From: Mimi Zohar <zohar@linux.ibm.com>
To: Roberto Sassu <roberto.sassu@huawei.com>,
jarkko.sakkinen@linux.intel.com,
james.bottomley@hansenpartnership.com,
linux-integrity@vger.kernel.org
Cc: linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, silviu.vlasceanu@huawei.com
Subject: Re: [PATCH 0/8] ima: support stronger algorithms for attestation
Date: Thu, 30 Jan 2020 17:26:46 -0500 [thread overview]
Message-ID: <1580423206.6104.19.camel@linux.ibm.com> (raw)
In-Reply-To: <20200127170443.21538-1-roberto.sassu@huawei.com>
Hi Roberto,
On Mon, 2020-01-27 at 18:04 +0100, Roberto Sassu wrote:
> IMA extends Platform Configuration Registers (PCRs) of the TPM to give a
> proof to a remote verifier that the measurement list contains all
> measurements done by the kernel and that the list was not maliciously
> modified by an attacker.
>
> IMA was originally designed to extend PCRs with a SHA1 digest, provided
> with the measurement list, and was subsequently updated to extend all PCR
> banks in case a TPM 2.0 is used. Non-SHA1 PCR banks are not supposed to be
> used for remote attestation, as they are extended with a SHA1 digest padded
> with zeros, which does not increase the strength.
>
> This patch set addresses this issue by extending PCRs with the digest of
> the measurement entry calculated with the crypto subsystem. The list of
> algorithms used to calculate the digest are taken from
> ima_tpm_chip->allocated_banks, returned by the TPM driver. The SHA1 digest
> is always calculated, as SHA1 still remains the default algorithm for the
> template digest in the measurement list.
>
> This patch set also makes two additional modifications related to the usage
> of hash algorithms. First, since now the template digest for the default
> IMA algorithm is always calculated, this is used for hash collision
> detection, to check if there are duplicate measurement entries.
>
> Second, it uses the default IMA hash algorithm to calculate the boot
> aggregate, assuming that the corresponding PCR bank is currently allocated.
> Otherwise, it finds the first PCR bank for which the crypto ID is known.
> IMA initialization fails only if no algorithm known to the crypto subsystem
> is found.
>
> This patch set does not yet modify the format of the measurement list to
> provide the digests passed to the TPM. However, reconstructing the value of
> the quoted PCR is still possible for the verifier by calculating the digest
> on measurement data found in binary_runtime_measurements.
Thank you! I'm still reviewing and testing the patches, but it is
really nicely written.
Mimi
prev parent reply other threads:[~2020-01-30 22:26 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-27 17:04 [PATCH 0/8] ima: support stronger algorithms for attestation Roberto Sassu
2020-01-27 17:04 ` [PATCH 1/8] tpm: initialize crypto_id of allocated_banks to HASH_ALGO__LAST Roberto Sassu
2020-01-29 8:39 ` Petr Vorel
2020-01-30 8:47 ` Jarkko Sakkinen
2020-01-30 16:11 ` Roberto Sassu
2020-01-31 13:33 ` Mimi Zohar
2020-02-01 17:10 ` Jarkko Sakkinen
2020-01-27 17:04 ` [PATCH 2/8] ima: evaluate error in init_ima() Roberto Sassu
2020-01-31 13:33 ` Mimi Zohar
2020-01-27 17:04 ` [PATCH 3/8] ima: store template digest directly in ima_template_entry Roberto Sassu
2020-01-27 17:04 ` [PATCH 4/8] ima: switch to dynamically allocated buffer for template digests Roberto Sassu
2020-01-27 17:04 ` [PATCH 5/8] ima: allocate and initialize tfm for each PCR bank Roberto Sassu
2020-01-31 12:18 ` Mimi Zohar
2020-01-31 13:42 ` Roberto Sassu
2020-01-31 13:58 ` Mimi Zohar
2020-01-27 17:04 ` [PATCH 6/8] ima: calculate and extend PCR with digests in ima_template_entry Roberto Sassu
2020-01-27 17:29 ` Roberto Sassu
2020-01-27 17:04 ` [PATCH 7/8] ima: use ima_hash_algo for collision detection in the measurement list Roberto Sassu
2020-01-30 22:26 ` Mimi Zohar
2020-01-31 14:02 ` Roberto Sassu
2020-01-31 14:22 ` Mimi Zohar
2020-01-31 14:41 ` Roberto Sassu
2020-01-31 14:50 ` Mimi Zohar
2020-01-27 17:04 ` [PATCH 8/8] ima: switch to ima_hash_algo for boot aggregate Roberto Sassu
2020-01-31 15:21 ` Roberto Sassu
2020-01-30 22:26 ` Mimi Zohar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1580423206.6104.19.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=james.bottomley@hansenpartnership.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=roberto.sassu@huawei.com \
--cc=silviu.vlasceanu@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.