From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D996BC04AB4 for ; Tue, 14 May 2019 17:14:17 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B5BEF2168B for ; Tue, 14 May 2019 17:14:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726723AbfENROR (ORCPT ); Tue, 14 May 2019 13:14:17 -0400 Received: from linux.microsoft.com ([13.77.154.182]:60250 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726335AbfENROR (ORCPT ); Tue, 14 May 2019 13:14:17 -0400 Received: from [10.200.157.26] (unknown [131.107.147.154]) by linux.microsoft.com (Postfix) with ESMTPSA id 24BF220A115B; Tue, 14 May 2019 10:14:16 -0700 (PDT) To: Linux Integrity , Mimi Zohar , David Howells , James Morris , Linux Kernel From: Lakshmi Subject: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log Cc: Balaji Balasubramanyan , Prakhar Srivastava Message-ID: <6b69f115-96cf-890a-c92b-0b2b05798357@linux.microsoft.com> Date: Tue, 14 May 2019 10:14:15 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The motive behind this patch series is to measure the public key of the IMA signature signer in the IMA log. The IMA signature of the file, logged using ima-sig template, contains the key identifier of the key that was used to generate the signature. But outside the client machine this key id is not sufficient to uniquely determine which key the signature corresponds to. Providing the public key of the signer in the IMA log would allow, for example, an attestation service to securely verify if the key used to generate the IMA signature is a valid and trusted one, and that the key has not been revoked or expired. An attestation service would just need to maintain a list of valid public keys and using the data from the IMA log can attest the system files loaded on the client machine. To achieve the above the patch series does the following: - Adds a new method in asymmetric_key_subtype to query the public key of the given key - Adds a new IMA template namely "ima-sigkey" to store\read the public key of the IMA signature signer. This template extends the existing template "ima-sig" Lakshmi (2): add support for querying public key from a given key add a new template ima-sigkey to store/read the public, key of ima signature signer .../admin-guide/kernel-parameters.txt | 2 +- Documentation/crypto/asymmetric-keys.txt | 1 + Documentation/security/IMA-templates.rst | 5 +- crypto/asymmetric_keys/public_key.c | 7 +++ crypto/asymmetric_keys/signature.c | 24 +++++++++ include/crypto/public_key.h | 1 + include/keys/asymmetric-subtype.h | 3 ++ security/integrity/digsig.c | 54 +++++++++++++++++-- security/integrity/digsig_asymmetric.c | 44 +++++++++++++++ security/integrity/ima/Kconfig | 3 ++ security/integrity/ima/ima_template.c | 3 ++ security/integrity/ima/ima_template_lib.c | 43 +++++++++++++++ security/integrity/ima/ima_template_lib.h | 4 ++ security/integrity/integrity.h | 29 +++++++++- 14 files changed, 216 insertions(+), 7 deletions(-) -- 2.17.1