From: Roberto Sassu <roberto.sassu@huawei.com>
To: Mimi Zohar <zohar@linux.ibm.com>,
"shuah@kernel.org" <shuah@kernel.org>,
"ast@kernel.org" <ast@kernel.org>,
"daniel@iogearbox.net" <daniel@iogearbox.net>,
"andrii@kernel.org" <andrii@kernel.org>,
"kpsingh@kernel.org" <kpsingh@kernel.org>,
"revest@chromium.org" <revest@chromium.org>
Cc: "linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: RE: [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Date: Fri, 25 Feb 2022 08:41:25 +0000 [thread overview]
Message-ID: <5117c79227ce4b9d97e193fd8fb59ba2@huawei.com> (raw)
In-Reply-To: <408a96085814b2578486b2859e63ff906f5e5876.camel@linux.ibm.com>
> From: Mimi Zohar [mailto:zohar@linux.ibm.com]
> Sent: Friday, February 25, 2022 1:22 AM
> Hi Roberto,
>
> On Tue, 2022-02-15 at 13:40 +0100, Roberto Sassu wrote:
> > Extend the interoperability with IMA, to give wider flexibility for the
> > implementation of integrity-focused LSMs based on eBPF.
>
> I've previously requested adding eBPF module measurements and signature
> verification support in IMA. There seemed to be some interest, but
> nothing has been posted.
Hi Mimi
for my use case, DIGLIM eBPF, IMA integrity verification is
needed until the binary carrying the eBPF program is executed
as the init process. I've been thinking to use an appended
signature to overcome the limitation of lack of xattrs in the
initial ram disk.
At that point, the LSM is attached and it can enforce an
execution policy, allowing or denying execution and mmap
of files depending on the digest lists (reference values) read
by the user space side.
After the LSM is attached, IMA's job would be just to calculate
the file digests (currently, I'm using an audit policy to ensure
that the digest is available when the eBPF program calls
bpf_ima_inode_hash()).
The main benefit of this patch set is that the audit policy
would not be required and digests are calculated only when
requested by the eBPF program.
Thanks
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua
next prev parent reply other threads:[~2022-02-25 8:41 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-15 12:40 [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 1/6] ima: Fix documentation-related warnings in ima_main.c Roberto Sassu
2022-02-15 15:46 ` Shuah Khan
2022-02-15 15:58 ` Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 2/6] ima: Always return a file measurement in ima_file_hash() Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 3/6] bpf-lsm: Introduce new helper bpf_ima_file_hash() Roberto Sassu
2022-02-15 17:02 ` Yonghong Song
2022-02-15 17:04 ` Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 4/6] selftests/bpf: Add test for bpf_ima_file_hash() Roberto Sassu
2022-02-15 16:00 ` Shuah Khan
2022-02-15 12:40 ` [PATCH v2 5/6] bpf-lsm: Make bpf_lsm_kernel_read_file() as sleepable Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file() Roberto Sassu
2022-02-15 16:11 ` Shuah Khan
2022-02-15 16:20 ` Roberto Sassu
2022-02-18 15:01 ` [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA Roberto Sassu
2022-02-25 0:22 ` Mimi Zohar
2022-02-25 8:41 ` Roberto Sassu [this message]
2022-02-25 19:11 ` Mimi Zohar
2022-02-26 8:07 ` Greg Kroah-Hartman
2022-02-27 17:46 ` Mimi Zohar
2022-02-28 9:07 ` Roberto Sassu
2022-02-28 9:12 ` Roberto Sassu
2022-02-28 10:43 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5117c79227ce4b9d97e193fd8fb59ba2@huawei.com \
--to=roberto.sassu@huawei.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kpsingh@kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=revest@chromium.org \
--cc=shuah@kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).