From: Ken Goldman <kgold@linux.ibm.com>
To: Sush Shringarputale <sushring@linux.microsoft.com>,
linux-integrity@vger.kernel.org, zohar@linux.ibm.com,
peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca,
bhe@redhat.com, vgoyal@redhat.com, dyoung@redhat.com,
kexec@lists.infradead.org, jmorris@namei.org,
Paul Moore <paul@paul-moore.com>,
serge@hallyn.com
Cc: code@tyhicks.com, nramas@linux.microsoft.com,
Tushar Sugandhi <tusharsu@linux.microsoft.com>,
linux-security-module@vger.kernel.org
Subject: Re: [RFC] IMA Log Snapshotting Design Proposal - aggregate
Date: Wed, 30 Aug 2023 14:12:27 -0400 [thread overview]
Message-ID: <598fdd62-f4c3-a6dc-ae22-8f5a9e18f570@linux.ibm.com> (raw)
In-Reply-To: <c5737141-7827-1c83-ab38-0119dcfea485@linux.microsoft.com>
On 8/1/2023 3:12 PM, Sush Shringarputale wrote:
> - A user-mode process will trigger the snapshot by opening a file in SysFS
> say /sys/kernel/security/ima/snapshot (referred to as
> sysk_ima_snapshot_file
> here onwards).
> - The Kernel will get the current TPM PCR values and PCR update counter [2]
> and store them as template data in a new IMA event "snapshot_aggregate".
If this is relying on a user-mode process, is there a concern that the
process doesn't run. Might it be safer to have the kernel trigger the
snapshot.
PCR reads are not atomic, with each other and with event log appends.
Is this an issue?
The PCR update counter can change between PCR reads. What is its purpose?
What is the purpose of the snapshot aggregate? Since the entire event
log has to be retained and sent to the verifier, is the aggregate redundant?
next prev parent reply other threads:[~2023-08-30 18:47 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-01 19:12 [RFC] IMA Log Snapshotting Design Proposal Sush Shringarputale
2023-08-01 21:21 ` James Bottomley
2023-08-07 22:49 ` Stefan Berger
2023-08-08 12:35 ` James Bottomley
2023-08-08 13:31 ` Stefan Berger
2023-08-08 18:26 ` James Bottomley
2023-08-08 20:09 ` Stefan Berger
2023-08-08 21:41 ` James Bottomley
2023-08-10 4:43 ` Tushar Sugandhi
2023-08-10 11:43 ` James Bottomley
2023-08-11 15:48 ` Tushar Sugandhi
2023-08-10 4:31 ` Tushar Sugandhi
2023-08-10 4:29 ` Tushar Sugandhi
2023-08-10 1:23 ` Tushar Sugandhi
2023-08-10 1:15 ` Tushar Sugandhi
2023-08-10 14:12 ` Stefan Berger
2023-08-11 15:57 ` Tushar Sugandhi
2023-08-11 18:16 ` Stefan Berger
2023-08-10 1:03 ` Tushar Sugandhi
2023-08-11 13:14 ` Mimi Zohar
2023-08-14 21:42 ` Sush Shringarputale
2023-08-14 22:02 ` Mimi Zohar
2023-08-21 22:05 ` Sush Shringarputale
2023-08-21 23:07 ` Mimi Zohar
2023-08-29 19:34 ` Paul Moore
2023-08-29 21:03 ` Mimi Zohar
2023-08-29 21:30 ` Paul Moore
2023-08-29 21:54 ` Mimi Zohar
2023-08-29 23:15 ` Paul Moore
2023-08-30 20:25 ` Mimi Zohar
2023-08-30 20:47 ` Paul Moore
2023-08-30 21:50 ` Mimi Zohar
2023-08-30 22:21 ` Paul Moore
2023-08-30 22:23 ` Paul Moore
2023-08-30 23:06 ` Mimi Zohar
2023-08-30 23:22 ` Paul Moore
2023-08-31 14:01 ` Mimi Zohar
2023-08-31 14:43 ` Paul Moore
2023-08-31 16:46 ` Dr. Greg
2023-08-31 17:56 ` Paul Moore
2023-08-30 18:06 ` [RFC] IMA Log Snapshotting Design Proposal - network bandwidth Ken Goldman
2023-09-01 21:20 ` Tushar Sugandhi
2023-09-06 20:20 ` Ken Goldman
2023-09-07 20:40 ` Paul Moore
2023-08-30 18:12 ` Ken Goldman [this message]
2023-09-01 22:06 ` [RFC] IMA Log Snapshotting Design Proposal - aggregate Tushar Sugandhi
2023-09-06 20:49 ` Ken Goldman
2023-09-07 21:02 ` Paul Moore
2023-08-30 19:12 ` [RFC] IMA Log Snapshotting Design Proposal - unseal Ken Goldman
2023-08-31 15:54 ` Dr. Greg
2023-09-01 21:22 ` Tushar Sugandhi
2023-09-06 20:13 ` Ken Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=598fdd62-f4c3-a6dc-ae22-8f5a9e18f570@linux.ibm.com \
--to=kgold@linux.ibm.com \
--cc=bhe@redhat.com \
--cc=code@tyhicks.com \
--cc=dyoung@redhat.com \
--cc=jarkko@kernel.org \
--cc=jgg@ziepe.ca \
--cc=jmorris@namei.org \
--cc=kexec@lists.infradead.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=paul@paul-moore.com \
--cc=peterhuewe@gmx.de \
--cc=serge@hallyn.com \
--cc=sushring@linux.microsoft.com \
--cc=tusharsu@linux.microsoft.com \
--cc=vgoyal@redhat.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).