Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp828741imm; Fri, 31 Aug 2018 14:40:29 -0700 (PDT) X-Google-Smtp-Source: ANB0Vdbf0zXx8+9ckyWuxzH5BEIOXwB/kcrKNweqaULf+pLw5p+qlIfPnNlGi7qa54cE8DWW+jq7 X-Received: by 2002:a63:b19:: with SMTP id 25-v6mr1662512pgl.301.1535751628994; Fri, 31 Aug 2018 14:40:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535751628; cv=none; d=google.com; s=arc-20160816; b=ryMBjijqTcUuhmVbjDirI9i0pfNeIacfUTGxuTTHbv6MtsHmEMeXQAQS4+OrdrR1W8 dKRZn65DfH1D8rSHShpAFCjuAllIVBh5v1nP9YaTKZS74OHDW2d6Jn1DHNVXamIMLzEc kK9bVurXU8riovs/QH1+viO4xpRXbvL/2hZm10lVsyvY6vyWb7/ZYaD3R/k/TeXTWW7V TCBIA8Ojr+KeEd5Ui+7/LF3XOWjwziFIJgPgVtuaB8VrW6QQKQmqAUACuLA8qv24IRhR hHY7SCJc+w73X9GGSB+lrKNNKcxubdCYF9AbxgkudVblF9yhsxmSa50nyesBBCCCooXR uPPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=BUtY3VqsZn/heLJ+D+NjMWVxcw/l8uidSBtEE908stM=; b=knSdu/6Zl2YD6sfffRZgyYqMYDRGS2dnKIlCt+K1UssTCdbn5Ll7VaegpuG5mM7Xhu /O/UsmVmi/8emz3GsLiApVdXsd2x3RJBZVNcBtz8i6rHclBZZNn5mzjZX9tVVfGYL+Qh ysWBI7B8TefpqSrDOhMu0AgxWJsZDP3RVvrh1HlTUV07/KKoKX4V2BrppP+kwVOV/v9L MQCyHOoerixlxQnB5GYiQcVIYIbKWQLAjLrnQxqn8zWD5iThfuz3DgkfDRnk2Vvbrpu0 ADQhF35BVvhJ+76ibP0gvPyaFMHHFQKAdgLUuGMPnC/Re0OhTLr7p9nu01pZrmy34cXB YSsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=N+0bkrf4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d65-v6si10731747pgc.524.2018.08.31.14.40.14; Fri, 31 Aug 2018 14:40:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=N+0bkrf4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727485AbeIABsd (ORCPT + 99 others); Fri, 31 Aug 2018 21:48:33 -0400 Received: from mail.kernel.org ([198.145.29.99]:53980 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727201AbeIABsd (ORCPT ); Fri, 31 Aug 2018 21:48:33 -0400 Received: from gmail.com (unknown [104.132.51.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 830E42083C; Fri, 31 Aug 2018 21:39:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1535751549; bh=ULePFtDGZRwMHbBH6SuwbFOjI+KpgWTUMhE4uYZMZCw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=N+0bkrf4MQWIRuRP7qyTHmnrld3AERH5sUZRJmlHwJsGZ/ikcEFmOB/cO0isojxbF UliAvAxERtGwRRWW5QQiiK/xNGvJOBcuaadgWkR0/92AdZ4lIynnSc9iaYORrEMC+C CCwnlNDJ2B8f7ffwyeVWme0mqvOCoFgyqrrNZe0g= Date: Fri, 31 Aug 2018 14:39:08 -0700 From: Eric Biggers To: Jan =?iso-8859-1?Q?L=FCbbe?= Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-integrity@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org, Mimi Zohar , Dmitry Kasatkin , Michael Halcrow , Victor Hsieh Subject: Re: [RFC PATCH 00/10] fs-verity: filesystem-level integrity protection Message-ID: <20180831213907.GA212813@gmail.com> References: <20180824161642.1144-1-ebiggers@kernel.org> <1535745923.25742.1.camel@pengutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1535745923.25742.1.camel@pengutronix.de> User-Agent: Mutt/1.10.1+60 (20b17ca5) (2018-08-02) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Jan, On Fri, Aug 31, 2018 at 10:05:23PM +0200, Jan L?bbe wrote: > On Fri, 2018-08-24 at 09:16 -0700, Eric Biggers wrote: > [...] > > Since fs-verity provides the Merkle tree root hash in constant time and > > verifies data blocks on-demand, it is useful for efficiently verifying > > the authenticity of, or "appraising", large files of which only a small > > portion may be accessed -- such as Android application (APK) files.??It > > can also be useful in "audit" use cases where file hashes are logged. > > fs-verity also provides better protection against malicious disk > > firmware than an ahead-of-time hash, since fs-verity re-verifies data > > each time it's paged in. > [...] > > Feedback on the design and implementation is greatly appreciated. > > Hi, > > I've looked at the series and the slides linked form the recent lwn.net > article, but I'm not sure how fs-verity intends to protect against > malicious firmware (or offline modification). Similar to IMA/EVM, fs- > verity doesn't seem to include the name/location of the file into it's > verification. So the firmware/an attacker could replace one fs-verity- > protected file with another (maybe a trusted system APK with another > one for which a vulnerability was discovered, or /sbin/init with > /bin/sh). > > Is the expected root hash of the file provided from somewhere else, so > this is not a problem on Android? Or is this problem out-of-scope for > fs-verity? > > For IMA/EVM, there were patches by Dmitry to address this class of > attacks (they were not merged, though): > https://lwn.net/Articles/574221/ > > Thanks, > Jan > > [1] https://events.linuxfoundation.org/wp-content/uploads/2017/11/fs-ve > rify_Mike-Halcrow_Eric-Biggers.pdf Well, it's up to the user of fs-verity. If you know that, say, /bin/sh is supposed to have a fs-verity file measurement of sha256:01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b, then you can just check that. Or, after IMA support is added, users will be able to configure the fs-verity measurements to go into the IMA measurement log and/or audit log, just regular file hashes. Those records include both the file path and hash. On the other hand, if the policy you want to enforce is just that a particular file is using fs-verity and that its hash has been signed by a particular key, then indeed, if there are multiple hashes that were signed with that key, an attacker can replace the contents with a different signed contents. But that's not really fs-verity's fault; it's really the type of policy that the user chose to use on top of it, as part of their overall system security architecture. Yes, the initial plan for Android APK verification is to just use that type of policy, probably using the in-kernel signature verification support included in patch 07/10. So it will therefore have that limitation. Still, it will be a massive improvement over the status quo where attackers can make arbitrary changes to APK files post-installation, e.g. to persistently inject arbitrary malware. It will also be possible to improve the security properties of APK verification in the future by doing additional checks, such as optionally including additional file metadata in the fs-verity measurement (fs-verity's design allows for this; they can be added as authenticated extensions), or even simply checking for the correct metadata from trusted userspace code running in the /system partition. Or perhaps the trusted userspace code could download the expected fs-verity measurement of the APK from the app store given the app name. There are lots of options. But we have to start somewhere, and fs-verity is a tool that seems to be needed in any case. - Eric