Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1345646imm;
        Wed, 25 Jul 2018 16:34:31 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdtIxwd3CCJQMMI71SkWCd2zt758qO1OkKCVNOo1CMZ1lGGxMFCrmM0BDDn28A6Tpgyfr9K
X-Received: by 2002:a63:7558:: with SMTP id f24-v6mr22883042pgn.314.1532561671934;
        Wed, 25 Jul 2018 16:34:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532561671; cv=none;
        d=google.com; s=arc-20160816;
        b=jRhJxZtNm6GINRGwLD9WMWPpH7poqD0UOFk1zu6PaiaW2tdlnW0lPVDlmpUx3wqNnM
         X2xIxRWraF+nsOCv2lBeDrSWTcYkFaq0ryqthTSjxYzTj8ID0EEFJHThoT3LVZCNWewU
         Lof8j8p5aUtJbiiFWn2TIRngTbbuf8GCTf2FMP3ZzZJAmdBFA+IoJ2a4z5j8kAvEMXiM
         e1iGAKmGhkaTpw8XwcgnhbOCZdYfiMk0+jR2XMp60i2F7RB21o07TBEIdeVfcD4Oo3l5
         Q/YR1lSIsKlLgg1c2kpiS0byESDwsTHHAx1FNZ6yBn/uIJLry6pnS18ymeOgKQnACPoN
         kIaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :arc-authentication-results;
        bh=gQdIZyxSPuOCt4eJ2lunO35fhUI1FXx3x2gj5TN0hY4=;
        b=xiJ7iHwLBQGNJGuIEZKFMFWzfKoVzyxzqtoN8XXP4bP6yNn2+s7CFKEigZxcWhKEua
         ERAOaWSSzlKR8+W52ZHh9Dl6xisIkP8snpfTo5TlS+4DpxqrGADHIy1TfyXZF2pu5/Ye
         17g5jjDZhyB0tN15qCPQ6JbHIwupuKTjqFf7saNyt1GQfZKy7E2i0KOPecEUI4OgIYMb
         sAeGj0qXgp4dYK+2wQ7+v4ioGJhOS9calswO7FoKJLazFqGZTc1D3FvcrsZCWPnV2Qxe
         Tk2Y+QcGNKHm0+GEaB4mvnwYOMMyd+dun/n7U6U9grEIeTcfQneWMfiypz/gQf8jo0HK
         8Z0Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g185-v6si14262398pgc.151.2018.07.25.16.34.16;
        Wed, 25 Jul 2018 16:34:31 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731783AbeGZAqI (ORCPT
        <rfc822;paul.schmitz.hallo.parkuhr@gmail.com> + 99 others);
        Wed, 25 Jul 2018 20:46:08 -0400
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:45106 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1731640AbeGZAqI (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 25 Jul 2018 20:46:08 -0400
Received: from pps.filterd (m0098416.ppops.net [127.0.0.1])
        by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w6PNTQ59171837
        for <linux-kernel@vger.kernel.org>; Wed, 25 Jul 2018 19:32:09 -0400
Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103])
        by mx0b-001b2d01.pphosted.com with ESMTP id 2kewv6k5ky-1
        (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Wed, 25 Jul 2018 19:32:09 -0400
Received: from localhost
        by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-kernel@vger.kernel.org> from <erichte@linux.vnet.ibm.com>;
        Thu, 26 Jul 2018 00:32:07 +0100
Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194)
        by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256)
        Thu, 26 Jul 2018 00:32:04 +0100
Received: from d06av26.portsmouth.uk.ibm.com (d06av26.portsmouth.uk.ibm.com [9.149.105.62])
        by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w6PNW3k342401842
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
        Wed, 25 Jul 2018 23:32:03 GMT
Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 135A3AE055;
        Thu, 26 Jul 2018 02:32:11 +0100 (BST)
Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 44834AE051;
        Thu, 26 Jul 2018 02:32:09 +0100 (BST)
Received: from yorha.ibmmodules.com (unknown [9.80.225.100])
        by d06av26.portsmouth.uk.ibm.com (Postfix) with ESMTP;
        Thu, 26 Jul 2018 02:32:09 +0100 (BST)
From:   Eric Richter <erichte@linux.vnet.ibm.com>
To:     linux-integrity <linux-integrity@vger.kernel.org>
Cc:     linux-security-module <linux-security-module@vger.kernel.org>,
        linux-efi <linux-efi@vger.kernel.org>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        David Howells <dhowells@redhat.com>,
        Seth Forshee <seth.forshee@canonical.com>,
        Justin Forbes <jforbes@redhat.com>,
        Eric Richter <erichte@linux.vnet.ibm.com>
Subject: [PATCH 0/4] Add support for architecture-specific IMA policies
Date:   Wed, 25 Jul 2018 18:31:56 -0500
X-Mailer: git-send-email 2.14.4
X-TM-AS-GCONF: 00
x-cbid: 18072523-0028-0000-0000-000002E04225
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18072523-0029-0000-0000-000023983098
Message-Id: <20180725233200.761-1-erichte@linux.vnet.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-07-25_06:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501
 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0
 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0
 mlxlogscore=836 adultscore=0 classifier=spam adjust=0 reason=mlx
 scancount=1 engine=8.0.1-1806210000 definitions=main-1807250240
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

IMA can measure and appraise kernel images, but requires the appropriate
policy to be set to do so. This patch set adds the ability for different
architectures to define their own arch-specific default policies to be
loaded at run-time by implementing the arch_ima_get_policy() function.
This allows for the policy to be loaded based on the current system state,
such as secure boot state.

Included is an example patch that loads a set of IMA appraise rules
requiring the kexec kernel images to be measured and signed when EFI secure
boot is enabled. 

This set also contains a patch to IMA that adds a separate appraise func=
specifically for the kexec_load syscall. IMA cannot appraise images loaded
with kexec_load, and therefore automatically fails the signature check --
effectively disabling the syscall when the appropriate appraise rule is
set. This allows for the kexec_load syscall to be "disabled" via IMA
policy, but not conflict with the existing kexec_file_load signature
verification.

Eric Richter (2):
  ima: add support for KEXEC_ORIG_KERNEL_CHECK
  x86/ima: define arch_get_ima_policy() for x86

Nayna Jain (2):
  ima: add support for arch specific policies
  ima: add support for external setting of ima_appraise

 Documentation/ABI/testing/ima_policy  |   1 +
 arch/x86/kernel/Makefile              |   2 +
 arch/x86/kernel/ima_arch.c            |  27 +++++++++
 include/linux/ima.h                   |  13 +++++
 security/integrity/ima/Kconfig        |   8 +++
 security/integrity/ima/ima.h          |   7 +++
 security/integrity/ima/ima_appraise.c |  11 +++-
 security/integrity/ima/ima_main.c     |   3 +-
 security/integrity/ima/ima_policy.c   | 103 ++++++++++++++++++++++++++++++++++
 9 files changed, 172 insertions(+), 3 deletions(-)
 create mode 100644 arch/x86/kernel/ima_arch.c

-- 
2.14.4