Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state

[PATCH v3 0/5] LSM: Measure security module state · Lakshmi Ramasubramanian <hidden> · 2020-07-17
[PATCH v3 2/5] IMA: Define an IMA hook to measure LSM data · Lakshmi Ramasubramanian <hidden> · 2020-07-17
[PATCH v3 5/5] LSM: Define workqueue for measuring security module state · Lakshmi Ramasubramanian <hidden> · 2020-07-17
[PATCH v3 3/5] LSM: Add security_measure_data in lsm_info struct · Lakshmi Ramasubramanian <hidden> · 2020-07-17
[PATCH v3 4/5] LSM: Define SELinux function to measure security state · Lakshmi Ramasubramanian <hidden> · 2020-07-17
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · kernel test robot <hidden> · 2020-07-18
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Lakshmi Ramasubramanian <hidden> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · kernel test robot <hidden> · 2020-07-18
[RFC PATCH] LSM: security_read_selinux_policy() can be static · kernel test robot <hidden> · 2020-07-18
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · kernel test robot <hidden> · 2020-07-18
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Stephen Smalley <stephen.smalley.work@gmail.com> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Lakshmi Ramasubramanian <hidden> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Stephen Smalley <stephen.smalley.work@gmail.com> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Mimi Zohar <zohar@linux.ibm.com> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Lakshmi Ramasubramanian <hidden> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Stephen Smalley <stephen.smalley.work@gmail.com> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Stephen Smalley <stephen.smalley.work@gmail.com> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Lakshmi Ramasubramanian <hidden> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Stephen Smalley <stephen.smalley.work@gmail.com> · 2020-07-20
Re: [PATCH v3 4/5] LSM: Define SELinux function to measure security state · Lakshmi Ramasubramanian <hidden> · 2020-07-20
[PATCH v3 1/5] IMA: Add LSM_STATE func to measure LSM data · Lakshmi Ramasubramanian <hidden> · 2020-07-17

From: Lakshmi Ramasubramanian <hidden>
Date: 2020-07-20 18:27:20
Also in: linux-integrity, lkml, selinux

On 7/20/20 10:49 AM, Stephen Smalley wrote:

quoted

Looks like the template used is ima-ng which doesn't include the
measured buffer. Please set template to "ima-buf" in the policy.

For example,
measure func=LSM_STATE template=ima-buf

It seems like one shouldn't need to manually specify it if it is the
only template that yields a useful result for the LSM_STATE function?

Actually, if we used ima-ng template for selinux-policy-hash, then
instead of needing to hash the policy
first and passing the hash to IMA, we could just pass the policy as
the buffer and IMA would take care of the hashing, right?

That is correct.

The IMA hook I've added to measure LSM structures is a generic one that 
can be used by any security module (SM). I feel it would be better to 
not have policy or state or any such SM specific logic in IMA, but leave 
that to the individual SM to handle.

What do you think?

And we only need to use ima-buf for the selinux-state if we want the
measurement list to include the string value that
was hashed; if we just want to compare against a known-good, it would
suffice to use ima-ng for it as well, right?

  -lakshmi

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help