From: Tushar Sugandhi <tusharsu@linux.microsoft.com>
To: zohar@linux.ibm.com, agk@redhat.com, snitzer@redhat.com,
gmazyland@gmail.com
Cc: tyhicks@linux.microsoft.com, sashal@kernel.org,
jmorris@namei.org, nramas@linux.microsoft.com,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
dm-devel@redhat.com
Subject: [PATCH v4 0/2] dm-devel:dm-crypt: infrastructure for measurement of DM target data using IMA
Date: Mon, 19 Oct 2020 10:26:05 -0700 [thread overview]
Message-ID: <20201019172607.16714-1-tusharsu@linux.microsoft.com> (raw)
There are several device-mapper targets which contribute to verify
the integrity of the mapped devices e.g. dm-integrity, dm-verity,
dm-crypt etc.
But they do not use the capabilities provided by kernel integrity
subsystem (IMA). For instance, the IMA capability that measures several
in-memory constructs and files to detect if they have been accidentally
or maliciously altered. IMA also has the capability to include these
measurements in the IMA measurement list and use them to extend a TPM
PCR so that they can be quoted. These TPM PCR extend operations ensure
that the tampering with the order of constructs being measured, and
tampering with the measured constructs themselves - doesn't go
undetected. In general, this capability is used for remote attestation
of in-memory constructs and files of interest. As of today,device-mapper
targets don't use the benefits of extended TPM PCR quotes and ultimately
the benefits of remote attestation.
This series bridges this gap, so that all device-mapper targets
could take advantage of IMA's measuring and quoting abilities - thus
ultimately enabling remote attestation for device-mapper targets.
This series is based on the following repo/branch:
repo: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
branch: next-integrity
commit aa662fc04f5b ("ima: Fix NULL pointer dereference in ima_file_hash")
This series also has a dependency on the following patch series and
should be applied in the following order:
1. https://patchwork.kernel.org/patch/11795559/
2. https://patchwork.kernel.org/patch/11801525/
Change Log v4:
Incorporated feedback from Milan Broz <gmazyland@gmail.com> on v3 series.
- Added device name of both base disk and target device for
measurement, along with their major:minor.
- Introduced a function get_devname_from_maj_min() in dm-ima.c, to
get the device name from device major:minor. Currently it is used
for dm-crypt measurements, but it would be helpful for measuring
other device-mapper targets as well.
- Added dm_target members - len and begin - to measurement list.
- Taken dependency on the updated base series v4 (1. above)
- Taken dependency on the updated early boot measurement series v3
(2. above).
Change Log v3:
- Added dm-crypt as a supported data source to measure in ima.h.
- Taken dependency on the updated base series v3 (2. above)
- Taken dependency on the updated early boot measurement series v2
(3. above).
Change Log v2:
- Removed the references to "local" measurement from the description -
as this series only support remote attestation, and not local
integrity enforcement.
- Taken dependency on the updated base series (2. above), which
introduced a boolean parameter measure_buf_hash as per community
feedback to support measuring hash of the buffer, instead of the
buffer itself.
- Taken dependency on the updated early boot measurement series
(3. above).
Tushar Sugandhi (2):
dm-devel: collect target data and submit to IMA to measure
dm-crypt: collect data and submit to DM to measure
block/genhd.c | 2 +
drivers/md/Makefile | 1 +
drivers/md/dm-crypt.c | 217 ++++++++++++++
drivers/md/dm-ima.c | 378 ++++++++++++++++++++++++
include/linux/device-mapper.h | 67 +++++
include/linux/genhd.h | 1 +
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_queue_data.c | 3 +-
8 files changed, 669 insertions(+), 1 deletion(-)
create mode 100644 drivers/md/dm-ima.c
--
2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: Tushar Sugandhi <tusharsu@linux.microsoft.com>
To: zohar@linux.ibm.com, agk@redhat.com, snitzer@redhat.com,
gmazyland@gmail.com
Cc: sashal@kernel.org, jmorris@namei.org,
linux-kernel@vger.kernel.org, nramas@linux.microsoft.com,
dm-devel@redhat.com, tyhicks@linux.microsoft.com,
linux-integrity@vger.kernel.org
Subject: [dm-devel] [PATCH v4 0/2] dm-devel:dm-crypt: infrastructure for measurement of DM target data using IMA
Date: Mon, 19 Oct 2020 10:26:05 -0700 [thread overview]
Message-ID: <20201019172607.16714-1-tusharsu@linux.microsoft.com> (raw)
There are several device-mapper targets which contribute to verify
the integrity of the mapped devices e.g. dm-integrity, dm-verity,
dm-crypt etc.
But they do not use the capabilities provided by kernel integrity
subsystem (IMA). For instance, the IMA capability that measures several
in-memory constructs and files to detect if they have been accidentally
or maliciously altered. IMA also has the capability to include these
measurements in the IMA measurement list and use them to extend a TPM
PCR so that they can be quoted. These TPM PCR extend operations ensure
that the tampering with the order of constructs being measured, and
tampering with the measured constructs themselves - doesn't go
undetected. In general, this capability is used for remote attestation
of in-memory constructs and files of interest. As of today,device-mapper
targets don't use the benefits of extended TPM PCR quotes and ultimately
the benefits of remote attestation.
This series bridges this gap, so that all device-mapper targets
could take advantage of IMA's measuring and quoting abilities - thus
ultimately enabling remote attestation for device-mapper targets.
This series is based on the following repo/branch:
repo: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
branch: next-integrity
commit aa662fc04f5b ("ima: Fix NULL pointer dereference in ima_file_hash")
This series also has a dependency on the following patch series and
should be applied in the following order:
1. https://patchwork.kernel.org/patch/11795559/
2. https://patchwork.kernel.org/patch/11801525/
Change Log v4:
Incorporated feedback from Milan Broz <gmazyland@gmail.com> on v3 series.
- Added device name of both base disk and target device for
measurement, along with their major:minor.
- Introduced a function get_devname_from_maj_min() in dm-ima.c, to
get the device name from device major:minor. Currently it is used
for dm-crypt measurements, but it would be helpful for measuring
other device-mapper targets as well.
- Added dm_target members - len and begin - to measurement list.
- Taken dependency on the updated base series v4 (1. above)
- Taken dependency on the updated early boot measurement series v3
(2. above).
Change Log v3:
- Added dm-crypt as a supported data source to measure in ima.h.
- Taken dependency on the updated base series v3 (2. above)
- Taken dependency on the updated early boot measurement series v2
(3. above).
Change Log v2:
- Removed the references to "local" measurement from the description -
as this series only support remote attestation, and not local
integrity enforcement.
- Taken dependency on the updated base series (2. above), which
introduced a boolean parameter measure_buf_hash as per community
feedback to support measuring hash of the buffer, instead of the
buffer itself.
- Taken dependency on the updated early boot measurement series
(3. above).
Tushar Sugandhi (2):
dm-devel: collect target data and submit to IMA to measure
dm-crypt: collect data and submit to DM to measure
block/genhd.c | 2 +
drivers/md/Makefile | 1 +
drivers/md/dm-crypt.c | 217 ++++++++++++++
drivers/md/dm-ima.c | 378 ++++++++++++++++++++++++
include/linux/device-mapper.h | 67 +++++
include/linux/genhd.h | 1 +
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_queue_data.c | 3 +-
8 files changed, 669 insertions(+), 1 deletion(-)
create mode 100644 drivers/md/dm-ima.c
--
2.17.1
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
next reply other threads:[~2020-10-19 17:26 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-19 17:26 Tushar Sugandhi [this message]
2020-10-19 17:26 ` [dm-devel] [PATCH v4 0/2] dm-devel:dm-crypt: infrastructure for measurement of DM target data using IMA Tushar Sugandhi
2020-10-19 17:26 ` [PATCH v4 1/2] dm-devel: collect target data and submit to IMA to measure Tushar Sugandhi
2020-10-19 17:26 ` [dm-devel] " Tushar Sugandhi
2020-10-19 17:26 ` [PATCH v4 2/2] dm-crypt: collect data and submit to DM " Tushar Sugandhi
2020-10-19 17:26 ` [dm-devel] " Tushar Sugandhi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201019172607.16714-1-tusharsu@linux.microsoft.com \
--to=tusharsu@linux.microsoft.com \
--cc=agk@redhat.com \
--cc=dm-devel@redhat.com \
--cc=gmazyland@gmail.com \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=sashal@kernel.org \
--cc=snitzer@redhat.com \
--cc=tyhicks@linux.microsoft.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.