From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1h3kcq-000114-IG for kexec@lists.infradead.org; Tue, 12 Mar 2019 16:51:38 +0000 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x2CGbC38069108 for ; Tue, 12 Mar 2019 12:51:33 -0400 Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101]) by mx0a-001b2d01.pphosted.com with ESMTP id 2r6f3m6akk-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 12 Mar 2019 12:51:33 -0400 Received: from localhost by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 12 Mar 2019 16:51:31 -0000 Subject: Re: [PATCH v3 5/7] selftests/ima: kexec_file_load syscall test From: Mimi Zohar Date: Tue, 12 Mar 2019 12:51:14 -0400 In-Reply-To: <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> References: <1552304473-3966-1-git-send-email-zohar@linux.ibm.com> <1552304473-3966-6-git-send-email-zohar@linux.ibm.com> <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> Mime-Version: 1.0 Message-Id: <1552409474.24794.63.camel@linux.ibm.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Dave Young Cc: kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Matthew Garrett , Petr Vorel , linux-kselftest@vger.kernel.org, linux-integrity@vger.kernel.org T24gVHVlLCAyMDE5LTAzLTEyIGF0IDIwOjEwICswODAwLCBEYXZlIFlvdW5nIHdyb3RlOgo+IEhp IE1pbWksCj4gT24gMDMvMTEvMTkgYXQgMDc6NDFhbSwgTWltaSBab2hhciB3cm90ZToKPiA+IFRo ZSBrZXJuZWwgY2FuIGJlIGNvbmZpZ3VyZWQgdG8gdmVyaWZ5IFBFIHNpZ25lZCBrZXJuZWwgaW1h Z2VzLCBJTUEKPiA+IGtlcm5lbCBpbWFnZSBzaWduYXR1cmVzLCBib3RoIHR5cGVzIG9mIHNpZ25h dHVyZXMsIG9yIG5vbmUuICBUaGlzIHRlc3QKPiA+IHZlcmlmaWVzIG9ubHkgcHJvcGVybHkgc2ln bmVkIGtlcm5lbCBpbWFnZXMgYXJlIGxvYWRlZCBpbnRvIG1lbW9yeSwKPiA+IGJhc2VkIG9uIHRo ZSBrZXJuZWwgY29uZmlndXJhdGlvbiBhbmQgcnVudGltZSBwb2xpY2llcy4KPiAKPiBJIHVuZGVy c3RhbmQgdGhpcyBpcyBmb3IgSU1BIHRlc3Rpbmcgb25seSwgYnV0IEkgc3RpbGwgd29uZGVyIGlm IHRoaXMKPiBjYW4gYmUgZXhwYW5kZWQgdG8gY29tbW9uIGtleGVjIHRlc3RzLCBsaWtlCj4gdG9v bHMvdGVzdGluZy9zZWxmdGVzdHMva2V4ZWMva2V4ZWNfbG9hZC5zaAo+IHRvb2xzL3Rlc3Rpbmcv c2VsZnRlc3RzL2tleGVjL2tleGVjX2ZpbGVfbG9hZC5zaAo+IAo+IElzIGl0IHBvc3NpYmxlIGZv ciBpbWEvdGVzdF9rZXhlY19sb2FkLnNoIHRvIGNhbGwgdGhlCj4gLi4va2V4ZWMva2V4ZWNfbG9h ZC5zaCwgcHJvYmFibHkgYWRkIGV4dHJhIGFyZ3VtZW50IGVnICJpbWEiPwoKVGhlc2Uga2V4ZWMg dGVzdHMgYXJlIG1lYW50IHRvIGNvb3JkaW5hdGUgYmV0d2VlbiB0aGUgZGlmZmVyZW50Cm1ldGhv ZHMgb2YgdmVyaWZ5aW5nIHRoZSBrZXhlYyBrZXJuZWwgaW1hZ2Ugc2lnbmF0dXJlcy4gwqBOb3Ro aW5nIGFib3V0CnRoZW0gaXMgSU1BIHNwZWNpZmljLiDCoE1vdmluZyB0aGVzZSB0ZXN0cyB0bwp0 b29scy90ZXN0aW5nL3NlbGZ0ZXN0cy9rZXhlYyBtYWtlcyBzZW5zZS4KCj4gCj4gRnJhbmtseSBJ IGRpZCBub3QgcmVhZCBhbmQgZm9sbG93dXAgbXVjaCBhYm91dCB0aGUgdGVzdGluZyBjb2RlIGNo YW5nZXMsCj4gbm90IHN1cmUgaWYgaXQgaXMgZG9hYmxlIG9yIG5vdC4gIFRoZSBjb2RlIHNoYXJp bmcgdW5kZXIgdGVzdGluZyBmb2xkZXIKPiBzZWVtcyBub3QgdmVyeSBnb29kLiAgRm9yIGV4YW1w bGUgdGhlIGJhc2ljIGNoZWNrX3Jvb3QgaXMgbmVlZGVkIGJ5Cj4gZGlmZmVyZW50IHBhcnRzLCBi dXQgYWxsIGhhdmUgaXRzIG93biBpbXBsZW1lbnRhdGlvbi4gIEFueXdheSB0aGlzIGlzCj4gbm90 IHRoZSBkdXR5IG9mIHRoaXMgcGF0Y2ggc2V0Lgo+IEFsc28gdGhlIHNlbGZ0ZXN0cy9saWIvIGlz IG5vdCBhIGZvbGRlciBmb3Igc2hhcmluZyBjb2RlIGZvciBkaWZmZXJlbnQKPiB0ZXN0cywgaXQg bG9va3MgYSBzdGFuZGFsb25lIHRlc3QgaW5zdGVhZC4KClNodWFoIHN1Z2dlc3RlZCB1cHN0cmVh bWluZyB0aGVzZSB0ZXN0cyBmaXJzdCBhbmQgZGVmZXIgaW50cm9kdWNpbmcgYQpjb21tb24gc2V0 IG9mIGZ1bmN0aW9ucyB0byBsYXRlci4KCj4gU28gaWYgc3BsaXQga2V4ZWMgdGVzdHMgdG8gYW5v dGhlciBmb2xkZXIgaXMgbm90IGRvYWJsZSBwbGVhc2UganVzdAo+IGlnbm9yZSB0aGUgY29tbWVu dC4KCkxlZnQgaW4gdGhlIHNlbGZ0ZXN0cy9pbWEgaXMgYSBzaW1pbGFyIHRlc3QgZm9yIGtlcm5l bCBtb2R1bGVzLCB3aGljaAp1c2VzIHRoZSAiY29tbW9uIiBmdW5jdGlvbnMuIMKgU28gZWl0aGVy IHdlIHdhaXQgdG8gbW92ZSB0aGUga2V4ZWMKdGVzdHMgb3IgYWxsb3cgdGhlbSB0byByZWFjaCBp bnRvIHRoZSBpbWEgZGlyZWN0b3J5IGFuZCB1c2UgdGhlCmltYV9jb21tb25fbGliIGZ1bmN0aW9u cy4KCj4gCj4gQlRXLCBkb2VzIENPTkZJR19LRVhFQyogaXMgY2hlY2tlZD8gIGluIGNhc2UgYSBr ZXJuZWwgd2l0aG91dCBLRVhFQyBvcgo+IEtFWEVDX0ZJTEUgY29tcGlsZWQgaW4gdGhlbiB0aGUg dGVzdHMgY2FuIGp1c3QgcmV0dXJuIGRpcmVjdGx5LgoKR29vZCBwb2ludC4gwqBOb3cgdGhhdCB0 aGVyZSBpcyBhIGNvbW1vbiBmdW5jdGlvbiBmb3IgcmVhZGluZyB0aGUKS2NvbmZpZywgSSdsbCBh ZGQgdGhhdCBjaGVjayB0byBib3RoIHRoZSB0ZXN0X2tleGVjX2xvYWQuc2ggYW5kCnRlc3Rfa2V4 ZWNfZmlsZV9sb2FkLnNoIHRlc3RzIHJlc3BlY3RpdmVseS4KCk1pbWkKCgpfX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwprZXhlYyBtYWlsaW5nIGxpc3QKa2V4 ZWNAbGlzdHMuaW5mcmFkZWFkLm9yZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFu L2xpc3RpbmZvL2tleGVjCg== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B90CC43381 for ; Tue, 12 Mar 2019 16:51:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 54B47214AE for ; Tue, 12 Mar 2019 16:51:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726418AbfCLQvf (ORCPT ); Tue, 12 Mar 2019 12:51:35 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:54128 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725894AbfCLQve (ORCPT ); Tue, 12 Mar 2019 12:51:34 -0400 Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x2CGbJwZ133502 for ; Tue, 12 Mar 2019 12:51:33 -0400 Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101]) by mx0b-001b2d01.pphosted.com with ESMTP id 2r6g06jg8f-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 12 Mar 2019 12:51:32 -0400 Received: from localhost by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 12 Mar 2019 16:51:31 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp05.uk.ibm.com (192.168.101.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 12 Mar 2019 16:51:26 -0000 Received: from d06av26.portsmouth.uk.ibm.com (d06av26.portsmouth.uk.ibm.com [9.149.105.62]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x2CGpPNp52559932 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 12 Mar 2019 16:51:26 GMT Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D6C32AE053; Tue, 12 Mar 2019 16:51:25 +0000 (GMT) Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DD06AAE056; Tue, 12 Mar 2019 16:51:24 +0000 (GMT) Received: from localhost.localdomain (unknown [9.80.93.217]) by d06av26.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 12 Mar 2019 16:51:24 +0000 (GMT) Subject: Re: [PATCH v3 5/7] selftests/ima: kexec_file_load syscall test From: Mimi Zohar To: Dave Young Cc: linux-integrity@vger.kernel.org, linux-kselftest@vger.kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Petr Vorel , Matthew Garrett Date: Tue, 12 Mar 2019 12:51:14 -0400 In-Reply-To: <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> References: <1552304473-3966-1-git-send-email-zohar@linux.ibm.com> <1552304473-3966-6-git-send-email-zohar@linux.ibm.com> <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 19031216-0020-0000-0000-00000321B8F6 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19031216-0021-0000-0000-00002173E579 Message-Id: <1552409474.24794.63.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-03-12_09:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1903120115 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org On Tue, 2019-03-12 at 20:10 +0800, Dave Young wrote: > Hi Mimi, > On 03/11/19 at 07:41am, Mimi Zohar wrote: > > The kernel can be configured to verify PE signed kernel images, IMA > > kernel image signatures, both types of signatures, or none. This test > > verifies only properly signed kernel images are loaded into memory, > > based on the kernel configuration and runtime policies. > > I understand this is for IMA testing only, but I still wonder if this > can be expanded to common kexec tests, like > tools/testing/selftests/kexec/kexec_load.sh > tools/testing/selftests/kexec/kexec_file_load.sh > > Is it possible for ima/test_kexec_load.sh to call the > ../kexec/kexec_load.sh, probably add extra argument eg "ima"? These kexec tests are meant to coordinate between the different methods of verifying the kexec kernel image signatures.  Nothing about them is IMA specific.  Moving these tests to tools/testing/selftests/kexec makes sense. > > Frankly I did not read and followup much about the testing code changes, > not sure if it is doable or not. The code sharing under testing folder > seems not very good. For example the basic check_root is needed by > different parts, but all have its own implementation. Anyway this is > not the duty of this patch set. > Also the selftests/lib/ is not a folder for sharing code for different > tests, it looks a standalone test instead. Shuah suggested upstreaming these tests first and defer introducing a common set of functions to later. > So if split kexec tests to another folder is not doable please just > ignore the comment. Left in the selftests/ima is a similar test for kernel modules, which uses the "common" functions.  So either we wait to move the kexec tests or allow them to reach into the ima directory and use the ima_common_lib functions. > > BTW, does CONFIG_KEXEC* is checked? in case a kernel without KEXEC or > KEXEC_FILE compiled in then the tests can just return directly. Good point.  Now that there is a common function for reading the Kconfig, I'll add that check to both the test_kexec_load.sh and test_kexec_file_load.sh tests respectively. Mimi From mboxrd@z Thu Jan 1 00:00:00 1970 From: zohar at linux.ibm.com (Mimi Zohar) Date: Tue, 12 Mar 2019 12:51:14 -0400 Subject: [PATCH v3 5/7] selftests/ima: kexec_file_load syscall test In-Reply-To: <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> References: <1552304473-3966-1-git-send-email-zohar@linux.ibm.com> <1552304473-3966-6-git-send-email-zohar@linux.ibm.com> <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> Message-ID: <1552409474.24794.63.camel@linux.ibm.com> On Tue, 2019-03-12 at 20:10 +0800, Dave Young wrote: > Hi Mimi, > On 03/11/19 at 07:41am, Mimi Zohar wrote: > > The kernel can be configured to verify PE signed kernel images, IMA > > kernel image signatures, both types of signatures, or none. This test > > verifies only properly signed kernel images are loaded into memory, > > based on the kernel configuration and runtime policies. > > I understand this is for IMA testing only, but I still wonder if this > can be expanded to common kexec tests, like > tools/testing/selftests/kexec/kexec_load.sh > tools/testing/selftests/kexec/kexec_file_load.sh > > Is it possible for ima/test_kexec_load.sh to call the > ../kexec/kexec_load.sh, probably add extra argument eg "ima"? These kexec tests are meant to coordinate between the different methods of verifying the kexec kernel image signatures.  Nothing about them is IMA specific.  Moving these tests to tools/testing/selftests/kexec makes sense. > > Frankly I did not read and followup much about the testing code changes, > not sure if it is doable or not. The code sharing under testing folder > seems not very good. For example the basic check_root is needed by > different parts, but all have its own implementation. Anyway this is > not the duty of this patch set. > Also the selftests/lib/ is not a folder for sharing code for different > tests, it looks a standalone test instead. Shuah suggested upstreaming these tests first and defer introducing a common set of functions to later. > So if split kexec tests to another folder is not doable please just > ignore the comment. Left in the selftests/ima is a similar test for kernel modules, which uses the "common" functions.  So either we wait to move the kexec tests or allow them to reach into the ima directory and use the ima_common_lib functions. > > BTW, does CONFIG_KEXEC* is checked? in case a kernel without KEXEC or > KEXEC_FILE compiled in then the tests can just return directly. Good point.  Now that there is a common function for reading the Kconfig, I'll add that check to both the test_kexec_load.sh and test_kexec_file_load.sh tests respectively. Mimi From mboxrd@z Thu Jan 1 00:00:00 1970 From: zohar@linux.ibm.com (Mimi Zohar) Date: Tue, 12 Mar 2019 12:51:14 -0400 Subject: [PATCH v3 5/7] selftests/ima: kexec_file_load syscall test In-Reply-To: <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> References: <1552304473-3966-1-git-send-email-zohar@linux.ibm.com> <1552304473-3966-6-git-send-email-zohar@linux.ibm.com> <20190312121001.GA18510@dhcp-128-65.nay.redhat.com> Message-ID: <1552409474.24794.63.camel@linux.ibm.com> Content-Type: text/plain; charset="UTF-8" Message-ID: <20190312165114.ETgt5hHIHsI6MZyhzymVd9FIRz_YXHXilptryvo3X-8@z> On Tue, 2019-03-12@20:10 +0800, Dave Young wrote: > Hi Mimi, > On 03/11/19@07:41am, Mimi Zohar wrote: > > The kernel can be configured to verify PE signed kernel images, IMA > > kernel image signatures, both types of signatures, or none. This test > > verifies only properly signed kernel images are loaded into memory, > > based on the kernel configuration and runtime policies. > > I understand this is for IMA testing only, but I still wonder if this > can be expanded to common kexec tests, like > tools/testing/selftests/kexec/kexec_load.sh > tools/testing/selftests/kexec/kexec_file_load.sh > > Is it possible for ima/test_kexec_load.sh to call the > ../kexec/kexec_load.sh, probably add extra argument eg "ima"? These kexec tests are meant to coordinate between the different methods of verifying the kexec kernel image signatures.  Nothing about them is IMA specific.  Moving these tests to tools/testing/selftests/kexec makes sense. > > Frankly I did not read and followup much about the testing code changes, > not sure if it is doable or not. The code sharing under testing folder > seems not very good. For example the basic check_root is needed by > different parts, but all have its own implementation. Anyway this is > not the duty of this patch set. > Also the selftests/lib/ is not a folder for sharing code for different > tests, it looks a standalone test instead. Shuah suggested upstreaming these tests first and defer introducing a common set of functions to later. > So if split kexec tests to another folder is not doable please just > ignore the comment. Left in the selftests/ima is a similar test for kernel modules, which uses the "common" functions.  So either we wait to move the kexec tests or allow them to reach into the ima directory and use the ima_common_lib functions. > > BTW, does CONFIG_KEXEC* is checked? in case a kernel without KEXEC or > KEXEC_FILE compiled in then the tests can just return directly. Good point.  Now that there is a common function for reading the Kconfig, I'll add that check to both the test_kexec_load.sh and test_kexec_file_load.sh tests respectively. Mimi