Thread (74 messages) 74 messages, 9 authors, 2016-02-12

Re: [PATCH v3 20/22] ima: load policy using path

From: Mimi Zohar <hidden>
Date: 2016-02-08 21:12:57
Also in: kexec 

On Mon, 2016-02-08 at 10:45 +0000, Dmitry Kasatkin wrote:
quoted
quoted
@@ -286,9 +322,12 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf,
      result = mutex_lock_interruptible(&ima_write_mutex);
      if (result < 0)
              goto out_free;
-     result = ima_parse_add_rule(data);
-     mutex_unlock(&ima_write_mutex);

+     if (data[0] == '/')
quoted
It seems that if we feed relative path to ima_policy the update will fail...
Yes, i think it is always a good idea to pass absolute path.
What if we at least emit a warning so people know what's wrong?
The next patch "ima: measure and appraise the IMA policy itself" adds
the following.  Is a failure message enough?

+       else if (ima_appraise & IMA_APPRAISE_POLICY) {
+               pr_err("IMA: signed policy required\n");
+               integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL,
+                                   "policy_update", "signed policy
required",
+                                   1, 0);
+               if (ima_appraise & IMA_APPRAISE_ENFORCE)
+                       result = -EACCES;
+       } else
                result = ima_parse_add_rule(data);

                Petko

DK: May be a good idea to print that loading policy by path or not.
Are we including the pathname?  Are you suggesting a log or audit
message?

Mimi

  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help