IMA secure_boot rules and the kernel_lockdown manpage

IMA secure_boot rules and the kernel_lockdown manpage

[David Howells]

Hi Mimi,

I need to add a statement about the IMA secure_boot rules to the
kernel_lockdown manual page.  Is this enough:

	IMA requires the addition of the "secure_boot" rules to the policy,
	whether or not they are specified on the command line, for both the
	builtin and custom policies in secure boot lockdown mode.

I don't know what this actually does/achieves.

David

Re: IMA secure_boot rules and the kernel_lockdown manpage

[Mimi Zohar]

On Fri, 2017-11-10 at 11:38 +0000, David Howells wrote:
> Hi Mimi,
> 
> I need to add a statement about the IMA secure_boot rules to the
> kernel_lockdown manual page.  Is this enough:
> 
> 	IMA requires the addition of the "secure_boot" rules to the policy,
> 	whether or not they are specified on the command line, for both the
> 	builtin and custom policies in secure boot lockdown mode.

Please add:
This initially enforces kernel modules, firmware, the kernel kexec
image, and the IMA policy itself are signed.

> 
> I don't know what this actually does/achieves.

Like other policies (eg. tcb, appraise_tcb) the "secure_boot" policy
can be specified on the boot command line (eg.
ima_policy="secure_boot|tcb|appraise_tcb").

Currently the builtin "secure_boot" policy is defined as:

static struct ima_rule_entry secure_boot_rules[] __ro_after_init = {
        {.action = APPRAISE, .func = MODULE_CHECK,
         .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
        {.action = APPRAISE, .func = FIRMWARE_CHECK,
         .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
        {.action = APPRAISE, .func = KEXEC_KERNEL_CHECK,
         .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
        {.action = APPRAISE, .func = POLICY_CHECK,
         .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
};

These policies can be replaced at runtime with a custom policy.
 "lockdown" mode includes these rules in the custom policy, before any
of the custom rules.

On a system with "CONFIG_IMA_READ_POLICY" enabled and commit
 2068626d1345 "ima: don't remove the securityfs policy file" in James'
next-testing branch, the current policy can be seen by cat'ing
<securityfs>/ima/policy.

Mimi

Re: IMA secure_boot rules and the kernel_lockdown manpage

[David Howells]

Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:

> This initially enforces kernel modules, firmware, the kernel kexec
> image, and the IMA policy itself are signed.

"Initially" meaning that this can be changed?

David

Re: IMA secure_boot rules and the kernel_lockdown manpage

[Mimi Zohar]

On Fri, 2017-11-10 at 14:31 +0000, David Howells wrote:
> Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> 
> > This initially enforces kernel modules, firmware, the kernel kexec
> > image, and the IMA policy itself are signed.
> 
> "Initially" meaning that this can be changed?

No, I was intending to allow the meaning of the "secure_boot" policy
to change over time.

There's already support for the initramfs to be signed.  With Thiago
Baurmann's "Appended signatures support for IMA appraisal", which is
initially meant for the kexec'ed kernel image, the initramfs can be
signed with an appended signature as well.

Once IMA support for appended signatures is upstreamed, we could
extend the "secure_boot" policy to require the initramfs to be signed
as well.

Mimi