Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk

[PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-23
[PATCH v4 1/3] initramfs: add file metadata · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-23
Re: [PATCH v4 1/3] initramfs: add file metadata · Eugeniu Rosca <hidden> · 2022-06-15
[PATCH v4 2/3] initramfs: read metadata from special file METADATA!!! · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-23
Re: [PATCH v4 2/3] initramfs: read metadata from special file METADATA!!! · Mimi Zohar <zohar@linux.ibm.com> · 2019-07-01
[PATCH v4 3/3] gen_init_cpio: add support for file metadata · Roberto Sassu <roberto.sassu@huawei.com> · 2019-05-23
Re: [PATCH v4 3/3] gen_init_cpio: add support for file metadata · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-30
Re: [PATCH v4 3/3] gen_init_cpio: add support for file metadata · Eugeniu Rosca <hidden> · 2022-06-16
Re: [PATCH v4 3/3] gen_init_cpio: add support for file metadata · Eugeniu Rosca <hidden> · 2022-06-16
RE: [PATCH v4 3/3] gen_init_cpio: add support for file metadata · Roberto Sassu <roberto.sassu@huawei.com> · 2022-06-30
Re: [PATCH v4 3/3] gen_init_cpio: add support for file metadata · Eugeniu Rosca <hidden> · 2022-06-30
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-06-03
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2019-06-03
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-06-26
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-30
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-07-01
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Mimi Zohar <zohar@linux.ibm.com> · 2019-07-01
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-07-15
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2019-07-24
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Eugeniu Rosca <hidden> · 2022-06-09
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-06-09
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Eugeniu Rosca <hidden> · 2022-06-10
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-06-10
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Eugeniu Rosca <hidden> · 2022-06-15
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Jim Baxter <hidden> · 2022-07-18
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-07-18
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Jim Baxter <hidden> · 2022-07-18
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-07-19
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2022-07-19
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-07-19
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2022-07-19
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-07-20
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Jim Baxter <hidden> · 2022-07-29
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2022-07-30
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2022-07-19
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Rob Landley <hidden> · 2022-07-19
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Mimi Zohar <zohar@linux.ibm.com> · 2019-07-01
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Alexander Lobakin <hidden> · 2022-06-15
RE: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Roberto Sassu <roberto.sassu@huawei.com> · 2022-06-15
Re: [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk · Eugeniu Rosca <hidden> · 2022-06-16

From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2019-07-01 13:23:40
Also in: linux-fsdevel, linux-integrity, linux-security-module, lkml

On Thu, 2019-05-23 at 14:18 +0200, Roberto Sassu wrote:

This patch set aims at solving the following use case: appraise files from
the initial ram disk. To do that, IMA checks the signature/hash from the
security.ima xattr. Unfortunately, this use case cannot be implemented
currently, as the CPIO format does not support xattrs.

This proposal consists in including file metadata as additional files named
METADATA!!!, for each file added to the ram disk. The CPIO parser in the
kernel recognizes these special files from the file name, and calls the
appropriate parser to add metadata to the previously extracted file. It has
been proposed to use bit 17:16 of the file mode as a way to recognize files
with metadata, but both the kernel and the cpio tool declare the file mode
as unsigned short.

Thanks, Roberto!

Victor, Taras, Rob, Arvind, Peter, if you're good with this latest
design, could we get some Reviewed-by, Acked-by, or Tested-by?

thanks!

Mimi

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help