From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_2 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2582C34026 for ; Tue, 18 Feb 2020 15:37:10 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 9FFBA2176D for ; Tue, 18 Feb 2020 15:37:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726403AbgBRPhK (ORCPT ); Tue, 18 Feb 2020 10:37:10 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:23850 "EHLO mx0b-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726373AbgBRPhK (ORCPT ); Tue, 18 Feb 2020 10:37:10 -0500 Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 01IFNtdk153134 for ; Tue, 18 Feb 2020 10:37:08 -0500 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2y6cbap378-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 18 Feb 2020 10:37:08 -0500 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 18 Feb 2020 15:37:01 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 18 Feb 2020 15:36:58 -0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 01IFavcP41549922 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 18 Feb 2020 15:36:57 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5B335A4062; Tue, 18 Feb 2020 15:36:57 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4E470A4054; Tue, 18 Feb 2020 15:36:56 +0000 (GMT) Received: from localhost.localdomain (unknown [9.85.154.230]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 18 Feb 2020 15:36:56 +0000 (GMT) Subject: Re: [PATCH v2] ima: export the measurement list when needed From: Mimi Zohar To: Janne Karhunen Cc: david.safford@gmail.com, linux-integrity@vger.kernel.org, linux-security-module , Ken Goldman , "Wiseman, Monty (GE Global Research, US)" , Amir Goldstein , linux-fsdevel Date: Tue, 18 Feb 2020 10:36:55 -0500 In-Reply-To: References: <20200108111743.23393-1-janne.karhunen@gmail.com> <1580998432.5585.411.camel@linux.ibm.com> <40f780ffe2ddc879e5fa4443c098c0f1d331390f.camel@gmail.com> <1581366258.5585.891.camel@linux.ibm.com> <1581462616.5125.69.camel@linux.ibm.com> <6b787049b965c8056d0e27360e2eaa8fa2f38b35.camel@gmail.com> <1581555796.8515.130.camel@linux.ibm.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 20021815-0012-0000-0000-00000388022C X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 20021815-0013-0000-0000-000021C492E9 Message-Id: <1582040215.5067.10.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138,18.0.572 definitions=2020-02-18_02:2020-02-17,2020-02-18 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 priorityscore=1501 suspectscore=0 impostorscore=0 adultscore=0 lowpriorityscore=0 bulkscore=0 malwarescore=0 clxscore=1015 phishscore=0 mlxscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2002180118 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Thu, 2020-02-13 at 08:41 +0200, Janne Karhunen wrote: > On Thu, Feb 13, 2020 at 3:03 AM Mimi Zohar wrote: > > > > This is a pretty important new feature. > > > A lot of people can't use IMA because of the memory issue. > > > Also, I really think we need to let administrators choose the tradeoffs > > > of keeping the list in memory, on a local file, or only on the > > > attestation server, as best fits their use cases. > > > > Dave, I understand that some use cases require the ability of > > truncating the measurement list. We're discussing how to truncate the > > measurement list. For example, in addition to the existing securityfs > > binary_runtime_measurements file, we could define a new securityfs > > file indicating the number of records to delete. > > I don't have strong opinions either way, just let me know how to adapt > the patch and we will get it done asap. I'd prefer a solution where > the kernel can initiate the flush, but if not then not. If the measurement list isn't stored in kernel memory, then we would have the best of both worlds.  The measurement list staying intact for attestation, with userspace's ability to truncate the measurement list as desired.  Barring any implementation details, I see this as a win- win solution. Mimi