linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Mimi Zohar <zohar@linux.ibm.com>
To: Roberto Sassu <roberto.sassu@huawei.com>,
	"Guozihua (Scott)" <guozihua@huawei.com>,
	Jonathan Corbet <corbet@lwn.net>
Cc: "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	wangweiyang <wangweiyang2@huawei.com>,
	Xiujianfeng <xiujianfeng@huawei.com>,
	"linux-integrity@vger.kernel.org"
	<linux-integrity@vger.kernel.org>
Subject: Re: [RESEND][PATCH] Documentation: added order requirement for ima_hash=
Date: Wed, 26 Jan 2022 09:34:57 -0500	[thread overview]
Message-ID: <6f0890f135b61c41d81b03bf084ebab1b3e551e1.camel@linux.ibm.com> (raw)
In-Reply-To: <173fffb6cde54ae4ac7676d18a84c79f@huawei.com>

On Wed, 2022-01-26 at 13:24 +0000, Roberto Sassu wrote:
> > From: Mimi Zohar [mailto:zohar@linux.ibm.com]
> > Sent: Wednesday, January 26, 2022 1:48 PM
> > On Wed, 2022-01-26 at 15:41 +0800, Guozihua (Scott) wrote:
> > >
> > >
> > > The main issue lies in ima_template_desc_current called by hash_setup,
> > > which does not just read ima_template global variable, but also tries to
> > > set it if that hasn't been done already. Causing ima_template_setup to quit.
> > 
> > Right, which calls ima_init_template_list().  So part of the solution
> > could be to conditionally call ima_init_template_list()
> > in ima_template_setup().
> > 
> > -       if (ima_template)
> > -               return 1;
> > -
> > -       ima_init_template_list();
> > +       if (!ima_template
> > +               ima_init_template_list();
> > 
> > Roberto, what do you think?
> 
> Hi Mimi
> 
> I think we wanted to prevent to set a digest algorithm
> incompatible with the chosen template.
> 
> If we have in the kernel command line:
> 
> ima_template=ima ima_hash=sha256
> 
> ima_hash_algo would be set to HASH_ALGO_SHA1 despite
> the user choice and the template would be set to 'ima'.
> 
> In the opposite case:	
> 
> ima_hash=sha256 ima_template=ima
> 
> if the default template is 'ima', then ima_hash_algo would be
> set to HASH_ALGO_SHA1. Otherwise, it would be
> HASH_ALGO_SHA256. If we allow the template to be set after
> the digest algorithm is evaluated, the template selection will
> be rejected if the algorithm is incompatible with the template.

The only time that would occur is in the unlikely case that the
template is being set to "ima".   That sounds reasonable.  In fact we
should consider preventing the template format being set to "ima".

> 
> I'm trying to remember why we still have the digest recalculation
> in ima_eventdigest_init(). Maybe the only possibility is if we
> set the template from the policy?

The recalculation was relatively recently added in commit 6cc7c266e5b4
("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()").

thanks,

Mimi


  reply	other threads:[~2022-01-26 14:35 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-25  9:02 [RESEND][PATCH] Documentation: added order requirement for ima_hash= GUO Zihua
2022-01-26  0:14 ` Jonathan Corbet
2022-01-26  2:32   ` Guozihua (Scott)
2022-01-26  1:07 ` Mimi Zohar
2022-01-26  2:28   ` Guozihua (Scott)
2022-01-26  4:37     ` Mimi Zohar
2022-01-26  7:41       ` Guozihua (Scott)
2022-01-26 12:47         ` Mimi Zohar
2022-01-26 13:24           ` Roberto Sassu
2022-01-26 14:34             ` Mimi Zohar [this message]
2022-01-26 14:43               ` Roberto Sassu
2022-01-26 16:31                 ` Jonathan Corbet
2022-01-27  6:35                 ` Guozihua (Scott)
2022-01-27 12:18                   ` Mimi Zohar
2022-01-28  9:32                     ` Guozihua (Scott)
2022-01-28 10:24           ` Roberto Sassu
2022-01-28 14:33             ` Mimi Zohar
2022-01-28 16:01               ` Roberto Sassu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6f0890f135b61c41d81b03bf084ebab1b3e551e1.camel@linux.ibm.com \
    --to=zohar@linux.ibm.com \
    --cc=corbet@lwn.net \
    --cc=guozihua@huawei.com \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=roberto.sassu@huawei.com \
    --cc=wangweiyang2@huawei.com \
    --cc=xiujianfeng@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).