git.openwrt.org Git - openwrt/staging/blogic.git/commit

author	Matthew Garrett <mjg59@google.com>
	Tue, 7 Nov 2017 15:17:42 +0000 (07:17 -0800)
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>
	Mon, 11 Dec 2017 22:20:39 +0000 (17:20 -0500)
commit	50b977481fce90aa5fbda55e330b9d722733e358
tree	f7852b45d6d4207e37cd89c397905e1a7558c527	tree \| snapshot
parent	ae1ba1676b88e6c62368a433c7e2d0417e9879fd	commit \| diff

EVM: Add support for portable signature format

The EVM signature includes the inode number and (optionally) the
filesystem UUID, making it impractical to ship EVM signatures in
packages. This patch adds a new portable format intended to allow
distributions to include EVM signatures. It is identical to the existing
format but hardcodes the inode and generation numbers to 0 and does not
include the filesystem UUID even if the kernel is configured to do so.

Removing the inode means that the metadata and signature from one file
could be copied to another file without invalidating it. This is avoided
by ensuring that an IMA xattr is present during EVM validation.

Portable signatures are intended to be immutable - ie, they will never
be transformed into HMACs.

Based on earlier work by Dmitry Kasatkin and Mikhail Kurinnoi.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Cc: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>
Cc: Mikhail Kurinnoi <viewizard@viewizard.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

include/linux/integrity.h		diff \| blob \| history
security/integrity/evm/evm.h		diff \| blob \| history
security/integrity/evm/evm_crypto.c		diff \| blob \| history
security/integrity/evm/evm_main.c		diff \| blob \| history
security/integrity/ima/ima_appraise.c		diff \| blob \| history
security/integrity/integrity.h		diff \| blob \| history