From: Stefan Berger <stefanb@linux.ibm.com>
To: Mimi Zohar <zohar@linux.ibm.com>, linux-integrity@vger.kernel.org
Cc: Eric Biggers <ebiggers@kernel.org>,
linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v6 4/5] ima: support fs-verity file digest based version 3 signatures
Date: Mon, 21 Mar 2022 09:10:22 -0400 [thread overview]
Message-ID: <d79baf40-6bb7-d4f4-666d-91e1ad20be74@linux.ibm.com> (raw)
In-Reply-To: <20220318182151.100847-5-zohar@linux.ibm.com>
On 3/18/22 14:21, Mimi Zohar wrote:
> IMA may verify a file's integrity against a "good" value stored in the
> 'security.ima' xattr or as an appended signature, based on policy. When
> the "good value" is stored in the xattr, the xattr may contain a file
> hash or signature. In either case, the "good" value is preceded by a
> header. The first byte of the xattr header indicates the type of data
> - hash, signature - stored in the xattr. To support storing fs-verity
> signatures in the 'security.ima' xattr requires further differentiating
> the fs-verity signature from the existing IMA signature.
>
> In addition the signatures stored in 'security.ima' xattr, need to be
> disambiguated. Instead of directly signing the fs-verity digest, a new
> signature version 3 is defined as the hash of the ima_file_id structure,
> which identifies the type of signature and the digest.
Would it not be enough to just differentiat by the type of signature
rather than also bumping the version? It's still signature_v2_hdr but a
new type IMA_VERITY_DIGSIG is introduced there that shoud be sufficient
to indicate that a different method for calculating the hash is to be
used than for anything that existed before? sigv3 would then become the
more obvious veriftysig... ?
next prev parent reply other threads:[~2022-03-21 13:10 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-18 18:21 [PATCH v6 0/5] ima: support fs-verity digests and signatures Mimi Zohar
2022-03-18 18:21 ` [PATCH v6 1/5] fs-verity: define a function to return the integrity protected file digest Mimi Zohar
2022-03-18 18:21 ` [PATCH v6 2/5] ima: define a new template field named 'd-ngv2' and templates Mimi Zohar
2022-03-21 12:53 ` Stefan Berger
2022-03-21 19:48 ` Mimi Zohar
2022-03-21 20:46 ` Stefan Berger
2022-03-18 18:21 ` [PATCH v6 3/5] ima: permit fsverity's file digests in the IMA measurement list Mimi Zohar
2022-03-21 12:59 ` Stefan Berger
2022-03-21 19:54 ` Mimi Zohar
2022-03-18 18:21 ` [PATCH v6 4/5] ima: support fs-verity file digest based version 3 signatures Mimi Zohar
2022-03-21 13:10 ` Stefan Berger [this message]
2022-03-25 12:31 ` Mimi Zohar
2022-03-25 13:49 ` Stefan Berger
2022-03-18 18:21 ` [PATCH v6 5/5] fsverity: update the documentation Mimi Zohar
2022-03-18 20:55 ` Stefan Berger
2022-03-21 12:55 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d79baf40-6bb7-d4f4-666d-91e1ad20be74@linux.ibm.com \
--to=stefanb@linux.ibm.com \
--cc=ebiggers@kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox