From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:35640 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751656AbdFUST4 (ORCPT ); Wed, 21 Jun 2017 14:19:56 -0400 Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v5LIIVqO018329 for ; Wed, 21 Jun 2017 14:19:55 -0400 Received: from e23smtp05.au.ibm.com (e23smtp05.au.ibm.com [202.81.31.147]) by mx0b-001b2d01.pphosted.com with ESMTP id 2b7r1munn9-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Wed, 21 Jun 2017 14:19:55 -0400 Received: from localhost by e23smtp05.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 22 Jun 2017 04:19:52 +1000 From: Mimi Zohar To: Christoph Hellwig , Al Viro Cc: Mimi Zohar , James Morris , linux-fsdevel@vger.kernel.org, linux-ima-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org Subject: [PATCH v2 04/10] ima: define "fs_unsafe" builtin policy Date: Wed, 21 Jun 2017 14:18:24 -0400 In-Reply-To: <1498069110-10009-1-git-send-email-zohar@linux.vnet.ibm.com> References: <1498069110-10009-1-git-send-email-zohar@linux.vnet.ibm.com> Message-Id: <1498069110-10009-5-git-send-email-zohar@linux.vnet.ibm.com> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Permit normally denied access/execute permission for files in policy on IMA unsupported filesystems. This patch defines "fs_unsafe", a builtin policy. Mimi Zohar --- Documentation/admin-guide/kernel-parameters.txt | 8 +++++++- security/integrity/ima/ima_policy.c | 2 ++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index e438a1fca554..0aed01aabc16 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -1478,7 +1478,7 @@ ima_policy= [IMA] The builtin policies to load during IMA setup. - Format: "tcb | appraise_tcb | secure_boot" + Format: "tcb | appraise_tcb | secure_boot | fs_unsafe" The "tcb" policy measures all programs exec'd, files mmap'd for exec, and all files opened with the read @@ -1493,6 +1493,12 @@ of files (eg. kexec kernel image, kernel modules, firmware, policy, etc) based on file signatures. + The "fs_unsafe" policy permits normally denied + access/execute permission for files in policy on IMA + unsupported filesystems. Note this option, as the + name implies, is not safe and not recommended for + any environments other than testing. + ima_tcb [IMA] Deprecated. Use ima_policy= instead. Load a policy which meets the needs of the Trusted Computing Base. This means IMA will measure all diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index cb92c9c04e80..4ff5640522c7 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -200,6 +200,8 @@ static int __init policy_setup(char *str) ima_use_appraise_tcb = 1; else if (strcmp(p, "secure_boot") == 0) ima_use_secure_boot = 1; + else if (strcmp(p, "fs_unsafe") == 0) + set_failsafe(0); } return 1; -- 2.7.4