.27872.38.camel@linux.vnet.ibm.com\0" - "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Subject\0Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal\0" - "Date\0Thu, 03 Aug 2017 14:37:45 +0000\0" - "To\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" - "Cc\0linux-security-module@vger.kernel.org" - linux-ima-devel@lists.sourceforge.net - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org - linux-kernel@vger.kernel.org - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <james.l.morris@oracle.com> - Serge E. Hallyn <serge@hallyn.com> - David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@redhat.com> - Rusty Russell <rusty@rustcorp.com.au> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - AKASHI - " Takahiro <takahiro.akashi@linaro.org>\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0[PATCH v3 7/7] ima: Support module-style appended signatures for appraisal\0" + "Date\0Thu, 03 Aug 2017 10:37:45 -0400\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote:\n" @@ -50,7 +33,7 @@ "> > >> +\n" "> > >> +\tstatus = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value_evm,\n" "> > >> +\t\t\t\t xattr_len_evm, iint);\n" - "> > >> +\tif (appraising_modsig && status = INTEGRITY_FAIL) {\n" + "> > >> +\tif (appraising_modsig && status == INTEGRITY_FAIL) {\n" "> > >> +\t\tcause = \"invalid-HMAC\";\n" "> > >> +\t\tgoto out;\n" "> > >\n" @@ -68,36 +51,41 @@ "There is one major difference.\n" "\n" "EVM verifies a file's metadata has not been modified based on either\n" - "an HMAC or signature stored as security.evm. \302\240Prior to the appended\n" + "an HMAC or signature stored as security.evm. ?Prior to the appended\n" "signatures patch set, all files in policy required a security.evm\n" "xattr. With IMA enabled we could guarantee that at least one security\n" - "xattr existed. \302\240The only exception were new files, which hadn't yet\n" - "been labeled.\302\240\n" + "xattr existed. ?The only exception were new files, which hadn't yet\n" + "been labeled.?\n" "\n" "With appended signatures, there is now no guarantee that at least one\n" "security xattr exists.\n" "\n" "Perhaps the code snippet below will help clarify the meaning of the\n" - "integrity_status results.\302\240\n" + "integrity_status results.?\n" "\n" - "\302\240 \302\240 \302\240 \302\240 switch (status) {\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240case INTEGRITY_PASS:\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240case INTEGRITY_UNKNOWN: \302\240 \302\240 \302\240\n" - "\302\240 \302\240 \302\240 \302\240 \302\240 \302\240 \302\240 break;\t\t\n" - "\302\240 \302\240 \302\240 \302\240 case INTEGRITY_NOXATTRS:\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240/* no EVM protected xattrs */\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240if (appraising_modsig)\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240break;\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240case INTEGRITY_NOLABEL:\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240/* no security.evm xattr */\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240cause = \"missing-HMAC\";\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240fail = 1;\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240break;\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240case INTEGRITY_FAIL:\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240/* invalid HMAC/signature */\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240default:\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240cause = \"invalid-HMAC\";\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240fail = 1;\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240break;\n" - "\302\240\302\240\302\240\302\240\302\240\302\240\302\240\302\240}\n" + "? ? ? ? switch (status) {\n" + "????????case INTEGRITY_PASS:\n" + "????????case INTEGRITY_UNKNOWN: ? ? ?\n" + "? ? ? ? ? ? ? break;\t\t\n" + "? ? ? ? case INTEGRITY_NOXATTRS:????????/* no EVM protected xattrs */\n" + "????????????????if (appraising_modsig)\n" + "????????????????????????break;\n" + "????????case INTEGRITY_NOLABEL:?????????/* no security.evm xattr */\n" + "????????????????cause = \"missing-HMAC\";\n" + "????????????????fail = 1;\n" + "????????????????break;\n" + "????????case INTEGRITY_FAIL:????????????/* invalid HMAC/signature */\n" + "????????default:\n" + "????????????????cause = \"invalid-HMAC\";\n" + "????????????????fail = 1;\n" + "????????????????break;\n" + "????????}\n" "\n" - Mimi + "Mimi\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -e5feb5d9cc559baa644f2022b15ed00b624e048860aef0a3bdd0f54798dee409 +5f6141124175f9d7d82cc98d28e6b63aab47a3a7d62238e0efbaa7057a370a50
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.