From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: linux-security-module@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
Mimi Zohar <zohar@linux.vnet.ibm.com>
Subject: [PATCH v1 0/2] ima: untrusted filesystems
Date: Mon, 19 Feb 2018 10:18:01 -0500 [thread overview]
Message-ID: <1519053483-18396-1-git-send-email-zohar@linux.vnet.ibm.com> (raw)
Based on the mailing list discussions, it is clear that separating the
non-init unpriviliged, mounted untrusted filesystem from setuid
unprivileged or privileged mounted untrusted filesystems patches was
confusing. I've combined the patches, commenting the code with an
explanation for the differentiation.
Instad of expliciting modifying the IMA policy to fail file signature
verfication for the setuid unprivileged or privileged mounted untrusted
filesystems cases, this patch set defines a builtin IMA policy named
"untrusted-fs". No other IMA policy changes are required.
Mimi
Changelog v1:
- Merged the unprivileged and privileged patches.
- Dropped IMA fsname support.
- Introduced a new IMA builtin policy named "untrusted_fs".
- Replaced fs_type flag with sb->s_iflags flag.
Mimi Zohar (2):
ima: fail signature verification on untrusted filesystems
fuse: define the filesystem as untrusted
Documentation/admin-guide/kernel-parameters.txt | 6 +++++-
fs/fuse/inode.c | 1 +
include/linux/fs.h | 1 +
security/integrity/ima/ima_appraise.c | 16 +++++++++++++++-
security/integrity/ima/ima_policy.c | 5 +++++
security/integrity/integrity.h | 1 +
6 files changed, 28 insertions(+), 2 deletions(-)
--
2.7.5
WARNING: multiple messages have this Message-ID (diff)
From: zohar@linux.vnet.ibm.com (Mimi Zohar)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v1 0/2] ima: untrusted filesystems
Date: Mon, 19 Feb 2018 10:18:01 -0500 [thread overview]
Message-ID: <1519053483-18396-1-git-send-email-zohar@linux.vnet.ibm.com> (raw)
Based on the mailing list discussions, it is clear that separating the
non-init unpriviliged, mounted untrusted filesystem from setuid
unprivileged or privileged mounted untrusted filesystems patches was
confusing. I've combined the patches, commenting the code with an
explanation for the differentiation.
Instad of expliciting modifying the IMA policy to fail file signature
verfication for the setuid unprivileged or privileged mounted untrusted
filesystems cases, this patch set defines a builtin IMA policy named
"untrusted-fs". No other IMA policy changes are required.
Mimi
Changelog v1:
- Merged the unprivileged and privileged patches.
- Dropped IMA fsname support.
- Introduced a new IMA builtin policy named "untrusted_fs".
- Replaced fs_type flag with sb->s_iflags flag.
Mimi Zohar (2):
ima: fail signature verification on untrusted filesystems
fuse: define the filesystem as untrusted
Documentation/admin-guide/kernel-parameters.txt | 6 +++++-
fs/fuse/inode.c | 1 +
include/linux/fs.h | 1 +
security/integrity/ima/ima_appraise.c | 16 +++++++++++++++-
security/integrity/ima/ima_policy.c | 5 +++++
security/integrity/integrity.h | 1 +
6 files changed, 28 insertions(+), 2 deletions(-)
--
2.7.5
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2018-02-19 15:18 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-19 15:18 Mimi Zohar [this message]
2018-02-19 15:18 ` [PATCH v1 0/2] ima: untrusted filesystems Mimi Zohar
2018-02-19 15:18 ` [PATCH v1 1/2] ima: fail signature verification on " Mimi Zohar
2018-02-19 15:18 ` Mimi Zohar
2018-02-19 21:47 ` Eric W. Biederman
2018-02-19 21:47 ` Eric W. Biederman
2018-02-20 0:52 ` James Morris
2018-02-20 0:52 ` James Morris
2018-02-20 2:02 ` Eric W. Biederman
2018-02-20 2:02 ` Eric W. Biederman
2018-02-20 14:02 ` Mimi Zohar
2018-02-20 14:02 ` Mimi Zohar
2018-02-20 14:02 ` Mimi Zohar
2018-02-20 20:16 ` Serge E. Hallyn
2018-02-20 20:16 ` Serge E. Hallyn
2018-02-20 20:16 ` Serge E. Hallyn
2018-02-21 14:46 ` Mimi Zohar
2018-02-21 14:46 ` Mimi Zohar
2018-02-21 14:46 ` Mimi Zohar
2018-02-21 22:46 ` Eric W. Biederman
2018-02-21 22:46 ` Eric W. Biederman
2018-02-21 22:46 ` Eric W. Biederman
2018-02-21 22:57 ` Mimi Zohar
2018-02-21 22:57 ` Mimi Zohar
2018-02-21 22:57 ` Mimi Zohar
2018-02-21 23:12 ` Eric W. Biederman
2018-02-21 23:12 ` Eric W. Biederman
2018-02-21 23:12 ` Eric W. Biederman
2018-02-21 23:32 ` Mimi Zohar
2018-02-21 23:32 ` Mimi Zohar
2018-02-21 23:32 ` Mimi Zohar
2018-02-27 2:12 ` Eric W. Biederman
2018-02-27 2:12 ` Eric W. Biederman
2018-02-27 2:12 ` Eric W. Biederman
2018-02-21 22:53 ` Eric W. Biederman
2018-02-21 22:53 ` Eric W. Biederman
2018-02-21 22:53 ` Eric W. Biederman
2018-02-21 23:03 ` Mimi Zohar
2018-02-21 23:03 ` Mimi Zohar
2018-02-21 23:03 ` Mimi Zohar
2018-02-19 22:50 ` kbuild test robot
2018-02-19 22:50 ` kbuild test robot
2018-02-19 22:50 ` kbuild test robot
2018-02-19 23:36 ` kbuild test robot
2018-02-19 23:36 ` kbuild test robot
2018-02-19 23:36 ` kbuild test robot
2018-02-19 15:18 ` [PATCH v1 2/2] fuse: define the filesystem as untrusted Mimi Zohar
2018-02-19 15:18 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1519053483-18396-1-git-send-email-zohar@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.