From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_2 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BDCB4C34045 for ; Tue, 18 Feb 2020 15:37:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 9EF242176D for ; Tue, 18 Feb 2020 15:37:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726360AbgBRPhF (ORCPT ); Tue, 18 Feb 2020 10:37:05 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:46628 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726373AbgBRPhF (ORCPT ); Tue, 18 Feb 2020 10:37:05 -0500 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 01IFXrAK129263 for ; Tue, 18 Feb 2020 10:37:04 -0500 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2y8hwna1mm-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 18 Feb 2020 10:37:03 -0500 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 18 Feb 2020 15:37:01 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 18 Feb 2020 15:36:58 -0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 01IFavcP41549922 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 18 Feb 2020 15:36:57 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5B335A4062; Tue, 18 Feb 2020 15:36:57 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4E470A4054; Tue, 18 Feb 2020 15:36:56 +0000 (GMT) Received: from localhost.localdomain (unknown [9.85.154.230]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 18 Feb 2020 15:36:56 +0000 (GMT) Subject: Re: [PATCH v2] ima: export the measurement list when needed From: Mimi Zohar To: Janne Karhunen Cc: david.safford@gmail.com, linux-integrity@vger.kernel.org, linux-security-module , Ken Goldman , "Wiseman, Monty (GE Global Research, US)" , Amir Goldstein , linux-fsdevel Date: Tue, 18 Feb 2020 10:36:55 -0500 In-Reply-To: References: <20200108111743.23393-1-janne.karhunen@gmail.com> <1580998432.5585.411.camel@linux.ibm.com> <40f780ffe2ddc879e5fa4443c098c0f1d331390f.camel@gmail.com> <1581366258.5585.891.camel@linux.ibm.com> <1581462616.5125.69.camel@linux.ibm.com> <6b787049b965c8056d0e27360e2eaa8fa2f38b35.camel@gmail.com> <1581555796.8515.130.camel@linux.ibm.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 20021815-0012-0000-0000-00000388022C X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 20021815-0013-0000-0000-000021C492E9 Message-Id: <1582040215.5067.10.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138,18.0.572 definitions=2020-02-18_04:2020-02-17,2020-02-18 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 impostorscore=0 suspectscore=0 bulkscore=0 adultscore=0 clxscore=1015 priorityscore=1501 mlxlogscore=999 spamscore=0 malwarescore=0 mlxscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2002180119 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: On Thu, 2020-02-13 at 08:41 +0200, Janne Karhunen wrote: > On Thu, Feb 13, 2020 at 3:03 AM Mimi Zohar wrote: > > > > This is a pretty important new feature. > > > A lot of people can't use IMA because of the memory issue. > > > Also, I really think we need to let administrators choose the tradeoffs > > > of keeping the list in memory, on a local file, or only on the > > > attestation server, as best fits their use cases. > > > > Dave, I understand that some use cases require the ability of > > truncating the measurement list. We're discussing how to truncate the > > measurement list. For example, in addition to the existing securityfs > > binary_runtime_measurements file, we could define a new securityfs > > file indicating the number of records to delete. > > I don't have strong opinions either way, just let me know how to adapt > the patch and we will get it done asap. I'd prefer a solution where > the kernel can initiate the flush, but if not then not. If the measurement list isn't stored in kernel memory, then we would have the best of both worlds.  The measurement list staying intact for attestation, with userspace's ability to truncate the measurement list as desired.  Barring any implementation details, I see this as a win- win solution. Mimi