Re: IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)

[Patrick Ohly <patrick.ohly@intel.com>]

On Wed, 2017-11-15 at 09:58 -0800, Matthew Garrett wrote:
> On Wed, Nov 15, 2017 at 9:26 AM, Patrick Ohly <patrick.ohly@intel.com
> > wrote:
> > What hasn't become obvious to me yet is how portable signatures
> > help
> > fit into the overall system. What kind of IMA policy is it meant to
> > use? Is the entire partition considered read-only except when
> > installing system software or does it also contain data files from
> > untrusted apps? Which MAC, if any, and does that matter? Are there
> > known holes that need to be plugged before this system is
> > considered
> > secure, and is there a "master plan" for getting there?
> 
> Our approach is to combine appraisal with LSM in order to allow a
> more fine-grained policy (we're using Apparmor, but this applies
> equally well to SELinux or SMACK).

I have some experience with SMACK, but not with Apparmor. At least with
SMACK the problem is that the LSM depends on integrity protection of
the xattrs, but the integrity protection itself depends on the LSM, so
there's a cycle. An attacker can much too easily make offline changes
which then defeat whatever IMA policy the system might be using.

>  Execution that attempts to transition intoa more privileged Apparmor
> context will be subject to appraisal,execution that transitions into
> an unprivileged context won't be.

Is that something that already works with the upstream kernel plus your
 portable signatures, or do you have additional kernel patches?

If it already works, can you share the IMA policy and/or be a bit more
specific about how to set up such a system? I'd love to reproduce it.

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.